Merge branch 'develop' of https://akkoma.dev/AkkomaGang/akkoma into froth-akkoma

Fixes #528

CHANGELOG.md

@@ -6,10 +6,22 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
 
+## Fixed
+- Support for `streams` public key URIs
+
+## 2023.04
+
 ## Added
 - Nodeinfo keys for unauthenticated timeline visibility
 - Option to disable federated timeline
 - Option to make the bubble timeline publicly accessible
+- Ability to swap between installed standard frontends
+  - *mastodon frontends are still not counted as standard frontends due to the complexity in serving them correctly*. 
+
+### Upgrade Notes
+- Elixir 1.14 is now required. If your distribution does not package this, you can
+  use [asdf](https://asdf-vm.com/). At time of writing, elixir 1.14.3 / erlang 25.3
+  is confirmed to work.
 
 ## 2023.03
 
@@ -26,6 +38,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Removed
 - Possibility of using the `style` parameter on `span` elements. This will break certain MFM parameters.
+- Option for "default" image description.
 
 ## 2023.02
 

config/config.exs

@@ -65,7 +65,6 @@
   link_name: false,
   proxy_remote: false,
   filename_display_max_length: 30,
-  default_description: nil,
   base_url: nil
 
 config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads"
@@ -751,6 +750,9 @@
   primary: %{"name" => "pleroma-fe", "ref" => "stable"},
   admin: %{"name" => "admin-fe", "ref" => "stable"},
   mastodon: %{"name" => "mastodon-fe", "ref" => "akkoma"},
+  pickable: [
+    "pleroma-fe/stable"
+  ],
   swagger: %{
     "name" => "swagger-ui",
     "ref" => "stable",

config/description.exs

@@ -3209,6 +3209,12 @@
         description:
           "A map containing available frontends and parameters for their installation.",
         children: frontend_options
+      },
+      %{
+        key: :pickable,
+        type: {:list, :string},
+        description:
+          "A list containing all frontends users can pick as their preference, format is :name/:ref, e.g pleroma-fe/stable."
       }
     ]
   },

config/test.exs

@@ -23,8 +23,7 @@
 
 config :pleroma, Pleroma.Upload,
   filters: [],
-  link_name: false,
-  default_description: :filename
+  link_name: false
 
 config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads"
 

docs/docs/configuration/cheatsheet.md

@@ -571,7 +571,6 @@ the source code is here: [kocaptcha](https://github.com/koto-bank/kocaptcha). Th
 * `proxy_remote`: If you're using a remote uploader, Akkoma will proxy media requests instead of redirecting to it.
 * `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.
 * `filename_display_max_length`: Set max length of a filename to display. 0 = no limit. Default: 30.
-* `default_description`: Sets which default description an image has if none is set explicitly. Options: nil (default) - Don't set a default, :filename - use the filename of the file, a string (e.g. "attachment") - Use this string
 
 !!! warning
     `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.

lib/mix/tasks/pleroma/diagnostics.ex

@@ -120,8 +120,8 @@ def run(["known_network", nickname]) do
         params
       )
       |> limit(20)
-    
+
     Ecto.Adapters.SQL.explain(Repo, :all, query, analyze: true, timeout: :infinity)
-    |> IO.puts()    
+    |> IO.puts()
   end
 end

lib/pleroma/signature.ex

@@ -17,6 +17,7 @@ def key_id_to_actor_id(key_id) do
       key_id
       |> URI.parse()
       |> Map.put(:fragment, nil)
+      |> Map.put(:query, nil)
       |> remove_suffix(@known_suffixes)
 
     maybe_ap_id = URI.to_string(uri)

lib/pleroma/upload.ex

@@ -65,15 +65,6 @@ defmodule Pleroma.Upload do
         }
   defstruct [:id, :name, :tempfile, :content_type, :width, :height, :blurhash, :path]
 
-  defp get_description(opts, upload) do
-    case {opts[:description], Pleroma.Config.get([Pleroma.Upload, :default_description])} do
-      {description, _} when is_binary(description) -> description
-      {_, :filename} -> upload.name
-      {_, str} when is_binary(str) -> str
-      _ -> ""
-    end
-  end
-
   @spec store(source, options :: [option()]) :: {:ok, Map.t()} | {:error, any()}
   @doc "Store a file. If using a `Plug.Upload{}` as the source, be sure to use `Majic.Plug` to ensure its content_type and filename is correct."
   def store(upload, opts \\ []) do
@@ -82,7 +73,7 @@ def store(upload, opts \\ []) do
     with {:ok, upload} <- prepare_upload(upload, opts),
          upload = %__MODULE__{upload | path: upload.path || "#{upload.id}/#{upload.name}"},
          {:ok, upload} <- Pleroma.Upload.Filter.filter(opts.filters, upload),
-         description = get_description(opts, upload),
+         description = Map.get(opts, :description) || "",
          {_, true} <-
            {:description_limit,
             String.length(description) <= Pleroma.Config.get([:instance, :description_limit])},

lib/pleroma/web/activity_pub/activity_pub_controller.ex

@@ -8,7 +8,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
   alias Pleroma.Activity
   alias Pleroma.Delivery
   alias Pleroma.Object
-  alias Pleroma.Object.Fetcher
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.ActivityPub.InternalFetchActor
@@ -293,33 +292,12 @@ def inbox(%{assigns: %{valid_signature: false}} = conn, _params) do
     |> json("Invalid HTTP Signature")
   end
 
-  # POST /relay/inbox -or- POST /internal/fetch/inbox
-  def inbox(conn, %{"type" => "Create"} = params) do
-    if FederatingPlug.federating?() do
-      post_inbox_relayed_create(conn, params)
-    else
-      conn
-      |> put_status(:bad_request)
-      |> json("Not federating")
-    end
-  end
-
   def inbox(conn, _params) do
     conn
     |> put_status(:bad_request)
     |> json("error, missing HTTP Signature")
   end
 
-  defp post_inbox_relayed_create(conn, params) do
-    Logger.debug(
-      "Signature missing or not from author, relayed Create message, fetching object from source"
-    )
-
-    Fetcher.fetch_object_from_id(params["object"]["id"])
-
-    json(conn, "ok")
-  end
-
   defp represent_service_actor(%User{} = user, conn) do
     conn
     |> put_resp_content_type("application/activity+json")

lib/pleroma/web/activity_pub/publisher.ex

@@ -108,15 +108,28 @@ defp blocked_instances do
       Config.get([:mrf_simple, :reject], [])
   end
 
+  defp allowed_instances do
+    Config.get([:mrf_simple, :accept])
+  end
+
   def should_federate?(url) do
     %{host: host} = URI.parse(url)
 
-    quarantined_instances =
-      blocked_instances()
+    with allowed <- allowed_instances(),
+         false <- Enum.empty?(allowed) do
+      allowed
       |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
       |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()
+      |> Pleroma.Web.ActivityPub.MRF.subdomain_match?(host)
+    else
+      _ ->
+        quarantined_instances =
+          blocked_instances()
+          |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
+          |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()
 
-    !Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host)
+        not Pleroma.Web.ActivityPub.MRF.subdomain_match?(quarantined_instances, host)
+    end
   end
 
   @spec recipients(User.t(), Activity.t()) :: list(User.t()) | []

lib/pleroma/web/akkoma_api/controllers/frontend_settings_controller.ex

@@ -5,6 +5,16 @@ defmodule Pleroma.Web.AkkomaAPI.FrontendSettingsController do
   alias Pleroma.Akkoma.FrontendSettingsProfile
 
   @unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
+
+  plug(
+    OAuthScopesPlug,
+    @unauthenticated_access
+    when action in [
+           :available_frontends,
+           :update_preferred_frontend
+         ]
+  )
+
   plug(
     OAuthScopesPlug,
     %{@unauthenticated_access | scopes: ["read:accounts"]}
@@ -93,4 +103,22 @@ def update_profile(%{body_params: %{settings: settings, version: version}} = con
       |> json(profile.settings)
     end
   end
+
+  @doc "GET /api/v1/akkoma/preferred_frontend/available"
+  def available_frontends(conn, _params) do
+    available = Pleroma.Config.get([:frontends, :pickable])
+
+    conn
+    |> json(available)
+  end
+
+  @doc "PUT /api/v1/akkoma/preferred_frontend"
+  def update_preferred_frontend(
+        %{body_params: %{frontend_name: preferred_frontend}} = conn,
+        _params
+      ) do
+    conn
+    |> put_resp_cookie("preferred_frontend", preferred_frontend)
+    |> json(%{frontend_name: preferred_frontend})
+  end
 end

lib/pleroma/web/akkoma_api/controllers/frontend_switcher.ex

@@ -0,0 +1,20 @@
+defmodule Pleroma.Web.AkkomaAPI.FrontendSwitcherController do
+  use Pleroma.Web, :controller
+  alias Pleroma.Config
+
+  @doc "GET /akkoma/frontend"
+  def switch(conn, _params) do
+    pickable = Config.get([:frontends, :pickable], [])
+
+    conn
+    |> put_view(Pleroma.Web.AkkomaAPI.FrontendSwitcherView)
+    |> render("switch.html", choices: pickable)
+  end
+
+  @doc "POST /akkoma/frontend"
+  def do_switch(conn, params) do
+    conn
+    |> put_resp_cookie("preferred_frontend", params["frontend"])
+    |> html("<meta http-equiv=\"refresh\" content=\"0; url=/\">")
+  end
+end

lib/pleroma/web/akkoma_api/views/frontend_switcher.ex

@@ -0,0 +1,3 @@
+defmodule Pleroma.Web.AkkomaAPI.FrontendSwitcherView do
+  use Pleroma.Web, :view
+end

lib/pleroma/web/api_spec/operations/frontend_settings_operation.ex

@@ -12,7 +12,7 @@ def open_api_operation(action) do
   @spec list_profiles_operation() :: Operation.t()
   def list_profiles_operation() do
     %Operation{
-      tags: ["Retrieve frontend setting profiles"],
+      tags: ["Frontends"],
       summary: "Frontend Settings Profiles",
       description: "List frontend setting profiles",
       operationId: "AkkomaAPI.FrontendSettingsController.list_profiles",
@@ -37,7 +37,7 @@ def list_profiles_operation() do
   @spec get_profile_operation() :: Operation.t()
   def get_profile_operation() do
     %Operation{
-      tags: ["Retrieve frontend setting profile"],
+      tags: ["Frontends"],
       summary: "Frontend Settings Profile",
       description: "Get frontend setting profile",
       operationId: "AkkomaAPI.FrontendSettingsController.get_profile",
@@ -60,7 +60,7 @@ def get_profile_operation() do
   @spec delete_profile_operation() :: Operation.t()
   def delete_profile_operation() do
     %Operation{
-      tags: ["Delete frontend setting profile"],
+      tags: ["Frontends"],
       summary: "Delete frontend Settings Profile",
       description: "Delete  frontend setting profile",
       operationId: "AkkomaAPI.FrontendSettingsController.delete_profile",
@@ -76,7 +76,7 @@ def delete_profile_operation() do
   @spec update_profile_operation() :: Operation.t()
   def update_profile_operation() do
     %Operation{
-      tags: ["Update frontend setting profile"],
+      tags: ["Frontends"],
       summary: "Frontend Settings Profile",
       description: "Update frontend setting profile",
       operationId: "AkkomaAPI.FrontendSettingsController.update_profile_operation",
@@ -90,6 +90,57 @@ def update_profile_operation() do
     }
   end
 
+  def available_frontends_operation() do
+    %Operation{
+      tags: ["Frontends"],
+      summary: "Frontend Settings Profiles",
+      description: "List frontend setting profiles",
+      operationId: "AkkomaAPI.FrontendSettingsController.available_frontends",
+      responses: %{
+        200 =>
+          Operation.response("Frontends", "application/json", %Schema{
+            type: :array,
+            items: %Schema{
+              type: :string
+            }
+          })
+      }
+    }
+  end
+
+  def update_preferred_frontend_operation() do
+    %Operation{
+      tags: ["Frontends"],
+      summary: "Frontend Settings Profiles",
+      description: "List frontend setting profiles",
+      operationId: "AkkomaAPI.FrontendSettingsController.available_frontends",
+      requestBody:
+        request_body(
+          "Frontend",
+          %Schema{
+            type: :object,
+            required: [:frontend_name],
+            properties: %{
+              frontend_name: %Schema{
+                type: :string,
+                description: "Frontend name"
+              }
+            }
+          },
+          required: true
+        ),
+      responses: %{
+        200 =>
+          Operation.response("Frontends", "application/json", %Schema{
+            type: :array,
+            items: %Schema{
+              type: :string
+            }
+          })
+      }
+    }
+  end
+
   def frontend_name_param do
     Operation.parameter(:frontend_name, :path, :string, "Frontend name",
       example: "pleroma-fe",

lib/pleroma/web/fallback/redirect_controller.ex

@@ -20,7 +20,7 @@ def api_not_implemented(conn, _params) do
   def redirector(conn, _params, code \\ 200) do
     conn
     |> put_resp_content_type("text/html")
-    |> send_file(code, index_file_path())
+    |> send_file(code, index_file_path(conn))
   end
 
   def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id} = params) do
@@ -33,7 +33,7 @@ def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id}
   end
 
   def redirector_with_meta(conn, params) do
-    {:ok, index_content} = File.read(index_file_path())
+    {:ok, index_content} = File.read(index_file_path(conn))
 
     tags = build_tags(conn, params)
     preloads = preload_data(conn, params)
@@ -53,7 +53,7 @@ def redirector_with_preload(conn, %{"path" => ["pleroma", "admin"]}) do
   end
 
   def redirector_with_preload(conn, params) do
-    {:ok, index_content} = File.read(index_file_path())
+    {:ok, index_content} = File.read(index_file_path(conn))
     preloads = preload_data(conn, params)
     tags = Metadata.build_static_tags(params)
     title = "<title>#{Pleroma.Config.get([:instance, :name])}</title>"
@@ -77,8 +77,9 @@ def empty(conn, _params) do
     |> text("")
   end
 
-  defp index_file_path do
-    Pleroma.Web.Plugs.InstanceStatic.file_path("index.html")
+  defp index_file_path(conn) do
+    frontend_type = Pleroma.Web.Plugs.FrontendStatic.preferred_or_fallback(conn, :primary)
+    Pleroma.Web.Plugs.InstanceStatic.file_path("index.html", frontend_type)
   end
 
   defp build_tags(conn, params) do

lib/pleroma/web/nodeinfo/nodeinfo_controller.ex

@@ -5,11 +5,6 @@
 defmodule Pleroma.Web.Nodeinfo.NodeinfoController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Config
-  alias Pleroma.Stats
-  alias Pleroma.User
-  alias Pleroma.Web.Federator.Publisher
-  alias Pleroma.Web.MastodonAPI.InstanceView
   alias Pleroma.Web.Endpoint
   alias Pleroma.Web.Nodeinfo.Nodeinfo
 

lib/pleroma/web/plugs/frontend_static.ex

@@ -5,17 +5,23 @@
 defmodule Pleroma.Web.Plugs.FrontendStatic do
   require Pleroma.Constants
 
+  @frontend_cookie_name "preferred_frontend"
+
   @moduledoc """
   This is a shim to call `Plug.Static` but with runtime `from` configuration`. It dispatches to the different frontends.
   """
   @behaviour Plug
 
-  def file_path(path, frontend_type \\ :primary) do
-    if configuration = Pleroma.Config.get([:frontends, frontend_type]) do
-      instance_static_path = Pleroma.Config.get([:instance, :static_dir], "instance/static")
+  defp instance_static_path do
+    Pleroma.Config.get([:instance, :static_dir], "instance/static")
+  end
 
+  def file_path(path, frontend_type \\ :primary)
+
+  def file_path(path, frontend_type) when is_atom(frontend_type) do
+    if configuration = Pleroma.Config.get([:frontends, frontend_type]) do
       Path.join([
-        instance_static_path,
+        instance_static_path(),
         "frontends",
         configuration["name"],
         configuration["ref"],
@@ -26,6 +32,15 @@ def file_path(path, frontend_type \\ :primary) do
     end
   end
 
+  def file_path(path, frontend_type) when is_binary(frontend_type) do
+    Path.join([
+      instance_static_path(),
+      "frontends",
+      frontend_type,
+      path
+    ])
+  end
+
   def init(opts) do
     opts
     |> Keyword.put(:from, "__unconfigured_frontend_static_plug")
@@ -38,7 +53,8 @@ def call(conn, opts) do
     with false <- api_route?(conn.path_info),
          false <- invalid_path?(conn.path_info),
          true <- enabled?(opts[:if]),
-         frontend_type <- Map.get(opts, :frontend_type, :primary),
+         fallback_frontend_type <- Map.get(opts, :frontend_type, :primary),
+         frontend_type <- preferred_or_fallback(conn, fallback_frontend_type),
          path when not is_nil(path) <- file_path("", frontend_type) do
       call_static(conn, opts, path)
     else
@@ -47,6 +63,31 @@ def call(conn, opts) do
     end
   end
 
+  def preferred_frontend(conn) do
+    %{req_cookies: cookies} =
+      conn
+      |> Plug.Conn.fetch_cookies()
+
+    Map.get(cookies, @frontend_cookie_name)
+  end
+
+  # Only override primary frontend
+  def preferred_or_fallback(conn, :primary) do
+    case preferred_frontend(conn) do
+      nil ->
+        :primary
+
+      frontend ->
+        if Enum.member?(Pleroma.Config.get([:frontends, :pickable], []), frontend) do
+          frontend
+        else
+          :primary
+        end
+    end
+  end
+
+  def preferred_or_fallback(_conn, fallback), do: fallback
+
   defp enabled?(if_opt) when is_function(if_opt), do: if_opt.()
   defp enabled?(true), do: true
   defp enabled?(_), do: false

lib/pleroma/web/plugs/http_security_plug.ex

@@ -8,6 +8,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
 
   require Logger
 
+  @mix_env Mix.env()
+
   def init(opts), do: opts
 
   def call(conn, _options) do
@@ -114,7 +116,14 @@ defp csp_string(conn) do
     style_src = "style-src 'self' '#{nonce_tag}'"
     font_src = "font-src 'self'"
 
-    script_src = "script-src 'self' '#{nonce_tag}'"
+    script_src = "script-src 'self' '#{nonce_tag}' "
+
+    script_src =
+      if @mix_env == :dev do
+        "script-src 'self' 'unsafe-eval' 'unsafe-inline'"
+      else
+        script_src
+      end
 
     report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
     insecure = if scheme == "https", do: "upgrade-insecure-requests"

lib/pleroma/web/plugs/instance_static.ex

@@ -12,11 +12,11 @@ defmodule Pleroma.Web.Plugs.InstanceStatic do
   """
   @behaviour Plug
 
-  def file_path(path) do
+  def file_path(path, frontend_type \\ :primary) do
     instance_path =
       Path.join(Pleroma.Config.get([:instance, :static_dir], "instance/static/"), path)
 
-    frontend_path = Pleroma.Web.Plugs.FrontendStatic.file_path(path, :primary)
+    frontend_path = Pleroma.Web.Plugs.FrontendStatic.file_path(path, frontend_type)
 
     (File.exists?(instance_path) && instance_path) ||
       (frontend_path && File.exists?(frontend_path) && frontend_path) ||

lib/pleroma/web/router.ex

@@ -488,6 +488,29 @@ defmodule Pleroma.Web.Router do
     put("/statuses/:id/emoji_reactions/:emoji", EmojiReactionController, :create)
   end
 
+  scope "/akkoma/", Pleroma.Web.AkkomaAPI do
+    pipe_through(:browser)
+
+    get("/frontend", FrontendSwitcherController, :switch)
+    post("/frontend", FrontendSwitcherController, :do_switch)
+  end
+
+  scope "/api/v1/akkoma", Pleroma.Web.AkkomaAPI do
+    pipe_through(:api)
+
+    get(
+      "/api/v1/akkoma/preferred_frontend/available",
+      FrontendSettingsController,
+      :available_frontends
+    )
+
+    put(
+      "/api/v1/akkoma/preferred_frontend",
+      FrontendSettingsController,
+      :update_preferred_frontend
+    )
+  end
+
   scope "/api/v1/akkoma", Pleroma.Web.AkkomaAPI do
     pipe_through(:authenticated_api)
     get("/metrics", MetricsController, :show)

lib/pleroma/web/templates/akkoma_api/frontend_switcher/switch.html.eex

@@ -0,0 +1,10 @@
+<h2>Switch Frontend</h2>
+
+<h3>After you submit, you will need to refresh manually to get your new frontend!</h3>
+
+<%= form_for @conn, Routes.frontend_switcher_path(@conn, :do_switch), fn f -> %>
+  <%= select(f, :frontend, @choices) %>
+
+  <%= submit do: "submit" %>
+<% end %>
+

mix.exs

@@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
   def project do
     [
       app: :pleroma,
-      version: version("3.7.1"),
+      version: version("3.8.0"),
       elixir: "~> 1.14",
       elixirc_paths: elixirc_paths(Mix.env()),
       compilers: [:phoenix] ++ Mix.compilers(),

test/pleroma/signature_test.exs

@@ -114,6 +114,11 @@ test "it deduces the actor id for gotoSocial" do
                {:ok, "https://example.com/users/1234"}
     end
 
+    test "it deduces the actor ID for streams" do
+      assert Signature.key_id_to_actor_id("https://example.com/users/1234?operation=getkey") ==
+               {:ok, "https://example.com/users/1234"}
+    end
+
     test "it calls webfinger for 'acct:' accounts" do
       with_mock(Pleroma.Web.WebFinger,
         finger: fn _ -> {:ok, %{"ap_id" => "https://gensokyo.2hu/users/raymoo"}} end

test/pleroma/upload_test.exs

@@ -54,7 +54,7 @@ test "it returns file" do
       assert result ==
                %{
                  "id" => result["id"],
-                 "name" => "image.jpg",
+                 "name" => "",
                  "type" => "Document",
                  "mediaType" => "image/jpeg",
                  "url" => [
@@ -154,19 +154,6 @@ test "copies the file to the configured folder with deduping" do
                  "e30397b58d226d6583ab5b8b3c5defb0c682bda5c31ef07a9f57c1c4986e3781.jpg"
     end
 
-    test "copies the file to the configured folder without deduping" do
-      File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
-
-      file = %Plug.Upload{
-        content_type: "image/jpeg",
-        path: Path.absname("test/fixtures/image_tmp.jpg"),
-        filename: "an [image.jpg"
-      }
-
-      {:ok, data} = Upload.store(file)
-      assert data["name"] == "an [image.jpg"
-    end
-
     test "fixes incorrect content type when base64 is given" do
       params = %{
         img: "data:image/png;base64,#{Base.encode64(File.read!("test/fixtures/image.jpg"))}"
@@ -184,7 +171,7 @@ test "adds extension when base64 is given" do
       }
 
       {:ok, data} = Upload.store(params)
-      assert String.ends_with?(data["name"], ".jpg")
+      assert String.ends_with?(List.first(data["url"])["href"], ".jpg")
     end
 
     test "copies the file to the configured folder with anonymizing filename" do

test/pleroma/web/activity_pub/activity_pub_controller_test.exs

@@ -662,35 +662,6 @@ test "accept follow activity", %{conn: conn} do
       assert_receive {:mix_shell, :info, ["https://relay.mastodon.host/actor"]}
     end
 
-    @tag capture_log: true
-    test "without valid signature, " <>
-           "it only accepts Create activities and requires enabled federation",
-         %{conn: conn} do
-      data = File.read!("test/fixtures/mastodon-post-activity.json") |> Jason.decode!()
-      non_create_data = File.read!("test/fixtures/mastodon-announce.json") |> Jason.decode!()
-
-      conn = put_req_header(conn, "content-type", "application/activity+json")
-
-      clear_config([:instance, :federating], false)
-
-      conn
-      |> post("/inbox", data)
-      |> json_response(403)
-
-      conn
-      |> post("/inbox", non_create_data)
-      |> json_response(403)
-
-      clear_config([:instance, :federating], true)
-
-      ret_conn = post(conn, "/inbox", data)
-      assert "ok" == json_response(ret_conn, 200)
-
-      conn
-      |> post("/inbox", non_create_data)
-      |> json_response(400)
-    end
-
     test "accepts Add/Remove activities", %{conn: conn} do
       object_id = "c61d6733-e256-4fe1-ab13-1e369789423f"
 

test/pleroma/web/activity_pub/activity_pub_test.exs

@@ -1323,28 +1323,6 @@ test "sets a description if given", %{test_file: file} do
       assert object.data["name"] == "a cool file"
     end
 
-    test "it sets the default description depending on the configuration", %{test_file: file} do
-      clear_config([Pleroma.Upload, :default_description])
-
-      clear_config([Pleroma.Upload, :default_description], nil)
-      {:ok, %Object{} = object} = ActivityPub.upload(file)
-      assert object.data["name"] == ""
-
-      clear_config([Pleroma.Upload, :default_description], :filename)
-      {:ok, %Object{} = object} = ActivityPub.upload(file)
-      assert object.data["name"] == "an_image.jpg"
-
-      clear_config([Pleroma.Upload, :default_description], "unnamed attachment")
-      {:ok, %Object{} = object} = ActivityPub.upload(file)
-      assert object.data["name"] == "unnamed attachment"
-    end
-
-    test "copies the file to the configured folder", %{test_file: file} do
-      clear_config([Pleroma.Upload, :default_description], :filename)
-      {:ok, %Object{} = object} = ActivityPub.upload(file)
-      assert object.data["name"] == "an_image.jpg"
-    end
-
     test "works with base64 encoded images" do
       file = %{
         img: data_uri()

test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs

@@ -423,10 +423,9 @@ test "should return 404 if disabled" do
     test "should not return 404 if local is specified" do
       clear_config([:instance, :federated_timeline_available], false)
 
-      result =
-        build_conn()
-        |> get("/api/v1/timelines/public?local=true")
-        |> json_response_and_validate_schema(200)
+      build_conn()
+      |> get("/api/v1/timelines/public?local=true")
+      |> json_response_and_validate_schema(200)
     end
   end
 

test/pleroma/web/plugs/frontend_static_plug_test.exs

@@ -83,6 +83,7 @@ test "api routes are detected correctly" do
       "main",
       "ostatus_subscribe",
       "oauth",
+      "akkoma",
       "objects",
       "activities",
       "notice",

test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs

@@ -69,6 +69,47 @@ test "it considers a mapped identity to be invalid when the associated instance
     assert %{valid_signature: false} == conn.assigns
   end
 
+  test "allowlist federation: it considers a mapped identity to be valid when the associated instance is allowed" do
+    clear_config([:activitypub, :authorized_fetch_mode], true)
+
+    clear_config([:mrf_simple, :accept], [
+      {"mastodon.example.org", "anime is allowed"}
+    ])
+
+    on_exit(fn ->
+      Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
+      Pleroma.Config.put([:mrf_simple, :accept], [])
+    end)
+
+    conn =
+      build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
+      |> set_signature("http://mastodon.example.org/users/admin")
+      |> MappedSignatureToIdentityPlug.call(%{})
+
+    assert conn.assigns[:valid_signature]
+    refute is_nil(conn.assigns.user)
+  end
+
+  test "allowlist federation: it considers a mapped identity to be invalid when the associated instance is not allowed" do
+    clear_config([:activitypub, :authorized_fetch_mode], true)
+
+    clear_config([:mrf_simple, :accept], [
+      {"misskey.example.org", "anime is allowed"}
+    ])
+
+    on_exit(fn ->
+      Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
+      Pleroma.Config.put([:mrf_simple, :accept], [])
+    end)
+
+    conn =
+      build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
+      |> set_signature("http://mastodon.example.org/users/admin")
+      |> MappedSignatureToIdentityPlug.call(%{})
+
+    assert %{valid_signature: false} == conn.assigns
+  end
+
   @tag skip: "known breakage; the testsuite presently depends on it"
   test "it considers a mapped identity to be invalid when the identity cannot be found" do
     conn =