generate-keys-at-registration-time (#181)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Reviewed-on: #181
This commit is contained in:
parent
bfbe4e8dce
commit
2e433e106f
4 changed files with 58 additions and 2 deletions
|
@ -23,7 +23,15 @@ def start_pleroma do
|
|||
Pleroma.Config.Oban.warn()
|
||||
Pleroma.Application.limiters_setup()
|
||||
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
||||
Finch.start_link(name: MyFinch)
|
||||
|
||||
proxy_url = Pleroma.Config.get([:http, :proxy_url])
|
||||
proxy = Pleroma.HTTP.AdapterHelper.format_proxy(proxy_url)
|
||||
|
||||
finch_config =
|
||||
[:http, :adapter]
|
||||
|> Pleroma.Config.get([])
|
||||
|> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy)
|
||||
|> Keyword.put(:name, MyFinch)
|
||||
|
||||
unless System.get_env("DEBUG") do
|
||||
Logger.remove_backend(:console)
|
||||
|
@ -45,6 +53,7 @@ def start_pleroma do
|
|||
Pleroma.Emoji,
|
||||
{Pleroma.Config.TransferTask, false},
|
||||
Pleroma.Web.Endpoint,
|
||||
{Finch, finch_config},
|
||||
{Oban, oban_config},
|
||||
{Majic.Pool,
|
||||
[name: Pleroma.MajicPool, pool_size: Pleroma.Config.get([:majic_pool, :size], 2)]}
|
||||
|
|
|
@ -258,6 +258,25 @@ def run(["untag", nickname | tags]) do
|
|||
end
|
||||
end
|
||||
|
||||
def run(["refetch_public_keys"]) do
|
||||
start_pleroma()
|
||||
|
||||
Pleroma.User.Query.build(%{
|
||||
external: true,
|
||||
is_active: true
|
||||
})
|
||||
|> refetch_public_keys()
|
||||
end
|
||||
|
||||
def run(["refetch_public_keys" | rest]) do
|
||||
start_pleroma()
|
||||
|
||||
Pleroma.User.Query.build(%{
|
||||
ap_id: rest
|
||||
})
|
||||
|> refetch_public_keys()
|
||||
end
|
||||
|
||||
def run(["invite" | rest]) do
|
||||
{options, [], []} =
|
||||
OptionParser.parse(rest,
|
||||
|
@ -519,6 +538,26 @@ def run(["fix_follow_state", local_user, remote_user]) do
|
|||
end
|
||||
end
|
||||
|
||||
defp refetch_public_keys(query) do
|
||||
query
|
||||
|> Pleroma.Repo.chunk_stream(50, :batches)
|
||||
|> Stream.each(fn users ->
|
||||
users
|
||||
|> Enum.each(fn user ->
|
||||
IO.puts("Re-Resolving: #{user.ap_id}")
|
||||
|
||||
with {:ok, user} <- Pleroma.User.fetch_by_ap_id(user.ap_id),
|
||||
changeset <- Pleroma.User.update_changeset(user),
|
||||
{:ok, _user} <- Pleroma.User.update_and_set_cache(changeset) do
|
||||
:ok
|
||||
else
|
||||
error -> IO.puts("Could not resolve: #{user.ap_id}, #{inspect(error)}")
|
||||
end
|
||||
end)
|
||||
end)
|
||||
|> Stream.run()
|
||||
end
|
||||
|
||||
defp set_moderator(user, value) do
|
||||
{:ok, user} =
|
||||
user
|
||||
|
|
|
@ -681,6 +681,7 @@ def register_changeset_ldap(struct, params = %{password: password})
|
|||
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
||||
|> validate_format(:nickname, local_nickname_regex())
|
||||
|> put_ap_id()
|
||||
|> put_keys()
|
||||
|> unique_constraint(:ap_id)
|
||||
|> put_following_and_follower_and_featured_address()
|
||||
end
|
||||
|
@ -740,6 +741,7 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|
|||
|> validate_length(:registration_reason, max: reason_limit)
|
||||
|> maybe_validate_required_email(opts[:external])
|
||||
|> put_password_hash
|
||||
|> put_keys()
|
||||
|> put_ap_id()
|
||||
|> unique_constraint(:ap_id)
|
||||
|> put_following_and_follower_and_featured_address()
|
||||
|
@ -755,6 +757,11 @@ def maybe_validate_required_email(changeset, _) do
|
|||
end
|
||||
end
|
||||
|
||||
def put_keys(changeset) do
|
||||
{:ok, pem} = Keys.generate_rsa_pem()
|
||||
put_change(changeset, :keys, pem)
|
||||
end
|
||||
|
||||
def put_ap_id(changeset) do
|
||||
ap_id = ap_id(%User{nickname: get_field(changeset, :nickname)})
|
||||
put_change(changeset, :ap_id, ap_id)
|
||||
|
|
|
@ -620,13 +620,14 @@ test "it blocks blacklisted email domains" do
|
|||
assert changeset.valid?
|
||||
end
|
||||
|
||||
test "it sets the password_hash and ap_id" do
|
||||
test "it sets the password_hash, ap_id and PEM key" do
|
||||
changeset = User.register_changeset(%User{}, @full_user_data)
|
||||
|
||||
assert changeset.valid?
|
||||
|
||||
assert is_binary(changeset.changes[:password_hash])
|
||||
assert changeset.changes[:ap_id] == User.ap_id(%User{nickname: @full_user_data.nickname})
|
||||
assert is_binary(changeset.changes[:keys])
|
||||
|
||||
assert changeset.changes.follower_address == "#{changeset.changes.ap_id}/followers"
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue