generate-keys-at-registration-time (#181)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Reviewed-on: #181
This commit is contained in:
parent
bfbe4e8dce
commit
2e433e106f
4 changed files with 58 additions and 2 deletions
|
@ -23,7 +23,15 @@ def start_pleroma do
|
||||||
Pleroma.Config.Oban.warn()
|
Pleroma.Config.Oban.warn()
|
||||||
Pleroma.Application.limiters_setup()
|
Pleroma.Application.limiters_setup()
|
||||||
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
||||||
Finch.start_link(name: MyFinch)
|
|
||||||
|
proxy_url = Pleroma.Config.get([:http, :proxy_url])
|
||||||
|
proxy = Pleroma.HTTP.AdapterHelper.format_proxy(proxy_url)
|
||||||
|
|
||||||
|
finch_config =
|
||||||
|
[:http, :adapter]
|
||||||
|
|> Pleroma.Config.get([])
|
||||||
|
|> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy)
|
||||||
|
|> Keyword.put(:name, MyFinch)
|
||||||
|
|
||||||
unless System.get_env("DEBUG") do
|
unless System.get_env("DEBUG") do
|
||||||
Logger.remove_backend(:console)
|
Logger.remove_backend(:console)
|
||||||
|
@ -45,6 +53,7 @@ def start_pleroma do
|
||||||
Pleroma.Emoji,
|
Pleroma.Emoji,
|
||||||
{Pleroma.Config.TransferTask, false},
|
{Pleroma.Config.TransferTask, false},
|
||||||
Pleroma.Web.Endpoint,
|
Pleroma.Web.Endpoint,
|
||||||
|
{Finch, finch_config},
|
||||||
{Oban, oban_config},
|
{Oban, oban_config},
|
||||||
{Majic.Pool,
|
{Majic.Pool,
|
||||||
[name: Pleroma.MajicPool, pool_size: Pleroma.Config.get([:majic_pool, :size], 2)]}
|
[name: Pleroma.MajicPool, pool_size: Pleroma.Config.get([:majic_pool, :size], 2)]}
|
||||||
|
|
|
@ -258,6 +258,25 @@ def run(["untag", nickname | tags]) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def run(["refetch_public_keys"]) do
|
||||||
|
start_pleroma()
|
||||||
|
|
||||||
|
Pleroma.User.Query.build(%{
|
||||||
|
external: true,
|
||||||
|
is_active: true
|
||||||
|
})
|
||||||
|
|> refetch_public_keys()
|
||||||
|
end
|
||||||
|
|
||||||
|
def run(["refetch_public_keys" | rest]) do
|
||||||
|
start_pleroma()
|
||||||
|
|
||||||
|
Pleroma.User.Query.build(%{
|
||||||
|
ap_id: rest
|
||||||
|
})
|
||||||
|
|> refetch_public_keys()
|
||||||
|
end
|
||||||
|
|
||||||
def run(["invite" | rest]) do
|
def run(["invite" | rest]) do
|
||||||
{options, [], []} =
|
{options, [], []} =
|
||||||
OptionParser.parse(rest,
|
OptionParser.parse(rest,
|
||||||
|
@ -519,6 +538,26 @@ def run(["fix_follow_state", local_user, remote_user]) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp refetch_public_keys(query) do
|
||||||
|
query
|
||||||
|
|> Pleroma.Repo.chunk_stream(50, :batches)
|
||||||
|
|> Stream.each(fn users ->
|
||||||
|
users
|
||||||
|
|> Enum.each(fn user ->
|
||||||
|
IO.puts("Re-Resolving: #{user.ap_id}")
|
||||||
|
|
||||||
|
with {:ok, user} <- Pleroma.User.fetch_by_ap_id(user.ap_id),
|
||||||
|
changeset <- Pleroma.User.update_changeset(user),
|
||||||
|
{:ok, _user} <- Pleroma.User.update_and_set_cache(changeset) do
|
||||||
|
:ok
|
||||||
|
else
|
||||||
|
error -> IO.puts("Could not resolve: #{user.ap_id}, #{inspect(error)}")
|
||||||
|
end
|
||||||
|
end)
|
||||||
|
end)
|
||||||
|
|> Stream.run()
|
||||||
|
end
|
||||||
|
|
||||||
defp set_moderator(user, value) do
|
defp set_moderator(user, value) do
|
||||||
{:ok, user} =
|
{:ok, user} =
|
||||||
user
|
user
|
||||||
|
|
|
@ -681,6 +681,7 @@ def register_changeset_ldap(struct, params = %{password: password})
|
||||||
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
||||||
|> validate_format(:nickname, local_nickname_regex())
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|> put_ap_id()
|
|> put_ap_id()
|
||||||
|
|> put_keys()
|
||||||
|> unique_constraint(:ap_id)
|
|> unique_constraint(:ap_id)
|
||||||
|> put_following_and_follower_and_featured_address()
|
|> put_following_and_follower_and_featured_address()
|
||||||
end
|
end
|
||||||
|
@ -740,6 +741,7 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||||
|> validate_length(:registration_reason, max: reason_limit)
|
|> validate_length(:registration_reason, max: reason_limit)
|
||||||
|> maybe_validate_required_email(opts[:external])
|
|> maybe_validate_required_email(opts[:external])
|
||||||
|> put_password_hash
|
|> put_password_hash
|
||||||
|
|> put_keys()
|
||||||
|> put_ap_id()
|
|> put_ap_id()
|
||||||
|> unique_constraint(:ap_id)
|
|> unique_constraint(:ap_id)
|
||||||
|> put_following_and_follower_and_featured_address()
|
|> put_following_and_follower_and_featured_address()
|
||||||
|
@ -755,6 +757,11 @@ def maybe_validate_required_email(changeset, _) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def put_keys(changeset) do
|
||||||
|
{:ok, pem} = Keys.generate_rsa_pem()
|
||||||
|
put_change(changeset, :keys, pem)
|
||||||
|
end
|
||||||
|
|
||||||
def put_ap_id(changeset) do
|
def put_ap_id(changeset) do
|
||||||
ap_id = ap_id(%User{nickname: get_field(changeset, :nickname)})
|
ap_id = ap_id(%User{nickname: get_field(changeset, :nickname)})
|
||||||
put_change(changeset, :ap_id, ap_id)
|
put_change(changeset, :ap_id, ap_id)
|
||||||
|
|
|
@ -620,13 +620,14 @@ test "it blocks blacklisted email domains" do
|
||||||
assert changeset.valid?
|
assert changeset.valid?
|
||||||
end
|
end
|
||||||
|
|
||||||
test "it sets the password_hash and ap_id" do
|
test "it sets the password_hash, ap_id and PEM key" do
|
||||||
changeset = User.register_changeset(%User{}, @full_user_data)
|
changeset = User.register_changeset(%User{}, @full_user_data)
|
||||||
|
|
||||||
assert changeset.valid?
|
assert changeset.valid?
|
||||||
|
|
||||||
assert is_binary(changeset.changes[:password_hash])
|
assert is_binary(changeset.changes[:password_hash])
|
||||||
assert changeset.changes[:ap_id] == User.ap_id(%User{nickname: @full_user_data.nickname})
|
assert changeset.changes[:ap_id] == User.ap_id(%User{nickname: @full_user_data.nickname})
|
||||||
|
assert is_binary(changeset.changes[:keys])
|
||||||
|
|
||||||
assert changeset.changes.follower_address == "#{changeset.changes.ap_id}/followers"
|
assert changeset.changes.follower_address == "#{changeset.changes.ap_id}/followers"
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue