Merge branch 'develop' into feature/gen-magic

.credo.exs

@@ -25,7 +25,7 @@
       #
       # If you create your own checks, you must specify the source files for
       # them here, so they can be loaded by Credo before running the analysis.
-      requires: [],
+      requires: ["./lib/credo/check/consistency/file_location.ex"],
       #
       # Credo automatically checks for updates, like e.g. Hex does.
       # You can disable this behaviour below:
@@ -71,7 +71,6 @@
         # set this value to 0 (zero).
         {Credo.Check.Design.TagTODO, exit_status: 0},
         {Credo.Check.Design.TagFIXME, exit_status: 0},
-
         {Credo.Check.Readability.FunctionNames},
         {Credo.Check.Readability.LargeNumbers},
         {Credo.Check.Readability.MaxLineLength, priority: :low, max_length: 100},
@@ -91,7 +90,6 @@
         {Credo.Check.Readability.VariableNames},
         {Credo.Check.Readability.Semicolons},
         {Credo.Check.Readability.SpaceAfterCommas},
-
         {Credo.Check.Refactor.DoubleBooleanNegation},
         {Credo.Check.Refactor.CondStatements},
         {Credo.Check.Refactor.CyclomaticComplexity},
@@ -102,7 +100,6 @@
         {Credo.Check.Refactor.Nesting},
         {Credo.Check.Refactor.PipeChainStart},
         {Credo.Check.Refactor.UnlessWithElse},
-
         {Credo.Check.Warning.BoolOperationOnSameValues},
         {Credo.Check.Warning.IExPry},
         {Credo.Check.Warning.IoInspect},
@@ -131,6 +128,7 @@
 
         # Custom checks can be created using `mix credo.gen.check`.
         #
+        {Credo.Check.Consistency.FileLocation}
       ]
     }
   ]

config/config.exs

@@ -677,7 +677,7 @@ config :pleroma, :rate_limit,
 
 config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600
 
-config :pleroma, Pleroma.Plugs.RemoteIp,
+config :pleroma, Pleroma.Web.Plugs.RemoteIp,
   enabled: true,
   headers: ["x-forwarded-for"],
   proxies: [],

config/description.exs

@@ -3250,10 +3250,10 @@ config :pleroma, :config_description, [
   },
   %{
     group: :pleroma,
-    key: Pleroma.Plugs.RemoteIp,
+    key: Pleroma.Web.Plugs.RemoteIp,
     type: :group,
     description: """
-    `Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
+    `Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
     **If your instance is not behind at least one reverse proxy, you should not enable this plug.**
     """,
     children: [

config/test.exs

@@ -113,7 +113,7 @@ config :pleroma, Pleroma.Gun, Pleroma.GunMock
 
 config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true
 
-config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false
+config :pleroma, Pleroma.Web.Plugs.RemoteIp, enabled: false
 
 config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true
 

coveralls.json

@@ -1,6 +1,7 @@
 {
   "skip_files": [
     "test/support",
-    "lib/mix/tasks/pleroma/benchmark.ex"
+    "lib/mix/tasks/pleroma/benchmark.ex",
+    "lib/credo/check/consistency/file_location.ex"
   ]
 }

docs/administration/CLI_tasks/instance.md

@@ -37,3 +37,6 @@ If any of the options are left unspecified, you will be prompted interactively.
 - `--static-dir <path>` - the directory custom public files should be read from (custom emojis, frontend bundle overrides, robots.txt, etc.)
 - `--listen-ip <ip>` - the ip the app should listen to, defaults to 127.0.0.1
 - `--listen-port <port>` - the port the app should listen to, defaults to 4000
+- `--strip-uploads <Y|N>` - use ExifTool to strip uploads of sensitive location data
+- `--anonymize-uploads <Y|N>` - randomize uploaded filenames
+- `--dedupe-uploads <Y|N>` - store files based on their hash to reduce data storage requirements if duplicates are uploaded with different filenames

docs/administration/backup.md

@@ -14,15 +14,16 @@
 2. Stop the Pleroma service.
 3. Go to the working directory of Pleroma (default is `/opt/pleroma`)
 4. Copy the above mentioned files back to their original position.
-5. Drop the existing database if restoring in-place. `sudo -Hu postgres psql -c 'DROP DATABASE <pleroma_db>;'` 
+5. Drop the existing database and user if restoring in-place. `sudo -Hu postgres psql -c 'DROP DATABASE <pleroma_db>;';` `sudo -Hu postgres psql -c 'DROP USER <pleroma_db>;'`
 6. Restore the database schema and pleroma postgres role the with the original `setup_db.psql` if you have it: `sudo -Hu postgres psql -f config/setup_db.psql`. 
 
-  Alernatively, run the `mix pleroma.instance gen` task again. You can ignore most of the questions, but make the database user, name, and password the same as found in your backup of `config/prod.secret.exs`. Then run the restoration of the pleroma role and schema with of the generated `config/setup_db.psql` as instructed above. You may delete the `config/generated_config.exs` file as it is not needed.
+  Alternatively, run the `mix pleroma.instance gen` task again. You can ignore most of the questions, but make the database user, name, and password the same as found in your backup of `config/prod.secret.exs`. Then run the restoration of the pleroma role and schema with of the generated `config/setup_db.psql` as instructed above. You may delete the `config/generated_config.exs` file as it is not needed.
 
 7. Now restore the Pleroma instance's data into the empty database schema: `sudo -Hu postgres pg_restore -d <pleroma_db> -v -1 </path/to/backup_location/pleroma.pgdump>`
 8. If you installed a newer Pleroma version, you should run `mix ecto.migrate`[^1]. This task performs database migrations, if there were any.
 9. Restart the Pleroma service.
 10. Run `sudo -Hu postgres vacuumdb --all --analyze-in-stages`. This will quickly generate the statistics so that postgres can properly plan queries.
+11. If setting up on a new server configure Nginx by using the `installation/pleroma.nginx` config sample or reference the Pleroma installation guide for your OS which contains the Nginx configuration instructions.
 
 [^1]: Prefix with `MIX_ENV=prod` to run it using the production config file.
 
@@ -35,6 +36,6 @@
 3. Disable pleroma from systemd `systemctl disable pleroma`
 4. Remove the files and folders you created during installation (see installation guide). This includes the pleroma, nginx and systemd files and folders.
 5. Reload nginx now that the configuration is removed `systemctl reload nginx`
-6. Remove the database and database user `sudo -Hu postgres psql -c 'DROP DATABASE <pleroma_db>;';` `sudo -Hu postgres psql -c 'DROP USER <pleroma_db>;';`
+6. Remove the database and database user `sudo -Hu postgres psql -c 'DROP DATABASE <pleroma_db>;';` `sudo -Hu postgres psql -c 'DROP USER <pleroma_db>;'`
 7. Remove the system user `userdel pleroma`
 8. Remove the dependencies that you don't need anymore (see installation guide). Make sure you don't remove packages that are still needed for other software that you have running!

docs/configuration/cheatsheet.md

@@ -113,7 +113,7 @@ To add configuration to your config file, you can copy it from the base config.
     * `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)).
     * `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)).
     * `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)).
-    * `Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy`: Sets a default expiration on all posts made by users of the local instance. Requires `Pleroma.ActivityExpiration` to be enabled for processing the scheduled delections.
+    * `Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy`: Sets a default expiration on all posts made by users of the local instance. Requires `Pleroma.Workers.PurgeExpiredActivity` to be enabled for processing the scheduled delections.
     * `Pleroma.Web.ActivityPub.MRF.ForceBotUnlistedPolicy`: Makes all bot posts to disappear from public timelines.
 * `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
 * `transparency_exclusions`: Exclude specific instance names from MRF transparency.  The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
@@ -219,12 +219,6 @@ config :pleroma, :mrf_user_allowlist, %{
 * `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`)
 * `enabled`: whether scheduled activities are sent to the job queue to be executed
 
-## Pleroma.ActivityExpiration
-
-Enables the worker which processes posts scheduled for deletion. Pinned posts are exempt from expiration.
-
-* `enabled`: whether expired activities will be sent to the job queue to be deleted
-
 ## FedSockets
 FedSockets is an experimental feature allowing for Pleroma backends to federate using a persistant websocket connection as opposed to making each federation a seperate http connection. This feature is currently off by default. It is configurable throught he following options.
 
@@ -416,12 +410,12 @@ This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls start
 * ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.
 * ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header.
 
-### Pleroma.Plugs.RemoteIp
+### Pleroma.Web.Plugs.RemoteIp
 
 !!! warning
     If your instance is not behind at least one reverse proxy, you should not enable this plug.
 
-`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
+`Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
 
 Available options:
 
@@ -434,7 +428,7 @@ Available options:
 ### :rate_limit
 
 !!! note
-   If your instance is behind a reverse proxy ensure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
+   If your instance is behind a reverse proxy ensure [`Pleroma.Web.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
 
 A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
 

docs/dev.md

@@ -6,7 +6,7 @@ This document contains notes and guidelines for Pleroma developers.
 
 * Pleroma supports hierarchical OAuth scopes, just like Mastodon but with added granularity of admin scopes. For a reference, see [Mastodon OAuth scopes](https://docs.joinmastodon.org/api/oauth-scopes/).
 
-* It is important to either define OAuth scope restrictions or explicitly mark OAuth scope check as skipped, for every controller action. To define scopes, call `plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: [...]})`. To explicitly set OAuth scopes check skipped, call `plug(:skip_plug, Pleroma.Plugs.OAuthScopesPlug <when ...>)`.
+* It is important to either define OAuth scope restrictions or explicitly mark OAuth scope check as skipped, for every controller action. To define scopes, call `plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: [...]})`. To explicitly set OAuth scopes check skipped, call `plug(:skip_plug, Pleroma.Web.Plugs.OAuthScopesPlug <when ...>)`.
 
 * In controllers, `use Pleroma.Web, :controller` will result in `action/2` (see `Pleroma.Web.controller/0` for definition) be called prior to actual controller action, and it'll perform security / privacy checks before passing control to actual controller action.
 
@@ -16,7 +16,7 @@ This document contains notes and guidelines for Pleroma developers.
 
 ## [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization)
 
-* With HTTP Basic Auth, OAuth scopes check is _not_ performed for any action (since password is provided during the auth, requester is able to obtain a token with full permissions anyways). `Pleroma.Plugs.AuthenticationPlug` and `Pleroma.Plugs.LegacyAuthenticationPlug` both call `Pleroma.Plugs.OAuthScopesPlug.skip_plug(conn)` when password is provided.
+* With HTTP Basic Auth, OAuth scopes check is _not_ performed for any action (since password is provided during the auth, requester is able to obtain a token with full permissions anyways). `Pleroma.Web.Plugs.AuthenticationPlug` and `Pleroma.Web.Plugs.LegacyAuthenticationPlug` both call `Pleroma.Web.Plugs.OAuthScopesPlug.skip_plug(conn)` when password is provided.
 
 ## Auth-related configuration, OAuth consumer mode etc.
 

lib/credo/check/consistency/file_location.ex

@@ -0,0 +1,166 @@
+# Pleroma: A lightweight social networking server
+# Originally taken from
+# https://github.com/VeryBigThings/elixir_common/blob/master/lib/vbt/credo/check/consistency/file_location.ex
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Credo.Check.Consistency.FileLocation do
+  @moduledoc false
+
+  # credo:disable-for-this-file Credo.Check.Readability.Specs
+
+  @checkdoc """
+  File location should follow the namespace hierarchy of the module it defines.
+
+  Examples:
+
+      - `lib/my_system.ex` should define the `MySystem` module
+      - `lib/my_system/accounts.ex` should define the `MySystem.Accounts` module
+  """
+  @explanation [warning: @checkdoc]
+
+  @special_namespaces [
+    "controllers",
+    "views",
+    "operations",
+    "channels"
+  ]
+
+  # `use Credo.Check` required that module attributes are already defined, so we need
+  # to place these attributes
+  # before use/alias expressions.
+  # credo:disable-for-next-line VBT.Credo.Check.Consistency.ModuleLayout
+  use Credo.Check, category: :warning, base_priority: :high
+
+  alias Credo.Code
+
+  def run(source_file, params \\ []) do
+    case verify(source_file, params) do
+      :ok ->
+        []
+
+      {:error, module, expected_file} ->
+        error(IssueMeta.for(source_file, params), module, expected_file)
+    end
+  end
+
+  defp verify(source_file, params) do
+    source_file.filename
+    |> Path.relative_to_cwd()
+    |> verify(Code.ast(source_file), params)
+  end
+
+  @doc false
+  def verify(relative_path, ast, params) do
+    if verify_path?(relative_path, params),
+      do: ast |> main_module() |> verify_module(relative_path, params),
+      else: :ok
+  end
+
+  defp verify_path?(relative_path, params) do
+    case Path.split(relative_path) do
+      ["lib" | _] -> not exclude?(relative_path, params)
+      ["test", "support" | _] -> false
+      ["test", "test_helper.exs"] -> false
+      ["test" | _] -> not exclude?(relative_path, params)
+      _ -> false
+    end
+  end
+
+  defp exclude?(relative_path, params) do
+    params
+    |> Keyword.get(:exclude, [])
+    |> Enum.any?(&String.starts_with?(relative_path, &1))
+  end
+
+  defp main_module(ast) do
+    {_ast, modules} = Macro.prewalk(ast, [], &traverse/2)
+    Enum.at(modules, -1)
+  end
+
+  defp traverse({:defmodule, _meta, args}, modules) do
+    [{:__aliases__, _, name_parts}, _module_body] = args
+    {args, [Module.concat(name_parts) | modules]}
+  end
+
+  defp traverse(ast, state), do: {ast, state}
+
+  # empty file - shouldn't really happen, but we'll let it through
+  defp verify_module(nil, _relative_path, _params), do: :ok
+
+  defp verify_module(main_module, relative_path, params) do
+    parsed_path = parsed_path(relative_path, params)
+
+    expected_file =
+      expected_file_base(parsed_path.root, main_module) <>
+        Path.extname(parsed_path.allowed)
+
+    cond do
+      expected_file == parsed_path.allowed ->
+        :ok
+
+      special_namespaces?(parsed_path.allowed) ->
+        original_path = parsed_path.allowed
+
+        namespace =
+          Enum.find(@special_namespaces, original_path, fn namespace ->
+            String.contains?(original_path, namespace)
+          end)
+
+        allowed = String.replace(original_path, "/" <> namespace, "")
+
+        if expected_file == allowed,
+          do: :ok,
+          else: {:error, main_module, expected_file}
+
+      true ->
+        {:error, main_module, expected_file}
+    end
+  end
+
+  defp special_namespaces?(path), do: String.contains?(path, @special_namespaces)
+
+  defp parsed_path(relative_path, params) do
+    parts = Path.split(relative_path)
+
+    allowed =
+      Keyword.get(params, :ignore_folder_namespace, %{})
+      |> Stream.flat_map(fn {root, folders} -> Enum.map(folders, &Path.join([root, &1])) end)
+      |> Stream.map(&Path.split/1)
+      |> Enum.find(&List.starts_with?(parts, &1))
+      |> case do
+        nil ->
+          relative_path
+
+        ignore_parts ->
+          Stream.drop(ignore_parts, -1)
+          |> Enum.concat(Stream.drop(parts, length(ignore_parts)))
+          |> Path.join()
+      end
+
+    %{root: hd(parts), allowed: allowed}
+  end
+
+  defp expected_file_base(root_folder, module) do
+    {parent_namespace, module_name} = module |> Module.split() |> Enum.split(-1)
+
+    relative_path =
+      if parent_namespace == [],
+        do: "",
+        else: parent_namespace |> Module.concat() |> Macro.underscore()
+
+    file_name = module_name |> Module.concat() |> Macro.underscore()
+
+    Path.join([root_folder, relative_path, file_name])
+  end
+
+  defp error(issue_meta, module, expected_file) do
+    format_issue(issue_meta,
+      message:
+        "Mismatch between file name and main module #{inspect(module)}. " <>
+          "Expected file path to be #{expected_file}. " <>
+          "Either move the file or rename the module.",
+      line_no: 1
+    )
+  end
+end

lib/mix/tasks/pleroma/count_statuses.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Mix.Tasks.Pleroma.CountStatuses do
   @shortdoc "Re-counts statuses for all users"
 

lib/mix/tasks/pleroma/digest.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Mix.Tasks.Pleroma.Digest do
   use Mix.Task
   import Mix.Pleroma

lib/mix/tasks/pleroma/docs.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Mix.Tasks.Pleroma.Docs do
   use Mix.Task
   import Mix.Pleroma

lib/mix/tasks/pleroma/email.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Mix.Tasks.Pleroma.Email do
   use Mix.Task
   import Mix.Pleroma

lib/mix/tasks/pleroma/instance.ex

@@ -33,7 +33,10 @@ defmodule Mix.Tasks.Pleroma.Instance do
           uploads_dir: :string,
           static_dir: :string,
           listen_ip: :string,
-          listen_port: :string
+          listen_port: :string,
+          strip_uploads: :string,
+          anonymize_uploads: :string,
+          dedupe_uploads: :string
         ],
         aliases: [
           o: :output,
@@ -158,6 +161,30 @@ defmodule Mix.Tasks.Pleroma.Instance do
         )
         |> Path.expand()
 
+      strip_uploads =
+        get_option(
+          options,
+          :strip_uploads,
+          "Do you want to strip location (GPS) data from uploaded images? (y/n)",
+          "y"
+        ) === "y"
+
+      anonymize_uploads =
+        get_option(
+          options,
+          :anonymize_uploads,
+          "Do you want to anonymize the filenames of uploads? (y/n)",
+          "n"
+        ) === "y"
+
+      dedupe_uploads =
+        get_option(
+          options,
+          :dedupe_uploads,
+          "Do you want to deduplicate uploaded files? (y/n)",
+          "n"
+        ) === "y"
+
       Config.put([:instance, :static_dir], static_dir)
 
       secret = :crypto.strong_rand_bytes(64) |> Base.encode64() |> binary_part(0, 64)
@@ -188,7 +215,13 @@ defmodule Mix.Tasks.Pleroma.Instance do
           uploads_dir: uploads_dir,
           rum_enabled: rum_enabled,
           listen_ip: listen_ip,
-          listen_port: listen_port
+          listen_port: listen_port,
+          upload_filters:
+            upload_filters(%{
+              strip: strip_uploads,
+              anonymize: anonymize_uploads,
+              dedupe: dedupe_uploads
+            })
         )
 
       result_psql =
@@ -247,4 +280,31 @@ defmodule Mix.Tasks.Pleroma.Instance do
     File.write(robots_txt_path, robots_txt)
     shell_info("Writing #{robots_txt_path}.")
   end
+
+  defp upload_filters(filters) when is_map(filters) do
+    enabled_filters =
+      if filters.strip do
+        [Pleroma.Upload.Filter.ExifTool]
+      else
+        []
+      end
+
+    enabled_filters =
+      if filters.anonymize do
+        enabled_filters ++ [Pleroma.Upload.Filter.AnonymizeFilename]
+      else
+        enabled_filters
+      end
+
+    enabled_filters =
+      if filters.dedupe do
+        enabled_filters ++ [Pleroma.Upload.Filter.Dedupe]
+      else
+        enabled_filters
+      end
+
+    enabled_filters
+  end
+
+  defp upload_filters(_), do: []
 end

lib/mix/tasks/pleroma/notification_settings.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Mix.Tasks.Pleroma.NotificationSettings do
   @shortdoc "Enable&Disable privacy option for push notifications"
   @moduledoc """

lib/pleroma/application.ex

@@ -52,7 +52,7 @@ defmodule Pleroma.Application do
     Pleroma.HTML.compile_scrubbers()
     Pleroma.Config.Oban.warn()
     Config.DeprecationWarnings.warn()
-    Pleroma.Plugs.HTTPSecurityPlug.warn_if_disabled()
+    Pleroma.Web.Plugs.HTTPSecurityPlug.warn_if_disabled()
     Pleroma.ApplicationRequirements.verify!()
     setup_instrumenters()
     load_custom_modules()
@@ -88,7 +88,7 @@ defmodule Pleroma.Application do
         Pleroma.Repo,
         Config.TransferTask,
         Pleroma.Emoji,
-        Pleroma.Plugs.RateLimiter.Supervisor
+        Pleroma.Web.Plugs.RateLimiter.Supervisor
       ] ++
         cachex_children() ++
         http_children(adapter, @env) ++

lib/pleroma/bbs/authenticator.ex

@@ -4,8 +4,8 @@
 
 defmodule Pleroma.BBS.Authenticator do
   use Sshd.PasswordAuthenticator
-  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.AuthenticationPlug
 
   def authenticate(username, password) do
     username = to_string(username)

lib/pleroma/config/deprecation_warnings.ex

@@ -39,7 +39,8 @@ defmodule Pleroma.Config.DeprecationWarnings do
          :ok <- check_media_proxy_whitelist_config(),
          :ok <- check_welcome_message_config(),
          :ok <- check_gun_pool_options(),
-         :ok <- check_activity_expiration_config() do
+         :ok <- check_activity_expiration_config(),
+         :ok <- check_remote_ip_plug_name() do
       :ok
     else
       _ ->
@@ -176,4 +177,20 @@ defmodule Pleroma.Config.DeprecationWarnings do
       warning_preface
     )
   end
+
+  @spec check_remote_ip_plug_name() :: :ok | nil
+  def check_remote_ip_plug_name do
+    warning_preface = """
+    !!!DEPRECATION WARNING!!!
+    Your config is using old namespace for RemoteIp Plug. Setting should work for now, but you are advised to change to new namespace to prevent possible issues later:
+    """
+
+    move_namespace_and_warn(
+      [
+        {Pleroma.Plugs.RemoteIp, Pleroma.Web.Plugs.RemoteIp,
+         "\n* `config :pleroma, Pleroma.Plugs.RemoteIp` is now `config :pleroma, Pleroma.Web.Plugs.RemoteIp`"}
+      ],
+      warning_preface
+    )
+  end
 end

lib/pleroma/config/oban.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Config.Oban do
   require Logger
 

lib/pleroma/docs/generator.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Docs.Generator do
   @callback process(keyword()) :: {:ok, String.t()}
 

lib/pleroma/docs/json.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Docs.JSON do
   @behaviour Pleroma.Docs.Generator
   @external_resource "config/description.exs"

lib/pleroma/docs/markdown.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Docs.Markdown do
   @behaviour Pleroma.Docs.Generator
 

lib/pleroma/emails/admin_email.ex

@@ -88,7 +88,7 @@ defmodule Pleroma.Emails.AdminEmail do
     html_body = """
     <p>New account for review: <a href="#{user_url(account)}">@#{account.nickname}</a></p>
     <blockquote>#{HTML.strip_tags(account.registration_reason)}</blockquote>
-    <a href="#{Pleroma.Web.base_url()}/pleroma/admin">Visit AdminFE</a>
+    <a href="#{Pleroma.Web.base_url()}/pleroma/admin/#/users/#{account.id}/">Visit AdminFE</a>
     """
 
     new()

lib/pleroma/emoji/pack.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Emoji.Pack do
   @derive {Jason.Encoder, only: [:files, :pack, :files_count]}
   defstruct files: %{},

lib/pleroma/gun/connection_pool.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Gun.ConnectionPool do
   @registry __MODULE__
 

lib/pleroma/gun/connection_pool/reclaimer.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Gun.ConnectionPool.Reclaimer do
   use GenServer, restart: :temporary
 

lib/pleroma/gun/connection_pool/worker.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Gun.ConnectionPool.Worker do
   alias Pleroma.Gun
   use GenServer, restart: :temporary

lib/pleroma/gun/connection_pool/worker_supervisor.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Gun.ConnectionPool.WorkerSupervisor do
   @moduledoc "Supervisor for pool workers. Does not do anything except enforce max connection limit"
 

lib/pleroma/http/adapter_helper/default.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.HTTP.AdapterHelper.Default do
   alias Pleroma.HTTP.AdapterHelper
 

lib/pleroma/http/adapter_helper/hackney.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.HTTP.AdapterHelper.Hackney do
   @behaviour Pleroma.HTTP.AdapterHelper
 

lib/pleroma/jwt.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.JWT do
   use Joken.Config
 

lib/pleroma/moderation_log.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.ModerationLog do
   use Ecto.Schema
 

lib/pleroma/telemetry/logger.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Telemetry.Logger do
   @moduledoc "Transforms Pleroma telemetry events to logs"
 

lib/pleroma/tests/auth_test_controller.ex

@@ -8,9 +8,9 @@ defmodule Pleroma.Tests.AuthTestController do
 
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   # Serves only with proper OAuth token (:api and :authenticated_api)
   # Skipping EnsurePublicOrAuthenticatedPlug has no effect in this case

lib/pleroma/uploaders/uploader.ex

@@ -12,7 +12,7 @@ defmodule Pleroma.Uploaders.Uploader do
   @doc """
   Instructs how to get the file from the backend.
 
-  Used by `Pleroma.Plugs.UploadedMedia`.
+  Used by `Pleroma.Web.Plugs.UploadedMedia`.
   """
   @type get_method :: {:static_dir, directory :: String.t()} | {:url, url :: String.t()}
   @callback get_file(file :: String.t()) :: {:ok, get_method()}

lib/pleroma/web.ex

@@ -2,11 +2,6 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
-defmodule Pleroma.Web.Plug do
-  # Substitute for `call/2` which is defined with `use Pleroma.Web, :plug`
-  @callback perform(Plug.Conn.t(), Plug.opts()) :: Plug.Conn.t()
-end
-
 defmodule Pleroma.Web do
   @moduledoc """
   A module that keeps using definitions for controllers,
@@ -25,12 +20,12 @@ defmodule Pleroma.Web do
   below.
   """
 
-  alias Pleroma.Plugs.EnsureAuthenticatedPlug
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.ExpectAuthenticatedCheckPlug
-  alias Pleroma.Plugs.ExpectPublicOrAuthenticatedCheckPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
-  alias Pleroma.Plugs.PlugHelper
+  alias Pleroma.Web.Plugs.EnsureAuthenticatedPlug
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.ExpectAuthenticatedCheckPlug
+  alias Pleroma.Web.Plugs.ExpectPublicOrAuthenticatedCheckPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.PlugHelper
 
   def controller do
     quote do

lib/pleroma/web/activity_pub/activity_pub_controller.ex

@@ -9,7 +9,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
   alias Pleroma.Delivery
   alias Pleroma.Object
   alias Pleroma.Object.Fetcher
-  alias Pleroma.Plugs.EnsureAuthenticatedPlug
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.ActivityPub.Builder
@@ -23,8 +22,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
   alias Pleroma.Web.ActivityPub.Visibility
   alias Pleroma.Web.ControllerHelper
   alias Pleroma.Web.Endpoint
-  alias Pleroma.Web.FederatingPlug
   alias Pleroma.Web.Federator
+  alias Pleroma.Web.Plugs.EnsureAuthenticatedPlug
+  alias Pleroma.Web.Plugs.FederatingPlug
 
   require Logger
 
@@ -48,7 +48,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
   plug(Majic.Plug, [pool: Pleroma.MajicPool] when action in [:upload_media])
 
   plug(
-    Pleroma.Plugs.Cache,
+    Pleroma.Web.Plugs.Cache,
     [query_params: false, tracking_fun: &__MODULE__.track_object_fetch/2]
     when action in [:activity, :object]
   )

lib/pleroma/web/activity_pub/builder.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.ActivityPub.Builder do
   @moduledoc """
   This module builds the objects. Meant to be used for creating local objects.

lib/pleroma/web/activity_pub/side_effects.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.ActivityPub.SideEffects do
   @moduledoc """
   This module looks at an inserted object and executes the side effects that it

lib/pleroma/web/admin_api/controllers/admin_api_controller.ex

@@ -10,7 +10,6 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   alias Pleroma.Config
   alias Pleroma.MFA
   alias Pleroma.ModerationLog
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Stats
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
@@ -21,6 +20,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   alias Pleroma.Web.AdminAPI.ModerationLogView
   alias Pleroma.Web.AdminAPI.Search
   alias Pleroma.Web.Endpoint
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
   alias Pleroma.Web.Router
 
   @users_page_size 50

lib/pleroma/web/admin_api/controllers/chat_controller.ex

@@ -10,10 +10,10 @@ defmodule Pleroma.Web.AdminAPI.ChatController do
   alias Pleroma.Chat.MessageReference
   alias Pleroma.ModerationLog
   alias Pleroma.Pagination
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.AdminAPI
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.PleromaAPI.Chat.MessageReferenceView
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/admin_api/controllers/config_controller.ex

@@ -7,7 +7,7 @@ defmodule Pleroma.Web.AdminAPI.ConfigController do
 
   alias Pleroma.Config
   alias Pleroma.ConfigDB
-  alias Pleroma.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
   plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :update)

lib/pleroma/web/admin_api/controllers/instance_document_controller.ex

@@ -5,9 +5,9 @@
 defmodule Pleroma.Web.AdminAPI.InstanceDocumentController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.InstanceStatic
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.InstanceDocument
+  alias Pleroma.Web.Plugs.InstanceStatic
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
 

lib/pleroma/web/admin_api/controllers/invite_controller.ex

@@ -8,8 +8,8 @@ defmodule Pleroma.Web.AdminAPI.InviteController do
   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
 
   alias Pleroma.Config
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.UserInviteToken
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/admin_api/controllers/media_proxy_cache_controller.ex

@@ -5,9 +5,9 @@
 defmodule Pleroma.Web.AdminAPI.MediaProxyCacheController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.ApiSpec.Admin, as: Spec
   alias Pleroma.Web.MediaProxy
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
 

lib/pleroma/web/admin_api/controllers/o_auth_app_controller.ex

@@ -7,8 +7,8 @@ defmodule Pleroma.Web.AdminAPI.OAuthAppController do
 
   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.OAuth.App
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/admin_api/controllers/relay_controller.ex

@@ -6,8 +6,8 @@ defmodule Pleroma.Web.AdminAPI.RelayController do
   use Pleroma.Web, :controller
 
   alias Pleroma.ModerationLog
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.ActivityPub.Relay
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/admin_api/controllers/report_controller.ex

@@ -9,12 +9,12 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
 
   alias Pleroma.Activity
   alias Pleroma.ModerationLog
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.ReportNote
   alias Pleroma.Web.ActivityPub.Utils
   alias Pleroma.Web.AdminAPI
   alias Pleroma.Web.AdminAPI.Report
   alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/admin_api/controllers/status_controller.ex

@@ -7,10 +7,10 @@ defmodule Pleroma.Web.AdminAPI.StatusController do
 
   alias Pleroma.Activity
   alias Pleroma.ModerationLog
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.MastodonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   require Logger
 

lib/pleroma/web/auth/pleroma_authenticator.ex

@@ -3,10 +3,10 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.Auth.PleromaAuthenticator do
-  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.Registration
   alias Pleroma.Repo
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.AuthenticationPlug
 
   import Pleroma.Web.Auth.Authenticator,
     only: [fetch_credentials: 1, fetch_user: 1]

lib/pleroma/web/auth/totp_authenticator.ex

@@ -5,8 +5,8 @@
 defmodule Pleroma.Web.Auth.TOTPAuthenticator do
   alias Pleroma.MFA
   alias Pleroma.MFA.TOTP
-  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.AuthenticationPlug
 
   @doc "Verify code or check backup code."
   @spec verify(String.t(), User.t()) ::

lib/pleroma/web/common_api/utils.ex

@@ -12,12 +12,12 @@ defmodule Pleroma.Web.CommonAPI.Utils do
   alias Pleroma.Conversation.Participation
   alias Pleroma.Formatter
   alias Pleroma.Object
-  alias Pleroma.Plugs.AuthenticationPlug
   alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.Utils
   alias Pleroma.Web.ActivityPub.Visibility
   alias Pleroma.Web.MediaProxy
+  alias Pleroma.Web.Plugs.AuthenticationPlug
 
   require Logger
   require Pleroma.Constants

lib/pleroma/web/endpoint.ex

@@ -9,17 +9,17 @@ defmodule Pleroma.Web.Endpoint do
 
   socket("/socket", Pleroma.Web.UserSocket)
 
-  plug(Pleroma.Plugs.SetLocalePlug)
+  plug(Pleroma.Web.Plugs.SetLocalePlug)
   plug(CORSPlug)
-  plug(Pleroma.Plugs.HTTPSecurityPlug)
-  plug(Pleroma.Plugs.UploadedMedia)
+  plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
+  plug(Pleroma.Web.Plugs.UploadedMedia)
 
   @static_cache_control "public, no-cache"
 
   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
   # Cache-control headers are duplicated in case we turn off etags in the future
-  plug(Pleroma.Plugs.InstanceStatic,
+  plug(Pleroma.Web.Plugs.InstanceStatic,
     at: "/",
     gzip: true,
     cache_control_for_etags: @static_cache_control,
@@ -29,7 +29,7 @@ defmodule Pleroma.Web.Endpoint do
   )
 
   # Careful! No `only` restriction here, as we don't know what frontends contain.
-  plug(Pleroma.Plugs.FrontendStatic,
+  plug(Pleroma.Web.Plugs.FrontendStatic,
     at: "/",
     frontend_type: :primary,
     gzip: true,
@@ -41,7 +41,7 @@ defmodule Pleroma.Web.Endpoint do
 
   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
 
-  plug(Pleroma.Plugs.FrontendStatic,
+  plug(Pleroma.Web.Plugs.FrontendStatic,
     at: "/pleroma/admin",
     frontend_type: :admin,
     gzip: true,
@@ -79,7 +79,7 @@ defmodule Pleroma.Web.Endpoint do
     plug(Phoenix.CodeReloader)
   end
 
-  plug(Pleroma.Plugs.TrailingFormatPlug)
+  plug(Pleroma.Web.Plugs.TrailingFormatPlug)
   plug(Plug.RequestId)
   plug(Plug.Logger, log: :debug)
 
@@ -122,7 +122,7 @@ defmodule Pleroma.Web.Endpoint do
     extra: extra
   )
 
-  plug(Pleroma.Plugs.RemoteIp)
+  plug(Pleroma.Web.Plugs.RemoteIp)
 
   defmodule Instrumenter do
     use Prometheus.PhoenixInstrumenter

lib/pleroma/web/fallback/redirect_controller.ex

@@ -2,7 +2,7 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
-defmodule Fallback.RedirectController do
+defmodule Pleroma.Web.Fallback.RedirectController do
   use Pleroma.Web, :controller
 
   require Logger
@@ -75,7 +75,7 @@ defmodule Fallback.RedirectController do
   end
 
   defp index_file_path do
-    Pleroma.Plugs.InstanceStatic.file_path("index.html")
+    Pleroma.Web.Plugs.InstanceStatic.file_path("index.html")
   end
 
   defp build_tags(conn, params) do

lib/pleroma/web/feed/user_controller.ex

@@ -5,27 +5,26 @@
 defmodule Pleroma.Web.Feed.UserController do
   use Pleroma.Web, :controller
 
-  alias Fallback.RedirectController
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.ActivityPub.ActivityPubController
   alias Pleroma.Web.Feed.FeedView
 
-  plug(Pleroma.Plugs.SetFormatPlug when action in [:feed_redirect])
+  plug(Pleroma.Web.Plugs.SetFormatPlug when action in [:feed_redirect])
 
   action_fallback(:errors)
 
   def feed_redirect(%{assigns: %{format: "html"}} = conn, %{"nickname" => nickname}) do
     with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname_or_id(nickname)} do
-      RedirectController.redirector_with_meta(conn, %{user: user})
+      Pleroma.Web.Fallback.RedirectController.redirector_with_meta(conn, %{user: user})
     end
   end
 
   def feed_redirect(%{assigns: %{format: format}} = conn, _params)
       when format in ["json", "activity+json"] do
     with %{halted: false} = conn <-
-           Pleroma.Plugs.EnsureAuthenticatedPlug.call(conn,
-             unless_func: &Pleroma.Web.FederatingPlug.federating?/1
+           Pleroma.Web.Plugs.EnsureAuthenticatedPlug.call(conn,
+             unless_func: &Pleroma.Web.Plugs.FederatingPlug.federating?/1
            ) do
       ActivityPubController.call(conn, :user)
     end

lib/pleroma/web/mailer/subscription_controller.ex

@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.Mailer.SubscriptionController do
   use Pleroma.Web, :controller
 

lib/pleroma/web/masto_fe_controller.ex

@@ -5,9 +5,9 @@
 defmodule Pleroma.Web.MastoFEController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :put_settings)
 

lib/pleroma/web/mastodon_api/controllers/account_controller.ex

@@ -15,9 +15,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
     ]
 
   alias Pleroma.Maps
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
-  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.ActivityPub.Builder
@@ -29,6 +26,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
   alias Pleroma.Web.MastodonAPI.StatusView
   alias Pleroma.Web.OAuth.OAuthController
   alias Pleroma.Web.OAuth.OAuthView
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.RateLimiter
   alias Pleroma.Web.TwitterAPI.TwitterAPI
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)

lib/pleroma/web/mastodon_api/controllers/app_controller.ex

@@ -5,12 +5,12 @@
 defmodule Pleroma.Web.MastodonAPI.AppController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Repo
   alias Pleroma.Web.OAuth.App
   alias Pleroma.Web.OAuth.Scopes
   alias Pleroma.Web.OAuth.Token
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 

lib/pleroma/web/mastodon_api/controllers/auth_controller.ex

@@ -15,7 +15,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthController do
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
-  plug(Pleroma.Plugs.RateLimiter, [name: :password_reset] when action == :password_reset)
+  plug(Pleroma.Web.Plugs.RateLimiter, [name: :password_reset] when action == :password_reset)
 
   @local_mastodon_name "Mastodon-Local"
 

lib/pleroma/web/mastodon_api/controllers/conversation_controller.ex

@@ -8,8 +8,8 @@ defmodule Pleroma.Web.MastodonAPI.ConversationController do
   import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
 
   alias Pleroma.Conversation.Participation
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Repo
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 

lib/pleroma/web/mastodon_api/controllers/custom_emoji_controller.ex

@@ -9,7 +9,7 @@ defmodule Pleroma.Web.MastodonAPI.CustomEmojiController do
 
   plug(
     :skip_plug,
-    [Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
+    [Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
     when action == :index
   )
 

lib/pleroma/web/mastodon_api/controllers/domain_block_controller.ex

@@ -5,8 +5,8 @@
 defmodule Pleroma.Web.MastodonAPI.DomainBlockController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
   defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.DomainBlockOperation

lib/pleroma/web/mastodon_api/controllers/filter_controller.ex

@@ -6,7 +6,7 @@ defmodule Pleroma.Web.MastodonAPI.FilterController do
   use Pleroma.Web, :controller
 
   alias Pleroma.Filter
-  alias Pleroma.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   @oauth_read_actions [:show, :index]
 

lib/pleroma/web/mastodon_api/controllers/follow_request_controller.ex

@@ -5,9 +5,9 @@
 defmodule Pleroma.Web.MastodonAPI.FollowRequestController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
   alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
   plug(Pleroma.Web.ApiSpec.CastAndValidate)

lib/pleroma/web/mastodon_api/controllers/instance_controller.ex

@@ -9,7 +9,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceController do
 
   plug(
     :skip_plug,
-    [Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
+    [Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
     when action in [:show, :peers]
   )
 

lib/pleroma/web/mastodon_api/controllers/list_controller.ex

@@ -5,9 +5,9 @@
 defmodule Pleroma.Web.MastodonAPI.ListController do
   use Pleroma.Web, :controller
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
   alias Pleroma.Web.MastodonAPI.AccountView
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   @oauth_read_actions [:index, :show, :list_accounts]
 

lib/pleroma/web/mastodon_api/controllers/marker_controller.ex

@@ -4,7 +4,7 @@
 
 defmodule Pleroma.Web.MastodonAPI.MarkerController do
   use Pleroma.Web, :controller
-  alias Pleroma.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
 

lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex

@@ -17,7 +17,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
 
   plug(
     :skip_plug,
-    [Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
+    [Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
     when action in [:empty_array, :empty_object]
   )
 

lib/pleroma/web/mastodon_api/controllers/media_controller.ex

@@ -6,9 +6,9 @@ defmodule Pleroma.Web.MastodonAPI.MediaController do
   use Pleroma.Web, :controller
 
   alias Pleroma.Object
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
   plug(Majic.Plug, [pool: Pleroma.MajicPool] when action in [:create, :create2])

lib/pleroma/web/mastodon_api/controllers/notification_controller.ex

@@ -8,8 +8,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationController do
   import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
 
   alias Pleroma.Notification
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.MastodonAPI.MastodonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   @oauth_read_actions [:show, :index]
 

lib/pleroma/web/mastodon_api/controllers/poll_controller.ex

@@ -9,9 +9,9 @@ defmodule Pleroma.Web.MastodonAPI.PollController do
 
   alias Pleroma.Activity
   alias Pleroma.Object
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Web.ActivityPub.Visibility
   alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 

lib/pleroma/web/mastodon_api/controllers/report_controller.ex

@@ -3,14 +3,12 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MastodonAPI.ReportController do
-  alias Pleroma.Plugs.OAuthScopesPlug
-
   use Pleroma.Web, :controller
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
-  plug(OAuthScopesPlug, %{scopes: ["write:reports"]} when action == :create)
+  plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["write:reports"]} when action == :create)
 
   defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.ReportOperation
 

lib/pleroma/web/mastodon_api/controllers/scheduled_activity_controller.ex

@@ -7,9 +7,9 @@ defmodule Pleroma.Web.MastodonAPI.ScheduledActivityController do
 
   import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
 
-  alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.ScheduledActivity
   alias Pleroma.Web.MastodonAPI.MastodonAPI
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
 
   @oauth_read_actions [:show, :index]
 

lib/pleroma/web/mastodon_api/controllers/search_controller.ex

@@ -6,14 +6,14 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
   use Pleroma.Web, :controller
 
   alias Pleroma.Activity
-  alias Pleroma.Plugs.OAuthScopesPlug
-  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web
   alias Pleroma.Web.ControllerHelper
   alias Pleroma.Web.MastodonAPI.AccountView
   alias Pleroma.Web.MastodonAPI.StatusView
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.RateLimiter
 
   require Logger
 

lib/pleroma/web/mastodon_api/controllers/status_controller.ex

@@ -13,8 +13,6 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
   alias Pleroma.Activity
   alias Pleroma.Bookmark
   alias Pleroma.Object
-  alias Pleroma.Plugs.OAuthScopesPlug
-  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.Repo
   alias Pleroma.ScheduledActivity
   alias Pleroma.User
@@ -23,9 +21,15 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.MastodonAPI.AccountView
   alias Pleroma.Web.MastodonAPI.ScheduledActivityView
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.RateLimiter
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
-  plug(:skip_plug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show])
+
+  plug(
+    :skip_plug,
+    Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show]
+  )
 
   @unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
 

lib/pleroma/web/mastodon_api/controllers/subscription_controller.ex

@@ -13,7 +13,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionController do
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
   plug(:restrict_push_enabled)
-  plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
+  plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
 
   defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.SubscriptionOperation
 

lib/pleroma/web/mastodon_api/controllers/suggestion_controller.ex

@@ -8,7 +8,7 @@ defmodule Pleroma.Web.MastodonAPI.SuggestionController do
   require Logger
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
-  plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["read"]} when action == :index)
+  plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["read"]} when action == :index)
 
   def open_api_operation(action) do
     operation = String.to_existing_atom("#{action}_operation")

lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex

@@ -10,11 +10,11 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
 
   alias Pleroma.Config
   alias Pleroma.Pagination
-  alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
-  alias Pleroma.Plugs.OAuthScopesPlug
-  alias Pleroma.Plugs.RateLimiter
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
+  alias Pleroma.Web.Plugs.OAuthScopesPlug
+  alias Pleroma.Web.Plugs.RateLimiter
 
   plug(Pleroma.Web.ApiSpec.CastAndValidate)
   plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action in [:public, :hashtag])