Commit graph

76 commits

Author SHA1 Message Date
502382da45 cherry-pick security from upstream
Some checks failed
ci/woodpecker/push/release Pipeline was successful
ci/woodpecker/push/lint Pipeline failed
ci/woodpecker/push/test unknown status
2022-06-22 16:25:05 +01:00
0d012ebea1 Revert "Merge branch 'remove/mastofe' into 'develop'"
This reverts commit 6b3842cf50, reversing
changes made to 6b1282a829.
2022-01-08 21:44:37 +00:00
Alex Gleason
479fc5fff8
EnsureStaffPrivilegedPlug: add tests 2021-12-27 10:39:59 -06:00
Alex Gleason
db2bf55e9b
Merge remote-tracking branch 'origin/develop' into notice-routes 2021-12-25 19:57:53 -06:00
Alex Gleason
9c1cb87eff Merge branch 'erratic-tests' into 'develop'
Skip erratic tests

See merge request pleroma/pleroma!3572
2021-12-22 04:14:31 +00:00
Alex Gleason
2ce7dae6de
Skip erratic tests 2021-12-21 22:04:15 -06:00
Alex Gleason
b0d2b53934 Merge branch 'manifest' into 'develop'
Expose /manifest.json for PWA

Closes #882

See merge request pleroma/pleroma!3544
2021-12-19 18:18:59 +00:00
Alex Gleason
e4f9cb1c1b
Merge remote-tracking branch 'origin/develop' into manifest 2021-12-19 11:33:10 -06:00
Alex Gleason
e1b89fe3aa
Merge remote-tracking branch 'origin/develop' into live-dashboard 2021-12-15 19:05:36 -05:00
Alex Gleason
29d80b39f2
Add Phoenix LiveDashboard
Co-authored-by: Egor Kislitsyn <egor@kislitsyn.com>
2021-12-15 19:05:27 -05:00
Alex Gleason
ba2ed3c255
Fix frontend_status_plug_test.exs 2021-12-03 07:56:26 -06:00
Alex Gleason
720198d569
Merge remote-tracking branch 'pleroma/develop' into manifest 2021-11-24 17:58:58 -06:00
Alex Gleason
cb9359335f
Expose /manifest.json for PWA 2021-11-24 17:50:55 -06:00
Sean King
1841bd8383 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remove/mastofe 2021-08-06 08:08:20 -06:00
Alex Gleason
44ede0657f
Merge remote-tracking branch 'pleroma/develop' into staff-plug 2021-08-04 11:48:57 -05:00
Alex Gleason
9bc1e79c56
Moderators: add UserIsStaffPlug 2021-07-12 21:57:52 -05:00
Sean King
dc4814f0cd
Fix merge conflicts with upstream 2021-06-04 14:42:44 -06:00
Alex Gleason
c23b81e399
Pleroma.Web.get_api_routes/0 --> Pleroma.Web.Router.get_api_routes/0
Reduce recompilation time by breaking compile-time cycles
2021-05-28 13:51:01 -05:00
Alex Gleason
50e3750758
Add notice compatibility routes for other frontends
Fixes: https://git.pleroma.social/pleroma/pleroma/-/issues/1785
2021-05-05 14:50:10 -05:00
Sean King
8afa3f2d1b
Remove no longer necessary unit tests for MastoFE 2021-04-15 23:12:42 -06:00
902d4e4a4a Leave a note for future explorers 2021-02-25 13:06:43 -06:00
2da71a526f No need to filter out Mix.env() from the API routes. 2021-02-25 13:04:08 -06:00
6b87dfad5d Filter out MIX_ENV from route list and add a test 2021-02-25 09:23:10 -06:00
rinpatch
6d66fadea7 Remove :auth, :enforce_oauth_admin_scope_usage
`admin` scope has been required by default for more than a year now
and all apps that use the API seems to request a proper scope by now.
2021-02-17 20:47:38 +03:00
Egor Kislitsyn
bddb01bded
Add tests 2021-01-27 18:20:07 +04:00
lain
7f07871639 Merge branch 'chore/tests-use-clear_config' into 'develop'
Convert tests to all use clear_config instead of Pleroma.Config.put

See merge request pleroma/pleroma!3282
2021-01-27 11:33:27 +00:00
d7af0294e6 Merge branch 'service-worker-allowed-header' into 'develop'
Ability to set custom HTTP headers per each frontend

See merge request pleroma/pleroma!3247
2021-01-26 18:14:01 +00:00
e854c35e65 Convert tests to all use clear_config instead of Pleroma.Config.put 2021-01-26 11:58:43 -06:00
eugenijm
7fcaa188a0 Allow to define custom HTTP headers per each frontend 2021-01-21 21:55:23 +03:00
eugenijm
133644dfa2 Ability to set the Service-Worker-Allowed header 2021-01-21 21:55:11 +03:00
28581e03ad Merge branch 'develop' into refactor/deactivated_user_field 2021-01-18 14:58:21 -06:00
Mark Felder
d36182c088 Change user.confirmation_pending field to user.is_confirmed 2021-01-15 12:44:41 -06:00
Mark Felder
860b5c7804 Change user.deactivated field to user.is_active 2021-01-15 11:24:46 -06:00
Lain Soykaf
39f3683a06 Pbkdf2: Use it everywhere. 2021-01-14 15:06:16 +01:00
lain
9106048c61 Password: Replace Pbkdf2 with Password. 2021-01-13 15:11:11 +01:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
lain
9d5ce82221 Test: More async/sync tweaks. 2020-12-21 15:05:56 +01:00
lain
9ba60f70d2 Tests: Make as many tests as possible async.
In general, tests that match these criteria can be made async:

- Doesn't use real Cachex.
- Doesn't write to the Config / Application Environment.
- Uses Mock. Using Mox is fine.
- Uses the streamer.
2020-12-21 12:21:40 +01:00
lain
95a9bdfc37 Tests: Use NullCache for async tests.
Caching can't work in async tests, so for them it is mocked to a
null cache that is always empty. Synchronous tests are stubbed
with the real Cachex, which is emptied after every test.
2020-12-18 19:53:19 +01:00
lain
b4b68b71fc Tests: Remove unneeded explicit cachex use.
Only use cachex when we're actually testing it.
2020-12-18 13:18:17 +01:00
Ivan Tashkinov
e9859b68fc [#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 13:59:10 +03:00
Ivan Tashkinov
50e47a215f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-28 21:51:27 +03:00
Alexander Strizhakov
6aadb1cb40
digest algorithm is taken from header 2020-11-27 08:10:52 +03:00
Ivan Tashkinov
12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Ivan Tashkinov
ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Ivan Tashkinov
04f6b48ac1 Auth subsystem refactoring and tweaks.
Added proper OAuth skipping for SessionAuthenticationPlug. Integrated LegacyAuthenticationPlug into AuthenticationPlug. Adjusted tests & docs.
2020-10-31 13:38:35 +03:00
Egor Kislitsyn
1a98476f48 Remove unused aliases 2020-10-30 18:42:43 +04:00
Maksim Pechnikov
d28f72a55a FrontStatic plug: excluded invalid url 2020-10-27 22:59:27 +03:00
Mark Felder
40f3cdc030 JPEG content_type must be image/jpeg 2020-10-13 10:37:24 -05:00
Alexander Strizhakov
c4c5caedd8
changes after rebase 2020-10-13 16:44:02 +03:00