Commit graph

8242 commits

Author SHA1 Message Date
Tusooa Zhu
b613a9ec6b
Implement mastodon api for editing status 2022-05-31 14:32:28 -04:00
Pierre-Louis Bonicoli
a158774364
hackney adapter helper & reverse proxy client: enable TLSv1.3
The list of TLS versions was added by
8bd2b6eb13 when hackney version was
pinned to 1.15.2. Later hackney version was upgraded
(166455c884) but the list of TLS
versions wasn't removed. From the hackney point of view, this list has
been replaced by the OTP defaults since 0.16.0
(734694ea4e24f267864c459a2f050e943adc6694).

It looks like the same issue already occurred before:
0cb7b0ea84.

A way to test this issue (where example.com is an ActivityPub site
which uses TLSv1.3 only):

   $ PLEROMA_CONFIG_PATH=/path/to/config.exs pleroma start_iex
   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Interactive Elixir (1.10.4) - press Ctrl+C to exit (type h() ENTER for help)
   iex(pleroma@127.0.0.1)2> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
    {:tls_alert,
     {:protocol_version,
      'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}

With this patch, the output is the expected one:

   iex(pleroma@127.0.0.1)3> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
   {:ok,
    %{
      "@context" => [
        "https://www.w3.org/ns/activitystreams",
        "https://w3id.org/security/v1",
        %{
          "Emoji" => "toot:Emoji",
          "Hashtag" => "as:Hashtag",
          "atomUri" => "ostatus:atomUri",
          "conversation" => "ostatus:conversation",
          "featured" => "toot:featured",
          "focalPoint" => %{"@container" => "@list", "@id" => "toot:focalPoint"},
          "inReplyToAtomUri" => "ostatus:inReplyToAtomUri",
          "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
          "movedTo" => "as:movedTo",
          "ostatus" => "http://ostatus.org#",
          "sensitive" => "as:sensitive",
          "toot" => "http://joinmastodon.org/ns#"
        }
      ],
      "endpoints" => %{"sharedInbox" => "https://example.com/inbox"},
      "followers" => "https://example.com/@/Nick/followers",
      "following" => nil,
      "icon" => %{
        "type" => "Image",
        "url" => "https://example.com/static/media/[...].png"
      },
      "id" => "https://example.com/@/Nick/",
      "inbox" => "https://example.com/@/Nick/inbox",
      "liked" => nil,
      "name" => "Nick",
      "outbox" => "https://example.com/@/Nick/outbox",
      "preferredUsername" => "Nick",
      "publicKey" => %{
        "id" => "https://example.com/@/Nick/#main-key",
        "owner" => "https://example.com/@/Nick/",
        "publicKeyPem" => "[...]
      },
      "summary" => "",
      "type" => "Person",
      "url" => "https://example.com/@/Nick/"
    }}

A way to test the reverse proxy bits of this issue (where example.com allows TLSv1.3 only):

    iex(pleroma@127.0.0.1)1> Pleroma.ReverseProxy.Client.Hackney.request("GET", "https://example.com", [], [])
    {:error,
     {:tls_alert,
      {:protocol_version,
       'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}
2022-05-31 00:51:45 +02:00
Tusooa Zhu
393b508846
Implement viewing source 2022-05-30 00:59:23 -04:00
Tusooa Zhu
c004eb0fa2
Implement mastodon api for showing edit history 2022-05-29 23:50:31 -04:00
Tusooa Zhu
8acfe95f3e
Allow updating polls 2022-05-29 22:16:03 -04:00
Tusooa Zhu
5e8aac0e07
Record edit history for Note and Question Updates 2022-05-29 13:54:16 -04:00
Tusooa Zhu
0f6a5eb9a2
Handle Note and Question Updates 2022-05-29 12:54:57 -04:00
Tusooa Zhu
547def67a7
Allow Updates by every actor on the same origin 2022-05-29 11:36:00 -04:00
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Haelwenn
4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja
a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu
57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu
e2d24eda57 Allow to skip cache in Cache plug
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu
be08d9305b
Fix incorrect fallback when English is set to first language 2022-04-17 22:39:52 -04:00
Tusooa Zhu
7d1dae3bef
Restrict mastodon api announcements to logged-in users only 2022-04-02 02:25:13 -04:00
Haelwenn
d7c53da77a Merge branch 'from/upstream-develop/tusooa/translate-pages' into 'develop'
Translate backend-rendered pages

See merge request pleroma/pleroma!3634
2022-03-20 18:14:37 +00:00
Haelwenn
b76340511d Merge branch 'delete_report_notifs_when_demoting_from_superuser' into 'develop'
Delete report notifs when demoting from superuser

Closes #2840

See merge request pleroma/pleroma!3642
2022-03-20 18:13:19 +00:00
Tusooa Zhu
0c78ab4a88
Use utc_datetime in db schema 2022-03-18 11:17:22 -04:00
Haelwenn (lanodan) Monnier
83338c25a5 Transmogrifier: Use validating regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier
030183b35f AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier
4ea9886faa EctoType: Add MIME validator 2022-03-17 22:37:26 +01:00
Tusooa Zhu
ebcda5265b
Format announcements into html 2022-03-08 23:00:51 -05:00
Tusooa Zhu
eb1a29640f
Add pagination to AdminAPI.AnnouncementController.index 2022-03-08 21:26:05 -05:00
Tusooa Zhu
11a1996bf5
Implement update announcement admin api 2022-03-08 20:55:41 -05:00
Tusooa Zhu
881179ec72
Remove GET /api/v1/announcements/:id 2022-03-08 19:22:28 -05:00
Tusooa Zhu
d569694ae9
Show only visible announcements in MastodonAPI 2022-03-08 19:20:29 -05:00
Tusooa Zhu
cf8334dbc1
Add starts_at, ends_at and all_day parameters 2022-03-08 19:12:01 -05:00
Tusooa Zhu
fcf3c9057e
Implement visibility filtering for announcements 2022-03-08 18:21:20 -05:00
Tusooa Zhu
009817c9ee
Correct docstring for AnnouncementController.show 2022-03-08 17:00:49 -05:00
Tusooa Zhu
2b39b36e49
Implement POST /api/v1/announcements/:id/dismiss 2022-03-08 16:59:20 -05:00
Tusooa Zhu
aa1fff279e
Implement GET /api/v1/announcements/:id 2022-03-08 16:19:35 -05:00
Tusooa Zhu
5169ad8f14
Implement announcement read relationships 2022-03-08 13:09:49 -05:00
Tusooa Zhu
c867d23250
Fill properties of announcements from Mastodon API spec 2022-03-08 09:35:35 -05:00
Tusooa Zhu
d7af67012f
Implement first pass of announcement admin api
CCBUG: https://git.pleroma.social/pleroma/pleroma/-/issues/2836
CCBUG: https://git.pleroma.social/pleroma/pleroma/-/issues/1470
2022-03-08 01:01:27 -05:00
Ilja
cdc5bbe836 After code review
Use patern matching to see if someone was superuser before
2022-03-07 14:00:42 +01:00
Tusooa Zhu
79ccb6b999
Support fallbacking to other languages 2022-03-06 11:43:31 -05:00
Ilja
89667189b8 Delete report notifs when demoting from superuser
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-03-06 17:36:30 +01:00
Tusooa Zhu
cd42e2bed0
Lint 2022-03-03 09:49:55 -05:00
Tusooa Zhu
aca11fb70e
Support multiple locales from userLanguage cookie 2022-03-03 02:31:36 -05:00
Tusooa Zhu
7ea330b4fe
Support multiple locales formally
elixir gettext current does not fully support fallback to another language [0].
But it might in the future. We adapt it so that all languages in Accept-Language
headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated
list.

[0]: https://github.com/elixir-gettext/gettext/issues/303
2022-03-03 02:03:44 -05:00
Tusooa Zhu
d3f3f30c6a
Make lint happy 2022-03-02 22:56:19 -05:00
Tusooa Zhu
8de573b047
Fallback to a variant if the language in general is not supported
For an example, here, zh is not supported, but zh_Hans and zh_Hant
are. If the user asks for zh, we should choose a variant for them
instead of fallbacking to default.

Some browsers (e.g. Firefox) does not allow users to customize
their language codes. For example, there is no zh-Hans, but only
zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for
those users suffering from bad design decisions.
2022-03-02 19:59:11 -05:00
Tusooa Zhu
e644f8dea5
Allow user to register with custom language 2022-03-02 01:41:13 -05:00
Tusooa Zhu
396f036b13
Allow update_credentials to update User.language 2022-03-02 00:58:02 -05:00
Tusooa Zhu
0149ea4538
Send emails i18n'd using backend-stored user language 2022-03-01 22:19:13 -05:00
Tusooa Zhu
af82f09ce3
Make all emails translatable 2022-03-01 20:45:59 -05:00
Tusooa Zhu
1deab33fb0
Make mail and mailer translatable 2022-03-01 19:17:11 -05:00
Tusooa Zhu
32e4aa42d3
Make static fe translatable 2022-03-01 18:48:08 -05:00
Tusooa Zhu
fdbf9b06e5
Fix tests 2022-02-28 11:23:15 -05:00
Tusooa Zhu
cadca083ea
Make mfa pages translatable 2022-02-28 11:07:28 -05:00
Tusooa Zhu
50a316cd63
Make oauth pages translatable 2022-02-28 02:11:57 -05:00
Tusooa Zhu
f63d9b7835
Use proper lang attributes in htmls 2022-02-28 01:28:23 -05:00
Tusooa Zhu
0cc6557716
Make tag feed translatable 2022-02-28 01:13:39 -05:00
Tusooa Zhu
1edbda39e1
Make password reset pages translatable 2022-02-28 01:04:04 -05:00
HJ
ee05abe052 Merge branch 'revert/notice-routes' into 'develop'
Revert notice compatibility routes merge request

See merge request pleroma/pleroma!3576
2022-02-26 16:24:49 +00:00
Sean King
17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Tusooa Zhu
9f4c5743e8
Make lint happy 2022-02-21 19:12:32 -05:00
Tusooa Zhu
a867107437
Make remote follow pages translatable 2022-02-21 18:43:45 -05:00
Tusooa Zhu
0fd3695b9c
Prefer userLanguage cookie over Accept-Language header in detecting locale
https://git.pleroma.social/pleroma/pleroma-meta/-/issues/60
2022-02-21 18:02:19 -05:00
061cb749cd
Add unicode 14 support
and add a test with a unicode 14 emoji
2022-02-21 12:28:33 -06:00
marcin mikołajczak
e473bcf7a0 Max media attachment count
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-06 17:41:15 +01:00
marcin mikołajczak
f8f2a17754 Birthdays: Fix outgoing federation of birth dates
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-01 12:00:26 +01:00
Alex Gleason
3bf257171f
ForceMentionsInContent: improve display of Markdown posts 2022-01-27 14:15:06 -06:00
Alex Gleason
27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts 2022-01-26 21:24:26 -06:00
bot
a4de79ced0 ForceBotUnlistedPolicy: fix to stop unlisting my posts >:( 2022-01-26 22:53:02 +00:00
Alex Gleason
0604b0dd09
ForceMentionsInContent: don't mention self 2022-01-25 12:33:47 -06:00
Alex Gleason
0f4e0e667e Merge branch 'recipients-inline' into 'develop'
ForceMentionsInContent: wrap mentions in a span, fix the formatting

See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
Alex Gleason
99e9c2c668 Merge branch 'birth-dates' into 'develop'
Fix show_birthday

See merge request pleroma/pleroma!3621
2022-01-25 16:59:07 +00:00
Alex Gleason
65b4d2ce84
ForceMentionsInContent: fix order of mentions 2022-01-25 10:42:34 -06:00
marcin mikołajczak
ab12a05a43 AccountView: Add test for show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-25 17:34:36 +01:00
marcin mikołajczak
c1ae35ff2c Fix show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-25 17:04:41 +01:00
Alex Gleason
dd7977bb68 Merge branch 'birth-dates' into 'develop'
Birth dates

See merge request pleroma/pleroma!3608
2022-01-25 15:35:47 +00:00
Alex Gleason
267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format 2022-01-24 20:03:43 -06:00
Alex Gleason
c5a20c80c4
ForceMentionsInContent: simplify finding users 2022-01-24 19:44:44 -06:00
Alex Gleason
d5644a52aa
ForceMentionsInContent: wrap inline mentions with span tag 2022-01-24 19:11:45 -06:00
Alex Gleason
1bbc701a3a
ForceMentionsInContent: use to instead of tag 2022-01-24 19:11:14 -06:00
Alex Gleason
53de3a9d44 Revert "Merge branch 'log-slow-queries' into 'develop'"
This reverts merge request !3553
2022-01-24 18:54:43 +00:00
marcin mikołajczak
1dba3bc4dc Preserve order of mentioned users
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 12:29:01 +01:00
marcin mikołajczak
0266bc3c96 Birthdays: hide_birthday -> show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 09:13:33 +01:00
Alex Gleason
aaa9314f4c
Merge remote-tracking branch 'origin/develop' into birth-dates 2022-01-22 14:24:50 -06:00
Alex Gleason
66e8c6f90f
Birthdays: birth_date --> birthday 2022-01-22 13:21:55 -06:00
Finn Behrens
8328289619 Add autocompelete values suggested by Apple
Link: https://developer.apple.com/documentation/security/password_autofill/enabling_password_autofill_on_an_html_input_element
2022-01-22 10:00:43 +01:00
Alex Gleason
6ffe43af70 Merge branch 'private-pins' into 'develop'
Support private pinned posts from Mastodon

See merge request pleroma/pleroma!3611
2022-01-20 23:18:24 +00:00
marcin mikołajczak
88c21b9282 Support private pinned posts from Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-20 12:35:32 +01:00
marcin mikołajczak
74cf0f0355 Update changelog
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-19 23:52:46 +01:00
rinpatch
a02cfd7f52 Add ForceMentionsInContentPolicy
Even though latest PleromaFE supports displaying these properly, mobile
apps still exist, so I think we should offer a workaround to those who
want it.
2022-01-19 21:04:57 +03:00
marcin mikołajczak
c180f9276f check if remote bday is valid
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-19 17:19:28 +01:00
marcin mikołajczak
dfb2808535 Birth dates: Add tests
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-18 23:15:31 +01:00
marcin mikołajczak
397f67fef8 Format code, expose instance configuration related to birth dates
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-18 18:18:38 +01:00
marcin mikołajczak
b108b05650 Birth dates, birthday reminders API, allow instance admins to require minimum age
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-18 14:57:48 +01:00
6284353025 Add blockers_visible to features list when it's enabled 2022-01-14 23:08:33 +00:00
marcin mikołajczak
eedf551eed Add more tests
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-12 22:41:34 +01:00
marcin mikołajczak
0f90fd5805 WIP account endorsements
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-12 18:15:10 +01:00
marcin mikołajczak
4f249b2397 Merge remote-tracking branch 'origin/develop' into account-endorsements 2022-01-10 20:04:14 +01:00
Sean King
ffeae7ef2c
Fix merge conflict in CHANGELOG.md 2021-12-29 18:08:50 -07:00
marcin mikołajczak
1657db656c AccountController.lookup: skip auth
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-12-28 20:02:59 +01:00
marcin mikołajczak
0dd1caa841 AccountController.lookup: skip visibility check
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-12-28 18:24:48 +01:00
marcin mikołajczak
9032d065e6 wip
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-12-28 18:07:19 +01:00
marcin mikołajczak
746c9daa62 Merge remote-tracking branch 'pleroma/develop' into mastodon-lookup
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-12-28 16:27:27 +01:00
marcin mikołajczak
f734579965 MastoAPI: Add GET /api/v1/accounts/lookup
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-12-28 16:11:17 +01:00