Commit graph

785 commits

Author SHA1 Message Date
Ilja
bb61cfee8d Validator for deleting statusses is now done with priviledge instead of superuser 2022-06-21 12:10:27 +02:00
Ilja
7cf473c500 delete statusses is now privileged by :status_delete
Instead of superusers, you now need a role with privilige :status_delete to delete other users statusses
I also cleaned up some other stuff I saw
2022-06-21 12:10:27 +02:00
Ilja
7adfc2e0f4 Add Pleroma.User.privileged?/2
This should eventually replace Pleroma.User.superuser?/1
2022-06-21 12:10:27 +02:00
Ilja
9da81f41c6 Fix warning during test user_test.exs
Fixed the warning
    [warning] Please change `clear_config([section], key: value)` to `clear_config([section, key], value)`
2022-06-21 12:10:27 +02:00
Ilja
c842e62675 Add last priviliges
I still had three endpoints I didn't really know what to do with them. I added them under separate tags
* :instance_delete
* :moderation_log_read
* :stats_read

I also checked and these are the last changes done by MR https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3480/diffs this is trying to fix
2022-06-21 12:10:27 +02:00
Ilja
ecd42a2ce1 Add privilige :emoji_management 2022-06-21 12:10:27 +02:00
Ilja
0ee8f33250 Add privilige :status_delete
It also allows to update a message, so it's not just deleting. I need a better name...
2022-06-21 12:10:27 +02:00
Ilja
34a98990db last off :statuses_read
From the endpoints left to do, I believe these should be under :statuses_read.
These should be the last for that privilege for this MR
2022-06-21 12:10:27 +02:00
Ilja
4cb0dbb5dc Mark relevant tests synchronous
One of the things we do during the tests is change the config. But that's global state and different tests were interfering.
E.g. one test would set `clear_config([:instance, :admin_privileges], [:statuses_read])`, but while that runs, another test may
do `clear_config([:instance, :admin_privileges], [:user_invite])`. Now the code for the first test checks the setting, and it
finds `:user_invite` instead of `:statuses_read`.

Now the modules where this happens are marked to run synchronously, so they don't interfere with each other.
2022-06-21 12:10:27 +02:00
Ilja
cbb26262a5 Add privileges for :user_read 2022-06-21 12:10:27 +02:00
Ilja
3f26f1b30f Add privileges for :report_handle 2022-06-21 12:10:27 +02:00
Ilja
14e697a64f Add privileges for :user_invite 2022-06-21 12:10:27 +02:00
Ilja
e102d25d23 Add privileges for :user_activation 2022-06-21 12:10:27 +02:00
Ilja
cb60cc4e02 Add privileges for :user_tag 2022-06-21 12:10:27 +02:00
Ilja
5a65e2dac5 Remove privileged_staff
Everything that was done through this setting, can now be set by giving the proper privileges to the roles.
2022-06-21 12:10:27 +02:00
Ilja
b1ff5241c2 Add priviledges for :statuses_read
This was the last in :require_privileged_staff. I'll remove that in the next commit
2022-06-21 12:10:27 +02:00
Ilja
8a9144ca8b Add priviledges for :user_credentials
I only moved the ones from the :require_privileged_staff block for now
2022-06-21 12:10:27 +02:00
Ilja
9f6c364759 Add privilege :user_deletion 2022-06-21 12:10:27 +02:00
Ilja
5b19543f0a Add new setting and Plug to allow for privilege settings for staff 2022-06-21 12:10:26 +02:00
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Haelwenn
4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja
a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu
57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu
e2d24eda57 Allow to skip cache in Cache plug
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu
be08d9305b
Fix incorrect fallback when English is set to first language 2022-04-17 22:39:52 -04:00
Ilja
5f37db330f Fix eratic test for POST /api/pleroma/admin/reports/:id/notes
It retrieved two ReportNotes and then checked one of them. But the order isn't guaranteed, while the test tested on the content of the first ReportNote.

I made the test on the content more generic
2022-04-05 13:21:09 +02:00
Haelwenn
d7c53da77a Merge branch 'from/upstream-develop/tusooa/translate-pages' into 'develop'
Translate backend-rendered pages

See merge request pleroma/pleroma!3634
2022-03-20 18:14:37 +00:00
Haelwenn
b76340511d Merge branch 'delete_report_notifs_when_demoting_from_superuser' into 'develop'
Delete report notifs when demoting from superuser

Closes #2840

See merge request pleroma/pleroma!3642
2022-03-20 18:13:19 +00:00
Haelwenn
4458db3201 Merge branch 'fix_test_get_user_apps' into 'develop'
Fix test get_user_apps/1

See merge request pleroma/pleroma!3636
2022-03-06 18:40:49 +00:00
Tusooa Zhu
79ccb6b999
Support fallbacking to other languages 2022-03-06 11:43:31 -05:00
Ilja
89667189b8 Delete report notifs when demoting from superuser
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-03-06 17:36:30 +01:00
Tusooa Zhu
cd42e2bed0
Lint 2022-03-03 09:49:55 -05:00
Tusooa Zhu
aca11fb70e
Support multiple locales from userLanguage cookie 2022-03-03 02:31:36 -05:00
Tusooa Zhu
7ea330b4fe
Support multiple locales formally
elixir gettext current does not fully support fallback to another language [0].
But it might in the future. We adapt it so that all languages in Accept-Language
headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated
list.

[0]: https://github.com/elixir-gettext/gettext/issues/303
2022-03-03 02:03:44 -05:00
Tusooa Zhu
bc59da96c5
Add test for fallbacking to a general language 2022-03-02 20:04:30 -05:00
Tusooa Zhu
8de573b047
Fallback to a variant if the language in general is not supported
For an example, here, zh is not supported, but zh_Hans and zh_Hant
are. If the user asks for zh, we should choose a variant for them
instead of fallbacking to default.

Some browsers (e.g. Firefox) does not allow users to customize
their language codes. For example, there is no zh-Hans, but only
zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for
those users suffering from bad design decisions.
2022-03-02 19:59:11 -05:00
Tusooa Zhu
e644f8dea5
Allow user to register with custom language 2022-03-02 01:41:13 -05:00
Tusooa Zhu
0149ea4538
Send emails i18n'd using backend-stored user language 2022-03-01 22:19:13 -05:00
HJ
ee05abe052 Merge branch 'revert/notice-routes' into 'develop'
Revert notice compatibility routes merge request

See merge request pleroma/pleroma!3576
2022-02-26 16:24:49 +00:00
Sean King
17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Ilja
6ba93c2cb3 Fix test get_user_apps/1
For some reason I had a test who suddenly failed, mix test test/pleroma/web/o_auth/app_test.exs:54. A user has a list of applications and this test adds them and then sees if the list it gets back is the same as the apps it added.

When I ran mix test a day before I didn't have this problem and when I pushed code today in a different MR, the pipeline succeeded (see https://git.pleroma.social/ilja/pleroma/-/jobs/205827), yet locally it failed. So it seems the test can sometimes succeed and sometimes fail, which makes it untrustworthy.

The failure I see is because the returned list is in reverse order. I assume that's not per sé wrong. You just want to know if the apps you added are actually there. I fixed the test by first ordering the lists before comparing.

AFAICT (and as far as that's relevant) the test got introduced in commit cb2a072e62
2022-02-22 18:56:26 +01:00
Tusooa Zhu
0fd3695b9c
Prefer userLanguage cookie over Accept-Language header in detecting locale
https://git.pleroma.social/pleroma/pleroma-meta/-/issues/60
2022-02-21 18:02:19 -05:00
061cb749cd
Add unicode 14 support
and add a test with a unicode 14 emoji
2022-02-21 12:28:33 -06:00
marcin mikołajczak
e473bcf7a0 Max media attachment count
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-06 17:41:15 +01:00
Alex Gleason
7c044a1841
FilterControllerTest: tag erratic test 2022-02-02 13:10:39 -06:00
Haelwenn (lanodan) Monnier
d1cc9e4eaf
Fix tests matching on "warn"
Moving it to "warning" would break tests on 1.12.x
2022-02-02 12:45:26 -06:00
Alex Gleason
bd81af731e
Tag erratic test 2022-02-02 12:29:53 -06:00
Alex Gleason
2d77976305
Add tests for mismatched context in replies 2022-02-02 12:19:35 -06:00
Alex Gleason
5a4e3aa715
Test that a Create/Note from Roadhouse validates 2022-02-02 11:02:23 -06:00
Alex Gleason
61dfeca1cc
Test that a Note from Roadhouse validates 2022-02-02 10:38:30 -06:00