Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms

This commit is contained in:
lain 2020-04-21 12:00:33 +02:00
commit 5165287ff4
13 changed files with 211 additions and 133 deletions

View file

@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- New HTTP adapter [gun](https://github.com/ninenines/gun). Gun adapter requires minimum OTP version of 22.2 otherwise Pleroma wont start. For hackney OTP update is not required. - New HTTP adapter [gun](https://github.com/ninenines/gun). Gun adapter requires minimum OTP version of 22.2 otherwise Pleroma wont start. For hackney OTP update is not required.
- Mix task to create trusted OAuth App. - Mix task to create trusted OAuth App.
- Notifications: Added `follow_request` notification type (configurable, see `[:notifications, :enable_follow_request_notifications]` setting). - Notifications: Added `follow_request` notification type (configurable, see `[:notifications, :enable_follow_request_notifications]` setting).
- Added `:reject_deletes` group to SimplePolicy
<details> <details>
<summary>API Changes</summary> <summary>API Changes</summary>
- Mastodon API: Support for `include_types` in `/api/v1/notifications`. - Mastodon API: Support for `include_types` in `/api/v1/notifications`.
@ -23,13 +24,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
### Fixed ### Fixed
- Support pagination in conversations API - Support pagination in conversations API
- **Breaking**: SimplePolicy `:reject` and `:accept` allow deletions again
## [unreleased-patch] ## [unreleased-patch]
### Fixed ### Fixed
- Logger configuration through AdminFE - Logger configuration through AdminFE
- HTTP Basic Authentication permissions issue - HTTP Basic Authentication permissions issue
- ObjectAgePolicy didn't filter out old messages
### Added ### Added
- NodeInfo: ObjectAgePolicy settings to the `federation` list.
<details> <details>
<summary>API Changes</summary> <summary>API Changes</summary>
- Admin API: `GET /api/pleroma/admin/need_reboot`. - Admin API: `GET /api/pleroma/admin/need_reboot`.

View file

@ -336,7 +336,8 @@
reject: [], reject: [],
accept: [], accept: [],
avatar_removal: [], avatar_removal: [],
banner_removal: [] banner_removal: [],
reject_deletes: []
config :pleroma, :mrf_keyword, config :pleroma, :mrf_keyword,
reject: [], reject: [],

View file

@ -1317,13 +1317,13 @@
%{ %{
key: :reject, key: :reject,
type: {:list, :string}, type: {:list, :string},
description: "List of instances to reject any activities from", description: "List of instances to reject activities from (except deletes)",
suggestions: ["example.com", "*.example.com"] suggestions: ["example.com", "*.example.com"]
}, },
%{ %{
key: :accept, key: :accept,
type: {:list, :string}, type: {:list, :string},
description: "List of instances to accept any activities from", description: "List of instances to only accept activities from (except deletes)",
suggestions: ["example.com", "*.example.com"] suggestions: ["example.com", "*.example.com"]
}, },
%{ %{
@ -1343,6 +1343,12 @@
type: {:list, :string}, type: {:list, :string},
description: "List of instances to strip banners from", description: "List of instances to strip banners from",
suggestions: ["example.com", "*.example.com"] suggestions: ["example.com", "*.example.com"]
},
%{
key: :reject_deletes,
type: {:list, :string},
description: "List of instances to reject deletions from",
suggestions: ["example.com", "*.example.com"]
} }
] ]
}, },

View file

@ -41,11 +41,15 @@ config :pleroma, :instance,
Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are: Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are:
* `media_removal`: Servers in this group will have media stripped from incoming messages.
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
* `reject`: Servers in this group will have their messages rejected. * `reject`: Servers in this group will have their messages rejected.
* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields. * `accept`: If not empty, only messages from these instances will be accepted (whitelist federation).
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
* `media_removal`: Servers in this group will have media stripped from incoming messages.
* `avatar_removal`: Avatars from these servers will be stripped from incoming messages.
* `banner_removal`: Banner images from these servers will be stripped from incoming messages.
* `report_removal`: Servers in this group will have their reports (flags) rejected. * `report_removal`: Servers in this group will have their reports (flags) rejected.
* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.
* `reject_deletes`: Deletion requests will be rejected from these servers.
Servers should be configured as lists. Servers should be configured as lists.

View file

@ -11,7 +11,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy do
@moduledoc "Filter activities depending on their age" @moduledoc "Filter activities depending on their age"
@behaviour Pleroma.Web.ActivityPub.MRF @behaviour Pleroma.Web.ActivityPub.MRF
defp check_date(%{"published" => published} = message) do defp check_date(%{"object" => %{"published" => published}} = message) do
with %DateTime{} = now <- DateTime.utc_now(), with %DateTime{} = now <- DateTime.utc_now(),
{:ok, %DateTime{} = then, _} <- DateTime.from_iso8601(published), {:ok, %DateTime{} = then, _} <- DateTime.from_iso8601(published),
max_ttl <- Config.get([:mrf_object_age, :threshold]), max_ttl <- Config.get([:mrf_object_age, :threshold]),
@ -96,5 +96,11 @@ def filter(%{"type" => "Create", "published" => _} = message) do
def filter(message), do: {:ok, message} def filter(message), do: {:ok, message}
@impl true @impl true
def describe, do: {:ok, %{}} def describe do
mrf_object_age =
Pleroma.Config.get(:mrf_object_age)
|> Enum.into(%{})
{:ok, %{mrf_object_age: mrf_object_age}}
end
end end

View file

@ -148,6 +148,21 @@ defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image
defp check_banner_removal(_actor_info, object), do: {:ok, object} defp check_banner_removal(_actor_info, object), do: {:ok, object}
@impl true
def filter(%{"type" => "Delete", "actor" => actor} = object) do
%{host: actor_host} = URI.parse(actor)
reject_deletes =
Pleroma.Config.get([:mrf_simple, :reject_deletes])
|> MRF.subdomains_regex()
if MRF.subdomain_match?(reject_deletes, actor_host) do
{:reject, nil}
else
{:ok, object}
end
end
@impl true @impl true
def filter(%{"actor" => actor} = object) do def filter(%{"actor" => actor} = object) do
actor_info = URI.parse(actor) actor_info = URI.parse(actor)

View file

@ -6,25 +6,22 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionController do
@moduledoc "The module represents functions to manage user subscriptions." @moduledoc "The module represents functions to manage user subscriptions."
use Pleroma.Web, :controller use Pleroma.Web, :controller
alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
alias Pleroma.Web.Push alias Pleroma.Web.Push
alias Pleroma.Web.Push.Subscription alias Pleroma.Web.Push.Subscription
action_fallback(:errors) action_fallback(:errors)
plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]}) plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug) plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
plug(:restrict_push_enabled)
# Creates PushSubscription # Creates PushSubscription
# POST /api/v1/push/subscription # POST /api/v1/push/subscription
# #
def create(%{assigns: %{user: user, token: token}} = conn, params) do def create(%{assigns: %{user: user, token: token}} = conn, params) do
with true <- Push.enabled(), with {:ok, _} <- Subscription.delete_if_exists(user, token),
{:ok, _} <- Subscription.delete_if_exists(user, token),
{:ok, subscription} <- Subscription.create(user, token, params) do {:ok, subscription} <- Subscription.create(user, token, params) do
view = View.render("push_subscription.json", subscription: subscription) render(conn, "show.json", subscription: subscription)
json(conn, view)
end end
end end
@ -32,10 +29,8 @@ def create(%{assigns: %{user: user, token: token}} = conn, params) do
# GET /api/v1/push/subscription # GET /api/v1/push/subscription
# #
def get(%{assigns: %{user: user, token: token}} = conn, _params) do def get(%{assigns: %{user: user, token: token}} = conn, _params) do
with true <- Push.enabled(), with {:ok, subscription} <- Subscription.get(user, token) do
{:ok, subscription} <- Subscription.get(user, token) do render(conn, "show.json", subscription: subscription)
view = View.render("push_subscription.json", subscription: subscription)
json(conn, view)
end end
end end
@ -43,10 +38,8 @@ def get(%{assigns: %{user: user, token: token}} = conn, _params) do
# PUT /api/v1/push/subscription # PUT /api/v1/push/subscription
# #
def update(%{assigns: %{user: user, token: token}} = conn, params) do def update(%{assigns: %{user: user, token: token}} = conn, params) do
with true <- Push.enabled(), with {:ok, subscription} <- Subscription.update(user, token, params) do
{:ok, subscription} <- Subscription.update(user, token, params) do render(conn, "show.json", subscription: subscription)
view = View.render("push_subscription.json", subscription: subscription)
json(conn, view)
end end
end end
@ -54,11 +47,20 @@ def update(%{assigns: %{user: user, token: token}} = conn, params) do
# DELETE /api/v1/push/subscription # DELETE /api/v1/push/subscription
# #
def delete(%{assigns: %{user: user, token: token}} = conn, _params) do def delete(%{assigns: %{user: user, token: token}} = conn, _params) do
with true <- Push.enabled(), with {:ok, _response} <- Subscription.delete(user, token),
{:ok, _response} <- Subscription.delete(user, token),
do: json(conn, %{}) do: json(conn, %{})
end end
defp restrict_push_enabled(conn, _) do
if Push.enabled() do
conn
else
conn
|> render_error(:forbidden, "Web push subscription is disabled on this Pleroma instance")
|> halt()
end
end
# fallback action # fallback action
# #
def errors(conn, {:error, :not_found}) do def errors(conn, {:error, :not_found}) do

View file

@ -2,11 +2,11 @@
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only # SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.PushSubscriptionView do defmodule Pleroma.Web.MastodonAPI.SubscriptionView do
use Pleroma.Web, :view use Pleroma.Web, :view
alias Pleroma.Web.Push alias Pleroma.Web.Push
def render("push_subscription.json", %{subscription: subscription}) do def render("show.json", %{subscription: subscription}) do
%{ %{
id: to_string(subscription.id), id: to_string(subscription.id),
endpoint: subscription.endpoint, endpoint: subscription.endpoint,

View file

@ -16,79 +16,60 @@ defmodule Pleroma.Web.Router do
plug(Pleroma.Plugs.UserEnabledPlug) plug(Pleroma.Plugs.UserEnabledPlug)
end end
pipeline :api do pipeline :authenticate do
plug(:accepts, ["json"])
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug) plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.BasicAuthDecoderPlug) plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug) plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug) plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug) plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug) plug(Pleroma.Plugs.AuthenticationPlug)
end
pipeline :after_auth do
plug(Pleroma.Plugs.UserEnabledPlug) plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug) plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug) plug(Pleroma.Plugs.EnsureUserKeyPlug)
plug(Pleroma.Plugs.IdempotencyPlug) end
pipeline :base_api do
plug(:accepts, ["json"])
plug(:fetch_session)
plug(:authenticate)
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec) plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
end end
pipeline :api do
plug(:base_api)
plug(:after_auth)
plug(Pleroma.Plugs.IdempotencyPlug)
end
pipeline :authenticated_api do pipeline :authenticated_api do
plug(:accepts, ["json"]) plug(:base_api)
plug(:fetch_session)
plug(Pleroma.Plugs.AuthExpectedPlug) plug(Pleroma.Plugs.AuthExpectedPlug)
plug(Pleroma.Plugs.OAuthPlug) plug(:after_auth)
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureAuthenticatedPlug) plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
plug(Pleroma.Plugs.IdempotencyPlug) plug(Pleroma.Plugs.IdempotencyPlug)
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
end end
pipeline :admin_api do pipeline :admin_api do
plug(:accepts, ["json"]) plug(:base_api)
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.AdminSecretAuthenticationPlug) plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug) plug(:after_auth)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureAuthenticatedPlug) plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
plug(Pleroma.Plugs.UserIsAdminPlug) plug(Pleroma.Plugs.UserIsAdminPlug)
plug(Pleroma.Plugs.IdempotencyPlug) plug(Pleroma.Plugs.IdempotencyPlug)
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
end end
pipeline :mastodon_html do pipeline :mastodon_html do
plug(:accepts, ["html"]) plug(:browser)
plug(:fetch_session) plug(:authenticate)
plug(Pleroma.Plugs.OAuthPlug) plug(:after_auth)
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug)
end end
pipeline :pleroma_html do pipeline :pleroma_html do
plug(:accepts, ["html"]) plug(:browser)
plug(:fetch_session) plug(:authenticate)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug) plug(Pleroma.Plugs.EnsureUserKeyPlug)
end end
@ -524,7 +505,7 @@ defmodule Pleroma.Web.Router do
end end
scope "/api" do scope "/api" do
pipe_through(:api) pipe_through(:base_api)
get("/openapi", OpenApiSpex.Plug.RenderSpec, []) get("/openapi", OpenApiSpex.Plug.RenderSpec, [])
end end
@ -538,10 +519,6 @@ defmodule Pleroma.Web.Router do
post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read) post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)
end end
pipeline :ap_service_actor do
plug(:accepts, ["activity+json", "json"])
end
pipeline :ostatus do pipeline :ostatus do
plug(:accepts, ["html", "xml", "rss", "atom", "activity+json", "json"]) plug(:accepts, ["html", "xml", "rss", "atom", "activity+json", "json"])
plug(Pleroma.Plugs.StaticFEPlug) plug(Pleroma.Plugs.StaticFEPlug)
@ -552,8 +529,7 @@ defmodule Pleroma.Web.Router do
end end
scope "/", Pleroma.Web do scope "/", Pleroma.Web do
pipe_through(:ostatus) pipe_through([:ostatus, :http_signature])
pipe_through(:http_signature)
get("/objects/:uuid", OStatus.OStatusController, :object) get("/objects/:uuid", OStatus.OStatusController, :object)
get("/activities/:uuid", OStatus.OStatusController, :activity) get("/activities/:uuid", OStatus.OStatusController, :activity)
@ -571,13 +547,6 @@ defmodule Pleroma.Web.Router do
get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe) get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe)
end end
# Server to Server (S2S) AP interactions
pipeline :activitypub do
plug(:accepts, ["activity+json", "json"])
plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug)
end
scope "/", Pleroma.Web.ActivityPub do scope "/", Pleroma.Web.ActivityPub do
# XXX: not really ostatus # XXX: not really ostatus
pipe_through(:ostatus) pipe_through(:ostatus)
@ -585,19 +554,22 @@ defmodule Pleroma.Web.Router do
get("/users/:nickname/outbox", ActivityPubController, :outbox) get("/users/:nickname/outbox", ActivityPubController, :outbox)
end end
pipeline :ap_service_actor do
plug(:accepts, ["activity+json", "json"])
end
# Server to Server (S2S) AP interactions
pipeline :activitypub do
plug(:ap_service_actor)
plug(:http_signature)
end
# Client to Server (C2S) AP interactions # Client to Server (C2S) AP interactions
pipeline :activitypub_client do pipeline :activitypub_client do
plug(:accepts, ["activity+json", "json"]) plug(:ap_service_actor)
plug(:fetch_session) plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug) plug(:authenticate)
plug(Pleroma.Plugs.BasicAuthDecoderPlug) plug(:after_auth)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug)
end end
scope "/", Pleroma.Web.ActivityPub do scope "/", Pleroma.Web.ActivityPub do
@ -669,12 +641,7 @@ defmodule Pleroma.Web.Router do
get("/web/*path", MastoFEController, :index) get("/web/*path", MastoFEController, :index)
end end
pipeline :remote_media do
end
scope "/proxy/", Pleroma.Web.MediaProxy do scope "/proxy/", Pleroma.Web.MediaProxy do
pipe_through(:remote_media)
get("/:sig/:url", MediaProxyController, :remote) get("/:sig/:url", MediaProxyController, :remote)
get("/:sig/:url/:filename", MediaProxyController, :remote) get("/:sig/:url/:filename", MediaProxyController, :remote)
end end

View file

@ -20,26 +20,38 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
:ok :ok
end end
defp get_old_message do
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
end
defp get_new_message do
old_message = get_old_message()
new_object =
old_message
|> Map.get("object")
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
old_message
|> Map.put("object", new_object)
end
describe "with reject action" do describe "with reject action" do
test "it rejects an old post" do test "it rejects an old post" do
Config.put([:mrf_object_age, :actions], [:reject]) Config.put([:mrf_object_age, :actions], [:reject])
data = data = get_old_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
{:reject, _} = ObjectAgePolicy.filter(data) assert match?({:reject, _}, ObjectAgePolicy.filter(data))
end end
test "it allows a new post" do test "it allows a new post" do
Config.put([:mrf_object_age, :actions], [:reject]) Config.put([:mrf_object_age, :actions], [:reject])
data = data = get_new_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
{:ok, _} = ObjectAgePolicy.filter(data) assert match?({:ok, _}, ObjectAgePolicy.filter(data))
end end
end end
@ -47,9 +59,7 @@ test "it allows a new post" do
test "it delists an old post" do test "it delists an old post" do
Config.put([:mrf_object_age, :actions], [:delist]) Config.put([:mrf_object_age, :actions], [:delist])
data = data = get_old_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
{:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"]) {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
@ -61,14 +71,11 @@ test "it delists an old post" do
test "it allows a new post" do test "it allows a new post" do
Config.put([:mrf_object_age, :actions], [:delist]) Config.put([:mrf_object_age, :actions], [:delist])
data = data = get_new_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
{:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"]) {:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"])
{:ok, ^data} = ObjectAgePolicy.filter(data) assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
end end
end end
@ -76,9 +83,7 @@ test "it allows a new post" do
test "it strips followers collections from an old post" do test "it strips followers collections from an old post" do
Config.put([:mrf_object_age, :actions], [:strip_followers]) Config.put([:mrf_object_age, :actions], [:strip_followers])
data = data = get_old_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
{:ok, user} = User.get_or_fetch_by_ap_id(data["actor"]) {:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
@ -91,14 +96,11 @@ test "it strips followers collections from an old post" do
test "it allows a new post" do test "it allows a new post" do
Config.put([:mrf_object_age, :actions], [:strip_followers]) Config.put([:mrf_object_age, :actions], [:strip_followers])
data = data = get_new_message()
File.read!("test/fixtures/mastodon-post-activity.json")
|> Poison.decode!()
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
{:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"]) {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
{:ok, ^data} = ObjectAgePolicy.filter(data) assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
end end
end end
end end

View file

@ -17,7 +17,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
reject: [], reject: [],
accept: [], accept: [],
avatar_removal: [], avatar_removal: [],
banner_removal: [] banner_removal: [],
reject_deletes: []
) )
describe "when :media_removal" do describe "when :media_removal" do
@ -382,6 +383,66 @@ test "match with wildcard domain" do
end end
end end
describe "when :reject_deletes is empty" do
setup do: Config.put([:mrf_simple, :reject_deletes], [])
test "it accepts deletions even from rejected servers" do
Config.put([:mrf_simple, :reject], ["remote.instance"])
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
end
test "it accepts deletions even from non-whitelisted servers" do
Config.put([:mrf_simple, :accept], ["non.matching.remote"])
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
end
end
describe "when :reject_deletes is not empty but it doesn't have a matching host" do
setup do: Config.put([:mrf_simple, :reject_deletes], ["non.matching.remote"])
test "it accepts deletions even from rejected servers" do
Config.put([:mrf_simple, :reject], ["remote.instance"])
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
end
test "it accepts deletions even from non-whitelisted servers" do
Config.put([:mrf_simple, :accept], ["non.matching.remote"])
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
end
end
describe "when :reject_deletes has a matching host" do
setup do: Config.put([:mrf_simple, :reject_deletes], ["remote.instance"])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:reject, nil}
end
end
describe "when :reject_deletes match with wildcard domain" do
setup do: Config.put([:mrf_simple, :reject_deletes], ["*.remote.instance"])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()
assert SimplePolicy.filter(deletion_message) == {:reject, nil}
end
end
defp build_local_message do defp build_local_message do
%{ %{
"actor" => "#{Pleroma.Web.base_url()}/users/alice", "actor" => "#{Pleroma.Web.base_url()}/users/alice",
@ -408,4 +469,11 @@ defp build_remote_user do
"type" => "Person" "type" => "Person"
} }
end end
defp build_remote_deletion_message do
%{
"type" => "Delete",
"actor" => "https://remote.instance/users/bob"
}
end
end end

View file

@ -35,7 +35,10 @@ defmacro assert_error_when_disable_push(do: yield) do
quote do quote do
vapid_details = Application.get_env(:web_push_encryption, :vapid_details, []) vapid_details = Application.get_env(:web_push_encryption, :vapid_details, [])
Application.put_env(:web_push_encryption, :vapid_details, []) Application.put_env(:web_push_encryption, :vapid_details, [])
assert "Something went wrong" == unquote(yield)
assert %{"error" => "Web push subscription is disabled on this Pleroma instance"} ==
unquote(yield)
Application.put_env(:web_push_encryption, :vapid_details, vapid_details) Application.put_env(:web_push_encryption, :vapid_details, vapid_details)
end end
end end
@ -45,7 +48,7 @@ test "returns error when push disabled ", %{conn: conn} do
assert_error_when_disable_push do assert_error_when_disable_push do
conn conn
|> post("/api/v1/push/subscription", %{}) |> post("/api/v1/push/subscription", %{})
|> json_response(500) |> json_response(403)
end end
end end
@ -74,7 +77,7 @@ test "returns error when push disabled ", %{conn: conn} do
assert_error_when_disable_push do assert_error_when_disable_push do
conn conn
|> get("/api/v1/push/subscription", %{}) |> get("/api/v1/push/subscription", %{})
|> json_response(500) |> json_response(403)
end end
end end
@ -127,7 +130,7 @@ test "returns error when push disabled ", %{conn: conn} do
assert_error_when_disable_push do assert_error_when_disable_push do
conn conn
|> put("/api/v1/push/subscription", %{data: %{"alerts" => %{"mention" => false}}}) |> put("/api/v1/push/subscription", %{data: %{"alerts" => %{"mention" => false}}})
|> json_response(500) |> json_response(403)
end end
end end
@ -155,7 +158,7 @@ test "returns error when push disabled ", %{conn: conn} do
assert_error_when_disable_push do assert_error_when_disable_push do
conn conn
|> delete("/api/v1/push/subscription", %{}) |> delete("/api/v1/push/subscription", %{})
|> json_response(500) |> json_response(403)
end end
end end

View file

@ -2,10 +2,10 @@
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only # SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.PushSubscriptionViewTest do defmodule Pleroma.Web.MastodonAPI.SubscriptionViewTest do
use Pleroma.DataCase use Pleroma.DataCase
import Pleroma.Factory import Pleroma.Factory
alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View alias Pleroma.Web.MastodonAPI.SubscriptionView, as: View
alias Pleroma.Web.Push alias Pleroma.Web.Push
test "Represent a subscription" do test "Represent a subscription" do
@ -18,6 +18,6 @@ test "Represent a subscription" do
server_key: Keyword.get(Push.vapid_config(), :public_key) server_key: Keyword.get(Push.vapid_config(), :public_key)
} }
assert expected == View.render("push_subscription.json", %{subscription: subscription}) assert expected == View.render("show.json", %{subscription: subscription})
end end
end end