diff --git a/CHANGELOG.md b/CHANGELOG.md index ec191575f..4b7fb603d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,24 +40,45 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Filtering of push notifications on activities from blocked domains - Resolving Peertube accounts with Webfinger -## [unreleased-patch] +## [Unreleased (patch)] + +### Fixed +- Healthcheck reporting the number of memory currently used, rather than allocated in total +- `InsertSkeletonsForDeletedUsers` failing on some instances + +## [2.0.3] - 2020-05-02 + ### Security - Disallow re-registration of previously deleted users, which allowed viewing direct messages addressed to them - Mastodon API: Fix `POST /api/v1/follow_requests/:id/authorize` allowing to force a follow from a local user even if they didn't request to follow +- CSP: Sandbox uploads ### Fixed -- Logger configuration through AdminFE +- Notifications from blocked domains +- Potential federation issues with Mastodon versions before 3.0.0 - HTTP Basic Authentication permissions issue +- Follow/Block imports not being able to find the user if the nickname started with an `@` +- Instance stats counting internal users +- Inability to run a From Source release without git - ObjectAgePolicy didn't filter out old messages -- Transmogrifier: Keep object sensitive settings for outgoing representation (AP C2S) +- `blob:` urls not being allowed by CSP ### Added - NodeInfo: ObjectAgePolicy settings to the `federation` list. +- Follow request notifications
API Changes - Admin API: `GET /api/pleroma/admin/need_reboot`.
+### Upgrade notes + +1. Restart Pleroma +2. Run database migrations (inside Pleroma directory): + - OTP: `./bin/pleroma_ctl migrate` + - From Source: `mix ecto.migrate` + + ## [2.0.2] - 2020-04-08 ### Added - Support for Funkwhale's `Audio` activity diff --git a/config/description.exs b/config/description.exs index 39e094082..0b99c748c 100644 --- a/config/description.exs +++ b/config/description.exs @@ -28,7 +28,8 @@ %{ key: :filters, type: {:list, :module}, - description: "List of filter modules for uploads", + description: + "List of filter modules for uploads. Module names are shortened (removed leading `Pleroma.Upload.Filter.` part), but on adding custom MRF module you need to use full name.", suggestions: Generator.list_modules_in_dir( "lib/pleroma/upload/filter", @@ -681,7 +682,8 @@ %{ key: :federation_publisher_modules, type: {:list, :module}, - description: "List of modules for federation publishing", + description: + "List of modules for federation publishing. Module names are shortened (removed leading `Pleroma.Web.` part), but on adding custom MRF module you need to use full name.", suggestions: [ Pleroma.Web.ActivityPub.Publisher ] @@ -694,7 +696,8 @@ %{ key: :rewrite_policy, type: [:module, {:list, :module}], - description: "A list of MRF policies enabled", + description: + "A list of enabled MRF policies. Module names are shortened (removed leading `Pleroma.Web.ActivityPub.MRF.` part), but on adding custom MRF module you need to use full name.", suggestions: Generator.list_modules_in_dir( "lib/pleroma/web/activity_pub/mrf", @@ -712,7 +715,7 @@ key: :quarantined_instances, type: {:list, :string}, description: - "List of ActivityPub instances where private (DMs, followers-only) activities will not be send", + "List of ActivityPub instances where private (DMs, followers-only) activities will not be sent", suggestions: [ "quarantined.com", "*.quarantined.com" @@ -2031,7 +2034,8 @@ %{ key: :parsers, type: {:list, :module}, - description: "List of Rich Media parsers.", + description: + "List of Rich Media parsers. Module names are shortened (removed leading `Pleroma.Web.RichMedia.Parsers.` part), but on adding custom MRF module you need to use full name.", suggestions: [ Pleroma.Web.RichMedia.Parsers.MetaTagsParser, Pleroma.Web.RichMedia.Parsers.OEmbed, @@ -2043,7 +2047,8 @@ key: :ttl_setters, label: "TTL setters", type: {:list, :module}, - description: "List of rich media TTL setters.", + description: + "List of rich media TTL setters. Module names are shortened (removed leading `Pleroma.Web.RichMedia.Parser.` part), but on adding custom MRF module you need to use full name.", suggestions: [ Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl ] @@ -2717,6 +2722,8 @@ %{ key: :scrub_policy, type: {:list, :module}, + description: + "Module names are shortened (removed leading `Pleroma.HTML.` part), but on adding custom MRF module you need to use full name.", suggestions: [Pleroma.HTML.Transform.MediaProxy, Pleroma.HTML.Scrubber.Default] } ] diff --git a/lib/pleroma/healthcheck.ex b/lib/pleroma/healthcheck.ex index 8f7f43ec2..92ce83cb7 100644 --- a/lib/pleroma/healthcheck.ex +++ b/lib/pleroma/healthcheck.ex @@ -29,7 +29,7 @@ defmodule Pleroma.Healthcheck do @spec system_info() :: t() def system_info do %Healthcheck{ - memory_used: Float.round(:erlang.memory(:total) / 1024 / 1024, 2) + memory_used: Float.round(:recon_alloc.memory(:allocated) / 1024 / 1024, 2) } |> assign_db_info() |> assign_job_queue_stats() diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex index 5df3927bd..80d3188b0 100644 --- a/lib/pleroma/notification.ex +++ b/lib/pleroma/notification.ex @@ -368,13 +368,7 @@ def get_notified_from_activity(activity, local_only \\ true) def get_notified_from_activity(%Activity{data: %{"type" => type}} = activity, local_only) when type in ["Create", "Like", "Announce", "Follow", "Move", "EmojiReact"] do - potential_receiver_ap_ids = - [] - |> Utils.maybe_notify_to_recipients(activity) - |> Utils.maybe_notify_mentioned_recipients(activity) - |> Utils.maybe_notify_subscribers(activity) - |> Utils.maybe_notify_followers(activity) - |> Enum.uniq() + potential_receiver_ap_ids = get_potential_receiver_ap_ids(activity) potential_receivers = User.get_users_from_set(potential_receiver_ap_ids, local_only) @@ -392,6 +386,27 @@ def get_notified_from_activity(%Activity{data: %{"type" => type}} = activity, lo def get_notified_from_activity(_, _local_only), do: {[], []} + # For some activities, only notify the author of the object + def get_potential_receiver_ap_ids(%{data: %{"type" => type, "object" => object_id}}) + when type in ~w{Like Announce EmojiReact} do + case Object.get_cached_by_ap_id(object_id) do + %Object{data: %{"actor" => actor}} -> + [actor] + + _ -> + [] + end + end + + def get_potential_receiver_ap_ids(activity) do + [] + |> Utils.maybe_notify_to_recipients(activity) + |> Utils.maybe_notify_mentioned_recipients(activity) + |> Utils.maybe_notify_subscribers(activity) + |> Utils.maybe_notify_followers(activity) + |> Enum.uniq() + end + @doc "Filters out AP IDs domain-blocking and not following the activity's actor" def exclude_domain_blocker_ap_ids(ap_ids, activity, preloaded_users \\ []) diff --git a/mix.exs b/mix.exs index 6d65e18d4..97b561790 100644 --- a/mix.exs +++ b/mix.exs @@ -72,7 +72,15 @@ def copy_nginx_config(%{path: target_path} = release) do def application do [ mod: {Pleroma.Application, []}, - extra_applications: [:logger, :runtime_tools, :comeonin, :quack, :fast_sanitize, :ssl], + extra_applications: [ + :logger, + :runtime_tools, + :comeonin, + :quack, + :fast_sanitize, + :ssl, + :eldap + ], included_applications: [:ex_syslogger] ] end diff --git a/priv/repo/migrations/20200428221338_insert_skeletons_for_deleted_users.exs b/priv/repo/migrations/20200428221338_insert_skeletons_for_deleted_users.exs index 11d9a70ba..2adc38186 100644 --- a/priv/repo/migrations/20200428221338_insert_skeletons_for_deleted_users.exs +++ b/priv/repo/migrations/20200428221338_insert_skeletons_for_deleted_users.exs @@ -30,7 +30,7 @@ def change do Repo, "select distinct unnest(nonexistent_locals.recipients) from activities, lateral (select array_agg(recipient) as recipients from unnest(activities.recipients) as recipient where recipient similar to '#{ instance_uri - }/users/[A-Za-z0-9]*' and not(recipient in (select ap_id from users where local = true))) nonexistent_locals;", + }/users/[A-Za-z0-9]*' and not(recipient in (select ap_id from users))) nonexistent_locals;", [], timeout: :infinity ) diff --git a/priv/static/adminfe/static/fonts/element-icons.535877f.woff b/priv/static/adminfe/static/fonts/element-icons.535877f.woff new file mode 100644 index 000000000..02b9a2539 Binary files /dev/null and b/priv/static/adminfe/static/fonts/element-icons.535877f.woff differ diff --git a/priv/static/adminfe/static/fonts/element-icons.732389d.ttf b/priv/static/adminfe/static/fonts/element-icons.732389d.ttf new file mode 100644 index 000000000..91b74de36 Binary files /dev/null and b/priv/static/adminfe/static/fonts/element-icons.732389d.ttf differ diff --git a/priv/static/index.html b/priv/static/index.html index 4fac5c100..b37cbaa67 100644 --- a/priv/static/index.html +++ b/priv/static/index.html @@ -1 +1 @@ -Pleroma
\ No newline at end of file +Pleroma
\ No newline at end of file diff --git a/priv/static/static/font/fontello.1588419330867.woff b/priv/static/static/font/fontello.1588419330867.woff deleted file mode 100644 index 2bf4cbc16..000000000 Binary files a/priv/static/static/font/fontello.1588419330867.woff and /dev/null differ diff --git a/priv/static/static/font/fontello.1588419330867.woff2 b/priv/static/static/font/fontello.1588419330867.woff2 deleted file mode 100644 index a31bf3f29..000000000 Binary files a/priv/static/static/font/fontello.1588419330867.woff2 and /dev/null differ diff --git a/priv/static/static/font/fontello.1588419330867.eot b/priv/static/static/font/fontello.1588947937982.eot similarity index 90% rename from priv/static/static/font/fontello.1588419330867.eot rename to priv/static/static/font/fontello.1588947937982.eot index 7f8c61e38..b1297072e 100644 Binary files a/priv/static/static/font/fontello.1588419330867.eot and b/priv/static/static/font/fontello.1588947937982.eot differ diff --git a/priv/static/static/font/fontello.1588419330867.svg b/priv/static/static/font/fontello.1588947937982.svg similarity index 98% rename from priv/static/static/font/fontello.1588419330867.svg rename to priv/static/static/font/fontello.1588947937982.svg index 71f81f435..e63fb7529 100644 --- a/priv/static/static/font/fontello.1588419330867.svg +++ b/priv/static/static/font/fontello.1588947937982.svg @@ -114,6 +114,8 @@ + + diff --git a/priv/static/static/font/fontello.1588419330867.ttf b/priv/static/static/font/fontello.1588947937982.ttf similarity index 90% rename from priv/static/static/font/fontello.1588419330867.ttf rename to priv/static/static/font/fontello.1588947937982.ttf index 7dc4f108b..443801c4f 100644 Binary files a/priv/static/static/font/fontello.1588419330867.ttf and b/priv/static/static/font/fontello.1588947937982.ttf differ diff --git a/priv/static/static/font/fontello.1588947937982.woff b/priv/static/static/font/fontello.1588947937982.woff new file mode 100644 index 000000000..e96fea757 Binary files /dev/null and b/priv/static/static/font/fontello.1588947937982.woff differ diff --git a/priv/static/static/font/fontello.1588947937982.woff2 b/priv/static/static/font/fontello.1588947937982.woff2 new file mode 100644 index 000000000..50318a670 Binary files /dev/null and b/priv/static/static/font/fontello.1588947937982.woff2 differ diff --git a/priv/static/static/fontello.1588419330867.css b/priv/static/static/fontello.1588947937982.css similarity index 88% rename from priv/static/static/fontello.1588419330867.css rename to priv/static/static/fontello.1588947937982.css index 198eff184..d3d77a8b5 100644 Binary files a/priv/static/static/fontello.1588419330867.css and b/priv/static/static/fontello.1588947937982.css differ diff --git a/priv/static/static/fontello.json b/priv/static/static/fontello.json index 5963b68b4..7f0e7cdd5 100755 --- a/priv/static/static/fontello.json +++ b/priv/static/static/fontello.json @@ -346,6 +346,12 @@ "code": 59427, "src": "fontawesome" }, + { + "uid": "4aad6bb50b02c18508aae9cbe14e784e", + "css": "share", + "code": 61920, + "src": "fontawesome" + }, { "uid": "8b80d36d4ef43889db10bc1f0dc9a862", "css": "user", diff --git a/priv/static/static/js/2.1c407059cd79fca99e19.js b/priv/static/static/js/2.18e4adec273c4ce867a8.js similarity index 80% rename from priv/static/static/js/2.1c407059cd79fca99e19.js rename to priv/static/static/js/2.18e4adec273c4ce867a8.js index 14018d92a..d191aa852 100644 Binary files a/priv/static/static/js/2.1c407059cd79fca99e19.js and b/priv/static/static/js/2.18e4adec273c4ce867a8.js differ diff --git a/priv/static/static/js/2.1c407059cd79fca99e19.js.map b/priv/static/static/js/2.18e4adec273c4ce867a8.js.map similarity index 98% rename from priv/static/static/js/2.1c407059cd79fca99e19.js.map rename to priv/static/static/js/2.18e4adec273c4ce867a8.js.map index cfee79ea8..a7f98bfef 100644 Binary files a/priv/static/static/js/2.1c407059cd79fca99e19.js.map and b/priv/static/static/js/2.18e4adec273c4ce867a8.js.map differ diff --git a/priv/static/static/js/app.996428ccaaaa7f28cb8d.js b/priv/static/static/js/app.996428ccaaaa7f28cb8d.js new file mode 100644 index 000000000..00f3a28e0 Binary files /dev/null and b/priv/static/static/js/app.996428ccaaaa7f28cb8d.js differ diff --git a/priv/static/static/js/app.996428ccaaaa7f28cb8d.js.map b/priv/static/static/js/app.996428ccaaaa7f28cb8d.js.map new file mode 100644 index 000000000..9daca3ff5 Binary files /dev/null and b/priv/static/static/js/app.996428ccaaaa7f28cb8d.js.map differ diff --git a/priv/static/static/js/app.fa89b90e606f4facd209.js b/priv/static/static/js/app.fa89b90e606f4facd209.js deleted file mode 100644 index a2cbcc337..000000000 Binary files a/priv/static/static/js/app.fa89b90e606f4facd209.js and /dev/null differ diff --git a/priv/static/static/js/app.fa89b90e606f4facd209.js.map b/priv/static/static/js/app.fa89b90e606f4facd209.js.map deleted file mode 100644 index 5722844a9..000000000 Binary files a/priv/static/static/js/app.fa89b90e606f4facd209.js.map and /dev/null differ diff --git a/priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js b/priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js similarity index 87% rename from priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js rename to priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js index 1d62bb0a4..d1f1a1830 100644 Binary files a/priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js and b/priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js differ diff --git a/priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js.map b/priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js.map new file mode 100644 index 000000000..0d4a859ea Binary files /dev/null and b/priv/static/static/js/vendors~app.561a1c605d1dfb0e6f74.js.map differ diff --git a/priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js.map b/priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js.map deleted file mode 100644 index ce0c86939..000000000 Binary files a/priv/static/static/js/vendors~app.8aa781e6dd81307f544b.js.map and /dev/null differ diff --git a/priv/static/sw-pleroma.js b/priv/static/sw-pleroma.js index 88244a549..d2be1782b 100644 Binary files a/priv/static/sw-pleroma.js and b/priv/static/sw-pleroma.js differ diff --git a/test/notification_test.exs b/test/notification_test.exs index 0783c325d..24e5f0c73 100644 --- a/test/notification_test.exs +++ b/test/notification_test.exs @@ -12,6 +12,8 @@ defmodule Pleroma.NotificationTest do alias Pleroma.Notification alias Pleroma.Tests.ObanHelpers alias Pleroma.User + alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Builder alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.NotificationView @@ -614,6 +616,28 @@ test "it does not send notification to mentioned users in likes" do assert other_user not in enabled_receivers end + test "it only notifies the post's author in likes" do + user = insert(:user) + other_user = insert(:user) + third_user = insert(:user) + + {:ok, activity_one} = + CommonAPI.post(user, %{ + "status" => "hey @#{other_user.nickname}!" + }) + + {:ok, like_data, _} = Builder.like(third_user, activity_one.object) + + {:ok, like, _} = + like_data + |> Map.put("to", [other_user.ap_id | like_data["to"]]) + |> ActivityPub.persist(local: true) + + {enabled_receivers, _disabled_receivers} = Notification.get_notified_from_activity(like) + + assert other_user not in enabled_receivers + end + test "it does not send notification to mentioned users in announces" do user = insert(:user) other_user = insert(:user)