2018-12-23 20:04:54 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2018-12-31 15:41:47 +00:00
|
|
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 20:04:54 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2017-03-21 16:53:20 +00:00
|
|
|
defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
|
2019-02-09 15:16:26 +00:00
|
|
|
alias Pleroma.UserInviteToken
|
|
|
|
alias Pleroma.User
|
|
|
|
alias Pleroma.Activity
|
|
|
|
alias Pleroma.Repo
|
|
|
|
alias Pleroma.Object
|
|
|
|
alias Pleroma.UserEmail
|
|
|
|
alias Pleroma.Mailer
|
2017-03-21 16:53:20 +00:00
|
|
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
2017-06-19 21:12:37 +00:00
|
|
|
alias Pleroma.Web.TwitterAPI.UserView
|
2018-12-09 09:12:48 +00:00
|
|
|
alias Pleroma.Web.CommonAPI
|
2018-12-17 14:28:58 +00:00
|
|
|
|
2017-09-16 12:33:47 +00:00
|
|
|
import Ecto.Query
|
2017-03-21 16:53:20 +00:00
|
|
|
|
2017-11-19 01:22:07 +00:00
|
|
|
def create_status(%User{} = user, %{"status" => _} = data) do
|
2017-09-15 12:17:36 +00:00
|
|
|
CommonAPI.post(user, data)
|
2017-03-21 16:53:20 +00:00
|
|
|
end
|
|
|
|
|
2018-04-18 10:00:40 +00:00
|
|
|
def delete(%User{} = user, id) do
|
2018-12-09 09:12:48 +00:00
|
|
|
with %Activity{data: %{"type" => _type}} <- Repo.get(Activity, id),
|
2018-06-14 01:29:55 +00:00
|
|
|
{:ok, activity} <- CommonAPI.delete(id, user) do
|
|
|
|
{:ok, activity}
|
2018-04-18 10:00:40 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-13 12:32:13 +00:00
|
|
|
def follow(%User{} = follower, params) do
|
2017-05-05 10:07:38 +00:00
|
|
|
with {:ok, %User{} = followed} <- get_user(params),
|
2018-05-25 09:31:42 +00:00
|
|
|
{:ok, follower} <- User.maybe_direct_follow(follower, followed),
|
2018-10-05 23:40:49 +00:00
|
|
|
{:ok, activity} <- ActivityPub.follow(follower, followed),
|
2018-10-07 01:05:59 +00:00
|
|
|
{:ok, follower, followed} <-
|
2018-11-06 18:34:57 +00:00
|
|
|
User.wait_and_refresh(
|
|
|
|
Pleroma.Config.get([:activitypub, :follow_handshake_timeout]),
|
|
|
|
follower,
|
|
|
|
followed
|
|
|
|
) do
|
2017-05-05 10:07:38 +00:00
|
|
|
{:ok, follower, followed, activity}
|
2017-04-12 14:34:36 +00:00
|
|
|
else
|
|
|
|
err -> err
|
2017-03-22 17:36:08 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-20 07:57:37 +00:00
|
|
|
def unfollow(%User{} = follower, params) do
|
2018-03-30 13:01:53 +00:00
|
|
|
with {:ok, %User{} = unfollowed} <- get_user(params),
|
2018-12-09 09:12:48 +00:00
|
|
|
{:ok, follower, _follow_activity} <- User.unfollow(follower, unfollowed),
|
2018-05-22 08:49:30 +00:00
|
|
|
{:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed) do
|
2018-03-30 13:01:53 +00:00
|
|
|
{:ok, follower, unfollowed}
|
2017-04-12 14:34:36 +00:00
|
|
|
else
|
|
|
|
err -> err
|
2017-03-23 12:13:09 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-11-07 22:04:53 +00:00
|
|
|
def block(%User{} = blocker, params) do
|
|
|
|
with {:ok, %User{} = blocked} <- get_user(params),
|
2018-05-22 09:41:17 +00:00
|
|
|
{:ok, blocker} <- User.block(blocker, blocked),
|
|
|
|
{:ok, _activity} <- ActivityPub.block(blocker, blocked) do
|
2017-11-07 22:04:53 +00:00
|
|
|
{:ok, blocker, blocked}
|
|
|
|
else
|
|
|
|
err -> err
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def unblock(%User{} = blocker, params) do
|
|
|
|
with {:ok, %User{} = blocked} <- get_user(params),
|
2018-05-22 09:41:17 +00:00
|
|
|
{:ok, blocker} <- User.unblock(blocker, blocked),
|
|
|
|
{:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
|
2017-11-07 22:04:53 +00:00
|
|
|
{:ok, blocker, blocked}
|
|
|
|
else
|
|
|
|
err -> err
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-09-09 15:48:57 +00:00
|
|
|
def repeat(%User{} = user, ap_id_or_id) do
|
2018-06-03 17:11:22 +00:00
|
|
|
with {:ok, _announce, %{data: %{"id" => id}}} <- CommonAPI.repeat(ap_id_or_id, user),
|
2019-01-21 06:14:20 +00:00
|
|
|
%Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
|
2018-03-30 14:50:30 +00:00
|
|
|
{:ok, activity}
|
2017-09-09 15:48:57 +00:00
|
|
|
end
|
2017-04-15 11:54:46 +00:00
|
|
|
end
|
|
|
|
|
2018-06-14 01:29:55 +00:00
|
|
|
def unrepeat(%User{} = user, ap_id_or_id) do
|
|
|
|
with {:ok, _unannounce, %{data: %{"id" => id}}} <- CommonAPI.unrepeat(ap_id_or_id, user),
|
2019-01-21 06:14:20 +00:00
|
|
|
%Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
|
2018-04-18 10:00:40 +00:00
|
|
|
{:ok, activity}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-01-09 12:54:19 +00:00
|
|
|
def pin(%User{} = user, ap_id_or_id) do
|
|
|
|
CommonAPI.pin(ap_id_or_id, user)
|
|
|
|
end
|
|
|
|
|
|
|
|
def unpin(%User{} = user, ap_id_or_id) do
|
|
|
|
CommonAPI.unpin(ap_id_or_id, user)
|
|
|
|
end
|
|
|
|
|
2017-09-09 16:09:37 +00:00
|
|
|
def fav(%User{} = user, ap_id_or_id) do
|
2018-06-03 17:11:22 +00:00
|
|
|
with {:ok, _fav, %{data: %{"id" => id}}} <- CommonAPI.favorite(ap_id_or_id, user),
|
2019-01-21 06:14:20 +00:00
|
|
|
%Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
|
2018-03-30 14:50:30 +00:00
|
|
|
{:ok, activity}
|
2017-09-09 16:09:37 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-09-09 16:30:02 +00:00
|
|
|
def unfav(%User{} = user, ap_id_or_id) do
|
2018-06-03 17:11:22 +00:00
|
|
|
with {:ok, _unfav, _fav, %{data: %{"id" => id}}} <- CommonAPI.unfavorite(ap_id_or_id, user),
|
2019-01-21 06:14:20 +00:00
|
|
|
%Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
|
2018-03-30 14:50:30 +00:00
|
|
|
{:ok, activity}
|
2017-09-09 16:30:02 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-12-05 10:37:06 +00:00
|
|
|
def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do
|
2018-12-06 07:26:17 +00:00
|
|
|
{:ok, object} = ActivityPub.upload(file, actor: User.ap_id(user))
|
2017-03-29 00:05:51 +00:00
|
|
|
|
2017-03-30 14:08:23 +00:00
|
|
|
url = List.first(object.data["url"])
|
2018-11-23 16:40:45 +00:00
|
|
|
href = url["href"]
|
2017-03-30 14:08:23 +00:00
|
|
|
type = url["mediaType"]
|
|
|
|
|
2017-04-14 14:13:34 +00:00
|
|
|
case format do
|
|
|
|
"xml" ->
|
|
|
|
# Fake this as good as possible...
|
|
|
|
"""
|
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<rsp stat="ok" xmlns:atom="http://www.w3.org/2005/Atom">
|
|
|
|
<mediaid>#{object.id}</mediaid>
|
|
|
|
<media_id>#{object.id}</media_id>
|
|
|
|
<media_id_string>#{object.id}</media_id_string>
|
|
|
|
<media_url>#{href}</media_url>
|
|
|
|
<mediaurl>#{href}</mediaurl>
|
|
|
|
<atom:link rel="enclosure" href="#{href}" type="#{type}"></atom:link>
|
|
|
|
</rsp>
|
|
|
|
"""
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-04-14 14:13:34 +00:00
|
|
|
"json" ->
|
|
|
|
%{
|
|
|
|
media_id: object.id,
|
|
|
|
media_id_string: "#{object.id}}",
|
|
|
|
media_url: href,
|
|
|
|
size: 0
|
2018-03-30 13:01:53 +00:00
|
|
|
}
|
|
|
|
|> Jason.encode!()
|
2017-04-14 14:13:34 +00:00
|
|
|
end
|
2017-03-29 00:05:51 +00:00
|
|
|
end
|
|
|
|
|
2017-04-16 08:25:27 +00:00
|
|
|
def register_user(params) do
|
2018-06-12 11:52:54 +00:00
|
|
|
tokenString = params["token"]
|
|
|
|
|
2017-04-16 08:25:27 +00:00
|
|
|
params = %{
|
|
|
|
nickname: params["nickname"],
|
|
|
|
name: params["fullname"],
|
2018-12-02 19:03:53 +00:00
|
|
|
bio: User.parse_bio(params["bio"]),
|
2017-04-16 08:25:27 +00:00
|
|
|
email: params["email"],
|
|
|
|
password: params["password"],
|
2018-12-14 22:31:19 +00:00
|
|
|
password_confirmation: params["confirm"],
|
|
|
|
captcha_solution: params["captcha_solution"],
|
2018-12-20 21:32:37 +00:00
|
|
|
captcha_token: params["captcha_token"],
|
|
|
|
captcha_answer_data: params["captcha_answer_data"]
|
2017-04-16 08:25:27 +00:00
|
|
|
}
|
|
|
|
|
2018-12-14 23:00:00 +00:00
|
|
|
captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
|
|
|
|
# true if captcha is disabled or enabled and valid, false otherwise
|
2018-12-15 19:08:26 +00:00
|
|
|
captcha_ok =
|
|
|
|
if !captcha_enabled do
|
2018-12-20 21:32:37 +00:00
|
|
|
:ok
|
2018-12-15 19:08:26 +00:00
|
|
|
else
|
2018-12-20 21:32:37 +00:00
|
|
|
Pleroma.Captcha.validate(
|
|
|
|
params[:captcha_token],
|
|
|
|
params[:captcha_solution],
|
|
|
|
params[:captcha_answer_data]
|
|
|
|
)
|
2018-12-15 19:08:26 +00:00
|
|
|
end
|
2018-12-14 23:00:00 +00:00
|
|
|
|
2018-12-14 22:31:19 +00:00
|
|
|
# Captcha invalid
|
2018-12-20 21:32:37 +00:00
|
|
|
if captcha_ok != :ok do
|
|
|
|
{:error, error} = captcha_ok
|
2018-12-14 22:31:19 +00:00
|
|
|
# I have no idea how this error handling works
|
2018-12-20 21:32:37 +00:00
|
|
|
{:error, %{error: Jason.encode!(%{captcha: [error]})}}
|
2018-12-14 22:31:19 +00:00
|
|
|
else
|
|
|
|
registrations_open = Pleroma.Config.get([:instance, :registrations_open])
|
2018-11-06 18:34:57 +00:00
|
|
|
|
2018-12-14 22:31:19 +00:00
|
|
|
# no need to query DB if registration is open
|
|
|
|
token =
|
|
|
|
unless registrations_open || is_nil(tokenString) do
|
2018-12-15 19:08:26 +00:00
|
|
|
Repo.get_by(UserInviteToken, %{token: tokenString})
|
|
|
|
end
|
2017-04-16 08:25:27 +00:00
|
|
|
|
2018-12-18 14:30:30 +00:00
|
|
|
cond do
|
|
|
|
registrations_open || (!is_nil(token) && !token.used) ->
|
|
|
|
changeset = User.register_changeset(%User{}, params)
|
|
|
|
|
|
|
|
with {:ok, user} <- User.register(changeset) do
|
|
|
|
!registrations_open && UserInviteToken.mark_as_used(token.token)
|
|
|
|
|
|
|
|
{:ok, user}
|
|
|
|
else
|
|
|
|
{:error, changeset} ->
|
|
|
|
errors =
|
|
|
|
Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
|
|
|
|
|> Jason.encode!()
|
2018-06-12 11:52:54 +00:00
|
|
|
|
2018-12-15 19:08:26 +00:00
|
|
|
{:error, %{error: errors}}
|
2018-12-14 22:31:19 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
!registrations_open && is_nil(token) ->
|
2018-12-15 19:08:26 +00:00
|
|
|
{:error, "Invalid token"}
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2018-12-14 22:31:19 +00:00
|
|
|
!registrations_open && token.used ->
|
2018-12-15 19:08:26 +00:00
|
|
|
{:error, "Expired token"}
|
2018-12-14 22:31:19 +00:00
|
|
|
end
|
2017-04-16 08:25:27 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-12-13 10:17:49 +00:00
|
|
|
def password_reset(nickname_or_email) do
|
|
|
|
with true <- is_binary(nickname_or_email),
|
|
|
|
%User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
|
|
|
|
{:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
|
|
|
|
user
|
2018-12-17 14:28:58 +00:00
|
|
|
|> UserEmail.password_reset_email(token_record.token)
|
|
|
|
|> Mailer.deliver()
|
2018-12-13 10:17:49 +00:00
|
|
|
else
|
|
|
|
false ->
|
|
|
|
{:error, "bad user identifier"}
|
|
|
|
|
|
|
|
%User{local: false} ->
|
|
|
|
{:error, "remote user"}
|
|
|
|
|
|
|
|
nil ->
|
|
|
|
{:error, "unknown user"}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-06-12 15:12:55 +00:00
|
|
|
def get_by_id_or_nickname(id_or_nickname) do
|
|
|
|
if !is_integer(id_or_nickname) && :error == Integer.parse(id_or_nickname) do
|
|
|
|
Repo.get_by(User, nickname: id_or_nickname)
|
|
|
|
else
|
|
|
|
Repo.get(User, id_or_nickname)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-20 07:39:18 +00:00
|
|
|
def get_user(user \\ nil, params) do
|
2017-04-16 13:44:30 +00:00
|
|
|
case params do
|
2017-05-05 10:07:38 +00:00
|
|
|
%{"user_id" => user_id} ->
|
2017-06-12 15:12:55 +00:00
|
|
|
case target = get_by_id_or_nickname(user_id) do
|
2017-04-16 13:44:30 +00:00
|
|
|
nil ->
|
|
|
|
{:error, "No user with such user_id"}
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-04-16 13:44:30 +00:00
|
|
|
_ ->
|
|
|
|
{:ok, target}
|
|
|
|
end
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-05-05 10:07:38 +00:00
|
|
|
%{"screen_name" => nickname} ->
|
2017-04-16 13:44:30 +00:00
|
|
|
case target = Repo.get_by(User, nickname: nickname) do
|
|
|
|
nil ->
|
|
|
|
{:error, "No user with such screen_name"}
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-04-16 13:44:30 +00:00
|
|
|
_ ->
|
|
|
|
{:ok, target}
|
|
|
|
end
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-04-16 13:44:30 +00:00
|
|
|
_ ->
|
|
|
|
if user do
|
|
|
|
{:ok, user}
|
|
|
|
else
|
2017-04-16 14:05:48 +00:00
|
|
|
{:error, "You need to specify screen_name or user_id"}
|
2017-04-16 13:44:30 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-11-19 01:22:07 +00:00
|
|
|
defp parse_int(string, default)
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-09-16 12:33:47 +00:00
|
|
|
defp parse_int(string, default) when is_binary(string) do
|
|
|
|
with {n, _} <- Integer.parse(string) do
|
|
|
|
n
|
|
|
|
else
|
|
|
|
_e -> default
|
|
|
|
end
|
|
|
|
end
|
2018-03-30 13:01:53 +00:00
|
|
|
|
2017-09-16 12:33:47 +00:00
|
|
|
defp parse_int(_, default), do: default
|
|
|
|
|
2018-05-04 20:59:01 +00:00
|
|
|
def search(_user, %{"q" => query} = params) do
|
2017-09-16 12:33:47 +00:00
|
|
|
limit = parse_int(params["rpp"], 20)
|
|
|
|
page = parse_int(params["page"], 1)
|
|
|
|
offset = (page - 1) * limit
|
|
|
|
|
2018-03-30 13:01:53 +00:00
|
|
|
q =
|
|
|
|
from(
|
|
|
|
a in Activity,
|
|
|
|
where: fragment("?->>'type' = 'Create'", a.data),
|
2018-04-07 14:40:03 +00:00
|
|
|
where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
|
2018-03-30 13:01:53 +00:00
|
|
|
where:
|
|
|
|
fragment(
|
|
|
|
"to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",
|
|
|
|
a.data,
|
|
|
|
^query
|
|
|
|
),
|
|
|
|
limit: ^limit,
|
|
|
|
offset: ^offset,
|
|
|
|
# this one isn't indexed so psql won't take the wrong index.
|
|
|
|
order_by: [desc: :inserted_at]
|
|
|
|
)
|
2017-09-16 12:33:47 +00:00
|
|
|
|
2018-05-04 20:59:01 +00:00
|
|
|
_activities = Repo.all(q)
|
2017-09-16 12:33:47 +00:00
|
|
|
end
|
|
|
|
|
2018-04-02 13:28:35 +00:00
|
|
|
# DEPRECATED mostly, context objects are now created at insertion time.
|
2017-04-30 11:53:26 +00:00
|
|
|
def context_to_conversation_id(context) do
|
2017-05-01 14:15:21 +00:00
|
|
|
with %Object{id: id} <- Object.get_cached_by_ap_id(context) do
|
|
|
|
id
|
2018-03-30 13:01:53 +00:00
|
|
|
else
|
|
|
|
_e ->
|
2017-06-20 07:50:22 +00:00
|
|
|
changeset = Object.context_mapping(context)
|
2019-02-09 21:01:08 +00:00
|
|
|
{:ok, object} = Object.insert_or_get(changeset)
|
|
|
|
object.id
|
2017-05-01 14:15:21 +00:00
|
|
|
end
|
2017-04-30 11:53:26 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def conversation_id_to_context(id) do
|
|
|
|
with %Object{data: %{"id" => context}} <- Repo.get(Object, id) do
|
|
|
|
context
|
2018-03-30 13:01:53 +00:00
|
|
|
else
|
|
|
|
_e ->
|
|
|
|
{:error, "No such conversation"}
|
2017-04-30 11:53:26 +00:00
|
|
|
end
|
|
|
|
end
|
2017-05-10 16:44:57 +00:00
|
|
|
|
|
|
|
def get_external_profile(for_user, uri) do
|
2018-03-24 14:09:09 +00:00
|
|
|
with %User{} = user <- User.get_or_fetch(uri) do
|
2017-06-19 21:12:37 +00:00
|
|
|
{:ok, UserView.render("show.json", %{user: user, for: for_user})}
|
2018-03-30 13:01:53 +00:00
|
|
|
else
|
|
|
|
_e ->
|
2017-05-12 16:50:47 +00:00
|
|
|
{:error, "Couldn't find user"}
|
2017-05-10 16:44:57 +00:00
|
|
|
end
|
|
|
|
end
|
2017-03-21 16:53:20 +00:00
|
|
|
end
|