Commit graph

42 commits

Author SHA1 Message Date
037f881187 Fix create processing in direct message disabled 2023-05-23 13:16:20 +01:00
d310f99d6a Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
9db4c2429f Remove FollowBotPolicy 2022-12-09 19:59:27 +00:00
6f83ae27aa extend reject MRF to check if originating instance is blocked 2022-12-09 19:57:29 +00:00
ilja
1f863f0a36 Fix MRF policies to also work with Update
Objects who got updated would just pass through several of the MRF policies, undoing moderation in some situations.
In the relevant cases we now check not only for Create activities, but also Update activities.

I checked which ones checked explicitly on type Create using `grep '"type" => "Create"' lib/pleroma/web/activity_pub/mrf/*`.

The following from that list have not been changed:
* lib/pleroma/web/activity_pub/mrf/follow_bot_policy.ex
    * Not relevant for moderation
* lib/pleroma/web/activity_pub/mrf/keyword_policy.ex
    * Already had a test for Update
* lib/pleroma/web/activity_pub/mrf/object_age_policy.ex
    * In practice only relevant when fetching old objects (e.g. through Like or Announce). These are always wrapped in a Create.
* lib/pleroma/web/activity_pub/mrf/reject_non_public.ex
    * We don't allow changing scope with Update, so not relevant here
2022-12-08 23:22:05 +01:00
ilja
ce517ff4e5 Fix tagpolicy to also work with Update
Objects who got updated would just pass the TagPolicy, undoing the moderation that was set in place for the Actor.
Now we check not only for Create activities, but also Update activities.
2022-12-08 21:53:42 +01:00
5bb95256ee weirdly no, images should not have classes 2022-11-26 21:15:10 +00:00
c379618b34 Add tests, changelog entry 2022-11-26 20:52:49 +00:00
7bbaa8f8e0 automatically trim loading *. prefixes on domain blocks 2022-11-07 22:33:18 +00:00
31ad09010e Fix regex usage in MRF (#254)
fixes #235
fixes #228

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#254
2022-11-06 23:50:32 +00:00
2641dcdd15 Post editing (#202)
Rebased from #103

Co-authored-by: Tusooa Zhu <tusooa@kazv.moe>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#202
2022-09-06 19:24:02 +00:00
85137f591f Add ability to obfuscate domains in MRF transparency 2022-08-27 11:57:57 +01:00
1419eee5df Quote posting (#113)
Reviewed-on: AkkomaGang/akkoma#113
2022-07-25 16:30:06 +00:00
0f132b802d purge chat and shout endpoints 2022-07-21 11:29:28 +01:00
8f140deb8f StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-06-29 20:47:45 +01:00
Ilja
661d0ba481 Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-06-29 20:47:44 +01:00
af1bd3af59 mix format 2022-06-14 17:43:45 +01:00
6e1d9c63da allow %{source} dict in no_empty 2022-06-14 17:41:25 +01:00
Lain Soykaf
2dea4a8c04 StealEmojiPolicyTest: Make mocks explicit. 2021-11-14 11:44:24 +01:00
Haelwenn (lanodan) Monnier
c64eae40a2
ObjectAgePolicy: Fix pattern matching on published 2021-08-10 07:41:06 +02:00
Ilja
4ba0beb60c
Make mrfSimple work with tuples
* Changed SimplePolicy
* I also grepped in test/ for ':mrf_simple' to see what other things could be affected
2021-08-06 07:58:58 +02:00
Alex Gleason
f2134e605b
Merge remote-tracking branch 'pleroma/develop' into cycles-base-url 2021-05-31 16:49:46 -05:00
Alex Gleason
51a9f97e87
Deprecate Pleroma.Web.base_url/0
Use Pleroma.Web.Endpoint.url/0 directly instead. Reduces compiler cycles.
2021-05-31 16:48:03 -05:00
Alex Gleason
926a233cc4
Merge remote-tracking branch 'upstream/develop' into simplepolicy-announce-leak 2021-04-30 14:21:17 -05:00
Alex Gleason
c16c7fdb87
SimplePolicy: filter string Objects 2021-04-30 14:20:54 -05:00
Alex Gleason
3d742c3c1a
SimplePolicy: filter nested objects 2021-04-30 14:20:37 -05:00
16a7ffb1ea Fix function calls due to module name change 2021-03-30 11:10:44 -05:00
bfcdcd4f69 Temp file leaked, oops 2021-03-30 11:10:44 -05:00
03f38ac4eb Prefer FollowBot naming convention vs Followbot 2021-03-30 11:10:44 -05:00
fef4f3772c More tests to validate Followbot is behaving 2021-03-30 11:10:44 -05:00
f73d166785 Only need to validate a follow request is generated for now 2021-03-30 11:10:44 -05:00
Haelwenn (lanodan) Monnier
3bc7d12271
Remove sensitive-property setting #nsfw, create HashtagPolicy 2021-02-27 21:26:17 +01:00
55a13fc360 MRF NoEmptyPolicy: Deny posts from local users if there is no content or only mentions.
Helps prevent accidental button mashes from submitting incomplete posts
2021-02-08 15:32:47 -06:00
e854c35e65 Convert tests to all use clear_config instead of Pleroma.Config.put 2021-01-26 11:58:43 -06:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Alexander Strizhakov
7bfb041658
insreasing test coverage for StealEmojiPolicy 2020-12-27 21:53:30 +03:00
lain
9ba60f70d2 Tests: Make as many tests as possible async.
In general, tests that match these criteria can be made async:

- Doesn't use real Cachex.
- Doesn't write to the Config / Application Environment.
- Uses Mock. Using Mox is fine.
- Uses the streamer.
2020-12-21 12:21:40 +01:00
Mark Felder
3283d0805f Use Jason instead of Poison in tests 2020-11-23 13:28:55 -06:00
Alexander Strizhakov
8d218ebaf5
Moving some background jobs into simple tasks
- fetching activity data
- attachment prefetching
- using limiter to prevent overload
2020-11-11 13:39:49 +03:00
Egor Kislitsyn
3985c1b450
Fix warnings 2020-10-15 16:54:59 +04:00
Alexander Strizhakov
7f5dbb0201
changes after rebase 2020-10-13 16:44:03 +03:00
Alexander Strizhakov
7dffaef479
tests consistency 2020-10-13 16:35:09 +03:00