Merge branch 'develop' into issue/941

This commit is contained in:
Maksim Pechnikov 2019-06-04 09:49:08 +03:00
commit 4f2e359687
45 changed files with 1456 additions and 149 deletions

View file

@ -52,8 +52,7 @@ unit-testing:
- mix deps.get - mix deps.get
- mix ecto.create - mix ecto.create
- mix ecto.migrate - mix ecto.migrate
- mix test --trace --preload-modules - mix coveralls --trace --preload-modules
- mix coveralls
unit-testing-rum: unit-testing-rum:
stage: test stage: test
@ -122,8 +121,7 @@ review_app:
- (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true - (ssh -t dokku@pleroma.online -- postgres:create $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db) || true
- (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true - (ssh -t dokku@pleroma.online -- postgres:link $(echo $CI_ENVIRONMENT_SLUG | sed -e 's/-/_/g')_db "$CI_ENVIRONMENT_SLUG") || true
- (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true - (ssh -t dokku@pleroma.online -- certs:add "$CI_ENVIRONMENT_SLUG" /home/dokku/server.crt /home/dokku/server.key) || true
- (git remote add dokku dokku@pleroma.online:$CI_ENVIRONMENT_SLUG) || true - git push -f dokku@pleroma.online:$CI_ENVIRONMENT_SLUG $CI_COMMIT_SHA:refs/heads/master
- git push -f dokku $CI_COMMIT_SHA:refs/heads/master
stop_review_app: stop_review_app:
image: alpine:3.9 image: alpine:3.9

View file

@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [unreleased] ## [unreleased]
### Added ### Added
- Add a generic settings store for frontends / clients to use.
- Optional SSH access mode. (Needs `erlang-ssh` package on some distributions). - Optional SSH access mode. (Needs `erlang-ssh` package on some distributions).
- [MongooseIM](https://github.com/esl/MongooseIM) http authentication support. - [MongooseIM](https://github.com/esl/MongooseIM) http authentication support.
- LDAP authentication - LDAP authentication
@ -16,7 +17,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mix Tasks: `mix pleroma.database remove_embedded_objects` - Mix Tasks: `mix pleroma.database remove_embedded_objects`
- Mix Tasks: `mix pleroma.database update_users_following_followers_counts` - Mix Tasks: `mix pleroma.database update_users_following_followers_counts`
- Mix Tasks: `mix pleroma.user toggle_confirmed` - Mix Tasks: `mix pleroma.user toggle_confirmed`
- Federation: Support for `Question` and `Answer` objects
- Federation: Support for reports - Federation: Support for reports
- Configuration: `poll_limits` option
- Configuration: `safe_dm_mentions` option - Configuration: `safe_dm_mentions` option
- Configuration: `link_name` option - Configuration: `link_name` option
- Configuration: `fetch_initial_posts` option - Configuration: `fetch_initial_posts` option
@ -37,6 +40,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: `/api/v1/pleroma/accounts/:id/favourites` (API extension) - Mastodon API: `/api/v1/pleroma/accounts/:id/favourites` (API extension)
- Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/)
- Mastodon API: `POST /api/v1/accounts` (account creation API) - Mastodon API: `POST /api/v1/accounts` (account creation API)
- Mastodon API: [Polls](https://docs.joinmastodon.org/api/rest/polls/)
- ActivityPub C2S: OAuth endpoints - ActivityPub C2S: OAuth endpoints
- Metadata: RelMe provider - Metadata: RelMe provider
- OAuth: added support for refresh tokens - OAuth: added support for refresh tokens
@ -45,6 +49,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- OAuth: added job to clean expired access tokens - OAuth: added job to clean expired access tokens
- MRF: Support for rejecting reports from specific instances (`mrf_simple`) - MRF: Support for rejecting reports from specific instances (`mrf_simple`)
- MRF: Support for stripping avatars and banner images from specific instances (`mrf_simple`) - MRF: Support for stripping avatars and banner images from specific instances (`mrf_simple`)
- MRF: Support for running subchains.
- Configuration: `skip_thread_containment` option - Configuration: `skip_thread_containment` option
### Changed ### Changed

View file

@ -208,6 +208,12 @@
avatar_upload_limit: 2_000_000, avatar_upload_limit: 2_000_000,
background_upload_limit: 4_000_000, background_upload_limit: 4_000_000,
banner_upload_limit: 4_000_000, banner_upload_limit: 4_000_000,
poll_limits: %{
max_options: 20,
max_option_chars: 200,
min_expiration: 0,
max_expiration: 365 * 24 * 60 * 60
},
registrations_open: true, registrations_open: true,
federating: true, federating: true,
federation_reachability_timeout_days: 7, federation_reachability_timeout_days: 7,
@ -321,6 +327,8 @@
federated_timeline_removal: [], federated_timeline_removal: [],
replace: [] replace: []
config :pleroma, :mrf_subchain, match_actor: %{}
config :pleroma, :rich_media, enabled: true config :pleroma, :rich_media, enabled: true
config :pleroma, :media_proxy, config :pleroma, :media_proxy,
@ -454,7 +462,11 @@
config :esshd, config :esshd,
enabled: false enabled: false
oauth_consumer_strategies = String.split(System.get_env("OAUTH_CONSUMER_STRATEGIES") || "") oauth_consumer_strategies =
System.get_env("OAUTH_CONSUMER_STRATEGIES")
|> to_string()
|> String.split()
|> Enum.map(&hd(String.split(&1, ":")))
ueberauth_providers = ueberauth_providers =
for strategy <- oauth_consumer_strategies do for strategy <- oauth_consumer_strategies do

View file

@ -43,6 +43,7 @@ Has these additional fields under the `pleroma` object:
- `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated
- `hide_followers`: boolean, true when the user has follower hiding enabled - `hide_followers`: boolean, true when the user has follower hiding enabled
- `hide_follows`: boolean, true when the user has follow hiding enabled - `hide_follows`: boolean, true when the user has follow hiding enabled
- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `verify_credentials` and `update_credentials`
### Source ### Source
@ -80,8 +81,17 @@ Additional parameters can be added to the JSON body/Form data:
- `hide_favorites` - if true, user's favorites timeline will be hidden - `hide_favorites` - if true, user's favorites timeline will be hidden
- `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API - `show_role` - if true, user's role (e.g admin, moderator) will be exposed to anyone in the API
- `default_scope` - the scope returned under `privacy` key in Source subentity - `default_scope` - the scope returned under `privacy` key in Source subentity
- `pleroma_settings_store` - Opaque user settings to be saved on the backend.
- `skip_thread_containment` - if true, skip filtering out broken threads - `skip_thread_containment` - if true, skip filtering out broken threads
### Pleroma Settings Store
Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
The parameter should have a form of `{frontend_name: {...}}`, with `frontend_name` identifying your type of client, e.g. `pleroma_fe`. It will overwrite everything under this property, but will not overwrite other frontend's settings.
This information is returned in the `verify_credentials` endpoint.
>>>>>>> develop
## Authentication ## Authentication
*Pleroma supports refreshing tokens. *Pleroma supports refreshing tokens.

View file

@ -71,6 +71,11 @@ config :pleroma, Pleroma.Emails.Mailer,
* `avatar_upload_limit`: File size limit of users profile avatars * `avatar_upload_limit`: File size limit of users profile avatars
* `background_upload_limit`: File size limit of users profile backgrounds * `background_upload_limit`: File size limit of users profile backgrounds
* `banner_upload_limit`: File size limit of users profile banners * `banner_upload_limit`: File size limit of users profile banners
* `poll_limits`: A map with poll limits for **local** polls
* `max_options`: Maximum number of options
* `max_option_chars`: Maximum number of characters per option
* `min_expiration`: Minimum expiration time (in seconds)
* `max_expiration`: Maximum expiration time (in seconds)
* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false. * `registrations_open`: Enable registrations for anyone, invitations can be enabled when false.
* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`). * `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`).
* `account_activation_required`: Require users to confirm their emails before signing in. * `account_activation_required`: Require users to confirm their emails before signing in.
@ -81,6 +86,7 @@ config :pleroma, Pleroma.Emails.Mailer,
* `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesnt modify activities (default) * `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesnt modify activities (default)
* `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesnt makes sense to use in production * `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesnt makes sense to use in production
* `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section) * `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section)
* `Pleroma.Web.ActivityPub.MRF.SubchainPolicy`: Selectively runs other MRF policies when messages match (see ``:mrf_subchain`` section)
* `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section) * `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section)
* `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:. * `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:.
* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. * `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network.
@ -225,6 +231,21 @@ relates to mascots on the mastodon frontend
* `avatar_removal`: List of instances to strip avatars from * `avatar_removal`: List of instances to strip avatars from
* `banner_removal`: List of instances to strip banners from * `banner_removal`: List of instances to strip banners from
## :mrf_subchain
This policy processes messages through an alternate pipeline when a given message matches certain criteria.
All criteria are configured as a map of regular expressions to lists of policy modules.
* `match_actor`: Matches a series of regular expressions against the actor field.
Example:
```
config :pleroma, :mrf_subchain,
match_actor: %{
~r/https:\/\/example.com/s => [Pleroma.Web.ActivityPub.MRF.DropPolicy]
}
```
## :mrf_rejectnonpublic ## :mrf_rejectnonpublic
* `allow_followersonly`: whether to allow followers-only posts * `allow_followersonly`: whether to allow followers-only posts
* `allow_direct`: whether to allow direct messages * `allow_direct`: whether to allow direct messages
@ -493,7 +514,7 @@ Authentication / authorization settings.
* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. * `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`.
* `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. * `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`.
* `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by OAUTH_CONSUMER_STRATEGIES environment variable. * `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by OAUTH_CONSUMER_STRATEGIES environment variable. Each entry in this space-delimited string should be of format `<strategy>` or `<strategy>:<dependency>` (e.g. `twitter` or `keycloak:ueberauth_keycloak_strategy` in case dependency is named differently than `ueberauth_<strategy>`).
## OAuth consumer mode ## OAuth consumer mode

View file

@ -49,7 +49,7 @@ def create_or_bump_for(activity, opts \\ []) do
with true <- Pleroma.Web.ActivityPub.Visibility.is_direct?(activity), with true <- Pleroma.Web.ActivityPub.Visibility.is_direct?(activity),
"Create" <- activity.data["type"], "Create" <- activity.data["type"],
object <- Pleroma.Object.normalize(activity), object <- Pleroma.Object.normalize(activity),
"Note" <- object.data["type"], true <- object.data["type"] in ["Note", "Question"],
ap_id when is_binary(ap_id) and byte_size(ap_id) > 0 <- object.data["context"] do ap_id when is_binary(ap_id) and byte_size(ap_id) > 0 <- object.data["context"] do
{:ok, conversation} = create_for_ap_id(ap_id) {:ok, conversation} = create_for_ap_id(ap_id)

View file

@ -127,10 +127,15 @@ def dismiss(%{id: user_id} = _user, id) do
def create_notifications(%Activity{data: %{"to" => _, "type" => type}} = activity) def create_notifications(%Activity{data: %{"to" => _, "type" => type}} = activity)
when type in ["Create", "Like", "Announce", "Follow"] do when type in ["Create", "Like", "Announce", "Follow"] do
users = get_notified_from_activity(activity) object = Object.normalize(activity)
unless object && object.data["type"] == "Answer" do
users = get_notified_from_activity(activity)
notifications = Enum.map(users, fn user -> create_notification(activity, user) end) notifications = Enum.map(users, fn user -> create_notification(activity, user) end)
{:ok, notifications} {:ok, notifications}
else
{:ok, []}
end
end end
def create_notifications(_), do: {:ok, []} def create_notifications(_), do: {:ok, []}
@ -166,7 +171,16 @@ def get_notified_from_activity(
def get_notified_from_activity(_, _local_only), do: [] def get_notified_from_activity(_, _local_only), do: []
def skip?(activity, user) do def skip?(activity, user) do
[:self, :blocked, :local, :muted, :followers, :follows, :recently_followed] [
:self,
:blocked,
:muted,
:followers,
:follows,
:non_followers,
:non_follows,
:recently_followed
]
|> Enum.any?(&skip?(&1, activity, user)) |> Enum.any?(&skip?(&1, activity, user))
end end
@ -179,12 +193,6 @@ def skip?(:blocked, activity, user) do
User.blocks?(user, %{ap_id: actor}) User.blocks?(user, %{ap_id: actor})
end end
def skip?(:local, %{local: true}, %{info: %{notification_settings: %{"local" => false}}}),
do: true
def skip?(:local, %{local: false}, %{info: %{notification_settings: %{"remote" => false}}}),
do: true
def skip?(:muted, activity, user) do def skip?(:muted, activity, user) do
actor = activity.data["actor"] actor = activity.data["actor"]
@ -201,12 +209,32 @@ def skip?(
User.following?(follower, user) User.following?(follower, user)
end end
def skip?(
:non_followers,
activity,
%{info: %{notification_settings: %{"non_followers" => false}}} = user
) do
actor = activity.data["actor"]
follower = User.get_cached_by_ap_id(actor)
!User.following?(follower, user)
end
def skip?(:follows, activity, %{info: %{notification_settings: %{"follows" => false}}} = user) do def skip?(:follows, activity, %{info: %{notification_settings: %{"follows" => false}}} = user) do
actor = activity.data["actor"] actor = activity.data["actor"]
followed = User.get_cached_by_ap_id(actor) followed = User.get_cached_by_ap_id(actor)
User.following?(user, followed) User.following?(user, followed)
end end
def skip?(
:non_follows,
activity,
%{info: %{notification_settings: %{"non_follows" => false}}} = user
) do
actor = activity.data["actor"]
followed = User.get_cached_by_ap_id(actor)
!User.following?(user, followed)
end
def skip?(:recently_followed, %{data: %{"type" => "Follow"}} = activity, user) do def skip?(:recently_followed, %{data: %{"type" => "Follow"}} = activity, user) do
actor = activity.data["actor"] actor = activity.data["actor"]

View file

@ -35,6 +35,9 @@ def change(struct, params \\ %{}) do
|> unique_constraint(:ap_id, name: :objects_unique_apid_index) |> unique_constraint(:ap_id, name: :objects_unique_apid_index)
end end
def get_by_id(nil), do: nil
def get_by_id(id), do: Repo.get(Object, id)
def get_by_ap_id(nil), do: nil def get_by_ap_id(nil), do: nil
def get_by_ap_id(ap_id) do def get_by_ap_id(ap_id) do
@ -195,4 +198,34 @@ def decrease_replies_count(ap_id) do
_ -> {:error, "Not found"} _ -> {:error, "Not found"}
end end
end end
def increase_vote_count(ap_id, name) do
with %Object{} = object <- Object.normalize(ap_id),
"Question" <- object.data["type"] do
multiple = Map.has_key?(object.data, "anyOf")
options =
(object.data["anyOf"] || object.data["oneOf"] || [])
|> Enum.map(fn
%{"name" => ^name} = option ->
Kernel.update_in(option["replies"]["totalItems"], &(&1 + 1))
option ->
option
end)
data =
if multiple do
Map.put(object.data, "anyOf", options)
else
Map.put(object.data, "oneOf", options)
end
object
|> Object.change(%{data: data})
|> update_and_set_cache()
else
_ -> :noop
end
end
end end

View file

@ -61,8 +61,6 @@ defmodule Pleroma.ReverseProxy do
* `http`: options for [hackney](https://github.com/benoitc/hackney). * `http`: options for [hackney](https://github.com/benoitc/hackney).
""" """
@hackney Pleroma.Config.get(:hackney, :hackney)
@default_hackney_options [] @default_hackney_options []
@inline_content_types [ @inline_content_types [
@ -148,7 +146,7 @@ defp request(method, url, headers, hackney_opts) do
Logger.debug("#{__MODULE__} #{method} #{url} #{inspect(headers)}") Logger.debug("#{__MODULE__} #{method} #{url} #{inspect(headers)}")
method = method |> String.downcase() |> String.to_existing_atom() method = method |> String.downcase() |> String.to_existing_atom()
case @hackney.request(method, url, headers, "", hackney_opts) do case :hackney.request(method, url, headers, "", hackney_opts) do
{:ok, code, headers, client} when code in @valid_resp_codes -> {:ok, code, headers, client} when code in @valid_resp_codes ->
{:ok, code, downcase_headers(headers), client} {:ok, code, downcase_headers(headers), client}
@ -198,7 +196,7 @@ defp chunk_reply(conn, client, opts, sent_so_far, duration) do
duration, duration,
Keyword.get(opts, :max_read_duration, @max_read_duration) Keyword.get(opts, :max_read_duration, @max_read_duration)
), ),
{:ok, data} <- @hackney.stream_body(client), {:ok, data} <- :hackney.stream_body(client),
{:ok, duration} <- increase_read_duration(duration), {:ok, duration} <- increase_read_duration(duration),
sent_so_far = sent_so_far + byte_size(data), sent_so_far = sent_so_far + byte_size(data),
:ok <- body_size_constraint(sent_so_far, Keyword.get(opts, :max_body_size)), :ok <- body_size_constraint(sent_so_far, Keyword.get(opts, :max_body_size)),

View file

@ -44,9 +44,15 @@ defmodule Pleroma.User.Info do
field(:pinned_activities, {:array, :string}, default: []) field(:pinned_activities, {:array, :string}, default: [])
field(:mascot, :map, default: nil) field(:mascot, :map, default: nil)
field(:emoji, {:array, :map}, default: []) field(:emoji, {:array, :map}, default: [])
field(:pleroma_settings_store, :map, default: %{})
field(:notification_settings, :map, field(:notification_settings, :map,
default: %{"remote" => true, "local" => true, "followers" => true, "follows" => true} default: %{
"followers" => true,
"follows" => true,
"non_follows" => true,
"non_followers" => true
}
) )
field(:skip_thread_containment, :boolean, default: false) field(:skip_thread_containment, :boolean, default: false)
@ -69,10 +75,15 @@ def set_activation_status(info, deactivated) do
end end
def update_notification_settings(info, settings) do def update_notification_settings(info, settings) do
settings =
settings
|> Enum.map(fn {k, v} -> {k, v in [true, "true", "True", "1"]} end)
|> Map.new()
notification_settings = notification_settings =
info.notification_settings info.notification_settings
|> Map.merge(settings) |> Map.merge(settings)
|> Map.take(["remote", "local", "followers", "follows"]) |> Map.take(["followers", "follows", "non_follows", "non_followers"])
params = %{notification_settings: notification_settings} params = %{notification_settings: notification_settings}
@ -211,7 +222,8 @@ def profile_update(info, params) do
:hide_favorites, :hide_favorites,
:background, :background,
:show_role, :show_role,
:skip_thread_containment :skip_thread_containment,
:pleroma_settings_store
]) ])
end end

View file

@ -109,6 +109,15 @@ def decrease_replies_count_if_reply(%Object{
def decrease_replies_count_if_reply(_object), do: :noop def decrease_replies_count_if_reply(_object), do: :noop
def increase_poll_votes_if_vote(%{
"object" => %{"inReplyTo" => reply_ap_id, "name" => name},
"type" => "Create"
}) do
Object.increase_vote_count(reply_ap_id, name)
end
def increase_poll_votes_if_vote(_create_data), do: :noop
def insert(map, local \\ true, fake \\ false) when is_map(map) do def insert(map, local \\ true, fake \\ false) when is_map(map) do
with nil <- Activity.normalize(map), with nil <- Activity.normalize(map),
map <- lazy_put_activity_defaults(map, fake), map <- lazy_put_activity_defaults(map, fake),
@ -184,6 +193,9 @@ def stream_out(activity) do
public = "https://www.w3.org/ns/activitystreams#Public" public = "https://www.w3.org/ns/activitystreams#Public"
if activity.data["type"] in ["Create", "Announce", "Delete"] do if activity.data["type"] in ["Create", "Announce", "Delete"] do
object = Object.normalize(activity)
# Do not stream out poll replies
unless object.data["type"] == "Answer" do
Pleroma.Web.Streamer.stream("user", activity) Pleroma.Web.Streamer.stream("user", activity)
Pleroma.Web.Streamer.stream("list", activity) Pleroma.Web.Streamer.stream("list", activity)
@ -195,8 +207,6 @@ def stream_out(activity) do
end end
if activity.data["type"] in ["Create"] do if activity.data["type"] in ["Create"] do
object = Object.normalize(activity)
object.data object.data
|> Map.get("tag", []) |> Map.get("tag", [])
|> Enum.filter(fn tag -> is_bitstring(tag) end) |> Enum.filter(fn tag -> is_bitstring(tag) end)
@ -221,6 +231,7 @@ def stream_out(activity) do
end end
end end
end end
end
def create(%{to: to, actor: actor, context: context, object: object} = params, fake \\ false) do def create(%{to: to, actor: actor, context: context, object: object} = params, fake \\ false) do
additional = params[:additional] || %{} additional = params[:additional] || %{}
@ -236,6 +247,7 @@ def create(%{to: to, actor: actor, context: context, object: object} = params, f
{:ok, activity} <- insert(create_data, local, fake), {:ok, activity} <- insert(create_data, local, fake),
{:fake, false, activity} <- {:fake, fake, activity}, {:fake, false, activity} <- {:fake, fake, activity},
_ <- increase_replies_count_if_reply(create_data), _ <- increase_replies_count_if_reply(create_data),
_ <- increase_poll_votes_if_vote(create_data),
# Changing note count prior to enqueuing federation task in order to avoid # Changing note count prior to enqueuing federation task in order to avoid
# race conditions on updating user.info # race conditions on updating user.info
{:ok, _actor} <- increase_note_count_if_public(actor, activity), {:ok, _actor} <- increase_note_count_if_public(actor, activity),
@ -477,6 +489,7 @@ defp fetch_activities_for_context_query(context, opts) do
if opts["user"], do: [opts["user"].ap_id | opts["user"].following] ++ public, else: public if opts["user"], do: [opts["user"].ap_id | opts["user"].following] ++ public, else: public
from(activity in Activity) from(activity in Activity)
|> maybe_preload_objects(opts)
|> restrict_blocked(opts) |> restrict_blocked(opts)
|> restrict_recipients(recipients, opts["user"]) |> restrict_recipients(recipients, opts["user"])
|> where( |> where(
@ -489,6 +502,7 @@ defp fetch_activities_for_context_query(context, opts) do
^context ^context
) )
) )
|> exclude_poll_votes(opts)
|> order_by([activity], desc: activity.id) |> order_by([activity], desc: activity.id)
end end
@ -496,7 +510,6 @@ defp fetch_activities_for_context_query(context, opts) do
def fetch_activities_for_context(context, opts \\ %{}) do def fetch_activities_for_context(context, opts \\ %{}) do
context context
|> fetch_activities_for_context_query(opts) |> fetch_activities_for_context_query(opts)
|> Activity.with_preloaded_object()
|> Repo.all() |> Repo.all()
end end
@ -504,7 +517,7 @@ def fetch_activities_for_context(context, opts \\ %{}) do
Pleroma.FlakeId.t() | nil Pleroma.FlakeId.t() | nil
def fetch_latest_activity_id_for_context(context, opts \\ %{}) do def fetch_latest_activity_id_for_context(context, opts \\ %{}) do
context context
|> fetch_activities_for_context_query(opts) |> fetch_activities_for_context_query(Map.merge(%{"skip_preload" => true}, opts))
|> limit(1) |> limit(1)
|> select([a], a.id) |> select([a], a.id)
|> Repo.one() |> Repo.one()
@ -803,6 +816,18 @@ defp restrict_muted_reblogs(query, %{"muting_user" => %User{info: info}}) do
defp restrict_muted_reblogs(query, _), do: query defp restrict_muted_reblogs(query, _), do: query
defp exclude_poll_votes(query, %{"include_poll_votes" => "true"}), do: query
defp exclude_poll_votes(query, _) do
if has_named_binding?(query, :object) do
from([activity, object: o] in query,
where: fragment("not(?->>'type' = ?)", o.data, "Answer")
)
else
query
end
end
defp maybe_preload_objects(query, %{"skip_preload" => true}), do: query defp maybe_preload_objects(query, %{"skip_preload" => true}), do: query
defp maybe_preload_objects(query, _) do defp maybe_preload_objects(query, _) do
@ -864,6 +889,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do
|> restrict_pinned(opts) |> restrict_pinned(opts)
|> restrict_muted_reblogs(opts) |> restrict_muted_reblogs(opts)
|> Activity.restrict_deactivated_users() |> Activity.restrict_deactivated_users()
|> exclude_poll_votes(opts)
end end
def fetch_activities(recipients, opts \\ %{}) do def fetch_activities(recipients, opts \\ %{}) do

View file

@ -5,8 +5,8 @@
defmodule Pleroma.Web.ActivityPub.MRF do defmodule Pleroma.Web.ActivityPub.MRF do
@callback filter(Map.t()) :: {:ok | :reject, Map.t()} @callback filter(Map.t()) :: {:ok | :reject, Map.t()}
def filter(object) do def filter(policies, %{} = object) do
get_policies() policies
|> Enum.reduce({:ok, object}, fn |> Enum.reduce({:ok, object}, fn
policy, {:ok, object} -> policy, {:ok, object} ->
policy.filter(object) policy.filter(object)
@ -16,6 +16,8 @@ def filter(object) do
end) end)
end end
def filter(%{} = object), do: get_policies() |> filter(object)
def get_policies do def get_policies do
Pleroma.Config.get([:instance, :rewrite_policy], []) |> get_policies() Pleroma.Config.get([:instance, :rewrite_policy], []) |> get_policies()
end end

View file

@ -0,0 +1,40 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.SubchainPolicy do
alias Pleroma.Config
alias Pleroma.Web.ActivityPub.MRF
require Logger
@behaviour MRF
defp lookup_subchain(actor) do
with matches <- Config.get([:mrf_subchain, :match_actor]),
{match, subchain} <- Enum.find(matches, fn {k, _v} -> String.match?(actor, k) end) do
{:ok, match, subchain}
else
_e -> {:error, :notfound}
end
end
@impl true
def filter(%{"actor" => actor} = message) do
with {:ok, match, subchain} <- lookup_subchain(actor) do
Logger.debug(
"[SubchainPolicy] Matched #{actor} against #{inspect(match)} with subchain #{
inspect(subchain)
}"
)
subchain
|> MRF.filter(message)
else
_e -> {:ok, message}
end
end
@impl true
def filter(message), do: {:ok, message}
end

View file

@ -35,6 +35,7 @@ def fix_object(object) do
|> fix_likes |> fix_likes
|> fix_addressing |> fix_addressing
|> fix_summary |> fix_summary
|> fix_type
end end
def fix_summary(%{"summary" => nil} = object) do def fix_summary(%{"summary" => nil} = object) do
@ -335,6 +336,18 @@ def fix_content_map(%{"contentMap" => content_map} = object) do
def fix_content_map(object), do: object def fix_content_map(object), do: object
def fix_type(%{"inReplyTo" => reply_id} = object) when is_binary(reply_id) do
reply = Object.normalize(reply_id)
if reply.data["type"] == "Question" and object["name"] do
Map.put(object, "type", "Answer")
else
object
end
end
def fix_type(object), do: object
defp mastodon_follow_hack(%{"id" => id, "actor" => follower_id}, followed) do defp mastodon_follow_hack(%{"id" => id, "actor" => follower_id}, followed) do
with true <- id =~ "follows", with true <- id =~ "follows",
%User{local: true} = follower <- User.get_cached_by_ap_id(follower_id), %User{local: true} = follower <- User.get_cached_by_ap_id(follower_id),
@ -405,7 +418,7 @@ def handle_incoming(%{"id" => id}) when not (is_binary(id) and length(id) > 8),
# - tags # - tags
# - emoji # - emoji
def handle_incoming(%{"type" => "Create", "object" => %{"type" => objtype} = object} = data) def handle_incoming(%{"type" => "Create", "object" => %{"type" => objtype} = object} = data)
when objtype in ["Article", "Note", "Video", "Page"] do when objtype in ["Article", "Note", "Video", "Page", "Question", "Answer"] do
actor = Containment.get_actor(data) actor = Containment.get_actor(data)
data = data =
@ -738,6 +751,7 @@ def prepare_object(object) do
|> set_reply_to_uri |> set_reply_to_uri
|> strip_internal_fields |> strip_internal_fields
|> strip_internal_tags |> strip_internal_tags
|> set_type
end end
# @doc # @doc
@ -902,6 +916,12 @@ def set_sensitive(object) do
Map.put(object, "sensitive", "nsfw" in tags) Map.put(object, "sensitive", "nsfw" in tags)
end end
def set_type(%{"type" => "Answer"} = object) do
Map.put(object, "type", "Note")
end
def set_type(object), do: object
def add_attributed_to(object) do def add_attributed_to(object) do
attributed_to = object["attributedTo"] || object["actor"] attributed_to = object["attributedTo"] || object["actor"]

View file

@ -19,7 +19,7 @@ defmodule Pleroma.Web.ActivityPub.Utils do
require Logger require Logger
@supported_object_types ["Article", "Note", "Video", "Page"] @supported_object_types ["Article", "Note", "Video", "Page", "Question", "Answer"]
@supported_report_states ~w(open closed resolved) @supported_report_states ~w(open closed resolved)
@valid_visibilities ~w(public unlisted private direct) @valid_visibilities ~w(public unlisted private direct)
@ -789,4 +789,21 @@ defp get_updated_targets(
[to, cc, recipients] [to, cc, recipients]
end end
end end
def get_existing_votes(actor, %{data: %{"id" => id}}) do
query =
from(
[activity, object: object] in Activity.with_preloaded_object(Activity),
where: fragment("(?)->>'actor' = ?", activity.data, ^actor),
where:
fragment(
"(?)->'inReplyTo' = ?",
object.data,
^to_string(id)
),
where: fragment("(?)->>'type' = 'Answer'", object.data)
)
Repo.all(query)
end
end end

View file

@ -119,6 +119,53 @@ def unfavorite(id_or_ap_id, user) do
end end
end end
def vote(user, object, choices) do
with "Question" <- object.data["type"],
{:author, false} <- {:author, object.data["actor"] == user.ap_id},
{:existing_votes, []} <- {:existing_votes, Utils.get_existing_votes(user.ap_id, object)},
{options, max_count} <- get_options_and_max_count(object),
option_count <- Enum.count(options),
{:choice_check, {choices, true}} <-
{:choice_check, normalize_and_validate_choice_indices(choices, option_count)},
{:count_check, true} <- {:count_check, Enum.count(choices) <= max_count} do
answer_activities =
Enum.map(choices, fn index ->
answer_data = make_answer_data(user, object, Enum.at(options, index)["name"])
ActivityPub.create(%{
to: answer_data["to"],
actor: user,
context: object.data["context"],
object: answer_data,
additional: %{"cc" => answer_data["cc"]}
})
end)
object = Object.get_cached_by_ap_id(object.data["id"])
{:ok, answer_activities, object}
else
{:author, _} -> {:error, "Poll's author can't vote"}
{:existing_votes, _} -> {:error, "Already voted"}
{:choice_check, {_, false}} -> {:error, "Invalid indices"}
{:count_check, false} -> {:error, "Too many choices"}
end
end
defp get_options_and_max_count(object) do
if Map.has_key?(object.data, "anyOf") do
{object.data["anyOf"], Enum.count(object.data["anyOf"])}
else
{object.data["oneOf"], 1}
end
end
defp normalize_and_validate_choice_indices(choices, count) do
Enum.map_reduce(choices, true, fn index, valid ->
index = if is_binary(index), do: String.to_integer(index), else: index
{index, if(valid, do: index < count, else: valid)}
end)
end
def get_visibility(%{"visibility" => visibility}, in_reply_to) def get_visibility(%{"visibility" => visibility}, in_reply_to)
when visibility in ~w{public unlisted private direct}, when visibility in ~w{public unlisted private direct},
do: {visibility, get_replied_to_visibility(in_reply_to)} do: {visibility, get_replied_to_visibility(in_reply_to)}
@ -154,6 +201,7 @@ def post(user, %{"status" => status} = data) do
data, data,
visibility visibility
), ),
{poll, poll_emoji} <- make_poll_data(data),
{to, cc} <- to_for_user_and_mentions(user, mentions, in_reply_to, visibility), {to, cc} <- to_for_user_and_mentions(user, mentions, in_reply_to, visibility),
context <- make_context(in_reply_to), context <- make_context(in_reply_to),
cw <- data["spoiler_text"] || "", cw <- data["spoiler_text"] || "",
@ -171,13 +219,14 @@ def post(user, %{"status" => status} = data) do
tags, tags,
cw, cw,
cc, cc,
sensitive sensitive,
poll
), ),
object <- object <-
Map.put( Map.put(
object, object,
"emoji", "emoji",
Formatter.get_emoji_map(full_payload) Map.merge(Formatter.get_emoji_map(full_payload), poll_emoji)
) do ) do
res = res =
ActivityPub.create( ActivityPub.create(

View file

@ -102,6 +102,72 @@ def to_for_user_and_mentions(_user, mentions, inReplyTo, "direct") do
end end
end end
def make_poll_data(%{"poll" => %{"options" => options, "expires_in" => expires_in}} = data)
when is_list(options) do
%{max_expiration: max_expiration, min_expiration: min_expiration} =
limits = Pleroma.Config.get([:instance, :poll_limits])
# XXX: There is probably a cleaner way of doing this
try do
# In some cases mastofe sends out strings instead of integers
expires_in = if is_binary(expires_in), do: String.to_integer(expires_in), else: expires_in
if Enum.count(options) > limits.max_options do
raise ArgumentError, message: "Poll can't contain more than #{limits.max_options} options"
end
{poll, emoji} =
Enum.map_reduce(options, %{}, fn option, emoji ->
if String.length(option) > limits.max_option_chars do
raise ArgumentError,
message:
"Poll options cannot be longer than #{limits.max_option_chars} characters each"
end
{%{
"name" => option,
"type" => "Note",
"replies" => %{"type" => "Collection", "totalItems" => 0}
}, Map.merge(emoji, Formatter.get_emoji_map(option))}
end)
case expires_in do
expires_in when expires_in > max_expiration ->
raise ArgumentError, message: "Expiration date is too far in the future"
expires_in when expires_in < min_expiration ->
raise ArgumentError, message: "Expiration date is too soon"
_ ->
:noop
end
end_time =
NaiveDateTime.utc_now()
|> NaiveDateTime.add(expires_in)
|> NaiveDateTime.to_iso8601()
poll =
if Pleroma.Web.ControllerHelper.truthy_param?(data["poll"]["multiple"]) do
%{"type" => "Question", "anyOf" => poll, "closed" => end_time}
else
%{"type" => "Question", "oneOf" => poll, "closed" => end_time}
end
{poll, emoji}
rescue
e in ArgumentError -> e.message
end
end
def make_poll_data(%{"poll" => poll}) when is_map(poll) do
"Invalid poll"
end
def make_poll_data(_data) do
{%{}, %{}}
end
def make_content_html( def make_content_html(
status, status,
attachments, attachments,
@ -224,7 +290,8 @@ def make_note_data(
tags, tags,
cw \\ nil, cw \\ nil,
cc \\ [], cc \\ [],
sensitive \\ false sensitive \\ false,
merge \\ %{}
) do ) do
object = %{ object = %{
"type" => "Note", "type" => "Note",
@ -239,12 +306,15 @@ def make_note_data(
"tag" => tags |> Enum.map(fn {_, tag} -> tag end) |> Enum.uniq() "tag" => tags |> Enum.map(fn {_, tag} -> tag end) |> Enum.uniq()
} }
object =
with false <- is_nil(in_reply_to), with false <- is_nil(in_reply_to),
%Object{} = in_reply_to_object <- Object.normalize(in_reply_to) do %Object{} = in_reply_to_object <- Object.normalize(in_reply_to) do
Map.put(object, "inReplyTo", in_reply_to_object.data["id"]) Map.put(object, "inReplyTo", in_reply_to_object.data["id"])
else else
_ -> object _ -> object
end end
Map.merge(object, merge)
end end
def format_naive_asctime(date) do def format_naive_asctime(date) do
@ -421,4 +491,15 @@ def conversation_id_to_context(id) do
{:error, "No such conversation"} {:error, "No such conversation"}
end end
end end
def make_answer_data(%User{ap_id: ap_id}, object, name) do
%{
"type" => "Answer",
"actor" => ap_id,
"cc" => [object.data["actor"]],
"to" => [],
"name" => name,
"inReplyTo" => object.data["id"]
}
end
end end

View file

@ -132,6 +132,9 @@ def update_credentials(%{assigns: %{user: user}} = conn, params) do
end) end)
end) end)
|> add_if_present(params, "default_scope", :default_scope) |> add_if_present(params, "default_scope", :default_scope)
|> add_if_present(params, "pleroma_settings_store", :pleroma_settings_store, fn value ->
{:ok, Map.merge(user.info.pleroma_settings_store, value)}
end)
|> add_if_present(params, "header", :banner, fn value -> |> add_if_present(params, "header", :banner, fn value ->
with %Plug.Upload{} <- value, with %Plug.Upload{} <- value,
{:ok, object} <- ActivityPub.upload(value, type: :banner) do {:ok, object} <- ActivityPub.upload(value, type: :banner) do
@ -151,7 +154,10 @@ def update_credentials(%{assigns: %{user: user}} = conn, params) do
CommonAPI.update(user) CommonAPI.update(user)
end end
json(conn, AccountView.render("account.json", %{user: user, for: user})) json(
conn,
AccountView.render("account.json", %{user: user, for: user, with_pleroma_settings: true})
)
else else
_e -> _e ->
conn conn
@ -161,7 +167,9 @@ def update_credentials(%{assigns: %{user: user}} = conn, params) do
end end
def verify_credentials(%{assigns: %{user: user}} = conn, _) do def verify_credentials(%{assigns: %{user: user}} = conn, _) do
account = AccountView.render("account.json", %{user: user, for: user}) account =
AccountView.render("account.json", %{user: user, for: user, with_pleroma_settings: true})
json(conn, account) json(conn, account)
end end
@ -205,7 +213,8 @@ def masto_instance(conn, _params) do
languages: ["en"], languages: ["en"],
registrations: Pleroma.Config.get([:instance, :registrations_open]), registrations: Pleroma.Config.get([:instance, :registrations_open]),
# Extra (not present in Mastodon): # Extra (not present in Mastodon):
max_toot_chars: Keyword.get(instance, :limit) max_toot_chars: Keyword.get(instance, :limit),
poll_limits: Keyword.get(instance, :poll_limits)
} }
json(conn, response) json(conn, response)
@ -417,6 +426,53 @@ def get_context(%{assigns: %{user: user}} = conn, %{"id" => id}) do
end end
end end
def get_poll(%{assigns: %{user: user}} = conn, %{"id" => id}) do
with %Object{} = object <- Object.get_by_id(id),
%Activity{} = activity <- Activity.get_create_by_object_ap_id(object.data["id"]),
true <- Visibility.visible_for_user?(activity, user) do
conn
|> put_view(StatusView)
|> try_render("poll.json", %{object: object, for: user})
else
nil ->
conn
|> put_status(404)
|> json(%{error: "Record not found"})
false ->
conn
|> put_status(404)
|> json(%{error: "Record not found"})
end
end
def poll_vote(%{assigns: %{user: user}} = conn, %{"id" => id, "choices" => choices}) do
with %Object{} = object <- Object.get_by_id(id),
true <- object.data["type"] == "Question",
%Activity{} = activity <- Activity.get_create_by_object_ap_id(object.data["id"]),
true <- Visibility.visible_for_user?(activity, user),
{:ok, _activities, object} <- CommonAPI.vote(user, object, choices) do
conn
|> put_view(StatusView)
|> try_render("poll.json", %{object: object, for: user})
else
nil ->
conn
|> put_status(404)
|> json(%{error: "Record not found"})
false ->
conn
|> put_status(404)
|> json(%{error: "Record not found"})
{:error, message} ->
conn
|> put_status(422)
|> json(%{error: message})
end
end
def scheduled_statuses(%{assigns: %{user: user}} = conn, params) do def scheduled_statuses(%{assigns: %{user: user}} = conn, params) do
with scheduled_activities <- MastodonAPI.get_scheduled_activities(user, params) do with scheduled_activities <- MastodonAPI.get_scheduled_activities(user, params) do
conn conn
@ -480,12 +536,6 @@ def post_status(%{assigns: %{user: user}} = conn, %{"status" => _} = params) do
params params
|> Map.put("in_reply_to_status_id", params["in_reply_to_id"]) |> Map.put("in_reply_to_status_id", params["in_reply_to_id"])
idempotency_key =
case get_req_header(conn, "idempotency-key") do
[key] -> key
_ -> Ecto.UUID.generate()
end
scheduled_at = params["scheduled_at"] scheduled_at = params["scheduled_at"]
if scheduled_at && ScheduledActivity.far_enough?(scheduled_at) do if scheduled_at && ScheduledActivity.far_enough?(scheduled_at) do
@ -498,16 +548,39 @@ def post_status(%{assigns: %{user: user}} = conn, %{"status" => _} = params) do
else else
params = Map.drop(params, ["scheduled_at"]) params = Map.drop(params, ["scheduled_at"])
{:ok, activity} = case get_cached_status_or_post(conn, params) do
Cachex.fetch!(:idempotency_cache, idempotency_key, fn _ -> {:ignore, message} ->
CommonAPI.post(user, params) conn
end) |> put_status(422)
|> json(%{error: message})
{:error, message} ->
conn
|> put_status(422)
|> json(%{error: message})
{_, activity} ->
conn conn
|> put_view(StatusView) |> put_view(StatusView)
|> try_render("status.json", %{activity: activity, for: user, as: :activity}) |> try_render("status.json", %{activity: activity, for: user, as: :activity})
end end
end end
end
defp get_cached_status_or_post(%{assigns: %{user: user}} = conn, params) do
idempotency_key =
case get_req_header(conn, "idempotency-key") do
[key] -> key
_ -> Ecto.UUID.generate()
end
Cachex.fetch(:idempotency_cache, idempotency_key, fn _ ->
case CommonAPI.post(user, params) do
{:ok, activity} -> activity
{:error, message} -> {:ignore, message}
end
end)
end
def delete_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do def delete_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do
with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do
@ -1372,6 +1445,7 @@ def index(%{assigns: %{user: user}} = conn, _params) do
max_toot_chars: limit, max_toot_chars: limit,
mascot: User.get_mascot(user)["url"] mascot: User.get_mascot(user)["url"]
}, },
poll_limits: Config.get([:instance, :poll_limits]),
rights: %{ rights: %{
delete_others_notice: present?(user.info.is_moderator), delete_others_notice: present?(user.info.is_moderator),
admin: present?(user.info.is_admin) admin: present?(user.info.is_admin)

View file

@ -131,6 +131,7 @@ defp do_render("account.json", %{user: user} = opts) do
|> maybe_put_role(user, opts[:for]) |> maybe_put_role(user, opts[:for])
|> maybe_put_settings(user, opts[:for], user_info) |> maybe_put_settings(user, opts[:for], user_info)
|> maybe_put_notification_settings(user, opts[:for]) |> maybe_put_notification_settings(user, opts[:for])
|> maybe_put_settings_store(user, opts[:for], opts)
end end
defp username_from_nickname(string) when is_binary(string) do defp username_from_nickname(string) when is_binary(string) do
@ -153,6 +154,15 @@ defp maybe_put_settings(
defp maybe_put_settings(data, _, _, _), do: data defp maybe_put_settings(data, _, _, _), do: data
defp maybe_put_settings_store(data, %User{info: info, id: id}, %User{id: id}, %{
with_pleroma_settings: true
}) do
data
|> Kernel.put_in([:pleroma, :settings_store], info.pleroma_settings_store)
end
defp maybe_put_settings_store(data, _, _, _), do: data
defp maybe_put_role(data, %User{info: %{show_role: true}} = user, _) do defp maybe_put_role(data, %User{info: %{show_role: true}} = user, _) do
data data
|> Kernel.put_in([:pleroma, :is_admin], user.info.is_admin) |> Kernel.put_in([:pleroma, :is_admin], user.info.is_admin)

View file

@ -22,9 +22,14 @@ def render("participation.json", %{participation: participation, user: user}) do
last_status = StatusView.render("status.json", %{activity: activity, for: user}) last_status = StatusView.render("status.json", %{activity: activity, for: user})
# Conversations return all users except the current user.
users =
participation.conversation.users
|> Enum.reject(&(&1.id == user.id))
accounts = accounts =
AccountView.render("accounts.json", %{ AccountView.render("accounts.json", %{
users: participation.conversation.users, users: users,
as: :user as: :user
}) })

View file

@ -240,6 +240,7 @@ def render("status.json", %{activity: %{data: %{"object" => _object}} = activity
spoiler_text: summary_html, spoiler_text: summary_html,
visibility: get_visibility(object), visibility: get_visibility(object),
media_attachments: attachments, media_attachments: attachments,
poll: render("poll.json", %{object: object, for: opts[:for]}),
mentions: mentions, mentions: mentions,
tags: build_tags(tags), tags: build_tags(tags),
application: %{ application: %{
@ -329,6 +330,64 @@ def render("attachment.json", %{attachment: attachment}) do
} }
end end
def render("poll.json", %{object: object} = opts) do
{multiple, options} =
case object.data do
%{"anyOf" => options} when is_list(options) -> {true, options}
%{"oneOf" => options} when is_list(options) -> {false, options}
_ -> {nil, nil}
end
if options do
end_time =
(object.data["closed"] || object.data["endTime"])
|> NaiveDateTime.from_iso8601!()
expired =
end_time
|> NaiveDateTime.compare(NaiveDateTime.utc_now())
|> case do
:lt -> true
_ -> false
end
voted =
if opts[:for] do
existing_votes =
Pleroma.Web.ActivityPub.Utils.get_existing_votes(opts[:for].ap_id, object)
existing_votes != [] or opts[:for].ap_id == object.data["actor"]
else
false
end
{options, votes_count} =
Enum.map_reduce(options, 0, fn %{"name" => name} = option, count ->
current_count = option["replies"]["totalItems"] || 0
{%{
title: HTML.strip_tags(name),
votes_count: current_count
}, current_count + count}
end)
%{
# Mastodon uses separate ids for polls, but an object can't have
# more than one poll embedded so object id is fine
id: object.id,
expires_at: Utils.to_masto_date(end_time),
expired: expired,
multiple: multiple,
votes_count: votes_count,
options: options,
voted: voted,
emojis: build_emojis(object.data["emoji"])
}
else
nil
end
end
def get_reply_to(activity, %{replied_to_activities: replied_to_activities}) do def get_reply_to(activity, %{replied_to_activities: replied_to_activities}) do
object = Object.normalize(activity) object = Object.normalize(activity)

View file

@ -97,6 +97,7 @@ def raw_nodeinfo do
"pleroma_api", "pleroma_api",
"mastodon_api", "mastodon_api",
"mastodon_api_streaming", "mastodon_api_streaming",
"polls",
if Config.get([:media_proxy, :enabled]) do if Config.get([:media_proxy, :enabled]) do
"media_proxy" "media_proxy"
end, end,
@ -149,6 +150,7 @@ def raw_nodeinfo do
}, },
staffAccounts: staff_accounts, staffAccounts: staff_accounts,
federation: federation_response, federation: federation_response,
pollLimits: Config.get([:instance, :poll_limits]),
postFormats: Config.get([:instance, :allowed_post_formats]), postFormats: Config.get([:instance, :allowed_post_formats]),
uploadLimits: %{ uploadLimits: %{
general: Config.get([:instance, :upload_limit]), general: Config.get([:instance, :upload_limit]),

View file

@ -333,6 +333,8 @@ defmodule Pleroma.Web.Router do
put("/scheduled_statuses/:id", MastodonAPIController, :update_scheduled_status) put("/scheduled_statuses/:id", MastodonAPIController, :update_scheduled_status)
delete("/scheduled_statuses/:id", MastodonAPIController, :delete_scheduled_status) delete("/scheduled_statuses/:id", MastodonAPIController, :delete_scheduled_status)
post("/polls/:id/votes", MastodonAPIController, :poll_vote)
post("/media", MastodonAPIController, :upload) post("/media", MastodonAPIController, :upload)
put("/media/:id", MastodonAPIController, :update_media) put("/media/:id", MastodonAPIController, :update_media)
@ -422,6 +424,8 @@ defmodule Pleroma.Web.Router do
get("/statuses/:id", MastodonAPIController, :get_status) get("/statuses/:id", MastodonAPIController, :get_status)
get("/statuses/:id/context", MastodonAPIController, :get_context) get("/statuses/:id/context", MastodonAPIController, :get_context)
get("/polls/:id", MastodonAPIController, :get_poll)
get("/accounts/:id/statuses", MastodonAPIController, :user_statuses) get("/accounts/:id/statuses", MastodonAPIController, :user_statuses)
get("/accounts/:id/followers", MastodonAPIController, :followers) get("/accounts/:id/followers", MastodonAPIController, :followers)
get("/accounts/:id/following", MastodonAPIController, :following) get("/accounts/:id/following", MastodonAPIController, :following)

View file

@ -63,13 +63,14 @@
.scopes-input { .scopes-input {
display: flex; display: flex;
flex-direction: column;
margin-top: 1em; margin-top: 1em;
text-align: left; text-align: left;
color: #89898a; color: #89898a;
} }
.scopes-input label:first-child { .scopes-input label:first-child {
flex-basis: 40%; height: 2em;
} }
.scopes { .scopes {
@ -80,13 +81,22 @@
} }
.scope { .scope {
flex-basis: 100%;
display: flex; display: flex;
flex-basis: 100%;
height: 2em; height: 2em;
align-items: center; align-items: center;
} }
.scope:before {
color: #b9b9ba;
content: "\fe0e";
margin-left: 1em;
margin-right: 1em;
}
[type="checkbox"] + label { [type="checkbox"] + label {
display: none;
cursor: pointer;
margin: 0.5em; margin: 0.5em;
} }
@ -95,10 +105,12 @@
} }
[type="checkbox"] + label:before { [type="checkbox"] + label:before {
cursor: pointer;
display: inline-block; display: inline-block;
color: white; color: white;
background-color: #121a24; background-color: #121a24;
border: 4px solid #121a24; border: 4px solid #121a24;
box-shadow: 0px 0px 1px 0 #d8a070;
box-sizing: border-box; box-sizing: border-box;
width: 1.2em; width: 1.2em;
height: 1.2em; height: 1.2em;
@ -128,7 +140,8 @@
border-radius: 4px; border-radius: 4px;
border: none; border: none;
padding: 10px; padding: 10px;
margin-top: 30px; margin-top: 20px;
margin-bottom: 20px;
text-transform: uppercase; text-transform: uppercase;
font-size: 16px; font-size: 16px;
box-shadow: 0px 0px 2px 0px black, box-shadow: 0px 0px 2px 0px black,
@ -147,8 +160,8 @@
box-sizing: border-box; box-sizing: border-box;
width: 100%; width: 100%;
background-color: #931014; background-color: #931014;
border: 1px solid #a06060;
border-radius: 4px; border-radius: 4px;
border: none;
padding: 10px; padding: 10px;
margin-top: 20px; margin-top: 20px;
font-weight: 500; font-weight: 500;
@ -171,12 +184,27 @@
margin-top: 0 margin-top: 0
} }
.scopes-input { .scope {
flex-direction: column; flex-basis: 0%;
} }
.scope { .scope:before {
flex-basis: 50%; content: "";
margin-left: 0em;
margin-right: 1em;
}
.scope:first-child:before {
margin-left: 1em;
content: "\fe0e";
}
.scope:after {
content: ",";
}
.scope:last-child:after {
content: "";
} }
} }
.form-row { .form-row {

View file

@ -1,13 +1,19 @@
<div class="scopes-input"> <div class="scopes-input">
<%= label @form, :scope, "Permissions" %> <%= label @form, :scope, "The following permissions will be granted" %>
<div class="scopes"> <div class="scopes">
<%= for scope <- @available_scopes do %> <%= for scope <- @available_scopes do %>
<%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %> <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
<%= if scope in @scopes do %>
<div class="scope"> <div class="scope">
<%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %> <%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %>
<%= label @form, :"scope_#{scope}", String.capitalize(scope) %> <%= label @form, :"scope_#{scope}", String.capitalize(scope) %>
<%= if scope in @scopes && scope do %>
<%= String.capitalize(scope) %>
<% end %>
</div> </div>
<% else %>
<%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %>
<% end %>
<% end %> <% end %>
</div> </div>
</div> </div>

View file

@ -1,7 +1,9 @@
<h2>Sign in with external provider</h2> <h2>Sign in with external provider</h2>
<%= form_for @conn, o_auth_path(@conn, :prepare_request), [as: "authorization", method: "get"], fn f -> %> <%= form_for @conn, o_auth_path(@conn, :prepare_request), [as: "authorization", method: "get"], fn f -> %>
<%= render @view_module, "_scopes.html", Map.put(assigns, :form, f) %> <div style="display: none">
<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f}) %>
</div>
<%= hidden_input f, :client_id, value: @client_id %> <%= hidden_input f, :client_id, value: @client_id %>
<%= hidden_input f, :redirect_uri, value: @redirect_uri %> <%= hidden_input f, :redirect_uri, value: @redirect_uri %>

View file

@ -6,26 +6,38 @@
<% end %> <% end %>
<h2>OAuth Authorization</h2> <h2>OAuth Authorization</h2>
<%= form_for @conn, o_auth_path(@conn, :authorize), [as: "authorization"], fn f -> %> <%= form_for @conn, o_auth_path(@conn, :authorize), [as: "authorization"], fn f -> %>
<%= if @params["registration"] in ["true", true] do %>
<h3>This is the first time you visit! Please enter your Pleroma handle.</h3>
<p>Choose carefully! You won't be able to change this later. You will be able to change your display name, though.</p>
<div class="input"> <div class="input">
<%= label f, :name, "Name or email" %> <%= label f, :nickname, "Pleroma Handle" %>
<%= text_input f, :nickname, placeholder: "lain" %>
</div>
<%= hidden_input f, :name, value: @params["name"] %>
<%= hidden_input f, :password, value: @params["password"] %>
<br>
<% else %>
<div class="input">
<%= label f, :name, "Username" %>
<%= text_input f, :name %> <%= text_input f, :name %>
</div> </div>
<div class="input"> <div class="input">
<%= label f, :password, "Password" %> <%= label f, :password, "Password" %>
<%= password_input f, :password %> <%= password_input f, :password %>
</div> </div>
<%= submit "Log In" %>
<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f}) %> <%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f}) %>
<% end %>
<%= hidden_input f, :client_id, value: @client_id %> <%= hidden_input f, :client_id, value: @client_id %>
<%= hidden_input f, :response_type, value: @response_type %> <%= hidden_input f, :response_type, value: @response_type %>
<%= hidden_input f, :redirect_uri, value: @redirect_uri %> <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
<%= hidden_input f, :state, value: @state %> <%= hidden_input f, :state, value: @state %>
<%= submit "Authorize" %>
<% end %> <% end %>
<%= if Pleroma.Config.oauth_consumer_enabled?() do %> <%= if Pleroma.Config.oauth_consumer_enabled?() do %>
<%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %> <%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %>
<% end %> <% end %>

View file

@ -122,6 +122,7 @@ defp do_render("user.json", %{user: user = %User{}} = assigns) do
"skip_thread_containment" => user.info.skip_thread_containment "skip_thread_containment" => user.info.skip_thread_containment
} }
|> maybe_with_activation_status(user, for_user) |> maybe_with_activation_status(user, for_user)
|> with_notification_settings(user, for_user)
} }
|> maybe_with_user_settings(user, for_user) |> maybe_with_user_settings(user, for_user)
|> maybe_with_role(user, for_user) |> maybe_with_role(user, for_user)
@ -133,6 +134,12 @@ defp do_render("user.json", %{user: user = %User{}} = assigns) do
end end
end end
defp with_notification_settings(data, %User{id: user_id} = user, %User{id: user_id}) do
Map.put(data, "notification_settings", user.info.notification_settings)
end
defp with_notification_settings(data, _, _), do: data
defp maybe_with_activation_status(data, user, %User{info: %{is_admin: true}}) do defp maybe_with_activation_status(data, user, %User{info: %{is_admin: true}}) do
Map.put(data, "deactivated", user.info.deactivated) Map.put(data, "deactivated", user.info.deactivated)
end end

25
mix.exs
View file

@ -51,16 +51,27 @@ def application do
defp elixirc_paths(:test), do: ["lib", "test/support"] defp elixirc_paths(:test), do: ["lib", "test/support"]
defp elixirc_paths(_), do: ["lib"] defp elixirc_paths(_), do: ["lib"]
# Specifies OAuth dependencies.
defp oauth_deps do
oauth_strategy_packages =
System.get_env("OAUTH_CONSUMER_STRATEGIES")
|> to_string()
|> String.split()
|> Enum.map(fn strategy_entry ->
with [_strategy, dependency] <- String.split(strategy_entry, ":") do
dependency
else
[strategy] -> "ueberauth_#{strategy}"
end
end)
for s <- oauth_strategy_packages, do: {String.to_atom(s), ">= 0.0.0"}
end
# Specifies your project dependencies. # Specifies your project dependencies.
# #
# Type `mix help deps` for examples and options. # Type `mix help deps` for examples and options.
defp deps do defp deps do
oauth_strategies = String.split(System.get_env("OAUTH_CONSUMER_STRATEGIES") || "")
oauth_deps =
for s <- oauth_strategies,
do: {String.to_atom("ueberauth_#{s}"), ">= 0.0.0"}
[ [
{:phoenix, "~> 1.4.1"}, {:phoenix, "~> 1.4.1"},
{:plug_cowboy, "~> 2.0"}, {:plug_cowboy, "~> 2.0"},
@ -121,7 +132,7 @@ defp deps do
{:ex_rated, "~> 1.2"}, {:ex_rated, "~> 1.2"},
{:plug_static_index_html, "~> 1.0.0"}, {:plug_static_index_html, "~> 1.0.0"},
{:excoveralls, "~> 0.11.1", only: :test} {:excoveralls, "~> 0.11.1", only: :test}
] ++ oauth_deps ] ++ oauth_deps()
end end
# Aliases are shortcuts or tasks specific to the current project. # Aliases are shortcuts or tasks specific to the current project.

View file

@ -0,0 +1,10 @@
defmodule Pleroma.Repo.Migrations.AddNonFollowsAndNonFollowersFieldsToNotificationSettings do
use Ecto.Migration
def change do
execute("""
update users set info = jsonb_set(info, '{notification_settings}', '{"local": true, "remote": true, "follows": true, "followers": true, "non_follows": true, "non_followers": true}')
where local=true
""")
end
end

View file

@ -0,0 +1,7 @@
defmodule Pleroma.Repo.Migrations.AddObjectInReplyToIndex do
use Ecto.Migration
def change do
create index(:objects, ["(data->>'inReplyTo')"], name: :objects_in_reply_to_index)
end
end

View file

@ -0,0 +1,8 @@
defmodule Pleroma.Repo.Migrations.AddTagIndexToObjects do
use Ecto.Migration
def change do
drop_if_exists index(:activities, ["(data #> '{\"object\",\"tag\"}')"], using: :gin, name: :activities_tags)
create index(:objects, ["(data->'tag')"], using: :gin, name: :objects_tags)
end
end

View file

@ -0,0 +1,64 @@
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1",
{
"manuallyApprovesFollowers": "as:manuallyApprovesFollowers",
"toot": "http://joinmastodon.org/ns#",
"featured": {
"@id": "toot:featured",
"@type": "@id"
},
"alsoKnownAs": {
"@id": "as:alsoKnownAs",
"@type": "@id"
},
"movedTo": {
"@id": "as:movedTo",
"@type": "@id"
},
"schema": "http://schema.org#",
"PropertyValue": "schema:PropertyValue",
"value": "schema:value",
"Hashtag": "as:Hashtag",
"Emoji": "toot:Emoji",
"IdentityProof": "toot:IdentityProof",
"focalPoint": {
"@container": "@list",
"@id": "toot:focalPoint"
}
}
],
"id": "https://mastodon.sdf.org/users/rinpatch",
"type": "Person",
"following": "https://mastodon.sdf.org/users/rinpatch/following",
"followers": "https://mastodon.sdf.org/users/rinpatch/followers",
"inbox": "https://mastodon.sdf.org/users/rinpatch/inbox",
"outbox": "https://mastodon.sdf.org/users/rinpatch/outbox",
"featured": "https://mastodon.sdf.org/users/rinpatch/collections/featured",
"preferredUsername": "rinpatch",
"name": "rinpatch",
"summary": "<p>umu</p>",
"url": "https://mastodon.sdf.org/@rinpatch",
"manuallyApprovesFollowers": false,
"publicKey": {
"id": "https://mastodon.sdf.org/users/rinpatch#main-key",
"owner": "https://mastodon.sdf.org/users/rinpatch",
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vbhYKDopb5xzfJB2TZY\n0ZvgxqdAhbSKKkQC5Q2b0ofhvueDy2AuZTnVk1/BbHNlqKlwhJUSpA6LiTZVvtcc\nMn6cmSaJJEg30gRF5GARP8FMcuq8e2jmceiW99NnUX17MQXsddSf2JFUwD0rUE8H\nBsgD7UzE9+zlA/PJOTBO7fvBEz9PTQ3r4sRMTJVFvKz2MU/U+aRNTuexRKMMPnUw\nfp6VWh1F44VWJEQOs4tOEjGiQiMQh5OfBk1w2haT3vrDbQvq23tNpUP1cRomLUtx\nEBcGKi5DMMBzE1RTVT1YUykR/zLWlA+JSmw7P6cWtsHYZovs8dgn8Po3X//6N+ng\nTQIDAQAB\n-----END PUBLIC KEY-----\n"
},
"tag": [],
"attachment": [],
"endpoints": {
"sharedInbox": "https://mastodon.sdf.org/inbox"
},
"icon": {
"type": "Image",
"mediaType": "image/jpeg",
"url": "https://mastodon.sdf.org/system/accounts/avatars/000/067/580/original/bf05521bf711b7a0.jpg?1533238802"
},
"image": {
"type": "Image",
"mediaType": "image/gif",
"url": "https://mastodon.sdf.org/system/accounts/headers/000/067/580/original/a99b987e798f7063.gif?1533278217"
}
}

View file

@ -0,0 +1,99 @@
{
"@context": [
"https://www.w3.org/ns/activitystreams",
{
"ostatus": "http://ostatus.org#",
"atomUri": "ostatus:atomUri",
"inReplyToAtomUri": "ostatus:inReplyToAtomUri",
"conversation": "ostatus:conversation",
"sensitive": "as:sensitive",
"Hashtag": "as:Hashtag",
"toot": "http://joinmastodon.org/ns#",
"Emoji": "toot:Emoji",
"focalPoint": {
"@container": "@list",
"@id": "toot:focalPoint"
}
}
],
"id": "https://mastodon.sdf.org/users/rinpatch/statuses/102070944809637304/activity",
"type": "Create",
"actor": "https://mastodon.sdf.org/users/rinpatch",
"published": "2019-05-10T09:03:36Z",
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"cc": [
"https://mastodon.sdf.org/users/rinpatch/followers"
],
"object": {
"id": "https://mastodon.sdf.org/users/rinpatch/statuses/102070944809637304",
"type": "Question",
"summary": null,
"inReplyTo": null,
"published": "2019-05-10T09:03:36Z",
"url": "https://mastodon.sdf.org/@rinpatch/102070944809637304",
"attributedTo": "https://mastodon.sdf.org/users/rinpatch",
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"cc": [
"https://mastodon.sdf.org/users/rinpatch/followers"
],
"sensitive": false,
"atomUri": "https://mastodon.sdf.org/users/rinpatch/statuses/102070944809637304",
"inReplyToAtomUri": null,
"conversation": "tag:mastodon.sdf.org,2019-05-10:objectId=15095122:objectType=Conversation",
"content": "<p>Why is Tenshi eating a corndog so cute?</p>",
"contentMap": {
"en": "<p>Why is Tenshi eating a corndog so cute?</p>"
},
"endTime": "2019-05-11T09:03:36Z",
"closed": "2019-05-11T09:03:36Z",
"attachment": [],
"tag": [],
"replies": {
"id": "https://mastodon.sdf.org/users/rinpatch/statuses/102070944809637304/replies",
"type": "Collection",
"first": {
"type": "CollectionPage",
"partOf": "https://mastodon.sdf.org/users/rinpatch/statuses/102070944809637304/replies",
"items": []
}
},
"oneOf": [
{
"type": "Note",
"name": "Dunno",
"replies": {
"type": "Collection",
"totalItems": 0
}
},
{
"type": "Note",
"name": "Everyone knows that!",
"replies": {
"type": "Collection",
"totalItems": 1
}
},
{
"type": "Note",
"name": "25 char limit is dumb",
"replies": {
"type": "Collection",
"totalItems": 0
}
},
{
"type": "Note",
"name": "I can't even fit a funny",
"replies": {
"type": "Collection",
"totalItems": 1
}
}
]
}
}

16
test/fixtures/mastodon-vote.json vendored Normal file
View file

@ -0,0 +1,16 @@
{
"@context": "https://www.w3.org/ns/activitystreams",
"actor": "https://mastodon.sdf.org/users/rinpatch",
"id": "https://mastodon.sdf.org/users/rinpatch#votes/387/activity",
"nickname": "rin",
"object": {
"attributedTo": "https://mastodon.sdf.org/users/rinpatch",
"id": "https://mastodon.sdf.org/users/rinpatch#votes/387",
"inReplyTo": "https://testing.uguu.ltd/objects/9d300947-2dcb-445d-8978-9a3b4b84fa14",
"name": "suya..",
"to": "https://testing.uguu.ltd/users/rin",
"type": "Note"
},
"to": "https://testing.uguu.ltd/users/rin",
"type": "Create"
}

View file

@ -78,33 +78,6 @@ test "it doesn't create a notification for an activity from a muted thread" do
assert nil == Notification.create_notification(activity, muter) assert nil == Notification.create_notification(activity, muter)
end end
test "it disables notifications from people on remote instances" do
user = insert(:user, info: %{notification_settings: %{"remote" => false}})
other_user = insert(:user)
create_activity = %{
"@context" => "https://www.w3.org/ns/activitystreams",
"type" => "Create",
"to" => ["https://www.w3.org/ns/activitystreams#Public"],
"actor" => other_user.ap_id,
"object" => %{
"type" => "Note",
"content" => "Hi @#{user.nickname}",
"attributedTo" => other_user.ap_id
}
}
{:ok, %{local: false} = activity} = Transmogrifier.handle_incoming(create_activity)
assert nil == Notification.create_notification(activity, user)
end
test "it disables notifications from people on the local instance" do
user = insert(:user, info: %{notification_settings: %{"local" => false}})
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "hey @#{user.nickname}"})
assert nil == Notification.create_notification(activity, user)
end
test "it disables notifications from followers" do test "it disables notifications from followers" do
follower = insert(:user) follower = insert(:user)
followed = insert(:user, info: %{notification_settings: %{"followers" => false}}) followed = insert(:user, info: %{notification_settings: %{"followers" => false}})
@ -113,6 +86,13 @@ test "it disables notifications from followers" do
assert nil == Notification.create_notification(activity, followed) assert nil == Notification.create_notification(activity, followed)
end end
test "it disables notifications from non-followers" do
follower = insert(:user)
followed = insert(:user, info: %{notification_settings: %{"non_followers" => false}})
{:ok, activity} = CommonAPI.post(follower, %{"status" => "hey @#{followed.nickname}"})
assert nil == Notification.create_notification(activity, followed)
end
test "it disables notifications from people the user follows" do test "it disables notifications from people the user follows" do
follower = insert(:user, info: %{notification_settings: %{"follows" => false}}) follower = insert(:user, info: %{notification_settings: %{"follows" => false}})
followed = insert(:user) followed = insert(:user)
@ -122,6 +102,13 @@ test "it disables notifications from people the user follows" do
assert nil == Notification.create_notification(activity, follower) assert nil == Notification.create_notification(activity, follower)
end end
test "it disables notifications from people the user does not follow" do
follower = insert(:user, info: %{notification_settings: %{"non_follows" => false}})
followed = insert(:user)
{:ok, activity} = CommonAPI.post(followed, %{"status" => "hey @#{follower.nickname}"})
assert nil == Notification.create_notification(activity, follower)
end
test "it doesn't create a notification for user if he is the activity author" do test "it doesn't create a notification for user if he is the activity author" do
activity = insert(:note_activity) activity = insert(:note_activity)
author = User.get_cached_by_ap_id(activity.data["actor"]) author = User.get_cached_by_ap_id(activity.data["actor"])

View file

@ -6,6 +6,11 @@ defmodule Pleroma.Object.ContainmentTest do
import Pleroma.Factory import Pleroma.Factory
setup_all do
Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
end
describe "general origin containment" do describe "general origin containment" do
test "contain_origin_from_id() catches obvious spoofing attempts" do test "contain_origin_from_id() catches obvious spoofing attempts" do
data = %{ data = %{

View file

@ -52,6 +52,14 @@ def get("https://mastodon.social/users/emelie", _, _, _) do
}} }}
end end
def get("https://mastodon.sdf.org/users/rinpatch", _, _, _) do
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/httpoison_mock/rinpatch.json")
}}
end
def get( def get(
"https://mastodon.social/.well-known/webfinger?resource=https://mastodon.social/users/emelie", "https://mastodon.social/.well-known/webfinger?resource=https://mastodon.social/users/emelie",
_, _,
@ -235,6 +243,14 @@ def get("https://niu.moe/users/rye", _, _, Accept: "application/activity+json")
}} }}
end end
def get("https://n1u.moe/users/rye", _, _, Accept: "application/activity+json") do
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/httpoison_mock/rye.json")
}}
end
def get("http://mastodon.example.org/users/admin/statuses/100787282858396771", _, _, _) do def get("http://mastodon.example.org/users/admin/statuses/100787282858396771", _, _, _) do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
@ -294,6 +310,10 @@ def get("http://mastodon.example.org/users/admin", _, _, Accept: "application/ac
}} }}
end end
def get("http://mastodon.example.org/users/gargron", _, _, Accept: "application/activity+json") do
{:error, :nxdomain}
end
def get( def get(
"http://mastodon.example.org/@admin/99541947525187367", "http://mastodon.example.org/@admin/99541947525187367",
_, _,
@ -538,6 +558,15 @@ def get(
}} }}
end end
def get(
"http://gs.example.org:4040/index.php/user/1",
_,
_,
Accept: "application/activity+json"
) do
{:ok, %Tesla.Env{status: 406, body: ""}}
end
def get("http://gs.example.org/index.php/api/statuses/user_timeline/1.atom", _, _, _) do def get("http://gs.example.org/index.php/api/statuses/user_timeline/1.atom", _, _, _) do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{

View file

@ -0,0 +1,32 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.SubchainPolicyTest do
use Pleroma.DataCase
alias Pleroma.Web.ActivityPub.MRF.DropPolicy
alias Pleroma.Web.ActivityPub.MRF.SubchainPolicy
@message %{
"actor" => "https://banned.com",
"type" => "Create",
"object" => %{"content" => "hi"}
}
test "it matches and processes subchains when the actor matches a configured target" do
Pleroma.Config.put([:mrf_subchain, :match_actor], %{
~r/^https:\/\/banned.com/s => [DropPolicy]
})
{:reject, _} = SubchainPolicy.filter(@message)
end
test "it doesn't match and process subchains when the actor doesn't match a configured target" do
Pleroma.Config.put([:mrf_subchain, :match_actor], %{
~r/^https:\/\/borked.com/s => [DropPolicy]
})
{:ok, _message} = SubchainPolicy.filter(@message)
end
end

View file

@ -113,6 +113,55 @@ test "it works for incoming notices with hashtags" do
assert Enum.at(object.data["tag"], 2) == "moo" assert Enum.at(object.data["tag"], 2) == "moo"
end end
test "it works for incoming questions" do
data = File.read!("test/fixtures/mastodon-question-activity.json") |> Poison.decode!()
{:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
object = Object.normalize(activity)
assert Enum.all?(object.data["oneOf"], fn choice ->
choice["name"] in [
"Dunno",
"Everyone knows that!",
"25 char limit is dumb",
"I can't even fit a funny"
]
end)
end
test "it rewrites Note votes to Answers and increments vote counters on question activities" do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "suya...",
"poll" => %{"options" => ["suya", "suya.", "suya.."], "expires_in" => 10}
})
object = Object.normalize(activity)
data =
File.read!("test/fixtures/mastodon-vote.json")
|> Poison.decode!()
|> Kernel.put_in(["to"], user.ap_id)
|> Kernel.put_in(["object", "inReplyTo"], object.data["id"])
|> Kernel.put_in(["object", "to"], user.ap_id)
{:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
answer_object = Object.normalize(activity)
assert answer_object.data["type"] == "Answer"
object = Object.get_by_ap_id(object.data["id"])
assert Enum.any?(
object.data["oneOf"],
fn
%{"name" => "suya..", "replies" => %{"totalItems" => 1}} -> true
_ -> false
end
)
end
test "it works for incoming notices with contentMap" do test "it works for incoming notices with contentMap" do
data = data =
File.read!("test/fixtures/mastodon-post-activity-contentmap.json") |> Poison.decode!() File.read!("test/fixtures/mastodon-post-activity-contentmap.json") |> Poison.decode!()
@ -1210,6 +1259,30 @@ test "successfully reserializes a message with AS2 objects in IR" do
end end
end end
test "Rewrites Answers to Notes" do
user = insert(:user)
{:ok, poll_activity} =
CommonAPI.post(user, %{
"status" => "suya...",
"poll" => %{"options" => ["suya", "suya.", "suya.."], "expires_in" => 10}
})
poll_object = Object.normalize(poll_activity)
# TODO: Replace with CommonAPI vote creation when implemented
data =
File.read!("test/fixtures/mastodon-vote.json")
|> Poison.decode!()
|> Kernel.put_in(["to"], user.ap_id)
|> Kernel.put_in(["object", "inReplyTo"], poll_object.data["id"])
|> Kernel.put_in(["object", "to"], user.ap_id)
{:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
{:ok, data} = Transmogrifier.prepare_outgoing(activity.data)
assert data["object"]["type"] == "Note"
end
describe "fix_explicit_addressing" do describe "fix_explicit_addressing" do
setup do setup do
user = insert(:user) user = insert(:user)

View file

@ -79,10 +79,10 @@ test "Represent the user account for the account owner" do
user = insert(:user) user = insert(:user)
notification_settings = %{ notification_settings = %{
"remote" => true,
"local" => true,
"followers" => true, "followers" => true,
"follows" => true "follows" => true,
"non_follows" => true,
"non_followers" => true
} }
privacy = user.info.default_scope privacy = user.info.default_scope
@ -242,4 +242,19 @@ test "represent an embedded relationship" do
assert expected == AccountView.render("account.json", %{user: user, for: other_user}) assert expected == AccountView.render("account.json", %{user: user, for: other_user})
end end
test "returns the settings store if the requesting user is the represented user and it's requested specifically" do
user = insert(:user, %{info: %User.Info{pleroma_settings_store: %{fe: "test"}}})
result =
AccountView.render("account.json", %{user: user, for: user, with_pleroma_settings: true})
assert result.pleroma.settings_store == %{:fe => "test"}
result = AccountView.render("account.json", %{user: user, with_pleroma_settings: true})
assert result.pleroma[:settings_store] == nil
result = AccountView.render("account.json", %{user: user, for: user})
assert result.pleroma[:settings_store] == nil
end
end end

View file

@ -146,6 +146,103 @@ test "posting a status", %{conn: conn} do
refute id == third_id refute id == third_id
end end
describe "posting polls" do
test "posting a poll", %{conn: conn} do
user = insert(:user)
time = NaiveDateTime.utc_now()
conn =
conn
|> assign(:user, user)
|> post("/api/v1/statuses", %{
"status" => "Who is the #bestgrill?",
"poll" => %{"options" => ["Rei", "Asuka", "Misato"], "expires_in" => 420}
})
response = json_response(conn, 200)
assert Enum.all?(response["poll"]["options"], fn %{"title" => title} ->
title in ["Rei", "Asuka", "Misato"]
end)
assert NaiveDateTime.diff(NaiveDateTime.from_iso8601!(response["poll"]["expires_at"]), time) in 420..430
refute response["poll"]["expred"]
end
test "option limit is enforced", %{conn: conn} do
user = insert(:user)
limit = Pleroma.Config.get([:instance, :poll_limits, :max_options])
conn =
conn
|> assign(:user, user)
|> post("/api/v1/statuses", %{
"status" => "desu~",
"poll" => %{"options" => Enum.map(0..limit, fn _ -> "desu" end), "expires_in" => 1}
})
%{"error" => error} = json_response(conn, 422)
assert error == "Poll can't contain more than #{limit} options"
end
test "option character limit is enforced", %{conn: conn} do
user = insert(:user)
limit = Pleroma.Config.get([:instance, :poll_limits, :max_option_chars])
conn =
conn
|> assign(:user, user)
|> post("/api/v1/statuses", %{
"status" => "...",
"poll" => %{
"options" => [Enum.reduce(0..limit, "", fn _, acc -> acc <> "." end)],
"expires_in" => 1
}
})
%{"error" => error} = json_response(conn, 422)
assert error == "Poll options cannot be longer than #{limit} characters each"
end
test "minimal date limit is enforced", %{conn: conn} do
user = insert(:user)
limit = Pleroma.Config.get([:instance, :poll_limits, :min_expiration])
conn =
conn
|> assign(:user, user)
|> post("/api/v1/statuses", %{
"status" => "imagine arbitrary limits",
"poll" => %{
"options" => ["this post was made by pleroma gang"],
"expires_in" => limit - 1
}
})
%{"error" => error} = json_response(conn, 422)
assert error == "Expiration date is too soon"
end
test "maximum date limit is enforced", %{conn: conn} do
user = insert(:user)
limit = Pleroma.Config.get([:instance, :poll_limits, :max_expiration])
conn =
conn
|> assign(:user, user)
|> post("/api/v1/statuses", %{
"status" => "imagine arbitrary limits",
"poll" => %{
"options" => ["this post was made by pleroma gang"],
"expires_in" => limit + 1
}
})
%{"error" => error} = json_response(conn, 422)
assert error == "Expiration date is too far in the future"
end
end
test "posting a sensitive status", %{conn: conn} do test "posting a sensitive status", %{conn: conn} do
user = insert(:user) user = insert(:user)
@ -317,12 +414,13 @@ test "direct timeline", %{conn: conn} do
test "Conversations", %{conn: conn} do test "Conversations", %{conn: conn} do
user_one = insert(:user) user_one = insert(:user)
user_two = insert(:user) user_two = insert(:user)
user_three = insert(:user)
{:ok, user_two} = User.follow(user_two, user_one) {:ok, user_two} = User.follow(user_two, user_one)
{:ok, direct} = {:ok, direct} =
CommonAPI.post(user_one, %{ CommonAPI.post(user_one, %{
"status" => "Hi @#{user_two.nickname}!", "status" => "Hi @#{user_two.nickname}, @#{user_three.nickname}!",
"visibility" => "direct" "visibility" => "direct"
}) })
@ -348,7 +446,10 @@ test "Conversations", %{conn: conn} do
} }
] = response ] = response
account_ids = Enum.map(res_accounts, & &1["id"])
assert length(res_accounts) == 2 assert length(res_accounts) == 2
assert user_two.id in account_ids
assert user_three.id in account_ids
assert is_binary(res_id) assert is_binary(res_id)
assert unread == true assert unread == true
assert res_last_status["id"] == direct.id assert res_last_status["id"] == direct.id
@ -2322,6 +2423,66 @@ test "hides favorites for new users by default", %{conn: conn, current_user: cur
end end
describe "updating credentials" do describe "updating credentials" do
test "sets user settings in a generic way", %{conn: conn} do
user = insert(:user)
res_conn =
conn
|> assign(:user, user)
|> patch("/api/v1/accounts/update_credentials", %{
"pleroma_settings_store" => %{
pleroma_fe: %{
theme: "bla"
}
}
})
assert user = json_response(res_conn, 200)
assert user["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
user = Repo.get(User, user["id"])
res_conn =
conn
|> assign(:user, user)
|> patch("/api/v1/accounts/update_credentials", %{
"pleroma_settings_store" => %{
masto_fe: %{
theme: "bla"
}
}
})
assert user = json_response(res_conn, 200)
assert user["pleroma"]["settings_store"] ==
%{
"pleroma_fe" => %{"theme" => "bla"},
"masto_fe" => %{"theme" => "bla"}
}
user = Repo.get(User, user["id"])
res_conn =
conn
|> assign(:user, user)
|> patch("/api/v1/accounts/update_credentials", %{
"pleroma_settings_store" => %{
masto_fe: %{
theme: "blub"
}
}
})
assert user = json_response(res_conn, 200)
assert user["pleroma"]["settings_store"] ==
%{
"pleroma_fe" => %{"theme" => "bla"},
"masto_fe" => %{"theme" => "blub"}
}
end
test "updates the user's bio", %{conn: conn} do test "updates the user's bio", %{conn: conn} do
user = insert(:user) user = insert(:user)
user2 = insert(:user) user2 = insert(:user)
@ -2551,7 +2712,8 @@ test "get instance information", %{conn: conn} do
"stats" => _, "stats" => _,
"thumbnail" => _, "thumbnail" => _,
"languages" => _, "languages" => _,
"registrations" => _ "registrations" => _,
"poll_limits" => _
} = result } = result
assert email == from_config_email assert email == from_config_email
@ -3450,4 +3612,124 @@ test "rate limit", %{conn: conn} do
assert json_response(conn, 403) == %{"error" => "Rate limit exceeded."} assert json_response(conn, 403) == %{"error" => "Rate limit exceeded."}
end end
end end
describe "GET /api/v1/polls/:id" do
test "returns poll entity for object id", %{conn: conn} do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Pleroma does",
"poll" => %{"options" => ["what Mastodon't", "n't what Mastodoes"], "expires_in" => 20}
})
object = Object.normalize(activity)
conn =
conn
|> assign(:user, user)
|> get("/api/v1/polls/#{object.id}")
response = json_response(conn, 200)
id = object.id
assert %{"id" => ^id, "expired" => false, "multiple" => false} = response
end
test "does not expose polls for private statuses", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Pleroma does",
"poll" => %{"options" => ["what Mastodon't", "n't what Mastodoes"], "expires_in" => 20},
"visibility" => "private"
})
object = Object.normalize(activity)
conn =
conn
|> assign(:user, other_user)
|> get("/api/v1/polls/#{object.id}")
assert json_response(conn, 404)
end
end
describe "POST /api/v1/polls/:id/votes" do
test "votes are added to the poll", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "A very delicious sandwich",
"poll" => %{
"options" => ["Lettuce", "Grilled Bacon", "Tomato"],
"expires_in" => 20,
"multiple" => true
}
})
object = Object.normalize(activity)
conn =
conn
|> assign(:user, other_user)
|> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [0, 1, 2]})
assert json_response(conn, 200)
object = Object.get_by_id(object.id)
assert Enum.all?(object.data["anyOf"], fn %{"replies" => %{"totalItems" => total_items}} ->
total_items == 1
end)
end
test "author can't vote", %{conn: conn} do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Am I cute?",
"poll" => %{"options" => ["Yes", "No"], "expires_in" => 20}
})
object = Object.normalize(activity)
assert conn
|> assign(:user, user)
|> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [1]})
|> json_response(422) == %{"error" => "Poll's author can't vote"}
object = Object.get_by_id(object.id)
refute Enum.at(object.data["oneOf"], 1)["replies"]["totalItems"] == 1
end
test "does not allow multiple choices on a single-choice question", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "The glass is",
"poll" => %{"options" => ["half empty", "half full"], "expires_in" => 20}
})
object = Object.normalize(activity)
assert conn
|> assign(:user, other_user)
|> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [0, 1]})
|> json_response(422) == %{"error" => "Too many choices"}
object = Object.get_by_id(object.id)
refute Enum.any?(object.data["oneOf"], fn %{"replies" => %{"totalItems" => total_items}} ->
total_items == 1
end)
end
end
end end

View file

@ -103,6 +103,7 @@ test "a note activity" do
muted: false, muted: false,
pinned: false, pinned: false,
sensitive: false, sensitive: false,
poll: nil,
spoiler_text: HtmlSanitizeEx.basic_html(note.data["object"]["summary"]), spoiler_text: HtmlSanitizeEx.basic_html(note.data["object"]["summary"]),
visibility: "public", visibility: "public",
media_attachments: [], media_attachments: [],
@ -341,4 +342,106 @@ test "a rich media card with all relevant data renders correctly" do
StatusView.render("card.json", %{page_url: page_url, rich_media: card}) StatusView.render("card.json", %{page_url: page_url, rich_media: card})
end end
end end
describe "poll view" do
test "renders a poll" do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Is Tenshi eating a corndog cute?",
"poll" => %{
"options" => ["absolutely!", "sure", "yes", "why are you even asking?"],
"expires_in" => 20
}
})
object = Object.normalize(activity)
expected = %{
emojis: [],
expired: false,
id: object.id,
multiple: false,
options: [
%{title: "absolutely!", votes_count: 0},
%{title: "sure", votes_count: 0},
%{title: "yes", votes_count: 0},
%{title: "why are you even asking?", votes_count: 0}
],
voted: false,
votes_count: 0
}
result = StatusView.render("poll.json", %{object: object})
expires_at = result.expires_at
result = Map.delete(result, :expires_at)
assert result == expected
expires_at = NaiveDateTime.from_iso8601!(expires_at)
assert NaiveDateTime.diff(expires_at, NaiveDateTime.utc_now()) in 15..20
end
test "detects if it is multiple choice" do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Which Mastodon developer is your favourite?",
"poll" => %{
"options" => ["Gargron", "Eugen"],
"expires_in" => 20,
"multiple" => true
}
})
object = Object.normalize(activity)
assert %{multiple: true} = StatusView.render("poll.json", %{object: object})
end
test "detects emoji" do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "What's with the smug face?",
"poll" => %{
"options" => [":blank: sip", ":blank::blank: sip", ":blank::blank::blank: sip"],
"expires_in" => 20
}
})
object = Object.normalize(activity)
assert %{emojis: [%{shortcode: "blank"}]} =
StatusView.render("poll.json", %{object: object})
end
test "detects vote status" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{
"status" => "Which input devices do you use?",
"poll" => %{
"options" => ["mouse", "trackball", "trackpoint"],
"multiple" => true,
"expires_in" => 20
}
})
object = Object.normalize(activity)
{:ok, _, object} = CommonAPI.vote(other_user, object, [1, 2])
result = StatusView.render("poll.json", %{object: object, for: other_user})
assert result[:voted] == true
assert Enum.at(result[:options], 1)[:votes_count] == 1
assert Enum.at(result[:options], 2)[:votes_count] == 1
end
end
end end

View file

@ -102,7 +102,6 @@ test "it updates notification settings", %{conn: conn} do
conn conn
|> assign(:user, user) |> assign(:user, user)
|> put("/api/pleroma/notification_settings", %{ |> put("/api/pleroma/notification_settings", %{
"remote" => false,
"followers" => false, "followers" => false,
"bar" => 1 "bar" => 1
}) })
@ -110,8 +109,12 @@ test "it updates notification settings", %{conn: conn} do
user = Repo.get(User, user.id) user = Repo.get(User, user.id)
assert %{"remote" => false, "local" => true, "followers" => false, "follows" => true} == assert %{
user.info.notification_settings "followers" => false,
"follows" => true,
"non_follows" => true,
"non_followers" => true
} == user.info.notification_settings
end end
end end

View file

@ -113,9 +113,11 @@ test "User exposes settings for themselves and only for themselves", %{user: use
as_user = UserView.render("show.json", %{user: user, for: user}) as_user = UserView.render("show.json", %{user: user, for: user})
assert as_user["default_scope"] == user.info.default_scope assert as_user["default_scope"] == user.info.default_scope
assert as_user["no_rich_text"] == user.info.no_rich_text assert as_user["no_rich_text"] == user.info.no_rich_text
assert as_user["pleroma"]["notification_settings"] == user.info.notification_settings
as_stranger = UserView.render("show.json", %{user: user}) as_stranger = UserView.render("show.json", %{user: user})
refute as_stranger["default_scope"] refute as_stranger["default_scope"]
refute as_stranger["no_rich_text"] refute as_stranger["no_rich_text"]
refute as_stranger["pleroma"]["notification_settings"]
end end
test "A user for a given other follower", %{user: user} do test "A user for a given other follower", %{user: user} do