Commit graph

3019 commits

Author SHA1 Message Date
rinpatch
376a55c97f Merge branch '161-incoming-replies-depth-limit' into 'develop'
[#161] Limited replies depth on incoming federation (memory leaks fix)

Closes #161

See merge request pleroma/pleroma!1361
2019-07-09 14:15:10 +00:00
lain
abe2e8881f Testing: Don't federate in testing. 2019-07-09 15:30:51 +09:00
rinpatch
44b2e1fdad Formatting 2019-07-08 14:05:57 +03:00
rinpatch
9e58d3c624 FallbackRedirector: Do not crash on Metadata rendering errors 2019-07-08 12:59:49 +03:00
rinpatch
7f609ee8f4 OGP/TwitterCard: Add fallbacks in case the attachment key is nonexistent 2019-07-08 12:16:32 +03:00
rinpatch
72b88c82bc Mastodon API: Fix embedded relationships not being rendered inside of statuses 2019-07-08 12:07:08 +03:00
Sachin Joshi
f5ad430974 make sure the url used by proxy is same as origin url
encoding or decoding it breaks some of the signed url
2019-07-07 14:13:40 +05:45
Haelwenn (lanodan) Monnier
e174614eb9
MastoAPI Streaming: Keep compatibility with access_token 2019-07-07 08:49:29 +02:00
KokaKiwi
a7885748c7
MastoAPI streaming: Replace access_token with Sec-WebSocket-Protocol 2019-07-06 20:29:17 +02:00
Ivan Tashkinov
ad8d86e7c6 Merge remote-tracking branch 'remotes/upstream/develop' into 161-incoming-replies-depth-limit 2019-07-06 10:17:06 +03:00
Maxim Filippov
6c50fbcd14 Admin API: Allow querying user by ID 2019-07-05 19:33:53 +03:00
Eugenij
15eb1235ed Expose skip_thread_containment in nodeinfo 2019-07-03 18:35:57 +00:00
Eugenij
5184b0f41a Use fallback values for search queries
This is to make sure the entire request doesn't return a 500 error if
user or status search times out.
2019-07-03 10:19:51 +00:00
Eugenij
ab50c6b3ca Add fallback value to the admin report view.
This is to avoid 500 error when the reported user no longer exists
in the database.
2019-07-02 01:27:00 +00:00
Ivan Tashkinov
a799418573 [#161] Merge remote-tracking branch 'remotes/upstream/develop' into 161-incoming-replies-depth-limit
# Conflicts:
#	CHANGELOG.md
2019-06-30 16:05:00 +03:00
Ivan Tashkinov
2b9d914089 [#161] Refactoring, documentation. 2019-06-30 15:58:50 +03:00
Eugenij
1f76740e10 Add hashtag filter to user statuses (GET /api/v1/accounts/:id/statuses) 2019-06-30 09:08:46 +00:00
rinpatch
4c60a562a7 Fix not being able to pin unlisted posts
Closes #1038
2019-06-29 22:27:42 +03:00
Ivan Tashkinov
5b7b1040b3 [#161] Limited replies depth on incoming federation in order to prevent memory leaks on recursive replies fetching. 2019-06-29 20:04:50 +03:00
kaniini
d1549a6375 Merge branch 'feature/merge-mastodon-admin-views-for-reports' into 'develop'
Merge admin and mastodon user views for reports

See merge request pleroma/pleroma!1346
2019-06-29 00:12:09 +00:00
William Pitcock
034986e1fd MRF: add mediaproxy warming policy 2019-06-28 23:19:20 +00:00
Maxim Filippov
452ca5250d Merge admin and mastodon user views for reports 2019-06-28 15:15:32 +03:00
kaniini
0369a5db16 Merge branch 'idempotency-plug' into 'develop'
Add IdempotencyPlug and use it in all of the api

Closes #1003

See merge request pleroma/pleroma!1339
2019-06-27 04:20:17 +00:00
Alexander Strizhakov
c6705144a2 don't delete config settings on admin update 2019-06-27 04:19:44 +00:00
Egor Kislitsyn
889a9c3a3f Polish IdempotencyPlug 2019-06-27 01:53:58 +07:00
Egor Kislitsyn
0b8aeac0f3 Remove previous idempotency implementation from post_status 2019-06-26 18:49:14 +07:00
Egor Kislitsyn
74132e3715 Enable IdempotencyPlug for the all API 2019-06-26 18:42:49 +07:00
Sergey Suprunenko
d53fb55bb7 Return correct response when reply to a direct message is not direct itself 2019-06-26 10:59:27 +00:00
kaniini
24bcc209f9 Merge branch 'refactoring/fix_render_view' into 'develop'
Fix Controller.render/4 deprecation

See merge request pleroma/pleroma!1337
2019-06-26 05:34:26 +00:00
Maksim Pechnikov
5c0f646cef fix validate_page_url 2019-06-26 06:27:17 +03:00
Roman Chvanikov
a7a54068f9 Fix Controller.render/4 deprecation 2019-06-26 03:28:02 +03:00
Maksim Pechnikov
4ad15ad2a9 add ignore hosts and TLDs for rich_media 2019-06-25 22:25:37 +03:00
Maksim Pechnikov
0276cf5a02 fix validate_url for private ip 2019-06-25 17:44:24 +03:00
Maksim
a0c4ebb4d7 [#184] small refactoring reset password 2019-06-24 19:01:56 +00:00
Sergey Suprunenko
2c63c67512 Rework user deletion 2019-06-24 18:59:12 +00:00
Eugenij
f2c03425b0 Broadcast conversation update when DM is deleted 2019-06-24 07:14:04 +00:00
kaniini
27b9605de0 Merge branch 'rich_media_titles_two' into 'develop'
Rich media titles two

See merge request pleroma/pleroma!1325
2019-06-23 05:43:11 +00:00
Alex S
982cad0268 support for config groups 2019-06-23 08:16:16 +03:00
Sachin Joshi
a0c65bbd6c Merge branch 'develop' into 'remove-avatar-header'
# Conflicts:
#   CHANGELOG.md
2019-06-23 03:25:50 +00:00
Alex S
410add1c30 support for tuples with more than 2 values 2019-06-22 17:30:53 +03:00
lain
0e415921cd Rich Media Parser: Do not return just a title if nothing else is there. 2019-06-22 16:22:59 +02:00
lain
58c4d5312b Revert "Revert "Merge branch 'fix/ogp-title' into 'develop'""
This reverts commit b6af80f769.
2019-06-22 15:12:57 +02:00
Alex S
f0fccb7578 fix for int and modules 2019-06-22 09:01:30 +03:00
kaniini
55742d978d Merge branch 'feature/mrf-anti-link-spam' into 'develop'
implement anti link spam MRF

See merge request pleroma/pleroma!1307
2019-06-21 22:56:54 +00:00
kaniini
e3534f5b3c Merge branch 'oauth_secure_redirect' into 'develop'
OAuth security improvements (`redirect_uri` listing enforcement)

See merge request pleroma/pleroma!1302
2019-06-21 22:31:12 +00:00
William Pitcock
127a5a7d65 change the anti-link-spam MRF implementation to use old_user? instead of the previous name 2019-06-21 22:27:14 +00:00
b6af80f769 Revert "Merge branch 'fix/ogp-title' into 'develop'"
This reverts merge request !1277
2019-06-21 11:36:32 +00:00
William Pitcock
21dacd4b15 unbreak polls 2019-06-19 16:33:49 +00:00
William Pitcock
736d8ad6be implement anti link spam MRF 2019-06-19 15:58:32 +00:00
rinpatch
df2dab69a7 Merge branch 'begone-the-dot-hack' into 'develop'
Remove the dot hack when posting from Mastodon API and add proper errors when the post exceeds character limits

See merge request pleroma/pleroma!1298
2019-06-19 10:22:23 +00:00
lain
966317e052 Merge branch 'deps/update-auto-linker' into 'develop'
Deps: Update auto_linker

See merge request pleroma/pleroma!1300
2019-06-18 20:47:36 +00:00
Ivan Tashkinov
64bc7ac619 Minor edit (comment). 2019-06-18 17:15:26 +03:00
Ivan Tashkinov
9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
rinpatch
f30a3241d2 Deps: Update auto_linker 2019-06-18 16:08:18 +03:00
rinpatch
c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
rinpatch
c4e4f7d0e4 Add proper error handling for when the post exceeds character limits 2019-06-18 05:05:05 +03:00
rinpatch
dce27de733 Mastodon API: Remove the dot hack 2019-06-18 05:04:41 +03:00
rinpatch
49a49d3763 Merge branch 'removing-test-errors' into 'develop'
Removing test errors

See merge request pleroma/pleroma!1296
2019-06-17 14:16:23 +00:00
Haelwenn
c34327b22e Merge branch 'fix/sanitize-report-content' into 'develop'
Sanitize HTML in ReportView

Closes #990

See merge request pleroma/pleroma!1293
2019-06-16 18:05:00 +00:00
Alex S
0f59265a50 salmon fix
removed some ownership sandbox error
2019-06-16 20:10:12 +08:00
Maksim
a04bf131e0 [#570] add user:notification stream 2019-06-16 10:33:25 +00:00
rinpatch
bf6aa6f1a8 Fix report content stopping to be nullable 2019-06-16 13:06:12 +03:00
rinpatch
44de34d170 Credo fixes 2019-06-16 01:35:45 +03:00
rinpatch
641bcaa44e Sanitize HTML in ReportView
Closes #990
2019-06-16 01:30:32 +03:00
lain
135c196769 Merge branch 'bugfix/980-polls-double-vote' into 'develop'
MastodonAPI Controller: Band-Aid double vote problem.

See merge request pleroma/pleroma!1275
2019-06-15 15:13:48 +00:00
lain
37ee6c6e2c Merge branch 'update/phoenix-and-plug' into 'develop'
Update Phoenix

See merge request pleroma/pleroma!1290
2019-06-15 15:09:14 +00:00
kaniini
52b1b0e45d Merge branch '963_oob_oauth_redirect_fix' into 'develop'
[#963] No redirect on OOB OAuth authorize request with existing authorization

See merge request pleroma/pleroma!1276
2019-06-15 13:45:50 +00:00
Mark Felder
9b908697dd OEmbed.OEmbedController does not exist in the Pleroma codebase. It was removed in commit 92c5640f
and this leftover artifact breaks compiling now.
2019-06-15 07:04:01 -05:00
lain
a440cf856d Mastodon API: Return the token needed for the chat. 2019-06-15 10:59:35 +02:00
rinpatch
62ffc00a5d Merge branch 'feature/add-background-image-to-mastoapi' into 'develop'
AccountView: Add user background.

See merge request pleroma/pleroma!1280
2019-06-14 16:49:28 +00:00
Alexander Strizhakov
c2ca1f22a2 it is changed in compile time
we can't change module attributes and endpoint settings in runtime
2019-06-14 15:45:05 +00:00
Maksim
ee4ed87fb4 [#948] /api/v1/account_search added optional parameters (limit, offset, following) 2019-06-14 11:39:57 +00:00
lain
eac298083f MastodonAPI: Add a way to update the background image. 2019-06-14 11:19:22 +02:00
lain
5965efb216 AccountView: Add user background. 2019-06-13 19:08:05 +02:00
Egor Kislitsyn
a12f8e13c8 Improve <title> fallback; Add a test 2019-06-13 15:02:46 +07:00
Mark Felder
7363a0ea8a Revert "Only run Floki if title is missing from the map"
This reverts commit 97d2b1a45a.
2019-06-12 18:32:28 -05:00
Mark Felder
97d2b1a45a Only run Floki if title is missing from the map 2019-06-12 18:27:35 -05:00
Mark Felder
097fdf6a5d Attempt to use <title> from HTML as a fallback 2019-06-12 17:56:51 -05:00
Ivan Tashkinov
4b2c29016c [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
lain
966543379d MastodonAPI Controller: Band-Aid double vote problem. 2019-06-12 16:36:23 +02:00
Egor Kislitsyn
bf22ed5fbd Update auto_linker dependency 2019-06-12 15:53:33 +07:00
lain
63ab3c30eb Merge branch 'feature/rate-limiter' into 'develop'
Feature/Rate Limiter

Closes #943

See merge request pleroma/pleroma!1266
2019-06-11 11:32:01 +00:00
Egor Kislitsyn
ad04d12de6 Replace MastodonAPIController.account_register/2 rate limiter 2019-06-11 16:06:03 +07:00
Egor Kislitsyn
bc8f059367 Add rate limiting for search endpoints 2019-06-11 14:28:39 +07:00
rinpatch
d020f68e87 Transmogrifier: Do not crash if inReplyTo does not exist and can't be fetched 2019-06-07 20:40:38 +03:00
rinpatch
92213fb87c Replace Mix.env with Pleroma.Config.get(:env)
Mix.env/0 is not availible in release environments such as distillery or
elixir's built-in releases.
2019-06-06 23:59:51 +03:00
kaniini
3f6da9c45a Merge branch 'bugfix/377-stuck-follow-request' into 'develop'
Bugfix/377 stuck follow request

Closes #377

See merge request pleroma/pleroma!1250
2019-06-05 15:52:40 +00:00
kaniini
a511d2f900 Merge branch 'improve-search' into 'develop'
[#943] Contain search for unauthenticated users

See merge request pleroma/pleroma!1220
2019-06-05 15:51:32 +00:00
lain
e1370ba131 Utils: Use update_follow_state_for_all when appropriate. 2019-06-05 16:51:28 +02:00
lain
ad19bfc7fe Utils: Split update_follow_state and update_follow_state_for_all. 2019-06-05 16:43:35 +02:00
lain
076c9ae40e User: Remove superfluous maybe_follow. 2019-06-05 14:24:31 +02:00
lain
3115b64cfe Transmogrifier: Add tests for incoming follows to locked accounts. 2019-06-05 14:10:46 +02:00
Egor Kislitsyn
ddd4a09b72 Fix merge conflict 2019-06-05 17:55:00 +07:00
Egor Kislitsyn
cfa5572d28 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-06-05 17:53:15 +07:00
Ivan Tashkinov
3eefb274f4 OAuth consumer: tests fix, comments, Keycloak config notes. 2019-06-05 13:02:13 +03:00
Egor Kislitsyn
93397fce3d Contain search for unauthenticated users 2019-06-05 16:37:43 +07:00
kaniini
e4babb1c9f Merge branch 'explicit-addressing' into 'develop'
Explicit addressing

See merge request pleroma/pleroma!1239
2019-06-05 08:28:20 +00:00
Egor Kislitsyn
6ba9055b51 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-06-05 12:54:30 +07:00
lain
18c35d84fd NodeInfo: Add explicit addressing to nodeinfo. 2019-06-04 17:14:25 +02:00
Maksim Pechnikov
1e7bb69a95 update ActivityPub#fetch_activities_query 2019-06-04 15:21:18 +03:00
Maksim Pechnikov
d3d1704e84 Merge branch 'develop' into issue/941 2019-06-04 15:06:58 +03:00
Maksim Pechnikov
0acfcf6c52 update ActivityPub#fetch_activities_query 2019-06-04 15:04:36 +03:00
rinpatch
17383861ed Fix CommonAPI.vote returning tuples inside of the activity array instead of just activities 2019-06-04 13:38:32 +03:00
rinpatch
29b022bb59 Restrict get_existing_votes to only get Create activities 2019-06-04 12:42:10 +03:00
Egor Kislitsyn
9ce928d823 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-06-04 16:28:23 +07:00
lain
4cab98b7bf Merge remote-tracking branch 'origin/develop' into explicit-addressing 2019-06-04 11:23:46 +02:00
William Pitcock
37a4ba0624 utils: access inReplyTo as an explicit string when fetching poll results` 2019-06-04 08:45:03 +00:00
Maksim Pechnikov
4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
William Pitcock
1c6cf0a348 nodeinfo: add pollLimits to metadata 2019-06-04 06:19:44 +00:00
kaniini
9f0d0d0805 Merge branch 'feature/mrf-subchain' into 'develop'
MRF: subchain policy

See merge request pleroma/pleroma!1233
2019-06-04 05:49:54 +00:00
kaniini
9d2563a3de Merge branch 'generic-fe-settings' into 'develop'
Generic settings store for frontend user settings

See merge request pleroma/pleroma!1221
2019-06-04 05:43:43 +00:00
Maksim Pechnikov
f13d6c7f78 update api to set skip_thread_containment 2019-06-03 21:02:57 +03:00
eugenijm
f2c4c99e03 Remove repeated scope lists 2019-06-03 19:18:21 +03:00
lain
80d4d83aac CommonAPI: Add explicit addressing. 2019-06-03 18:17:08 +02:00
eugenijm
243d8ed94e Use workaround for the heavy checkmark symbol in iOS 2019-06-03 18:28:36 +03:00
Mark Felder
f4e2595592 Merge branch 'develop' into update-oauth-template 2019-06-03 09:12:17 -05:00
Maksim Pechnikov
080e1aa70e add option skip_thread_containment 2019-06-03 16:13:37 +03:00
rinpatch
dc91bcc0af Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 13:16:17 +03:00
lambda
314758c25b Merge branch 'align-mastodon-conversations' into 'develop'
Mastodon Conversations API: Align to Mastodon behavior

See merge request pleroma/pleroma!1215
2019-06-03 09:48:37 +00:00
rinpatch
026b245dbc Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 11:14:52 +03:00
rinpatch
5bd41fef8b Change query order in fetch_activities_for_context_query to make poll vote exclusion work 2019-06-03 10:58:37 +03:00
rinpatch
1fd8e19d76 Remove a TODO comment as the tests for poll view were written 2019-06-02 23:46:17 +03:00
rinpatch
2fe3a20638 Make error message about author's inability to vote more sensible 2019-06-02 23:33:15 +03:00
rinpatch
e3c460353d Refresh the object in CommonAPI.vote instead of MastoAPI controller 2019-06-02 23:24:48 +03:00
William Pitcock
561a21986d formatting 2019-06-02 10:29:15 +00:00
William Pitcock
4087ccdab8 mrf: add subchain policy 2019-06-02 10:07:42 +00:00
William Pitcock
edf772d41e mrf: allow a policy chain to be specified when filtering 2019-06-02 09:44:42 +00:00
kaniini
5402d04e3c Merge branch 'feature/notification-control-part-2' into 'develop'
notification controls, part 2

See merge request pleroma/pleroma!1204
2019-06-02 08:25:37 +00:00
rinpatch
6bc9e5c020 Mastodon API: Refresh the object before rendering it after voting 2019-06-01 21:41:49 +03:00
rinpatch
444406167b Mastodon API: actually check for poll votes 2019-06-01 21:41:23 +03:00
rinpatch
65db5e9f52 Resolve merge conflicts 2019-06-01 16:29:58 +03:00
rinpatch
300d94c628 Add poll votes
Also in this commit by accident:
- Fix query ordering causing exclude_poll_votes to not work
- Do not create notifications for Answer objects
2019-06-01 16:17:46 +03:00
kaniini
e706b42f51 Merge branch 'bugfix/visibility-indicator-litepub-dm' into 'develop'
visibility: if litepub:directMessage is asserted, always report the object as "direct" visibility

See merge request pleroma/pleroma!1230
2019-06-01 03:39:13 +00:00
Sergey Suprunenko
2bbc2a801f Remove all follower collections but actor's from "cc" 2019-06-01 03:26:45 +00:00
William Pitcock
f2efe24cf8 visibility: if litepub:directMessage is asserted, always report the object as "direct" visibility 2019-06-01 03:24:08 +00:00
Haelwenn (lanodan) Monnier
5d3ece2861
Remove now useless flavours switching 2019-06-01 01:44:10 +02:00
Haelwenn (lanodan) Monnier
aa9f52edd2
mastodon_api_controller.ex: Remove vanilla from supported_flavours 2019-06-01 01:44:10 +02:00
lambda
2993361075 Merge branch 'hotfix/leaking-lists' into 'develop'
Mastodon API: Fix lists leaking private posts

See merge request pleroma/pleroma!1222
2019-05-31 13:26:48 +00:00
lain
7861974ab2 MastodonAPI: Add extension to set and get pleroma_settings_store. 2019-05-31 14:50:18 +02:00
lain
aaad85c4d9 AccountView: settings -> settings_store 2019-05-31 14:49:46 +02:00
lain
eb2963bc43 User: Add settings store to Info, AccountView
This is to provide a generic frontend settings storage mechanism for all kinds
of frontends.
2019-05-31 14:27:15 +02:00
rinpatch
d9c0650ff9 Mastodon API: Fix lists leaking private posts
Our previous list visibility resolver grabbed posts if either follower
collection of the user in a list who is followed is in `to` or if
follower collection of the user in a list was in `cc`. This not only
missed unlisted posts but also lead to leaking private posts when
`fix_explicit_addressing` mistakingly started putting follower collections
to `cc` (also fixed in this MR).

Reported by @kurisu@iscute.moe via a DM
2019-05-31 15:25:17 +03:00
rinpatch
a9eaa55885 Fix fix_explicit_addressing moving follower collection to cc and add tests for it 2019-05-31 14:17:05 +03:00
lain
97fb50d9fa Mastodon Conversation API: Don't return own account in 'accounts'. 2019-05-31 11:27:14 +02:00
Sergey Suprunenko
1690be991e Replace missing non-nullable Card attributes with empty strings 2019-05-30 21:03:31 +00:00
lambda
91ac8b075b Merge branch 'use-pleroma-config' into 'develop'
Use Pleroma.Config everywhere

See merge request pleroma/pleroma!1214
2019-05-30 13:16:08 +00:00
Egor Kislitsyn
99f70c7e20 Use Pleroma.Config everywhere 2019-05-30 15:33:58 +07:00
kaniini
6aec0d1b58 Revert "Merge branch 'feature/search-authenticated-only' into 'develop'"
This reverts merge request !1209
2019-05-29 22:10:16 +00:00
Mark Felder
e7edfd9fec Permit fetching statuses from API with nickname or id 2019-05-29 12:20:18 -05:00
Mark Felder
672fddb721 Default search limit should be 40
https://docs.joinmastodon.org/api/rest/search/
2019-05-29 08:06:26 -05:00