Commit graph

441 commits

Author SHA1 Message Date
Mike Verdone
3cb471ec06 Expose expires_at datetime in mastoAPI only for the activity actor
In the "pleroma" section of the MastoAPI for status activities you can
see an expires_at item that states when the activity will expire, or
nothing if the activity will not expire.

The expires_at date is only visible to the person who posted the
activity. This is the conservative approach in case some attacker
decides to write a logger for expiring posts. However, in the future of
OCAP, signed requests, and all that stuff, this attack might not be that
likely. Some other pleroma dev should remove the restriction in the code
at that time, if they're satisfied with the security implications of
doing so.
2019-07-24 14:47:22 +02:00
Mike Verdone
704960b3c1 Add support for activity expiration to common and Masto API
The "expires_at" parameter accepts an ISO8601-formatted date which
defines when the activity will expire.

At this point the API will not give you any feedback about if your post
will expire or not.
2019-07-24 14:45:14 +02:00
Mike Verdone
8ba7a151ad Cleanup: fix a comment 2019-07-24 13:14:52 +02:00
Ariadne Conill
d3bdb8e704 rich media: parser: splice the given URL into the result 2019-07-23 23:51:29 +00:00
Sadposter
c400565427 fix test names because i cannot type 2019-07-23 15:47:17 +01:00
Sadposter
299c0e965b actually reblog on the reblog test 2019-07-23 15:38:19 +01:00
Sadposter
7026018c8c Use correct URL for tests 2019-07-23 15:31:35 +01:00
Sadposter
452980652d Mix format 2019-07-23 15:13:05 +01:00
Sadposter
fd1fa5a2ec add tests for unauthed reqs to liked/reblogged_by 2019-07-23 15:08:41 +01:00
Sadposter
a5d6287ba8 Hide blocked users from interactions 2019-07-22 02:42:29 +00:00
Sergey Suprunenko
43a7cd27fe [tests] Mock :crypt.crypt/2 function in AuthenticationPlugTest 2019-07-20 13:07:51 +00:00
Eugenij
4bf2bb9cff Fix password reset for non-test env
Fixes `Plug.Conn.NotSentError` that causes a 5xx error in response
instead of 404 and 400.

Fixes pattern matching error caused by different response format
in test and non-test env: `Pleroma.Emails.Mailer.deliver_async` returns
:ok when PleromaJobQueue is enabled and `{:ok, _}` when it's disabled.
In tests, it's disabled.
2019-07-17 18:09:31 +00:00
Alexander Strizhakov
10f82c88b8 mastoapi password reset
added rate limit to password reset

configure rate limit in runtime
2019-07-16 21:44:50 +00:00
Eugenij
520ee6c591 Add pleroma.deactivated to the Account entity (Mastodon API) 2019-07-16 11:14:46 +00:00
Eugenij
c4ca142e14 Add the blocked_by attribute to the relationship API (GET /api/v1/accounts/relationships) 2019-07-16 11:04:11 +00:00
rinpatch
996fd58ac4 Merge branch 'bugfix/poll-id-as-string' into 'develop'
Status View: Poll ids are strings.

See merge request pleroma/pleroma!1430
2019-07-16 06:06:22 +00:00
lain
7a24def473 Mastodon Controller: Fix tests. 2019-07-16 14:01:18 +09:00
lain
1ed24bcc76 Status View: Poll ids are strings.
All ids in mastodon are strings, in general.
2019-07-16 12:47:40 +09:00
Sergey Suprunenko
b74300bc7a Add more tests for MastodonAPIController and CommonAPI 2019-07-15 19:47:23 +00:00
Egor Kislitsyn
64a946643e Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-07-15 14:11:54 +07:00
Egor Kislitsyn
a87c313309 Support list visibility in StatusView 2019-07-15 14:00:29 +07:00
Alexander Strizhakov
e7c39b7ac8 Feature/1072 muting notifications 2019-07-14 13:29:31 +00:00
Mark Felder
360e4cdaa2 Move these to pleroma namespace in Mastodon API 2019-07-12 11:25:58 -05:00
Eugenij
4198c3ac39 Extend Pleroma.Pagination to support offset-based pagination, use async/await to execute status and account search in parallel 2019-07-11 13:55:31 +00:00
Haelwenn (lanodan) Monnier
252e129b1e
MastoAPI: Add categories to custom emojis
Note: This isn’t in a release yet, can be seen in mastofe on the
rebase/glitch-soc branch.
2019-07-10 17:02:37 +02:00
Sergey Suprunenko
ff55e3c16f Create mentions only for explicitly mentioned users 2019-07-10 13:29:50 +00:00
Maksim
008c55e4e9 add test for search_controller/ 100% coverage 2019-07-10 08:28:03 +00:00
Ivan Tashkinov
829e997223 [#878] Merge remote-tracking branch 'remotes/upstream/develop' into 878-activity-object-decoupling-in-tests
# Conflicts:
#	lib/pleroma/object.ex
#	test/web/activity_pub/transmogrifier_test.exs
#	test/web/ostatus/ostatus_test.exs
2019-07-09 21:46:16 +03:00
kaniini
1417627d07 Merge branch 'remove-avatar-header' into 'develop'
Ability to reset avatar, profile banner and backgroud

See merge request pleroma/pleroma!1187
2019-07-09 17:51:41 +00:00
Ivan Tashkinov
daff85a985 [#878] Refactored assumptions on embedded object presence in tests. Adjusted note factory to not embed object into activity. 2019-07-08 19:53:02 +03:00
rinpatch
72b88c82bc Mastodon API: Fix embedded relationships not being rendered inside of statuses 2019-07-08 12:07:08 +03:00
Eugenij
1f76740e10 Add hashtag filter to user statuses (GET /api/v1/accounts/:id/statuses) 2019-06-30 09:08:46 +00:00
Sergey Suprunenko
d53fb55bb7 Return correct response when reply to a direct message is not direct itself 2019-06-26 10:59:27 +00:00
Maksim Pechnikov
4ad15ad2a9 add ignore hosts and TLDs for rich_media 2019-06-25 22:25:37 +03:00
Sachin Joshi
a0c65bbd6c Merge branch 'develop' into 'remove-avatar-header'
# Conflicts:
#   CHANGELOG.md
2019-06-23 03:25:50 +00:00
rinpatch
c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
lain
a440cf856d Mastodon API: Return the token needed for the chat. 2019-06-15 10:59:35 +02:00
rinpatch
62ffc00a5d Merge branch 'feature/add-background-image-to-mastoapi' into 'develop'
AccountView: Add user background.

See merge request pleroma/pleroma!1280
2019-06-14 16:49:28 +00:00
Maksim
ee4ed87fb4 [#948] /api/v1/account_search added optional parameters (limit, offset, following) 2019-06-14 11:39:57 +00:00
lain
eac298083f MastodonAPI: Add a way to update the background image. 2019-06-14 11:19:22 +02:00
lain
5965efb216 AccountView: Add user background. 2019-06-13 19:08:05 +02:00
lain
63ab3c30eb Merge branch 'feature/rate-limiter' into 'develop'
Feature/Rate Limiter

Closes #943

See merge request pleroma/pleroma!1266
2019-06-11 11:32:01 +00:00
Egor Kislitsyn
ad04d12de6 Replace MastodonAPIController.account_register/2 rate limiter 2019-06-11 16:06:03 +07:00
Sergey Suprunenko
365268d522 Add more tests for using media_proxy and whitelists 2019-06-10 11:34:11 +00:00
lain
7e9f7ea0c2 MastodonAPI: Add test for user search. 2019-06-06 16:16:22 +02:00
Egor Kislitsyn
5b04f07a1e Limit search for unauthenticated users to local users only 2019-06-05 16:51:04 +07:00
Maksim Pechnikov
4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
kaniini
9d2563a3de Merge branch 'generic-fe-settings' into 'develop'
Generic settings store for frontend user settings

See merge request pleroma/pleroma!1221
2019-06-04 05:43:43 +00:00
Maksim Pechnikov
64ada7f960 fix tests 2019-06-03 22:51:14 +03:00
Maksim Pechnikov
f13d6c7f78 update api to set skip_thread_containment 2019-06-03 21:02:57 +03:00
rinpatch
dc91bcc0af Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 13:16:17 +03:00
lambda
314758c25b Merge branch 'align-mastodon-conversations' into 'develop'
Mastodon Conversations API: Align to Mastodon behavior

See merge request pleroma/pleroma!1215
2019-06-03 09:48:37 +00:00
rinpatch
026b245dbc Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 11:14:52 +03:00
rinpatch
2fe3a20638 Make error message about author's inability to vote more sensible 2019-06-02 23:33:15 +03:00
rinpatch
c47da0e65d Add tests for poll view 2019-06-02 23:25:33 +03:00
kaniini
5402d04e3c Merge branch 'feature/notification-control-part-2' into 'develop'
notification controls, part 2

See merge request pleroma/pleroma!1204
2019-06-02 08:25:37 +00:00
rinpatch
cfa588e357 Fix Credo issues 2019-06-01 21:42:29 +03:00
rinpatch
65db5e9f52 Resolve merge conflicts 2019-06-01 16:29:58 +03:00
rinpatch
300d94c628 Add poll votes
Also in this commit by accident:
- Fix query ordering causing exclude_poll_votes to not work
- Do not create notifications for Answer objects
2019-06-01 16:17:46 +03:00
Haelwenn (lanodan) Monnier
5d3ece2861
Remove now useless flavours switching 2019-06-01 01:44:10 +02:00
lain
7861974ab2 MastodonAPI: Add extension to set and get pleroma_settings_store. 2019-05-31 14:50:18 +02:00
lain
aaad85c4d9 AccountView: settings -> settings_store 2019-05-31 14:49:46 +02:00
lain
eb2963bc43 User: Add settings store to Info, AccountView
This is to provide a generic frontend settings storage mechanism for all kinds
of frontends.
2019-05-31 14:27:15 +02:00
lain
97fb50d9fa Mastodon Conversation API: Don't return own account in 'accounts'. 2019-05-31 11:27:14 +02:00
Sergey Suprunenko
1690be991e Replace missing non-nullable Card attributes with empty strings 2019-05-30 21:03:31 +00:00
Sachin Joshi
1452a96ad6 ability to set and reset avatar, profile banner and backgroud in Mastodon API 2019-05-27 15:31:01 +05:45
William Pitcock
45e4642a58 tests: chase remote/local removal 2019-05-26 00:20:54 +00:00
William Pitcock
1542cccbbc tests: chase notification setting changes 2019-05-25 05:22:13 +00:00
rinpatch
cdac5efd10 Merge branch 'bugfix/account_view_source.note' into 'develop'
MastoAPI AccountView: fill source.note with plaintext version of note

Closes #926

See merge request pleroma/pleroma!1189
2019-05-22 05:39:01 +00:00
Haelwenn (lanodan) Monnier
0e2c215a00
MastoAPI AccountView: fill source.note with plaintext version of note
Closes: https://git.pleroma.social/pleroma/pleroma/issues/926
2019-05-22 07:22:19 +02:00
rinpatch
63b0b7190c MastoAPI: Add GET /api/v1/polls/:id 2019-05-21 20:40:35 +03:00
rinpatch
0407ffe75f Change validation error status codes to be more appropriate 2019-05-21 17:12:38 +03:00
rinpatch
3f96b3e4b8 Enforce poll limits and add error handling for MastodonAPI's post endpoint 2019-05-21 10:54:20 +03:00
rinpatch
76a7429bef Add poll limits to /api/v1/instance and initial state 2019-05-21 09:13:10 +03:00
Sadposter
dc916ba15f
Format mascot tests 2019-05-20 12:58:17 +01:00
Sadposter
e81f0fc6d4
Add mascot get/set tests 2019-05-20 12:58:06 +01:00
rinpatch
5ece901af3 Resolve merge conflicts and remove IO.inspects 2019-05-18 13:37:38 +03:00
rinpatch
fd920c8973 Mastodon API: Add support for posting polls 2019-05-18 13:29:28 +03:00
Alexander Strizhakov
7ed682213f Fix/902 random compile failing 2019-05-17 07:25:20 +00:00
Sergey Suprunenko
e2b3a27204 Add Reports to Admin API 2019-05-16 19:09:18 +00:00
Aaron Tinio
70c81b95d0 Pipe requests to public endpoints through EnsurePublicOrAuthenticatedPlug 2019-05-15 05:09:32 +08:00
Alexander Strizhakov
a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Sachin Joshi
7701a4c841 Make irreversible field default to false in filters 2019-05-14 00:13:15 +05:45
rinpatch
3a7c14645e - Actually use preloaded bookmarks in views
- Preload bookmarks in bookmark timeline
- Rework bookmark preload tests
2019-05-07 19:33:22 +00:00
lambda
238dd72fad Merge branch 'conversations_three' into 'develop'
Conversations once more.

See merge request pleroma/pleroma!1119
2019-05-07 14:43:21 +00:00
Haelwenn (lanodan) Monnier
b5ad1715b2
MastoAPI: profile update with emoji_map 2019-05-03 16:41:23 +02:00
lain
45f790becc Merge remote-tracking branch 'origin/develop' into conversations_three 2019-05-01 18:40:41 +02:00
rinpatch
0fd176b990 Merge branch 'fix/add-default-scope-mastoapi' into 'develop'
Add default_scope to /api/v1/update_credentials

See merge request pleroma/pleroma!1100
2019-04-29 06:45:18 +00:00
rinpatch
ce3789e39a Add default_scope to /api/v1/update_credentials 2019-04-27 23:55:54 +03:00
rinpatch
c3e9fcf098 Fix bookmarks depending on embeded object and move checking if the
status is bookmarked to SQL
2019-04-27 23:06:46 +03:00
lambda
4de5fef1f8 Merge branch 'feature/807-bookmark-endpoint-extension' into 'develop'
Feature/807 bookmark endpoint extension

Closes #807

See merge request pleroma/pleroma!1059
2019-04-26 11:59:47 +00:00
rinpatch
dfc8425659 Move settings to Source subentity 2019-04-25 10:31:14 +03:00
Alex S
85953c0836 fixes for tests 2019-04-25 13:46:40 +07:00
rinpatch
4baea6e6d9 Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API
This patch:
- Fixes `rights` in twitterapi ignoring `show_role`
- Fixes exposing default scope of the user to anyone in Mastodon API
- Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674)

Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs
2019-04-24 20:01:42 +03:00
Sergey Suprunenko
9dd36e5bcb Extend Mastodon API with public endpoint for getting Favorites timeline of any user (#789) 2019-04-23 02:47:43 +00:00
rinpatch
f60d072bbb Add pleroma.in_reply_to_account_acct to MastoAPI status entity 2019-04-22 11:54:27 +03:00
Egor
b9cdf6d3b9 Use User.get_cached* everywhere 2019-04-22 07:20:43 +00:00
Roman Chvanikov
2662bea4e0 Add accounts and last_status to conversation read response 2019-04-21 20:26:13 +07:00
eugenijm
375fd21055 Set correct values in the MastoAPI reblog status view 2019-04-21 05:40:22 +03:00
eugenijm
fa48532387 Handle reblogs on the first follow request in MastoAPI 2019-04-20 04:39:49 +03:00