Commit graph

5650 commits

Author SHA1 Message Date
Alex Gleason
e9e17e5df3 Upgrade Earmark to v1.4.10 2020-12-11 17:22:17 -06:00
Ivan Tashkinov
7fff9c1bee Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in). 2020-12-09 21:14:39 +03:00
lain
477c6c8e55 Merge branch 'auth-improvements' into 'develop'
Cookie auth rework / Auth subsystem refactoring and tweaks

Closes pleroma/secteam/pleroma#3

See merge request pleroma/pleroma!3112
2020-12-09 15:55:45 +00:00
lain
1436a2fa2d Merge branch 'stream-follow-updates' into 'develop'
Stream follow updates

Closes #2299

See merge request pleroma/pleroma!3183
2020-12-09 15:52:31 +00:00
Ivan Tashkinov
a010c5b16a Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-12-06 13:59:35 +03:00
Ivan Tashkinov
e9859b68fc [#3112] Ensured presence and consistency of :user and :token assigns (EnsureUserTokenAssignsPlug). Refactored auth info dropping functions. 2020-12-06 13:59:10 +03:00
6adad96c79 Merge branch 'issue/2256' into 'develop'
[#2256] added subject actor to moderation log

See merge request pleroma/pleroma!3164
2020-12-04 17:49:05 +00:00
Egor Kislitsyn
c9afb350e7
Document follow relationship updates and cleanup 2020-12-02 19:16:36 +04:00
Egor Kislitsyn
35ba48494f
Stream follow updates 2020-12-02 00:18:58 +04:00
Ivan Tashkinov
d50a3345ae [#3112] Allowed revoking same-user token from any apps. Added tests. 2020-11-30 21:55:48 +03:00
Ivan Tashkinov
50e47a215f Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-28 21:51:27 +03:00
Ivan Tashkinov
f1b07a2b2b OAuth form user remembering feature. Local MastoFE login / logout fixes. 2020-11-28 21:51:06 +03:00
Alexander Strizhakov
6aadb1cb40
digest algorithm is taken from header 2020-11-27 08:10:52 +03:00
Ivan Tashkinov
12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Ivan Tashkinov
489b12cde4 Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements 2020-11-21 19:47:46 +03:00
Ivan Tashkinov
ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
ecd1ef8cb5 Merge branch 'fix/2302-report-duplicates' into 'develop'
Fix for forwarded reports

Closes #2303 and #2302

See merge request pleroma/pleroma!3146
2020-11-20 18:40:15 +00:00
79a509ee61 Merge branch '2301-users-search-discoverability-fix' into 'develop'
[#2301] Proper handling of User.is_discoverable

Closes #2301

See merge request pleroma/pleroma!3162
2020-11-19 20:33:52 +00:00
cd1b4155d5 Merge branch 'oban-jobs-to-simple-tasks' into 'develop'
Moving some background jobs into simple tasks

Closes #1790

See merge request pleroma/pleroma!3129
2020-11-19 20:32:32 +00:00
Maksim Pechnikov
66f411fba0 added subject actor to moderation log 2020-11-19 22:13:45 +03:00
Ivan Tashkinov
b27d8f7437 Merge remote-tracking branch 'remotes/origin/develop' into 2301-users-search-discoverability-fix
# Conflicts:
#	CHANGELOG.md
2020-11-19 19:35:44 +03:00
Ivan Tashkinov
e164c37139 [#2301] Proper handling of User.is_discoverable: users appear in in-service search but are hidden from external services like search bots. 2020-11-19 19:30:02 +03:00
Haelwenn
c8d11c3064 Merge branch '2317-old-reset-tokens' into 'develop'
Resolve "Don't allow old password reset tokens"

Closes #2317

See merge request pleroma/pleroma!3160
2020-11-19 16:22:14 +00:00
lain
11e0d5f9ac Password Resets: Don't accept tokens above a certain age.
By default, one day
2020-11-19 12:27:06 +01:00
Alexander Strizhakov
8a8c154b4e
test fixes 2020-11-19 09:58:32 +03:00
Alexander Strizhakov
be0b874e1d
fix for mastodon forwarded reports 2020-11-19 09:53:14 +03:00
Alexander Strizhakov
e2bf6b1f7e
fix for forwarded reports 2020-11-19 09:53:13 +03:00
minibikini
6669ac5bf7 Merge branch 'develop' into 'hide-muted-reactions'
# Conflicts:
#   CHANGELOG.md
2020-11-18 20:22:40 +00:00
lain
aae669d05e Merge branch 'fix/webpush-and-emojireact' into 'develop'
Push notifications: add pleroma:emoji_reaction, improve tests

Closes #2185

See merge request pleroma/pleroma!3141
2020-11-18 18:33:48 +00:00
lain
6b32e1de23 Merge branch 'frontend-admin-api' into 'develop'
Add an API to manage frontends

Closes #2238

See merge request pleroma/pleroma!3108
2020-11-18 17:51:57 +00:00
Mark Felder
ccddedb504 Credo 2020-11-17 20:33:30 +00:00
Mark Felder
499faa82f6 Synchronize reaction notification text with PleromaFE's style 2020-11-17 20:22:24 +00:00
Mark Felder
5d0bc5e028 Support both pleroma:chat_mention and pleroma:emoji_reaction for /api/v1/push/subscription 2020-11-17 20:21:48 +00:00
Mark Felder
67a6abd071 Update OpenAPI spec/schema and test to verify support for pleroma:emoji_reaction subscriptions 2020-11-17 20:20:00 +00:00
Mark Felder
83ec2f1384 Allow subscribing for pleroma:emoji_reaction push notifications 2020-11-17 20:20:00 +00:00
Mark Felder
3ce11b830e Add capability for emoji reaction push notifications 2020-11-17 20:20:00 +00:00
lain
bb9650f3c2 FrontendController: Return error on installation error. 2020-11-17 16:43:07 +01:00
d33b9e7b33 Merge branch 'remove/fedsockets' into 'develop'
Remove FedSockets

See merge request pleroma/pleroma!3155
2020-11-17 14:58:33 +00:00
Egor Kislitsyn
f69fe36ebf
Merge branch 'develop' into frontend-admin-api 2020-11-17 18:34:04 +04:00
Egor Kislitsyn
79d2d3f609
Merge branch 'develop' into hide-muted-reactions 2020-11-17 18:29:52 +04:00
rinpatch
2c55f7d7cb Remove FedSockets
Current FedSocket implementation has a bunch of problems. It doesn't
have proper error handling (in case of an error the server just doesn't
respond until the connection is closed, while the client doesn't match
any error messages and just assumes there has been an error after 15s)
and the code is full of bad descisions (see: fetch registry which uses
uuids for no reason and waits for a response by recursively querying a
 ets table until the value changes, or double JSON encoding).

Sometime ago I almost completed rewriting fedsockets from scrach to
adress these issues. However, while doing so, I realized that fedsockets
 are just too overkill for what they were trying to accomplish, which is
 reduce the overhead of federation by not signing every message.
This could be done without reimplementing failure states and endpoint
 logic we already have with HTTP by, for example, using TLS cert auth,
or switching to a more performant signature algorithm. I opened
https://git.pleroma.social/pleroma/pleroma/-/issues/2262 for further
discussion on alternatives to fedsockets.

From discussions I had with other Pleroma developers it seems like they
 would approve the descision to remove them as well,
therefore I am submitting this patch.
2020-11-17 17:28:30 +03:00
lain
fec1ed802e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-17 15:01:38 +01:00
lain
81293e5aad ActivityPubController: Don't return local only objects 2020-11-17 13:11:39 +01:00
Mark Felder
b1466661eb Use absolute URLs to thumbnail and background in /api/v1/instance 2020-11-16 21:29:15 +00:00
Egor Kislitsyn
fb41bd1a85 Hide reactions from muted and blocked users 2020-11-16 22:50:14 +04:00
lain
0d149502fe Merge branch 'fixes_2034_reports_should_send_a_notification_to_admins' into 'develop'
fixes 2034 Make notifs view work for reports

Closes #2034

See merge request pleroma/pleroma!2912
2020-11-13 13:35:47 +00:00
Ilja
70e4b86250 Make notifs view work for reports
* These are the first small steps for issue 2034 "Reports should send a notification to admins".
* I added a new type of notification "pleroma:report" to the the database manually (a migration will need to be written later)
* I added the new type to the notification_controller
* I made the view return the notification. It doesn't include the report itself (yet)
2020-11-13 13:35:46 +00:00
Haelwenn
99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
Mark Felder
2156de2fee Ingest blurhash field during transmogrification 2020-11-11 13:39:02 -06:00
Mark Felder
2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00