Commit graph

955 commits

Author SHA1 Message Date
2d32bc33d7
server: fix error for invalid URLs in profile fields
Co-authored-by: Chloe Kudryavtsev <code@code.bunkerlabs.net>
2023-01-30 19:24:15 +01:00
bb3ec8bafe Revert "server: fix user deletion race condition"
This reverts commit cc83cbe523, reversing
changes made to 8abd3ebec7.

This changeset contains:
* multiple type errors
* a foreign key incompatibility
* breaks outgoing note federation (in at least two ways)
2023-01-30 14:59:24 +01:00
cc83cbe523
server: fix user deletion race condition
Changelog: Fixed
Ref: https://github.com/misskey-dev/misskey/issues/7506
2023-01-29 12:53:29 +01:00
36031c083a
docs: adjust parameters for v2 methods other than POST 2023-01-26 13:34:13 +01:00
05f8172ce9
docs: describe /ap/ endpoints 2023-01-26 13:25:50 +01:00
151053897d
server: lower rate limit for deletion activities
Changelog: Changed
2023-01-26 13:25:50 +01:00
95a9027a66
docs: show rate limit information
Changelog: Added
2023-01-26 13:25:49 +01:00
57cf6c7163
server: indicate Retry-After when rate limiting
This refactors the rate limiting code to throw an ApiError directly.

Changelog: Added
2023-01-26 08:37:07 +01:00
9b76c805ec
fix: DriveFile folder & user undefined instead of null when unrequested 2023-01-25 22:14:53 +01:00
21b20920c2
docs: use endpoint stability to mark endpoints deprecated 2023-01-23 20:13:17 +01:00
e7644eb757
server: add index to human readable URL 2023-01-23 19:58:07 +01:00
66ec875624
server: also search human readable URL
Changelog: Fixed
2023-01-23 18:09:04 +01:00
78f5ca3792
server: fix empty array in quote detection 2023-01-22 21:47:02 +01:00
c792e4199c
server: add missing return in extractQuoteUrl 2023-01-22 21:42:49 +01:00
afa4094050
BREAKING: Remove galleries
Existing gallery posts will be made into normal notes.
If a user has gallery posts, a clip with all gallery posts will be created.

Changelog: Removed
2023-01-22 20:18:57 +01:00
c4b5952788
migrate galleries to notes/clips 2023-01-22 19:44:39 +01:00
5893a44ff5
server: parse quote tag syntax
Ref: FEP-e232
2023-01-17 21:45:57 +01:00
9bdf24d3a5
enhance: add tag for quotes
Ref: FEP-e232
2023-01-17 21:45:49 +01:00
2bbb85b472
backend: remove galleries 2023-01-16 18:53:57 +01:00
7170b86724
fixup: websocket data parsing + logger 2023-01-14 13:22:09 +01:00
3d2cfc075a
fixup: actually check whether the group joining is from the user 2023-01-13 21:55:14 +01:00
1319dc93d9
server: switch websocket to ws 2023-01-11 23:57:37 +01:00
ee2fa2e0be
fixup: import 2023-01-10 20:35:03 +01:00
57d1af1117
remove default export in streaming API 2023-01-10 20:30:47 +01:00
8c2b7e20b2
translating comments, cleanup 2023-01-09 20:44:01 +01:00
fdf30f60e6
server: remove SQL boolean comparisons 2023-01-09 20:43:12 +01:00
b245d39b6e
server: delete records of fully deleted users 2023-01-08 21:22:03 +01:00
80f72e21cd
server: track deletion completion 2023-01-08 21:22:03 +01:00
85e985d13f
server: change data structure to track deletion completion 2023-01-08 21:21:54 +01:00
4fe288f17c server: rewrite user status queries in SQL 2023-01-08 20:02:21 +00:00
cd26e3a35c
fixup: missing parenthesis 2023-01-08 19:34:03 +01:00
c7ab8839dc
BREAKING: remove admin/delete-account, change admin/accounts/delete
You should use the API endpoint admin/accounts/delete.
It has the same parameter and the same behaviour.

The admin/accounts/delete endpoint now requries administrator privileges
instead of just moderator privileges.

Changelog: Removed
2023-01-07 23:53:48 +01:00
1eda1760d1
server: refactor to always use deleteAccount service
This should reduce code duplication around how deletion of an actor is
handled.
2023-01-07 19:46:05 +01:00
8772181b6f
server: refactor remote host check to validateActor
Instead of checking that an actor is not from the local host separately,
it seems like a good idea to do it in the central place that is supposed
to validate an actor.
2023-01-07 19:46:05 +01:00
5102d0bc2e
chore: remove unused user_group_invite table
Based on `1558257926829-UserGroupInvite.js` but switched `up` and `down`
migrations around.

Closes #314
2023-01-06 02:51:44 -05:00
cdba5447e6
server: remove joins to avatar and banners in children endpoint
Reviewed-on: FoundKeyGang/FoundKey#303
2023-01-05 21:05:22 +01:00
a0c2cf328e
server: fix redirected fetch
Don't throw a StatusError on an intended redirect.
2023-01-05 20:03:38 +01:00
3efa7046bd
meta: don't type check dependencies 2023-01-04 20:59:31 +01:00
48f8fb97df
activitypub: use quoteUri instead of quoteUrl
It's not quite Mastodon, but still, I said they'd use a different approach...

Changelog: Changed
2023-01-04 20:56:06 +01:00
0230f819e2
fixup: wrong negation
This is a fixup for commit 417d252e9d.
2023-01-04 19:09:03 +01:00
08af6fda37
fix some type errors 2023-01-03 22:18:01 +01:00
0c8a3cfeec
server: fix lints 2023-01-03 03:51:38 +01:00
8bc366fde0
server: fix comma-dangle lint 2023-01-03 02:47:58 +01:00
417d252e9d
server: fix custom lint typeorm-prefer-count 2023-01-03 02:42:42 +01:00
b54e07caec
enhance typeorm-prefer-count lint rule 2023-01-03 02:41:53 +01:00
5b898c6c82
chore: update yarn files 2023-01-02 21:40:12 +01:00
6010884e62
cleanup: translate japanese, use SECOND constant 2023-01-02 21:07:56 +01:00
b423d23cf6
server: fix custom lint typeorm-prefer-count 2023-01-02 21:07:02 +01:00
29714d1ae0
add custom eslint rule to prefer countBy over findBy 2023-01-02 20:58:33 +01:00
7bf4d4426a
use count instead of find to check existence 2023-01-02 14:43:27 +01:00
d28931bf00
server: remove dateUTC function 2023-01-02 12:45:30 +01:00
2a46719f31
server: set file permissions after copy
This explicitly sets the file permissions to allow everyone to read files
since apparently multer sometimes doesn't set the permissions we expect.

Ref: FoundKeyGang/FoundKey#202
Changelog: Fixed
2023-01-02 12:44:09 +01:00
7f564431be
server: fixup sql
Fixup to 0b7c9095bf.
2023-01-02 00:11:35 +01:00
0fbd7fa492
client: fix 500 error in notifications
closes FoundKeyGang/FoundKey#73

Changelog: Fixed
2023-01-01 23:32:01 +01:00
3aaa9facc6
translate japanese to english 2023-01-01 23:30:43 +01:00
8f09b05e7c
chore: remove reversi database tables
Changelog: Fixed
2023-01-01 22:27:34 +01:00
8b0b7ff525
server: change default value for api/admin/show-users origin param
Changed from "local" to "combined" to fix a bug when the hostname is set
but origin is not.

Changelog: Changed
2023-01-01 22:11:19 +01:00
0b7c9095bf
server: don't return users twice in search 2023-01-01 21:22:53 +01:00
ed27f61a4d
client: add mod tracker
Squashed commit of the following:

commit 54f0b67b25
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 21:27:15 2022 +0100

    use nextTick instead of setTimeout

commit 6998cae7e3
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 21:14:55 2022 +0100

    my absolute terrible fix to the unhide issue

commit 79f546d150
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 21:01:35 2022 +0100

    stop player on hide/unhide

commit 6b7f13e8ef
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 10:36:59 2022 +0100

    make webkit style range slider the same

commit 8a267c5cdc
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 01:16:18 2022 +0100

    restyling range inputs

commit c39e1671b2
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 00:57:47 2022 +0100

    make module seekable

commit c1762f27ae
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 00:14:35 2022 +0100

    remove accesskey attribs

commit 08f75a01f1
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 00:12:23 2022 +0100

    v-else on play button

commit 9302a9faaa
Author: Puniko <me@absturztaube.ch>
Date:   Thu Dec 29 00:08:19 2022 +0100

    replace filter with some

commit bffd15daed
Author: Puniko <me@absturztaube.ch>
Date:   Wed Dec 28 09:13:20 2022 +0100

    add chiptune2 and libopenmpt into COPYING

commit 794298c21c
Author: Puniko <me@absturztaube.ch>
Date:   Tue Dec 27 15:32:43 2022 +0100

    little cleanup

commit f383aec1cd
Author: Puniko <me@absturztaube.ch>
Date:   Tue Dec 27 15:23:25 2022 +0100

    repeat only once and proper handling of track ending

commit fdaa9614c9
Author: Puniko <me@absturztaube.ch>
Date:   Tue Dec 27 14:52:20 2022 +0100

    prevent losing connection when downloading module

commit 6c5723c795
Author: Puniko <me@absturztaube.ch>
Date:   Tue Dec 27 14:45:59 2022 +0100

    colours!!! 🌈

commit dba4f0a4a9
Author: Puniko <me@absturztaube.ch>
Date:   Tue Dec 27 13:01:06 2022 +0100

    replace  with i18n

commit 4234dfbdbc
Author: Puniko <me@absturztaube.ch>
Date:   Mon Dec 26 15:47:10 2022 +0100

    retab

commit 0cc1ea8c3e
Author: Puniko <me@absturztaube.ch>
Date:   Mon Dec 26 15:19:28 2022 +0100

    include libopenmpt tracker to foundkey

commit c2437c696a
Author: Puniko <me@absturztaube.ch>
Date:   Mon Dec 26 12:08:49 2022 +0100

    add libopenmpt

Reviewed-on: FoundKeyGang/FoundKey#306
Changelog: Added
2022-12-29 21:36:44 +01:00
ed9d4023d4 backend: add argon2 support
Passwords will be automatically re-hashed on sign-in.
All new password hashes will be argon2 by default.

This uses argon2id and is not configurable.
In the very unlikely case someone has more specific needs,
a fork is recommended.

ChangeLog: Added

Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net>
Reviewed-on: FoundKeyGang/FoundKey#308
2022-12-29 20:13:47 +00:00
a673647fba
server: remove avatarColor and bannerColor properties
According to comments next to those properties, they were kept for backward compatibility.
However they were always being set to null.

Changelog: Removed
2022-12-26 18:52:16 +01:00
eea2eb4919
use Promise.all instead of separate promises 2022-12-25 19:04:00 +01:00
114d416de0
server: refactor password hashing & comparison to module
For easier replacement should the hash algorithm ever be changed.
2022-12-25 19:03:51 +01:00
c2372315f7
server: improve error messages
Refactor Error's to ApiError's.

Changelog: Changed
2022-12-25 16:07:48 +01:00
de3cdb5833
activitypub: block check for resolving collections 2022-12-24 18:39:44 -05:00
a732cdc1ad
activitypub: perform block check in performOneActivity 2022-12-24 18:39:44 -05:00
a8f82050c8
activitypub: perform resolver block check on objects as well 2022-12-24 18:39:44 -05:00
8e12b9a33e
server: restore original comment for skippedInstances 2022-12-24 15:01:32 -05:00
6583d0c43d
server: pass in resolved meta table to shouldBlockInstance
This should make it more friendly to use in places where the meta table
has already been resolved for other reasons.
2022-12-24 14:56:48 -05:00
85419326f8
server: use prelude function instead of separate function 2022-12-23 13:55:15 +01:00
eaa11647f0
server: rewrite drive usage queries in raw SQL 2022-12-23 13:54:12 +01:00
61a2db49df
server: always use user id for calcDriveUsageOf 2022-12-23 13:38:29 +01:00
0e1459e5cf Merge pull request 'server: refactor follow request functions to be named exports' (#296) from refactor/follow-requests into main
Reviewed-on: FoundKeyGang/FoundKey#296
2022-12-23 02:06:31 +00:00
9690244848
server: add return type for all follow reject funcs 2022-12-22 17:52:30 -05:00
4db25e4b1f
server: add doc for cancelFollowRequest 2022-12-22 16:55:08 -05:00
549302e9c0
server: add doc for createFollowRequest 2022-12-22 16:55:07 -05:00
a3354904af
server: use named export for createFollowRequest 2022-12-22 16:52:52 -05:00
28f65bebfc
server: use named export for cancelFollowRequest 2022-12-22 16:52:52 -05:00
2204adc657
server: use named export for acceptAllFollowRequests 2022-12-22 16:52:52 -05:00
b11e4053db
server: use named export for acceptFollowRequest 2022-12-22 16:52:52 -05:00
e2ef800708
server: dont use replace for file types
No point in using replace if we already know which character we want to replace.
2022-12-22 14:46:21 +01:00
a7048f17f7
server: simplify duplicated code 2022-12-22 14:45:20 +01:00
33f0b24c56
server: add v2 routes to notes endpoints 2022-12-22 11:02:04 +01:00
7685b92511
improve fetching of endpoint arguments
including support for route parameters (e.g. '/v2/note/:noteId' giving us a 'noteId' value)

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-12-22 11:02:04 +01:00
8276bd3bdc
generate OpenAPI spec for v2 endpoints 2022-12-22 11:02:04 +01:00
aed2752470
server: make v2 meta endpoint support GET 2022-12-22 11:01:56 +01:00
4a3b91d658
server: add additional API v2 options to endpoints
* improve type definitions for v2 method
The method has to be lowercase because it is used as an index to get
the respective method of the router.

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-12-22 11:00:46 +01:00
9317d25078
server: expire notifications after 3 months
closes FoundKeyGang/FoundKey#292

Changelog: Added
2022-12-21 21:46:45 +01:00
fc36bb8880
server: reduce code duplication in check-expired queue job 2022-12-21 21:46:27 +01:00
711bb8be7d
fixup: add missing redirect argument 2022-12-21 21:23:23 +01:00
275136cf8b
allow redirects in API ap/* endpoints 2022-12-21 20:45:55 +01:00
aa33708b90
server: handle redirects in signed get
part of FoundKeyGang/FoundKey#288

Changelog: Fixed
2022-12-20 22:07:24 +01:00
99c459a21a
server: better upload limit error
Ref: FoundKeyGang/FoundKey#293
2022-12-19 21:29:29 +01:00
bd68096ea9
server: refactor API error 2022-12-19 21:24:39 +01:00
6c7f1774e3
server: fix thread mutes not applying to renotes
Changelog: Fixed
2022-12-15 21:20:24 +01:00
af43df15ca
reduce duplication in secureRndstr 2022-12-15 20:46:17 +01:00
5f83383ab8
fix import error in tests 2022-12-15 20:45:55 +01:00
8c759dde6c
server: fix error about duplicate resolve 2022-12-15 19:44:55 +01:00
16d091497a
server: use extractDbHost instead of toPuny, translate comments
Also swapped logical or for nullish coalescing operator in some places.
2022-12-15 00:32:15 +01:00
ef53ec276a
activitypub: simplify some URI/id related checks
followup on previous commit
2022-12-15 00:31:23 +01:00