forked from YokaiRick/akkoma
Add option to restrict all users to local content
This commit is contained in:
parent
3235923276
commit
6f29865d43
7 changed files with 59 additions and 39 deletions
|
@ -28,7 +28,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- Configuration: `notify_email` option
|
||||
- Configuration: Media proxy `whitelist` option
|
||||
- Configuration: `report_uri` option
|
||||
- Configuration: `limit_unauthenticated_to_local_content` option
|
||||
- Configuration: `limit_to_local_content` option
|
||||
- Pleroma API: User subscriptions
|
||||
- Pleroma API: Healthcheck endpoint
|
||||
- Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints
|
||||
|
|
|
@ -245,7 +245,7 @@
|
|||
healthcheck: false,
|
||||
remote_post_retention_days: 90,
|
||||
skip_thread_containment: true,
|
||||
limit_unauthenticated_to_local_content: true
|
||||
limit_to_local_content: :unauthenticated
|
||||
|
||||
config :pleroma, :markup,
|
||||
# XXX - unfortunately, inline images must be enabled by default right now, because
|
||||
|
|
|
@ -112,7 +112,8 @@ config :pleroma, Pleroma.Emails.Mailer,
|
|||
* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
|
||||
* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
|
||||
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
|
||||
* `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`.
|
||||
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
|
||||
|
||||
|
||||
## :logger
|
||||
* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack
|
||||
|
|
|
@ -56,18 +56,19 @@ defp query_with(q, :rum, search_query) do
|
|||
)
|
||||
end
|
||||
|
||||
# users can search everything
|
||||
defp maybe_restrict_local(q, %User{}), do: q
|
||||
defp maybe_restrict_local(q, user) do
|
||||
limit = Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated)
|
||||
|
||||
# unauthenticated users can only search local activities
|
||||
defp maybe_restrict_local(q, _) do
|
||||
if Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true) do
|
||||
where(q, local: true)
|
||||
else
|
||||
q
|
||||
case {limit, user} do
|
||||
{:all, _} -> restrict_local(q)
|
||||
{:unauthenticated, %User{}} -> q
|
||||
{:unauthenticated, _} -> restrict_local(q)
|
||||
{false, _} -> q
|
||||
end
|
||||
end
|
||||
|
||||
defp restrict_local(q), do: where(q, local: true)
|
||||
|
||||
defp maybe_fetch(activities, user, search_query) do
|
||||
with true <- Regex.match?(~r/https?:/, search_query),
|
||||
{:ok, object} <- Fetcher.fetch_object_from_id(search_query),
|
||||
|
|
|
@ -28,16 +28,6 @@ def search(query, opts \\ []) do
|
|||
results
|
||||
end
|
||||
|
||||
defp maybe_resolve(true, %User{}, query) do
|
||||
User.get_or_fetch(query)
|
||||
end
|
||||
|
||||
defp maybe_resolve(true, _, query) do
|
||||
unless restrict_local?(), do: User.get_or_fetch(query)
|
||||
end
|
||||
|
||||
defp maybe_resolve(_, _, _), do: :noop
|
||||
|
||||
defp search_query(query, for_user) do
|
||||
query
|
||||
|> union_query()
|
||||
|
@ -49,10 +39,6 @@ defp search_query(query, for_user) do
|
|||
|> maybe_restrict_local(for_user)
|
||||
end
|
||||
|
||||
defp restrict_local? do
|
||||
Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true)
|
||||
end
|
||||
|
||||
defp union_query(query) do
|
||||
fts_subquery = fts_search_subquery(query)
|
||||
trigram_subquery = trigram_search_subquery(query)
|
||||
|
@ -64,17 +50,30 @@ defp distinct_query(q) do
|
|||
from(s in subquery(q), order_by: s.search_type, distinct: s.id)
|
||||
end
|
||||
|
||||
# unauthenticated users can only search local activities
|
||||
defp maybe_restrict_local(q, %User{}), do: q
|
||||
|
||||
defp maybe_restrict_local(q, _) do
|
||||
if restrict_local?() do
|
||||
where(q, [u], u.local == true)
|
||||
else
|
||||
q
|
||||
defp maybe_resolve(true, user, query) do
|
||||
case {limit(), user} do
|
||||
{:all, _} -> :noop
|
||||
{:unauthenticated, %User{}} -> User.get_or_fetch(query)
|
||||
{:unauthenticated, _} -> :noop
|
||||
{false, _} -> User.get_or_fetch(query)
|
||||
end
|
||||
end
|
||||
|
||||
defp maybe_resolve(_, _, _), do: :noop
|
||||
|
||||
defp maybe_restrict_local(q, user) do
|
||||
case {limit(), user} do
|
||||
{:all, _} -> restrict_local(q)
|
||||
{:unauthenticated, %User{}} -> q
|
||||
{:unauthenticated, _} -> restrict_local(q)
|
||||
{false, _} -> q
|
||||
end
|
||||
end
|
||||
|
||||
defp limit, do: Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated)
|
||||
|
||||
defp restrict_local(q), do: where(q, [u], u.local == true)
|
||||
|
||||
defp boost_search_rank_query(query, nil), do: query
|
||||
|
||||
defp boost_search_rank_query(query, for_user) do
|
||||
|
|
|
@ -139,18 +139,25 @@ test "find only local statuses for unauthenticated users", %{local_activity: loc
|
|||
assert [^local_activity] = Activity.search(nil, "find me")
|
||||
end
|
||||
|
||||
test "find all statuses for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`",
|
||||
test "find only local statuses for unauthenticated users when `limit_to_local_content` is `:all`",
|
||||
%{local_activity: local_activity} do
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :all)
|
||||
assert [^local_activity] = Activity.search(nil, "find me")
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
|
||||
end
|
||||
|
||||
test "find all statuses for unauthenticated users when `limit_to_local_content` is `false`",
|
||||
%{
|
||||
local_activity: local_activity,
|
||||
remote_activity: remote_activity
|
||||
} do
|
||||
Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], false)
|
||||
|
||||
activities = Enum.sort_by(Activity.search(nil, "find me"), & &1.id)
|
||||
|
||||
assert [^local_activity, ^remote_activity] = activities
|
||||
|
||||
Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1099,8 +1099,20 @@ test "find only local users for unauthenticated users" do
|
|||
assert [%{id: ^id}] = User.search("lain")
|
||||
end
|
||||
|
||||
test "find all users for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`" do
|
||||
Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
|
||||
test "find only local users for authenticated users when `limit_to_local_content` is `:all`" do
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :all)
|
||||
|
||||
%{id: id} = insert(:user, %{name: "lain"})
|
||||
insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
|
||||
insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
|
||||
|
||||
assert [%{id: ^id}] = User.search("lain")
|
||||
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
|
||||
end
|
||||
|
||||
test "find all users for unauthenticated users when `limit_to_local_content` is `false`" do
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], false)
|
||||
|
||||
u1 = insert(:user, %{name: "lain"})
|
||||
u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
|
||||
|
@ -1114,7 +1126,7 @@ test "find all users for unauthenticated users when `limit_unauthenticated_to_lo
|
|||
|
||||
assert [u1.id, u2.id, u3.id] == results
|
||||
|
||||
Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
|
||||
Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
|
||||
end
|
||||
|
||||
test "finds a user whose name is nil" do
|
||||
|
|
Loading…
Reference in a new issue