From 4a178b3d6589bbb9ab08e8a768cc0a3a5d5e9629 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 14 Apr 2018 09:20:18 +0000 Subject: [PATCH 01/13] ActivityPub: implement MRF core hook and baseline noop policy object --- config/config.exs | 3 ++- lib/pleroma/web/activity_pub/activity_pub.ex | 6 +++++- lib/pleroma/web/activity_pub/mrf/drop_policy.ex | 8 ++++++++ lib/pleroma/web/activity_pub/mrf/noop_policy.ex | 5 +++++ 4 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 lib/pleroma/web/activity_pub/mrf/drop_policy.ex create mode 100644 lib/pleroma/web/activity_pub/mrf/noop_policy.ex diff --git a/config/config.exs b/config/config.exs index 68c054457..660ba1775 100644 --- a/config/config.exs +++ b/config/config.exs @@ -52,7 +52,8 @@ limit: 5000, upload_limit: 16_000_000, registrations_open: true, - federating: true + federating: true, + rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy config :pleroma, :media_proxy, enabled: false, diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 04b50c1cc..bfb0e04be 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -10,6 +10,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do @httpoison Application.get_env(:pleroma, :httpoison) + @instance Application.get_env(:pleroma, :instance) + @rewrite_policy Keyword.get(@instance, :rewrite_policy) + def get_recipients(data) do (data["to"] || []) ++ (data["cc"] || []) end @@ -17,7 +20,8 @@ def get_recipients(data) do def insert(map, local \\ true) when is_map(map) do with nil <- Activity.get_by_ap_id(map["id"]), map <- lazy_put_activity_defaults(map), - :ok <- insert_full_object(map) do + :ok <- insert_full_object(map), + {:ok, map} <- @rewrite_policy.filter(map) do {:ok, activity} = Repo.insert(%Activity{ data: map, diff --git a/lib/pleroma/web/activity_pub/mrf/drop_policy.ex b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex new file mode 100644 index 000000000..4333bca28 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex @@ -0,0 +1,8 @@ +defmodule Pleroma.Web.ActivityPub.MRF.DropPolicy do + require Logger + + def filter(object) do + Logger.info("REJECTING #{inspect(object)}") + {:reject, object} + end +end diff --git a/lib/pleroma/web/activity_pub/mrf/noop_policy.ex b/lib/pleroma/web/activity_pub/mrf/noop_policy.ex new file mode 100644 index 000000000..9dd3acb04 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/noop_policy.ex @@ -0,0 +1,5 @@ +defmodule Pleroma.Web.ActivityPub.MRF.NoOpPolicy do + def filter(object) do + {:ok, object} + end +end From d24ddd9fb9fb5254b2e80cbe70ba9bc83f2cd0da Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 14 Apr 2018 11:31:12 +0000 Subject: [PATCH 02/13] ActivityPub MRF: implement the SimplePolicy policy --- config/config.exs | 6 ++ .../web/activity_pub/mrf/simple_policy.ex | 65 +++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 lib/pleroma/web/activity_pub/mrf/simple_policy.ex diff --git a/config/config.exs b/config/config.exs index 660ba1775..b0f4578d5 100644 --- a/config/config.exs +++ b/config/config.exs @@ -55,6 +55,12 @@ federating: true, rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy +config :pleroma, :mrf_simple, + media_removal: [], + media_nsfw: [], + federated_timeline_removal: [], + reject: [] + config :pleroma, :media_proxy, enabled: false, redirect_on_failure: true diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex new file mode 100644 index 000000000..1322744f1 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -0,0 +1,65 @@ +defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do + alias Pleroma.User + + @mrf_policy Application.get_env(:pleroma, :mrf_simple) + + @reject Keyword.get(@mrf_policy, :reject) + defp check_reject(actor_info, object) do + if actor_info.host in @reject do + {:reject, nil} + else + {:ok, object} + end + end + + @media_removal Keyword.get(@mrf_policy, :media_removal) + defp check_media_removal(actor_info, object) do + if actor_info.host in @media_removal do + object = Map.delete(object, "attachments") + end + + {:ok, object} + end + + @media_nsfw Keyword.get(@mrf_policy, :media_nsfw) + defp check_media_nsfw(actor_info, object) do + if actor_info.host in @media_nsfw and object["attachment"] != nil and length(object["attachment"]) > 0 do + tags = (object["tag"] || []) ++ ["nsfw"] + object = Map.put(object, "tags", tags) + object = Map.put(object, "sensitive", true) + end + + {:ok, object} + end + + @ftl_removal Keyword.get(@mrf_policy, :federated_timeline_removal) + defp check_ftl_removal(actor_info, object) do + if actor_info.host in @ftl_removal do + user = User.get_by_ap_id(object["actor"]) + + # flip to/cc relationship to make the post unlisted + if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and user.follower_address in object["cc"] do + to = List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++ [user.follower_address] + cc = List.delete(object["cc"], user.follower_address) ++ ["https://www.w3.org/ns/activitystreams#Public"] + + object = Map.put(object, "to", to) + object = Map.put(object, "cc", cc) + end + end + + {:ok, object} + end + + def filter(object) do + actor_info = URI.parse(object["actor"]) + + with {:ok, object} <- check_reject(actor_info, object), + {:ok, object} <- check_media_removal(actor_info, object), + {:ok, object} <- check_media_nsfw(actor_info, object), + {:ok, object} <- check_ftl_removal(actor_info, object) do + {:ok, object} + else + e -> {:reject, nil} + end + end +end From f08f9d449811d7a67b5c901889b0fef2e9ab8da9 Mon Sep 17 00:00:00 2001 From: "nenolod@dereferenced.org" Date: Thu, 19 Apr 2018 12:29:35 +0000 Subject: [PATCH 03/13] ActivityPub MRF: fix nsfw tagging of objects with attachments by looking at the right object (the child in this case) --- lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 1322744f1..cb8eaf1ec 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -23,10 +23,12 @@ defp check_media_removal(actor_info, object) do @media_nsfw Keyword.get(@mrf_policy, :media_nsfw) defp check_media_nsfw(actor_info, object) do - if actor_info.host in @media_nsfw and object["attachment"] != nil and length(object["attachment"]) > 0 do - tags = (object["tag"] || []) ++ ["nsfw"] - object = Map.put(object, "tags", tags) - object = Map.put(object, "sensitive", true) + child_object = object["object"] + if actor_info.host in @media_nsfw and child_object["attachment"] != nil and length(child_object["attachment"]) > 0 do + tags = (child_object["tag"] || []) ++ ["nsfw"] + child_object = Map.put(child_object, "tags", tags) + child_object = Map.put(child_object, "sensitive", true) + object = Map.put(object, "object", child_object) end {:ok, object} From 9972678a68605d24373f785f783d0fe60f77afdc Mon Sep 17 00:00:00 2001 From: Dashie Date: Tue, 24 Apr 2018 11:34:18 +0200 Subject: [PATCH 04/13] Add User.decrease_note_count and call it from ActivityPub.delete --- lib/pleroma/user.ex | 10 ++++++++++ lib/pleroma/web/activity_pub/activity_pub.ex | 3 ++- test/user_test.exs | 19 +++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index c77fd6816..0bc7dcab0 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -322,6 +322,16 @@ def increase_note_count(%User{} = user) do update_and_set_cache(cs) end + def decrease_note_count(%User{} = user) do + note_count = (user.info["note_count"] || 0) + note_count = if note_count <= 0, do: 0, else: note_count - 1 + new_info = Map.put(user.info, "note_count", note_count) + + cs = info_changeset(user, %{info: new_info}) + + update_and_set_cache(cs) + end + def update_note_count(%User{} = user) do note_count_query = from( diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index d071135c4..448ea8752 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -172,7 +172,8 @@ def delete(%Object{data: %{"id" => id, "actor" => actor}} = object, local \\ tru with Repo.delete(object), Repo.delete_all(Activity.all_non_create_by_object_ap_id_q(id)), {:ok, activity} <- insert(data, local), - :ok <- maybe_federate(activity) do + :ok <- maybe_federate(activity), + {:ok, actor} <- User.decrease_note_count(user) do {:ok, activity} end end diff --git a/test/user_test.exs b/test/user_test.exs index 6e9025f2a..9506b58fa 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -296,6 +296,25 @@ test "it increases the info->note_count property" do assert user.info["note_count"] == 2 end + test "it decreases the info->note_count property" do + note = insert(:note) + user = User.get_by_ap_id(note.data["actor"]) + + assert user.info["note_count"] == nil + + {:ok, user} = User.increase_note_count(user) + + assert user.info["note_count"] == 1 + + {:ok, user} = User.decrease_note_count(user) + + assert user.info["note_count"] == 0 + + {:ok, user} = User.decrease_note_count(user) + + assert user.info["note_count"] == 0 + end + test "it sets the info->follower_count property" do user = insert(:user) follower = insert(:user) From afe892ddac566d05e45446127f276d84d431bbb2 Mon Sep 17 00:00:00 2001 From: Dashie Date: Tue, 24 Apr 2018 14:12:23 +0200 Subject: [PATCH 05/13] Correct syntax with mix format --- lib/pleroma/user.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 0bc7dcab0..e9196ae03 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -323,7 +323,7 @@ def increase_note_count(%User{} = user) do end def decrease_note_count(%User{} = user) do - note_count = (user.info["note_count"] || 0) + note_count = user.info["note_count"] || 0 note_count = if note_count <= 0, do: 0, else: note_count - 1 new_info = Map.put(user.info, "note_count", note_count) From bbd549c018879b3504633f1d87dce49d955d6d0c Mon Sep 17 00:00:00 2001 From: lambda Date: Tue, 24 Apr 2018 12:28:59 +0000 Subject: [PATCH 06/13] Update .gitlab-ci.yml --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 35029c8f0..46fa1c74c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,6 +7,7 @@ variables: POSTGRES_DB: pleroma_test POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres + DB_HOST: postgres stages: - lint From 52b1bc782b889bca92595396be383b4dc805ee2e Mon Sep 17 00:00:00 2001 From: Rachel H Date: Tue, 24 Apr 2018 12:18:23 -0700 Subject: [PATCH 07/13] Add common files to gitignore --- .gitignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 2858cefd5..3fbf17ba8 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ /*.ez /uploads /test/uploads +/.elixir_ls # Prevent committing custom emojis /priv/static/emoji/custom/* @@ -22,3 +23,6 @@ erl_crash.dump # Database setup file, some may forget to delete it /config/setup_db.psql + +.DS_Store +.env \ No newline at end of file From c78e7d8b1159b5f36c4776d00f5e4b86a73d3ef5 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 24 Apr 2018 21:25:31 +0200 Subject: [PATCH 08/13] Fix formatting. --- .../web/activity_pub/mrf/simple_policy.ex | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index cb8eaf1ec..4dfb0c867 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -24,7 +24,9 @@ defp check_media_removal(actor_info, object) do @media_nsfw Keyword.get(@mrf_policy, :media_nsfw) defp check_media_nsfw(actor_info, object) do child_object = object["object"] - if actor_info.host in @media_nsfw and child_object["attachment"] != nil and length(child_object["attachment"]) > 0 do + + if actor_info.host in @media_nsfw and child_object["attachment"] != nil and + length(child_object["attachment"]) > 0 do tags = (child_object["tag"] || []) ++ ["nsfw"] child_object = Map.put(child_object, "tags", tags) child_object = Map.put(child_object, "sensitive", true) @@ -40,9 +42,15 @@ defp check_ftl_removal(actor_info, object) do user = User.get_by_ap_id(object["actor"]) # flip to/cc relationship to make the post unlisted - if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and user.follower_address in object["cc"] do - to = List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++ [user.follower_address] - cc = List.delete(object["cc"], user.follower_address) ++ ["https://www.w3.org/ns/activitystreams#Public"] + if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and + user.follower_address in object["cc"] do + to = + List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++ + [user.follower_address] + + cc = + List.delete(object["cc"], user.follower_address) ++ + ["https://www.w3.org/ns/activitystreams#Public"] object = Map.put(object, "to", to) object = Map.put(object, "cc", cc) From 715c90e54fe57b38124c224e8464b8effeba258a Mon Sep 17 00:00:00 2001 From: Normandy Date: Tue, 24 Apr 2018 21:58:45 +0000 Subject: [PATCH 09/13] Fix typo in MastoFE login page. see https://git.pleroma.social/pleroma/mastofe/issues/13 --- lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex index 2bb54977e..34cd7ed89 100644 --- a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex +++ b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex @@ -1,4 +1,4 @@ -

Login in to Mastodon Frontend

+

Login to Mastodon Frontend

<%= if @error do %>

<%= @error %>

<% end %> From 279b1d19f0bf90b76f37256ef20993f821e3024f Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 25 Apr 2018 15:41:59 +0200 Subject: [PATCH 10/13] Align local bio limits to remote limit. --- lib/pleroma/user.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index e9196ae03..207674999 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -104,7 +104,7 @@ def update_changeset(struct, params \\ %{}) do |> cast(params, [:bio, :name]) |> unique_constraint(:nickname) |> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/) - |> validate_length(:bio, max: 1000) + |> validate_length(:bio, max: 5000) |> validate_length(:name, min: 1, max: 100) end From a7eb148d6100d20e19a33cb1c1132657b8a9ada1 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 25 Apr 2018 16:10:18 +0200 Subject: [PATCH 11/13] Optionally deactivate public timelines. --- config/config.exs | 3 ++- lib/pleroma/web/router.ex | 32 ++++++++++++++++++++------------ 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/config/config.exs b/config/config.exs index b0f4578d5..d3f9cf6e4 100644 --- a/config/config.exs +++ b/config/config.exs @@ -53,7 +53,8 @@ upload_limit: 16_000_000, registrations_open: true, federating: true, - rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy + rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy, + public: true config :pleroma, :mrf_simple, media_removal: [], diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 8f63fdc70..cecf5527c 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -5,6 +5,8 @@ defmodule Pleroma.Web.Router do @instance Application.get_env(:pleroma, :instance) @federating Keyword.get(@instance, :federating) + @public Keyword.get(@instance, :public) + @registrations_open Keyword.get(@instance, :registrations_open) def user_fetcher(username) do {:ok, Repo.get_by(User, %{nickname: username})} @@ -160,21 +162,9 @@ def user_fetcher(username) do get("/statusnet/version", TwitterAPI.UtilController, :version) end - @instance Application.get_env(:pleroma, :instance) - @registrations_open Keyword.get(@instance, :registrations_open) - scope "/api", Pleroma.Web do pipe_through(:api) - get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline) - - get( - "/statuses/public_and_external_timeline", - TwitterAPI.Controller, - :public_and_external_timeline - ) - - get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline) get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline) get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline) get("/users/show", TwitterAPI.Controller, :show_user) @@ -192,6 +182,24 @@ def user_fetcher(username) do get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline) end + scope "/api", Pleroma.Web do + if @public do + pipe_through(:api) + else + pipe_through(:authenticated_api) + end + + get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline) + + get( + "/statuses/public_and_external_timeline", + TwitterAPI.Controller, + :public_and_external_timeline + ) + + get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline) + end + scope "/api", Pleroma.Web do pipe_through(:authenticated_api) From 90bbd946145ad5d622044fea396b7d5d4a14f575 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 25 Apr 2018 21:25:56 +0000 Subject: [PATCH 12/13] ActivityPub MRF SimplePolicy: fix media stripping --- lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 4dfb0c867..ea1af0f4d 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -15,7 +15,8 @@ defp check_reject(actor_info, object) do @media_removal Keyword.get(@mrf_policy, :media_removal) defp check_media_removal(actor_info, object) do if actor_info.host in @media_removal do - object = Map.delete(object, "attachments") + child_object = Map.delete(object["object"], "attachment") + object = Map.put(object, "object", child_object) end {:ok, object} From 3bad2b827a2e334faad824a3497ee8a77ebc2e74 Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 26 Apr 2018 07:06:32 +0200 Subject: [PATCH 13/13] Resurrect instance specific panel. --- priv/static/static/config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/priv/static/static/config.json b/priv/static/static/config.json index 9863ec024..797f03377 100644 --- a/priv/static/static/config.json +++ b/priv/static/static/config.json @@ -4,5 +4,5 @@ "logo": "/static/logo.png", "defaultPath": "/main/all", "chatDisabled": false, - "showInstanceSpecificPanel": false + "showInstanceSpecificPanel": true }