Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms
This commit is contained in:
commit
5165287ff4
@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
- New HTTP adapter [gun](https://github.com/ninenines/gun). Gun adapter requires minimum OTP version of 22.2 otherwise Pleroma won’t start. For hackney OTP update is not required.
|
||||
- Mix task to create trusted OAuth App.
|
||||
- Notifications: Added `follow_request` notification type (configurable, see `[:notifications, :enable_follow_request_notifications]` setting).
|
||||
- Added `:reject_deletes` group to SimplePolicy
|
||||
<details>
|
||||
<summary>API Changes</summary>
|
||||
- Mastodon API: Support for `include_types` in `/api/v1/notifications`.
|
||||
@ -23,13 +24,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
### Fixed
|
||||
- Support pagination in conversations API
|
||||
- **Breaking**: SimplePolicy `:reject` and `:accept` allow deletions again
|
||||
|
||||
## [unreleased-patch]
|
||||
### Fixed
|
||||
- Logger configuration through AdminFE
|
||||
- HTTP Basic Authentication permissions issue
|
||||
- ObjectAgePolicy didn't filter out old messages
|
||||
|
||||
### Added
|
||||
- NodeInfo: ObjectAgePolicy settings to the `federation` list.
|
||||
<details>
|
||||
<summary>API Changes</summary>
|
||||
- Admin API: `GET /api/pleroma/admin/need_reboot`.
|
||||
|
@ -336,7 +336,8 @@
|
||||
reject: [],
|
||||
accept: [],
|
||||
avatar_removal: [],
|
||||
banner_removal: []
|
||||
banner_removal: [],
|
||||
reject_deletes: []
|
||||
|
||||
config :pleroma, :mrf_keyword,
|
||||
reject: [],
|
||||
|
@ -1317,13 +1317,13 @@
|
||||
%{
|
||||
key: :reject,
|
||||
type: {:list, :string},
|
||||
description: "List of instances to reject any activities from",
|
||||
description: "List of instances to reject activities from (except deletes)",
|
||||
suggestions: ["example.com", "*.example.com"]
|
||||
},
|
||||
%{
|
||||
key: :accept,
|
||||
type: {:list, :string},
|
||||
description: "List of instances to accept any activities from",
|
||||
description: "List of instances to only accept activities from (except deletes)",
|
||||
suggestions: ["example.com", "*.example.com"]
|
||||
},
|
||||
%{
|
||||
@ -1343,6 +1343,12 @@
|
||||
type: {:list, :string},
|
||||
description: "List of instances to strip banners from",
|
||||
suggestions: ["example.com", "*.example.com"]
|
||||
},
|
||||
%{
|
||||
key: :reject_deletes,
|
||||
type: {:list, :string},
|
||||
description: "List of instances to reject deletions from",
|
||||
suggestions: ["example.com", "*.example.com"]
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -41,11 +41,15 @@ config :pleroma, :instance,
|
||||
|
||||
Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are:
|
||||
|
||||
* `media_removal`: Servers in this group will have media stripped from incoming messages.
|
||||
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
|
||||
* `reject`: Servers in this group will have their messages rejected.
|
||||
* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.
|
||||
* `accept`: If not empty, only messages from these instances will be accepted (whitelist federation).
|
||||
* `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
|
||||
* `media_removal`: Servers in this group will have media stripped from incoming messages.
|
||||
* `avatar_removal`: Avatars from these servers will be stripped from incoming messages.
|
||||
* `banner_removal`: Banner images from these servers will be stripped from incoming messages.
|
||||
* `report_removal`: Servers in this group will have their reports (flags) rejected.
|
||||
* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.
|
||||
* `reject_deletes`: Deletion requests will be rejected from these servers.
|
||||
|
||||
Servers should be configured as lists.
|
||||
|
||||
|
@ -11,7 +11,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy do
|
||||
@moduledoc "Filter activities depending on their age"
|
||||
@behaviour Pleroma.Web.ActivityPub.MRF
|
||||
|
||||
defp check_date(%{"published" => published} = message) do
|
||||
defp check_date(%{"object" => %{"published" => published}} = message) do
|
||||
with %DateTime{} = now <- DateTime.utc_now(),
|
||||
{:ok, %DateTime{} = then, _} <- DateTime.from_iso8601(published),
|
||||
max_ttl <- Config.get([:mrf_object_age, :threshold]),
|
||||
@ -96,5 +96,11 @@ def filter(%{"type" => "Create", "published" => _} = message) do
|
||||
def filter(message), do: {:ok, message}
|
||||
|
||||
@impl true
|
||||
def describe, do: {:ok, %{}}
|
||||
def describe do
|
||||
mrf_object_age =
|
||||
Pleroma.Config.get(:mrf_object_age)
|
||||
|> Enum.into(%{})
|
||||
|
||||
{:ok, %{mrf_object_age: mrf_object_age}}
|
||||
end
|
||||
end
|
||||
|
@ -148,6 +148,21 @@ defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image
|
||||
|
||||
defp check_banner_removal(_actor_info, object), do: {:ok, object}
|
||||
|
||||
@impl true
|
||||
def filter(%{"type" => "Delete", "actor" => actor} = object) do
|
||||
%{host: actor_host} = URI.parse(actor)
|
||||
|
||||
reject_deletes =
|
||||
Pleroma.Config.get([:mrf_simple, :reject_deletes])
|
||||
|> MRF.subdomains_regex()
|
||||
|
||||
if MRF.subdomain_match?(reject_deletes, actor_host) do
|
||||
{:reject, nil}
|
||||
else
|
||||
{:ok, object}
|
||||
end
|
||||
end
|
||||
|
||||
@impl true
|
||||
def filter(%{"actor" => actor} = object) do
|
||||
actor_info = URI.parse(actor)
|
||||
|
@ -6,25 +6,22 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionController do
|
||||
@moduledoc "The module represents functions to manage user subscriptions."
|
||||
use Pleroma.Web, :controller
|
||||
|
||||
alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
|
||||
alias Pleroma.Web.Push
|
||||
alias Pleroma.Web.Push.Subscription
|
||||
|
||||
action_fallback(:errors)
|
||||
|
||||
plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
|
||||
|
||||
plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
|
||||
plug(:restrict_push_enabled)
|
||||
|
||||
# Creates PushSubscription
|
||||
# POST /api/v1/push/subscription
|
||||
#
|
||||
def create(%{assigns: %{user: user, token: token}} = conn, params) do
|
||||
with true <- Push.enabled(),
|
||||
{:ok, _} <- Subscription.delete_if_exists(user, token),
|
||||
with {:ok, _} <- Subscription.delete_if_exists(user, token),
|
||||
{:ok, subscription} <- Subscription.create(user, token, params) do
|
||||
view = View.render("push_subscription.json", subscription: subscription)
|
||||
json(conn, view)
|
||||
render(conn, "show.json", subscription: subscription)
|
||||
end
|
||||
end
|
||||
|
||||
@ -32,10 +29,8 @@ def create(%{assigns: %{user: user, token: token}} = conn, params) do
|
||||
# GET /api/v1/push/subscription
|
||||
#
|
||||
def get(%{assigns: %{user: user, token: token}} = conn, _params) do
|
||||
with true <- Push.enabled(),
|
||||
{:ok, subscription} <- Subscription.get(user, token) do
|
||||
view = View.render("push_subscription.json", subscription: subscription)
|
||||
json(conn, view)
|
||||
with {:ok, subscription} <- Subscription.get(user, token) do
|
||||
render(conn, "show.json", subscription: subscription)
|
||||
end
|
||||
end
|
||||
|
||||
@ -43,10 +38,8 @@ def get(%{assigns: %{user: user, token: token}} = conn, _params) do
|
||||
# PUT /api/v1/push/subscription
|
||||
#
|
||||
def update(%{assigns: %{user: user, token: token}} = conn, params) do
|
||||
with true <- Push.enabled(),
|
||||
{:ok, subscription} <- Subscription.update(user, token, params) do
|
||||
view = View.render("push_subscription.json", subscription: subscription)
|
||||
json(conn, view)
|
||||
with {:ok, subscription} <- Subscription.update(user, token, params) do
|
||||
render(conn, "show.json", subscription: subscription)
|
||||
end
|
||||
end
|
||||
|
||||
@ -54,11 +47,20 @@ def update(%{assigns: %{user: user, token: token}} = conn, params) do
|
||||
# DELETE /api/v1/push/subscription
|
||||
#
|
||||
def delete(%{assigns: %{user: user, token: token}} = conn, _params) do
|
||||
with true <- Push.enabled(),
|
||||
{:ok, _response} <- Subscription.delete(user, token),
|
||||
with {:ok, _response} <- Subscription.delete(user, token),
|
||||
do: json(conn, %{})
|
||||
end
|
||||
|
||||
defp restrict_push_enabled(conn, _) do
|
||||
if Push.enabled() do
|
||||
conn
|
||||
else
|
||||
conn
|
||||
|> render_error(:forbidden, "Web push subscription is disabled on this Pleroma instance")
|
||||
|> halt()
|
||||
end
|
||||
end
|
||||
|
||||
# fallback action
|
||||
#
|
||||
def errors(conn, {:error, :not_found}) do
|
||||
|
@ -2,11 +2,11 @@
|
||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.MastodonAPI.PushSubscriptionView do
|
||||
defmodule Pleroma.Web.MastodonAPI.SubscriptionView do
|
||||
use Pleroma.Web, :view
|
||||
alias Pleroma.Web.Push
|
||||
|
||||
def render("push_subscription.json", %{subscription: subscription}) do
|
||||
def render("show.json", %{subscription: subscription}) do
|
||||
%{
|
||||
id: to_string(subscription.id),
|
||||
endpoint: subscription.endpoint,
|
@ -16,79 +16,60 @@ defmodule Pleroma.Web.Router do
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
end
|
||||
|
||||
pipeline :api do
|
||||
plug(:accepts, ["json"])
|
||||
plug(:fetch_session)
|
||||
pipeline :authenticate do
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
end
|
||||
|
||||
pipeline :after_auth do
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
plug(Pleroma.Plugs.SetUserSessionIdPlug)
|
||||
plug(Pleroma.Plugs.EnsureUserKeyPlug)
|
||||
plug(Pleroma.Plugs.IdempotencyPlug)
|
||||
end
|
||||
|
||||
pipeline :base_api do
|
||||
plug(:accepts, ["json"])
|
||||
plug(:fetch_session)
|
||||
plug(:authenticate)
|
||||
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
|
||||
end
|
||||
|
||||
pipeline :api do
|
||||
plug(:base_api)
|
||||
plug(:after_auth)
|
||||
plug(Pleroma.Plugs.IdempotencyPlug)
|
||||
end
|
||||
|
||||
pipeline :authenticated_api do
|
||||
plug(:accepts, ["json"])
|
||||
plug(:fetch_session)
|
||||
plug(:base_api)
|
||||
plug(Pleroma.Plugs.AuthExpectedPlug)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
plug(Pleroma.Plugs.SetUserSessionIdPlug)
|
||||
plug(:after_auth)
|
||||
plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
|
||||
plug(Pleroma.Plugs.IdempotencyPlug)
|
||||
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
|
||||
end
|
||||
|
||||
pipeline :admin_api do
|
||||
plug(:accepts, ["json"])
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
plug(:base_api)
|
||||
plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
plug(Pleroma.Plugs.SetUserSessionIdPlug)
|
||||
plug(:after_auth)
|
||||
plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
|
||||
plug(Pleroma.Plugs.UserIsAdminPlug)
|
||||
plug(Pleroma.Plugs.IdempotencyPlug)
|
||||
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
|
||||
end
|
||||
|
||||
pipeline :mastodon_html do
|
||||
plug(:accepts, ["html"])
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
plug(Pleroma.Plugs.SetUserSessionIdPlug)
|
||||
plug(Pleroma.Plugs.EnsureUserKeyPlug)
|
||||
plug(:browser)
|
||||
plug(:authenticate)
|
||||
plug(:after_auth)
|
||||
end
|
||||
|
||||
pipeline :pleroma_html do
|
||||
plug(:accepts, ["html"])
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
plug(:browser)
|
||||
plug(:authenticate)
|
||||
plug(Pleroma.Plugs.EnsureUserKeyPlug)
|
||||
end
|
||||
|
||||
@ -524,7 +505,7 @@ defmodule Pleroma.Web.Router do
|
||||
end
|
||||
|
||||
scope "/api" do
|
||||
pipe_through(:api)
|
||||
pipe_through(:base_api)
|
||||
|
||||
get("/openapi", OpenApiSpex.Plug.RenderSpec, [])
|
||||
end
|
||||
@ -538,10 +519,6 @@ defmodule Pleroma.Web.Router do
|
||||
post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)
|
||||
end
|
||||
|
||||
pipeline :ap_service_actor do
|
||||
plug(:accepts, ["activity+json", "json"])
|
||||
end
|
||||
|
||||
pipeline :ostatus do
|
||||
plug(:accepts, ["html", "xml", "rss", "atom", "activity+json", "json"])
|
||||
plug(Pleroma.Plugs.StaticFEPlug)
|
||||
@ -552,8 +529,7 @@ defmodule Pleroma.Web.Router do
|
||||
end
|
||||
|
||||
scope "/", Pleroma.Web do
|
||||
pipe_through(:ostatus)
|
||||
pipe_through(:http_signature)
|
||||
pipe_through([:ostatus, :http_signature])
|
||||
|
||||
get("/objects/:uuid", OStatus.OStatusController, :object)
|
||||
get("/activities/:uuid", OStatus.OStatusController, :activity)
|
||||
@ -571,13 +547,6 @@ defmodule Pleroma.Web.Router do
|
||||
get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe)
|
||||
end
|
||||
|
||||
# Server to Server (S2S) AP interactions
|
||||
pipeline :activitypub do
|
||||
plug(:accepts, ["activity+json", "json"])
|
||||
plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
|
||||
plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug)
|
||||
end
|
||||
|
||||
scope "/", Pleroma.Web.ActivityPub do
|
||||
# XXX: not really ostatus
|
||||
pipe_through(:ostatus)
|
||||
@ -585,19 +554,22 @@ defmodule Pleroma.Web.Router do
|
||||
get("/users/:nickname/outbox", ActivityPubController, :outbox)
|
||||
end
|
||||
|
||||
pipeline :ap_service_actor do
|
||||
plug(:accepts, ["activity+json", "json"])
|
||||
end
|
||||
|
||||
# Server to Server (S2S) AP interactions
|
||||
pipeline :activitypub do
|
||||
plug(:ap_service_actor)
|
||||
plug(:http_signature)
|
||||
end
|
||||
|
||||
# Client to Server (C2S) AP interactions
|
||||
pipeline :activitypub_client do
|
||||
plug(:accepts, ["activity+json", "json"])
|
||||
plug(:ap_service_actor)
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
|
||||
plug(Pleroma.Plugs.UserFetcherPlug)
|
||||
plug(Pleroma.Plugs.SessionAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
|
||||
plug(Pleroma.Plugs.AuthenticationPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
plug(Pleroma.Plugs.SetUserSessionIdPlug)
|
||||
plug(Pleroma.Plugs.EnsureUserKeyPlug)
|
||||
plug(:authenticate)
|
||||
plug(:after_auth)
|
||||
end
|
||||
|
||||
scope "/", Pleroma.Web.ActivityPub do
|
||||
@ -669,12 +641,7 @@ defmodule Pleroma.Web.Router do
|
||||
get("/web/*path", MastoFEController, :index)
|
||||
end
|
||||
|
||||
pipeline :remote_media do
|
||||
end
|
||||
|
||||
scope "/proxy/", Pleroma.Web.MediaProxy do
|
||||
pipe_through(:remote_media)
|
||||
|
||||
get("/:sig/:url", MediaProxyController, :remote)
|
||||
get("/:sig/:url/:filename", MediaProxyController, :remote)
|
||||
end
|
||||
|
@ -20,26 +20,38 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
|
||||
:ok
|
||||
end
|
||||
|
||||
defp get_old_message do
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
end
|
||||
|
||||
defp get_new_message do
|
||||
old_message = get_old_message()
|
||||
|
||||
new_object =
|
||||
old_message
|
||||
|> Map.get("object")
|
||||
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
|
||||
|
||||
old_message
|
||||
|> Map.put("object", new_object)
|
||||
end
|
||||
|
||||
describe "with reject action" do
|
||||
test "it rejects an old post" do
|
||||
Config.put([:mrf_object_age, :actions], [:reject])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
data = get_old_message()
|
||||
|
||||
{:reject, _} = ObjectAgePolicy.filter(data)
|
||||
assert match?({:reject, _}, ObjectAgePolicy.filter(data))
|
||||
end
|
||||
|
||||
test "it allows a new post" do
|
||||
Config.put([:mrf_object_age, :actions], [:reject])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
|
||||
data = get_new_message()
|
||||
|
||||
{:ok, _} = ObjectAgePolicy.filter(data)
|
||||
assert match?({:ok, _}, ObjectAgePolicy.filter(data))
|
||||
end
|
||||
end
|
||||
|
||||
@ -47,9 +59,7 @@ test "it allows a new post" do
|
||||
test "it delists an old post" do
|
||||
Config.put([:mrf_object_age, :actions], [:delist])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
data = get_old_message()
|
||||
|
||||
{:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
|
||||
|
||||
@ -61,14 +71,11 @@ test "it delists an old post" do
|
||||
test "it allows a new post" do
|
||||
Config.put([:mrf_object_age, :actions], [:delist])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
|
||||
data = get_new_message()
|
||||
|
||||
{:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"])
|
||||
|
||||
{:ok, ^data} = ObjectAgePolicy.filter(data)
|
||||
assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
|
||||
end
|
||||
end
|
||||
|
||||
@ -76,9 +83,7 @@ test "it allows a new post" do
|
||||
test "it strips followers collections from an old post" do
|
||||
Config.put([:mrf_object_age, :actions], [:strip_followers])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
data = get_old_message()
|
||||
|
||||
{:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
|
||||
|
||||
@ -91,14 +96,11 @@ test "it strips followers collections from an old post" do
|
||||
test "it allows a new post" do
|
||||
Config.put([:mrf_object_age, :actions], [:strip_followers])
|
||||
|
||||
data =
|
||||
File.read!("test/fixtures/mastodon-post-activity.json")
|
||||
|> Poison.decode!()
|
||||
|> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
|
||||
data = get_new_message()
|
||||
|
||||
{:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
|
||||
|
||||
{:ok, ^data} = ObjectAgePolicy.filter(data)
|
||||
assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -17,7 +17,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|
||||
reject: [],
|
||||
accept: [],
|
||||
avatar_removal: [],
|
||||
banner_removal: []
|
||||
banner_removal: [],
|
||||
reject_deletes: []
|
||||
)
|
||||
|
||||
describe "when :media_removal" do
|
||||
@ -382,6 +383,66 @@ test "match with wildcard domain" do
|
||||
end
|
||||
end
|
||||
|
||||
describe "when :reject_deletes is empty" do
|
||||
setup do: Config.put([:mrf_simple, :reject_deletes], [])
|
||||
|
||||
test "it accepts deletions even from rejected servers" do
|
||||
Config.put([:mrf_simple, :reject], ["remote.instance"])
|
||||
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
||||
end
|
||||
|
||||
test "it accepts deletions even from non-whitelisted servers" do
|
||||
Config.put([:mrf_simple, :accept], ["non.matching.remote"])
|
||||
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
||||
end
|
||||
end
|
||||
|
||||
describe "when :reject_deletes is not empty but it doesn't have a matching host" do
|
||||
setup do: Config.put([:mrf_simple, :reject_deletes], ["non.matching.remote"])
|
||||
|
||||
test "it accepts deletions even from rejected servers" do
|
||||
Config.put([:mrf_simple, :reject], ["remote.instance"])
|
||||
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
||||
end
|
||||
|
||||
test "it accepts deletions even from non-whitelisted servers" do
|
||||
Config.put([:mrf_simple, :accept], ["non.matching.remote"])
|
||||
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
||||
end
|
||||
end
|
||||
|
||||
describe "when :reject_deletes has a matching host" do
|
||||
setup do: Config.put([:mrf_simple, :reject_deletes], ["remote.instance"])
|
||||
|
||||
test "it rejects the deletion" do
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:reject, nil}
|
||||
end
|
||||
end
|
||||
|
||||
describe "when :reject_deletes match with wildcard domain" do
|
||||
setup do: Config.put([:mrf_simple, :reject_deletes], ["*.remote.instance"])
|
||||
|
||||
test "it rejects the deletion" do
|
||||
deletion_message = build_remote_deletion_message()
|
||||
|
||||
assert SimplePolicy.filter(deletion_message) == {:reject, nil}
|
||||
end
|
||||
end
|
||||
|
||||
defp build_local_message do
|
||||
%{
|
||||
"actor" => "#{Pleroma.Web.base_url()}/users/alice",
|
||||
@ -408,4 +469,11 @@ defp build_remote_user do
|
||||
"type" => "Person"
|
||||
}
|
||||
end
|
||||
|
||||
defp build_remote_deletion_message do
|
||||
%{
|
||||
"type" => "Delete",
|
||||
"actor" => "https://remote.instance/users/bob"
|
||||
}
|
||||
end
|
||||
end
|
||||
|
@ -35,7 +35,10 @@ defmacro assert_error_when_disable_push(do: yield) do
|
||||
quote do
|
||||
vapid_details = Application.get_env(:web_push_encryption, :vapid_details, [])
|
||||
Application.put_env(:web_push_encryption, :vapid_details, [])
|
||||
assert "Something went wrong" == unquote(yield)
|
||||
|
||||
assert %{"error" => "Web push subscription is disabled on this Pleroma instance"} ==
|
||||
unquote(yield)
|
||||
|
||||
Application.put_env(:web_push_encryption, :vapid_details, vapid_details)
|
||||
end
|
||||
end
|
||||
@ -45,7 +48,7 @@ test "returns error when push disabled ", %{conn: conn} do
|
||||
assert_error_when_disable_push do
|
||||
conn
|
||||
|> post("/api/v1/push/subscription", %{})
|
||||
|> json_response(500)
|
||||
|> json_response(403)
|
||||
end
|
||||
end
|
||||
|
||||
@ -74,7 +77,7 @@ test "returns error when push disabled ", %{conn: conn} do
|
||||
assert_error_when_disable_push do
|
||||
conn
|
||||
|> get("/api/v1/push/subscription", %{})
|
||||
|> json_response(500)
|
||||
|> json_response(403)
|
||||
end
|
||||
end
|
||||
|
||||
@ -127,7 +130,7 @@ test "returns error when push disabled ", %{conn: conn} do
|
||||
assert_error_when_disable_push do
|
||||
conn
|
||||
|> put("/api/v1/push/subscription", %{data: %{"alerts" => %{"mention" => false}}})
|
||||
|> json_response(500)
|
||||
|> json_response(403)
|
||||
end
|
||||
end
|
||||
|
||||
@ -155,7 +158,7 @@ test "returns error when push disabled ", %{conn: conn} do
|
||||
assert_error_when_disable_push do
|
||||
conn
|
||||
|> delete("/api/v1/push/subscription", %{})
|
||||
|> json_response(500)
|
||||
|> json_response(403)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -2,10 +2,10 @@
|
||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Pleroma.Web.MastodonAPI.PushSubscriptionViewTest do
|
||||
defmodule Pleroma.Web.MastodonAPI.SubscriptionViewTest do
|
||||
use Pleroma.DataCase
|
||||
import Pleroma.Factory
|
||||
alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
|
||||
alias Pleroma.Web.MastodonAPI.SubscriptionView, as: View
|
||||
alias Pleroma.Web.Push
|
||||
|
||||
test "Represent a subscription" do
|
||||
@ -18,6 +18,6 @@ test "Represent a subscription" do
|
||||
server_key: Keyword.get(Push.vapid_config(), :public_key)
|
||||
}
|
||||
|
||||
assert expected == View.render("push_subscription.json", %{subscription: subscription})
|
||||
assert expected == View.render("show.json", %{subscription: subscription})
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user