2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
f4ff4ffba2
Migration and some boilerplate stuff
2019-02-07 17:36:14 +01:00
74518d0b60
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
...
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
65a4b9fbea
mastodon api: rich media: don't clobber %URI struct with a string
2019-02-06 18:02:15 +00:00
eb2b1960e0
Merge branch 'feature/split-hide-network-v2' into 'develop'
...
Split hide_network into hide_followers & hide_followings (fixed)
See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
1d94b67e40
mastodon api: fix rendering of cards without image URLs ( closes #597 )
2019-02-05 18:30:27 +00:00
00835bf678
Merge branch 'fix/rich-media-relative-path' into 'develop'
...
Fix rich media relative path
Closes #588
See merge request pleroma/pleroma!759
2019-02-04 16:01:34 +00:00
16ce129e38
Split hide_network into hide_followers & hide_followings (fixed)
2019-02-03 21:55:04 +03:00
68d461b3a9
Check if rich media uri is relative
2019-02-02 12:24:24 +03:00
833404f0f5
Use with instead of if in the card
2019-02-02 12:04:18 +03:00
e4d18f328b
merge only if page_url is an absolute path
2019-02-02 11:53:46 +03:00
cbadf9d333
Fix rich media relative path
2019-02-02 11:38:37 +03:00
486749064f
Revert "Merge branch 'feature/split-hide-network' into 'develop'"
...
This reverts merge request !733
2019-02-01 20:22:58 +00:00
d747bd9870
Use String.replace_leading instead of String.replace for getting websocket streaming api url.
...
Extract the login responsible for obtaining websocket URL into the corresponding
Endpoint function.
2019-02-01 21:58:43 +03:00
74c6119f28
MastodonAPI.MastodonAPIController: Return a 404 when we fail to get a list
2019-02-01 18:21:16 +01:00
0a82a7e6d6
Merge branch 'feature/split-hide-network' into 'develop'
...
Split hide_network into hide_followers & hide_followings
See merge request pleroma/pleroma!733
2019-02-01 17:05:29 +00:00
00d4333373
Merge branch 'features/glitch-soc-frontend' into 'develop'
...
Features/glitch soc frontend
See merge request pleroma/pleroma!192
2019-01-31 10:16:11 +00:00
4aff4efa8d
Use multiple hackney pools
...
* federation (ap, salmon)
* media (rich media, media proxy)
* upload (uploader proxy)
Each "part" will stop fighting others ones -- a huge federation outbound
could before make the media proxy fail to checkout a connection in time.
splitted media and uploaded media for the good reason than an upload
pool will have all connections to the same host (the uploader upstream).
it also has a longer default retention period for connections.
2019-01-30 15:06:46 +01:00
ebb3496386
Merge branch 'feature/rich-media-part-2-electric-boogaloo' into 'develop'
...
Rich Media support, part 2.
See merge request pleroma/pleroma!719
2019-01-29 05:11:08 +00:00
50d6183893
Split hide_network into hide_followers & hide_followings
2019-01-28 21:40:08 +03:00
de0fb88a9c
Merge branch 'safe-render-activities' into 'develop'
...
remove unnecessary filter (re !723 )
See merge request pleroma/pleroma!729
2019-01-28 11:48:03 +00:00
df2f7b39dd
re f83bae7c: remove unnecessary filter
2019-01-28 12:24:14 +01:00
ddc7ae2c1a
mastodon api: card: force OGP images through mediaproxy
2019-01-28 06:42:27 +00:00
8e42251e06
rich media: add helpers module, use instead of MastodonAPI module
2019-01-28 06:04:54 +00:00
24a103a1fe
mastodon api: formatting
2019-01-28 05:53:17 +00:00
5a37ddc2dc
mastodon api: embed card in status object
2019-01-28 05:53:17 +00:00
132d815f1f
mastodon api: factor out status card fetching, move status card rendering to statusview, add opengraph extended data
2019-01-28 05:53:17 +00:00
cda1470e02
[MastoAPI][GlitchAPI] Add bookmarks
2019-01-28 04:47:32 +01:00
16ab1437d6
Merge branch 'safe-render-activities' into 'develop'
...
Views: wrap activity rendering in a rescue
See merge request pleroma/pleroma!723
2019-01-27 20:10:09 +00:00
f83bae7c22
Views: wrap activity rendering in a rescue
...
this avoids complete timeline breakage when an activity fucks up
rendering.
2019-01-27 19:16:20 +01:00
5eb81d2c72
Merge branch 'features/mastoapi-multi-hashtag' into 'develop'
...
MastodonAPI multi-hashtag
See merge request pleroma/pleroma!652
2019-01-27 12:45:50 +00:00
a65c188593
Web.MastodonAPI.AccountView: Add is_moderator and is_admin
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/557
2019-01-27 10:33:22 +01:00
de956b9e04
Web.MastodonAPI.MastodonAPIController: tag+any bookmark params in a array and flatten it
2019-01-26 16:46:20 +01:00
1f7843b9b8
mastodon api: use OGP uri instead of page_url for deducing domain name, fix test
2019-01-26 15:24:16 +00:00
86037e9c39
mastodon api: use HTML.extract_first_external_url()
2019-01-26 15:13:27 +00:00
78047d57bf
mastodon api: provider_name setting is required too on the card
2019-01-26 14:47:32 +00:00
39863236eb
Web.MastodonAPI.MastodonAPIController: generic get_status_card/1 function for MastoAPI 2.6.x
...
Mastodon API 2.6.x added a card key to the Status object so the Card can be shown in the timeline without an extra request at each status.
2019-01-26 14:18:23 +00:00
3f64379b13
Web.MastodonAPI.MastodonAPIController: Add Rich-Media support
2019-01-26 14:18:23 +00:00
5a84def6a6
Fix the logic in multi-hashtag TLs
2019-01-26 04:46:02 +01:00
f9cae0d04f
[WIP,MastoAPI] Multi-tag timelines
2019-01-26 04:45:36 +01:00
2de208817c
Merge branch 'develop' into rename/pleroma_activity_consistency
2019-01-23 13:05:58 +01:00
69454c8345
Merge branch 'feature/dm-sanity' into 'develop'
...
DM sanitization
See merge request pleroma/pleroma!458
2019-01-21 12:35:10 +00:00
98c8184c1f
Activity: get_create_activity_by_object_ap_id/1 → get_create_by_object_ap_id/1
2019-01-21 08:00:41 +01:00
2fdbd4d137
Activity: create_activity_by_object_id_query/1 → create_by_object_ap_id/1 when is_list
2019-01-21 08:00:40 +01:00
f3045a179e
Merge branch 'i1t/pleroma-477_user_search_improvements' into 'develop'
...
I1t/pleroma 477 user search improvements
See merge request pleroma/pleroma!685
2019-01-20 10:24:05 +00:00
75dfa1f0b0
mastodon api: get_visibility(): DMs never have a cc list.
2019-01-20 02:27:48 +00:00
8c368d42a2
Make attachment links configurable
...
Thanks @href!
2019-01-17 15:48:14 +00:00
943324b661
MastoAPI: Don't break on missing users.
2019-01-16 15:13:09 +01:00
dc45ec62c2
[ #477 ] User search improvements: tsquery search with field weights, friends & followers boosting.
2019-01-14 20:04:45 +03:00
9daf162461
Honour parameters on MastoAPI /favourites
2019-01-12 14:42:52 +00:00
144b48da95
Add link headers to MastoAPI /favourites
...
As documented at https://docs.joinmastodon.org/api/rest/favourites/
2019-01-12 14:03:35 +00:00
e679da4c34
add `pinned` property to `StatusView`
2019-01-08 15:27:02 +07:00
f24087f96e
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/pinned-posts
2019-01-07 20:55:32 +07:00
380e9fba21
add pinned posts
2019-01-07 20:45:33 +07:00
36fa5e8802
Check visible_for_user when performing a search using a direct link.
2019-01-07 10:36:31 +00:00
846082e54f
Different caches based on the module. Remove scrubber version since it is not relevant anymore
2019-01-05 00:19:46 +01:00
90e157ef80
Merge branch 'features/admin-api-user-views' into 'develop'
...
User/Account views: Add rights.admin
Closes #472
See merge request pleroma/pleroma!589
2018-12-31 15:49:34 +00:00
980b5288ed
update copyright years to 2019
2018-12-31 15:41:47 +00:00
7e09c2bd7d
Move scrubber cache-related functions to Pleroma.HTML
2018-12-31 08:19:48 +01:00
dec23500d8
Resolve merge conflict
2018-12-30 21:00:40 +01:00
535fddd286
Friendship ended with Postgresql now Cachex is my best friend
2018-12-30 19:33:36 +01:00
d9f40b05b3
Added get_stripped_html_for_object. Renamed a few things
2018-12-30 16:51:16 +01:00
19f9889fbe
I am not sure what's going on anymore so I'll just commit and reset all the other files to HEAD
2018-12-29 17:45:50 +01:00
dd8f2196f6
Merge branch '483_blocks_import_export' into 'develop'
...
[#483 ] Blocked users list import & export
Closes #483
See merge request pleroma/pleroma!603
2018-12-29 11:34:51 +00:00
0a41786624
[ #467 ] Refactored valid / invalid user rendering.
2018-12-28 22:47:42 +03:00
6e9a15b181
[ #483 ] Blocked users export for TwitterAPI.
2018-12-28 21:08:07 +03:00
b43d630f30
Web.TwitterAPI.UserView: Add rights.admin
2018-12-28 17:38:32 +01:00
0d1788ce44
[ #471 ] Factored out User.visible_for?/2.
2018-12-28 14:35:25 +03:00
e6aeb1d4a5
[ #471 ] Prevented rendering of inactive local accounts.
2018-12-27 15:46:18 +03:00
2791ce9a1f
add license boilerplate to pleroma core
2018-12-23 20:56:42 +00:00
32dfc1d12a
mastodon api: status view: remove obsolete peertube hack
2018-12-23 13:40:33 +00:00
279096228c
[ #114 ] Made MastodonAPI and TwitterAPI user show actions return 404 for auth-inactive users
...
unless requested by admin or moderator.
2018-12-19 18:56:52 +03:00
aed0f90287
[ #114 ] Added `pleroma.confirmation_pending` to user views, adjusted view tests.
2018-12-18 17:22:45 +03:00
77b5154c82
Cowboy handler for Mastodon WebSocket
2018-12-17 17:06:18 +01:00
5dcb7aecea
More put_view.
2018-12-16 17:51:22 +01:00
f672555ad3
Upgrade to Phoenix 1.4
2018-12-16 17:15:07 +01:00
28478a9c4f
Merge branch 'fix/masto-put-settings' into 'develop'
...
Mastodon API: Fix PUT /api/web/settings
See merge request pleroma/pleroma!557
2018-12-16 11:21:26 +00:00
4c783e35c0
Mastodon API: Fix PUT /api/web/settings
2018-12-16 13:15:34 +02:00
acec11626d
Merge branch 'fix/issue_272' into 'develop'
...
[#272 ] fix tags
See merge request pleroma/pleroma!540
2018-12-14 20:20:30 +00:00
ea72ac549b
fix case when tags is invalid
2018-12-14 23:16:12 +03:00
d3ec09bb38
fix tags
2018-12-14 22:09:04 +03:00
0b4c61e8d5
Fix warning
2018-12-14 13:56:42 +01:00
ec0e613eca
Pleroma.Activity.mastodon_notification_type/1
2018-12-14 13:22:10 +01:00
331396cbcd
Properly disable Web Push if no VAPID key is set
2018-12-14 13:05:51 +01:00
658edb166f
fix and improve web push; add configuration docs
2018-12-14 13:05:29 +01:00
ff10b9927b
Merge branch 'support/bugfix_272' into 'develop'
...
[#272 ] fix hashtags in api
See merge request pleroma/pleroma!510
2018-12-10 19:05:16 +00:00
e94c3442f4
updates
2018-12-10 13:27:37 +03:00
074fa790ba
fix compile warnings
2018-12-09 20:50:08 +03:00
068353ac0b
formatting
2018-12-09 11:24:46 +03:00
9442588ae9
fix hashtags in api response
2018-12-09 11:24:46 +03:00
94d8f1ab30
Merge branch '394_user_tags' into 'develop'
...
[#394 ] User tags
Closes #394
See merge request pleroma/pleroma!508
2018-12-07 18:25:38 +00:00
7a2162bbcb
[ #394 ] User view (Twitter & Mastadon API): wrapped "tags" in "pleroma" map.
2018-12-06 22:26:25 +03:00
7bcb6a183a
[ #394 ] Refactoring.
2018-12-06 20:23:16 +03:00
7b19487389
[ #394 ] Added `users.tags` and admin routes to tag and untag users. Added tests.
2018-12-06 20:06:50 +03:00
1d531fd2f3
Merge branch 'fix/mastodon-api-settings' into 'develop'
...
Fix put_settings and remove info_changeset
See merge request pleroma/pleroma!507
2018-12-06 16:01:58 +00:00
abead01ab6
Merge branch 'correct-and-improve-http-options' into 'develop'
...
Correct and improve http options
See merge request pleroma/pleroma!505
2018-12-06 15:57:56 +00:00
2ae1128d9f
MastoAPI: Fix put_settings
2018-12-06 17:42:07 +03:00
79668c08fc
cleanup
2018-12-06 20:50:20 +07:00
3d492795b7
clean up
2018-12-06 20:42:00 +07:00
4944498133
Merge branch 'develop' into feature/compat/push-subscriptions
...
# Conflicts:
# lib/pleroma/application.ex
# lib/pleroma/plugs/oauth_plug.ex
2018-12-06 20:15:16 +07:00
8b4397c704
Merge branch 'develop' into feature/compat/push-subscriptions
...
# Conflicts:
# lib/mix/tasks/sample_config.eex
# lib/pleroma/web/twitter_api/controllers/util_controller.ex
# mix.exs
# mix.lock
2018-12-06 19:55:58 +07:00
04a48286e6
Add web push support
2018-12-06 19:29:04 +07:00
ccf0b46dd6
Merge branch '210_twitter_api_uploads_alt_text' into 'develop'
...
[#210 ] TwitterAPI: alt text support for uploaded images. Mastodon API uploads security fix.
See merge request pleroma/pleroma!496
2018-12-06 07:36:21 +00:00
3e90f688f1
[ #210 ] Mastodon: actor storing for media uploads, ownership check to update_media.
...
Refactoring.
2018-12-06 10:26:17 +03:00
96ba95df2e
remove follow_redirect options
2018-12-06 11:38:33 +09:00
505d820827
Merge remote-tracking branch 'origin/debug-suggestions-api' into correct-and-improve-http-options
2018-12-06 10:48:05 +09:00
76d6b1c6ab
Merge remote-tracking branch 'origin' into follower-hiding
2018-12-05 21:27:56 +01:00
3ea4476445
MastodonAPI: Show users their own network.
2018-12-05 21:25:06 +01:00
a418547bdf
debug /api/v1/suggestions
2018-12-05 16:08:34 +09:00
87109482f3
status_code -> status
2018-12-04 14:04:06 +03:00
f85949cc69
object: factor out fetching functions into Pleroma.Object.Fetcher module
2018-12-04 04:52:09 +00:00
3b8e5bcbeb
fix most tests
2018-12-04 04:52:09 +00:00
5d4a71906a
mastodon api: use Object.normalize() in a few missing spots
2018-12-04 04:52:09 +00:00
e9b718cea2
mastodon api: status view: use Object.normalize()
2018-12-04 04:52:09 +00:00
4b70e5eae9
Parse bio for MastodonAPI
2018-12-03 18:59:50 +03:00
2a639de9b3
MastodonApi: Implement hide_network.
2018-12-02 17:48:00 +01:00
347df6421d
Fix masto api user updating.
2018-12-01 10:40:01 +01:00
c443c9bd72
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into validate-user-info
2018-12-01 09:55:46 +01:00
02d3dc6869
Uploads fun, part. 2
2018-11-30 18:02:37 +01:00
b19597f602
reverse proxy / uploads
2018-11-30 18:00:47 +01:00
d0ec2812bd
Merge remote-tracking branch 'origin' into validate-user-info
2018-11-30 17:34:20 +01:00
d388a99143
Web.MastodonAPI.MastodonSocket: Put access_token at function-level
2018-11-24 06:43:03 +01:00
5346fabf14
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
...
reported by soka on CRTNet
2018-11-24 06:13:36 +01:00
0896cf4c0f
Fix most mastodon api bugs.
2018-11-20 20:12:39 +01:00
bc5cf2c192
Improved version string
2018-11-20 17:55:03 +01:00
2cf40237ff
MastodonAPI: Add pagination to private messages.
2018-11-13 19:46:34 +01:00
1592fa2bea
Mastodon API: Fix list streaming
2018-11-11 14:18:15 +01:00
b451a92d78
Merge branch 'runtime-config' into 'develop'
...
Runtime configuration
See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
...
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
5bb88fd174
Runtime configuration
...
Related to #85
Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
a8f1e30cb8
Formatting.
2018-11-06 16:05:58 +01:00
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
763fc7b44f
Runtime configured emojis
...
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.
This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable
2018-11-03 14:42:47 +01:00
0cca7edbe0
Fix hashtag search
...
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
4d8f076125
mastodon api: add support for rendering Page objects
2018-11-01 10:00:16 +00:00
755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string
2018-11-01 09:55:38 +01:00
181f3bb56a
mastodon api: enforce upload limits for avatars and banners
2018-10-29 16:43:05 +00:00
5c6ec2d9fc
twitter/mastodon api: always use mediaproxy URLs in attachments
...
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
26eb11c172
activitypub: add support for filtering broken threads out of timelines
2018-10-26 06:16:51 +00:00
b386888a0e
[Pleroma.Web.MastodonAPI.MastodonAPIController]: fallback for try_render/4
...
Better be sure than sorry
2018-10-25 06:21:11 +02:00
b112112c11
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Wrap around render/4
2018-10-25 05:52:45 +02:00
b0a940d5a2
[Pleroma.Web.MastodonAPI.StatusView]: Remove unused arguments
2018-10-25 05:24:03 +02:00
2da0ffeb28
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex: Output an error when render(status.json) gives a nil
2018-10-25 05:24:03 +02:00
0c10be8731
[Pleroma.Web.MastodonAPI.StatusView]: Remove nils from lists.json
2018-10-25 05:24:03 +02:00
3b0e9287a5
[Pleroma.Web.MastodonAPI.StatusView]: Return nil as fallback for missing views
2018-10-25 05:24:01 +02:00
e8c698af41
Add an endpoint /api/v1/accounts/:id/lists to get lists to which account belongs
2018-10-19 01:46:26 +09:00
7b3fff9af8
{mastodon api, twitter api}: make the follow handshake timeout configurable
2018-10-07 01:05:59 +00:00
7f530f6f80
mastodon api: relationship view: better handle no pre-existing follow activity
2018-10-05 23:50:13 +00:00
e69faf550c
user: add wait_and_refresh() for async three-way handshake case
2018-10-05 23:40:49 +00:00
Ivan Tashkinov
Karen Konou
Mark Felder
William Pitcock
kaniini
rinpatch
Maxim Filippov
eugenijm
Haelwenn (lanodan) Monnier
Haelwenn
href
lambda
lain
Sadposter
Egor Kislitsyn
scarlett
eal
href
Maksim Pechnikov
Hakaba Hitoyo
KokaKiwi
AkiraFukushima