Commit Graph

1995 Commits

Author SHA1 Message Date
Maxim Filippov
4b70e5eae9 Parse bio for MastodonAPI 2018-12-03 18:59:50 +03:00
rinpatch
343b0adfa6 Merge branch 'develop' into fix/theora-detection-read-bytes 2018-12-03 00:34:04 +03:00
rinpatch
a3953ca37a Change @read_bytes to 35 2018-12-03 00:22:19 +03:00
Maxim Filippov
ce98d5eb9b Parse user's bio on register 2018-12-02 22:03:53 +03:00
lain
8c9a4e8b40 TwitterAPI: Implement hide_network. 2018-12-02 18:14:13 +01:00
lain
2a639de9b3 MastodonApi: Implement hide_network. 2018-12-02 17:48:00 +01:00
lain
6be0ab1e55 Hide network in ap. 2018-12-02 17:35:32 +01:00
href
43d5e4f7fa
Fix media proxy config defaults 2018-12-02 11:24:02 +01:00
lain
91065e1968 Fix background updating / handling. 2018-12-02 11:20:38 +01:00
lain
f18b86fd5f More fixes for Info schema. 2018-12-01 12:46:08 +01:00
lain
93f2dc19d9 TwitterAPI: Fix banner and background update. 2018-12-01 12:01:22 +01:00
lain
347df6421d Fix masto api user updating. 2018-12-01 10:40:01 +01:00
lain
c443c9bd72 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into validate-user-info 2018-12-01 09:55:46 +01:00
lain
1c67277c80 Fix admin api. 2018-12-01 09:03:16 +01:00
href
e9982c521b
Upload filter: anonymize filename
It replaces the original filename with a randomly generated string.
2018-11-30 19:33:34 +01:00
kaniini
ca24ad2a2b Merge branch 'feature/reverse-proxy' into 'develop'
reverse proxy / uploads

See merge request pleroma/pleroma!470
2018-11-30 18:15:44 +00:00
href
8e0e20631c
Reverse proxy: default max read duration at 30 secs. 2018-11-30 19:12:03 +01:00
lambda
e99bab8f27 Merge branch 'config-delete' into 'develop'
Add Pleroma.Config.delete/1

See merge request pleroma/pleroma!484
2018-11-30 17:57:06 +00:00
href
1d94c8f0f0
Fix supervisor order
This starts `Pleroma.Web.Endpoint` after all other processes and may
avoid some weird bugs (especially at start/restart).

Also properly ignores starting the gopher's gen_server if disabled.
2018-11-30 18:31:15 +01:00
href
253da275bd
Pleroma.Config.delete/1 2018-11-30 18:27:27 +01:00
href
7282937f33
MIME: video/audio ogg detection 2018-11-30 18:02:52 +01:00
href
680716b3c9
Config docs 2018-11-30 18:02:51 +01:00
href
65e7307d68
Upload: bring back base_url 2018-11-30 18:02:50 +01:00
href
5d92431350
Fix deprecation warnings 2018-11-30 18:02:50 +01:00
href
02d3dc6869
Uploads fun, part. 2 2018-11-30 18:02:37 +01:00
href
97b00d366f
reverse_proxy: more headers 2018-11-30 18:00:57 +01:00
href
a2640c8088
Parse correctly content-type & do not forward content-length 2018-11-30 18:00:57 +01:00
href
b19597f602
reverse proxy / uploads 2018-11-30 18:00:47 +01:00
lain
d0ec2812bd Merge remote-tracking branch 'origin' into validate-user-info 2018-11-30 17:34:20 +01:00
lain
8f1fffebc6 Fix transmogrifier test. 2018-11-30 17:31:05 +01:00
lain
d088ac6286 Fix OStatus user updates.
Breaks banner updating.
2018-11-30 17:21:58 +01:00
lain
48b95a9b95 Assorted fixes. 2018-11-30 17:08:02 +01:00
lain
d407f662af Fix TwitterApiController. 2018-11-30 17:07:37 +01:00
lain
a6812bc9df Remove "most recent notification" endpoint. 2018-11-30 16:47:37 +01:00
KokaKiwi
87098d1676 Streamer: Don't send unwanted DMs to list streams 2018-11-27 20:50:19 +01:00
lain
e002858071 Fix ostatus test. 2018-11-27 18:37:46 +01:00
lain
3c61df6b9e Webfinger fixes. 2018-11-27 18:31:44 +01:00
lain
badbe2656c More fixes. 2018-11-27 18:12:03 +01:00
kaniini
b9bc83097d Merge branch 'ogg-theora-detection' into 'develop'
Add Theora detection to upload.ex

See merge request pleroma/pleroma!479
2018-11-27 16:55:56 +00:00
lain
ec464ef20a HTTP sig fixes. 2018-11-27 17:42:45 +01:00
rinpatch
0d229613df Fix lint error 2018-11-27 19:07:58 +03:00
rinpatch
7f20a3cf1f Add Theora detection to upload.ex 2018-11-27 17:51:02 +03:00
Haelwenn
5ae6088d37 Merge branch 'feature/mrf-user-allowlist' into 'develop'
MRF: user allowlist module

See merge request pleroma/pleroma!477
2018-11-27 00:12:03 +00:00
kaniini
a76058fc1d Merge branch 'fix/pleromafe-title' into 'develop'
Replace hardcoded <title>

See merge request pleroma/pleroma!476
2018-11-26 23:59:30 +00:00
William Pitcock
271f9f1335 nodeinfo: add mrf_user_allowlist data 2018-11-26 23:52:19 +00:00
William Pitcock
8c05d19c7f MRF: add user allowlist module 2018-11-26 23:51:58 +00:00
Mark Felder
6cc94404d7 Replace this hardcoded <title> 2018-11-26 22:51:25 +00:00
Haelwenn (lanodan) Monnier
04daa0fa44
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
2018-11-26 21:41:36 +01:00
shibayashi
591b11eafc
Add manifest-src to allow manifest.json 2018-11-26 20:48:24 +01:00
Haelwenn (lanodan) Monnier
ca029f0b69
Web.Streamer: Get unauthenticated statuses representation 2018-11-24 08:45:45 +01:00
Haelwenn (lanodan) Monnier
d388a99143
Web.MastodonAPI.MastodonSocket: Put access_token at function-level 2018-11-24 06:43:03 +01:00
Haelwenn (lanodan) Monnier
5346fabf14
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
reported by soka on CRTNet
2018-11-24 06:13:36 +01:00
kaniini
675653ceb7 Merge branch 'feature/admin-api' into 'develop'
Add a admin API

See merge request pleroma/pleroma!366
2018-11-22 00:28:04 +00:00
kaniini
182e3e8da2 Merge branch 'feature/improve-version' into 'develop'
Improved version string

See merge request pleroma/pleroma!467
2018-11-21 16:53:38 +00:00
kaniini
a591a044a9 Merge branch 'runtime-fixes' into 'develop'
Various runtime configuration fixes

See merge request pleroma/pleroma!468
2018-11-20 22:25:35 +00:00
lain
0bea0308f1 Merge branch 'validate-user-info' of git.pleroma.social:pleroma/pleroma into validate-user-info 2018-11-20 20:16:16 +01:00
lain
d3180e0ccc Raise on usage of old function. 2018-11-20 20:14:38 +01:00
lain
0896cf4c0f Fix most mastodon api bugs. 2018-11-20 20:12:39 +01:00
Haelwenn
c7d08bc1cf Merge branch 'feature/retry-queue' into 'develop'
Federator: add retry queue.

See merge request pleroma/pleroma!323
2018-11-20 19:04:52 +00:00
William Pitcock
3456948cd1 mastodon api: fix up quite a few test failures 2018-11-20 19:02:23 +00:00
William Pitcock
ef6c64a5d2 activitypub: fix restrict_blocked() 2018-11-20 18:58:08 +00:00
William Pitcock
c196754b4d mastodon api: account view: fix tests 2018-11-20 18:54:48 +00:00
William Pitcock
ece8656733 streamer: fix fetching the user's block list 2018-11-20 18:47:12 +00:00
William Pitcock
3356c7d1e9 oauth plug: fix deactivated check 2018-11-20 18:47:00 +00:00
William Pitcock
4ac849cb4a common api: fix moderator check when deleting posts 2018-11-20 18:42:28 +00:00
William Pitcock
312676f711 user: fix user.info lookup in User.locked?() 2018-11-20 18:41:44 +00:00
lain
6f0b9a5163 Fix Notification tests. 2018-11-20 19:15:28 +01:00
lain
2887f4ff1d Fix formatter tests. 2018-11-20 19:07:01 +01:00
href
bc5cf2c192
Improved version string 2018-11-20 17:55:03 +01:00
href
7f4c3a1e99
mediaproxy: fix empty url & add some tests 2018-11-20 17:50:03 +01:00
eal
689b46efc8 RetryQueue: tiny refractor, add tests 2018-11-19 18:08:41 +02:00
href
bcecdc3ab1
Various runtime configuration fixes 2018-11-19 10:09:24 +01:00
lain
fbb70d25fe Several twitter api fixes. 2018-11-18 22:36:47 +01:00
lain
40d9d2098c Fix user updating from AP. 2018-11-18 22:15:03 +01:00
lain
cafa15131a Mix format. 2018-11-18 21:41:35 +01:00
lain
4c918392c6 Fix most User tests. 2018-11-18 21:40:52 +01:00
lain
e7cd6e9739 Fix setting of keys. 2018-11-18 19:33:43 +01:00
lain
fc3bcf335e Fix following locked users. 2018-11-18 18:53:50 +01:00
lain
d5af41b577 Fix note count update. 2018-11-18 18:52:21 +01:00
lain
6f90ceb2ed Fix follower count test. 2018-11-18 18:49:17 +01:00
lain
812f5b058a Fix blocking. 2018-11-18 18:40:31 +01:00
lain
756764266c Formatting. 2018-11-18 18:27:04 +01:00
lain
b396dba425 Fix follower count setting. 2018-11-18 18:24:16 +01:00
lain
5c8f07f0a8 Fix note counting. 2018-11-18 18:17:56 +01:00
lain
47d883d3ab Fix User deactivation. 2018-11-18 18:06:02 +01:00
lain
50585d051b Add User.Info module
To validate and mutate the user.info field.
2018-11-18 18:04:42 +01:00
eal
62299be094 Federator: add retry queue. 2018-11-18 17:46:29 +02:00
William Pitcock
f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
William Pitcock
98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
William Pitcock
dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
Haelwenn (lanodan) Monnier
0ca00b3a07
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier
12ccf0c4f8
Change Relay from status to {status, message} 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier
4634d99d0d
Web.Router: Change right to permission group (except for function names) 2018-11-17 22:12:13 +01:00
William Pitcock
0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock
3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock
c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
Haelwenn (lanodan) Monnier
e0b0fde713
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names) 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier
ccd6b1956d
lib/pleroma/web/admin_api/admin_api_controller.ex: Support status reply of Relay.{un,}follow 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
265c8c5209
Pleroma.Web.ActivityPub.Relay: make {un,}follow return :ok only if it worked, :error if it didn’t 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
4a79b89dba
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.” 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
f9d05902fe
lib/pleroma/web/admin_api/admin_api_controller.ex: An admin cannot un-admin themselves 2018-11-17 20:25:56 +01:00
Haelwenn (lanodan) Monnier
a87ed2fad6
Pleroma.Web.AdminAPI.AdminAPIController: user_create statement format 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
f48062488e
Add get endpoints for rights [AdminAPI] 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
59ce7fedce
Fix connection returns make generic right endpoint [AdminAPI] 2018-11-17 20:25:55 +01:00
Haelwenn (lanodan) Monnier
c5a2bd6a65
admin_api_controller.ex: fix remaining params at once 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
95b107b6cc
admin_api_controller.ex: Add documentation, fix get_invite_token 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
578a911737
admin_api_controller.ex: get_password_reset: fix params and response 2018-11-17 20:25:54 +01:00
Haelwenn (lanodan) Monnier
5732eef16b
lib/pleroma/web/admin_api/admin_api_controller.ex: Pleroma.Web.AdminAPI.Controller → Pleroma.Web.AdminAPI.AdminAPIController 2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier
c8b8f1d32c
[Pleroma.Plugs.UserIsAdminPlug]: Check if admin is true instead of false, fix error reporting 2018-11-17 20:25:53 +01:00
Haelwenn (lanodan) Monnier
7076d45cb6
lib/pleroma/plugs/user_is_admin_plug.ex: Create 2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier
77d2fd54dd
admin_api_controller: Have some basic code 2018-11-17 20:25:52 +01:00
Haelwenn (lanodan) Monnier
ee2e1328ad
admin_api_controller.ex: Create 2018-11-17 20:25:52 +01:00
William Pitcock
603fccf175 activitypub: fetch_object_from_id(): prefer actor over attributedTo to avoid spoofing 2018-11-17 18:17:17 +00:00
kaniini
05967472f2 Merge branch 'feature/uploader-mdii' into 'develop'
Feature / MDII Uploader

See merge request pleroma/pleroma!454
2018-11-17 16:41:09 +00:00
hakabahitoyo
59e079f641 fallbacking into local uploader 2018-11-17 20:16:25 +09:00
hakabahitoyo
8fd0556c78 better config reading 2018-11-17 18:14:42 +09:00
lain
f87b315618 TwitterAPI: Fix dm_timeline displaying only half of the conversation. 2018-11-16 19:47:36 +01:00
lambda
2f639ea129 Merge branch 'feature/pleromafe-usersearch' into 'develop'
Add Twitter / Pleroma API user search

See merge request pleroma/pleroma!452
2018-11-16 18:13:47 +00:00
William Pitcock
c07464607d http security: remove form-action from CSP definitions 2018-11-16 17:40:21 +00:00
lain
e8d8c84f79 Add better test for user search functionlity. 2018-11-16 18:31:32 +01:00
hakabahitoyo
55abd8482e better config 2018-11-16 20:41:12 +09:00
hakabahitoyo
52224de39f better extension detection 2018-11-16 20:22:36 +09:00
hakabahitoyo
4fbfacf5e1 debug 2018-11-15 16:08:55 +09:00
hakabahitoyo
8e707aba29 format 2018-11-15 15:11:59 +09:00
Hakaba Hitoyo
ebe658c169 debuf 2018-11-15 14:46:43 +09:00
Hakaba Hitoyo
698cb3587c omplement mdii uploader 2018-11-15 14:38:45 +09:00
Hakaba Hitoyo
58af0787be add mdii uploader 2018-11-15 14:19:10 +09:00
lain
27aa136aac Format. 2018-11-14 20:41:12 +01:00
lain
7b170cd616 Add Pleroma user search api for PleromaFE. 2018-11-14 20:33:23 +01:00
lambda
cc45797f4e Merge branch 'fix-media-proxy-filename' into 'develop'
media_proxy: use path only to retrieve filename

See merge request pleroma/pleroma!450
2018-11-14 18:17:10 +00:00
kaniini
69d557e86d Merge branch 'twitter-api-direct-messages' into 'develop'
Twitter api direct messages

See merge request pleroma/pleroma!449
2018-11-14 08:52:08 +00:00
href
f52a1d1ec5
media_proxy: use path only to retrieve filename 2018-11-13 23:41:33 +01:00
lain
ea9a776d7b TwitterApi: Add direct message endpoint 2018-11-13 20:08:50 +01:00
lain
2cf40237ff MastodonAPI: Add pagination to private messages. 2018-11-13 19:46:34 +01:00
href
9b553a1087
media_proxy: CSP, content-disposition
* Adds CSP headers to the media proxy endpoint

* Sends `content-disposition: attachment; …` for non-image/video/audio
content types

The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.

* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi
87c76a9a2f
Add __Host- prefix when secure flag is enabled 2018-11-13 00:32:38 +01:00
scarlett
0ce5623134 Merge branch 'twitter-api-null-display-name' into 'develop'
Twitter API: Fall back to user.nickname if user has no name

Closes #375

See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett
cb6fd73861 Twitter API: Fall back to user.nickname if user has no name 2018-11-12 15:52:13 +00:00
kaniini
54923c2e55 Merge branch 'feature/csp-plug' into 'develop'
migrate CSP management to CSPPlug

See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock
ee5932a504 http security: allow referrer-policy to be configured 2018-11-12 15:14:46 +00:00
William Pitcock
fe67665e19 rename CSPPlug to HTTPSecurityPlug. 2018-11-12 15:08:02 +00:00
KokaKiwi
1592fa2bea Mastodon API: Fix list streaming 2018-11-11 14:18:15 +01:00
William Pitcock
df72978dce csp plug: add support for certificate transparency 2018-11-11 06:55:44 +00:00
William Pitcock
331cf6ada1 csp plug: add sts support 2018-11-11 06:50:28 +00:00
William Pitcock
f516e317ea plugs: add CSPPlug 2018-11-11 06:10:21 +00:00
William Pitcock
419ed3a0ca oauth: fix token decode regression 2018-11-11 05:26:39 +00:00
William Pitcock
97e50f3191 activitypub: transmogrifier: sanitize internal representation details from outgoing objects
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data.  accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
William Pitcock
f8310114a6 activitypub: object view: sanitize both the activity and the object when an activity is given for rendering 2018-11-10 12:04:09 +00:00
kaniini
c9c1f9dee2 Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
ostatus: only federate activities concerning note objects

See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00