diff options
76 files changed, 1149 insertions, 508 deletions
diff --git a/.gitignore b/.gitignore index 4dea75e93..f30f4cf5f 100644 --- a/.gitignore +++ b/.gitignore @@ -53,3 +53,7 @@ pleroma.iml # asdf .tool-versions + +# Editor temp files +/*~ +/*#
\ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0fec89368..c7e8291d8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -371,3 +371,26 @@ docker-release: - dind only: - /^release/.*$/@pleroma/pleroma + +docker-adhoc: + stage: docker + image: docker:latest + cache: {} + dependencies: [] + variables: *docker-variables + before_script: *before-docker + allow_failure: true + script: + script: + - mkdir -p /root/.docker/cli-plugins + - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx + - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c + - chmod +x ~/.docker/cli-plugins/docker-buildx + - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - docker buildx create --name mbuilder --driver docker-container --use + - docker buildx inspect --bootstrap + - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG . + tags: + - dind + only: + - /^build-docker/.*$/@pleroma/pleroma
\ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index e26c8d261..43927fe6e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Unreleased +### Removed + +- `:auth, :enforce_oauth_admin_scope_usage` configuration option. + ### Changed - **Breaking**: Changed `mix pleroma.user toggle_confirmed` to `mix pleroma.user confirm` @@ -33,6 +37,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - **Breaking:** AdminAPI `GET /api/pleroma/admin/instances/:instance/statuses` changed response format and added the number of total users posts. - Admin API: Reports now ordered by newest - Pleroma API: `GET /api/v1/pleroma/chats` is deprecated in favor of `GET /api/v2/pleroma/chats`. +- Pleroma API: Reroute `/api/pleroma/*` to `/api/v1/pleroma/*` </details> @@ -55,6 +60,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Ability to define custom HTTP headers per each frontend - MRF (`NoEmptyPolicy`): New MRF Policy which will deny empty statuses or statuses of only mentions from being created by local users - New users will receive a simple email confirming their registration if no other emails will be dispatched. (e.g., Welcome, Confirmation, or Approval Required) +- The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change. <details> <summary>API Changes</summary> @@ -70,6 +76,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Home, public, hashtag & list timelines accept `only_media`, `remote` & `local` parameters for filtration. - Mastodon API: `/api/v1/accounts/:id` & `/api/v1/mutes` endpoints accept `with_relationships` parameter and return filled `pleroma.relationship` field. - Mastodon API: Endpoint to remove a conversation (`DELETE /api/v1/conversations/:id`). +- Mastodon API: `expires_in` in the scheduled post `params` field on `/api/v1/statuses` and `/api/v1/scheduled_statuses/:id` endpoints. </details> ### Fixed diff --git a/config/config.exs b/config/config.exs index 0fbca06f3..66aee3264 100644 --- a/config/config.exs +++ b/config/config.exs @@ -611,10 +611,7 @@ config :ueberauth, base_path: "/oauth", providers: ueberauth_providers -config :pleroma, - :auth, - enforce_oauth_admin_scope_usage: true, - oauth_consumer_strategies: oauth_consumer_strategies +config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail, enabled: false diff --git a/config/test.exs b/config/test.exs index 690c98e40..87396a88d 100644 --- a/config/test.exs +++ b/config/test.exs @@ -38,7 +38,7 @@ config :pleroma, :instance, external_user_synchronization: false, static_dir: "test/instance_static/" -config :pleroma, :activitypub, sign_object_fetches: false +config :pleroma, :activitypub, sign_object_fetches: false, follow_handshake_timeout: 0 # Configure your database config :pleroma, Pleroma.Repo, diff --git a/docs/clients.md b/docs/clients.md index 3d81763e1..5650ea236 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -17,7 +17,7 @@ Feel free to contact us to be added to this list! - Features: MastoAPI ### Whalebird -- Homepage: <https://whalebird.org/> +- Homepage: <https://whalebird.social/> - Source Code: <https://github.com/h3poteto/whalebird-desktop> - Contact: [@h3poteto@pleroma.io](https://pleroma.io/users/h3poteto) - Platforms: Windows, Mac, Linux diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index ad5768465..028c5e91d 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -49,7 +49,7 @@ To add configuration to your config file, you can copy it from the base config. * `attachment_links`: Set to true to enable automatically adding attachment link text to statuses. * `max_report_comment_size`: The maximum size of the report comment (Default: `1000`). * `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. -* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `healthcheck`: If set to true, system data will be shown on ``/api/v1/pleroma/healthcheck``. * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. * `user_bio_length`: A user bio maximum length (default: `5000`). * `user_name_length`: A user name maximum length (default: `100`). @@ -225,7 +225,7 @@ config :pleroma, :mrf_user_allowlist, %{ This can be used to configure a keyword list that keeps the configuration data for any kind of frontend. By default, settings for `pleroma_fe` and `masto_fe` are configured. You can find the documentation for `pleroma_fe` configuration into [Pleroma-FE configuration and customization for instance administrators](/frontend/CONFIGURATION/#options). -Frontends can access these settings at `/api/pleroma/frontend_configurations` +Frontends can access these settings at `/api/v1/pleroma/frontend_configurations` To add your own configuration for PleromaFE, use it like this: @@ -848,13 +848,13 @@ config :pleroma, :admin_token, "somerandomtoken" You can then do ```shell -curl "http://localhost:4000/api/pleroma/admin/users/invites?admin_token=somerandomtoken" +curl "http://localhost:4000/api/v1/pleroma/admin/users/invites?admin_token=somerandomtoken" ``` or ```shell -curl -H "X-Admin-Token: somerandomtoken" "http://localhost:4000/api/pleroma/admin/users/invites" +curl -H "X-Admin-Token: somerandomtoken" "http://localhost:4000/api/v1/pleroma/admin/users/invites" ``` Warning: it's discouraged to use this feature because of the associated security risk: static / rarely changed instance-wide token is much weaker compared to email-password pair of a real admin user; consider using HTTP Basic Auth or OAuth-based authentication instead. diff --git a/docs/development/API/admin_api.md b/docs/development/API/admin_api.md index 04a181401..8f855d251 100644 --- a/docs/development/API/admin_api.md +++ b/docs/development/API/admin_api.md @@ -2,14 +2,9 @@ Authentication is required and the user must be an admin. -Configuration options: +The `/api/v1/pleroma/admin/*` path is backwards compatible with `/api/pleroma/admin/*` (`/api/pleroma/admin/*` will be deprecated in the future). -* `[:auth, :enforce_oauth_admin_scope_usage]` — OAuth admin scope requirement toggle. - If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token (client app must support admin scopes). - If `false` and token doesn't have admin scope(s), `is_admin` user flag grants access to admin-specific actions. - Note that client app needs to explicitly support admin scopes and request them when obtaining auth token. - -## `GET /api/pleroma/admin/users` +## `GET /api/v1/pleroma/admin/users` ### List users @@ -30,7 +25,7 @@ Configuration options: - *optional* `actor_types`: **[string]** actor type list (`Person`, `Service`, `Application`) - *optional* `name`: **string** user display name - *optional* `email`: **string** user email -- Example: `https://mypleroma.org/api/pleroma/admin/users?query=john&filters=local,active&page=1&page_size=10&tags[]=some_tag&tags[]=another_tag&name=display_name&email=email@example.com` +- Example: `https://mypleroma.org/api/v1/pleroma/admin/users?query=john&filters=local,active&page=1&page_size=10&tags[]=some_tag&tags[]=another_tag&name=display_name&email=email@example.com` - Response: ```json @@ -59,7 +54,7 @@ Configuration options: } ``` -## DEPRECATED `DELETE /api/pleroma/admin/users` +## DEPRECATED `DELETE /api/v1/pleroma/admin/users` ### Remove a user @@ -67,7 +62,7 @@ Configuration options: - `nickname` - Response: User’s nickname -## `DELETE /api/pleroma/admin/users` +## `DELETE /api/v1/pleroma/admin/users` ### Remove a user @@ -88,7 +83,7 @@ Configuration options: ] - Response: User’s nickname -## `POST /api/pleroma/admin/users/follow` +## `POST /api/v1/pleroma/admin/users/follow` ### Make a user follow another user @@ -98,7 +93,7 @@ Configuration options: - Response: - "ok" -## `POST /api/pleroma/admin/users/unfollow` +## `POST /api/v1/pleroma/admin/users/unfollow` ### Make a user unfollow another user @@ -108,7 +103,7 @@ Configuration options: - Response: - "ok" -## `PATCH /api/pleroma/admin/users/:nickname/toggle_activation` +## `PATCH /api/v1/pleroma/admin/users/:nickname/toggle_activation` ### Toggle user activation @@ -124,7 +119,7 @@ Configuration options: } ``` -## `PUT /api/pleroma/admin/users/tag` +## `PUT /api/v1/pleroma/admin/users/tag` ### Tag a list of users @@ -132,7 +127,7 @@ Configuration options: - `nicknames` (array) - `tags` (array) -## `DELETE /api/pleroma/admin/users/tag` +## `DELETE /api/v1/pleroma/admin/users/tag` ### Untag a list of users @@ -140,7 +135,7 @@ Configuration options: - `nicknames` (array) - `tags` (array) -## `GET /api/pleroma/admin/users/:nickname/permission_group` +## `GET /api/v1/pleroma/admin/users/:nickname/permission_group` ### Get user user permission groups membership @@ -154,7 +149,7 @@ Configuration options: } ``` -## `GET /api/pleroma/admin/users/:nickname/permission_group/:permission_group` +## `GET /api/v1/pleroma/admin/users/:nickname/permission_group/:permission_group` Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesn’t exist. @@ -170,7 +165,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## DEPRECATED `POST /api/pleroma/admin/users/:nickname/permission_group/:permission_group` +## DEPRECATED `POST /api/v1/pleroma/admin/users/:nickname/permission_group/:permission_group` ### Add user to permission group @@ -179,7 +174,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `{"error": "…"}` - On success: JSON of the user -## `POST /api/pleroma/admin/users/permission_group/:permission_group` +## `POST /api/v1/pleroma/admin/users/permission_group/:permission_group` ### Add users to permission group @@ -189,9 +184,9 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `{"error": "…"}` - On success: JSON of the user -## DEPRECATED `DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group` +## DEPRECATED `DELETE /api/v1/pleroma/admin/users/:nickname/permission_group/:permission_group` -## `DELETE /api/pleroma/admin/users/:nickname/permission_group/:permission_group` +## `DELETE /api/v1/pleroma/admin/users/:nickname/permission_group/:permission_group` ### Remove user from permission group @@ -201,7 +196,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On success: JSON of the user - Note: An admin cannot revoke their own admin status. -## `DELETE /api/pleroma/admin/users/permission_group/:permission_group` +## `DELETE /api/v1/pleroma/admin/users/permission_group/:permission_group` ### Remove users from permission group @@ -212,7 +207,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On success: JSON of the user - Note: An admin cannot revoke their own admin status. -## `PATCH /api/pleroma/admin/users/activate` +## `PATCH /api/v1/pleroma/admin/users/activate` ### Activate user @@ -230,7 +225,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `PATCH /api/pleroma/admin/users/deactivate` +## `PATCH /api/v1/pleroma/admin/users/deactivate` ### Deactivate user @@ -248,7 +243,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `PATCH /api/pleroma/admin/users/approve` +## `PATCH /api/v1/pleroma/admin/users/approve` ### Approve user @@ -266,7 +261,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `GET /api/pleroma/admin/users/:nickname_or_id` +## `GET /api/v1/pleroma/admin/users/:nickname_or_id` ### Retrive the details of a user @@ -276,7 +271,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `Not found` - On success: JSON of the user -## `GET /api/pleroma/admin/users/:nickname_or_id/statuses` +## `GET /api/v1/pleroma/admin/users/:nickname_or_id/statuses` ### Retrive user's latest statuses @@ -300,7 +295,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `GET /api/pleroma/admin/instances/:instance/statuses` +## `GET /api/v1/pleroma/admin/instances/:instance/statuses` ### Retrive instance's latest statuses @@ -324,7 +319,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `GET /api/pleroma/admin/statuses` +## `GET /api/v1/pleroma/admin/statuses` ### Retrives all latest statuses @@ -337,7 +332,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On failure: `Not found` - On success: JSON array of user's latest statuses -## `GET /api/pleroma/admin/relay` +## `GET /api/v1/pleroma/admin/relay` ### List Relays @@ -353,7 +348,7 @@ Response: ] ``` -## `POST /api/pleroma/admin/relay` +## `POST /api/v1/pleroma/admin/relay` ### Follow a Relay @@ -369,7 +364,7 @@ Response: {"actor": "https://example.com/relay", "followed_back": true} ``` -## `DELETE /api/pleroma/admin/relay` +## `DELETE /api/v1/pleroma/admin/relay` ### Unfollow a Relay @@ -385,7 +380,7 @@ Response: {"https://example.com/relay"} ``` -## `POST /api/pleroma/admin/users/invite_token` +## `POST /api/v1/pleroma/admin/users/invite_token` ### Create an account registration invite token @@ -406,7 +401,7 @@ Response: } ``` -## `GET /api/pleroma/admin/users/invites` +## `GET /api/v1/pleroma/admin/users/invites` ### Get a list of generated invites @@ -431,7 +426,7 @@ Response: } ``` -## `POST /api/pleroma/admin/users/revoke_invite` +## `POST /api/v1/pleroma/admin/users/revoke_invite` ### Revoke invite by token @@ -452,7 +447,7 @@ Response: } ``` -## `POST /api/pleroma/admin/users/email_invite` +## `POST /api/v1/pleroma/admin/users/email_invite` ### Sends registration invite via email @@ -473,7 +468,7 @@ Response: ] ``` -## `GET /api/pleroma/admin/users/:nickname/password_reset` +## `GET /api/v1/pleroma/admin/users/:nickname/password_reset` ### Get a password reset token for a given nickname @@ -484,11 +479,11 @@ Response: ```json { "token": "base64 reset token", - "link": "https://pleroma.social/api/pleroma/password_reset/url-encoded-base64-token" + "link": "https://pleroma.social/api/v1/pleroma/password_reset/url-encoded-base64-token" } ``` -## `PATCH /api/pleroma/admin/users/force_password_reset` +## `PATCH /api/v1/pleroma/admin/users/force_password_reset` ### Force passord reset for a user with a given nickname @@ -496,7 +491,7 @@ Response: - `nicknames` - Response: none (code `204`) -## PUT `/api/pleroma/admin/users/disable_mfa` +## PUT `/api/v1/pleroma/admin/users/disable_mfa` ### Disable mfa for user's account. @@ -504,7 +499,7 @@ Response: - `nickname` - Response: User’s nickname -## `GET /api/pleroma/admin/users/:nickname/credentials` +## `GET /api/v1/pleroma/admin/users/:nickname/credentials` ### Get the user's email, password, display and settings-related fields @@ -552,7 +547,7 @@ Response: } ``` -## `PATCH /api/pleroma/admin/users/:nickname/credentials` +## `PATCH /api/v1/pleroma/admin/users/:nickname/credentials` ### Change the user's email, password, display and settings-related fields @@ -603,7 +598,7 @@ Status: 404 {"error": "Not found"} ``` -## `GET /api/pleroma/admin/reports` +## `GET /api/v1/pleroma/admin/reports` ### Get a list of reports @@ -763,17 +758,17 @@ Status: 404 } ``` -## `GET /api/pleroma/admin/grouped_reports` +## `GET /api/v1/pleroma/admin/grouped_reports` ### Get a list of reports, grouped by status - Params: none - On success: JSON, returns a list of reports, where: - `date`: date of the latest report - - `account`: the user who has been reported (see `/api/pleroma/admin/reports` for reference) - - `status`: reported status (see `/api/pleroma/admin/reports` for reference) - - `actors`: users who had reported this status (see `/api/pleroma/admin/reports` for reference) - - `reports`: reports (see `/api/pleroma/admin/reports` for reference) + - `account`: the user who has been reported (see `/api/v1/pleroma/admin/reports` for reference) + - `status`: reported status (see `/api/v1/pleroma/admin/reports` for reference) + - `actors`: users who had reported this status (see `/api/v1/pleroma/admin/reports` for reference) + - `reports`: reports (see `/api/v1/pleroma/admin/reports` for reference) ```json "reports": [ @@ -787,7 +782,7 @@ Status: 404 ] ``` -## `GET /api/pleroma/admin/reports/:id` +## `GET /api/v1/pleroma/admin/reports/:id` ### Get an individual report @@ -799,7 +794,7 @@ Status: 404 - 404 Not Found `"Not found"` - On success: JSON, Report object (see above) -## `PATCH /api/pleroma/admin/reports` +## `PATCH /api/v1/pleroma/admin/reports` ### Change the state of one or multiple reports @@ -830,7 +825,7 @@ Status: 404 - On success: `204`, empty response -## `POST /api/pleroma/admin/reports/:id/notes` +## `POST /api/v1/pleroma/admin/reports/:id/notes` ### Create report note @@ -842,7 +837,7 @@ Status: 404 - 400 Bad Request `"Invalid parameters"` when `status` is missing - On success: `204`, empty response -## `DELETE /api/pleroma/admin/reports/:report_id/notes/:id` +## `DELETE /api/v1/pleroma/admin/reports/:report_id/notes/:id` ### Delete report note @@ -854,7 +849,7 @@ Status: 404 - 400 Bad Request `"Invalid parameters"` when `status` is missing - On success: `204`, empty response -## `GET /api/pleroma/admin/statuses/:id` +## `GET /api/v1/pleroma/admin/statuses/:id` ### Show status by id @@ -865,7 +860,7 @@ Status: 404 - 404 Not Found `"Not Found"` - On success: JSON, Mastodon Status entity -## `PUT /api/pleroma/admin/statuses/:id` +## `PUT /api/v1/pleroma/admin/statuses/:id` ### Change the scope of an individual reported status @@ -880,7 +875,7 @@ Status: 404 - 404 Not Found `"Not found"` - On success: JSON, Mastodon Status entity -## `DELETE /api/pleroma/admin/statuses/:id` +## `DELETE /api/v1/pleroma/admin/statuses/:id` ### Delete an individual reported status @@ -892,7 +887,7 @@ Status: 404 - 404 Not Found `"Not found"` - On success: 200 OK `{}` -## `GET /api/pleroma/admin/restart` +## `GET /api/v1/pleroma/admin/restart` ### Restarts pleroma application @@ -907,7 +902,7 @@ Status: 404 {} ``` -## `GET /api/pleroma/admin/need_reboot` +## `GET /api/v1/pleroma/admin/need_reboot` ### Returns the flag whether the pleroma should be restarted @@ -920,7 +915,7 @@ Status: 404 } ``` -## `GET /api/pleroma/admin/config` +## `GET /api/v1/pleroma/admin/config` ### Get list of merged default settings with saved in database. @@ -947,7 +942,7 @@ Status: 404 } ``` -## `POST /api/pleroma/admin/config` +## `POST /api/v1/pleroma/admin/config` ### Update config settings @@ -1096,7 +1091,7 @@ config :quack, } ``` -## ` GET /api/pleroma/admin/config/descriptions` +## ` GET /api/v1/pleroma/admin/config/descriptions` ### Get JSON with config descriptions. Loads json generated from `config/descriptions.exs`. @@ -1129,7 +1124,7 @@ Loads json generated from `config/descriptions.exs`. }] ``` -## `GET /api/pleroma/admin/moderation_log` +## `GET /api/v1/pleroma/admin/moderation_log` ### Get moderation log @@ -1159,7 +1154,7 @@ Loads json generated from `config/descriptions.exs`. ] ``` -## `POST /api/pleroma/admin/reload_emoji` +## `POST /api/v1/pleroma/admin/reload_emoji` ### Reload the instance's custom emoji @@ -1167,7 +1162,7 @@ Loads json generated from `config/descriptions.exs`. - Params: None - Response: JSON, "ok" and 200 status -## `PATCH /api/pleroma/admin/users/confirm_email` +## `PATCH /api/v1/pleroma/admin/users/confirm_email` ### Confirm users' emails @@ -1175,7 +1170,7 @@ Loads json generated from `config/descriptions.exs`. - `nicknames` - Response: Array of user nicknames -## `PATCH /api/pleroma/admin/users/resend_confirmation_email` +## `PATCH /api/v1/pleroma/admin/users/resend_confirmation_email` ### Resend confirmation email @@ -1183,13 +1178,13 @@ Loads json generated from `config/descriptions.exs`. - `nicknames` - Response: Array of user nicknames -## `GET /api/pleroma/admin/stats` +## `GET /api/v1/pleroma/admin/stats` ### Stats - Query Params: - *optional* `instance`: **string** instance hostname (without protocol) to get stats for -- Example: `https://mypleroma.org/api/pleroma/admin/stats?instance=lain.com` +- Example: `https://mypleroma.org/api/v1/pleroma/admin/stats?instance=lain.com` - Response: @@ -1204,7 +1199,7 @@ Loads json generated from `config/descriptions.exs`. } ``` -## `GET /api/pleroma/admin/oauth_app` +## `GET /api/v1/pleroma/admin/oauth_app` ### List OAuth app @@ -1236,7 +1231,7 @@ Loads json generated from `config/descriptions.exs`. ``` -## `POST /api/pleroma/admin/oauth_app` +## `POST /api/v1/pleroma/admin/oauth_app` ### Create OAuth App @@ -1269,7 +1264,7 @@ Loads json generated from `config/descriptions.exs`. } ``` -## `PATCH /api/pleroma/admin/oauth_app/:id` +## `PATCH /api/v1/pleroma/admin/oauth_app/:id` ### Update OAuth App @@ -1294,7 +1289,7 @@ Loads json generated from `config/descriptions.exs`. } ``` -## `DELETE /api/pleroma/admin/oauth_app/:id` +## `DELETE /api/v1/pleroma/admin/oauth_app/:id` ### Delete OAuth App @@ -1305,7 +1300,7 @@ Loads json generated from `config/descriptions.exs`. - On failure: - 400 Bad Request `"Invalid parameters"` when `status` is missing -## `GET /api/pleroma/admin/media_proxy_caches` +## `GET /api/v1/pleroma/admin/media_proxy_caches` ### Get a list of all banned MediaProxy URLs in Cachex @@ -1329,7 +1324,7 @@ Loads json generated from `config/descriptions.exs`. ``` -## `POST /api/pleroma/admin/media_proxy_caches/delete` +## `POST /api/v1/pleroma/admin/media_proxy_caches/delete` ### Remove a banned MediaProxy URL from Cachex @@ -1344,7 +1339,7 @@ Loads json generated from `config/descriptions.exs`. ``` -## `POST /api/pleroma/admin/media_proxy_caches/purge` +## `POST /api/v1/pleroma/admin/media_proxy_caches/purge` ### Purge a MediaProxy URL @@ -1360,7 +1355,7 @@ Loads json generated from `config/descriptions.exs`. ``` -## GET /api/pleroma/admin/users/:nickname/chats +## GET /api/v1/pleroma/admin/users/:nickname/chats ### List a user's chats @@ -1389,7 +1384,7 @@ Loads json generated from `config/descriptions.exs`. ] ``` -## GET /api/pleroma/admin/chats/:chat_id +## GET /api/v1/pleroma/admin/chats/:chat_id ### View a single chat @@ -1416,7 +1411,7 @@ Loads json generated from `config/descriptions.exs`. } ``` -## GET /api/pleroma/admin/chats/:chat_id/messages +## GET /api/v1/pleroma/admin/chats/:chat_id/messages ### List the messages in a chat @@ -1454,7 +1449,7 @@ Loads json generated from `config/descriptions.exs`. ] ``` -## DELETE /api/pleroma/admin/chats/:chat_id/messages/:message_id +## DELETE /api/v1/pleroma/admin/chats/:chat_id/messages/:message_id ### Delete a single message @@ -1481,7 +1476,7 @@ Loads json generated from `config/descriptions.exs`. } ``` -## `GET /api/pleroma/admin/instance_document/:document_name` +## `GET /api/v1/pleroma/admin/instance_document/:document_name` ### Get an instance document @@ -1495,7 +1490,7 @@ Returns the content of the document <h1>Instance panel</h1> ``` -## `PATCH /api/pleroma/admin/instance_document/:document_name` +## `PATCH /api/v1/pleroma/admin/instance_document/:document_name` - Params: - `file` (the file to be uploaded, using multipart form data.) @@ -1511,7 +1506,7 @@ Returns the content of the document } ``` -## `DELETE /api/pleroma/admin/instance_document/:document_name` +## `DELETE /api/v1/pleroma/admin/instance_document/:document_name` ### Delete an instance document @@ -1523,7 +1518,7 @@ Returns the content of the document } ``` -## `GET /api/pleroma/admin/frontends +## `GET /api/v1/pleroma/admin/frontends ### List available frontends @@ -1548,7 +1543,7 @@ Returns the content of the document ] ``` -## `POST /api/pleroma/admin/frontends/install` +## `POST /api/v1/pleroma/admin/frontends/install` ### Install a frontend diff --git a/docs/development/API/differences_in_mastoapi_responses.md b/docs/development/API/differences_in_mastoapi_responses.md index 38d70fa78..a14fcb416 100644 --- a/docs/development/API/differences_in_mastoapi_responses.md +++ b/docs/development/API/differences_in_mastoapi_responses.md @@ -39,6 +39,12 @@ Has these additional fields under the `pleroma` object: - `emoji_reactions`: A list with emoji / reaction maps. The format is `{name: "☕", count: 1, me: true}`. Contains no information about the reacting users, for that use the `/statuses/:id/reactions` endpoint. - `parent_visible`: If the parent of this post is visible to the user or not. +## Scheduled statuses + +Has these additional fields in `params`: + +- `expires_in`: the number of seconds the posted activity should expire in. + ## Media Attachments Has these additional fields under the `pleroma` object: @@ -92,12 +98,12 @@ Has these additional fields under the `pleroma` object: - `hide_followers_count`: boolean, true when the user has follower stat hiding enabled - `hide_follows_count`: boolean, true when the user has follow stat hiding enabled - `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `/api/v1/accounts/verify_credentials` and `/api/v1/accounts/update_credentials` -- `chat_token`: The token needed for Pleroma chat. Only returned in `/api/v1/accounts/verify_credentials` +- `chat_token`: The token needed for Pleroma shoutbox. Only returned in `/api/v1/accounts/verify_credentials` - `deactivated`: boolean, true when the user is deactivated - `allow_following_move`: boolean, true when the user allows automatically follow moved following accounts - `unread_conversation_count`: The count of unread conversations. Only returned to the account owner. - `unread_notifications_count`: The count of unread notifications. Only returned to the account owner. -- `notification_settings`: object, can be absent. See `/api/pleroma/notification_settings` for the parameters/keys returned. +- `notification_settings`: object, can be absent. See `/api/v1/pleroma/notification_settings` for the parameters/keys returned. - `accepts_chat_messages`: boolean, but can be null if we don't have that information about a user - `favicon`: nullable URL string, Favicon image of the user's instance diff --git a/docs/development/API/pleroma_api.md b/docs/development/API/pleroma_api.md index d8790ca32..d896f0ce7 100644 --- a/docs/development/API/pleroma_api.md +++ b/docs/development/API/pleroma_api.md @@ -4,7 +4,9 @@ Requests that require it can be authenticated with [an OAuth token](https://tool Request parameters can be passed via [query strings](https://en.wikipedia.org/wiki/Query_string) or as [form data](https://www.w3.org/TR/html401/interact/forms.html). Files must be uploaded as `multipart/form-data`. -## `/api/pleroma/emoji` +The `/api/v1/pleroma/*` path is backwards compatible with `/api/pleroma/*` (`/api/pleroma/*` will be deprecated in the future). + +## `/api/v1/pleroma/emoji` ### Lists the custom emoji on that server. * Method: `GET` * Authentication: not required @@ -35,7 +37,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi ``` * Note: Same data as Mastodon API’s `/api/v1/custom_emojis` but in a different format -## `/api/pleroma/follow_import` +## `/api/v1/pleroma/follow_import` ### Imports your follows, for example from a Mastodon CSV file. * Method: `POST` * Authentication: required @@ -44,7 +46,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: HTTP 200 on success, 500 on error * Note: Users that can't be followed are silently skipped. -## `/api/pleroma/blocks_import` +## `/api/v1/pleroma/blocks_import` ### Imports your blocks. * Method: `POST` * Authentication: required @@ -52,7 +54,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * `list`: STRING or FILE containing a whitespace-separated list of accounts to block * Response: HTTP 200 on success, 500 on error -## `/api/pleroma/mutes_import` +## `/api/v1/pleroma/mutes_import` ### Imports your mutes. * Method: `POST` * Authentication: required @@ -60,7 +62,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * `list`: STRING or FILE containing a whitespace-separated list of accounts to mute * Response: HTTP 200 on success, 500 on error -## `/api/pleroma/captcha` +## `/api/v1/pleroma/captcha` ### Get a new captcha * Method: `GET` * Authentication: not required @@ -68,7 +70,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: Provider specific JSON, the only guaranteed parameter is `type` * Example response: `{"type": "kocaptcha", "token": "whatever", "url": "https://captcha.kotobank.ch/endpoint", "seconds_valid": 300}` -## `/api/pleroma/delete_account` +## `/api/v1/pleroma/delete_account` ### Delete an account * Method `POST` * Authentication: required @@ -77,7 +79,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` -## `/api/pleroma/disable_account` +## `/api/v1/pleroma/disable_account` ### Disable an account * Method `POST` * Authentication: required @@ -86,21 +88,21 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` -## `/api/pleroma/accounts/mfa` +## `/api/v1/pleroma/accounts/mfa` #### Gets current MFA settings * method: `GET` * Authentication: required * OAuth scope: `read:security` * Response: JSON. Returns `{"enabled": "false", "totp": false }` -## `/api/pleroma/accounts/mfa/setup/totp` +## `/api/v1/pleroma/accounts/mfa/setup/totp` #### Pre-setup the MFA/TOTP method * method: `GET` * Authentication: required * OAuth scope: `write:security` * Response: JSON. Returns `{"key": [secret_key], "provisioning_uri": "[qr code uri]" }` when successful, otherwise returns HTTP 422 `{"error": "error_msg"}` -## `/api/pleroma/accounts/mfa/confirm/totp` +## `/api/v1/pleroma/accounts/mfa/confirm/totp` #### Confirms & enables MFA/TOTP support for user account. * method: `POST` * Authentication: required @@ -111,7 +113,7 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{}` if the enable was successful, HTTP 422 `{"error": "[error message]"}` otherwise -## `/api/pleroma/accounts/mfa/totp` +## `/api/v1/pleroma/accounts/mfa/totp` #### Disables MFA/TOTP method for user account. * method: `DELETE` * Authentication: required @@ -121,14 +123,14 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{}` if the disable was successful, HTTP 422 `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` -## `/api/pleroma/accounts/mfa/backup_codes` +## `/api/v1/pleroma/accounts/mfa/backup_codes` #### Generstes backup codes MFA for user account. * method: `GET` * Authentication: required * OAuth scope: `write:security` * Response: JSON. Returns `{"codes": codes}`when successful, otherwise HTTP 422 `{"error": "[error message]"}` -## `/api/pleroma/admin/` +## `/api/v1/pleroma/admin/` See [Admin-API](admin_api.md) ## `/api/v1/pleroma/notifications/read` @@ -298,7 +300,7 @@ See [Admin-API](admin_api.md) * Note: Behaves exactly the same as `POST /api/v1/upload`. Can only accept images - any attempt to upload non-image files will be met with `HTTP 415 Unsupported Media Type`. -## `/api/pleroma/notification_settings` +## `/api/v1/pleroma/notification_settings` ### Updates user notification settings * Method `PUT` * Authentication: required @@ -307,7 +309,7 @@ See [Admin-API](admin_api.md) * `hide_notification_contents`: BOOLEAN field. When set to true, it removes the contents of a message from the push notification. * Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}` -## `/api/pleroma/healthcheck` +## `/api/v1/pleroma/healthcheck` ### Healthcheck endpoint with additional system data. * Method `GET` * Authentication: not required @@ -325,7 +327,7 @@ See [Admin-API](admin_api.md) } ``` -## `/api/pleroma/change_email` +## `/api/v1/pleroma/change_email` ### Change account email * Method `POST` * Authentication: required @@ -378,7 +380,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Params: None * Response: JSON, returns a list of Mastodon Conversation entities that were marked as read (200 - healthy, 503 unhealthy). -## `GET /api/pleroma/emoji/pack?name=:name` +## `GET /api/v1/pleroma/emoji/pack?name=:name` ### Get pack.json for the pack @@ -397,7 +399,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa } ``` -## `POST /api/pleroma/emoji/pack?name=:name` +## `POST /api/v1/pleroma/emoji/pack?name=:name` ### Creates an empty pack @@ -407,7 +409,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `name`: pack name * Response: JSON, "ok" and 200 status or 409 if the pack with that name already exists -## `PATCH /api/pleroma/emoji/pack?name=:name` +## `PATCH /api/v1/pleroma/emoji/pack?name=:name` ### Updates (replaces) pack metadata @@ -425,7 +427,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Response: JSON, updated "metadata" section of the pack and 200 status or 400 if there was a problem with the new metadata (the error is specified in the "error" part of the response JSON) -## `DELETE /api/pleroma/emoji/pack?name=:name` +## `DELETE /api/v1/pleroma/emoji/pack?name=:name` ### Delete a custom emoji pack @@ -435,7 +437,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `name`: pack name * Response: JSON, "ok" and 200 status or 500 if there was an error deleting the pack -## `GET /api/pleroma/emoji/packs/import` +## `GET /api/v1/pleroma/emoji/packs/import` ### Imports packs from filesystem @@ -444,7 +446,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Params: None * Response: JSON, returns a list of imported packs. -## `GET /api/pleroma/emoji/packs/remote` +## `GET /api/v1/pleroma/emoji/packs/remote` ### Make request to another instance for packs list @@ -456,7 +458,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `page_size`: page size for packs (default 50) * Response: JSON with the pack list, hashmap with pack name and pack contents -## `POST /api/pleroma/emoji/packs/download` +## `POST /api/v1/pleroma/emoji/packs/download` ### Download pack from another instance @@ -469,7 +471,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * Response: JSON, "ok" with 200 status if the pack was downloaded, or 500 if there were errors downloading the pack -## `POST /api/pleroma/emoji/packs/files?name=:name` +## `POST /api/v1/pleroma/emoji/packs/files?name=:name` ### Add new file to the pack @@ -482,7 +484,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `filename`: (*optional*) new emoji file name. If not specified will be taken from original filename. * Response: JSON, list of files for updated pack (hashmap -> shortcode => filename) with status 200, either error status with error message. -## `PATCH /api/pleroma/emoji/packs/files?name=:name` +## `PATCH /api/v1/pleroma/emoji/packs/files?name=:name` ### Update emoji file from pack @@ -496,7 +498,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `force`: (*optional*) with true value to overwrite existing emoji with new shortcode * Response: JSON, list with updated files for updated pack (hashmap -> shortcode => filename) with status 200, either error status with error message. -## `DELETE /api/pleroma/emoji/packs/files?name=:name` +## `DELETE /api/v1/pleroma/emoji/packs/files?name=:name` ### Delete emoji file from pack @@ -507,7 +509,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa * `shortcode`: emoji file shortcode * Response: JSON, list with updated files for updated pack (hashmap -> shortcode => filename) with status 200, either error status with error message. -## `GET /api/pleroma/emoji/packs` +## `GET /api/v1/pleroma/emoji/packs` ### Lists local custom emoji packs @@ -528,7 +530,7 @@ The status posting endpoint takes an additional parameter, `in_reply_to_conversa } ``` -## `GET /api/pleroma/emoji/packs/archive?name=:name` +## `GET /api/v1/pleroma/emoji/packs/archive?name=:name` ### Requests a local pack archive from the instance diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index f36b33c32..42e264e65 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -150,7 +150,7 @@ su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate" # su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/" # Start the instance to verify that everything is working as expected -su pleroma -s $SHELL -lc "export $(cat /opt/pleroma/config/pleroma.env); ./bin/pleroma daemon" +su pleroma -s $SHELL -lc "./bin/pleroma daemon" # Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly sleep 20 && curl http://localhost:4000/api/v1/instance diff --git a/lib/mix/tasks/pleroma/ecto/rollback.ex b/lib/mix/tasks/pleroma/ecto/rollback.ex index 2b1d48048..025ebaf19 100644 --- a/lib/mix/tasks/pleroma/ecto/rollback.ex +++ b/lib/mix/tasks/pleroma/ecto/rollback.ex @@ -20,7 +20,8 @@ defmodule Mix.Tasks.Pleroma.Ecto.Rollback do start: :boolean, quiet: :boolean, log_sql: :boolean, - migrations_path: :string + migrations_path: :string, + env: :string ] @moduledoc """ @@ -59,7 +60,7 @@ defmodule Mix.Tasks.Pleroma.Ecto.Rollback do level = Logger.level() Logger.configure(level: :info) - if Pleroma.Config.get(:env) == :test do + if opts[:env] == "test" do Logger.info("Rollback succesfully") else {:ok, _, _} = diff --git a/lib/pleroma/application.ex b/lib/pleroma/application.ex index 375507de1..c853a2bb4 100644 --- a/lib/pleroma/application.ex +++ b/lib/pleroma/application.ex @@ -97,13 +97,13 @@ defmodule Pleroma.Application do Pleroma.Stats, Pleroma.JobQueueMonitor, {Majic.Pool, [name: Pleroma.MajicPool, pool_size: Config.get([:majic_pool, :size], 2)]}, - {Oban, Config.get(Oban)} + {Oban, Config.get(Oban)}, + Pleroma.Web.Endpoint ] ++ task_children(@mix_env) ++ dont_run_in_test(@mix_env) ++ chat_child(chat_enabled?()) ++ [ - Pleroma.Web.Endpoint, Pleroma.Gopher.Server ] diff --git a/lib/pleroma/config.ex b/lib/pleroma/config.ex index f17e14128..2e15a3719 100644 --- a/lib/pleroma/config.ex +++ b/lib/pleroma/config.ex @@ -99,16 +99,4 @@ defmodule Pleroma.Config do def oauth_consumer_strategies, do: get([:auth, :oauth_consumer_strategies], []) def oauth_consumer_enabled?, do: oauth_consumer_strategies() != [] - - def enforce_oauth_admin_scope_usage?, do: !!get([:auth, :enforce_oauth_admin_scope_usage]) - - def oauth_admin_scopes(scopes) when is_list(scopes) do - Enum.flat_map( - scopes, - fn scope -> - ["admin:#{scope}"] ++ - if enforce_oauth_admin_scope_usage?(), do: [], else: [scope] - end - ) - end end diff --git a/lib/pleroma/constants.ex b/lib/pleroma/constants.ex index a40741ba6..9ee836d5d 100644 --- a/lib/pleroma/constants.ex +++ b/lib/pleroma/constants.ex @@ -18,7 +18,8 @@ defmodule Pleroma.Constants do "emoji", "context_id", "deleted_activity_id", - "pleroma_internal" + "pleroma_internal", + "application" ] ) diff --git a/lib/pleroma/stats.ex b/lib/pleroma/stats.ex index b096a9b1e..3e3f24c2c 100644 --- a/lib/pleroma/stats.ex +++ b/lib/pleroma/stats.ex @@ -23,7 +23,11 @@ defmodule Pleroma.Stats do @impl true def init(_args) do - {:ok, nil, {:continue, :calculate_stats}} + if Pleroma.Config.get(:env) != :test do + {:ok, nil, {:continue, :calculate_stats}} + else + {:ok, calculate_stat_data()} + end end @doc "Performs update stats" diff --git a/lib/pleroma/upload/filter/exiftool.ex b/lib/pleroma/upload/filter/exiftool.ex index 2dbde540d..a2bfbbf61 100644 --- a/lib/pleroma/upload/filter/exiftool.ex +++ b/lib/pleroma/upload/filter/exiftool.ex @@ -11,7 +11,8 @@ defmodule Pleroma.Upload.Filter.Exiftool do @spec filter(Pleroma.Upload.t()) :: {:ok, any()} | {:error, String.t()} - # webp is not compatible with exiftool at this time + # Formats not compatible with exiftool at this time + def filter(%Pleroma.Upload{content_type: "image/heic"}), do: {:ok, :noop} def filter(%Pleroma.Upload{content_type: "image/webp"}), do: {:ok, :noop} def filter(%Pleroma.Upload{tempfile: file, content_type: "image" <> _}) do @@ -21,8 +22,8 @@ defmodule Pleroma.Upload.Filter.Exiftool do {error, 1} -> {:error, error} end rescue - _e in ErlangError -> - {:error, "exiftool command not found"} + e in ErlangError -> + {:error, "#{__MODULE__}: #{inspect(e)}"} end end diff --git a/lib/pleroma/upload/filter/mogrifun.ex b/lib/pleroma/upload/filter/mogrifun.ex index 9abdd2d51..01126aaeb 100644 --- a/lib/pleroma/upload/filter/mogrifun.ex +++ b/lib/pleroma/upload/filter/mogrifun.ex @@ -44,8 +44,8 @@ defmodule Pleroma.Upload.Filter.Mogrifun do Filter.Mogrify.do_filter(file, [Enum.random(@filters)]) {:ok, :filtered} rescue - _e in ErlangError -> - {:error, "mogrify command not found"} + e in ErlangError -> + {:error, "#{__MODULE__}: #{inspect(e)}"} end end diff --git a/lib/pleroma/upload/filter/mogrify.ex b/lib/pleroma/upload/filter/mogrify.ex index 4bca4f5ca..f27aefc22 100644 --- a/lib/pleroma/upload/filter/mogrify.ex +++ b/lib/pleroma/upload/filter/mogrify.ex @@ -14,8 +14,8 @@ defmodule Pleroma.Upload.Filter.Mogrify do do_filter(file, Pleroma.Config.get!([__MODULE__, :args])) {:ok, :filtered} rescue - _e in ErlangError -> - {:error, "mogrify command not found"} + e in ErlangError -> + {:error, "#{__MODULE__}: #{inspect(e)}"} end end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 51f5bc8ea..9942617d8 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -147,6 +147,7 @@ defmodule Pleroma.User do field(:shared_inbox, :string) field(:accepts_chat_messages, :boolean, default: nil) field(:last_active_at, :naive_datetime) + field(:disclose_client, :boolean, default: true) embeds_one( :notification_settings, @@ -513,7 +514,8 @@ defmodule Pleroma.User do :pleroma_settings_store, :is_discoverable, :actor_type, - :accepts_chat_messages + :accepts_chat_messages, + :disclose_client ] ) |> unique_constraint(:nickname) diff --git a/lib/pleroma/web.ex b/lib/pleroma/web.ex index c3aa39492..8630f244b 100644 --- a/lib/pleroma/web.ex +++ b/lib/pleroma/web.ex @@ -63,7 +63,8 @@ defmodule Pleroma.Web do # Executed just before actual controller action, invokes before-action hooks (callbacks) defp action(conn, params) do - with %{halted: false} = conn <- maybe_drop_authentication_if_oauth_check_ignored(conn), + with %{halted: false} = conn <- + maybe_drop_authentication_if_oauth_check_ignored(conn), %{halted: false} = conn <- maybe_perform_public_or_authenticated_check(conn), %{halted: false} = conn <- maybe_perform_authenticated_check(conn), %{halted: false} = conn <- maybe_halt_on_missing_oauth_scopes_check(conn) do @@ -232,4 +233,16 @@ defmodule Pleroma.Web do def base_url do Pleroma.Web.Endpoint.url() end + + # TODO: Change to Phoenix.Router.routes/1 for Phoenix 1.6.0+ + def get_api_routes do + Pleroma.Web.Router.__routes__() + |> Enum.reject(fn r -> r.plug == Pleroma.Web.Fallback.RedirectController end) + |> Enum.map(fn r -> + r.path + |> String.split("/", trim: true) + |> List.first() + end) + |> Enum.uniq() + end end diff --git a/lib/pleroma/web/activity_pub/object_validators/audio_video_validator.ex b/lib/pleroma/web/activity_pub/object_validators/audio_video_validator.ex index b3e738d8d..4a96fef52 100644 --- a/lib/pleroma/web/activity_pub/object_validators/audio_video_validator.ex +++ b/lib/pleroma/web/activity_pub/object_validators/audio_video_validator.ex @@ -70,19 +70,33 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AudioVideoValidator do |> changeset(data) end - defp fix_url(%{"url" => url} = data) when is_list(url) do - attachment = - Enum.find(url, fn x -> - mime_type = x["mimeType"] || x["mediaType"] || "" - - is_map(x) and String.starts_with?(mime_type, ["video/", "audio/"]) + defp find_attachment(url) do + mpeg_url = + Enum.find(url, fn + %{"mediaType" => mime_type, "tag" => tags} when is_list(tags) -> + mime_type == "application/x-mpegURL" + + _ -> + false end) - link_element = - Enum.find(url, fn x -> - mime_type = x["mimeType"] || x["mediaType"] || "" + url + |> Enum.concat(mpeg_url["tag"] || []) + |> Enum.find(fn + %{"mediaType" => mime_type} -> String.starts_with?(mime_type, ["video/", "audio/"]) + %{"mimeType" => mime_type} -> String.starts_with?(mime_type, ["video/", "audio/"]) + _ -> false + end) + end - is_map(x) and mime_type == "text/html" + defp fix_url(%{"url" => url} = data) when is_list(url) do + attachment = find_attachment(url) + + link_element = + Enum.find(url, fn + %{"mediaType" => "text/html"} -> true + %{"mimeType" => "text/html"} -> true + _ -> false end) data diff --git a/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex b/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex index d581df4a2..839ac1a8d 100644 --- a/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/admin_api_controller.ex @@ -25,13 +25,13 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do plug( OAuthScopesPlug, - %{scopes: ["read:accounts"], admin: true} + %{scopes: ["admin:read:accounts"]} when action in [:right_get, :show_user_credentials, :create_backup] ) plug( OAuthScopesPlug, - %{scopes: ["write:accounts"], admin: true} + %{scopes: ["admin:write:accounts"]} when action in [ :get_password_reset, :force_password_reset, @@ -48,19 +48,19 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do plug( OAuthScopesPlug, - %{scopes: ["read:statuses"], admin: true} + %{scopes: ["admin:read:statuses"]} when action in [:list_user_statuses, :list_instance_statuses] ) plug( OAuthScopesPlug, - %{scopes: ["read:chats"], admin: true} + %{scopes: ["admin:read:chats"]} when action in [:list_user_chats] ) plug( OAuthScopesPlug, - %{scopes: ["read"], admin: true} + %{scopes: ["admin:read"]} when action in [ :list_log, :stats, @@ -70,7 +70,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do plug( OAuthScopesPlug, - %{scopes: ["write"], admin: true} + %{scopes: ["admin:write"]} when action in [ :restart, :resend_confirmation_email, diff --git a/lib/pleroma/web/admin_api/controllers/chat_controller.ex b/lib/pleroma/web/admin_api/controllers/chat_controller.ex index 3761a588a..ff20c8604 100644 --- a/lib/pleroma/web/admin_api/controllers/chat_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/chat_controller.ex @@ -21,12 +21,12 @@ defmodule Pleroma.Web.AdminAPI.ChatController do plug( OAuthScopesPlug, - %{scopes: ["read:chats"], admin: true} when action in [:show, :messages] + %{scopes: ["admin:read:chats"]} when action in [:show, :messages] ) plug( OAuthScopesPlug, - %{scopes: ["write:chats"], admin: true} when action in [:delete_message] + %{scopes: ["admin:write:chats"]} when action in [:delete_message] ) action_fallback(Pleroma.Web.AdminAPI.FallbackController) diff --git a/lib/pleroma/web/admin_api/controllers/config_controller.ex b/lib/pleroma/web/admin_api/controllers/config_controller.ex index 4ebf2a305..a718d7b8d 100644 --- a/lib/pleroma/web/admin_api/controllers/config_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/config_controller.ex @@ -10,11 +10,11 @@ defmodule Pleroma.Web.AdminAPI.ConfigController do alias Pleroma.Web.Plugs.OAuthScopesPlug plug(Pleroma.Web.ApiSpec.CastAndValidate) - plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :update) + plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action == :update) plug( OAuthScopesPlug, - %{scopes: ["read"], admin: true} + %{scopes: ["admin:read"]} when action in [:show, :descriptions] ) diff --git a/lib/pleroma/web/admin_api/controllers/frontend_controller.ex b/lib/pleroma/web/admin_api/controllers/frontend_controller.ex index 20472a55e..722f51bd2 100644 --- a/lib/pleroma/web/admin_api/controllers/frontend_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/frontend_controller.ex @@ -9,8 +9,8 @@ defmodule Pleroma.Web.AdminAPI.FrontendController do alias Pleroma.Web.Plugs.OAuthScopesPlug plug(Pleroma.Web.ApiSpec.CastAndValidate) - plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :install) - plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :index) + plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action == :install) + plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :index) action_fallback(Pleroma.Web.AdminAPI.FallbackController) defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.FrontendOperation diff --git a/lib/pleroma/web/admin_api/controllers/instance_document_controller.ex b/lib/pleroma/web/admin_api/controllers/instance_document_controller.ex index ef00d3417..a55857a0e 100644 --- a/lib/pleroma/web/admin_api/controllers/instance_document_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/instance_document_controller.ex @@ -15,8 +15,8 @@ defmodule Pleroma.Web.AdminAPI.InstanceDocumentController do defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation - plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :show) - plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action in [:update, :delete]) + plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :show) + plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action in [:update, :delete]) def show(conn, %{name: document_name}) do with {:ok, url} <- InstanceDocument.get(document_name), diff --git a/lib/pleroma/web/admin_api/controllers/invite_controller.ex b/lib/pleroma/web/admin_api/controllers/invite_controller.ex index 3f233a0c4..727ebd846 100644 --- a/lib/pleroma/web/admin_api/controllers/invite_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/invite_controller.ex @@ -14,11 +14,11 @@ defmodule Pleroma.Web.AdminAPI.InviteController do require Logger plug(Pleroma.Web.ApiSpec.CastAndValidate) - plug(OAuthScopesPlug, %{scopes: ["read:invites"], admin: true} when action == :index) + plug(OAuthScopesPlug, %{scopes: ["admin:read:invites"]} when action == :index) plug( OAuthScopesPlug, - %{scopes: ["write:invites"], admin: true} when action in [:create, :revoke, :email] + %{scopes: ["admin:write:invites"]} when action in [:create, :revoke, :email] ) action_fallback(Pleroma.Web.AdminAPI.FallbackController) diff --git a/lib/pleroma/web/admin_api/controllers/media_proxy_cache_controller.ex b/lib/pleroma/web/admin_api/controllers/media_proxy_cache_controller.ex index 3564738af..a6d7aaf54 100644 --- a/lib/pleroma/web/admin_api/controllers/media_proxy_cache_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/media_proxy_cache_controller.ex @@ -15,12 +15,12 @@ defmodule Pleroma.Web.AdminAPI.MediaProxyCacheController do plug( OAuthScopesPlug, - %{scopes: ["read:media_proxy_caches"], admin: true} when action in [:index] + %{scopes: ["admin:read:media_proxy_caches"]} when action in [:index] ) plug( OAuthScopesPlug, - %{scopes: ["write:media_proxy_caches"], admin: true} when action in [:purge, :delete] + %{scopes: ["admin:write:media_proxy_caches"]} when action in [:purge, :delete] ) action_fallback(Pleroma.Web.AdminAPI.FallbackController) diff --git a/lib/pleroma/web/admin_api/controllers/o_auth_app_controller.ex b/lib/pleroma/web/admin_api/controllers/o_auth_app_controller.ex index 2bd2b3644..005fe67e2 100644 --- a/lib/pleroma/web/admin_api/controllers/o_auth_app_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/o_auth_app_controller.ex @@ -17,7 +17,7 @@ defmodule Pleroma.Web.AdminAPI.OAuthAppController do plug( OAuthScopesPlug, - %{scopes: ["write"], admin: true} + %{scopes: ["admin:write"]} when action in [:create, :index, :update, :delete] ) diff --git a/lib/pleroma/web/admin_api/controllers/relay_controller.ex b/lib/pleroma/web/admin_api/controllers/relay_controller.ex index 18443e74e..c6bd43fea 100644 --- a/lib/pleroma/web/admin_api/controllers/relay_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/relay_controller.ex @@ -15,11 +15,11 @@ defmodule Pleroma.Web.AdminAPI.RelayController do plug( OAuthScopesPlug, - %{scopes: ["write:follows"], admin: true} + %{scopes: ["admin:write:follows"]} when action in [:follow, :unfollow] ) - plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :index) + plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :index) action_fallback(Pleroma.Web.AdminAPI.FallbackController) diff --git a/lib/pleroma/web/admin_api/controllers/report_controller.ex b/lib/pleroma/web/admin_api/controllers/report_controller.ex index abc068a3f..d4a4935ee 100644 --- a/lib/pleroma/web/admin_api/controllers/report_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/report_controller.ex @@ -19,11 +19,11 @@ defmodule Pleroma.Web.AdminAPI.ReportController do require Logger plug(Pleroma.Web.ApiSpec.CastAndValidate) - plug(OAuthScopesPlug, %{scopes: ["read:reports"], admin: true} when action in [:index, :show]) + plug(OAuthScopesPlug, %{scopes: ["admin:read:reports"]} when action in [:index, :show]) plug( OAuthScopesPlug, - %{scopes: ["write:reports"], admin: true} + %{scopes: ["admin:write:reports"]} when action in [:update, :notes_create, :notes_delete] ) diff --git a/lib/pleroma/web/admin_api/controllers/status_controller.ex b/lib/pleroma/web/admin_api/controllers/status_controller.ex index 903badec0..7058def82 100644 --- a/lib/pleroma/web/admin_api/controllers/status_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/status_controller.ex @@ -15,11 +15,11 @@ defmodule Pleroma.Web.AdminAPI.StatusController do require Logger plug(Pleroma.Web.ApiSpec.CastAndValidate) - plug(OAuthScopesPlug, %{scopes: ["read:statuses"], admin: true} when action in [:index, :show]) + plug(OAuthScopesPlug, %{scopes: ["admin:read:statuses"]} when action in [:index, :show]) plug( OAuthScopesPlug, - %{scopes: ["write:statuses"], admin: true} when action in [:update, :delete] + %{scopes: ["admin:write:statuses"]} when action in [:update, :delete] ) action_fallback(Pleroma.Web.AdminAPI.FallbackController) diff --git a/lib/pleroma/web/admin_api/controllers/user_controller.ex b/lib/pleroma/web/admin_api/controllers/user_controller.ex index a18b9f8d5..65bc63cb9 100644 --- a/lib/pleroma/web/admin_api/controllers/user_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/user_controller.ex @@ -21,13 +21,13 @@ defmodule Pleroma.Web.AdminAPI.UserController do plug( OAuthScopesPlug, - %{scopes: ["read:accounts"], admin: true} + %{scopes: ["admin:read:accounts"]} when action in [:list, :show] ) plug( OAuthScopesPlug, - %{scopes: ["write:accounts"], admin: true} + %{scopes: ["admin:write:accounts"]} when action in [ :delete, :create, @@ -40,7 +40,7 @@ defmodule Pleroma.Web.AdminAPI.UserController do plug( OAuthScopesPlug, - %{scopes: ["write:follows"], admin: true} + %{scopes: ["admin:write:follows"]} when action in [:follow, :unfollow] ) diff --git a/lib/pleroma/web/api_spec.ex b/lib/pleroma/web/api_spec.ex index b16068f7b..adc8762dc 100644 --- a/lib/pleroma/web/api_spec.ex +++ b/lib/pleroma/web/api_spec.ex @@ -85,7 +85,7 @@ defmodule Pleroma.Web.ApiSpec do "name" => "Administration", "tags" => [ "Chat administration", - "Emoji packs", + "Emoji pack administration", "Frontend managment", "Instance configuration", "Instance documents", @@ -127,7 +127,7 @@ defmodule Pleroma.Web.ApiSpec do "Status actions" ] }, - %{"name" => "Miscellaneous", "tags" => ["Reports", "Suggestions"]} + %{"name" => "Miscellaneous", "tags" => ["Emoji packs", "Reports", "Suggestions"]} ] } } diff --git a/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex b/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex index cbe4b8972..57906445e 100644 --- a/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/chat_operation.ex @@ -33,7 +33,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do }, security: [ %{ - "oAuth" => ["write:chats"] + "oAuth" => ["admin:write:chats"] } ] } @@ -57,7 +57,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do }, security: [ %{ - "oAuth" => ["read:chats"] + "oAuth" => ["admin:read:chats"] } ] } @@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ChatOperation do }, security: [ %{ - "oAuth" => ["read"] + "oAuth" => ["admin:read"] } ] } diff --git a/lib/pleroma/web/api_spec/operations/admin/config_operation.ex b/lib/pleroma/web/api_spec/operations/admin/config_operation.ex index b8ccc1d00..30c3433b7 100644 --- a/lib/pleroma/web/api_spec/operations/admin/config_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/config_operation.ex @@ -28,7 +28,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do ) | admin_api_params() ], - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], responses: %{ 200 => Operation.response("Config", "application/json", config_response()), 400 => Operation.response("Bad Request", "application/json", ApiError) @@ -41,7 +41,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do tags: ["Instance configuration"], summary: "Update instance configuration", operationId: "AdminAPI.ConfigController.update", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: admin_api_params(), requestBody: request_body("Parameters", %Schema{ @@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ConfigOperation do tags: ["Instance configuration"], summary: "Retrieve config description", operationId: "AdminAPI.ConfigController.descriptions", - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], parameters: admin_api_params(), responses: %{ 200 => diff --git a/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex b/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex index b149becf9..566f1eeb1 100644 --- a/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/frontend_operation.ex @@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.FrontendOperation do tags: ["Frontend managment"], summary: "Retrieve a list of available frontends", operationId: "AdminAPI.FrontendController.index", - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], responses: %{ 200 => Operation.response("Response", "application/json", list_of_frontends()), 403 => Operation.response("Forbidden", "application/json", ApiError) @@ -32,7 +32,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.FrontendOperation do tags: ["Frontend managment"], summary: "Install a frontend", operationId: "AdminAPI.FrontendController.install", - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], requestBody: request_body("Parameters", install_request(), required: true), responses: %{ 200 => Operation.response("Response", "application/json", list_of_frontends()), diff --git a/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex b/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex index 3e89abfb5..79ceae970 100644 --- a/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/instance_document_operation.ex @@ -18,7 +18,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do tags: ["Instance documents"], summary: "Retrieve an instance document", operationId: "AdminAPI.InstanceDocumentController.show", - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], parameters: [ Operation.parameter(:name, :path, %Schema{type: :string}, "The document name", required: true @@ -39,7 +39,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do tags: ["Instance documents"], summary: "Update an instance document", operationId: "AdminAPI.InstanceDocumentController.update", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: Helpers.request_body("Parameters", update_request()), parameters: [ Operation.parameter(:name, :path, %Schema{type: :string}, "The document name", @@ -77,7 +77,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation do tags: ["Instance documents"], summary: "Delete an instance document", operationId: "AdminAPI.InstanceDocumentController.delete", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [ Operation.parameter(:name, :path, %Schema{type: :string}, "The document name", required: true diff --git a/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex b/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex index 60d69c767..704f082ba 100644 --- a/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/invite_operation.ex @@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do tags: ["Invites"], summary: "Get a list of generated invites", operationId: "AdminAPI.InviteController.index", - security: [%{"oAuth" => ["read:invites"]}], + security: [%{"oAuth" => ["admin:read:invites"]}], parameters: admin_api_params(), responses: %{ 200 => @@ -51,7 +51,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do tags: ["Invites"], summary: "Create an account registration invite token", operationId: "AdminAPI.InviteController.create", - security: [%{"oAuth" => ["write:invites"]}], + security: [%{"oAuth" => ["admin:write:invites"]}], parameters: admin_api_params(), requestBody: request_body("Parameters", %Schema{ @@ -72,7 +72,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do tags: ["Invites"], summary: "Revoke invite by token", operationId: "AdminAPI.InviteController.revoke", - security: [%{"oAuth" => ["write:invites"]}], + security: [%{"oAuth" => ["admin:write:invites"]}], parameters: admin_api_params(), requestBody: request_body( @@ -99,7 +99,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteOperation do tags: ["Invites"], summary: "Sends registration invite via email", operationId: "AdminAPI.InviteController.email", - security: [%{"oAuth" => ["write:invites"]}], + security: [%{"oAuth" => ["admin:write:invites"]}], parameters: admin_api_params(), requestBody: request_body( diff --git a/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex b/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex index 675504ee0..8f85ebf2d 100644 --- a/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/media_proxy_cache_operation.ex @@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do tags: ["MediaProxy cache"], summary: "Retrieve a list of banned MediaProxy URLs", operationId: "AdminAPI.MediaProxyCacheController.index", - security: [%{"oAuth" => ["read:media_proxy_caches"]}], + security: [%{"oAuth" => ["admin:read:media_proxy_caches"]}], parameters: [ Operation.parameter( :query, @@ -71,7 +71,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do tags: ["MediaProxy cache"], summary: "Remove a banned MediaProxy URL", operationId: "AdminAPI.MediaProxyCacheController.delete", - security: [%{"oAuth" => ["write:media_proxy_caches"]}], + security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}], parameters: admin_api_params(), requestBody: request_body( @@ -97,7 +97,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.MediaProxyCacheOperation do tags: ["MediaProxy cache"], summary: "Purge a URL from MediaProxy cache and optionally ban it", operationId: "AdminAPI.MediaProxyCacheController.purge", - security: [%{"oAuth" => ["write:media_proxy_caches"]}], + security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}], parameters: admin_api_params(), requestBody: request_body( diff --git a/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex b/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex index 2f3bee4f0..35b029b19 100644 --- a/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/o_auth_app_operation.ex @@ -19,7 +19,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do summary: "Retrieve a list of OAuth applications", tags: ["OAuth application managment"], operationId: "AdminAPI.OAuthAppController.index", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [ Operation.parameter(:name, :query, %Schema{type: :string}, "App name"), Operation.parameter(:client_id, :query, %Schema{type: :string}, "Client ID"), @@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do operationId: "AdminAPI.OAuthAppController.create", requestBody: request_body("Parameters", create_request()), parameters: admin_api_params(), - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], responses: %{ 200 => Operation.response("App", "application/json", oauth_app()), 400 => Operation.response("Bad Request", "application/json", ApiError) @@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do summary: "Update OAuth application", operationId: "AdminAPI.OAuthAppController.update", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: request_body("Parameters", update_request()), responses: %{ 200 => Operation.response("App", "application/json", oauth_app()), @@ -106,7 +106,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.OAuthAppOperation do summary: "Delete OAuth application", operationId: "AdminAPI.OAuthAppController.delete", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], responses: %{ 204 => no_content_response(), 400 => no_content_response() diff --git a/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex b/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex index c47f18f0c..c55c84fee 100644 --- a/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/relay_operation.ex @@ -18,7 +18,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do tags: ["Relays"], summary: "Retrieve a list of relays", operationId: "AdminAPI.RelayController.index", - security: [%{"oAuth" => ["read"]}], + security: [%{"oAuth" => ["admin:read"]}], parameters: admin_api_params(), responses: %{ 200 => @@ -40,7 +40,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do tags: ["Relays"], summary: "Follow a relay", operationId: "AdminAPI.RelayController.follow", - security: [%{"oAuth" => ["write:follows"]}], + security: [%{"oAuth" => ["admin:write:follows"]}], parameters: admin_api_params(), requestBody: request_body("Parameters", relay_url()), responses: %{ @@ -54,7 +54,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.RelayOperation do tags: ["Relays"], summary: "Unfollow a relay", operationId: "AdminAPI.RelayController.unfollow", - security: [%{"oAuth" => ["write:follows"]}], + security: [%{"oAuth" => ["admin:write:follows"]}], parameters: admin_api_params(), requestBody: request_body("Parameters", relay_unfollow()), responses: %{ diff --git a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex index 30e56366e..8d7577505 100644 --- a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex @@ -22,7 +22,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do tags: ["Report managment"], summary: "Retrieve a list of reports", operationId: "AdminAPI.ReportController.index", - security: [%{"oAuth" => ["read:reports"]}], + security: [%{"oAuth" => ["admin:read:reports"]}], parameters: [ Operation.parameter( :state, @@ -73,7 +73,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do summary: "Retrieve a report", operationId: "AdminAPI.ReportController.show", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["read:reports"]}], + security: [%{"oAuth" => ["admin:read:reports"]}], responses: %{ 200 => Operation.response("Report", "application/json", report()), 404 => Operation.response("Not Found", "application/json", ApiError) @@ -86,7 +86,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do tags: ["Report managment"], summary: "Change state of specified reports", operationId: "AdminAPI.ReportController.update", - security: [%{"oAuth" => ["write:reports"]}], + security: [%{"oAuth" => ["admin:write:reports"]}], parameters: admin_api_params(), requestBody: request_body("Parameters", update_request(), required: true), responses: %{ @@ -110,7 +110,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do content: %Schema{type: :string, description: "The message"} } }), - security: [%{"oAuth" => ["write:reports"]}], + security: [%{"oAuth" => ["admin:write:reports"]}], responses: %{ 204 => no_content_response(), 404 => Operation.response("Not Found", "application/json", ApiError) @@ -128,7 +128,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do Operation.parameter(:id, :path, :string, "Note ID") | admin_api_params() ], - security: [%{"oAuth" => ["write:reports"]}], + security: [%{"oAuth" => ["admin:write:reports"]}], responses: %{ 204 => no_content_response(), 404 => Operation.response("Not Found", "application/json", ApiError) diff --git a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex index bbfbd8f93..d25ab5247 100644 --- a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex @@ -24,7 +24,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do tags: ["Status administration"], operationId: "AdminAPI.StatusController.index", summary: "Get all statuses", - security: [%{"oAuth" => ["read:statuses"]}], + security: [%{"oAuth" => ["admin:read:statuses"]}], parameters: [ Operation.parameter( :godmode, @@ -74,7 +74,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do summary: "Get status", operationId: "AdminAPI.StatusController.show", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["read:statuses"]}], + security: [%{"oAuth" => ["admin:read:statuses"]}], responses: %{ 200 => Operation.response("Status", "application/json", status()), 404 => Operation.response("Not Found", "application/json", ApiError) @@ -88,7 +88,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do summary: "Change the scope of a status", operationId: "AdminAPI.StatusController.update", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["write:statuses"]}], + security: [%{"oAuth" => ["admin:write:statuses"]}], requestBody: request_body("Parameters", update_request(), required: true), responses: %{ 200 => Operation.response("Status", "application/json", Status), @@ -103,7 +103,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do summary: "Delete status", operationId: "AdminAPI.StatusController.delete", parameters: [id_param() | admin_api_params()], - security: [%{"oAuth" => ["write:statuses"]}], + security: [%{"oAuth" => ["admin:write:statuses"]}], responses: %{ 200 => empty_object_response(), 404 => Operation.response("Not Found", "application/json", ApiError) diff --git a/lib/pleroma/web/api_spec/operations/pleroma_emoji_file_operation.ex b/lib/pleroma/web/api_spec/operations/pleroma_emoji_file_operation.ex index bed9511ef..8c76096b5 100644 --- a/lib/pleroma/web/api_spec/operations/pleroma_emoji_file_operation.ex +++ b/lib/pleroma/web/api_spec/operations/pleroma_emoji_file_operation.ex @@ -16,10 +16,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiFileOperation do def create_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Add new file to the pack", operationId: "PleromaAPI.EmojiPackController.add_file", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: request_body("Parameters", create_request(), required: true), parameters: [name_param()], responses: %{ @@ -62,10 +62,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiFileOperation do def update_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Add new file to the pack", operationId: "PleromaAPI.EmojiPackController.update_file", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: request_body("Parameters", update_request(), required: true), parameters: [name_param()], responses: %{ @@ -106,10 +106,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiFileOperation do def delete_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Delete emoji file from pack", operationId: "PleromaAPI.EmojiPackController.delete_file", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [ name_param(), Operation.parameter(:shortcode, :query, :string, "File shortcode", diff --git a/lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex b/lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex index 48dafa5f2..49247d9b6 100644 --- a/lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex +++ b/lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex @@ -16,9 +16,9 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def remote_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Make request to another instance for emoji packs list", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [ url_param(), Operation.parameter( @@ -115,10 +115,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def download_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Download pack from another instance", operationId: "PleromaAPI.EmojiPackController.download", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: request_body("Parameters", download_request(), required: true), responses: %{ 200 => ok_response(), @@ -145,10 +145,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def create_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Create an empty pack", operationId: "PleromaAPI.EmojiPackController.create", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [name_param()], responses: %{ 200 => ok_response(), @@ -161,10 +161,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def delete_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Delete a custom emoji pack", operationId: "PleromaAPI.EmojiPackController.delete", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], parameters: [name_param()], responses: %{ 200 => ok_response(), @@ -177,10 +177,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def update_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Updates (replaces) pack metadata", operationId: "PleromaAPI.EmojiPackController.update", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], requestBody: request_body("Parameters", update_request(), required: true), parameters: [name_param()], responses: %{ @@ -193,10 +193,10 @@ defmodule Pleroma.Web.ApiSpec.PleromaEmojiPackOperation do def import_from_filesystem_operation do %Operation{ - tags: ["Emoji packs"], + tags: ["Emoji pack administration"], summary: "Imports packs from filesystem", operationId: "PleromaAPI.EmojiPackController.import", - security: [%{"oAuth" => ["write"]}], + security: [%{"oAuth" => ["admin:write"]}], responses: %{ 200 => Operation.response("Array of imported pack names", "application/json", %Schema{ diff --git a/lib/pleroma/web/api_spec/schemas/chat_message.ex b/lib/pleroma/web/api_spec/schemas/chat_message.ex index 6986b9c17..348fe95f8 100644 --- a/lib/pleroma/web/api_spec/schemas/chat_message.ex +++ b/lib/pleroma/web/api_spec/schemas/chat_message.ex @@ -52,7 +52,8 @@ defmodule Pleroma.Web.ApiSpec.Schemas.ChatMessage do title: %Schema{type: :string, description: "Title of linked resource"}, description: %Schema{type: :string, description: "Description of preview"} } - } + }, + unread: %Schema{type: :boolean, description: "Whether a message has been marked as read."} }, example: %{ "account_id" => "someflakeid", @@ -69,7 +70,8 @@ defmodule Pleroma.Web.ApiSpec.Schemas.ChatMessage do } ], "id" => "14", - "attachment" => nil + "attachment" => nil, + "unread" => false } }) end diff --git a/lib/pleroma/web/api_spec/schemas/scheduled_status.ex b/lib/pleroma/web/api_spec/schemas/scheduled_status.ex index cc051046a..607586e32 100644 --- a/lib/pleroma/web/api_spec/schemas/scheduled_status.ex +++ b/lib/pleroma/web/api_spec/schemas/scheduled_status.ex @@ -30,7 +30,8 @@ defmodule Pleroma.Web.ApiSpec.Schemas.ScheduledStatus do visibility: %Schema{allOf: [VisibilityScope], nullable: true}, scheduled_at: %Schema{type: :string, format: :"date-time", nullable: true}, poll: StatusOperation.poll_params(), - in_reply_to_id: %Schema{type: :string, nullable: true} + in_reply_to_id: %Schema{type: :string, nullable: true}, + expires_in: %Schema{type: :integer, nullable: true} } } }, @@ -46,7 +47,8 @@ defmodule Pleroma.Web.ApiSpec.Schemas.ScheduledStatus do scheduled_at: nil, poll: nil, idempotency: nil, - in_reply_to_id: nil + in_reply_to_id: nil, + expires_in: nil }, media_attachments: [Attachment.schema().example] } diff --git a/lib/pleroma/web/api_spec/schemas/status.ex b/lib/pleroma/web/api_spec/schemas/status.ex index 61ebd8089..42fa98718 100644 --- a/lib/pleroma/web/api_spec/schemas/status.ex +++ b/lib/pleroma/web/api_spec/schemas/status.ex @@ -23,9 +23,10 @@ defmodule Pleroma.Web.ApiSpec.Schemas.Status do application: %Schema{ description: "The application used to post this status", type: :object, + nullable: true, properties: %{ name: %Schema{type: :string}, - website: %Schema{type: :string, nullable: true, format: :uri} + website: %Schema{type: :string, format: :uri} } }, bookmarked: %Schema{type: :boolean, description: "Have you bookmarked this status?"}, @@ -291,7 +292,7 @@ defmodule Pleroma.Web.ApiSpec.Schemas.Status do "url" => "http://localhost:4001/users/nick6", "username" => "nick6" }, - "application" => %{"name" => "Web", "website" => nil}, + "application" => nil, "bookmarked" => false, "card" => nil, "content" => "foobar", diff --git a/lib/pleroma/web/common_api/activity_draft.ex b/lib/pleroma/web/common_api/activity_draft.ex index fb059c27c..d7dcdad90 100644 --- a/lib/pleroma/web/common_api/activity_draft.ex +++ b/lib/pleroma/web/common_api/activity_draft.ex @@ -190,6 +190,7 @@ defmodule Pleroma.Web.CommonAPI.ActivityDraft do Utils.make_note_data(draft) |> Map.put("emoji", emoji) |> Map.put("source", draft.status) + |> Map.put("application", draft.params[:application]) %__MODULE__{draft | object: object} end diff --git a/lib/pleroma/web/fallback/legacy_pleroma_api_rerouter_plug.ex b/lib/pleroma/web/fallback/legacy_pleroma_api_rerouter_plug.ex new file mode 100644 index 000000000..f86d6b52b --- /dev/null +++ b/lib/pleroma/web/fallback/legacy_pleroma_api_rerouter_plug.ex @@ -0,0 +1,26 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Fallback.LegacyPleromaApiRerouterPlug do + alias Pleroma.Web.Endpoint + alias Pleroma.Web.Fallback.RedirectController + + def init(opts), do: opts + + def call(%{path_info: ["api", "pleroma" | path_info_rest]} = conn, _opts) do + new_path_info = ["api", "v1", "pleroma" | path_info_rest] + new_request_path = Enum.join(new_path_info, "/") + + conn + |> Map.merge(%{ + path_info: new_path_info, + request_path: new_request_path + }) + |> Endpoint.call(conn.params) + end + + def call(conn, _opts) do + RedirectController.api_not_implemented(conn, %{}) + end +end diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex index 4cf2ee35c..b8a7b2a0a 100644 --- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex @@ -21,6 +21,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.AccountView alias Pleroma.Web.MastodonAPI.ScheduledActivityView + alias Pleroma.Web.OAuth.Token alias Pleroma.Web.Plugs.OAuthScopesPlug alias Pleroma.Web.Plugs.RateLimiter @@ -138,7 +139,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do _ ) when not is_nil(scheduled_at) do - params = Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id]) + params = + Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id]) + |> put_application(conn) attrs = %{ params: Map.new(params, fn {key, value} -> {to_string(key), value} end), @@ -162,7 +165,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do # Creates a regular status def create(%{assigns: %{user: user}, body_params: %{status: _} = params} = conn, _) do - params = Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id]) + params = + Map.put(params, :in_reply_to_status_id, params[:in_reply_to_id]) + |> put_application(conn) with {:ok, activity} <- CommonAPI.post(user, params) do try_render(conn, "show.json", @@ -414,4 +419,15 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do as: :activity ) end + + defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do + if user.disclose_client do + %{client_name: client_name, website: website} = Repo.preload(token, :app).app + Map.put(params, :application, %{type: "Application", name: client_name, url: website}) + else + Map.put(params, :application, nil) + end + end + + defp put_application(params, _), do: Map.put(params, :application, nil) end diff --git a/lib/pleroma/web/mastodon_api/views/scheduled_activity_view.ex b/lib/pleroma/web/mastodon_api/views/scheduled_activity_view.ex index 13774d237..453221f41 100644 --- a/lib/pleroma/web/mastodon_api/views/scheduled_activity_view.ex +++ b/lib/pleroma/web/mastodon_api/views/scheduled_activity_view.ex @@ -37,7 +37,8 @@ defmodule Pleroma.Web.MastodonAPI.ScheduledActivityView do visibility: params["visibility"], scheduled_at: params["scheduled_at"], poll: params["poll"], - in_reply_to_id: params["in_reply_to_id"] + in_reply_to_id: params["in_reply_to_id"], + expires_in: params["expires_in"] } |> Pleroma.Maps.put_if_present(:media_ids, params["media_ids"]) end diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index 2cd6732fe..792197a4a 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -180,10 +180,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do media_attachments: reblogged[:media_attachments] || [], mentions: mentions, tags: reblogged[:tags] || [], - application: %{ - name: "Web", - website: nil - }, + application: build_application(activity_object.data["application"]), language: nil, emojis: [], pleroma: %{ @@ -348,10 +345,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do poll: render(PollView, "show.json", object: object, for: opts[:for]), mentions: mentions, tags: build_tags(tags), - application: %{ - name: "Web", - website: nil - }, + application: build_application(object.data["application"]), language: nil, emojis: build_emojis(object.data["emoji"]), pleroma: %{ @@ -540,4 +534,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do me: !!(current_user && current_user.ap_id in users) } end + + @spec build_application(map() | nil) :: map() | nil + defp build_application(%{type: _type, name: name, url: url}), do: %{name: name, website: url} + defp build_application(_), do: nil end diff --git a/lib/pleroma/web/pleroma_api/controllers/emoji_file_controller.ex b/lib/pleroma/web/pleroma_api/controllers/emoji_file_controller.ex index 6a41bbab4..204e81311 100644 --- a/lib/pleroma/web/pleroma_api/controllers/emoji_file_controller.ex +++ b/lib/pleroma/web/pleroma_api/controllers/emoji_file_controller.ex @@ -12,7 +12,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiFileController do plug( Pleroma.Web.Plugs.OAuthScopesPlug, - %{scopes: ["write"], admin: true} + %{scopes: ["admin:write"]} when action in [ :create, :update, diff --git a/lib/pleroma/web/pleroma_api/controllers/emoji_pack_controller.ex b/lib/pleroma/web/pleroma_api/controllers/emoji_pack_controller.ex index c696241f0..d0f677d3c 100644 --- a/lib/pleroma/web/pleroma_api/controllers/emoji_pack_controller.ex +++ b/lib/pleroma/web/pleroma_api/controllers/emoji_pack_controller.ex @@ -11,7 +11,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackController do plug( Pleroma.Web.Plugs.OAuthScopesPlug, - %{scopes: ["write"], admin: true} + %{scopes: ["admin:write"]} when action in [ :import_from_filesystem, :remote, diff --git a/lib/pleroma/web/plugs/frontend_static.ex b/lib/pleroma/web/plugs/frontend_static.ex index eecf16264..eb385e94d 100644 --- a/lib/pleroma/web/plugs/frontend_static.ex +++ b/lib/pleroma/web/plugs/frontend_static.ex @@ -10,6 +10,8 @@ defmodule Pleroma.Web.Plugs.FrontendStatic do """ @behaviour Plug + @api_routes Pleroma.Web.get_api_routes() + def file_path(path, frontend_type \\ :primary) do if configuration = Pleroma.Config.get([:frontends, frontend_type]) do instance_static_path = Pleroma.Config.get([:instance, :static_dir], "instance/static") @@ -34,7 +36,8 @@ defmodule Pleroma.Web.Plugs.FrontendStatic do end def call(conn, opts) do - with false <- invalid_path?(conn.path_info), + with false <- api_route?(conn.path_info), + false <- invalid_path?(conn.path_info), frontend_type <- Map.get(opts, :frontend_type, :primary), path when not is_nil(path) <- file_path("", frontend_type) do call_static(conn, opts, path) @@ -52,6 +55,10 @@ defmodule Pleroma.Web.Plugs.FrontendStatic do defp invalid_path?([h | t], match), do: String.contains?(h, match) or invalid_path?(t) defp invalid_path?([], _match), do: false + defp api_route?([h | _]) when h in @api_routes, do: true + defp api_route?([_ | t]), do: api_route?(t) + defp api_route?([]), do: false + defp call_static(conn, opts, from) do opts = Map.put(opts, :from, from) Plug.Static.call(conn, opts) diff --git a/lib/pleroma/web/plugs/o_auth_scopes_plug.ex b/lib/pleroma/web/plugs/o_auth_scopes_plug.ex index 0f32f70a6..f017c8bc7 100644 --- a/lib/pleroma/web/plugs/o_auth_scopes_plug.ex +++ b/lib/pleroma/web/plugs/o_auth_scopes_plug.ex @@ -6,7 +6,6 @@ defmodule Pleroma.Web.Plugs.OAuthScopesPlug do import Plug.Conn import Pleroma.Web.Gettext - alias Pleroma.Config alias Pleroma.Helpers.AuthHelper use Pleroma.Web, :plug @@ -18,7 +17,6 @@ defmodule Pleroma.Web.Plugs.OAuthScopesPlug do op = options[:op] || :| token = assigns[:token] - scopes = transform_scopes(scopes, options) matched_scopes = (token && filter_descendants(scopes, token.scopes)) || [] cond do @@ -57,13 +55,4 @@ defmodule Pleroma.Web.Plugs.OAuthScopesPlug do end ) end - - @doc "Transforms scopes by applying supported options (e.g. :admin)" - def transform_scopes(scopes, options) do - if options[:admin] do - Config.oauth_admin_scopes(scopes) - else - scopes - end - end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 0064dacc8..72ad14f05 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -140,7 +140,7 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug) end - scope "/api/pleroma", Pleroma.Web.TwitterAPI do + scope "/api/v1/pleroma", Pleroma.Web.TwitterAPI do pipe_through(:pleroma_api) get("/password_reset/:token", PasswordController, :reset, as: :reset_password) @@ -150,12 +150,12 @@ defmodule Pleroma.Web.Router do get("/healthcheck", UtilController, :healthcheck) end - scope "/api/pleroma", Pleroma.Web do + scope "/api/v1/pleroma", Pleroma.Web do pipe_through(:pleroma_api) post("/uploader_callback/:upload_path", UploaderController, :callback) end - scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do + scope "/api/v1/pleroma/admin", Pleroma.Web.AdminAPI do pipe_through(:admin_api) put("/users/disable_mfa", AdminAPIController, :disable_mfa) @@ -259,7 +259,7 @@ defmodule Pleroma.Web.Router do post("/backups", AdminAPIController, :create_backup) end - scope "/api/pleroma/emoji", Pleroma.Web.PleromaAPI do + scope "/api/v1/pleroma/emoji", Pleroma.Web.PleromaAPI do scope "/pack" do pipe_through(:admin_api) @@ -815,6 +815,7 @@ defmodule Pleroma.Web.Router do scope "/", Pleroma.Web.Fallback do get("/registration/:token", RedirectController, :registration_page) get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta) + match(:*, "/api/pleroma*path", LegacyPleromaApiRerouterPlug, []) get("/api*path", RedirectController, :api_not_implemented) get("/*path", RedirectController, :redirector_with_preload) diff --git a/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs new file mode 100644 index 000000000..37c5776ff --- /dev/null +++ b/priv/repo/migrations/20210218223811_add_disclose_client_to_users.exs @@ -0,0 +1,9 @@ +defmodule Pleroma.Repo.Migrations.AddDiscloseClientToUsers do + use Ecto.Migration + + def change do + alter table(:users) do + add(:disclose_client, :boolean, default: true) + end + end +end diff --git a/test/fixtures/peertube/actor-person.json b/test/fixtures/peertube/actor-person.json new file mode 100644 index 000000000..8c387d455 --- /dev/null +++ b/test/fixtures/peertube/actor-person.json @@ -0,0 +1,121 @@ +{ + "type": "Person", + "id": "https://peertube.stream/accounts/createurs", + "following": "https://peertube.stream/accounts/createurs/following", + "followers": "https://peertube.stream/accounts/createurs/followers", + "playlists": "https://peertube.stream/accounts/createurs/playlists", + "inbox": "https://peertube.stream/accounts/createurs/inbox", + "outbox": "https://peertube.stream/accounts/createurs/outbox", + "preferredUsername": "createurs", + "url": "https://peertube.stream/accounts/createurs", + "name": "Créateurs", + "endpoints": { + "sharedInbox": "https://peertube.stream/inbox" + }, + "publicKey": { + "id": "https://peertube.stream/accounts/createurs#main-key", + "owner": "https://peertube.stream/accounts/createurs", + "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqkQhbRYbA81+WTYjorR\n2lEMad3kYCnzDjGTLr4I92eanzFHxyELGnjzP6TpEvjOiB9NrCRrqU/iFPLdgrq2\nwIFcXPWdCq6Gcg7QLlaeMM0JoJmr0KTEhzg0XKCo96UsyTzaF4DISxqi8RyoyWeU\nEkgiOzlkdYTlouq3MlQH+p1PBAsNUQfIEUsU+l6k1vzbm8JRwlT+D1bNde4I/Lqs\n4uB5ru3zzInwZ2hz9+heiriNoGEBv74rZHYn966tZVX8iMGx2+m6okozEdEQbqCl\n0ekqDcd8P6CoFqqeeu8coh82OUtuFI/XsbetdWA55YQmSHyMiTsIwVbeoogIETbI\n4QIDAQAB\n-----END PUBLIC KEY-----" + }, + "icon": { + "type": "Image", + "mediaType": "image/png", + "url": "https://peertube.stream/lazy-static/avatars/c27b672d-ad8f-498a-adbe-553af8da56f9.png" + }, + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "RsaSignature2017": "https://w3id.org/security#RsaSignature2017" + }, + { + "pt": "https://joinpeertube.org/ns#", + "sc": "http://schema.org#", + "Hashtag": "as:Hashtag", + "uuid": "sc:identifier", + "category": "sc:category", + "licence": "sc:license", + "subtitleLanguage": "sc:subtitleLanguage", + "sensitive": "as:sensitive", + "language": "sc:inLanguage", + "isLiveBroadcast": "sc:isLiveBroadcast", + "liveSaveReplay": { + "@type": "sc:Boolean", + "@id": "pt:liveSaveReplay" + }, + "permanentLive": { + "@type": "sc:Boolean", + "@id": "pt:permanentLive" + }, + "Infohash": "pt:Infohash", + "Playlist": "pt:Playlist", + "PlaylistElement": "pt:PlaylistElement", + "originallyPublishedAt": "sc:datePublished", + "views": { + "@type": "sc:Number", + "@id": "pt:views" + }, + "state": { + "@type": "sc:Number", + "@id": "pt:state" + }, + "size": { + "@type": "sc:Number", + "@id": "pt:size" + }, + "fps": { + "@type": "sc:Number", + "@id": "pt:fps" + }, + "startTimestamp": { + "@type": "sc:Number", + "@id": "pt:startTimestamp" + }, + "stopTimestamp": { + "@type": "sc:Number", + "@id": "pt:stopTimestamp" + }, + "position": { + "@type": "sc:Number", + "@id": "pt:position" + }, + "commentsEnabled": { + "@type": "sc:Boolean", + "@id": "pt:commentsEnabled" + }, + "downloadEnabled": { + "@type": "sc:Boolean", + "@id": "pt:downloadEnabled" + }, + "waitTranscoding": { + "@type": "sc:Boolean", + "@id": "pt:waitTranscoding" + }, + "support": { + "@type": "sc:Text", + "@id": "pt:support" + }, + "likes": { + "@id": "as:likes", + "@type": "@id" + }, + "dislikes": { + "@id": "as:dislikes", + "@type": "@id" + }, + "playlists": { + "@id": "pt:playlists", + "@type": "@id" + }, + "shares": { + "@id": "as:shares", + "@type": "@id" + }, + "comments": { + "@id": "as:comments", + "@type": "@id" + } + } + ], + "summary": null +} diff --git a/test/fixtures/peertube/video-object-mpegURL-only.json b/test/fixtures/peertube/video-object-mpegURL-only.json new file mode 100644 index 000000000..7f26e89bf --- /dev/null +++ b/test/fixtures/peertube/video-object-mpegURL-only.json @@ -0,0 +1,413 @@ +{ + "type": "Create", + "id": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6/activity", + "actor": "https://peertube.stream/accounts/createurs", + "object": { + "type": "Video", + "id": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6", + "name": "Vu du 20/02/21 : \"Planète Mars 2050\"", + "duration": "PT385S", + "uuid": "abece3c3-b9c6-47f4-8040-f3eed8c602e6", + "tag": [ + { + "type": "Hashtag", + "name": "France3" + }, + { + "type": "Hashtag", + "name": "lezapping" + } + ], + "category": { + "identifier": "11", + "name": "News & Politics" + }, + "language": { + "identifier": "fr", + "name": "French" + }, + "views": 5, + "sensitive": false, + "waitTranscoding": false, + "isLiveBroadcast": false, + "liveSaveReplay": null, + "permanentLive": null, + "state": 1, + "commentsEnabled": true, + "downloadEnabled": false, + "published": "2021-02-20T17:04:54.278Z", + "originallyPublishedAt": "2021-02-19T23:00:00.000Z", + "updated": "2021-02-21T20:01:11.189Z", + "mediaType": "text/markdown", + "content": "Un regard impertinent et libre, orchestré par Patrick Menais et son équipe, sur le monde de l’image.\r\n\r\nEn avant-première du lundi au samedi à 17h00 sur Facebook, Twitter et YouTube.\r\n\r\nDu lundi au samedi à 20h00 sur France 3.\r\n\r\nhttps://www.facebook.com/vufrancetv\r\nhttps://twitter.com/VuFrancetv", + "support": "Suivre VU :\r\n- Twitter : https://twitter.com/vufrancetv\r\n- Facebook :https://www.facebook.com/vufrancetv/\r\n- Site : https://www.france.tv/france-3/vu/", + "subtitleLanguage": [], + "icon": [ + { + "type": "Image", + "url": "https://peertube.stream/static/thumbnails/abece3c3-b9c6-47f4-8040-f3eed8c602e6.jpg", + "mediaType": "image/jpeg", + "width": 223, + "height": 122 + }, + { + "type": "Image", + "url": "https://peertube.stream/lazy-static/previews/abece3c3-b9c6-47f4-8040-f3eed8c602e6.jpg", + "mediaType": "image/jpeg", + "width": 850, + "height": 480 + } + ], + "url": [ + { + "type": "Link", + "mediaType": "text/html", + "href": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6" + }, + { + "type": "Link", + "mediaType": "application/x-mpegURL", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/master.m3u8", + "tag": [ + { + "type": "Infohash", + "name": "00bfce9595e1655d8696b60e19ca25c34be5fa63" + }, + { + "type": "Infohash", + "name": "256c21b65d5e0f944b4b79d8e0cbc55c9d906807" + }, + { + "type": "Infohash", + "name": "fcd981098c484d0e328927c8fb21ecf986880b7e" + }, + { + "type": "Infohash", + "name": "f7e01ac566e9fef91cd22514e6c3c256af7a9f5f" + }, + { + "type": "Infohash", + "name": "42b421fc44d0dceb45ac3f6f6419b07fd570a232" + }, + { + "type": "Infohash", + "name": "f876c6d6d49ce618a880ca223df54cb29f4b4bfd" + }, + { + "type": "Link", + "name": "sha256", + "mediaType": "application/json", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/segments-sha256.json" + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-fragmented.mp4", + "height": 1080, + "size": 57888169, + "fps": 25 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570040", + "height": 1080, + "fps": 25 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-hls.torrent", + "height": 1080 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-hls.torrent&xt=urn:btih:68af82ebcd9df8335e407b755f38f5fd39c8a6a4&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-fragmented.mp4", + "height": 1080 + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-720-fragmented.mp4", + "height": 720, + "size": 45165123, + "fps": 25 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570056", + "height": 720, + "fps": 25 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-720-hls.torrent", + "height": 720 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-720-hls.torrent&xt=urn:btih:8450928a4ffb2a4c5f927a163487c48c05f6e700&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-720-fragmented.mp4", + "height": 720 + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-480-fragmented.mp4", + "height": 480, + "size": 29618534, + "fps": 25 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570042", + "height": 480, + "fps": 25 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-480-hls.torrent", + "height": 480 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-480-hls.torrent&xt=urn:btih:39e11181db5f376aa78c94bffcb9ccf2f4bca715&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-480-fragmented.mp4", + "height": 480 + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-360-fragmented.mp4", + "height": 360, + "size": 21771466, + "fps": 25 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570043", + "height": 360, + "fps": 25 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-360-hls.torrent", + "height": 360 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-360-hls.torrent&xt=urn:btih:c33aa52822528e29ffd1a615ebe40450e4c61452&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-360-fragmented.mp4", + "height": 360 + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-240-fragmented.mp4", + "height": 240, + "size": 14856165, + "fps": 25 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570057", + "height": 240, + "fps": 25 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-240-hls.torrent", + "height": 240 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-240-hls.torrent&xt=urn:btih:157e4cc3e9f15c06e995d6c3388539fdda312771&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-240-fragmented.mp4", + "height": 240 + }, + { + "type": "Link", + "mediaType": "video/mp4", + "href": "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-0-fragmented.mp4", + "height": 0, + "size": 6248765, + "fps": 0 + }, + { + "type": "Link", + "rel": [ + "metadata", + "video/mp4" + ], + "mediaType": "application/json", + "href": "https://peertube.stream/api/v1/videos/abece3c3-b9c6-47f4-8040-f3eed8c602e6/metadata/570041", + "height": 0, + "fps": 0 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent", + "href": "https://peertube.stream/static/torrents/abece3c3-b9c6-47f4-8040-f3eed8c602e6-0-hls.torrent", + "height": 0 + }, + { + "type": "Link", + "mediaType": "application/x-bittorrent;x-scheme-handler/magnet", + "href": "magnet:?xs=https%3A%2F%2Fpeertube.stream%2Fstatic%2Ftorrents%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-0-hls.torrent&xt=urn:btih:abc8dc58903d18cf7ec0c0cef92cc5ffe5cb0b5c&dn=Vu+du+20%2F02%2F21+%3A+%22Plan%C3%A8te+Mars+2050%22&tr=wss%3A%2F%2Fpeertube.stream%3A443%2Ftracker%2Fsocket&tr=https%3A%2F%2Fpeertube.stream%2Ftracker%2Fannounce&ws=https%3A%2F%2Fpeertube.stream%2Fstatic%2Fstreaming-playlists%2Fhls%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6%2Fabece3c3-b9c6-47f4-8040-f3eed8c602e6-0-fragmented.mp4", + "height": 0 + } + ] + } + ], + "likes": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6/likes", + "dislikes": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6/dislikes", + "shares": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6/announces", + "comments": "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6/comments", + "attributedTo": [ + { + "type": "Person", + "id": "https://peertube.stream/accounts/createurs" + }, + { + "type": "Group", + "id": "https://peertube.stream/video-channels/vu" + } + ], + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "cc": [ + "https://peertube.stream/accounts/createurs/followers" + ] + }, + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "cc": [ + "https://peertube.stream/accounts/createurs/followers" + ], + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "RsaSignature2017": "https://w3id.org/security#RsaSignature2017" + }, + { + "pt": "https://joinpeertube.org/ns#", + "sc": "http://schema.org#", + "Hashtag": "as:Hashtag", + "uuid": "sc:identifier", + "category": "sc:category", + "licence": "sc:license", + "subtitleLanguage": "sc:subtitleLanguage", + "sensitive": "as:sensitive", + "language": "sc:inLanguage", + "isLiveBroadcast": "sc:isLiveBroadcast", + "liveSaveReplay": { + "@type": "sc:Boolean", + "@id": "pt:liveSaveReplay" + }, + "permanentLive": { + "@type": "sc:Boolean", + "@id": "pt:permanentLive" + }, + "Infohash": "pt:Infohash", + "Playlist": "pt:Playlist", + "PlaylistElement": "pt:PlaylistElement", + "originallyPublishedAt": "sc:datePublished", + "views": { + "@type": "sc:Number", + "@id": "pt:views" + }, + "state": { + "@type": "sc:Number", + "@id": "pt:state" + }, + "size": { + "@type": "sc:Number", + "@id": "pt:size" + }, + "fps": { + "@type": "sc:Number", + "@id": "pt:fps" + }, + "startTimestamp": { + "@type": "sc:Number", + "@id": "pt:startTimestamp" + }, + "stopTimestamp": { + "@type": "sc:Number", + "@id": "pt:stopTimestamp" + }, + "position": { + "@type": "sc:Number", + "@id": "pt:position" + }, + "commentsEnabled": { + "@type": "sc:Boolean", + "@id": "pt:commentsEnabled" + }, + "downloadEnabled": { + "@type": "sc:Boolean", + "@id": "pt:downloadEnabled" + }, + "waitTranscoding": { + "@type": "sc:Boolean", + "@id": "pt:waitTranscoding" + }, + "support": { + "@type": "sc:Text", + "@id": "pt:support" + }, + "likes": { + "@id": "as:likes", + "@type": "@id" + }, + "dislikes": { + "@id": "as:dislikes", + "@type": "@id" + }, + "playlists": { + "@id": "pt:playlists", + "@type": "@id" + }, + "shares": { + "@id": "as:shares", + "@type": "@id" + }, + "comments": { + "@id": "as:comments", + "@type": "@id" + } + } + ] +} diff --git a/test/mix/tasks/pleroma/ecto/rollback_test.exs b/test/mix/tasks/pleroma/ecto/rollback_test.exs index a0751acb1..f8a37bd49 100644 --- a/test/mix/tasks/pleroma/ecto/rollback_test.exs +++ b/test/mix/tasks/pleroma/ecto/rollback_test.exs @@ -12,7 +12,7 @@ defmodule Mix.Tasks.Pleroma.Ecto.RollbackTest do Logger.configure(level: :warn) assert capture_log(fn -> - Mix.Tasks.Pleroma.Ecto.Rollback.run() + Mix.Tasks.Pleroma.Ecto.Rollback.run(["--env", "test"]) end) =~ "[info] Rollback succesfully" Logger.configure(level: level) diff --git a/test/pleroma/web/activity_pub/transmogrifier/video_handling_test.exs b/test/pleroma/web/activity_pub/transmogrifier/video_handling_test.exs index c00df6a04..6ddf7c172 100644 --- a/test/pleroma/web/activity_pub/transmogrifier/video_handling_test.exs +++ b/test/pleroma/web/activity_pub/transmogrifier/video_handling_test.exs @@ -92,4 +92,34 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do assert object.data["url"] == "https://framatube.org/videos/watch/6050732a-8a7a-43d4-a6cd-809525a1d206" end + + test "it works for peertube videos with only their mpegURL map" do + data = + File.read!("test/fixtures/peertube/video-object-mpegURL-only.json") + |> Jason.decode!() + + {:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data) + + assert object = Object.normalize(activity, fetch: false) + + assert object.data["attachment"] == [ + %{ + "type" => "Link", + "mediaType" => "video/mp4", + "name" => nil, + "blurhash" => nil, + "url" => [ + %{ + "href" => + "https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-fragmented.mp4", + "mediaType" => "video/mp4", + "type" => "Link" + } + ] + } + ] + + assert object.data["url"] == + "https://peertube.stream/videos/watch/abece3c3-b9c6-47f4-8040-f3eed8c602e6" + end end diff --git a/test/pleroma/web/activity_pub/transmogrifier_test.exs b/test/pleroma/web/activity_pub/transmogrifier_test.exs index 7c97fa8f8..f6a8cbb6f 100644 --- a/test/pleroma/web/activity_pub/transmogrifier_test.exs +++ b/test/pleroma/web/activity_pub/transmogrifier_test.exs @@ -202,7 +202,20 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do test "it strips internal fields" do user = insert(:user) - {:ok, activity} = CommonAPI.post(user, %{status: "#2hu :firefox:"}) + {:ok, activity} = + CommonAPI.post(user, %{ + status: "#2hu :firefox:", + application: %{type: "Application", name: "TestClient", url: "https://pleroma.social"} + }) + + # Ensure injected application data made it into the activity + # as we don't have a Token to derive it from, otherwise it will + # be nil and the test will pass + assert %{ + type: "Application", + name: "TestClient", + url: "https://pleroma.social" + } == activity.object.data["application"] {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) @@ -213,6 +226,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do assert is_nil(modified["object"]["announcements"]) assert is_nil(modified["object"]["announcement_count"]) assert is_nil(modified["object"]["context_id"]) + assert is_nil(modified["object"]["application"]) end test "it strips internal fields of article" do diff --git a/test/pleroma/web/admin_api/controllers/admin_api_controller_test.exs b/test/pleroma/web/admin_api/controllers/admin_api_controller_test.exs index e7688c728..8cd9f939b 100644 --- a/test/pleroma/web/admin_api/controllers/admin_api_controller_test.exs +++ b/test/pleroma/web/admin_api/controllers/admin_api_controller_test.exs @@ -46,104 +46,47 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert json_response(conn, 200) end - describe "with [:auth, :enforce_oauth_admin_scope_usage]," do - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true) + test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope", + %{admin: admin} do + user = insert(:user) + url = "/api/pleroma/admin/users/#{user.nickname}" - test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope", - %{admin: admin} do - user = insert(:user) - url = "/api/pleroma/admin/users/#{user.nickname}" - - good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) - good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) - good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) - - bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) - bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) - bad_token3 = nil - - for good_token <- [good_token1, good_token2, good_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, good_token) - |> get(url) - - assert json_response(conn, 200) - end - - for good_token <- [good_token1, good_token2, good_token3] do - conn = - build_conn() - |> assign(:user, nil) - |> assign(:token, good_token) - |> get(url) - - assert json_response(conn, :forbidden) - end - - for bad_token <- [bad_token1, bad_token2, bad_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, bad_token) - |> get(url) - - assert json_response(conn, :forbidden) - end + good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) + good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) + good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) + + bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) + bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) + bad_token3 = nil + + for good_token <- [good_token1, good_token2, good_token3] do + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, good_token) + |> get(url) + + assert json_response(conn, 200) end - end - describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false) + for good_token <- [good_token1, good_token2, good_token3] do + conn = + build_conn() + |> assign(:user, nil) + |> assign(:token, good_token) + |> get(url) + + assert json_response(conn, :forbidden) + end - test "GET /api/pleroma/admin/users/:nickname requires " <> - "read:accounts or admin:read:accounts or broader scope", - %{admin: admin} do - user = insert(:user) - url = "/api/pleroma/admin/users/#{user.nickname}" - - good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) - good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) - good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) - good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) - good_token5 = insert(:oauth_token, user: admin, scopes: ["read"]) - - good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5] - - bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"]) - bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) - bad_token3 = nil - - for good_token <- good_tokens do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, good_token) - |> get(url) - - assert json_response(conn, 200) - end - - for good_token <- good_tokens do - conn = - build_conn() - |> assign(:user, nil) - |> assign(:token, good_token) - |> get(url) - - assert json_response(conn, :forbidden) - end - - for bad_token <- [bad_token1, bad_token2, bad_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, bad_token) - |> get(url) - - assert json_response(conn, :forbidden) - end + for bad_token <- [bad_token1, bad_token2, bad_token3] do + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, bad_token) + |> get(url) + + assert json_response(conn, :forbidden) end end diff --git a/test/pleroma/web/admin_api/controllers/user_controller_test.exs b/test/pleroma/web/admin_api/controllers/user_controller_test.exs index ef16dede3..beb8a5d58 100644 --- a/test/pleroma/web/admin_api/controllers/user_controller_test.exs +++ b/test/pleroma/web/admin_api/controllers/user_controller_test.exs @@ -47,104 +47,47 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do assert json_response(conn, 200) end - describe "with [:auth, :enforce_oauth_admin_scope_usage]," do - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true) - - test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope", - %{admin: admin} do - user = insert(:user) - url = "/api/pleroma/admin/users/#{user.nickname}" - - good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) - good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) - good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) - - bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) - bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) - bad_token3 = nil - - for good_token <- [good_token1, good_token2, good_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, good_token) - |> get(url) + test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope", + %{admin: admin} do + user = insert(:user) + url = "/api/pleroma/admin/users/#{user.nickname}" - assert json_response(conn, 200) - end + good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) + good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) + good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) - for good_token <- [good_token1, good_token2, good_token3] do - conn = - build_conn() - |> assign(:user, nil) - |> assign(:token, good_token) - |> get(url) + bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) + bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) + bad_token3 = nil - assert json_response(conn, :forbidden) - end - - for bad_token <- [bad_token1, bad_token2, bad_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, bad_token) - |> get(url) + for good_token <- [good_token1, good_token2, good_token3] do + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, good_token) + |> get(url) - assert json_response(conn, :forbidden) - end + assert json_response(conn, 200) end - end - describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false) - - test "GET /api/pleroma/admin/users/:nickname requires " <> - "read:accounts or admin:read:accounts or broader scope", - %{admin: admin} do - user = insert(:user) - url = "/api/pleroma/admin/users/#{user.nickname}" - - good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"]) - good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"]) - good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"]) - good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"]) - good_token5 = insert(:oauth_token, user: admin, scopes: ["read"]) - - good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5] - - bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"]) - bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"]) - bad_token3 = nil - - for good_token <- good_tokens do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, good_token) - |> get(url) - - assert json_response(conn, 200) - end - - for good_token <- good_tokens do - conn = - build_conn() - |> assign(:user, nil) - |> assign(:token, good_token) - |> get(url) + for good_token <- [good_token1, good_token2, good_token3] do + conn = + build_conn() + |> assign(:user, nil) + |> assign(:token, good_token) + |> get(url) - assert json_response(conn, :forbidden) - end + assert json_response(conn, :forbidden) + end - for bad_token <- [bad_token1, bad_token2, bad_token3] do - conn = - build_conn() - |> assign(:user, admin) - |> assign(:token, bad_token) - |> get(url) + for bad_token <- [bad_token1, bad_token2, bad_token3] do + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, bad_token) + |> get(url) - assert json_response(conn, :forbidden) - end + assert json_response(conn, :forbidden) end end diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs index dcd1e6d5b..dd2f306b7 100644 --- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs @@ -357,6 +357,50 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do assert activity.data["to"] == [user2.ap_id] assert activity.data["cc"] == [] end + + test "discloses application metadata when enabled" do + user = insert(:user, disclose_client: true) + %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user) + + %Pleroma.Web.OAuth.Token{ + app: %Pleroma.Web.OAuth.App{ + client_name: _app_name, + website: _app_website + } + } = token + + result = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/statuses", %{ + "status" => "cofe is my copilot" + }) + + assert %{ + "content" => "cofe is my copilot", + "application" => %{ + "name" => app_name, + "website" => app_website + } + } = json_response_and_validate_schema(result, 200) + end + + test "hides application metadata when disabled" do + user = insert(:user, disclose_client: false) + %{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user) + + result = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/statuses", %{ + "status" => "club mate is my wingman" + }) + + assert %{ + "content" => "club mate is my wingman", + "application" => nil + } = json_response_and_validate_schema(result, 200) + end end describe "posting scheduled statuses" do @@ -383,6 +427,31 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do assert [] == Repo.all(Activity) end + test "with expiration" do + %{conn: conn} = oauth_access(["write:statuses", "read:statuses"]) + + scheduled_at = + NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond) + |> NaiveDateTime.to_iso8601() + |> Kernel.<>("Z") + + assert %{"id" => status_id, "params" => %{"expires_in" => 300}} = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/statuses", %{ + "status" => "scheduled", + "scheduled_at" => scheduled_at, + "expires_in" => 300 + }) + |> json_response_and_validate_schema(200) + + assert %{"id" => ^status_id, "params" => %{"expires_in" => 300}} = + conn + |> put_req_header("content-type", "application/json") + |> get("/api/v1/scheduled_statuses/#{status_id}") + |> json_response_and_validate_schema(200) + end + test "ignores nil values", %{conn: conn} do conn = conn diff --git a/test/pleroma/web/mastodon_api/views/scheduled_activity_view_test.exs b/test/pleroma/web/mastodon_api/views/scheduled_activity_view_test.exs index c3b7f0f41..e323f3a1f 100644 --- a/test/pleroma/web/mastodon_api/views/scheduled_activity_view_test.exs +++ b/test/pleroma/web/mastodon_api/views/scheduled_activity_view_test.exs @@ -58,7 +58,8 @@ defmodule Pleroma.Web.MastodonAPI.ScheduledActivityViewTest do sensitive: true, spoiler_text: "spoiler", text: "hi", - visibility: "unlisted" + visibility: "unlisted", + expires_in: nil }, scheduled_at: Utils.to_masto_date(scheduled_activity.scheduled_at) } diff --git a/test/pleroma/web/mastodon_api/views/status_view_test.exs b/test/pleroma/web/mastodon_api/views/status_view_test.exs index ed59cf285..2de3afc4f 100644 --- a/test/pleroma/web/mastodon_api/views/status_view_test.exs +++ b/test/pleroma/web/mastodon_api/views/status_view_test.exs @@ -266,10 +266,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do url: "http://localhost:4001/tag/#{object_data["tag"]}" } ], - application: %{ - name: "Web", - website: nil - }, + application: nil, language: nil, emojis: [ %{ diff --git a/test/pleroma/web/pleroma_api/controllers/emoji_file_controller_test.exs b/test/pleroma/web/pleroma_api/controllers/emoji_file_controller_test.exs index 8f0da00c0..547391249 100644 --- a/test/pleroma/web/pleroma_api/controllers/emoji_file_controller_test.exs +++ b/test/pleroma/web/pleroma_api/controllers/emoji_file_controller_test.exs @@ -13,8 +13,6 @@ defmodule Pleroma.Web.PleromaAPI.EmojiFileControllerTest do Pleroma.Config.get!([:instance, :static_dir]), "emoji" ) - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false) - setup do: clear_config([:instance, :public], true) setup do diff --git a/test/pleroma/web/pleroma_api/controllers/emoji_pack_controller_test.exs b/test/pleroma/web/pleroma_api/controllers/emoji_pack_controller_test.exs index cd9fc391d..d1ba067b8 100644 --- a/test/pleroma/web/pleroma_api/controllers/emoji_pack_controller_test.exs +++ b/test/pleroma/web/pleroma_api/controllers/emoji_pack_controller_test.exs @@ -13,7 +13,6 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do Pleroma.Config.get!([:instance, :static_dir]), "emoji" ) - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false) setup do: clear_config([:instance, :public], true) diff --git a/test/pleroma/web/plugs/frontend_static_plug_test.exs b/test/pleroma/web/plugs/frontend_static_plug_test.exs index c8cfc967c..100b83d6a 100644 --- a/test/pleroma/web/plugs/frontend_static_plug_test.exs +++ b/test/pleroma/web/plugs/frontend_static_plug_test.exs @@ -74,4 +74,35 @@ defmodule Pleroma.Web.Plugs.FrontendStaticPlugTest do assert %Plug.Conn{status: :success} = get(conn, url) end end + + test "api routes are detected correctly" do + # If this test fails we have probably added something + # new that should be in /api/ instead + expected_routes = [ + "api", + "main", + "ostatus_subscribe", + "oauth", + "objects", + "activities", + "notice", + "users", + "tags", + "mailer", + "inbox", + "relay", + "internal", + ".well-known", + "nodeinfo", + "web", + "auth", + "embed", + "proxy", + "test", + "user_exists", + "check_password" + ] + + assert expected_routes == Pleroma.Web.get_api_routes() + end end diff --git a/test/pleroma/web/plugs/o_auth_scopes_plug_test.exs b/test/pleroma/web/plugs/o_auth_scopes_plug_test.exs index 7241b0afd..9f6d3dc71 100644 --- a/test/pleroma/web/plugs/o_auth_scopes_plug_test.exs +++ b/test/pleroma/web/plugs/o_auth_scopes_plug_test.exs @@ -169,42 +169,4 @@ defmodule Pleroma.Web.Plugs.OAuthScopesPlugTest do assert f.(["admin:read"], ["write", "admin"]) == ["admin:read"] end end - - describe "transform_scopes/2" do - setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage]) - - setup do - {:ok, %{f: &OAuthScopesPlug.transform_scopes/2}} - end - - test "with :admin option, prefixes all requested scopes with `admin:` " <> - "and [optionally] keeps only prefixed scopes, " <> - "depending on `[:auth, :enforce_oauth_admin_scope_usage]` setting", - %{f: f} do - clear_config([:auth, :enforce_oauth_admin_scope_usage], false) - - assert f.(["read"], %{admin: true}) == ["admin:read", "read"] - - assert f.(["read", "write"], %{admin: true}) == [ - "admin:read", - "read", - "admin:write", - "write" - ] - - clear_config([:auth, :enforce_oauth_admin_scope_usage], true) - - assert f.(["read:accounts"], %{admin: true}) == ["admin:read:accounts"] - - assert f.(["read", "write:reports"], %{admin: true}) == [ - "admin:read", - "admin:write:reports" - ] - end - - test "with no supported options, returns unmodified scopes", %{f: f} do - assert f.(["read"], %{}) == ["read"] - assert f.(["read", "write"], %{}) == ["read", "write"] - end - end end diff --git a/test/support/http_request_mock.ex b/test/support/http_request_mock.ex index 7da0a8380..1328d6225 100644 --- a/test/support/http_request_mock.ex +++ b/test/support/http_request_mock.ex @@ -275,6 +275,15 @@ defmodule HttpRequestMock do }} end + def get("https://peertube.stream/accounts/createurs", _, _, _) do + {:ok, + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/peertube/actor-person.json"), + headers: activitypub_object_headers() + }} + end + def get("https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3", _, _, _) do {:ok, %Tesla.Env{ |