From 8123578bf818d6e28cabb27a0fe6fa888e3c9449 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 16 Jul 2019 12:47:40 +0900 Subject: Status View: Poll ids are strings. All ids in mastodon are strings, in general. --- lib/pleroma/web/mastodon_api/views/status_view.ex | 2 +- test/web/mastodon_api/status_view_test.exs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index 6836d331a..c183c9f4a 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -374,7 +374,7 @@ def render("poll.json", %{object: object} = opts) do %{ # Mastodon uses separate ids for polls, but an object can't have # more than one poll embedded so object id is fine - id: object.id, + id: to_string(object.id), expires_at: Utils.to_masto_date(end_time), expired: expired, multiple: multiple, diff --git a/test/web/mastodon_api/status_view_test.exs b/test/web/mastodon_api/status_view_test.exs index ec75150ab..0d8eefeb8 100644 --- a/test/web/mastodon_api/status_view_test.exs +++ b/test/web/mastodon_api/status_view_test.exs @@ -361,7 +361,7 @@ test "renders a poll" do expected = %{ emojis: [], expired: false, - id: object.id, + id: to_string(object.id), multiple: false, options: [ %{title: "absolutely!", votes_count: 0}, -- cgit v1.2.3 From ed639376ac64c367e8b55b74cf1eb0d99b3f7259 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 16 Jul 2019 14:01:18 +0900 Subject: Mastodon Controller: Fix tests. --- test/web/mastodon_api/mastodon_api_controller_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 03f57dbfa..152ba8137 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -3300,7 +3300,7 @@ test "returns poll entity for object id", %{conn: conn} do |> get("/api/v1/polls/#{object.id}") response = json_response(conn, 200) - id = object.id + id = to_string(object.id) assert %{"id" => ^id, "expired" => false, "multiple" => false} = response end -- cgit v1.2.3 From 494a611afe1dc872d0635701b781b04a84ee243d Mon Sep 17 00:00:00 2001 From: Roman Chvanikov Date: Wed, 3 Jul 2019 01:14:40 +0300 Subject: Fix migration --- .../migrations/20170522160642_case_insensivtivity.exs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/priv/repo/migrations/20170522160642_case_insensivtivity.exs b/priv/repo/migrations/20170522160642_case_insensivtivity.exs index c7565946e..470a545e5 100644 --- a/priv/repo/migrations/20170522160642_case_insensivtivity.exs +++ b/priv/repo/migrations/20170522160642_case_insensivtivity.exs @@ -2,18 +2,24 @@ defmodule Pleroma.Repo.Migrations.CaseInsensivtivity do use Ecto.Migration def up do - execute ("create extension if not exists citext") + execute("create extension if not exists citext") + + drop_if_exists(index(:users, [:email])) + alter table(:users) do - modify :email, :citext - modify :nickname, :citext + modify(:email, :citext) + modify(:nickname, :citext) end + + create_if_not_exists(index(:users, [:email])) end def down do alter table(:users) do - modify :email, :string - modify :nickname, :string + modify(:email, :string) + modify(:nickname, :string) end - execute ("drop extension if exists citext") + + execute("drop extension if exists citext") end end -- cgit v1.2.3 From 9e88ab2cad3684bc9740171fa525c78d3a7d37b8 Mon Sep 17 00:00:00 2001 From: Roman Chvanikov Date: Wed, 3 Jul 2019 14:56:02 +0300 Subject: Split alters rather than work with indexes --- .../repo/migrations/20170522160642_case_insensivtivity.exs | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/priv/repo/migrations/20170522160642_case_insensivtivity.exs b/priv/repo/migrations/20170522160642_case_insensivtivity.exs index 470a545e5..9a67727e9 100644 --- a/priv/repo/migrations/20170522160642_case_insensivtivity.exs +++ b/priv/repo/migrations/20170522160642_case_insensivtivity.exs @@ -1,22 +1,28 @@ defmodule Pleroma.Repo.Migrations.CaseInsensivtivity do use Ecto.Migration + # Two-steps alters are intentional. + # When alter of 2 columns is done in a single operation, + # inconsistent failures happen because of index on `email` column. + def up do execute("create extension if not exists citext") - drop_if_exists(index(:users, [:email])) - alter table(:users) do modify(:email, :citext) - modify(:nickname, :citext) end - create_if_not_exists(index(:users, [:email])) + alter table(:users) do + modify(:nickname, :citext) + end end def down do alter table(:users) do modify(:email, :string) + end + + alter table(:users) do modify(:nickname, :string) end -- cgit v1.2.3 From ccafecf9be46bc11e3080d531146d05e18f493d4 Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Fri, 12 Jul 2019 22:19:30 +0545 Subject: try to always match the filename for proxy url --- lib/pleroma/web/media_proxy/controller.ex | 7 ++++++- test/media_proxy_test.exs | 11 +++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index c0552d89f..f7772e9b0 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -35,10 +35,15 @@ def filename_matches(has_filename, path, url) do path = URI.decode(path) - if has_filename && filename && Path.basename(path) != filename do + if has_filename && filename && does_not_match(path, filename) do {:wrong_filename, filename} else :ok end end + + defp does_not_match(path, filename) do + basename = Path.basename(path) + basename != filename and URI.decode(basename) != filename and URI.encode(basename) != filename + end end diff --git a/test/media_proxy_test.exs b/test/media_proxy_test.exs index b23aeb88b..9c363dea8 100644 --- a/test/media_proxy_test.exs +++ b/test/media_proxy_test.exs @@ -124,6 +124,17 @@ test "filename_matches matches non-url encoded paths" do ) == :ok end + test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do + # conn.request_path will return encoded url + request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg" + + assert MediaProxyController.filename_matches( + true, + request_path, + "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg" + ) == :ok + end + test "uses the configured base_url" do base_url = Pleroma.Config.get([:media_proxy, :base_url]) -- cgit v1.2.3 From 1e5d889aec517cb1d66b1905f2cf04adada5d108 Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Fri, 12 Jul 2019 21:02:55 +0545 Subject: preserve the original path/filename (no encoding/decoding) for proxy --- lib/pleroma/web/media_proxy/controller.ex | 7 +------ test/media_proxy_test.exs | 16 ++++------------ 2 files changed, 5 insertions(+), 18 deletions(-) diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index f7772e9b0..a711b54e9 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -28,12 +28,7 @@ def remote(conn, %{"sig" => sig64, "url" => url64} = params) do end def filename_matches(has_filename, path, url) do - filename = - url - |> MediaProxy.filename() - |> URI.decode() - - path = URI.decode(path) + filename = url |> MediaProxy.filename() if has_filename && filename && does_not_match(path, filename) do {:wrong_filename, filename} diff --git a/test/media_proxy_test.exs b/test/media_proxy_test.exs index 9c363dea8..69e9bc9f4 100644 --- a/test/media_proxy_test.exs +++ b/test/media_proxy_test.exs @@ -96,10 +96,10 @@ test "validates signature" do assert decode_url(sig, base64) == {:error, :invalid_signature} end - test "filename_matches matches url encoded paths" do + test "filename_matches preserves the encoded or decoded path" do assert MediaProxyController.filename_matches( true, - "/Hello%20world.jpg", + "/Hello world.jpg", "http://pleroma.social/Hello world.jpg" ) == :ok @@ -108,19 +108,11 @@ test "filename_matches matches url encoded paths" do "/Hello%20world.jpg", "http://pleroma.social/Hello%20world.jpg" ) == :ok - end - test "filename_matches matches non-url encoded paths" do assert MediaProxyController.filename_matches( true, - "/Hello world.jpg", - "http://pleroma.social/Hello%20world.jpg" - ) == :ok - - assert MediaProxyController.filename_matches( - true, - "/Hello world.jpg", - "http://pleroma.social/Hello world.jpg" + "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg", + "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg" ) == :ok end -- cgit v1.2.3 From 6a35c151c6a92c41dd198aa994b95fd7ad4953c0 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 29 Jun 2019 22:24:03 +0300 Subject: Fix not being able to pin unlisted posts Closes #1038 --- CHANGELOG.md | 4 ++++ lib/pleroma/web/common_api/common_api.ex | 4 ++-- test/web/common_api/common_api_test.exs | 5 +++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9931131b3..c33683b49 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [1.0.2] - 2019-07-28 +### Fixed +- Not being able to pin unlisted posts + ## [1.0.1] - 2019-07-14 ### Security - OStatus: fix an object spoofing vulnerability. diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index f8df1e2ea..f71c67a3d 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -11,6 +11,7 @@ defmodule Pleroma.Web.CommonAPI do alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.ActivityPub.Visibility import Pleroma.Web.CommonAPI.Utils @@ -284,12 +285,11 @@ def pin(id_or_ap_id, %{ap_id: user_ap_id} = user) do }, object: %Object{ data: %{ - "to" => object_to, "type" => "Note" } } } = activity <- get_by_id_or_ap_id(id_or_ap_id), - true <- Enum.member?(object_to, "https://www.w3.org/ns/activitystreams#Public"), + true <- Visibility.is_public?(activity), %{valid?: true} = info_changeset <- User.Info.add_pinnned_activity(user.info, activity), changeset <- diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index e96106f11..6f57bbe1f 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -188,6 +188,11 @@ test "pin status", %{user: user, activity: activity} do assert %User{info: %{pinned_activities: [^id]}} = user end + test "unlisted statuses can be pinned", %{user: user} do + {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!", "visibility" => "unlisted"}) + assert {:ok, ^activity} = CommonAPI.pin(activity.id, user) + end + test "only self-authored can be pinned", %{activity: activity} do user = insert(:user) -- cgit v1.2.3 From 3ec6f34ef077e544118ece2f59b51689d034cf11 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 28 Jul 2019 22:41:31 +0000 Subject: update Changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c33683b49..a71802565 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [1.0.2] - 2019-07-28 ### Fixed - Not being able to pin unlisted posts +- Mastodon API: represent poll IDs as strings +- MediaProxy: fix matching filenames +- MediaProxy: fix filename encoding +- Migrations: fix a sporadic migration failure ## [1.0.1] - 2019-07-14 ### Security -- cgit v1.2.3 From 876b5b45a320cbd4670ff4ede3b4972eef2ea6d6 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sun, 30 Jun 2019 13:06:10 +0300 Subject: OTP Release install docs: Remove --dry-run in cron certbot command --- docs/installation/otp_en.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index fa71f23e1..9b851e395 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -207,7 +207,7 @@ certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ -- # Add it to the daily cron echo '#!/bin/sh -certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook "systemctl reload nginx" +certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx" ' > /etc/cron.daily/renew-pleroma-cert chmod +x /etc/cron.daily/renew-pleroma-cert @@ -228,7 +228,7 @@ certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ -- # Add it to the daily cron echo '#!/bin/sh -certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook "rc-service nginx reload" +certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "rc-service nginx reload" ' > /etc/periodic/daily/renew-pleroma-cert chmod +x /etc/periodic/daily/renew-pleroma-cert -- cgit v1.2.3 From fd4963006a629d8303de56c53a66c4c4b66d8609 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 12:16:32 +0300 Subject: OGP/TwitterCard: Add fallbacks in case the attachment key is nonexistent --- lib/pleroma/web/metadata/opengraph.ex | 2 ++ lib/pleroma/web/metadata/twitter_card.ex | 1 + 2 files changed, 3 insertions(+) diff --git a/lib/pleroma/web/metadata/opengraph.ex b/lib/pleroma/web/metadata/opengraph.ex index 357b80a2d..4033ec38f 100644 --- a/lib/pleroma/web/metadata/opengraph.ex +++ b/lib/pleroma/web/metadata/opengraph.ex @@ -121,4 +121,6 @@ defp build_attachments(%{data: %{"attachment" => attachments}}) do acc ++ rendered_tags end) end + + defp build_attachments(_), do: [] end diff --git a/lib/pleroma/web/metadata/twitter_card.ex b/lib/pleroma/web/metadata/twitter_card.ex index 040b872e7..9baf5ac97 100644 --- a/lib/pleroma/web/metadata/twitter_card.ex +++ b/lib/pleroma/web/metadata/twitter_card.ex @@ -116,6 +116,7 @@ defp build_attachments(id, %{data: %{"attachment" => attachments}}) do acc ++ rendered_tags end) end + defp build_attachments(_id, _object), do: [] defp player_url(id) do Pleroma.Web.Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :notice_player, id) -- cgit v1.2.3 From 48aed88dbd911f759416d0e404113cd6720e98d7 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 12:59:49 +0300 Subject: FallbackRedirector: Do not crash on Metadata rendering errors --- CHANGELOG.md | 1 + lib/pleroma/web/router.ex | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a71802565..739141e49 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - MediaProxy: fix matching filenames - MediaProxy: fix filename encoding - Migrations: fix a sporadic migration failure +- Metadata rendering crashes no longer result in 500 errors ## [1.0.1] - 2019-07-14 ### Security diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 055289dc5..ff9ed1640 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -724,6 +724,7 @@ defmodule Pleroma.Web.Router do defmodule Fallback.RedirectController do use Pleroma.Web, :controller + require Logger alias Pleroma.User alias Pleroma.Web.Metadata @@ -750,7 +751,20 @@ def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id} def redirector_with_meta(conn, params) do {:ok, index_content} = File.read(index_file_path()) - tags = Metadata.build_tags(params) + + tags = + try do + Metadata.build_tags(params) + rescue + e -> + Logger.error( + "Metadata rendering for #{conn.request_path} failed.\n" <> + Exception.format(:error, e, __STACKTRACE__) + ) + + "" + end + response = String.replace(index_content, "", tags) conn -- cgit v1.2.3 From 0c028f345ac3e812288ad8a1b374418f22d07835 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 13:00:45 +0300 Subject: Enable OpenGraph and TwitterCard by default Closes #1034 --- config/config.exs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index 05f67abb2..ed7abb83e 100644 --- a/config/config.exs +++ b/config/config.exs @@ -359,7 +359,11 @@ port: 9999 config :pleroma, Pleroma.Web.Metadata, - providers: [Pleroma.Web.Metadata.Providers.RelMe], + providers: [ + Pleroma.Web.Metadata.Providers.OpenGraph, + Pleroma.Web.Metadata.Providers.TwitterCard, + Pleroma.Web.Metadata.Providers.RelMe + ], unfurl_nsfw: false config :pleroma, :suggestions, -- cgit v1.2.3 From 7486a917d4a64ae55401ae2553200de7a03627dd Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 13:04:14 +0300 Subject: Improve wording in CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 739141e49..be4a1c9ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - MediaProxy: fix matching filenames - MediaProxy: fix filename encoding - Migrations: fix a sporadic migration failure -- Metadata rendering crashes no longer result in 500 errors +- Metadata rendering errors resulting in the entire page being inaccessible ## [1.0.1] - 2019-07-14 ### Security -- cgit v1.2.3 From 67c5e6541eaefd2b8742d6701ced9d8742300a55 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 14:05:57 +0300 Subject: Formatting --- lib/pleroma/web/metadata/twitter_card.ex | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/pleroma/web/metadata/twitter_card.ex b/lib/pleroma/web/metadata/twitter_card.ex index 9baf5ac97..8dd01e0d5 100644 --- a/lib/pleroma/web/metadata/twitter_card.ex +++ b/lib/pleroma/web/metadata/twitter_card.ex @@ -116,6 +116,7 @@ defp build_attachments(id, %{data: %{"attachment" => attachments}}) do acc ++ rendered_tags end) end + defp build_attachments(_id, _object), do: [] defp player_url(id) do -- cgit v1.2.3 From 15aaffc6d845163ec668a9a39da4d9ed830562f7 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 8 Jul 2019 14:13:30 +0300 Subject: Add a changelog entry for changing the defaults --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index be4a1c9ea..a2aedd3e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Migrations: fix a sporadic migration failure - Metadata rendering errors resulting in the entire page being inaccessible +### Changed +- Configuration: OpenGraph and TwitterCard providers enabled by default +- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text + ## [1.0.1] - 2019-07-14 ### Security - OStatus: fix an object spoofing vulnerability. -- cgit v1.2.3 From 109e7813c930363152cb091b91eb330ab6f6b46a Mon Sep 17 00:00:00 2001 From: tom79 Date: Fri, 19 Jul 2019 08:39:22 +0000 Subject: Update clients.md for Fedilab - Change owner (@fedilab@framapiaf.org), Source code: Framagit, Add some other supported features --- docs/clients.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/clients.md b/docs/clients.md index 30358c210..dc4ab37b1 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -31,10 +31,11 @@ Feel free to contact us to be added to this list! - Features: No Streaming ### Fedilab -- Source Code: -- Contact: [@tom79@mastodon.social](https://mastodon.social/users/tom79) +- Homepage: +- Source Code: +- Contact: [@fedilab@mastodon.social](https://framapiaf.org/users/fedilab) - Platforms: Android -- Features: Streaming Ready +- Features: Streaming Ready, Moderation, Text Formatting ### Nekonium - Homepage: [F-Droid Repository](https://repo.gdgd.jp.net/), [Google Play](https://play.google.com/store/apps/details?id=com.apps.nekonium), [Amazon](https://www.amazon.co.jp/dp/B076FXPRBC/) -- cgit v1.2.3 From 1c364f74079a67a4f7c1cb805184b35c82e58c77 Mon Sep 17 00:00:00 2001 From: tom79 Date: Fri, 19 Jul 2019 08:40:47 +0000 Subject: Fix domain for the contact clients.md --- docs/clients.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/clients.md b/docs/clients.md index dc4ab37b1..9029361f8 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -33,7 +33,7 @@ Feel free to contact us to be added to this list! ### Fedilab - Homepage: - Source Code: -- Contact: [@fedilab@mastodon.social](https://framapiaf.org/users/fedilab) +- Contact: [@fedilab@framapiaf.org](https://framapiaf.org/users/fedilab) - Platforms: Android - Features: Streaming Ready, Moderation, Text Formatting -- cgit v1.2.3 From 8b1b3e84f4a606c71ea62771ea1ff7bd4971c290 Mon Sep 17 00:00:00 2001 From: "Bradley D. Thornton" Date: Wed, 17 Jul 2019 22:35:16 +0000 Subject: Update otp_en.md - Added creation of initial admin user --- docs/installation/otp_en.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/installation/otp_en.md b/docs/installation/otp_en.md index 9b851e395..5b50e1838 100644 --- a/docs/installation/otp_en.md +++ b/docs/installation/otp_en.md @@ -242,6 +242,14 @@ So for example, if the task is `mix pleroma.user set admin --admin`, you should ```sh su pleroma -s $SHELL -lc "./bin/pleroma_ctl user set admin --admin" ``` + +## Create your first user and set as admin +```sh +cd /opt/pleroma/bin +su pleroma -s $SHELL -lc "./bin/pleroma_ctl user new joeuser joeuser@sld.tld --admin" +``` +This will create an account withe the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password. + ### Updating Generally, doing the following is enough: ```sh -- cgit v1.2.3 From 2914f8a7498636e99c2feba389c89ef5fb67ca58 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Fri, 12 Jul 2019 23:52:26 +0300 Subject: Merge the default options with custom ones in ReverseProxy and Pleroma.HTTP --- lib/pleroma/http/connection.ex | 2 +- lib/pleroma/http/http.ex | 5 +---- lib/pleroma/reverse_proxy.ex | 5 +++-- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/pleroma/http/connection.ex b/lib/pleroma/http/connection.ex index c216cdcb1..a1460d303 100644 --- a/lib/pleroma/http/connection.ex +++ b/lib/pleroma/http/connection.ex @@ -29,7 +29,7 @@ def new(opts \\ []) do # fetch Hackney options # - defp hackney_options(opts) do + def hackney_options(opts) do options = Keyword.get(opts, :adapter, []) adapter_options = Pleroma.Config.get([:http, :adapter], []) proxy_url = Pleroma.Config.get([:http, :proxy_url], nil) diff --git a/lib/pleroma/http/http.ex b/lib/pleroma/http/http.ex index c96ee7353..dec24458a 100644 --- a/lib/pleroma/http/http.ex +++ b/lib/pleroma/http/http.ex @@ -65,10 +65,7 @@ defp process_sni_options(options, url) do end def process_request_options(options) do - case Pleroma.Config.get([:http, :proxy_url]) do - nil -> options - proxy -> options ++ [proxy: proxy] - end + Keyword.merge(Pleroma.HTTP.Connection.hackney_options([]), options) end @doc """ diff --git a/lib/pleroma/reverse_proxy.ex b/lib/pleroma/reverse_proxy.ex index de0f6e1bc..7e537743b 100644 --- a/lib/pleroma/reverse_proxy.ex +++ b/lib/pleroma/reverse_proxy.ex @@ -61,7 +61,7 @@ defmodule Pleroma.ReverseProxy do * `http`: options for [hackney](https://github.com/benoitc/hackney). """ - @default_hackney_options [] + @default_hackney_options [pool: :media] @inline_content_types [ "image/gif", @@ -94,7 +94,8 @@ def call(_conn, _url, _opts \\ []) def call(conn = %{method: method}, url, opts) when method in @methods do hackney_opts = - @default_hackney_options + Pleroma.HTTP.Connection.hackney_options([]) + |> Keyword.merge(@default_hackney_options) |> Keyword.merge(Keyword.get(opts, :http, [])) |> HTTP.process_request_options() -- cgit v1.2.3 From 14263585380dfeb64a4e0073e030c3ea7df619df Mon Sep 17 00:00:00 2001 From: rinpatch Date: Fri, 12 Jul 2019 23:53:21 +0300 Subject: Workaround for remote server certificate chain issues --- config/config.exs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/config.exs b/config/config.exs index ed7abb83e..872ee3b00 100644 --- a/config/config.exs +++ b/config/config.exs @@ -194,6 +194,8 @@ send_user_agent: true, adapter: [ ssl_options: [ + # Workaround for remote server certificate chain issues + partial_chain: &:hackney_connect.partial_chain/1, # We don't support TLS v1.3 yet versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"] ] -- cgit v1.2.3 From 99989758ff8ca90d24e7d89de232062777acb550 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 13 Jul 2019 02:04:26 +0300 Subject: Add a changelog entry for tolerating incorrect chain order --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a2aedd3e9..486e43528 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - MediaProxy: fix filename encoding - Migrations: fix a sporadic migration failure - Metadata rendering errors resulting in the entire page being inaccessible +- Federation/MediaProxy not working with instances that have wrong certificate order ### Changed - Configuration: OpenGraph and TwitterCard providers enabled by default -- cgit v1.2.3 From 2b38961bf6f7eee88336a4a9b08cc650d668886d Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Sun, 28 Jul 2019 20:24:39 +0000 Subject: Handle 303 redirects --- lib/pleroma/http/connection.ex | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/pleroma/http/connection.ex b/lib/pleroma/http/connection.ex index a1460d303..7e2c6f5e8 100644 --- a/lib/pleroma/http/connection.ex +++ b/lib/pleroma/http/connection.ex @@ -11,6 +11,7 @@ defmodule Pleroma.HTTP.Connection do connect_timeout: 10_000, recv_timeout: 20_000, follow_redirect: true, + force_redirect: true, pool: :federation ] @adapter Application.get_env(:tesla, :adapter) -- cgit v1.2.3 From f685e887b36d97c374c73ab51c990efc2a2ca648 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 28 Jul 2019 21:29:10 +0000 Subject: transmogrifier: use User.delete() instead of handrolled user deletion code for remote users Closes #1104 --- CHANGELOG.md | 1 + lib/pleroma/web/activity_pub/transmogrifier.ex | 14 ++++++- test/notification_test.exs | 58 ++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 486e43528..ef4456d58 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Migrations: fix a sporadic migration failure - Metadata rendering errors resulting in the entire page being inaccessible - Federation/MediaProxy not working with instances that have wrong certificate order +- ActivityPub S2S: remote user deletions now work the same as local user deletions. ### Changed - Configuration: OpenGraph and TwitterCard providers enabled by default diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index 3bb8b40b5..591227af2 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -614,7 +614,7 @@ def handle_incoming( # an error or a tombstone. This would allow us to verify that a deletion actually took # place. def handle_incoming( - %{"type" => "Delete", "object" => object_id, "actor" => _actor, "id" => _id} = data + %{"type" => "Delete", "object" => object_id, "actor" => actor, "id" => _id} = data ) do object_id = Utils.get_ap_id(object_id) @@ -625,7 +625,17 @@ def handle_incoming( {:ok, activity} <- ActivityPub.delete(object, false) do {:ok, activity} else - _e -> :error + nil -> + case User.get_cached_by_ap_id(object_id) do + %User{ap_id: ^actor} = user -> + User.delete(user) + + nil -> + :error + end + + _e -> + :error end end diff --git a/test/notification_test.exs b/test/notification_test.exs index 1d36f14bf..8fee2bd81 100644 --- a/test/notification_test.exs +++ b/test/notification_test.exs @@ -531,5 +531,63 @@ test "replying to a deleted post without tagging does not generate a notificatio assert Enum.empty?(Notification.for_user(user)) end + + test "notifications are deleted if a local user is deleted" do + user = insert(:user) + other_user = insert(:user) + + {:ok, _activity} = + CommonAPI.post(user, %{"status" => "hi @#{other_user.nickname}", "visibility" => "direct"}) + + refute Enum.empty?(Notification.for_user(other_user)) + + User.delete(user) + + assert Enum.empty?(Notification.for_user(other_user)) + end + + test "notifications are deleted if a remote user is deleted" do + remote_user = insert(:user) + local_user = insert(:user) + + dm_message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "type" => "Create", + "actor" => remote_user.ap_id, + "id" => remote_user.ap_id <> "/activities/test", + "to" => [local_user.ap_id], + "cc" => [], + "object" => %{ + "type" => "Note", + "content" => "Hello!", + "tag" => [ + %{ + "type" => "Mention", + "href" => local_user.ap_id, + "name" => "@#{local_user.nickname}" + } + ], + "to" => [local_user.ap_id], + "cc" => [], + "attributedTo" => remote_user.ap_id + } + } + + {:ok, _dm_activity} = Transmogrifier.handle_incoming(dm_message) + + refute Enum.empty?(Notification.for_user(local_user)) + + delete_user_message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "id" => remote_user.ap_id <> "/activities/delete", + "actor" => remote_user.ap_id, + "type" => "Delete", + "object" => remote_user.ap_id + } + + {:ok, _delete_activity} = Transmogrifier.handle_incoming(delete_user_message) + + assert Enum.empty?(Notification.for_user(local_user)) + end end end -- cgit v1.2.3 From 3e3b00f658a9e30ea21923cf28a180db5ddb86f5 Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 15 Jul 2019 16:47:39 +0900 Subject: Dependencies: Update tzdata and related packages. --- mix.exs | 1 + mix.lock | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/mix.exs b/mix.exs index 695520ff7..305b072fa 100644 --- a/mix.exs +++ b/mix.exs @@ -95,6 +95,7 @@ defp oauth_deps do defp deps do [ {:phoenix, "~> 1.4.8"}, + {:tzdata, "~> 1.0"}, {:plug_cowboy, "~> 2.0"}, {:phoenix_pubsub, "~> 1.1"}, {:phoenix_ecto, "~> 4.0"}, diff --git a/mix.lock b/mix.lock index cae8d7d84..699a2ee2e 100644 --- a/mix.lock +++ b/mix.lock @@ -6,7 +6,7 @@ "benchee": {:hex, :benchee, "1.0.1", "66b211f9bfd84bd97e6d1beaddf8fc2312aaabe192f776e8931cb0c16f53a521", [:mix], [{:deep_merge, "~> 1.0", [hex: :deep_merge, repo: "hexpm", optional: false]}], "hexpm"}, "bunt": {:hex, :bunt, "0.2.0", "951c6e801e8b1d2cbe58ebbd3e616a869061ddadcc4863d0a2182541acae9a38", [:mix], [], "hexpm"}, "cachex": {:hex, :cachex, "3.0.2", "1351caa4e26e29f7d7ec1d29b53d6013f0447630bbf382b4fb5d5bad0209f203", [:mix], [{:eternal, "~> 1.2", [hex: :eternal, repo: "hexpm", optional: false]}, {:unsafe, "~> 1.0", [hex: :unsafe, repo: "hexpm", optional: false]}], "hexpm"}, - "calendar": {:hex, :calendar, "0.17.4", "22c5e8d98a4db9494396e5727108dffb820ee0d18fed4b0aa8ab76e4f5bc32f1", [:mix], [{:tzdata, "~> 0.5.8 or ~> 0.1.201603", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, + "calendar": {:hex, :calendar, "0.17.6", "ec291cb2e4ba499c2e8c0ef5f4ace974e2f9d02ae9e807e711a9b0c7850b9aee", [:mix], [{:tzdata, "~> 0.5.20 or ~> 0.1.201603 or ~> 1.0", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, "certifi": {:hex, :certifi, "2.5.1", "867ce347f7c7d78563450a18a6a28a8090331e77fa02380b4a21962a65d36ee5", [:rebar3], [{:parse_trans, "~>3.3", [hex: :parse_trans, repo: "hexpm", optional: false]}], "hexpm"}, "combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm"}, "comeonin": {:hex, :comeonin, "4.1.1", "c7304fc29b45b897b34142a91122bc72757bc0c295e9e824999d5179ffc08416", [:mix], [{:argon2_elixir, "~> 1.2", [hex: :argon2_elixir, repo: "hexpm", optional: true]}, {:bcrypt_elixir, "~> 0.12.1 or ~> 1.0", [hex: :bcrypt_elixir, repo: "hexpm", optional: true]}, {:pbkdf2_elixir, "~> 0.12", [hex: :pbkdf2_elixir, repo: "hexpm", optional: true]}], "hexpm"}, @@ -81,9 +81,9 @@ "syslog": {:git, "https://github.com/Vagabond/erlang-syslog.git", "4a6c6f2c996483e86c1320e9553f91d337bcb6aa", [tag: "1.0.5"]}, "telemetry": {:hex, :telemetry, "0.4.0", "8339bee3fa8b91cb84d14c2935f8ecf399ccd87301ad6da6b71c09553834b2ab", [:rebar3], [], "hexpm"}, "tesla": {:hex, :tesla, "1.2.1", "864783cc27f71dd8c8969163704752476cec0f3a51eb3b06393b3971dc9733ff", [:mix], [{:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "~> 4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, - "timex": {:hex, :timex, "3.5.0", "b0a23167da02d0fe4f1a4e104d1f929a00d348502b52432c05de875d0b9cffa5", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, + "timex": {:hex, :timex, "3.6.1", "efdf56d0e67a6b956cc57774353b0329c8ab7726766a11547e529357ffdc1d56", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5 or ~> 1.0.0", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, "trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, - "tzdata": {:hex, :tzdata, "0.5.20", "304b9e98a02840fb32a43ec111ffbe517863c8566eb04a061f1c4dbb90b4d84c", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, + "tzdata": {:hex, :tzdata, "1.0.1", "f6027a331af7d837471248e62733c6ebee86a72e57c613aa071ebb1f750fc71a", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, "ueberauth": {:hex, :ueberauth, "0.6.1", "9e90d3337dddf38b1ca2753aca9b1e53d8a52b890191cdc55240247c89230412", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, "unicode_util_compat": {:hex, :unicode_util_compat, "0.4.1", "d869e4c68901dd9531385bb0c8c40444ebf624e60b6962d95952775cac5e90cd", [:rebar3], [], "hexpm"}, "unsafe": {:hex, :unsafe, "1.0.0", "7c21742cd05380c7875546b023481d3a26f52df8e5dfedcb9f958f322baae305", [:mix], [], "hexpm"}, -- cgit v1.2.3 From d9aacbec4d8e787ff9f62427a120d28366463a7f Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Sun, 28 Jul 2019 23:15:19 +0000 Subject: mix: update version to 1.0.2 --- mix.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mix.exs b/mix.exs index 305b072fa..32ff66d75 100644 --- a/mix.exs +++ b/mix.exs @@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do def project do [ app: :pleroma, - version: version("1.0.1"), + version: version("1.0.2"), elixir: "~> 1.7", elixirc_paths: elixirc_paths(Mix.env()), compilers: [:phoenix, :gettext] ++ Mix.compilers(), -- cgit v1.2.3