Commit graph

4775 commits

Author SHA1 Message Date
Ivan Tashkinov
b27d8f7437 Merge remote-tracking branch 'remotes/origin/develop' into 2301-users-search-discoverability-fix
# Conflicts:
#	CHANGELOG.md
2020-11-19 19:35:44 +03:00
Ivan Tashkinov
e164c37139 [#2301] Proper handling of User.is_discoverable: users appear in in-service search but are hidden from external services like search bots. 2020-11-19 19:30:02 +03:00
Haelwenn
c8d11c3064 Merge branch '2317-old-reset-tokens' into 'develop'
Resolve "Don't allow old password reset tokens"

Closes #2317

See merge request pleroma/pleroma!3160
2020-11-19 16:22:14 +00:00
Ivan Tashkinov
fcad3e716a [#2301] Quick fix: users with is_discoverable == false (default!) are included in search results. 2020-11-19 18:08:22 +03:00
lain
11e0d5f9ac Password Resets: Don't accept tokens above a certain age.
By default, one day
2020-11-19 12:27:06 +01:00
minibikini
6669ac5bf7 Merge branch 'develop' into 'hide-muted-reactions'
# Conflicts:
#   CHANGELOG.md
2020-11-18 20:22:40 +00:00
lain
aae669d05e Merge branch 'fix/webpush-and-emojireact' into 'develop'
Push notifications: add pleroma:emoji_reaction, improve tests

Closes #2185

See merge request pleroma/pleroma!3141
2020-11-18 18:33:48 +00:00
lain
6b32e1de23 Merge branch 'frontend-admin-api' into 'develop'
Add an API to manage frontends

Closes #2238

See merge request pleroma/pleroma!3108
2020-11-18 17:51:57 +00:00
Mark Felder
415481a4d9 Add test for POST when push is disabled
Also group together the tests verifiying failure when disabled
2020-11-17 22:18:22 +00:00
Mark Felder
3eaa5335c9 Revert adding extra alert types here 2020-11-17 21:37:17 +00:00
Mark Felder
d9732fb7d3 Fix incorrect test description 2020-11-17 21:34:18 +00:00
Mark Felder
ff7a4b6aa2 Test that we ignore invalid subscription alert types separately. 2020-11-17 20:22:25 +00:00
Mark Felder
30f140e570 Ensure all supported push notification subscription alert types are tested 2020-11-17 20:22:25 +00:00
Mark Felder
499faa82f6 Synchronize reaction notification text with PleromaFE's style 2020-11-17 20:22:24 +00:00
Mark Felder
67a6abd071 Update OpenAPI spec/schema and test to verify support for pleroma:emoji_reaction subscriptions 2020-11-17 20:20:00 +00:00
Mark Felder
3ce11b830e Add capability for emoji reaction push notifications 2020-11-17 20:20:00 +00:00
lain
bb9650f3c2 FrontendController: Return error on installation error. 2020-11-17 16:43:07 +01:00
feld
d33b9e7b33 Merge branch 'remove/fedsockets' into 'develop'
Remove FedSockets

See merge request pleroma/pleroma!3155
2020-11-17 14:58:33 +00:00
Egor Kislitsyn
f69fe36ebf
Merge branch 'develop' into frontend-admin-api 2020-11-17 18:34:04 +04:00
Egor Kislitsyn
d48dbfab2b
Merge remote-tracking branch 'origin/develop' into hide-muted-reactions 2020-11-17 18:30:10 +04:00
Egor Kislitsyn
79d2d3f609
Merge branch 'develop' into hide-muted-reactions 2020-11-17 18:29:52 +04:00
rinpatch
2c55f7d7cb Remove FedSockets
Current FedSocket implementation has a bunch of problems. It doesn't
have proper error handling (in case of an error the server just doesn't
respond until the connection is closed, while the client doesn't match
any error messages and just assumes there has been an error after 15s)
and the code is full of bad descisions (see: fetch registry which uses
uuids for no reason and waits for a response by recursively querying a
 ets table until the value changes, or double JSON encoding).

Sometime ago I almost completed rewriting fedsockets from scrach to
adress these issues. However, while doing so, I realized that fedsockets
 are just too overkill for what they were trying to accomplish, which is
 reduce the overhead of federation by not signing every message.
This could be done without reimplementing failure states and endpoint
 logic we already have with HTTP by, for example, using TLS cert auth,
or switching to a more performant signature algorithm. I opened
https://git.pleroma.social/pleroma/pleroma/-/issues/2262 for further
discussion on alternatives to fedsockets.

From discussions I had with other Pleroma developers it seems like they
 would approve the descision to remove them as well,
therefore I am submitting this patch.
2020-11-17 17:28:30 +03:00
lain
61f86774d1 Merge branch 'chores/note-handling-move' into 'develop'
Chores/note handling move

See merge request pleroma/pleroma!3122
2020-11-17 14:16:53 +00:00
lain
fec1ed802e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/local-only-scope 2020-11-17 15:01:38 +01:00
lain
81293e5aad ActivityPubController: Don't return local only objects 2020-11-17 13:11:39 +01:00
Mark Felder
b1466661eb Use absolute URLs to thumbnail and background in /api/v1/instance 2020-11-16 21:29:15 +00:00
Egor Kislitsyn
fb41bd1a85 Hide reactions from muted and blocked users 2020-11-16 22:50:14 +04:00
Haelwenn
28da36975d Merge branch 'bugfix/instance-gen_exiftool' into 'develop'
pleroma.instance: Fix Exiftool module name

See merge request pleroma/pleroma!3143
2020-11-14 21:43:07 +00:00
Haelwenn (lanodan) Monnier
e2f573d68b
pleroma.instance: Fix Exiftool module name 2020-11-14 22:31:01 +01:00
lain
0d149502fe Merge branch 'fixes_2034_reports_should_send_a_notification_to_admins' into 'develop'
fixes 2034 Make notifs view work for reports

Closes #2034

See merge request pleroma/pleroma!2912
2020-11-13 13:35:47 +00:00
Ilja
70e4b86250 Make notifs view work for reports
* These are the first small steps for issue 2034 "Reports should send a notification to admins".
* I added a new type of notification "pleroma:report" to the the database manually (a migration will need to be written later)
* I added the new type to the notification_controller
* I made the view return the notification. It doesn't include the report itself (yet)
2020-11-13 13:35:46 +00:00
rinpatch
6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Haelwenn
99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
Mark Felder
966663c3f8 Fix tests for other attachment types 2020-11-11 16:17:35 -06:00
Mark Felder
2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00
Mark Felder
6fd72e9e85 Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
Egor Kislitsyn
d26a449396
Change endpoint path 2020-11-11 20:39:57 +04:00
Egor Kislitsyn
435bf1f945
Remove FrontendInstallerWorker 2020-11-11 20:12:35 +04:00
lain
631def2df2 RedirectController: Don't replace title, but inject into the meta 2020-11-11 17:10:59 +01:00
Egor Kislitsyn
08cbd655d1
Merge branch 'develop' into frontend-admin-api 2020-11-11 19:53:40 +04:00
Egor Kislitsyn
0118ccb53c
Add local visibility 2020-11-11 18:54:01 +04:00
feld
3cd7ea693f Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies

Closes #2222

See merge request pleroma/pleroma!3128
2020-11-11 13:48:03 +00:00
Alexander Strizhakov
f97f24b067
making credo happy and test fix 2020-11-11 10:48:03 +03:00
Alexander Strizhakov
485697d96c
config descriptions for custom MRF policies 2020-11-10 19:20:14 +03:00
lain
88f6b61a5e Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"

Closes #2260

See merge request pleroma/pleroma!3121
2020-11-10 11:04:19 +00:00
Alexander Strizhakov
0c68b9ac13
escaping summary and other fields in xml templates 2020-11-10 10:46:57 +03:00
rinpatch
cc45c69fff Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
 docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
 though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
2020-11-08 11:56:09 +03:00
Haelwenn (lanodan) Monnier
e010bb292b
NoteHandlingTest: Poison → Jason 2020-11-06 14:04:03 +01:00
Haelwenn (lanodan) Monnier
fa1f5d4442
Move TransmogrifierTest for Note to NoteHandlingTest 2020-11-06 08:57:16 +01:00
lain
6d850c46dc AdminEmail: Use AP id as user url. 2020-11-04 17:12:47 +01:00