import Ecto.Query
import Ecto, only: [assoc: 2]
- alias Comeonin.Pbkdf2
alias Ecto.Multi
alias Pleroma.Activity
alias Pleroma.Config
alias Pleroma.Formatter
alias Pleroma.HTML
alias Pleroma.Keys
+ alias Pleroma.MFA
alias Pleroma.Notification
alias Pleroma.Object
alias Pleroma.Registration
alias Pleroma.UserRelationship
alias Pleroma.Web
alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.Builder
alias Pleroma.Web.ActivityPub.ObjectValidators.Types
+ alias Pleroma.Web.ActivityPub.Pipeline
alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.CommonAPI.Utils, as: CommonUtils
field(:is_admin, :boolean, default: false)
field(:show_role, :boolean, default: true)
field(:settings, :map, default: nil)
- field(:magic_key, :string, default: nil)
field(:uri, Types.Uri, default: nil)
field(:hide_followers_count, :boolean, default: false)
field(:hide_follows_count, :boolean, default: false)
# `:subscribers` is deprecated (replaced with `subscriber_users` relation)
field(:subscribers, {:array, :string}, default: [])
+ embeds_one(
+ :multi_factor_authentication_settings,
+ MFA.Settings,
+ on_replace: :delete
+ )
+
timestamps()
end
def account_status(%User{password_reset_pending: true}), do: :password_reset_pending
def account_status(%User{confirmation_pending: true}) do
- case Config.get([:instance, :account_activation_required]) do
- true -> :confirmation_pending
- _ -> :active
+ if Config.get([:instance, :account_activation_required]) do
+ :confirmation_pending
+ else
+ :active
end
end
def account_status(%User{}), do: :active
- @spec visible_for?(User.t(), User.t() | nil) :: boolean()
- def visible_for?(user, for_user \\ nil)
+ @spec visible_for(User.t(), User.t() | nil) ::
+ boolean()
+ | :invisible
+ | :restricted_unauthenticated
+ | :deactivated
+ | :confirmation_pending
+ def visible_for(user, for_user \\ nil)
- def visible_for?(%User{invisible: true}, _), do: false
+ def visible_for(%User{invisible: true}, _), do: :invisible
- def visible_for?(%User{id: user_id}, %User{id: user_id}), do: true
+ def visible_for(%User{id: user_id}, %User{id: user_id}), do: true
- def visible_for?(%User{local: local} = user, nil) do
- cfg_key =
- if local,
- do: :local,
- else: :remote
+ def visible_for(%User{} = user, nil) do
+ if restrict_unauthenticated?(user) do
+ :restrict_unauthenticated
+ else
+ visible_account_status(user)
+ end
+ end
- if Config.get([:restrict_unauthenticated, :profiles, cfg_key]),
- do: false,
- else: account_status(user) == :active
+ def visible_for(%User{} = user, for_user) do
+ superuser?(for_user) || visible_account_status(user)
end
- def visible_for?(%User{} = user, for_user) do
- account_status(user) == :active || superuser?(for_user)
+ def visible_for(_, _), do: false
+
+ defp restrict_unauthenticated?(%User{local: local}) do
+ config_key = if local, do: :local, else: :remote
+
+ Config.get([:restrict_unauthenticated, :profiles, config_key], false)
end
- def visible_for?(_, _), do: false
+ defp visible_account_status(user) do
+ status = account_status(user)
+ status in [:active, :password_reset_pending] || status
+ end
@spec superuser?(User.t()) :: boolean()
def superuser?(%User{local: true, is_admin: true}), do: true
:banner,
:locked,
:last_refreshed_at,
- :magic_key,
:uri,
:follower_address,
:following_address,
def set_cache(%User{} = user) do
Cachex.put(:user_cache, "ap_id:#{user.ap_id}", user)
Cachex.put(:user_cache, "nickname:#{user.nickname}", user)
+ Cachex.put(:user_cache, "friends_ap_ids:#{user.nickname}", get_user_friends_ap_ids(user))
{:ok, user}
end
end
end
+ def get_user_friends_ap_ids(user) do
+ from(u in User.get_friends_query(user), select: u.ap_id)
+ |> Repo.all()
+ end
+
+ @spec get_cached_user_friends_ap_ids(User.t()) :: [String.t()]
+ def get_cached_user_friends_ap_ids(user) do
+ Cachex.fetch!(:user_cache, "friends_ap_ids:#{user.ap_id}", fn _ ->
+ get_user_friends_ap_ids(user)
+ end)
+ end
+
def invalidate_cache(user) do
Cachex.del(:user_cache, "ap_id:#{user.ap_id}")
Cachex.del(:user_cache, "nickname:#{user.nickname}")
+ Cachex.del(:user_cache, "friends_ap_ids:#{user.ap_id}")
end
@spec get_cached_by_ap_id(String.t()) :: User.t() | nil
end
end
+ @spec get_by_nickname(String.t()) :: User.t() | nil
def get_by_nickname(nickname) do
Repo.get_by(User, nickname: nickname) ||
if Regex.match?(~r(@#{Pleroma.Web.Endpoint.host()})i, nickname) do
end
@spec get_recipients_from_activity(Activity.t()) :: [User.t()]
- def get_recipients_from_activity(%Activity{recipients: to}) do
+ def get_recipients_from_activity(%Activity{recipients: to, actor: actor}) do
+ to = [actor | to]
+
User.Query.build(%{recipients_from_activity: to, local: true, deactivated: false})
|> Repo.all()
end
@spec perform(atom(), User.t()) :: {:ok, User.t()}
def perform(:delete, %User{} = user) do
- {:ok, _user} = ActivityPub.delete(user)
-
# Remove all relationships
user
|> get_followers()
end)
delete_user_activities(user)
- invalidate_cache(user)
- Repo.delete(user)
+
+ if user.local do
+ user
+ |> change(%{deactivated: true, email: nil})
+ |> update_and_set_cache()
+ else
+ invalidate_cache(user)
+ Repo.delete(user)
+ end
end
def perform(:deactivate_async, user, status), do: deactivate(user, status)
})
end
- def delete_user_activities(%User{ap_id: ap_id}) do
+ def delete_user_activities(%User{ap_id: ap_id} = user) do
ap_id
|> Activity.Queries.by_actor()
|> RepoStreamer.chunk_stream(50)
- |> Stream.each(fn activities -> Enum.each(activities, &delete_activity/1) end)
+ |> Stream.each(fn activities ->
+ Enum.each(activities, fn activity -> delete_activity(activity, user) end)
+ end)
|> Stream.run()
end
- defp delete_activity(%{data: %{"type" => "Create"}} = activity) do
- activity
- |> Object.normalize()
- |> ActivityPub.delete()
- end
-
- defp delete_activity(%{data: %{"type" => "Like"}} = activity) do
- object = Object.normalize(activity)
+ defp delete_activity(%{data: %{"type" => "Create", "object" => object}} = activity, user) do
+ with {_, %Object{}} <- {:find_object, Object.get_by_ap_id(object)},
+ {:ok, delete_data, _} <- Builder.delete(user, object) do
+ Pipeline.common_pipeline(delete_data, local: user.local)
+ else
+ {:find_object, nil} ->
+ # We have the create activity, but not the object, it was probably pruned.
+ # Insert a tombstone and try again
+ with {:ok, tombstone_data, _} <- Builder.tombstone(user.ap_id, object),
+ {:ok, _tombstone} <- Object.create(tombstone_data) do
+ delete_activity(activity, user)
+ end
- activity.actor
- |> get_cached_by_ap_id()
- |> ActivityPub.unlike(object)
+ e ->
+ Logger.error("Could not delete #{object} created by #{activity.data["ap_id"]}")
+ Logger.error("Error: #{inspect(e)}")
+ end
end
- defp delete_activity(%{data: %{"type" => "Announce"}} = activity) do
- object = Object.normalize(activity)
-
- activity.actor
- |> get_cached_by_ap_id()
- |> ActivityPub.unannounce(object)
+ defp delete_activity(%{data: %{"type" => type}} = activity, user)
+ when type in ["Like", "Announce"] do
+ {:ok, undo, _} = Builder.undo(user, activity)
+ Pipeline.common_pipeline(undo, local: user.local)
end
- defp delete_activity(_activity), do: "Doing nothing"
+ defp delete_activity(_activity, _user), do: "Doing nothing"
def html_filter_policy(%User{no_rich_text: true}) do
Pleroma.HTML.Scrubber.TwitterText
defp put_password_hash(
%Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset
) do
- change(changeset, password_hash: Pbkdf2.hashpwsalt(password))
+ change(changeset, password_hash: Pbkdf2.hash_pwd_salt(password))
end
defp put_password_hash(changeset), do: changeset