+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
- alias Pleroma.{User, Activity, Repo, Object}
+ alias Pleroma.UserInviteToken
+ alias Pleroma.User
+ alias Pleroma.Activity
+ alias Pleroma.Repo
+ alias Pleroma.Object
+ alias Pleroma.UserEmail
+ alias Pleroma.Mailer
alias Pleroma.Web.ActivityPub.ActivityPub
- alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
+ alias Pleroma.Web.TwitterAPI.UserView
+ alias Pleroma.Web.CommonAPI
import Ecto.Query
- def create_status(user = %User{}, data = %{}) do
- attachments = Enum.map(data["media_ids"] || [], fn (media_id) ->
- Repo.get(Object, media_id).data
- end)
-
- context = ActivityPub.generate_context_id
-
- content = HtmlSanitizeEx.strip_tags(data["status"])
-
- mentions = parse_mentions(content)
-
- default_to = [
- User.ap_followers(user),
- "https://www.w3.org/ns/activitystreams#Public"
- ]
-
- to = default_to ++ Enum.map(mentions, fn ({_, %{ap_id: ap_id}}) -> ap_id end)
-
- content_html = add_user_links(content, mentions)
-
- date = make_date()
-
- activity = %{
- "type" => "Create",
- "to" => to,
- "actor" => user.ap_id,
- "object" => %{
- "type" => "Note",
- "to" => to,
- "content" => content_html,
- "published" => date,
- "context" => context,
- "attachment" => attachments
- },
- "published" => date,
- "context" => context
- }
-
- # Wire up reply info.
- activity = with inReplyToId when not is_nil(inReplyToId) <- data["in_reply_to_status_id"],
- inReplyTo <- Repo.get(Activity, inReplyToId),
- context <- inReplyTo.data["context"]
- do
-
- to = activity["to"] ++ [inReplyTo.data["actor"]]
+ def create_status(%User{} = user, %{"status" => _} = data) do
+ CommonAPI.post(user, data)
+ end
- activity
- |> put_in(["to"], to)
- |> put_in(["context"], context)
- |> put_in(["object", "context"], context)
- |> put_in(["object", "inReplyTo"], inReplyTo.data["object"]["id"])
- |> put_in(["object", "inReplyToStatusId"], inReplyToId)
- |> put_in(["statusnetConversationId"], inReplyTo.data["statusnetConversationId"])
- |> put_in(["object", "statusnetConversationId"], inReplyTo.data["statusnetConversationId"])
- else _e ->
- activity
- end
+ def delete(%User{} = user, id) do
+ with %Activity{data: %{"type" => _type}} <- Repo.get(Activity, id),
+ {:ok, activity} <- CommonAPI.delete(id, user) do
+ {:ok, activity}
+ end
+ end
- with {:ok, activity} <- ActivityPub.insert(activity) do
- add_conversation_id(activity)
+ def follow(%User{} = follower, params) do
+ with {:ok, %User{} = followed} <- get_user(params),
+ {:ok, follower} <- User.maybe_direct_follow(follower, followed),
+ {:ok, activity} <- ActivityPub.follow(follower, followed),
+ {:ok, follower, followed} <-
+ User.wait_and_refresh(
+ Pleroma.Config.get([:activitypub, :follow_handshake_timeout]),
+ follower,
+ followed
+ ) do
+ {:ok, follower, followed, activity}
+ else
+ err -> err
end
end
- def fetch_friend_statuses(user, opts \\ %{}) do
- ActivityPub.fetch_activities([user.ap_id | user.following], opts)
- |> activities_to_statuses(%{for: user})
+ def unfollow(%User{} = follower, params) do
+ with {:ok, %User{} = unfollowed} <- get_user(params),
+ {:ok, follower, _follow_activity} <- User.unfollow(follower, unfollowed),
+ {:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed) do
+ {:ok, follower, unfollowed}
+ else
+ err -> err
+ end
end
- def fetch_public_statuses(user, opts \\ %{}) do
- ActivityPub.fetch_public_activities(opts)
- |> activities_to_statuses(%{for: user})
+ def block(%User{} = blocker, params) do
+ with {:ok, %User{} = blocked} <- get_user(params),
+ {:ok, blocker} <- User.block(blocker, blocked),
+ {:ok, _activity} <- ActivityPub.block(blocker, blocked) do
+ {:ok, blocker, blocked}
+ else
+ err -> err
+ end
end
- def fetch_conversation(user, id) do
- query = from activity in Activity,
- where: fragment("? @> ?", activity.data, ^%{ statusnetConversationId: id}),
- limit: 1
+ def unblock(%User{} = blocker, params) do
+ with {:ok, %User{} = blocked} <- get_user(params),
+ {:ok, blocker} <- User.unblock(blocker, blocked),
+ {:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
+ {:ok, blocker, blocked}
+ else
+ err -> err
+ end
+ end
- with %Activity{} = activity <- Repo.one(query),
- context <- activity.data["context"],
- activities <- ActivityPub.fetch_activities_for_context(context),
- statuses <- activities |> activities_to_statuses(%{for: user})
- do
- statuses
- else e ->
- IO.inspect(e)
- []
+ def repeat(%User{} = user, ap_id_or_id) do
+ with {:ok, _announce, %{data: %{"id" => id}}} <- CommonAPI.repeat(ap_id_or_id, user),
+ %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
+ {:ok, activity}
end
end
- def fetch_status(user, id) do
- with %Activity{} = activity <- Repo.get(Activity, id) do
- activity_to_status(activity, %{for: user})
+ def unrepeat(%User{} = user, ap_id_or_id) do
+ with {:ok, _unannounce, %{data: %{"id" => id}}} <- CommonAPI.unrepeat(ap_id_or_id, user),
+ %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
+ {:ok, activity}
end
end
- def follow(%User{} = follower, params) do
- with %User{} = followed <- get_user(params),
- { :ok, follower } <- User.follow(follower, followed),
- { :ok, activity } <- ActivityPub.insert(%{
- "type" => "Follow",
- "actor" => follower.ap_id,
- "object" => followed.ap_id,
- "published" => make_date()
- })
- do
- { :ok, follower, followed, activity }
+ def pin(%User{} = user, ap_id_or_id) do
+ CommonAPI.pin(ap_id_or_id, user)
+ end
+
+ def unpin(%User{} = user, ap_id_or_id) do
+ CommonAPI.unpin(ap_id_or_id, user)
+ end
+
+ def fav(%User{} = user, ap_id_or_id) do
+ with {:ok, _fav, %{data: %{"id" => id}}} <- CommonAPI.favorite(ap_id_or_id, user),
+ %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
+ {:ok, activity}
end
end
- def unfollow(%User{} = follower, followed_id) do
- with %User{} = followed <- Repo.get(User, followed_id),
- { :ok, follower } <- User.unfollow(follower, followed)
- do
- { :ok, follower, followed }
+ def unfav(%User{} = user, ap_id_or_id) do
+ with {:ok, _unfav, _fav, %{data: %{"id" => id}}} <- CommonAPI.unfavorite(ap_id_or_id, user),
+ %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do
+ {:ok, activity}
end
end
- def upload(%Plug.Upload{} = file) do
- {:ok, object} = ActivityPub.upload(file)
+ def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do
+ {:ok, object} = ActivityPub.upload(file, actor: User.ap_id(user))
url = List.first(object.data["url"])
href = url["href"]
type = url["mediaType"]
- # Fake this as good as possible...
- """
- <?xml version="1.0" encoding="UTF-8"?>
- <rsp stat="ok" xmlns:atom="http://www.w3.org/2005/Atom">
- <mediaid>#{object.id}</mediaid>
- <media_id>#{object.id}</media_id>
- <media_id_string>#{object.id}</media_id_string>
- <media_url>#{href}</media_url>
- <mediaurl>#{href}</mediaurl>
- <atom:link rel="enclosure" href="#{href}" type="#{type}"></atom:link>
- </rsp>
- """
+ case format do
+ "xml" ->
+ # Fake this as good as possible...
+ """
+ <?xml version="1.0" encoding="UTF-8"?>
+ <rsp stat="ok" xmlns:atom="http://www.w3.org/2005/Atom">
+ <mediaid>#{object.id}</mediaid>
+ <media_id>#{object.id}</media_id>
+ <media_id_string>#{object.id}</media_id_string>
+ <media_url>#{href}</media_url>
+ <mediaurl>#{href}</mediaurl>
+ <atom:link rel="enclosure" href="#{href}" type="#{type}"></atom:link>
+ </rsp>
+ """
+
+ "json" ->
+ %{
+ media_id: object.id,
+ media_id_string: "#{object.id}}",
+ media_url: href,
+ size: 0
+ }
+ |> Jason.encode!()
+ end
end
- def parse_mentions(text) do
- # Modified from https://www.w3.org/TR/html5/forms.html#valid-e-mail-address
- regex = ~r/@[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@?[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*/
+ def register_user(params) do
+ tokenString = params["token"]
+
+ params = %{
+ nickname: params["nickname"],
+ name: params["fullname"],
+ bio: User.parse_bio(params["bio"]),
+ email: params["email"],
+ password: params["password"],
+ password_confirmation: params["confirm"],
+ captcha_solution: params["captcha_solution"],
+ captcha_token: params["captcha_token"],
+ captcha_answer_data: params["captcha_answer_data"]
+ }
+
+ captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
+ # true if captcha is disabled or enabled and valid, false otherwise
+ captcha_ok =
+ if !captcha_enabled do
+ :ok
+ else
+ Pleroma.Captcha.validate(
+ params[:captcha_token],
+ params[:captcha_solution],
+ params[:captcha_answer_data]
+ )
+ end
+
+ # Captcha invalid
+ if captcha_ok != :ok do
+ {:error, error} = captcha_ok
+ # I have no idea how this error handling works
+ {:error, %{error: Jason.encode!(%{captcha: [error]})}}
+ else
+ registrations_open = Pleroma.Config.get([:instance, :registrations_open])
+
+ # no need to query DB if registration is open
+ token =
+ unless registrations_open || is_nil(tokenString) do
+ Repo.get_by(UserInviteToken, %{token: tokenString})
+ end
+
+ cond do
+ registrations_open || (!is_nil(token) && !token.used) ->
+ changeset = User.register_changeset(%User{}, params)
- Regex.scan(regex, text)
- |> List.flatten
- |> Enum.uniq
- |> Enum.map(fn ("@" <> match = full_match) -> {full_match, Repo.get_by(User, nickname: match)} end)
- |> Enum.filter(fn ({_match, user}) -> user end)
+ with {:ok, user} <- User.register(changeset) do
+ !registrations_open && UserInviteToken.mark_as_used(token.token)
+
+ {:ok, user}
+ else
+ {:error, changeset} ->
+ errors =
+ Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
+ |> Jason.encode!()
+
+ {:error, %{error: errors}}
+ end
+
+ !registrations_open && is_nil(token) ->
+ {:error, "Invalid token"}
+
+ !registrations_open && token.used ->
+ {:error, "Expired token"}
+ end
+ end
end
- def add_user_links(text, mentions) do
- Enum.reduce(mentions, text, fn ({match, %User{ap_id: ap_id}}, text) -> String.replace(text, match, "<a href='#{ap_id}'>#{match}</a>") end)
+ def password_reset(nickname_or_email) do
+ with true <- is_binary(nickname_or_email),
+ %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email),
+ {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do
+ user
+ |> UserEmail.password_reset_email(token_record.token)
+ |> Mailer.deliver()
+ else
+ false ->
+ {:error, "bad user identifier"}
+
+ %User{local: false} ->
+ {:error, "remote user"}
+
+ nil ->
+ {:error, "unknown user"}
+ end
end
- defp add_conversation_id(activity) do
- if is_integer(activity.data["statusnetConversationId"]) do
- {:ok, activity}
+ def get_by_id_or_nickname(id_or_nickname) do
+ if !is_integer(id_or_nickname) && :error == Integer.parse(id_or_nickname) do
+ Repo.get_by(User, nickname: id_or_nickname)
else
- data = activity.data
- |> put_in(["object", "statusnetConversationId"], activity.id)
- |> put_in(["statusnetConversationId"], activity.id)
+ Repo.get(User, id_or_nickname)
+ end
+ end
+
+ def get_user(user \\ nil, params) do
+ case params do
+ %{"user_id" => user_id} ->
+ case target = get_by_id_or_nickname(user_id) do
+ nil ->
+ {:error, "No user with such user_id"}
+
+ _ ->
+ {:ok, target}
+ end
+
+ %{"screen_name" => nickname} ->
+ case target = Repo.get_by(User, nickname: nickname) do
+ nil ->
+ {:error, "No user with such screen_name"}
+
+ _ ->
+ {:ok, target}
+ end
+
+ _ ->
+ if user do
+ {:ok, user}
+ else
+ {:error, "You need to specify screen_name or user_id"}
+ end
+ end
+ end
- changeset = Ecto.Changeset.change(activity, data: data)
- Repo.update(changeset)
+ defp parse_int(string, default)
+
+ defp parse_int(string, default) when is_binary(string) do
+ with {n, _} <- Integer.parse(string) do
+ n
+ else
+ _e -> default
end
end
- defp activities_to_statuses(activities, opts) do
- Enum.map(activities, fn(activity) ->
- activity_to_status(activity, opts)
- end)
+ defp parse_int(_, default), do: default
+
+ def search(_user, %{"q" => query} = params) do
+ limit = parse_int(params["rpp"], 20)
+ page = parse_int(params["page"], 1)
+ offset = (page - 1) * limit
+
+ q =
+ from(
+ a in Activity,
+ where: fragment("?->>'type' = 'Create'", a.data),
+ where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
+ where:
+ fragment(
+ "to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",
+ a.data,
+ ^query
+ ),
+ limit: ^limit,
+ offset: ^offset,
+ # this one isn't indexed so psql won't take the wrong index.
+ order_by: [desc: :inserted_at]
+ )
+
+ _activities = Repo.all(q)
end
- defp activity_to_status(activity, opts) do
- actor = get_in(activity.data, ["actor"])
- user = Repo.get_by!(User, ap_id: actor)
- mentioned_users = Repo.all(from user in User, where: user.ap_id in ^activity.data["to"])
- ActivityRepresenter.to_map(activity, Map.merge(opts, %{user: user, mentioned: mentioned_users}))
+ # DEPRECATED mostly, context objects are now created at insertion time.
+ def context_to_conversation_id(context) do
+ with %Object{id: id} <- Object.get_cached_by_ap_id(context) do
+ id
+ else
+ _e ->
+ changeset = Object.context_mapping(context)
+ {:ok, object} = Object.insert_or_get(changeset)
+ object.id
+ end
end
- defp make_date do
- DateTime.utc_now() |> DateTime.to_iso8601
+ def conversation_id_to_context(id) do
+ with %Object{data: %{"id" => context}} <- Repo.get(Object, id) do
+ context
+ else
+ _e ->
+ {:error, "No such conversation"}
+ end
end
- defp get_user(params) do
- case params do
- %{ "user_id" => user_id } ->
- Repo.get(User, user_id)
- %{ "screen_name" => nickname } ->
- Repo.get_by(User, nickname: nickname)
+ def get_external_profile(for_user, uri) do
+ with %User{} = user <- User.get_or_fetch(uri) do
+ {:ok, UserView.render("show.json", %{user: user, for: for_user})}
+ else
+ _e ->
+ {:error, "Couldn't find user"}
end
end
end
projects / akkoma / blobdiff