X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Ftwitter_api%2Ftwitter_api.ex;h=c3f769c00377ee7c1535fa5d5ae7edec0048a10f;hb=e8c2f9a73a37636a9a8ed5c2998617b841f482da;hp=c23b3c2c4fee8f3ab17c1b93633823c2099bf63e;hpb=2e294ee44a1baa7c0d3ac6b2905a70ed4e05cffb;p=akkoma diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index c23b3c2c4..c3f769c00 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -1,40 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.TwitterAPI.TwitterAPI do - alias Pleroma.{User, Activity, Repo, Object} + alias Pleroma.Activity + alias Pleroma.Emails.Mailer + alias Pleroma.Emails.UserEmail + alias Pleroma.Repo + alias Pleroma.User + alias Pleroma.UserInviteToken alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.CommonAPI alias Pleroma.Web.TwitterAPI.UserView - alias Pleroma.Web.{OStatus, CommonAPI} - import Ecto.Query - @httpoison Application.get_env(:pleroma, :httpoison) + import Ecto.Query def create_status(%User{} = user, %{"status" => _} = data) do CommonAPI.post(user, data) end def delete(%User{} = user, id) do - with %Activity{data: %{"type" => type}} <- Repo.get(Activity, id), + with %Activity{data: %{"type" => _type}} <- Activity.get_by_id(id), {:ok, activity} <- CommonAPI.delete(id, user) do {:ok, activity} end end def follow(%User{} = follower, params) do - with {:ok, %User{} = followed} <- get_user(params), - {:ok, follower} <- User.maybe_direct_follow(follower, followed), - {:ok, activity} <- ActivityPub.follow(follower, followed) do - {:ok, follower, followed, activity} - else - err -> err + with {:ok, %User{} = followed} <- get_user(params) do + CommonAPI.follow(follower, followed) end end def unfollow(%User{} = follower, params) do with {:ok, %User{} = unfollowed} <- get_user(params), - {:ok, follower, follow_activity} <- User.unfollow(follower, unfollowed), - {:ok, _activity} <- ActivityPub.unfollow(follower, unfollowed) do + {:ok, follower} <- CommonAPI.unfollow(follower, unfollowed) do {:ok, follower, unfollowed} - else - err -> err end end @@ -60,34 +61,42 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do def repeat(%User{} = user, ap_id_or_id) do with {:ok, _announce, %{data: %{"id" => id}}} <- CommonAPI.repeat(ap_id_or_id, user), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do + %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do {:ok, activity} end end def unrepeat(%User{} = user, ap_id_or_id) do with {:ok, _unannounce, %{data: %{"id" => id}}} <- CommonAPI.unrepeat(ap_id_or_id, user), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do + %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do {:ok, activity} end end + def pin(%User{} = user, ap_id_or_id) do + CommonAPI.pin(ap_id_or_id, user) + end + + def unpin(%User{} = user, ap_id_or_id) do + CommonAPI.unpin(ap_id_or_id, user) + end + def fav(%User{} = user, ap_id_or_id) do with {:ok, _fav, %{data: %{"id" => id}}} <- CommonAPI.favorite(ap_id_or_id, user), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do + %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do {:ok, activity} end end def unfav(%User{} = user, ap_id_or_id) do with {:ok, _unfav, _fav, %{data: %{"id" => id}}} <- CommonAPI.unfavorite(ap_id_or_id, user), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do + %Activity{} = activity <- Activity.get_create_by_object_ap_id(id) do {:ok, activity} end end - def upload(%Plug.Upload{} = file, format \\ "xml") do - {:ok, object} = ActivityPub.upload(file) + def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do + {:ok, object} = ActivityPub.upload(file, actor: User.ap_id(user)) url = List.first(object.data["url"]) href = url["href"] @@ -120,20 +129,77 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do end def register_user(params) do + token = params["token"] + params = %{ nickname: params["nickname"], name: params["fullname"], - bio: params["bio"], + bio: User.parse_bio(params["bio"]), email: params["email"], password: params["password"], - password_confirmation: params["confirm"] + password_confirmation: params["confirm"], + captcha_solution: params["captcha_solution"], + captcha_token: params["captcha_token"], + captcha_answer_data: params["captcha_answer_data"] } + captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled]) + # true if captcha is disabled or enabled and valid, false otherwise + captcha_ok = + if !captcha_enabled do + :ok + else + Pleroma.Captcha.validate( + params[:captcha_token], + params[:captcha_solution], + params[:captcha_answer_data] + ) + end + + # Captcha invalid + if captcha_ok != :ok do + {:error, error} = captcha_ok + # I have no idea how this error handling works + {:error, %{error: Jason.encode!(%{captcha: [error]})}} + else + registrations_open = Pleroma.Config.get([:instance, :registrations_open]) + registration_process(registrations_open, params, token) + end + end + + defp registration_process(registration_open, params, token) + when registration_open == false or is_nil(registration_open) do + invite = + unless is_nil(token) do + Repo.get_by(UserInviteToken, %{token: token}) + end + + valid_invite? = invite && UserInviteToken.valid_invite?(invite) + + case invite do + nil -> + {:error, "Invalid token"} + + invite when valid_invite? -> + UserInviteToken.update_usage!(invite) + create_user(params) + + _ -> + {:error, "Expired token"} + end + end + + defp registration_process(true, params, _token) do + create_user(params) + end + + defp create_user(params) do changeset = User.register_changeset(%User{}, params) - with {:ok, user} <- Repo.insert(changeset) do - {:ok, user} - else + case User.register(changeset) do + {:ok, user} -> + {:ok, user} + {:error, changeset} -> errors = Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end) @@ -143,32 +209,43 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do end end - def get_by_id_or_nickname(id_or_nickname) do - if !is_integer(id_or_nickname) && :error == Integer.parse(id_or_nickname) do - Repo.get_by(User, nickname: id_or_nickname) + def password_reset(nickname_or_email) do + with true <- is_binary(nickname_or_email), + %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email), + {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do + user + |> UserEmail.password_reset_email(token_record.token) + |> Mailer.deliver_async() else - Repo.get(User, id_or_nickname) + false -> + {:error, "bad user identifier"} + + %User{local: false} -> + {:error, "remote user"} + + nil -> + {:error, "unknown user"} end end def get_user(user \\ nil, params) do case params do %{"user_id" => user_id} -> - case target = get_by_id_or_nickname(user_id) do + case User.get_cached_by_nickname_or_id(user_id) do nil -> {:error, "No user with such user_id"} - _ -> - {:ok, target} + %User{info: %{deactivated: true}} -> + {:error, "User has been disabled"} + + user -> + {:ok, user} end %{"screen_name" => nickname} -> - case target = Repo.get_by(User, nickname: nickname) do - nil -> - {:error, "No user with such screen_name"} - - _ -> - {:ok, target} + case User.get_by_nickname(nickname) do + nil -> {:error, "No user with such screen_name"} + target -> {:ok, target} end _ -> @@ -192,6 +269,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do defp parse_int(_, default), do: default + # TODO: unify the search query with MastoAPI one and do only pagination here def search(_user, %{"q" => query} = params) do limit = parse_int(params["rpp"], 20) page = parse_int(params["page"], 1) @@ -199,13 +277,13 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do q = from( - a in Activity, + [a, o] in Activity.with_preloaded_object(Activity), where: fragment("?->>'type' = 'Create'", a.data), where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients, where: fragment( - "to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)", - a.data, + "to_tsvector('english', ?->>'content') @@ plainto_tsquery('english', ?)", + o.data, ^query ), limit: ^limit, @@ -217,49 +295,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do _activities = Repo.all(q) end - defp make_date do - DateTime.utc_now() |> DateTime.to_iso8601() - end - - # DEPRECATED mostly, context objects are now created at insertion time. - def context_to_conversation_id(context) do - with %Object{id: id} <- Object.get_cached_by_ap_id(context) do - id - else - _e -> - changeset = Object.context_mapping(context) - - case Repo.insert(changeset) do - {:ok, %{id: id}} -> - id - - # This should be solved by an upsert, but it seems ecto - # has problems accessing the constraint inside the jsonb. - {:error, _} -> - Object.get_cached_by_ap_id(context).id - end - end - end - - def conversation_id_to_context(id) do - with %Object{data: %{"id" => context}} <- Repo.get(Object, id) do - context - else - _e -> - {:error, "No such conversation"} - end - end - def get_external_profile(for_user, uri) do with %User{} = user <- User.get_or_fetch(uri) do - spawn(fn -> - with url <- user.info["topic"], - {:ok, %{body: body}} <- - @httpoison.get(url, [], follow_redirect: true, timeout: 10000, recv_timeout: 20000) do - OStatus.handle_incoming(body) - end - end) - {:ok, UserView.render("show.json", %{user: user, for: for_user})} else _e ->