The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+## [Unreleased]
++
++### Changed
++
++- MFR policy to set global expiration for all local Create activities
++
++
+ ## [2.0.0] - 2019-03-08
### Security
- Mastodon API: Fix being able to request enourmous amount of statuses in timelines leading to DoS. Now limited to 40 per request.
- Rate limiter is now disabled for localhost/socket (unless remoteip plug is enabled)
- Logger: default log level changed from `warn` to `info`.
- Config mix task `migrate_to_db` truncates `config` table before migrating the config file.
- - MFR policy to set global expiration for all local Create activities
+ - Allow account registration without an email
- Default to `prepare: :unnamed` in the database configuration.
+ - Instance stats are now loaded on startup instead of being empty until next hourly job.
<details>
<summary>API Changes</summary>
- Mastodon API: Marking a conversation as read (`POST /api/v1/conversations/:id/read`) now no longer brings it to the top in the user's direct conversation list
</details>
+ ## [1.1.9] - 2020-02-10
+ ### Fixed
+ - OTP: Inability to set the upload limit (again)
+ - Not being able to pin polls
+ - Streaming API: incorrect handling of reblog mutes
+ - Rejecting the user when field length limit is exceeded
+ - OpenGraph provider: html entities in descriptions
+
+ ## [1.1.8] - 2020-01-10
+ ### Fixed
+ - Captcha generation issues
+ - Returned Kocaptcha endpoint to configuration
+ - Captcha validity is now 5 minutes
+
+ ## [1.1.7] - 2019-12-13
+ ### Fixed
+ - OTP: Inability to set the upload limit
+ - OTP: Inability to override node name/distribution type to run 2 Pleroma instances on the same machine
+
+ ### Added
+ - Integrated captcha provider
+
+ ### Changed
+ - Captcha enabled by default
+ - Default Captcha provider changed from `Pleroma.Captcha.Kocaptcha` to `Pleroma.Captcha.Native`
+ - Better `Cache-Control` header for static content
+
+ ### Bundled Pleroma-FE Changes
+ #### Added
+ - Icons in the navigation panel
+
+ #### Fixed
+ - Improved support unauthenticated view of private instances
+
+ #### Removed
+ - Whitespace hack on empty post content
+
## [1.1.6] - 2019-11-19
### Fixed
- Not being able to log into to third party apps when the browser is logged into mastofe
defmodule Pleroma.Web.ActivityPub.ActivityPub do
alias Pleroma.Activity
alias Pleroma.Activity.Ir.Topics
+ alias Pleroma.ActivityExpiration
alias Pleroma.Config
alias Pleroma.Constants
alias Pleroma.Conversation
{:containment, :ok} <- {:containment, Containment.contain_child(map)},
{:ok, map, object} <- insert_full_object(map) do
{:ok, activity} =
- Repo.insert(%Activity{
+ %Activity{
data: map,
local: local,
actor: map["actor"],
recipients: recipients
- })
+ }
+ |> Repo.insert()
+ |> maybe_create_activity_expiration()
# Splice in the child object if we have one.
activity =
end
end
+ defp maybe_create_activity_expiration({:ok, %{data: %{"expires_at" => expires_at}} = activity}) do
+ with {:ok, _} <- ActivityExpiration.create(activity, expires_at) do
+ {:ok, activity}
+ end
+ end
+
+ defp maybe_create_activity_expiration(result), do: result
+
defp create_or_bump_conversation(activity, actor) do
with {:ok, conversation} <- Conversation.create_or_bump_for(activity),
%User{} = user <- User.get_cached_by_ap_id(actor),
{:ok, activity} <- insert(flag_data, local),
{:ok, stripped_activity} <- strip_report_status_data(activity),
:ok <- maybe_federate(stripped_activity) do
- Enum.each(User.all_superusers(), fn superuser ->
+ User.all_superusers()
+ |> Enum.filter(fn user -> not is_nil(user.email) end)
+ |> Enum.each(fn superuser ->
superuser
|> Pleroma.Emails.AdminEmail.report(actor, account, statuses, content)
|> Pleroma.Emails.Mailer.deliver_async()
# Pleroma: A lightweight social networking server
- # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+ # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF do
def filter(policies, %{} = object) do
policies
|> Enum.reduce({:ok, object}, fn
- policy, {:ok, object} ->
- policy.filter(object)
-
- _, error ->
- error
+ policy, {:ok, object} -> policy.filter(object)
+ _, error -> error
end)
end
# Pleroma: A lightweight social networking server
- # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+ # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.CommonAPI.ActivityDraft do
defp changes(draft) do
direct? = draft.visibility == "direct"
+ additional = %{"cc" => draft.cc, "directMessage" => direct?}
+
+ additional =
+ case draft.expires_at do
+ %NaiveDateTime{} = expires_at -> Map.put(additional, "expires_at", expires_at)
+ _ -> additional
+ end
changes =
%{
actor: draft.user,
context: draft.context,
object: draft.object,
- additional: %{"cc" => draft.cc, "directMessage" => direct?}
+ additional: additional
}
|> Utils.maybe_add_list_data(draft.user, draft.visibility)
end
def delete(activity_id, user) do
- with %Activity{data: %{"object" => _}} = activity <-
- Activity.get_by_id_with_object(activity_id),
+ with {_, %Activity{data: %{"object" => _}} = activity} <-
+ {:find_activity, Activity.get_by_id_with_object(activity_id)},
%Object{} = object <- Object.normalize(activity),
true <- User.superuser?(user) || user.ap_id == object.data["actor"],
{:ok, _} <- unpin(activity_id, user),
{:ok, delete} <- ActivityPub.delete(object) do
{:ok, delete}
else
+ {:find_activity, _} -> {:error, :not_found}
_ -> {:error, dgettext("errors", "Could not delete")}
end
end
def repeat(id_or_ap_id, user, params \\ %{}) do
- with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
+ with {_, %Activity{} = activity} <- {:find_activity, get_by_id_or_ap_id(id_or_ap_id)},
object <- Object.normalize(activity),
announce_activity <- Utils.get_existing_announce(user.ap_id, object),
public <- public_announce?(object, params) do
ActivityPub.announce(user, object, nil, true, public)
end
else
+ {:find_activity, _} -> {:error, :not_found}
_ -> {:error, dgettext("errors", "Could not repeat")}
end
end
def unrepeat(id_or_ap_id, user) do
- with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id) do
+ with {_, %Activity{} = activity} <- {:find_activity, get_by_id_or_ap_id(id_or_ap_id)} do
object = Object.normalize(activity)
ActivityPub.unannounce(user, object)
else
+ {:find_activity, _} -> {:error, :not_found}
_ -> {:error, dgettext("errors", "Could not unrepeat")}
end
end
def favorite(id_or_ap_id, user) do
- with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
+ with {_, %Activity{} = activity} <- {:find_activity, get_by_id_or_ap_id(id_or_ap_id)},
object <- Object.normalize(activity),
like_activity <- Utils.get_existing_like(user.ap_id, object) do
if like_activity do
ActivityPub.like(user, object)
end
else
+ {:find_activity, _} -> {:error, :not_found}
_ -> {:error, dgettext("errors", "Could not favorite")}
end
end
def unfavorite(id_or_ap_id, user) do
- with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id) do
+ with {_, %Activity{} = activity} <- {:find_activity, get_by_id_or_ap_id(id_or_ap_id)} do
object = Object.normalize(activity)
ActivityPub.unlike(user, object)
else
+ {:find_activity, _} -> {:error, :not_found}
_ -> {:error, dgettext("errors", "Could not unfavorite")}
end
end
def post(user, %{"status" => _} = data) do
with {:ok, draft} <- Pleroma.Web.CommonAPI.ActivityDraft.create(user, data) do
- draft.changes
- |> ActivityPub.create(draft.preview?)
- |> maybe_create_activity_expiration(draft.expires_at)
+ ActivityPub.create(draft.changes, draft.preview?)
end
end
- defp maybe_create_activity_expiration({:ok, activity}, %NaiveDateTime{} = expires_at) do
- with {:ok, _} <- ActivityExpiration.create(activity, expires_at) do
- {:ok, activity}
- end
- end
-
- defp maybe_create_activity_expiration(result, _), do: result
-
# Updates the emojis for a user based on their profile
def update(user) do
emoji = emoji_from_profile(user)