# asdf
.tool-versions
+
+# Editor temp files
+/*~
+/*#
\ No newline at end of file
- dind
only:
- /^release/.*$/@pleroma/pleroma
+
+docker-adhoc:
+ stage: docker
+ image: docker:latest
+ cache: {}
+ dependencies: []
+ variables: *docker-variables
+ before_script: *before-docker
+ allow_failure: true
+ script:
+ script:
+ - mkdir -p /root/.docker/cli-plugins
+ - wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
+ - echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
+ - chmod +x ~/.docker/cli-plugins/docker-buildx
+ - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+ - docker buildx create --name mbuilder --driver docker-container --use
+ - docker buildx inspect --bootstrap
+ - docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
+ tags:
+ - dind
+ only:
+ - /^build-docker/.*$/@pleroma/pleroma
\ No newline at end of file
Ariadne Conill <ariadne@dereferenced.org> <nenolod@dereferenced.org>
Ariadne Conill <ariadne@dereferenced.org> <nenolod@gmail.com>
+rinpatch <rin@patch.cx> <rinpatch@sdf.org>
## Unreleased
+### Removed
+
+- `:auth, :enforce_oauth_admin_scope_usage` configuration option.
+
### Changed
- **Breaking**: Changed `mix pleroma.user toggle_confirmed` to `mix pleroma.user confirm`
- Provide redirect of external posts from `/notice/:id` to their original URL
- Admins no longer receive notifications for reports if they are the actor making the report.
- Improved Mailer configuration setting descriptions for AdminFE.
+- Updated default avatar to look nicer.
<details>
<summary>API Changes</summary>
- **Breaking:** AdminAPI `GET /api/pleroma/admin/users/:nickname_or_id/statuses` changed response format and added the number of total users posts.
- **Breaking:** AdminAPI `GET /api/pleroma/admin/instances/:instance/statuses` changed response format and added the number of total users posts.
- Admin API: Reports now ordered by newest
+- Pleroma API: `GET /api/v1/pleroma/chats` is deprecated in favor of `GET /api/v2/pleroma/chats`.
</details>
<details>
<summary>API Changes</summary>
- Admin API: (`GET /api/pleroma/admin/users`) filter users by `unconfirmed` status and `actor_type`.
+- Pleroma API: `GET /api/v2/pleroma/chats` added. It is exactly like `GET /api/v1/pleroma/chats` except supports pagination.
- Pleroma API: Add `idempotency_key` to the chat message entity that can be used for optimistic message sending.
- Pleroma API: (`GET /api/v1/pleroma/federation_status`) Add a way to get a list of unreachable instances.
- Mastodon API: User and conversation mutes can now auto-expire if `expires_in` parameter was given while adding the mute.
- Mastodon API: Add monthly active users to `/api/v1/instance` (`pleroma.stats.mau`).
- Mastodon API: Home, public, hashtag & list timelines accept `only_media`, `remote` & `local` parameters for filtration.
- Mastodon API: `/api/v1/accounts/:id` & `/api/v1/mutes` endpoints accept `with_relationships` parameter and return filled `pleroma.relationship` field.
+- Mastodon API: Endpoint to remove a conversation (`DELETE /api/v1/conversations/:id`).
+- Mastodon API: `expires_in` in the scheduled post `params` field on `/api/v1/statuses` and `/api/v1/scheduled_statuses/:id` endpoints.
</details>
### Fixed
---
+Files inside docs directory are copyright © 2021 Pleroma Authors
+<https://pleroma.social/>, and are distributed under the Creative Commons
+Attribution 4.0 International license, you should have received
+a copy of the license file as CC-BY-4.0.
+
+---
+
The following files are copyright © 2019 shitposter.club, and are distributed
under the Creative Commons Attribution-ShareAlike 4.0 International license,
you should have received a copy of the license file as CC-BY-SA-4.0.
base_path: "/oauth",
providers: ueberauth_providers
-config :pleroma,
- :auth,
- enforce_oauth_admin_scope_usage: true,
- oauth_consumer_strategies: oauth_consumer_strategies
+config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies
config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail, enabled: false
external_user_synchronization: false,
static_dir: "test/instance_static/"
-config :pleroma, :activitypub, sign_object_fetches: false
+config :pleroma, :activitypub, sign_object_fetches: false, follow_handshake_timeout: 0
# Configure your database
config :pleroma, Pleroma.Repo,
- Features: MastoAPI
### Whalebird
-- Homepage: <https://whalebird.org/>
+- Homepage: <https://whalebird.social/>
- Source Code: <https://github.com/h3poteto/whalebird-desktop>
- Contact: [@h3poteto@pleroma.io](https://pleroma.io/users/h3poteto)
- Platforms: Windows, Mac, Linux
Authentication is required and the user must be an admin.
-Configuration options:
-
-* `[:auth, :enforce_oauth_admin_scope_usage]` — OAuth admin scope requirement toggle.
- If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token (client app must support admin scopes).
- If `false` and token doesn't have admin scope(s), `is_admin` user flag grants access to admin-specific actions.
- Note that client app needs to explicitly support admin scopes and request them when obtaining auth token.
-
## `GET /api/pleroma/admin/users`
### List users
- `emoji_reactions`: A list with emoji / reaction maps. The format is `{name: "☕", count: 1, me: true}`. Contains no information about the reacting users, for that use the `/statuses/:id/reactions` endpoint.
- `parent_visible`: If the parent of this post is visible to the user or not.
+## Scheduled statuses
+
+Has these additional fields in `params`:
+
+- `expires_in`: the number of seconds the posted activity should expire in.
+
## Media Attachments
Has these additional fields under the `pleroma` object:
- `hide_followers_count`: boolean, true when the user has follower stat hiding enabled
- `hide_follows_count`: boolean, true when the user has follow stat hiding enabled
- `settings_store`: A generic map of settings for frontends. Opaque to the backend. Only returned in `/api/v1/accounts/verify_credentials` and `/api/v1/accounts/update_credentials`
-- `chat_token`: The token needed for Pleroma chat. Only returned in `/api/v1/accounts/verify_credentials`
+- `chat_token`: The token needed for Pleroma shoutbox. Only returned in `/api/v1/accounts/verify_credentials`
- `deactivated`: boolean, true when the user is deactivated
- `allow_following_move`: boolean, true when the user allows automatically follow moved following accounts
- `unread_conversation_count`: The count of unread conversations. Only returned to the account owner.
# su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
# Start the instance to verify that everything is working as expected
-su pleroma -s $SHELL -lc "export $(cat /opt/pleroma/config/pleroma.env); ./bin/pleroma daemon"
+su pleroma -s $SHELL -lc "./bin/pleroma daemon"
# Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
sleep 20 && curl http://localhost:4000/api/v1/instance
start: :boolean,
quiet: :boolean,
log_sql: :boolean,
- migrations_path: :string
+ migrations_path: :string,
+ env: :string
]
@moduledoc """
level = Logger.level()
Logger.configure(level: :info)
- if Pleroma.Config.get(:env) == :test do
+ if opts[:env] == "test" do
Logger.info("Rollback succesfully")
else
{:ok, _, _} =
defmodule Mix.Tasks.Pleroma.OpenapiSpec do
def run([path]) do
+ # Load Pleroma application to get version info
+ Application.load(:pleroma)
spec = Pleroma.Web.ApiSpec.spec(server_specific: false) |> Jason.encode!()
File.write(path, spec)
end
Pleroma.Stats,
Pleroma.JobQueueMonitor,
{Majic.Pool, [name: Pleroma.MajicPool, pool_size: Config.get([:majic_pool, :size], 2)]},
- {Oban, Config.get(Oban)}
+ {Oban, Config.get(Oban)},
+ Pleroma.Web.Endpoint
] ++
task_children(@mix_env) ++
dont_run_in_test(@mix_env) ++
chat_child(chat_enabled?()) ++
[
- Pleroma.Web.Endpoint,
Pleroma.Gopher.Server
]
def oauth_consumer_strategies, do: get([:auth, :oauth_consumer_strategies], [])
def oauth_consumer_enabled?, do: oauth_consumer_strategies() != []
-
- def enforce_oauth_admin_scope_usage?, do: !!get([:auth, :enforce_oauth_admin_scope_usage])
-
- def oauth_admin_scopes(scopes) when is_list(scopes) do
- Enum.flat_map(
- scopes,
- fn scope ->
- ["admin:#{scope}"] ++
- if enforce_oauth_admin_scope_usage?(), do: [], else: [scope]
- end
- )
- end
end
"Create" <- activity.data["type"],
%Object{} = object <- Object.normalize(activity, fetch: false),
true <- object.data["type"] in ["Note", "Question"],
- ap_id when is_binary(ap_id) and byte_size(ap_id) > 0 <- object.data["context"] do
- {:ok, conversation} = create_for_ap_id(ap_id)
-
+ ap_id when is_binary(ap_id) and byte_size(ap_id) > 0 <- object.data["context"],
+ {:ok, conversation} <- create_for_ap_id(ap_id) do
users = User.get_users_from_set(activity.recipients, local_only: false)
participations =
select: %{count: count(p.id)}
)
end
+
+ def delete(%__MODULE__{} = participation) do
+ Repo.delete(participation)
+ end
end
Notification
|> where(user_id: ^user.id)
- |> where(
- [n, a],
- fragment(
- "? not in (SELECT ap_id FROM users WHERE is_active = 'false')",
- a.actor
- )
- )
|> join(:inner, [n], activity in assoc(n, :activity))
|> join(:left, [n, a], object in Object,
on:
a.data
)
)
+ |> join(:inner, [_n, a], u in User, on: u.ap_id == a.actor, as: :user_actor)
|> preload([n, a, o], activity: {a, object: o})
+ |> where([user_actor: user_actor], user_actor.is_active)
|> exclude_notification_muted(user, exclude_notification_muted_opts)
|> exclude_blocked(user, exclude_blocked_opts)
|> exclude_filtered(user)
query
|> where([n, a], a.actor not in ^notification_muted_ap_ids)
|> join(:left, [n, a], tm in ThreadMute,
- on: tm.user_id == ^user.id and tm.context == fragment("?->>'context'", a.data)
+ on: tm.user_id == ^user.id and tm.context == fragment("?->>'context'", a.data),
+ as: :thread_mute
)
- |> where([n, a, o, tm], is_nil(tm.user_id))
+ |> where([thread_mute: thread_mute], is_nil(thread_mute.user_id))
end
defp exclude_filtered(query, user) do
@impl true
def init(_args) do
- {:ok, nil, {:continue, :calculate_stats}}
+ if Pleroma.Config.get(:env) != :test do
+ {:ok, nil, {:continue, :calculate_stats}}
+ else
+ {:ok, calculate_stat_data()}
+ end
end
@doc "Performs update stats"
@spec filter(Pleroma.Upload.t()) :: {:ok, any()} | {:error, String.t()}
- # webp is not compatible with exiftool at this time
+ # Formats not compatible with exiftool at this time
+ def filter(%Pleroma.Upload{content_type: "image/heic"}), do: {:ok, :noop}
def filter(%Pleroma.Upload{content_type: "image/webp"}), do: {:ok, :noop}
def filter(%Pleroma.Upload{tempfile: file, content_type: "image" <> _}) do
{error, 1} -> {:error, error}
end
rescue
- _e in ErlangError ->
- {:error, "exiftool command not found"}
+ e in ErlangError ->
+ {:error, "#{__MODULE__}: #{inspect(e)}"}
end
end
Filter.Mogrify.do_filter(file, [Enum.random(@filters)])
{:ok, :filtered}
rescue
- _e in ErlangError ->
- {:error, "mogrify command not found"}
+ e in ErlangError ->
+ {:error, "#{__MODULE__}: #{inspect(e)}"}
end
end
do_filter(file, Pleroma.Config.get!([__MODULE__, :args]))
{:ok, :filtered}
rescue
- _e in ErlangError ->
- {:error, "mogrify command not found"}
+ e in ErlangError ->
+ {:error, "#{__MODULE__}: #{inspect(e)}"}
end
end
# Executed just before actual controller action, invokes before-action hooks (callbacks)
defp action(conn, params) do
- with %{halted: false} = conn <- maybe_drop_authentication_if_oauth_check_ignored(conn),
+ with %{halted: false} = conn <-
+ maybe_drop_authentication_if_oauth_check_ignored(conn),
%{halted: false} = conn <- maybe_perform_public_or_authenticated_check(conn),
%{halted: false} = conn <- maybe_perform_authenticated_check(conn),
%{halted: false} = conn <- maybe_halt_on_missing_oauth_scopes_check(conn) do
def base_url do
Pleroma.Web.Endpoint.url()
end
+
+ # TODO: Change to Phoenix.Router.routes/1 for Phoenix 1.6.0+
+ def get_api_routes do
+ Pleroma.Web.Router.__routes__()
+ |> Enum.reject(fn r -> r.plug == Pleroma.Web.Fallback.RedirectController end)
+ |> Enum.map(fn r ->
+ r.path
+ |> String.split("/", trim: true)
+ |> List.first()
+ end)
+ |> Enum.uniq()
+ end
end
end
end
- def object(conn, _) do
+ def object(%{assigns: assigns} = conn, _) do
with ap_id <- Endpoint.url() <> conn.request_path,
%Object{} = object <- Object.get_cached_by_ap_id(ap_id),
- {_, true} <- {:public?, Visibility.is_public?(object)},
- {_, false} <- {:local?, Visibility.is_local_public?(object)} do
+ user <- Map.get(assigns, :user, nil),
+ {_, true} <- {:visible?, Visibility.visible_for_user?(object, user)} do
conn
|> assign(:tracking_fun_data, object.id)
|> set_cache_ttl_for(object)
|> put_view(ObjectView)
|> render("object.json", object: object)
else
- {:public?, false} ->
- {:error, :not_found}
-
- {:local?, true} ->
- {:error, :not_found}
+ {:visible?, false} -> {:error, :not_found}
+ nil -> {:error, :not_found}
end
end
conn
end
- def activity(conn, _params) do
+ def activity(%{assigns: assigns} = conn, _) do
with ap_id <- Endpoint.url() <> conn.request_path,
%Activity{} = activity <- Activity.normalize(ap_id),
- {_, true} <- {:public?, Visibility.is_public?(activity)},
- {_, false} <- {:local?, Visibility.is_local_public?(activity)} do
+ {_, true} <- {:local?, activity.local},
+ user <- Map.get(assigns, :user, nil),
+ {_, true} <- {:visible?, Visibility.visible_for_user?(activity, user)} do
conn
|> maybe_set_tracking_data(activity)
|> set_cache_ttl_for(activity)
|> put_view(ObjectView)
|> render("object.json", object: activity)
else
- {:public?, false} -> {:error, :not_found}
- {:local?, true} -> {:error, :not_found}
+ {:visible?, false} -> {:error, :not_found}
+ {:local?, false} -> {:error, :not_found}
nil -> {:error, :not_found}
end
end
def is_list?(%{data: %{"listMessage" => _}}), do: true
def is_list?(_), do: false
- @spec visible_for_user?(Activity.t() | nil, User.t() | nil) :: boolean()
+ @spec visible_for_user?(Object.t() | Activity.t() | nil, User.t() | nil) :: boolean()
def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true
-
+ def visible_for_user?(%Object{data: %{"actor" => ap_id}}, %User{ap_id: ap_id}), do: true
def visible_for_user?(nil, _), do: false
-
def visible_for_user?(%Activity{data: %{"listMessage" => _}}, nil), do: false
def visible_for_user?(
|> Pleroma.List.member?(user)
end
- def visible_for_user?(%Activity{} = activity, nil) do
- if restrict_unauthenticated_access?(activity),
+ def visible_for_user?(%{__struct__: module} = message, nil)
+ when module in [Activity, Object] do
+ if restrict_unauthenticated_access?(message),
do: false,
- else: is_public?(activity)
+ else: is_public?(message) and not is_local_public?(message)
end
- def visible_for_user?(%Activity{} = activity, user) do
+ def visible_for_user?(%{__struct__: module} = message, user)
+ when module in [Activity, Object] do
x = [user.ap_id | User.following(user)]
- y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || [])
- is_public?(activity) || Enum.any?(x, &(&1 in y))
+ y = [message.data["actor"]] ++ message.data["to"] ++ (message.data["cc"] || [])
+ is_public?(message) || Enum.any?(x, &(&1 in y))
end
def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do
plug(
OAuthScopesPlug,
- %{scopes: ["read:accounts"], admin: true}
+ %{scopes: ["admin:read:accounts"]}
when action in [:right_get, :show_user_credentials, :create_backup]
)
plug(
OAuthScopesPlug,
- %{scopes: ["write:accounts"], admin: true}
+ %{scopes: ["admin:write:accounts"]}
when action in [
:get_password_reset,
:force_password_reset,
plug(
OAuthScopesPlug,
- %{scopes: ["read:statuses"], admin: true}
+ %{scopes: ["admin:read:statuses"]}
when action in [:list_user_statuses, :list_instance_statuses]
)
plug(
OAuthScopesPlug,
- %{scopes: ["read:chats"], admin: true}
+ %{scopes: ["admin:read:chats"]}
when action in [:list_user_chats]
)
plug(
OAuthScopesPlug,
- %{scopes: ["read"], admin: true}
+ %{scopes: ["admin:read"]}
when action in [
:list_log,
:stats,
plug(
OAuthScopesPlug,
- %{scopes: ["write"], admin: true}
+ %{scopes: ["admin:write"]}
when action in [
:restart,
:resend_confirmation_email,
plug(
OAuthScopesPlug,
- %{scopes: ["read:chats"], admin: true} when action in [:show, :messages]
+ %{scopes: ["admin:read:chats"]} when action in [:show, :messages]
)
plug(
OAuthScopesPlug,
- %{scopes: ["write:chats"], admin: true} when action in [:delete_message]
+ %{scopes: ["admin:write:chats"]} when action in [:delete_message]
)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
alias Pleroma.Web.Plugs.OAuthScopesPlug
plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :update)
+ plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action == :update)
plug(
OAuthScopesPlug,
- %{scopes: ["read"], admin: true}
+ %{scopes: ["admin:read"]}
when action in [:show, :descriptions]
)
alias Pleroma.Web.Plugs.OAuthScopesPlug
plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :install)
- plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :index)
+ plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action == :install)
+ plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :index)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.FrontendOperation
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.InstanceDocumentOperation
- plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :show)
- plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action in [:update, :delete])
+ plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :show)
+ plug(OAuthScopesPlug, %{scopes: ["admin:write"]} when action in [:update, :delete])
def show(conn, %{name: document_name}) do
with {:ok, url} <- InstanceDocument.get(document_name),
require Logger
plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(OAuthScopesPlug, %{scopes: ["read:invites"], admin: true} when action == :index)
+ plug(OAuthScopesPlug, %{scopes: ["admin:read:invites"]} when action == :index)
plug(
OAuthScopesPlug,
- %{scopes: ["write:invites"], admin: true} when action in [:create, :revoke, :email]
+ %{scopes: ["admin:write:invites"]} when action in [:create, :revoke, :email]
)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
plug(
OAuthScopesPlug,
- %{scopes: ["read:media_proxy_caches"], admin: true} when action in [:index]
+ %{scopes: ["admin:read:media_proxy_caches"]} when action in [:index]
)
plug(
OAuthScopesPlug,
- %{scopes: ["write:media_proxy_caches"], admin: true} when action in [:purge, :delete]
+ %{scopes: ["admin:write:media_proxy_caches"]} when action in [:purge, :delete]
)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
plug(
OAuthScopesPlug,
- %{scopes: ["write"], admin: true}
+ %{scopes: ["admin:write"]}
when action in [:create, :index, :update, :delete]
)
plug(
OAuthScopesPlug,
- %{scopes: ["write:follows"], admin: true}
+ %{scopes: ["admin:write:follows"]}
when action in [:follow, :unfollow]
)
- plug(OAuthScopesPlug, %{scopes: ["read"], admin: true} when action == :index)
+ plug(OAuthScopesPlug, %{scopes: ["admin:read"]} when action == :index)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
require Logger
plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(OAuthScopesPlug, %{scopes: ["read:reports"], admin: true} when action in [:index, :show])
+ plug(OAuthScopesPlug, %{scopes: ["admin:read:reports"]} when action in [:index, :show])
plug(
OAuthScopesPlug,
- %{scopes: ["write:reports"], admin: true}
+ %{scopes: ["admin:write:reports"]}
when action in [:update, :notes_create, :notes_delete]
)
require Logger
plug(Pleroma.Web.ApiSpec.CastAndValidate)
- plug(OAuthScopesPlug, %{scopes: ["read:statuses"], admin: true} when action in [:index, :show])
+ plug(OAuthScopesPlug, %{scopes: ["admin:read:statuses"]} when action in [:index, :show])
plug(
OAuthScopesPlug,
- %{scopes: ["write:statuses"], admin: true} when action in [:update, :delete]
+ %{scopes: ["admin:write:statuses"]} when action in [:update, :delete]
)
action_fallback(Pleroma.Web.AdminAPI.FallbackController)
plug(
OAuthScopesPlug,
- %{scopes: ["read:accounts"], admin: true}
+ %{scopes: ["admin:read:accounts"]}
when action in [:list, :show]
)
plug(
OAuthScopesPlug,
- %{scopes: ["write:accounts"], admin: true}
+ %{scopes: ["admin:write:accounts"]}
when action in [
:delete,
:create,
plug(
OAuthScopesPlug,
- %{scopes: ["write:follows"], admin: true}
+ %{scopes: ["admin:write:follows"]}
when action in [:follow, :unfollow]
)
Please report such occurences on our [issue tracker](https://git.pleroma.social/pleroma/pleroma/-/issues). Feel free to submit API questions or proposals there too!
""",
- version: Application.spec(:pleroma, :vsn) |> to_string(),
+ # Strip environment from the version
+ version: Application.spec(:pleroma, :vsn) |> to_string() |> String.replace(~r/\+.*$/, ""),
extensions: %{
# Logo path should be picked so that the path exists both on Pleroma instances and on api.pleroma.social
"x-logo": %{"url" => "/static/logo.svg", "altText" => "Pleroma logo"}
"name" => "Administration",
"tags" => [
"Chat administration",
- "Emoji packs",
+ "Emoji pack administration",
"Frontend managment",
"Instance configuration",
"Instance documents",
"Status actions"
]
},
- %{"name" => "Miscellaneous", "tags" => ["Reports", "Suggestions"]}
+ %{"name" => "Miscellaneous", "tags" => ["Emoji packs", "Reports", "Suggestions"]}
]
}
}
},
security: [
%{
- "oAuth" => ["write:chats"]
+ "oAuth" => ["admin:write:chats"]
}
]
}
},
security: [
%{
- "oAuth" => ["read:chats"]
+ "oAuth" => ["admin:read:chats"]
}
]
}
},
security: [
%{
- "oAuth" => ["read"]
+ "oAuth" => ["admin:read"]
}
]
}
)
| admin_api_params()
],
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
responses: %{
200 => Operation.response("Config", "application/json", config_response()),
400 => Operation.response("Bad Request", "application/json", ApiError)
tags: ["Instance configuration"],
summary: "Update instance configuration",
operationId: "AdminAPI.ConfigController.update",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: admin_api_params(),
requestBody:
request_body("Parameters", %Schema{
tags: ["Instance configuration"],
summary: "Retrieve config description",
operationId: "AdminAPI.ConfigController.descriptions",
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
parameters: admin_api_params(),
responses: %{
200 =>
tags: ["Frontend managment"],
summary: "Retrieve a list of available frontends",
operationId: "AdminAPI.FrontendController.index",
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
responses: %{
200 => Operation.response("Response", "application/json", list_of_frontends()),
403 => Operation.response("Forbidden", "application/json", ApiError)
tags: ["Frontend managment"],
summary: "Install a frontend",
operationId: "AdminAPI.FrontendController.install",
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
requestBody: request_body("Parameters", install_request(), required: true),
responses: %{
200 => Operation.response("Response", "application/json", list_of_frontends()),
tags: ["Instance documents"],
summary: "Retrieve an instance document",
operationId: "AdminAPI.InstanceDocumentController.show",
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
parameters: [
Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
required: true
tags: ["Instance documents"],
summary: "Update an instance document",
operationId: "AdminAPI.InstanceDocumentController.update",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: Helpers.request_body("Parameters", update_request()),
parameters: [
Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
tags: ["Instance documents"],
summary: "Delete an instance document",
operationId: "AdminAPI.InstanceDocumentController.delete",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [
Operation.parameter(:name, :path, %Schema{type: :string}, "The document name",
required: true
tags: ["Invites"],
summary: "Get a list of generated invites",
operationId: "AdminAPI.InviteController.index",
- security: [%{"oAuth" => ["read:invites"]}],
+ security: [%{"oAuth" => ["admin:read:invites"]}],
parameters: admin_api_params(),
responses: %{
200 =>
tags: ["Invites"],
summary: "Create an account registration invite token",
operationId: "AdminAPI.InviteController.create",
- security: [%{"oAuth" => ["write:invites"]}],
+ security: [%{"oAuth" => ["admin:write:invites"]}],
parameters: admin_api_params(),
requestBody:
request_body("Parameters", %Schema{
tags: ["Invites"],
summary: "Revoke invite by token",
operationId: "AdminAPI.InviteController.revoke",
- security: [%{"oAuth" => ["write:invites"]}],
+ security: [%{"oAuth" => ["admin:write:invites"]}],
parameters: admin_api_params(),
requestBody:
request_body(
tags: ["Invites"],
summary: "Sends registration invite via email",
operationId: "AdminAPI.InviteController.email",
- security: [%{"oAuth" => ["write:invites"]}],
+ security: [%{"oAuth" => ["admin:write:invites"]}],
parameters: admin_api_params(),
requestBody:
request_body(
tags: ["MediaProxy cache"],
summary: "Retrieve a list of banned MediaProxy URLs",
operationId: "AdminAPI.MediaProxyCacheController.index",
- security: [%{"oAuth" => ["read:media_proxy_caches"]}],
+ security: [%{"oAuth" => ["admin:read:media_proxy_caches"]}],
parameters: [
Operation.parameter(
:query,
tags: ["MediaProxy cache"],
summary: "Remove a banned MediaProxy URL",
operationId: "AdminAPI.MediaProxyCacheController.delete",
- security: [%{"oAuth" => ["write:media_proxy_caches"]}],
+ security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}],
parameters: admin_api_params(),
requestBody:
request_body(
tags: ["MediaProxy cache"],
summary: "Purge a URL from MediaProxy cache and optionally ban it",
operationId: "AdminAPI.MediaProxyCacheController.purge",
- security: [%{"oAuth" => ["write:media_proxy_caches"]}],
+ security: [%{"oAuth" => ["admin:write:media_proxy_caches"]}],
parameters: admin_api_params(),
requestBody:
request_body(
summary: "Retrieve a list of OAuth applications",
tags: ["OAuth application managment"],
operationId: "AdminAPI.OAuthAppController.index",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [
Operation.parameter(:name, :query, %Schema{type: :string}, "App name"),
Operation.parameter(:client_id, :query, %Schema{type: :string}, "Client ID"),
operationId: "AdminAPI.OAuthAppController.create",
requestBody: request_body("Parameters", create_request()),
parameters: admin_api_params(),
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
responses: %{
200 => Operation.response("App", "application/json", oauth_app()),
400 => Operation.response("Bad Request", "application/json", ApiError)
summary: "Update OAuth application",
operationId: "AdminAPI.OAuthAppController.update",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: request_body("Parameters", update_request()),
responses: %{
200 => Operation.response("App", "application/json", oauth_app()),
summary: "Delete OAuth application",
operationId: "AdminAPI.OAuthAppController.delete",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
responses: %{
204 => no_content_response(),
400 => no_content_response()
tags: ["Relays"],
summary: "Retrieve a list of relays",
operationId: "AdminAPI.RelayController.index",
- security: [%{"oAuth" => ["read"]}],
+ security: [%{"oAuth" => ["admin:read"]}],
parameters: admin_api_params(),
responses: %{
200 =>
tags: ["Relays"],
summary: "Follow a relay",
operationId: "AdminAPI.RelayController.follow",
- security: [%{"oAuth" => ["write:follows"]}],
+ security: [%{"oAuth" => ["admin:write:follows"]}],
parameters: admin_api_params(),
requestBody: request_body("Parameters", relay_url()),
responses: %{
tags: ["Relays"],
summary: "Unfollow a relay",
operationId: "AdminAPI.RelayController.unfollow",
- security: [%{"oAuth" => ["write:follows"]}],
+ security: [%{"oAuth" => ["admin:write:follows"]}],
parameters: admin_api_params(),
requestBody: request_body("Parameters", relay_unfollow()),
responses: %{
tags: ["Report managment"],
summary: "Retrieve a list of reports",
operationId: "AdminAPI.ReportController.index",
- security: [%{"oAuth" => ["read:reports"]}],
+ security: [%{"oAuth" => ["admin:read:reports"]}],
parameters: [
Operation.parameter(
:state,
summary: "Retrieve a report",
operationId: "AdminAPI.ReportController.show",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["read:reports"]}],
+ security: [%{"oAuth" => ["admin:read:reports"]}],
responses: %{
200 => Operation.response("Report", "application/json", report()),
404 => Operation.response("Not Found", "application/json", ApiError)
tags: ["Report managment"],
summary: "Change state of specified reports",
operationId: "AdminAPI.ReportController.update",
- security: [%{"oAuth" => ["write:reports"]}],
+ security: [%{"oAuth" => ["admin:write:reports"]}],
parameters: admin_api_params(),
requestBody: request_body("Parameters", update_request(), required: true),
responses: %{
content: %Schema{type: :string, description: "The message"}
}
}),
- security: [%{"oAuth" => ["write:reports"]}],
+ security: [%{"oAuth" => ["admin:write:reports"]}],
responses: %{
204 => no_content_response(),
404 => Operation.response("Not Found", "application/json", ApiError)
Operation.parameter(:id, :path, :string, "Note ID")
| admin_api_params()
],
- security: [%{"oAuth" => ["write:reports"]}],
+ security: [%{"oAuth" => ["admin:write:reports"]}],
responses: %{
204 => no_content_response(),
404 => Operation.response("Not Found", "application/json", ApiError)
tags: ["Status administration"],
operationId: "AdminAPI.StatusController.index",
summary: "Get all statuses",
- security: [%{"oAuth" => ["read:statuses"]}],
+ security: [%{"oAuth" => ["admin:read:statuses"]}],
parameters: [
Operation.parameter(
:godmode,
summary: "Get status",
operationId: "AdminAPI.StatusController.show",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["read:statuses"]}],
+ security: [%{"oAuth" => ["admin:read:statuses"]}],
responses: %{
200 => Operation.response("Status", "application/json", status()),
404 => Operation.response("Not Found", "application/json", ApiError)
summary: "Change the scope of a status",
operationId: "AdminAPI.StatusController.update",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["write:statuses"]}],
+ security: [%{"oAuth" => ["admin:write:statuses"]}],
requestBody: request_body("Parameters", update_request(), required: true),
responses: %{
200 => Operation.response("Status", "application/json", Status),
summary: "Delete status",
operationId: "AdminAPI.StatusController.delete",
parameters: [id_param() | admin_api_params()],
- security: [%{"oAuth" => ["write:statuses"]}],
+ security: [%{"oAuth" => ["admin:write:statuses"]}],
responses: %{
200 => empty_object_response(),
404 => Operation.response("Not Found", "application/json", ApiError)
def index_operation do
%Operation{
tags: ["Chats"],
- summary: "Retrieve list of chats",
+ summary: "Retrieve list of chats (unpaginated)",
+ deprecated: true,
+ description:
+ "Deprecated due to no support for pagination. Using [/api/v2/pleroma/chats](#operation/ChatController.index2) instead is recommended.",
operationId: "ChatController.index",
+ parameters: [
+ Operation.parameter(:with_muted, :query, BooleanLike, "Include chats from muted users")
+ ],
+ responses: %{
+ 200 => Operation.response("The chats of the user", "application/json", chats_response())
+ },
+ security: [
+ %{
+ "oAuth" => ["read:chats"]
+ }
+ ]
+ }
+ end
+
+ def index2_operation do
+ %Operation{
+ tags: ["Chats"],
+ summary: "Retrieve list of chats",
+ operationId: "ChatController.index2",
parameters: [
Operation.parameter(:with_muted, :query, BooleanLike, "Include chats from muted users")
| pagination_params()
tags: ["Conversations"],
summary: "Mark conversation as read",
operationId: "ConversationController.mark_as_read",
- parameters: [
- Operation.parameter(:id, :path, :string, "Conversation ID",
- example: "123",
- required: true
- )
- ],
+ parameters: [id_param()],
security: [%{"oAuth" => ["write:conversations"]}],
responses: %{
200 => Operation.response("Conversation", "application/json", Conversation)
}
}
end
+
+ def delete_operation do
+ %Operation{
+ tags: ["Conversations"],
+ summary: "Remove conversation",
+ operationId: "ConversationController.delete",
+ parameters: [id_param()],
+ security: [%{"oAuth" => ["write:conversations"]}],
+ responses: %{
+ 200 => empty_object_response()
+ }
+ }
+ end
+
+ def id_param do
+ Operation.parameter(:id, :path, :string, "Conversation ID",
+ example: "123",
+ required: true
+ )
+ end
end
def create_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Add new file to the pack",
operationId: "PleromaAPI.EmojiPackController.add_file",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: request_body("Parameters", create_request(), required: true),
parameters: [name_param()],
responses: %{
def update_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Add new file to the pack",
operationId: "PleromaAPI.EmojiPackController.update_file",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: request_body("Parameters", update_request(), required: true),
parameters: [name_param()],
responses: %{
def delete_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Delete emoji file from pack",
operationId: "PleromaAPI.EmojiPackController.delete_file",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [
name_param(),
Operation.parameter(:shortcode, :query, :string, "File shortcode",
def remote_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Make request to another instance for emoji packs list",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [
url_param(),
Operation.parameter(
def download_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Download pack from another instance",
operationId: "PleromaAPI.EmojiPackController.download",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: request_body("Parameters", download_request(), required: true),
responses: %{
200 => ok_response(),
def create_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Create an empty pack",
operationId: "PleromaAPI.EmojiPackController.create",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [name_param()],
responses: %{
200 => ok_response(),
def delete_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Delete a custom emoji pack",
operationId: "PleromaAPI.EmojiPackController.delete",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
parameters: [name_param()],
responses: %{
200 => ok_response(),
def update_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Updates (replaces) pack metadata",
operationId: "PleromaAPI.EmojiPackController.update",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
requestBody: request_body("Parameters", update_request(), required: true),
parameters: [name_param()],
responses: %{
def import_from_filesystem_operation do
%Operation{
- tags: ["Emoji packs"],
+ tags: ["Emoji pack administration"],
summary: "Imports packs from filesystem",
operationId: "PleromaAPI.EmojiPackController.import",
- security: [%{"oAuth" => ["write"]}],
+ security: [%{"oAuth" => ["admin:write"]}],
responses: %{
200 =>
Operation.response("Array of imported pack names", "application/json", %Schema{
title: %Schema{type: :string, description: "Title of linked resource"},
description: %Schema{type: :string, description: "Description of preview"}
}
- }
+ },
+ unread: %Schema{type: :boolean, description: "Whether a message has been marked as read."}
},
example: %{
"account_id" => "someflakeid",
}
],
"id" => "14",
- "attachment" => nil
+ "attachment" => nil,
+ "unread" => false
}
})
end
visibility: %Schema{allOf: [VisibilityScope], nullable: true},
scheduled_at: %Schema{type: :string, format: :"date-time", nullable: true},
poll: StatusOperation.poll_params(),
- in_reply_to_id: %Schema{type: :string, nullable: true}
+ in_reply_to_id: %Schema{type: :string, nullable: true},
+ expires_in: %Schema{type: :integer, nullable: true}
}
}
},
scheduled_at: nil,
poll: nil,
idempotency: nil,
- in_reply_to_id: nil
+ in_reply_to_id: nil,
+ expires_in: nil
},
media_attachments: [Attachment.schema().example]
}
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.AppController do
+ @moduledoc """
+ Controller for supporting app-related actions.
+ If authentication is an option, app tokens (user-unbound) must be supported.
+ """
+
use Pleroma.Web, :controller
alias Pleroma.Repo
plug(
:skip_plug,
[OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug]
- when action == :create
+ when action in [:create, :verify_credentials]
)
- plug(OAuthScopesPlug, %{scopes: ["read"]} when action == :verify_credentials)
-
plug(Pleroma.Web.ApiSpec.CastAndValidate)
@local_mastodon_name "Mastodon-Local"
end
end
- @doc "GET /api/v1/apps/verify_credentials"
- def verify_credentials(%{assigns: %{user: _user, token: token}} = conn, _) do
- with %Token{app: %App{} = app} <- Repo.preload(token, :app) do
- render(conn, "short.json", app: app)
+ @doc """
+ GET /api/v1/apps/verify_credentials
+ Gets compact non-secret representation of the app. Supports app tokens and user tokens.
+ """
+ def verify_credentials(%{assigns: %{token: %Token{} = token}} = conn, _) do
+ with %{app: %App{} = app} <- Repo.preload(token, :app) do
+ render(conn, "compact_non_secret.json", app: app)
end
end
end
render(conn, "participation.json", participation: participation, for: user)
end
end
+
+ @doc "DELETE /api/v1/conversations/:id"
+ def delete(%{assigns: %{user: user}} = conn, %{id: participation_id}) do
+ with %Participation{} = participation <-
+ Repo.get_by(Participation, id: participation_id, user_id: user.id),
+ {:ok, _} <- Participation.delete(participation) do
+ json(conn, %{})
+ end
+ end
end
|> with_vapid_key()
end
- def render("short.json", %{app: %App{website: webiste, client_name: name}}) do
+ def render("compact_non_secret.json", %{app: %App{website: website, client_name: name}}) do
%{
name: name,
- website: webiste
+ website: website
}
|> with_vapid_key()
end
visibility: params["visibility"],
scheduled_at: params["scheduled_at"],
poll: params["poll"],
- in_reply_to_id: params["in_reply_to_id"]
+ in_reply_to_id: params["in_reply_to_id"],
+ expires_in: params["expires_in"]
}
|> Pleroma.Maps.put_if_present(:media_ids, params["media_ids"])
end
plug(
OAuthScopesPlug,
- %{scopes: ["read:chats"]} when action in [:messages, :index, :show]
+ %{scopes: ["read:chats"]} when action in [:messages, :index, :index2, :show]
)
plug(OpenApiSpex.Plug.CastAndValidate, render_error: Pleroma.Web.ApiSpec.RenderError)
end
end
- def index(%{assigns: %{user: %{id: user_id} = user}} = conn, params) do
- exclude_users =
- User.cached_blocked_users_ap_ids(user) ++
- if params[:with_muted], do: [], else: User.cached_muted_users_ap_ids(user)
-
+ def index(%{assigns: %{user: user}} = conn, params) do
chats =
- user_id
- |> Chat.for_user_query()
- |> where([c], c.recipient not in ^exclude_users)
+ index_query(user, params)
|> Repo.all()
render(conn, "index.json", chats: chats)
end
+ def index2(%{assigns: %{user: user}} = conn, params) do
+ chats =
+ index_query(user, params)
+ |> Pagination.fetch_paginated(params)
+
+ render(conn, "index.json", chats: chats)
+ end
+
+ defp index_query(%{id: user_id} = user, params) do
+ exclude_users =
+ User.cached_blocked_users_ap_ids(user) ++
+ if params[:with_muted], do: [], else: User.cached_muted_users_ap_ids(user)
+
+ user_id
+ |> Chat.for_user_query()
+ |> where([c], c.recipient not in ^exclude_users)
+ end
+
def create(%{assigns: %{user: user}} = conn, %{id: id}) do
with %User{ap_id: recipient} <- User.get_cached_by_id(id),
{:ok, %Chat{} = chat} <- Chat.get_or_create(user.id, recipient) do
plug(
Pleroma.Web.Plugs.OAuthScopesPlug,
- %{scopes: ["write"], admin: true}
+ %{scopes: ["admin:write"]}
when action in [
:create,
:update,
plug(
Pleroma.Web.Plugs.OAuthScopesPlug,
- %{scopes: ["write"], admin: true}
+ %{scopes: ["admin:write"]}
when action in [
:import_from_filesystem,
:remote,
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.EnsureAuthenticatedPlug do
+ @moduledoc """
+ Ensures _user_ authentication (app-bound user-unbound tokens are not accepted).
+ """
+
import Plug.Conn
import Pleroma.Web.TranslationHelpers
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug do
+ @moduledoc """
+ Ensures instance publicity or _user_ authentication
+ (app-bound user-unbound tokens are accepted only if the instance is public).
+ """
+
import Pleroma.Web.TranslationHelpers
import Plug.Conn
end
end
+ # App-bound token case (obtained with client_id and client_secret)
+ def call(%{assigns: %{token: %Token{user_id: nil}}} = conn, _) do
+ assign(conn, :user, nil)
+ end
+
def call(conn, _) do
conn
|> assign(:user, nil)
"""
@behaviour Plug
+ @api_routes Pleroma.Web.get_api_routes()
+
def file_path(path, frontend_type \\ :primary) do
if configuration = Pleroma.Config.get([:frontends, frontend_type]) do
instance_static_path = Pleroma.Config.get([:instance, :static_dir], "instance/static")
end
def call(conn, opts) do
- with false <- invalid_path?(conn.path_info),
+ with false <- api_route?(conn.path_info),
+ false <- invalid_path?(conn.path_info),
frontend_type <- Map.get(opts, :frontend_type, :primary),
path when not is_nil(path) <- file_path("", frontend_type) do
call_static(conn, opts, path)
defp invalid_path?([h | t], match), do: String.contains?(h, match) or invalid_path?(t)
defp invalid_path?([], _match), do: false
+ defp api_route?([h | _]) when h in @api_routes, do: true
+ defp api_route?([_ | t]), do: api_route?(t)
+ defp api_route?([]), do: false
+
defp call_static(conn, opts, from) do
opts = Map.put(opts, :from, from)
Plug.Static.call(conn, opts)
import Plug.Conn
import Pleroma.Web.Gettext
- alias Pleroma.Config
alias Pleroma.Helpers.AuthHelper
use Pleroma.Web, :plug
op = options[:op] || :|
token = assigns[:token]
- scopes = transform_scopes(scopes, options)
matched_scopes = (token && filter_descendants(scopes, token.scopes)) || []
cond do
end
)
end
-
- @doc "Transforms scopes by applying supported options (e.g. :admin)"
- def transform_scopes(scopes, options) do
- if options[:admin] do
- Config.oauth_admin_scopes(scopes)
- else
- scopes
- end
- end
end
plug(Pleroma.Web.Plugs.EnsureUserTokenAssignsPlug)
end
- pipeline :expect_authentication do
+ # Note: expects _user_ authentication (user-unbound app-bound tokens don't qualify)
+ pipeline :expect_user_authentication do
plug(Pleroma.Web.Plugs.ExpectAuthenticatedCheckPlug)
end
- pipeline :expect_public_instance_or_authentication do
+ # Note: expects public instance or _user_ authentication (user-unbound tokens don't qualify)
+ pipeline :expect_public_instance_or_user_authentication do
plug(Pleroma.Web.Plugs.ExpectPublicOrAuthenticatedCheckPlug)
end
plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
end
- pipeline :api do
- plug(:expect_public_instance_or_authentication)
+ pipeline :no_auth_or_privacy_expectations_api do
plug(:base_api)
plug(:after_auth)
plug(Pleroma.Web.Plugs.IdempotencyPlug)
end
+ # Pipeline for app-related endpoints (no user auth checks — app-bound tokens must be supported)
+ pipeline :app_api do
+ plug(:no_auth_or_privacy_expectations_api)
+ end
+
+ pipeline :api do
+ plug(:expect_public_instance_or_user_authentication)
+ plug(:no_auth_or_privacy_expectations_api)
+ end
+
pipeline :authenticated_api do
- plug(:expect_authentication)
- plug(:base_api)
- plug(:after_auth)
+ plug(:expect_user_authentication)
+ plug(:no_auth_or_privacy_expectations_api)
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug)
- plug(Pleroma.Web.Plugs.IdempotencyPlug)
end
pipeline :admin_api do
- plug(:expect_authentication)
+ plug(:expect_user_authentication)
plug(:base_api)
plug(Pleroma.Web.Plugs.AdminSecretAuthenticationPlug)
plug(:after_auth)
get("/federation_status", InstancesController, :show)
end
+ scope "/api/v2/pleroma", Pleroma.Web.PleromaAPI do
+ scope [] do
+ pipe_through(:authenticated_api)
+ get("/chats", ChatController, :index2)
+ end
+ end
+
scope "/api/v1", Pleroma.Web.MastodonAPI do
pipe_through(:authenticated_api)
post("/accounts/:id/mute", AccountController, :mute)
post("/accounts/:id/unmute", AccountController, :unmute)
- get("/apps/verify_credentials", AppController, :verify_credentials)
-
get("/conversations", ConversationController, :index)
post("/conversations/:id/read", ConversationController, :mark_as_read)
+ delete("/conversations/:id", ConversationController, :delete)
get("/domain_blocks", DomainBlockController, :index)
post("/domain_blocks", DomainBlockController, :create)
put("/settings", MastoFEController, :put_settings)
end
+ scope "/api/v1", Pleroma.Web.MastodonAPI do
+ pipe_through(:app_api)
+
+ post("/apps", AppController, :create)
+ get("/apps/verify_credentials", AppController, :verify_credentials)
+ end
+
scope "/api/v1", Pleroma.Web.MastodonAPI do
pipe_through(:api)
get("/instance", InstanceController, :show)
get("/instance/peers", InstanceController, :peers)
- post("/apps", AppController, :create)
-
get("/statuses", StatusController, :index)
get("/statuses/:id", StatusController, :show)
get("/statuses/:id/context", StatusController, :context)
+++ /dev/null
-{
- "@context": [
- "https://www.w3.org/ns/activitystreams",
- "http://localhost:4001/schemas/litepub-0.1.jsonld",
- {
- "@language": "und"
- }
- ],
- "attachment": [],
- "endpoints": {
- "oauthAuthorizationEndpoint": "http://localhost:4001/oauth/authorize",
- "oauthRegistrationEndpoint": "http://localhost:4001/api/v1/apps",
- "oauthTokenEndpoint": "http://localhost:4001/oauth/token",
- "sharedInbox": "http://localhost:4001/inbox"
- },
- "followers": "http://localhost:4001/users/{{nickname}}/followers",
- "following": "http://localhost:4001/users/{{nickname}}/following",
- "icon": {
- "type": "Image",
- "url": "http://localhost:4001/media/4e914f5b84e4a259a3f6c2d2edc9ab642f2ab05f3e3d9c52c81fc2d984b3d51e.jpg"
- },
- "id": "http://localhost:4001/users/{{nickname}}",
- "image": {
- "type": "Image",
- "url": "http://localhost:4001/media/f739efddefeee49c6e67e947c4811fdc911785c16ae43da4c3684051fbf8da6a.jpg?name=f739efddefeee49c6e67e947c4811fdc911785c16ae43da4c3684051fbf8da6a.jpg"
- },
- "inbox": "http://localhost:4001/users/{{nickname}}/inbox",
- "manuallyApprovesFollowers": false,
- "name": "{{nickname}}",
- "outbox": "http://localhost:4001/users/{{nickname}}/outbox",
- "preferredUsername": "{{nickname}}",
- "publicKey": {
- "id": "http://localhost:4001/users/{{nickname}}#main-key",
- "owner": "http://localhost:4001/users/{{nickname}}",
- "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DLtwGXNZElJyxFGfcVc\nXANhaMadj/iYYQwZjOJTV9QsbtiNBeIK54PJrYuU0/0YIdrvS1iqheX5IwXRhcwa\nhm3ZyLz7XeN9st7FBni4BmZMBtMpxAuYuu5p/jbWy13qAiYOhPreCx0wrWgm/lBD\n9mkgaxIxPooBE0S4ZWEJIDIV1Vft3AWcRUyWW1vIBK0uZzs6GYshbQZB952S0yo4\nFzI1hABGHncH8UvuFauh4EZ8tY7/X5I0pGRnDOcRN1dAht5w5yTA+6r5kebiFQjP\nIzN/eCO/a9Flrj9YGW7HDNtjSOH0A31PLRGlJtJO3yK57dnf5ppyCZGfL4emShQo\ncQIDAQAB\n-----END PUBLIC KEY-----\n\n"
- },
- "summary": "your friendly neighborhood pleroma developer<br>I like cute things and distributed systems, and really hate delete and redrafts",
- "tag": [],
- "type": "Person",
- "url": "http://localhost:4001/users/{{nickname}}"
-}
\ No newline at end of file
Logger.configure(level: :warn)
assert capture_log(fn ->
- Mix.Tasks.Pleroma.Ecto.Rollback.run()
+ Mix.Tasks.Pleroma.Ecto.Rollback.run(["--env", "test"])
end) =~ "[info] Rollback succesfully"
Logger.configure(level: level)
assert Participation.unread_count(blocked) == 1
end
end
+
+ test "deletes a conversation" do
+ user = insert(:user)
+ other_user = insert(:user)
+
+ {:ok, _activity} =
+ CommonAPI.post(user, %{status: "Hey @#{other_user.nickname}.", visibility: "direct"})
+
+ assert [participation] = Participation.for_user(other_user)
+ assert {:ok, _} = Participation.delete(participation)
+ assert [] == Participation.for_user(other_user)
+ end
end
assert Enum.empty?(Notification.for_user(local_user))
end
- @tag capture_log: true
test "move activity generates a notification" do
%{ap_id: old_ap_id} = old_user = insert(:user)
%{ap_id: new_ap_id} = new_user = insert(:user, also_known_as: [old_ap_id])
User.follow(follower, old_user)
User.follow(other_follower, old_user)
- old_user_url = old_user.ap_id
-
- body =
- File.read!("test/fixtures/users_mock/localhost.json")
- |> String.replace("{{nickname}}", old_user.nickname)
- |> Jason.encode!()
-
- Tesla.Mock.mock(fn
- %{method: :get, url: ^old_user_url} ->
- %Tesla.Env{status: 200, body: body}
- end)
-
Pleroma.Web.ActivityPub.ActivityPub.move(old_user, new_user)
ObanHelpers.perform_all()
assert json_response(conn, 404)
end
+ test "returns local-only objects when authenticated", %{conn: conn} do
+ user = insert(:user)
+ {:ok, post} = CommonAPI.post(user, %{status: "test", visibility: "local"})
+
+ assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post)
+
+ object = Object.normalize(post, fetch: false)
+ uuid = String.split(object.data["id"], "/") |> List.last()
+
+ assert response =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/objects/#{uuid}")
+
+ assert json_response(response, 200) == ObjectView.render("object.json", %{object: object})
+ end
+
test "it returns a json representation of the object with accept application/json", %{
conn: conn
} do
assert json_response(conn, 404)
end
+ test "returns visible non-public messages when authenticated", %{conn: conn} do
+ note = insert(:direct_note)
+ uuid = String.split(note.data["id"], "/") |> List.last()
+ user = User.get_by_ap_id(note.data["actor"])
+ marisa = insert(:user)
+
+ assert conn
+ |> assign(:user, marisa)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/objects/#{uuid}")
+ |> json_response(404)
+
+ assert response =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/objects/#{uuid}")
+ |> json_response(200)
+
+ assert response == ObjectView.render("object.json", %{object: note})
+ end
+
test "it returns 404 for tombstone objects", %{conn: conn} do
tombstone = insert(:tombstone)
uuid = String.split(tombstone.data["id"], "/") |> List.last()
assert json_response(conn, 404)
end
+ test "returns local-only activities when authenticated", %{conn: conn} do
+ user = insert(:user)
+ {:ok, post} = CommonAPI.post(user, %{status: "test", visibility: "local"})
+
+ assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post)
+
+ uuid = String.split(post.data["id"], "/") |> List.last()
+
+ assert response =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/activities/#{uuid}")
+
+ assert json_response(response, 200) == ObjectView.render("object.json", %{object: post})
+ end
+
test "it returns a json representation of the activity", %{conn: conn} do
activity = insert(:note_activity)
uuid = String.split(activity.data["id"], "/") |> List.last()
assert json_response(conn, 404)
end
+ test "returns visible non-public messages when authenticated", %{conn: conn} do
+ note = insert(:direct_note_activity)
+ uuid = String.split(note.data["id"], "/") |> List.last()
+ user = User.get_by_ap_id(note.data["actor"])
+ marisa = insert(:user)
+
+ assert conn
+ |> assign(:user, marisa)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/activities/#{uuid}")
+ |> json_response(404)
+
+ assert response =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/activities/#{uuid}")
+ |> json_response(200)
+
+ assert response == ObjectView.render("object.json", %{object: note})
+ end
+
test "it caches a response", %{conn: conn} do
activity = insert(:note_activity)
uuid = String.split(activity.data["id"], "/") |> List.last()
assert response(conn, 200) =~ announce_activity.data["object"]
end
+
+ test "It returns poll Answers when authenticated", %{conn: conn} do
+ poller = insert(:user)
+ voter = insert(:user)
+
+ {:ok, activity} =
+ CommonAPI.post(poller, %{
+ status: "suya...",
+ poll: %{options: ["suya", "suya.", "suya.."], expires_in: 10}
+ })
+
+ assert question = Object.normalize(activity, fetch: false)
+
+ {:ok, [activity], _object} = CommonAPI.vote(voter, question, [1])
+
+ assert outbox_get =
+ conn
+ |> assign(:user, voter)
+ |> put_req_header("accept", "application/activity+json")
+ |> get(voter.ap_id <> "/outbox?page=true")
+ |> json_response(200)
+
+ assert [answer_outbox] = outbox_get["orderedItems"]
+ assert answer_outbox["id"] == activity.data["id"]
+ end
end
describe "POST /users/:nickname/outbox (C2S)" do
use Pleroma.DataCase, async: true
alias Pleroma.Activity
+ alias Pleroma.Object
alias Pleroma.Web.ActivityPub.Visibility
alias Pleroma.Web.CommonAPI
import Pleroma.Factory
assert Visibility.is_list?(list)
end
- test "visible_for_user?", %{
+ test "visible_for_user? Activity", %{
public: public,
private: private,
direct: direct,
refute Visibility.visible_for_user?(private, unrelated)
refute Visibility.visible_for_user?(direct, unrelated)
+ # Public and unlisted visible for unauthenticated
+
+ assert Visibility.visible_for_user?(public, nil)
+ assert Visibility.visible_for_user?(unlisted, nil)
+ refute Visibility.visible_for_user?(private, nil)
+ refute Visibility.visible_for_user?(direct, nil)
+
# Visible for a list member
assert Visibility.visible_for_user?(list, unrelated)
end
+ test "visible_for_user? Object", %{
+ public: public,
+ private: private,
+ direct: direct,
+ unlisted: unlisted,
+ user: user,
+ mentioned: mentioned,
+ following: following,
+ unrelated: unrelated,
+ list: list
+ } do
+ public = Object.normalize(public)
+ private = Object.normalize(private)
+ unlisted = Object.normalize(unlisted)
+ direct = Object.normalize(direct)
+ list = Object.normalize(list)
+
+ # All visible to author
+
+ assert Visibility.visible_for_user?(public, user)
+ assert Visibility.visible_for_user?(private, user)
+ assert Visibility.visible_for_user?(unlisted, user)
+ assert Visibility.visible_for_user?(direct, user)
+ assert Visibility.visible_for_user?(list, user)
+
+ # All visible to a mentioned user
+
+ assert Visibility.visible_for_user?(public, mentioned)
+ assert Visibility.visible_for_user?(private, mentioned)
+ assert Visibility.visible_for_user?(unlisted, mentioned)
+ assert Visibility.visible_for_user?(direct, mentioned)
+ assert Visibility.visible_for_user?(list, mentioned)
+
+ # DM not visible for just follower
+
+ assert Visibility.visible_for_user?(public, following)
+ assert Visibility.visible_for_user?(private, following)
+ assert Visibility.visible_for_user?(unlisted, following)
+ refute Visibility.visible_for_user?(direct, following)
+ refute Visibility.visible_for_user?(list, following)
+
+ # Public and unlisted visible for unrelated user
+
+ assert Visibility.visible_for_user?(public, unrelated)
+ assert Visibility.visible_for_user?(unlisted, unrelated)
+ refute Visibility.visible_for_user?(private, unrelated)
+ refute Visibility.visible_for_user?(direct, unrelated)
+
+ # Public and unlisted visible for unauthenticated
+
+ assert Visibility.visible_for_user?(public, nil)
+ assert Visibility.visible_for_user?(unlisted, nil)
+ refute Visibility.visible_for_user?(private, nil)
+ refute Visibility.visible_for_user?(direct, nil)
+
+ # Visible for a list member
+ # assert Visibility.visible_for_user?(list, unrelated)
+ end
+
test "doesn't die when the user doesn't exist",
%{
direct: direct,
assert json_response(conn, 200)
end
- describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
+ test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
+ %{admin: admin} do
+ user = insert(:user)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
- test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, 200)
- end
-
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
-
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
+
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
+
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, 200)
end
- end
- describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
+ end
- test "GET /api/pleroma/admin/users/:nickname requires " <>
- "read:accounts or admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
- good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
-
- good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, 200)
- end
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
-
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
-
- assert json_response(conn, :forbidden)
- end
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
+
+ assert json_response(conn, :forbidden)
end
end
assert json_response(conn, 200)
end
- describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
-
- test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
+ test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
+ %{admin: admin} do
+ user = insert(:user)
+ url = "/api/pleroma/admin/users/#{user.nickname}"
- assert json_response(conn, 200)
- end
+ good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
+ good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
+ good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
- for good_token <- [good_token1, good_token2, good_token3] do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
+ bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
+ bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
+ bad_token3 = nil
- assert json_response(conn, :forbidden)
- end
-
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, good_token)
+ |> get(url)
- assert json_response(conn, :forbidden)
- end
+ assert json_response(conn, 200)
end
- end
- describe "unless [:auth, :enforce_oauth_admin_scope_usage]," do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
-
- test "GET /api/pleroma/admin/users/:nickname requires " <>
- "read:accounts or admin:read:accounts or broader scope",
- %{admin: admin} do
- user = insert(:user)
- url = "/api/pleroma/admin/users/#{user.nickname}"
-
- good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
- good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
- good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
- good_token4 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
- good_token5 = insert(:oauth_token, user: admin, scopes: ["read"])
-
- good_tokens = [good_token1, good_token2, good_token3, good_token4, good_token5]
-
- bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts:partial"])
- bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
- bad_token3 = nil
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, good_token)
- |> get(url)
-
- assert json_response(conn, 200)
- end
-
- for good_token <- good_tokens do
- conn =
- build_conn()
- |> assign(:user, nil)
- |> assign(:token, good_token)
- |> get(url)
+ for good_token <- [good_token1, good_token2, good_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, nil)
+ |> assign(:token, good_token)
+ |> get(url)
- assert json_response(conn, :forbidden)
- end
+ assert json_response(conn, :forbidden)
+ end
- for bad_token <- [bad_token1, bad_token2, bad_token3] do
- conn =
- build_conn()
- |> assign(:user, admin)
- |> assign(:token, bad_token)
- |> get(url)
+ for bad_token <- [bad_token1, bad_token2, bad_token3] do
+ conn =
+ build_conn()
+ |> assign(:user, admin)
+ |> assign(:token, bad_token)
+ |> get(url)
- assert json_response(conn, :forbidden)
- end
+ assert json_response(conn, :forbidden)
end
end
import Pleroma.Factory
test "apps/verify_credentials", %{conn: conn} do
- token = insert(:oauth_token)
+ user_bound_token = insert(:oauth_token)
+ app_bound_token = insert(:oauth_token, user: nil)
+ refute app_bound_token.user
- conn =
- conn
- |> put_req_header("authorization", "Bearer #{token.token}")
- |> get("/api/v1/apps/verify_credentials")
+ for token <- [app_bound_token, user_bound_token] do
+ conn =
+ conn
+ |> put_req_header("authorization", "Bearer #{token.token}")
+ |> get("/api/v1/apps/verify_credentials")
- app = Repo.preload(token, :app).app
+ app = Repo.preload(token, :app).app
- expected = %{
- "name" => app.client_name,
- "website" => app.website,
- "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
- }
+ expected = %{
+ "name" => app.client_name,
+ "website" => app.website,
+ "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
+ }
- assert expected == json_response_and_validate_schema(conn, 200)
+ assert expected == json_response_and_validate_schema(conn, 200)
+ end
end
test "creates an oauth app", %{conn: conn} do
assert %{"ancestors" => [], "descendants" => []} == json_response(res_conn, 200)
end
+ test "Removes a conversation", %{user: user_one, conn: conn} do
+ user_two = insert(:user)
+ token = insert(:oauth_token, user: user_one, scopes: ["read:statuses", "write:conversations"])
+
+ {:ok, _direct} = create_direct_message(user_one, [user_two])
+ {:ok, _direct} = create_direct_message(user_one, [user_two])
+
+ assert [%{"id" => conv1_id}, %{"id" => conv2_id}] =
+ conn
+ |> assign(:token, token)
+ |> get("/api/v1/conversations")
+ |> json_response_and_validate_schema(200)
+
+ assert %{} =
+ conn
+ |> assign(:token, token)
+ |> delete("/api/v1/conversations/#{conv1_id}")
+ |> json_response_and_validate_schema(200)
+
+ assert [%{"id" => ^conv2_id}] =
+ conn
+ |> assign(:token, token)
+ |> get("/api/v1/conversations")
+ |> json_response_and_validate_schema(200)
+ end
+
defp create_direct_message(sender, recips) do
hellos =
recips
assert length(json_response_and_validate_schema(conn, 200)) == 1
end
- @tag capture_log: true
test "see move notifications" do
old_user = insert(:user)
new_user = insert(:user, also_known_as: [old_user.ap_id])
%{user: follower, conn: conn} = oauth_access(["read:notifications"])
- old_user_url = old_user.ap_id
-
- body =
- File.read!("test/fixtures/users_mock/localhost.json")
- |> String.replace("{{nickname}}", old_user.nickname)
- |> Jason.encode!()
-
- Tesla.Mock.mock(fn
- %{method: :get, url: ^old_user_url} ->
- %Tesla.Env{status: 200, body: body}
- end)
-
User.follow(follower, old_user)
Pleroma.Web.ActivityPub.ActivityPub.move(old_user, new_user)
Pleroma.Tests.ObanHelpers.perform_all()
assert [] == Repo.all(Activity)
end
+ test "with expiration" do
+ %{conn: conn} = oauth_access(["write:statuses", "read:statuses"])
+
+ scheduled_at =
+ NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond)
+ |> NaiveDateTime.to_iso8601()
+ |> Kernel.<>("Z")
+
+ assert %{"id" => status_id, "params" => %{"expires_in" => 300}} =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "scheduled",
+ "scheduled_at" => scheduled_at,
+ "expires_in" => 300
+ })
+ |> json_response_and_validate_schema(200)
+
+ assert %{"id" => ^status_id, "params" => %{"expires_in" => 300}} =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> get("/api/v1/scheduled_statuses/#{status_id}")
+ |> json_response_and_validate_schema(200)
+ end
+
test "ignores nil values", %{conn: conn} do
conn =
conn
refute Repo.one(Notification)
end
- @tag capture_log: true
test "Move notification" do
old_user = insert(:user)
new_user = insert(:user, also_known_as: [old_user.ap_id])
follower = insert(:user)
- old_user_url = old_user.ap_id
-
- body =
- File.read!("test/fixtures/users_mock/localhost.json")
- |> String.replace("{{nickname}}", old_user.nickname)
- |> Jason.encode!()
-
- Tesla.Mock.mock(fn
- %{method: :get, url: ^old_user_url} ->
- %Tesla.Env{status: 200, body: body}
- end)
-
User.follow(follower, old_user)
Pleroma.Web.ActivityPub.ActivityPub.move(old_user, new_user)
Pleroma.Tests.ObanHelpers.perform_all()
sensitive: true,
spoiler_text: "spoiler",
text: "hi",
- visibility: "unlisted"
+ visibility: "unlisted",
+ expires_in: nil
},
scheduled_at: Utils.to_masto_date(scheduled_activity.scheduled_at)
}
end
end
- describe "GET /api/v1/pleroma/chats" do
- setup do: oauth_access(["read:chats"])
-
- test "it does not return chats with deleted users", %{conn: conn, user: user} do
- recipient = insert(:user)
- {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
-
- Pleroma.Repo.delete(recipient)
- User.invalidate_cache(recipient)
-
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 0
- end
-
- test "it does not return chats with users you blocked", %{conn: conn, user: user} do
- recipient = insert(:user)
-
- {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
-
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 1
-
- User.block(user, recipient)
-
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 0
- end
-
- test "it does not return chats with users you muted", %{conn: conn, user: user} do
- recipient = insert(:user)
-
- {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
-
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 1
+ for tested_endpoint <- ["/api/v1/pleroma/chats", "/api/v2/pleroma/chats"] do
+ describe "GET #{tested_endpoint}" do
+ setup do: oauth_access(["read:chats"])
- User.mute(user, recipient)
-
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 0
-
- result =
- conn
- |> get("/api/v1/pleroma/chats?with_muted=true")
- |> json_response_and_validate_schema(200)
-
- assert length(result) == 1
- end
-
- test "it returns all chats", %{conn: conn, user: user} do
- Enum.each(1..30, fn _ ->
+ test "it does not return chats with deleted users", %{conn: conn, user: user} do
recipient = insert(:user)
{:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
- end)
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
+ Pleroma.Repo.delete(recipient)
+ User.invalidate_cache(recipient)
- assert length(result) == 30
- end
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
- test "it return a list of chats the current user is participating in, in descending order of updates",
- %{conn: conn, user: user} do
- har = insert(:user)
- jafnhar = insert(:user)
- tridi = insert(:user)
+ assert length(result) == 0
+ end
- {:ok, chat_1} = Chat.get_or_create(user.id, har.ap_id)
- {:ok, chat_1} = time_travel(chat_1, -3)
- {:ok, chat_2} = Chat.get_or_create(user.id, jafnhar.ap_id)
- {:ok, _chat_2} = time_travel(chat_2, -2)
- {:ok, chat_3} = Chat.get_or_create(user.id, tridi.ap_id)
- {:ok, chat_3} = time_travel(chat_3, -1)
+ test "it does not return chats with users you blocked", %{conn: conn, user: user} do
+ recipient = insert(:user)
- # bump the second one
- {:ok, chat_2} = Chat.bump_or_create(user.id, jafnhar.ap_id)
+ {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
- ids = Enum.map(result, & &1["id"])
+ assert length(result) == 1
- assert ids == [
- chat_2.id |> to_string(),
- chat_3.id |> to_string(),
- chat_1.id |> to_string()
- ]
- end
+ User.block(user, recipient)
- test "it is not affected by :restrict_unauthenticated setting (issue #1973)", %{
- conn: conn,
- user: user
- } do
- clear_config([:restrict_unauthenticated, :profiles, :local], true)
- clear_config([:restrict_unauthenticated, :profiles, :remote], true)
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
- user2 = insert(:user)
- user3 = insert(:user, local: false)
+ assert length(result) == 0
+ end
- {:ok, _chat_12} = Chat.get_or_create(user.id, user2.ap_id)
- {:ok, _chat_13} = Chat.get_or_create(user.id, user3.ap_id)
+ test "it does not return chats with users you muted", %{conn: conn, user: user} do
+ recipient = insert(:user)
- result =
- conn
- |> get("/api/v1/pleroma/chats")
- |> json_response_and_validate_schema(200)
+ {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
- account_ids = Enum.map(result, &get_in(&1, ["account", "id"]))
- assert Enum.sort(account_ids) == Enum.sort([user2.id, user3.id])
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 1
+
+ User.mute(user, recipient)
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 0
+
+ result =
+ conn
+ |> get("#{unquote(tested_endpoint)}?with_muted=true")
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 1
+ end
+
+ if tested_endpoint == "/api/v1/pleroma/chats" do
+ test "it returns all chats", %{conn: conn, user: user} do
+ Enum.each(1..30, fn _ ->
+ recipient = insert(:user)
+ {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
+ end)
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 30
+ end
+ else
+ test "it paginates chats", %{conn: conn, user: user} do
+ Enum.each(1..30, fn _ ->
+ recipient = insert(:user)
+ {:ok, _} = Chat.get_or_create(user.id, recipient.ap_id)
+ end)
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 20
+ last_id = List.last(result)["id"]
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint) <> "?max_id=#{last_id}")
+ |> json_response_and_validate_schema(200)
+
+ assert length(result) == 10
+ end
+ end
+
+ test "it return a list of chats the current user is participating in, in descending order of updates",
+ %{conn: conn, user: user} do
+ har = insert(:user)
+ jafnhar = insert(:user)
+ tridi = insert(:user)
+
+ {:ok, chat_1} = Chat.get_or_create(user.id, har.ap_id)
+ {:ok, chat_1} = time_travel(chat_1, -3)
+ {:ok, chat_2} = Chat.get_or_create(user.id, jafnhar.ap_id)
+ {:ok, _chat_2} = time_travel(chat_2, -2)
+ {:ok, chat_3} = Chat.get_or_create(user.id, tridi.ap_id)
+ {:ok, chat_3} = time_travel(chat_3, -1)
+
+ # bump the second one
+ {:ok, chat_2} = Chat.bump_or_create(user.id, jafnhar.ap_id)
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ ids = Enum.map(result, & &1["id"])
+
+ assert ids == [
+ chat_2.id |> to_string(),
+ chat_3.id |> to_string(),
+ chat_1.id |> to_string()
+ ]
+ end
+
+ test "it is not affected by :restrict_unauthenticated setting (issue #1973)", %{
+ conn: conn,
+ user: user
+ } do
+ clear_config([:restrict_unauthenticated, :profiles, :local], true)
+ clear_config([:restrict_unauthenticated, :profiles, :remote], true)
+
+ user2 = insert(:user)
+ user3 = insert(:user, local: false)
+
+ {:ok, _chat_12} = Chat.get_or_create(user.id, user2.ap_id)
+ {:ok, _chat_13} = Chat.get_or_create(user.id, user3.ap_id)
+
+ result =
+ conn
+ |> get(unquote(tested_endpoint))
+ |> json_response_and_validate_schema(200)
+
+ account_ids = Enum.map(result, &get_in(&1, ["account", "id"]))
+ assert Enum.sort(account_ids) == Enum.sort([user2.id, user3.id])
+ end
end
end
end
Pleroma.Config.get!([:instance, :static_dir]),
"emoji"
)
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
-
setup do: clear_config([:instance, :public], true)
setup do
Pleroma.Config.get!([:instance, :static_dir]),
"emoji"
)
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
setup do: clear_config([:instance, :public], true)
assert %Plug.Conn{status: :success} = get(conn, url)
end
end
+
+ test "api routes are detected correctly" do
+ # If this test fails we have probably added something
+ # new that should be in /api/ instead
+ expected_routes = [
+ "api",
+ "main",
+ "ostatus_subscribe",
+ "oauth",
+ "objects",
+ "activities",
+ "notice",
+ "users",
+ "tags",
+ "mailer",
+ "inbox",
+ "relay",
+ "internal",
+ ".well-known",
+ "nodeinfo",
+ "web",
+ "auth",
+ "embed",
+ "proxy",
+ "test",
+ "user_exists",
+ "check_password"
+ ]
+
+ assert expected_routes == Pleroma.Web.get_api_routes()
+ end
end
assert f.(["admin:read"], ["write", "admin"]) == ["admin:read"]
end
end
-
- describe "transform_scopes/2" do
- setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage])
-
- setup do
- {:ok, %{f: &OAuthScopesPlug.transform_scopes/2}}
- end
-
- test "with :admin option, prefixes all requested scopes with `admin:` " <>
- "and [optionally] keeps only prefixed scopes, " <>
- "depending on `[:auth, :enforce_oauth_admin_scope_usage]` setting",
- %{f: f} do
- clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
-
- assert f.(["read"], %{admin: true}) == ["admin:read", "read"]
-
- assert f.(["read", "write"], %{admin: true}) == [
- "admin:read",
- "read",
- "admin:write",
- "write"
- ]
-
- clear_config([:auth, :enforce_oauth_admin_scope_usage], true)
-
- assert f.(["read:accounts"], %{admin: true}) == ["admin:read:accounts"]
-
- assert f.(["read", "write:reports"], %{admin: true}) == [
- "admin:read",
- "admin:write:reports"
- ]
- end
-
- test "with no supported options, returns unmodified scopes", %{f: f} do
- assert f.(["read"], %{}) == ["read"]
- assert f.(["read", "write"], %{}) == ["read", "write"]
- end
- end
end
user: user,
token: oauth_token
} do
- user_url = user.ap_id
user2 = insert(:user)
- body =
- File.read!("test/fixtures/users_mock/localhost.json")
- |> String.replace("{{nickname}}", user.nickname)
- |> Jason.encode!()
-
- Tesla.Mock.mock_global(fn
- %{method: :get, url: ^user_url} ->
- %Tesla.Env{status: 200, body: body}
- end)
-
Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
{:ok, _follower, _followed, follow_activity} = CommonAPI.follow(user2, user)
token: oauth_token
} do
user_id = user.id
- user_url = user.ap_id
other_user = insert(:user)
other_user_id = other_user.id
- body =
- File.read!("test/fixtures/users_mock/localhost.json")
- |> String.replace("{{nickname}}", user.nickname)
- |> Jason.encode!()
-
- Tesla.Mock.mock_global(fn
- %{method: :get, url: ^user_url} ->
- %Tesla.Env{status: 200, body: body}
- end)
-
Streamer.get_topic_and_add_socket("user", user, oauth_token)
{:ok, _follower, _followed, _follow_activity} = CommonAPI.follow(user, other_user)
projects / akkoma / commitdiff
