config :tzdata, :autoupdate, :disabled
+config :pleroma, :mrf, policies: []
+
if File.exists?("./config/test.secret.exs") do
import_config "test.secret.exs"
else
@impl true
def describe, do: {:ok, %{}}
- defp local?(%{"id" => id}) do
- String.starts_with?(id, Pleroma.Web.Endpoint.url())
+ defp local?(%{"actor" => actor}) do
+ String.starts_with?(actor, Pleroma.Web.Endpoint.url())
end
defp note?(activity) do
cng
|> validate_change(field_name, fn field_name, actor ->
- if User.get_cached_by_ap_id(actor) do
- []
- else
- [{field_name, "can't find user"}]
+ case User.get_cached_by_ap_id(actor) do
+ %User{deactivated: true} ->
+ [{field_name, "user is deactivated"}]
+
+ %User{} ->
+ []
+
+ _ ->
+ [{field_name, "can't find user"}]
end
end)
end
alias Pleroma.Object
alias Pleroma.Web.RichMedia.Parser
+ @rich_media_options [
+ pool: :media,
+ max_body: 2_000_000
+ ]
+
@spec validate_page_url(URI.t() | binary()) :: :ok | :error
defp validate_page_url(page_url) when is_binary(page_url) do
validate_tld = Pleroma.Config.get([Pleroma.Formatter, :validate_tld])
fetch_data_for_activity(activity)
:ok
end
+
+ def rich_media_get(url) do
+ headers = [{"user-agent", Pleroma.Application.user_agent() <> "; Bot"}]
+
+ options =
+ if Application.get_env(:tesla, :adapter) == Tesla.Adapter.Hackney do
+ Keyword.merge(@rich_media_options,
+ recv_timeout: 2_000,
+ with_body: true
+ )
+ else
+ @rich_media_options
+ end
+
+ Pleroma.HTTP.get(url, headers, options)
+ end
end
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.RichMedia.Parser do
- @options [
- pool: :media,
- max_body: 2_000_000
- ]
-
defp parsers do
Pleroma.Config.get([:rich_media, :parsers])
end
end
defp parse_url(url) do
- opts =
- if Application.get_env(:tesla, :adapter) == Tesla.Adapter.Hackney do
- Keyword.merge(@options,
- recv_timeout: 2_000,
- with_body: true
- )
- else
- @options
- end
-
try do
- rich_media_agent = Pleroma.Application.user_agent() <> "; Bot"
-
- {:ok, %Tesla.Env{body: html}} =
- Pleroma.HTTP.get(url, [{"user-agent", rich_media_agent}], adapter: opts)
+ {:ok, %Tesla.Env{body: html}} = Pleroma.Web.RichMedia.Helpers.rich_media_get(url)
html
|> parse_html()
end
defp get_oembed_data(url) do
- with {:ok, %Tesla.Env{body: json}} <- Pleroma.HTTP.get(url, [], adapter: [pool: :media]) do
+ with {:ok, %Tesla.Env{body: json}} <- Pleroma.Web.RichMedia.Helpers.rich_media_get(url) do
Jason.decode(json)
end
end
}
a {
- color: color: #d8a070;
+ color: #d8a070;
text-decoration: none;
}
"ecto.setup": ["ecto.create", "ecto.migrate", "run priv/repo/seeds.exs"],
"ecto.reset": ["ecto.drop", "ecto.setup"],
test: ["ecto.create --quiet", "ecto.migrate", "test"],
- docs: ["pleroma.docs", "docs"]
+ docs: ["pleroma.docs", "docs"],
+ analyze: ["credo --strict --only=warnings,todo,fixme,consistency,readability"]
]
end
--- /dev/null
+defmodule Pleroma.Repo.Migrations.RemoveNonlocalExpirations do
+ use Ecto.Migration
+
+ def up do
+ statement = """
+ DELETE FROM
+ activity_expirations A USING activities B
+ WHERE
+ A.activity_id = B.id
+ AND B.local = false;
+ """
+
+ execute(statement)
+ end
+
+ def down do
+ :ok
+ end
+end
--- /dev/null
+defmodule Pleroma.Repo.Migrations.AddUniqueIndexToAppClientId do
+ use Ecto.Migration
+
+ def change do
+ create(unique_index(:apps, [:client_id]))
+ end
+end
defp assert_app(name, redirect, scopes) do
app = Repo.get_by(Pleroma.Web.OAuth.App, client_name: name)
- assert_received {:mix_shell, :info, [message]}
+ assert_receive {:mix_shell, :info, [message]}
assert message == "#{name} successfully created:"
- assert_received {:mix_shell, :info, [message]}
+ assert_receive {:mix_shell, :info, [message]}
assert message == "App client_id: #{app.client_id}"
- assert_received {:mix_shell, :info, [message]}
+ assert_receive {:mix_shell, :info, [message]}
assert message == "App client_secret: #{app.client_secret}"
assert app.scopes == scopes
alias Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy
@id Pleroma.Web.Endpoint.url() <> "/activities/cofe"
+ @local_actor Pleroma.Web.Endpoint.url() <> "/users/cofe"
test "adds `expires_at` property" do
assert {:ok, %{"type" => "Create", "expires_at" => expires_at}} =
ActivityExpirationPolicy.filter(%{
"id" => @id,
+ "actor" => @local_actor,
"type" => "Create",
"object" => %{"type" => "Note"}
})
assert {:ok, %{"type" => "Create", "expires_at" => ^expires_at}} =
ActivityExpirationPolicy.filter(%{
"id" => @id,
+ "actor" => @local_actor,
"type" => "Create",
"expires_at" => expires_at,
"object" => %{"type" => "Note"}
assert {:ok, %{"type" => "Create", "expires_at" => expires_at}} =
ActivityExpirationPolicy.filter(%{
"id" => @id,
+ "actor" => @local_actor,
"type" => "Create",
"expires_at" => too_distant_future,
"object" => %{"type" => "Note"}
assert {:ok, activity} =
ActivityExpirationPolicy.filter(%{
"id" => "https://example.com/123",
+ "actor" => "https://example.com/users/cofe",
"type" => "Create",
"object" => %{"type" => "Note"}
})
assert {:ok, activity} =
ActivityExpirationPolicy.filter(%{
"id" => "https://example.com/123",
+ "actor" => "https://example.com/users/cofe",
"type" => "Follow"
})
assert {:ok, activity} =
ActivityExpirationPolicy.filter(%{
"id" => "https://example.com/123",
+ "actor" => "https://example.com/users/cofe",
"type" => "Create",
"object" => %{"type" => "Cofe"}
})
{:ok, %Activity{} = _activity} = Transmogrifier.handle_incoming(data)
end
+ test "it doesn't work for deactivated users" do
+ data =
+ File.read!("test/fixtures/create-chat-message.json")
+ |> Poison.decode!()
+
+ _author =
+ insert(:user,
+ ap_id: data["actor"],
+ local: false,
+ last_refreshed_at: DateTime.utc_now(),
+ deactivated: true
+ )
+
+ _recipient = insert(:user, ap_id: List.first(data["to"]), local: true)
+
+ assert {:error, _} = Transmogrifier.handle_incoming(data)
+ end
+
test "it inserts it and creates a chat" do
data =
File.read!("test/fixtures/create-chat-message.json")
end) =~ "[warn] Couldn't fetch \"https://404.site/whatever\", error: nil"
end
+ test "it does not work for deactivated users" do
+ data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
+
+ insert(:user, ap_id: data["actor"], deactivated: true)
+
+ assert {:error, _} = Transmogrifier.handle_incoming(data)
+ end
+
test "it works for incoming notices" do
data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
end
describe "posting" do
+ test "deactivated users can't post" do
+ user = insert(:user, deactivated: true)
+ assert {:error, _} = CommonAPI.post(user, %{status: "ye"})
+ end
+
test "it supports explicit addressing" do
user = insert(:user)
user_two = insert(:user)
test "returns error when followed user is deactivated" do
follower = insert(:user)
user = insert(:user, local: true, deactivated: true)
- {:error, error} = MastodonAPI.follow(follower, user)
- assert error == :rejected
+ assert {:error, _error} = MastodonAPI.follow(follower, user)
end
test "following for user" do
assert exist_app.id == app.id
assert exist_app.scopes == ["read", "write", "follow", "push"]
end
+
+ test "has unique client_id" do
+ insert(:oauth_app, client_name: "", redirect_uris: "", client_id: "boop")
+
+ error =
+ catch_error(insert(:oauth_app, client_name: "", redirect_uris: "", client_id: "boop"))
+
+ assert %Ecto.ConstraintError{} = error
+ assert error.constraint == "apps_client_id_index"
+ assert error.type == :unique
+ end
end
end