akkoma
6 years agohtml: new module providing a configurable markup scrubbing policy
William Pitcock [Sun, 9 Sep 2018 23:29:00 +0000 (23:29 +0000)]
html: new module providing a configurable markup scrubbing policy

6 years agoMerge branch 'bugfix/test-circular-reference' into 'develop'
kaniini [Sun, 9 Sep 2018 13:06:17 +0000 (13:06 +0000)]
Merge branch 'bugfix/test-circular-reference' into 'develop'

test: user enabled plug tests: fix circular reference

See merge request pleroma/pleroma!336

6 years agotests: break the cycle using pleroma.factory
William Pitcock [Sun, 9 Sep 2018 12:56:25 +0000 (12:56 +0000)]
tests: break the cycle using pleroma.factory

6 years agotests: try breaking the cycle a different way
William Pitcock [Sun, 9 Sep 2018 12:43:58 +0000 (12:43 +0000)]
tests: try breaking the cycle a different way

6 years agotest: user enabled plug tests: fix circular reference
William Pitcock [Sun, 9 Sep 2018 12:22:00 +0000 (12:22 +0000)]
test: user enabled plug tests: fix circular reference

6 years agoMerge branch 'update/pleroma-fe-20180909' into 'develop'
kaniini [Sun, 9 Sep 2018 12:15:14 +0000 (12:15 +0000)]
Merge branch 'update/pleroma-fe-20180909' into 'develop'

update pleroma frontend

See merge request pleroma/pleroma!335

6 years agoupdate pleroma frontend
William Pitcock [Sun, 9 Sep 2018 12:09:52 +0000 (12:09 +0000)]
update pleroma frontend

6 years agoMerge branch 'suggestion-api-restriction' into 'develop'
kaniini [Sun, 9 Sep 2018 11:38:33 +0000 (11:38 +0000)]
Merge branch 'suggestion-api-restriction' into 'develop'

Make limit for /api/v1/suggestions

See merge request pleroma/pleroma!334

6 years agomake limit for /api/v1/suggestions
Hakaba Hitoyo [Sun, 9 Sep 2018 04:57:23 +0000 (13:57 +0900)]
make limit for /api/v1/suggestions

6 years agoMerge branch 'moonman/pleroma-sha512-crypt' into 'develop'
lambda [Sat, 8 Sep 2018 09:20:34 +0000 (09:20 +0000)]
Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'

auth overhaul and legacy GS auth

See merge request pleroma/pleroma!331

6 years agoMerge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
kaniini [Fri, 7 Sep 2018 23:55:42 +0000 (23:55 +0000)]
Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'

Add Secure and SameSite cookie flags

See merge request pleroma/pleroma!302

6 years agoMerge branch 'improve-server-config-examples' into 'develop'
kaniini [Fri, 7 Sep 2018 23:55:01 +0000 (23:55 +0000)]
Merge branch 'improve-server-config-examples' into 'develop'

Improve server config examples

See merge request pleroma/pleroma!307

6 years agoMerge branch 'feature/custom_media_url' into 'develop'
kaniini [Fri, 7 Sep 2018 23:49:36 +0000 (23:49 +0000)]
Merge branch 'feature/custom_media_url' into 'develop'

[Pleroma.Uploaders.Local]: Add configuration for custom url path

See merge request pleroma/pleroma!318

6 years agoMerge branch 'fix/tusk' into 'develop'
kaniini [Fri, 7 Sep 2018 23:47:43 +0000 (23:47 +0000)]
Merge branch 'fix/tusk' into 'develop'

Fix signin and initial loading with Tusk

See merge request pleroma/pleroma!333

6 years agoMastodon API: Fake support for loading filters
Martin Kühl [Wed, 5 Sep 2018 18:14:16 +0000 (20:14 +0200)]
Mastodon API: Fake support for loading filters

6 years agoMastodon API: Add unsupported attributes to relationship responses
Martin Kühl [Wed, 5 Sep 2018 18:13:50 +0000 (20:13 +0200)]
Mastodon API: Add unsupported attributes to relationship responses

These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.

6 years agoMerge branch 'fix/test-failure-due-to/306' into 'develop'
lambda [Thu, 6 Sep 2018 06:50:15 +0000 (06:50 +0000)]
Merge branch 'fix/test-failure-due-to/306' into 'develop'

Fix the tests

See merge request pleroma/pleroma!332

6 years agoFix warning.
lain [Wed, 5 Sep 2018 20:42:50 +0000 (22:42 +0200)]
Fix warning.

6 years agoAdd LegacyAuthenticationPlug to router.
lain [Wed, 5 Sep 2018 20:31:57 +0000 (22:31 +0200)]
Add LegacyAuthenticationPlug to router.

6 years agoUpdate legacy passwords automatically.
lain [Wed, 5 Sep 2018 20:30:14 +0000 (22:30 +0200)]
Update legacy passwords automatically.

6 years agoFix the tests
Martin Kühl [Wed, 5 Sep 2018 20:20:59 +0000 (22:20 +0200)]
Fix the tests

6 years agoUpdate Mix.lock
lain [Wed, 5 Sep 2018 20:00:41 +0000 (22:00 +0200)]
Update Mix.lock

6 years agoAdd Plugs to router.
lain [Wed, 5 Sep 2018 19:57:56 +0000 (21:57 +0200)]
Add Plugs to router.

6 years agoAdd UserEnabledPlug.
lain [Wed, 5 Sep 2018 19:53:53 +0000 (21:53 +0200)]
Add UserEnabledPlug.

6 years agoAdd SetUserSessionIdPlug.
lain [Wed, 5 Sep 2018 19:42:42 +0000 (21:42 +0200)]
Add SetUserSessionIdPlug.

6 years agoMerge branch 'fix/sign-in-with-toot' into 'develop'
Haelwenn [Wed, 5 Sep 2018 18:20:26 +0000 (18:20 +0000)]
Merge branch 'fix/sign-in-with-toot' into 'develop'

Fix sign-in and sign-out with Toot!

See merge request pleroma/pleroma!306

6 years agoAdd new plugs to router.
lain [Wed, 5 Sep 2018 17:13:53 +0000 (19:13 +0200)]
Add new plugs to router.

6 years agoAdd EnsureUserKeyPlug, smaller fixes
lain [Wed, 5 Sep 2018 17:06:28 +0000 (19:06 +0200)]
Add EnsureUserKeyPlug, smaller fixes

6 years agoSimplify AuthenticationPlug
lain [Wed, 5 Sep 2018 16:53:38 +0000 (18:53 +0200)]
Simplify AuthenticationPlug

6 years agoAdd SessionAuthenticationPlug.
lain [Wed, 5 Sep 2018 16:37:02 +0000 (18:37 +0200)]
Add SessionAuthenticationPlug.

6 years agoAdd LegacyAuthenticationPlug
lain [Wed, 5 Sep 2018 16:17:33 +0000 (18:17 +0200)]
Add LegacyAuthenticationPlug

6 years agoAdd EnsureAuthenticatedPlug
lain [Wed, 5 Sep 2018 15:59:19 +0000 (17:59 +0200)]
Add EnsureAuthenticatedPlug

6 years agoAdd UserFetcherPlug.
lain [Wed, 5 Sep 2018 15:44:38 +0000 (17:44 +0200)]
Add UserFetcherPlug.

6 years agoAdd BasicAuthDecoderPlug
lain [Wed, 5 Sep 2018 15:30:05 +0000 (17:30 +0200)]
Add BasicAuthDecoderPlug

6 years agopinned crypt dependency to specific commit
Moon Man [Wed, 5 Sep 2018 06:29:19 +0000 (02:29 -0400)]
pinned crypt dependency to specific commit

6 years agochange cond to if else
Moon Man [Wed, 5 Sep 2018 05:37:48 +0000 (01:37 -0400)]
change cond to if else

6 years agoauth against sha512-crypt password hashes, upgrade to pbkdf2
Moon Man [Wed, 5 Sep 2018 04:21:44 +0000 (00:21 -0400)]
auth against sha512-crypt password hashes, upgrade to pbkdf2

6 years agoinstallation/pleroma-apache.conf: OCSP stapling needs to be outside of the virtualhos...
shibayashi [Mon, 3 Sep 2018 19:41:21 +0000 (21:41 +0200)]
installation/pleroma-apache.conf: OCSP stapling needs to be outside of the virtualhost directive

6 years agoMerge branch 'feature/staff-discovery-api' into 'develop'
kaniini [Mon, 3 Sep 2018 15:00:56 +0000 (15:00 +0000)]
Merge branch 'feature/staff-discovery-api' into 'develop'

staff discovery api

See merge request pleroma/pleroma!326

6 years agoMerge branch 'develop' into 'feature/staff-discovery-api'
kaniini [Mon, 3 Sep 2018 14:55:42 +0000 (14:55 +0000)]
Merge branch 'develop' into 'feature/staff-discovery-api'

# Conflicts:
#   lib/pleroma/web/nodeinfo/nodeinfo_controller.ex

6 years agotests: add test for staffAccounts presence in nodeinfo
William Pitcock [Mon, 3 Sep 2018 14:40:14 +0000 (14:40 +0000)]
tests: add test for staffAccounts presence in nodeinfo

6 years agonodeinfo: add staffAccounts field to metadata
William Pitcock [Mon, 3 Sep 2018 14:35:51 +0000 (14:35 +0000)]
nodeinfo: add staffAccounts field to metadata

6 years agoMerge branch 'feature/mastodon_api_2.4.x' into 'develop'
kaniini [Mon, 3 Sep 2018 12:33:36 +0000 (12:33 +0000)]
Merge branch 'feature/mastodon_api_2.4.x' into 'develop'

Add/Fix Mastodon endpoints for 2.4.3 compatibility

See merge request pleroma/pleroma!266

6 years agoMerge branch 'report-chat-and-gopher-support' into 'develop'
kaniini [Mon, 3 Sep 2018 12:32:19 +0000 (12:32 +0000)]
Merge branch 'report-chat-and-gopher-support' into 'develop'

Report chat and gopher support at /nodeinfo/2.0.json

See merge request pleroma/pleroma!327

6 years agoreport chat and gopher support at /nodeinfo/2.0.json
Hakaba Hitoyo [Mon, 3 Sep 2018 12:13:30 +0000 (21:13 +0900)]
report chat and gopher support at /nodeinfo/2.0.json

6 years agouser: add moderator_user_query()
William Pitcock [Mon, 3 Sep 2018 12:03:23 +0000 (12:03 +0000)]
user: add moderator_user_query()

6 years agomigrations: add is_moderator index for users table
William Pitcock [Mon, 3 Sep 2018 11:55:12 +0000 (11:55 +0000)]
migrations: add is_moderator index for users table

6 years agoMerge branch 'nil-bio-emojis' into 'develop'
kaniini [Mon, 3 Sep 2018 05:54:11 +0000 (05:54 +0000)]
Merge branch 'nil-bio-emojis' into 'develop'

add nil clause for Formatter.get_emoji/1 to return an empty result

Closes #274

See merge request pleroma/pleroma!315

6 years agoMerge branch 'patch-2' into 'develop'
Haelwenn [Mon, 3 Sep 2018 02:03:51 +0000 (02:03 +0000)]
Merge branch 'patch-2' into 'develop'

Render notification IDs as strings, not numbers

See merge request pleroma/pleroma!325

6 years agoUpdate mastodon_api_controller.ex
shadowfacts [Mon, 3 Sep 2018 01:58:55 +0000 (01:58 +0000)]
Update mastodon_api_controller.ex

6 years agoUpdate mastodon_api_controller.ex
shadowfacts [Mon, 3 Sep 2018 01:52:02 +0000 (01:52 +0000)]
Update mastodon_api_controller.ex

6 years agoRender notification IDs as strings, not numbers
shadowfacts [Mon, 3 Sep 2018 01:40:05 +0000 (01:40 +0000)]
Render notification IDs as strings, not numbers

6 years agosloop around get_emoji/1 to check is_binary and have a fallthrough
Thurloat [Sun, 2 Sep 2018 23:44:37 +0000 (20:44 -0300)]
sloop around get_emoji/1 to check is_binary and have a fallthrough
default that returns empty

6 years ago[Pleroma.Uploaders.Local]: Add configuration for custom url path
Haelwenn (lanodan) Monnier [Sat, 1 Sep 2018 15:14:14 +0000 (17:14 +0200)]
[Pleroma.Uploaders.Local]: Add configuration for custom url path

One use-case being an external caching proxy

6 years agoMerge branch 'hotfix_broken_likes' into 'develop'
kaniini [Sun, 2 Sep 2018 12:37:00 +0000 (12:37 +0000)]
Merge branch 'hotfix_broken_likes' into 'develop'

hotfix for broken like completely breaking the notifications API

See merge request pleroma/pleroma!284

6 years agoMerge branch 'security/emoji-xss' into 'develop'
kaniini [Sun, 2 Sep 2018 00:08:56 +0000 (00:08 +0000)]
Merge branch 'security/emoji-xss' into 'develop'

formatter: don't add XSS emoji

See merge request pleroma/pleroma!322

6 years agoformatter: don't add XSS emoji
William Pitcock [Sun, 2 Sep 2018 00:04:09 +0000 (00:04 +0000)]
formatter: don't add XSS emoji

6 years agoMerge branch 'security/activitypub-spoofing' into 'develop'
kaniini [Sat, 1 Sep 2018 23:48:55 +0000 (23:48 +0000)]
Merge branch 'security/activitypub-spoofing' into 'develop'

security: activitypub spoofing

See merge request pleroma/pleroma!321

6 years agotransmogrifier: fix peertube/plume actor handling
William Pitcock [Sat, 1 Sep 2018 23:44:19 +0000 (23:44 +0000)]
transmogrifier: fix peertube/plume actor handling

6 years agotests: add regression tests
William Pitcock [Sat, 1 Sep 2018 23:33:10 +0000 (23:33 +0000)]
tests: add regression tests

6 years agoactivitypub: fix possibility of spoofing by containing remote objects to the same...
William Pitcock [Sat, 1 Sep 2018 23:20:02 +0000 (23:20 +0000)]
activitypub: fix possibility of spoofing by containing remote objects to the same domain as their actor

6 years agoMerge branch 'feature/disable-config-management' into 'develop'
Haelwenn [Sat, 1 Sep 2018 21:47:35 +0000 (21:47 +0000)]
Merge branch 'feature/disable-config-management' into 'develop'

config: add ability to disable Pleroma FE config management (closes #276)

Closes #276

See merge request pleroma/pleroma!320

6 years agorun `mix format`.
William Pitcock [Sat, 1 Sep 2018 21:12:42 +0000 (21:12 +0000)]
run `mix format`.

6 years agoOAuth: Support /revoke endpoint for revoking tokens
Martin Kühl [Tue, 28 Aug 2018 23:25:40 +0000 (01:25 +0200)]
OAuth: Support /revoke endpoint for revoking tokens

(for compatibility with Mastodon)

6 years agoOAuth: Set `created_at` in token exchange response
Martin Kühl [Tue, 28 Aug 2018 23:07:17 +0000 (01:07 +0200)]
OAuth: Set `created_at` in token exchange response

(for compatibility with Mastodon)

6 years agoAccountView: `sensitive` is supposed to be a boolean, not a string
Martin Kühl [Tue, 28 Aug 2018 22:51:25 +0000 (00:51 +0200)]
AccountView: `sensitive` is supposed to be a boolean, not a string

6 years agoconfig: add ability to disable Pleroma FE config management (closes #276)
William Pitcock [Sat, 1 Sep 2018 21:03:35 +0000 (21:03 +0000)]
config: add ability to disable Pleroma FE config management (closes #276)

6 years agoMerge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'
kaniini [Sat, 1 Sep 2018 09:12:59 +0000 (09:12 +0000)]
Merge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'

Clean code duplication in MastoAPI search(v1/v2)

See merge request pleroma/pleroma!316

6 years agoMerge branch 'verify-credentials-default-scope' into 'develop'
kaniini [Sat, 1 Sep 2018 08:48:40 +0000 (08:48 +0000)]
Merge branch 'verify-credentials-default-scope' into 'develop'

Specify default scope in verify_credentials

See merge request pleroma/pleroma!317

6 years agoSpecify default scope in verify_credentials
Will Pearson [Sat, 1 Sep 2018 03:59:43 +0000 (20:59 -0700)]
Specify default scope in verify_credentials

Certain Mastodon/Pleroma front ends call verify_credentials to get the
default scope of a new toot.

Currently, Pleroma hardcodes this value to "public".

This patch changes it to the user's default_scope value.

6 years ago[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication
Haelwenn (lanodan) Monnier [Sat, 1 Sep 2018 01:08:54 +0000 (03:08 +0200)]
[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication

6 years agoadd nil clause for Formatter.get_emoji/1 to return an empty result
Thurloat [Fri, 31 Aug 2018 17:28:39 +0000 (14:28 -0300)]
add nil clause for Formatter.get_emoji/1 to return an empty result

6 years agoMerge branch 'revert-a26d5e6b' into 'develop'
lambda [Fri, 31 Aug 2018 09:53:00 +0000 (09:53 +0000)]
Merge branch 'revert-a26d5e6b' into 'develop'

Revert "Merge branch 'feature/rich-text' into 'develop'"

See merge request pleroma/pleroma!313

6 years agoRevert "Merge branch 'feature/rich-text' into 'develop'"
lambda [Fri, 31 Aug 2018 09:51:20 +0000 (09:51 +0000)]
Revert "Merge branch 'feature/rich-text' into 'develop'"

This reverts merge request !309

6 years agoMerge branch 'bugfix/s3-configuration' into 'develop'
kaniini [Fri, 31 Aug 2018 04:50:44 +0000 (04:50 +0000)]
Merge branch 'bugfix/s3-configuration' into 'develop'

config: fix up defaults for s3 endpoint configuration

See merge request pleroma/pleroma!312

6 years agoconfig: fix up defaults for s3 endpoint configuration
William Pitcock [Fri, 31 Aug 2018 04:43:15 +0000 (04:43 +0000)]
config: fix up defaults for s3 endpoint configuration

6 years agoMerge branch 'update/pleroma-fe-20180831' into 'develop'
kaniini [Fri, 31 Aug 2018 04:36:04 +0000 (04:36 +0000)]
Merge branch 'update/pleroma-fe-20180831' into 'develop'

update pleroma frontend

See merge request pleroma/pleroma!311

6 years agoupdate pleroma frontend
William Pitcock [Fri, 31 Aug 2018 04:35:18 +0000 (04:35 +0000)]
update pleroma frontend

6 years agoMerge branch 'update/pleroma-fe-config-20180831' into 'develop'
kaniini [Fri, 31 Aug 2018 04:06:18 +0000 (04:06 +0000)]
Merge branch 'update/pleroma-fe-config-20180831' into 'develop'

config: chase pleroma-fe updates from MR pleroma-fe!324.

See merge request pleroma/pleroma!310

6 years agoconfig: chase pleroma-fe updates from MR pleroma-fe!324.
William Pitcock [Fri, 31 Aug 2018 04:01:21 +0000 (04:01 +0000)]
config: chase pleroma-fe updates from MR pleroma-fe!324.

6 years agoMerge branch 'feature/rich-text' into 'develop'
kaniini [Fri, 31 Aug 2018 03:41:00 +0000 (03:41 +0000)]
Merge branch 'feature/rich-text' into 'develop'

rich text support

See merge request pleroma/pleroma!309

6 years agotests: add tests for evil HTML filtering
William Pitcock [Fri, 31 Aug 2018 03:34:56 +0000 (03:34 +0000)]
tests: add tests for evil HTML filtering

6 years agocommon api: add support for formatting messages outside of twitter-style plain text
William Pitcock [Fri, 31 Aug 2018 03:13:59 +0000 (03:13 +0000)]
common api: add support for formatting messages outside of twitter-style plain text

6 years agoMerge branch 'use-media-proxy-in-suggestions-api' into 'develop'
kaniini [Thu, 30 Aug 2018 23:06:30 +0000 (23:06 +0000)]
Merge branch 'use-media-proxy-in-suggestions-api' into 'develop'

use media proxy for the suggestions api

See merge request pleroma/pleroma!305

6 years agoMerge branch 'backendhack' into 'develop'
kaniini [Thu, 30 Aug 2018 23:05:01 +0000 (23:05 +0000)]
Merge branch 'backendhack' into 'develop'

Flexible Storage Backends

See merge request pleroma/pleroma!304

6 years agoincrease uploader behaviour documentation accuracy.
Thurloat [Thu, 30 Aug 2018 12:20:29 +0000 (09:20 -0300)]
increase uploader behaviour documentation accuracy.

6 years agoAdd frame-ancestors 'none' to all configs
shibayashi [Thu, 30 Aug 2018 09:10:16 +0000 (11:10 +0200)]
Add frame-ancestors 'none' to all configs

6 years agoAdd backend failure handling with :ok | :error so the uploader can handle it.
Thurloat [Thu, 30 Aug 2018 01:07:28 +0000 (22:07 -0300)]
Add backend failure handling with :ok | :error so the uploader can handle it.

defaulting to :ok, since that's the currently level of error handling.

6 years agomigrations: add index creation migration and recipients_to/cc removal migration
William Pitcock [Wed, 29 Aug 2018 18:38:51 +0000 (18:38 +0000)]
migrations: add index creation migration and recipients_to/cc removal migration

6 years agoactivity: drop recipients_to/recipients_cc fields
William Pitcock [Wed, 29 Aug 2018 18:38:30 +0000 (18:38 +0000)]
activity: drop recipients_to/recipients_cc fields

6 years agomigrations: drop filler migration
William Pitcock [Wed, 29 Aug 2018 18:33:09 +0000 (18:33 +0000)]
migrations: drop filler migration

6 years agoactivitypub: use jsonb query for containment instead of recipients_to/recipients_cc.
William Pitcock [Wed, 29 Aug 2018 18:32:04 +0000 (18:32 +0000)]
activitypub: use jsonb query for containment instead of recipients_to/recipients_cc.

6 years agoinstallation/pleroma.nginx: Add 'always' to the security headers, so that they are...
shibayashi [Wed, 29 Aug 2018 17:00:40 +0000 (19:00 +0200)]
installation/pleroma.nginx: Add 'always' to the security headers, so that they are included regardless of the status code

6 years agoMerge branch 'fix-mastodon-notifications-without-nickname' into 'develop'
Haelwenn [Wed, 29 Aug 2018 14:43:45 +0000 (14:43 +0000)]
Merge branch 'fix-mastodon-notifications-without-nickname' into 'develop'

Fix Mastodon API when actor's nickname is null

See merge request pleroma/pleroma!308

6 years agoFix Mastodon API when actor's nickname is null
href [Wed, 29 Aug 2018 14:26:36 +0000 (16:26 +0200)]
Fix Mastodon API when actor's nickname is null

6 years agostreamer: contain list updates in the same way as we do with the database query
William Pitcock [Wed, 29 Aug 2018 09:23:05 +0000 (09:23 +0000)]
streamer: contain list updates in the same way as we do with the database query

6 years agomastodon api: use bounded AP object graph query to enforce containment of private...
William Pitcock [Wed, 29 Aug 2018 08:51:51 +0000 (08:51 +0000)]
mastodon api: use bounded AP object graph query to enforce containment of private statuses

6 years agoactivitypub: allow querying the activity/object graph bounded to a specific to/cc set
William Pitcock [Wed, 29 Aug 2018 08:51:23 +0000 (08:51 +0000)]
activitypub: allow querying the activity/object graph bounded to a specific to/cc set

6 years agotest: add testcase proving lists system does not leak non-public posts
William Pitcock [Wed, 29 Aug 2018 08:50:23 +0000 (08:50 +0000)]
test: add testcase proving lists system does not leak non-public posts

6 years agomigrations: add migration to fill in recipients_to/recipients_cc fields
William Pitcock [Wed, 29 Aug 2018 08:43:24 +0000 (08:43 +0000)]
migrations: add migration to fill in recipients_to/recipients_cc fields