From fbf9eced11e57e9b95fec23791efb7666480a6c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?marcin=20miko=C5=82ajczak?= Date: Tue, 29 Mar 2022 14:01:03 +0200 Subject: [PATCH 1/7] Add short_description field MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: marcin mikołajczak --- config/config.exs | 1 + config/description.exs | 9 +++++++++ docs/configuration/cheatsheet.md | 1 + lib/pleroma/web/mastodon_api/views/instance_view.ex | 1 + 4 files changed, 12 insertions(+) diff --git a/config/config.exs b/config/config.exs index 6a5acda09..0fc959807 100644 --- a/config/config.exs +++ b/config/config.exs @@ -187,6 +187,7 @@ config :pleroma, :instance, email: "example@example.com", notify_email: "noreply@example.com", description: "Pleroma: An efficient and flexible fediverse server", + short_description: "", background_image: "/images/city.jpg", instance_thumbnail: "/instance/thumbnail.jpeg", limit: 5_000, diff --git a/config/description.exs b/config/description.exs index 704af8f68..06b0182cd 100644 --- a/config/description.exs +++ b/config/description.exs @@ -536,6 +536,15 @@ config :pleroma, :config_description, [ "Very cool instance" ] }, + %{ + key: :short_description, + type: :string, + description: + "Shorter version of instance description. It can be seen on `/api/v1/instance`", + suggestions: [ + "Cool instance" + ] + }, %{ key: :limit, type: :integer, diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 4dacdc68c..0ab600b21 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -18,6 +18,7 @@ To add configuration to your config file, you can copy it from the base config. * `email`: Email used to reach an Administrator/Moderator of the instance. * `notify_email`: Email used for notifications. * `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance``. +* `short_description`: Shorter version of instance description, can be seen on ``/api/v1/instance``. * `limit`: Posts character limit (CW/Subject included in the counter). * `description_limit`: The character limit for image descriptions. * `remote_limit`: Hard character limit beyond which remote posts will be dropped. diff --git a/lib/pleroma/web/mastodon_api/views/instance_view.ex b/lib/pleroma/web/mastodon_api/views/instance_view.ex index ee52475d5..62931bd41 100644 --- a/lib/pleroma/web/mastodon_api/views/instance_view.ex +++ b/lib/pleroma/web/mastodon_api/views/instance_view.ex @@ -17,6 +17,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceView do uri: Pleroma.Web.Endpoint.url(), title: Keyword.get(instance, :name), description: Keyword.get(instance, :description), + short_description: Keyword.get(instance, :short_description), version: "#{@mastodon_api_level} (compatible; #{Pleroma.Application.named_version()})", email: Keyword.get(instance, :email), urls: %{ From 0d4aceb9b0c6d742b481c08b88ba50d67c65c091 Mon Sep 17 00:00:00 2001 From: Sean King Date: Tue, 5 Jul 2022 20:36:47 -0600 Subject: [PATCH 2/7] Make checking blacklisted domains and restricted nicknames case-insenstive --- lib/pleroma/user.ex | 17 +++++++++++++++-- test/pleroma/user_test.exs | 23 +++++++++++++++++++++++ 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 747a83e8d..47c51469e 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -758,13 +758,26 @@ defmodule Pleroma.User do valid? = Config.get([User, :email_blacklist]) |> Enum.all?(fn blacklisted_domain -> - !String.ends_with?(email, ["@" <> blacklisted_domain, "." <> blacklisted_domain]) + blacklisted_domain_downcase = String.downcase(blacklisted_domain) + + !String.ends_with?(String.downcase(email), [ + "@" <> blacklisted_domain_downcase, + "." <> blacklisted_domain_downcase + ]) end) if valid?, do: [], else: [email: "Invalid email"] end) |> unique_constraint(:nickname) - |> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames])) + |> validate_change(:nickname, fn :nickname, nickname -> + valid? = + Config.get([User, :restricted_nicknames]) + |> Enum.all?(fn restricted_nickname -> + String.downcase(nickname) != String.downcase(restricted_nickname) + end) + + if valid?, do: [], else: [nickname: "Invalid nickname"] + end) |> validate_format(:nickname, local_nickname_regex()) |> validate_length(:bio, max: bio_limit) |> validate_length(:name, min: 1, max: name_limit) diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs index 884b846ae..5b513f01b 100644 --- a/test/pleroma/user_test.exs +++ b/test/pleroma/user_test.exs @@ -618,6 +618,7 @@ defmodule Pleroma.UserTest do end test "it restricts certain nicknames" do + clear_config([User, :restricted_nicknames], ["about"]) [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) assert is_bitstring(restricted_name) @@ -631,6 +632,23 @@ defmodule Pleroma.UserTest do refute changeset.valid? end + test "it is case-insensitive when restricting nicknames" do + clear_config([User, :restricted_nicknames], ["about"]) + [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) + + assert is_bitstring(restricted_name) + + restricted_upcase_name = String.upcase(restricted_name) + + params = + @full_user_data + |> Map.put(:nickname, restricted_upcase_name) + + changeset = User.register_changeset(%User{}, params) + + refute changeset.valid? + end + test "it blocks blacklisted email domains" do clear_config([User, :email_blacklist], ["trolling.world"]) @@ -639,6 +657,11 @@ defmodule Pleroma.UserTest do changeset = User.register_changeset(%User{}, params) refute changeset.valid? + # Block with case-insensitive match + params = Map.put(@full_user_data, :email, "troll@TrOlLing.wOrld") + changeset = User.register_changeset(%User{}, params) + refute changeset.valid? + # Block with subdomain match params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world") changeset = User.register_changeset(%User{}, params) From 6e7b919637ff220a3abf17feff5c25149f3a23a1 Mon Sep 17 00:00:00 2001 From: Sean King Date: Wed, 6 Jul 2022 20:15:49 -0600 Subject: [PATCH 3/7] Make validation functions for restricted nicknames and blacklisted domains; do restricted nickname validation in LDAP account registration --- lib/pleroma/user.ex | 56 ++++++++++++++++++++++++++------------------- 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 47c51469e..d05fbe5a2 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -706,7 +706,7 @@ defmodule Pleroma.User do ]) |> validate_required([:name, :nickname]) |> unique_constraint(:nickname) - |> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames])) + |> validate_not_restricted_nickname(:nickname) |> validate_format(:nickname, local_nickname_regex()) |> put_ap_id() |> unique_constraint(:ap_id) @@ -754,30 +754,9 @@ defmodule Pleroma.User do |> validate_confirmation(:password) |> unique_constraint(:email) |> validate_format(:email, @email_regex) - |> validate_change(:email, fn :email, email -> - valid? = - Config.get([User, :email_blacklist]) - |> Enum.all?(fn blacklisted_domain -> - blacklisted_domain_downcase = String.downcase(blacklisted_domain) - - !String.ends_with?(String.downcase(email), [ - "@" <> blacklisted_domain_downcase, - "." <> blacklisted_domain_downcase - ]) - end) - - if valid?, do: [], else: [email: "Invalid email"] - end) + |> validate_email_not_in_blacklisted_domain(:email) |> unique_constraint(:nickname) - |> validate_change(:nickname, fn :nickname, nickname -> - valid? = - Config.get([User, :restricted_nicknames]) - |> Enum.all?(fn restricted_nickname -> - String.downcase(nickname) != String.downcase(restricted_nickname) - end) - - if valid?, do: [], else: [nickname: "Invalid nickname"] - end) + |> validate_not_restricted_nickname(:nickname) |> validate_format(:nickname, local_nickname_regex()) |> validate_length(:bio, max: bio_limit) |> validate_length(:name, min: 1, max: name_limit) @@ -791,6 +770,35 @@ defmodule Pleroma.User do |> put_following_and_follower_and_featured_address() end + def validate_not_restricted_nickname(changeset, field) do + validate_change changeset, field, fn _, value -> + valid? = + Config.get([User, :restricted_nicknames]) + |> Enum.all?(fn restricted_nickname -> + String.downcase(value) != String.downcase(restricted_nickname) + end) + + if valid?, do: [], else: [nickname: "Invalid nickname"] + end + end + + def validate_email_not_in_blacklisted_domain(changeset, field) do + validate_change changeset, field, fn _, value -> + valid? = + Config.get([User, :email_blacklist]) + |> Enum.all?(fn blacklisted_domain -> + blacklisted_domain_downcase = String.downcase(blacklisted_domain) + + !String.ends_with?(String.downcase(value), [ + "@" <> blacklisted_domain_downcase, + "." <> blacklisted_domain_downcase + ]) + end) + + if valid?, do: [], else: [email: "Invalid email"] + end + end + def maybe_validate_required_email(changeset, true), do: changeset def maybe_validate_required_email(changeset, _) do From 2efc0ffcf0beea2f65e1c2b0857da9d6739eee8e Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Sun, 10 Jul 2022 00:10:35 -0400 Subject: [PATCH 4/7] Pass remote follow avatar into media proxy --- .../twitter_api/views/remote_follow_view.ex | 6 ++- .../remote_follow_controller_test.exs | 45 +++++++++++++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/twitter_api/views/remote_follow_view.ex b/lib/pleroma/web/twitter_api/views/remote_follow_view.ex index ac3f15eec..6abba17e3 100644 --- a/lib/pleroma/web/twitter_api/views/remote_follow_view.ex +++ b/lib/pleroma/web/twitter_api/views/remote_follow_view.ex @@ -6,5 +6,9 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowView do use Pleroma.Web, :view import Phoenix.HTML.Form - defdelegate avatar_url(user), to: Pleroma.User + def avatar_url(user) do + user + |> Pleroma.User.avatar_url() + |> Pleroma.Web.MediaProxy.url() + end end diff --git a/test/pleroma/web/twitter_api/remote_follow_controller_test.exs b/test/pleroma/web/twitter_api/remote_follow_controller_test.exs index fa3b29006..97c9c6b1d 100644 --- a/test/pleroma/web/twitter_api/remote_follow_controller_test.exs +++ b/test/pleroma/web/twitter_api/remote_follow_controller_test.exs @@ -410,4 +410,49 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowControllerTest do assert response =~ "Error following account" end end + + describe "avatar url" do + test "without media proxy" do + clear_config([:media_proxy, :enabled], false) + + user = + insert(:user, %{ + local: false, + avatar: %{"url" => [%{"href" => "https://remote.org/avatar.png"}]} + }) + + avatar_url = Pleroma.Web.TwitterAPI.RemoteFollowView.avatar_url(user) + + assert avatar_url == "https://remote.org/avatar.png" + end + + test "with media proxy" do + clear_config([:media_proxy, :enabled], true) + + user = + insert(:user, %{ + local: false, + avatar: %{"url" => [%{"href" => "https://remote.org/avatar.png"}]} + }) + + avatar_url = Pleroma.Web.TwitterAPI.RemoteFollowView.avatar_url(user) + url = Pleroma.Web.Endpoint.url() + + assert String.starts_with?(avatar_url, url) + end + + test "local avatar is not proxied" do + clear_config([:media_proxy, :enabled], true) + + user = + insert(:user, %{ + local: true, + avatar: %{"url" => [%{"href" => "#{Pleroma.Web.Endpoint.url()}/localuser/avatar.png"}]} + }) + + avatar_url = Pleroma.Web.TwitterAPI.RemoteFollowView.avatar_url(user) + + assert avatar_url == "#{Pleroma.Web.Endpoint.url()}/localuser/avatar.png" + end + end end From 3cf6c2b7ea20c9c87c63e382c36231b1b9be3d7f Mon Sep 17 00:00:00 2001 From: Sean King Date: Sat, 9 Jul 2022 23:39:35 -0600 Subject: [PATCH 5/7] Use is_binary instead of is_bitstring for restricted nicknames tests --- test/pleroma/user_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs index 5b513f01b..408389c3a 100644 --- a/test/pleroma/user_test.exs +++ b/test/pleroma/user_test.exs @@ -621,7 +621,7 @@ defmodule Pleroma.UserTest do clear_config([User, :restricted_nicknames], ["about"]) [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) - assert is_bitstring(restricted_name) + assert is_binary(restricted_name) params = @full_user_data @@ -636,7 +636,7 @@ defmodule Pleroma.UserTest do clear_config([User, :restricted_nicknames], ["about"]) [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) - assert is_bitstring(restricted_name) + assert is_binary(restricted_name) restricted_upcase_name = String.upcase(restricted_name) From 8bb2e52d2ee569dc0343ec8bca1f1196bba9386f Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Sun, 10 Jul 2022 23:43:49 -0400 Subject: [PATCH 6/7] Make lint happy --- lib/pleroma/user.ex | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index d05fbe5a2..712d3b1d9 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -771,19 +771,19 @@ defmodule Pleroma.User do end def validate_not_restricted_nickname(changeset, field) do - validate_change changeset, field, fn _, value -> + validate_change(changeset, field, fn _, value -> valid? = Config.get([User, :restricted_nicknames]) |> Enum.all?(fn restricted_nickname -> - String.downcase(value) != String.downcase(restricted_nickname) - end) + String.downcase(value) != String.downcase(restricted_nickname) + end) if valid?, do: [], else: [nickname: "Invalid nickname"] - end + end) end def validate_email_not_in_blacklisted_domain(changeset, field) do - validate_change changeset, field, fn _, value -> + validate_change(changeset, field, fn _, value -> valid? = Config.get([User, :email_blacklist]) |> Enum.all?(fn blacklisted_domain -> @@ -794,9 +794,9 @@ defmodule Pleroma.User do "." <> blacklisted_domain_downcase ]) end) - + if valid?, do: [], else: [email: "Invalid email"] - end + end) end def maybe_validate_required_email(changeset, true), do: changeset From eb2a1652bf3676de955a2912a42d50aa068131fa Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Wed, 13 Jul 2022 00:40:46 -0400 Subject: [PATCH 7/7] Add tests for short_description --- .../web/mastodon_api/controllers/instance_controller_test.exs | 1 + 1 file changed, 1 insertion(+) diff --git a/test/pleroma/web/mastodon_api/controllers/instance_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/instance_controller_test.exs index 9845408d6..13e3ffc0a 100644 --- a/test/pleroma/web/mastodon_api/controllers/instance_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/instance_controller_test.exs @@ -22,6 +22,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceControllerTest do "uri" => _, "title" => _, "description" => _, + "short_description" => _, "version" => _, "email" => from_config_email, "urls" => %{