From fe13a1d78c13fbe7b3027d442a6f6906440e5acc Mon Sep 17 00:00:00 2001 From: Alex S Date: Wed, 10 Apr 2019 17:57:41 +0700 Subject: [PATCH 01/20] adding notify_email setting for trigger emails --- config/config.exs | 1 + config/test.exs | 4 ++ docs/config.md | 7 ++- lib/mix/tasks/pleroma/instance.ex | 17 ++++- lib/mix/tasks/pleroma/sample_config.eex | 2 +- lib/pleroma/emails/admin_email.ex | 4 +- lib/pleroma/emails/user_email.ex | 2 +- test/tasks/instance.exs | 62 +++++++++++++++++++ .../admin_api/admin_api_controller_test.exs | 10 ++- .../mastodon_api_controller_test.exs | 5 +- .../twitter_api_controller_test.exs | 23 +++++-- test/web/twitter_api/twitter_api_test.exs | 11 +++- 12 files changed, 132 insertions(+), 16 deletions(-) create mode 100644 test/tasks/instance.exs diff --git a/config/config.exs b/config/config.exs index 3462a37f7..9edec8dc3 100644 --- a/config/config.exs +++ b/config/config.exs @@ -160,6 +160,7 @@ config :pleroma, :http, config :pleroma, :instance, name: "Pleroma", email: "example@example.com", + notify_email: "noreply@example.com", description: "A Pleroma instance, an alternative fediverse server", limit: 5_000, remote_limit: 100_000, diff --git a/config/test.exs b/config/test.exs index 894fa8d3d..2c4beaade 100644 --- a/config/test.exs +++ b/config/test.exs @@ -23,6 +23,10 @@ config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads" config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Test +config :pleroma, :instance, + email: "admin@example.com", + notify_email: "noreply@example.com" + # Configure your database config :pleroma, Pleroma.Repo, adapter: Ecto.Adapters.Postgres, diff --git a/docs/config.md b/docs/config.md index b5ea58746..7d3a482b3 100644 --- a/docs/config.md +++ b/docs/config.md @@ -63,6 +63,7 @@ config :pleroma, Pleroma.Mailer, ## :instance * `name`: The instance’s name * `email`: Email used to reach an Administrator/Moderator of the instance +* `notify_email`: Email used for notifications. * `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance`` * `limit`: Posts character limit (CW/Subject included in the counter) * `remote_limit`: Hard character limit beyond which remote posts will be dropped. @@ -427,7 +428,7 @@ Pleroma account will be created with the same name as the LDAP user name. Authentication / authorization settings. -* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. +* `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`. * `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`. * `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by OAUTH_CONSUMER_STRATEGIES environment variable. @@ -440,7 +441,7 @@ Note: each strategy is shipped as a separate dependency; in order to get the str e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`. The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies. -Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. +Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. * For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback @@ -475,7 +476,7 @@ config :ueberauth, Ueberauth.Strategy.Google.OAuth, config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth, client_id: System.get_env("MICROSOFT_CLIENT_ID"), client_secret: System.get_env("MICROSOFT_CLIENT_SECRET") - + config :ueberauth, Ueberauth, providers: [ microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]} diff --git a/lib/mix/tasks/pleroma/instance.ex b/lib/mix/tasks/pleroma/instance.ex index 8f8d86a11..6cee8d630 100644 --- a/lib/mix/tasks/pleroma/instance.ex +++ b/lib/mix/tasks/pleroma/instance.ex @@ -24,10 +24,12 @@ defmodule Mix.Tasks.Pleroma.Instance do - `--domain DOMAIN` - the domain of your instance - `--instance-name INSTANCE_NAME` - the name of your instance - `--admin-email ADMIN_EMAIL` - the email address of the instance admin + - `--notify-email NOTIFY_EMAIL` - email address for notifications - `--dbhost HOSTNAME` - the hostname of the PostgreSQL database to use - `--dbname DBNAME` - the name of the database to use - `--dbuser DBUSER` - the user (aka role) to use for the database connection - `--dbpass DBPASS` - the password to use for the database connection + - `--indexable Y/N` - Allow/disallow indexing site by search engines """ def run(["gen" | rest]) do @@ -41,10 +43,12 @@ defmodule Mix.Tasks.Pleroma.Instance do domain: :string, instance_name: :string, admin_email: :string, + notify_email: :string, dbhost: :string, dbname: :string, dbuser: :string, - dbpass: :string + dbpass: :string, + indexable: :string ], aliases: [ o: :output, @@ -61,7 +65,7 @@ defmodule Mix.Tasks.Pleroma.Instance do will_overwrite = Enum.filter(paths, &File.exists?/1) proceed? = Enum.empty?(will_overwrite) or Keyword.get(options, :force, false) - unless not proceed? do + if proceed? do [domain, port | _] = String.split( Common.get_option( @@ -81,6 +85,14 @@ defmodule Mix.Tasks.Pleroma.Instance do email = Common.get_option(options, :admin_email, "What is your admin email address?") + notify_email = + Common.get_option( + options, + :notify_email, + "What email address do you want to use for sending email notifications?", + email + ) + indexable = Common.get_option( options, @@ -122,6 +134,7 @@ defmodule Mix.Tasks.Pleroma.Instance do domain: domain, port: port, email: email, + notify_email: notify_email, name: name, dbhost: dbhost, dbname: dbname, diff --git a/lib/mix/tasks/pleroma/sample_config.eex b/lib/mix/tasks/pleroma/sample_config.eex index 1c935c0d8..52bd57cb7 100644 --- a/lib/mix/tasks/pleroma/sample_config.eex +++ b/lib/mix/tasks/pleroma/sample_config.eex @@ -13,6 +13,7 @@ config :pleroma, Pleroma.Web.Endpoint, config :pleroma, :instance, name: "<%= name %>", email: "<%= email %>", + notify_email: "<%= notify_email %>", limit: 5000, registrations_open: true, dedupe_media: false @@ -75,4 +76,3 @@ config :web_push_encryption, :vapid_details, # storage_url: "https://swift-endpoint.prodider.com/v1/AUTH_/", # object_url: "https://cdn-endpoint.provider.com/" # - diff --git a/lib/pleroma/emails/admin_email.ex b/lib/pleroma/emails/admin_email.ex index afefccec5..59d571c2a 100644 --- a/lib/pleroma/emails/admin_email.ex +++ b/lib/pleroma/emails/admin_email.ex @@ -11,7 +11,7 @@ defmodule Pleroma.AdminEmail do defp instance_config, do: Pleroma.Config.get(:instance) defp instance_name, do: instance_config()[:name] - defp instance_email, do: instance_config()[:email] + defp instance_notify_email, do: instance_config()[:notify_email] defp user_url(user) do Helpers.o_status_url(Pleroma.Web.Endpoint, :feed_redirect, user.nickname) @@ -59,7 +59,7 @@ defmodule Pleroma.AdminEmail do new() |> to({to.name, to.email}) - |> from({instance_name(), instance_email()}) + |> from({instance_name(), instance_notify_email()}) |> reply_to({reporter.name, reporter.email}) |> subject("#{instance_name()} Report") |> html_body(html_body) diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index a3a09e96c..34dff782a 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -15,7 +15,7 @@ defmodule Pleroma.UserEmail do defp instance_name, do: instance_config()[:name] defp sender do - {instance_name(), instance_config()[:email]} + {instance_name(), instance_config()[:notify_email]} end defp recipient(email, nil), do: email diff --git a/test/tasks/instance.exs b/test/tasks/instance.exs new file mode 100644 index 000000000..6917a2376 --- /dev/null +++ b/test/tasks/instance.exs @@ -0,0 +1,62 @@ +defmodule Pleroma.InstanceTest do + use ExUnit.Case, async: true + + setup do + File.mkdir_p!(tmp_path()) + on_exit(fn -> File.rm_rf(tmp_path()) end) + :ok + end + + defp tmp_path do + "/tmp/generated_files/" + end + + test "running gen" do + mix_task = fn -> + Mix.Tasks.Pleroma.Instance.run([ + "gen", + "--output", + tmp_path() <> "generated_config.exs", + "--output-psql", + tmp_path() <> "setup.psql", + "--domain", + "test.pleroma.social", + "--instance-name", + "Pleroma", + "--admin-email", + "admin@example.com", + "--notify-email", + "notify@example.com", + "--dbhost", + "dbhost", + "--dbname", + "dbname", + "--dbuser", + "dbuser", + "--dbpass", + "dbpass", + "--indexable", + "y" + ]) + end + + ExUnit.CaptureIO.capture_io(fn -> + mix_task.() + end) + + generated_config = File.read!(tmp_path() <> "generated_config.exs") + assert generated_config =~ "host: \"test.pleroma.social\"" + assert generated_config =~ "name: \"Pleroma\"" + assert generated_config =~ "email: \"admin@example.com\"" + assert generated_config =~ "notify_email: \"notify@example.com\"" + assert generated_config =~ "hostname: \"dbhost\"" + assert generated_config =~ "database: \"dbname\"" + assert generated_config =~ "username: \"dbuser\"" + assert generated_config =~ "password: \"dbpass\"" + assert File.read!(tmp_path() <> "setup.psql") == generated_setup_psql() + end + + defp generated_setup_psql do + ~s(CREATE USER dbuser WITH ENCRYPTED PASSWORD 'dbpass';\nCREATE DATABASE dbname OWNER dbuser;\n\\c dbname;\n--Extensions made by ecto.migrate that need superuser access\nCREATE EXTENSION IF NOT EXISTS citext;\nCREATE EXTENSION IF NOT EXISTS pg_trgm;\nCREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";\n) + end +end diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index ca6bd0e97..7b1f6d53a 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -316,13 +316,21 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert token_record refute token_record.used - Swoosh.TestAssertions.assert_email_sent( + notify_email = Pleroma.Config.get([:instance, :notify_email]) + instance_name = Pleroma.Config.get([:instance, :name]) + + email = Pleroma.UserEmail.user_invitation_email( user, token_record, recipient_email, recipient_name ) + + Swoosh.TestAssertions.assert_email_sent( + from: {instance_name, notify_email}, + to: {recipient_name, recipient_email}, + html_body: email.html_body ) end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index e16862a48..24e258d66 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1910,13 +1910,14 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do conn = get(conn, "/api/v1/instance") assert result = json_response(conn, 200) + email = Pleroma.Config.get([:instance, :email]) # Note: not checking for "max_toot_chars" since it's optional assert %{ "uri" => _, "title" => _, "description" => _, "version" => _, - "email" => _, + "email" => from_config_email, "urls" => %{ "streaming_api" => _ }, @@ -1925,6 +1926,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do "languages" => _, "registrations" => _ } = result + + assert email == from_config_email end test "get instance stats", %{conn: conn} do diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 72b7ea85e..e7293e384 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -22,8 +22,9 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do alias Pleroma.Web.TwitterAPI.TwitterAPI alias Pleroma.Web.TwitterAPI.UserView - import Pleroma.Factory import Mock + import Pleroma.Factory + import Swoosh.TestAssertions @banner "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7" @@ -1063,8 +1064,14 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do test "it sends an email to user", %{user: user} do token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) - Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.password_reset_email(user, token_record.token) + email = Pleroma.UserEmail.password_reset_email(user, token_record.token) + notify_email = Pleroma.Config.get([:instance, :notify_email]) + instance_name = Pleroma.Config.get([:instance, :name]) + + assert_email_sent( + from: {instance_name, notify_email}, + to: {user.name, user.email}, + html_body: email.html_body ) end end @@ -1163,7 +1170,15 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> assign(:user, user) |> post("/api/account/resend_confirmation_email?email=#{user.email}") - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + email = Pleroma.UserEmail.account_confirmation_email(user) + notify_email = Pleroma.Config.get([:instance, :notify_email]) + instance_name = Pleroma.Config.get([:instance, :name]) + + assert_email_sent( + from: {instance_name, notify_email}, + to: {user.name, user.email}, + html_body: email.html_body + ) end end diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 6c00244de..24e46408c 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -321,7 +321,16 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do assert user.info.confirmation_pending - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + email = Pleroma.UserEmail.account_confirmation_email(user) + + notify_email = Pleroma.Config.get([:instance, :notify_email]) + instance_name = Pleroma.Config.get([:instance, :name]) + + Swoosh.TestAssertions.assert_email_sent( + from: {instance_name, notify_email}, + to: {user.name, user.email}, + html_body: email.html_body + ) end test "it registers a new user and parses mentions in the bio" do From c3f12cf3c3597385481290b53a6bce31730a6a29 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Wed, 10 Apr 2019 21:40:38 +0300 Subject: [PATCH 02/20] [#923] OAuth consumer params handling refactoring. Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic. --- lib/pleroma/web/auth/authenticator.ex | 18 +-- lib/pleroma/web/auth/ldap_authenticator.ex | 24 ++-- lib/pleroma/web/auth/pleroma_authenticator.ex | 29 +++-- lib/pleroma/web/oauth/fallback_controller.ex | 2 +- lib/pleroma/web/oauth/oauth_controller.ex | 115 +++++++++--------- .../templates/o_auth/o_auth/_scopes.html.eex | 2 +- .../templates/o_auth/o_auth/consumer.html.eex | 2 +- .../templates/o_auth/o_auth/register.html.eex | 7 +- .../web/templates/o_auth/o_auth/show.html.eex | 2 +- test/web/oauth/oauth_controller_test.exs | 90 ++++++++------ 10 files changed, 153 insertions(+), 138 deletions(-) diff --git a/lib/pleroma/web/auth/authenticator.ex b/lib/pleroma/web/auth/authenticator.ex index 89d88af32..b02f595dc 100644 --- a/lib/pleroma/web/auth/authenticator.ex +++ b/lib/pleroma/web/auth/authenticator.ex @@ -13,21 +13,21 @@ defmodule Pleroma.Web.Auth.Authenticator do ) end - @callback get_user(Plug.Conn.t(), Map.t()) :: {:ok, User.t()} | {:error, any()} - def get_user(plug, params), do: implementation().get_user(plug, params) + @callback get_user(Plug.Conn.t()) :: {:ok, User.t()} | {:error, any()} + def get_user(plug), do: implementation().get_user(plug) - @callback create_from_registration(Plug.Conn.t(), Map.t(), Registration.t()) :: + @callback create_from_registration(Plug.Conn.t(), Registration.t()) :: {:ok, User.t()} | {:error, any()} - def create_from_registration(plug, params, registration), - do: implementation().create_from_registration(plug, params, registration) + def create_from_registration(plug, registration), + do: implementation().create_from_registration(plug, registration) - @callback get_registration(Plug.Conn.t(), Map.t()) :: + @callback get_registration(Plug.Conn.t()) :: {:ok, Registration.t()} | {:error, any()} - def get_registration(plug, params), - do: implementation().get_registration(plug, params) + def get_registration(plug), do: implementation().get_registration(plug) @callback handle_error(Plug.Conn.t(), any()) :: any() - def handle_error(plug, error), do: implementation().handle_error(plug, error) + def handle_error(plug, error), + do: implementation().handle_error(plug, error) @callback auth_template() :: String.t() | nil def auth_template do diff --git a/lib/pleroma/web/auth/ldap_authenticator.ex b/lib/pleroma/web/auth/ldap_authenticator.ex index 8b6d5a77f..363c99597 100644 --- a/lib/pleroma/web/auth/ldap_authenticator.ex +++ b/lib/pleroma/web/auth/ldap_authenticator.ex @@ -13,14 +13,16 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do @connection_timeout 10_000 @search_timeout 10_000 - defdelegate get_registration(conn, params), to: @base + defdelegate get_registration(conn), to: @base + defdelegate create_from_registration(conn, registration), to: @base + defdelegate handle_error(conn, error), to: @base + defdelegate auth_template, to: @base + defdelegate oauth_consumer_template, to: @base - defdelegate create_from_registration(conn, params, registration), to: @base - - def get_user(%Plug.Conn{} = conn, params) do + def get_user(%Plug.Conn{} = conn) do if Pleroma.Config.get([:ldap, :enabled]) do {name, password} = - case params do + case conn.params do %{"authorization" => %{"name" => name, "password" => password}} -> {name, password} @@ -34,25 +36,17 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do {:error, {:ldap_connection_error, _}} -> # When LDAP is unavailable, try default authenticator - @base.get_user(conn, params) + @base.get_user(conn) error -> error end else # Fall back to default authenticator - @base.get_user(conn, params) + @base.get_user(conn) end end - def handle_error(%Plug.Conn{} = _conn, error) do - error - end - - def auth_template, do: nil - - def oauth_consumer_template, do: nil - defp ldap_user(name, password) do ldap = Pleroma.Config.get(:ldap, []) host = Keyword.get(ldap, :host, "localhost") diff --git a/lib/pleroma/web/auth/pleroma_authenticator.ex b/lib/pleroma/web/auth/pleroma_authenticator.ex index c826adb4c..d647f1e05 100644 --- a/lib/pleroma/web/auth/pleroma_authenticator.ex +++ b/lib/pleroma/web/auth/pleroma_authenticator.ex @@ -10,9 +10,9 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do @behaviour Pleroma.Web.Auth.Authenticator - def get_user(%Plug.Conn{} = _conn, params) do + def get_user(%Plug.Conn{} = conn) do {name, password} = - case params do + case conn.params do %{"authorization" => %{"name" => name, "password" => password}} -> {name, password} @@ -29,10 +29,9 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do end end - def get_registration( - %Plug.Conn{assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth}}, - _params - ) do + def get_registration(%Plug.Conn{ + assigns: %{ueberauth_auth: %{provider: provider, uid: uid} = auth} + }) do registration = Registration.get_by_provider_uid(provider, uid) if registration do @@ -40,7 +39,8 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do else info = auth.info - Registration.changeset(%Registration{}, %{ + %Registration{} + |> Registration.changeset(%{ provider: to_string(provider), uid: to_string(uid), info: %{ @@ -54,13 +54,16 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do end end - def get_registration(%Plug.Conn{} = _conn, _params), do: {:error, :missing_credentials} + def get_registration(%Plug.Conn{} = _conn), do: {:error, :missing_credentials} - def create_from_registration(_conn, params, registration) do - nickname = value([params["nickname"], Registration.nickname(registration)]) - email = value([params["email"], Registration.email(registration)]) - name = value([params["name"], Registration.name(registration)]) || nickname - bio = value([params["bio"], Registration.description(registration)]) + def create_from_registration( + %Plug.Conn{params: %{"authorization" => registration_attrs}}, + registration + ) do + nickname = value([registration_attrs["nickname"], Registration.nickname(registration)]) + email = value([registration_attrs["email"], Registration.email(registration)]) + name = value([registration_attrs["name"], Registration.name(registration)]) || nickname + bio = value([registration_attrs["bio"], Registration.description(registration)]) random_password = :crypto.strong_rand_bytes(64) |> Base.encode64() diff --git a/lib/pleroma/web/oauth/fallback_controller.ex b/lib/pleroma/web/oauth/fallback_controller.ex index afaa00242..e3984f009 100644 --- a/lib/pleroma/web/oauth/fallback_controller.ex +++ b/lib/pleroma/web/oauth/fallback_controller.ex @@ -24,6 +24,6 @@ defmodule Pleroma.Web.OAuth.FallbackController do conn |> put_status(:unauthorized) |> put_flash(:error, "Invalid Username/Password") - |> OAuthController.authorize(conn.params["authorization"]) + |> OAuthController.authorize(conn.params) end end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index bee7084ad..8e5a83466 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -44,36 +44,40 @@ defmodule Pleroma.Web.OAuth.OAuthController do def authorize(conn, params), do: do_authorize(conn, params) - defp do_authorize(conn, params) do - app = Repo.get_by(App, client_id: params["client_id"]) + defp do_authorize(conn, %{"authorization" => auth_attrs}) do + app = Repo.get_by(App, client_id: auth_attrs["client_id"]) available_scopes = (app && app.scopes) || [] - scopes = oauth_scopes(params, nil) || available_scopes + scopes = oauth_scopes(auth_attrs, nil) || available_scopes render(conn, Authenticator.auth_template(), %{ - response_type: params["response_type"], - client_id: params["client_id"], + response_type: auth_attrs["response_type"], + client_id: auth_attrs["client_id"], available_scopes: available_scopes, scopes: scopes, - redirect_uri: params["redirect_uri"], - state: params["state"], - params: params + redirect_uri: auth_attrs["redirect_uri"], + state: auth_attrs["state"], + params: auth_attrs }) end + defp do_authorize(conn, auth_attrs), do: do_authorize(conn, %{"authorization" => auth_attrs}) + def create_authorization( conn, - %{"authorization" => auth_params} = params, + %{"authorization" => _} = params, opts \\ [] ) do with {:ok, auth} <- do_create_authorization(conn, params, opts[:user]) do - after_create_authorization(conn, auth, auth_params) + after_create_authorization(conn, auth, params) else error -> - handle_create_authorization_error(conn, error, auth_params) + handle_create_authorization_error(conn, error, params) end end - def after_create_authorization(conn, auth, %{"redirect_uri" => redirect_uri} = auth_params) do + def after_create_authorization(conn, auth, %{ + "authorization" => %{"redirect_uri" => redirect_uri} = auth_attrs + }) do redirect_uri = redirect_uri(conn, redirect_uri) if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do @@ -86,8 +90,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do url_params = %{:code => auth.token} url_params = - if auth_params["state"] do - Map.put(url_params, :state, auth_params["state"]) + if auth_attrs["state"] do + Map.put(url_params, :state, auth_attrs["state"]) else url_params end @@ -98,26 +102,34 @@ defmodule Pleroma.Web.OAuth.OAuthController do end end - defp handle_create_authorization_error(conn, {scopes_issue, _}, auth_params) + defp handle_create_authorization_error( + conn, + {scopes_issue, _}, + %{"authorization" => _} = params + ) when scopes_issue in [:unsupported_scopes, :missing_scopes] do # Per https://github.com/tootsuite/mastodon/blob/ # 51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L39 conn |> put_flash(:error, "This action is outside the authorized scopes") |> put_status(:unauthorized) - |> authorize(auth_params) + |> authorize(params) end - defp handle_create_authorization_error(conn, {:auth_active, false}, auth_params) do + defp handle_create_authorization_error( + conn, + {:auth_active, false}, + %{"authorization" => _} = params + ) do # Per https://github.com/tootsuite/mastodon/blob/ # 51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L76 conn |> put_flash(:error, "Your login is missing a confirmed e-mail address") |> put_status(:forbidden) - |> authorize(auth_params) + |> authorize(params) end - defp handle_create_authorization_error(conn, error, _auth_params) do + defp handle_create_authorization_error(conn, error, %{"authorization" => _}) do Authenticator.handle_error(conn, error) end @@ -151,7 +163,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do conn, %{"grant_type" => "password"} = params ) do - with {_, {:ok, %User{} = user}} <- {:get_user, Authenticator.get_user(conn, params)}, + with {_, {:ok, %User{} = user}} <- {:get_user, Authenticator.get_user(conn)}, %App{} = app <- get_app_from_request(conn, params), {:auth_active, true} <- {:auth_active, User.auth_active?(user)}, {:user_active, true} <- {:user_active, !user.info.deactivated}, @@ -214,19 +226,19 @@ defmodule Pleroma.Web.OAuth.OAuthController do end @doc "Prepares OAuth request to provider for Ueberauth" - def prepare_request(conn, %{"provider" => provider} = params) do + def prepare_request(conn, %{"provider" => provider, "authorization" => auth_attrs}) do scope = - oauth_scopes(params, []) + oauth_scopes(auth_attrs, []) |> Enum.join(" ") state = - params + auth_attrs |> Map.delete("scopes") |> Map.put("scope", scope) |> Poison.encode!() params = - params + auth_attrs |> Map.drop(~w(scope scopes client_id redirect_uri)) |> Map.put("state", state) @@ -260,26 +272,26 @@ defmodule Pleroma.Web.OAuth.OAuthController do def callback(conn, params) do params = callback_params(params) - with {:ok, registration} <- Authenticator.get_registration(conn, params) do + with {:ok, registration} <- Authenticator.get_registration(conn) do user = Repo.preload(registration, :user).user - auth_params = Map.take(params, ~w(client_id redirect_uri scope scopes state)) + auth_attrs = Map.take(params, ~w(client_id redirect_uri scope scopes state)) if user do create_authorization( conn, - %{"authorization" => auth_params}, + %{"authorization" => auth_attrs}, user: user ) else registration_params = - Map.merge(auth_params, %{ + Map.merge(auth_attrs, %{ "nickname" => Registration.nickname(registration), "email" => Registration.email(registration) }) conn |> put_session(:registration_id, registration.id) - |> registration_details(registration_params) + |> registration_details(%{"authorization" => registration_params}) end else _ -> @@ -293,53 +305,44 @@ defmodule Pleroma.Web.OAuth.OAuthController do Map.merge(params, Poison.decode!(state)) end - def registration_details(conn, params) do + def registration_details(conn, %{"authorization" => auth_attrs}) do render(conn, "register.html", %{ - client_id: params["client_id"], - redirect_uri: params["redirect_uri"], - state: params["state"], - scopes: oauth_scopes(params, []), - nickname: params["nickname"], - email: params["email"] + client_id: auth_attrs["client_id"], + redirect_uri: auth_attrs["redirect_uri"], + state: auth_attrs["state"], + scopes: oauth_scopes(auth_attrs, []), + nickname: auth_attrs["nickname"], + email: auth_attrs["email"] }) end - def register(conn, %{"op" => "connect"} = params) do - authorization_params = Map.put(params, "name", params["auth_name"]) - create_authorization_params = %{"authorization" => authorization_params} - + def register(conn, %{"authorization" => _, "op" => "connect"} = params) do with registration_id when not is_nil(registration_id) <- get_session_registration_id(conn), %Registration{} = registration <- Repo.get(Registration, registration_id), {_, {:ok, auth}} <- - {:create_authorization, do_create_authorization(conn, create_authorization_params)}, + {:create_authorization, do_create_authorization(conn, params)}, %User{} = user <- Repo.preload(auth, :user).user, {:ok, _updated_registration} <- Registration.bind_to_user(registration, user) do conn |> put_session_registration_id(nil) - |> after_create_authorization(auth, authorization_params) + |> after_create_authorization(auth, params) else {:create_authorization, error} -> - {:register, handle_create_authorization_error(conn, error, create_authorization_params)} + {:register, handle_create_authorization_error(conn, error, params)} _ -> {:register, :generic_error} end end - def register(conn, %{"op" => "register"} = params) do + def register(conn, %{"authorization" => _, "op" => "register"} = params) do with registration_id when not is_nil(registration_id) <- get_session_registration_id(conn), %Registration{} = registration <- Repo.get(Registration, registration_id), - {:ok, user} <- Authenticator.create_from_registration(conn, params, registration) do + {:ok, user} <- Authenticator.create_from_registration(conn, registration) do conn |> put_session_registration_id(nil) |> create_authorization( - %{ - "authorization" => %{ - "client_id" => params["client_id"], - "redirect_uri" => params["redirect_uri"], - "scopes" => oauth_scopes(params, nil) - } - }, + params, user: user ) else @@ -374,15 +377,15 @@ defmodule Pleroma.Web.OAuth.OAuthController do %{ "client_id" => client_id, "redirect_uri" => redirect_uri - } = auth_params - } = params, + } = auth_attrs + }, user \\ nil ) do with {_, {:ok, %User{} = user}} <- - {:get_user, (user && {:ok, user}) || Authenticator.get_user(conn, params)}, + {:get_user, (user && {:ok, user}) || Authenticator.get_user(conn)}, %App{} = app <- Repo.get_by(App, client_id: client_id), true <- redirect_uri in String.split(app.redirect_uris), - scopes <- oauth_scopes(auth_params, []), + scopes <- oauth_scopes(auth_attrs, []), {:unsupported_scopes, []} <- {:unsupported_scopes, scopes -- app.scopes}, # Note: `scope` param is intentionally not optional in this context {:missing_scopes, false} <- {:missing_scopes, scopes == []}, diff --git a/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex index 4b8fb5dae..e6cfe108b 100644 --- a/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex +++ b/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex @@ -5,7 +5,7 @@ <%= for scope <- @available_scopes do %> <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
- <%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: assigns[:scope_param] || "scope[]" %> + <%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %> <%= label @form, :"scope_#{scope}", String.capitalize(scope) %>
<% end %> diff --git a/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex index 85f62ca64..4bcda7300 100644 --- a/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex +++ b/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex @@ -1,6 +1,6 @@

Sign in with external provider

-<%= form_for @conn, o_auth_path(@conn, :prepare_request), [method: "get"], fn f -> %> +<%= form_for @conn, o_auth_path(@conn, :prepare_request), [as: "authorization", method: "get"], fn f -> %> <%= render @view_module, "_scopes.html", Map.put(assigns, :form, f) %> <%= hidden_input f, :client_id, value: @client_id %> diff --git a/lib/pleroma/web/templates/o_auth/o_auth/register.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/register.html.eex index 126390391..facedc8db 100644 --- a/lib/pleroma/web/templates/o_auth/o_auth/register.html.eex +++ b/lib/pleroma/web/templates/o_auth/o_auth/register.html.eex @@ -8,8 +8,7 @@

Registration Details

If you'd like to register a new account, please provide the details below.

- -<%= form_for @conn, o_auth_path(@conn, :register), [], fn f -> %> +<%= form_for @conn, o_auth_path(@conn, :register), [as: "authorization"], fn f -> %>
<%= label f, :nickname, "Nickname" %> @@ -25,8 +24,8 @@

Alternatively, sign in to connect to existing account.

- <%= label f, :auth_name, "Name or email" %> - <%= text_input f, :auth_name %> + <%= label f, :name, "Name or email" %> + <%= text_input f, :name %>
<%= label f, :password, "Password" %> diff --git a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex index 87278e636..3e360a52c 100644 --- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex +++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex @@ -17,7 +17,7 @@ <%= password_input f, :password %>
-<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f, scope_param: "authorization[scope][]"}) %> +<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f}) %> <%= hidden_input f, :client_id, value: @client_id %> <%= hidden_input f, :response_type, value: @response_type %> diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index ac7843f9b..fb505fab3 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -68,10 +68,12 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do "/oauth/prepare_request", %{ "provider" => "twitter", - "scope" => "read follow", - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state" + "authorization" => %{ + "scope" => "read follow", + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state" + } } ) @@ -104,7 +106,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do } with_mock Pleroma.Web.Auth.Authenticator, - get_registration: fn _, _ -> {:ok, registration} end do + get_registration: fn _ -> {:ok, registration} end do conn = get( conn, @@ -134,7 +136,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do } with_mock Pleroma.Web.Auth.Authenticator, - get_registration: fn _, _ -> {:ok, registration} end do + get_registration: fn _ -> {:ok, registration} end do conn = get( conn, @@ -193,12 +195,14 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do conn, "/oauth/registration_details", %{ - "scopes" => app.scopes, - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state", - "nickname" => nil, - "email" => "john@doe.com" + "authorization" => %{ + "scopes" => app.scopes, + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state", + "nickname" => nil, + "email" => "john@doe.com" + } } ) @@ -221,12 +225,14 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do "/oauth/register", %{ "op" => "register", - "scopes" => app.scopes, - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state", - "nickname" => "availablenick", - "email" => "available@email.com" + "authorization" => %{ + "scopes" => app.scopes, + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state", + "nickname" => "availablenick", + "email" => "available@email.com" + } } ) @@ -244,17 +250,23 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do params = %{ "op" => "register", - "scopes" => app.scopes, - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state", - "nickname" => "availablenickname", - "email" => "available@email.com" + "authorization" => %{ + "scopes" => app.scopes, + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state", + "nickname" => "availablenickname", + "email" => "available@email.com" + } } for {bad_param, bad_param_value} <- [{"nickname", another_user.nickname}, {"email", another_user.email}] do - bad_params = Map.put(params, bad_param, bad_param_value) + bad_registration_attrs = %{ + "authorization" => Map.put(params["authorization"], bad_param, bad_param_value) + } + + bad_params = Map.merge(params, bad_registration_attrs) conn = conn @@ -281,12 +293,14 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do "/oauth/register", %{ "op" => "connect", - "scopes" => app.scopes, - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state", - "auth_name" => user.nickname, - "password" => "testpassword" + "authorization" => %{ + "scopes" => app.scopes, + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state", + "name" => user.nickname, + "password" => "testpassword" + } } ) @@ -304,12 +318,14 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do params = %{ "op" => "connect", - "scopes" => app.scopes, - "client_id" => app.client_id, - "redirect_uri" => app.redirect_uris, - "state" => "a_state", - "auth_name" => user.nickname, - "password" => "wrong password" + "authorization" => %{ + "scopes" => app.scopes, + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "a_state", + "name" => user.nickname, + "password" => "wrong password" + } } conn = From a64eb2b3893cee61f50d89b6ad4d273031ef0ea9 Mon Sep 17 00:00:00 2001 From: Alex S Date: Sat, 13 Apr 2019 12:20:36 +0700 Subject: [PATCH 03/20] fallback to the old behaviour admin and user mailers --- lib/pleroma/emails/admin_email.ex | 5 ++++- lib/pleroma/emails/user_email.ex | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/emails/admin_email.ex b/lib/pleroma/emails/admin_email.ex index 59d571c2a..e730410c5 100644 --- a/lib/pleroma/emails/admin_email.ex +++ b/lib/pleroma/emails/admin_email.ex @@ -11,7 +11,10 @@ defmodule Pleroma.AdminEmail do defp instance_config, do: Pleroma.Config.get(:instance) defp instance_name, do: instance_config()[:name] - defp instance_notify_email, do: instance_config()[:notify_email] + + defp instance_notify_email do + Keyword.get(instance_config(), :notify_email, instance_config()[:email]) + end defp user_url(user) do Helpers.o_status_url(Pleroma.Web.Endpoint, :feed_redirect, user.nickname) diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index 34dff782a..ca0772f57 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -15,7 +15,8 @@ defmodule Pleroma.UserEmail do defp instance_name, do: instance_config()[:name] defp sender do - {instance_name(), instance_config()[:notify_email]} + email = Keyword.get(instance_config(), :notify_email, instance_config()[:email]) + {instance_name(), email} end defp recipient(email, nil), do: email From c5d0fffeaf64123334f62343d752467683a67229 Mon Sep 17 00:00:00 2001 From: Alex S Date: Sat, 13 Apr 2019 14:55:42 +0700 Subject: [PATCH 04/20] naming fix --- test/web/admin_api/admin_api_controller_test.exs | 2 +- test/web/twitter_api/twitter_api_controller_test.exs | 4 ++-- test/web/twitter_api/twitter_api_test.exs | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index ca7794d70..b3167a861 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -321,7 +321,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do instance_name = Pleroma.Config.get([:instance, :name]) email = - Pleroma.UserEmail.user_invitation_email( + Pleroma.Emails.UserEmail.user_invitation_email( user, token_record, recipient_email, diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index e7293e384..9a9630c19 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1064,7 +1064,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do test "it sends an email to user", %{user: user} do token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) - email = Pleroma.UserEmail.password_reset_email(user, token_record.token) + email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token) notify_email = Pleroma.Config.get([:instance, :notify_email]) instance_name = Pleroma.Config.get([:instance, :name]) @@ -1170,7 +1170,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> assign(:user, user) |> post("/api/account/resend_confirmation_email?email=#{user.email}") - email = Pleroma.UserEmail.account_confirmation_email(user) + email = Pleroma.Emails.UserEmail.account_confirmation_email(user) notify_email = Pleroma.Config.get([:instance, :notify_email]) instance_name = Pleroma.Config.get([:instance, :name]) diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index b61e2a24c..3440ad268 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -325,7 +325,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do assert user.info.confirmation_pending - email = Pleroma.UserEmail.account_confirmation_email(user) + email = Pleroma.Emails.UserEmail.account_confirmation_email(user) notify_email = Pleroma.Config.get([:instance, :notify_email]) instance_name = Pleroma.Config.get([:instance, :name]) From 4fecd6f9a725bc64ee84854b3c8d722a5226141f Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 15 Apr 2019 15:45:15 +0200 Subject: [PATCH 05/20] Config.exs: Add big warning so that nobody ever edits it. --- config/config.exs | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/config/config.exs b/config/config.exs index 343ecbc27..eb74e7483 100644 --- a/config/config.exs +++ b/config/config.exs @@ -1,3 +1,41 @@ +# .i;;;;i. +# iYcviii;vXY: +# .YXi .i1c. +# .YC. . in7. +# .vc. ...... ;1c. +# i7, .. .;1; +# i7, .. ... .Y1i +# ,7v .6MMM@; .YX, +# .7;. ..IMMMMMM1 :t7. +# .;Y. ;$MMMMMM9. :tc. +# vY. .. .nMMM@MMU. ;1v. +# i7i ... .#MM@M@C. .....:71i +# it: .... $MMM@9;.,i;;;i,;tti +# :t7. ..... 0MMMWv.,iii:::,,;St. +# .nC. ..... IMMMQ..,::::::,.,czX. +# .ct: ....... .ZMMMI..,:::::::,,:76Y. +# c2: ......,i..Y$M@t..:::::::,,..inZY +# vov ......:ii..c$MBc..,,,,,,,,,,..iI9i +# i9Y ......iii:..7@MA,..,,,,,,,,,....;AA: +# iIS. ......:ii::..;@MI....,............;Ez. +# .I9. ......:i::::...8M1..................C0z. +# .z9; ......:i::::,.. .i:...................zWX. +# vbv ......,i::::,,. ................. :AQY +# c6Y. .,...,::::,,..:t0@@QY. ................ :8bi +# :6S. ..,,...,:::,,,..EMMMMMMI. ............... .;bZ, +# :6o, .,,,,..:::,,,..i#MMMMMM#v................. YW2. +# .n8i ..,,,,,,,::,,,,.. tMMMMM@C:.................. .1Wn +# 7Uc. .:::,,,,,::,,,,.. i1t;,..................... .UEi +# 7C...::::::::::::,,,,.. .................... vSi. +# ;1;...,,::::::,......... .................. Yz: +# v97,......... .voC. +# izAotX7777777777777777777777777777777777777777Y7n92: +# .;CoIIIIIUAA666666699999ZZZZZZZZZZZZZZZZZZZZ6ov. +# +# !!! ATTENTION !!! +# DO NOT EDIT THIS FILE! THIS FILE CONTAINS THE DEFAULT VALUES FOR THE CON- +# FIGURATION! EDIT YOUR SECRET FILE (either prod.secret.exs, dev.secret.exs). +# # This file is responsible for configuring your application # and its dependencies with the aid of the Mix.Config module. # From 088f378408e7bc9b4dd916141cba813de3276e90 Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 15 Apr 2019 15:51:17 +0200 Subject: [PATCH 06/20] Custom Emoji docs: Make it clear that config.exs is not for lewd. --- docs/config/custom_emoji.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/config/custom_emoji.md b/docs/config/custom_emoji.md index 419a7d0e2..5ce9865a2 100644 --- a/docs/config/custom_emoji.md +++ b/docs/config/custom_emoji.md @@ -20,7 +20,7 @@ The files should be PNG (APNG is okay with `.png` for `image/png` Content-type) ## Emoji tags (groups) -Default tags are set in `config.exs`. +Default tags are set in `config.exs`. To set your own tags, copy the structure to your secrets file (`prod.secret.exs` or `dev.secret.exs`) and edit it. ```elixir config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png"], From 498c96d458e383a9e8b647a6f10bdbebac116579 Mon Sep 17 00:00:00 2001 From: "Dominik V. Salonen" <155-quad@users.noreply.git.pleroma.social> Date: Tue, 16 Apr 2019 07:14:44 +0000 Subject: [PATCH 07/20] Add supervisord configuration --- installation/pleroma.supervisord | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 installation/pleroma.supervisord diff --git a/installation/pleroma.supervisord b/installation/pleroma.supervisord new file mode 100644 index 000000000..19efffd6e --- /dev/null +++ b/installation/pleroma.supervisord @@ -0,0 +1,21 @@ +; Assumes pleroma is installed in /home/pleroma/pleroma and running as the pleroma user +; Also assumes mix is in /usr/bin, this might differ on BSDs or niche Linux distros +; Logs into /home/pleroma/logs +[program:pleroma] +command=/usr/bin/mix phx.server +directory=/home/pleroma/pleroma +autostart=true +autorestart=true +user=pleroma +environment = + MIX_ENV=prod, + HOME=/home/pleroma, + USER=pleroma, + PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/pleroma/bin:%(ENV_PATH)s", + PWD=/home/pleroma/pleroma +stdout_logfile=/home/pleroma/logs/stdout.log +stdout_logfile_maxbytes=50MB +stdout_logfile_backups=10 +stderr_logfile=/home/pleroma/logs/stderr.log +stderr_logfile_maxbytes=50MB +stderr_logfile_backups=10 \ No newline at end of file From 37da03499ea2a87e4ee2366440109eb8a514de4a Mon Sep 17 00:00:00 2001 From: rinpatch Date: Tue, 16 Apr 2019 14:53:17 +0300 Subject: [PATCH 08/20] Bump ex_doc --- mix.exs | 2 +- mix.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mix.exs b/mix.exs index 9531b230a..15e182239 100644 --- a/mix.exs +++ b/mix.exs @@ -90,7 +90,7 @@ defmodule Pleroma.Mixfile do {:crypt, git: "https://github.com/msantos/crypt", ref: "1f2b58927ab57e72910191a7ebaeff984382a1d3"}, {:cors_plug, "~> 1.5"}, - {:ex_doc, "~> 0.19", only: :dev, runtime: false}, + {:ex_doc, "~> 0.20.2", only: :dev, runtime: false}, {:web_push_encryption, "~> 0.2.1"}, {:swoosh, "~> 0.20"}, {:gen_smtp, "~> 0.13"}, diff --git a/mix.lock b/mix.lock index e13fdcbd4..d494cc82d 100644 --- a/mix.lock +++ b/mix.lock @@ -16,13 +16,13 @@ "crypt": {:git, "https://github.com/msantos/crypt", "1f2b58927ab57e72910191a7ebaeff984382a1d3", [ref: "1f2b58927ab57e72910191a7ebaeff984382a1d3"]}, "db_connection": {:hex, :db_connection, "2.0.5", "ddb2ba6761a08b2bb9ca0e7d260e8f4dd39067426d835c24491a321b7f92a4da", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"}, "decimal": {:hex, :decimal, "1.7.0", "30d6b52c88541f9a66637359ddf85016df9eb266170d53105f02e4a67e00c5aa", [:mix], [], "hexpm"}, - "earmark": {:hex, :earmark, "1.3.0", "17f0c38eaafb4800f746b457313af4b2442a8c2405b49c645768680f900be603", [:mix], [], "hexpm"}, + "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"}, "ecto": {:hex, :ecto, "3.0.7", "44dda84ac6b17bbbdeb8ac5dfef08b7da253b37a453c34ab1a98de7f7e5fec7f", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, "ecto_sql": {:hex, :ecto_sql, "3.0.5", "7e44172b4f7aca4469f38d7f6a3da394dbf43a1bcf0ca975e958cb957becd74e", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0.6", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.3.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, "ex_aws": {:hex, :ex_aws, "2.1.0", "b92651527d6c09c479f9013caa9c7331f19cba38a650590d82ebf2c6c16a1d8a", [:mix], [{:configparser_ex, "~> 2.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "1.6.3 or 1.6.5 or 1.7.1 or 1.8.6 or ~> 1.9", [hex: :hackney, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8", [hex: :jsx, repo: "hexpm", optional: true]}, {:poison, ">= 1.2.0", [hex: :poison, repo: "hexpm", optional: true]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:xml_builder, "~> 0.1.0", [hex: :xml_builder, repo: "hexpm", optional: true]}], "hexpm"}, "ex_aws_s3": {:hex, :ex_aws_s3, "2.0.1", "9e09366e77f25d3d88c5393824e613344631be8db0d1839faca49686e99b6704", [:mix], [{:ex_aws, "~> 2.0", [hex: :ex_aws, repo: "hexpm", optional: false]}, {:sweet_xml, ">= 0.0.0", [hex: :sweet_xml, repo: "hexpm", optional: true]}], "hexpm"}, - "ex_doc": {:hex, :ex_doc, "0.19.1", "519bb9c19526ca51d326c060cb1778d4a9056b190086a8c6c115828eaccea6cf", [:mix], [{:earmark, "~> 1.1", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.7", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm"}, + "ex_doc": {:hex, :ex_doc, "0.20.2", "1bd0dfb0304bade58beb77f20f21ee3558cc3c753743ae0ddbb0fd7ba2912331", [:mix], [{:earmark, "~> 1.3", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.10", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm"}, "ex_machina": {:hex, :ex_machina, "2.3.0", "92a5ad0a8b10ea6314b876a99c8c9e3f25f4dde71a2a835845b136b9adaf199a", [:mix], [{:ecto, "~> 2.2 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: true]}, {:ecto_sql, "~> 3.0", [hex: :ecto_sql, repo: "hexpm", optional: true]}], "hexpm"}, "ex_syslogger": {:git, "https://github.com/slashmili/ex_syslogger.git", "f3963399047af17e038897c69e20d552e6899e1d", [tag: "1.4.0"]}, "floki": {:hex, :floki, "0.20.4", "be42ac911fece24b4c72f3b5846774b6e61b83fe685c2fc9d62093277fb3bc86", [:mix], [{:html_entities, "~> 0.4.0", [hex: :html_entities, repo: "hexpm", optional: false]}, {:mochiweb, "~> 2.15", [hex: :mochiweb, repo: "hexpm", optional: false]}], "hexpm"}, @@ -35,8 +35,8 @@ "idna": {:hex, :idna, "6.0.0", "689c46cbcdf3524c44d5f3dde8001f364cd7608a99556d8fbd8239a5798d4c10", [:rebar3], [{:unicode_util_compat, "0.4.1", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm"}, "jason": {:hex, :jason, "1.1.2", "b03dedea67a99223a2eaf9f1264ce37154564de899fd3d8b9a21b1a6fd64afe7", [:mix], [{:decimal, "~> 1.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm"}, "jose": {:hex, :jose, "1.8.4", "7946d1e5c03a76ac9ef42a6e6a20001d35987afd68c2107bcd8f01a84e75aa73", [:mix, :rebar3], [{:base64url, "~> 0.0.1", [hex: :base64url, repo: "hexpm", optional: false]}], "hexpm"}, - "makeup": {:hex, :makeup, "0.5.5", "9e08dfc45280c5684d771ad58159f718a7b5788596099bdfb0284597d368a882", [:mix], [{:nimble_parsec, "~> 0.4", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm"}, - "makeup_elixir": {:hex, :makeup_elixir, "0.10.0", "0f09c2ddf352887a956d84f8f7e702111122ca32fbbc84c2f0569b8b65cbf7fa", [:mix], [{:makeup, "~> 0.5.5", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm"}, + "makeup": {:hex, :makeup, "0.8.0", "9cf32aea71c7fe0a4b2e9246c2c4978f9070257e5c9ce6d4a28ec450a839b55f", [:mix], [{:nimble_parsec, "~> 0.5.0", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm"}, + "makeup_elixir": {:hex, :makeup_elixir, "0.13.0", "be7a477997dcac2e48a9d695ec730b2d22418292675c75aa2d34ba0909dcdeda", [:mix], [{:makeup, "~> 0.8", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm"}, "meck": {:hex, :meck, "0.8.13", "ffedb39f99b0b99703b8601c6f17c7f76313ee12de6b646e671e3188401f7866", [:rebar3], [], "hexpm"}, "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], [], "hexpm"}, "mime": {:hex, :mime, "1.3.1", "30ce04ab3175b6ad0bdce0035cba77bba68b813d523d1aac73d9781b4d193cf8", [:mix], [], "hexpm"}, @@ -44,7 +44,7 @@ "mochiweb": {:hex, :mochiweb, "2.15.0", "e1daac474df07651e5d17cc1e642c4069c7850dc4508d3db7263a0651330aacc", [:rebar3], [], "hexpm"}, "mock": {:hex, :mock, "0.3.1", "994f00150f79a0ea50dc9d86134cd9ebd0d177ad60bd04d1e46336cdfdb98ff9", [:mix], [{:meck, "~> 0.8.8", [hex: :meck, repo: "hexpm", optional: false]}], "hexpm"}, "mogrify": {:hex, :mogrify, "0.6.1", "de1b527514f2d95a7bbe9642eb556061afb337e220cf97adbf3a4e6438ed70af", [:mix], [], "hexpm"}, - "nimble_parsec": {:hex, :nimble_parsec, "0.4.0", "ee261bb53214943679422be70f1658fff573c5d0b0a1ecd0f18738944f818efe", [:mix], [], "hexpm"}, + "nimble_parsec": {:hex, :nimble_parsec, "0.5.0", "90e2eca3d0266e5c53f8fbe0079694740b9c91b6747f2b7e3c5d21966bba8300", [:mix], [], "hexpm"}, "parse_trans": {:hex, :parse_trans, "3.3.0", "09765507a3c7590a784615cfd421d101aec25098d50b89d7aa1d66646bc571c1", [:rebar3], [], "hexpm"}, "pbkdf2_elixir": {:hex, :pbkdf2_elixir, "0.12.3", "6706a148809a29c306062862c803406e88f048277f6e85b68faf73291e820b84", [:mix], [], "hexpm"}, "phoenix": {:hex, :phoenix, "1.4.1", "801f9d632808657f1f7c657c8bbe624caaf2ba91429123ebe3801598aea4c3d9", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 1.1", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 1.0 or ~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: true]}], "hexpm"}, From 10096bbf2b6c18104cb63b5486681d00eaa5fb6c Mon Sep 17 00:00:00 2001 From: Hakurei Reimu Date: Mon, 15 Apr 2019 12:31:37 +0800 Subject: [PATCH 09/20] add extra_cookie_attrs option to config Allow instance admins to set their own SameSite cookie policy from the config. Default value in the config is `Lax`. --- config/config.exs | 5 ++++- docs/config.md | 4 ++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index eb74e7483..750e593e3 100644 --- a/config/config.exs +++ b/config/config.exs @@ -154,7 +154,10 @@ config :pleroma, Pleroma.Web.Endpoint, signing_salt: "CqaoopA2", render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)], pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2], - secure_cookie_flag: true + secure_cookie_flag: true, + extra_cookie_attrs: [ + "SameSite=Lax" + ] # Configures Elixir's Logger config :logger, :console, diff --git a/docs/config.md b/docs/config.md index e286104df..117fda960 100644 --- a/docs/config.md +++ b/docs/config.md @@ -221,6 +221,8 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i - `scheme` - e.g `http`, `https` - `port` - `path` +* `extra_cookie_attrs` - a list of `Key=Value` strings to be added as non-standard cookie attributes. Defaults to `["SameSite=Lax"]`. See the [SameSite article](https://www.owasp.org/index.php/SameSite) on OWASP for more info. + **Important note**: if you modify anything inside these lists, default `config.exs` values will be overwritten, which may result in breakage, to make sure this does not happen please copy the default value for the list from `config.exs` and modify/add only what you need @@ -442,6 +444,8 @@ The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx. Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies. +Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"` + * For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https:///oauth/twitter/callback * For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https:///oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps//fb-login/settings/ From 6e26ac10a36354c2a08ccddd0fd2df658aba5e4b Mon Sep 17 00:00:00 2001 From: Hakurei Reimu Date: Mon, 15 Apr 2019 12:33:46 +0800 Subject: [PATCH 10/20] make Pleroma.Endpoint use extra_cookie_attrs in config --- lib/pleroma/web/endpoint.ex | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 1633477c3..7f939991d 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -58,14 +58,9 @@ defmodule Pleroma.Web.Endpoint do do: "__Host-pleroma_key", else: "pleroma_key" - same_site = - if Pleroma.Config.oauth_consumer_enabled?() do - # Note: "SameSite=Strict" prevents sign in with external OAuth provider - # (there would be no cookies during callback request from OAuth provider) - "SameSite=Lax" - else - "SameSite=Strict" - end + extra = + Pleroma.Config.get([__MODULE__, :extra_cookie_attrs]) + |> Enum.join(";") # The session will be stored in the cookie and signed, # this means its contents can be read but not tampered with. @@ -77,7 +72,7 @@ defmodule Pleroma.Web.Endpoint do signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]}, http_only: true, secure: secure_cookies, - extra: same_site + extra: extra ) # Note: the plug and its configuration is compile-time this can't be upstreamed yet From 2472efb4e9aafe68d1ab3eef12ea3c3ad3859029 Mon Sep 17 00:00:00 2001 From: Hakurei Reimu Date: Tue, 16 Apr 2019 22:24:24 +0800 Subject: [PATCH 11/20] Add extra_cookie_attrs to changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ebf21851b..1d2ad3320 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Federation: Expand the audience of delete activities to all recipients of the deleted object - Federation: Removed `inReplyToStatusId` from objects - Configuration: Dedupe enabled by default +- Configuration: Added `extra_cookie_attrs` for setting non-standard cookie attributes. Defaults to ["SameSite=Lax"] so that remote follows work. - Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change - Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` - Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` From 750b369d0469ba7ec037ff953e65473e32d7fa33 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 16 Apr 2019 18:10:15 +0000 Subject: [PATCH 12/20] activitypub: allow indirect messages from users being followed at a personal inbox --- .../activity_pub/activity_pub_controller.ex | 7 +++-- lib/pleroma/web/activity_pub/utils.ex | 7 ++++- .../activity_pub_controller_test.exs | 30 +++++++++++++++++++ 3 files changed, 40 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index 7091d6927..3331ebebd 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -153,9 +153,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end def inbox(%{assigns: %{valid_signature: true}} = conn, %{"nickname" => nickname} = params) do - with %User{} = user <- User.get_cached_by_nickname(nickname), - true <- Utils.recipient_in_message(user.ap_id, params), - params <- Utils.maybe_splice_recipient(user.ap_id, params) do + with %User{} = recipient <- User.get_cached_by_nickname(nickname), + %User{} = actor <- User.get_or_fetch_by_ap_id(params["actor"]), + true <- Utils.recipient_in_message(recipient, actor, params), + params <- Utils.maybe_splice_recipient(recipient.ap_id, params) do Federator.incoming_ap_doc(params) json(conn, "ok") end diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index 0b53f71c3..ccc9da7c6 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -52,7 +52,7 @@ defmodule Pleroma.Web.ActivityPub.Utils do defp recipient_in_collection(ap_id, coll) when is_list(coll), do: ap_id in coll defp recipient_in_collection(_, _), do: false - def recipient_in_message(ap_id, params) do + def recipient_in_message(%User{ap_id: ap_id} = recipient, %User{} = actor, params) do cond do recipient_in_collection(ap_id, params["to"]) -> true @@ -71,6 +71,11 @@ defmodule Pleroma.Web.ActivityPub.Utils do !params["to"] && !params["cc"] && !params["bto"] && !params["bcc"] -> true + # if the message is sent from somebody the user is following, then assume it + # is addressed to the recipient + User.following?(recipient, actor) -> + true + true -> false end diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 8dd8e7e0a..7b1c60f15 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -253,6 +253,36 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert Activity.get_by_ap_id(data["id"]) end + test "it accepts messages from actors that are followed by the user", %{conn: conn} do + recipient = insert(:user) + actor = insert(:user, %{ap_id: "http://mastodon.example.org/users/actor"}) + + {:ok, recipient} = User.follow(recipient, actor) + + data = + File.read!("test/fixtures/mastodon-post-activity.json") + |> Poison.decode!() + + object = + data["object"] + |> Map.put("attributedTo", actor.ap_id) + + data = + data + |> Map.put("actor", actor.ap_id) + |> Map.put("object", object) + + conn = + conn + |> assign(:valid_signature, true) + |> put_req_header("content-type", "application/activity+json") + |> post("/users/#{recipient.nickname}/inbox", data) + + assert "ok" == json_response(conn, 200) + :timer.sleep(500) + assert Activity.get_by_ap_id(data["id"]) + end + test "it rejects reads from other users", %{conn: conn} do user = insert(:user) otheruser = insert(:user) From d4a749cfb2f644dab9b0f414e8f0e41ed4ffd08f Mon Sep 17 00:00:00 2001 From: Normandy Date: Tue, 16 Apr 2019 18:35:38 +0000 Subject: [PATCH 13/20] Handle new-style mastodon follow lists Fixes https://git.pleroma.social/pleroma/pleroma/issues/814 --- .../twitter_api/controllers/util_controller.ex | 7 ++++++- test/web/twitter_api/util_controller_test.exs | 15 +++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index d066d35f5..ed45ca735 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -304,7 +304,12 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do end def follow_import(%{assigns: %{user: follower}} = conn, %{"list" => list}) do - with followed_identifiers <- String.split(list), + with lines <- String.split(list, "\n"), + followed_identifiers <- + Enum.map(lines, fn line -> + String.split(line, ",") |> List.first() + end) + |> List.delete("Account address"), {:ok, _} = Task.start(fn -> User.follow_import(follower, followed_identifiers) end) do json(conn, "job started") end diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs index a4b3d651a..c58b49ea4 100644 --- a/test/web/twitter_api/util_controller_test.exs +++ b/test/web/twitter_api/util_controller_test.exs @@ -26,6 +26,21 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do assert response == "job started" end + test "it imports new-style mastodon follow lists", %{conn: conn} do + user1 = insert(:user) + user2 = insert(:user) + + response = + conn + |> assign(:user, user1) + |> post("/api/pleroma/follow_import", %{ + "list" => "Account address,Show boosts\n#{user2.ap_id},true" + }) + |> json_response(:ok) + + assert response == "job started" + end + test "requires 'follow' permission", %{conn: conn} do token1 = insert(:oauth_token, scopes: ["read", "write"]) token2 = insert(:oauth_token, scopes: ["follow"]) From 6ac948c5b89ca6ea0c1adbd45a408a6a1db227ae Mon Sep 17 00:00:00 2001 From: Alex S Date: Wed, 17 Apr 2019 14:12:45 +0700 Subject: [PATCH 14/20] changelog info --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d2ad3320..b9e4e93d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) - ActivityPub C2S: OAuth endpoints +- Email address, which is used for notifications. Instance configuration: `notify_email` ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer From 2198e54d28f1e1c5a2f2d39426f1bdcc97c00213 Mon Sep 17 00:00:00 2001 From: Alex S Date: Wed, 17 Apr 2019 14:27:51 +0700 Subject: [PATCH 15/20] changes --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b9e4e93d3..21ad83a01 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Configuration: `safe_dm_mentions` option - Configuration: `link_name` option - Configuration: `fetch_initial_posts` option +- Configuration: `notify_email` option - Pleroma API: User subscribtions - Admin API: Endpoints for listing/revoking invite tokens - Admin API: Endpoints for making users follow/unfollow each other @@ -21,7 +22,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) - ActivityPub C2S: OAuth endpoints -- Email address, which is used for notifications. Instance configuration: `notify_email` ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer From 128aae05f374b7212e7676844520a4ddbbf8a94e Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Wed, 17 Apr 2019 11:33:21 +0300 Subject: [PATCH 16/20] [#923] Minor semantic adjustment. --- lib/pleroma/web/oauth/oauth_controller.ex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 8e5a83466..9874bac23 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -44,7 +44,9 @@ defmodule Pleroma.Web.OAuth.OAuthController do def authorize(conn, params), do: do_authorize(conn, params) - defp do_authorize(conn, %{"authorization" => auth_attrs}) do + defp do_authorize(conn, %{"authorization" => auth_attrs}), do: do_authorize(conn, auth_attrs) + + defp do_authorize(conn, auth_attrs) do app = Repo.get_by(App, client_id: auth_attrs["client_id"]) available_scopes = (app && app.scopes) || [] scopes = oauth_scopes(auth_attrs, nil) || available_scopes @@ -60,8 +62,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do }) end - defp do_authorize(conn, auth_attrs), do: do_authorize(conn, %{"authorization" => auth_attrs}) - def create_authorization( conn, %{"authorization" => _} = params, From 2140e164d75e053a6b6c6131c939ae5ce9eebf03 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 17 Apr 2019 20:05:09 +0000 Subject: [PATCH 17/20] activitypub: properly filter out transitive activities concerning blocked users --- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- test/web/activity_pub/activity_pub_test.exs | 23 ++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 54dd4097c..68317ee6a 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -712,7 +712,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do from( activity in query, where: fragment("not (? = ANY(?))", activity.actor, ^blocks), - where: fragment("not (?->'to' \\?| ?)", activity.data, ^blocks), + where: fragment("not (? && ?)", activity.recipients, ^blocks), where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks) ) end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 17fec05b1..5454bffde 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -341,6 +341,29 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do assert Enum.member?(activities, activity_one) end + test "doesn't return transitive interactions concerning blocked users" do + blocker = insert(:user) + blockee = insert(:user) + friend = insert(:user) + + {:ok, blocker} = User.block(blocker, blockee) + + {:ok, activity_one} = CommonAPI.post(friend, %{"status" => "hey!"}) + + {:ok, activity_two} = CommonAPI.post(friend, %{"status" => "hey! @#{blockee.nickname}"}) + + {:ok, activity_three} = CommonAPI.post(blockee, %{"status" => "hey! @#{friend.nickname}"}) + + {:ok, activity_four} = CommonAPI.post(blockee, %{"status" => "hey! @#{blocker.nickname}"}) + + activities = ActivityPub.fetch_activities([], %{"blocking_user" => blocker}) + + assert Enum.member?(activities, activity_one) + refute Enum.member?(activities, activity_two) + refute Enum.member?(activities, activity_three) + refute Enum.member?(activities, activity_four) + end + test "doesn't return muted activities" do activity_one = insert(:note_activity) activity_two = insert(:note_activity) From 36f78c6dcdea48dfb0231a30561825832cdb4518 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 17 Apr 2019 22:27:59 +0000 Subject: [PATCH 18/20] activitypub: fix filtering of boosts from blocked users --- lib/pleroma/web/activity_pub/activity_pub.ex | 7 +++++++ test/web/activity_pub/activity_pub_test.exs | 22 ++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 68317ee6a..cb88ba308 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -713,6 +713,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do activity in query, where: fragment("not (? = ANY(?))", activity.actor, ^blocks), where: fragment("not (? && ?)", activity.recipients, ^blocks), + where: + fragment( + "not (?->>'type' = 'Announce' and ?->'to' \\?| ?)", + activity.data, + activity.data, + ^blocks + ), where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks) ) end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 5454bffde..79116824e 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -364,6 +364,28 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do refute Enum.member?(activities, activity_four) end + test "doesn't return announce activities concerning blocked users" do + blocker = insert(:user) + blockee = insert(:user) + friend = insert(:user) + + {:ok, blocker} = User.block(blocker, blockee) + + {:ok, activity_one} = CommonAPI.post(friend, %{"status" => "hey!"}) + + {:ok, activity_two} = CommonAPI.post(blockee, %{"status" => "hey! @#{friend.nickname}"}) + + {:ok, activity_three, _} = CommonAPI.repeat(activity_two.id, friend) + + activities = + ActivityPub.fetch_activities([], %{"blocking_user" => blocker}) + |> Enum.map(fn act -> act.id end) + + assert Enum.member?(activities, activity_one.id) + refute Enum.member?(activities, activity_two.id) + refute Enum.member?(activities, activity_three.id) + end + test "doesn't return muted activities" do activity_one = insert(:note_activity) activity_two = insert(:note_activity) From 1aa4994f6d867e5c3e0d56dc26d7ebad7e4ecb56 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 18 Apr 2019 12:44:25 -0500 Subject: [PATCH 19/20] Do not require authentication for user search in MastoAPI --- docs/api/differences_in_mastoapi_responses.md | 6 ++++++ lib/pleroma/web/router.ex | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md index 923d94db2..ed3fd9b67 100644 --- a/docs/api/differences_in_mastoapi_responses.md +++ b/docs/api/differences_in_mastoapi_responses.md @@ -41,6 +41,12 @@ Has these additional fields under the `pleroma` object: - `is_admin`: boolean, true if user is an admin - `confirmation_pending`: boolean, true if a new user account is waiting on email confirmation to be activated +## Account Search + +Behavior has changed: + +- `/api/v1/accounts/search`: Does not require authentication + ## Notifications Has these additional fields under the `pleroma` object: diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index a809347be..8b665d61b 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -242,7 +242,6 @@ defmodule Pleroma.Web.Router do get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials) get("/accounts/relationships", MastodonAPIController, :relationships) - get("/accounts/search", MastodonAPIController, :account_search) get("/accounts/:id/lists", MastodonAPIController, :account_lists) get("/accounts/:id/identity_proofs", MastodonAPIController, :empty_array) @@ -377,6 +376,8 @@ defmodule Pleroma.Web.Router do get("/trends", MastodonAPIController, :empty_array) + get("/accounts/search", MastodonAPIController, :account_search) + scope [] do pipe_through(:oauth_read_or_unauthenticated) From ada384207b2b49ce410ea19b45c97868625d6d8d Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 19 Apr 2019 07:50:21 +0000 Subject: [PATCH 20/20] typo fix docs for RelMe provider --- CHANGELOG.md | 1 + README.md | 2 +- config/config.exs | 4 +++- docs/config.md | 3 ++- lib/pleroma/web/metadata/rel_me.ex | 13 +++++++++++++ test/web/metadata/rel_me_test.exs | 18 ++++++++++++++++++ 6 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 lib/pleroma/web/metadata/rel_me.ex create mode 100644 test/web/metadata/rel_me_test.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index 21ad83a01..c90ff61cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) - ActivityPub C2S: OAuth endpoints +- Metadata RelMe provider ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/README.md b/README.md index c45190fc3..987f973ea 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Pleroma -**Note**: This readme as well as complete documentation is also availible at +**Note**: This readme as well as complete documentation is also available at ## About Pleroma diff --git a/config/config.exs b/config/config.exs index 595e3505c..1114dc84d 100644 --- a/config/config.exs +++ b/config/config.exs @@ -337,7 +337,9 @@ config :pleroma, :gopher, ip: {0, 0, 0, 0}, port: 9999 -config :pleroma, Pleroma.Web.Metadata, providers: [], unfurl_nsfw: false +config :pleroma, Pleroma.Web.Metadata, + providers: [Pleroma.Web.Metadata.Providers.RelMe], + unfurl_nsfw: false config :pleroma, :suggestions, enabled: false, diff --git a/docs/config.md b/docs/config.md index d618c5dde..5a97033b2 100644 --- a/docs/config.md +++ b/docs/config.md @@ -343,9 +343,10 @@ This config contains two queues: `federator_incoming` and `federator_outgoing`. * `max_retries`: The maximum number of times a federation job is retried ## Pleroma.Web.Metadata -* `providers`: a list of metadata providers to enable. Providers availible: +* `providers`: a list of metadata providers to enable. Providers available: * Pleroma.Web.Metadata.Providers.OpenGraph * Pleroma.Web.Metadata.Providers.TwitterCard + * Pleroma.Web.Metadata.Providers.RelMe - add links from user bio with rel=me into the `
` as `` * `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews ## :rich_media diff --git a/lib/pleroma/web/metadata/rel_me.ex b/lib/pleroma/web/metadata/rel_me.ex new file mode 100644 index 000000000..03af899c4 --- /dev/null +++ b/lib/pleroma/web/metadata/rel_me.ex @@ -0,0 +1,13 @@ +defmodule Pleroma.Web.Metadata.Providers.RelMe do + alias Pleroma.Web.Metadata.Providers.Provider + @behaviour Provider + + @impl Provider + def build_tags(%{user: user}) do + (Floki.attribute(user.bio, "link[rel~=me]", "href") ++ + Floki.attribute(user.bio, "a[rel~=me]", "href")) + |> Enum.map(fn link -> + {:link, [rel: "me", href: link], []} + end) + end +end diff --git a/test/web/metadata/rel_me_test.exs b/test/web/metadata/rel_me_test.exs new file mode 100644 index 000000000..f66bf7834 --- /dev/null +++ b/test/web/metadata/rel_me_test.exs @@ -0,0 +1,18 @@ +defmodule Pleroma.Web.Metadata.Providers.RelMeTest do + use Pleroma.DataCase + import Pleroma.Factory + alias Pleroma.Web.Metadata.Providers.RelMe + + test "it renders all links with rel='me' from user bio" do + bio = + ~s(https://some-link.com https://another-link.com + "], []}, + {:link, [rel: "me", href: "https://another-link.com"], []} + ] + end +end