5ce118d970
Validate object data for incoming Update activities
...
In Create validator we do not validate the object data,
but that is because the object itself will go through the
pipeline again, which is not the case for Update. Thus,
we added validation for objects in Update activities.
2022-07-03 20:21:46 -04:00
4367489a3e
Pass history items through ObjectValidator for updatable object types
2022-07-03 20:02:52 -04:00
4edc867b87
Merge branch 'develop' into 'from/upstream-develop/tusooa/edits'
...
# Conflicts:
# lib/pleroma/constants.ex
2022-07-03 22:24:57 +00:00
a15b45a589
Merge branch 'bugfix/mime-validation-no-list' into 'develop'
...
Bugfix: Validate mediaType only by it's format
See merge request pleroma/pleroma!3597
2022-07-03 21:04:41 +00:00
37fdf148b0
Rename privilege tags
...
I first focussed on getting things working
Now that they do and we know what tags there are, I put some thought in providing better names
I use the form <what_it_controls>_<what_it_allows_you_to_do>
:statuses_read => :messages_read
:status_delete => :messages_delete
:user_read => :users_read
:user_deletion => :users_delete
:user_activation => :users_manage_activation_state
:user_invite => :users_manage_invites
:user_tag => :users_manage_tags
:user_credentials => :users_manage_credentials
:report_handle => :reports_manage_reports
:emoji_management => :emoji_manage_emoji
2022-07-01 10:28:09 +02:00
11f9f2ef27
EmojiReactValidator: fix emoji qualification
...
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.
This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.
2022-06-28 21:33:57 +02:00
014096aeef
Make outbound transmogrifier aware of edit history
2022-06-25 11:20:46 -04:00
5321fd0012
Do not put meta[:object_data] for local Updates
2022-06-25 10:03:19 -04:00
ee07383191
Use meta[:object_data] in SideEffects for Update
2022-06-24 10:28:58 -04:00
01321c88b5
Convert incoming Updated object into Pleroma format
2022-06-24 10:25:22 -04:00
bb61cfee8d
Validator for deleting statusses is now done with priviledge instead of superuser
2022-06-21 12:10:27 +02:00
72ac940618
Fix SideEffectsTest
2022-06-03 21:50:49 -04:00
410e177b2a
Strip internal fields in formerRepresentation
2022-06-01 12:02:03 -04:00
8acfe95f3e
Allow updating polls
2022-05-29 22:16:03 -04:00
5e8aac0e07
Record edit history for Note and Question Updates
2022-05-29 13:54:16 -04:00
0f6a5eb9a2
Handle Note and Question Updates
2022-05-29 12:54:57 -04:00
547def67a7
Allow Updates by every actor on the same origin
2022-05-29 11:36:00 -04:00
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
...
* rejected_shortcodes is defined as a list of strings in the
configuration description. As such, database-based configuration was
led to handle those settings as strings, and not as the actually
expected type, Regex.
* This caused each message passing through this MRF, if a rejected
shortcode was set and the emoji did not exist already on the instance,
to fail federating, as an exception was raised, swiftly caught and
mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
now handled as perfect matches for an emoji shortcode (meaning that if
the emoji-to-be-pulled's shortcode is in the blacklist, it will be
rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
6e5ef7f2eb
Test local-only in ap c2s outbox
...
Ref: fix-local-public
2022-05-09 18:53:32 -04:00
4605efe272
Merge branch 'improve_anti_followbot_policy' into 'develop'
...
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy
Closes #2561
See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
a8093732bd
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy
2022-05-08 18:10:40 +00:00
fe933b9bf2
Prevent remote access of local-only posts via /objects
...
Ref: fix-local-public
2022-05-06 13:54:21 -04:00
57c030a0a7
Skip cache when /objects or /activities is authenticated
...
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
fa3157df96
Skip cache when /objects or /activities is authenticated
...
Ref: fix-local-public
2022-05-06 08:44:03 +02:00
030183b35f
AttachmentValidator: Use custom ecto type and regex for "mediaType"
2022-03-17 22:37:26 +01:00
17aa3644be
Copyright bump for 2022
2022-02-25 23:11:42 -07:00
2d77976305
Add tests for mismatched context in replies
2022-02-02 12:19:35 -06:00
5a4e3aa715
Test that a Create/Note from Roadhouse validates
2022-02-02 11:02:23 -06:00
61dfeca1cc
Test that a Note from Roadhouse validates
2022-02-02 10:38:30 -06:00
3bf257171f
ForceMentionsInContent: improve display of Markdown posts
2022-01-27 14:15:06 -06:00
27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts
2022-01-26 21:24:26 -06:00
0604b0dd09
ForceMentionsInContent: don't mention self
2022-01-25 12:33:47 -06:00
0f4e0e667e
Merge branch 'recipients-inline' into 'develop'
...
ForceMentionsInContent: wrap mentions in a span, fix the formatting
See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
65b4d2ce84
ForceMentionsInContent: fix order of mentions
2022-01-25 10:42:34 -06:00
267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format
2022-01-24 20:03:43 -06:00
e3d394eef6
Birthdays: Fix tests, add test for misskey
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 09:41:21 +01:00
6ffe43af70
Merge branch 'private-pins' into 'develop'
...
Support private pinned posts from Mastodon
See merge request pleroma/pleroma!3611
2022-01-20 23:18:24 +00:00
88c21b9282
Support private pinned posts from Mastodon
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-20 12:35:32 +01:00
a02cfd7f52
Add ForceMentionsInContentPolicy
...
Even though latest PleromaFE supports displaying these properly, mobile
apps still exist, so I think we should offer a workaround to those who
want it.
2022-01-19 21:04:57 +03:00
4f44fd32ea
Federate unfollow activity in move_following properly
...
0: Use the CommonAPI unfollow function to make sure the
unfollow activity is federated.
1: Limit the follow and unfollow to local followers only,
while let the romote servers decide whether to move their followers.
Ref: emit-move
2021-12-28 01:11:08 -05:00
e41eee5ed1
Make Move activity federate properly
...
Ref: emit-move
2021-12-28 01:11:08 -05:00
8376e83f61
Lint
2021-12-17 16:52:50 -05:00
951d1592c7
Add test to ensure removed follower cease to have relationship with ex-followee
...
https://git.pleroma.social/pleroma/pleroma/-/issues/2802
2021-12-17 16:44:22 -05:00
bfd870380c
Add test to ensure the blocked cease to have follow relationship to the blocker
...
https://git.pleroma.social/pleroma/pleroma/-/issues/2766
2021-12-17 14:44:28 -05:00
3d41ccc47b
Allow updating accepted follow activities in Web.ActivityPub.Utils.update_follow_state_for_all/2
...
Mastodon uses the Reject activity also for the purpose of removing
a follower, in addition to reject a follow request. We should
also update the original Follow activity in this case.
2021-12-17 14:17:51 -05:00
01cc099c8e
VideoHandlingTest: remove nil values
2021-12-07 21:55:54 -05:00
992d9287d0
Apply alexgleason's suggestion(s) to 1 file(s)
2021-12-07 22:53:36 +00:00
2c96668a2c
Merge remote-tracking branch 'origin/develop' into fix-attachment-dimensions
2021-12-07 13:41:54 -05:00
335684182a
Fix VideoHandlingTest
2021-12-07 13:35:34 -05:00
3f03d71ea6
AttachmentValidator: ingest width and height
2021-12-07 12:59:03 -05:00
d9349bc52f
Transmogrifier: test fix_attachments/1
2021-12-07 01:10:47 -05:00
db46913dcc
make linter happy
2021-12-06 11:50:51 +00:00
cd8bdbc761
Make deactivated user check into a subquery
...
Fixes #2792
2021-12-06 11:44:17 +00:00
4d341f51e1
Merge branch 'fix-tests' into 'develop'
...
Test fixes
See merge request pleroma/pleroma!3532
2021-11-15 14:31:27 +00:00
e2772d6bf1
Merge branch 'block-behavior' into 'develop'
...
Configurable block visibility, fixes #2123
Closes #2123
See merge request pleroma/pleroma!3242
2021-11-15 14:27:59 +00:00
Lain Soykaf
2dea4a8c04
StealEmojiPolicyTest: Make mocks explicit.
2021-11-14 11:44:24 +01:00
23161526d4
object_validators: Group common fields in CommonValidations
...
Notes:
- QuestionValidator didn't have a :name field but that seems like a mistake
- `_fields` functions can't inherit others because of some Validators
- bto/bcc fields were absent in activities, also seems like a mistake
(Well IIRC we don't or barely support bto/bcc anyway)
2021-10-10 02:50:06 +02:00
bc62a35282
Merge branch 'features/ingestion-no-nil' into 'develop'
...
ObjectValidator.stringify_keys: filter out nil values
See merge request pleroma/pleroma!3506
2021-08-28 16:07:35 +00:00
773708cfe8
Merge branch 'builder-note' into 'develop'
...
CommonAPI.Utils.make_note_data/1 --> ActivityPub.Builder.note/1
See merge request pleroma/pleroma!3511
2021-08-14 18:32:40 +00:00
ba6049aa81
Builder.note/1: return {:ok, map(), keyword()} like other Builder functions
2021-08-14 11:24:55 -05:00
a2eacfc525
CommonAPI.Utils.make_note_data/1 --> ActivityPub.Builder.note/1
2021-08-14 11:01:06 -05:00
8baaa36a16
ObjectAgePolicy: Fix pattern matching on published
...
Backport of: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3500
2021-08-13 17:56:46 +02:00
61d233921c
ObjectValidator.stringify_keys: filter out nil values
2021-08-11 21:38:10 +02:00
c64eae40a2
ObjectAgePolicy: Fix pattern matching on published
2021-08-10 07:41:06 +02:00
901204df22
Merge branch 'poll-notification' into 'develop'
...
MastodonAPI: Support poll notification
See merge request pleroma/pleroma!3484
2021-08-09 10:02:37 +00:00
27fe7b0274
Make quarentine work with list of tuples instead of strings
2021-08-06 07:59:52 +02:00
dd947d9bc8
Add tests for setting `:instance, :quarantined_instances`
...
No test was done for quarantined instances yet. I added a factory for followers_only notes and checked
* That no followers only post is send when the target server is quarantined
* That a followers only post is send when the target server is not quarantined
2021-08-06 07:59:52 +02:00
4ba0beb60c
Make mrfSimple work with tuples
...
* Changed SimplePolicy
* I also grepped in test/ for ':mrf_simple' to see what other things could be affected
2021-08-06 07:58:58 +02:00
62bf6d67e3
Merge remote-tracking branch 'pleroma/develop' into poll-notification-fixes
2021-07-18 11:49:22 -05:00
0b1c05ca1e
Poll notification: trigger PollWorker through common_pipeline
2021-07-18 11:10:23 -05:00
173e977e28
Merge branch 'features/ingestion-page' into 'develop'
...
Pipeline Ingestion: Page
See merge request pleroma/pleroma!3097
2021-07-12 05:05:49 +00:00
6dc78f5f6f
AP C2S: Remove restrictions and make it go through pipeline
2021-07-12 06:49:41 +02:00
c839078a75
ObjectValidators.{Announce,EmojiReact,Like}: Fix context, actor & addressing
2021-06-09 04:23:02 +02:00
eb7313b0d3
Pipeline Ingestion: Page
2021-06-04 20:06:33 +02:00
0ddf492c5d
Merge branch 'cycles-base-url' into 'develop'
...
Deprecate Pleroma.Web.base_url/0
See merge request pleroma/pleroma!3432
2021-06-01 16:15:27 +00:00
c4b4258374
Merge branch 'features/validators-note' into 'develop'
...
Pipeline Ingestion: Note
Closes #290
See merge request pleroma/pleroma!2984
2021-06-01 01:51:38 +00:00
f2134e605b
Merge remote-tracking branch 'pleroma/develop' into cycles-base-url
2021-05-31 16:49:46 -05:00
51a9f97e87
Deprecate Pleroma.Web.base_url/0
...
Use Pleroma.Web.Endpoint.url/0 directly instead. Reduces compiler cycles.
2021-05-31 16:48:03 -05:00
359ded086c
Merge branch 'simplepolicy-announce-leak' into 'develop'
...
SimplePolicy: filter nested objects, fixes #2582
Closes #2582
See merge request pleroma/pleroma!3376
2021-05-28 19:05:13 +00:00
4694853766
Provide totalItems field for featured collections
2021-05-27 12:17:31 -05:00
ff02511057
Merge remote-tracking branch 'upstream/develop' into attachment-meta
2021-05-12 20:10:52 -05:00
4c060ae733
Ingest remote attachment width/height
2021-05-12 15:38:49 -05:00
926a233cc4
Merge remote-tracking branch 'upstream/develop' into simplepolicy-announce-leak
2021-04-30 14:21:17 -05:00
c16c7fdb87
SimplePolicy: filter string Objects
2021-04-30 14:20:54 -05:00
3d742c3c1a
SimplePolicy: filter nested objects
2021-04-30 14:20:37 -05:00
762be6ce10
Merge remote-tracking branch 'upstream/develop' into block-behavior
2021-04-29 11:14:32 -05:00
15f87cf658
Merge branch 'features/ingestion-ecto-tag' into 'develop'
...
TagValidator: New
See merge request pleroma/pleroma!3244
2021-04-16 09:55:55 +00:00
79376b4afb
Merge branch 'feature/521-pinned-post-federation' into 'develop'
...
Pinned posts federation
Closes #521
See merge request pleroma/pleroma!3312
2021-04-16 09:53:47 +00:00
53193b84b1
utils: Fix maybe_splice_recipient when "object" isn’t a map
2021-04-05 19:19:12 +02:00
b0c778fde7
NoteHandlingTest: remove fix_explicit_addressing-related test
2021-04-05 19:19:12 +02:00
d1205406d9
ActivityPubControllerTest: Apply same addr changes to object
2021-04-05 19:19:12 +02:00
641184fc7a
recipients fixes/hardening for CreateGenericValidator
2021-04-05 19:19:11 +02:00
c944932674
Pipeline Ingestion: Note
2021-04-05 19:19:11 +02:00
e2a3365b5c
ObjectValidator.CommonFixes: Introduce fix_objects_defaults and fix_activity_defaults
2021-04-05 19:19:11 +02:00
e56779dd8d
Transmogrifier: Simplify fix_explicit_addressing and fix_implicit_addressing
2021-04-05 19:19:11 +02:00
5ae27c8451
pipeline_test: Fix usage of %Activity{}
2021-04-01 14:18:40 +02:00
16a7ffb1ea
Fix function calls due to module name change
2021-03-30 11:10:44 -05:00
bfcdcd4f69
Temp file leaked, oops
2021-03-30 11:10:44 -05:00
03f38ac4eb
Prefer FollowBot naming convention vs Followbot
2021-03-30 11:10:44 -05:00
fef4f3772c
More tests to validate Followbot is behaving
2021-03-30 11:10:44 -05:00
Tusooa Zhu
Haelwenn
Ilja
Hélène
Ilja
Haelwenn (lanodan) Monnier
Sean King
Alex Gleason
marcin mikołajczak
rinpatch
FloatingGhost
lain
Lain Soykaf
Ilja
feld