Merge branch 'release/1.1.6' into 'stable'
Release/1.1.6 See merge request pleroma/pleroma!1995
This commit is contained in:
commit
0ba3f1ffb2
21 changed files with 90 additions and 10 deletions
16
CHANGELOG.md
16
CHANGELOG.md
|
@ -3,6 +3,22 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## [1.1.6] - 2019-11-19
|
||||
### Fixed
|
||||
- Not being able to log into to third party apps when the browser is logged into mastofe
|
||||
- Email confirmation not being required even when enabled
|
||||
- Mastodon API: conversations API crashing when one status is malformed
|
||||
|
||||
### Bundled Pleroma-FE Changes
|
||||
#### Added
|
||||
- About page
|
||||
- Meme arrows
|
||||
|
||||
#### Fixed
|
||||
- Image modal not closing unless clicked outside of image
|
||||
- Attachment upload spinner not being centered
|
||||
- Showing follow counters being 0 when they are actually hidden
|
||||
|
||||
## [1.1.5] - 2019-11-09
|
||||
### Fixed
|
||||
- Polls having different numbers in timelines/notifications/poll api endpoints due to cache desyncronization
|
||||
|
|
|
@ -71,7 +71,7 @@ defp fetch_user_and_token(token) do
|
|||
)
|
||||
|
||||
# credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
|
||||
with %Token{user: %{info: %{deactivated: false} = _} = user} = token_record <- Repo.one(query) do
|
||||
with %Token{user: user} = token_record <- Repo.one(query) do
|
||||
{:ok, user, token_record}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,9 +10,13 @@ def init(options) do
|
|||
options
|
||||
end
|
||||
|
||||
def call(%{assigns: %{user: %User{info: %{deactivated: true}}}} = conn, _) do
|
||||
conn
|
||||
|> assign(:user, nil)
|
||||
def call(%{assigns: %{user: %User{} = user}} = conn, _) do
|
||||
if User.auth_active?(user) do
|
||||
conn
|
||||
else
|
||||
conn
|
||||
|> assign(:user, nil)
|
||||
end
|
||||
end
|
||||
|
||||
def call(conn, _) do
|
||||
|
|
|
@ -70,6 +70,8 @@ defmodule Pleroma.User do
|
|||
def auth_active?(%User{info: %User.Info{confirmation_pending: true}}),
|
||||
do: !Pleroma.Config.get([:instance, :account_activation_required])
|
||||
|
||||
def auth_active?(%User{info: %User.Info{deactivated: true}}), do: false
|
||||
|
||||
def auth_active?(%User{}), do: true
|
||||
|
||||
def visible_for?(user, for_user \\ nil)
|
||||
|
|
|
@ -1671,9 +1671,10 @@ def conversations(%{assigns: %{user: user}} = conn, params) do
|
|||
participations = Participation.for_user_with_last_activity_id(user, params)
|
||||
|
||||
conversations =
|
||||
Enum.map(participations, fn participation ->
|
||||
ConversationView.render("participation.json", %{participation: participation, for: user})
|
||||
end)
|
||||
ConversationView.safe_render_many(participations, ConversationView, "participation.json", %{
|
||||
as: :participation,
|
||||
for: user
|
||||
})
|
||||
|
||||
conn
|
||||
|> add_link_headers(:conversations, participations)
|
||||
|
|
|
@ -35,7 +35,7 @@ def authorize(%Plug.Conn{} = conn, %{"authorization" => _} = params) do
|
|||
authorize(conn, Map.merge(params, auth_attrs))
|
||||
end
|
||||
|
||||
def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, params) do
|
||||
def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, %{"force_login" => _} = params) do
|
||||
if ControllerHelper.truthy_param?(params["force_login"]) do
|
||||
do_authorize(conn, params)
|
||||
else
|
||||
|
@ -43,6 +43,22 @@ def authorize(%Plug.Conn{assigns: %{token: %Token{}}} = conn, params) do
|
|||
end
|
||||
end
|
||||
|
||||
# Note: the token is set in oauth_plug, but the token and client do not always go together.
|
||||
# For example, MastodonFE's token is set if user requests with another client,
|
||||
# after user already authorized to MastodonFE.
|
||||
# So we have to check client and token.
|
||||
def authorize(
|
||||
%Plug.Conn{assigns: %{token: %Token{} = token}} = conn,
|
||||
%{"client_id" => client_id} = params
|
||||
) do
|
||||
with %Token{} = t <- Repo.get_by(Token, token: token.token) |> Repo.preload(:app),
|
||||
^client_id <- t.app.client_id do
|
||||
handle_existing_authorization(conn, params)
|
||||
else
|
||||
_ -> do_authorize(conn, params)
|
||||
end
|
||||
end
|
||||
|
||||
def authorize(%Plug.Conn{} = conn, params), do: do_authorize(conn, params)
|
||||
|
||||
defp do_authorize(%Plug.Conn{} = conn, params) do
|
||||
|
|
|
@ -13,6 +13,7 @@ defmodule Pleroma.Web.Router do
|
|||
pipeline :oauth do
|
||||
plug(:fetch_session)
|
||||
plug(Pleroma.Plugs.OAuthPlug)
|
||||
plug(Pleroma.Plugs.UserEnabledPlug)
|
||||
end
|
||||
|
||||
pipeline :api do
|
||||
|
|
2
mix.exs
2
mix.exs
|
@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
|
|||
def project do
|
||||
[
|
||||
app: :pleroma,
|
||||
version: version("1.1.5"),
|
||||
version: version("1.1.6"),
|
||||
elixir: "~> 1.7",
|
||||
elixirc_paths: elixirc_paths(Mix.env()),
|
||||
compilers: [:phoenix, :gettext] ++ Mix.compilers(),
|
||||
|
|
|
@ -1 +1 @@
|
|||
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/vendors~app.b2603a50868c68a1c192.css rel=stylesheet><link href=/static/css/app.fd71461124f3eb029b1b.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.5c3fab032deb5f2793cb.js></script><script type=text/javascript src=/static/js/app.105d64a8fcdd6724ccde.js></script></body></html>
|
||||
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link rel=stylesheet href=/static/font/css/fontello.css><link rel=stylesheet href=/static/font/css/animation.css><link href=/static/css/vendors~app.b2603a50868c68a1c192.css rel=stylesheet><link href=/static/css/app.fd71461124f3eb029b1b.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.76db8e4cdf29decd5cab.js></script><script type=text/javascript src=/static/js/app.d20ca27d22d74eb7bce0.js></script></body></html>
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
priv/static/static/js/app.d20ca27d22d74eb7bce0.js
Normal file
BIN
priv/static/static/js/app.d20ca27d22d74eb7bce0.js
Normal file
Binary file not shown.
BIN
priv/static/static/js/app.d20ca27d22d74eb7bce0.js.map
Normal file
BIN
priv/static/static/js/app.d20ca27d22d74eb7bce0.js.map
Normal file
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
priv/static/static/js/vendors~app.76db8e4cdf29decd5cab.js.map
Normal file
BIN
priv/static/static/js/vendors~app.76db8e4cdf29decd5cab.js.map
Normal file
Binary file not shown.
Binary file not shown.
|
@ -16,6 +16,23 @@ test "doesn't do anything if the user isn't set", %{conn: conn} do
|
|||
assert ret_conn == conn
|
||||
end
|
||||
|
||||
test "with a user that's not confirmed and a config requiring confirmation, it removes that user",
|
||||
%{conn: conn} do
|
||||
old = Pleroma.Config.get([:instance, :account_activation_required])
|
||||
Pleroma.Config.put([:instance, :account_activation_required], true)
|
||||
|
||||
user = insert(:user, info: %{confirmation_pending: true})
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> UserEnabledPlug.call(%{})
|
||||
|
||||
assert conn.assigns.user == nil
|
||||
|
||||
Pleroma.Config.put([:instance, :account_activation_required], old)
|
||||
end
|
||||
|
||||
test "with a user that is deactivated, it removes that user", %{conn: conn} do
|
||||
user = insert(:user, info: %{deactivated: true})
|
||||
|
||||
|
|
|
@ -468,6 +468,29 @@ test "renders authentication page if user is already authenticated but `force_lo
|
|||
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||
end
|
||||
|
||||
test "renders authentication page if user is already authenticated but user request with another client",
|
||||
%{
|
||||
app: app,
|
||||
conn: conn
|
||||
} do
|
||||
token = insert(:oauth_token, app_id: app.id)
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_session(:oauth_token, token.token)
|
||||
|> get(
|
||||
"/oauth/authorize",
|
||||
%{
|
||||
"response_type" => "code",
|
||||
"client_id" => "another_client_id",
|
||||
"redirect_uri" => OAuthController.default_redirect_uri(app),
|
||||
"scope" => "read"
|
||||
}
|
||||
)
|
||||
|
||||
assert html_response(conn, 200) =~ ~s(type="submit")
|
||||
end
|
||||
|
||||
test "with existing authentication and non-OOB `redirect_uri`, redirects to app with `token` and `state` params",
|
||||
%{
|
||||
app: app,
|
||||
|
|
Loading…
Reference in a new issue