From 3ca6c4f44394fc59171dc17e654163dd69140d15 Mon Sep 17 00:00:00 2001 From: Alex S Date: Wed, 27 Mar 2019 22:37:20 +0630 Subject: [PATCH 01/13] password reset page labels align --- lib/pleroma/web/templates/layout/app.html.eex | 11 +++++++++++ .../twitter_api/util/password_reset.html.eex | 19 ++++++++++--------- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/lib/pleroma/web/templates/layout/app.html.eex b/lib/pleroma/web/templates/layout/app.html.eex index 8333bc9217..3389c91cce 100644 --- a/lib/pleroma/web/templates/layout/app.html.eex +++ b/lib/pleroma/web/templates/layout/app.html.eex @@ -179,6 +179,17 @@ flex-basis: 50%; } } + .form-row { + display: flex; + } + .form-row > label { + text-align: left; + line-height: 47px; + flex: 1; + } + .form-row > input { + flex: 2; + } diff --git a/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex b/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex index 3c7960998b..a3facf0172 100644 --- a/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex +++ b/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex @@ -1,12 +1,13 @@

Password Reset for <%= @user.nickname %>

<%= form_for @conn, util_path(@conn, :password_reset), [as: "data"], fn f -> %> -<%= label f, :password, "Password" %> -<%= password_input f, :password %> -
- -<%= label f, :password_confirmation, "Confirmation" %> -<%= password_input f, :password_confirmation %> -
-<%= hidden_input f, :token, value: @token.token %> -<%= submit "Reset" %> +
+ <%= label f, :password, "Password" %> + <%= password_input f, :password %> +
+
+ <%= label f, :password_confirmation, "Confirmation" %> + <%= password_input f, :password_confirmation %> +
+ <%= hidden_input f, :token, value: @token.token %> + <%= submit "Reset" %> <% end %> From 6f152240538e1b300446f3bad50977cca7203f70 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Mon, 25 Mar 2019 23:13:58 +0100 Subject: [PATCH 02/13] activity_pub.ex: Move limit/max_id restrictions to Pagination helpers --- lib/pleroma/web/activity_pub/activity_pub.ex | 30 ++++--------------- .../mastodon_api/mastodon_api_controller.ex | 3 +- 2 files changed, 7 insertions(+), 26 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 6e1ed7ec9d..5311583382 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.Instances alias Pleroma.Notification alias Pleroma.Object + alias Pleroma.Pagination alias Pleroma.Repo alias Pleroma.Upload alias Pleroma.User @@ -474,7 +475,7 @@ def fetch_public_activities(opts \\ %{}) do q |> restrict_unlisted() - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end @@ -617,26 +618,12 @@ defp restrict_recipients(query, recipients, user) do ) end - defp restrict_limit(query, %{"limit" => limit}) do - from(activity in query, limit: ^limit) - end - - defp restrict_limit(query, _), do: query - defp restrict_local(query, %{"local_only" => true}) do from(activity in query, where: activity.local == true) end defp restrict_local(query, _), do: query - defp restrict_max(query, %{"max_id" => ""}), do: query - - defp restrict_max(query, %{"max_id" => max_id}) do - from(activity in query, where: activity.id < ^max_id) - end - - defp restrict_max(query, _), do: query - defp restrict_actor(query, %{"actor_id" => actor_id}) do from(activity in query, where: activity.actor == ^actor_id) end @@ -757,12 +744,7 @@ defp maybe_preload_objects(query, _) do end def fetch_activities_query(recipients, opts \\ %{}) do - base_query = - from( - activity in Activity, - limit: 20, - order_by: [fragment("? desc nulls last", activity.id)] - ) + base_query = from(activity in Activity) base_query |> maybe_preload_objects(opts) @@ -772,8 +754,6 @@ def fetch_activities_query(recipients, opts \\ %{}) do |> restrict_tag_all(opts) |> restrict_since(opts) |> restrict_local(opts) - |> restrict_limit(opts) - |> restrict_max(opts) |> restrict_actor(opts) |> restrict_type(opts) |> restrict_favorited_by(opts) @@ -789,14 +769,14 @@ def fetch_activities_query(recipients, opts \\ %{}) do def fetch_activities(recipients, opts \\ %{}) do fetch_activities_query(recipients, opts) - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end def fetch_activities_bounded(recipients_to, recipients_cc, opts \\ %{}) do fetch_activities_query([], opts) |> restrict_to_cc(recipients_to, recipients_cc) - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index eee4e76789..4d0caecf46 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -10,6 +10,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Filter alias Pleroma.Notification alias Pleroma.Object + alias Pleroma.Pagination alias Pleroma.Repo alias Pleroma.Stats alias Pleroma.User @@ -310,7 +311,7 @@ def dm_timeline(%{assigns: %{user: user}} = conn, params) do activities = [user.ap_id] |> ActivityPub.fetch_activities_query(params) - |> Repo.all() + |> Pagination.fetch_paginated(params) conn |> add_link_headers(:dm_timeline, activities) From e83ad12c5730eae7adac597b97707836122b8f7f Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 26 Mar 2019 00:07:33 +0100 Subject: [PATCH 03/13] pagination.ex: Drop atom keys in params Atom keys could also have been transformed to string, or the other way around but this one is more efficient and what we actually expect with the current param_types in Pagination --- lib/pleroma/pagination.ex | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/pleroma/pagination.ex b/lib/pleroma/pagination.ex index 7c864deef8..f435e5c9cb 100644 --- a/lib/pleroma/pagination.ex +++ b/lib/pleroma/pagination.ex @@ -36,6 +36,12 @@ defp cast_params(params) do limit: :integer } + params = + Enum.reduce(params, %{}, fn + {key, _value}, acc when is_atom(key) -> Map.drop(acc, [key]) + {key, value}, acc -> Map.put(acc, key, value) + end) + changeset = cast({%{}, param_types}, params, Map.keys(param_types)) changeset.changes end From 6b407872b402b72dba48bece5fa69ca5af54f2f0 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Mon, 25 Mar 2019 22:19:57 +0100 Subject: [PATCH 04/13] mastodon_api_controller.ex: Use min_id in link header instead of since_id --- .../mastodon_api/mastodon_api_controller.ex | 21 ++++++++++++------- .../mastodon_api_controller_test.exs | 6 +++--- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 4d0caecf46..5cc19e68f4 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -199,15 +199,20 @@ def custom_emojis(conn, _params) do defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do params = conn.params - |> Map.drop(["since_id", "max_id"]) + |> Map.drop(["since_id", "max_id", "min_id"]) |> Map.merge(params) last = List.last(activities) - first = List.first(activities) if last do - min = last.id - max = first.id + max_id = last.id + + limit = + params + |> Map.get("limit", "20") + |> String.to_integer() + + min_id = Enum.at(activities, limit * -1) {next_url, prev_url} = if param do @@ -216,13 +221,13 @@ defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do Pleroma.Web.Endpoint, method, param, - Map.merge(params, %{max_id: min}) + Map.merge(params, %{max_id: max_id}) ), mastodon_api_url( Pleroma.Web.Endpoint, method, param, - Map.merge(params, %{since_id: max}) + Map.merge(params, %{min_id: min_id}) ) } else @@ -230,12 +235,12 @@ defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do mastodon_api_url( Pleroma.Web.Endpoint, method, - Map.merge(params, %{max_id: min}) + Map.merge(params, %{max_id: max_id}) ), mastodon_api_url( Pleroma.Web.Endpoint, method, - Map.merge(params, %{since_id: max}) + Map.merge(params, %{min_id: min_id}) ) } end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index d9bcbf5a9e..f506a847df 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1371,7 +1371,7 @@ test "getting followers, pagination", %{conn: conn} do assert id2 == follower2.id assert [link_header] = get_resp_header(res_conn, "link") - assert link_header =~ ~r/since_id=#{follower2.id}/ + assert link_header =~ ~r/min_id=#{follower2.id}/ assert link_header =~ ~r/max_id=#{follower2.id}/ end @@ -1450,7 +1450,7 @@ test "getting following, pagination", %{conn: conn} do assert id2 == following2.id assert [link_header] = get_resp_header(res_conn, "link") - assert link_header =~ ~r/since_id=#{following2.id}/ + assert link_header =~ ~r/min_id=#{following2.id}/ assert link_header =~ ~r/max_id=#{following2.id}/ end @@ -2261,7 +2261,7 @@ test "preserves parameters in link headers", %{conn: conn} do assert [link_header] = get_resp_header(conn, "link") assert link_header =~ ~r/media_only=true/ - assert link_header =~ ~r/since_id=#{notification2.id}/ + assert link_header =~ ~r/min_id=#{notification2.id}/ assert link_header =~ ~r/max_id=#{notification1.id}/ end end From c8abef373b32313f94fc34b33dc235ca6aabceed Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 28 Mar 2019 17:18:44 +0100 Subject: [PATCH 05/13] mastodon_api_controller.ex: fallback to first for min_id --- .../web/mastodon_api/mastodon_api_controller.ex | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 5cc19e68f4..b2fc68707e 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -212,7 +212,16 @@ defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do |> Map.get("limit", "20") |> String.to_integer() - min_id = Enum.at(activities, limit * -1) + min_id = + if length(activities) <= limit do + activities + |> List.first() + |> Map.get(:id) + else + activities + |> Enum.at(limit * -1) + |> Map.get(:id) + end {next_url, prev_url} = if param do From 10a96825960fc2d5465e9b4992c33941c8bd0c64 Mon Sep 17 00:00:00 2001 From: Horsemans Date: Sun, 31 Mar 2019 16:58:28 +0000 Subject: [PATCH 06/13] ssl_trusted_certificate should point to chain.pem if we're demonstrating LetsEncrypt: https://community.letsencrypt.org/t/howto-ocsp-stapling-for-nginx/13611/5 --- installation/pleroma.nginx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index a24bb0e61f..a0e91f4641 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -31,7 +31,7 @@ server { listen 443 ssl http2; ssl_session_timeout 5m; - ssl_trusted_certificate /etc/letsencrypt/live/example.tld/fullchain.pem; + ssl_trusted_certificate /etc/letsencrypt/live/example.tld/chain.pem; ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem; From 1791ee8ec4149bfe218caf51c5adb255fcc1e426 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:05:05 +0200 Subject: [PATCH 07/13] s/Pleroma.Mailer/Pleroma.Emails.Mailer/ --- Changelog.md | 8 ++++++++ config/config.exs | 2 +- config/dev.exs | 2 +- config/test.exs | 2 +- docs/config.md | 8 ++++---- lib/pleroma/emails/mailer.ex | 2 +- lib/pleroma/user.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- lib/pleroma/web/admin_api/admin_api_controller.ex | 2 +- lib/pleroma/web/twitter_api/twitter_api.ex | 2 +- 10 files changed, 20 insertions(+), 12 deletions(-) create mode 100644 Changelog.md diff --git a/Changelog.md b/Changelog.md new file mode 100644 index 0000000000..1fddf41cdf --- /dev/null +++ b/Changelog.md @@ -0,0 +1,8 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). + +## [unreleased] +### Changed +- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/config/config.exs b/config/config.exs index 3462a37f76..343ecbc272 100644 --- a/config/config.exs +++ b/config/config.exs @@ -413,7 +413,7 @@ config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Sendmail +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, path: "/api/pleroma/app_metrics" diff --git a/config/dev.exs b/config/dev.exs index a7eb4b6444..0432adce71 100644 --- a/config/dev.exs +++ b/config/dev.exs @@ -18,7 +18,7 @@ watchers: [], secure_cookie_flag: false -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Local +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Local # ## SSL Support # diff --git a/config/test.exs b/config/test.exs index 894fa8d3d3..13a031d199 100644 --- a/config/test.exs +++ b/config/test.exs @@ -21,7 +21,7 @@ config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads" -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Test +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Test # Configure your database config :pleroma, Pleroma.Repo, diff --git a/docs/config.md b/docs/config.md index b5ea587463..e286104df4 100644 --- a/docs/config.md +++ b/docs/config.md @@ -31,14 +31,14 @@ This filter replaces the filename (not the path) of an upload. For complete obfu * `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. -## Pleroma.Mailer +## Pleroma.Emails.Mailer * `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. * `api_key` / `password` and / or other adapter-specific settings, per the above documentation. An example for Sendgrid adapter: ```exs -config :pleroma, Pleroma.Mailer, +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendgrid, api_key: "YOUR_API_KEY" ``` @@ -46,7 +46,7 @@ config :pleroma, Pleroma.Mailer, An example for SMTP adapter: ```exs -config :pleroma, Pleroma.Mailer, +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.SMTP, relay: "smtp.gmail.com", username: "YOUR_USERNAME@gmail.com", @@ -317,7 +317,7 @@ Pleroma has the following queues: * `federator_outgoing` - Outgoing federation * `federator_incoming` - Incoming federation -* `mailer` - Email sender, see [`Pleroma.Mailer`](#pleroma-mailer) +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleroma-emails-mailer) * `transmogrifier` - Transmogrifier * `web_push` - Web push notifications * `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivities`](#pleromascheduledactivity) diff --git a/lib/pleroma/emails/mailer.ex b/lib/pleroma/emails/mailer.ex index b384e6feca..53f5a661c4 100644 --- a/lib/pleroma/emails/mailer.ex +++ b/lib/pleroma/emails/mailer.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.Mailer do +defmodule Pleroma.Emails.Mailer do use Swoosh.Mailer, otp_app: :pleroma def deliver_async(email, config \\ []) do diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index ed23b8ef03..8cf69c591c 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -280,7 +280,7 @@ def try_send_confirmation_email(%User{} = user) do Pleroma.Config.get([:instance, :account_activation_required]) do user |> Pleroma.UserEmail.account_confirmation_email() - |> Pleroma.Mailer.deliver_async() + |> Pleroma.Emails.Mailer.deliver_async() else {:ok, :noop} end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index f217e7bac3..749c38e913 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -450,7 +450,7 @@ def flag( Enum.each(User.all_superusers(), fn superuser -> superuser |> Pleroma.AdminEmail.report(actor, account, statuses, content) - |> Pleroma.Mailer.deliver_async() + |> Pleroma.Emails.Mailer.deliver_async() end) {:ok, activity} diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index 78bf318936..3679b502bd 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -238,7 +238,7 @@ def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(), email <- Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]), - {:ok, _} <- Pleroma.Mailer.deliver(email) do + {:ok, _} <- Pleroma.Emails.Mailer.deliver(email) do json_response(conn, :no_content, "") end end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 9b081a3167..bf216a18f6 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -4,7 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.Activity - alias Pleroma.Mailer + alias Pleroma.Emails.Mailer alias Pleroma.Repo alias Pleroma.User alias Pleroma.UserEmail From cae02317317cab55c11a981a96889bccca4ec978 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:13:46 +0200 Subject: [PATCH 08/13] s/Pleroma.AdminEmail/Pleroma.Emails.AdminEmail/ --- lib/pleroma/emails/admin_email.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/emails/admin_email.ex b/lib/pleroma/emails/admin_email.ex index afefccec5e..d6ecce489a 100644 --- a/lib/pleroma/emails/admin_email.ex +++ b/lib/pleroma/emails/admin_email.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.AdminEmail do +defmodule Pleroma.Emails.AdminEmail do @moduledoc "Admin emails" import Swoosh.Email diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 749c38e913..6110b0465b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -449,7 +449,7 @@ def flag( :ok <- maybe_federate(activity) do Enum.each(User.all_superusers(), fn superuser -> superuser - |> Pleroma.AdminEmail.report(actor, account, statuses, content) + |> Pleroma.Emails.AdminEmail.report(actor, account, statuses, content) |> Pleroma.Emails.Mailer.deliver_async() end) From 9c1b36856b97a7f86e60ad23ef374449c1910c7a Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:14:37 +0200 Subject: [PATCH 09/13] s/Pleroma.UserEmail/Pleroma.Emails.UserEmail/ --- lib/pleroma/emails/user_email.ex | 2 +- lib/pleroma/user.ex | 2 +- lib/pleroma/web/admin_api/admin_api_controller.ex | 7 ++++++- lib/pleroma/web/twitter_api/twitter_api.ex | 2 +- test/web/admin_api/admin_api_controller_test.exs | 2 +- test/web/twitter_api/twitter_api_controller_test.exs | 6 ++++-- test/web/twitter_api/twitter_api_test.exs | 4 +++- 7 files changed, 17 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index a3a09e96cc..f475ebb9ff 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.UserEmail do +defmodule Pleroma.Emails.UserEmail do @moduledoc "User emails" import Swoosh.Email diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 8cf69c591c..0d25cf74c0 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -279,7 +279,7 @@ def try_send_confirmation_email(%User{} = user) do if user.info.confirmation_pending && Pleroma.Config.get([:instance, :account_activation_required]) do user - |> Pleroma.UserEmail.account_confirmation_email() + |> Pleroma.Emails.UserEmail.account_confirmation_email() |> Pleroma.Emails.Mailer.deliver_async() else {:ok, :noop} diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index 3679b502bd..3366e7275c 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -237,7 +237,12 @@ def email_invite(%{assigns: %{user: user}} = conn, %{"email" => email} = params) !Pleroma.Config.get([:instance, :registrations_open]), {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(), email <- - Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]), + Pleroma.Emails.UserEmail.user_invitation_email( + user, + invite_token, + email, + params["name"] + ), {:ok, _} <- Pleroma.Emails.Mailer.deliver(email) do json_response(conn, :no_content, "") end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index bf216a18f6..a69bd0a54f 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -5,9 +5,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.Activity alias Pleroma.Emails.Mailer + alias Pleroma.Emails.UserEmail alias Pleroma.Repo alias Pleroma.User - alias Pleroma.UserEmail alias Pleroma.UserInviteToken alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.CommonAPI diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index ca6bd0e976..2a8791b835 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -317,7 +317,7 @@ test "sends invitation and returns 204", %{conn: conn, user: user} do refute token_record.used Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.user_invitation_email( + Pleroma.Emails.UserEmail.user_invitation_email( user, token_record, recipient_email, diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 72b7ea85eb..b3e01e9432 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1064,7 +1064,7 @@ test "it sends an email to user", %{user: user} do token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.password_reset_email(user, token_record.token) + Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token) ) end end @@ -1163,7 +1163,9 @@ test "it sends confirmation email", %{conn: conn, user: user} do |> assign(:user, user) |> post("/api/account/resend_confirmation_email?email=#{user.email}") - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + Swoosh.TestAssertions.assert_email_sent( + Pleroma.Emails.UserEmail.account_confirmation_email(user) + ) end end diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 6c00244deb..fcb3fd8bd9 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -321,7 +321,9 @@ test "it sends confirmation email if :account_activation_required is specified i assert user.info.confirmation_pending - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + Swoosh.TestAssertions.assert_email_sent( + Pleroma.Emails.UserEmail.account_confirmation_email(user) + ) end test "it registers a new user and parses mentions in the bio" do From f9af90c5aa42169b929f4ac6b352730b4d3416c7 Mon Sep 17 00:00:00 2001 From: Egor Date: Fri, 12 Apr 2019 19:25:53 +0000 Subject: [PATCH 10/13] Revert "simplify mentions escape" This reverts commit f3e06a1030636f24f7129dd93bb9780e67fb7de1. --- lib/pleroma/formatter.ex | 42 ++++++++++++++++++++++------- lib/pleroma/web/common_api/utils.ex | 5 ++-- mix.exs | 2 +- mix.lock | 2 +- 4 files changed, 37 insertions(+), 14 deletions(-) diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index 8ea9dbd38f..dab8910c19 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -9,20 +9,31 @@ defmodule Pleroma.Formatter do alias Pleroma.Web.MediaProxy @safe_mention_regex ~r/^(\s*(?@.+?\s+)+)(?.*)/ + @link_regex ~r"((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+"ui @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/ - @link_regex ~r{((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+}ui - # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength @auto_linker_config hashtag: true, hashtag_handler: &Pleroma.Formatter.hashtag_handler/4, mention: true, mention_handler: &Pleroma.Formatter.mention_handler/4 + def escape_mention_handler("@" <> nickname = mention, buffer, _, _) do + case User.get_cached_by_nickname(nickname) do + %User{} -> + # escape markdown characters with `\\` + # (we don't want something like @user__name to be parsed by markdown) + String.replace(mention, @markdown_characters_regex, "\\\\\\1") + + _ -> + buffer + end + end + def mention_handler("@" <> nickname, buffer, opts, acc) do case User.get_cached_by_nickname(nickname) do %User{id: id} = user -> ap_id = get_ap_id(user) - nickname_text = get_nickname_text(nickname, opts) |> maybe_escape(opts) + nickname_text = get_nickname_text(nickname, opts) link = "@#{ @@ -70,6 +81,25 @@ def linkify(text, options \\ []) do end end + @doc """ + Escapes a special characters in mention names. + """ + def mentions_escape(text, options \\ []) do + options = + Keyword.merge(options, + mention: true, + url: false, + mention_handler: &Pleroma.Formatter.escape_mention_handler/4 + ) + + if options[:safe_mention] && Regex.named_captures(@safe_mention_regex, text) do + %{"mentions" => mentions, "rest" => rest} = Regex.named_captures(@safe_mention_regex, text) + AutoLinker.link(mentions, options) <> AutoLinker.link(rest, options) + else + AutoLinker.link(text, options) + end + end + def emojify(text) do emojify(text, Emoji.get_all()) end @@ -140,10 +170,4 @@ defp get_ap_id(%User{ap_id: ap_id}), do: ap_id defp get_nickname_text(nickname, %{mentions_format: :full}), do: User.full_nickname(nickname) defp get_nickname_text(nickname, _), do: User.local_nickname(nickname) - - defp maybe_escape(str, %{mentions_escape: true}) do - String.replace(str, @markdown_characters_regex, "\\\\\\1") - end - - defp maybe_escape(str, _), do: str end diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 7b9f0ea06d..58a561a40f 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -195,11 +195,10 @@ def format_input(text, "text/html", options) do Formatting text to markdown. """ def format_input(text, "text/markdown", options) do - options = Keyword.put(options, :mentions_escape, true) - text + |> Formatter.mentions_escape(options) + |> Earmark.as_html!() |> Formatter.linkify(options) - |> (fn {text, mentions, tags} -> {Earmark.as_html!(text), mentions, tags} end).() |> Formatter.html_escape("text/html") end diff --git a/mix.exs b/mix.exs index 26a03b70bf..e0c870fa79 100644 --- a/mix.exs +++ b/mix.exs @@ -101,7 +101,7 @@ defp deps do {:ueberauth, "~> 0.4"}, {:auto_linker, git: "https://git.pleroma.social/pleroma/auto_linker.git", - ref: "479dd343f4e563ff91215c8275f3b5c67e032850"}, + ref: "90613b4bae875a3610c275b7056b61ffdd53210d"}, {:pleroma_job_queue, "~> 0.2.0"}, {:telemetry, "~> 0.3"}, {:prometheus_ex, "~> 3.0"}, diff --git a/mix.lock b/mix.lock index bb40ebd482..e13fdcbd45 100644 --- a/mix.lock +++ b/mix.lock @@ -1,6 +1,6 @@ %{ "accept": {:hex, :accept, "0.3.5", "b33b127abca7cc948bbe6caa4c263369abf1347cfa9d8e699c6d214660f10cd1", [:rebar3], [], "hexpm"}, - "auto_linker": {:git, "https://git.pleroma.social/pleroma/auto_linker.git", "479dd343f4e563ff91215c8275f3b5c67e032850", [ref: "479dd343f4e563ff91215c8275f3b5c67e032850"]}, + "auto_linker": {:git, "https://git.pleroma.social/pleroma/auto_linker.git", "90613b4bae875a3610c275b7056b61ffdd53210d", [ref: "90613b4bae875a3610c275b7056b61ffdd53210d"]}, "base64url": {:hex, :base64url, "0.0.1", "36a90125f5948e3afd7be97662a1504b934dd5dac78451ca6e9abf85a10286be", [:rebar], [], "hexpm"}, "bunt": {:hex, :bunt, "0.2.0", "951c6e801e8b1d2cbe58ebbd3e616a869061ddadcc4863d0a2182541acae9a38", [:mix], [], "hexpm"}, "cachex": {:hex, :cachex, "3.0.2", "1351caa4e26e29f7d7ec1d29b53d6013f0447630bbf382b4fb5d5bad0209f203", [:mix], [{:eternal, "~> 1.2", [hex: :eternal, repo: "hexpm", optional: false]}, {:unsafe, "~> 1.0", [hex: :unsafe, repo: "hexpm", optional: false]}], "hexpm"}, From 3a805cc35cff0c46f6b9dd45169d888936cc5c53 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 13 Apr 2019 00:31:18 +0300 Subject: [PATCH 11/13] Add a changelog --- CHANGELOG.md | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++ Changelog.md | 8 ----- mix.exs | 2 +- 3 files changed, 92 insertions(+), 9 deletions(-) create mode 100644 CHANGELOG.md delete mode 100644 Changelog.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000000..1fbbf5c2e8 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,91 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). + +## [unreleased] +### Added +- LDAP authentication +- External OAuth provider authentication +- A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc. +- [Prometheus](https://prometheus.io/) metrics +- Support for Mastodon's remote interaction +- Federation: Support for reports +- Configuration: `safe_dm_mentions` option +- Configuration: `link_name` option +- Configuration: `fetch_initial_posts` option +- Pleroma API: User subscribtions +- Admin API: Endpoints for listing/revoking invite tokens +- Admin API: Endpoints for making users follow/unfollow each other +- Mastodon API: [Scheduled statuses](https://docs.joinmastodon.org/api/rest/scheduled-statuses/) +- Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) +- Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) +- ActivityPub C2S: OAuth endpoints + +### Changed +- Enforcement of OAuth scopes +- Add multiple use/time expiring invite token +- Restyled OAuth pages to fit with Pleroma's default theme +- Link/mention/hashtag detection is now handled by [auto_linker](https://git.pleroma.social/pleroma/auto_linker) +- NodeInfo: Return `safe_dm_mentions` feature flag +- Federation: Expand the audience of delete activities to all recipients of the deleted object +- Configuration: Dedupe enabled by default +- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer +- Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change +- Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` +- Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` +- Mastodon API: Provide plaintext versions of cw/content in the Status entity +- Mastodon API: Add `pleroma.conversation_id` field to the Status entity +- Mastodon API: Add `pleroma.tags`, `pleroma.relationship{}`, `pleroma.is_moderator`, `pleroma.is_admin`, `pleroma.confirmation_pending` fields to the User entity +- Mastodon API: Add `pleroma.is_seen` to the Notification entity +- Mastodon API: Add `pleroma.local` to the Status entity +- Mastodon API: Add `preview` parameter to `POST /api/v1/statuses` +- Mastodon API: Add `with_muted` parameter to timeline endpoints +- Mastodon API: Actual reblog hiding instead of a dummy +- Mastodon API: Remove attachment limit in the Status entity +- Deps: Updated Cowboy to 2.6 +- Deps: Updated Ecto to 3.0.7 + +### Fixed +- Followers counter not being updated when a follower is blocked +- Deactivated users being able to request an access token +- Limit on request body in rich media/relme parsers being ignored resulting in a possible memory leak +- proper Twitter Card generation instead of a dummy +- NodeInfo: Include admins in `staffAccounts` +- ActivityPub: Crashing when requesting empty local user's outbox +- Federation: Handling of objects without `summary` property +- Federation: Add a language tag to activities as required by ActivityStreams 2.0 +- Federation: Do not federate avatar/banner if set to default allowing other servers/clients to use their defaults +- Federation: Cope with missing or explicitly nulled address lists +- Federation: Explicitly ensure activities addressed to `as:Public` become addressed to the followers collection +- Federation: Better cope with actors which do not declare a followers collection and use `as:Public` with these semantics +- MediaProxy: Parse name from content disposition headers even for non-whitelisted types +- MediaProxy: S3 link encoding +- Rich Media: Reject any data which cannot be explicitly encoded into JSON +- Mastodon API: `/api/v1/favourites` serving only public activities +- Mastodon API: Reblogs having `in_reply_to_id` - `null` even when they are replies +- Mastodon API: Streaming API broadcasting wrong activity id +- Mastodon API: 500 errors when requesting a card for a private conversation + +## [0.9.9999] - 2019-04-05 +### Security +- Various fixes + +## [0.9.999] - 2019-03-13 +Frontend changes only. +### Added +- Added floating action button for posting status on mobile +### Changed +- Changed user-settings icon to a pencil +### Fixed +- Keyboard shortcuts activating when typing a message +- Gaps when scrolling down on a timeline after showing new + +## [0.9.99] - 2019-03-08 +### Changed +- Update the frontend to the 0.9.99 tag +### Fixed +- Sign the date header in federation to fix Mastodon federation. + +## [0.9.9] - 2019-02-22 +This is our first stable release. diff --git a/Changelog.md b/Changelog.md deleted file mode 100644 index 1fddf41cdf..0000000000 --- a/Changelog.md +++ /dev/null @@ -1,8 +0,0 @@ -# Changelog -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - -## [unreleased] -### Changed -- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/mix.exs b/mix.exs index 26a03b70bf..2a14781f76 100644 --- a/mix.exs +++ b/mix.exs @@ -22,7 +22,7 @@ def project do homepage_url: "https://pleroma.social/", docs: [ logo: "priv/static/static/logo.png", - extras: ["README.md" | Path.wildcard("docs/**/*.md")], + extras: ["README.md", "CHANGELOG.md"] ++ Path.wildcard("docs/**/*.md"), groups_for_extras: [ "Installation manuals": Path.wildcard("docs/installation/*.md"), Configuration: Path.wildcard("docs/config/*.md"), From 3018d81d870f64b2d0bc988d49b9eb4f9ff7c228 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 13 Apr 2019 21:17:10 +0300 Subject: [PATCH 12/13] Put an actual description of the vulnerability and add **Breaking:** to breaking changes --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1fbbf5c2e8..cf751a496f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - ActivityPub C2S: OAuth endpoints ### Changed +- **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer - Enforcement of OAuth scopes - Add multiple use/time expiring invite token - Restyled OAuth pages to fit with Pleroma's default theme @@ -30,7 +31,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - NodeInfo: Return `safe_dm_mentions` feature flag - Federation: Expand the audience of delete activities to all recipients of the deleted object - Configuration: Dedupe enabled by default -- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer - Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change - Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` - Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` @@ -69,7 +69,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [0.9.9999] - 2019-04-05 ### Security -- Various fixes +- Mastodon API: Fix content warnings skipping HTML sanitization ## [0.9.999] - 2019-03-13 Frontend changes only. From 48982169dc97fce429019fe2b4d390eeec71cba3 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 13 Apr 2019 22:41:54 +0200 Subject: [PATCH 13/13] docs/installation/arch_linux_en.md: Remove useless ODBC See [1] for confirmation. 1: https://git.pleroma.social/pleroma/pleroma/merge_requests/1050#note_24402 --- docs/installation/arch_linux_en.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/installation/arch_linux_en.md b/docs/installation/arch_linux_en.md index 4b3bbbbb03..2b040cfbc0 100644 --- a/docs/installation/arch_linux_en.md +++ b/docs/installation/arch_linux_en.md @@ -7,7 +7,6 @@ This guide will assume that you have administrative rights, either as root or a * `postgresql` * `elixir` -* `erlang-unixodbc` * `git` * `base-devel` @@ -27,7 +26,7 @@ sudo pacman -Syu * Install some of the above mentioned programs: ```shell -sudo pacman -S git base-devel elixir erlang-unixodbc +sudo pacman -S git base-devel elixir ``` ### Install PostgreSQL