Merge remote-tracking branch 'pleroma/develop' into merge-upstream

This commit is contained in:
Alex Gleason 2022-02-06 12:31:53 -06:00
commit 502b63d8ea
No known key found for this signature in database
GPG key ID: 7211D1F99744FBB7
6 changed files with 58 additions and 2 deletions

View file

@ -259,7 +259,8 @@
privileged_staff: false,
max_endorsed_users: 20,
birthday_required: false,
birthday_min_age: 0
birthday_min_age: 0,
max_media_attachments: 1_000
config :pleroma, :welcome,
direct_message: [

View file

@ -552,6 +552,14 @@
100_000
]
},
%{
key: :max_media_attachments,
type: :integer,
description: "Maximum number of post media attachments",
suggestions: [
1_000_000
]
},
%{
key: :upload_limit,
type: :integer,

View file

@ -117,7 +117,12 @@ defp full_payload(%{status: status, summary: summary} = draft) do
defp attachments(%{params: params} = draft) do
attachments = Utils.attachments_from_ids(params)
%__MODULE__{draft | attachments: attachments}
draft = %__MODULE__{draft | attachments: attachments}
case Utils.validate_attachments_count(attachments) do
:ok -> draft
{:error, message} -> add_error(draft, message)
end
end
defp in_reply_to(%{params: %{in_reply_to_status_id: ""}} = draft), do: draft

View file

@ -492,4 +492,19 @@ def validate_character_limit(full_payload, _attachments) do
{:error, dgettext("errors", "The status is over the character limit")}
end
end
def validate_attachments_count([] = _attachments) do
:ok
end
def validate_attachments_count(attachments) do
limit = Config.get([:instance, :max_media_attachments])
count = length(attachments)
if count <= limit do
:ok
else
{:error, dgettext("errors", "Too many attachments")}
end
end
end

View file

@ -31,6 +31,7 @@ def render("show.json", _) do
approval_required: Keyword.get(instance, :account_approval_required),
# Extra (not present in Mastodon):
max_toot_chars: Keyword.get(instance, :limit),
max_media_attachments: Keyword.get(instance, :max_media_attachments),
poll_limits: Keyword.get(instance, :poll_limits),
upload_limit: Keyword.get(instance, :upload_limit),
avatar_upload_limit: Keyword.get(instance, :avatar_upload_limit),

View file

@ -683,6 +683,32 @@ test "it validates character limits are correctly enforced" do
assert {:ok, _activity} = CommonAPI.post(user, %{status: "12345"})
end
test "it validates media attachment limits are correctly enforced" do
clear_config([:instance, :max_media_attachments], 4)
user = insert(:user)
file = %Plug.Upload{
content_type: "image/jpeg",
path: Path.absname("test/fixtures/image.jpg"),
filename: "an_image.jpg"
}
{:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
assert {:error, "Too many attachments"} =
CommonAPI.post(user, %{
status: "",
media_ids: List.duplicate(upload.id, 5)
})
assert {:ok, _activity} =
CommonAPI.post(user, %{
status: "",
media_ids: [upload.id]
})
end
test "it can handle activities that expire" do
user = insert(:user)