From 3ca6c4f44394fc59171dc17e654163dd69140d15 Mon Sep 17 00:00:00 2001 From: Alex S Date: Wed, 27 Mar 2019 22:37:20 +0630 Subject: [PATCH 01/13] password reset page labels align --- lib/pleroma/web/templates/layout/app.html.eex | 11 +++++++++++ .../twitter_api/util/password_reset.html.eex | 19 ++++++++++--------- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/lib/pleroma/web/templates/layout/app.html.eex b/lib/pleroma/web/templates/layout/app.html.eex index 8333bc921..3389c91cc 100644 --- a/lib/pleroma/web/templates/layout/app.html.eex +++ b/lib/pleroma/web/templates/layout/app.html.eex @@ -179,6 +179,17 @@ flex-basis: 50%; } } + .form-row { + display: flex; + } + .form-row > label { + text-align: left; + line-height: 47px; + flex: 1; + } + .form-row > input { + flex: 2; + } diff --git a/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex b/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex index 3c7960998..a3facf017 100644 --- a/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex +++ b/lib/pleroma/web/templates/twitter_api/util/password_reset.html.eex @@ -1,12 +1,13 @@

Password Reset for <%= @user.nickname %>

<%= form_for @conn, util_path(@conn, :password_reset), [as: "data"], fn f -> %> -<%= label f, :password, "Password" %> -<%= password_input f, :password %> -
- -<%= label f, :password_confirmation, "Confirmation" %> -<%= password_input f, :password_confirmation %> -
-<%= hidden_input f, :token, value: @token.token %> -<%= submit "Reset" %> +
+ <%= label f, :password, "Password" %> + <%= password_input f, :password %> +
+
+ <%= label f, :password_confirmation, "Confirmation" %> + <%= password_input f, :password_confirmation %> +
+ <%= hidden_input f, :token, value: @token.token %> + <%= submit "Reset" %> <% end %> From 6f152240538e1b300446f3bad50977cca7203f70 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Mon, 25 Mar 2019 23:13:58 +0100 Subject: [PATCH 02/13] activity_pub.ex: Move limit/max_id restrictions to Pagination helpers --- lib/pleroma/web/activity_pub/activity_pub.ex | 30 ++++--------------- .../mastodon_api/mastodon_api_controller.ex | 3 +- 2 files changed, 7 insertions(+), 26 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 6e1ed7ec9..531158338 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.Instances alias Pleroma.Notification alias Pleroma.Object + alias Pleroma.Pagination alias Pleroma.Repo alias Pleroma.Upload alias Pleroma.User @@ -474,7 +475,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do q |> restrict_unlisted() - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end @@ -617,26 +618,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do ) end - defp restrict_limit(query, %{"limit" => limit}) do - from(activity in query, limit: ^limit) - end - - defp restrict_limit(query, _), do: query - defp restrict_local(query, %{"local_only" => true}) do from(activity in query, where: activity.local == true) end defp restrict_local(query, _), do: query - defp restrict_max(query, %{"max_id" => ""}), do: query - - defp restrict_max(query, %{"max_id" => max_id}) do - from(activity in query, where: activity.id < ^max_id) - end - - defp restrict_max(query, _), do: query - defp restrict_actor(query, %{"actor_id" => actor_id}) do from(activity in query, where: activity.actor == ^actor_id) end @@ -757,12 +744,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end def fetch_activities_query(recipients, opts \\ %{}) do - base_query = - from( - activity in Activity, - limit: 20, - order_by: [fragment("? desc nulls last", activity.id)] - ) + base_query = from(activity in Activity) base_query |> maybe_preload_objects(opts) @@ -772,8 +754,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_tag_all(opts) |> restrict_since(opts) |> restrict_local(opts) - |> restrict_limit(opts) - |> restrict_max(opts) |> restrict_actor(opts) |> restrict_type(opts) |> restrict_favorited_by(opts) @@ -789,14 +769,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do def fetch_activities(recipients, opts \\ %{}) do fetch_activities_query(recipients, opts) - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end def fetch_activities_bounded(recipients_to, recipients_cc, opts \\ %{}) do fetch_activities_query([], opts) |> restrict_to_cc(recipients_to, recipients_cc) - |> Repo.all() + |> Pagination.fetch_paginated(opts) |> Enum.reverse() end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index eee4e7678..4d0caecf4 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -10,6 +10,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Filter alias Pleroma.Notification alias Pleroma.Object + alias Pleroma.Pagination alias Pleroma.Repo alias Pleroma.Stats alias Pleroma.User @@ -310,7 +311,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do activities = [user.ap_id] |> ActivityPub.fetch_activities_query(params) - |> Repo.all() + |> Pagination.fetch_paginated(params) conn |> add_link_headers(:dm_timeline, activities) From e83ad12c5730eae7adac597b97707836122b8f7f Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 26 Mar 2019 00:07:33 +0100 Subject: [PATCH 03/13] pagination.ex: Drop atom keys in params Atom keys could also have been transformed to string, or the other way around but this one is more efficient and what we actually expect with the current param_types in Pagination --- lib/pleroma/pagination.ex | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/pleroma/pagination.ex b/lib/pleroma/pagination.ex index 7c864deef..f435e5c9c 100644 --- a/lib/pleroma/pagination.ex +++ b/lib/pleroma/pagination.ex @@ -36,6 +36,12 @@ defmodule Pleroma.Pagination do limit: :integer } + params = + Enum.reduce(params, %{}, fn + {key, _value}, acc when is_atom(key) -> Map.drop(acc, [key]) + {key, value}, acc -> Map.put(acc, key, value) + end) + changeset = cast({%{}, param_types}, params, Map.keys(param_types)) changeset.changes end From 6b407872b402b72dba48bece5fa69ca5af54f2f0 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Mon, 25 Mar 2019 22:19:57 +0100 Subject: [PATCH 04/13] mastodon_api_controller.ex: Use min_id in link header instead of since_id --- .../mastodon_api/mastodon_api_controller.ex | 21 ++++++++++++------- .../mastodon_api_controller_test.exs | 6 +++--- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 4d0caecf4..5cc19e68f 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -199,15 +199,20 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do params = conn.params - |> Map.drop(["since_id", "max_id"]) + |> Map.drop(["since_id", "max_id", "min_id"]) |> Map.merge(params) last = List.last(activities) - first = List.first(activities) if last do - min = last.id - max = first.id + max_id = last.id + + limit = + params + |> Map.get("limit", "20") + |> String.to_integer() + + min_id = Enum.at(activities, limit * -1) {next_url, prev_url} = if param do @@ -216,13 +221,13 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do Pleroma.Web.Endpoint, method, param, - Map.merge(params, %{max_id: min}) + Map.merge(params, %{max_id: max_id}) ), mastodon_api_url( Pleroma.Web.Endpoint, method, param, - Map.merge(params, %{since_id: max}) + Map.merge(params, %{min_id: min_id}) ) } else @@ -230,12 +235,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do mastodon_api_url( Pleroma.Web.Endpoint, method, - Map.merge(params, %{max_id: min}) + Map.merge(params, %{max_id: max_id}) ), mastodon_api_url( Pleroma.Web.Endpoint, method, - Map.merge(params, %{since_id: max}) + Map.merge(params, %{min_id: min_id}) ) } end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index d9bcbf5a9..f506a847d 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1371,7 +1371,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert id2 == follower2.id assert [link_header] = get_resp_header(res_conn, "link") - assert link_header =~ ~r/since_id=#{follower2.id}/ + assert link_header =~ ~r/min_id=#{follower2.id}/ assert link_header =~ ~r/max_id=#{follower2.id}/ end @@ -1450,7 +1450,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert id2 == following2.id assert [link_header] = get_resp_header(res_conn, "link") - assert link_header =~ ~r/since_id=#{following2.id}/ + assert link_header =~ ~r/min_id=#{following2.id}/ assert link_header =~ ~r/max_id=#{following2.id}/ end @@ -2261,7 +2261,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert [link_header] = get_resp_header(conn, "link") assert link_header =~ ~r/media_only=true/ - assert link_header =~ ~r/since_id=#{notification2.id}/ + assert link_header =~ ~r/min_id=#{notification2.id}/ assert link_header =~ ~r/max_id=#{notification1.id}/ end end From c8abef373b32313f94fc34b33dc235ca6aabceed Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 28 Mar 2019 17:18:44 +0100 Subject: [PATCH 05/13] mastodon_api_controller.ex: fallback to first for min_id --- .../web/mastodon_api/mastodon_api_controller.ex | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 5cc19e68f..b2fc68707 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -212,7 +212,16 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do |> Map.get("limit", "20") |> String.to_integer() - min_id = Enum.at(activities, limit * -1) + min_id = + if length(activities) <= limit do + activities + |> List.first() + |> Map.get(:id) + else + activities + |> Enum.at(limit * -1) + |> Map.get(:id) + end {next_url, prev_url} = if param do From 10a96825960fc2d5465e9b4992c33941c8bd0c64 Mon Sep 17 00:00:00 2001 From: Horsemans Date: Sun, 31 Mar 2019 16:58:28 +0000 Subject: [PATCH 06/13] ssl_trusted_certificate should point to chain.pem if we're demonstrating LetsEncrypt: https://community.letsencrypt.org/t/howto-ocsp-stapling-for-nginx/13611/5 --- installation/pleroma.nginx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index a24bb0e61..a0e91f464 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -31,7 +31,7 @@ server { listen 443 ssl http2; ssl_session_timeout 5m; - ssl_trusted_certificate /etc/letsencrypt/live/example.tld/fullchain.pem; + ssl_trusted_certificate /etc/letsencrypt/live/example.tld/chain.pem; ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem; From 1791ee8ec4149bfe218caf51c5adb255fcc1e426 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:05:05 +0200 Subject: [PATCH 07/13] s/Pleroma.Mailer/Pleroma.Emails.Mailer/ --- Changelog.md | 8 ++++++++ config/config.exs | 2 +- config/dev.exs | 2 +- config/test.exs | 2 +- docs/config.md | 8 ++++---- lib/pleroma/emails/mailer.ex | 2 +- lib/pleroma/user.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- lib/pleroma/web/admin_api/admin_api_controller.ex | 2 +- lib/pleroma/web/twitter_api/twitter_api.ex | 2 +- 10 files changed, 20 insertions(+), 12 deletions(-) create mode 100644 Changelog.md diff --git a/Changelog.md b/Changelog.md new file mode 100644 index 000000000..1fddf41cd --- /dev/null +++ b/Changelog.md @@ -0,0 +1,8 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). + +## [unreleased] +### Changed +- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/config/config.exs b/config/config.exs index 3462a37f7..343ecbc27 100644 --- a/config/config.exs +++ b/config/config.exs @@ -413,7 +413,7 @@ config :ueberauth, config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Sendmail +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, path: "/api/pleroma/app_metrics" diff --git a/config/dev.exs b/config/dev.exs index a7eb4b644..0432adce7 100644 --- a/config/dev.exs +++ b/config/dev.exs @@ -18,7 +18,7 @@ config :pleroma, Pleroma.Web.Endpoint, watchers: [], secure_cookie_flag: false -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Local +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Local # ## SSL Support # diff --git a/config/test.exs b/config/test.exs index 894fa8d3d..13a031d19 100644 --- a/config/test.exs +++ b/config/test.exs @@ -21,7 +21,7 @@ config :pleroma, Pleroma.Upload, filters: [], link_name: false config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads" -config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Test +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Test # Configure your database config :pleroma, Pleroma.Repo, diff --git a/docs/config.md b/docs/config.md index b5ea58746..e286104df 100644 --- a/docs/config.md +++ b/docs/config.md @@ -31,14 +31,14 @@ This filter replaces the filename (not the path) of an upload. For complete obfu * `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used. -## Pleroma.Mailer +## Pleroma.Emails.Mailer * `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox. * `api_key` / `password` and / or other adapter-specific settings, per the above documentation. An example for Sendgrid adapter: ```exs -config :pleroma, Pleroma.Mailer, +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendgrid, api_key: "YOUR_API_KEY" ``` @@ -46,7 +46,7 @@ config :pleroma, Pleroma.Mailer, An example for SMTP adapter: ```exs -config :pleroma, Pleroma.Mailer, +config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.SMTP, relay: "smtp.gmail.com", username: "YOUR_USERNAME@gmail.com", @@ -317,7 +317,7 @@ Pleroma has the following queues: * `federator_outgoing` - Outgoing federation * `federator_incoming` - Incoming federation -* `mailer` - Email sender, see [`Pleroma.Mailer`](#pleroma-mailer) +* `mailer` - Email sender, see [`Pleroma.Emails.Mailer`](#pleroma-emails-mailer) * `transmogrifier` - Transmogrifier * `web_push` - Web push notifications * `scheduled_activities` - Scheduled activities, see [`Pleroma.ScheduledActivities`](#pleromascheduledactivity) diff --git a/lib/pleroma/emails/mailer.ex b/lib/pleroma/emails/mailer.ex index b384e6fec..53f5a661c 100644 --- a/lib/pleroma/emails/mailer.ex +++ b/lib/pleroma/emails/mailer.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.Mailer do +defmodule Pleroma.Emails.Mailer do use Swoosh.Mailer, otp_app: :pleroma def deliver_async(email, config \\ []) do diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index ed23b8ef0..8cf69c591 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -280,7 +280,7 @@ defmodule Pleroma.User do Pleroma.Config.get([:instance, :account_activation_required]) do user |> Pleroma.UserEmail.account_confirmation_email() - |> Pleroma.Mailer.deliver_async() + |> Pleroma.Emails.Mailer.deliver_async() else {:ok, :noop} end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index f217e7bac..749c38e91 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -450,7 +450,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do Enum.each(User.all_superusers(), fn superuser -> superuser |> Pleroma.AdminEmail.report(actor, account, statuses, content) - |> Pleroma.Mailer.deliver_async() + |> Pleroma.Emails.Mailer.deliver_async() end) {:ok, activity} diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index 78bf31893..3679b502b 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -238,7 +238,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(), email <- Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]), - {:ok, _} <- Pleroma.Mailer.deliver(email) do + {:ok, _} <- Pleroma.Emails.Mailer.deliver(email) do json_response(conn, :no_content, "") end end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 9b081a316..bf216a18f 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -4,7 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.Activity - alias Pleroma.Mailer + alias Pleroma.Emails.Mailer alias Pleroma.Repo alias Pleroma.User alias Pleroma.UserEmail From cae02317317cab55c11a981a96889bccca4ec978 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:13:46 +0200 Subject: [PATCH 08/13] s/Pleroma.AdminEmail/Pleroma.Emails.AdminEmail/ --- lib/pleroma/emails/admin_email.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/emails/admin_email.ex b/lib/pleroma/emails/admin_email.ex index afefccec5..d6ecce489 100644 --- a/lib/pleroma/emails/admin_email.ex +++ b/lib/pleroma/emails/admin_email.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.AdminEmail do +defmodule Pleroma.Emails.AdminEmail do @moduledoc "Admin emails" import Swoosh.Email diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 749c38e91..6110b0465 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -449,7 +449,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do :ok <- maybe_federate(activity) do Enum.each(User.all_superusers(), fn superuser -> superuser - |> Pleroma.AdminEmail.report(actor, account, statuses, content) + |> Pleroma.Emails.AdminEmail.report(actor, account, statuses, content) |> Pleroma.Emails.Mailer.deliver_async() end) From 9c1b36856b97a7f86e60ad23ef374449c1910c7a Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 10 Apr 2019 06:14:37 +0200 Subject: [PATCH 09/13] s/Pleroma.UserEmail/Pleroma.Emails.UserEmail/ --- lib/pleroma/emails/user_email.ex | 2 +- lib/pleroma/user.ex | 2 +- lib/pleroma/web/admin_api/admin_api_controller.ex | 7 ++++++- lib/pleroma/web/twitter_api/twitter_api.ex | 2 +- test/web/admin_api/admin_api_controller_test.exs | 2 +- test/web/twitter_api/twitter_api_controller_test.exs | 6 ++++-- test/web/twitter_api/twitter_api_test.exs | 4 +++- 7 files changed, 17 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index a3a09e96c..f475ebb9f 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -2,7 +2,7 @@ # Copyright © 2017-2019 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only -defmodule Pleroma.UserEmail do +defmodule Pleroma.Emails.UserEmail do @moduledoc "User emails" import Swoosh.Email diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 8cf69c591..0d25cf74c 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -279,7 +279,7 @@ defmodule Pleroma.User do if user.info.confirmation_pending && Pleroma.Config.get([:instance, :account_activation_required]) do user - |> Pleroma.UserEmail.account_confirmation_email() + |> Pleroma.Emails.UserEmail.account_confirmation_email() |> Pleroma.Emails.Mailer.deliver_async() else {:ok, :noop} diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index 3679b502b..3366e7275 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -237,7 +237,12 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do !Pleroma.Config.get([:instance, :registrations_open]), {:ok, invite_token} <- Pleroma.UserInviteToken.create_token(), email <- - Pleroma.UserEmail.user_invitation_email(user, invite_token, email, params["name"]), + Pleroma.Emails.UserEmail.user_invitation_email( + user, + invite_token, + email, + params["name"] + ), {:ok, _} <- Pleroma.Emails.Mailer.deliver(email) do json_response(conn, :no_content, "") end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index bf216a18f..a69bd0a54 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -5,9 +5,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.Activity alias Pleroma.Emails.Mailer + alias Pleroma.Emails.UserEmail alias Pleroma.Repo alias Pleroma.User - alias Pleroma.UserEmail alias Pleroma.UserInviteToken alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.CommonAPI diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index ca6bd0e97..2a8791b83 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -317,7 +317,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do refute token_record.used Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.user_invitation_email( + Pleroma.Emails.UserEmail.user_invitation_email( user, token_record, recipient_email, diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 72b7ea85e..b3e01e943 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1064,7 +1064,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) Swoosh.TestAssertions.assert_email_sent( - Pleroma.UserEmail.password_reset_email(user, token_record.token) + Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token) ) end end @@ -1163,7 +1163,9 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> assign(:user, user) |> post("/api/account/resend_confirmation_email?email=#{user.email}") - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + Swoosh.TestAssertions.assert_email_sent( + Pleroma.Emails.UserEmail.account_confirmation_email(user) + ) end end diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 6c00244de..fcb3fd8bd 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -321,7 +321,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do assert user.info.confirmation_pending - Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user)) + Swoosh.TestAssertions.assert_email_sent( + Pleroma.Emails.UserEmail.account_confirmation_email(user) + ) end test "it registers a new user and parses mentions in the bio" do From f9af90c5aa42169b929f4ac6b352730b4d3416c7 Mon Sep 17 00:00:00 2001 From: Egor Date: Fri, 12 Apr 2019 19:25:53 +0000 Subject: [PATCH 10/13] Revert "simplify mentions escape" This reverts commit f3e06a1030636f24f7129dd93bb9780e67fb7de1. --- lib/pleroma/formatter.ex | 42 ++++++++++++++++++++++------- lib/pleroma/web/common_api/utils.ex | 5 ++-- mix.exs | 2 +- mix.lock | 2 +- 4 files changed, 37 insertions(+), 14 deletions(-) diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index 8ea9dbd38..dab8910c1 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -9,20 +9,31 @@ defmodule Pleroma.Formatter do alias Pleroma.Web.MediaProxy @safe_mention_regex ~r/^(\s*(?@.+?\s+)+)(?.*)/ + @link_regex ~r"((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+"ui @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/ - @link_regex ~r{((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+}ui - # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength @auto_linker_config hashtag: true, hashtag_handler: &Pleroma.Formatter.hashtag_handler/4, mention: true, mention_handler: &Pleroma.Formatter.mention_handler/4 + def escape_mention_handler("@" <> nickname = mention, buffer, _, _) do + case User.get_cached_by_nickname(nickname) do + %User{} -> + # escape markdown characters with `\\` + # (we don't want something like @user__name to be parsed by markdown) + String.replace(mention, @markdown_characters_regex, "\\\\\\1") + + _ -> + buffer + end + end + def mention_handler("@" <> nickname, buffer, opts, acc) do case User.get_cached_by_nickname(nickname) do %User{id: id} = user -> ap_id = get_ap_id(user) - nickname_text = get_nickname_text(nickname, opts) |> maybe_escape(opts) + nickname_text = get_nickname_text(nickname, opts) link = "@#{ @@ -70,6 +81,25 @@ defmodule Pleroma.Formatter do end end + @doc """ + Escapes a special characters in mention names. + """ + def mentions_escape(text, options \\ []) do + options = + Keyword.merge(options, + mention: true, + url: false, + mention_handler: &Pleroma.Formatter.escape_mention_handler/4 + ) + + if options[:safe_mention] && Regex.named_captures(@safe_mention_regex, text) do + %{"mentions" => mentions, "rest" => rest} = Regex.named_captures(@safe_mention_regex, text) + AutoLinker.link(mentions, options) <> AutoLinker.link(rest, options) + else + AutoLinker.link(text, options) + end + end + def emojify(text) do emojify(text, Emoji.get_all()) end @@ -140,10 +170,4 @@ defmodule Pleroma.Formatter do defp get_nickname_text(nickname, %{mentions_format: :full}), do: User.full_nickname(nickname) defp get_nickname_text(nickname, _), do: User.local_nickname(nickname) - - defp maybe_escape(str, %{mentions_escape: true}) do - String.replace(str, @markdown_characters_regex, "\\\\\\1") - end - - defp maybe_escape(str, _), do: str end diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 7b9f0ea06..58a561a40 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -195,11 +195,10 @@ defmodule Pleroma.Web.CommonAPI.Utils do Formatting text to markdown. """ def format_input(text, "text/markdown", options) do - options = Keyword.put(options, :mentions_escape, true) - text + |> Formatter.mentions_escape(options) + |> Earmark.as_html!() |> Formatter.linkify(options) - |> (fn {text, mentions, tags} -> {Earmark.as_html!(text), mentions, tags} end).() |> Formatter.html_escape("text/html") end diff --git a/mix.exs b/mix.exs index 26a03b70b..e0c870fa7 100644 --- a/mix.exs +++ b/mix.exs @@ -101,7 +101,7 @@ defmodule Pleroma.Mixfile do {:ueberauth, "~> 0.4"}, {:auto_linker, git: "https://git.pleroma.social/pleroma/auto_linker.git", - ref: "479dd343f4e563ff91215c8275f3b5c67e032850"}, + ref: "90613b4bae875a3610c275b7056b61ffdd53210d"}, {:pleroma_job_queue, "~> 0.2.0"}, {:telemetry, "~> 0.3"}, {:prometheus_ex, "~> 3.0"}, diff --git a/mix.lock b/mix.lock index bb40ebd48..e13fdcbd4 100644 --- a/mix.lock +++ b/mix.lock @@ -1,6 +1,6 @@ %{ "accept": {:hex, :accept, "0.3.5", "b33b127abca7cc948bbe6caa4c263369abf1347cfa9d8e699c6d214660f10cd1", [:rebar3], [], "hexpm"}, - "auto_linker": {:git, "https://git.pleroma.social/pleroma/auto_linker.git", "479dd343f4e563ff91215c8275f3b5c67e032850", [ref: "479dd343f4e563ff91215c8275f3b5c67e032850"]}, + "auto_linker": {:git, "https://git.pleroma.social/pleroma/auto_linker.git", "90613b4bae875a3610c275b7056b61ffdd53210d", [ref: "90613b4bae875a3610c275b7056b61ffdd53210d"]}, "base64url": {:hex, :base64url, "0.0.1", "36a90125f5948e3afd7be97662a1504b934dd5dac78451ca6e9abf85a10286be", [:rebar], [], "hexpm"}, "bunt": {:hex, :bunt, "0.2.0", "951c6e801e8b1d2cbe58ebbd3e616a869061ddadcc4863d0a2182541acae9a38", [:mix], [], "hexpm"}, "cachex": {:hex, :cachex, "3.0.2", "1351caa4e26e29f7d7ec1d29b53d6013f0447630bbf382b4fb5d5bad0209f203", [:mix], [{:eternal, "~> 1.2", [hex: :eternal, repo: "hexpm", optional: false]}, {:unsafe, "~> 1.0", [hex: :unsafe, repo: "hexpm", optional: false]}], "hexpm"}, From 3a805cc35cff0c46f6b9dd45169d888936cc5c53 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 13 Apr 2019 00:31:18 +0300 Subject: [PATCH 11/13] Add a changelog --- CHANGELOG.md | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++ Changelog.md | 8 ----- mix.exs | 2 +- 3 files changed, 92 insertions(+), 9 deletions(-) create mode 100644 CHANGELOG.md delete mode 100644 Changelog.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 000000000..1fbbf5c2e --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,91 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). + +## [unreleased] +### Added +- LDAP authentication +- External OAuth provider authentication +- A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc. +- [Prometheus](https://prometheus.io/) metrics +- Support for Mastodon's remote interaction +- Federation: Support for reports +- Configuration: `safe_dm_mentions` option +- Configuration: `link_name` option +- Configuration: `fetch_initial_posts` option +- Pleroma API: User subscribtions +- Admin API: Endpoints for listing/revoking invite tokens +- Admin API: Endpoints for making users follow/unfollow each other +- Mastodon API: [Scheduled statuses](https://docs.joinmastodon.org/api/rest/scheduled-statuses/) +- Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) +- Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) +- ActivityPub C2S: OAuth endpoints + +### Changed +- Enforcement of OAuth scopes +- Add multiple use/time expiring invite token +- Restyled OAuth pages to fit with Pleroma's default theme +- Link/mention/hashtag detection is now handled by [auto_linker](https://git.pleroma.social/pleroma/auto_linker) +- NodeInfo: Return `safe_dm_mentions` feature flag +- Federation: Expand the audience of delete activities to all recipients of the deleted object +- Configuration: Dedupe enabled by default +- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer +- Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change +- Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` +- Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` +- Mastodon API: Provide plaintext versions of cw/content in the Status entity +- Mastodon API: Add `pleroma.conversation_id` field to the Status entity +- Mastodon API: Add `pleroma.tags`, `pleroma.relationship{}`, `pleroma.is_moderator`, `pleroma.is_admin`, `pleroma.confirmation_pending` fields to the User entity +- Mastodon API: Add `pleroma.is_seen` to the Notification entity +- Mastodon API: Add `pleroma.local` to the Status entity +- Mastodon API: Add `preview` parameter to `POST /api/v1/statuses` +- Mastodon API: Add `with_muted` parameter to timeline endpoints +- Mastodon API: Actual reblog hiding instead of a dummy +- Mastodon API: Remove attachment limit in the Status entity +- Deps: Updated Cowboy to 2.6 +- Deps: Updated Ecto to 3.0.7 + +### Fixed +- Followers counter not being updated when a follower is blocked +- Deactivated users being able to request an access token +- Limit on request body in rich media/relme parsers being ignored resulting in a possible memory leak +- proper Twitter Card generation instead of a dummy +- NodeInfo: Include admins in `staffAccounts` +- ActivityPub: Crashing when requesting empty local user's outbox +- Federation: Handling of objects without `summary` property +- Federation: Add a language tag to activities as required by ActivityStreams 2.0 +- Federation: Do not federate avatar/banner if set to default allowing other servers/clients to use their defaults +- Federation: Cope with missing or explicitly nulled address lists +- Federation: Explicitly ensure activities addressed to `as:Public` become addressed to the followers collection +- Federation: Better cope with actors which do not declare a followers collection and use `as:Public` with these semantics +- MediaProxy: Parse name from content disposition headers even for non-whitelisted types +- MediaProxy: S3 link encoding +- Rich Media: Reject any data which cannot be explicitly encoded into JSON +- Mastodon API: `/api/v1/favourites` serving only public activities +- Mastodon API: Reblogs having `in_reply_to_id` - `null` even when they are replies +- Mastodon API: Streaming API broadcasting wrong activity id +- Mastodon API: 500 errors when requesting a card for a private conversation + +## [0.9.9999] - 2019-04-05 +### Security +- Various fixes + +## [0.9.999] - 2019-03-13 +Frontend changes only. +### Added +- Added floating action button for posting status on mobile +### Changed +- Changed user-settings icon to a pencil +### Fixed +- Keyboard shortcuts activating when typing a message +- Gaps when scrolling down on a timeline after showing new + +## [0.9.99] - 2019-03-08 +### Changed +- Update the frontend to the 0.9.99 tag +### Fixed +- Sign the date header in federation to fix Mastodon federation. + +## [0.9.9] - 2019-02-22 +This is our first stable release. diff --git a/Changelog.md b/Changelog.md deleted file mode 100644 index 1fddf41cd..000000000 --- a/Changelog.md +++ /dev/null @@ -1,8 +0,0 @@ -# Changelog -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - -## [unreleased] -### Changed -- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/mix.exs b/mix.exs index 26a03b70b..2a14781f7 100644 --- a/mix.exs +++ b/mix.exs @@ -22,7 +22,7 @@ defmodule Pleroma.Mixfile do homepage_url: "https://pleroma.social/", docs: [ logo: "priv/static/static/logo.png", - extras: ["README.md" | Path.wildcard("docs/**/*.md")], + extras: ["README.md", "CHANGELOG.md"] ++ Path.wildcard("docs/**/*.md"), groups_for_extras: [ "Installation manuals": Path.wildcard("docs/installation/*.md"), Configuration: Path.wildcard("docs/config/*.md"), From 3018d81d870f64b2d0bc988d49b9eb4f9ff7c228 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sat, 13 Apr 2019 21:17:10 +0300 Subject: [PATCH 12/13] Put an actual description of the vulnerability and add **Breaking:** to breaking changes --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1fbbf5c2e..cf751a496 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - ActivityPub C2S: OAuth endpoints ### Changed +- **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer - Enforcement of OAuth scopes - Add multiple use/time expiring invite token - Restyled OAuth pages to fit with Pleroma's default theme @@ -30,7 +31,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - NodeInfo: Return `safe_dm_mentions` feature flag - Federation: Expand the audience of delete activities to all recipients of the deleted object - Configuration: Dedupe enabled by default -- Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer - Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change - Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` - Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` @@ -69,7 +69,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [0.9.9999] - 2019-04-05 ### Security -- Various fixes +- Mastodon API: Fix content warnings skipping HTML sanitization ## [0.9.999] - 2019-03-13 Frontend changes only. From 48982169dc97fce429019fe2b4d390eeec71cba3 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 13 Apr 2019 22:41:54 +0200 Subject: [PATCH 13/13] docs/installation/arch_linux_en.md: Remove useless ODBC See [1] for confirmation. 1: https://git.pleroma.social/pleroma/pleroma/merge_requests/1050#note_24402 --- docs/installation/arch_linux_en.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/installation/arch_linux_en.md b/docs/installation/arch_linux_en.md index 4b3bbbbb0..2b040cfbc 100644 --- a/docs/installation/arch_linux_en.md +++ b/docs/installation/arch_linux_en.md @@ -7,7 +7,6 @@ This guide will assume that you have administrative rights, either as root or a * `postgresql` * `elixir` -* `erlang-unixodbc` * `git` * `base-devel` @@ -27,7 +26,7 @@ sudo pacman -Syu * Install some of the above mentioned programs: ```shell -sudo pacman -S git base-devel elixir erlang-unixodbc +sudo pacman -S git base-devel elixir ``` ### Install PostgreSQL