Merge branch 'develop' into refactor/locked_user_field
This commit is contained in:
commit
409f694e4f
@ -25,7 +25,7 @@
|
|||||||
#
|
#
|
||||||
# If you create your own checks, you must specify the source files for
|
# If you create your own checks, you must specify the source files for
|
||||||
# them here, so they can be loaded by Credo before running the analysis.
|
# them here, so they can be loaded by Credo before running the analysis.
|
||||||
requires: [],
|
requires: ["./lib/credo/check/consistency/file_location.ex"],
|
||||||
#
|
#
|
||||||
# Credo automatically checks for updates, like e.g. Hex does.
|
# Credo automatically checks for updates, like e.g. Hex does.
|
||||||
# You can disable this behaviour below:
|
# You can disable this behaviour below:
|
||||||
@ -71,7 +71,6 @@
|
|||||||
# set this value to 0 (zero).
|
# set this value to 0 (zero).
|
||||||
{Credo.Check.Design.TagTODO, exit_status: 0},
|
{Credo.Check.Design.TagTODO, exit_status: 0},
|
||||||
{Credo.Check.Design.TagFIXME, exit_status: 0},
|
{Credo.Check.Design.TagFIXME, exit_status: 0},
|
||||||
|
|
||||||
{Credo.Check.Readability.FunctionNames},
|
{Credo.Check.Readability.FunctionNames},
|
||||||
{Credo.Check.Readability.LargeNumbers},
|
{Credo.Check.Readability.LargeNumbers},
|
||||||
{Credo.Check.Readability.MaxLineLength, priority: :low, max_length: 100},
|
{Credo.Check.Readability.MaxLineLength, priority: :low, max_length: 100},
|
||||||
@ -91,7 +90,6 @@
|
|||||||
{Credo.Check.Readability.VariableNames},
|
{Credo.Check.Readability.VariableNames},
|
||||||
{Credo.Check.Readability.Semicolons},
|
{Credo.Check.Readability.Semicolons},
|
||||||
{Credo.Check.Readability.SpaceAfterCommas},
|
{Credo.Check.Readability.SpaceAfterCommas},
|
||||||
|
|
||||||
{Credo.Check.Refactor.DoubleBooleanNegation},
|
{Credo.Check.Refactor.DoubleBooleanNegation},
|
||||||
{Credo.Check.Refactor.CondStatements},
|
{Credo.Check.Refactor.CondStatements},
|
||||||
{Credo.Check.Refactor.CyclomaticComplexity},
|
{Credo.Check.Refactor.CyclomaticComplexity},
|
||||||
@ -102,7 +100,6 @@
|
|||||||
{Credo.Check.Refactor.Nesting},
|
{Credo.Check.Refactor.Nesting},
|
||||||
{Credo.Check.Refactor.PipeChainStart},
|
{Credo.Check.Refactor.PipeChainStart},
|
||||||
{Credo.Check.Refactor.UnlessWithElse},
|
{Credo.Check.Refactor.UnlessWithElse},
|
||||||
|
|
||||||
{Credo.Check.Warning.BoolOperationOnSameValues},
|
{Credo.Check.Warning.BoolOperationOnSameValues},
|
||||||
{Credo.Check.Warning.IExPry},
|
{Credo.Check.Warning.IExPry},
|
||||||
{Credo.Check.Warning.IoInspect},
|
{Credo.Check.Warning.IoInspect},
|
||||||
@ -131,6 +128,7 @@
|
|||||||
|
|
||||||
# Custom checks can be created using `mix credo.gen.check`.
|
# Custom checks can be created using `mix credo.gen.check`.
|
||||||
#
|
#
|
||||||
|
{Credo.Check.Consistency.FileLocation}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
@ -677,7 +677,7 @@ config :pleroma, :rate_limit,
|
|||||||
|
|
||||||
config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600
|
config :pleroma, Pleroma.Workers.PurgeExpiredActivity, enabled: true, min_lifetime: 600
|
||||||
|
|
||||||
config :pleroma, Pleroma.Plugs.RemoteIp,
|
config :pleroma, Pleroma.Web.Plugs.RemoteIp,
|
||||||
enabled: true,
|
enabled: true,
|
||||||
headers: ["x-forwarded-for"],
|
headers: ["x-forwarded-for"],
|
||||||
proxies: [],
|
proxies: [],
|
||||||
|
@ -3250,10 +3250,10 @@ config :pleroma, :config_description, [
|
|||||||
},
|
},
|
||||||
%{
|
%{
|
||||||
group: :pleroma,
|
group: :pleroma,
|
||||||
key: Pleroma.Plugs.RemoteIp,
|
key: Pleroma.Web.Plugs.RemoteIp,
|
||||||
type: :group,
|
type: :group,
|
||||||
description: """
|
description: """
|
||||||
`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
`Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
||||||
**If your instance is not behind at least one reverse proxy, you should not enable this plug.**
|
**If your instance is not behind at least one reverse proxy, you should not enable this plug.**
|
||||||
""",
|
""",
|
||||||
children: [
|
children: [
|
||||||
|
@ -113,7 +113,7 @@ config :pleroma, Pleroma.Gun, Pleroma.GunMock
|
|||||||
|
|
||||||
config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true
|
config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true
|
||||||
|
|
||||||
config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false
|
config :pleroma, Pleroma.Web.Plugs.RemoteIp, enabled: false
|
||||||
|
|
||||||
config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true
|
config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true
|
||||||
|
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
{
|
{
|
||||||
"skip_files": [
|
"skip_files": [
|
||||||
"test/support",
|
"test/support",
|
||||||
"lib/mix/tasks/pleroma/benchmark.ex"
|
"lib/mix/tasks/pleroma/benchmark.ex",
|
||||||
|
"lib/credo/check/consistency/file_location.ex"
|
||||||
]
|
]
|
||||||
}
|
}
|
@ -113,7 +113,7 @@ To add configuration to your config file, you can copy it from the base config.
|
|||||||
* `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)).
|
* `Pleroma.Web.ActivityPub.MRF.MentionPolicy`: Drops posts mentioning configurable users. (See [`:mrf_mention`](#mrf_mention)).
|
||||||
* `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)).
|
* `Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`: Restricts activities to a configured set of vocabulary. (See [`:mrf_vocabulary`](#mrf_vocabulary)).
|
||||||
* `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)).
|
* `Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy`: Rejects or delists posts based on their age when received. (See [`:mrf_object_age`](#mrf_object_age)).
|
||||||
* `Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy`: Sets a default expiration on all posts made by users of the local instance. Requires `Pleroma.ActivityExpiration` to be enabled for processing the scheduled delections.
|
* `Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy`: Sets a default expiration on all posts made by users of the local instance. Requires `Pleroma.Workers.PurgeExpiredActivity` to be enabled for processing the scheduled delections.
|
||||||
* `Pleroma.Web.ActivityPub.MRF.ForceBotUnlistedPolicy`: Makes all bot posts to disappear from public timelines.
|
* `Pleroma.Web.ActivityPub.MRF.ForceBotUnlistedPolicy`: Makes all bot posts to disappear from public timelines.
|
||||||
* `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
|
* `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
|
||||||
* `transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
|
* `transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value.
|
||||||
@ -219,12 +219,6 @@ config :pleroma, :mrf_user_allowlist, %{
|
|||||||
* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`)
|
* `total_user_limit`: the number of scheduled activities a user is allowed to create in total (Default: `300`)
|
||||||
* `enabled`: whether scheduled activities are sent to the job queue to be executed
|
* `enabled`: whether scheduled activities are sent to the job queue to be executed
|
||||||
|
|
||||||
## Pleroma.ActivityExpiration
|
|
||||||
|
|
||||||
Enables the worker which processes posts scheduled for deletion. Pinned posts are exempt from expiration.
|
|
||||||
|
|
||||||
* `enabled`: whether expired activities will be sent to the job queue to be deleted
|
|
||||||
|
|
||||||
## FedSockets
|
## FedSockets
|
||||||
FedSockets is an experimental feature allowing for Pleroma backends to federate using a persistant websocket connection as opposed to making each federation a seperate http connection. This feature is currently off by default. It is configurable throught he following options.
|
FedSockets is an experimental feature allowing for Pleroma backends to federate using a persistant websocket connection as opposed to making each federation a seperate http connection. This feature is currently off by default. It is configurable throught he following options.
|
||||||
|
|
||||||
@ -416,12 +410,12 @@ This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls start
|
|||||||
* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.
|
* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.
|
||||||
* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header.
|
* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header.
|
||||||
|
|
||||||
### Pleroma.Plugs.RemoteIp
|
### Pleroma.Web.Plugs.RemoteIp
|
||||||
|
|
||||||
!!! warning
|
!!! warning
|
||||||
If your instance is not behind at least one reverse proxy, you should not enable this plug.
|
If your instance is not behind at least one reverse proxy, you should not enable this plug.
|
||||||
|
|
||||||
`Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
`Pleroma.Web.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
||||||
|
|
||||||
Available options:
|
Available options:
|
||||||
|
|
||||||
@ -434,7 +428,7 @@ Available options:
|
|||||||
### :rate_limit
|
### :rate_limit
|
||||||
|
|
||||||
!!! note
|
!!! note
|
||||||
If your instance is behind a reverse proxy ensure [`Pleroma.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
|
If your instance is behind a reverse proxy ensure [`Pleroma.Web.Plugs.RemoteIp`](#pleroma-plugs-remoteip) is enabled (it is enabled by default).
|
||||||
|
|
||||||
A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
|
A keyword list of rate limiters where a key is a limiter name and value is the limiter configuration. The basic configuration is a tuple where:
|
||||||
|
|
||||||
|
@ -6,7 +6,7 @@ This document contains notes and guidelines for Pleroma developers.
|
|||||||
|
|
||||||
* Pleroma supports hierarchical OAuth scopes, just like Mastodon but with added granularity of admin scopes. For a reference, see [Mastodon OAuth scopes](https://docs.joinmastodon.org/api/oauth-scopes/).
|
* Pleroma supports hierarchical OAuth scopes, just like Mastodon but with added granularity of admin scopes. For a reference, see [Mastodon OAuth scopes](https://docs.joinmastodon.org/api/oauth-scopes/).
|
||||||
|
|
||||||
* It is important to either define OAuth scope restrictions or explicitly mark OAuth scope check as skipped, for every controller action. To define scopes, call `plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: [...]})`. To explicitly set OAuth scopes check skipped, call `plug(:skip_plug, Pleroma.Plugs.OAuthScopesPlug <when ...>)`.
|
* It is important to either define OAuth scope restrictions or explicitly mark OAuth scope check as skipped, for every controller action. To define scopes, call `plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: [...]})`. To explicitly set OAuth scopes check skipped, call `plug(:skip_plug, Pleroma.Web.Plugs.OAuthScopesPlug <when ...>)`.
|
||||||
|
|
||||||
* In controllers, `use Pleroma.Web, :controller` will result in `action/2` (see `Pleroma.Web.controller/0` for definition) be called prior to actual controller action, and it'll perform security / privacy checks before passing control to actual controller action.
|
* In controllers, `use Pleroma.Web, :controller` will result in `action/2` (see `Pleroma.Web.controller/0` for definition) be called prior to actual controller action, and it'll perform security / privacy checks before passing control to actual controller action.
|
||||||
|
|
||||||
@ -16,7 +16,7 @@ This document contains notes and guidelines for Pleroma developers.
|
|||||||
|
|
||||||
## [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization)
|
## [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization)
|
||||||
|
|
||||||
* With HTTP Basic Auth, OAuth scopes check is _not_ performed for any action (since password is provided during the auth, requester is able to obtain a token with full permissions anyways). `Pleroma.Plugs.AuthenticationPlug` and `Pleroma.Plugs.LegacyAuthenticationPlug` both call `Pleroma.Plugs.OAuthScopesPlug.skip_plug(conn)` when password is provided.
|
* With HTTP Basic Auth, OAuth scopes check is _not_ performed for any action (since password is provided during the auth, requester is able to obtain a token with full permissions anyways). `Pleroma.Web.Plugs.AuthenticationPlug` and `Pleroma.Web.Plugs.LegacyAuthenticationPlug` both call `Pleroma.Web.Plugs.OAuthScopesPlug.skip_plug(conn)` when password is provided.
|
||||||
|
|
||||||
## Auth-related configuration, OAuth consumer mode etc.
|
## Auth-related configuration, OAuth consumer mode etc.
|
||||||
|
|
||||||
|
166
lib/credo/check/consistency/file_location.ex
Normal file
166
lib/credo/check/consistency/file_location.ex
Normal file
@ -0,0 +1,166 @@
|
|||||||
|
# Pleroma: A lightweight social networking server
|
||||||
|
# Originally taken from
|
||||||
|
# https://github.com/VeryBigThings/elixir_common/blob/master/lib/vbt/credo/check/consistency/file_location.ex
|
||||||
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||||
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
|
defmodule Credo.Check.Consistency.FileLocation do
|
||||||
|
@moduledoc false
|
||||||
|
|
||||||
|
# credo:disable-for-this-file Credo.Check.Readability.Specs
|
||||||
|
|
||||||
|
@checkdoc """
|
||||||
|
File location should follow the namespace hierarchy of the module it defines.
|
||||||
|
|
||||||
|
Examples:
|
||||||
|
|
||||||
|
- `lib/my_system.ex` should define the `MySystem` module
|
||||||
|
- `lib/my_system/accounts.ex` should define the `MySystem.Accounts` module
|
||||||
|
"""
|
||||||
|
@explanation [warning: @checkdoc]
|
||||||
|
|
||||||
|
@special_namespaces [
|
||||||
|
"controllers",
|
||||||
|
"views",
|
||||||
|
"operations",
|
||||||
|
"channels"
|
||||||
|
]
|
||||||
|
|
||||||
|
# `use Credo.Check` required that module attributes are already defined, so we need
|
||||||
|
# to place these attributes
|
||||||
|
# before use/alias expressions.
|
||||||
|
# credo:disable-for-next-line VBT.Credo.Check.Consistency.ModuleLayout
|
||||||
|
use Credo.Check, category: :warning, base_priority: :high
|
||||||
|
|
||||||
|
alias Credo.Code
|
||||||
|
|
||||||
|
def run(source_file, params \\ []) do
|
||||||
|
case verify(source_file, params) do
|
||||||
|
:ok ->
|
||||||
|
[]
|
||||||
|
|
||||||
|
{:error, module, expected_file} ->
|
||||||
|
error(IssueMeta.for(source_file, params), module, expected_file)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp verify(source_file, params) do
|
||||||
|
source_file.filename
|
||||||
|
|> Path.relative_to_cwd()
|
||||||
|
|> verify(Code.ast(source_file), params)
|
||||||
|
end
|
||||||
|
|
||||||
|
@doc false
|
||||||
|
def verify(relative_path, ast, params) do
|
||||||
|
if verify_path?(relative_path, params),
|
||||||
|
do: ast |> main_module() |> verify_module(relative_path, params),
|
||||||
|
else: :ok
|
||||||
|
end
|
||||||
|
|
||||||
|
defp verify_path?(relative_path, params) do
|
||||||
|
case Path.split(relative_path) do
|
||||||
|
["lib" | _] -> not exclude?(relative_path, params)
|
||||||
|
["test", "support" | _] -> false
|
||||||
|
["test", "test_helper.exs"] -> false
|
||||||
|
["test" | _] -> not exclude?(relative_path, params)
|
||||||
|
_ -> false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp exclude?(relative_path, params) do
|
||||||
|
params
|
||||||
|
|> Keyword.get(:exclude, [])
|
||||||
|
|> Enum.any?(&String.starts_with?(relative_path, &1))
|
||||||
|
end
|
||||||
|
|
||||||
|
defp main_module(ast) do
|
||||||
|
{_ast, modules} = Macro.prewalk(ast, [], &traverse/2)
|
||||||
|
Enum.at(modules, -1)
|
||||||
|
end
|
||||||
|
|
||||||
|
defp traverse({:defmodule, _meta, args}, modules) do
|
||||||
|
[{:__aliases__, _, name_parts}, _module_body] = args
|
||||||
|
{args, [Module.concat(name_parts) | modules]}
|
||||||
|
end
|
||||||
|
|
||||||
|
defp traverse(ast, state), do: {ast, state}
|
||||||
|
|
||||||
|
# empty file - shouldn't really happen, but we'll let it through
|
||||||
|
defp verify_module(nil, _relative_path, _params), do: :ok
|
||||||
|
|
||||||
|
defp verify_module(main_module, relative_path, params) do
|
||||||
|
parsed_path = parsed_path(relative_path, params)
|
||||||
|
|
||||||
|
expected_file =
|
||||||
|
expected_file_base(parsed_path.root, main_module) <>
|
||||||
|
Path.extname(parsed_path.allowed)
|
||||||
|
|
||||||
|
cond do
|
||||||
|
expected_file == parsed_path.allowed ->
|
||||||
|
:ok
|
||||||
|
|
||||||
|
special_namespaces?(parsed_path.allowed) ->
|
||||||
|
original_path = parsed_path.allowed
|
||||||
|
|
||||||
|
namespace =
|
||||||
|
Enum.find(@special_namespaces, original_path, fn namespace ->
|
||||||
|
String.contains?(original_path, namespace)
|
||||||
|
end)
|
||||||
|
|
||||||
|
allowed = String.replace(original_path, "/" <> namespace, "")
|
||||||
|
|
||||||
|
if expected_file == allowed,
|
||||||
|
do: :ok,
|
||||||
|
else: {:error, main_module, expected_file}
|
||||||
|
|
||||||
|
true ->
|
||||||
|
{:error, main_module, expected_file}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp special_namespaces?(path), do: String.contains?(path, @special_namespaces)
|
||||||
|
|
||||||
|
defp parsed_path(relative_path, params) do
|
||||||
|
parts = Path.split(relative_path)
|
||||||
|
|
||||||
|
allowed =
|
||||||
|
Keyword.get(params, :ignore_folder_namespace, %{})
|
||||||
|
|> Stream.flat_map(fn {root, folders} -> Enum.map(folders, &Path.join([root, &1])) end)
|
||||||
|
|> Stream.map(&Path.split/1)
|
||||||
|
|> Enum.find(&List.starts_with?(parts, &1))
|
||||||
|
|> case do
|
||||||
|
nil ->
|
||||||
|
relative_path
|
||||||
|
|
||||||
|
ignore_parts ->
|
||||||
|
Stream.drop(ignore_parts, -1)
|
||||||
|
|> Enum.concat(Stream.drop(parts, length(ignore_parts)))
|
||||||
|
|> Path.join()
|
||||||
|
end
|
||||||
|
|
||||||
|
%{root: hd(parts), allowed: allowed}
|
||||||
|
end
|
||||||
|
|
||||||
|
defp expected_file_base(root_folder, module) do
|
||||||
|
{parent_namespace, module_name} = module |> Module.split() |> Enum.split(-1)
|
||||||
|
|
||||||
|
relative_path =
|
||||||
|
if parent_namespace == [],
|
||||||
|
do: "",
|
||||||
|
else: parent_namespace |> Module.concat() |> Macro.underscore()
|
||||||
|
|
||||||
|
file_name = module_name |> Module.concat() |> Macro.underscore()
|
||||||
|
|
||||||
|
Path.join([root_folder, relative_path, file_name])
|
||||||
|
end
|
||||||
|
|
||||||
|
defp error(issue_meta, module, expected_file) do
|
||||||
|
format_issue(issue_meta,
|
||||||
|
message:
|
||||||
|
"Mismatch between file name and main module #{inspect(module)}. " <>
|
||||||
|
"Expected file path to be #{expected_file}. " <>
|
||||||
|
"Either move the file or rename the module.",
|
||||||
|
line_no: 1
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
@ -52,7 +52,7 @@ defmodule Pleroma.Application do
|
|||||||
Pleroma.HTML.compile_scrubbers()
|
Pleroma.HTML.compile_scrubbers()
|
||||||
Pleroma.Config.Oban.warn()
|
Pleroma.Config.Oban.warn()
|
||||||
Config.DeprecationWarnings.warn()
|
Config.DeprecationWarnings.warn()
|
||||||
Pleroma.Plugs.HTTPSecurityPlug.warn_if_disabled()
|
Pleroma.Web.Plugs.HTTPSecurityPlug.warn_if_disabled()
|
||||||
Pleroma.ApplicationRequirements.verify!()
|
Pleroma.ApplicationRequirements.verify!()
|
||||||
setup_instrumenters()
|
setup_instrumenters()
|
||||||
load_custom_modules()
|
load_custom_modules()
|
||||||
@ -88,7 +88,7 @@ defmodule Pleroma.Application do
|
|||||||
Pleroma.Repo,
|
Pleroma.Repo,
|
||||||
Config.TransferTask,
|
Config.TransferTask,
|
||||||
Pleroma.Emoji,
|
Pleroma.Emoji,
|
||||||
Pleroma.Plugs.RateLimiter.Supervisor
|
Pleroma.Web.Plugs.RateLimiter.Supervisor
|
||||||
] ++
|
] ++
|
||||||
cachex_children() ++
|
cachex_children() ++
|
||||||
http_children(adapter, @env) ++
|
http_children(adapter, @env) ++
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
|
|
||||||
defmodule Pleroma.BBS.Authenticator do
|
defmodule Pleroma.BBS.Authenticator do
|
||||||
use Sshd.PasswordAuthenticator
|
use Sshd.PasswordAuthenticator
|
||||||
alias Pleroma.Plugs.AuthenticationPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
|
||||||
def authenticate(username, password) do
|
def authenticate(username, password) do
|
||||||
username = to_string(username)
|
username = to_string(username)
|
||||||
|
@ -39,7 +39,8 @@ defmodule Pleroma.Config.DeprecationWarnings do
|
|||||||
:ok <- check_media_proxy_whitelist_config(),
|
:ok <- check_media_proxy_whitelist_config(),
|
||||||
:ok <- check_welcome_message_config(),
|
:ok <- check_welcome_message_config(),
|
||||||
:ok <- check_gun_pool_options(),
|
:ok <- check_gun_pool_options(),
|
||||||
:ok <- check_activity_expiration_config() do
|
:ok <- check_activity_expiration_config(),
|
||||||
|
:ok <- check_remote_ip_plug_name() do
|
||||||
:ok
|
:ok
|
||||||
else
|
else
|
||||||
_ ->
|
_ ->
|
||||||
@ -176,4 +177,20 @@ defmodule Pleroma.Config.DeprecationWarnings do
|
|||||||
warning_preface
|
warning_preface
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@spec check_remote_ip_plug_name() :: :ok | nil
|
||||||
|
def check_remote_ip_plug_name do
|
||||||
|
warning_preface = """
|
||||||
|
!!!DEPRECATION WARNING!!!
|
||||||
|
Your config is using old namespace for RemoteIp Plug. Setting should work for now, but you are advised to change to new namespace to prevent possible issues later:
|
||||||
|
"""
|
||||||
|
|
||||||
|
move_namespace_and_warn(
|
||||||
|
[
|
||||||
|
{Pleroma.Plugs.RemoteIp, Pleroma.Web.Plugs.RemoteIp,
|
||||||
|
"\n* `config :pleroma, Pleroma.Plugs.RemoteIp` is now `config :pleroma, Pleroma.Web.Plugs.RemoteIp`"}
|
||||||
|
],
|
||||||
|
warning_preface
|
||||||
|
)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
@ -8,9 +8,9 @@ defmodule Pleroma.Tests.AuthTestController do
|
|||||||
|
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
# Serves only with proper OAuth token (:api and :authenticated_api)
|
# Serves only with proper OAuth token (:api and :authenticated_api)
|
||||||
# Skipping EnsurePublicOrAuthenticatedPlug has no effect in this case
|
# Skipping EnsurePublicOrAuthenticatedPlug has no effect in this case
|
||||||
|
@ -12,7 +12,7 @@ defmodule Pleroma.Uploaders.Uploader do
|
|||||||
@doc """
|
@doc """
|
||||||
Instructs how to get the file from the backend.
|
Instructs how to get the file from the backend.
|
||||||
|
|
||||||
Used by `Pleroma.Plugs.UploadedMedia`.
|
Used by `Pleroma.Web.Plugs.UploadedMedia`.
|
||||||
"""
|
"""
|
||||||
@type get_method :: {:static_dir, directory :: String.t()} | {:url, url :: String.t()}
|
@type get_method :: {:static_dir, directory :: String.t()} | {:url, url :: String.t()}
|
||||||
@callback get_file(file :: String.t()) :: {:ok, get_method()}
|
@callback get_file(file :: String.t()) :: {:ok, get_method()}
|
||||||
|
@ -2,11 +2,6 @@
|
|||||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.Plug do
|
|
||||||
# Substitute for `call/2` which is defined with `use Pleroma.Web, :plug`
|
|
||||||
@callback perform(Plug.Conn.t(), Plug.opts()) :: Plug.Conn.t()
|
|
||||||
end
|
|
||||||
|
|
||||||
defmodule Pleroma.Web do
|
defmodule Pleroma.Web do
|
||||||
@moduledoc """
|
@moduledoc """
|
||||||
A module that keeps using definitions for controllers,
|
A module that keeps using definitions for controllers,
|
||||||
@ -25,12 +20,12 @@ defmodule Pleroma.Web do
|
|||||||
below.
|
below.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
alias Pleroma.Plugs.EnsureAuthenticatedPlug
|
alias Pleroma.Web.Plugs.EnsureAuthenticatedPlug
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
alias Pleroma.Plugs.ExpectAuthenticatedCheckPlug
|
alias Pleroma.Web.Plugs.ExpectAuthenticatedCheckPlug
|
||||||
alias Pleroma.Plugs.ExpectPublicOrAuthenticatedCheckPlug
|
alias Pleroma.Web.Plugs.ExpectPublicOrAuthenticatedCheckPlug
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
alias Pleroma.Plugs.PlugHelper
|
alias Pleroma.Web.Plugs.PlugHelper
|
||||||
|
|
||||||
def controller do
|
def controller do
|
||||||
quote do
|
quote do
|
@ -9,7 +9,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||||||
alias Pleroma.Delivery
|
alias Pleroma.Delivery
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Object.Fetcher
|
alias Pleroma.Object.Fetcher
|
||||||
alias Pleroma.Plugs.EnsureAuthenticatedPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.ActivityPub.Builder
|
alias Pleroma.Web.ActivityPub.Builder
|
||||||
@ -23,8 +22,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||||||
alias Pleroma.Web.ActivityPub.Visibility
|
alias Pleroma.Web.ActivityPub.Visibility
|
||||||
alias Pleroma.Web.ControllerHelper
|
alias Pleroma.Web.ControllerHelper
|
||||||
alias Pleroma.Web.Endpoint
|
alias Pleroma.Web.Endpoint
|
||||||
alias Pleroma.Web.FederatingPlug
|
|
||||||
alias Pleroma.Web.Federator
|
alias Pleroma.Web.Federator
|
||||||
|
alias Pleroma.Web.Plugs.EnsureAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.FederatingPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
@ -46,7 +46,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
|||||||
)
|
)
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
Pleroma.Plugs.Cache,
|
Pleroma.Web.Plugs.Cache,
|
||||||
[query_params: false, tracking_fun: &__MODULE__.track_object_fetch/2]
|
[query_params: false, tracking_fun: &__MODULE__.track_object_fetch/2]
|
||||||
when action in [:activity, :object]
|
when action in [:activity, :object]
|
||||||
)
|
)
|
||||||
|
@ -10,7 +10,6 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
alias Pleroma.Config
|
alias Pleroma.Config
|
||||||
alias Pleroma.MFA
|
alias Pleroma.MFA
|
||||||
alias Pleroma.ModerationLog
|
alias Pleroma.ModerationLog
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Stats
|
alias Pleroma.Stats
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
@ -21,6 +20,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||||||
alias Pleroma.Web.AdminAPI.ModerationLogView
|
alias Pleroma.Web.AdminAPI.ModerationLogView
|
||||||
alias Pleroma.Web.AdminAPI.Search
|
alias Pleroma.Web.AdminAPI.Search
|
||||||
alias Pleroma.Web.Endpoint
|
alias Pleroma.Web.Endpoint
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
alias Pleroma.Web.Router
|
alias Pleroma.Web.Router
|
||||||
|
|
||||||
@users_page_size 50
|
@users_page_size 50
|
||||||
|
@ -10,10 +10,10 @@ defmodule Pleroma.Web.AdminAPI.ChatController do
|
|||||||
alias Pleroma.Chat.MessageReference
|
alias Pleroma.Chat.MessageReference
|
||||||
alias Pleroma.ModerationLog
|
alias Pleroma.ModerationLog
|
||||||
alias Pleroma.Pagination
|
alias Pleroma.Pagination
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.AdminAPI
|
alias Pleroma.Web.AdminAPI
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.PleromaAPI.Chat.MessageReferenceView
|
alias Pleroma.Web.PleromaAPI.Chat.MessageReferenceView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@ defmodule Pleroma.Web.AdminAPI.ConfigController do
|
|||||||
|
|
||||||
alias Pleroma.Config
|
alias Pleroma.Config
|
||||||
alias Pleroma.ConfigDB
|
alias Pleroma.ConfigDB
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :update)
|
plug(OAuthScopesPlug, %{scopes: ["write"], admin: true} when action == :update)
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.AdminAPI.InstanceDocumentController do
|
defmodule Pleroma.Web.AdminAPI.InstanceDocumentController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.InstanceStatic
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.InstanceDocument
|
alias Pleroma.Web.InstanceDocument
|
||||||
|
alias Pleroma.Web.Plugs.InstanceStatic
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
|
@ -8,8 +8,8 @@ defmodule Pleroma.Web.AdminAPI.InviteController do
|
|||||||
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
|
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
|
||||||
|
|
||||||
alias Pleroma.Config
|
alias Pleroma.Config
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.UserInviteToken
|
alias Pleroma.UserInviteToken
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.AdminAPI.MediaProxyCacheController do
|
defmodule Pleroma.Web.AdminAPI.MediaProxyCacheController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.ApiSpec.Admin, as: Spec
|
alias Pleroma.Web.ApiSpec.Admin, as: Spec
|
||||||
alias Pleroma.Web.MediaProxy
|
alias Pleroma.Web.MediaProxy
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
|
@ -7,8 +7,8 @@ defmodule Pleroma.Web.AdminAPI.OAuthAppController do
|
|||||||
|
|
||||||
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
|
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.OAuth.App
|
alias Pleroma.Web.OAuth.App
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
@ -6,8 +6,8 @@ defmodule Pleroma.Web.AdminAPI.RelayController do
|
|||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.ModerationLog
|
alias Pleroma.ModerationLog
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.ActivityPub.Relay
|
alias Pleroma.Web.ActivityPub.Relay
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -9,12 +9,12 @@ defmodule Pleroma.Web.AdminAPI.ReportController do
|
|||||||
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.ModerationLog
|
alias Pleroma.ModerationLog
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.ReportNote
|
alias Pleroma.ReportNote
|
||||||
alias Pleroma.Web.ActivityPub.Utils
|
alias Pleroma.Web.ActivityPub.Utils
|
||||||
alias Pleroma.Web.AdminAPI
|
alias Pleroma.Web.AdminAPI
|
||||||
alias Pleroma.Web.AdminAPI.Report
|
alias Pleroma.Web.AdminAPI.Report
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -7,10 +7,10 @@ defmodule Pleroma.Web.AdminAPI.StatusController do
|
|||||||
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.ModerationLog
|
alias Pleroma.ModerationLog
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.MastodonAPI
|
alias Pleroma.Web.MastodonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -3,10 +3,10 @@
|
|||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.Auth.PleromaAuthenticator do
|
defmodule Pleroma.Web.Auth.PleromaAuthenticator do
|
||||||
alias Pleroma.Plugs.AuthenticationPlug
|
|
||||||
alias Pleroma.Registration
|
alias Pleroma.Registration
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
|
||||||
import Pleroma.Web.Auth.Authenticator,
|
import Pleroma.Web.Auth.Authenticator,
|
||||||
only: [fetch_credentials: 1, fetch_user: 1]
|
only: [fetch_credentials: 1, fetch_user: 1]
|
||||||
|
@ -5,8 +5,8 @@
|
|||||||
defmodule Pleroma.Web.Auth.TOTPAuthenticator do
|
defmodule Pleroma.Web.Auth.TOTPAuthenticator do
|
||||||
alias Pleroma.MFA
|
alias Pleroma.MFA
|
||||||
alias Pleroma.MFA.TOTP
|
alias Pleroma.MFA.TOTP
|
||||||
alias Pleroma.Plugs.AuthenticationPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
|
||||||
@doc "Verify code or check backup code."
|
@doc "Verify code or check backup code."
|
||||||
@spec verify(String.t(), User.t()) ::
|
@spec verify(String.t(), User.t()) ::
|
||||||
|
@ -12,12 +12,12 @@ defmodule Pleroma.Web.CommonAPI.Utils do
|
|||||||
alias Pleroma.Conversation.Participation
|
alias Pleroma.Conversation.Participation
|
||||||
alias Pleroma.Formatter
|
alias Pleroma.Formatter
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.AuthenticationPlug
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.Utils
|
alias Pleroma.Web.ActivityPub.Utils
|
||||||
alias Pleroma.Web.ActivityPub.Visibility
|
alias Pleroma.Web.ActivityPub.Visibility
|
||||||
alias Pleroma.Web.MediaProxy
|
alias Pleroma.Web.MediaProxy
|
||||||
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
require Pleroma.Constants
|
require Pleroma.Constants
|
||||||
|
@ -9,17 +9,17 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
|
|
||||||
socket("/socket", Pleroma.Web.UserSocket)
|
socket("/socket", Pleroma.Web.UserSocket)
|
||||||
|
|
||||||
plug(Pleroma.Plugs.SetLocalePlug)
|
plug(Pleroma.Web.Plugs.SetLocalePlug)
|
||||||
plug(CORSPlug)
|
plug(CORSPlug)
|
||||||
plug(Pleroma.Plugs.HTTPSecurityPlug)
|
plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
|
||||||
plug(Pleroma.Plugs.UploadedMedia)
|
plug(Pleroma.Web.Plugs.UploadedMedia)
|
||||||
|
|
||||||
@static_cache_control "public, no-cache"
|
@static_cache_control "public, no-cache"
|
||||||
|
|
||||||
# InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
|
# InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
|
||||||
# If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
|
# If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
|
||||||
# Cache-control headers are duplicated in case we turn off etags in the future
|
# Cache-control headers are duplicated in case we turn off etags in the future
|
||||||
plug(Pleroma.Plugs.InstanceStatic,
|
plug(Pleroma.Web.Plugs.InstanceStatic,
|
||||||
at: "/",
|
at: "/",
|
||||||
gzip: true,
|
gzip: true,
|
||||||
cache_control_for_etags: @static_cache_control,
|
cache_control_for_etags: @static_cache_control,
|
||||||
@ -29,7 +29,7 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
)
|
)
|
||||||
|
|
||||||
# Careful! No `only` restriction here, as we don't know what frontends contain.
|
# Careful! No `only` restriction here, as we don't know what frontends contain.
|
||||||
plug(Pleroma.Plugs.FrontendStatic,
|
plug(Pleroma.Web.Plugs.FrontendStatic,
|
||||||
at: "/",
|
at: "/",
|
||||||
frontend_type: :primary,
|
frontend_type: :primary,
|
||||||
gzip: true,
|
gzip: true,
|
||||||
@ -41,7 +41,7 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
|
|
||||||
plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
|
plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
|
||||||
|
|
||||||
plug(Pleroma.Plugs.FrontendStatic,
|
plug(Pleroma.Web.Plugs.FrontendStatic,
|
||||||
at: "/pleroma/admin",
|
at: "/pleroma/admin",
|
||||||
frontend_type: :admin,
|
frontend_type: :admin,
|
||||||
gzip: true,
|
gzip: true,
|
||||||
@ -79,7 +79,7 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
plug(Phoenix.CodeReloader)
|
plug(Phoenix.CodeReloader)
|
||||||
end
|
end
|
||||||
|
|
||||||
plug(Pleroma.Plugs.TrailingFormatPlug)
|
plug(Pleroma.Web.Plugs.TrailingFormatPlug)
|
||||||
plug(Plug.RequestId)
|
plug(Plug.RequestId)
|
||||||
plug(Plug.Logger, log: :debug)
|
plug(Plug.Logger, log: :debug)
|
||||||
|
|
||||||
@ -122,7 +122,7 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
extra: extra
|
extra: extra
|
||||||
)
|
)
|
||||||
|
|
||||||
plug(Pleroma.Plugs.RemoteIp)
|
plug(Pleroma.Web.Plugs.RemoteIp)
|
||||||
|
|
||||||
defmodule Instrumenter do
|
defmodule Instrumenter do
|
||||||
use Prometheus.PhoenixInstrumenter
|
use Prometheus.PhoenixInstrumenter
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Fallback.RedirectController do
|
defmodule Pleroma.Web.Fallback.RedirectController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
@ -75,7 +75,7 @@ defmodule Fallback.RedirectController do
|
|||||||
end
|
end
|
||||||
|
|
||||||
defp index_file_path do
|
defp index_file_path do
|
||||||
Pleroma.Plugs.InstanceStatic.file_path("index.html")
|
Pleroma.Web.Plugs.InstanceStatic.file_path("index.html")
|
||||||
end
|
end
|
||||||
|
|
||||||
defp build_tags(conn, params) do
|
defp build_tags(conn, params) do
|
@ -5,27 +5,26 @@
|
|||||||
defmodule Pleroma.Web.Feed.UserController do
|
defmodule Pleroma.Web.Feed.UserController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Fallback.RedirectController
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPubController
|
alias Pleroma.Web.ActivityPub.ActivityPubController
|
||||||
alias Pleroma.Web.Feed.FeedView
|
alias Pleroma.Web.Feed.FeedView
|
||||||
|
|
||||||
plug(Pleroma.Plugs.SetFormatPlug when action in [:feed_redirect])
|
plug(Pleroma.Web.Plugs.SetFormatPlug when action in [:feed_redirect])
|
||||||
|
|
||||||
action_fallback(:errors)
|
action_fallback(:errors)
|
||||||
|
|
||||||
def feed_redirect(%{assigns: %{format: "html"}} = conn, %{"nickname" => nickname}) do
|
def feed_redirect(%{assigns: %{format: "html"}} = conn, %{"nickname" => nickname}) do
|
||||||
with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname_or_id(nickname)} do
|
with {_, %User{} = user} <- {:fetch_user, User.get_cached_by_nickname_or_id(nickname)} do
|
||||||
RedirectController.redirector_with_meta(conn, %{user: user})
|
Pleroma.Web.Fallback.RedirectController.redirector_with_meta(conn, %{user: user})
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def feed_redirect(%{assigns: %{format: format}} = conn, _params)
|
def feed_redirect(%{assigns: %{format: format}} = conn, _params)
|
||||||
when format in ["json", "activity+json"] do
|
when format in ["json", "activity+json"] do
|
||||||
with %{halted: false} = conn <-
|
with %{halted: false} = conn <-
|
||||||
Pleroma.Plugs.EnsureAuthenticatedPlug.call(conn,
|
Pleroma.Web.Plugs.EnsureAuthenticatedPlug.call(conn,
|
||||||
unless_func: &Pleroma.Web.FederatingPlug.federating?/1
|
unless_func: &Pleroma.Web.Plugs.FederatingPlug.federating?/1
|
||||||
) do
|
) do
|
||||||
ActivityPubController.call(conn, :user)
|
ActivityPubController.call(conn, :user)
|
||||||
end
|
end
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.MastoFEController do
|
defmodule Pleroma.Web.MastoFEController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :put_settings)
|
plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :put_settings)
|
||||||
|
|
||||||
|
@ -15,9 +15,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
|
|||||||
]
|
]
|
||||||
|
|
||||||
alias Pleroma.Maps
|
alias Pleroma.Maps
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.ActivityPub.Builder
|
alias Pleroma.Web.ActivityPub.Builder
|
||||||
@ -29,6 +26,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
|
|||||||
alias Pleroma.Web.MastodonAPI.StatusView
|
alias Pleroma.Web.MastodonAPI.StatusView
|
||||||
alias Pleroma.Web.OAuth.OAuthController
|
alias Pleroma.Web.OAuth.OAuthController
|
||||||
alias Pleroma.Web.OAuth.OAuthView
|
alias Pleroma.Web.OAuth.OAuthView
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
alias Pleroma.Web.TwitterAPI.TwitterAPI
|
alias Pleroma.Web.TwitterAPI.TwitterAPI
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
@ -5,12 +5,12 @@
|
|||||||
defmodule Pleroma.Web.MastodonAPI.AppController do
|
defmodule Pleroma.Web.MastodonAPI.AppController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.Web.OAuth.App
|
alias Pleroma.Web.OAuth.App
|
||||||
alias Pleroma.Web.OAuth.Scopes
|
alias Pleroma.Web.OAuth.Scopes
|
||||||
alias Pleroma.Web.OAuth.Token
|
alias Pleroma.Web.OAuth.Token
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
|
|
||||||
|
@ -15,7 +15,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthController do
|
|||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
|
|
||||||
plug(Pleroma.Plugs.RateLimiter, [name: :password_reset] when action == :password_reset)
|
plug(Pleroma.Web.Plugs.RateLimiter, [name: :password_reset] when action == :password_reset)
|
||||||
|
|
||||||
@local_mastodon_name "Mastodon-Local"
|
@local_mastodon_name "Mastodon-Local"
|
||||||
|
|
||||||
|
@ -8,8 +8,8 @@ defmodule Pleroma.Web.MastodonAPI.ConversationController do
|
|||||||
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
||||||
|
|
||||||
alias Pleroma.Conversation.Participation
|
alias Pleroma.Conversation.Participation
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@ defmodule Pleroma.Web.MastodonAPI.CustomEmojiController do
|
|||||||
|
|
||||||
plug(
|
plug(
|
||||||
:skip_plug,
|
:skip_plug,
|
||||||
[Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
|
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
|
||||||
when action == :index
|
when action == :index
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -5,8 +5,8 @@
|
|||||||
defmodule Pleroma.Web.MastodonAPI.DomainBlockController do
|
defmodule Pleroma.Web.MastodonAPI.DomainBlockController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.DomainBlockOperation
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.DomainBlockOperation
|
||||||
|
@ -6,7 +6,7 @@ defmodule Pleroma.Web.MastodonAPI.FilterController do
|
|||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Filter
|
alias Pleroma.Filter
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
@oauth_read_actions [:show, :index]
|
@oauth_read_actions [:show, :index]
|
||||||
|
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.MastodonAPI.FollowRequestController do
|
defmodule Pleroma.Web.MastodonAPI.FollowRequestController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
|
plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
@ -9,7 +9,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceController do
|
|||||||
|
|
||||||
plug(
|
plug(
|
||||||
:skip_plug,
|
:skip_plug,
|
||||||
[Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
|
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
|
||||||
when action in [:show, :peers]
|
when action in [:show, :peers]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.MastodonAPI.ListController do
|
defmodule Pleroma.Web.MastodonAPI.ListController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.MastodonAPI.AccountView
|
alias Pleroma.Web.MastodonAPI.AccountView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
@oauth_read_actions [:index, :show, :list_accounts]
|
@oauth_read_actions [:index, :show, :list_accounts]
|
||||||
|
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
defmodule Pleroma.Web.MastodonAPI.MarkerController do
|
defmodule Pleroma.Web.MastodonAPI.MarkerController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||||||
|
|
||||||
plug(
|
plug(
|
||||||
:skip_plug,
|
:skip_plug,
|
||||||
[Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
|
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
|
||||||
when action in [:empty_array, :empty_object]
|
when action in [:empty_array, :empty_object]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -6,9 +6,9 @@ defmodule Pleroma.Web.MastodonAPI.MediaController do
|
|||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
@ -8,8 +8,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationController do
|
|||||||
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
||||||
|
|
||||||
alias Pleroma.Notification
|
alias Pleroma.Notification
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.MastodonAPI.MastodonAPI
|
alias Pleroma.Web.MastodonAPI.MastodonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
@oauth_read_actions [:show, :index]
|
@oauth_read_actions [:show, :index]
|
||||||
|
|
||||||
|
@ -9,9 +9,9 @@ defmodule Pleroma.Web.MastodonAPI.PollController do
|
|||||||
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.ActivityPub.Visibility
|
alias Pleroma.Web.ActivityPub.Visibility
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
|
|
||||||
|
@ -3,14 +3,12 @@
|
|||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.MastodonAPI.ReportController do
|
defmodule Pleroma.Web.MastodonAPI.ReportController do
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
|
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(OAuthScopesPlug, %{scopes: ["write:reports"]} when action == :create)
|
plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["write:reports"]} when action == :create)
|
||||||
|
|
||||||
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.ReportOperation
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.ReportOperation
|
||||||
|
|
||||||
|
@ -7,9 +7,9 @@ defmodule Pleroma.Web.MastodonAPI.ScheduledActivityController do
|
|||||||
|
|
||||||
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.ScheduledActivity
|
alias Pleroma.ScheduledActivity
|
||||||
alias Pleroma.Web.MastodonAPI.MastodonAPI
|
alias Pleroma.Web.MastodonAPI.MastodonAPI
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
@oauth_read_actions [:show, :index]
|
@oauth_read_actions [:show, :index]
|
||||||
|
|
||||||
|
@ -6,14 +6,14 @@ defmodule Pleroma.Web.MastodonAPI.SearchController do
|
|||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web
|
alias Pleroma.Web
|
||||||
alias Pleroma.Web.ControllerHelper
|
alias Pleroma.Web.ControllerHelper
|
||||||
alias Pleroma.Web.MastodonAPI.AccountView
|
alias Pleroma.Web.MastodonAPI.AccountView
|
||||||
alias Pleroma.Web.MastodonAPI.StatusView
|
alias Pleroma.Web.MastodonAPI.StatusView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
|
@ -13,8 +13,6 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
|
|||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.Bookmark
|
alias Pleroma.Bookmark
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.ScheduledActivity
|
alias Pleroma.ScheduledActivity
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
@ -23,9 +21,15 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
|
|||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.MastodonAPI.AccountView
|
alias Pleroma.Web.MastodonAPI.AccountView
|
||||||
alias Pleroma.Web.MastodonAPI.ScheduledActivityView
|
alias Pleroma.Web.MastodonAPI.ScheduledActivityView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(:skip_plug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show])
|
|
||||||
|
plug(
|
||||||
|
:skip_plug,
|
||||||
|
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show]
|
||||||
|
)
|
||||||
|
|
||||||
@unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
|
@unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionController do
|
|||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(:restrict_push_enabled)
|
plug(:restrict_push_enabled)
|
||||||
plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
|
plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
|
||||||
|
|
||||||
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.SubscriptionOperation
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.SubscriptionOperation
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@ defmodule Pleroma.Web.MastodonAPI.SuggestionController do
|
|||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["read"]} when action == :index)
|
plug(Pleroma.Web.Plugs.OAuthScopesPlug, %{scopes: ["read"]} when action == :index)
|
||||||
|
|
||||||
def open_api_operation(action) do
|
def open_api_operation(action) do
|
||||||
operation = String.to_existing_atom("#{action}_operation")
|
operation = String.to_existing_atom("#{action}_operation")
|
||||||
|
@ -10,11 +10,11 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
|
|||||||
|
|
||||||
alias Pleroma.Config
|
alias Pleroma.Config
|
||||||
alias Pleroma.Pagination
|
alias Pleroma.Pagination
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action in [:public, :hashtag])
|
plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action in [:public, :hashtag])
|
||||||
|
@ -5,10 +5,10 @@
|
|||||||
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
|
defmodule Pleroma.Web.MongooseIM.MongooseIMController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.AuthenticationPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
|
alias Pleroma.Web.Plugs.AuthenticationPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
plug(RateLimiter, [name: :authentication] when action in [:user_exists, :check_password])
|
plug(RateLimiter, [name: :authentication] when action in [:user_exists, :check_password])
|
||||||
plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
|
plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password)
|
@ -8,7 +8,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
alias Pleroma.Helpers.UriHelper
|
alias Pleroma.Helpers.UriHelper
|
||||||
alias Pleroma.Maps
|
alias Pleroma.Maps
|
||||||
alias Pleroma.MFA
|
alias Pleroma.MFA
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.Registration
|
alias Pleroma.Registration
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
@ -23,6 +22,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
alias Pleroma.Web.OAuth.Token
|
alias Pleroma.Web.OAuth.Token
|
||||||
alias Pleroma.Web.OAuth.Token.Strategy.RefreshToken
|
alias Pleroma.Web.OAuth.Token.Strategy.RefreshToken
|
||||||
alias Pleroma.Web.OAuth.Token.Strategy.Revoke, as: RevokeToken
|
alias Pleroma.Web.OAuth.Token.Strategy.Revoke, as: RevokeToken
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
@ -31,7 +31,10 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
plug(:fetch_session)
|
plug(:fetch_session)
|
||||||
plug(:fetch_flash)
|
plug(:fetch_flash)
|
||||||
|
|
||||||
plug(:skip_plug, [Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug])
|
plug(:skip_plug, [
|
||||||
|
Pleroma.Web.Plugs.OAuthScopesPlug,
|
||||||
|
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
])
|
||||||
|
|
||||||
plug(RateLimiter, [name: :authentication] when action == :create_authorization)
|
plug(RateLimiter, [name: :authentication] when action == :create_authorization)
|
||||||
|
|
@ -7,7 +7,7 @@ defmodule Pleroma.Web.OAuth.Scopes do
|
|||||||
Functions for dealing with scopes.
|
Functions for dealing with scopes.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
@doc """
|
@doc """
|
||||||
Fetch scopes from request params.
|
Fetch scopes from request params.
|
@ -5,19 +5,19 @@
|
|||||||
defmodule Pleroma.Web.OStatus.OStatusController do
|
defmodule Pleroma.Web.OStatus.OStatusController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Fallback.RedirectController
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPubController
|
alias Pleroma.Web.ActivityPub.ActivityPubController
|
||||||
alias Pleroma.Web.ActivityPub.Visibility
|
alias Pleroma.Web.ActivityPub.Visibility
|
||||||
alias Pleroma.Web.Endpoint
|
alias Pleroma.Web.Endpoint
|
||||||
|
alias Pleroma.Web.Fallback.RedirectController
|
||||||
alias Pleroma.Web.Metadata.PlayerView
|
alias Pleroma.Web.Metadata.PlayerView
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
alias Pleroma.Web.Router
|
alias Pleroma.Web.Router
|
||||||
|
|
||||||
plug(Pleroma.Plugs.EnsureAuthenticatedPlug,
|
plug(Pleroma.Web.Plugs.EnsureAuthenticatedPlug,
|
||||||
unless_func: &Pleroma.Web.FederatingPlug.federating?/1
|
unless_func: &Pleroma.Web.Plugs.FederatingPlug.federating?/1
|
||||||
)
|
)
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
@ -26,7 +26,7 @@ defmodule Pleroma.Web.OStatus.OStatusController do
|
|||||||
)
|
)
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
Pleroma.Plugs.SetFormatPlug
|
Pleroma.Web.Plugs.SetFormatPlug
|
||||||
when action in [:object, :activity, :notice]
|
when action in [:object, :activity, :notice]
|
||||||
)
|
)
|
||||||
|
|
@ -8,12 +8,12 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
|
|||||||
import Pleroma.Web.ControllerHelper,
|
import Pleroma.Web.ControllerHelper,
|
||||||
only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
|
only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
|
||||||
|
|
||||||
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Plugs.RateLimiter
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.MastodonAPI.StatusView
|
alias Pleroma.Web.MastodonAPI.StatusView
|
||||||
|
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
alias Pleroma.Web.Plugs.RateLimiter
|
||||||
|
|
||||||
require Pleroma.Constants
|
require Pleroma.Constants
|
||||||
|
|
||||||
|
@ -11,12 +11,12 @@ defmodule Pleroma.Web.PleromaAPI.ChatController do
|
|||||||
alias Pleroma.Chat.MessageReference
|
alias Pleroma.Chat.MessageReference
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Pagination
|
alias Pleroma.Pagination
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Repo
|
alias Pleroma.Repo
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.PleromaAPI.Chat.MessageReferenceView
|
alias Pleroma.Web.PleromaAPI.Chat.MessageReferenceView
|
||||||
alias Pleroma.Web.PleromaAPI.ChatView
|
alias Pleroma.Web.PleromaAPI.ChatView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
import Ecto.Query
|
import Ecto.Query
|
||||||
|
|
||||||
|
@ -8,9 +8,9 @@ defmodule Pleroma.Web.PleromaAPI.ConversationController do
|
|||||||
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2]
|
||||||
|
|
||||||
alias Pleroma.Conversation.Participation
|
alias Pleroma.Conversation.Participation
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
alias Pleroma.Web.MastodonAPI.StatusView
|
alias Pleroma.Web.MastodonAPI.StatusView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(:put_view, Pleroma.Web.MastodonAPI.ConversationView)
|
plug(:put_view, Pleroma.Web.MastodonAPI.ConversationView)
|
||||||
|
@ -11,7 +11,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiFileController do
|
|||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
Pleroma.Plugs.OAuthScopesPlug,
|
Pleroma.Web.Plugs.OAuthScopesPlug,
|
||||||
%{scopes: ["write"], admin: true}
|
%{scopes: ["write"], admin: true}
|
||||||
when action in [
|
when action in [
|
||||||
:create,
|
:create,
|
||||||
|
@ -10,7 +10,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackController do
|
|||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
|
|
||||||
plug(
|
plug(
|
||||||
Pleroma.Plugs.OAuthScopesPlug,
|
Pleroma.Web.Plugs.OAuthScopesPlug,
|
||||||
%{scopes: ["write"], admin: true}
|
%{scopes: ["write"], admin: true}
|
||||||
when action in [
|
when action in [
|
||||||
:import_from_filesystem,
|
:import_from_filesystem,
|
||||||
@ -22,8 +22,11 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackController do
|
|||||||
]
|
]
|
||||||
)
|
)
|
||||||
|
|
||||||
@skip_plugs [Pleroma.Plugs.OAuthScopesPlug, Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug]
|
@skip_plugs [
|
||||||
plug(:skip_plug, @skip_plugs when action in [:index, :show, :archive])
|
Pleroma.Web.Plugs.OAuthScopesPlug,
|
||||||
|
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
|
||||||
|
]
|
||||||
|
plug(:skip_plug, @skip_plugs when action in [:index, :archive, :show])
|
||||||
|
|
||||||
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaEmojiPackOperation
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaEmojiPackOperation
|
||||||
|
|
||||||
|
@ -7,9 +7,9 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionController do
|
|||||||
|
|
||||||
alias Pleroma.Activity
|
alias Pleroma.Activity
|
||||||
alias Pleroma.Object
|
alias Pleroma.Object
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.Web.CommonAPI
|
alias Pleroma.Web.CommonAPI
|
||||||
alias Pleroma.Web.MastodonAPI.StatusView
|
alias Pleroma.Web.MastodonAPI.StatusView
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(OAuthScopesPlug, %{scopes: ["write:statuses"]} when action in [:create, :delete])
|
plug(OAuthScopesPlug, %{scopes: ["write:statuses"]} when action in [:create, :delete])
|
||||||
|
@ -5,9 +5,9 @@
|
|||||||
defmodule Pleroma.Web.PleromaAPI.MascotController do
|
defmodule Pleroma.Web.PleromaAPI.MascotController do
|
||||||
use Pleroma.Web, :controller
|
use Pleroma.Web, :controller
|
||||||
|
|
||||||
alias Pleroma.Plugs.OAuthScopesPlug
|
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
||||||
|
|
||||||
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
||||||
plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action == :show)
|
plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action == :show)
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user