Commit graph

930 commits

Author SHA1 Message Date
Ivan Tashkinov
fc81e5a49c Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled). 2020-04-06 10:20:44 +03:00
Ivan Tashkinov
aa78325117 [#2323] Fixed a typo causing /accounts/relationships to render default relationships. Improved the tests. 2020-04-02 19:23:30 +03:00
Haelwenn (lanodan) Monnier
185520d1b4
Provide known-good user.uri, remove User.profile_url/1 2020-03-31 23:55:29 +02:00
Haelwenn
e999c67cee Merge branch 'feature/funkwhale-audio' into 'develop'
Add support for funkwhale Audio activity

Closes #764 and #1624

See merge request pleroma/pleroma!2287
2020-03-29 19:18:22 +00:00
Ivan Tashkinov
dfbc05d496 Misc refactoring / tweaks (ThreadMute.exists?/2). 2020-03-27 08:01:03 +03:00
Ivan Tashkinov
6b793d3f83 Ensured no auxiliary computations (actors list preparation etc.) related to relationships preloading if no user is present (for statuses / accounts / relationships rendering). 2020-03-26 21:54:01 +03:00
Ivan Tashkinov
112101ca52 Merge remote-tracking branch 'remotes/origin/develop' into relations-preloading-for-statuses-rendering
# Conflicts:
#	lib/pleroma/thread_mute.ex
2020-03-26 09:43:58 +03:00
Ivan Tashkinov
460e41585c Further preloading (more endpoints), refactoring, tests. 2020-03-25 20:33:34 +03:00
Ivan Tashkinov
be5e2c4dbb Applied relationships preloading to GET /api/v1/accounts/relationships. Refactoring (User.binary_id/1). 2020-03-25 17:01:45 +03:00
Ivan Tashkinov
012d428e1f Merge remote-tracking branch 'remotes/origin/develop' into 1364-notifications-sending-control 2020-03-25 09:05:17 +03:00
Ivan Tashkinov
e743c22329 Fixed incorrect usage of "relations" as a short form of "relationships". 2020-03-25 09:04:00 +03:00
Ivan Tashkinov
8f1d622b8d Merge remote-tracking branch 'remotes/origin/develop' into relations-preloading-for-statuses-rendering 2020-03-24 22:15:37 +03:00
Ivan Tashkinov
13cbb9f6ad Implemented preloading of relationships with parent activities' actors for statuses/timeline rendering. Applied preloading for notifications rendering. Fixed announces rendering issue (preloading-related). 2020-03-24 22:14:26 +03:00
lain
1d75d0ed7a Merge branch 'admin-api-change-password' into 'develop'
Admin API: `PATCH /api/pleroma/admin/users/:nickname/update_credentials`

See merge request pleroma/pleroma!2149
2020-03-24 17:34:13 +00:00
Ivan Tashkinov
3c78e5f327 Preloading of follow relations for timeline/statuses rendering (performance improvement). Refactoring. 2020-03-23 12:01:11 +03:00
Ivan Tashkinov
c2e415143b WIP: preloading of user relations for timeline/statuses rendering (performance improvement). 2020-03-22 21:51:44 +03:00
Haelwenn (lanodan) Monnier
15be6ba9c2
AccountView: fix for other forms of <br> in bio
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1643
2020-03-22 16:41:01 +01:00
rinpatch
981e015f1b Mastodon API Account view: Remove an outdated hack
The hack with caching the follow relationship was introduced
when we still were storing it inside the follow activity, resulting in
slow queries. Now we store follow state in `FollowRelationship` table,
so this is no longer necessary.
2020-03-22 17:10:37 +03:00
Alexander Strizhakov
fe15f0ba15
restrict_unauthenticated setting 2020-03-20 16:36:20 +03:00
Alexander Strizhakov
98a60df41f
include_types parameter in /api/v1/notifications 2020-03-20 13:18:12 +03:00
eugenijm
13cce9c0de Admin API: PATCH /api/pleroma/admin/users/:nickname/credentials, GET /api/pleroma/admin/users/:nickname/credentials. 2020-03-16 20:42:37 +03:00
Alexander Strizhakov
f3791add99
removing with_move parameter 2020-03-16 20:07:45 +03:00
Haelwenn (lanodan) Monnier
8176ca9e40 static_fe: Sanitize HTML in users 2020-03-15 20:44:04 +01:00
rinpatch
38f796a5c6 Merge branch 'feature/mastofe-admin-scope' into 'develop'
auth_controller.ex: Add admin scope to MastoFE

See merge request pleroma/pleroma!2256
2020-03-13 18:58:52 +00:00
feld
2019f3b3ff Merge branch 'fix/signup-without-email' into 'develop'
Allow account registration without an email

See merge request pleroma/pleroma!2246
2020-03-11 16:53:05 +00:00
Haelwenn (lanodan) Monnier
863ec33ba2
Add support for funkwhale Audio activity
reel2bits fixture not included as it lacks the Actor fixture for it.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1624
Closes: https://git.pleroma.social/pleroma/pleroma/issues/764
2020-03-11 13:46:42 +01:00
lain
4bce13fa2f MastodonController: Return 404 errors correctly. 2020-03-04 18:09:06 +01:00
Mark Felder
05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Egor Kislitsyn
4a45b96a91
Merge branch 'develop' into fix/signup-without-email 2020-03-02 15:35:49 +04:00
Haelwenn (lanodan) Monnier
6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
rinpatch
b5465bf385 timeline controller: add a TODO for replacing copypaste with a macro 2020-03-01 02:03:46 +03:00
rinpatch
ffcebe7e22 timeline controller: rate limit timelines to 3 requests per 500ms per timeline per ip/user 2020-03-01 01:13:08 +03:00
Haelwenn (lanodan) Monnier
3ef2ff3e47
auth_controller.ex: Add admin scope to MastoFE
Related: https://git.pleroma.social/pleroma/pleroma/issues/1265
2020-02-29 01:25:14 +01:00
Egor Kislitsyn
f446744a6a
Allow account registration without an email 2020-02-26 20:13:53 +04:00
Egor Kislitsyn
2ef70b55f5
Fix status.expires_at type 2020-02-18 14:52:11 +04:00
Haelwenn (lanodan) Monnier
1257331291
MastodonAPI.StatusView: Do not use site_name
site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
2020-02-15 00:36:09 +01:00
lain
24c526a0b1 Merge remote-tracking branch 'origin/develop' into uguu-uwu-notices-bulge 2020-02-11 13:58:36 +01:00
Maksim Pechnikov
6813c0302c Merge branch 'develop' into issue/1383 2020-02-10 20:49:20 +03:00
Lain Soykaf
f875b9650a EmojiReactions: Add Mastodon-aligned reaction endpoints, change response 2020-02-07 14:52:13 +01:00
feld
df0b00b32d Merge branch 'mastoapi-non-html-strings' into 'develop'
mastodon API: do not sanitize html in non-html fields

See merge request pleroma/pleroma!2167
2020-02-06 16:08:23 +00:00
Maksim Pechnikov
2c40c8b4a2 Merge branch 'develop' into issue/1383 2020-02-03 21:42:36 +03:00
rinpatch
983a87175e mastodon API: do not sanitize html in non-html fields 2020-02-02 14:46:32 +03:00
lain
a802e07241 Emoji Reactions: Add reacted field to emoji reactions 2020-01-29 11:39:06 +01:00
Maksim Pechnikov
21a2a05407 Merge branch 'develop' into issue/1383 2020-01-28 20:39:20 +03:00
Hakaba Hitoyo
dabd535e43 Remove user recommendation by third party engine 2020-01-27 13:21:50 +00:00
Maksim Pechnikov
bfc70fdf29 Merge branch 'develop' into issue/1383 2020-01-27 08:48:19 +03:00
Alexander Strizhakov
de4102b247
can be changed in runtime 2020-01-25 10:39:10 +03:00
lain
347f3ed2c6 Emoji reactions: Change api format once more 2020-01-24 10:52:24 +01:00
Maksim Pechnikov
8589632d09 fixed delete ScheduledActivity 2020-01-23 17:18:23 +03:00
Maksim Pechnikov
5fc2fa8908 Merge branch 'develop' into issue/1383 2020-01-23 11:11:18 +03:00