itepechi/akkoma
1
0
Fork 0
Code Issues Pull requests Releases Activity
akkoma/lib/pleroma
History
Oneric dff532ac72 api: ensure only visible posts are interactable 
It doesn't make sense to like, react, reply, etc to something you cannot
see and is unexpected for the author of the interacted with post and
might make them believe the reacting user actually _can_ see the post.

Wrt to fav, reblog, reaction indexes the missing visibility check was
also leaking some (presumably/hopefully) low-severity data.

Add full-API test for all modes of interactions with private posts.
2025-11-22 00:00:00 +00:00
..
activity mix/deps: upgrade cachex to 4.x 2025-11-09 00:00:00 +00:00
akkoma Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
captcha
collections federation/in: fix inlined featured collections 2025-07-21 17:45:20 +00:00
config app: probe if any users of thread containment exist 2025-11-17 00:00:00 +00:00
conversation
docs mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
ecto_type
emails mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
emoji mix/deps: upgrade cachex to 4.x 2025-11-09 00:00:00 +00:00
helpers http: do not mix and duplicate Tesla opts into adapter opts 2025-09-07 00:00:00 +00:00
http mix/deps: upgrade cachex to 4.x 2025-11-09 00:00:00 +00:00
instances http: do not mix and duplicate Tesla opts into adapter opts 2025-09-07 00:00:00 +00:00
mfa
migration_helper purge chat and shout endpoints 2022-07-21 11:29:28 +01:00
migrators Support elixir1.15 2023-08-03 17:44:09 +01:00
object Ensure private keys are not logged 2025-09-07 00:00:00 +00:00
password
search Don't create noop SearchIndexingWorker jobs for passive index 2025-01-07 20:27:27 +01:00
tests Fix compile cycle in Pleroma.Tests.AuthTestController 2021-06-09 13:30:19 -05:00
upload upload/filter/exiftool/strip: hide warnings from log 2025-03-18 01:01:47 +01:00
uploaders mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
user mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
web api: ensure only visible posts are interactable 2025-11-22 00:00:00 +00:00
workers Ensure private keys are not logged 2025-09-07 00:00:00 +00:00
activity.ex Use keyed lists for pagination with foreign id 2025-10-09 00:00:00 +00:00
announcement.ex giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
announcement_read_relationship.ex Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop' (#85) 2022-07-18 13:08:36 +00:00
application.ex cachex: reduce default user and object cache lifetime 2025-11-09 00:00:00 +00:00
application_requirements.ex Rename StripLocation to StripMetadata for temporal-proofing reasons 2024-04-16 20:37:00 +02:00
bookmark.ex
caching.ex
captcha.ex mix/deps: upgrade cachex to 4.x 2025-11-09 00:00:00 +00:00
clippy.ex
config.ex
config_db.ex mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
constants.ex Don't try to handle non-media objects as media 2024-05-22 20:30:23 +02:00
conversation.ex
data_migration.ex
delivery.ex
ecto_enums.ex v2 Suggestions: dismiss a suggestion 2021-11-26 20:19:29 -06:00
emoji-test.txt emoji-test: update to latest 15.0 draft 2022-09-11 19:55:45 +01:00
emoji.ex emoji: reload asynchronously 2025-10-30 00:00:00 +00:00
filter.ex
following_relationship.ex api: order follow requests by date of request 2025-10-09 00:00:00 +00:00
formatter.ex mix/deps: upgrade phoenix family 2025-11-09 00:00:00 +00:00
frontend.ex http: do not mix and duplicate Tesla opts into adapter opts 2025-09-07 00:00:00 +00:00
hashtag.ex Remerge of hashtag following (#341) 2022-12-05 12:58:48 +00:00
healthcheck.ex Delete useless, custom JobQueueMonitor 2025-10-10 00:00:00 +00:00
html.ex Fix tests 2024-06-09 18:28:00 +01:00
http.ex http: do not add adapter pool options to individual requests 2025-10-10 00:00:00 +00:00
instances.ex instances: drop has_request_signatures 2025-06-07 20:27:58 +02:00
iso639.ex Add language support on /api/v1/statuses 2023-01-10 10:29:17 +00:00
jwt.ex
list.ex
maintenance.ex Support elixir1.15 2023-08-03 17:44:09 +01:00
maps.ex
marker.ex
mfa.ex
moderation_log.ex giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
notification.ex Require related object for notifications to filter on content 2023-06-14 19:41:48 +00:00
object.ex federation/out: add full replies collection to objects 2025-06-07 21:02:31 +02:00
object_tombstone.ex
otp_version.ex
pagination.ex Use keyed lists for pagination with foreign id 2025-10-09 00:00:00 +00:00
password.ex update references to pleroma in docs 2022-12-30 03:43:35 +00:00
password_reset_token.ex
prometheus_exporter.ex Use a genserver to periodically fetch metrics 2023-01-01 18:32:14 +00:00
registration.ex
release_tasks.ex giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
repo.ex Remove instrumentors (#98) 2022-07-21 11:32:17 +00:00
report_note.ex
reverse_proxy.ex Merge pull request 'reverse_proxy: don't rely on header for body size' (#989) from Oneric/akkoma:revproxy-content-size into develop 2025-11-13 10:44:25 +00:00
safe_zip.ex Add SafeZip module 2025-02-14 22:10:25 +01:00
scheduled_activity.ex Restrict media usage to owners 2024-05-22 20:30:18 +02:00
search.ex Don't try removing deleted users and such from index as posts 2022-06-29 20:49:45 +01:00
signature.ex refactor: move creation of date strings for signatures into plug 2025-09-06 00:00:00 +00:00
stats.ex Drop counter_cache stubbing out /api/v1/pleroma/admin/stats 2025-11-17 00:00:00 +00:00
thread_mute.ex
upload.ex Drop activity_type override for uploads 2024-05-22 20:30:23 +02:00
user.ex mix/deps: upgrade cachex to 4.x 2025-11-09 00:00:00 +00:00
user_invite_token.ex
user_note.ex Make UserNote comment default to the empty string. 2023-04-27 05:22:12 +00:00
user_relationship.ex mix/deps: upgrade everything to compatible newer versions 2025-11-09 00:00:00 +00:00
utils.ex extend custom runtime system (#108) 2022-07-24 16:42:43 +00:00
web.ex mix/deps: upgrade to new gettext API 2025-11-09 00:00:00 +00:00
xml_builder.ex