Commit graph

443 commits

Author SHA1 Message Date
rinpatch
73d8d5c49f Stop depending on the embedded object in restrict_favorited_by 2019-08-07 00:12:42 +03:00
Sergey Suprunenko
8b2fa31fed Handle MRF rejections of incoming AP activities 2019-08-03 18:12:38 +00:00
rinpatch
c88a5d3251 Merge branch 'develop' into feature/hide-follows-remote 2019-07-31 14:12:29 +03:00
Ariadne Conill
b93498eb52 constants: add as_public constant and use it everywhere 2019-07-29 02:43:19 +00:00
rinpatch
41e0304757 Merge branch 'develop' into feature/hide-follows-remote 2019-07-25 18:43:30 +03:00
Maxim Filippov
03471151d6 AdminAPI: Add "godmode" while fetching user statuses (i.e. admin can see private statuses) 2019-07-24 01:51:36 +03:00
rinpatch
196cad46f3 Resolve merge conflicts 2019-07-20 22:04:47 +03:00
Egor Kislitsyn
64a946643e Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-07-15 14:11:54 +07:00
Ariadne Conill
739bbe0d3b security: detect object containment violations at the IR level
It is more efficient to check for object containment violations at the IR
level instead of in the protocol handlers.  OStatus containment is especially
a tricky situation, as the containment rules don't match those of IR and
ActivityPub.

Accordingly, we just always do a final containment check at the IR level
before the object is added to the IR object graph.
2019-07-14 17:47:08 +00:00
rinpatch
0c2dcb4c69 Add follow information refetching after following/unfollowing 2019-07-14 01:58:39 +03:00
rinpatch
183da33e00 Add tests for fetch_follow_information_for_user and check object type
when fetching the page
2019-07-14 00:56:02 +03:00
rinpatch
d06d1b751d Use atoms when updating user info 2019-07-14 00:21:35 +03:00
rinpatch
e5b850a991 Refactor fetching follow information to a separate function 2019-07-13 23:56:10 +03:00
rinpatch
e8fa477793 Refactor Follows/Followers counter syncronization
- Actually sync counters in the database instead of info cache (which got
overriden after user update was finished anyway)
- Add following count field to user info
- Set hide_followers/hide_follows for remote users based on http status
codes for the first collection page
2019-07-13 19:27:49 +03:00
Egor Kislitsyn
182f7bbb11 Merge branch 'develop' into feature/addressable-lists 2019-07-11 13:26:59 +07:00
Alex S
f8786fa6f2 adding following_address field to user 2019-07-10 17:42:18 +03:00
Sergey Suprunenko
2d2b50ccca Send and handle "Delete" activity for deleted users 2019-07-10 05:16:08 +00:00
Eugenij
f2c03425b0 Broadcast conversation update when DM is deleted 2019-06-24 07:14:04 +00:00
Egor Kislitsyn
6ba9055b51 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-06-05 12:54:30 +07:00
Maksim Pechnikov
1e7bb69a95 update ActivityPub#fetch_activities_query 2019-06-04 15:21:18 +03:00
Maksim Pechnikov
0acfcf6c52 update ActivityPub#fetch_activities_query 2019-06-04 15:04:36 +03:00
Egor Kislitsyn
9ce928d823 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-06-04 16:28:23 +07:00
Maksim Pechnikov
4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
Maksim Pechnikov
080e1aa70e add option skip_thread_containment 2019-06-03 16:13:37 +03:00
rinpatch
5bd41fef8b Change query order in fetch_activities_for_context_query to make poll vote exclusion work 2019-06-03 10:58:37 +03:00
rinpatch
65db5e9f52 Resolve merge conflicts 2019-06-01 16:29:58 +03:00
rinpatch
300d94c628 Add poll votes
Also in this commit by accident:
- Fix query ordering causing exclude_poll_votes to not work
- Do not create notifications for Answer objects
2019-06-01 16:17:46 +03:00
lambda
2993361075 Merge branch 'hotfix/leaking-lists' into 'develop'
Mastodon API: Fix lists leaking private posts

See merge request pleroma/pleroma!1222
2019-05-31 13:26:48 +00:00
rinpatch
d9c0650ff9 Mastodon API: Fix lists leaking private posts
Our previous list visibility resolver grabbed posts if either follower
collection of the user in a list who is followed is in `to` or if
follower collection of the user in a list was in `cc`. This not only
missed unlisted posts but also lead to leaking private posts when
`fix_explicit_addressing` mistakingly started putting follower collections
to `cc` (also fixed in this MR).

Reported by @kurisu@iscute.moe via a DM
2019-05-31 15:25:17 +03:00
Egor Kislitsyn
99f70c7e20 Use Pleroma.Config everywhere 2019-05-30 15:33:58 +07:00
Egor Kislitsyn
f333041a0a Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-05-24 21:05:57 +07:00
rinpatch
8b2d39c1ec Change the order of preloading when fetching activities for context 2019-05-23 14:03:16 +03:00
William Pitcock
60f882b09f activitypub: run user objects through MRF filters 2019-05-22 18:53:12 +00:00
rinpatch
ac7702f800 Exclude Answers from fetching by default 2019-05-22 21:52:12 +03:00
rinpatch
19c90d47c4 Normalize poll votes to Answer objects 2019-05-22 21:17:57 +03:00
rinpatch
ee68244141 Do not stream out poll replies 2019-05-21 16:58:15 +03:00
rinpatch
d7c4d029c8 Restrict poll replies when fetching activiites for context 2019-05-21 14:35:20 +03:00
rinpatch
aafe30d94e Handle poll votes 2019-05-21 14:12:10 +03:00
Aaron Tinio
eb02edcad9 Add virtual :thread_muted? field
that may be set when fetching activities
2019-05-21 00:35:46 +08:00
rinpatch
6430cb1bf7 Restrict poll replies from fetch queries by default 2019-05-19 17:44:18 +03:00
Egor Kislitsyn
3b71612d3d Improve Pleroma.Web.ActivityPub.ActivityPub.maybe_update_cc/3 2019-05-18 01:17:14 +07:00
Egor Kislitsyn
557f0e33a7 Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-05-17 19:57:14 +07:00
Sergey Suprunenko
e2b3a27204 Add Reports to Admin API 2019-05-16 19:09:18 +00:00
feld
e190b3022b Merge branch 'fix/domain-unblocked-reblogs' into 'develop'
Fix domain-unblocked reblogs

Closes #892

See merge request pleroma/pleroma!1157
2019-05-16 18:57:14 +00:00
Mark Felder
ebb0482116 Merge branch 'develop' into conversations-import 2019-05-16 13:11:17 -05:00
Aaron Tinio
793f1834d2 Use named binding to conditionally join object 2019-05-16 06:25:14 +08:00
Aaron Tinio
2b6119dfbf Restrict reblogs of activities from blocked domains 2019-05-16 05:53:51 +08:00
William Pitcock
a591ab6112 activity pub: remove Ecto SQL query dumps 2019-05-15 16:56:46 +00:00
William Pitcock
de114ffbb0 activitypub: remove contain_timeline() 2019-05-15 15:53:06 +00:00
William Pitcock
0387f52138 activitypub: add restrict_thread_visibility() 2019-05-15 15:53:06 +00:00