Commit graph

179 commits

Author SHA1 Message Date
Egor Kislitsyn 2ef70b55f5
Fix status.expires_at type 2020-02-18 14:52:11 +04:00
Haelwenn (lanodan) Monnier 1257331291
MastodonAPI.StatusView: Do not use site_name
site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
2020-02-15 00:36:09 +01:00
Lain Soykaf f875b9650a EmojiReactions: Add Mastodon-aligned reaction endpoints, change response 2020-02-07 14:52:13 +01:00
feld df0b00b32d Merge branch 'mastoapi-non-html-strings' into 'develop'
mastodon API: do not sanitize html in non-html fields

See merge request pleroma/pleroma!2167
2020-02-06 16:08:23 +00:00
rinpatch 983a87175e mastodon API: do not sanitize html in non-html fields 2020-02-02 14:46:32 +03:00
lain a802e07241 Emoji Reactions: Add reacted field to emoji reactions 2020-01-29 11:39:06 +01:00
lain 347f3ed2c6 Emoji reactions: Change api format once more 2020-01-24 10:52:24 +01:00
lain dd3fc50ea4 Emoji reactions: Change cache and reply format 2020-01-22 13:57:42 +01:00
lain 4c5b5f14dc StatusView: Add emoji_reactions 2020-01-20 16:24:20 +01:00
Thomas Citharel d2f1c4f658
Add ActivityPub Object Event type support
Adds Event support in the same way Video objects are handled, with the
name of the object as message header.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-12-17 16:16:21 +01:00
Egor Kislitsyn 80ededc04f
Add direct_conversation_id to web push payload 2019-11-26 19:53:43 +07:00
eugenijm ed29be24cb Mastodon API, streaming: Add pleroma.direct_conversation_id to the conversation stream event payload. 2019-11-04 18:36:16 +03:00
Ivan Tashkinov 10ff01acd9 [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Thibaut Girka 43e3db0951 Fix returned visibility of announces in MastodonAPI 2019-10-01 20:38:29 +02:00
Egor Kislitsyn 36a34c36fe
Extract poll actions from MastodonAPIController to PollController 2019-10-01 11:44:34 +07:00
Egor Kislitsyn e7aef27c00
Fix merge 2019-09-30 19:10:54 +07:00
Ariadne Conill 7cad6ea67a pleroma api: hook up scrobbler controller 2019-09-30 10:39:17 +00:00
Ariadne Conill b7877e9b1c mastodon api: implement rendering of listen activities 2019-09-30 10:39:17 +00:00
Maksim Pechnikov 1053319cd6 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-28 10:36:04 +03:00
Egor Kislitsyn 5ea5c58a85 Move view logic from StatusController.context to StatusView and add a test 2019-09-27 10:52:47 +07:00
Egor Kislitsyn 98d1347a4e Extract status actions from MastodonAPIController into StatusController 2019-09-27 10:51:15 +07:00
Maksim Pechnikov 494bb6bac6 updated tests 2019-09-23 22:37:30 +03:00
Haelwenn 46ae62d159 Merge branch 'patch-5' into 'develop'
Mastodon API: URI encode hashtag name in generated URLs

See merge request pleroma/pleroma!1642
2019-09-11 17:47:19 +00:00
rinpatch 43f02dfe38 Revert "Parallelize template rendering"
This reverts commit 1ad71592ad.

Since it had no limit on the number on concurrent processes it OOM killed
instances while rendering hellthreads. When I tried introducing a
concurrency limit with Task.async_stream/manual folds it lead to about 3 times
worse performance on threads larger than 1000 activities (we are talking
30s vs 1.2 minutes), I think this is not worth the about 1.5 times
performance increase on smaller threads when using it.
2019-09-10 22:01:45 +03:00
shadowfacts e5c6bf3673 Mastodon API: URI encode hashtag name in generated URLs
Otherwise hashtags with word characters other than those allowed in URLs (e.g. Japanese characters) produce hashtag URLs that are invalid.
2019-09-07 19:50:45 +00:00
rinpatch b312ca3d52 Mastodon API Poll view: Fix handling of polls without an end date 2019-09-05 12:03:39 +03:00
rinpatch 3face45467 Mastodon API: Add pleroma.thread_muted to Status entity
Needed for pleroma-fe!941
2019-09-04 14:17:23 +03:00
lain cc6c0b4ba6 Merge remote-tracking branch 'origin/develop' into sixohsix/pleroma-post_expiration 2019-08-24 15:48:33 +02:00
lain 7ab2dbbdb6 Merge branch 'pleroma-conversations' into 'develop'
Extended Pleroma Conversations

See merge request pleroma/pleroma!1535
2019-08-16 12:55:33 +00:00
rinpatch 1ad71592ad Parallelize template rendering 2019-08-15 18:05:50 +03:00
lain 560dbad538 Merge remote-tracking branch 'origin/develop' into pleroma-conversations 2019-08-14 15:30:40 +02:00
rinpatch c1b6952d2a Mastodon API: Preloading and normalization optimizations
- Try to normalize the activity instead of object wherever possible
- Put the `user` key on non-home timelines as well so bookmarks and
thread mutes are preloaded there as well
- Skip trying to get the user when rendering mentions if the id ==
as:Public or user's follower collection
- Preload the object when getting replied to activities and do not crash
if it's not present

This almost solves the problem of Pleroma hammering the db with a lot
of queries when rendering timelines, the things left are
1. When rendering mentions and the user is not in cache, save it for
later and request all uncached users in one go
2. Somehow get rid of needing to get the latest follow activity to
detect the value of `requested` in a relationship. (create a database
view for user relationship and cache it maybe?)
2019-08-13 20:34:34 +03:00
rinpatch 0802a08871 Mastodon API: Fix thread mute detection
It was calling CommonAPI.thread_muted? with post author's account
instead of viewer's one.
2019-08-10 16:27:46 +03:00
lain 7483679a7b StatusView: Return direct conversation id. 2019-07-31 15:12:29 +02:00
Sergey Suprunenko b20020da16 Show the url advertised in the Activity in the Status JSON response 2019-07-24 19:28:21 +00:00
Mike Verdone 2c83eb0b15 Revert "squash! Expose expires_at datetime in mastoAPI only for the activity actor"
This reverts commit 2981821db8.
2019-07-24 17:09:59 +02:00
Mike Verdone 2981821db8 squash! Expose expires_at datetime in mastoAPI only for the activity actor
NOTE: rewrite the commit msg
2019-07-24 16:51:09 +02:00
Mike Verdone 3cb471ec06 Expose expires_at datetime in mastoAPI only for the activity actor
In the "pleroma" section of the MastoAPI for status activities you can
see an expires_at item that states when the activity will expire, or
nothing if the activity will not expire.

The expires_at date is only visible to the person who posted the
activity. This is the conservative approach in case some attacker
decides to write a logger for expiring posts. However, in the future of
OCAP, signed requests, and all that stuff, this attack might not be that
likely. Some other pleroma dev should remove the restriction in the code
at that time, if they're satisfied with the security implications of
doing so.
2019-07-24 14:47:22 +02:00
lain 1ed24bcc76 Status View: Poll ids are strings.
All ids in mastodon are strings, in general.
2019-07-16 12:47:40 +09:00
Sergey Suprunenko ff55e3c16f Create mentions only for explicitly mentioned users 2019-07-10 13:29:50 +00:00
Maksim 008c55e4e9 add test for search_controller/ 100% coverage 2019-07-10 08:28:03 +00:00
rinpatch 72b88c82bc Mastodon API: Fix embedded relationships not being rendered inside of statuses 2019-07-08 12:07:08 +03:00
rinpatch 1fd8e19d76 Remove a TODO comment as the tests for poll view were written 2019-06-02 23:46:17 +03:00
rinpatch 444406167b Mastodon API: actually check for poll votes 2019-06-01 21:41:23 +03:00
rinpatch 65db5e9f52 Resolve merge conflicts 2019-06-01 16:29:58 +03:00
Sergey Suprunenko 1690be991e Replace missing non-nullable Card attributes with empty strings 2019-05-30 21:03:31 +00:00
rinpatch e6b175ed6c Fix credo issues 2019-05-22 21:57:46 +03:00
rinpatch f28747858b Actual vote count in poll view 2019-05-21 14:27:09 +03:00
Aaron Tinio eb02edcad9 Add virtual :thread_muted? field
that may be set when fetching activities
2019-05-21 00:35:46 +08:00
rinpatch 1d90f9b969 Remove tags/mentions/rich text from poll options because Mastodon and
add custom emoji
2019-05-19 17:06:44 +03:00