Commit graph

441 commits

Author SHA1 Message Date
Mike Verdone 3cb471ec06 Expose expires_at datetime in mastoAPI only for the activity actor
In the "pleroma" section of the MastoAPI for status activities you can
see an expires_at item that states when the activity will expire, or
nothing if the activity will not expire.

The expires_at date is only visible to the person who posted the
activity. This is the conservative approach in case some attacker
decides to write a logger for expiring posts. However, in the future of
OCAP, signed requests, and all that stuff, this attack might not be that
likely. Some other pleroma dev should remove the restriction in the code
at that time, if they're satisfied with the security implications of
doing so.
2019-07-24 14:47:22 +02:00
Mike Verdone 704960b3c1 Add support for activity expiration to common and Masto API
The "expires_at" parameter accepts an ISO8601-formatted date which
defines when the activity will expire.

At this point the API will not give you any feedback about if your post
will expire or not.
2019-07-24 14:45:14 +02:00
Mike Verdone 8ba7a151ad Cleanup: fix a comment 2019-07-24 13:14:52 +02:00
Ariadne Conill d3bdb8e704 rich media: parser: splice the given URL into the result 2019-07-23 23:51:29 +00:00
Sadposter c400565427 fix test names because i cannot type 2019-07-23 15:47:17 +01:00
Sadposter 299c0e965b actually reblog on the reblog test 2019-07-23 15:38:19 +01:00
Sadposter 7026018c8c Use correct URL for tests 2019-07-23 15:31:35 +01:00
Sadposter 452980652d Mix format 2019-07-23 15:13:05 +01:00
Sadposter fd1fa5a2ec add tests for unauthed reqs to liked/reblogged_by 2019-07-23 15:08:41 +01:00
Sadposter a5d6287ba8 Hide blocked users from interactions 2019-07-22 02:42:29 +00:00
Sergey Suprunenko 43a7cd27fe [tests] Mock :crypt.crypt/2 function in AuthenticationPlugTest 2019-07-20 13:07:51 +00:00
Eugenij 4bf2bb9cff Fix password reset for non-test env
Fixes `Plug.Conn.NotSentError` that causes a 5xx error in response
instead of 404 and 400.

Fixes pattern matching error caused by different response format
in test and non-test env: `Pleroma.Emails.Mailer.deliver_async` returns
:ok when PleromaJobQueue is enabled and `{:ok, _}` when it's disabled.
In tests, it's disabled.
2019-07-17 18:09:31 +00:00
Alexander Strizhakov 10f82c88b8 mastoapi password reset
added rate limit to password reset

configure rate limit in runtime
2019-07-16 21:44:50 +00:00
Eugenij 520ee6c591 Add pleroma.deactivated to the Account entity (Mastodon API) 2019-07-16 11:14:46 +00:00
Eugenij c4ca142e14 Add the blocked_by attribute to the relationship API (GET /api/v1/accounts/relationships) 2019-07-16 11:04:11 +00:00
rinpatch 996fd58ac4 Merge branch 'bugfix/poll-id-as-string' into 'develop'
Status View: Poll ids are strings.

See merge request pleroma/pleroma!1430
2019-07-16 06:06:22 +00:00
lain 7a24def473 Mastodon Controller: Fix tests. 2019-07-16 14:01:18 +09:00
lain 1ed24bcc76 Status View: Poll ids are strings.
All ids in mastodon are strings, in general.
2019-07-16 12:47:40 +09:00
Sergey Suprunenko b74300bc7a Add more tests for MastodonAPIController and CommonAPI 2019-07-15 19:47:23 +00:00
Egor Kislitsyn 64a946643e Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists 2019-07-15 14:11:54 +07:00
Egor Kislitsyn a87c313309 Support list visibility in StatusView 2019-07-15 14:00:29 +07:00
Alexander Strizhakov e7c39b7ac8 Feature/1072 muting notifications 2019-07-14 13:29:31 +00:00
Mark Felder 360e4cdaa2 Move these to pleroma namespace in Mastodon API 2019-07-12 11:25:58 -05:00
Eugenij 4198c3ac39 Extend Pleroma.Pagination to support offset-based pagination, use async/await to execute status and account search in parallel 2019-07-11 13:55:31 +00:00
Haelwenn (lanodan) Monnier 252e129b1e
MastoAPI: Add categories to custom emojis
Note: This isn’t in a release yet, can be seen in mastofe on the
rebase/glitch-soc branch.
2019-07-10 17:02:37 +02:00
Sergey Suprunenko ff55e3c16f Create mentions only for explicitly mentioned users 2019-07-10 13:29:50 +00:00
Maksim 008c55e4e9 add test for search_controller/ 100% coverage 2019-07-10 08:28:03 +00:00
Ivan Tashkinov 829e997223 [#878] Merge remote-tracking branch 'remotes/upstream/develop' into 878-activity-object-decoupling-in-tests
# Conflicts:
#	lib/pleroma/object.ex
#	test/web/activity_pub/transmogrifier_test.exs
#	test/web/ostatus/ostatus_test.exs
2019-07-09 21:46:16 +03:00
kaniini 1417627d07 Merge branch 'remove-avatar-header' into 'develop'
Ability to reset avatar, profile banner and backgroud

See merge request pleroma/pleroma!1187
2019-07-09 17:51:41 +00:00
Ivan Tashkinov daff85a985 [#878] Refactored assumptions on embedded object presence in tests. Adjusted note factory to not embed object into activity. 2019-07-08 19:53:02 +03:00
rinpatch 72b88c82bc Mastodon API: Fix embedded relationships not being rendered inside of statuses 2019-07-08 12:07:08 +03:00
Eugenij 1f76740e10 Add hashtag filter to user statuses (GET /api/v1/accounts/:id/statuses) 2019-06-30 09:08:46 +00:00
Sergey Suprunenko d53fb55bb7 Return correct response when reply to a direct message is not direct itself 2019-06-26 10:59:27 +00:00
Maksim Pechnikov 4ad15ad2a9 add ignore hosts and TLDs for rich_media 2019-06-25 22:25:37 +03:00
Sachin Joshi a0c65bbd6c Merge branch 'develop' into 'remove-avatar-header'
# Conflicts:
#   CHANGELOG.md
2019-06-23 03:25:50 +00:00
rinpatch c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
lain a440cf856d Mastodon API: Return the token needed for the chat. 2019-06-15 10:59:35 +02:00
rinpatch 62ffc00a5d Merge branch 'feature/add-background-image-to-mastoapi' into 'develop'
AccountView: Add user background.

See merge request pleroma/pleroma!1280
2019-06-14 16:49:28 +00:00
Maksim ee4ed87fb4 [#948] /api/v1/account_search added optional parameters (limit, offset, following) 2019-06-14 11:39:57 +00:00
lain eac298083f MastodonAPI: Add a way to update the background image. 2019-06-14 11:19:22 +02:00
lain 5965efb216 AccountView: Add user background. 2019-06-13 19:08:05 +02:00
lain 63ab3c30eb Merge branch 'feature/rate-limiter' into 'develop'
Feature/Rate Limiter

Closes #943

See merge request pleroma/pleroma!1266
2019-06-11 11:32:01 +00:00
Egor Kislitsyn ad04d12de6 Replace MastodonAPIController.account_register/2 rate limiter 2019-06-11 16:06:03 +07:00
Sergey Suprunenko 365268d522 Add more tests for using media_proxy and whitelists 2019-06-10 11:34:11 +00:00
lain 7e9f7ea0c2 MastodonAPI: Add test for user search. 2019-06-06 16:16:22 +02:00
Egor Kislitsyn 5b04f07a1e Limit search for unauthenticated users to local users only 2019-06-05 16:51:04 +07:00
Maksim Pechnikov 4f2e359687 Merge branch 'develop' into issue/941 2019-06-04 09:49:08 +03:00
kaniini 9d2563a3de Merge branch 'generic-fe-settings' into 'develop'
Generic settings store for frontend user settings

See merge request pleroma/pleroma!1221
2019-06-04 05:43:43 +00:00
Maksim Pechnikov 64ada7f960 fix tests 2019-06-03 22:51:14 +03:00
Maksim Pechnikov f13d6c7f78 update api to set skip_thread_containment 2019-06-03 21:02:57 +03:00
rinpatch dc91bcc0af Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 13:16:17 +03:00
lambda 314758c25b Merge branch 'align-mastodon-conversations' into 'develop'
Mastodon Conversations API: Align to Mastodon behavior

See merge request pleroma/pleroma!1215
2019-06-03 09:48:37 +00:00
rinpatch 026b245dbc Merge branch 'develop' into feature/polls-2-electric-boogalo 2019-06-03 11:14:52 +03:00
rinpatch 2fe3a20638 Make error message about author's inability to vote more sensible 2019-06-02 23:33:15 +03:00
rinpatch c47da0e65d Add tests for poll view 2019-06-02 23:25:33 +03:00
kaniini 5402d04e3c Merge branch 'feature/notification-control-part-2' into 'develop'
notification controls, part 2

See merge request pleroma/pleroma!1204
2019-06-02 08:25:37 +00:00
rinpatch cfa588e357 Fix Credo issues 2019-06-01 21:42:29 +03:00
rinpatch 65db5e9f52 Resolve merge conflicts 2019-06-01 16:29:58 +03:00
rinpatch 300d94c628 Add poll votes
Also in this commit by accident:
- Fix query ordering causing exclude_poll_votes to not work
- Do not create notifications for Answer objects
2019-06-01 16:17:46 +03:00
Haelwenn (lanodan) Monnier 5d3ece2861
Remove now useless flavours switching 2019-06-01 01:44:10 +02:00
lain 7861974ab2 MastodonAPI: Add extension to set and get pleroma_settings_store. 2019-05-31 14:50:18 +02:00
lain aaad85c4d9 AccountView: settings -> settings_store 2019-05-31 14:49:46 +02:00
lain eb2963bc43 User: Add settings store to Info, AccountView
This is to provide a generic frontend settings storage mechanism for all kinds
of frontends.
2019-05-31 14:27:15 +02:00
lain 97fb50d9fa Mastodon Conversation API: Don't return own account in 'accounts'. 2019-05-31 11:27:14 +02:00
Sergey Suprunenko 1690be991e Replace missing non-nullable Card attributes with empty strings 2019-05-30 21:03:31 +00:00
Sachin Joshi 1452a96ad6 ability to set and reset avatar, profile banner and backgroud in Mastodon API 2019-05-27 15:31:01 +05:45
William Pitcock 45e4642a58 tests: chase remote/local removal 2019-05-26 00:20:54 +00:00
William Pitcock 1542cccbbc tests: chase notification setting changes 2019-05-25 05:22:13 +00:00
rinpatch cdac5efd10 Merge branch 'bugfix/account_view_source.note' into 'develop'
MastoAPI AccountView: fill source.note with plaintext version of note

Closes #926

See merge request pleroma/pleroma!1189
2019-05-22 05:39:01 +00:00
Haelwenn (lanodan) Monnier 0e2c215a00
MastoAPI AccountView: fill source.note with plaintext version of note
Closes: https://git.pleroma.social/pleroma/pleroma/issues/926
2019-05-22 07:22:19 +02:00
rinpatch 63b0b7190c MastoAPI: Add GET /api/v1/polls/:id 2019-05-21 20:40:35 +03:00
rinpatch 0407ffe75f Change validation error status codes to be more appropriate 2019-05-21 17:12:38 +03:00
rinpatch 3f96b3e4b8 Enforce poll limits and add error handling for MastodonAPI's post endpoint 2019-05-21 10:54:20 +03:00
rinpatch 76a7429bef Add poll limits to /api/v1/instance and initial state 2019-05-21 09:13:10 +03:00
Sadposter dc916ba15f
Format mascot tests 2019-05-20 12:58:17 +01:00
Sadposter e81f0fc6d4
Add mascot get/set tests 2019-05-20 12:58:06 +01:00
rinpatch 5ece901af3 Resolve merge conflicts and remove IO.inspects 2019-05-18 13:37:38 +03:00
rinpatch fd920c8973 Mastodon API: Add support for posting polls 2019-05-18 13:29:28 +03:00
Alexander Strizhakov 7ed682213f Fix/902 random compile failing 2019-05-17 07:25:20 +00:00
Sergey Suprunenko e2b3a27204 Add Reports to Admin API 2019-05-16 19:09:18 +00:00
Aaron Tinio 70c81b95d0 Pipe requests to public endpoints through EnsurePublicOrAuthenticatedPlug 2019-05-15 05:09:32 +08:00
Alexander Strizhakov a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Sachin Joshi 7701a4c841 Make irreversible field default to false in filters 2019-05-14 00:13:15 +05:45
rinpatch 3a7c14645e - Actually use preloaded bookmarks in views
- Preload bookmarks in bookmark timeline
- Rework bookmark preload tests
2019-05-07 19:33:22 +00:00
lambda 238dd72fad Merge branch 'conversations_three' into 'develop'
Conversations once more.

See merge request pleroma/pleroma!1119
2019-05-07 14:43:21 +00:00
Haelwenn (lanodan) Monnier b5ad1715b2
MastoAPI: profile update with emoji_map 2019-05-03 16:41:23 +02:00
lain 45f790becc Merge remote-tracking branch 'origin/develop' into conversations_three 2019-05-01 18:40:41 +02:00
rinpatch 0fd176b990 Merge branch 'fix/add-default-scope-mastoapi' into 'develop'
Add default_scope to /api/v1/update_credentials

See merge request pleroma/pleroma!1100
2019-04-29 06:45:18 +00:00
rinpatch ce3789e39a Add default_scope to /api/v1/update_credentials 2019-04-27 23:55:54 +03:00
rinpatch c3e9fcf098 Fix bookmarks depending on embeded object and move checking if the
status is bookmarked to SQL
2019-04-27 23:06:46 +03:00
lambda 4de5fef1f8 Merge branch 'feature/807-bookmark-endpoint-extension' into 'develop'
Feature/807 bookmark endpoint extension

Closes #807

See merge request pleroma/pleroma!1059
2019-04-26 11:59:47 +00:00
rinpatch dfc8425659 Move settings to Source subentity 2019-04-25 10:31:14 +03:00
Alex S 85953c0836 fixes for tests 2019-04-25 13:46:40 +07:00
rinpatch 4baea6e6d9 Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API
This patch:
- Fixes `rights` in twitterapi ignoring `show_role`
- Fixes exposing default scope of the user to anyone in Mastodon API
- Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674)

Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs
2019-04-24 20:01:42 +03:00
Sergey Suprunenko 9dd36e5bcb Extend Mastodon API with public endpoint for getting Favorites timeline of any user (#789) 2019-04-23 02:47:43 +00:00
rinpatch f60d072bbb Add pleroma.in_reply_to_account_acct to MastoAPI status entity 2019-04-22 11:54:27 +03:00
Egor b9cdf6d3b9 Use User.get_cached* everywhere 2019-04-22 07:20:43 +00:00
Roman Chvanikov 2662bea4e0 Add accounts and last_status to conversation read response 2019-04-21 20:26:13 +07:00
eugenijm 375fd21055 Set correct values in the MastoAPI reblog status view 2019-04-21 05:40:22 +03:00
eugenijm fa48532387 Handle reblogs on the first follow request in MastoAPI 2019-04-20 04:39:49 +03:00