Ivan Tashkinov
bc4f77b10b
[ #468 ] Merged upstream/develop
, resolved conflicts.
2019-02-17 14:07:04 +03:00
Ivan Tashkinov
dcf24a3233
[ #468 ] Refactored OAuth scopes' defaults & missing selection handling.
2019-02-17 13:49:14 +03:00
Ivan Tashkinov
2a4a4f3342
[ #468 ] Defined OAuth restrictions for all applicable routes.
...
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
Ivan Tashkinov
027adbc9e5
[ #468 ] Refactored OAuth scopes parsing / defaults handling.
2019-02-14 17:03:19 +03:00
Ivan Tashkinov
063baca5e4
[ #468 ] User UI for OAuth permissions restriction. Standardized storage format for scopes
fields, updated usages.
2019-02-14 00:29:29 +03:00
Karen Konou
ac72b578da
Merge branch 'develop' into feature/thread-muting
2019-02-11 12:10:49 +01:00
Karen Konou
c01ef574c1
Refactor as per Rin's suggestions, add endpoint tests
2019-02-11 12:04:02 +01:00
Karen Konou
cc21fc5f53
refactor, status view updating, error handling
2019-02-10 10:42:30 +01:00
Haelwenn (lanodan) Monnier
6a6a5b3251
de-group alias/es
2019-02-09 16:31:17 +01:00
Haelwenn (lanodan) Monnier
8bcfac93a8
Make credo happy
2019-02-09 14:59:20 +01:00
Karen Konou
98ec578f4d
Merge branch 'develop' into feature/thread-muting
2019-02-08 12:44:02 +01:00
Ivan Tashkinov
2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
Karen Konou
f4ff4ffba2
Migration and some boilerplate stuff
2019-02-07 17:36:14 +01:00
Mark Felder
74518d0b60
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
...
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
William Pitcock
65a4b9fbea
mastodon api: rich media: don't clobber %URI struct with a string
2019-02-06 18:02:15 +00:00
kaniini
eb2b1960e0
Merge branch 'feature/split-hide-network-v2' into 'develop'
...
Split hide_network into hide_followers & hide_followings (fixed)
See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
William Pitcock
1d94b67e40
mastodon api: fix rendering of cards without image URLs ( closes #597 )
2019-02-05 18:30:27 +00:00
rinpatch
00835bf678
Merge branch 'fix/rich-media-relative-path' into 'develop'
...
Fix rich media relative path
Closes #588
See merge request pleroma/pleroma!759
2019-02-04 16:01:34 +00:00
Maxim Filippov
16ce129e38
Split hide_network into hide_followers & hide_followings (fixed)
2019-02-03 21:55:04 +03:00
rinpatch
68d461b3a9
Check if rich media uri is relative
2019-02-02 12:24:24 +03:00
rinpatch
833404f0f5
Use with instead of if in the card
2019-02-02 12:04:18 +03:00
rinpatch
e4d18f328b
merge only if page_url is an absolute path
2019-02-02 11:53:46 +03:00
rinpatch
cbadf9d333
Fix rich media relative path
2019-02-02 11:38:37 +03:00
kaniini
486749064f
Revert "Merge branch 'feature/split-hide-network' into 'develop'"
...
This reverts merge request !733
2019-02-01 20:22:58 +00:00
eugenijm
d747bd9870
Use String.replace_leading instead of String.replace for getting websocket streaming api url.
...
Extract the login responsible for obtaining websocket URL into the corresponding
Endpoint function.
2019-02-01 21:58:43 +03:00
Haelwenn (lanodan) Monnier
74c6119f28
MastodonAPI.MastodonAPIController: Return a 404 when we fail to get a list
2019-02-01 18:21:16 +01:00
kaniini
0a82a7e6d6
Merge branch 'feature/split-hide-network' into 'develop'
...
Split hide_network into hide_followers & hide_followings
See merge request pleroma/pleroma!733
2019-02-01 17:05:29 +00:00
Haelwenn
00d4333373
Merge branch 'features/glitch-soc-frontend' into 'develop'
...
Features/glitch soc frontend
See merge request pleroma/pleroma!192
2019-01-31 10:16:11 +00:00
href
4aff4efa8d
Use multiple hackney pools
...
* federation (ap, salmon)
* media (rich media, media proxy)
* upload (uploader proxy)
Each "part" will stop fighting others ones -- a huge federation outbound
could before make the media proxy fail to checkout a connection in time.
splitted media and uploaded media for the good reason than an upload
pool will have all connections to the same host (the uploader upstream).
it also has a longer default retention period for connections.
2019-01-30 15:06:46 +01:00
Haelwenn
ebb3496386
Merge branch 'feature/rich-media-part-2-electric-boogaloo' into 'develop'
...
Rich Media support, part 2.
See merge request pleroma/pleroma!719
2019-01-29 05:11:08 +00:00
Maxim Filippov
50d6183893
Split hide_network into hide_followers & hide_followings
2019-01-28 21:40:08 +03:00
Haelwenn
de0fb88a9c
Merge branch 'safe-render-activities' into 'develop'
...
remove unnecessary filter (re !723 )
See merge request pleroma/pleroma!729
2019-01-28 11:48:03 +00:00
href
df2f7b39dd
re f83bae7c: remove unnecessary filter
2019-01-28 12:24:14 +01:00
William Pitcock
ddc7ae2c1a
mastodon api: card: force OGP images through mediaproxy
2019-01-28 06:42:27 +00:00
William Pitcock
8e42251e06
rich media: add helpers module, use instead of MastodonAPI module
2019-01-28 06:04:54 +00:00
William Pitcock
24a103a1fe
mastodon api: formatting
2019-01-28 05:53:17 +00:00
William Pitcock
5a37ddc2dc
mastodon api: embed card in status object
2019-01-28 05:53:17 +00:00
William Pitcock
132d815f1f
mastodon api: factor out status card fetching, move status card rendering to statusview, add opengraph extended data
2019-01-28 05:53:17 +00:00
Haelwenn (lanodan) Monnier
cda1470e02
[MastoAPI][GlitchAPI] Add bookmarks
2019-01-28 04:47:32 +01:00
lambda
16ab1437d6
Merge branch 'safe-render-activities' into 'develop'
...
Views: wrap activity rendering in a rescue
See merge request pleroma/pleroma!723
2019-01-27 20:10:09 +00:00
href
f83bae7c22
Views: wrap activity rendering in a rescue
...
this avoids complete timeline breakage when an activity fucks up
rendering.
2019-01-27 19:16:20 +01:00
kaniini
5eb81d2c72
Merge branch 'features/mastoapi-multi-hashtag' into 'develop'
...
MastodonAPI multi-hashtag
See merge request pleroma/pleroma!652
2019-01-27 12:45:50 +00:00
Haelwenn (lanodan) Monnier
a65c188593
Web.MastodonAPI.AccountView: Add is_moderator and is_admin
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/557
2019-01-27 10:33:22 +01:00
Haelwenn (lanodan) Monnier
de956b9e04
Web.MastodonAPI.MastodonAPIController: tag+any bookmark params in a array and flatten it
2019-01-26 16:46:20 +01:00
William Pitcock
1f7843b9b8
mastodon api: use OGP uri instead of page_url for deducing domain name, fix test
2019-01-26 15:24:16 +00:00
William Pitcock
86037e9c39
mastodon api: use HTML.extract_first_external_url()
2019-01-26 15:13:27 +00:00
William Pitcock
78047d57bf
mastodon api: provider_name setting is required too on the card
2019-01-26 14:47:32 +00:00
Haelwenn (lanodan) Monnier
39863236eb
Web.MastodonAPI.MastodonAPIController: generic get_status_card/1 function for MastoAPI 2.6.x
...
Mastodon API 2.6.x added a card key to the Status object so the Card can be shown in the timeline without an extra request at each status.
2019-01-26 14:18:23 +00:00
Haelwenn (lanodan) Monnier
3f64379b13
Web.MastodonAPI.MastodonAPIController: Add Rich-Media support
2019-01-26 14:18:23 +00:00
Haelwenn (lanodan) Monnier
5a84def6a6
Fix the logic in multi-hashtag TLs
2019-01-26 04:46:02 +01:00