diff options
| -rw-r--r-- | docs/config.md | 2 | ||||
| -rw-r--r-- | installation/pleroma.vcl | 76 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/activity_pub_controller.ex | 13 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex | 29 | ||||
| -rw-r--r-- | lib/pleroma/web/common_api/common_api.ex | 1 | ||||
| -rw-r--r-- | lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 5 | ||||
| -rw-r--r-- | lib/pleroma/web/ostatus/ostatus_controller.ex | 32 | ||||
| -rw-r--r-- | test/web/activity_pub/activity_pub_controller_test.exs | 26 | ||||
| -rw-r--r-- | test/web/common_api/common_api_test.exs | 23 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 33 |
10 files changed, 196 insertions, 44 deletions
diff --git a/docs/config.md b/docs/config.md index 7eb2d5671..e3738271b 100644 --- a/docs/config.md +++ b/docs/config.md @@ -207,6 +207,6 @@ curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerando ## Pleroma.Web.Federator.RetryQueue * `enabled`: If set to `true`, failed federation jobs will be retried -* `max_jobs`: The maximum amount of parallel federation jbos running at the same time. +* `max_jobs`: The maximum amount of parallel federation jobs running at the same time. * `initial_timeout`: The initial timeout in seconds * `max_retries`: The maximum number of times a federation job is retried diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 63c1cb74d..92153d8ef 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -14,43 +14,45 @@ acl purge { sub vcl_recv { # Redirect HTTP to HTTPS if (std.port(server.ip) != 443) { - set req.http.x-redir = "https://" + req.http.host + req.url; - return (synth(750, "")); + set req.http.x-redir = "https://" + req.http.host + req.url; + return (synth(750, "")); + } + + # CHUNKED SUPPORT + if (req.http.Range ~ "bytes=") { + set req.http.x-range = req.http.Range; } # Pipe if WebSockets request is coming through if (req.http.upgrade ~ "(?i)websocket") { - return (pipe); + return (pipe); } # Allow purging of the cache if (req.method == "PURGE") { - if (!client.ip ~ purge) { - return(synth(405,"Not allowed.")); - } - return(purge); + if (!client.ip ~ purge) { + return(synth(405,"Not allowed.")); + } + return(purge); } # Pleroma MediaProxy - strip headers that will affect caching if (req.url ~ "^/proxy/") { - unset req.http.Cookie; - unset req.http.Authorization; - unset req.http.Accept; - return (hash); + unset req.http.Cookie; + unset req.http.Authorization; + unset req.http.Accept; + return (hash); } # Strip headers that will affect caching from all other static content # This also permits caching of individual toots and AP Activities if ((req.url ~ "^/(media|static)/") || - (req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$")) + (req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|mp4|ogg|webm|svg|swf|ttf|pdf|woff|woff2)$")) { unset req.http.Cookie; unset req.http.Authorization; return (hash); } - - # Everything else should just be piped to Pleroma - return (pipe); } sub vcl_backend_response { @@ -59,8 +61,11 @@ sub vcl_backend_response { set beresp.do_gzip = true; } - # etags are bad - unset beresp.http.etag; + # CHUNKED SUPPORT + if (bereq.http.x-range ~ "bytes=" && beresp.status == 206) { + set beresp.ttl = 10m; + set beresp.http.CR = beresp.http.content-range; + } # Don't cache objects that require authentication if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") { @@ -81,9 +86,9 @@ sub vcl_backend_response { # Do not cache redirects and errors if ((beresp.status >= 300) && (beresp.status < 500)) { - set beresp.uncacheable = true; - set beresp.ttl = 30s; - return (deliver); + set beresp.uncacheable = true; + set beresp.ttl = 30s; + return (deliver); } # Pleroma MediaProxy internally sets headers properly @@ -92,14 +97,12 @@ sub vcl_backend_response { } # Strip cache-restricting headers from Pleroma on static content that we want to cache - # Also enable streaming of cached content to clients (no waiting for Varnish to complete backend fetch) - if (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$") + if (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|mp4|ogg|webm|svg|swf|ttf|pdf|woff|woff2)$") { unset beresp.http.set-cookie; unset beresp.http.Cache-Control; unset beresp.http.x-request-id; set beresp.http.Cache-Control = "public, max-age=86400"; - set beresp.do_stream = true; } } @@ -115,7 +118,30 @@ sub vcl_synth { # Ensure WebSockets through the pipe do not close prematurely sub vcl_pipe { if (req.http.upgrade) { - set bereq.http.upgrade = req.http.upgrade; - set bereq.http.connection = req.http.connection; + set bereq.http.upgrade = req.http.upgrade; + set bereq.http.connection = req.http.connection; + } +} + +sub vcl_hash { + # CHUNKED SUPPORT + if (req.http.x-range ~ "bytes=") { + hash_data(req.http.x-range); + unset req.http.Range; + } +} + +sub vcl_backend_fetch { + # CHUNKED SUPPORT + if (bereq.http.x-range) { + set bereq.http.Range = bereq.http.x-range; + } +} + +sub vcl_deliver { + # CHUNKED SUPPORT + if (resp.http.CR) { + set resp.http.Content-Range = resp.http.CR; + unset resp.http.CR; } } diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index a3f736fee..73ca07e84 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -54,6 +54,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end end + def activity(conn, %{"uuid" => uuid}) do + with ap_id <- o_status_url(conn, :activity, uuid), + %Activity{} = activity <- Activity.normalize(ap_id), + {_, true} <- {:public?, ActivityPub.is_public?(activity)} do + conn + |> put_resp_header("content-type", "application/activity+json") + |> json(ObjectView.render("object.json", %{object: activity})) + else + {:public?, false} -> + {:error, :not_found} + end + end + def following(conn, %{"nickname" => nickname, "page" => page}) do with %User{} = user <- User.get_cached_by_nickname(nickname), {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do diff --git a/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex b/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex new file mode 100644 index 000000000..081456046 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex @@ -0,0 +1,29 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.NoPlaceholderTextPolicy do + @behaviour Pleroma.Web.ActivityPub.MRF + + @impl true + def filter( + %{ + "type" => "Create", + "object" => %{"content" => content, "attachment" => _attachment} = child_object + } = object + ) + when content in [".", "<p>.</p>"] do + child_object = + child_object + |> Map.put("content", "") + + object = + object + |> Map.put("object", child_object) + + {:ok, object} + end + + @impl true + def filter(object), do: {:ok, object} +end diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index 7ec6aa0ea..2902905fd 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -14,6 +14,7 @@ defmodule Pleroma.Web.CommonAPI do with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, activity_id), %Object{} = object <- Object.normalize(object_id), true <- user.info.is_moderator || user.ap_id == object.data["actor"], + {:ok, _} <- unpin(activity_id, user), {:ok, delete} <- ActivityPub.delete(object) do {:ok, delete} end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index e00a3fb87..a8fe9d708 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -824,9 +824,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do json(conn, res) end - def favourites(%{assigns: %{user: user}} = conn, _) do + def favourites(%{assigns: %{user: user}} = conn, params) do params = - %{} + params |> Map.put("type", "Create") |> Map.put("favorited_by", user.ap_id) |> Map.put("blocking_user", user) @@ -836,6 +836,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do |> Enum.reverse() conn + |> add_link_headers(:favourites, activities) |> put_view(StatusView) |> render("index.json", %{activities: activities, for: user, as: :activity}) end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index 9b600737f..332cbef0e 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -112,23 +112,27 @@ defmodule Pleroma.Web.OStatus.OStatusController do end def activity(conn, %{"uuid" => uuid}) do - with id <- o_status_url(conn, :activity, uuid), - {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)}, - {_, true} <- {:public?, ActivityPub.is_public?(activity)}, - %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do - case format = get_format(conn) do - "html" -> redirect(conn, to: "/notice/#{activity.id}") - _ -> represent_activity(conn, format, activity, user) - end + if get_format(conn) == "activity+json" do + ActivityPubController.call(conn, :activity) else - {:public?, false} -> - {:error, :not_found} + with id <- o_status_url(conn, :activity, uuid), + {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)}, + {_, true} <- {:public?, ActivityPub.is_public?(activity)}, + %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do + case format = get_format(conn) do + "html" -> redirect(conn, to: "/notice/#{activity.id}") + _ -> represent_activity(conn, format, activity, user) + end + else + {:public?, false} -> + {:error, :not_found} - {:activity, nil} -> - {:error, :not_found} + {:activity, nil} -> + {:error, :not_found} - e -> - e + e -> + e + end end end diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 7d1fe184e..7aed8c71d 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -89,6 +89,32 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do end end + describe "/activities/:uuid" do + test "it returns a json representation of the activity", %{conn: conn} do + activity = insert(:note_activity) + uuid = String.split(activity.data["id"], "/") |> List.last() + + conn = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert json_response(conn, 200) == ObjectView.render("object.json", %{object: activity}) + end + + test "it returns 404 for non-public activities", %{conn: conn} do + activity = insert(:direct_note_activity) + uuid = String.split(activity.data["id"], "/") |> List.last() + + conn = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert json_response(conn, 404) + end + end + describe "/inbox" do test "it inserts an incoming activity into the database", %{conn: conn} do data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!() diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index eb69ea4b2..9ac805f24 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -109,6 +109,11 @@ defmodule Pleroma.Web.CommonAPI.Test do test "pin status", %{user: user, activity: activity} do assert {:ok, ^activity} = CommonAPI.pin(activity.id, user) + + id = activity.id + user = refresh_record(user) + + assert %User{info: %{pinned_activities: [^id]}} = user end test "only self-authored can be pinned", %{activity: activity} do @@ -131,7 +136,25 @@ defmodule Pleroma.Web.CommonAPI.Test do test "unpin status", %{user: user, activity: activity} do {:ok, activity} = CommonAPI.pin(activity.id, user) + user = refresh_record(user) + assert {:ok, ^activity} = CommonAPI.unpin(activity.id, user) + + user = refresh_record(user) + + assert %User{info: %{pinned_activities: []}} = user + end + + test "should unpin when deleting a status", %{user: user, activity: activity} do + {:ok, activity} = CommonAPI.pin(activity.id, user) + + user = refresh_record(user) + + assert {:ok, _} = CommonAPI.delete(activity.id, user) + + user = refresh_record(user) + + assert %User{info: %{pinned_activities: []}} = user end end end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index b448d13f5..fe8f845c7 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1349,13 +1349,42 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do {:ok, _, _} = CommonAPI.favorite(activity.id, user) - conn = + first_conn = conn |> assign(:user, user) |> get("/api/v1/favourites") - assert [status] = json_response(conn, 200) + assert [status] = json_response(first_conn, 200) assert status["id"] == to_string(activity.id) + + assert [{"link", link_header}] = + Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end) + + # Honours query params + {:ok, second_activity} = + CommonAPI.post(other_user, %{ + "status" => + "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful." + }) + + {:ok, _, _} = CommonAPI.favorite(second_activity.id, user) + + last_like = status["id"] + + second_conn = + conn + |> assign(:user, user) + |> get("/api/v1/favourites?since_id=#{last_like}") + + assert [second_status] = json_response(second_conn, 200) + assert second_status["id"] == to_string(second_activity.id) + + third_conn = + conn + |> assign(:user, user) + |> get("/api/v1/favourites?limit=0") + + assert [] = json_response(third_conn, 200) end describe "updating credentials" do |