diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/upload/filter/dedupe.ex | 15 | ||||
| -rw-r--r-- | lib/pleroma/upload/filter/mogrifun.ex | 24 | ||||
| -rw-r--r-- | lib/pleroma/upload/filter/mogrify.ex | 11 | ||||
| -rw-r--r-- | lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 25 | ||||
| -rw-r--r-- | lib/pleroma/web/router.ex | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/twitter_api/twitter_api_controller.ex | 7 | 
6 files changed, 55 insertions, 29 deletions
| diff --git a/lib/pleroma/upload/filter/dedupe.ex b/lib/pleroma/upload/filter/dedupe.ex index e4c225833..14928c355 100644 --- a/lib/pleroma/upload/filter/dedupe.ex +++ b/lib/pleroma/upload/filter/dedupe.ex @@ -6,10 +6,19 @@ defmodule Pleroma.Upload.Filter.Dedupe do    @behaviour Pleroma.Upload.Filter    alias Pleroma.Upload -  def filter(%Upload{name: name} = upload) do -    extension = String.split(name, ".") |> List.last() -    shasum = :crypto.hash(:sha256, File.read!(upload.tempfile)) |> Base.encode16(case: :lower) +  def filter(%Upload{name: name, tempfile: tempfile} = upload) do +    extension = +      name +      |> String.split(".") +      |> List.last() + +    shasum = +      :crypto.hash(:sha256, File.read!(tempfile)) +      |> Base.encode16(case: :lower) +      filename = shasum <> "." <> extension      {:ok, %Upload{upload | id: shasum, path: filename}}    end + +  def filter(_), do: :ok  end diff --git a/lib/pleroma/upload/filter/mogrifun.ex b/lib/pleroma/upload/filter/mogrifun.ex index 35a5a1381..fee49fb51 100644 --- a/lib/pleroma/upload/filter/mogrifun.ex +++ b/lib/pleroma/upload/filter/mogrifun.ex @@ -4,6 +4,7 @@  defmodule Pleroma.Upload.Filter.Mogrifun do    @behaviour Pleroma.Upload.Filter +  alias Pleroma.Upload.Filter    @filters [      {"implode", "1"}, @@ -34,31 +35,10 @@ defmodule Pleroma.Upload.Filter.Mogrifun do    ]    def filter(%Pleroma.Upload{tempfile: file, content_type: "image" <> _}) do -    filter = Enum.random(@filters) - -    file -    |> Mogrify.open() -    |> mogrify_filter(filter) -    |> Mogrify.save(in_place: true) +    Filter.Mogrify.do_filter(file, [Enum.random(@filters)])      :ok    end    def filter(_), do: :ok - -  defp mogrify_filter(mogrify, [filter | rest]) do -    mogrify -    |> mogrify_filter(filter) -    |> mogrify_filter(rest) -  end - -  defp mogrify_filter(mogrify, []), do: mogrify - -  defp mogrify_filter(mogrify, {action, options}) do -    Mogrify.custom(mogrify, action, options) -  end - -  defp mogrify_filter(mogrify, string) when is_binary(string) do -    Mogrify.custom(mogrify, string) -  end  end diff --git a/lib/pleroma/upload/filter/mogrify.ex b/lib/pleroma/upload/filter/mogrify.ex index f459eeecb..91bfdd4f5 100644 --- a/lib/pleroma/upload/filter/mogrify.ex +++ b/lib/pleroma/upload/filter/mogrify.ex @@ -11,16 +11,19 @@ defmodule Pleroma.Upload.Filter.Mogrify do    def filter(%Pleroma.Upload{tempfile: file, content_type: "image" <> _}) do      filters = Pleroma.Config.get!([__MODULE__, :args]) +    do_filter(file, filters) +    :ok +  end + +  def filter(_), do: :ok + +  def do_filter(file, filters) do      file      |> Mogrify.open()      |> mogrify_filter(filters)      |> Mogrify.save(in_place: true) - -    :ok    end -  def filter(_), do: :ok -    defp mogrify_filter(mogrify, nil), do: mogrify    defp mogrify_filter(mogrify, [filter | rest]) do diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index f4aa576f7..aff76e2ea 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -47,6 +47,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do    require Logger +  @rate_limited_relations_actions ~w(follow unfollow)a +    @rate_limited_status_actions ~w(reblog_status unreblog_status fav_status unfav_status      post_status delete_status)a @@ -62,9 +64,16 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do      when action in ~w(fav_status unfav_status)a    ) +  plug( +    RateLimiter, +    {:relations_id_action, params: ["id", "uri"]} when action in @rate_limited_relations_actions +  ) + +  plug(RateLimiter, :relations_actions when action in @rate_limited_relations_actions)    plug(RateLimiter, :statuses_actions when action in @rate_limited_status_actions)    plug(RateLimiter, :app_account_creation when action == :account_register)    plug(RateLimiter, :search when action in [:search, :search2, :account_search]) +  plug(RateLimiter, :password_reset when action == :password_reset)    @local_mastodon_name "Mastodon-Local" @@ -1808,6 +1817,22 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do      end    end +  def password_reset(conn, params) do +    nickname_or_email = params["email"] || params["nickname"] + +    with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do +      conn +      |> put_status(:no_content) +      |> json("") +    else +      {:error, "unknown user"} -> +        put_status(conn, :not_found) + +      {:error, _} -> +        put_status(conn, :bad_request) +    end +  end +    def try_render(conn, target, params)        when is_binary(target) do      case render(conn, target, params) do diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 3e5142e8a..52b8dc0bf 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -691,6 +691,8 @@ defmodule Pleroma.Web.Router do      get("/web/login", MastodonAPIController, :login)      delete("/auth/sign_out", MastodonAPIController, :logout) +    post("/auth/password", MastodonAPIController, :password_reset) +      scope [] do        pipe_through(:oauth_read_or_public)        get("/web/*path", MastodonAPIController, :index) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 0313560a8..8cb703501 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -27,6 +27,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do    require Logger +  plug(Pleroma.Plugs.RateLimiter, :password_reset when action == :password_reset)    plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline])    action_fallback(:errors) @@ -437,6 +438,12 @@ defmodule Pleroma.Web.TwitterAPI.Controller do      with {:ok, _} <- TwitterAPI.password_reset(nickname_or_email) do        json_response(conn, :no_content, "") +    else +      {:error, "unknown user"} -> +        put_status(conn, :not_found) + +      {:error, _} -> +        put_status(conn, :bad_request)      end    end | 
