diff options
Diffstat (limited to 'lib')
39 files changed, 306 insertions, 111 deletions
diff --git a/lib/mix/tasks/pleroma/email.ex b/lib/mix/tasks/pleroma/email.ex index 6b7555fb8..e05c207e5 100644 --- a/lib/mix/tasks/pleroma/email.ex +++ b/lib/mix/tasks/pleroma/email.ex @@ -33,7 +33,7 @@ defmodule Mix.Tasks.Pleroma.Email do Pleroma.User.Query.build(%{ local: true, - deactivated: false, + is_active: true, is_confirmed: false, invisible: false }) diff --git a/lib/mix/tasks/pleroma/instance.ex b/lib/mix/tasks/pleroma/instance.ex index f272fdb7f..da27a99d0 100644 --- a/lib/mix/tasks/pleroma/instance.ex +++ b/lib/mix/tasks/pleroma/instance.ex @@ -242,6 +242,13 @@ defmodule Mix.Tasks.Pleroma.Instance do rum_enabled: rum_enabled ) + config_dir = Path.dirname(config_path) + psql_dir = Path.dirname(psql_path) + + [config_dir, psql_dir, static_dir, uploads_dir] + |> Enum.reject(&File.exists?/1) + |> Enum.map(&File.mkdir_p!/1) + shell_info("Writing config to #{config_path}.") File.write(config_path, result_config) @@ -275,10 +282,6 @@ defmodule Mix.Tasks.Pleroma.Instance do indexable: indexable ) - unless File.exists?(static_dir) do - File.mkdir_p!(static_dir) - end - robots_txt_path = Path.join(static_dir, "robots.txt") if File.exists?(robots_txt_path) do diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index e87f1c271..53d5fc6d9 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -107,21 +107,6 @@ defmodule Mix.Tasks.Pleroma.User do end end - def run(["toggle_activated", nickname]) do - start_pleroma() - - with %User{} = user <- User.get_cached_by_nickname(nickname) do - {:ok, user} = User.deactivate(user, !user.deactivated) - - shell_info( - "Activation status of #{nickname}: #{if(user.deactivated, do: "de", else: "")}activated" - ) - else - _ -> - shell_error("No user #{nickname}") - end - end - def run(["reset_password", nickname]) do start_pleroma() @@ -156,20 +141,41 @@ defmodule Mix.Tasks.Pleroma.User do end end + def run(["activate", nickname]) do + start_pleroma() + + with %User{} = user <- User.get_cached_by_nickname(nickname), + false <- user.is_active do + User.set_activation(user, true) + :timer.sleep(500) + + shell_info("Successfully activated #{nickname}") + else + true -> + shell_info("User #{nickname} already activated") + + _ -> + shell_error("No user #{nickname}") + end + end + def run(["deactivate", nickname]) do start_pleroma() - with %User{} = user <- User.get_cached_by_nickname(nickname) do - shell_info("Deactivating #{user.nickname}") - User.deactivate(user) + with %User{} = user <- User.get_cached_by_nickname(nickname), + true <- user.is_active do + User.set_activation(user, false) :timer.sleep(500) user = User.get_cached_by_id(user.id) if Enum.empty?(Enum.filter(User.get_friends(user), & &1.local)) do - shell_info("Successfully unsubscribed all local followers from #{user.nickname}") + shell_info("Successfully deactivated #{nickname} and unsubscribed all local followers") end else + false -> + shell_info("User #{nickname} already deactivated") + _ -> shell_error("No user #{nickname}") end @@ -365,7 +371,7 @@ defmodule Mix.Tasks.Pleroma.User do Pleroma.User.Query.build(%{ local: true, - deactivated: false, + is_active: true, is_moderator: false, is_admin: false, invisible: false @@ -383,7 +389,7 @@ defmodule Mix.Tasks.Pleroma.User do Pleroma.User.Query.build(%{ local: true, - deactivated: false, + is_active: true, is_moderator: false, is_admin: false, invisible: false @@ -420,7 +426,7 @@ defmodule Mix.Tasks.Pleroma.User do shell_info( "#{user.nickname} moderator: #{user.is_moderator}, admin: #{user.is_admin}, locked: #{ user.is_locked - }, deactivated: #{user.deactivated}" + }, is_active: #{user.is_active}" ) end) end) diff --git a/lib/pleroma/application.ex b/lib/pleroma/application.ex index 203a95004..9e262235e 100644 --- a/lib/pleroma/application.ex +++ b/lib/pleroma/application.ex @@ -297,7 +297,16 @@ defmodule Pleroma.Application do @spec limiters_setup() :: :ok def limiters_setup do - [Pleroma.Web.RichMedia.Helpers, Pleroma.Web.MediaProxy] - |> Enum.each(&ConcurrentLimiter.new(&1, 1, 0)) + config = Config.get(ConcurrentLimiter, []) + + [Pleroma.Web.RichMedia.Helpers, Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy] + |> Enum.each(fn module -> + mod_config = Keyword.get(config, module, []) + + max_running = Keyword.get(mod_config, :max_running, 5) + max_waiting = Keyword.get(mod_config, :max_waiting, 5) + + ConcurrentLimiter.new(module, max_running, max_waiting) + end) end end diff --git a/lib/pleroma/following_relationship.ex b/lib/pleroma/following_relationship.ex index 147cb9df0..a0c7e6e39 100644 --- a/lib/pleroma/following_relationship.ex +++ b/lib/pleroma/following_relationship.ex @@ -152,7 +152,7 @@ defmodule Pleroma.FollowingRelationship do |> join(:inner, [r], f in assoc(r, :follower)) |> where([r], r.state == ^:follow_pending) |> where([r], r.following_id == ^id) - |> where([r, f], f.deactivated != true) + |> where([r, f], f.is_active == true) |> select([r, f], f) |> Repo.all() end diff --git a/lib/pleroma/list.ex b/lib/pleroma/list.ex index ff975e7a6..fe5721c34 100644 --- a/lib/pleroma/list.ex +++ b/lib/pleroma/list.ex @@ -113,11 +113,15 @@ defmodule Pleroma.List do end end - def follow(%Pleroma.List{following: following} = list, %User{} = followed) do + def follow(%Pleroma.List{id: id}, %User{} = followed) do + list = Repo.get(Pleroma.List, id) + %{following: following} = list update_follows(list, %{following: Enum.uniq([followed.follower_address | following])}) end - def unfollow(%Pleroma.List{following: following} = list, %User{} = unfollowed) do + def unfollow(%Pleroma.List{id: id}, %User{} = unfollowed) do + list = Repo.get(Pleroma.List, id) + %{following: following} = list update_follows(list, %{following: List.delete(following, unfollowed.follower_address)}) end diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex index 7a69dacde..55b513212 100644 --- a/lib/pleroma/notification.ex +++ b/lib/pleroma/notification.ex @@ -115,7 +115,7 @@ defmodule Pleroma.Notification do |> where( [n, a], fragment( - "? not in (SELECT ap_id FROM users WHERE deactivated = 'true')", + "? not in (SELECT ap_id FROM users WHERE is_active = 'false')", a.actor ) ) diff --git a/lib/pleroma/stats.ex b/lib/pleroma/stats.ex index 77505bb04..b096a9b1e 100644 --- a/lib/pleroma/stats.ex +++ b/lib/pleroma/stats.ex @@ -75,7 +75,7 @@ defmodule Pleroma.Stats do users_query = from(u in User, - where: u.deactivated != true, + where: u.is_active == true, where: u.local == true, where: not is_nil(u.nickname), where: not u.invisible diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 2aeacf816..b69709db4 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -117,7 +117,7 @@ defmodule Pleroma.User do field(:confirmation_token, :string, default: nil) field(:default_scope, :string, default: "public") field(:domain_blocks, {:array, :string}, default: []) - field(:deactivated, :boolean, default: false) + field(:is_active, :boolean, default: true) field(:no_rich_text, :boolean, default: false) field(:ap_enabled, :boolean, default: false) field(:is_moderator, :boolean, default: false) @@ -146,6 +146,7 @@ defmodule Pleroma.User do field(:inbox, :string) field(:shared_inbox, :string) field(:accepts_chat_messages, :boolean, default: nil) + field(:last_active_at, :naive_datetime) embeds_one( :notification_settings, @@ -217,7 +218,8 @@ defmodule Pleroma.User do target_users_query = assoc(user, unquote(outgoing_relation_target)) if restrict_deactivated? do - restrict_deactivated(target_users_query) + target_users_query + |> User.Query.build(%{deactivated: false}) else target_users_query end @@ -286,7 +288,7 @@ defmodule Pleroma.User do @doc "Returns status account" @spec account_status(User.t()) :: account_status() - def account_status(%User{deactivated: true}), do: :deactivated + def account_status(%User{is_active: false}), do: :deactivated def account_status(%User{password_reset_pending: true}), do: :password_reset_pending def account_status(%User{local: true, is_approved: false}), do: :approval_pending def account_status(%User{local: true, is_confirmed: false}), do: :confirmation_pending @@ -378,11 +380,6 @@ defmodule Pleroma.User do def ap_following(%User{following_address: fa}) when is_binary(fa), do: fa def ap_following(%User{} = user), do: "#{ap_id(user)}/following" - @spec restrict_deactivated(Ecto.Query.t()) :: Ecto.Query.t() - def restrict_deactivated(query) do - from(u in query, where: u.deactivated != ^true) - end - defp truncate_fields_param(params) do if Map.has_key?(params, :fields) do Map.put(params, :fields, Enum.map(params[:fields], &truncate_field/1)) @@ -777,7 +774,7 @@ defmodule Pleroma.User do candidates = Config.get([:instance, :autofollowed_nicknames]) autofollowed_users = - User.Query.build(%{nickname: candidates, local: true, deactivated: false}) + User.Query.build(%{nickname: candidates, local: true, is_active: true}) |> Repo.all() follow_all(user, autofollowed_users) @@ -938,7 +935,7 @@ defmodule Pleroma.User do deny_follow_blocked = Config.get([:user, :deny_follow_blocked]) cond do - followed.deactivated -> + not followed.is_active -> {:error, "Could not follow user: #{followed.nickname} is deactivated."} deny_follow_blocked and blocks?(followed, follower) -> @@ -1173,7 +1170,7 @@ defmodule Pleroma.User do @spec get_followers_query(User.t(), pos_integer() | nil) :: Ecto.Query.t() def get_followers_query(%User{} = user, nil) do - User.Query.build(%{followers: user, deactivated: false}) + User.Query.build(%{followers: user, is_active: true}) end def get_followers_query(%User{} = user, page) do @@ -1349,7 +1346,7 @@ defmodule Pleroma.User do @spec get_users_from_set([String.t()], keyword()) :: [User.t()] def get_users_from_set(ap_ids, opts \\ []) do local_only = Keyword.get(opts, :local_only, true) - criteria = %{ap_id: ap_ids, deactivated: false} + criteria = %{ap_id: ap_ids, is_active: true} criteria = if local_only, do: Map.put(criteria, :local, true), else: criteria User.Query.build(criteria) @@ -1360,7 +1357,7 @@ defmodule Pleroma.User do def get_recipients_from_activity(%Activity{recipients: to, actor: actor}) do to = [actor | to] - query = User.Query.build(%{recipients_from_activity: to, local: true, deactivated: false}) + query = User.Query.build(%{recipients_from_activity: to, local: true, is_active: true}) query |> Repo.all() @@ -1579,19 +1576,19 @@ defmodule Pleroma.User do defp maybe_filter_on_ap_id(query, _ap_ids), do: query - def deactivate_async(user, status \\ true) do - BackgroundWorker.enqueue("deactivate_user", %{"user_id" => user.id, "status" => status}) + def set_activation_async(user, status \\ true) do + BackgroundWorker.enqueue("user_activation", %{"user_id" => user.id, "status" => status}) end - def deactivate(user, status \\ true) - - def deactivate(users, status) when is_list(users) do + @spec set_activation([User.t()], boolean()) :: {:ok, User.t()} | {:error, Changeset.t()} + def set_activation(users, status) when is_list(users) do Repo.transaction(fn -> - for user <- users, do: deactivate(user, status) + for user <- users, do: set_activation(user, status) end) end - def deactivate(%User{} = user, status) do + @spec set_activation(User.t(), boolean()) :: {:ok, User.t()} | {:error, Changeset.t()} + def set_activation(%User{} = user, status) do with {:ok, user} <- set_activation_status(user, status) do user |> get_followers() @@ -1680,7 +1677,7 @@ defmodule Pleroma.User do registration_reason: nil, confirmation_token: nil, domain_blocks: [], - deactivated: true, + is_active: false, ap_enabled: false, is_moderator: false, is_admin: false, @@ -1754,7 +1751,7 @@ defmodule Pleroma.User do delete_or_deactivate(user) end - def perform(:deactivate_async, user, status), do: deactivate(user, status) + def perform(:set_activation_async, user, status), do: set_activation(user, status) @spec external_users_query() :: Ecto.Query.t() def external_users_query do @@ -2034,6 +2031,15 @@ defmodule Pleroma.User do |> hd() end + def full_nickname(%User{} = user) do + if String.contains?(user.nickname, "@") do + user.nickname + else + %{host: host} = URI.parse(user.ap_id) + user.nickname <> "@" <> host + end + end + def full_nickname(nickname_or_mention), do: String.trim_leading(nickname_or_mention, "@") @@ -2048,7 +2054,7 @@ defmodule Pleroma.User do @spec all_superusers() :: [User.t()] def all_superusers do - User.Query.build(%{super_users: true, local: true, deactivated: false}) + User.Query.build(%{super_users: true, local: true, is_active: true}) |> Repo.all() end @@ -2089,7 +2095,7 @@ defmodule Pleroma.User do left_join: a in Pleroma.Activity, on: u.ap_id == a.actor, where: not is_nil(u.nickname), - where: u.deactivated != ^true, + where: u.is_active == ^true, where: u.id not in ^has_read_notifications, group_by: u.id, having: @@ -2210,9 +2216,9 @@ defmodule Pleroma.User do end # Internal function; public one is `deactivate/2` - defp set_activation_status(user, deactivated) do + defp set_activation_status(user, status) do user - |> cast(%{deactivated: deactivated}, [:deactivated]) + |> cast(%{is_active: status}, [:is_active]) |> update_and_set_cache() end @@ -2448,4 +2454,19 @@ defmodule Pleroma.User do def get_host(%User{ap_id: ap_id} = _user) do URI.parse(ap_id).host end + + def update_last_active_at(%__MODULE__{local: true} = user) do + user + |> cast(%{last_active_at: NaiveDateTime.utc_now()}, [:last_active_at]) + |> update_and_set_cache() + end + + def active_user_count(weeks \\ 4) do + active_after = Timex.shift(NaiveDateTime.utc_now(), weeks: -weeks) + + __MODULE__ + |> where([u], u.last_active_at >= ^active_after) + |> where([u], u.local == true) + |> Repo.aggregate(:count) + end end diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex index 4076925aa..fa46545da 100644 --- a/lib/pleroma/user/query.ex +++ b/lib/pleroma/user/query.ex @@ -137,7 +137,7 @@ defmodule Pleroma.User.Query do defp compose_query({:external, _}, query), do: location_query(query, false) defp compose_query({:active, _}, query) do - User.restrict_deactivated(query) + where(query, [u], u.is_active == true) |> where([u], u.is_approved == true) |> where([u], u.is_confirmed == true) end @@ -148,11 +148,11 @@ defmodule Pleroma.User.Query do end defp compose_query({:deactivated, false}, query) do - User.restrict_deactivated(query) + where(query, [u], u.is_active == true) end defp compose_query({:deactivated, true}, query) do - where(query, [u], u.deactivated == ^true) + where(query, [u], u.is_active == false) end defp compose_query({:confirmation_pending, bool}, query) do diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index c5bc08153..98051032a 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -56,7 +56,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp check_actor_is_active(actor) when is_binary(actor) do case User.get_cached_by_ap_id(actor) do - %User{deactivated: deactivated} -> not deactivated + %User{is_active: true} -> true _ -> false end end @@ -735,6 +735,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_local(query, _), do: query + defp restrict_remote(query, %{remote: true}) do + from(activity in query, where: activity.local == false) + end + + defp restrict_remote(query, _), do: query + defp restrict_actor(query, %{actor_id: actor_id}) do from(activity in query, where: activity.actor == ^actor_id) end @@ -1111,6 +1117,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_tag_all(opts) |> restrict_since(opts) |> restrict_local(opts) + |> restrict_remote(opts) |> restrict_actor(opts) |> restrict_type(opts) |> restrict_state(opts) diff --git a/lib/pleroma/web/activity_pub/mrf/media_proxy_warming_policy.ex b/lib/pleroma/web/activity_pub/mrf/media_proxy_warming_policy.ex index 50d48edc8..8dbf44071 100644 --- a/lib/pleroma/web/activity_pub/mrf/media_proxy_warming_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/media_proxy_warming_policy.ex @@ -27,7 +27,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy do if Pleroma.Config.get(:env) == :test do fetch(prefetch_url) else - ConcurrentLimiter.limit(MediaProxy, fn -> + ConcurrentLimiter.limit(__MODULE__, fn -> Task.start(fn -> fetch(prefetch_url) end) end) end diff --git a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex index f5f87ca5d..093549a45 100644 --- a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex +++ b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex @@ -35,7 +35,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do cng |> validate_change(field_name, fn field_name, actor -> case User.get_cached_by_ap_id(actor) do - %User{deactivated: true} -> + %User{is_active: false} -> [{field_name, "user is deactivated"}] %User{} -> diff --git a/lib/pleroma/web/admin_api/controllers/user_controller.ex b/lib/pleroma/web/admin_api/controllers/user_controller.ex index fa710c7ec..a18b9f8d5 100644 --- a/lib/pleroma/web/admin_api/controllers/user_controller.ex +++ b/lib/pleroma/web/admin_api/controllers/user_controller.ex @@ -172,9 +172,9 @@ defmodule Pleroma.Web.AdminAPI.UserController do def toggle_activation(%{assigns: %{user: admin}} = conn, %{"nickname" => nickname}) do user = User.get_cached_by_nickname(nickname) - {:ok, updated_user} = User.deactivate(user, !user.deactivated) + {:ok, updated_user} = User.set_activation(user, !user.is_active) - action = if user.deactivated, do: "activate", else: "deactivate" + action = if !user.is_active, do: "activate", else: "deactivate" ModerationLog.insert_log(%{ actor: admin, @@ -189,7 +189,7 @@ defmodule Pleroma.Web.AdminAPI.UserController do def activate(%{assigns: %{user: admin}} = conn, %{"nicknames" => nicknames}) do users = Enum.map(nicknames, &User.get_cached_by_nickname/1) - {:ok, updated_users} = User.deactivate(users, false) + {:ok, updated_users} = User.set_activation(users, true) ModerationLog.insert_log(%{ actor: admin, @@ -204,7 +204,7 @@ defmodule Pleroma.Web.AdminAPI.UserController do def deactivate(%{assigns: %{user: admin}} = conn, %{"nicknames" => nicknames}) do users = Enum.map(nicknames, &User.get_cached_by_nickname/1) - {:ok, updated_users} = User.deactivate(users, true) + {:ok, updated_users} = User.set_activation(users, false) ModerationLog.insert_log(%{ actor: admin, diff --git a/lib/pleroma/web/admin_api/views/account_view.ex b/lib/pleroma/web/admin_api/views/account_view.ex index 34bf2e67a..d7c63d385 100644 --- a/lib/pleroma/web/admin_api/views/account_view.ex +++ b/lib/pleroma/web/admin_api/views/account_view.ex @@ -73,7 +73,7 @@ defmodule Pleroma.Web.AdminAPI.AccountView do "avatar" => avatar, "nickname" => user.nickname, "display_name" => display_name, - "deactivated" => user.deactivated, + "is_active" => user.is_active, "local" => user.local, "roles" => User.roles(user), "tags" => user.tags || [], diff --git a/lib/pleroma/web/api_spec/operations/account_operation.ex b/lib/pleroma/web/api_spec/operations/account_operation.ex index f11ae53ab..54e5ebc76 100644 --- a/lib/pleroma/web/api_spec/operations/account_operation.ex +++ b/lib/pleroma/web/api_spec/operations/account_operation.ex @@ -99,7 +99,10 @@ defmodule Pleroma.Web.ApiSpec.AccountOperation do summary: "Account", operationId: "AccountController.show", description: "View information about a profile.", - parameters: [%Reference{"$ref": "#/components/parameters/accountIdOrNickname"}], + parameters: [ + %Reference{"$ref": "#/components/parameters/accountIdOrNickname"}, + with_relationships_param() + ], responses: %{ 200 => Operation.response("Account", "application/json", Account), 401 => Operation.response("Error", "application/json", ApiError), @@ -130,7 +133,7 @@ defmodule Pleroma.Web.ApiSpec.AccountOperation do :with_muted, :query, BooleanLike, - "Include statuses from muted acccounts." + "Include statuses from muted accounts." ), Operation.parameter(:exclude_reblogs, :query, BooleanLike, "Exclude reblogs"), Operation.parameter(:exclude_replies, :query, BooleanLike, "Exclude replies"), @@ -144,7 +147,7 @@ defmodule Pleroma.Web.ApiSpec.AccountOperation do :with_muted, :query, BooleanLike, - "Include reactions from muted acccounts." + "Include reactions from muted accounts." ) ] ++ pagination_params(), responses: %{ @@ -347,7 +350,7 @@ defmodule Pleroma.Web.ApiSpec.AccountOperation do operationId: "AccountController.mutes", description: "Accounts the user has muted.", security: [%{"oAuth" => ["follow", "read:mutes"]}], - parameters: pagination_params(), + parameters: [with_relationships_param() | pagination_params()], responses: %{ 200 => Operation.response("Accounts", "application/json", array_of_accounts()) } diff --git a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex index 2e115f241..cfa892d29 100644 --- a/lib/pleroma/web/api_spec/operations/admin/report_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/report_operation.ex @@ -182,7 +182,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.ReportOperation do properties: Map.merge(Account.schema().properties, %{ nickname: %Schema{type: :string}, - deactivated: %Schema{type: :boolean}, + is_active: %Schema{type: :boolean}, local: %Schema{type: :boolean}, roles: %Schema{ type: :object, diff --git a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex index 04c97fad9..bbfbd8f93 100644 --- a/lib/pleroma/web/api_spec/operations/admin/status_operation.ex +++ b/lib/pleroma/web/api_spec/operations/admin/status_operation.ex @@ -133,7 +133,7 @@ defmodule Pleroma.Web.ApiSpec.Admin.StatusOperation do avatar: %Schema{type: :string}, nickname: %Schema{type: :string}, display_name: %Schema{type: :string}, - deactivated: %Schema{type: :boolean}, + is_active: %Schema{type: :boolean}, local: %Schema{type: :boolean}, roles: %Schema{ type: :object, diff --git a/lib/pleroma/web/api_spec/operations/timeline_operation.ex b/lib/pleroma/web/api_spec/operations/timeline_operation.ex index 44f5fb0bd..cae18c758 100644 --- a/lib/pleroma/web/api_spec/operations/timeline_operation.ex +++ b/lib/pleroma/web/api_spec/operations/timeline_operation.ex @@ -25,6 +25,8 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do security: [%{"oAuth" => ["read:statuses"]}], parameters: [ local_param(), + remote_param(), + only_media_param(), with_muted_param(), exclude_visibilities_param(), reply_visibility_param() | pagination_params() @@ -60,6 +62,7 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do local_param(), instance_param(), only_media_param(), + remote_param(), with_muted_param(), exclude_visibilities_param(), reply_visibility_param() | pagination_params() @@ -106,6 +109,7 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do ), local_param(), only_media_param(), + remote_param(), with_muted_param(), exclude_visibilities_param() | pagination_params() ], @@ -131,6 +135,9 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do required: true ), with_muted_param(), + local_param(), + remote_param(), + only_media_param(), exclude_visibilities_param() | pagination_params() ], operationId: "TimelineController.list", @@ -197,4 +204,13 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do "Show only statuses with media attached?" ) end + + defp remote_param do + Operation.parameter( + :remote, + :query, + %Schema{allOf: [BooleanLike], default: false}, + "Show only remote statuses?" + ) + end end diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 94703cd05..8e274de88 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -23,6 +23,18 @@ defmodule Pleroma.Web.Endpoint do # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well # Cache-control headers are duplicated in case we turn off etags in the future + plug( + Pleroma.Web.Plugs.InstanceStatic, + at: "/", + from: :pleroma, + only: ["emoji", "images"], + gzip: true, + cache_control_for_etags: "public, max-age=1209600", + headers: %{ + "cache-control" => "public, max-age=1209600" + } + ) + plug(Pleroma.Web.Plugs.InstanceStatic, at: "/", gzip: true, diff --git a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex index d277aeca5..7a1e99044 100644 --- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex @@ -269,10 +269,14 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, []) @doc "GET /api/v1/accounts/:id" - def show(%{assigns: %{user: for_user}} = conn, %{id: nickname_or_id}) do + def show(%{assigns: %{user: for_user}} = conn, %{id: nickname_or_id} = params) do with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user), :visible <- User.visible_for(user, for_user) do - render(conn, "show.json", user: user, for: for_user) + render(conn, "show.json", + user: user, + for: for_user, + embed_relationships: embed_relationships?(params) + ) else error -> user_visibility_error(conn, error) end @@ -454,7 +458,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do conn |> add_link_headers(users) - |> render("index.json", users: users, for: user, as: :user) + |> render("index.json", + users: users, + for: user, + as: :user, + embed_relationships: embed_relationships?(params) + ) end @doc "GET /api/v1/blocks" diff --git a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex index 08e6f23b9..cef299aa4 100644 --- a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex @@ -51,6 +51,8 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do |> Map.put(:reply_filtering_user, user) |> Map.put(:announce_filtering_user, user) |> Map.put(:user, user) + |> Map.put(:local_only, params[:local]) + |> Map.delete(:local) activities = [user.ap_id | User.following(user)] @@ -190,6 +192,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do |> Map.put(:blocking_user, user) |> Map.put(:user, user) |> Map.put(:muting_user, user) + |> Map.put(:local_only, params[:local]) # we must filter the following list for the user to avoid leaking statuses the user # does not actually have permission to see (for more info, peruse security issue #270). diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index da1221d47..ac25aefdd 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -262,7 +262,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do } }, - # Pleroma extension + # Pleroma extensions + # Note: it's insecure to output :email but fully-qualified nickname may serve as safe stub + fqn: User.full_nickname(user), pleroma: %{ ap_id: user.ap_id, also_known_as: user.also_known_as, @@ -376,7 +378,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do defp maybe_put_allow_following_move(data, _, _), do: data defp maybe_put_activation_status(data, user, %User{is_admin: true}) do - Kernel.put_in(data, [:pleroma, :deactivated], user.deactivated) + Kernel.put_in(data, [:pleroma, :deactivated], !user.is_active) end defp maybe_put_activation_status(data, _, _), do: data diff --git a/lib/pleroma/web/mastodon_api/views/instance_view.ex b/lib/pleroma/web/mastodon_api/views/instance_view.ex index 1edbdbe11..73205fb6d 100644 --- a/lib/pleroma/web/mastodon_api/views/instance_view.ex +++ b/lib/pleroma/web/mastodon_api/views/instance_view.ex @@ -45,6 +45,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceView do fields_limits: fields_limits(), post_formats: Config.get([:instance, :allowed_post_formats]) }, + stats: %{mau: Pleroma.User.active_user_count()}, vapid_public_key: Keyword.get(Pleroma.Web.Push.vapid_config(), :public_key) } } diff --git a/lib/pleroma/web/mastodon_api/views/poll_view.ex b/lib/pleroma/web/mastodon_api/views/poll_view.ex index d6b544037..71bc8b949 100644 --- a/lib/pleroma/web/mastodon_api/views/poll_view.ex +++ b/lib/pleroma/web/mastodon_api/views/poll_view.ex @@ -11,7 +11,7 @@ defmodule Pleroma.Web.MastodonAPI.PollView do {end_time, expired} = end_time_and_expired(object) {options, votes_count} = options_and_votes_count(options) - %{ + poll = %{ # Mastodon uses separate ids for polls, but an object can't have # more than one poll embedded so object id is fine id: to_string(object.id), @@ -21,9 +21,16 @@ defmodule Pleroma.Web.MastodonAPI.PollView do votes_count: votes_count, voters_count: voters_count(object), options: options, - voted: voted?(params), emojis: Pleroma.Web.MastodonAPI.StatusView.build_emojis(object.data["emoji"]) } + + if params[:for] do + # when unauthenticated Mastodon doesn't include `voted` & `own_votes` keys in response + {voted, own_votes} = voted_and_own_votes(params, options) + Map.merge(poll, %{voted: voted, own_votes: own_votes}) + else + poll + end end def render("show.json", %{object: object} = params) do @@ -67,12 +74,29 @@ defmodule Pleroma.Web.MastodonAPI.PollView do defp voters_count(_), do: 0 - defp voted?(%{object: object} = opts) do - if opts[:for] do - existing_votes = Pleroma.Web.ActivityPub.Utils.get_existing_votes(opts[:for].ap_id, object) - existing_votes != [] or opts[:for].ap_id == object.data["actor"] + defp voted_and_own_votes(%{object: object} = params, options) do + if params[:for] do + existing_votes = + Pleroma.Web.ActivityPub.Utils.get_existing_votes(params[:for].ap_id, object) + + voted = existing_votes != [] or params[:for].ap_id == object.data["actor"] + + own_votes = + if voted do + titles = Enum.map(options, & &1[:title]) + + Enum.reduce(existing_votes, [], fn vote, acc -> + data = vote |> Map.get(:object) |> Map.get(:data) + index = Enum.find_index(titles, &(&1 == data["name"])) + [index | acc] + end) + else + [] + end + + {voted, own_votes} else - false + {false, []} end end end diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index cd1a85088..2cd6732fe 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -491,7 +491,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do def build_tags(object_tags) when is_list(object_tags) do object_tags |> Enum.filter(&is_binary/1) - |> Enum.map(&%{name: &1, url: "/tag/#{URI.encode(&1)}"}) + |> Enum.map(&%{name: &1, url: "#{Pleroma.Web.base_url()}/tag/#{URI.encode(&1)}"}) end def build_tags(_), do: [] diff --git a/lib/pleroma/web/media_proxy/invalidation/script.ex b/lib/pleroma/web/media_proxy/invalidation/script.ex index 0f66c2fe3..87a21166c 100644 --- a/lib/pleroma/web/media_proxy/invalidation/script.ex +++ b/lib/pleroma/web/media_proxy/invalidation/script.ex @@ -13,6 +13,7 @@ defmodule Pleroma.Web.MediaProxy.Invalidation.Script do def purge(urls, opts \\ []) do args = urls + |> maybe_format_urls(Keyword.get(opts, :url_format)) |> List.wrap() |> Enum.uniq() |> Enum.join(" ") @@ -40,4 +41,22 @@ defmodule Pleroma.Web.MediaProxy.Invalidation.Script do Logger.error("Error while cache purge: #{inspect(error)}") {:error, inspect(error)} end + + def maybe_format_urls(urls, :htcacheclean) do + urls + |> Enum.map(fn url -> + uri = URI.parse(url) + + query = + if !is_nil(uri.query) do + "?" <> uri.query + else + "?" + end + + uri.scheme <> "://" <> uri.host <> ":#{inspect(uri.port)}" <> uri.path <> query + end) + end + + def maybe_format_urls(urls, _), do: urls end diff --git a/lib/pleroma/web/mongoose_im/mongoose_im_controller.ex b/lib/pleroma/web/mongoose_im/mongoose_im_controller.ex index e7903dde8..6ace3e0b5 100644 --- a/lib/pleroma/web/mongoose_im/mongoose_im_controller.ex +++ b/lib/pleroma/web/mongoose_im/mongoose_im_controller.ex @@ -14,7 +14,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password) def user_exists(conn, %{"user" => username}) do - with %User{} <- Repo.get_by(User, nickname: username, local: true, deactivated: false) do + with %User{} <- Repo.get_by(User, nickname: username, local: true, is_active: true) do conn |> json(true) else @@ -26,7 +26,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do end def check_password(conn, %{"user" => username, "pass" => password}) do - with %User{password_hash: password_hash, deactivated: false} <- + with %User{password_hash: password_hash, is_active: true} <- Repo.get_by(User, nickname: username, local: true), true <- AuthenticationPlug.checkpw(password, password_hash) do conn diff --git a/lib/pleroma/web/pleroma_api/views/emoji_reaction_view.ex b/lib/pleroma/web/pleroma_api/views/emoji_reaction_view.ex index 809ef9b40..c94527e6d 100644 --- a/lib/pleroma/web/pleroma_api/views/emoji_reaction_view.ex +++ b/lib/pleroma/web/pleroma_api/views/emoji_reaction_view.ex @@ -26,7 +26,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionView do user_ap_ids |> Enum.map(&Pleroma.User.get_cached_by_ap_id/1) |> Enum.filter(fn - %{deactivated: false} -> true + %{is_active: true} -> true _ -> false end) end diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index 4b84f575d..0025b042a 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -20,9 +20,26 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do end end - defp headers do + def primary_frontend do + with %{"name" => frontend} <- Config.get([:frontends, :primary]), + available <- Config.get([:frontends, :available]), + %{} = primary_frontend <- Map.get(available, frontend) do + {:ok, primary_frontend} + end + end + + def custom_http_frontend_headers do + with {:ok, %{"custom-http-headers" => custom_headers}} <- primary_frontend() do + custom_headers + else + _ -> [] + end + end + + def headers do referrer_policy = Config.get([:http_security, :referrer_policy]) report_uri = Config.get([:http_security, :report_uri]) + custom_http_frontend_headers = custom_http_frontend_headers() headers = [ {"x-xss-protection", "1; mode=block"}, @@ -34,6 +51,13 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do {"content-security-policy", csp_string()} ] + headers = + if custom_http_frontend_headers do + custom_http_frontend_headers ++ headers + else + headers + end + if report_uri do report_group = %{ "group" => "csp-endpoint", diff --git a/lib/pleroma/web/plugs/user_tracking_plug.ex b/lib/pleroma/web/plugs/user_tracking_plug.ex new file mode 100644 index 000000000..c9a988f00 --- /dev/null +++ b/lib/pleroma/web/plugs/user_tracking_plug.ex @@ -0,0 +1,30 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Plugs.UserTrackingPlug do + alias Pleroma.User + + import Plug.Conn, only: [assign: 3] + + @update_interval :timer.hours(24) + + def init(opts), do: opts + + def call(%{assigns: %{user: %User{id: id} = user}} = conn, _) when not is_nil(id) do + with true <- needs_update?(user), + {:ok, user} <- User.update_last_active_at(user) do + assign(conn, :user, user) + else + _ -> conn + end + end + + def call(conn, _), do: conn + + defp needs_update?(%User{last_active_at: nil}), do: true + + defp needs_update?(%User{last_active_at: last_active_at}) do + NaiveDateTime.diff(NaiveDateTime.utc_now(), last_active_at, :millisecond) >= @update_interval + end +end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index a9e332fa1..2105d7e9e 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -56,6 +56,7 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Web.Plugs.UserEnabledPlug) plug(Pleroma.Web.Plugs.SetUserSessionIdPlug) plug(Pleroma.Web.Plugs.EnsureUserTokenAssignsPlug) + plug(Pleroma.Web.Plugs.UserTrackingPlug) end pipeline :base_api do @@ -319,6 +320,8 @@ defmodule Pleroma.Web.Router do end scope "/oauth", Pleroma.Web.OAuth do + # Note: use /api/v1/accounts/verify_credentials for userinfo of signed-in user + get("/registration_details", OAuthController, :registration_details) post("/mfa/verify", MFAController, :verify, as: :mfa_verify) diff --git a/lib/pleroma/web/templates/embed/show.html.eex b/lib/pleroma/web/templates/embed/show.html.eex index 05a3f0ee3..092b52b70 100644 --- a/lib/pleroma/web/templates/embed/show.html.eex +++ b/lib/pleroma/web/templates/embed/show.html.eex @@ -6,7 +6,7 @@ </div> <span class="display-name" style="padding-left: 0.5em;"> <bdi><%= raw (@author.name |> Formatter.emojify(@author.emoji)) %></bdi> - <span class="nickname"><%= full_nickname(@author) %></span> + <span class="nickname">@<%= full_nickname(@author) %></span> </span> </a> </div> diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index 1e252f7bb..940a645bb 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -150,7 +150,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do def disable_account(%{assigns: %{user: user}} = conn, params) do case CommonAPI.Utils.confirm_current_password(user, params["password"]) do {:ok, user} -> - User.deactivate_async(user) + User.set_activation_async(user, false) json(conn, %{status: "success"}) {:error, msg} -> diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index f6d721da6..76ca82d20 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -59,7 +59,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do def password_reset(nickname_or_email) do with true <- is_binary(nickname_or_email), - %User{local: true, email: email, deactivated: false} = user when is_binary(email) <- + %User{local: true, email: email, is_active: true} = user when is_binary(email) <- User.get_by_nickname_or_email(nickname_or_email), {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do user diff --git a/lib/pleroma/web/views/embed_view.ex b/lib/pleroma/web/views/embed_view.ex index cb7600adb..81e196730 100644 --- a/lib/pleroma/web/views/embed_view.ex +++ b/lib/pleroma/web/views/embed_view.ex @@ -17,6 +17,8 @@ defmodule Pleroma.Web.EmbedView do use Phoenix.HTML + defdelegate full_nickname(user), to: User + @media_types ["image", "audio", "video"] defp fetch_media_type(%{"mediaType" => mediaType}) do @@ -30,11 +32,6 @@ defmodule Pleroma.Web.EmbedView do ) end - defp full_nickname(user) do - %{host: host} = URI.parse(user.ap_id) - "@" <> user.nickname <> "@" <> host - end - defp status_title(%Activity{object: %Object{data: %{"name" => name}}}) when is_binary(name), do: name diff --git a/lib/pleroma/workers/attachments_cleanup_worker.ex b/lib/pleroma/workers/attachments_cleanup_worker.ex index a2373ebb9..f5090dae7 100644 --- a/lib/pleroma/workers/attachments_cleanup_worker.ex +++ b/lib/pleroma/workers/attachments_cleanup_worker.ex @@ -17,12 +17,14 @@ defmodule Pleroma.Workers.AttachmentsCleanupWorker do "object" => %{"data" => %{"attachment" => [_ | _] = attachments, "actor" => actor}} } }) do - attachments - |> Enum.flat_map(fn item -> Enum.map(item["url"], & &1["href"]) end) - |> fetch_objects - |> prepare_objects(actor, Enum.map(attachments, & &1["name"])) - |> filter_objects - |> do_clean + if Pleroma.Config.get([:instance, :cleanup_attachments], false) do + attachments + |> Enum.flat_map(fn item -> Enum.map(item["url"], & &1["href"]) end) + |> fetch_objects + |> prepare_objects(actor, Enum.map(attachments, & &1["name"])) + |> filter_objects + |> do_clean + end {:ok, :success} end diff --git a/lib/pleroma/workers/background_worker.ex b/lib/pleroma/workers/background_worker.ex index e24b9c175..1e28384cb 100644 --- a/lib/pleroma/workers/background_worker.ex +++ b/lib/pleroma/workers/background_worker.ex @@ -9,9 +9,9 @@ defmodule Pleroma.Workers.BackgroundWorker do @impl Oban.Worker - def perform(%Job{args: %{"op" => "deactivate_user", "user_id" => user_id, "status" => status}}) do + def perform(%Job{args: %{"op" => "user_activation", "user_id" => user_id, "status" => status}}) do user = User.get_cached_by_id(user_id) - User.perform(:deactivate_async, user, status) + User.perform(:set_activation_async, user, status) end def perform(%Job{args: %{"op" => "delete_user", "user_id" => user_id}}) do diff --git a/lib/pleroma/workers/purge_expired_activity.ex b/lib/pleroma/workers/purge_expired_activity.ex index 01256831b..027171c1e 100644 --- a/lib/pleroma/workers/purge_expired_activity.ex +++ b/lib/pleroma/workers/purge_expired_activity.ex @@ -7,7 +7,7 @@ defmodule Pleroma.Workers.PurgeExpiredActivity do Worker which purges expired activity. """ - use Oban.Worker, queue: :activity_expiration, max_attempts: 1 + use Oban.Worker, queue: :activity_expiration, max_attempts: 1, unique: [period: :infinity] import Ecto.Query |