From af42c00cfffb2cd8e93857cd1cf2901113c45bd2 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 6 Dec 2019 00:25:44 +0300 Subject: [#1427] Reworked admin scopes support. Requalified users.is_admin flag as legacy accessor to admin actions in case token lacks admin scope(s). --- config/config.exs | 5 ++++- config/description.exs | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index bf2b3f6e2..64397484e 100644 --- a/config/config.exs +++ b/config/config.exs @@ -560,7 +560,10 @@ config :ueberauth, base_path: "/oauth", providers: ueberauth_providers -config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies +config :pleroma, + :auth, + enforce_oauth_admin_scope_usage: false, + oauth_consumer_strategies: oauth_consumer_strategies config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail, enabled: false diff --git a/config/description.exs b/config/description.exs index 70e963399..45e4b43f1 100644 --- a/config/description.exs +++ b/config/description.exs @@ -2094,6 +2094,15 @@ config :pleroma, :config_description, [ type: :group, description: "Authentication / authorization settings", children: [ + %{ + key: :enforce_oauth_admin_scope_usage, + type: :boolean, + description: + "OAuth admin scope requirement toggle. " <> + "If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token " <> + "(client app must support admin scopes). If `false` and token doesn't have admin scope(s)," <> + "`is_admin` user flag grants access to admin-specific actions." + }, %{ key: :auth_template, type: :string, -- cgit v1.2.3 From 63ffa0e3ed6640ba0c1e1e235b4cafa9ac386fb3 Mon Sep 17 00:00:00 2001 From: stwf Date: Wed, 11 Dec 2019 14:57:33 -0500 Subject: try local sheduling --- config/test.exs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/test.exs b/config/test.exs index 9b737d4d7..d52ced612 100644 --- a/config/test.exs +++ b/config/test.exs @@ -68,7 +68,9 @@ config :pleroma, Oban, queues: false, prune: :disabled -config :pleroma, Pleroma.Scheduler, jobs: [] +config :pleroma, Pleroma.Scheduler, + jobs: [], + global: false config :pleroma, Pleroma.ScheduledActivity, daily_user_limit: 2, -- cgit v1.2.3 From e53679698424a7d58c308c21d466b07e34e8c3e9 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 11 Dec 2019 22:29:31 +0700 Subject: Add native captcha and enable it by default. --- config/config.exs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index 6ed800056..370ddd855 100644 --- a/config/config.exs +++ b/config/config.exs @@ -66,9 +66,9 @@ config :pleroma, Pleroma.Scheduler, jobs: scheduled_jobs config :pleroma, Pleroma.Captcha, - enabled: false, + enabled: true, seconds_valid: 60, - method: Pleroma.Captcha.Kocaptcha + method: Pleroma.Captcha.Native config :pleroma, :hackney_pools, federation: [ @@ -84,8 +84,6 @@ config :pleroma, :hackney_pools, timeout: 300_000 ] -config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch" - # Upload configuration config :pleroma, Pleroma.Upload, uploader: Pleroma.Uploaders.Local, -- cgit v1.2.3 From 470a3a678dfb4a7b9c2fe29c6b7ea03cee35ee82 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 12 Dec 2019 18:04:52 +0700 Subject: Add Kocaptcha endpoint to the test config --- config/test.exs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config') diff --git a/config/test.exs b/config/test.exs index d52ced612..b48b89c8f 100644 --- a/config/test.exs +++ b/config/test.exs @@ -95,6 +95,8 @@ config :joken, default_signer: "yU8uHKq+yyAkZ11Hx//jcdacWc8yQ1bxAAGrplzB0Zwwjkp3 config :pleroma, Pleroma.ReverseProxy.Client, Pleroma.ReverseProxy.ClientMock +config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch" + if File.exists?("./config/test.secret.exs") do import_config "test.secret.exs" else -- cgit v1.2.3