From a12b6454bb0a270732f9b55f8d4366c9add44136 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 16 Dec 2019 22:24:03 +0700 Subject: Add an option to require fetches to be signed --- lib/pleroma/plugs/http_signature.ex | 43 +++++++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 14 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex index 23d22a712..ecd7a55bf 100644 --- a/lib/pleroma/plugs/http_signature.ex +++ b/lib/pleroma/plugs/http_signature.ex @@ -15,25 +15,23 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do end def call(conn, _opts) do - headers = get_req_header(conn, "signature") - signature = Enum.at(headers, 0) + conn + |> maybe_assign_valid_signature() + |> maybe_require_signature() + end - if signature do + defp maybe_assign_valid_signature(conn) do + if has_signature_header?(conn) do # set (request-target) header to the appropriate value # we also replace the digest header with the one we computed - conn = - conn - |> put_req_header( - "(request-target)", - String.downcase("#{conn.method}") <> " #{conn.request_path}" - ) + request_target = String.downcase("#{conn.method}") <> " #{conn.request_path}" conn = - if conn.assigns[:digest] do - conn - |> put_req_header("digest", conn.assigns[:digest]) - else - conn + conn + |> put_req_header("(request-target)", request_target) + |> case do + %{assigns: %{digest: digest}} = conn -> put_req_header(conn, "digest", digest) + conn -> conn end assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn)) @@ -42,4 +40,21 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do conn end end + + defp has_signature_header?(conn) do + conn |> get_req_header("signature") |> Enum.at(0, false) + end + + defp maybe_require_signature(%{assigns: %{valid_signature: true}} = conn), do: conn + + defp maybe_require_signature(conn) do + if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do + conn + |> put_status(:unauthorized) + |> Phoenix.Controller.text("Request not signed") + |> halt() + else + conn + end + end end -- cgit v1.2.3 From 775212121cc3eb108bca6c4b94a3fdf6d8d8fcd1 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 19 Dec 2019 20:17:18 +0700 Subject: Verify HTTP signatures only when request accepts "activity+json" type --- lib/pleroma/plugs/http_signature.ex | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex index ecd7a55bf..477a5b578 100644 --- a/lib/pleroma/plugs/http_signature.ex +++ b/lib/pleroma/plugs/http_signature.ex @@ -4,6 +4,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do import Plug.Conn + import Phoenix.Controller, only: [get_format: 1, text: 2] require Logger def init(options) do @@ -15,9 +16,13 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do end def call(conn, _opts) do - conn - |> maybe_assign_valid_signature() - |> maybe_require_signature() + if get_format(conn) == "activity+json" do + conn + |> maybe_assign_valid_signature() + |> maybe_require_signature() + else + conn + end end defp maybe_assign_valid_signature(conn) do @@ -51,7 +56,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do conn |> put_status(:unauthorized) - |> Phoenix.Controller.text("Request not signed") + |> text("Request not signed") |> halt() else conn -- cgit v1.2.3 From 7bfb8ed14d2d222e6fcd7afe54f229f68370f061 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 21 Jan 2020 16:16:59 +0100 Subject: remote_follow_controller.ex: Redirect to the user page on success Closes: https://git.pleroma.social/pleroma/pleroma/issues/1245 --- lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex b/lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex index e0d4d5632..fbf31c7eb 100644 --- a/lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/remote_follow_controller.ex @@ -1,5 +1,5 @@ # Pleroma: A lightweight social networking server -# Copyright © 2017-2019 Pleroma Authors +# Copyright © 2017-2020 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do @@ -69,7 +69,7 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do def do_follow(%{assigns: %{user: %User{} = user}} = conn, %{"user" => %{"id" => id}}) do with {:fetch_user, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)}, {:ok, _, _, _} <- CommonAPI.follow(user, followee) do - render(conn, "followed.html", %{error: false}) + redirect(conn, to: "/users/#{followee.id}") else error -> handle_follow_error(conn, error) @@ -80,7 +80,7 @@ defmodule Pleroma.Web.TwitterAPI.RemoteFollowController do with {:fetch_user, %User{} = followee} <- {:fetch_user, User.get_cached_by_id(id)}, {_, {:ok, user}, _} <- {:auth, Authenticator.get_user(conn), followee}, {:ok, _, _, _} <- CommonAPI.follow(user, followee) do - render(conn, "followed.html", %{error: false}) + redirect(conn, to: "/users/#{followee.id}") else error -> handle_follow_error(conn, error) -- cgit v1.2.3 From df0b8f1d0802a2536bf436ff8157918929a183cc Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 22 Jan 2020 20:31:42 +0400 Subject: Add new users digest email --- lib/pleroma/emails/new_users_digest_email.ex | 36 ++++ .../web/templates/email/new_users_digest.html.eex | 158 +++++++++++++++++ .../web/templates/layout/email_styled.html.eex | 193 +++++++++++++++++++++ lib/pleroma/web/views/email_view.ex | 4 + lib/pleroma/workers/new_users_digest_worker.ex | 56 ++++++ 5 files changed, 447 insertions(+) create mode 100644 lib/pleroma/emails/new_users_digest_email.ex create mode 100644 lib/pleroma/web/templates/email/new_users_digest.html.eex create mode 100644 lib/pleroma/web/templates/layout/email_styled.html.eex create mode 100644 lib/pleroma/workers/new_users_digest_worker.ex (limited to 'lib') diff --git a/lib/pleroma/emails/new_users_digest_email.ex b/lib/pleroma/emails/new_users_digest_email.ex new file mode 100644 index 000000000..21096a744 --- /dev/null +++ b/lib/pleroma/emails/new_users_digest_email.ex @@ -0,0 +1,36 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Emails.NewUsersDigestEmail do + use Phoenix.Swoosh, view: Pleroma.Web.EmailView, layout: {Pleroma.Web.LayoutView, :email_styled} + + defp instance_notify_email do + Pleroma.Config.get([:instance, :notify_email]) || Pleroma.Config.get([:instance, :email]) + end + + def new_users(to, users_and_statuses) do + instance_name = Pleroma.Config.get([:instance, :name]) + styling = Pleroma.Config.get([Pleroma.Emails.UserEmail, :styling]) + logo = Pleroma.Config.get([Pleroma.Emails.UserEmail, :logo]) + + logo_path = + if is_nil(logo) do + Path.join(:code.priv_dir(:pleroma), "static/static/logo.png") + else + Path.join(Pleroma.Config.get([:instance, :static_dir]), logo) + end + + new() + |> to({to.name, to.email}) + |> from({instance_name, instance_notify_email()}) + |> subject("#{instance_name} New Users") + |> render_body("new_users_digest.html", %{ + title: "New Users", + users_and_statuses: users_and_statuses, + instance: instance_name, + styling: styling + }) + |> attachment(Swoosh.Attachment.new(logo_path, filename: "logo.png", type: :inline)) + end +end diff --git a/lib/pleroma/web/templates/email/new_users_digest.html.eex b/lib/pleroma/web/templates/email/new_users_digest.html.eex new file mode 100644 index 000000000..40d9b8381 --- /dev/null +++ b/lib/pleroma/web/templates/email/new_users_digest.html.eex @@ -0,0 +1,158 @@ +<%= for {user, total_statuses, latest_status} <- @users_and_statuses do %> + <%# user card START %> +
+
+
+ + +
+
+ +
+ +
+ <%= user.name %> + +
+ +
+ +
+
+ + + +
+
+ +
+ + +
+
+

<%= user.name %>

+

<%= link "@" <> user.nickname, style: "color: #{@styling.link_color};text-decoration: none;", to: admin_user_url(user) %>

+

Total: <%= total_statuses %>

+
+
+ + +
+ +
+
+ + +
+
+
+ <%# user card END %> + + <%= if latest_status do %> +
+
+
+ + +
+
+ +
+ + +
+
+ <%= raw latest_status.object.data["content"] %>
+
+ + +
+
+

<%= format_date latest_status.object.data["published"] %>

+
+
+ + +
+ +
+
+ + +
+
+
+ <% end %> + <%# divider start %> +
+
+
+ + +
+
+ +
+ + + + + + + + + +
+ +
+
+ + +
+
+
+ + <%# divider end %> + <%# user card END %> +<% end %> diff --git a/lib/pleroma/web/templates/layout/email_styled.html.eex b/lib/pleroma/web/templates/layout/email_styled.html.eex new file mode 100644 index 000000000..295d2bba0 --- /dev/null +++ b/lib/pleroma/web/templates/layout/email_styled.html.eex @@ -0,0 +1,193 @@ + + + + + + + + + + + + <%= @email.subject %>< + + + + + + + + + + + + + + + + + + + diff --git a/lib/pleroma/web/views/email_view.ex b/lib/pleroma/web/views/email_view.ex index b506a234b..6b0fbe61e 100644 --- a/lib/pleroma/web/views/email_view.ex +++ b/lib/pleroma/web/views/email_view.ex @@ -12,4 +12,8 @@ defmodule Pleroma.Web.EmailView do |> Timex.parse!("{ISO:Extended:Z}") |> Timex.format!("{Mshort} {D}, {YYYY} {h24}:{m}") end + + def admin_user_url(%{id: id}) do + Pleroma.Web.Endpoint.url() <> "/pleroma/admin/#/users/" <> id + end end diff --git a/lib/pleroma/workers/new_users_digest_worker.ex b/lib/pleroma/workers/new_users_digest_worker.ex new file mode 100644 index 000000000..24cc6bdf3 --- /dev/null +++ b/lib/pleroma/workers/new_users_digest_worker.ex @@ -0,0 +1,56 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Workers.NewUsersDigestWorker do + alias Pleroma.User + alias Pleroma.Repo + alias Pleroma.Activity + + import Ecto.Query + + use Pleroma.Workers.WorkerHelper, queue: "new_users_digest" + + @impl Oban.Worker + def perform(_args, _job) do + today = NaiveDateTime.utc_now() |> Timex.beginning_of_day() + + a_day_ago = + today + |> Timex.shift(days: -1) + |> Timex.beginning_of_day() + + users_and_statuses = + %{ + local: true, + order_by: :inserted_at + } + |> User.Query.build() + |> where([u], u.inserted_at >= ^a_day_ago and u.inserted_at < ^today) + |> Repo.all() + |> Enum.map(fn user -> + latest_status = + Activity + |> Activity.Queries.by_actor(user.ap_id) + |> Activity.Queries.by_type("Create") + |> Activity.with_preloaded_object() + |> order_by(desc: :inserted_at) + |> limit(1) + |> Repo.one() + + total_statuses = + Activity + |> Activity.Queries.by_actor(user.ap_id) + |> Activity.Queries.by_type("Create") + |> Repo.aggregate(:count, :id) + + {user, total_statuses, latest_status} + end) + + %{is_admin: true} + |> User.Query.build() + |> Repo.all() + |> Enum.map(&Pleroma.Emails.NewUsersDigestEmail.new_users(&1, users_and_statuses)) + |> Enum.each(&Pleroma.Emails.Mailer.deliver/1) + end +end -- cgit v1.2.3 From aa0f0d4edd4205c2b1d7c4f5a885d57287f6379a Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 22 Jan 2020 20:53:06 +0400 Subject: Disable NewUsersDigestEmail by default --- lib/pleroma/workers/new_users_digest_worker.ex | 76 +++++++++++++------------- 1 file changed, 39 insertions(+), 37 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/workers/new_users_digest_worker.ex b/lib/pleroma/workers/new_users_digest_worker.ex index 24cc6bdf3..b776b2c79 100644 --- a/lib/pleroma/workers/new_users_digest_worker.ex +++ b/lib/pleroma/workers/new_users_digest_worker.ex @@ -13,44 +13,46 @@ defmodule Pleroma.Workers.NewUsersDigestWorker do @impl Oban.Worker def perform(_args, _job) do - today = NaiveDateTime.utc_now() |> Timex.beginning_of_day() - - a_day_ago = - today - |> Timex.shift(days: -1) - |> Timex.beginning_of_day() - - users_and_statuses = - %{ - local: true, - order_by: :inserted_at - } + if Pleroma.Config.get([Pleroma.Emails.NewUsersDigestEmail, :enabled]) do + today = NaiveDateTime.utc_now() |> Timex.beginning_of_day() + + a_day_ago = + today + |> Timex.shift(days: -1) + |> Timex.beginning_of_day() + + users_and_statuses = + %{ + local: true, + order_by: :inserted_at + } + |> User.Query.build() + |> where([u], u.inserted_at >= ^a_day_ago and u.inserted_at < ^today) + |> Repo.all() + |> Enum.map(fn user -> + latest_status = + Activity + |> Activity.Queries.by_actor(user.ap_id) + |> Activity.Queries.by_type("Create") + |> Activity.with_preloaded_object() + |> order_by(desc: :inserted_at) + |> limit(1) + |> Repo.one() + + total_statuses = + Activity + |> Activity.Queries.by_actor(user.ap_id) + |> Activity.Queries.by_type("Create") + |> Repo.aggregate(:count, :id) + + {user, total_statuses, latest_status} + end) + + %{is_admin: true} |> User.Query.build() - |> where([u], u.inserted_at >= ^a_day_ago and u.inserted_at < ^today) |> Repo.all() - |> Enum.map(fn user -> - latest_status = - Activity - |> Activity.Queries.by_actor(user.ap_id) - |> Activity.Queries.by_type("Create") - |> Activity.with_preloaded_object() - |> order_by(desc: :inserted_at) - |> limit(1) - |> Repo.one() - - total_statuses = - Activity - |> Activity.Queries.by_actor(user.ap_id) - |> Activity.Queries.by_type("Create") - |> Repo.aggregate(:count, :id) - - {user, total_statuses, latest_status} - end) - - %{is_admin: true} - |> User.Query.build() - |> Repo.all() - |> Enum.map(&Pleroma.Emails.NewUsersDigestEmail.new_users(&1, users_and_statuses)) - |> Enum.each(&Pleroma.Emails.Mailer.deliver/1) + |> Enum.map(&Pleroma.Emails.NewUsersDigestEmail.new_users(&1, users_and_statuses)) + |> Enum.each(&Pleroma.Emails.Mailer.deliver/1) + end end end -- cgit v1.2.3 From b6f5b326e7b7b7e209a436190d28ac2a165cb057 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 22 Jan 2020 20:59:58 +0400 Subject: Fix credo warnings --- lib/pleroma/workers/new_users_digest_worker.ex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/workers/new_users_digest_worker.ex b/lib/pleroma/workers/new_users_digest_worker.ex index b776b2c79..845eb4bf7 100644 --- a/lib/pleroma/workers/new_users_digest_worker.ex +++ b/lib/pleroma/workers/new_users_digest_worker.ex @@ -3,9 +3,9 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Workers.NewUsersDigestWorker do - alias Pleroma.User - alias Pleroma.Repo alias Pleroma.Activity + alias Pleroma.Repo + alias Pleroma.User import Ecto.Query -- cgit v1.2.3 From 7c0ac54437e07b85d857700296173035fec5e202 Mon Sep 17 00:00:00 2001 From: minibikini Date: Wed, 22 Jan 2020 17:18:55 +0000 Subject: Apply suggestion to lib/pleroma/web/templates/layout/email_styled.html.eex --- lib/pleroma/web/templates/layout/email_styled.html.eex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/pleroma/web/templates/layout/email_styled.html.eex b/lib/pleroma/web/templates/layout/email_styled.html.eex index 295d2bba0..eb5f59244 100644 --- a/lib/pleroma/web/templates/layout/email_styled.html.eex +++ b/lib/pleroma/web/templates/layout/email_styled.html.eex @@ -11,7 +11,7 @@ - <%= @email.subject %>< + <%= @email.subject %>