From 4504c810802e2253599f06ddf6d58d3389fb23ac Mon Sep 17 00:00:00 2001 From: Ilja Date: Sun, 6 Mar 2022 17:36:30 +0100 Subject: Delete report notifs when demoting from superuser When someone isn't a superuser any more, they shouldn't see the reporsts any more either. Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser. --- lib/pleroma/notification.ex | 8 ++++++++ lib/pleroma/user.ex | 16 +++++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex index 7efbdc49a..71f57e6b2 100644 --- a/lib/pleroma/notification.ex +++ b/lib/pleroma/notification.ex @@ -328,6 +328,14 @@ defmodule Pleroma.Notification do |> Repo.delete_all() end + def destroy_multiple_from_types(%{id: user_id}, types) do + from(n in Notification, + where: n.user_id == ^user_id, + where: n.type in ^types + ) + |> Repo.delete_all() + end + def dismiss(%Pleroma.Activity{} = activity) do Notification |> where([n], n.activity_id == ^activity.id) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 62506f37a..03c5f91cc 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1087,10 +1087,24 @@ defmodule Pleroma.User do |> update_and_set_cache() end - def update_and_set_cache(changeset) do + def update_and_set_cache(%{data: %Pleroma.User{} = user} = changeset) do + was_superuser_before_update = User.superuser?(user) + with {:ok, user} <- Repo.update(changeset, stale_error_field: :id) do set_cache(user) end + |> maybe_remove_report_notifications(was_superuser_before_update) + end + + defp maybe_remove_report_notifications({:ok, %Pleroma.User{} = user} = result, true) do + if not User.superuser?(user), + do: user |> Notification.destroy_multiple_from_types(["pleroma:report"]) + + result + end + + defp maybe_remove_report_notifications(result, _) do + result end def get_user_friends_ap_ids(user) do -- cgit v1.2.3 From da710920039ad892c1d988dc756227411f7a7e63 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 9 Jan 2022 20:00:12 +0100 Subject: EctoType: Add MIME validator --- lib/pleroma/constants.ex | 6 ++++++ .../activity_pub/object_validators/mime.ex | 25 ++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 lib/pleroma/ecto_type/activity_pub/object_validators/mime.ex (limited to 'lib') diff --git a/lib/pleroma/constants.ex b/lib/pleroma/constants.ex index bf92f65cb..343ea1acb 100644 --- a/lib/pleroma/constants.ex +++ b/lib/pleroma/constants.ex @@ -27,4 +27,10 @@ defmodule Pleroma.Constants do do: ~w(index.html robots.txt static static-fe finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc embed.js embed.css) ) + + # basic regex, just there to weed out potential mistakes + # https://datatracker.ietf.org/doc/html/rfc2045#section-5.1 + const(mime_regex, + do: ~r/^[^[:cntrl:] ()<>@,;:\\"\/\[\]?=]+\/[^[:cntrl:] ()<>@,;:\\"\/\[\]?=]+(; .*)?$/ + ) end diff --git a/lib/pleroma/ecto_type/activity_pub/object_validators/mime.ex b/lib/pleroma/ecto_type/activity_pub/object_validators/mime.ex new file mode 100644 index 000000000..31d51577d --- /dev/null +++ b/lib/pleroma/ecto_type/activity_pub/object_validators/mime.ex @@ -0,0 +1,25 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2022 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.EctoType.ActivityPub.ObjectValidators.MIME do + use Ecto.Type + + require Pleroma.Constants + + def type, do: :string + + def cast(mime) when is_binary(mime) do + if mime =~ Pleroma.Constants.mime_regex() do + {:ok, mime} + else + {:ok, "application/octet-stream"} + end + end + + def cast(_), do: :error + + def dump(data), do: {:ok, data} + + def load(data), do: {:ok, data} +end -- cgit v1.2.3 From 8640d217b1119b015dbc135a07513466f1c2de8f Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 9 Jan 2022 20:01:16 +0100 Subject: AttachmentValidator: Use custom ecto type and regex for "mediaType" --- .../activity_pub/object_validators/attachment_validator.ex | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/web/activity_pub/object_validators/attachment_validator.ex b/lib/pleroma/web/activity_pub/object_validators/attachment_validator.ex index 837787b9f..b86ce35fd 100644 --- a/lib/pleroma/web/activity_pub/object_validators/attachment_validator.ex +++ b/lib/pleroma/web/activity_pub/object_validators/attachment_validator.ex @@ -12,14 +12,14 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator do @primary_key false embedded_schema do field(:type, :string) - field(:mediaType, :string, default: "application/octet-stream") + field(:mediaType, ObjectValidators.MIME, default: "application/octet-stream") field(:name, :string) field(:blurhash, :string) embeds_many :url, UrlObjectValidator, primary_key: false do field(:type, :string) field(:href, ObjectValidators.Uri) - field(:mediaType, :string, default: "application/octet-stream") + field(:mediaType, ObjectValidators.MIME, default: "application/octet-stream") field(:width, :integer) field(:height, :integer) end @@ -59,13 +59,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator do end def fix_media_type(data) do - data = Map.put_new(data, "mediaType", data["mimeType"]) - - if is_bitstring(data["mediaType"]) && MIME.extensions(data["mediaType"]) != [] do - data - else - Map.put(data, "mediaType", "application/octet-stream") - end + Map.put_new(data, "mediaType", data["mimeType"]) end defp handle_href(href, mediaType) do -- cgit v1.2.3 From 7ec3469bea60936c74692a42b529429cff313910 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 9 Jan 2022 20:02:03 +0100 Subject: Transmogrifier: Use validating regex for "mediaType" --- lib/pleroma/web/activity_pub/transmogrifier.ex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index 142af1a13..5766489be 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -203,13 +203,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do media_type = cond do - is_map(url) && MIME.extensions(url["mediaType"]) != [] -> + is_map(url) && url =~ Pleroma.Constants.mime_regex() -> url["mediaType"] - is_bitstring(data["mediaType"]) && MIME.extensions(data["mediaType"]) != [] -> + is_bitstring(data["mediaType"]) && data["mediaType"] =~ Pleroma.Constants.mime_regex() -> data["mediaType"] - is_bitstring(data["mimeType"]) && MIME.extensions(data["mimeType"]) != [] -> + is_bitstring(data["mimeType"]) && data["mimeType"] =~ Pleroma.Constants.mime_regex() -> data["mimeType"] true -> -- cgit v1.2.3 From 09ab51eebb5e1dc00279a1878e663557c7ba99d9 Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Tue, 12 Jul 2022 19:03:18 -0400 Subject: Make mutes and blocks behave the same as other lists --- lib/pleroma/web/mastodon_api/controllers/account_controller.ex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex index 5fcbffc34..0a4a72bb4 100644 --- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex @@ -453,7 +453,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do users = user |> User.muted_users_relation(_restrict_deactivated = true) - |> Pleroma.Pagination.fetch_paginated(Map.put(params, :skip_order, true)) + |> Pleroma.Pagination.fetch_paginated(params) conn |> add_link_headers(users) @@ -470,7 +470,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do users = user |> User.blocked_users_relation(_restrict_deactivated = true) - |> Pleroma.Pagination.fetch_paginated(Map.put(params, :skip_order, true)) + |> Pleroma.Pagination.fetch_paginated(params) conn |> add_link_headers(users) -- cgit v1.2.3 From e46c3a0595f007470b8c6eb6bfeed65beb687596 Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Sat, 27 Aug 2022 17:51:41 -0400 Subject: Do not stream out Create of ChatMessage --- lib/pleroma/activity/ir/topics.ex | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lib') diff --git a/lib/pleroma/activity/ir/topics.ex b/lib/pleroma/activity/ir/topics.ex index 7a603a615..2965d127c 100644 --- a/lib/pleroma/activity/ir/topics.ex +++ b/lib/pleroma/activity/ir/topics.ex @@ -13,6 +13,14 @@ defmodule Pleroma.Activity.Ir.Topics do |> List.flatten() end + defp generate_topics(%{data: %{"type" => "ChatMessage"}}, %{data: %{"type" => "Delete"}}) do + ["user", "user:pleroma_chat"] + end + + defp generate_topics(%{data: %{"type" => "ChatMessage"}}, %{data: %{"type" => "Create"}}) do + [] + end + defp generate_topics(%{data: %{"type" => "Answer"}}, _) do [] end -- cgit v1.2.3 From 11d5ad24c5e316a9ba9f7de4c661d3af3b319c5c Mon Sep 17 00:00:00 2001 From: Tusooa Zhu Date: Sat, 27 Aug 2022 19:34:56 -0400 Subject: Make local-only posts stream in local timeline --- lib/pleroma/activity/ir/topics.ex | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/pleroma/activity/ir/topics.ex b/lib/pleroma/activity/ir/topics.ex index 2965d127c..3cc488fa6 100644 --- a/lib/pleroma/activity/ir/topics.ex +++ b/lib/pleroma/activity/ir/topics.ex @@ -39,6 +39,10 @@ defmodule Pleroma.Activity.Ir.Topics do end |> item_creation_tags(object, activity) + "local" -> + ["public:local"] + |> item_creation_tags(object, activity) + "direct" -> ["direct"] @@ -71,7 +75,18 @@ defmodule Pleroma.Activity.Ir.Topics do defp attachment_topics(%{data: %{"attachment" => []}}, _act), do: [] - defp attachment_topics(_object, %{local: true}), do: ["public:media", "public:local:media"] + defp attachment_topics(_object, %{local: true} = activity) do + case Visibility.get_visibility(activity) do + "public" -> + ["public:media", "public:local:media"] + + "local" -> + ["public:local:media"] + + _ -> + [] + end + end defp attachment_topics(_object, %{actor: actor}) when is_binary(actor), do: ["public:media", "public:remote:media:" <> URI.parse(actor).host] -- cgit v1.2.3 From 747311f623190cac9e345e1db3568ed850495ac2 Mon Sep 17 00:00:00 2001 From: FloatingGhost Date: Mon, 18 Jul 2022 15:21:27 +0100 Subject: fix resolution of GTS user keys --- lib/pleroma/signature.ex | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/lib/pleroma/signature.ex b/lib/pleroma/signature.ex index 43ab569a4..a71a504b3 100644 --- a/lib/pleroma/signature.ex +++ b/lib/pleroma/signature.ex @@ -10,17 +10,14 @@ defmodule Pleroma.Signature do alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub + @known_suffixes ["/publickey", "/main-key"] + def key_id_to_actor_id(key_id) do uri = - URI.parse(key_id) + key_id + |> URI.parse() |> Map.put(:fragment, nil) - - uri = - if not is_nil(uri.path) and String.ends_with?(uri.path, "/publickey") do - Map.put(uri, :path, String.replace(uri.path, "/publickey", "")) - else - uri - end + |> remove_suffix(@known_suffixes) maybe_ap_id = URI.to_string(uri) @@ -36,6 +33,16 @@ defmodule Pleroma.Signature do end end + defp remove_suffix(uri, [test | rest]) do + if not is_nil(uri.path) and String.ends_with?(uri.path, test) do + Map.put(uri, :path, String.replace(uri.path, test, "")) + else + remove_suffix(uri, rest) + end + end + + defp remove_suffix(uri, []), do: uri + def fetch_public_key(conn) do with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn), {:ok, actor_id} <- key_id_to_actor_id(kid), -- cgit v1.2.3 From 542bb1725866304232a1a80b1afeea6c8f2e8fc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9l=C3=A8ne?= Date: Fri, 19 Aug 2022 02:45:49 +0200 Subject: ArticleNotePageValidator: fix replies fixing Some software, like GoToSocial, expose replies as ActivityPub Collections, but do not expose any item array directly in the object, causing validation to fail via the ObjectID validator. Now, Pleroma will drop that field in this situation too. --- .../activity_pub/object_validators/article_note_page_validator.ex | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/pleroma/web/activity_pub/object_validators/article_note_page_validator.ex b/lib/pleroma/web/activity_pub/object_validators/article_note_page_validator.ex index 0d987116c..825f2082f 100644 --- a/lib/pleroma/web/activity_pub/object_validators/article_note_page_validator.ex +++ b/lib/pleroma/web/activity_pub/object_validators/article_note_page_validator.ex @@ -86,7 +86,10 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator do defp fix_replies(%{"replies" => %{"items" => replies}} = data) when is_list(replies), do: Map.put(data, "replies", replies) - defp fix_replies(%{"replies" => replies} = data) when is_bitstring(replies), + # TODO: Pleroma does not have any support for Collections at the moment. + # If the `replies` field is not something the ObjectID validator can handle, + # the activity/object would be rejected, which is bad behavior. + defp fix_replies(%{"replies" => replies} = data) when not is_list(replies), do: Map.drop(data, ["replies"]) defp fix_replies(data), do: data -- cgit v1.2.3