* Rework the way 2FA is enabled/disabled (fixes#3309)
* postgres format
* change algo to sha1 for better compat
* review comments
* review
* clippy
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* User can block instances (fixes#2397)
* update comments
* review comments
* use route
* update
* add api test
* update tests
* fix
* fix test
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
This removes the possibility of using a mix of sanitized and
non-sanitized values for `username` in code.
Signed-off-by: Apple Sheeple <AppleSheeple@github>
* persistent activity queue
* fixes
* fixes
* make federation workers function callable from outside
* log federation instances
* dead instance detection not needed here
* taplo fmt
* split federate bin/lib
* minor fix
* better logging
* log
* create struct to hold cancellable task for readability
* use boxfuture for readability
* reset submodule
* fix
* fix lint
* swap
* remove json column, use separate array columns instead
* some review comments
* make worker a struct for readability
* minor readability
* add local filter to community follower view
* remove separate lemmy_federate entry point
* fix remaining duration
* address review comments mostly
* fix lint
* upgrade actitypub-fed to simpler interface
* fix sql format
* increase delays a bit
* fixes after merge
* remove selectable
* fix instance selectable
* add comment
* start federation based on latest id at the time
* rename federate process args
* dead instances in one query
* filter follow+report activities by local
* remove synchronous federation
remove activity sender queue
* lint
* fix federation tests by waiting for results to change
* fix fed test
* fix comment report
* wait some more
* Apply suggestions from code review
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* fix most remaining tests
* wait until private messages
* fix community tests
* fix community tests
* move arg parse
* use instance_id instead of domain in federation_queue_state table
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* Adding a scaled sort, to boost smaller communities.
- Previously referred to as *best* .
- Fixes#3622
* Fixing scheduled task update.
* Converting hot_rank integers to floats.
* Altering hot_rank psql function to default to zero after a week.
* Setting scaled_rank to zero, where hot_rank is zero.
* Adding image_upload table.
* Revert "Automatically resolve report when post/comment is removed (#3850)"
This reverts commit f7f6766650.
* Automatically resolve reports using db trigger
* lint
* use mod log tables
* fix migration
* fix ci
* fix clippy
* add logic to prevent downloading remote pictrs images
* apply formatting
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance and cache_federated_images is false
* Generalising the no caching option to handle all remote images
* rustfmt
* Return None if the URL is not an image
* Updating defaults.hjson
* fixing typo
* Fixing typo
* Skip cloning the Url unless we need to
* using a HEAD request for checking the content type, saving bandwidth/improving perf
* Removing early returns
* Switching back to GET requests for Content-Type because pictrs does not handle HEAD requests
* Simplifying logic and using metadata_image instead of url if we do not get a pictrs thumbnail
* Removing unused import
* Return None as a thumbnail if caching is disabled
* formatting
---------
Co-authored-by: Djones4822 <david.jones4822@gmail.com>
* update api tests for new moderator view
* chage moderator view to be a listing type in get posts
Note: Internally, the listing type is called ListingType.ModeratorView,
but it's called "Moderator View" in the api endpoint
* fix formatting
* add support for moderator view to list comments
* add api test for moderator view when listing comments
* fix api test formatting
* retry tests
* don't filter out blocked users and communities when using moderator view
* fix cargo tests failing
* fix formatting
* fix previous merge
* Adding ModeratorView to listing_type_enums
* Fixing fmt.
* Adding a default to ListingType.
* Upgrading to use new lemmy-js-client.
---------
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Dessalines <tyhou13@gmx.com>
* Move admin flag from person to local_user (fixes#3060)
The person table is for federated data, but admin flag can only
apply to local users. Thats why it really belongs in the local_user
table. This will also prevent the federation code from accidentally
overwriting the admin flag
* fmt
* try to fix api tests
* lint
* fix person view
* ci
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Lowercase domain on db query filters (#3849)
* Add test to get a community on different cased domain (#3849)
* Lowercase the identity for webfinger (#3849)
* Lowercase both sides of the domain comparison (#3849)
* Format api_tests (#3849)
* Lowercase domain lookup on Instance and Person (#3849)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
Co-authored-by: Freakazoid182 <>
* generate sitemap.xml file
* set up endpoint for sitemap
* Update sitemap generation
- remove sitemap generation from scheduled tasks
- add posts query for sitemap
- create sitemap module in API crate
* remove priority and change freq from sitemap
* add configuration option for number of posts for sitemap
* fix default config
* rate limit sitemap endpoint
* update sitemap query
* update sitemap generation
- remove config value for query limit
- adjust sitemap generation to query changes
- tidy up error handling
* refactor sitemap generation loop
* remove `limit` argument
* refactor `generate_urlset` and add unit test
* change query to only fetch local posts of past 24h
* fix outdated comment and log
* cargo fmt
* Add person name to PersonIsBannedFromSite error (#3786)
* Log PersonId instead of Person name (#3850)
* Log actor_id for PersonIsBannedFromSite (#3850)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Replace Option<bool> with bool for PostQuery and CommentQuery (#3819)
* Replace Option<bool> from all list queries (#3819)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Allow filtering posts and comments by whether they were liked/disliked
* Switch to 2 args - liked_only, disliked_only - taking bools
* Make liked_only and disliked_only Option<bool>
* Fix unrelated is_profile_view compilation error
* remove n^2 part of person triggers, improve community aggregate trigger
* comment out comment_score tests since previously they only accidentally succeeded
* empty
* more robust test of unlike a comment, confirm replication to instance downstream from community home
* more robust 'delete a comment' test, confirm replication
* Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report
* typo and actually have Gamma comment check use gamma, not alpha
* prepare-drone-federation-test.sh has some more echo output and note about the LEMMY_DATABASE_URL format (#3651)
* Add http cache for webfingers (#3317)
* Add http cache for webfingers
* Remove the outgoing cache middleware & adjust the cache headers directive
* Use 1h & 3day cache header
* Update routes and adjust the cache headers location
* revert apub caching
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Rewrite activity lists to fix delete federation (fixes#3625)
* Revert "typo and actually have Gamma comment check use gamma, not alpha"
This reverts commit 7dfb6ee0f4.
* Revert "Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report"
This reverts commit 7bd3b20ae0.
* prettier TypeScript
* revised comments, as ResolveObject isn't using routine replication
* fmt
* fix api tests
* remove comment
---------
Co-authored-by: cetra3 <cetra3@hotmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* HTML sanitization in apub code
* Sanitize API inputs
* fmt
* Dont allow html a, img tags
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* add option to only show posts from moderated communities
* rename moderated_only to moderator_view and show blocked users in moderator view
* add test for moderator view
* bump lemmy-js-client version for moderation view tests
* fix yarn lockfile
* retry build
* Delete logfile
* retry checks
* remove unused select statement from list posts
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Added controversy rank property to posts and comments, and ability to sort by it
* Triggers instead of schedules tasks, integer -> double, TODO: comments don't seem to get updated with floats, divide SortTypes
* Created PersonSortType
* PersonSortType::MostComments case
* Removed unused PartialOrd trait
* Added new person sort type mappings
* SortType -> PersonSortType
* fixes
* cargo fmt
* fixes after merge with main
* Fixed bug in controversy rank trigger, removed TopX sorts from PersonSortType and added CommentScore instead
* Uncovered enum case
* clippy
* reset translation changes
* translations
* translations
* Added additional hot ordering on controversial posts and comments
* featured local and featured community added to controversy rank index, additional order_by removed (?), added post_score and post_count to PersonSortType
* Woodpecker rerun
* cargo fmt
* woodpecker rerun
* fixed controversy_rank order
* fix
* Readded migration as latest, removed second update statement for setting controversy rank
* Resolves issue #3685
If user isn't authenticated with resolve_object, only allow a local search instead of possibly making an http request.
* Making sure to validate auth before doing a potential remote lookup.
* add new flag to api
* add new ui settings for local user
* remove extraneous def
* add props to application reg.
* fix clippy updated these
* re-order db schema entries
* remove dupe
* update lemmy sdk
* update lemmy js client
---------
Co-authored-by: Nutomic <me@nutomic.com>
* detailed error message for blocked domains (#3698)
* Pass the domain as an error param
Not formatting the error message to support i18n
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
I noticed that stopping the Lemmy process with ctrl+c wasnt working
because the activity channel isnt properly closed. This is now fixed.
Later we should also move the channel from static into LemmyContext,
Im not doing that now to avoid conflicts with #3670.
* Denormalize community_id into post_aggregates for a 1000x speed-up when loading posts
* Remove unused index
* Add creator_id to post_aggregates
* Use post_aggregates as main table for PostQuery
* Make post_aggregates the main table for PostView
* Reformat SQL
* Remove SendActivity and Perform traits, rely on channel
These traits arent necessary anymore now that websocket is removed.
Removing them allows us to use normal actix http handler methods
which are much more flexible, and allow using different middlewares
as well as setting response attributes.
* compiling and create post federating
* clippy
* rename methods, join outgoing activities task
* fix api tests
* no unwrap
* conditional compile
* add back getrandom
* make crates optional
* fmt
* add new function build_post_response_deleted_allowed
* PostDelete uses new function build_post_response_deleted_allowed
* RemovePost uses new build_post_response_deleted_allowed function
* code comments about mod or admin flag having other use
* reformat "cargo +nightly fmt --all"
* Try using drone cache plugin
* Try another path
* Include volume
* Fix formatting
* Include fmt
* Exclude cargo dir from prettier
* Don't override cargo
* Just do check
* Add cache key
* Use different cache plugin
* Add clippy
* Try minio
* Add quotes
* Try adding secrets
* Try again
* Again
* Use correct secret formation
* Add back clippy
* Use secret for the root bucket name
* Try drone cache instead
* Add region
* Add path-style option
* Include cargo clippy
* Include everything again
* Fix formatting
* Don't run clippy twice
* Add `allow` statements for tests to pass
* Adjust endpoint to be a secret
* Fix prettier
* Merge & fix tests
* Try to restart the woodpecker test
* Change the ENV var name
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* change pool fields to parameters for list
* remove my_person_id and admin fields
* Change recipient id to list param
* Remove TypedBuilder from db_views and db_views_actor
* Split activity table into sent and received parts (fixes#3103)
The received activities are only stored in order to avoid processing
the same incoming activity multiple times. For this purpose it is
completely unnecessary to store the data. So we can split the
table into sent_activity and received_activity parts, where
only sent_activity table needs to store activity data. This should
reduce storage use significantly.
Also reduces activity storage duration to three months, we can reduce
this further if necessary.
Additionally the id columns of activity tables are removed because
they are completely unused and risk overflowing (fixes#3560).
* address review
* move insert_received_activity() methods to verify handlers
* remove unnecessary conflict line
* clippy
* use on conflict, add tests
* Check for dead federated instances (fixes#2221)
* move to apub crate, use timestamp
* make it compile
* clippy
* use moka to cache blocklists, dead instances, restore orig scheduled tasks
* remove leftover last_alive var
* error handling
* wip
* fix alive check for instances without nodeinfo, add coalesce
* clippy
* move federation blocklist cache to #3486
* unused deps
* a lot
* merge
* Fix stuff broken by merge
* Get rid of repetitive `&mut *context.conn().await?`
* Add blank lines under each line with `conn =`
* Fix style mistakes (partial)
* Revert "Fix style mistakes (partial)"
This reverts commit 48a033b87f.
* Revert "Add blank lines under each line with `conn =`"
This reverts commit 773a6d3beb.
* Revert "Get rid of repetitive `&mut *context.conn().await?`"
This reverts commit d2c6263ea1.
* Use DbConn for CaptchaAnswer methods
* DbConn trait
* Remove more `&mut *`
* Fix stuff
* Re-run CI
* try to make ci start
* fix
* fix
* Fix api_common::utils
* Fix apub::activities::block
* Fix apub::api::resolve_object
* Fix some things
* Revert "Fix some things"
This reverts commit 2bf8574bc8.
* Revert "Fix apub::api::resolve_object"
This reverts commit 3e4059aabb.
* Revert "Fix apub::activities::block"
This reverts commit 3b02389abd.
* Revert "Fix api_common::utils"
This reverts commit 7dc73de613.
* Revert "Revert "Fix api_common::utils""
This reverts commit f740f115e5.
* Revert "Revert "Fix apub::activities::block""
This reverts commit 2ee206af7c.
* Revert "Revert "Fix apub::api::resolve_object""
This reverts commit 96ed8bf2e9.
* Fix fetch_local_site_data
* Fix get_comment_parent_creator
* Remove unused perma deleted text
* Fix routes::feeds
* Fix lib.rs
* Update lib.rs
* rerun ci
* Attempt to create custom GetConn and RunQueryDsl traits
* Start over
* Add GetConn trait
* aaaa
* Revert "aaaa"
This reverts commit acc9ca1aed.
* Revert "Revert "aaaa""
This reverts commit 443a2a00a5.
* still aaaaaaaaaaaaa
* Return to earlier thing
Revert "Add GetConn trait"
This reverts commit ab4e94aea5.
* Try to use DbPool enum
* Revert "Try to use DbPool enum"
This reverts commit e4d1712646.
* DbConn and DbPool enums (db_schema only fails to compile for tests)
* fmt
* Make functions take `&mut DbPool<'_>` and make db_schema tests compile
* Add try_join_with_pool macro and run fix-clippy on more crates
* Fix some errors
* I did it
* Remove function variants that take connection
* rerun ci
* rerun ci
* rerun ci
* Fix#3366: API does return plain HTML errors
* Fix Clippy errors
* Improve api response times by doing send_activity asynchronously (#3493)
* do send_activity after http response
* move to util function
* format
* fix prometheus
* make synchronous federation configurable
* cargo fmt
* empty
* empty
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Updating `login.rs` with generic `incorrect_login` response. (#3549)
* Adding v0.18.1 and v0.18.0 release notes. (#3530)
* Update RELEASES.md (#3556)
added instruction to find the location of your docker directory (especially useful for those who used ansible since they never had to setup docker manually)
* Use async email sender (#3554)
* Upgrade all dependencies (#3526)
* Upgrade all dependencies
* as base64
* Adding phiresky to codeowners. (#3576)
* Error enum fixed (#3487)
* Create error type enum
* Replace magic string slices with LemmyErrorTypes
* Remove unused enum
* Add rename snake case to error enum
* Rename functions
* clippy
* Fix merge errors
* Serialize in PascalCase instead of snake_case
* Revert src/lib
* Add serialization tests
* Update translations
* Fix compilation error in test
* Fix another compilation error
* Add code for generating typescript types
* Various fixes to avoid breaking api
* impl From<LemmyErrorType> for LemmyError
* with_lemmy_type
* trigger ci
---------
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
* Only update site_aggregates for local site (#3516)
* Fix#3501 - Fix aggregation counts for elements removed and deleted (#3543)
Two bugs were found and fixed:
- previously elements removal and deletion were counted as two separate disappearances
- removing comments did not affect post aggregations
* Use LemmyErrorType also make error_type compulsory
* Add missing import for jsonify_plain_text_errors
* Fix formatting
* Trying to make woodpecker run again
---------
Co-authored-by: phiresky <phireskyde+git@gmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: rosenjcb <rosenjcb@gmail.com>
Co-authored-by: nixoye <12674582+nixoye@users.noreply.github.com>
Co-authored-by: dullbananas <dull.bananas0@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
Co-authored-by: Sander Saarend <sander@saarend.com>
Co-authored-by: Piotr Juszczyk <74842304+pijuszczyk@users.noreply.github.com>
Two bugs were found and fixed:
- previously elements removal and deletion were counted as two separate disappearances
- removing comments did not affect post aggregations
* improve admin and mod check
* fix clippy
* move admin index to existing code
* Revert "move admin index to existing code"
This reverts commit d0c58d5f4021e1775d0c1d30d8df6c7df87557c4.
* third attempt at the migration
* fix formatting
* rebuild
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
* improve performance of community followers inbox query
* nightly format
* force woodpecker to retry
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
* Fixed validation of display names
Fixed validation of display names: reject names beginning with invisible unicode characters.
* Formatting
Formatting fix.
* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.
* Formatting
* Added a comment detailing source of the list of invisible chars.
* Use serde(skip) instead of skip_serializing
The latter breaks lemmy_crawler as the field is not included in
the Lemmy API, but is required when attempting to parse API responses.
Should only use serde(skip) to avoid this problem
* use option
* add placeholders
* no unwrap
* Remove PerformApub trait
This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.
* params need to use query
* Fix concatenation of audio captcha wav files
* Log errors rather than crashing
* Return Result from captcha_as_wav_base64
* Change to return LemmyError
* Check for wav write error, format
* Remove unused import
* Rewrite to avoid clippy warnings
* Fixes#2900 - Checks slur regex to see if it is too permissive along with small validation organization
* Clean up variable names, add handler for valid empty string usecase
* Update tests
* Create validation function and add tests
* Test clean up
* Use payload value vs local site value to prevent stunlocking
* Remove println added while testing
* Fall back to local site regex if not provided from request
* Attempt clean up of flaky comment_view tests
* Pull in latest submodule
* Move application, post check into functions, add more tests and improve test readability
---------
Co-authored-by: Nutomic <me@nutomic.com>
* Site Metadata: resolve relative URLs for embedded images/videos
* api_common: relax version requirement of `webpage` dependency
With this change we opt into next (non breaking) versions of webpage-rs
* cargo +nightly fmt
* Add tests for resolving absolute urls in SiteMetadata
* Add separate Post check for is_valid_body_field
* Modify is_valid_body_check for posts only
* Fix check var reinit in validation.rs
* Extra empty line to rerun woodpecker with changes
* Change Option to bool, add false to non-post calls
* Woodpecker trick.. again
* Probable rust_fmt fail fixed
* cargo_clippy changes
* Missing space between = and if
* Remove ; after body length checks
* Remove `actix_rt` & use standard tokio spawn
* Adjust rust log back down
* Format correctly
* Update cargo lock
* Add DB settings
* Change name and update to latest rev
* Clean up formatting changes
* Move `worker_count` and `worker_retry_count` to settings
* Update defaults
* Use `0.4.4` instead of git branch
Workaround for instance admins getting locked out when they turn on
the email verification requirement without having verified their
own email.
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Only show hidden communities when explicitly searching for them rather then in "all"
* dont set hidden to false when creating and updating - let DB set default
* lint
---------
Co-authored-by: Alex Maras <alexmaras@gmail.com>
* Prevent making an instance private if federation is enabled.
* Added case where federation is enabled, check if the alternative setting is changed
* Merged the error messages for private instance/federation.
---------
Co-authored-by: Wyatt Smith <wys@dropbox.com>