Commit Graph

652 Commits (7bb546c7c25fca4072c84c7993586ad180ac2bb5)

Author SHA1 Message Date
Felix Ableitner cc2c7db9fe Add security checks and slur checks for activitypub inbox 2020-08-06 15:01:42 +02:00
Felix Ableitner 81d4922740 Instance shouldnt send Announce activities to itself 2020-08-05 17:41:35 +02:00
Felix Ableitner 233aa34d54 Verify ID of received apub objects against domain allowlist etc 2020-08-05 14:18:08 +02:00
Dessalines e9e1497830
Add bio federation. (#1052)
* Re-organizing federation tests. #746 #1040

* Adding federation support for user bios. Fixes #992
2020-08-04 11:06:27 -04:00
Dessalines e336e5bcc0
Re-organizing federation tests. #746 #1040 (#1047)
* Re-organizing federation tests. #746 #1040

* Add more checks in inbox, plus some refactoring (#76)

Merge branch 'main' into more-inbox-permissions

Move check_community_ban() into helper function

Move slur check into helper functions

Move Claims::decode and site ban check into helper function

Note: this changes behaviour in that site ban is checked in more
places now. we could easily add a boolean parameter
check_for_site_ban to get the previous behaviour back

Rewrite user_inbox and community_inbox in the same way as shared_inbox

Add check against instance allowlist etc in shared_inbox

Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/76

* Adding verbose to test results.

Co-authored-by: nutomic <nutomic@noreply.yerbamate.dev>
Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
2020-08-04 10:57:37 -04:00
Dessalines ce874e183b Version v0.7.39 2020-08-02 10:52:42 -04:00
Dessalines 5b23595710 Version v0.7.38 2020-08-01 23:53:32 -04:00
Dessalines dee5c302a8 Version v0.7.37 2020-08-01 20:04:14 -04:00
Dessalines 1a0f70450c Version v0.7.36 2020-08-01 19:17:53 -04:00
Felix Ableitner e4d5614f3f Merge remote-tracking branch 'github/main' into main 2020-08-01 17:42:33 +02:00
andor0 b6411aba7a
Migrate from failure to anyhow and thiserror (#1042)
* Migrate from failure to anyhow and thiserror

* Replace 'format_err!' to 'anyhow!'
2020-08-01 14:04:42 +00:00
Felix Ableitner 9a004c4535 Update activitystreams to 0.7.0-alpha.3 (from crates.io) 2020-08-01 15:25:17 +02:00
Azriel Lector 1acb51105a
Add user bios (#1043)
* Add user bios

* Version v0.7.35

* Add domain name change instructions to docs. (#1044)

* Add domain name change instructions to docs.

* Changing docker execs to docker-compose execs

* Set maxLength to user bio and render as md

* Fix bio updating after SaveUserSetting

Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2020-07-30 21:08:13 -04:00
Dessalines dc4ac6345c Version v0.7.35 2020-07-29 22:36:27 -04:00
Dessalines f0ce7b0e0f Merge remote-tracking branch 'yerba/main' into main 2020-07-29 22:35:50 -04:00
Dessalines 25e61b276a Version v0.7.34 2020-07-29 22:30:38 -04:00
Felix Ableitner 678e1fa927 Add community outbox (ref #1018) 2020-07-29 22:49:52 +02:00
Felix Ableitner 705e74f4b9 Federate sticky flag (ref #1018) 2020-07-29 19:15:30 +02:00
Felix Ableitner cee72065e9 Merge branch 'main' into inbox-refactoring 2020-07-29 15:41:05 +02:00
Dessalines 04cb1e0161 Version v0.7.33 2020-07-29 09:06:26 -04:00
Dessalines 49bd28e2d4
Adding visual captchas for register and login. (#1027)
* Adding visual captchas for register and login.

* Adding audio wav file for Captcha using espeak.

* Lots of captcha fixes.

- Removed login captchas.
- Added settings to disable captchas, and change difficulty.
- Captchas can only be checked / used once, front end gives a new one on
  failure.
- Added front end button for regenerating captcha.
- Added a disabled / pause button audio playing.

* Some more fixes.
2020-07-29 09:02:46 -04:00
Felix Ableitner 8ad4378960 Disable ID domain check in FromApub until we figure it out properly 2020-07-29 13:58:39 +02:00
Felix Ableitner a85873d294 Take correct community uri in shared_inbox, rename fetch_remote* methods 2020-07-29 13:46:11 +02:00
Dessalines 5dd0efb280 Version v0.7.32 2020-07-29 00:29:56 -04:00
Dessalines 52b221e3c9 Version v0.7.31 2020-07-28 21:20:19 -04:00
Dessalines ced3cbde73 Merge branch 'main' into inbox-refactoring-dessalines 2020-07-28 18:55:50 -04:00
Felix Ableitner 494fcfdb8f Add helper function to generate proper activity IDs 2020-07-28 19:23:16 +02:00
Dessalines e605d58888 Merge branch 'main' into inbox-refactoring-merge 2020-07-28 12:08:28 -04:00
Dessalines 1ed63e99d9 Fix post thumbnail_url to use full urls. Fixes #632 2020-07-28 11:42:40 -04:00
Felix Ableitner 1ed7c59491 Refactor inbox, simplify and split into multiple files 2020-07-28 14:41:15 +02:00
Dessalines 6e4599411b
Adding inferno-helmet to fix page titles. Fixes #1028 (#1030) 2020-07-27 11:54:42 -04:00
Dessalines c066915b8e
Federate sticky flag dessalines (#1021)
* Federate sticky flag (ref #1018)

* Adding tests for federated sticky and lock.

* Changing test to make sure it returns the correct locked error.

Co-authored-by: Felix Ableitner <me@nutomic.com>
2020-07-27 11:42:15 -04:00
Dessalines d1342afe93
Remove extra jwt claims (for user settings) (#1025)
* Remove extra jwt claims (for user settings)

- The JWT token only contains the issuer, and your user id now.
- Now only a page refresh is necessary to pick up your settings on all
  clients, including theme, language, etc.
- GetSiteResponse now gives you your user and settings if logged in.
- Fixes #773

* Remove extra comment line, I tested nsfw

* Adding a todo to add a User_::readSafe()
2020-07-27 09:23:08 -04:00
Dessalines 617d636432 Version v0.7.30 2020-07-25 10:43:42 -04:00
Dessalines 0ff9af5ba5 Version v0.7.29 2020-07-24 22:06:16 -04:00
Dessalines edfd10262f Version v0.7.28 2020-07-23 09:48:39 -04:00
Dessalines 59da2976ab Some more API cleanup.
- Extracted methods for is_mod_or_admin, and is_admin.
- Removed admins from GetPostResponse and GetCommunityResponse.
- Some cleanup.
2020-07-22 14:20:08 -04:00
Dessalines b6a6d52a92 Merge branch 'main' into api_edit_separation 2020-07-22 13:47:52 -04:00
Dessalines db0d213710 Version v0.7.26 2020-07-22 09:56:15 -04:00
Dessalines 5e5063cbdd Adding some helper functions. 2020-07-21 13:52:57 -04:00
Dessalines f81a7ad9ab Adding form_id to comment creates and edits.
- This adds a form_id to CreateComment, EditComment, and CommentResponse
- This is so any front end clients can add a randomly generated string,
  and know which comment they submitted, is the one they're getting
  back.
- This gets rid of all the weird complicated logic in handleFinished(),
  and should stop the comment forms getting cleared once and for all.
2020-07-21 10:56:41 -04:00
Dessalines 4b6a762a56 Added an is_mod_or_admin function to Community 2020-07-21 10:15:17 -04:00
Dessalines 55ce7b1339
Adding version to GetSite. Fixes #1001 (#1002)
* Adding version to GetSite. Fixes #1001

* Removing version.ts file
2020-07-21 13:20:23 +00:00
Dessalines 2eac037408 Adding post delete, remove, lock, and sticky. 2020-07-20 23:46:36 -04:00
Dessalines fd96dfdb5e Added comment delete, remove, read. 2020-07-20 21:37:44 -04:00
Dessalines ca7d2feedb Some GetUserDetails cleanup. 2020-07-20 15:32:15 -04:00
Dessalines 9bc6698f58 Added community delete and remove. 2020-07-20 13:37:39 -04:00
Dessalines a67f46bec5 EditUserMention changed to MarkUserMentionAsRead. 2020-07-20 10:56:40 -04:00
Dessalines 0a28ffb9c4 Private message delete and read extracted. 2020-07-20 00:29:44 -04:00
Dessalines 87202b4915 Fixing duplicate actor_id for community and user. Fixes #957 2020-07-19 13:12:42 -04:00