Commit graph

673 commits

Author SHA1 Message Date
Eugen Rochko
a49d43d112
Add scheduled statuses ()
Fix 
2019-01-05 12:43:28 +01:00
Naoki Kosaka
fae32634b1 Use Contact User as Relay, Report, Subscribe. ()
* Use Contact User as Relay, Report, Subscribe.

* Use Account.representative to fetch contact user.

* Use find_local.

* No reason to use Account.representative in subscribe_service.

* Don't required representative!

* Fallback is included in Account.representative method.
2019-01-05 07:17:12 +01:00
kodai
6a090db4c9 Fix links not being verified ()
Fix 
2018-12-31 15:29:10 +01:00
Jeong Arm
511231ce57 Skip full text search if failed ()
* Skip full text search if failed

* Move rescue block to "perform_statuses_search!"
2018-12-30 19:00:29 +01:00
ThibG
6fb6a53938 Avoid duplicate work by merging ReplyDistributionWorker into DistributionWorker () 2018-12-30 19:00:04 +01:00
ThibG
290932602b Reduce usage of LD signatures ()
* Do not LDS-sign Follow, Accept, Reject, Undo, Block

* Do not use LDS for Create activities of private toots

* Minor cleanup

* Ignore unsigned activities instead of misattributing them

* Use status.distributable? instead of querying visibility directly
2018-12-30 09:48:59 +01:00
Eugen Rochko
0f938ff29c
Add handler for Move activity () 2018-12-29 02:24:36 +01:00
Eugen Rochko
6e49907ecf
Improve admin UI for account view () 2018-12-28 03:38:41 +01:00
Eugen Rochko
5d2fc6de32
Add REST API for creating an account ()
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
ThibG
5f387995d9 Limit maximum visibility of local silenced users to unlisted ()
Fixes 
2018-12-24 19:06:14 +01:00
ThibG
e709b8da0d Ignore low-confidence CharlockHolmes guesses when parsing link cards ()
* Add failing test for windows-1251 link cards

* Ignore low-confidence CharlockHolmes guesses

Fixes 

* Fix no method error when charlock holmes cannot detect charset
2018-12-17 19:19:45 +01:00
Sumit Khanna
769c2d2680 Error message for avatar image that's too large. ()
* Error message for avatar image that's too large. 

* Code climate/formatting

* Removed avatar error message

* Moved valid image dimentions check to update service

* removed unnescessary begin block

* code climate formatting

* code climate indent fix
2018-12-14 05:07:21 +01:00
ysksn
83975a2394 Remove redundant () 2018-12-12 05:54:34 +01:00
ysksn
351ed12b2f Use find_or_initialize_by () 2018-12-12 05:54:09 +01:00
Eugen Rochko
73be8f38c1
Add profile directory ()
Fix 
2018-12-06 17:36:11 +01:00
Eugen Rochko
6ddf0432e7
Improve account suspension speed and completeness ()
- Some associations were missing from the clean-up
- Some attributes were not reset on suspension
- Skip federation and streaming deletes when purging a dead domain
- Move account association definitions to concern
2018-12-03 01:32:08 +01:00
valerauko
824497fbce Ignore JSON-LD profile in mime type comparison ()
Ignore JSON-LD profile in mime type comparison
2018-11-22 12:49:07 +01:00
James Kiesel
6a65d87f4d Simplify hashtag query service, perf increase for 'any' tags () 2018-11-19 12:49:50 +01:00
Eugen Rochko
8069fd636b
Remove intermediary arrays when creating hash maps from results () 2018-11-16 15:02:18 +01:00
ThibG
7f5a4be580 Fix emoji update date processing () 2018-11-10 23:59:51 +01:00
ThibG
9b89c62d43 Check that twitter:player is valid before using it ()
Fixes 
2018-11-10 20:42:04 +01:00
Eugen Rochko
6d59dfa15d
Optimize the process of following someone ()
* Eliminate extra accounts select query from FollowService

* Optimistically update follow state in web UI and hide loading bar

Fix 

* Asynchronize NotifyService in FollowService

And fix failing test

* Skip Webfinger resolve routine when called from FollowService if possible

If an account is ActivityPub, then webfinger re-resolving is not necessary
when called from FollowService. Improve options of ResolveAccountService
2018-11-08 21:05:42 +01:00
m.b
cd41c2c6ad Update resolve_url_service.rb () 2018-11-05 18:54:07 +01:00
James Kiesel
4c03e05a4e Allow joining several hashtags in a single column ()
* Nascent tag menu on frontend

* Hook up frontend to search

* Tag intersection backend first pass

* Update yarnlock

* WIP

* Fix for tags not searching correctly

* Make radio buttons function

* Simplify radio buttons with modeOption

* Better naming

* Rearrange options

* Add all/any/none functionality on backend

* Small PR cleanup

* Move to service from scope

* Small cleanup, add proper service tests

* Don't use send with user input :D

* Set appropriate column header

* Handle auto updating timeline

* Fix up toggle function

* Use tag value correctly

* A bit more correct to use 'self' rather than 'all' in status scope

* Fix some style issues

* Fix more code style issues

* Style select dropdown more better

* Only use to_id'ed value to ensure no SQL injection

* Revamp frontend to allow for multiple selects

* Update backend / col header to account for more flexible tagging

* Update brakeman ignore

* Codeclimate suggestions

* Fix presenter tag_url

* Implement initial PR feedback

* Handle additional tag streaming

* CodeClimate tweak
2018-11-05 18:53:25 +01:00
Eugen Rochko
ce2ee68b64
Revert "Fix FetchAtomService content type handling ()" ()
This reverts commit c36a4a1617.
2018-10-31 00:43:34 +01:00
valerauko
c36a4a1617 Fix FetchAtomService content type handling ()
* Add profile to json+ld in Accept

It's required by the ActivityPub spec

* Use headers['Content-type'] instead of mime_type

mime_type strips the profile from the content type, but it's still available raw in the headers hash

* Add test for ld+json with profile
2018-10-30 15:07:57 +01:00
Eugen Rochko
be202f9377
Accept the same payload in multiple inboxes and deliver () 2018-10-30 15:03:55 +01:00
Eugen Rochko
47b8d195e6
Always let through notifications from staff ()
* Always let through notifications from staff

Follow-up to 

* Let messages from staff through, but no other notifications
2018-10-30 15:02:55 +01:00
ThibG
a03d506626 Fix Pleroma mentions being fetched as preview cards () 2018-10-30 15:02:24 +01:00
ThibG
33a71e8f7c Do not hide boost notifications from followed people with hidden boosts ()
* Do not hide boost notifications from followed people with hidden boosts

Not displaying boosts from a followed user in the Home timeline and not
having notifications when they reblog your own content are two very
separate concerns, tying them together seem counter-intuitive and unwanted.

* Update specs accordingly
2018-10-30 00:47:31 +01:00
Eugen Rochko
795f0107d2
Include preview cards in status entity in REST API ()
* Include preview cards in status entity in REST API

* Display preview card in-stream

* Improve in-stream display of preview cards
2018-10-28 06:35:03 +01:00
Eugen Rochko
eef8d9a5f7
Add locality check to ActivityPub::FetchRemoteAccountService ()
* Add locality check to ActivityPub::FetchRemoteAccountService

Fix 

Because there are a few places where it is called, it is difficult
to confirm if they all previously checked it for locality. It's better
to make sure within the service.

* Remove faux-remote duplicates of local accounts
2018-10-26 23:08:34 +02:00
abcang
1e2695198a Skip link-back check if body is nil () 2018-10-26 03:31:23 +02:00
ThibG
7fee968e9f Do not fetch preview card for mentioned users () 2018-10-25 18:13:19 +02:00
Eugen Rochko
ddd30f331c
Improve support for aspects/circles ()
* Add silent column to mentions

* Save silent mentions in ActivityPub Create handler and optimize it

Move networking calls out of the database transaction

* Add "limited" visibility level masked as "private" in the API

Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic

* Ensure silent column is non-null, add spec

* Ensure filters don't check silent mentions for blocks/mutes

As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering

* Clean up code

* Use Status#active_mentions to limit returned mentions

* Fix code style issues

* Use Status#active_mentions in Notification

And remove stream_entry eager-loading from Notification
2018-10-17 17:13:04 +02:00
Quint Guvernator
f5e2e96e95 always allow DMs from staff () 2018-10-16 19:55:05 +02:00
Eugen Rochko
87fdd139b8
Do not push DMs into the home feed ()
* Do not push DMs into the home feed

* Show DMs column after sending a DM, if DMs column is not already shown
2018-10-11 01:31:03 +02:00
Eugen Rochko
774ac47373
Add conversations API ()
* Add conversations API

* Add web UI for conversations

* Add test for conversations API

* Add tests for ConversationAccount

* Improve web UI

* Rename ConversationAccount to AccountConversation

* Remove conversations on block and mute

* Change last_status_id to be a denormalization of status_ids

* Add optimistic locking
2018-10-07 23:44:58 +02:00
Eugen Rochko
7fe137d2f7
Fix link verification for remote accounts () 2018-10-04 15:47:03 +02:00
Eugen Rochko
f92f1ee80a
Support link verification with redirects ()
(e.g. URL shortener)
2018-09-20 00:10:35 +02:00
Yamagishi Kazutoshi
3da1cc7d5e Fix failed profile verification when rel attribute including values other than me () 2018-09-19 16:47:31 +02:00
Eugen Rochko
68833a50d4
Fix VerifyAccountLinksWorker not being queued ()
UX-wise, people expect that saving the profile will re-check links even without changing fields content. Bug-wise, `@account` was undefined.

Regression from 
2018-09-18 23:57:21 +02:00
Eugen Rochko
f4d549d300
Redesign forms, verify link ownership with rel="me" ()
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
ThibG
bd9e47e9be Handle relative URLs when fetching OEmbed/OpenGraph cards () 2018-09-10 18:26:28 +02:00
Eugen Rochko
c593d6df9c
Add preference for report notification e-mails, skip for duplicates ()
If an unresolved report for the same target account already exists,
no new notification is generated
2018-09-02 00:11:58 +02:00
Eugen Rochko
cabdbb7f9c
Add CLI task for rotating keys ()
* If an Update is signed with known key, skip re-following procedure

Because it means the remote actor did *not* lose their database

* Add CLI method for rotating keys

    bin/tootctl accounts rotate [USERNAME]

Generates a new RSA key per account and sends out an Update activity
signed with the old key.

* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts

* Skip suspended accounts in key rotation
2018-08-26 20:21:03 +02:00
Eugen Rochko
8adf485c0f
Bump interactions count when a follow happens () 2018-08-26 20:02:45 +02:00
Eugen Rochko
55c856c522
Delay e-mail notifications by 2 minutes ()
Fix 
2018-08-26 16:53:19 +02:00
ThibG
42573b76f1 Do not crash if remote custom emoji does not define updated date (fixes ) () 2018-08-23 00:27:58 +02:00
Eugen Rochko
802cf6a4c5
Improve federated ID validation ()
* Fix URI not being sufficiently validated with prefetched JSON

* Add additional id validation to OStatus documents, when possible
2018-08-22 20:55:14 +02:00
Eugen Rochko
1b282299df
Add favourites to archive takeout ()
Remove experimental key export
2018-08-22 19:33:10 +02:00
Eugen Rochko
d98de8ada7
Get rid of all batch order warnings () 2018-08-21 12:25:50 +02:00
Eugen Rochko
6226aa83d7
Increase reach of Delete->Actor activities ()
Fix 
2018-08-20 13:28:05 +02:00
ThibG
abc5548cca Do not process outgoing mentions to suspended accounts () 2018-08-18 19:42:13 +02:00
ThibG
1ee675d68b Use correct activity id in Accept when receiving duplicate Follow (fixes ) () 2018-08-17 14:08:17 +02:00
ThibG
af912fb308 Allow accessing local private/DM messages by URL ()
* Allow accessing local private/DM messages by URL

(Provided the user pasting the URL is authorized to see the toot, obviously)

* Fix SearchServiceSpec tests
2018-08-15 19:33:36 +02:00
Eugen Rochko
cc94b1d95a Prevent ActivityPub movedTo recursion ()
Fix 
2018-07-28 17:14:55 -04:00
Eugen Rochko
a23ac107e4
Fix activity:interactions counter to count all interactions () 2018-07-16 18:35:43 +02:00
Eugen Rochko
e55dce3176
Add federation relay support ()
* Add federation relay support

* Add admin UI for managing relays

* Include actor on relay-related activities

* Fix i18n
2018-07-13 02:16:06 +02:00
Eugen Rochko
8461cd4bb5
Send undo of boost to original poster if reblog ()
Fix 
2018-07-05 20:57:50 +02:00
Eugen Rochko
b0968623fa
Fix check for PotentialFriendshipTracker when replying () 2018-07-03 05:00:44 +02:00
Eugen Rochko
da8fe8079e
Re-add follow recommendations API ()
* Re-add follow recommendations API

    GET /api/v1/suggestions

Removed in 8efa081f21 due to Neo4J
dependency. The algorithm uses triadic closures, takes into account
suspensions, blocks, mutes, domain blocks, excludes locked and moved
accounts, and prefers more recently updated accounts.

* Track interactions with people you don't follow

Replying to, favouriting and reblogging someone you're not following
will make them show up in follow recommendations. The interactions
have different weights:

- Replying is 1
- Favouriting is 10 (decidedly positive interaction, but private)
- Reblogging is 20

Following them, muting or blocking will remove them from the list,
obviously.

* Remove triadic closures, ensure potential friendships are trimmed
2018-07-03 01:47:56 +02:00
Eugen Rochko
a58ec29631
Allow selecting default posting language instead of auto-detect ()
* Allow selecting default posting language instead of auto-detect

* Enable default language setting in credentials API

* Fix form saving
2018-06-17 18:57:31 +02:00
Eugen Rochko
ca85658975
Add autofollow option to invites ()
* Add autofollow option to invites

* Trigger CodeClimate rebuild
2018-06-15 18:00:23 +02:00
Eugen Rochko
c3b3594305
Remove placeholder text for media-only toots ()
Ref: cfa9b6e13a

This breaks compatibility with pre-2.3.0 Mastodon and older
software, but at the time of writing the network is >80% above
that version.

Compatibility broken only for toots with no text.
2018-06-15 15:51:51 +02:00
Eugen Rochko
10f51c9886
Fix domain hiding logic ()
* Send rejections to followers when user hides domain they're on

* Use account domain blocks for "authorized followers" action

Replace soft-blocking (block & unblock) behaviour with follow rejection

* Split sync and async work of account domain blocking

Do not create domain block when removing followers by domain, that
is probably unexpected from the user's perspective.

* Adjust confirmation message for domain block

* yarn manage:translations
2018-06-09 22:46:54 +02:00
Yamagishi Kazutoshi
e3fb528d12 Skip processing when HEAD method returns 501 () 2018-06-04 13:42:53 +02:00
Akihiko Odaki
5bf5003384 Do not mark remote status sensitive even if spoiler text is present ()
Old statuses and statuses from Pawoo, which runs a modified version of
Mastodon, may not have been marked sensitive even if spoiler text is
present.

Such statuses are still not marked sensitve if they are local or
arrived before version upgrade. Marking recently fetched remote status
sensitive contradicts the behavior.

Considering what people expected when they authored such statuses, this
change removes the sensitivity enforcement.
2018-06-04 04:46:14 +02:00
Eugen Rochko
1e938b966e
Exclude unlisted, private and direct toots from affecting trends () 2018-05-31 16:47:28 +02:00
Eugen Rochko
a7d726c383
Improve counter caches on Status and Account ()
Do not touch statuses_count on accounts table when mass-destroying
statuses to reduce load when removing accounts, same for
reblogs_count and favourites_count

Do not count statuses with direct visibility in statuses_count

Fix 
2018-05-30 02:50:23 +02:00
Eugen Rochko
461542784b
Reduce wasted work in RemoveStatusService due to inactive followers () 2018-05-29 22:55:33 +02:00
Eugen Rochko
9bd23dc4e5
Track trending tags ()
* Track trending tags

- Half-life of 1 day
- Historical usage in daily buckets (last 7 days stored)
- GET /api/v1/trends

Fix 

* Add trends to web UI

* Don't render compose form on search route, adjust search results header

* Disqualify tag from trends if it's in disallowed hashtags setting

* Count distinct accounts using tag, ignore silenced accounts
2018-05-27 21:45:30 +02:00
Eugen Rochko
32d4372381
Use #any? instead of #exists? when checking media attachments ()
If media_attachments are not loaded, SQL query is the same, but
the #exists? method performs SQL query even if preloaded
2018-05-21 16:01:16 +02:00
Yamagishi Kazutoshi
7403e5d306 Add media timeline () 2018-05-21 12:43:38 +02:00
Akihiko Odaki
55fd55714a Raise Mastodon::RaceConditionError if Redis lock failed ()
An explicit error allows user agents to know the error and Sidekiq to
retry.
2018-05-16 12:29:45 +02:00
unarist
d47091eb97 Fix custom emoji handling in UpdateRemoteProfileService (OStatus) ()
This patch fixes NoMethodError and others in RemoteProfileUpdateWorker.
2018-05-15 16:03:34 +02:00
Wiktor
7fe2993b87 Fix account URI when updating ActivityPub account ()
Updates account `uri` field on each call to `update_account` instead of
only once during `create_account` to mirror the same behavior in OStatus
`ResolveAccountService` class [0].

ActivityPub accounts are identified using `@username` and `@domain` pair
instead of URI since .

This fixes : a bug when the account identified by `@username` and
`@domain` changes its URI.

[0]:
03b69ebc45/app/services/resolve_account_service.rb (L121)
2018-05-14 22:56:45 +02:00
abcang
3793e598d0 Call media.present? because media may be nil () 2018-05-14 12:51:53 +02:00
ThibG
7467361d70 Fetch boosted statuses on behalf of a follower (fixes ) ()
When an ActivityPub Announce is processed and the boosted toot is not known,
fetch it on behalf of one of the booster's followers. This is to allow
fetching self-boosts of previously-unknown private toots.

If fetching on behalf of a user fails, try fetching it anonymously: the
selected follower of a boosting user may be banned by the boosted toot's
author.
2018-05-12 16:48:32 +02:00
Eugen Rochko
b4fb766b23
Add REST API for Web Push Notifications subscriptions ()
- POST /api/v1/push/subscription
- PUT /api/v1/push/subscription
- DELETE /api/v1/push/subscription
- New OAuth scope: "push" (required for the above methods)
2018-05-11 11:49:12 +02:00
Yamagishi Kazutoshi
d2ee48977c Rescue Mastodon::LengthValidationError in FetchLinkCardService () 2018-05-09 08:39:08 +02:00
Surinna Curtis
01dfd6dbc8 Take the first recognized actor_type. () 2018-05-08 13:30:04 +02:00
ThibG
993e68a7dd Fix hashtags not being federated on mentions (fixes ) () 2018-05-08 03:36:59 +02:00
Eugen Rochko
42cd363542
Bot nameplates ()
* Store actor type in database

* Add bot nameplate to web UI, add setting to preferences, API, AP
Fix 

* Fix code style issues
2018-05-07 09:31:07 +02:00
Eugen Rochko
0f0cc3f2eb
Support explicitly supplying language code for status via REST API () 2018-05-07 09:30:53 +02:00
Eugen Rochko
c947e2e4c5
Fix handling of malformed ActivityPub payloads when URIs are nil ()
* Fix handling of malformed ActivityPub payloads when URIs are nil

* Gracefully handle JSON-LD canonicalization failures
2018-05-05 18:22:34 +02:00
Eugen Rochko
c73ce7b695
Store home feeds for 7 days instead of 14 ()
* Store home feeds for 7 days instead of 14

Reduces workload for status fan-out to active followers

* Fix test for user model
2018-05-05 00:54:24 +02:00
Eugen Rochko
658cbc9425
Improve PostStatusService performance ()
Offload creation of local notifications to a worker. Remove two
redundant SQL queries from ProcessMentionsService, remove n+1
XML/JSON serialization via memoization
2018-05-02 22:10:57 +02:00
Eugen Rochko
cb5b5cb5f7
Slightly reduce RAM usage ()
* No need to re-require sidekiq plugins, they are required via Gemfile

* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile

* Replace ruby-oembed with FetchOEmbedService

Reduce startup by 45382 allocated objects

* Remove preloaded JSON-LD in favour of caching HTTP responses

Reduce boot RAM by about 6 MiB

* Fix tests

* Fix test suite by stubbing out JSON-LD contexts
2018-05-02 18:58:48 +02:00
abcang
71a7cea73f Keep notification when muting_notifications is true ()
* Keep notification when muting_notifications is true

* Retrun mute object

* Fix test
2018-05-02 16:14:51 +02:00
Eugen Rochko
f62539ce5c
Remove most behaviour disparities between blocks and mutes ()
* Remove most behaviour disparities between blocks and mutes

The only differences between block and mute should be:

- Mutes can optionally NOT affect notifications
- Mutes should not be visible to the muted

Fix 
Fix 

* Do not allow boosting someone you blocked

Fix 

* Do not allow favouriting someone you blocked

* Fix nil error in StatusPolicy
2018-05-02 15:50:20 +02:00
Eugen Rochko
965345316f
Guard against nil URLs in Request class ()
Fix 
2018-05-02 15:44:22 +02:00
Surinna Curtis
dc786c0cf4 Support Actors/Statuses with multiple types ()
* Add equals_or_includes_any? helper in JsonLdHelper

* Support arrays in JSON-LD type fields for actors/tags/objects.

* Spec for resolving accounts with extension types

* Style tweaks for codeclimate
2018-05-02 12:40:24 +02:00
Emelia Smith
495303d9b8 Prevent suspended accounts from appearing in AccountSearchService () 2018-04-23 21:27:18 +02:00
Eugen Rochko
75c4ab9d12
Remove "nsfw" category for sensitive statuses in OStatus serializer ()
Fix 
2018-04-22 22:09:03 +02:00
Eugen Rochko
ff87d1bc3e
Rescue SSL errors when processing mentions, remove useless line () 2018-04-19 00:53:31 +02:00
Kaito Sinclaire
156b916caf Direct messages column ()
* Added a timeline for Direct statuses
* Lists all Direct statuses you've sent and received
* Displayed in Getting Started
* Streaming server support for direct TL

* Changes to match other timelines in 2.0
2018-04-18 13:09:06 +02:00
ThibG
1c379b7ef4 Remove extra spaces from search API queries and public account headers (fixes ) () 2018-04-16 17:19:04 +02:00
Eugen Rochko
78ed4ab75f
Add bio fields ()
* Add bio fields

- Fix 
- Fix 
- Fix 

* Display bio fields in web UI

* Fix output of links and missing fields

* Federate bio fields over ActivityPub as PropertyValue

* Improve how the fields are stored, add to Edit profile form

* Add rel=me to links in fields

Fix 
2018-04-14 12:41:08 +02:00
Eugen Rochko
778562c223
Ensure SynchronizeFeaturedCollectionWorker is unique and clean up ()
* Ensure SynchronizeFeaturedCollectionWorker is unique and clean up

Fix 

* Fix code style issue
2018-04-13 01:27:22 +02:00