Commit graph

38 commits

Author SHA1 Message Date
Eugen Rochko
44b2ee3485
Add customizable user roles ()
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Eugen Rochko
6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in () 2022-04-06 20:58:12 +02:00
Jeong Arm
3f5f4273b3
Add optional domain restrict to tootctl accounts cull ()
* Add optional domain restrict to accounts cull

* Use "unless" - codeclimate
2021-10-14 21:09:56 +02:00
Claire
a8ef6d24d8
Fix tootctl accounts cull not excluding domains on timeouts and certificate issues ()
Fixes 
2021-10-14 21:08:37 +02:00
Eugen Rochko
771c9d4ba8
Add ability to skip sign-in token authentication for specific users ()
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
ThibG
13d5b81579
Fix “tootctl accounts unfollow” ()
Fixes 

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-01-29 18:38:56 +01:00
ThibG
f1f96ebf02
Fix being able to import more than allowed number of follows ()
* Fix being able to import more than allowed number of follows

Without this commit, if someone tries importing a second list of accounts to
follow before the first one has been processed, this will queue imports for
the two whole lists, even if they exceed the account's allowed number of
outgoing follows.

This commit changes it so the individual queued imports aren't exempt from
the follow limit check (they remain exempt from the rate-limiting check
though).

* Catch validation errors to not re-queue failed follows

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-26 23:52:46 +01:00
ThibG
1cf2c3a810
Fix external user creation failing when invite request text is required ()
* Fix external user creation failing when invite request text is required

Also fixes tootctl-based user creation.

* Add test about invites when invite request text is otherwise required

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-22 17:14:32 +01:00
ThibG
c4e860277d
Fix "tootctl accounts fix-duplicates" ()
- `pluck_each` cannot be used this way with `group`
- typo

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-19 13:34:16 +01:00
ThibG
a60d9335d8
Fix resolving accounts sometimes creating duplicate records for a given AP id ()
* Fix ResolveAccountService accepting mismatching acct: URI

* Set attributes that should be updated regardless of suspension

* Fix key fetching

* Automatically merge remote accounts with duplicate `uri`

* Add tests

* Add "tootctl accounts fix-duplicates"

Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and
merge them under the canonical `acct:` URI.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-18 23:26:26 +01:00
Eugen Rochko
f844386809
Add tootctl accounts merge ()
* Add `tootctl accounts merge`

* Update lib/mastodon/accounts_cli.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-23 17:50:16 +01:00
Eugen Rochko
3134691948
Add support for reversible suspensions through ActivityPub () 2020-11-08 00:28:39 +01:00
Eugen Rochko
ed099d8bdc
Change account suspensions to be reversible by default () 2020-09-15 14:37:58 +02:00
ThibG
ca7ee9f1cf
Add --reset-password option to tootctl accounts modify () 2020-02-22 01:29:14 +01:00
Jeong Arm
c4fbfaf0b8 Remove unused option from tootctl accounts cull () 2019-10-06 04:30:07 +02:00
Eugen Rochko
c5d37f18cb
Change deletes to preserve soft-deleted statuses in unresolved reports ()
Change all account actions except "none" to resolve all unresolved reports

Refactor `SuspendAccountService` to be more readable
2019-09-11 16:32:44 +02:00
Eugen Rochko
8674814825
Change tootctl to use inline parallelization instead of Sidekiq ()
- Remove --background option
- Add --concurrency(=5) option
- Add progress bars
2019-09-10 13:48:48 +02:00
Stanislas
3a77090d01 Limit "tootctl accounts follow" to local accounts ()
To (somewhat) limit mass remote follow. Fix 
2019-08-17 22:59:40 +02:00
ThibG
14f6ce2885 Record account suspend/silence time and keep track of domain blocks ()
* Record account suspend/silence time and keep track of domain blocks

* Also unblock users who were suspended/silenced before dates were recorded

* Add tests

* Keep track of suspending date for users suspended through the CLI

* Show accurate number of accounts that would be affected by unsuspending an instance

* Change migration to set silenced_at and suspended_at

* Revert "Also unblock users who were suspended/silenced before dates were recorded"

This reverts commit a015c65d2d1e28c7b7cfab8b3f8cd5fb48b8b71c.

* Switch from using suspended and silenced to suspended_at and silenced_at

* Add post-deployment migration script to remove `suspended` and `silenced` columns

* Use Account#silence! and Account#suspend! instead of updating the underlying property

* Add silenced_at and suspended_at migration to post-migration

* Change account fabricator to translate suspended and silenced attributes

* Minor fixes

* Make unblocking domains always retroactive
2019-05-14 19:05:02 +02:00
Eugen Rochko
d77ee3f276
Fix accounts created through tootctl not being always pre-approved ()
Add `--approve` option to `tootctl accounts modify`
2019-05-03 20:49:27 +02:00
Takeshi Umeda
08ba69b538 Add tootctl accounts reset-relationships ()
* Add `tootctl accounts reset`

* Rename reset to reset-relationships

* Improve command description
2019-04-08 07:46:55 +02:00
Eugen Rochko
e007c7a99b
Add tootctl accounts approve () 2019-04-06 04:47:05 +02:00
Ben Lubar
e6814a332c Fix tootctl accounts cull ()
* List the actual accounts that would have been culled during a dry run.

Otherwise, the dry run mode is basically useless.

* Prevent unreachable domains from inheriting the previous status code.

* Update CHANGELOG.md for .
2019-04-04 16:46:27 +02:00
Jeong Arm
67eb47e25f Simplify culling and fix race condition () 2019-04-01 19:17:21 +02:00
Eugen Rochko
e9cd3636c6
Fix tootctl accounts delete not deleting user record as well () 2019-01-20 12:30:25 +01:00
Eugen Rochko
ed12619985
Add tootctl accounts follow ACCT ()
Fix 
2019-01-01 16:24:26 +01:00
Eugen Rochko
5d2fc6de32
Add REST API for creating an account ()
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
Eugen Rochko
857e8eb312
Fix tootctl accounts rotate not updating public keys ()
This allowed you to brick your system when running that command, because the accounts would continue to advertise the old public key, but sign things with the new one
2018-12-18 01:22:29 +01:00
Renato "Lond" Cerqueira
c66739b418 Touch account on successful response, change char shown when culled ()
Just the color is not enough change since not everyone uses colored
terminals.
Touching the account makes it so that the account is not in the
threshold window in case of running again
2018-11-20 22:25:32 +01:00
Eugen Rochko
6f78500d4f
Do not remove "dead" domains in tootctl accounts cull ()
Leave `tootctl accounts cull` to simply check removed accounts from
live domains, and skip temporarily unavailable domains, while listing
them in the final output for further action.

Add `tootctl domains purge DOMAIN` to be able to purge a domain from
that list manually
2018-10-27 22:56:16 +02:00
Sascha
b9d7021c1b cli: set exit_on_failure for all CLI classes () 2018-10-25 16:05:33 +02:00
Eugen Rochko
f5b8bd4392
Fix cull tripping on nil in last_webfingered_at ()
Fix 
2018-10-22 16:58:08 +02:00
Jeong Arm
2e18ad74dc Fix tootctl cull on dead servers ()
* Delete first 9 accounts on dead servers

* Clean up code by moving dead server culling to the end
2018-10-21 22:52:27 +02:00
Eugen Rochko
ac07bfb018 Fix tootctl accounts reattaching not unsuspending deleted account () 2018-09-29 18:40:40 +09:00
Eugen Rochko
38f5f9cf5b
Add tootctl accounts backup () 2018-09-28 03:34:24 +02:00
Eugen Rochko
6a3f9b7e53
Move more tasks to tootctl ()
* Move more tasks to tootctl

- tootctl feeds build
- tootctl feeds clear
- tootctl accounts refresh

Clean up exit codes and help messages

* Move user modifying to tootctl

* Improve user modification through CLI, rename commands

add -> create
mod -> modify
del -> delete

To remove ambiguity

* Fix code style issues

* Fix not being able to unset admin/mod role
2018-09-14 17:42:22 +02:00
Eugen Rochko
47ea318479
tootctl accounts [add|del|cull] ()
* CLI interface for creating/deleting local users

- tootctl accounts add USERNAME
- tootctl accounts del USERNAME

* Add CLI interface for culling remote users that no longer exist

- tootctl accounts cull
2018-09-09 13:33:36 +02:00
Eugen Rochko
cabdbb7f9c
Add CLI task for rotating keys ()
* If an Update is signed with known key, skip re-following procedure

Because it means the remote actor did *not* lose their database

* Add CLI method for rotating keys

    bin/tootctl accounts rotate [USERNAME]

Generates a new RSA key per account and sends out an Update activity
signed with the old key.

* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts

* Skip suspended accounts in key rotation
2018-08-26 20:21:03 +02:00