Commit Graph

84 Commits

Author SHA1 Message Date
fdb-hiroshima
3663bffe5c Update compiler (#725)
* update compiler to recent nightly

* cargo fmt

* fix clippy

but ructe code is still complaining

* update circleci and rocket_csrf

* fix last clippy problems

* cargo fmt

* fix build issue

was caused be improper handling of recursive template (comment) by old ructe, which is fixed on newer version
2020-01-19 12:52:32 +01:00
Violet White
f3c05dae62 Email blocklisting (#718)
* Interface complete for the email blacklisting

* Everything seems to work

* Neutralize language

* fix clippy warnings

* Add missing spaces

* Added matching test

* Correct primary key datatype for postgresql

* Address review comments

* Add placeholder when empty. Fix missing 'i'
2020-01-12 19:41:35 +01:00
fdb-hiroshima
006b44f580 Add support for generic timeline (#525)
* Begin adding support for timeline

* fix some bugs with parser

* fmt

* add error reporting for parser

* add tests for timeline query parser

* add rejection tests for parse

* begin adding support for lists

also run migration before compiling, so schema.rs is up to date

* add sqlite migration

* end adding lists

still miss tests and query integration

* cargo fmt

* try to add some tests

* Add some constraint to db, and fix list test

and refactor other tests to use begin_transaction

* add more tests for lists

* add support for lists in query executor

* add keywords for including/excluding boosts and likes

* cargo fmt

* add function to list lists used by query

will make it easier to warn users when creating timeline with unknown lists

* add lang support

* add timeline creation error message when using unexisting lists

* Update .po files

* WIP: interface for timelines

* don't use diesel for migrations

not sure how it passed the ci on the other branch

* add some tests for timeline

add an int representing the order of timelines (first one will be on
top, second just under...)
use first() instead of limit(1).get().into_iter().nth(0)
remove migrations from build artifacts as they are now compiled in

* cargo fmt

* remove timeline order

* fix tests

* add tests for timeline creation failure

* cargo fmt

* add tests for timelines

* add test for matching direct lists and keywords

* add test for language filtering

* Add a more complex test for Timeline::matches, and fix TQ::matches for TQ::Or

* Make the main crate compile + FMT

* Use the new timeline system

- Replace the old "feed" system with timelines
- Display all timelines someone can access on their home page (either their personal ones, or instance timelines)
- Remove functions that were used to get user/local/federated feed
- Add new posts to timelines
- Create a default timeline called "My feed" for everyone, and "Local feed"/"Federated feed" with timelines

@fdb-hiroshima I don't know if that's how you pictured it? If you imagined it differently I can of course make changes.

I hope I didn't forgot anything…

* Cargo fmt

* Try to fix the migration

* Fix tests

* Fix the test (for real this time ?)

* Fix the tests ? + fmt

* Use Kind::Like and Kind::Reshare when needed

* Forgot to run cargo fmt once again

* revert translations

* fix reviewed stuff

* reduce code duplication by macros

* cargo fmt
2019-10-07 19:08:20 +02:00
Ana Gelez
309e1200d0 Make a distinction between moderators and admins (#619)
* Make a distinction between moderators and admins

And rework the user list in the moderation interface, to be able to run the same action on many users,
and to have a huge list of actions whithout loosing space.

* Make user's role an enum + make it impossible for a moderator to escalate privileges

With the help of diesel-derive-enum (maybe it could be used in other places too?)

Also, moderators are still able to grant or revoke moderation rights to other people, but maybe only admins should be able to do it?

* Cargo fmt

* copy/pasting is bad

* Remove diesel-derive-enum and use an integer instead

It was not compatible with both Postgres and SQlite, because for one it generated a schema
with the "User_role" type, but for the other it was "Text"…

* Reset translations

* Use an enum to avoid magic numbers + fix the tests

* Reset translations

* Fix down.sql
2019-09-13 12:28:36 +02:00
fdb-hiroshima
83cad55b22 update default license (#659)
fix #595
2019-08-27 21:47:45 +02:00
Igor Galić
3d27e283ad
add enum containing all successful route returns (#614)
* add enum containing all successful route returns

This enum derives `Responder`, so it can be used as route result.
We also implement `From`, so it can be converted

* disable clippy warning about this enum

There's no use trying to chase this warning.
The next warning will be about `Redirect`, which itself is 360 byte,
according to @fdb-hiroshima (thanks for the research!)

So, if anything, we can try to get Rocket to work on that!

* refactor routes/posts to only use one level of Result

* admin settings error is not an ErrorPage, so dont use Result<>

* refactor: use early return to remove indent of main logic

This diff is absolutely atrocious.
but the resulting readability is worth it

* refactor routes/post for early returns & RespondOrRedirect

* refactor routes/session for early returns & use RespondOrRedirect

* refactor routes/user -- add another field to enum

* refactor routes/blogs for early returns & RespondOrRedirect

* refactor routes/blogs for early returns & RespondOrRedirect

This is a final refactor of `pub fn update()` for readability.
We're removing at least one indentation level.
2019-06-14 09:33:30 +02:00
Marek Ľach
037674ae13 Direct follow-up to #578 (#603) 2019-05-29 12:26:37 +01:00
Baptiste Gelez
ad3a8b92d1
Theme update (#553)
* Start to update the theme

- Ligther colors
- No more border radius
- Buttons are now always colored
- Start to redesign the post page (according to the Figma mockups)

* Fix build script: it now recompiles everytime a scss file changed

* Make sure the article illustrations are not too big

* Make articles wider (70 characters)

* Better contrast between gray shades

* Various improvements

* Better mobile style

* New style for the footer

* Improve comment style

* Better responsiveness again

* Limit the size of the article cover

* Last details?

- Improve buttons on the media page
- Improve lists

* Pin the stdweb version that we use

It changed because I removed Cargo.lock to handle a merge conflict

I could have updated cargo web too, but it mean I should have re-built
the CI docker image and it was taking forever.

* Better contrast for links in the header of the article

* Add a basic privacy policy

* Remove "also"

* Fix a few issues

- Don't watch static/css in build.rs
- Another shade of white
- Remove useless margin rule for error messages
2019-05-18 13:09:51 +01:00
fdb-hiroshima
773fbfe7c8 cache local instance (#572)
* cache local instance

fix #564

* don't use local instance cache for plm

* use instance cache for plm, but initialize it

* cargo fmt
2019-05-10 21:59:34 +01:00
Baptiste Gelez
8f1ab3485e
Add some feedback when performing some actions (#552)
* Add a way to display flash messages

* Make the flash messages look nice

* Add actual feedback messages

* cargo fmt

* Move flash messages to PlumeRocket

And add trait to convert PlumeRocket to BaseContext

* Remove useless lifetime
2019-04-30 11:04:25 +01:00
Baptiste Gelez
787eb7f399
Federate user deletion (#551)
* Federate user deletion

- When someone deletes their account
- When a local user is banned

Fixes #509

* cargo fmt
2019-04-28 18:01:41 +01:00
fdb-hiroshima
0d708e1639 Add support for remote interact (#519)
Add support for remote interaction ([this thing](https://eldritch.cafe/users/Barmaid/remote_follow) in mastodon)

- [x] create the endpoint dispatching remote interactions to local pages
- [x] add this endpoint to web-finger
- [x] propose remote interaction when following and not connected
- [x] propose remote interaction when liking/sharing and not connected
- [x] propose remote interaction when commenting and not connected
- [x] fetch posts/comments we don't know but remote interaction was requested for ?
2019-04-17 21:09:07 +01:00
Baptiste Gelez
12efe721cc
Big refactoring of the Inbox (#443)
* Big refactoring of the Inbox

We now have a type that routes an activity through the registered handlers
until one of them matches.

Each Actor/Activity/Object combination is represented by an implementation of AsObject

These combinations are then registered on the Inbox type, which will try to deserialize
the incoming activity in the requested types.

Advantages:
- nicer syntax: the final API is clearer and more idiomatic
- more generic: only two traits (`AsActor` and `AsObject`) instead of one for each kind of activity
- it is easier to see which activities we handle and which one we don't

* Small fixes

- Avoid panics
- Don't search for AP ID infinitely
- Code style issues

* Fix tests

* Introduce a new trait: FromId

It should be implemented for any AP object.

It allows to look for an object in database using its AP ID, or to dereference it if it was not present in database

Also moves the inbox code to plume-models to test it (and write a basic test for each activity type we handle)

* Use if let instead of match

* Don't require PlumeRocket::intl for tests

* Return early and remove a forgotten dbg!

* Add more tests to try to understand where the issues come from

* Also add a test for comment federation

* Don't check creation_date is the same for blogs

* Make user and blog federation more tolerant to errors/missing fields

* Make clippy happy

* Use the correct Accept header when dereferencing

* Fix follow approval with Mastodon

* Add spaces to characters that should not be in usernames

And validate blog names too

* Smarter dereferencing: only do it once for each actor/object

* Forgot some files

* Cargo fmt

* Delete plume_test

* Delete plume_tests

* Update get_id docs + Remove useless : Sized

* Appease cargo fmt

* Remove dbg! + Use as_ref instead of clone when possible + Use and_then instead of map when possible

* Remove .po~

* send unfollow to local instance

* read cover from update activity

* Make sure "cc" and "to" are never empty

and fix a typo in a constant name

* Cargo fmt
2019-04-17 18:31:47 +01:00
fdb-hiroshima
26fc2cde5d
use circleci instead of travis (#511)
Upgrade rust-toolchain
Upgrade Tantivy
Warning: tantivy now use a different file format, search index may need to be deleted and recreated to work as intended
try to run compile twice in a row because sometime oomk is evil
2019-04-01 20:28:23 +02:00
fdb-hiroshima
ace6181c99
Allow to change logo from .env (#497)
Fix #273
2019-03-21 11:51:41 +01:00
Atul Bhosale
b945d1f602 Run 'cargo fmt' to format code (#489) 2019-03-20 17:56:17 +01:00
Baptiste Gelez
42dca3daae
Remove some unused #[derive] (#473)
We used to need them, probably when we were using Tera.
2019-03-12 19:40:54 +01:00
Baptiste Gelez
b52b8fc880 Fix wrong condition, resulting in 404 for valid NodeInfo endpoints (#464)
* Fix wrong condition, resulting in 404 for valid NodeInfo endpoints

* Forgot to remove that dbg!
2019-03-12 17:00:23 +01:00
Baptiste Gelez
e28371bbe4
Add a page listing people someone follows (#444)
Nothing exceptional, the layout is the same as the followers page.

Fixes #325
2019-02-26 13:13:00 +01:00
zcdunn
7bac70a483 Update nodeinfo (#446)
Fix #433

I added the repo link to Cargo.toml so that `software.repository` could be configurable like @rhaamo suggested. I don't know if it's ok to include `software.repository` without bumping the schema version, but I didn't know if that would break any clients that parse nodeinfo with a hardcoded schema version.
2019-02-17 13:42:59 +01:00
zcdunn
06d6bd361a Add categories to web manifest (#434)
This pull request add a `categories` key to the web manifest. The categories key was [recently added](https://www.aaron-gustafson.com/notebook/categories-land-in-the-web-app-manifest/ "Blog post detailing the addition of categories to the spec") to the Web Manifest spec and is a list of categorizations you want to apply to your site that serves as a hint to search engines and webapp catalogs.

The categories can be anything and there is no standardized list of vaues. The W3C is maintaining a list of commonly used values [here](https://github.com/w3c/manifest/wiki/Categories). I added _social_ to Plume's manifest based on that list, but I think eventually allowing a user defined list would be better. I don't know if there's anything in Plume currently that would enable that.
2019-01-24 13:16:48 +01:00
fdb-hiroshima
c4a4ea5b6c Support blind key rotation (#399)
* Allow receiving objects with new unknown key

* Rotate key after sending Delete activity

* Do the right check
2019-01-05 22:30:28 +01:00
Baptiste Gelez
80a4dae8bd
Avoid panics (#392)
- Use `Result` as much as possible
- Display errors instead of panicking

TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug

(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
2018-12-29 09:36:07 +01:00
fdb-hiroshima
ab2998e214
Make Plume compile on release (#365)
* Remove use of String for body parameters

Create SignedJson and implement FromData for it

* Make Travis test on release

* Remove warning when installing and fix coverage
2018-12-22 18:27:21 +01:00
Baptiste Gelez
38302203f4
Count items in database as much as possible (#344)
* Count items in database as much as possible

* Fix the tests

* Remove two useless queries

* Run pragma directive before each sqlite connection

* Pragma for tests too

* Remove debug messages
2018-12-14 23:16:18 +01:00
Baptiste Gelez
b0089e59b7
Remove useless pagination routes (#351)
Rocket 0.4 let us have routes with optional query parameter
2018-12-13 22:20:19 +01:00
fdb-hiroshima
e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Baptiste Gelez
70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
fdb-hiroshima
449641d158
Add a search engine into Plume (#324)
* Add search engine to the model

Add a Tantivy based search engine to the model
Implement most required functions for it

* Implement indexing and plm subcommands

Implement indexation on insert, update and delete
Modify func args to get the indexer where required
Add subcommand to initialize, refill and unlock search db

* Move to a new threadpool engine allowing scheduling

* Autocommit search index every half an hour

* Implement front part of search

Add default fields for search
Add new routes and templates for search and result
Implement FromFormValue for Page to reuse it on search result pagination
Add optional query parameters to paginate template's macro
Update to newer rocket_csrf, don't get csrf token on GET forms

* Handle process termination to release lock

Handle process termination
Add tests to search

* Add proper support for advanced search

Add an advanced search form to /search, in template and route
Modify Tantivy schema, add new tokenizer for some properties
Create new String query parser
Create Tantivy query AST from our own

* Split search.rs, add comment and tests

Split search.rs into multiple submodules
Add comments and tests for Query
Make user@domain be treated as one could assume
2018-12-02 17:37:51 +01:00
fdb-hiroshima
74c398d60c
Run cargo clippy on whole project (#322)
* Run cargo clippy on plume-common

Run clippy on plume-common and adjuste code accordingly

* Run cargo clippy on plume-model

Run clippy on plume-model and adjuste code accordingly

* Reduce need for allocation in plume-common

* Reduce need for allocation in plume-model

add a quick compilation failure if no database backend is enabled

* Run cargo clippy on plume-cli

* Run cargo clippy on plume
2018-11-26 10:21:52 +01:00
Trinity Pointard
fd92383f87 Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00
Baptiste Gelez
8fdb55a501
Merge pull request #256 from Plume-org/verify-signature
Verify activity's signature
2018-10-10 21:31:11 +01:00
Trinity Pointard
ba4695f490 Add support for signature verification on pseudo header
Add support for pseudo-header '(request-target)'
Add some logging for denied request
2018-10-10 21:10:43 +02:00
Bat
1b9c3f69bf Add icons to Web Manifest 2018-10-09 19:38:01 +01:00
Bat
915b9bb0e5 Use env!("CARGO_PKG_VERSION") instead of hardcoding version when possible
See https://doc.rust-lang.org/cargo/reference/environment-variables.html#environment-variables-cargo-sets-for-crates
2018-10-06 18:55:30 +01:00
Bat
478e9dcac9 Show your own posts in your feed
Fixes #213
2018-10-06 13:42:57 +01:00
Trinity Pointard
3466e55548 Implement JSON-ld signature verification
Implement JSON-ld signature verification
Move signature verification functions to the proper file
2018-10-06 10:06:06 +02:00
Trinity Pointard
62c94ed463 Refactor and verify http signature on personnal inbox
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Trinity Pointard
0a5d435249 Verify http signatures 2018-10-03 09:31:38 +02:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Zachary Dunn
8765b12229 Unwrap option 2018-09-10 14:54:18 -04:00
Zachary Dunn
3a81dd7089 Add webapp manifest 2018-09-10 10:14:08 -04:00
Bat
1f2bd105b6 Implement user ban 2018-09-09 11:25:55 +01:00
Bat
f66ddf6ef2 Actually implement blocks 2018-09-08 22:05:48 +01:00
Bat
0a70ff2594 Merge branch 'master' of github.com:Plume-org/Plume 2018-09-08 20:32:12 +01:00
Bat
f1d5865a16 Instance (un)block endpoint
And hide the block button for the local instance
2018-09-08 20:07:55 +01:00