Commit Graph

67 Commits

Author SHA1 Message Date
Trinity Pointard
21fe63665d Upgrade rocket_csrf
Fix #346
2018-12-13 10:22:43 +01:00
fdb-hiroshima
e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Baptiste Gelez
70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
fdb-hiroshima
449641d158
Add a search engine into Plume (#324)
* Add search engine to the model

Add a Tantivy based search engine to the model
Implement most required functions for it

* Implement indexing and plm subcommands

Implement indexation on insert, update and delete
Modify func args to get the indexer where required
Add subcommand to initialize, refill and unlock search db

* Move to a new threadpool engine allowing scheduling

* Autocommit search index every half an hour

* Implement front part of search

Add default fields for search
Add new routes and templates for search and result
Implement FromFormValue for Page to reuse it on search result pagination
Add optional query parameters to paginate template's macro
Update to newer rocket_csrf, don't get csrf token on GET forms

* Handle process termination to release lock

Handle process termination
Add tests to search

* Add proper support for advanced search

Add an advanced search form to /search, in template and route
Modify Tantivy schema, add new tokenizer for some properties
Create new String query parser
Create Tantivy query AST from our own

* Split search.rs, add comment and tests

Split search.rs into multiple submodules
Add comments and tests for Query
Make user@domain be treated as one could assume
2018-12-02 17:37:51 +01:00
Trinity Pointard
00a205a882 Update debian installation doc
fix #305
Update debian installation doc
Remove need for libpq when compiling with sqlite backend
Remove some unneaded features of multipart to speed up compilation
2018-11-21 10:09:23 +01:00
Baptiste Gelez
6b2d9d4221
Tests infrastructure for plume-models (#302)
First step for testing `plume-models`. I only added one test for the moment, but we should add more in future PRs.
2018-11-01 22:23:38 +01:00
Baptiste Gelez
95326c09e0 Federate article covers 2018-10-31 15:07:40 +01:00
Trinity Pointard
ed5bafbbc4 Update webfinger and reqwest
Update webfinger to 0.3.1
Update reqwest to 0.9
Fix #257
2018-10-11 13:51:45 +02:00
Bat
5fa7a2a742 Remove legacy setup script 2018-10-06 12:31:00 +01:00
Bat
d0d1210e21 Document new command-line tools 2018-10-06 12:19:48 +01:00
Baptiste Gelez
b464671cf0
Merge pull request #226 from igalic/feat/sqlite
Add SQLite as supported database
2018-10-06 12:15:00 +01:00
Trinity Pointard
d3ed2d8af5 Fix regression and update rocket_csrf
Fix account creation, introduced by fceb9ab
Update to latest rocket_csrf
2018-10-02 11:51:12 +02:00
Igor Galić
e5691f7b23
add sqlite as diesel dependency 2018-09-30 14:13:42 +02:00
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Bat
72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
Bat
f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Bat
8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Bat
2f53cb9122 Update rocket_csrf 2018-09-09 11:06:10 +01:00
Bat
c0d0f98d1f Update rocket_csrf and enable protection again 2018-09-09 10:27:03 +01:00
Bat
995c173146 Downgrade Tera + Temporary disable CSRF protection
Bugs in these crates prevented articles from displaying correctly.
2018-09-08 23:09:59 +01:00
Thomas Letan
0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
772bb350ac Update rocket_csrf to support multipart forms 2018-09-03 10:21:33 +01:00
Bat
f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat
97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00
Bat
5583029b07 Update the WebFinger crate
Fixes an issue with some Mastodon accounts
2018-07-26 21:35:35 +02:00
Bat
1e5ad2b086 Add a job pool 2018-07-26 17:32:52 +02:00
Trinity Pointard
e9b2a20ad3 Update dependancie to rocket_csrf
fix #117
2018-07-20 17:24:34 +02:00
Baptiste Gelez
6fe70cd723
Merge pull request #111 from Plume-org/form-validation
Form validation
2018-07-08 14:28:47 +02:00
Bat
5f3afe900f Display errors on invalid forms
It will probably need a bit of styling…
2018-07-06 19:29:36 +02:00
Trinity Pointard
ec4b791727 Update dependancy to rocket_csrf
fix #96
2018-06-30 09:38:44 +02:00
Bat
b008e11fb0 Add validator 2018-06-29 14:22:43 +02:00
Baptiste Gelez
ca07950100
Merge pull request #83 from Plume-org/csrf-protection
Csrf protection
2018-06-26 16:30:24 +02:00
Bat
f805ec1d53 Introduce an environment variable to disable HTTPS, and use it when fetching WebFinger resources
You can now use USE_HTTPS=0 when debugging the federation locally.
2018-06-26 16:16:59 +02:00
Trinity Pointard
3b9c53bebc Use proper repository for rocket_csrf 2018-06-24 19:02:47 +02:00
Trinity Pointard
30e9620d0a Add csrf protection 2018-06-24 18:58:57 +02:00
Bat
68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat
e7e557612e Rewrite User::from_activity to use the activitypub crate instead of raw JSON 2018-06-21 21:30:56 +01:00
Bat
4ea071e709 Switch to pulldown-cmark for markdown parsing + Try to parse mentions
It's not working correctly yet for some reason…
2018-06-20 15:29:19 +01:00
Bat
d00688e526 Admin creation 2018-06-19 16:14:52 +01:00
Bat
54e2cea83b Start a setup script
For now, it checks if the instance is ready, and if it is not starts the actual setup script.

Only the first actual step of the script, checking for native dependencies, is implemented.
2018-06-19 14:08:44 +01:00
Bat
5415b70854 Use the webfinger crate 2018-06-18 22:50:40 +01:00
Bat
36bf2e114c Fix local notifications 2018-06-18 12:32:03 +01:00
Bat
cafb0e2277 Use the rocket_i18n crate 2018-06-17 15:28:44 +01:00
Bat
b18aa33c70 Update to the latest version of Rocket, to use rocket_contrib::Template::custom 2018-06-16 18:39:22 +01:00
Bat
c9b4c40fa1 Add the gettext-rs crate 2018-06-15 14:08:38 +01:00
Bat
7d17751f50 Definitively get rid of the activitystreams crates 2018-06-11 13:30:14 +01:00
Trinity Pointard
7d9609671c change post.content and comment.content's types from String to SafeString 2018-06-11 12:22:43 +02:00
Bat
6ae1f405eb Remove unecessary dependencies 2018-06-10 12:17:31 +01:00