Commit Graph

595 Commits

Author SHA1 Message Date
Atul Bhosale
b945d1f602 Run 'cargo fmt' to format code (#489) 2019-03-20 17:56:17 +01:00
Igor Galić
732f514da7 Refactor with the help of Clippy (#462)
We add clippy as our build — also rectifying the missing `plume-cli` build!

In the next step we follow clippy's advise and fix some of the "simple" mistakes in our code, such as style or map usage.

Finally, we refactor some hard bits that need extraction of new types, or refactoring of function call-types, especially those that thread thru macros, and, of course functions with ~15 parameters should probably be rethought.
2019-03-19 14:37:56 +01:00
fdb-hiroshima
570d7fe2d0
Add markdown support for summary (#482)
* Add markdown support for summary

* Save both md and html summary
2019-03-17 20:11:29 +01:00
fdb-hiroshima
a2b2e37aa0
Caching (#480)
* add basic caching support

* Use hash of static dir instead of rand

* Add support for ETag
2019-03-16 15:33:28 +01:00
Baptiste Gelez
42dca3daae
Remove some unused #[derive] (#473)
We used to need them, probably when we were using Tera.
2019-03-12 19:40:54 +01:00
Baptiste Gelez
b52b8fc880 Fix wrong condition, resulting in 404 for valid NodeInfo endpoints (#464)
* Fix wrong condition, resulting in 404 for valid NodeInfo endpoints

* Forgot to remove that dbg!
2019-03-12 17:00:23 +01:00
Baptiste Gelez
fe6e69d7c4
Add a fqn field to blogs and users (#457)
Fixes #319
2019-03-06 18:28:10 +01:00
Baptiste Gelez
eff2698664
Slightly improve the media experience (#452)
* Slightly improve the media experience

- Use a grid to display the list of media
- Add icons for non-image media preview
- Paginate the gallery
- Add links to the gallery in the editor and in the profile settings to make it more discoverable when you need it

Fixes #432

* Allow video and audio tags in SafeString

Otherwise we can't display their preview, nor show them in articles

Also show controls by default for these two elements

* Show fallback images for audio and unknown files, to make them more visible

* Add a new constructor to SafeString when the input is trusted and doesn't need to be escaped.

And use it to generate media previews.

* Make it possible to insert video/audio in articles
2019-03-06 14:11:36 +01:00
Baptiste Gelez
a5e0486da0
Make media extension parsing safer (#459)
Only keep it if contains letters and numbers only, otherwise remove it.

To be merged before #452
2019-03-06 14:09:43 +01:00
Baptiste Gelez
2a188abfa1
Fix follow IDs (#455)
* Generate valid IDs for Follow

Fixes #449

* Use the new post-insert hook for all the models

* Fix plume-cli build
2019-03-04 21:35:03 +01:00
Baptiste Gelez
a2b9d7ec44
Password reset (#448)
* Password reset

* Various improvements and fixes for password reset

- Reorganize src/mail.rs to make it  cleaner
- add a build_mail function
- only make the requests invalid after 2 hours
- avoid infintely-growing list of requests by deleting them once completed, or after 24 hours
- avoid sending many requests for the same user
- validate the password reset form

* Avoid locking so many times

Fix durations

* Remove old requests even if the current one is not valid

* Remove unused feature

* Also remove the custom_derive and plugin features while we are at it

* Forgot a 0 è_é

* Avoid panicking while owning a request lock

* Use master branch of lettre so that we can build with the latest OpenSSL

* Fix the debug mailer
2019-02-27 13:29:26 +01:00
Baptiste Gelez
e28371bbe4
Add a page listing people someone follows (#444)
Nothing exceptional, the layout is the same as the followers page.

Fixes #325
2019-02-26 13:13:00 +01:00
zcdunn
7bac70a483 Update nodeinfo (#446)
Fix #433

I added the repo link to Cargo.toml so that `software.repository` could be configurable like @rhaamo suggested. I don't know if it's ok to include `software.repository` without bumping the schema version, but I didn't know if that would break any clients that parse nodeinfo with a hardcoded schema version.
2019-02-17 13:42:59 +01:00
Baptiste Gelez
576a4ed499
Pull i18n from Funkwhale's weblate (#439)
* Added translation using Weblate (Arabic)

* Translated using Weblate (Arabic)

Currently translated at 66.7% (124 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (English)

Currently translated at 100.0% (186 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/en/

* Translated using Weblate (Japanese)

Currently translated at 100.0% (186 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ja/

* Translated using Weblate (Arabic)

Currently translated at 68.8% (128 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (Norwegian Bokmål)

Currently translated at 96.8% (180 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/nb/

* Translated using Weblate (Arabic)

Currently translated at 95.7% (178 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Added translation using Weblate (Spanish)

* Translated using Weblate (Spanish)

Currently translated at 3.8% (7 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Added translation using Weblate (Portuguese (Portugal))

* Translated using Weblate (Arabic)

Currently translated at 99.5% (185 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (Portuguese (Portugal))

Currently translated at 95.7% (178 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/pt_PT/

* Translated using Weblate (Spanish)

Currently translated at 26.9% (50 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Translated using Weblate (Spanish)

Currently translated at 34.9% (65 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Translated using Weblate (Spanish)

Currently translated at 34.9% (65 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/
2019-02-13 13:39:42 +01:00
Baptiste Gelez
77bfe635d7
Update dependencies (#440) 2019-02-13 13:39:30 +01:00
Baptiste Gelez
7eef4643c8
Update rocket_i18n and add gettext_macros (#431)
Internationalization now uses proc-macros that generate the .pot file
automatically.
2019-02-02 15:23:50 +01:00
Baptiste Gelez
5880dc1957
Improve search UI (#375) 2019-01-28 13:12:56 +01:00
fdb-hiroshima
e77e4d86e8
Better big form handling (#430)
* Allow customizing max form size from env vars

* Add error page for unprocessable entities

And change default http port to 7878

* Improve char counter: under the editor, more discrete, and give it a default value
2019-01-27 10:55:22 +01:00
zcdunn
06d6bd361a Add categories to web manifest (#434)
This pull request add a `categories` key to the web manifest. The categories key was [recently added](https://www.aaron-gustafson.com/notebook/categories-land-in-the-web-app-manifest/ "Blog post detailing the addition of categories to the spec") to the Web Manifest spec and is a list of categorizations you want to apply to your site that serves as a hint to search engines and webapp catalogs.

The categories can be anything and there is no standardized list of vaues. The W3C is maintaining a list of commonly used values [here](https://github.com/w3c/manifest/wiki/Categories). I added _social_ to Plume's manifest based on that list, but I think eventually allowing a user defined list would be better. I don't know if there's anything in Plume currently that would enable that.
2019-01-24 13:16:48 +01:00
fdb-hiroshima
c4a4ea5b6c Support blind key rotation (#399)
* Allow receiving objects with new unknown key

* Rotate key after sending Delete activity

* Do the right check
2019-01-05 22:30:28 +01:00
fdb-hiroshima
7c8599b0a2
Disallow interaction with medias owned by others (#410)
Notably prevent media deletion by other users
2019-01-05 22:09:57 +01:00
fdb-hiroshima
2896eb1705
Fix login issue (#401)
Regression introduced by 4059a840be
2018-12-31 11:45:59 +01:00
Baptiste Gelez
80a4dae8bd
Avoid panics (#392)
- Use `Result` as much as possible
- Display errors instead of panicking

TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug

(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
2018-12-29 09:36:07 +01:00
fdb-hiroshima
ccba485215
Trim email and username (#386)
Also forbid whitespaces in username
Fix #385
2018-12-25 18:00:21 +01:00
Baptiste Gelez
4ec2480f50
Post creation API (#307) 2018-12-24 16:42:40 +01:00
fdb-hiroshima
fdfeeed6d9 Comment visibility (#364)
Add some support for comment visibility, fix #217 

This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.

What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
2018-12-24 11:23:04 +01:00
fdb-hiroshima
5c5cf36b0d
Allow for comment deletion (#363)
* Allow for comment deletion

Receive and emit deletion activity
Add button to delete comment

* Remove debug print and fix copy-past typo

* Improve style of comment deletion button
2018-12-23 11:13:36 +01:00
fdb-hiroshima
0df9c4d400
Give reshare and like ap_url before inserting (#369)
Fix #367
2018-12-23 11:13:02 +01:00
fdb-hiroshima
0ea1d57e48
Fix some federation issues (#357)
* Fix some follow issues

Fix not receiving notifications when followed by remote users
Fix imposibility to be unfollowed by Mastodon/Pleroma users (tested only against Pleroma)

* Fix notification on every post

* Fix issues with federation

Send Link instead of Object when emiting Follow request
Receive both Link and Object for Follow request
Don't panic when fetching user with no followers or posts from Pleroma
Reorder follower routes so Activity Pub one is reachable

* Generate absolute urls for mentions and tags

* Verify author when undoing activity by Link
2018-12-23 11:12:15 +01:00
fdb-hiroshima
ab2998e214
Make Plume compile on release (#365)
* Remove use of String for body parameters

Create SignedJson and implement FromData for it

* Make Travis test on release

* Remove warning when installing and fix coverage
2018-12-22 18:27:21 +01:00
Baptiste Gelez
38302203f4
Count items in database as much as possible (#344)
* Count items in database as much as possible

* Fix the tests

* Remove two useless queries

* Run pragma directive before each sqlite connection

* Pragma for tests too

* Remove debug messages
2018-12-14 23:16:18 +01:00
Baptiste Gelez
b0089e59b7
Remove useless pagination routes (#351)
Rocket 0.4 let us have routes with optional query parameter
2018-12-13 22:20:19 +01:00
Trinity Pointard
fcbaf6eee3 Allow to keep query params in paginate
Fix #349
2018-12-12 00:52:26 +01:00
Baptiste Gelez
b73fbd3768
License federation (#343)
* Federate license

* Make it possible to use no license
2018-12-09 18:43:34 +01:00
fdb-hiroshima
e9f2f769be Add microformat tags (#341)
Close #229 
Adding `<div>` might have broken the layout in some places. I've tried to fix it, tell me if I missed it somewhere
2018-12-08 21:52:46 +01:00
fdb-hiroshima
e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Trinity Pointard
b4e4b497ee Works on template
Use uri! to generate links instead of hardcoded urls
Fix #110
Fix invalid links needing to be POST forms
Translate login message for boost and like directly from template
Put js for search in its own file
2018-12-07 12:10:03 +01:00
Baptiste Gelez
70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
Trinity Pointard
5f059c3e98 Fix issues with tags and mentions
Fix issue where leading @ or # of a mention/hashtag get duplicated
Fix issue where normal tags were being overwritten by hashtags
2018-12-06 15:10:07 +01:00
fdb-hiroshima
449641d158
Add a search engine into Plume (#324)
* Add search engine to the model

Add a Tantivy based search engine to the model
Implement most required functions for it

* Implement indexing and plm subcommands

Implement indexation on insert, update and delete
Modify func args to get the indexer where required
Add subcommand to initialize, refill and unlock search db

* Move to a new threadpool engine allowing scheduling

* Autocommit search index every half an hour

* Implement front part of search

Add default fields for search
Add new routes and templates for search and result
Implement FromFormValue for Page to reuse it on search result pagination
Add optional query parameters to paginate template's macro
Update to newer rocket_csrf, don't get csrf token on GET forms

* Handle process termination to release lock

Handle process termination
Add tests to search

* Add proper support for advanced search

Add an advanced search form to /search, in template and route
Modify Tantivy schema, add new tokenizer for some properties
Create new String query parser
Create Tantivy query AST from our own

* Split search.rs, add comment and tests

Split search.rs into multiple submodules
Add comments and tests for Query
Make user@domain be treated as one could assume
2018-12-02 17:37:51 +01:00
Trinity Pointard
9714bafded Verify username for special characters on signup 2018-12-02 12:43:03 +01:00
fdb-hiroshima
74c398d60c
Run cargo clippy on whole project (#322)
* Run cargo clippy on plume-common

Run clippy on plume-common and adjuste code accordingly

* Run cargo clippy on plume-model

Run clippy on plume-model and adjuste code accordingly

* Reduce need for allocation in plume-common

* Reduce need for allocation in plume-model

add a quick compilation failure if no database backend is enabled

* Run cargo clippy on plume-cli

* Run cargo clippy on plume
2018-11-26 10:21:52 +01:00
fdb-hiroshima
8a4702df92 Add unit tests for main model parts (#310)
Add tests for following models:
- Blog
- Instance
- Media
- User
2018-11-24 12:44:17 +01:00
KokaKiwi
67fe28177e Decode unfollow activities in inbox properly (#316) 2018-11-23 13:17:37 +01:00
Baptiste Gelez
a64c4912cf
Add support for CW in comments (#308)
All the backend/federation code was already, I just added the UI 🤷‍♀️ 

Fixes #253
2018-11-07 15:57:31 +01:00
Baptiste Gelez
94904fa3d5 Escape titles in RSS feeds 2018-11-06 10:49:46 +01:00
Baptiste Gelez
f593ce40af Remove some debug messages 2018-10-31 15:07:40 +01:00
Baptiste Gelez
485aac2e20 Add an interface to select an article illustration 2018-10-31 15:07:40 +01:00
Baptiste Gelez
ab5edbc6a5 Add a cover field to posts
Referencing the media to use to illustrate the article
2018-10-31 15:07:40 +01:00
Baptiste Gelez
e26a150164 Make Authorization optional for read routes
Only require it when reading draft articles.
2018-10-30 18:13:49 +01:00
Baptiste Gelez
28fbf35779 Use PhantomData intead of two Options useless for Authorization
And remove some warnings about unused parameters
2018-10-30 18:13:49 +01:00
Baptiste Gelez
647a5af070 Make it impossible to know if an username is used or not with the API 2018-10-30 18:13:49 +01:00
Baptiste Gelez
31641b1ea1 New request guard: Authorization<Action, Scope>
Filter requests that don't have an API token authorized to read or write
a specific scope;
2018-10-30 18:13:49 +01:00
Baptiste Gelez
9a13d804c5 impl FromRequest for ApiToken
and use it for the posts API
2018-10-30 18:13:49 +01:00
Baptiste Gelez
663ec52fea Disable CSRF for the whole API 2018-10-30 18:13:49 +01:00
Baptiste Gelez
2394ff424b Add an ApiToken model, and an endpoint to get one 2018-10-30 18:13:49 +01:00
Baptiste Gelez
f2190adfc2 Add an API endpoint to register apps 2018-10-30 18:13:49 +01:00
Trinity Pointard
76ca76f068 Update tags and hashtags on remote post edition 2018-10-29 20:54:27 +01:00
Trinity Pointard
c4fc656809 Update mentions on remote post edition 2018-10-29 20:54:27 +01:00
Trinity Pointard
2523f3b523 Prevent duplication of mention on post update
and delete mentions and notifications of user no longer mentioned
2018-10-29 20:54:27 +01:00
Trinity Pointard
1689813df4 Deduplicate tags and mentions
Use set to work on tags and mentions, allowing deduplication of them,
and clearer code
May also help with distinguishing tags and hashtags latter
2018-10-29 20:54:27 +01:00
Trinity Pointard
0bb2e6293a Send Create activity when undrafting post
Send a Create activity when a post get undrafted, instead of sending an
	Update activity for a non federated post
Fix #221
2018-10-28 11:42:01 +01:00
Trinity Pointard
cbbd0ca920 Group post by 12 instead of 10
Fix #251
2018-10-28 11:26:24 +01:00
Baptiste Gelez
fcf911fac9 ActivityPub: don't delete anything if the actor is not authorized 2018-10-22 16:29:25 +01:00
Baptiste Gelez
fc5acac861
Merge pull request #283 from Plume-org/hashtags
Support hashtags
2018-10-21 13:53:15 +01:00
Trinity Pointard
95ea248518 Add support for hashtag on user interface
Add migration to fix typo
Add support for linking hashtags with posts
Rework tag search page so it says a nicer message than page not found
when no post use that tag
Add new string to translation
2018-10-20 19:27:49 +02:00
Trinity Pointard
4fa3a0f6ee Add support for hashtags in md parser 2018-10-20 16:38:16 +02:00
Trinity Pointard
eca458b0e5 Add support for blog deletion
fix #181
2018-10-20 15:03:59 +02:00
Trinity Pointard
a6e73f4667 Allow tag deletion
Fix #232
2018-10-20 14:05:41 +02:00
Trinity Pointard
fd92383f87 Normalize panic message and return 400 or 404 when suitable 2018-10-20 11:04:20 +02:00
Bat
9d70eeae61 Don't register the media serving route (they are now served with other static files)
And remove some unused imports
2018-10-12 20:48:11 +01:00
Bat
14969d489c Save medias in static/media
Fixes #272
2018-10-12 20:32:34 +01:00
Trinity Pointard
f9498828c4 Modify post slug only when it's still drafted
Fix #207
2018-10-11 14:23:23 +02:00
Baptiste Gelez
8fdb55a501
Merge pull request #256 from Plume-org/verify-signature
Verify activity's signature
2018-10-10 21:31:11 +01:00
Trinity Pointard
ba4695f490 Add support for signature verification on pseudo header
Add support for pseudo-header '(request-target)'
Add some logging for denied request
2018-10-10 21:10:43 +02:00
Bat
1b9c3f69bf Add icons to Web Manifest 2018-10-09 19:38:01 +01:00
Bat
3b7842d040 Rocket should manage DbConn, not Option<DbConn>
Otherwise it fails when using DbConn as a request guard
2018-10-08 20:02:17 +01:00
Baptiste Gelez
0469b8dae2
Merge pull request #266 from Plume-org/cc-by-sa
Change default license to CC-BY-SA
2018-10-07 21:28:43 +01:00
Baptiste Gelez
3a13d80dc6
Merge pull request #267 from Plume-org/db-url
Replace DB_URL with DATABASE_URL
2018-10-07 21:28:28 +01:00
Bat
9cc795d8be Replace DB_URL with DATABASE_URL
This way it is shared with diesel, which simplifies a lot the setup

Also fixes a few issues in the documentation, that are not directly related
2018-10-07 11:00:50 +01:00
Bat
915b9bb0e5 Use env!("CARGO_PKG_VERSION") instead of hardcoding version when possible
See https://doc.rust-lang.org/cargo/reference/environment-variables.html#environment-variables-cargo-sets-for-crates
2018-10-06 18:55:30 +01:00
Bat
387efbf3e9 Change default license to CC-BY-SA
Fixes #258
2018-10-06 18:19:45 +01:00
Baptiste Gelez
00fe11fcbb
Merge pull request #261 from Plume-org/setup-tools
CLI tools
2018-10-06 14:28:13 +01:00
Bat
478e9dcac9 Show your own posts in your feed
Fixes #213
2018-10-06 13:42:57 +01:00
Bat
4d382d8014 Fix compatibility with SQlite
Also fixes a bug in plume-models
2018-10-06 12:59:08 +01:00
Bat
5fa7a2a742 Remove legacy setup script 2018-10-06 12:31:00 +01:00
Baptiste Gelez
b464671cf0
Merge pull request #226 from igalic/feat/sqlite
Add SQLite as supported database
2018-10-06 12:15:00 +01:00
Trinity Pointard
3466e55548 Implement JSON-ld signature verification
Implement JSON-ld signature verification
Move signature verification functions to the proper file
2018-10-06 10:06:06 +02:00
Trinity Pointard
62c94ed463 Refactor and verify http signature on personnal inbox
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Trinity Pointard
0a5d435249 Verify http signatures 2018-10-03 09:31:38 +02:00
Trinity Pointard
d3ed2d8af5 Fix regression and update rocket_csrf
Fix account creation, introduced by fceb9ab
Update to latest rocket_csrf
2018-10-02 11:51:12 +02:00
Bat
07f2c979ec Make the REST API compatible with SQlite 2018-09-30 14:21:07 +01:00
Bat
743620eb6a
Fix the SQlite build 2018-09-30 14:13:56 +02:00
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Baptiste Gelez
236cf14406
Merge pull request #245 from Plume-org/rest-api
Some API endpoints for articles
2018-09-29 16:33:31 +01:00
Bat
72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
Bat
f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Bat
0200a7b223 Only send notifications for mentions if the post is not a draft 2018-09-12 17:00:00 +01:00
Bat
b01212f4a6 Make it impossible to view drafts if you are not the author
Even if you got the URL
2018-09-12 16:58:38 +01:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Baptiste Gelez
13ef50bb78
Merge pull request #212 from zcdunn/add_webapp_manifest
Add webapp manifest
2018-09-10 20:44:44 +01:00
Bat
10da8f31b6 Hide articles on public pages
Only show them in the dashboard
2018-09-10 20:06:00 +01:00
Zachary Dunn
8765b12229 Unwrap option 2018-09-10 14:54:18 -04:00
Bat
8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Zachary Dunn
3a81dd7089 Add webapp manifest 2018-09-10 10:14:08 -04:00
Bat
de3707983a Account deletion
Fixes #182
2018-09-09 20:49:24 +01:00
Bat
54f6e7dfc6 Use a more classical flow for creating comments
Don't locally federate them anymore

It allows us to have them fetched later too
2018-09-09 16:08:53 +01:00
Bat
642884034d Fix build errors 2018-09-09 12:37:20 +01:00
Bat
08cb337df6 Broadcast activities to all known instances
We consider everything posted with Plume public (for the moment at least)
2018-09-09 12:19:11 +01:00
Bat
b4391b55f2 Fix panic because of invalid URL parsing when commenting 2018-09-09 11:53:22 +01:00
Bat
1f2bd105b6 Implement user ban 2018-09-09 11:25:55 +01:00
Bat
c0d0f98d1f Update rocket_csrf and enable protection again 2018-09-09 10:27:03 +01:00
Bat
995c173146 Downgrade Tera + Temporary disable CSRF protection
Bugs in these crates prevented articles from displaying correctly.
2018-09-08 23:09:59 +01:00
Bat
f66ddf6ef2 Actually implement blocks 2018-09-08 22:05:48 +01:00
Bat
0a70ff2594 Merge branch 'master' of github.com:Plume-org/Plume 2018-09-08 20:32:12 +01:00
Bat
f1d5865a16 Instance (un)block endpoint
And hide the block button for the local instance
2018-09-08 20:07:55 +01:00
Bat
c1e0b6c306 Add admin interface to manage interface 2018-09-08 19:54:09 +01:00
Baptiste Gelez
fe7f87c47f
Merge pull request #205 from lthms/recent_rocket
Update to a more recent rocket and rust toolchain
2018-09-08 19:06:52 +01:00
Thomas Letan
0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
0f5f9101b6 Only notify for mention if it is not in a comment
To avoid two similar notifications
2018-09-08 12:53:17 +01:00
Bat
b53a078b49 Edit HTML for old articles without source 2018-09-08 12:05:22 +01:00
Bat
2822f8efe9 Don't show the "Registrations closed" message if there is an error when creating a new user 2018-09-07 20:13:14 +01:00
Bat
3918bd4501 Edit posts 2018-09-07 18:51:53 +01:00
Bat
413e34ac0e Federate article updating 2018-09-06 22:39:22 +01:00
Bat
7152d714ae Add a source property to posts
To store the Markdown
2018-09-06 20:00:55 +01:00
Bat
dd9c4a6a73 Add a page to list articles by tag 2018-09-06 13:06:04 +01:00
Bat
5b3eca63e0 Make it possible to tag articles and display them 2018-09-05 21:18:27 +01:00
Bat
b66d4f73ce Reorganize the homepage 2018-09-05 18:03:02 +01:00
Bat
79348e06ff Add a dedicated page for the federated feed 2018-09-05 15:37:49 +01:00
Bat
1496598a45 User feed 2018-09-05 15:21:50 +01:00
Bat
babb3a81f5 Local timeline 2018-09-04 20:56:27 +01:00
Bat
bba9a56329 Add author biography at the bottom of the post 2018-09-04 14:55:15 +01:00
Bat
94a386ea2c Add subtitles to articles
Fix #152
2018-09-04 12:26:13 +01:00
Bat
7653551d57 Fix some compilation errors 2018-09-04 11:45:41 +01:00
Bat
e508eada26 Federate follow deletion 2018-09-04 11:39:24 +01:00
Bat
dcebc4653a Make it possible to unfollow someone
I was sure it was already implemented, but it looks like it wasn't
2018-09-04 11:37:58 +01:00
Bat
e4810263e3 Make about page accessible even when logged out 2018-09-03 22:48:35 +01:00
Bat
32a4949f25 Update user information if needed
When a remote is displayed, if it has not been updated since at least 24 hours, newer informations are fetched.

Fixes #135
2018-09-03 19:53:20 +01:00
Bat
3373bb66cd Fake password verification when trying to login with inexistant account
Fix #170
2018-09-03 18:04:21 +01:00
Bat
ac631627ab Make it possible to disable registrations
Fix #41
2018-09-03 17:05:45 +01:00
Bat
3013eec579 Redesign menu items 2018-09-03 14:59:02 +01:00
Bat
e2e7d10929 Make it possible to choose an avatar 2018-09-03 13:04:17 +01:00
Bat
772bb350ac Update rocket_csrf to support multipart forms 2018-09-03 10:21:33 +01:00
Bat
99fdb8e680 Media deletion 2018-09-02 22:10:15 +01:00
Bat
f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat
97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00
Bat
092ad5b795 Instance about page
Fixes #39
2018-09-01 17:39:40 +01:00
Bat
b66e8942a9 Fix the deletion route 2018-09-01 16:46:23 +01:00
Bat
cea548b821 Add a way to delete articles
Fixes #116
2018-09-01 16:28:47 +01:00
Bat
7fc5d7b5b0 Fix #167 2018-08-18 12:37:40 +02:00
Bat
ed8982b7fd Add a presentation of Plume and of the instance on the homepage
Fixes #132
2018-07-27 22:16:17 +02:00
Bat
fb2f4e9bcd Take in account instance's default license
Fix #145
2018-07-27 20:31:47 +02:00
Bat
74ec59e77c Add some configuration options for instance admins 2018-07-27 19:05:36 +02:00
Bat
38d99ad5af Try to fetch followers 2018-07-27 12:53:21 +02:00
Bat
812b76b0de Use the creation date from ActivityPub when fetching remote articles 2018-07-27 00:29:21 +02:00
Bat
0314629d99 Improve the background article fetching code 2018-07-26 22:59:41 +02:00
Bat
bd259891f3 Try to fetch remote articles 2018-07-26 22:23:53 +02:00
Bat
5583029b07 Update the WebFinger crate
Fixes an issue with some Mastodon accounts
2018-07-26 21:35:35 +02:00
Bat
ab4af10ce5 Fix a simlar bug on blog pages 2018-07-26 19:10:50 +02:00
Bat
d4a8808f00 Fix a bug on article page 2018-07-26 19:08:18 +02:00
Bat
b42030e831 Try to use only "absolute" links to avoid trailing-slash bugs 2018-07-26 19:00:23 +02:00
Bat
a9f95c91e2 Sent activities in other threads 2018-07-26 17:51:41 +02:00
Bat
58d158238d Use the worker queue to send new articles to other instances 2018-07-26 17:38:22 +02:00
Bat
1e5ad2b086 Add a job pool 2018-07-26 17:32:52 +02:00
Bat
c87d490664 Refactor notifications 2018-07-26 15:46:10 +02:00
Bat
44172b67d5 Add padding for responses in comments, to let threads appear
Fixes #144
2018-07-25 18:18:41 +02:00
Bat
4e07fdbd05 Paginate followers too 2018-07-25 15:50:29 +02:00
Bat
4b0aba62f3 Add pagination for notifications
And correctly close an <a> tag
2018-07-25 15:33:54 +02:00
Bat
18125ab398 Paginate the homepage 2018-07-25 15:20:09 +02:00
Bat
04dac6f87f Add pagination links 2018-07-25 14:29:34 +02:00
Bat
5549e4d0e5 Merge branch 'master' of github.com:Plume-org/Plume 2018-07-24 14:32:11 +02:00
Kevin "Ilphrin" Pellet
cd24b0f057 Show the total number of article on a blog
fixes #150
2018-07-21 16:58:30 +02:00
Bat
67eb41add1 Add pagination to the blog page
No UI to control it yet
2018-07-20 18:42:35 +02:00
Bat
3764e295b8 Fix the link of the follow/unfollow button so that it is always working, even without a trailing slash 2018-07-20 17:59:16 +02:00
Bat
ce256d6e39 List authors of a blog
Update french translation accordingly

Fixes #129
2018-07-18 23:08:49 +02:00
Bat
e3a7eadb78 Do it lazily -_- 2018-07-18 16:03:52 +02:00
Bat
488bd929c5 Try to fix the Hubzilla issue (#107) again 2018-07-18 16:02:21 +02:00
Bat
67dd577a27 Make like and share button HTML forms
Fixes #88
2018-07-11 21:27:47 +02:00
Bat
b59299ad5a Remove the last build warning
The host-meta route is only available in XML anyway, and having warning during is making people doubt of its validity.
2018-07-11 17:31:02 +02:00
Bat
b95e384ed7 Use the ApRequest guard for routes that need it + Fix a few issues with its impl
Also fixes some Rocket warnings!
2018-07-11 17:30:01 +02:00
Bat
3775d3a9c9 HTML validation + Actually associate messages to errors + Fix inverted behavior on new blog and post form 2018-07-07 22:51:48 +02:00
Bat
e5c1b3259d Make LoginForm serializable 2018-07-06 21:59:17 +02:00
Bat
5f3afe900f Display errors on invalid forms
It will probably need a bit of styling…
2018-07-06 19:29:36 +02:00
Bat
153400959c Actually validate forms 2018-07-06 11:51:19 +02:00
Bat
c81bb9ec25 Make forms validatable 2018-06-29 14:56:00 +02:00
Bat
b008e11fb0 Add validator 2018-06-29 14:22:43 +02:00
Bat
1a2cf3b14f What if I use the correct name for the this field?
Fix #81
2018-06-27 20:43:09 +02:00
Bat
68a041711c We can't mix GET and POST (in the comment form)
in_response_to was always null
2018-06-27 00:19:18 +02:00
Bat
9a825e7066 Change the signature of ap_url to be backward-compatible 2018-06-26 17:32:35 +02:00
Trinity Pointard
30e9620d0a Add csrf protection 2018-06-24 18:58:57 +02:00
Bat
68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat
0a1edba4b0 Fix the custom properties deserialization bug for Blogs as well 2018-06-23 15:00:35 +01:00
Bat
e7fd12ae6f Set to and cc for new Follow activities 2018-06-23 13:47:53 +01:00
Bat
3a19cae62e Add id, to and cc for Undo Announce 2018-06-23 13:42:27 +01:00
Bat
a88d0e102f Like: only compute ap_url once 2018-06-23 13:40:10 +01:00