Commit Graph

306 Commits

Author SHA1 Message Date
Baptiste Gelez
787eb7f399
Federate user deletion (#551)
* Federate user deletion

- When someone deletes their account
- When a local user is banned

Fixes #509

* cargo fmt
2019-04-28 18:01:41 +01:00
fdb-hiroshima
0d708e1639 Add support for remote interact (#519)
Add support for remote interaction ([this thing](https://eldritch.cafe/users/Barmaid/remote_follow) in mastodon)

- [x] create the endpoint dispatching remote interactions to local pages
- [x] add this endpoint to web-finger
- [x] propose remote interaction when following and not connected
- [x] propose remote interaction when liking/sharing and not connected
- [x] propose remote interaction when commenting and not connected
- [x] fetch posts/comments we don't know but remote interaction was requested for ?
2019-04-17 21:09:07 +01:00
Baptiste Gelez
12efe721cc
Big refactoring of the Inbox (#443)
* Big refactoring of the Inbox

We now have a type that routes an activity through the registered handlers
until one of them matches.

Each Actor/Activity/Object combination is represented by an implementation of AsObject

These combinations are then registered on the Inbox type, which will try to deserialize
the incoming activity in the requested types.

Advantages:
- nicer syntax: the final API is clearer and more idiomatic
- more generic: only two traits (`AsActor` and `AsObject`) instead of one for each kind of activity
- it is easier to see which activities we handle and which one we don't

* Small fixes

- Avoid panics
- Don't search for AP ID infinitely
- Code style issues

* Fix tests

* Introduce a new trait: FromId

It should be implemented for any AP object.

It allows to look for an object in database using its AP ID, or to dereference it if it was not present in database

Also moves the inbox code to plume-models to test it (and write a basic test for each activity type we handle)

* Use if let instead of match

* Don't require PlumeRocket::intl for tests

* Return early and remove a forgotten dbg!

* Add more tests to try to understand where the issues come from

* Also add a test for comment federation

* Don't check creation_date is the same for blogs

* Make user and blog federation more tolerant to errors/missing fields

* Make clippy happy

* Use the correct Accept header when dereferencing

* Fix follow approval with Mastodon

* Add spaces to characters that should not be in usernames

And validate blog names too

* Smarter dereferencing: only do it once for each actor/object

* Forgot some files

* Cargo fmt

* Delete plume_test

* Delete plume_tests

* Update get_id docs + Remove useless : Sized

* Appease cargo fmt

* Remove dbg! + Use as_ref instead of clone when possible + Use and_then instead of map when possible

* Remove .po~

* send unfollow to local instance

* read cover from update activity

* Make sure "cc" and "to" are never empty

and fix a typo in a constant name

* Cargo fmt
2019-04-17 18:31:47 +01:00
fdb-hiroshima
c19c094e0c
add diverse links and meta to head (#522) 2019-04-09 15:33:34 +02:00
fdb-hiroshima
12c2078c89
Hide cw pictures behind a summary/details (#483)
* Hide cw pictures behind a summary/details
* refactor md_to_html a bit and add cw support
* use random id for cw checkbox
2019-04-06 19:20:33 +02:00
fdb-hiroshima
eabe73ddc0
Add tests for plume webserver (#513)
* begin setup front-end test environment with selenium
* run migrations before tests
* use https for tests
2019-04-06 17:41:57 +02:00
Marek Ľach
723d2c4600 Grammar corrections followup to #510 (#512)
A very small commit, but let's do all the string corrections while I am already at it :-)

Wraps up #510
2019-04-02 14:08:07 +01:00
fdb-hiroshima
26fc2cde5d
use circleci instead of travis (#511)
Upgrade rust-toolchain
Upgrade Tantivy
Warning: tantivy now use a different file format, search index may need to be deleted and recreated to work as intended
try to run compile twice in a row because sometime oomk is evil
2019-04-01 20:28:23 +02:00
Marek Ľach
2d12524cd1 English source strings corrected (#510)
Requires .po/.pot files to be rebuilt

This resolves #508
2019-04-01 19:09:29 +01:00
Hugh
a674df3a77 Some corrections to English UI text (#506)
* Update some UI strings for more natural English

* Correct message text

* Correct message text

* Update the strings everywhere

Because they are also used as base messages for other languages
2019-03-29 20:12:21 +01:00
Valentin Brandl
c7ee779f51 Delete notifications when deleting comments (#499)
* Implement find_for_comment for notifications

* Delete notifications when deleting a comment

This should tackle #463

* Apply rustfmt

* Implement `find_for_mention` and remove order by from `find_for_comment`

There is no need to order the notifications

* Delete notifications for mentions

* Fix notifications for comments and mentions
2019-03-26 12:45:17 +01:00
Baptiste Gelez
bdfad844d7
Edit blogs, and add blog icons and banners (#460)
Also adds a parameter to `md_to_html` to only render inline elements (so that we don't have titles or images in blog descriptions). And moves the delete button for the blog on the edition page.

I still have to update the SQLite migration once others PRs with migrations will be merged.

Also, there will be a problem when you edit a blog while not owning its banner or icon: when validating they will be reset to their default values… I don't see a good solution to this until we have a better way to handle uploads with Rocket (the same is probably happening for articles btw).

And the icon/banner are not federated yet, I don't know if I should add it to this PR or if it can come after?

![image](https://user-images.githubusercontent.com/16254623/53894510-7d853300-4030-11e9-8a2c-f5c0b0c7f512.png)
![image](https://user-images.githubusercontent.com/16254623/53894539-8b3ab880-4030-11e9-8113-685a27be8d7c.png)

Fixes #453
Fixes #454
2019-03-22 19:51:36 +01:00
fdb-hiroshima
ace6181c99
Allow to change logo from .env (#497)
Fix #273
2019-03-21 11:51:41 +01:00
fdb-hiroshima
65bb50e88f Centralize configuration and add some new config (#494)
Ideally, if someone could review the idea in [this comment](https://github.com/Plume-org/Plume/issues/273#issuecomment-474982184), I'd like to add the implementation to this pr too
2019-03-21 10:30:33 +01:00
Atul Bhosale
b945d1f602 Run 'cargo fmt' to format code (#489) 2019-03-20 17:56:17 +01:00
Igor Galić
732f514da7 Refactor with the help of Clippy (#462)
We add clippy as our build — also rectifying the missing `plume-cli` build!

In the next step we follow clippy's advise and fix some of the "simple" mistakes in our code, such as style or map usage.

Finally, we refactor some hard bits that need extraction of new types, or refactoring of function call-types, especially those that thread thru macros, and, of course functions with ~15 parameters should probably be rethought.
2019-03-19 14:37:56 +01:00
fdb-hiroshima
570d7fe2d0
Add markdown support for summary (#482)
* Add markdown support for summary

* Save both md and html summary
2019-03-17 20:11:29 +01:00
fdb-hiroshima
a2b2e37aa0
Caching (#480)
* add basic caching support

* Use hash of static dir instead of rand

* Add support for ETag
2019-03-16 15:33:28 +01:00
Baptiste Gelez
42dca3daae
Remove some unused #[derive] (#473)
We used to need them, probably when we were using Tera.
2019-03-12 19:40:54 +01:00
Baptiste Gelez
b52b8fc880 Fix wrong condition, resulting in 404 for valid NodeInfo endpoints (#464)
* Fix wrong condition, resulting in 404 for valid NodeInfo endpoints

* Forgot to remove that dbg!
2019-03-12 17:00:23 +01:00
Baptiste Gelez
fe6e69d7c4
Add a fqn field to blogs and users (#457)
Fixes #319
2019-03-06 18:28:10 +01:00
Baptiste Gelez
eff2698664
Slightly improve the media experience (#452)
* Slightly improve the media experience

- Use a grid to display the list of media
- Add icons for non-image media preview
- Paginate the gallery
- Add links to the gallery in the editor and in the profile settings to make it more discoverable when you need it

Fixes #432

* Allow video and audio tags in SafeString

Otherwise we can't display their preview, nor show them in articles

Also show controls by default for these two elements

* Show fallback images for audio and unknown files, to make them more visible

* Add a new constructor to SafeString when the input is trusted and doesn't need to be escaped.

And use it to generate media previews.

* Make it possible to insert video/audio in articles
2019-03-06 14:11:36 +01:00
Baptiste Gelez
a5e0486da0
Make media extension parsing safer (#459)
Only keep it if contains letters and numbers only, otherwise remove it.

To be merged before #452
2019-03-06 14:09:43 +01:00
Baptiste Gelez
2a188abfa1
Fix follow IDs (#455)
* Generate valid IDs for Follow

Fixes #449

* Use the new post-insert hook for all the models

* Fix plume-cli build
2019-03-04 21:35:03 +01:00
Baptiste Gelez
a2b9d7ec44
Password reset (#448)
* Password reset

* Various improvements and fixes for password reset

- Reorganize src/mail.rs to make it  cleaner
- add a build_mail function
- only make the requests invalid after 2 hours
- avoid infintely-growing list of requests by deleting them once completed, or after 24 hours
- avoid sending many requests for the same user
- validate the password reset form

* Avoid locking so many times

Fix durations

* Remove old requests even if the current one is not valid

* Remove unused feature

* Also remove the custom_derive and plugin features while we are at it

* Forgot a 0 è_é

* Avoid panicking while owning a request lock

* Use master branch of lettre so that we can build with the latest OpenSSL

* Fix the debug mailer
2019-02-27 13:29:26 +01:00
Baptiste Gelez
e28371bbe4
Add a page listing people someone follows (#444)
Nothing exceptional, the layout is the same as the followers page.

Fixes #325
2019-02-26 13:13:00 +01:00
zcdunn
7bac70a483 Update nodeinfo (#446)
Fix #433

I added the repo link to Cargo.toml so that `software.repository` could be configurable like @rhaamo suggested. I don't know if it's ok to include `software.repository` without bumping the schema version, but I didn't know if that would break any clients that parse nodeinfo with a hardcoded schema version.
2019-02-17 13:42:59 +01:00
Baptiste Gelez
77bfe635d7
Update dependencies (#440) 2019-02-13 13:39:30 +01:00
Baptiste Gelez
7eef4643c8
Update rocket_i18n and add gettext_macros (#431)
Internationalization now uses proc-macros that generate the .pot file
automatically.
2019-02-02 15:23:50 +01:00
Baptiste Gelez
5880dc1957
Improve search UI (#375) 2019-01-28 13:12:56 +01:00
fdb-hiroshima
e77e4d86e8
Better big form handling (#430)
* Allow customizing max form size from env vars

* Add error page for unprocessable entities

And change default http port to 7878

* Improve char counter: under the editor, more discrete, and give it a default value
2019-01-27 10:55:22 +01:00
zcdunn
06d6bd361a Add categories to web manifest (#434)
This pull request add a `categories` key to the web manifest. The categories key was [recently added](https://www.aaron-gustafson.com/notebook/categories-land-in-the-web-app-manifest/ "Blog post detailing the addition of categories to the spec") to the Web Manifest spec and is a list of categorizations you want to apply to your site that serves as a hint to search engines and webapp catalogs.

The categories can be anything and there is no standardized list of vaues. The W3C is maintaining a list of commonly used values [here](https://github.com/w3c/manifest/wiki/Categories). I added _social_ to Plume's manifest based on that list, but I think eventually allowing a user defined list would be better. I don't know if there's anything in Plume currently that would enable that.
2019-01-24 13:16:48 +01:00
fdb-hiroshima
c4a4ea5b6c Support blind key rotation (#399)
* Allow receiving objects with new unknown key

* Rotate key after sending Delete activity

* Do the right check
2019-01-05 22:30:28 +01:00
fdb-hiroshima
7c8599b0a2
Disallow interaction with medias owned by others (#410)
Notably prevent media deletion by other users
2019-01-05 22:09:57 +01:00
fdb-hiroshima
2896eb1705
Fix login issue (#401)
Regression introduced by 4059a840be
2018-12-31 11:45:59 +01:00
Baptiste Gelez
80a4dae8bd
Avoid panics (#392)
- Use `Result` as much as possible
- Display errors instead of panicking

TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug

(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
2018-12-29 09:36:07 +01:00
fdb-hiroshima
ccba485215
Trim email and username (#386)
Also forbid whitespaces in username
Fix #385
2018-12-25 18:00:21 +01:00
fdb-hiroshima
fdfeeed6d9 Comment visibility (#364)
Add some support for comment visibility, fix #217 

This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.

What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
2018-12-24 11:23:04 +01:00
fdb-hiroshima
5c5cf36b0d
Allow for comment deletion (#363)
* Allow for comment deletion

Receive and emit deletion activity
Add button to delete comment

* Remove debug print and fix copy-past typo

* Improve style of comment deletion button
2018-12-23 11:13:36 +01:00
fdb-hiroshima
0df9c4d400
Give reshare and like ap_url before inserting (#369)
Fix #367
2018-12-23 11:13:02 +01:00
fdb-hiroshima
0ea1d57e48
Fix some federation issues (#357)
* Fix some follow issues

Fix not receiving notifications when followed by remote users
Fix imposibility to be unfollowed by Mastodon/Pleroma users (tested only against Pleroma)

* Fix notification on every post

* Fix issues with federation

Send Link instead of Object when emiting Follow request
Receive both Link and Object for Follow request
Don't panic when fetching user with no followers or posts from Pleroma
Reorder follower routes so Activity Pub one is reachable

* Generate absolute urls for mentions and tags

* Verify author when undoing activity by Link
2018-12-23 11:12:15 +01:00
fdb-hiroshima
ab2998e214
Make Plume compile on release (#365)
* Remove use of String for body parameters

Create SignedJson and implement FromData for it

* Make Travis test on release

* Remove warning when installing and fix coverage
2018-12-22 18:27:21 +01:00
Baptiste Gelez
38302203f4
Count items in database as much as possible (#344)
* Count items in database as much as possible

* Fix the tests

* Remove two useless queries

* Run pragma directive before each sqlite connection

* Pragma for tests too

* Remove debug messages
2018-12-14 23:16:18 +01:00
Baptiste Gelez
b0089e59b7
Remove useless pagination routes (#351)
Rocket 0.4 let us have routes with optional query parameter
2018-12-13 22:20:19 +01:00
Trinity Pointard
fcbaf6eee3 Allow to keep query params in paginate
Fix #349
2018-12-12 00:52:26 +01:00
Baptiste Gelez
b73fbd3768
License federation (#343)
* Federate license

* Make it possible to use no license
2018-12-09 18:43:34 +01:00
fdb-hiroshima
e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Trinity Pointard
b4e4b497ee Works on template
Use uri! to generate links instead of hardcoded urls
Fix #110
Fix invalid links needing to be POST forms
Translate login message for boost and like directly from template
Put js for search in its own file
2018-12-07 12:10:03 +01:00
Baptiste Gelez
70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
Trinity Pointard
5f059c3e98 Fix issues with tags and mentions
Fix issue where leading @ or # of a mention/hashtag get duplicated
Fix issue where normal tags were being overwritten by hashtags
2018-12-06 15:10:07 +01:00