Commit Graph

653 Commits

Author SHA1 Message Date
Ana Gelez
a6c84daa1a
Theming (#624)
* Theming

- Custom CSS for blogs
- Custom themes for instance
- New dark theme
- UI to choose your instance theme
- Option to disable blog themes if you prefer to only have the instance theme
- UI to choose a blog theme
2019-08-21 00:42:04 +02:00
fdb-hiroshima
fb60236a54
update dependancies (#643)
* Bump activitystreams-derive from 0.1.0 to 0.1.1
* Bump tantivy from 0.9.1 to 0.10.1
* Bump rpassword from 3.0.2 to 4.0.1
* Bump num_cpus from 1.10.0 to 1.10.1
* Bump serde_qs from 0.4.6 to 0.5.0
* Bump stdweb-internal-runtime from 0.1.3 to 0.1.4
* [Security] Bump smallvec from 0.6.9 to 0.6.10
* Bump chrono from 0.4.6 to 0.4.7
* Bump bcrypt from 0.4.0 to 0.5.0
* Bump serde_json from 1.0.39 to 1.0.40
* Bump tokio from 0.1.21 to 0.1.22
* Bump scheduled-thread-pool from 0.2.0 to 0.2.2
* Bump stdweb from 0.4.14 to 0.4.18
* Bump hyper from 0.12.29 to 0.12.33
* Bump reqwest from 0.9.17 to 0.9.19
* Bump url from 1.7.2 to 2.1.0
2019-08-14 15:04:30 +02:00
fdb-hiroshima
4f7c20fc26 Fix some federation issue (#573)
* send scheme as part of webfinger remote follow template

fix tsileo/microblog.pub#49

* bump webfinger to 0.4.1

* cargo fmt

* revert translations

* Use group: prefix for blog webfinger queries
2019-07-31 11:38:49 +02:00
Rob Watson
4b205fa995 Store password reset requests in database (#610)
* Store password reset requests in database

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Refactor password reset request expiry handling

* Integrate sqlite

* Fix formatting
2019-06-04 19:55:17 +01:00
Igor Galić
8c59c822b6 refactor code to use Shrinkwraprs and diesel-derive-newtype (#598)
* add shrinkwraprs and implement Id thru it

This also means we can automatically convert Id to String without using
.into()!

* cleanup with the help of clippy!

* cleanup with the help of cargo fmt!

* remove extra block

* Shrinkwrap Page, ContentLen and RemoteForm

* translations
2019-05-25 19:23:45 +01:00
fdb-hiroshima
5579f64dd0
update dependancies (#574)
[Security] Bump ammonia from 2.0.0 to 2.1.1
Bump bcrypt from 0.2.2 to 0.4.0
Bump clap from 2.32.0 to 2.33.0
Bump colored from 1.7.0 to 1.8.0
Bump ctrlc from 3.1.1 to 3.1.2
Bump diesel from 1.4.1 to 1.4.2
Bump dotenv from 0.13.0 to 0.14.0
Bump hyper from 0.12.25 to 0.12.28
Bump openssl from 0.10.19 to 0.10.22
Bump proc-macro2 from 0.4.27 to 0.4.30
Bump reqwest from 0.9.11 to 0.9.16
Bump rpassword from 2.1.0 to 3.0.2
Bump serde_derive from 1.0.80 to 1.0.82
Bump serde_derive from 1.0.89 to 1.0.91
Bump serde from 1.0.89 to 1.0.91
Bump serde_qs from 0.4.5 to 0.4.6
Bump stdweb from 0.4.14 to 0.4.17
Bump syn from 0.11.11 to 0.15.27
Bump whatlang from 0.7.0 to 0.7.1
2019-05-12 10:41:47 +02:00
fdb-hiroshima
773fbfe7c8 cache local instance (#572)
* cache local instance

fix #564

* don't use local instance cache for plm

* use instance cache for plm, but initialize it

* cargo fmt
2019-05-10 21:59:34 +01:00
fdb-hiroshima
c52aac012c
make hashtags work in profile summary (#562)
* make hashtags work in profile summary

fix #541

* cargo fmt
2019-05-04 17:33:50 +02:00
fdb-hiroshima
c9070930d2
Improve notification management (#561)
* Don't notify for comment when mentioned

fix #505

* Don't save notification for remote users

fix #472
2019-05-04 17:15:41 +02:00
fdb-hiroshima
33a0c7dcd3
reduce reqwest timeout to 5s (#557) 2019-04-30 23:30:13 +02:00
Baptiste Gelez
8f1ab3485e
Add some feedback when performing some actions (#552)
* Add a way to display flash messages

* Make the flash messages look nice

* Add actual feedback messages

* cargo fmt

* Move flash messages to PlumeRocket

And add trait to convert PlumeRocket to BaseContext

* Remove useless lifetime
2019-04-30 11:04:25 +01:00
fdb-hiroshima
49bb8cb0bc
import migrations and don't require diesel_cli for admins (#555)
* import migrations via macro

* panic on database not to the latest migration

* add subcommand to plm

* create migration that run tantivy index creation

* remove diesel_cli from places it was

* use our migration system for tests

* create table __diesel_schema_migrations if needed
2019-04-29 16:30:20 +02:00
Baptiste Gelez
ec57f1e687
Remove Canapi (#540)
* Remove Canapi

It added more complexity than it helped.

* Fail if there are many blog, but none was specified

* cargo fmt
2019-04-28 22:17:21 +01:00
Baptiste Gelez
787eb7f399
Federate user deletion (#551)
* Federate user deletion

- When someone deletes their account
- When a local user is banned

Fixes #509

* cargo fmt
2019-04-28 18:01:41 +01:00
Baptiste Gelez
3ad1f6968c
Version bump: 0.3.0 (alpha 2) (#529) 2019-04-19 15:49:46 +01:00
Baptiste Gelez
68dd8602b2
New Crowdin translations (#479)
Enjoy!
2019-04-19 13:59:03 +01:00
fdb-hiroshima
4d4f2ba6ed increase default character limit (#530)
fix #524
2019-04-19 12:00:39 +01:00
fdb-hiroshima
0d708e1639 Add support for remote interact (#519)
Add support for remote interaction ([this thing](https://eldritch.cafe/users/Barmaid/remote_follow) in mastodon)

- [x] create the endpoint dispatching remote interactions to local pages
- [x] add this endpoint to web-finger
- [x] propose remote interaction when following and not connected
- [x] propose remote interaction when liking/sharing and not connected
- [x] propose remote interaction when commenting and not connected
- [x] fetch posts/comments we don't know but remote interaction was requested for ?
2019-04-17 21:09:07 +01:00
Baptiste Gelez
12efe721cc
Big refactoring of the Inbox (#443)
* Big refactoring of the Inbox

We now have a type that routes an activity through the registered handlers
until one of them matches.

Each Actor/Activity/Object combination is represented by an implementation of AsObject

These combinations are then registered on the Inbox type, which will try to deserialize
the incoming activity in the requested types.

Advantages:
- nicer syntax: the final API is clearer and more idiomatic
- more generic: only two traits (`AsActor` and `AsObject`) instead of one for each kind of activity
- it is easier to see which activities we handle and which one we don't

* Small fixes

- Avoid panics
- Don't search for AP ID infinitely
- Code style issues

* Fix tests

* Introduce a new trait: FromId

It should be implemented for any AP object.

It allows to look for an object in database using its AP ID, or to dereference it if it was not present in database

Also moves the inbox code to plume-models to test it (and write a basic test for each activity type we handle)

* Use if let instead of match

* Don't require PlumeRocket::intl for tests

* Return early and remove a forgotten dbg!

* Add more tests to try to understand where the issues come from

* Also add a test for comment federation

* Don't check creation_date is the same for blogs

* Make user and blog federation more tolerant to errors/missing fields

* Make clippy happy

* Use the correct Accept header when dereferencing

* Fix follow approval with Mastodon

* Add spaces to characters that should not be in usernames

And validate blog names too

* Smarter dereferencing: only do it once for each actor/object

* Forgot some files

* Cargo fmt

* Delete plume_test

* Delete plume_tests

* Update get_id docs + Remove useless : Sized

* Appease cargo fmt

* Remove dbg! + Use as_ref instead of clone when possible + Use and_then instead of map when possible

* Remove .po~

* send unfollow to local instance

* read cover from update activity

* Make sure "cc" and "to" are never empty

and fix a typo in a constant name

* Cargo fmt
2019-04-17 18:31:47 +01:00
fdb-hiroshima
12c2078c89
Hide cw pictures behind a summary/details (#483)
* Hide cw pictures behind a summary/details
* refactor md_to_html a bit and add cw support
* use random id for cw checkbox
2019-04-06 19:20:33 +02:00
fdb-hiroshima
eabe73ddc0
Add tests for plume webserver (#513)
* begin setup front-end test environment with selenium
* run migrations before tests
* use https for tests
2019-04-06 17:41:57 +02:00
fdb-hiroshima
26fc2cde5d
use circleci instead of travis (#511)
Upgrade rust-toolchain
Upgrade Tantivy
Warning: tantivy now use a different file format, search index may need to be deleted and recreated to work as intended
try to run compile twice in a row because sometime oomk is evil
2019-04-01 20:28:23 +02:00
Valentin Brandl
c7ee779f51 Delete notifications when deleting comments (#499)
* Implement find_for_comment for notifications

* Delete notifications when deleting a comment

This should tackle #463

* Apply rustfmt

* Implement `find_for_mention` and remove order by from `find_for_comment`

There is no need to order the notifications

* Delete notifications for mentions

* Fix notifications for comments and mentions
2019-03-26 12:45:17 +01:00
Baptiste Gelez
bdfad844d7
Edit blogs, and add blog icons and banners (#460)
Also adds a parameter to `md_to_html` to only render inline elements (so that we don't have titles or images in blog descriptions). And moves the delete button for the blog on the edition page.

I still have to update the SQLite migration once others PRs with migrations will be merged.

Also, there will be a problem when you edit a blog while not owning its banner or icon: when validating they will be reset to their default values… I don't see a good solution to this until we have a better way to handle uploads with Rocket (the same is probably happening for articles btw).

And the icon/banner are not federated yet, I don't know if I should add it to this PR or if it can come after?

![image](https://user-images.githubusercontent.com/16254623/53894510-7d853300-4030-11e9-8a2c-f5c0b0c7f512.png)
![image](https://user-images.githubusercontent.com/16254623/53894539-8b3ab880-4030-11e9-8113-685a27be8d7c.png)

Fixes #453
Fixes #454
2019-03-22 19:51:36 +01:00
fdb-hiroshima
ace6181c99
Allow to change logo from .env (#497)
Fix #273
2019-03-21 11:51:41 +01:00
fdb-hiroshima
65bb50e88f Centralize configuration and add some new config (#494)
Ideally, if someone could review the idea in [this comment](https://github.com/Plume-org/Plume/issues/273#issuecomment-474982184), I'd like to add the implementation to this pr too
2019-03-21 10:30:33 +01:00
Atul Bhosale
b945d1f602 Run 'cargo fmt' to format code (#489) 2019-03-20 17:56:17 +01:00
Igor Galić
732f514da7 Refactor with the help of Clippy (#462)
We add clippy as our build — also rectifying the missing `plume-cli` build!

In the next step we follow clippy's advise and fix some of the "simple" mistakes in our code, such as style or map usage.

Finally, we refactor some hard bits that need extraction of new types, or refactoring of function call-types, especially those that thread thru macros, and, of course functions with ~15 parameters should probably be rethought.
2019-03-19 14:37:56 +01:00
fdb-hiroshima
570d7fe2d0
Add markdown support for summary (#482)
* Add markdown support for summary

* Save both md and html summary
2019-03-17 20:11:29 +01:00
Baptiste Gelez
42dca3daae
Remove some unused #[derive] (#473)
We used to need them, probably when we were using Tera.
2019-03-12 19:40:54 +01:00
Baptiste Gelez
fe6e69d7c4
Add a fqn field to blogs and users (#457)
Fixes #319
2019-03-06 18:28:10 +01:00
Baptiste Gelez
eff2698664
Slightly improve the media experience (#452)
* Slightly improve the media experience

- Use a grid to display the list of media
- Add icons for non-image media preview
- Paginate the gallery
- Add links to the gallery in the editor and in the profile settings to make it more discoverable when you need it

Fixes #432

* Allow video and audio tags in SafeString

Otherwise we can't display their preview, nor show them in articles

Also show controls by default for these two elements

* Show fallback images for audio and unknown files, to make them more visible

* Add a new constructor to SafeString when the input is trusted and doesn't need to be escaped.

And use it to generate media previews.

* Make it possible to insert video/audio in articles
2019-03-06 14:11:36 +01:00
Baptiste Gelez
2a188abfa1
Fix follow IDs (#455)
* Generate valid IDs for Follow

Fixes #449

* Use the new post-insert hook for all the models

* Fix plume-cli build
2019-03-04 21:35:03 +01:00
Baptiste Gelez
9b48b8a846
Update dependencies (#456)
(whatlang especially, since it received an update that removes many build dependencies, making our total dependency count go from 512 to 478)
2019-03-04 20:46:26 +01:00
Baptiste Gelez
e28371bbe4
Add a page listing people someone follows (#444)
Nothing exceptional, the layout is the same as the followers page.

Fixes #325
2019-02-26 13:13:00 +01:00
fdb-hiroshima
64d1944715
Upgrade tantivy to 0.8.2 (#445)
Fix arm build
2019-02-14 08:46:37 +01:00
Baptiste Gelez
77bfe635d7
Update dependencies (#440) 2019-02-13 13:39:30 +01:00
Baptiste Gelez
7eef4643c8
Update rocket_i18n and add gettext_macros (#431)
Internationalization now uses proc-macros that generate the .pot file
automatically.
2019-02-02 15:23:50 +01:00
fdb-hiroshima
716c58cb71 Lowercase extension before detemining media type (#437) 2019-01-27 13:44:09 +01:00
fdb-hiroshima
944a9d08a7
Update dependencies (#428)
* Bump serde from 1.0.82 to 1.0.84
* Bump ructe from 0.5.4 to 0.5.6
* Bump colored from 1.6.1 to 1.7.0
* Bump itertools from 0.7.11 to 0.8.0
* Bump ammonia from 1.2.0 to 2.0.0
* Bump hyper from 0.12.19 to 0.12.20
* Bump serde_derive from 1.0.80 to 1.0.84
* Bump stdweb from 0.4.12 to 0.4.13
* Bump rsass from 0.9.4 to 0.9.6
* Bump failure from 0.1.3 to 0.1.5
* Bump reqwest from 0.9.5 to 0.9.8
* Bump serde_derive from 0.7.1 to 0.8.0
2019-01-18 19:22:36 +01:00
fdb-hiroshima
c4a4ea5b6c Support blind key rotation (#399)
* Allow receiving objects with new unknown key

* Rotate key after sending Delete activity

* Do the right check
2019-01-05 22:30:28 +01:00
fdb-hiroshima
2333d898b9 Add new subcomand for plm to reset password (#406)
* Add new subcomand for plm to reset password

* Verify user exist before asking for new password
2019-01-03 16:45:27 +01:00
Baptiste Gelez
80a4dae8bd
Avoid panics (#392)
- Use `Result` as much as possible
- Display errors instead of panicking

TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug

(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
2018-12-29 09:36:07 +01:00
Baptiste Gelez
4ec2480f50
Post creation API (#307) 2018-12-24 16:42:40 +01:00
fdb-hiroshima
fdfeeed6d9 Comment visibility (#364)
Add some support for comment visibility, fix #217 

This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.

What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
2018-12-24 11:23:04 +01:00
Baptiste Gelez
8ff6332784
I'm not the only one who made Plume è_é (#373) 2018-12-23 17:29:08 +01:00
fdb-hiroshima
5c5cf36b0d
Allow for comment deletion (#363)
* Allow for comment deletion

Receive and emit deletion activity
Add button to delete comment

* Remove debug print and fix copy-past typo

* Improve style of comment deletion button
2018-12-23 11:13:36 +01:00
fdb-hiroshima
0df9c4d400
Give reshare and like ap_url before inserting (#369)
Fix #367
2018-12-23 11:13:02 +01:00
fdb-hiroshima
0ea1d57e48
Fix some federation issues (#357)
* Fix some follow issues

Fix not receiving notifications when followed by remote users
Fix imposibility to be unfollowed by Mastodon/Pleroma users (tested only against Pleroma)

* Fix notification on every post

* Fix issues with federation

Send Link instead of Object when emiting Follow request
Receive both Link and Object for Follow request
Don't panic when fetching user with no followers or posts from Pleroma
Reorder follower routes so Activity Pub one is reachable

* Generate absolute urls for mentions and tags

* Verify author when undoing activity by Link
2018-12-23 11:12:15 +01:00
fdb-hiroshima
ce08346487
Remove ap_url from mention (#362) 2018-12-18 15:03:47 +01:00
Baptiste Gelez
38302203f4
Count items in database as much as possible (#344)
* Count items in database as much as possible

* Fix the tests

* Remove two useless queries

* Run pragma directive before each sqlite connection

* Pragma for tests too

* Remove debug messages
2018-12-14 23:16:18 +01:00
Baptiste Gelez
61b6ceed92
Add some constraint at database level (#342)
* Add some constraint at database level

Fixes #79 and should fix #201 and #113 as well

* Fix tests

Delete duplicated data before adding constraints (only with Postgres, there is no way to do it with Sqlite with complex constraints like the one we are using)

Remove the constraint on media path

* We don't need to drop the media unique constraint anymore

Because we deleted it
2018-12-09 18:44:26 +01:00
Baptiste Gelez
b73fbd3768
License federation (#343)
* Federate license

* Make it possible to use no license
2018-12-09 18:43:34 +01:00
fdb-hiroshima
e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Baptiste Gelez
70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
Trinity Pointard
5f059c3e98 Fix issues with tags and mentions
Fix issue where leading @ or # of a mention/hashtag get duplicated
Fix issue where normal tags were being overwritten by hashtags
2018-12-06 15:10:07 +01:00
Trinity Pointard
d6e220cc8d Actually index post_id in tantivy
Otherwise you can't remove/edit a document
2018-12-04 06:43:32 +01:00
Trinity Pointard
39deede935 Verify signature date
Fix #286
Remove indexed from post_id search field as it was added by mistake
2018-12-04 00:08:55 +01:00
Trinity Pointard
ed71d24fe9 Verify remote user name and media url 2018-12-02 19:09:17 +01:00
fdb-hiroshima
449641d158
Add a search engine into Plume (#324)
* Add search engine to the model

Add a Tantivy based search engine to the model
Implement most required functions for it

* Implement indexing and plm subcommands

Implement indexation on insert, update and delete
Modify func args to get the indexer where required
Add subcommand to initialize, refill and unlock search db

* Move to a new threadpool engine allowing scheduling

* Autocommit search index every half an hour

* Implement front part of search

Add default fields for search
Add new routes and templates for search and result
Implement FromFormValue for Page to reuse it on search result pagination
Add optional query parameters to paginate template's macro
Update to newer rocket_csrf, don't get csrf token on GET forms

* Handle process termination to release lock

Handle process termination
Add tests to search

* Add proper support for advanced search

Add an advanced search form to /search, in template and route
Modify Tantivy schema, add new tokenizer for some properties
Create new String query parser
Create Tantivy query AST from our own

* Split search.rs, add comment and tests

Split search.rs into multiple submodules
Add comments and tests for Query
Make user@domain be treated as one could assume
2018-12-02 17:37:51 +01:00
fdb-hiroshima
74c398d60c
Run cargo clippy on whole project (#322)
* Run cargo clippy on plume-common

Run clippy on plume-common and adjuste code accordingly

* Run cargo clippy on plume-model

Run clippy on plume-model and adjuste code accordingly

* Reduce need for allocation in plume-common

* Reduce need for allocation in plume-model

add a quick compilation failure if no database backend is enabled

* Run cargo clippy on plume-cli

* Run cargo clippy on plume
2018-11-26 10:21:52 +01:00
fdb-hiroshima
8a4702df92 Add unit tests for main model parts (#310)
Add tests for following models:
- Blog
- Instance
- Media
- User
2018-11-24 12:44:17 +01:00
KokaKiwi
0b9727ed28 Generate valid follow Accept activity URI (#317)
For now it only generate a "fake" URI for accept follow activities, but it should be possible to get the URI dereferencable later.

Also I don't know if this URI looks ok, I tried to get something kind of future-proof, but I don't really know about the actual URIs conventions.

Closes #313
2018-11-23 13:23:46 +01:00
Baptiste Gelez
b28411da99
Test with PostgreSQL too (#309)
* Test with PostgreSQL too

* Add 'test' to Travis build stages

* Add test coverage for postgresql
2018-11-07 15:50:24 +01:00
Baptiste Gelez
6b2d9d4221
Tests infrastructure for plume-models (#302)
First step for testing `plume-models`. I only added one test for the moment, but we should add more in future PRs.
2018-11-01 22:23:38 +01:00
Baptiste Gelez
25b7399e7f Only list images for possible covers 2018-10-31 15:07:40 +01:00
Baptiste Gelez
4a2f5aeeeb Display article covers 2018-10-31 15:07:40 +01:00
Baptiste Gelez
95326c09e0 Federate article covers 2018-10-31 15:07:40 +01:00
Baptiste Gelez
485aac2e20 Add an interface to select an article illustration 2018-10-31 15:07:40 +01:00
Baptiste Gelez
ab5edbc6a5 Add a cover field to posts
Referencing the media to use to illustrate the article
2018-10-31 15:07:40 +01:00
Baptiste Gelez
e26a150164 Make Authorization optional for read routes
Only require it when reading draft articles.
2018-10-30 18:13:49 +01:00
Baptiste Gelez
c341179150 ApiToken: rename what to scope 2018-10-30 18:13:49 +01:00
Baptiste Gelez
28fbf35779 Use PhantomData intead of two Options useless for Authorization
And remove some warnings about unused parameters
2018-10-30 18:13:49 +01:00
Baptiste Gelez
0dbf9f519e AppEndpoint.name is required for both the client and server 2018-10-30 18:13:49 +01:00
Baptiste Gelez
31641b1ea1 New request guard: Authorization<Action, Scope>
Filter requests that don't have an API token authorized to read or write
a specific scope;
2018-10-30 18:13:49 +01:00
Baptiste Gelez
9a13d804c5 impl FromRequest for ApiToken
and use it for the posts API
2018-10-30 18:13:49 +01:00
Baptiste Gelez
2394ff424b Add an ApiToken model, and an endpoint to get one 2018-10-30 18:13:49 +01:00
Baptiste Gelez
f2190adfc2 Add an API endpoint to register apps 2018-10-30 18:13:49 +01:00
Baptiste Gelez
4c8a727e9e Add a model for external apps
Stores their name, website, and credentials
2018-10-30 18:13:49 +01:00
Trinity Pointard
76ca76f068 Update tags and hashtags on remote post edition 2018-10-29 20:54:27 +01:00
Trinity Pointard
c4fc656809 Update mentions on remote post edition 2018-10-29 20:54:27 +01:00
Trinity Pointard
f147885f08 Detect if tags are hashtags when receiving new posts 2018-10-29 20:54:27 +01:00
Trinity Pointard
9d7ae694a8 Delete notification on post deletion 2018-10-29 20:54:27 +01:00
Trinity Pointard
2523f3b523 Prevent duplication of mention on post update
and delete mentions and notifications of user no longer mentioned
2018-10-29 20:54:27 +01:00
Trinity Pointard
0bb719830a Fix incorrect media link
Fix #292
2018-10-27 19:21:50 +02:00
Baptiste Gelez
fcf911fac9 ActivityPub: don't delete anything if the actor is not authorized 2018-10-22 16:29:25 +01:00
Baptiste Gelez
fc5acac861
Merge pull request #283 from Plume-org/hashtags
Support hashtags
2018-10-21 13:53:15 +01:00
Trinity Pointard
95ea248518 Add support for hashtag on user interface
Add migration to fix typo
Add support for linking hashtags with posts
Rework tag search page so it says a nicer message than page not found
when no post use that tag
Add new string to translation
2018-10-20 19:27:49 +02:00
Trinity Pointard
4fa3a0f6ee Add support for hashtags in md parser 2018-10-20 16:38:16 +02:00
Trinity Pointard
eca458b0e5 Add support for blog deletion
fix #181
2018-10-20 15:03:59 +02:00
Trinity Pointard
a6e73f4667 Allow tag deletion
Fix #232
2018-10-20 14:05:41 +02:00
Trinity Pointard
4e6f3209d5 Normalize panic message
Change all unwrap to expect
Normalize expect's messages
Don't panic where it could be avoided easily
2018-10-20 08:44:33 +02:00
Trinity Pointard
ed5bafbbc4 Update webfinger and reqwest
Update webfinger to 0.3.1
Update reqwest to 0.9
Fix #257
2018-10-11 13:51:45 +02:00
Baptiste Gelez
8fdb55a501
Merge pull request #256 from Plume-org/verify-signature
Verify activity's signature
2018-10-10 21:31:11 +01:00
Baptiste Gelez
09e7226c23 Don't lowercase URL for requests signatures 2018-10-10 20:23:39 +00:00
Trinity Pointard
ba4695f490 Add support for signature verification on pseudo header
Add support for pseudo-header '(request-target)'
Add some logging for denied request
2018-10-10 21:10:43 +02:00
Bat
3f18cdd38b Add .swp to .gitignore 2018-10-08 20:42:40 +01:00
Bat
4f84b2a3ed Impl SQL traits for SafeString only for the selected backend
Fixes #269
2018-10-08 18:58:15 +01:00
Baptiste Gelez
0469b8dae2
Merge pull request #266 from Plume-org/cc-by-sa
Change default license to CC-BY-SA
2018-10-07 21:28:43 +01:00
Bat
9cc795d8be Replace DB_URL with DATABASE_URL
This way it is shared with diesel, which simplifies a lot the setup

Also fixes a few issues in the documentation, that are not directly related
2018-10-07 11:00:50 +01:00
Bat
387efbf3e9 Change default license to CC-BY-SA
Fixes #258
2018-10-06 18:19:45 +01:00
Bat
d08c21d58d Delete posts when deleting account 2018-10-06 12:37:28 +01:00
Trinity Pointard
62c94ed463 Refactor and verify http signature on personnal inbox
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Trinity Pointard
0a5d435249 Verify http signatures 2018-10-03 09:31:38 +02:00
Bat
07f2c979ec Make the REST API compatible with SQlite 2018-09-30 14:21:07 +01:00
Bat
bd80430b1b
Document model macros 2018-09-30 14:13:56 +02:00
Bat
743620eb6a
Fix the SQlite build 2018-09-30 14:13:56 +02:00
Bat
38d737ed0c
Introduce features to choose between SQlite or Postgres 2018-09-30 14:13:54 +02:00
Igor Galić
88456faf84
align types between sqlite & postgres
this one's achieved by adding "NOT NULL" at the *correct* position in
SQLite's create tables.
2018-09-30 14:13:53 +02:00
Igor Galić
b28bef20a7
align types between sqlite & postgres
use DATETIME for SQLite's time type. This way, Diesel picks up on what
it's supposed to be.
2018-09-30 14:13:52 +02:00
Igor Galić
1f8680c4c5
add sqlite migrations
we move our PostgreSQL specific migrations to a subdirectory.
The SQLite migrations have been created by running `diesel` against a
copy, and then fixing what's broken.
In the end i reduced all modifications to a single create, since we
*are* starting out fresh with SQLite.

n.b.: i'm not entirely happy with the results yet, because diesel
heavily modifies our `plume-models/src/schema.rs`.
I'll keep fiddling until we have the same types between the two
databases.
2018-09-30 14:13:52 +02:00
Igor Galić
e5691f7b23
add sqlite as diesel dependency 2018-09-30 14:13:42 +02:00
Trinity Pointard
d610ed1641 Add verify() to the Signer trait
And implement it for Blog and User
2018-09-30 12:08:04 +02:00
Baptiste Gelez
236cf14406
Merge pull request #245 from Plume-org/rest-api
Some API endpoints for articles
2018-09-29 16:33:31 +01:00
Bat
472da486e9 Fix the canapi::Provider impl for Post 2018-09-25 20:10:18 +01:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Trinity Pointard
fab6360100 Be less restrictive on authorized html tags
Allow users to add ids to tags
Allow users to use iframes
2018-09-19 10:51:27 +02:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
d62c72dde0
allocate new SafeString in FromFormValue impl
thanks to @fdb-hiroshima for this review!
2018-09-14 19:50:59 +02:00
Igor Galić
0897088aa5
add implementation for FromFormValue for SafeString
thanks again to @pwoolcoc for this!
2018-09-14 18:26:42 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Bat
10da8f31b6 Hide articles on public pages
Only show them in the dashboard
2018-09-10 20:06:00 +01:00
Bat
663627c375 Add a default avatar
Really ugly, but is all my skills are permitting
2018-09-09 17:02:16 +01:00
Bat
b48d1694f3 Don't call ap_url for comments, since they are based on posts URLs 2018-09-09 16:22:58 +01:00
Bat
54f6e7dfc6 Use a more classical flow for creating comments
Don't locally federate them anymore

It allows us to have them fetched later too
2018-09-09 16:08:53 +01:00
Bat
642884034d Fix build errors 2018-09-09 12:37:20 +01:00
Bat
08cb337df6 Broadcast activities to all known instances
We consider everything posted with Plume public (for the moment at least)
2018-09-09 12:19:11 +01:00
Bat
1f2bd105b6 Implement user ban 2018-09-09 11:25:55 +01:00
Bat
f66ddf6ef2 Actually implement blocks 2018-09-08 22:05:48 +01:00
Bat
0a70ff2594 Merge branch 'master' of github.com:Plume-org/Plume 2018-09-08 20:32:12 +01:00
Bat
f1d5865a16 Instance (un)block endpoint
And hide the block button for the local instance
2018-09-08 20:07:55 +01:00
Bat
c1e0b6c306 Add admin interface to manage interface 2018-09-08 19:54:09 +01:00
Baptiste Gelez
fe7f87c47f
Merge pull request #205 from lthms/recent_rocket
Update to a more recent rocket and rust toolchain
2018-09-08 19:06:52 +01:00
Thomas Letan
0ef4717a7f deps: Update to a more recent rocket and rust toolchain
With this patch, Plume will be use a more up-to-date revision of
Rocket, that works with nightly-2018-07-17. It may have been able to
make it work with a more recent revision, but it turns out rocket has
introduced several breaking changes so I’d rather fix those.

Besides updating rocket_i18n and rocket_csrf to use the same revision
than Plume, this patch deals with the new implementation of the
Uri<'_> type. It silents a class of warnings, to deal with a change in
rustc which affects diesel. This latter change should be reverted as
soon as diesel releases a new version of its crate.
2018-09-08 15:51:55 +02:00
Bat
0f5f9101b6 Only notify for mention if it is not in a comment
To avoid two similar notifications
2018-09-08 12:53:17 +01:00
Bat
008f2b1d71 Delete notifications when deleting likes/boosts/follows
Fixes #190
2018-09-07 23:29:50 +01:00
Bat
47be1541a7 Fix tag and mentions federation
Vec::append is not returning a value, but modifying the Vec
2018-09-07 21:38:22 +01:00
Bat
3918bd4501 Edit posts 2018-09-07 18:51:53 +01:00
Bat
413e34ac0e Federate article updating 2018-09-06 22:39:22 +01:00
Bat
7152d714ae Add a source property to posts
To store the Markdown
2018-09-06 20:00:55 +01:00
Bat
dd9c4a6a73 Add a page to list articles by tag 2018-09-06 13:06:04 +01:00
Bat
a54d2e9d71 Federate tags 2018-09-06 09:21:08 +01:00
Bat
5b3eca63e0 Make it possible to tag articles and display them 2018-09-05 21:18:27 +01:00
Bat
2b7a5bee93 Add a tag model 2018-09-05 19:05:53 +01:00
Bat
1496598a45 User feed 2018-09-05 15:21:50 +01:00
Bat
babb3a81f5 Local timeline 2018-09-04 20:56:27 +01:00
Bat
d60289aac8 Local instance ID is 1, not 0
This prevented local users from being removed before broadcasting an activity.

Fixes #113
2018-09-04 14:02:01 +01:00
Bat
94a386ea2c Add subtitles to articles
Fix #152
2018-09-04 12:26:13 +01:00
Bat
dcebc4653a Make it possible to unfollow someone
I was sure it was already implemented, but it looks like it wasn't
2018-09-04 11:37:58 +01:00
Bat
32a4949f25 Update user information if needed
When a remote is displayed, if it has not been updated since at least 24 hours, newer informations are fetched.

Fixes #135
2018-09-03 19:53:20 +01:00
Bat
78b3202a32 Reduce a little bit bcrypt cost
From 12 to 10, to make login time shorter.
2018-09-03 17:51:32 +01:00
Bat
820516bfe5 Federate avatars 2018-09-03 13:48:34 +01:00
Bat
e2e7d10929 Make it possible to choose an avatar 2018-09-03 13:04:17 +01:00
Bat
aa5fa11218 Add support for avatars, and fetch remote ones 2018-09-03 12:17:59 +01:00
Bat
a357dae45d Add Markdown code to copy/paste for medias 2018-09-03 11:16:07 +01:00
Bat
15f4a2079f Add support for SVG medias 2018-09-03 10:22:14 +01:00
Bat
99fdb8e680 Media deletion 2018-09-02 22:10:15 +01:00
Bat
f44b6fffa3 Media upload 2018-09-02 21:55:42 +01:00
Bat
0b5eb2c946 Add a Media model 2018-09-02 12:34:48 +01:00
Bat
5af9af60f4 Docs: Add SysVinit snippet
And small fixes
2018-09-02 00:35:30 +01:00
Bat
97c0b533ab Add Atom feeds for blogs and users 2018-09-01 21:08:26 +01:00
Bat
092ad5b795 Instance about page
Fixes #39
2018-09-01 17:39:40 +01:00
Bat
cea548b821 Add a way to delete articles
Fixes #116
2018-09-01 16:28:47 +01:00
Bat
ed8982b7fd Add a presentation of Plume and of the instance on the homepage
Fixes #132
2018-07-27 22:16:17 +02:00
Bat
74ec59e77c Add some configuration options for instance admins 2018-07-27 19:05:36 +02:00
Bat
38d99ad5af Try to fetch followers 2018-07-27 12:53:21 +02:00
Bat
812b76b0de Use the creation date from ActivityPub when fetching remote articles 2018-07-27 00:29:21 +02:00
Bat
0314629d99 Improve the background article fetching code 2018-07-26 22:59:41 +02:00
Bat
bd259891f3 Try to fetch remote articles 2018-07-26 22:23:53 +02:00
Bat
5583029b07 Update the WebFinger crate
Fixes an issue with some Mastodon accounts
2018-07-26 21:35:35 +02:00
Bat
b42030e831 Try to use only "absolute" links to avoid trailing-slash bugs 2018-07-26 19:00:23 +02:00
Bat
5980c7b299 Simplify the logic to fallback to the FQN when no display name is available 2018-07-26 16:36:19 +02:00
Bat
15477875da Fix links for post from remote blogs 2018-07-26 16:19:21 +02:00
Bat
b7aa1790e5 Merge branch 'master' of github.com:Plume-org/Plume 2018-07-26 16:14:48 +02:00
Bat
c87d490664 Refactor notifications 2018-07-26 15:46:10 +02:00
Baptiste Gelez
16fb439ce9
Merge pull request #159 from Ilphrin/master
Add a link to the blog on article cards
2018-07-25 21:40:27 +02:00
Kevin "Ilphrin" Pellet
aaae786fb7 Implement new function to Blog for the view
Added Blog::to_json and Blog::get_fqn
2018-07-25 21:22:42 +02:00
Bat
44172b67d5 Add padding for responses in comments, to let threads appear
Fixes #144
2018-07-25 18:18:41 +02:00
Bat
4e07fdbd05 Paginate followers too 2018-07-25 15:50:29 +02:00
Bat
4b0aba62f3 Add pagination for notifications
And correctly close an <a> tag
2018-07-25 15:33:54 +02:00
Bat
18125ab398 Paginate the homepage 2018-07-25 15:20:09 +02:00
Bat
5549e4d0e5 Merge branch 'master' of github.com:Plume-org/Plume 2018-07-24 14:32:11 +02:00
Kevin "Ilphrin" Pellet
89713526e2 Add a link to the blog on article cards
Fixes #134
2018-07-22 01:42:27 +02:00
Kevin "Ilphrin" Pellet
cd24b0f057 Show the total number of article on a blog
fixes #150
2018-07-21 16:58:30 +02:00
Bat
67eb41add1 Add pagination to the blog page
No UI to control it yet
2018-07-20 18:42:35 +02:00
Bat
b0e75f4d63 Fix the behavior of the follow button
There was a bug in Tera and in the User::is_following function.

Fix #146
2018-07-20 17:51:32 +02:00
Bat
9701340c84 Allow the summary property to be absent from AP Actors 2018-07-19 10:41:37 +02:00
Bat
ce256d6e39 List authors of a blog
Update french translation accordingly

Fixes #129
2018-07-18 23:08:49 +02:00
Bat
493fe731d0 Remove a debug message while we are at it 2018-07-18 19:02:31 +02:00
Bat
2b04b39f5d Correctly parse HTTP Accept headers 2018-07-18 16:58:28 +02:00
Bat
3d436c10b1 Accept more content types when making AP requests 2018-07-18 16:25:02 +02:00
Bat
389ad28d14 Don't broadcast activities to local users
Fix #80
2018-07-18 15:49:13 +02:00
Bat
cf23360c4a Avoid panics when encountering an invalid mention 2018-07-11 22:11:31 +02:00
Bat
f79f01a93f Accept both actor objects and links for Follows 2018-07-08 20:01:19 +02:00
Bat
68a041711c We can't mix GET and POST (in the comment form)
in_response_to was always null
2018-06-27 00:19:18 +02:00
Bat
9a825e7066 Change the signature of ap_url to be backward-compatible 2018-06-26 17:32:35 +02:00
Bat
507d3e6183 Use USE_HTTPS to compute AP URLs
Instead of relying on cfg(debug_assertions)
2018-06-26 16:21:58 +02:00
Bat
f805ec1d53 Introduce an environment variable to disable HTTPS, and use it when fetching WebFinger resources
You can now use USE_HTTPS=0 when debugging the federation locally.
2018-06-26 16:16:59 +02:00
Trinity Pointard
5133410451 Properly verify password
fix #86
2018-06-25 15:38:39 +02:00
Bat
3bc90e71d4 Clean Cargo.toml files 2018-06-23 17:39:58 +01:00
Bat
68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00