Commit Graph

776 Commits

Author SHA1 Message Date
Trinity Pointard
62c94ed463 Refactor and verify http signature on personnal inbox
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Trinity Pointard
0a5d435249 Verify http signatures 2018-10-03 09:31:38 +02:00
Baptiste Gelez
96a97e4949
Fix a typo in README 2018-10-02 13:20:54 +01:00
Trinity Pointard
d3ed2d8af5 Fix regression and update rocket_csrf
Fix account creation, introduced by fceb9ab
Update to latest rocket_csrf
2018-10-02 11:51:12 +02:00
Baptiste Gelez
6738883f2b
Merge pull request #250 from fdb-hiroshima/feature/underlined_links
Add link underline for main body
2018-10-01 12:42:54 +01:00
Bat
07f2c979ec Make the REST API compatible with SQlite 2018-09-30 14:21:07 +01:00
Bat
bd80430b1b
Document model macros 2018-09-30 14:13:56 +02:00
Bat
743620eb6a
Fix the SQlite build 2018-09-30 14:13:56 +02:00
Bat
535c68b423
Run Travis for SQlite too 2018-09-30 14:13:55 +02:00
Bat
38d737ed0c
Introduce features to choose between SQlite or Postgres 2018-09-30 14:13:54 +02:00
Igor Galić
88456faf84
align types between sqlite & postgres
this one's achieved by adding "NOT NULL" at the *correct* position in
SQLite's create tables.
2018-09-30 14:13:53 +02:00
Igor Galić
b28bef20a7
align types between sqlite & postgres
use DATETIME for SQLite's time type. This way, Diesel picks up on what
it's supposed to be.
2018-09-30 14:13:52 +02:00
Igor Galić
1f8680c4c5
add sqlite migrations
we move our PostgreSQL specific migrations to a subdirectory.
The SQLite migrations have been created by running `diesel` against a
copy, and then fixing what's broken.
In the end i reduced all modifications to a single create, since we
*are* starting out fresh with SQLite.

n.b.: i'm not entirely happy with the results yet, because diesel
heavily modifies our `plume-models/src/schema.rs`.
I'll keep fiddling until we have the same types between the two
databases.
2018-09-30 14:13:52 +02:00
Igor Galić
e5691f7b23
add sqlite as diesel dependency 2018-09-30 14:13:42 +02:00
Trinity Pointard
d610ed1641 Add verify() to the Signer trait
And implement it for Blog and User
2018-09-30 12:08:04 +02:00
Trinity Pointard
eafe1ed490 Add content digest to signed http headers
Sign the Digest HTTP header
2018-09-30 12:08:04 +02:00
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Dominik Pataky
31a3e6c825 Revert icon injection 2018-09-29 21:42:51 +02:00
Dominik Pataky
83c4387e94 Add link underline for main body; add link icon
Links in the main body part are now underlined on mouse hover.
<a> tags in the article content are expanded by an icon from
FontAwesome.

Fixes #140
2018-09-29 21:41:02 +02:00
Baptiste Gelez
1e3f40833d
Add a link to Loomio in the README 2018-09-29 19:25:27 +01:00
Bat
6f8630df2e Use <div> for avatars
<img> is displayed as an error without src, in Chrome

Fixes #222
2018-09-29 18:29:22 +01:00
Baptiste Gelez
05f3ecabd6
Merge pull request #248 from maximesrd/patch-4
Bad commands in the update guide
2018-09-29 17:03:33 +01:00
maximesrd
a1530791ef
Update UPDATE.md 2018-09-29 18:00:48 +02:00
Baptiste Gelez
236cf14406
Merge pull request #245 from Plume-org/rest-api
Some API endpoints for articles
2018-09-29 16:33:31 +01:00
Bat
72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
maximesrd
3b288c2dad
Update UPDATE.md 2018-09-29 15:34:59 +02:00
maximesrd
b97b0233da
Update UPDATE.md 2018-09-29 15:34:29 +02:00
maximesrd
db4c939be8
Bad commands 2018-09-29 15:02:17 +02:00
Baptiste Gelez
975f8d0393
Merge pull request #246 from fediverse-pl/master
i18n: Update Polish translation
2018-09-27 19:25:12 +01:00
Marcin Mikołajczak
47eeed1008 i18n: Update Polish translation
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-09-27 12:42:09 +02:00
Bat
f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat
472da486e9 Fix the canapi::Provider impl for Post 2018-09-25 20:10:18 +01:00
Baptiste Gelez
ba3dd3304c
Merge pull request #243 from rhonda/master
Updated German translation
2018-09-25 15:38:58 +01:00
Rhonda D'Vine
88d8fb95c3 Updated German translation 2018-09-25 16:27:59 +02:00
Baptiste Gelez
9650fdbfb5
Merge pull request #242 from Atul9/fix-broken-link
#227 Fix broken link on blog page
2018-09-24 20:35:20 +01:00
Atul Bhosale
3dce53d899
Fix broken link on blog page 2018-09-24 23:46:32 +05:30
Baptiste Gelez
05fb7c9b42
Merge pull request #238 from Plume-org/csrf-issues
Fix CSRF issues
2018-09-21 13:37:35 +01:00
Baptiste Gelez
7afe249a75
Merge pull request #240 from OpenAlgeria/patch-1
Update INSTALL.md
2018-09-20 19:23:49 +01:00
OpenAlgeria
5d21e26406
Update INSTALL.md 2018-09-20 15:21:32 +02:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Trinity Pointard
f0fb030c7f Update recommended nginx config
Update recommended nginx config to allow iframes
close #234
2018-09-19 18:18:39 +02:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Trinity Pointard
fab6360100 Be less restrictive on authorized html tags
Allow users to add ids to tags
Allow users to use iframes
2018-09-19 10:51:27 +02:00
Baptiste Gelez
2bc6052a35
Replace plume by DATABASE_NAME in the docs
To make it clearer you can have multiple Plume instances/databases on the same server, and that this part of the URL may change too.
2018-09-18 21:40:20 +01:00
Baptiste Gelez
d8bfd6d39f
Create ISSUE_TEMPLATE.md 2018-09-18 15:40:17 +01:00
Baptiste Gelez
064c5961e7
Add a CoC
Finally!
2018-09-18 13:59:43 +01:00
Baptiste Gelez
eb24ba1774
Merge pull request #223 from igalic/fix/safe-string
make blog/instance description a SafeString
2018-09-14 20:56:13 +01:00
Igor Galić
fb074e6344
render SafeString thru |safe
thanks again to @fdb-hiroshima for pointing me in the right direction!
2018-09-14 21:44:32 +02:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
d62c72dde0
allocate new SafeString in FromFormValue impl
thanks to @fdb-hiroshima for this review!
2018-09-14 19:50:59 +02:00