forked from treehouse/mastodon
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
Jenkins
commit
e8aeec4fea
|
|
@ -1,4 +1,5 @@
|
|||
import api from '../api';
|
||||
import { CancelToken } from 'axios';
|
||||
import { throttle } from 'lodash';
|
||||
import { search as emojiSearch } from '../features/emoji/emoji_mart_search_light';
|
||||
import { tagHistory } from '../settings';
|
||||
|
|
@ -11,6 +12,8 @@ import {
|
|||
refreshPublicTimeline,
|
||||
} from './timelines';
|
||||
|
||||
let cancelFetchComposeSuggestionsAccounts;
|
||||
|
||||
export const COMPOSE_CHANGE = 'COMPOSE_CHANGE';
|
||||
export const COMPOSE_SUBMIT_REQUEST = 'COMPOSE_SUBMIT_REQUEST';
|
||||
export const COMPOSE_SUBMIT_SUCCESS = 'COMPOSE_SUBMIT_SUCCESS';
|
||||
|
|
@ -257,13 +260,22 @@ export function undoUploadCompose(media_id) {
|
|||
};
|
||||
|
||||
export function clearComposeSuggestions() {
|
||||
if (cancelFetchComposeSuggestionsAccounts) {
|
||||
cancelFetchComposeSuggestionsAccounts();
|
||||
}
|
||||
return {
|
||||
type: COMPOSE_SUGGESTIONS_CLEAR,
|
||||
};
|
||||
};
|
||||
|
||||
const fetchComposeSuggestionsAccounts = throttle((dispatch, getState, token) => {
|
||||
if (cancelFetchComposeSuggestionsAccounts) {
|
||||
cancelFetchComposeSuggestionsAccounts();
|
||||
}
|
||||
api(getState).get('/api/v1/accounts/search', {
|
||||
cancelToken: new CancelToken(cancel => {
|
||||
cancelFetchComposeSuggestionsAccounts = cancel;
|
||||
}),
|
||||
params: {
|
||||
q: token.slice(1),
|
||||
resolve: false,
|
||||
|
|
|
|||
|
|
@ -94,9 +94,16 @@ class Request
|
|||
class Socket < TCPSocket
|
||||
class << self
|
||||
def open(host, *args)
|
||||
address = IPSocket.getaddress(host)
|
||||
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address)
|
||||
super address, *args
|
||||
outer_e = nil
|
||||
Addrinfo.foreach(host, nil, nil, :SOCK_STREAM) do |address|
|
||||
begin
|
||||
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address.ip_address)
|
||||
return super address.ip_address, *args
|
||||
rescue => e
|
||||
outer_e = e
|
||||
end
|
||||
end
|
||||
raise outer_e if outer_e
|
||||
end
|
||||
|
||||
alias new open
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ class ActivityPub::ProcessAccountService < BaseService
|
|||
|
||||
RedisLock.acquire(lock_options) do |lock|
|
||||
if lock.acquired?
|
||||
@account = Account.find_by(uri: @uri)
|
||||
@account = Account.find_remote(@username, @domain)
|
||||
@old_public_key = @account&.public_key
|
||||
@old_protocol = @account&.protocol
|
||||
|
||||
|
|
|
|||
|
|
@ -77,9 +77,7 @@ module Mastodon
|
|||
]
|
||||
|
||||
config.i18n.default_locale = ENV['DEFAULT_LOCALE']&.to_sym
|
||||
if config.i18n.available_locales.include?(config.i18n.default_locale)
|
||||
config.i18n.fallbacks = [:en]
|
||||
else
|
||||
unless config.i18n.available_locales.include?(config.i18n.default_locale)
|
||||
config.i18n.default_locale = :en
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -55,8 +55,8 @@ Rails.application.configure do
|
|||
# config.action_mailer.raise_delivery_errors = false
|
||||
|
||||
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
|
||||
# the I18n.default_locale when a translation cannot be found).
|
||||
config.i18n.fallbacks = true
|
||||
# English when a translation cannot be found).
|
||||
config.i18n.fallbacks = [:en]
|
||||
|
||||
# Send deprecation notices to registered listeners.
|
||||
config.active_support.deprecation = :notify
|
||||
|
|
|
|||
|
|
@ -55,6 +55,8 @@ module Devise
|
|||
@@ldap_bind_dn = nil
|
||||
mattr_accessor :ldap_password
|
||||
@@ldap_password = nil
|
||||
mattr_accessor :ldap_tls_no_verify
|
||||
@@ldap_tls_no_verify = false
|
||||
|
||||
class Strategies::PamAuthenticatable
|
||||
def valid?
|
||||
|
|
@ -357,5 +359,6 @@ Devise.setup do |config|
|
|||
config.ldap_bind_dn = ENV.fetch('LDAP_BIND_DN')
|
||||
config.ldap_password = ENV.fetch('LDAP_PASSWORD')
|
||||
config.ldap_uid = ENV.fetch('LDAP_UID', 'cn')
|
||||
config.ldap_tls_no_verify = ENV['LDAP_TLS_NO_VERIFY'] == 'true'
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -1,49 +1,53 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
if ENV['LDAP_ENABLED'] == 'true'
|
||||
require 'net/ldap'
|
||||
require 'devise/strategies/authenticatable'
|
||||
require 'net/ldap'
|
||||
require 'devise/strategies/authenticatable'
|
||||
|
||||
module Devise
|
||||
module Strategies
|
||||
class LdapAuthenticatable < Authenticatable
|
||||
def authenticate!
|
||||
if params[:user]
|
||||
ldap = Net::LDAP.new(
|
||||
host: Devise.ldap_host,
|
||||
port: Devise.ldap_port,
|
||||
base: Devise.ldap_base,
|
||||
encryption: {
|
||||
method: Devise.ldap_method,
|
||||
tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS,
|
||||
},
|
||||
auth: {
|
||||
method: :simple,
|
||||
username: Devise.ldap_bind_dn,
|
||||
password: Devise.ldap_password,
|
||||
},
|
||||
connect_timeout: 10
|
||||
)
|
||||
module Devise
|
||||
module Strategies
|
||||
class LdapAuthenticatable < Authenticatable
|
||||
def authenticate!
|
||||
if params[:user]
|
||||
ldap = Net::LDAP.new(
|
||||
host: Devise.ldap_host,
|
||||
port: Devise.ldap_port,
|
||||
base: Devise.ldap_base,
|
||||
encryption: {
|
||||
method: Devise.ldap_method,
|
||||
tls_options: tls_options,
|
||||
},
|
||||
auth: {
|
||||
method: :simple,
|
||||
username: Devise.ldap_bind_dn,
|
||||
password: Devise.ldap_password,
|
||||
},
|
||||
connect_timeout: 10
|
||||
)
|
||||
|
||||
if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password))
|
||||
user = User.ldap_get_user(user_info.first)
|
||||
success!(user)
|
||||
else
|
||||
return fail(:invalid_login)
|
||||
end
|
||||
if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password))
|
||||
user = User.ldap_get_user(user_info.first)
|
||||
success!(user)
|
||||
else
|
||||
return fail(:invalid_login)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def email
|
||||
params[:user][:email]
|
||||
end
|
||||
def email
|
||||
params[:user][:email]
|
||||
end
|
||||
|
||||
def password
|
||||
params[:user][:password]
|
||||
def password
|
||||
params[:user][:password]
|
||||
end
|
||||
|
||||
def tls_options
|
||||
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.tap do |options|
|
||||
options[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if Devise.ldap_tls_no_verify
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)
|
||||
end
|
||||
|
||||
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)
|
||||
|
|
|
|||
|
|
@ -48,6 +48,13 @@ describe Request do
|
|||
expect(a_request(:get, 'http://example.com')).to have_been_made.once
|
||||
end
|
||||
|
||||
it 'executes a HTTP request when the first address is private' do
|
||||
allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
|
||||
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
|
||||
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:4860:4860::8844"], :PF_INET6, :SOCK_STREAM))
|
||||
expect(a_request(:get, 'http://example.com')).to have_been_made.once
|
||||
end
|
||||
|
||||
it 'sets headers' do
|
||||
expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made
|
||||
end
|
||||
|
|
@ -61,7 +68,9 @@ describe Request do
|
|||
end
|
||||
|
||||
it 'raises Mastodon::ValidationError' do
|
||||
allow(IPSocket).to receive(:getaddress).with('example.com').and_return('0.0.0.0')
|
||||
allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
|
||||
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
|
||||
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:db8::face"], :PF_INET6, :SOCK_STREAM))
|
||||
expect{ subject.perform }.to raise_error Mastodon::ValidationError
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue