Commit Graph

793 Commits (385c2eac6fe48baa51fdd54640530a5ac9d1600f)

Author SHA1 Message Date
aschmitz 618df7a5ee Change IDs to strings rather than numbers in API JSON output (#5019)
* Fix JavaScript interface with long IDs

Somewhat predictably, the JS interface handled IDs as numbers, which in
JS are IEEE double-precision floats. This loses some precision when
working with numbers as large as those generated by the new ID scheme,
so we instead handle them here as strings. This is relatively simple,
and doesn't appear to have caused any problems, but should definitely
be tested more thoroughly than the built-in tests. Several days of use
appear to support this working properly.

BREAKING CHANGE:

The major(!) change here is that IDs are now returned as strings by the
REST endpoints, rather than as integers. In practice, relatively few
changes were required to make the existing JS UI work with this change,
but it will likely hit API clients pretty hard: it's an entirely
different type to consume. (The one API client I tested, Tusky, handles
this with no problems, however.)

Twitter ran into this issue when introducing Snowflake IDs, and decided
to instead introduce an `id_str` field in JSON responses. I have opted
to *not* do that, and instead force all IDs to 64-bit integers
represented by strings in one go. (I believe Twitter exacerbated their
problem by rolling out the changes three times: once for statuses, once
for DMs, and once for user IDs, as well as by leaving an integer ID
value in JSON. As they said, "If you’re using the `id` field with JSON
in a Javascript-related language, there is a very high likelihood that
the integers will be silently munged by Javascript interpreters. In most
cases, this will result in behavior such as being unable to load or
delete a specific direct message, because the ID you're sending to the
API is different than the actual identifier associated with the
message." [1]) However, given that this is a significant change for API
users, alternatives or a transition time may be appropriate.

1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html

* Additional fixes for stringified IDs in JSON

These should be the last two. These were identified using eslint to try
to identify any plain casts to JavaScript numbers. (Some such casts are
legitimate, but these were not.)

Adding the following to .eslintrc.yml will identify casts to numbers:

~~~
  no-restricted-syntax:
  - warn
  - selector: UnaryExpression[operator='+'] > :not(Literal)
    message: Avoid the use of unary +
  - selector: CallExpression[callee.name='Number']
    message: Casting with Number() may coerce string IDs to numbers
~~~

The remaining three casts appear legitimate: two casts to array indices,
one in a server to turn an environment variable into a number.

* Back out RelationshipsController Change

This was made to make a test a bit less flakey, but has nothing to
do with this branch.

* Change internal streaming payloads to stringified IDs as well

Per
https://github.com/tootsuite/mastodon/pull/5019#issuecomment-330736452
we need these changes to send deleted status IDs as strings, not
integers.
2017-09-20 14:53:48 +02:00
Akihiko Odaki b1ba673029 Introduce OStatus::TagManager (#5008) 2017-09-19 18:08:08 +02:00
Eugen Rochko 48377dfe46 Fix incomplete account records being read (#4998)
* Fix incomplete account records being read

- Put account processing into redis lock
- Do not save until record is complete

* Fix spaces
2017-09-19 06:53:16 +02:00
Eugen Rochko e9bb7e62b1 Admin interface for listing, adding and removing custom emojis (#5002)
* Admin interface for listing, adding and removing custom emojis

* Only display local ones in the list
2017-09-19 03:52:38 +02:00
unarist 4a4e555fd4 Fix an error when actor json couldn't be fetched in ResolveRemoteAccountService (#4979)
* Fix an error when actor json couldn't be fetched in ResolveRemoteAccountService

* Add specs
2017-09-17 11:54:23 +02:00
Akihiko Odaki d4a1ddd46a Fix filterable_languages method of SettingsHelper (#4966) 2017-09-16 14:59:41 +02:00
ふぁぼ原 c71727ca55 Enable to recognize most kinds of characters as URL paths (#4941) 2017-09-14 18:03:20 +02:00
Eugen Rochko 41d6ada41f Support OpenGraph video embeds (#4897)
* Support OpenGraph video embeds

It's not really OpenGraph, it's twitter:player property, but it's
not OEmbed so that fits. For example, this allows Twitch clips to
be displayed as embeds.

Also, fixes glitch-soc/mastodon#135

* Fix invalid OpenGraph cards being saved through attaching and
revisit URLs after 14 days
2017-09-14 04:11:36 +02:00
ThibG aaac0c5556 Fix refollowing (#4931)
* Make RefollowWorker ActivityPub-only to avoid potential identifier mismatches

* Don't call RefollowWorker on new accounts
2017-09-14 00:05:25 +02:00
Eugen Rochko 34f7c3de25 Fix #4917 - Add missing suspend checks (#4921) 2017-09-13 11:05:02 +02:00
ThibG 284c777b19 [WiP] Whenever a remote keypair changes, unfollow them and re-subscribe to … (#4907)
* Whenever a remote keypair changes, unfollow them and re-subscribe to them

In Mastodon (it could be different for other OStatus or AP-enabled software),
a keypair change is indicative of whole user (or instance) data loss. In this
situation, the “new” user might be different, and almost certainly has an empty
followers list. In this case, Mastodon instances will disagree on follower
lists, leading to unreliable delivery and “shadow followers”, that is users
believed by a remote instance to be followers, without the affected user
knowing.

Drawbacks of this change are:
1. If an user legitimately changes public key for some reason without losing
   data (not possible in Mastodon at the moment), they will have their remote
   followers unsubscribed/re-subscribed needlessly.
2. Depending of the number of remote followers, this may generate quite some
   traffic.
3. If the user change is an attempt at usurpation, the remote followers will
   unknowingly follow the usurper. Note that this is *not* a change of
   behavior, Mastodon already behaves like that, although delivery might be
   unreliable, and the usurper would not have known the former user's
   followers.

* Rename ResubscribeWorker to RefollowWorker

* Process followers in batches
2017-09-12 23:10:40 +02:00
Eugen Rochko 6628ea4a82 Default follows for new users (#4871)
When a new user confirms their e-mail, bootstrap their home timeline
by automatically following a set of accounts. By default, all local
admin accounts (that are unlocked). Can be customized by new admin
setting (comma-separated usernames, local and unlocked only)
2017-09-10 09:58:38 +02:00
Eugen Rochko 86cf6905cc Fix errors preventing UnsubscribeService from working (#4866) 2017-09-09 17:36:27 +02:00
Eugen Rochko dfd9eed84c Add missing reject_media check before avatar download via ActivityPub (#4862) 2017-09-09 13:41:45 +02:00
Eugen Rochko 1a5442204b Fix #4852 - Check if already requested from FollowService (#4855) 2017-09-09 02:02:44 +02:00
Eugen Rochko cc4bc2709d Fix #4850 - When visibility missing from API call to toot, fallback to user preference (#4861) 2017-09-09 02:02:29 +02:00
Eugen Rochko 6fb8be482b Fetch statuses/following/followers numbers from ActivityPub collections (#4840) 2017-09-08 12:00:17 +02:00
Eugen Rochko 883a12cb0f Fix mentions in direct statuses not being delivered via AP (#4806) 2017-09-05 20:55:25 +02:00
Eugen Rochko be4bfd2ec1 Fix some ActivityPub JSON bugs (#4796)
- Fix assumption that `url` is always a string. Handle it if it's an
  array of strings, array of objects, object, or string, both for
  accounts and for objects
- `sharedInbox` is actually supposed to be under `endpoints`, handle
  both cases and adjust the serializer
2017-09-04 18:26:33 +02:00
Eugen Rochko 8847d2fda4 Rename "locked" to "manuallyApprovesFollowers" in ActivityPub (#4779)
See: <https://www.w3.org/wiki/Activity_Streams_extensions#as:manuallyApprovesFollowers>
2017-09-02 23:13:35 +02:00
Eugen Rochko 23682c8593 Make "unfollow" undo pending outgoing follow request too (#4781)
* Make "unfollow" undo pending outgoing follow request too

* Add cancel button to web UI when awaiting follow request approval

* Make the hourglass button do the cancelling
2017-09-02 20:44:41 +02:00
Eugen Rochko 0aa744a8e3 Define missing JSON-LD properties (#4767)
Using _: property names is discouraged, as in the future,
canonicalization may throw an error when encountering that instead
of discarding it silently like it does now.

We are defining some ActivityStreams properties which we expect
to land in ActivityStreams eventually, to ensure that future versions
of Mastodon will remain compatible with this even once that happens.
Those would be `locked`, `sensitive` and `Hashtag`

We are defining a custom context inline for some properties which we
do not expect to land in any other context. `atomUri`, `inReplyToAtomUri`
and `conversation` are part of the custom defined OStatus context.
2017-09-02 14:01:23 +02:00
Eugen Rochko 60ec86be49 Avoid sending some ActivityPub payloads if the receiver will get them through distribution (#4739) 2017-09-01 21:26:01 +02:00
Eugen Rochko e9e271878e Make PreviewCard records reuseable between statuses (#4642)
* Make PreviewCard records reuseable between statuses

**Warning!** Migration truncates preview_cards tablec

* Allow a wider thumbnail for link preview, display it in horizontal layout (#4648)

* Delete preview cards files before truncating

* Rename old table instead of truncating it

* Add mastodon:maintenance:remove_deprecated_preview_cards

* Ignore deprecated_preview_cards in schema definition

* Fix null behaviour
2017-09-01 16:20:16 +02:00
unarist 5a6b15f014 Don't process ActivityPub payload if signature is invalid (#4752)
* Don't process ActivityPub payload if signature is invalid

* Fix style issue
2017-08-31 17:18:49 +02:00
James 2fbae21f05 Guarantee Subscription service first account has proper URL details (#4732)
* Guarantee Subscription service first account has proper URL details

Subscription Service potentially could break if the first user suspended
themselves, creating a situation where the urls that populate throughout
subscription service's PuSH request would cause the remote API to throw 503 errors.

Guaranteeing that the first account picked is not suspended prevents this problem.

* Fix style issue
2017-08-31 15:44:00 +02:00
Eugen Rochko ca76d11434 Forward ActivityPub creates that reply to local statuses (#4709)
* Forward ActivityPub creates that reply to local statuses

* Fix test

* Fix wrong signers
2017-08-30 15:37:02 +02:00
Eugen Rochko 3135d20283 Serialize ActivityPub alternate link into OStatus deletes, handle it (#4730)
Requires moving Atom rendering from DistributionWorker (where
`stream_entry.status` is already nil) to inline (where
`stream_entry.status.destroyed?` is true) and distributing that.

Unfortunately, such XML renderings can no longer be easily chained
together into one payload of n items.
2017-08-29 16:11:05 +02:00
unarist e17945907a Fix deletion of status which has been reblogged (#4728) 2017-08-28 21:38:59 +02:00
Eugen Rochko 6025762ba2 Add ActivityPub serializer for Undo of Announce (#4703) 2017-08-26 15:32:40 +02:00
Eugen Rochko 5147147da9 Add handling of Linked Data Signatures in payloads (#4687)
* Add handling of Linked Data Signatures in payloads

* Add a way to sign JSON, fix canonicalization of signature options

* Fix signatureValue encoding, send out signed JSON when distributing

* Add missing security context
2017-08-26 13:47:38 +02:00
masarakki d8f136cb8b authorize-follow-requests-after-unlocking (#4658) 2017-08-26 12:40:03 +02:00
Eugen Rochko cab7fa158a Add configuration to disable private status federation over PuSH (#4582) 2017-08-24 17:51:32 +02:00
unarist bab7127ac9 Fetch reblogs as Announce activity instead of Note object (#4672)
* Process Create / Announce activity in FetchRemoteStatusService

* Use activity URL in ActivityPub for reblogs

* Redirect to the original status on StatusesController#show
2017-08-24 16:21:42 +02:00
unarist 75ce1235b5 Fix accessing to XML attribute in FetchAtomService (#4668) 2017-08-23 12:25:57 +02:00
unarist 915eda7f88 Ignore empty response in ActivityPub::FetchRemoteStatusService (#4661)
* Ignore empty response in ActivityPub::FetchRemoteStatusService

This fixes `NoMethodError: undefined method `[]' for nil:NilClass` error.

* Check json.nil? in JsonLdHelper#supported_context?
2017-08-22 20:00:49 +02:00
unarist 1cb7c1a273 Fix bugs which OStatus accounts may detected as ActivityPub ready (#4662)
* Fallback to OStatus in FetchAtomService

* Skip activity+json link if that activity is Person without inbox
* If unsupported activity was detected and all other URLs failed, retry with ActivityPub-less Accept header

* Allow mention to OStatus account in ActivityPub

* Don't update profile with inbox-less Person object
2017-08-22 18:30:15 +02:00
Eugen Rochko dccc1a74ad Support more variations of ActivityPub keyId in signature (#4630)
- Tries to avoid performing HTTP request if the keyId is an actor URI
- Likewise if the URI is a fragment URI on top of actor URI
- Resolves public key, returns owner if the owner links back to the key
2017-08-21 22:57:34 +02:00
Eugen Rochko d76bd63226 Do not try to re-subscribe to unsubscribed accounts (#4653) 2017-08-21 17:32:41 +02:00
Eugen Rochko 1a19358b24 ActivityPub migration procedure (#4617)
* ActivityPub migration procedure

Once one account is detected as going from OStatus to ActivityPub,
invalidate WebFinger cache for other accounts from the same domain

* Unsubscribe from PuSH updates once we receive an ActivityPub payload

* Re-subscribe to PuSH unless already unsubscribed, regardless of protocol
2017-08-21 01:14:40 +02:00
Eugen Rochko 44b5084f1d Handle duplicate ActivityPub activities (#4639)
* Handle duplicate ActivityPub activities

Only perform side-effects when record processed for the first time

* Fast-forward repeat follow requests
2017-08-20 16:53:47 +02:00
Yamagishi Kazutoshi ac7fb7c820 Add support for searching AP users (#4599)
* Add support for searching AP users

* use JsonLdHelper
2017-08-14 14:08:34 +02:00
Eugen Rochko 5bc37d814f Require "inbox" to be set on actor to be ActivityPub-ready (#4595) 2017-08-14 11:27:25 +02:00
Yamagishi Kazutoshi ffc125c953 Fix search (regression from #4589) (#4594) 2017-08-14 04:50:56 +02:00
Eugen Rochko 3473aac8d8 Hook up URL-based resource look-up to ActivityPub (#4589) 2017-08-14 02:29:36 +02:00
Eugen Rochko 5516767c75 ActivityPub delivery (#4566)
* Deliver ActivityPub Like

* Deliver ActivityPub Undo-Like

* Deliver ActivityPub Create/Announce activities

* Deliver ActivityPub creates from mentions

* Deliver ActivityPub Block/Undo-Block

* Deliver ActivityPub Accept/Reject-Follow

* Deliver ActivityPub Undo-Follow

* Deliver ActivityPub Follow

* Deliver ActivityPub Delete activities

Incidentally fix #889

* Adjust BatchedRemoveStatusService for ActivityPub

* Add tests for ActivityPub workers

* Add tests for FollowService

* Add tests for FavouriteService, UnfollowService and PostStatusService

* Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService

* Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService

* Add tests for BatchedRemoveStatusService

* Deliver updates to a local account to ActivityPub followers

* Minor adjustments
2017-08-13 00:44:41 +02:00
Eugen Rochko 0e2a3049e7 Add serializing/unserializing of "locked" actor attribute (#4585) 2017-08-12 17:41:03 +02:00
Eugen Rochko f18739fd60 Add ActivityPub inbox (#4216)
* Add ActivityPub inbox

* Handle ActivityPub deletes

* Handle ActivityPub creates

* Handle ActivityPub announces

* Stubs for handling all activities that need to be handled

* Add ActivityPub actor resolving

* Handle conversation URI passing in ActivityPub

* Handle content language in ActivityPub

* Send accept header when fetching actor, handle JSON parse errors

* Test for ActivityPub::FetchRemoteAccountService

* Handle public key and icon/image when embedded/as array/as resolvable URI

* Implement ActivityPub::FetchRemoteStatusService

* Add stubs for more interactions

* Undo activities implemented

* Handle out of order activities

* Hook up ActivityPub to ResolveRemoteAccountService, handle
Update Account activities

* Add fragment IDs to all transient activity serializers

* Add tests and fixes

* Add stubs for missing tests

* Add more tests

* Add more tests
2017-08-08 21:52:15 +02:00
Yamagishi Kazutoshi f95fca19d4 Change RuboCop rules to loose (#4464) 2017-07-31 15:19:13 +02:00
nullkal 977140ed3c Fix an error when a user tries to search nonexistent remote user (regression from #4275) (#4400) 2017-07-27 15:11:59 +02:00
sdukhovni 961f103c35 Allow domain blocks that only reject media without silencing or suspending (#4325)
* Allow domain blocks to reject media without silencing or suspending

* Fix typo

* Hide 'Reject media' button when superfluous, instead of disabling it

* Properly hide 'reject media' checkbox on page load if needed

This may happen when resubmitting the domain block form after an error.

* Don't ask whether undoing a media-only block should be retroactive

* Rename :media_only block to :noop

* Display :noop block as None in frontend, allow blocks that do nothing

* Remove 'coding' line auto-added by emacs
2017-07-24 14:26:55 +02:00
Eugen Rochko cf253b725e Fix #4172 - Mutes now block notifications (#4300) 2017-07-22 16:36:36 +02:00
Eugen Rochko 75ab767791 Fix webfinger retries (#4275)
* Do not raise unretryable exceptions in ResolveRemoteAccountService

* Removed fatal exceptions from ResolveRemoteAccountService

Exceptions that cannot be retried should not be raised. New exception
class for those that can be retried (Mastodon::UnexpectedResponseError)
2017-07-20 01:59:07 +02:00
Sorin Davidoi 04ec8a8f38 fix(push_subscription): Guard against malformed favourite notification (#4271) 2017-07-19 22:37:52 +02:00
Eugen Rochko 81ebd4025a Add ActivityPub attributes to accounts (#4273) 2017-07-19 17:06:46 +02:00
Akihiko Odaki b085c55263 Fix logging in ProcessFeedService (#4270) 2017-07-19 16:02:03 +02:00
Eugen Rochko df59dc6639 Refactor ResolveRemoteAccountService (#4258)
* Refactor ResolveRemoteAccountService

* Remove trailing whitespace

* Use redis locks around critical ResolveRemoteAccountService code

* Add test for race condition of lock
2017-07-19 14:44:04 +02:00
Eugen Rochko 3852032953 Correct OStatus inflection (Ostatus -> OStatus) (#4255) 2017-07-19 01:37:26 +02:00
Akihiko Odaki b0f97d9a87 Introduce Ostatus name space (#4164)
* Wrap methods of ProcessFeedService::ProcessEntry in classes

This is a change same with 002ed7dc62, except
that it has the following changes:

* Revert irrelevant change in find_or_create_conversation
* Fix error handling for RemoteActivity

* Introduce Ostatus name space
2017-07-18 16:39:47 +02:00
Sorin Davidoi 3d4ae604b8 fix(push-subscriptions): Refactor how Sidekiq jobs are handled (#4226) 2017-07-18 16:25:40 +02:00
ThibG 9c1791c546 Optimize uri normalization (#4212)
* Add dependency on idn-ruby to speed up URI normalization

* Use normalized_host instead of normalize.host when applicable

When we are only interested in the normalized host, calling normalized_host
avoids normalizing the other components of the URI as well as creating a
new object
2017-07-15 17:24:35 +02:00
Eugen Rochko c6e46f7421 Fix #2672 - Connect signed PuSH subscription requests to instance domain (#4205)
* Fix #2672 - Connect signed PuSH subscription requests to instance domain

Resolves #2739

* Fix return of locate_subscription

* Fix tests
2017-07-14 23:01:20 +02:00
Eugen Rochko c5fa4aba91 HTTP signatures (#4146)
* Add Request class with HTTP signature generator

Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06

* Add HTTP signature verification concern

* Add test for SignatureVerification concern

* Add basic test for Request class

* Make PuSH subscribe/unsubscribe requests use new Request class

Accidentally fix lease_seconds not being set and sent properly, and
change the new minimum subscription duration to 1 day

* Make all PuSH workers use new Request class

* Make Salmon sender use new Request class

* Make FetchLinkService use new Request class

* Make FetchAtomService use the new Request class

* Make Remotable use the new Request class

* Make ResolveRemoteAccountService use the new Request class

* Add more tests

* Allow +-30 seconds window for signed request to remain valid

* Disable time window validation for signed requests, restore 7 days
as PuSH subscription duration (which was previous default due to a bug)
2017-07-14 20:41:49 +02:00
Eugen Rochko 5138dde794 Fix #4149, fix #1199 - Store emojis as unicode (#4189)
- Use unicode when selecting emoji through picker
- Convert shortcodes to unicode when storing text input server-side
- Do not convert shortcodes in JS anymore
2017-07-14 19:47:53 +02:00
Sorin Davidoi ecab38fd66 Web Push Notifications (#3243)
* feat: Register push subscription

* feat: Notify when mentioned

* feat: Boost, favourite, reply, follow, follow request

* feat: Notification interaction

* feat: Handle change of public key

* feat: Unsubscribe if things go wrong

* feat: Do not send normal notifications if push is enabled

* feat: Focus client if open

* refactor: Move push logic to WebPushSubscription

* feat: Better title and body

* feat: Localize messages

* chore: Fix lint errors

* feat: Settings

* refactor: Lazy load

* fix: Check if push settings exist

* feat: Device-based preferences

* refactor: Simplify logic

* refactor: Pull request feedback

* refactor: Pull request feedback

* refactor: Create /api/web/push_subscriptions endpoint

* feat: Spec PushSubscriptionController

* refactor: WebPushSubscription => Web::PushSubscription

* feat: Spec Web::PushSubscription

* feat: Display first media attachment

* feat: Support direction

* fix: Stuff broken while rebasing

* refactor: Integration with session activations

* refactor: Cleanup

* refactor: Simplify implementation

* feat: Set VAPID keys via environment

* chore: Comments

* fix: Crash when no alerts

* fix: Set VAPID keys in testing environment

* fix: Follow link

* feat: Notification actions

* fix: Delete previous subscription

* chore: Temporary logs

* refactor: Move migration to a later date

* fix: Fetch the correct session activation and misc bugs

* refactor: Move migration to a later date

* fix: Remove follow request (no notifications)

* feat: Send administrator contact to push service

* feat: Set time-to-live

* fix: Do not show sensitive images

* fix: Reducer crash in error handling

* feat: Add badge

* chore: Fix lint error

* fix: Checkbox label overlap

* fix: Check for payload support

* fix: Rename action "type" (crash in latest Chrome)

* feat: Action to expand notification

* fix: Lint errors

* fix: Unescape notification body

* fix: Do not allow boosting if the status is hidden

* feat: Add VAPID keys to the production sample environment

* fix: Strip HTML tags from status

* refactor: Better error messages

* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)

* fix: Error when target_status is nil

* fix: Handle lack of image

* fix: Delete reference to invalid subscriptions

* feat: Better error handling

* fix: Unescape HTML characters after tags are striped

* refactor: Simpify code

* fix: Modify to work with #4091

* Sort strings alphabetically

* i18n: Updated Polish translation

it annoys me that it's not fully localized :P

* refactor: Use current_session in PushSubscriptionController

* fix: Rebase mistake

* fix: Set cacheName to mastodon

* refactor: Pull request feedback

* refactor: Remove logging statements

* chore(yarn): Fix conflicts with master

* chore(yarn): Copy latest from master

* chore(yarn): Readd offline-plugin

* refactor: Use save! and update!

* refactor: Send notifications async

* fix: Allow retry when push fails

* fix: Save track for failed pushes

* fix: Minify sw.js

* fix: Remove account_id from fabricator
2017-07-13 22:15:32 +02:00
Eugen Rochko eb0c9a8831 Fix #4067 - Do not make HTTP round-trip when resolving local URL (#4160) 2017-07-12 00:39:15 +02:00
nightpool 336f1bc5ec Revert "Wrap methods of ProcessFeedService::ProcessEntry in classes (#4151)" (#4157)
This reverts commit 002ed7dc62.
2017-07-11 18:19:16 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) 002ed7dc62 Wrap methods of ProcessFeedService::ProcessEntry in classes (#4151)
ProcessFeedService::ProcessEntry had many methods, so wrap them in classes
representing activities.
2017-07-11 13:37:05 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) 2e3f13788f Remove redundant inclusion (#4150) 2017-07-11 11:55:48 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) 3db69012fd Fix PrecomputeFeedService for filtered statuses (#4148) 2017-07-11 01:00:01 +02:00
abcang 60df44837e Rescue exceptions related to Goldfinger at FetchRemoteStatusService (#4138) 2017-07-10 13:59:29 +02:00
abcang 7ee3ddac47 Rescue exceptions related to Goldfinger (#4044)
* Rescue exceptions related to Goldfinger

* Exclude Goldfinger::SSLError
2017-07-09 17:33:21 +02:00
nullkal 07024f56df Use charlock_holmes instead of nkf at FetchLinkCardService (#4080)
* Specs for language detection

* Use CharlockHolmes instead of NKF

* Correct mistakes

* Correct style

* Set hint_enc instead of falling back and strip_tags

* Improve specs

* Add dependencies
2017-07-08 22:44:31 +02:00
Eugen Rochko 1b16fa4d2f Fix feed author not being enforced in ProcessFeedService (#4092)
Ensure the only allowed author of top-level entries in feed is the person
the feed belongs to (a verified user). Ensure delete events only apply
if the deleted item belonged to that user.
2017-07-07 04:31:40 +02:00
Eugen Rochko 20e15ecfb3 Refactor JSON templates to be generated with ActiveModelSerializers instead of Rabl (#4090) 2017-07-07 04:02:06 +02:00
abcang 8041c97d52 Fix Nokogiri::HTML at FetchLinkCardService (#4072) 2017-07-05 14:54:21 +02:00
abcang 43d97dea48 Rescue exceptions caused by FetchLinkCardService (#4045) 2017-07-03 11:03:34 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) aea653f05d Do not raise an error if PrecomputeFeed could not find any status (#4015) 2017-06-30 13:39:42 +02:00
abcang 572513b0b0 rescue HTTP::ConnectionError (#3992) 2017-06-29 13:04:07 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) f2c73de856 Use multiple pairs for zadd in PrecomputeFeedService (#3990) 2017-06-29 01:25:31 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) fa7649409b Overwrite old statuses with reblogs in PrecomputeFeedService (#3984) 2017-06-28 14:50:23 +02:00
ThibG b9e0e43128 Raise an error if salmon request response is unsatisfactory (#3960) 2017-06-26 19:39:58 +02:00
ThibG ee7952c349 Fix conversations (fixes #3869) (#3870)
* Actually create conversations given explicit URIs

* Try to get the parent toot in before validation, to avoid creating a new conversation
2017-06-20 20:44:32 +02:00
Akihiko Odaki (@fn_aki@pawoo.net) 77dcf442e7 Filter direct statuses in Status.as_home_timeline (#3842)
The classes using Status.as_home_timeline, namely Feed and
PrecomputeFeedService are expected to filter direct statuses as
FanOutWriteService does, but their filtering were incomplete or missing.

This commit solves the problem by filtering direct statuses in
as_home_timeline as the other similar methods such as as_public_timeline
does.
2017-06-20 20:41:23 +02:00
Eugen Rochko 8bed91d94c Rename FollowRemoteAccountService to ResolveRemoteAccountService (#3847)
Rename Activitypub to ActivityPub
2017-06-19 01:51:04 +02:00
ThibG dd67b9e049 Fix #3633 by not spawning RemoteProfileUpdateWorker from FetchRemoteAccountService (#3642) 2017-06-15 11:04:23 +02:00
Eugen Rochko c883e96d95 Fix account delete form not accepting password, update suspended (#3745)
account before removing content for quicker feedback to end-users
2017-06-14 20:30:12 +02:00
Eugen Rochko 6f8f401ea1 Batched remove status service (#3735)
* Make Pubsubhubbub::DistributionWorker handle both single stream entry
arguments, as well as arrays of stream entries

* Add BatchedRemoveStatusService, make SuspendAccountService use it

* Improve method names

* Add test

* Add more tests

* Use PuSH payloads of 100 to have a clear mapping of
1000 input statuses -> 10 PuSH payloads

It was nice while it lasted
2017-06-14 18:01:35 +02:00
Eugen Rochko 1c7e2ddd65 Account deletion (#3728)
* Add form for account deletion

* If avatar or header are gone from source, remove them

* Add option to have SuspendAccountService remove user record, add tests

* Exclude suspended accounts from search
2017-06-14 18:01:27 +02:00
Eugen Rochko 973d6ef93a Fix #2619 - When redis feed is empty, fall back to database (#3721)
* Fix #2619 - When redis feed is empty, fall back to database

* Use redis value to return feed from database only while RegenerationWorker
hasn't finished running

* Fix specs

* Replace usage of reject!
2017-06-14 13:37:03 +02:00
Eugen Rochko 9cda14bd24 Fix regression from #3672 - Do not use pipeline around zscore (#3704) 2017-06-12 03:11:12 +02:00
ThibG 3af5774a71 Fix an error when TagManager.local_url? is called with a bad URI (#3701)
TagManager.local_url? was sometimes called with an URI with a nil host,
leading to a crash in TagManager.local_url?. This fixes moves the
already-existing uri.host.blank? check in front to avoid this case.
2017-06-11 22:53:12 +02:00
Eugen Rochko 8b893afde7 Fix removal of status sending the original status to mentioned users instead of delete Salmon (#3672)
* Fix removal of status sending the original status to mentioned users instead
of delete Salmon, add test

* Create remove_status_service_spec.rb
2017-06-11 17:13:43 +02:00
Yamagishi Kazutoshi d3279a6702 Refactor UpdateRemoteProfileService (#3690) 2017-06-11 10:41:59 +02:00
Eugen Rochko 3fc61534fd Fix #3378 - If favourite/reblog already exists, return it instead of failing (#3641) 2017-06-08 15:07:39 +02:00
ThibG 38f03f6da4 Fixes #3605 by returning account from database in case of race condition (#3606) 2017-06-08 13:40:11 +02:00
Yamagishi Kazutoshi 5da41e0cae Improve RuboCop rules (compatibility to Code Climate) (#3636)
08f8de84eb/Gemfile.lock (L38)
Code Climate is using RuboCop v0.46.0.

Change several rules to maintain compatibility.
2017-06-08 13:24:28 +02:00
Yamagishi Kazutoshi 1844753bda Fix Code Climate failed (regression from #3622) (#3624) 2017-06-07 15:57:59 +02:00
ThibG 13340bdc7a Fixes #3388 by moving re-entrant `shared_status_from_xml` before transaction block (#3622)
Steps to reproduce the original issue:
1. Have two remote accounts, A that you don't follow, and B that you follow.
2. Have A post a toot and reply to it.
3. Boost A's reply from remote account B.

This used to cause the local instance to get A's reply but fail to link it to
the original post.
2017-06-07 12:28:16 +02:00
unarist 5ef958b99f Fix 500 errors on searching invalid URLs (#3613) 2017-06-06 16:44:48 +02:00
ThibG 34e120cd84 Try fixing ThreadResolveWorker calls (#3599)
* Try fixing ThreadResolveWorker calls

From my understanding of ActiveRecord, a transaction is commited as soon as
the exit of the outmost ActiveRecord.transaction block. However, inner
transaction blocks will exit without the transaction being commited.

In this case, ThreadResolveWorker were fired *within* a transaction block,
so moving the call out of it should do the trick. However, this is somewhat
fragile, as this whole codepath could be called within yet another transaction.

* Set status thread within the transaction block if it is immediately available from database
2017-06-06 00:09:14 +02:00
René Klačan b64a43d38f Don't follow account if it's already followed (#3575)
Closes https://github.com/tootsuite/mastodon/issues/3102
2017-06-05 03:24:18 +02:00
takayamaki aa6740c21b change sidekiq queueing to bulk push (#3536) 2017-06-04 00:11:15 +02:00
Yamagishi Kazutoshi 4489e0d6f9 Remove WarmCacheService (#3527)
WarmCacheService is no longer used (removed with cd68e54a7d ).
2017-06-03 14:40:47 +02:00
Matt Jankowski 533a8cc68b Misc tidying and clean ups (#3445)
* Remove trailing whitespace in i18n mailers

* Use query methods instead of #present? on AR attributes

* Delegate Status#account_domain method

* Delegate Mention #account_username and #account_acct methods
2017-05-31 20:38:17 +02:00
Jack Jennings 4e75c71b3e Add status destroy authorization to policy (#3453)
* Add status destroy authorization to policy

* Create explicit unreblog status authorization
2017-05-30 22:56:31 +02:00
Jack Jennings 877b82f63e Move status reblog authorization into policy (#3425) 2017-05-30 15:16:14 +02:00
Jack Jennings faf53a5a3e Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
happycoloredbanana a867644030 Avoid comparing domains when looking for an exact match of a local account (#3336) 2017-05-27 00:55:08 +02:00
Eugen Rochko 1b9b49b01a Fix some nil errors (#3338)
* Fix nil input not handled well in AuthorExtractor concern

* Fix hard error in ProcessFeedService when replied-to status has been deleted

* Fix nil errors in ProcessInteractionService when favourited status
cannot be found
2017-05-27 00:53:38 +02:00
beatrix a977728990 don't notify me when my toot is faved by someone i muted (#3245) 2017-05-23 20:05:52 +02:00
Eugen Rochko cc91569a92 Similarly to #2426, put creation of remote statuses in a transaction, (#3233)
so that public timeline/caching would not encounter incomplete data
2017-05-22 19:35:48 +02:00
Akihiko Odaki 9d32e7f6d5 Use joins for account properties (#3167) 2017-05-20 15:13:51 +02:00
Eugen Rochko 5695449335 Add buttons to block and unblock domain (#3127)
* Add buttons to block and unblock domain

* Relationship API now returns "domain_blocking" status for accounts,
rename "block entire domain" to "hide entire domain", fix unblocking domain,
do not block notifications from domain-blocked-but-followed people, do
not send Salmons to domain blocked users

* Add test

* Personal domain blocks shouldn't affect Salmon after all, since in this
direction of communication the control is very thin when it comes to
public stuff. Best stay consistent and not affect federation in this way

* Ignore followers and follow request from domain blocked folks,
ensure account domain blocks are not created for empty domain,
and avoid duplicates in validation

* Purge followers when blocking domain (without soft-blocks, since they
are useless here)

* Add tests, fix local timeline being empty when having any domain blocks
2017-05-19 21:05:32 +02:00
abcang e3dcaaf0b9 Unify the method of extracting tags (#3138) 2017-05-19 20:19:14 +02:00
Matt Jankowski 4423ed3557 Specs for precompute feed service (#3142)
* Add spec for precompute feed service

* Refactor PrecomputeFeedService

* spec wip
2017-05-19 16:21:52 +02:00
Eugen Rochko 0cafe62561 Account domain blocks (#2381)
* Add <ostatus:conversation /> tag to Atom input/output

Only uses ref attribute (not href) because href would be
the alternate link that's always included also.

Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.

* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute

Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle

* Display "Dismiss notifications" on all statuses in notifications column, not just own

* Add "muted" as a boolean attribute on statuses JSON

For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested

Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column

* Up max class length

* Remove pending test for conversation mute

* Add tests, clean up

* Rename to "mute conversation" and "unmute conversation"

* Raise validation error when trying to mute/unmute status without conversation

* Adding account domain blocks that filter notifications and public timelines

* Add tests for domain blocks in notifications, public timelines
Filter reblogs of blocked domains from home

* Add API for listing and creating account domain blocks

* API for creating/deleting domain blocks, tests for Status#ancestors
and Status#descendants, filter domain blocks from them

* Filter domains in streaming API

* Update account_domain_block_spec.rb
2017-05-19 01:14:30 +02:00
Yamagishi Kazutoshi bd1f7d0b9c Fetch remote image using http.rb (#3114) 2017-05-18 15:43:10 +02:00
Eugen Rochko 93e9f8b3ed Fix #2572 - Resolve preview cards for remote statuses as well as local ones (#3088) 2017-05-17 00:41:15 +02:00
Shunsuke Michii 37c8d4ce7e Make faster ProcessFeedService (#3080)
* Add index accounts on uri.

* Remove a blank line.
2017-05-16 12:12:29 +02:00
Eugen Rochko 5039bc93d5 Feature conversations muting (#3017)
* Add <ostatus:conversation /> tag to Atom input/output

Only uses ref attribute (not href) because href would be
the alternate link that's always included also.

Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.

* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute

Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle

* Display "Dismiss notifications" on all statuses in notifications column, not just own

* Add "muted" as a boolean attribute on statuses JSON

For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested

Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column

* Up max class length

* Remove pending test for conversation mute

* Add tests, clean up

* Rename to "mute conversation" and "unmute conversation"

* Raise validation error when trying to mute/unmute status without conversation
2017-05-15 03:04:13 +02:00
beatrix b460582b67 Revert HTML CW changes (#3020)
* selectively Revert "Fix regressions from #2683 (#2970)"

This reverts commit 3702e2c924.

* Revert "Handle hashtags in spoiler_texts (partial fix for #699) (#2683)"

This reverts commit 4f54465c3b.
2017-05-13 04:03:43 +02:00
Eugen Rochko 12ef99556e Add conversation model, <ostatus:conversation /> (#3016)
* Add <ostatus:conversation /> tag to Atom input/output

Only uses ref attribute (not href) because href would be
the alternate link that's always included also.

Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.

* Fix conversation migration

* More spec coverage for status before_create

* Prevent n+1 query when generating Atom with the new conversations

* Improve code style

* Remove redundant local variable
2017-05-12 19:09:21 +02:00
Eugen Rochko b5091f16f0 Fix not rejecting remote URIs when parsing out local IDs (#3012) 2017-05-12 16:47:55 +02:00
Eugen Rochko db707c7af3 Fix #1426 - Trim long usernames in public follower/following lists (#2993)
Fix #2221 - Catch OpenSSL exceptions when loading remote avatars/headers/attachments
Don't strip "rel" attribute from <a> tags when sanitizing (microformats)
2017-05-11 23:14:00 +02:00
Eugen Rochko 3702e2c924 Fix regressions from #2683 (#2970)
* Fix regressions from #2683

Properly format spoiler text HTML, while keeping old logic for blankness intact
Process hashtags and mentions in spoiler text
Format spoiler text for Atom
Change "show more" toggle into a button instead of anchor
Fix style regression on dropdowns for detailed statuses

* Fix lint issue

* Convert spoiler text to plaintext in desktop notifications
2017-05-11 00:28:10 +02:00
Eugen Rochko ee7719d540 Fix #2955 - Send HEAD request ahead of GET when fetching URL previews (#2972) 2017-05-10 23:30:07 +02:00
alpaca-tc d0c0fed791 Add `account_id DESC` to optimize PrecomputeFeedService (#2967) 2017-05-10 20:33:32 +02:00
R Tucker 4f54465c3b Handle hashtags in spoiler_texts (partial fix for #699) (#2683)
* services: scan spoiler_text for hashtags (#699)

* views: link hashtags from spoiler_texts

This covers linking hashtags from within the spoiler
text on the server-generated pages.

* services: fix string concat going into hashtag RE

Cleaner Ruby syntax, may handle immutable strings better
2017-05-10 04:47:25 +02:00
Eugen Rochko 221898cc90 Add spec for Pubsubhubbub::DistributionWorker. PuSH-deliver public items (#2954)
to all subscribers. IDN-normalize callback URLs for subscriptions on insert.
2017-05-10 02:55:43 +02:00
Matt Jankowski b188aeb0e7 Specs for pubsub subscribe service (#2951)
* Add spec for pubsubhubbub/subscribe

* Refactor pubsubhubbub/subscribe service
2017-05-09 20:48:30 +02:00
Matt Jankowski 87ef624429 Spec and refactor for pubsubhubbub/unsubscribe service (#2946)
* Add coverage for pubsub unsubscribe service

* Refactor pubsub unsubscribe service
2017-05-09 19:58:18 +02:00
Matt Jankowski c298bcbb49 Services specs for subscribe and unsubscribe (#2928)
* Add specs for unsubscribe service

* Fix non existent methods in unsubscribe service

* Clean up status handling in subscribe service
2017-05-09 00:45:02 +02:00
Matt Jankowski d2aae2c2e0 Unblock domain service specs/refactor (#2867)
* Add spec for unblock domain service

* Refactor UnblockDomainService
2017-05-07 14:44:28 +02:00
alpaca-tc ea2e2f4857 Hotfix convert string from symbol (#2856)
* Convert key to string from symbol

* Prefer :public_send instead of
2017-05-06 23:06:52 +02:00
alpaca-tc 1f1ce0291f Refactor domain_blocks_controller (#2843)
* Set domain_block by before_action

* Cast value with ActiveRecord::Type

* Batch update
2017-05-06 17:03:34 +02:00
alpaca-tc 0f6ae77634 Optimize MuteService and AfterBlockService (#2836) 2017-05-06 16:31:07 +02:00
alpaca-tc 2bb3b70454 Handling failed http response (#2823) 2017-05-06 12:55:59 +02:00
Matt Jankowski b6b297a297 Move account header and avatar methods to a concern (#2825) 2017-05-05 21:37:02 +02:00
Matt Jankowski dc50a231de Add specs (and refactor) of FetchRemoteResourceService and SearchService (#2812)
* Coverage for fetch remote resource service

* Refactor fetch remote resource service

* Coverage for search service

* Refactor search service
2017-05-05 17:26:04 +02:00
Eugen Rochko c32e312061 More robust PuSH subscription refreshes (#2799)
* Fix #2473 - Use sidekiq scheduler to refresh PuSH subscriptions instead of cron

Fix an issue where / in domain would raise exception in TagManager#normalize_domain

PuSH subscriptions refresh done in a round-robin way to avoid hammering a single
server's hub in sequence. Correct handling of failures/retries through Sidekiq (see
also #2613). Optimize Account#with_followers scope. Also, since subscriptions
are now delegated to Sidekiq jobs, an uncaught exception will not stop the entire
refreshing operation halfway through

Fix #2702 - Correct user agent header on outgoing http requests

* Add test for SubscribeService

* Extract #expiring_accounts into method

* Make mastodon:push:refresh no-op

* Queues are now defined in sidekiq.yml

* Queues are now in sidekiq.yml
2017-05-05 02:23:01 +02:00
alpaca-tc a206fa8037 Delete records in smaller transaction (#2802) 2017-05-04 23:44:39 +02:00
Yamagishi Kazutoshi 93ec05f976 Decode IDNA in PreviewCard (#2781) 2017-05-04 15:52:08 +02:00
Eugen Rochko 78df86a7c8 Likely fix #2458, fix #2031 - handle out-of-order deletes for statuses (#2734)
* Likely fix #2458, fix #2031 - handle out-of-order deletes for statuses

If a delete arrives before the original status, cache that information
for 6h, and if the original status arrives in that window, ignore it

* Add test case
2017-05-04 04:34:57 +02:00
Eugen Rochko 91a8a5eab8 Fix #2706 - Always respond with 200 to PuSH payloads (#2733)
Fix #2196 - Respond with 201 when Salmon accepted, 400 when unverified
Fix #2629 - Correctly handle confirm_domain? for local accounts
Unify rules for extracting author acct from XML, prefer <email>, fall back
to <name> + <uri> (see also #2017, #2172)
2017-05-03 17:02:18 +02:00
yhirano 7c65bcbdb7 Downgrade rubocop 0.48.1 => 0.46.0 (#2628)
* downgrade rubocop 0.48.1 => 0.46.0

* exclude vendor/**/* from rubocop target files

* add frozen_string_literal comment line

* fix percent literal delimited by ( and )

* fix alignment

* remove comment disabling unknown cop
2017-04-30 00:23:45 +02:00
Patrick Figel ae0c77c5d1 Set unknown attachment type when adding domain blocks (#2605)
Follow-up to #2599. When a domain block with `reject_media` is
added or `rake mastodon:media:remove_remote` is invoked, mastodon
deletes the locally cached attachments and avatars but does not
reflect that change in the database, causing the `file` fields to
still have values. This change persists the deletion in the
database and sets the attachment type to unknown.

This also introduces a one-off rake task that sets all attachments
without a local file to the "unknown" type. The upgrade notes for
the next release should contain a post-upgrade step with
`rake mastodon:media:set_unknown`.
2017-04-29 02:44:03 +02:00
Eugen Rochko 97dff125a8 Improve shared status verification (#2525)
* Instead of parsing shared status contents verbatim, make roundtrip
to purported original URL. Confirm that the "original" URL is from the
same domain as the author it claims to be from.

* Fix obvious typo, add comment

* Use URI look-up first

* Add test, update Goldfinger dependency to make less useless HTTP requests per Webfinger lookup
2017-04-27 17:06:47 +02:00
Eugen Rochko 4a7dc4fadc OEmbed support for PreviewCard (#2337)
* OEmbed support for PreviewCard

* Improve ProviderDiscovery code failure treatment

* Do not crawl links if there is a content warning, since those
don't display a link card anyway

* Reset db schema

* Fresh migrate

* Fix rubocop style issues
Fix #1681 - return existing access token when applicable instead of creating new

* Fix test

* Extract http client to helper

* Improve oembed controller
2017-04-27 14:42:22 +02:00
Matt Jankowski 89255db0d8 Domain block service cleanup (#2490)
* Add coverage for domain block service with silence

* Get rid of warning about find_each and order

* Move domain_block to attr_reader

* Move optional clear_media into silence_accounts method

* Use blocked_domain method to reduce passed vars

* Extract blocked_domain_accounts method to find accounts on the domain

* Extract media_from_blocked_domain method to find relevant attachments

* Separate destruction of account images and account attachments
2017-04-26 20:09:01 +02:00
Keiji, Yoshimi 8e7c858877 attach_media should be in transaction of creation status (#2426) 2017-04-26 03:47:44 +02:00
Eugen Rochko 553d6a1ea6 Fix #2402 - Add Idempotency-Key header to PostStatusService that prevents (#2419)
duplicates. Web UI regenerates UUID for that header every time the compose
form is changed or successfully submitted

Also, fix Farsi i18n overwriting the English one
2017-04-25 15:04:49 +02:00
178inaba 1b6e534850 Optimize account search (#2421) 2017-04-25 04:44:43 +02:00
Eugen 87f7a3922c Punycode URI normalization (#2370)
* Fix #2119 - Whenever about to send a HTTP request, normalize the URI

* Add test for IDN request in FetchLinkCardService

* Perform IDN normalization on domains before they are stored in the DB
2017-04-25 02:47:31 +02:00
Yamagishi Kazutoshi 45bee6a000 Show multibyte URI preview card (#2363) 2017-04-23 19:08:59 +02:00
Eugen 1ccf2c8e52 Improve bio compatibility (#2278)
* Fix #1057 (close #1819) - Move HTML-formatted bio from <poco:note /> to <summary type="html" />

* Ensure <poco:note /> is plaintext for remote accounts, also, by stripping out HTML
2017-04-22 03:33:24 +02:00
ik-fib 3d7666f63c Add Mastodon version to user agent (#2253) 2017-04-21 17:26:23 +02:00
Eugen a38b05112e Fix possibility of unrightful webfinger redirect (#2147)
* Fix possibility of unrightful webfinger redirect

* Add more tests for FollowRemoteAccountService
2017-04-19 17:28:35 +02:00
Matt Jankowski 4591c7dbdb Language detection refactor (#2099)
* Extract detect_language to separate class

* Use default locale, not just en

* Add spec to confirm that whatlanguage cant identify empty string

* Allow account locale to override default in language detector

* PostStatusService supplies an account to detect language
2017-04-18 22:20:12 +02:00
ik-fib 1b8613bc7a Add "Mastodon" to user agent (#2073)
Remove non-const version string

Freeze option is unnecessary
2017-04-18 16:04:13 +02:00
Tomohiro Suwa a9f4feb735 Fix nil query_username (#2013) 2017-04-17 19:57:02 +02:00
Keiji, Yoshimi 4863184f88 reduce unneed query when post without attachements. (#1907)
* reduce unneed query when post without attachements.

This commit reduce following query:

```
 MediaAttachment Load (0.9ms)  SELECT "media_attachments".* FROM "media_attachments" WHERE "media_attachments"."status
_id" IS NULL AND 1=0 ORDER BY id asc
```

* fixed for more simple changes.
2017-04-17 04:23:13 +02:00
Eugen 6e801f4030 Fix #1957 - WhatLanguage can return null. Fallback to 'en' (#1959) 2017-04-16 23:12:19 +02:00
Eugen b9b9edd4c8 Add language detection (#1772)
* Add language detection via WhatLanguage and (de)serialization of it through Atom

* Fix default language in ProcessFeedService

* Re-add newline before 'react-rails' Gem to fix groupings

Fixes Code Climate issue
2017-04-16 20:32:17 +02:00
alpaca-tc 5c2010661a Check @recipient.user at the first (#1939) 2017-04-16 18:04:05 +02:00
Eugen c2b4bafc33 Fix #1813 - Alleviate extra requests when processing mentions (#1938)
The <link rel="mentioned" /> tag refers to accounts by href. So we were
matching the DB by the url attribute, and falling back to HTTP look-up.
However, GS and Mastodon use profile URLs as URIs, too, and the match
for that was missing. This could potentially alleviate some extra network
requests
2017-04-16 18:01:48 +02:00
Matt Jankowski 3052fe93ba Clean up check that account needs a webfinger update (#1932) 2017-04-16 16:38:29 +02:00
alpaca-tc 2aae4c5531 Fixed NoMethodError in UnfollowService (#1918) 2017-04-16 14:55:43 +02:00
Eugen ba6b4c6e62 Make file attachment on MediaAttachment optional (#1865)
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
2017-04-16 12:51:30 +02:00
alpaca-tc efb88aae30 ActiveRecord::Relation does not respond to `#id` (#1834) 2017-04-15 13:16:24 +02:00
Matt Jankowski 0d9e4aaaaf Account search service refactor (#1791)
* Begin coverage for account search service

* Coverage for hashtag query

* Coverage for calling local vs remote find based on domain presence

* Spec to check that exact matches are not duped

* Coverage of resolve option

* Coverage for account being provided

* Start to refactor account search service

* Isolate query username and domain methods

* Isolate exact_match method

* Extract methods for local and remote results

* Simplify local vs remote and account isoliation

* Extract methods for local and remote results

* Simplify de-dupe of exact match

* Simplify logic to check for non exact remotes

* Cache some methods

* Remove nil from exact_match from results array

* Return exact matches first

* Use find_remote even with no domain

Account.find_local is just an alias for Account.find_remote(user, nil) - so we
can not bother with the conditional here, and call find_remote directly.
2017-04-15 03:17:07 +02:00
ThibG 626e7d1548 Refresh webfinger (#1323)
* Refresh local info for remote accounts when webfinger returns new values

It only refreshes account info if one of the URLs or the public-key changes,
in which cases it refreshes the full info, re-downloading the feeds from that
user.

Some special handling should probably be done when the public key changes,
but I have been unable to find any use for it in Mastodon yet.

* Re-fetch remote users we aren't subscribed to.

This might induce performance issues, we might want to only do that for users
we explicitly attempted to subscribe but failed to.

* Refactor changes

* Do not refresh existing remote account details more than once a day

* Avoid re-fetching webfinger info in tests unless otherwise specified
2017-04-15 03:16:05 +02:00
ThibG c45c67c2ac Allow running mastodon on a different domain as the one used for identifying users (#1267)
* Allow running mastodon on a different domain as the one used for identifying users

* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing

* Compare to web_domain instead of local_domain when dealing with feeds/API

* Correctly identify mentions to local accounts

Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
2017-04-15 02:15:46 +02:00
Matt Jankowski 8ed4ecb7e4 Silence more scope order warnings (#1604) 2017-04-12 15:58:08 +02:00
Matt Jankowski 9a30c564b6 Remove unused AtomBuilderHelper (#1364)
This was used in the views/atom/user_stream.xml.ruby file, which no longer is
used.
2017-04-11 19:31:22 +02:00
ThibG e326eb53dd Get handle from atom feed's author/email field instead of guessing from URL (#1344)
The goal of this change is to enhance Mastodon's handling of remote domains
for which the APIs reside on a different host (see issue #1032).

Indeed, when a remote user unknown to Mastodon is mentionned, only its profile
URL (e.g. https://social.example.org/users/User) is known, and Mastodon has to
build a @username@domain handle for it. To do so, Mastodon fetches the user's
atom feed (e.g., https://social.example.org/users/User.atom) and uses its
content to get the username part of the handle, and the URL's host part to
build the domain (e.g., @User@social.example.org). This handle is then used
for a Webfinger request.

In the case where example.org serves the Webfinger info for @User@example.org
and all feeds and APIs are hosted at social.example.org, Mastodon will still
build @User@social.example.org and fail at resolving the account's details
through Webfinger.

This patch changes this behaviour by using the author's email address from
the atom feed to build the handle. In Mastodon-generated atom feeds, the
email address is always the handle it expects for federation.
2017-04-09 18:43:48 +02:00
Eugen 697e4da6cb Fix #1141, fix #1126 - Avatar/profile info fetching (#1215)
* Fix #1141, fix #1126 - Work through UpdateRemoteProfileService for both <feed> and <entry> top-level tags

* Improve code quality, remove line unrelated to fix
2017-04-08 13:26:03 +02:00
Eugen 0b8bd5a9ce Merge pull request #1218 from R0ckweb/patch-2
Fix #1141 on remote follow
2017-04-08 11:37:13 +02:00
Yann GUERN 33b00dd70f #1141 on remote follow
The async action is send before persist, account.id not yet generated

Pull queue receive 'nil' so no profile update.
2017-04-08 03:24:35 +02:00
Eugen Rochko 81b7c81200 Fix #801 - Respect webfinger's canonical response of username/domain 2017-04-08 01:07:42 +02:00
Chad Pytel 1a82d2bde6 Use I18n for media attachment validation errors
These are currently user facing errors, but are not localized. This adds the
ability for these messages to be localized.
2017-04-07 14:23:18 -04:00
Eugen 24c77e57b2 Rewrite Atom generation from stream entries to use Ox instead of Nokogiri (#1124)
* Rewrite Atom generation from stream entries to use Ox instead of Nokogiri::Builder

StreamEntry is now limited to only statuses, which allows some optimization. Removed
extra queries on AccountsController#show. AtomSerializer instead of AtomBuilderHelper
used in AccountsController#show, StreamEntriesController#show, StreamEntryRenderer
and PubSubHubbub::DistributionWorker

PubSubHubbub::DistributionWorker moves n+1 DomainBlock query to PubSubHubbub::DeliveryWorker
instead.

All Salmon slaps that aren't based on StreamEntry still use AtomBuilderHelper and Nokogiri

* All Salmon slaps now use Ox instead of Nokogiri. No touch from status on account
2017-04-07 05:56:56 +02:00
Eugen Rochko 0db2a0c7c4 Fix wrong pubsub channel on public timelines 2017-04-06 04:03:23 +02:00
Eugen Rochko fb6459d303 Fix notifications delivered to wrong pubsub channel, optimized RemoveStatusService,
slightly optimized FanOutOnWriteService again
2017-04-06 02:26:59 +02:00
Eugen Rochko cd68e54a7d Split SalmonWorker into smaller parts, move profile updating into another job 2017-04-05 21:43:10 +02:00
Eugen Rochko 5189ce9cd1 Replace calls to FeedManager#inline_render and #broadcast 2017-04-05 19:45:18 +02:00
Eugen Rochko 8f38353c4d Only render public payload once in FanOutOnWrite 2017-04-05 14:26:17 +02:00
Eugen Rochko fa2a1af90a Spawn FeedInsertWorker to deliver status into personal feed 2017-04-04 19:21:37 +02:00
Eugen Rochko e60c473917 Reduce number of items in feeds, optimize regeneration worker slightly,
make regeneration worker unique, (only schedule/execute once at a time)
2017-04-04 13:58:34 +02:00
Eugen Rochko 8796f7a125 Add check for visibility.nil? even though it can't ever be, to check for race conditions 2017-04-03 22:54:46 +02:00
Eugen Rochko 6ebe31e716 Make default admin UI page reports. Add admin UI for creating a domain block 2017-04-03 18:55:06 +02:00
Eugen Rochko 4db2e2f4eb Fix issue with feed merge-in code as well 2017-04-02 15:58:25 +02:00
Eugen Rochko 572cf64791 Fix feed regeneration bug 2017-04-02 15:46:31 +02:00
Eugen Rochko 3c6e9ee33c Fix reworked search 2017-03-31 22:45:56 +02:00
Eugen Rochko b3cb765a94 Prettier account and stream entry URLs 2017-03-22 19:55:14 +01:00
Eugen Rochko a015d2e08b Shorter timeout on FetchAtomService 2017-03-22 17:41:52 +01:00
Eugen Rochko 1b4583ca91 Fix full-text search query quotation, improve tag search performance with an index,
add ability to open status by URL from search (fix #53)
2017-03-22 17:36:34 +01:00
Eugen Rochko 3893f75a51 New API method: /api/v1/search
Returns accounts, statuses, hashtags arrays
2017-03-22 02:32:27 +01:00
Eugen Rochko a19062b726 Federate header images, fix open-uri http->https redirection error 2017-03-18 22:51:20 +01:00
Eugen Rochko 64be072702 Make account search blazing fast and rank followers/followees higher in the results 2017-03-17 20:48:14 +01:00
Eugen Rochko f1b9644cfd Add "direct" visibility level in the backend. Web UI is not yet
adjusted to allow choosing it, yet
2017-03-15 22:55:45 +01:00
Eugen Rochko 27d4971979 Fix casuality of processing remote mentions such that notifications
about them would be processed only after the entire status is processed
2017-03-13 16:34:15 +01:00
Eugen Rochko 9989890e2e Fix #231 - Muting 2017-03-02 18:49:32 +01:00
Kit Redgrave 4554ccd5d0 Mute button progress so far. WIP, doesn't entirely work correctly. 2017-03-01 22:31:21 -06:00
Eugen Rochko a741049a77 Fix #104 - Style OAuth authorized applications page
Add ability to search accounts by display name
2017-02-27 00:15:00 +01:00
Eugen Rochko ff8a080d40 Add validation of media attachments, clean up mastodon-own exception classes 2017-02-26 23:23:06 +01:00
Eugen Rochko 128dcdf68a Merge branch 'fix_462' of https://github.com/rmhasan/mastodon into rmhasan-fix_462 2017-02-26 23:09:18 +01:00
Eugen Rochko 5157e25aab Add tuning documentation, add <content> tags back to most salmons,
make status pagination headers generation more lax about next page
existing
2017-02-25 03:34:37 +01:00
Eugen Rochko b734ae3029 Skip remote media URLs that don't have a hostname 2017-02-22 19:55:14 +01:00
Eugen Rochko 6d453b00c6 Fix #651 - Do not reinsert original status into all followers feeds
upon un-reblogging. Check if the reblog was in the feed in the first
place. It might have been filtered on distribution.
2017-02-22 15:52:47 +01:00
Rakib Hasan d55cf10b4e previous commit was creating the status regardless
of mix of video and images in status, just wasn't rendering
the show action. I moved the validation before the status creation
2017-02-19 08:28:33 +00:00
Rakib Hasan 008c95b3b9 revisted fix for #462
Moved validation to services/post_status_service.rb
2017-02-19 08:28:33 +00:00
Eugen Rochko 94a6dfab3a Disable PuSH for blocked domains 2017-02-14 04:01:37 +01:00
Eugen Rochko 04b2b771c1 Add IDs to salmon slaps even if they are transient. Add title, too, mostly
in case of debugging incoming salmons. Add <thr:in-reply-to /> to favourite
salmons because it seems to be required by GS.
2017-02-13 13:30:33 +01:00
Eugen Rochko 2980de5cc5 Add handler for salmons of undoing favourites 2017-02-12 19:50:18 +01:00
Eugen Rochko 8550d32165 Adding more unit tests. Fixing Salmon slaps XML 2017-02-12 17:30:15 +01:00
Eugen Rochko f48dc93379 Deduplicate delete salmons (send only one per mentioned-account domain) 2017-02-12 17:30:15 +01:00
Eugen Rochko f9f8f52fe9 Stop trying to shoehorn all Salmon updates into the poor database-connected
StreamEntry model. Simply render Salmon slaps as they are needed
2017-02-12 01:19:14 +01:00
Eugen Rochko 12ed6f5712 Resolve issue with rendering authorize/reject Salmon slaps 2017-02-11 19:42:05 +01:00
Eugen Rochko ce193afa4f Mentions in private statuses allow mentioned people to see them 2017-02-11 15:10:22 +01:00
Eugen Rochko 1e66536797 After FollowService, re-fetch remote account asynchronously, do nothing
if account lock info was up to date, otherwise re-do the FollowService
with now updated information
2017-02-11 14:25:01 +01:00
Eugen Rochko 1dbe19291d Fix processing of incoming authorizations/rejections 2017-02-11 13:55:07 +01:00
Eugen Rochko 79b86d7ffa Don't PuSH-resubscribe if already subscribed 2017-02-11 13:48:28 +01:00
Eugen Rochko 59c8c2b28a Make follow requests federate 2017-02-11 02:58:00 +01:00
Eugen Rochko 81be690f95 Fix #614 - extra reply-boolean on statuses to account for cases when replied-to
status is not in the system at time of distribution; fix #607 - reset privacy
settings to defaults when cancelling replies
2017-02-09 20:25:39 +01:00
Eugen Rochko eb9934c88c Add streaming API channels for local-only statuses 2017-02-06 23:46:14 +01:00
Eugen Rochko 43be729e6b Don't allow people to follow people they blocked without unblocking first 2017-02-05 21:04:22 +01:00
Eugen Rochko d384845469 Fix #61 - Add list of blocked users to the UI; clean up failed push notifications API
Try to fix Travis CI setup
2017-02-05 19:18:11 +01:00
Eugen Rochko efa4065029 Preheat status cache 2017-02-05 17:24:18 +01:00
Eugen Rochko c7b7eb8067 Fix #598 - arrow keys to navigate media; fix #481 - non-exact matches no longer
overshadow requirement for remote-lookup
2017-02-05 03:01:23 +01:00
Eugen Rochko 00261b46ec Move rendering of JSON payloads for public/hashtag timelines to
FanOutOnWriteService. The only recipient-specific part on them
is reblogged/favourited. But since only newly created statuses
appear on them, it is safe to assume that both attributes would
be false
2017-02-02 00:39:17 +01:00
Eugen Rochko 727d236fcc Cleaning up format of broadcast real-time messages, removing
redis-backed "mentions" timeline as redundant (given notifications)
2017-02-02 00:03:31 +01:00
Eugen Rochko edcfbee9f5 Fix #529 - Make hashtag timelines show conversations, fix hashtag loading in the UI 2017-01-31 22:35:38 +01:00
Eugen Rochko d5a3d0aca2 Fix tests 2017-01-29 12:25:10 +01:00
Eugen Rochko 9327d05bf7 API for apps to register for push notifications 2017-01-29 01:30:32 +01:00
Eugen Rochko 27ad4ce9e8 Do not run FetchLinkCardService on local URLs, increase file size limit to 8MB,
fix ProcessFeedService pushing status into distribution if called a second time
while the first is still running (i.e. when a PuSH comes after a Salmon slap),
fix not running escape on spoiler text before emojify
2017-01-27 16:57:23 +01:00
Eugen Rochko 4d011ee829 Use <summary> to encode content warnings instead 2017-01-25 16:53:30 +01:00
Eugen Rochko e17b31bca6 Fix #522 - prevent blocked users from reblogging 2017-01-25 01:48:46 +01:00
Eugen Rochko 959e064186 Instead of using spoiler boolean and spoiler_text, simply check for non-blank spoiler_text
Federate spoiler_text using warning attribute on <content /> instead of a <category term="spoiler" />
Clean up schema file from accidental development migrations
2017-01-25 01:29:16 +01:00
Eugen c7778752e3 Merge branch 'master' into master 2017-01-24 21:56:06 +01:00
Eugen Rochko ea8b548ee9 Make blocks create entries and unfollows instantly, but do the clean up
in the background instead. Should fix delay where blocked person
can interact with blocker for a short time before background job
gets processed
2017-01-24 21:40:41 +01:00
blackle e25fc71c2c Implement a click-to-view spoiler system 2017-01-23 21:07:40 -05:00
Eugen Rochko 9650e27b7b Domains with reject_media? set to true won't download avatars either 2017-01-23 21:55:29 +01:00
Eugen Rochko 3710d18889 Optional domain block attribute that prevents media attachments from being downloaded 2017-01-23 21:36:08 +01:00
Eugen Rochko 98660a76d9 Move merging/unmerging of timelines into background. Move blocking into
background as well since it's a computationally expensive
2017-01-23 21:29:34 +01:00
Eugen Rochko e55bad5740 Remove unneeded block check 2017-01-23 17:40:23 +01:00
Eugen Rochko 77a76d5171 Domain blocks now have varying severity - auto-suspend vs auto-silence 2017-01-23 17:38:38 +01:00
Eugen Rochko 55d6cd41e6 Fix a couple unhandled exceptions 2017-01-23 13:56:57 +01:00
Effy Elden 26cfebf434 Call uniq on the string version of mb_chars tags 2017-01-21 21:02:42 +11:00
Eugen Rochko d8d22cfa6f Instead of refusing to create accounts, domain blocks auto-suspend new accounts from that domain 2017-01-20 20:14:02 +01:00
Eugen Rochko 9d09b2c6b1 Fix preview cards layout, do preview card crawling for remote statuses 2017-01-20 18:31:49 +01:00
Eugen Rochko f748a91ec7 Fix #463 - Fetch and display previews of URLs using OpenGraph tags 2017-01-20 01:00:14 +01:00
Eugen Rochko 5d88ef90c9 Fix tests, add applications to eager loading/cache for statuses, fix
application website validation, don't link to app website if website isn't set,
also comment out animated boost icon from #464 until it's consistent with non-animated version
2017-01-15 14:01:33 +01:00
Effy Elden 8e0c1914fb Add tracking of OAuth app that posted a status, extend OAuth apps to have optional website field, add application details to API, show application name and website on detailed status views. Resolves #11 2017-01-15 08:58:50 +11:00
Eugen 4b384d6914 Fix too late return 2017-01-14 02:22:16 +01:00
Eugen Rochko 7e7c2bbb0f Migrate from ledermann/rails-settings to rails-settings-cached which allows global settings
with YAML-defined defaults. Add admin page for editing global settings. Add "site_description"
setting that would show as a paragraph on the frontpage
2017-01-12 20:46:24 +01:00
Eugen Rochko 992c8d2c41 Add ruby version to Gemfile, move devDependencies in package.json to dependencies,
fix bug in process feed service
2017-01-11 15:39:31 +01:00
Eugen Rochko 126aba0e13 Fix #147 - Unreblogging will leave original status in feeds 2017-01-07 15:44:22 +01:00
Eugen Rochko 66c5363bae Fix undesired delivering of private toot to remote accounts that follow author 2017-01-05 03:17:23 +01:00
Eugen Rochko b57e126d47 Unblocks also federate 2017-01-02 14:19:02 +01:00
Eugen Rochko 043d9114bf Federate blocks with the http://mastodon.social/schema/1.0 verb namespace 2017-01-02 12:17:51 +01:00
Eugen Rochko 6a20c13009 Add API for retrieving favourites 2016-12-29 20:33:26 +01:00
Eugen Rochko 34febf75be Fix wrong person being notified after nested reblog call, fix favourites leaking private toots in Atom feeds 2016-12-28 13:21:12 +01:00
Eugen Rochko cef68b9b1c Follow requests send e-mail notifications, but are excluded from notifications API
Better initial state for unlisted/nsfw toggles
2016-12-26 21:52:03 +01:00
Eugen Rochko 1ed3bb3a02 Don't show statuses to blocked users 2016-12-26 19:13:56 +01:00
Eugen Rochko 77cd58545d Re-enable Webfinger for locked accounts but don't handle "follow" events
coming in via Salmon.

Currently no way to prevent remote follows, but they will only receive public
and unlisted posts
2016-12-22 23:17:57 +01:00
Eugen Rochko 337c3d0ed8 Private posts mentioning non-followers should not notify them, neither locally nor via Salmon 2016-12-22 23:14:24 +01:00
Eugen Rochko 238233440f Follow call on locked account creates follow request instead
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
Eugen Rochko 09a477c782 Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users 2016-12-22 21:34:19 +01:00
Eugen Rochko d417da7d3a Private visibility on statuses prevents non-followers from seeing those
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
2016-12-21 20:04:13 +01:00
Eugen Rochko 9d4f96f440 Removing external hub completely, fix #333 fixing digit-only hashtags,
removing web app capability from non-webapp pages
2016-12-18 12:24:37 +01:00
Eugen Rochko b7c2c5d81d Restoring old async behaviour of thread resolving as it proved to be more robust 2016-12-12 21:12:19 +01:00
Eugen Rochko e9e11b0ff5 Sensitive content federates using the "nsfw" hashtag 2016-12-11 22:49:25 +01:00
Eugen Rochko fb36684678 Thread resolving no longer needs to be separate from ProcessFeedService,
since that is only ever called in the background
2016-12-11 22:23:11 +01:00
Eugen Rochko 51e60135ed Improve suspend account service 2016-12-06 18:32:36 +01:00
Eugen Rochko 88218c83d5 Add suspend account functionality to admin UI 2016-12-06 18:22:59 +01:00
Eugen Rochko 7752662f97 Add filters for suspended accounts 2016-12-06 18:03:30 +01:00
Eugen Rochko 6837480719 Adding suspend account service 2016-12-06 17:41:42 +01:00
Eugen Rochko ca0757a6cf Add account suspension 2016-12-05 22:59:30 +01:00
Eugen Rochko 42b065d3d7 Automatically block outgoing notifications from silenced accounts to users
who don't follow them
2016-12-04 16:51:49 +01:00
Eugen Rochko 23a4f93345 Fix #323 - self-replies to appear in public timelines again 2016-12-02 14:33:20 +01:00
Eugen Rochko 211049ae59 Fix #329 - avatar errors no longer prevent remote accounts from being saved
(without avatar). Also improved search position of exact matches
2016-12-02 14:14:49 +01:00
Eugen Rochko 8d4ef0b6c3 Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
2016-11-30 21:34:59 +01:00
Eugen c0bb1ed7c5 Fix trying to PuSH-publish updates of remote removals 2016-11-29 17:41:47 +01:00
Eugen Rochko 66e01be769 Fix delete Salmons 2016-11-28 19:44:27 +01:00
Eugen Rochko 0cc5410e03 Adding backtracing to Salmon/Processing workers 2016-11-28 19:11:36 +01:00
Eugen Rochko 95321e961b Fix Pubsubhubbub::UnsubscribeService 2016-11-28 18:14:49 +01:00
Eugen Rochko b5ad0eb4ea Adding embedded PuSH server 2016-11-28 13:36:47 +01:00
Eugen Rochko 31108d4659 Public and hashtag timelines now exclude reblogs and replies
Fix #289 - don't download avatar unless the URL is http/https
Fix #293 - reblog/reblogged is now boost/boosted
2016-11-26 15:45:35 +01:00
Eugen Rochko 1f62ffcc7a Fix #288 - Strip first @ from search query, don't search accounts if it begins with # 2016-11-26 15:32:29 +01:00
Eugen Rochko 1997e331ce Fix #278 - Use mb_chars.downcase on hashtags 2016-11-26 15:24:14 +01:00
Eugen Rochko 23162b2893 Update hub URL and re-subscribe if hub URL changes 2016-11-26 15:18:21 +01:00
Eugen Rochko ea0846645a Fix #65 - Options to block notifications from people you don't follow/who don't follow you 2016-11-25 13:13:16 +01:00
Eugen Rochko f613f2b84a Only distribute statuses to followers who signed in in the last 2 weeks, add rake task for clearing feeds of inactive users 2016-11-24 18:17:58 +01:00
Eugen Rochko f6d196255c Fix unfollows not clearing reblogs, fix blocks not clearing reblogs and notifications,
skip ActionCable for follow/unfollow/block events, instead clear UI from
blocked account's posts instantly if block request succeeds. Add forgotten
i18n for sensitive content
2016-11-23 22:57:57 +01:00
Eugen Rochko 65d6191147 Adding sensitive marker to statuses in API 2016-11-23 10:46:48 +01:00
Eugen Rochko 30010a6dbd Moving some counter queries out of subqueries in the API 2016-11-22 22:59:54 +01:00
Eugen Rochko f07b0dc82f Remove unneeded indices, improve error handling in background workers, don't needlessly reload reblogged status, send Devise e-mails asynchronously 2016-11-22 17:32:51 +01:00
Eugen Rochko 0943e98288 Adding option to specify asset server, filter followers query by local accounts
during Fan Out On Write to load less stuff into memory
2016-11-21 22:04:10 +01:00
Eugen Rochko dc8b46ecbc Use old rules for mention notifications as for mentions timeline 2016-11-21 10:37:34 +01:00
Eugen Rochko 3fc7820d6e Call NotifyService about remote reblogs 2016-11-21 09:56:01 +01:00
Eugen Rochko 38025dfea3 Adding unified streamable notifications 2016-11-20 19:39:58 +01:00
Eugen Rochko b373fb0ff6 Catch validation errors in ProcessFeedService so that one failing entry wouldn't stop others from going through 2016-11-18 23:19:38 +01:00
Eugen Rochko d2029a8845 Don't create attachments if remote file cannot be fetched 2016-11-18 23:16:34 +01:00
Eugen Rochko e71b152d89 Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-15 16:56:29 +01:00
Eugen Rochko 6f0d312dc3 Force utf-8 encoding when processing XML 2016-11-13 19:12:40 +01:00
Eugen Rochko 6206f75837 Add limit to search results 2016-11-12 14:49:28 +01:00
Eugen Rochko cbfa28b9cc Use full-text search for autosuggestions 2016-11-12 14:36:10 +01:00
Eugen Rochko aed424aef0 Fix live status removal from public/hashtag channels 2016-11-10 00:47:47 +01:00
Eugen Rochko 0b03bbad67 Discard misattributed remote statuses, improve timelines filter 2016-11-10 00:15:49 +01:00
Eugen Rochko a6ae45e8d7 Status removal is broadcast to public/hashtag timelines too 2016-11-09 19:16:27 +01:00
Eugen Rochko c0ee14756f Adding more logging 2016-11-08 19:37:08 +01:00
Eugen Rochko ac79369f2b Fix for thread resolve service and process feed service url method 2016-11-08 19:09:22 +01:00
Eugen Rochko 9da30e31c8 Fix region setting for AWS gem 2016-11-08 18:55:46 +01:00
Eugen Rochko f1d2c46ded Improve feed regeneration 2016-11-08 02:08:32 +01:00
Eugen Rochko 663c0edd8d Fix typo 2016-11-08 01:48:17 +01:00
Eugen Rochko 434c3fb2f7 ProcessFeedService refactor 2016-11-08 01:44:51 +01:00
Eugen Rochko 8f0869876b Improved configuration from ENV, cleaned up timeline filter methods
to be more readable, add extra logging to process feed service
2016-11-07 23:20:52 +01:00
Eugen Rochko 5ad6611101 Add test for FanOutOnWriteService 2016-11-06 15:56:34 +01:00
Eugen Rochko f0956d434c Improve @mention regex 2016-11-05 22:09:51 +01:00
Eugen Rochko cb22dce970 Adding hashtags 2016-11-05 17:13:14 +01:00
Eugen Rochko 4c3885b952 Allow @username@domain/@username in follow form, prevent duplicate accounts
created via remote look-up when domains differ but point to the same resource
2016-11-03 16:57:44 +01:00
Eugen Rochko 72565e9e61 Fix subtle bugs, new icon button 2016-11-02 22:29:19 +01:00
Eugen Rochko 1eac265f35 Adding public timeline silencing 2016-10-27 19:33:04 +02:00
Eugen Rochko d63f0295b9 Fix public channel 2016-10-23 11:56:04 +02:00
Eugen Rochko cc10f56f66 Fix method return when rescuing 2016-10-20 18:36:12 +02:00
Eugen Rochko bcdb0dc310 Fix RemoveStatusService trying to send delete salmons on behalf of remote statuses 2016-10-16 19:14:23 +02:00
Eugen Rochko 4762bb6b7a Fix duplication of media attachments when a remote status reblogs a local one 2016-10-14 20:15:37 +02:00
Eugen Rochko 7beab6b00c Fix remove status service sending salmons 2016-10-14 20:09:33 +02:00
Eugen Rochko 405f7f0541 No-op for Salmons without body, fail fast if Webfinger does not contain
all required resource links (profile page, salmon, atom feed, magic key)
2016-10-13 13:41:06 +02:00
Eugen Rochko dd99153ce6 Treat dfrn:owner like xmlns:author for Friendica compatibility 2016-10-12 22:55:00 +02:00
Eugen Rochko a1d34be18b Improve Friendica support (but still not there yet) 2016-10-12 21:07:00 +02:00
Eugen Rochko 34bfc0f0dc Fix up a few exceptions 2016-10-12 19:25:46 +02:00
Eugen Rochko 1af00c8193 Fixing namespaces issue 2016-10-10 19:16:23 +02:00
Eugen Rochko 61d7c88408 Fix namespace parsing in Atom feeds 2016-10-10 18:16:07 +02:00
Eugen Rochko 80217fd58b Use Account#find_remote method when possible 2016-10-10 17:30:49 +02:00
Eugen Rochko 3d229e3937 Don't return unsaved status from ProcessFeedService 2016-10-10 16:49:05 +02:00
Eugen Rochko 33668b91f8 Adding test for ProcessFeedService 2016-10-10 16:03:38 +02:00
Eugen Rochko 5da603fb6f Improve process feed service 2016-10-10 15:27:39 +02:00
Eugen Rochko d2c7d9fc4e PuSH unsubscribe needs correct callback URL 2016-10-10 03:40:08 +02:00
Eugen Rochko 7cb55af441 Fix default assumed object type (note->activity), make stream entry threaded? check aware of orphaned replies 2016-10-10 02:55:30 +02:00
Eugen Rochko 9bf5a73968 Adding domain blocks 2016-10-09 14:48:59 +02:00
Eugen Rochko c3f5dfeabb Adding public timeline 2016-10-07 16:00:11 +02:00
Eugen Rochko 62498dcefd Fix #83 - if user cannot be found (or is self) throw error, don't return empty 200
This prevents the undefined profile from being opened in the first place on such an error
2016-10-06 21:33:33 +02:00
Eugen Rochko b23c4b488c Better comparison of "local" domain 2016-10-06 16:36:16 +02:00
Eugen Rochko 6e8165696c Update OStatus2 to handle malformed Salmon without raising unexpected exceptions 2016-10-06 14:47:38 +02:00
Eugen Rochko 96cc77ce55 Catch Paperclip errors on /api/v1/media, return early from update profile service if XML given is nil 2016-10-06 14:40:15 +02:00
Eugen Rochko 3319473b2c Move PubSubHubbub pinging to a background worker
It can take as much as 0.5s if not longer to complete
2016-10-05 13:50:21 +02:00
Eugen Rochko 2febc6ed65 Fix typo 2016-10-05 13:40:14 +02:00
Eugen Rochko fe77921e47 Catching more exceptions that slipped through, removing AR logging from
production as it's very verbose and not very useful
2016-10-05 13:26:44 +02:00
Eugen Rochko 70e9dd0b5b Blocking will prevent e-mail notifications from blocked user, blocks in UI 2016-10-03 18:49:52 +02:00
Eugen Rochko 7b9a4af311 API for blocking and unblocking 2016-10-03 18:17:06 +02:00
Eugen Rochko 9d59d7b463 Adding a block model and filter mentions from blocked users (fix #60) 2016-10-03 17:12:13 +02:00
Eugen Rochko d74da1a89a Small fixes 2016-10-02 23:46:25 +02:00
Eugen Rochko be86d4e0a3 Preparing feeds for better filtering 2016-10-02 15:28:47 +02:00
Eugen Rochko 927333f4f8 Improve code style 2016-09-29 21:28:21 +02:00
Eugen Rochko e4aebad35a Fix handling of multiple Link headers (that should not be a thing though) 2016-09-27 23:49:12 +02:00
Eugen Rochko 7e14eefc81 Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
registration API
2016-09-26 23:56:53 +02:00
Eugen Rochko 210362e665 Improve redirect handling in FetchAtomService 2016-09-26 17:04:05 +02:00
Eugen Rochko c6b0311b86 Fix #54 - Fetch remote accounts by URL from mentions
Fetching atom extracted from FetchRemoteAccountService and FetchRemoteStatusService
into FetchAtomService. Mentions of the constant "http://activityschema.org/collection/public"
skipped as it's not a real URL/user.
2016-09-26 16:44:40 +02:00
Eugen Rochko b1a670af8d Handle remote account mentions a little better by trying a URL lookup in the db 2016-09-22 21:10:36 +02:00
Eugen Rochko 4a670780f0 Fix #51 - prevent duplicate attachments for remote statuses 2016-09-22 20:42:20 +02:00
Eugen Rochko 4bec613897 Fix #24 - Thread resolving for remote statuses
This is a big one, so let me enumerate:

Accounts as well as stream entry pages now contain Link headers that
reference the Atom feed and Webfinger URL for the former and Atom entry
for the latter. So you only need to HEAD those resources to get that
information, no need to download and parse HTML <link>s.

ProcessFeedService will now queue ThreadResolveWorker for each remote
status that it cannot find otherwise. Furthermore, entries are now
processed in reverse order (from bottom to top) in case a newer entry
references a chronologically previous one.

ThreadResolveWorker uses FetchRemoteStatusService to obtain a status
and attach the child status it was queued for to it.

FetchRemoteStatusService looks up the URL, first with a HEAD, tests
if it's an Atom feed, in which case it processes it directly. Next
for Link headers to the Atom feed, in which case that is fetched
and processed. Lastly if it's HTML, it is checked for <link>s to the Atom
feed, and if such is found, that is fetched and processed. The account for
the status is derived from author/name attribute in the XML and the hostname
in the URL (domain). FollowRemoteAccountService and ProcessFeedService
are used.

This means that potentially threads are resolved recursively until a dead-end
is encountered, however it is performed asynchronously over background jobs,
so it should be ok.
2016-09-21 01:50:31 +02:00
Eugen Rochko 608a2bfffc Upgrade to PubSubHubbub 0.4 (removing verify_token) 2016-09-20 02:43:20 +02:00
Eugen Rochko 059ebbf48d Separate PuSH subscriptions from following, add mastodon:push:refresh task,
respect hub.lease_seconds (fix #46)
2016-09-20 00:43:36 +02:00
Eugen Rochko 9863196f7b Small rubocop offences removed 2016-09-18 13:42:24 +02:00
Eugen Rochko adffc7a495 Fix #43 2016-09-18 12:28:49 +02:00
Eugen Rochko 183a23943b Fix how other services used old FollowRemoteAccountService 2016-09-17 17:07:45 +02:00
Eugen Rochko 0e9c1a297a Improved error handling for FollowRemoteService 2016-09-17 17:03:36 +02:00
Eugen Rochko 8c0b19012b Fix #41, debug #42 2016-09-17 16:36:10 +02:00
Eugen Rochko d6a64f45fd Adding a notification stack for error messages 2016-09-12 19:20:55 +02:00
Eugen Rochko 05b0c985b4 Send "delete" Salmons to remote mentioned accounts on status removal
Fixes #27
2016-09-12 18:33:34 +02:00
Eugen Rochko ce29624c6d Fixing image upload limits, allowing webm, merge/unmerge events trigger
timeline reload in UI, other small fixes
2016-09-12 18:22:43 +02:00
Eugen Rochko 0077fc26df Merge and unmerge timelines on follow/unfollow, solves #21, #22 2016-09-10 18:36:48 +02:00
Eugen Rochko 76c40cbfb1 Disallow self-follow 2016-09-10 10:01:08 +02:00
Eugen Rochko 3cc47beb6e Refactored generation of unique tags, URIs and object URLs into own classes,
as well as formatting of content
2016-09-09 20:04:34 +02:00
Eugen Rochko 509c18eb13 Fix local follows, 404 in logs 2016-09-08 02:40:51 +02:00
Eugen Rochko 499beb4484 UI for uploading media attachments (and cancelling them)
Mostly resolves #8, though attachments are still not displayed in public view
2016-09-07 18:21:57 +02:00
Eugen 1efa8e48d1 Fix enclosures not being parsed for reblogged statuses 2016-09-06 12:30:15 +02:00
Eugen Rochko eec0dc46a6 PostStatusService can attach media to status, ProcessFeedService likewise 2016-09-05 18:39:53 +02:00
Eugen Rochko 926eea89b5 RemoveStatusService fleshed out, still doesn't send Salmon slaps though 2016-09-05 01:59:46 +02:00
Eugen Rochko 35dfc0fbcb Fixed more case-sensitivity issues 2016-09-04 21:15:52 +02:00
Eugen Rochko 29996a7e8b Fix wrongful mentions breaking status update 2016-09-04 21:07:29 +02:00
Eugen Rochko 54ea7f5dfe Case-insensitive search by usernames 2016-09-04 21:06:04 +02:00
Eugen Rochko a289c1d52f Handle delete Salmons, todo: clean up timelines 2016-09-04 14:44:16 +02:00
Eugen Rochko 49520d6e62 Adding React.js, Redux, revamping dashboard 2016-08-24 17:56:44 +02:00
Eugen Rochko 6426819b6f Fix tests 2016-08-18 17:22:44 +02:00
Eugen Rochko 6deb9f966e Live timelines using ActionCable 2016-08-18 15:49:51 +02:00
Eugen Rochko 85b00d19b8 Moving Salmon notifications to background processing, fixing mini-profiler
behaviour with Turbolinks enabled, optimizing Rabl for production
2016-03-26 13:42:10 +01:00
Eugen Rochko da4b675aca Fix favourite handling in ProcessInteractionService 2016-03-26 01:34:12 +01:00
Eugen Rochko e24bfbde1a Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections
in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding
admin status to users
2016-03-25 14:12:24 +01:00
Eugen Rochko 8eeec389c1 Add link to github project to footer, move FanOutOnWriteService calls to
DistributionWorker. That isn't the heaviest service, yet, but gotta start
somewhere
2016-03-25 03:22:26 +01:00
Eugen Rochko a08e724476 Fix subscriptions:clear task, refactor feeds, refactor streamable activites
and atom feed generation to some extent, as well as the way mentions are
stored
2016-03-25 02:13:30 +01:00
Eugen Rochko 97d5aba1ec Do not try to send notification e-mails for reblogs if the reblog is not of a
local account
2016-03-24 13:25:33 +01:00
Eugen Rochko 12559b01ea Add pagination by max_id instead of offset/limit 2016-03-22 21:38:47 +01:00
Eugen Rochko f14f462eaf Adding Turbolinks, adding status posting form on homepage 2016-03-21 18:26:47 +01:00
Eugen Rochko 9d55529318 Fix text color in dashboard inputs, sanitize remote status content in UI,
simplify FanOutOnWriteService, add /api/accounts/lookup method
2016-03-21 17:02:16 +01:00
Eugen Rochko 46cbb9c551 Increase note truncation length on account grids, improve FanOutOnWrite a bit,
fix tests (the recorded Salmon fixture expects LOCAL_DOMAIN to be something
specific unfortunately)
2016-03-21 08:44:30 +01:00
Eugen Rochko b640f35621 Writing out more tests, fixed some bugs 2016-03-20 13:03:06 +01:00
Eugen Rochko 7e53efae31 Fix for incoming favourites 2016-03-19 22:46:58 +01:00