about summary refs log tree commit diff
path: root/app/controllers/activitypub
AgeCommit message (Collapse)Author
2020-08-30[Privacy] Add options for private accountsFire Demon
2020-08-30[Privacy] Exclude mixed-privacy posts from public collections unless the ↵Fire Demon
requesting actor is locally authenticated or follows the author
2020-08-30[Feature, Privacy] Add base support for per-domain post privacyFire Demon
2020-08-30[Privacy, Federation, UI] Add options to allow Fediverse users to decide ↵Fire Demon
whether to include replies and unlisted posts on their profiles
2020-08-30[Privacy, Transparency] Reduce allowlist mode restrictions; make publishing ↵Fire Demon
trusted servers to about page possible.
2020-06-09Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - `app/controllers/activitypub/collections_controller.rb`: Conflict due to glitch-soc having to take care of local-only pinned toots in that controller. Took upstream's changes and restored the local-only special handling. - `app/controllers/auth/sessions_controller.rb`: Minor conflicts due to the theming system, applied upstream changes, adapted the following two files for glitch-soc's theming system: - `app/controllers/concerns/sign_in_token_authentication_concern.rb` - `app/controllers/concerns/two_factor_authentication_concern.rb` - `app/services/backup_service.rb`: Minor conflict due to glitch-soc having to handle local-only toots specially. Applied upstream changes and restored the local-only special handling. - `app/views/admin/custom_emojis/index.html.haml`: Minor conflict due to the theming system. - `package.json`: Upstream dependency updated, too close to a glitch-soc-only dependency in the file. - `yarn.lock`: Upstream dependency updated, too close to a glitch-soc-only dependency in the file.
2020-06-02Add E2EE API (#13820)Eugen Rochko
2020-05-31Hide local-only pinned toots from public profilesThibaut Girka
Fixes #1336 This also fixes federating pinned toots when some of them are local-only. Public profiles will not show public toots, whether you are logged in or not (this is consistent with local-only toots that are not pinned).
2020-05-03Add more tests for ActivityPub controllers (#13585)Eugen Rochko
2020-04-15Change delivery failure tracking to work with hostnames instead of URLs (#13437)Eugen Rochko
2019-10-24Fix incoming federation in whitelist mode (#12185)ThibG
… posting to the AP inbox required a logged-in local user…
2019-09-27Improve status pin query (#11972)abcang
2019-08-16Fix multiple issues with replies collection for pages further than ↵ThibG
self-replies (#11582) * Fix the replies collection returning snowflakes ids rather than URIs Fixes #11568 * Fix min_id in replies queries once self-replies are exhausted * Fix `next` attribute of replies collection being nil when there are no self-replies * Rename other_accounts param to only_other_accounts
2019-07-30Add whitelist mode (#11291)Eugen Rochko
2019-07-21Add (back) rails-level JSON caching (#11333)Eugen Rochko
2019-07-17Fix caching headers in ActivityPub endpoints (#11331)ThibG
* Fix reverse-proxy caching in public fetch mode * Fix caching in ActivityPub-specific controllers
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-06Remove Salmon and PubSubHubbub (#11205)Eugen Rochko
* Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-06-05Cleanup various controllers (#10972)ThibG
* Remove skip_session! as it is not supported in Rails 5 * Minor cleanup in StreamEntriesController * Remove redundant mark_cacheable! calls
2019-04-04Cache featured collections, as well as outbox, followers and following (#10467)ThibG
2019-03-31Ensure request.body isn't emptied out before signature verification (#10432)ThibG
Fixes #10429
2019-03-20Do not try fetching keys of unknown accounts on a Delete from them (#10326)ThibG
2018-12-10Add specs for activitypub collections controller (#9484)ysksn
* Add specs for ActivityPub::CollectionsController#show * Raise ActiveRecord::RecordNotFound Raising ActiveRecord::NotFound raises NameError: uninitialized constant ActiveRecord::NotFound.
2018-10-25Allow inbox owner to view implicitly targeted ActivityPub payload (#9093)Eugen Rochko
Fix #9091
2018-05-04Better pagination for ActivityPub outbox (#7356)Eugen Rochko
2018-03-04Federate pinned statuses over ActivityPub (#6610)Eugen Rochko
* Federate pinned statuses over ActivityPub * Display pinned toots in web UI Fix #6117 * Fix migration * Fix tests * Update outbox_serializer.rb * Update remove_serializer.rb * Update add_serializer.rb * Update fetch_featured_collection_service.rb
2018-02-08Fix response of signature_verification_failure_reason (#6441)abcang
2018-02-02Allow retrieval of private statuses (single or in outbox) using HTTP ↵puckipedia
signatures (#6225)
2018-01-22Rename ResolveRemoteAccountService to ResolveAccountService (#6327)Akihiko Odaki
The service used to be named ResolveRemoteAccountService resolves local accounts as well.
2018-01-08Revert #5772 (#6221)Eugen Rochko
2018-01-04Cache JSON of immutable ActivityPub representations (#6171)Eugen Rochko
2018-01-03Allow to dereference Follow object for ActivityPub (#5772)Akihiko Odaki
* Allow to dereference Follow object for ActivityPub * Accept IRI as object representation for Accept activity
2017-10-03Fix HTTP responses for salmon and ActivityPub inbox processing (#5200)ThibG
* Return sensible HTTP status for ActivityPub inbox processing * Return sensible HTTP status for salmon slap processing * Return additional information to debug signature verification failures
2017-09-29After 7 days of repeated delivery failures, give up on inbox (#5131)Eugen Rochko
- A successful delivery cancels it out - An incoming delivery from account of the inbox cancels it out
2017-09-03Instantly upgrade account to ActivityPub if we receive ActivityPub payload ↵Eugen Rochko
(#4766)
2017-08-31Add sharedInbox to actors (#4737)Eugen Rochko
2017-08-21ActivityPub migration procedure (#4617)Eugen Rochko
* ActivityPub migration procedure Once one account is detected as going from OStatus to ActivityPub, invalidate WebFinger cache for other accounts from the same domain * Unsubscribe from PuSH updates once we receive an ActivityPub payload * Re-subscribe to PuSH unless already unsubscribed, regardless of protocol
2017-08-14Set correct content-type for ActivityPub JSON (#4592)Eugen Rochko
2017-08-08Add ActivityPub inbox (#4216)Eugen Rochko
* Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-07-16Minor ActivityPub JSON fixes (#4214)Eugen Rochko
- Objects must have attributedTo instead of actor - The current attribute belongs to CollectionPage, not Collection
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections