about summary refs log tree commit diff
path: root/app/lib
AgeCommit message (Collapse)Author
2017-08-26Add handling of Linked Data Signatures in payloads (#4687)Eugen Rochko
* Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context
2017-08-24Fetch reblogs as Announce activity instead of Note object (#4672)unarist
* Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
2017-08-22Fix bugs which OStatus accounts may detected as ActivityPub ready (#4662)unarist
* Fallback to OStatus in FetchAtomService * Skip activity+json link if that activity is Person without inbox * If unsupported activity was detected and all other URLs failed, retry with ActivityPub-less Accept header * Allow mention to OStatus account in ActivityPub * Don't update profile with inbox-less Person object
2017-08-21Support more variations of ActivityPub keyId in signature (#4630)Eugen Rochko
- Tries to avoid performing HTTP request if the keyId is an actor URI - Likewise if the URI is a fragment URI on top of actor URI - Resolves public key, returns owner if the owner links back to the key
2017-08-20Handle duplicate ActivityPub activities (#4639)Eugen Rochko
* Handle duplicate ActivityPub activities Only perform side-effects when record processed for the first time * Fast-forward repeat follow requests
2017-08-19Improve ActivityPub/OStatus compatibility (#4632)Eugen Rochko
*Note: OStatus URIs are invalid for ActivityPub. But we have them for as long as we want to keep old OStatus-sourced content and as long as we remain OStatus-compatible.* - In Announce handling, if object URI is not a URL, fallback to object URL - Do not use specialized ThreadResolveWorker, rely on generalized handling - When serializing notes, if parent's URI is not a URL, use parent's URL
2017-08-18Parse OStatus tag URIs in ActivityPub handlers when those are local (#4631)Eugen Rochko
2017-08-18Make ActivityPub::TagManager#local_uri? recognize local URIs with ports (#4628)Eugen Rochko
2017-08-18If url attribute not present in Note, fallback to id attribute (#4629)Eugen Rochko
2017-08-18Put ActivityPub alternate link into Atom, prefer it when processing Atom (#4623)Eugen Rochko
2017-08-17Add _:atomUri property for deduplicating OStatus/ActivityPub legacy records ↵Eugen Rochko
(#4593)
2017-08-14Re-add missing transaction around status-from-OStatus creation (#4603)Eugen Rochko
2017-08-14Fix ActivityPub follow interaction and add more specs (#4601)unarist
2017-08-13ActivityPub delivery (#4566)Eugen Rochko
* Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments
2017-08-12Add serializing/unserializing of "locked" actor attribute (#4585)Eugen Rochko
2017-08-10Handle ActivityPub follows correctly (#4571)Eugen Rochko
* Handle ActivityPub follows correctly ActivityPub follows are follow-requests. Always require an Accept. If account is not locked, auto-accept. * Handle ActivityPub Accept/Reject-Follow * Fix wrong method * Fix wrong class
2017-08-09Add Digest header to requests with body, handle acct and URI keyId (#4565)Eugen Rochko
2017-08-08Add ActivityPub inbox (#4216)Eugen Rochko
* Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-08-02Don't normalize invalid domain names (#4499)TheKinrar
Fixes #4496
2017-07-31Change RuboCop rules to loose (#4464)Yamagishi Kazutoshi
2017-07-31Fix length validator counting things that look like URIs like URLs (#4462)Eugen Rochko
URI.extract is too strong, not limited to URLs, matched real text. Same issue was present in language detector.
2017-07-27Fix multipoint shortcode bug (#4387)Ondřej Hruška
* Fix multipoint shortcode bug * Added testcase for composite emoji shortcode
2017-07-27Add callback_url/acct information for Sidekiq PuSH workers Exception. (#4281)Clworld
* Add destination informations to exception on SubscribeWorker and DeliveryWorker. * Simplify delivery error message. * Prevent changing Exception type... * fix typo.
2017-07-21Use the same emoji data on the frontend and backend (#4284)Eugen Rochko
* Use the same emoji data on the frontend and backend * Move emoji.json to repository, add tests This way you don't need to install node dependencies if you only want to run Ruby code
2017-07-20Fix webfinger retries (#4275)Eugen Rochko
* Do not raise unretryable exceptions in ResolveRemoteAccountService * Removed fatal exceptions from ResolveRemoteAccountService Exceptions that cannot be retried should not be raised. New exception class for those that can be retried (Mastodon::UnexpectedResponseError)
2017-07-19Correct OStatus inflection (Ostatus -> OStatus) (#4255)Eugen Rochko
2017-07-18Add unfollow modal (optional) (#4246)Yamagishi Kazutoshi
* Add unfollow modal * unfollowing someone * remove unnecessary prop
2017-07-18Introduce Ostatus name space (#4164)Akihiko Odaki
* Wrap methods of ProcessFeedService::ProcessEntry in classes This is a change same with 425acecfdb15093a265b191120fb2d4e4c4135c4, except that it has the following changes: * Revert irrelevant change in find_or_create_conversation * Fix error handling for RemoteActivity * Introduce Ostatus name space
2017-07-15Optimize uri normalization (#4212)ThibG
* Add dependency on idn-ruby to speed up URI normalization * Use normalized_host instead of normalize.host when applicable When we are only interested in the normalized host, calling normalized_host avoids normalizing the other components of the URI as well as creating a new object
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
2017-07-14Fix subsequent replies to unresolved status not being filtered from home (#4190)Eugen Rochko
Resolves #4177 - smaller changeset
2017-07-14HTTP signatures (#4146)Eugen Rochko
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
2017-07-14Add option to opt out of search engines on public profile/status pages (#4199)Eugen Rochko
2017-07-10Add setting a always mark media as sensitive (#4136)Yamagishi Kazutoshi
2017-07-07Refactor JSON templates to be generated with ActiveModelSerializers instead ↵Eugen Rochko
of Rabl (#4090)
2017-07-06Add a setting allowing the use of system's default font in Web UI (#4033)Damien Erambert
* add a system_font_ui setting on the server * Plug the system_font_ui on the front-end * add EN/FR locales for the new setting * put Roboto after all other fonts * remove trailing whitespace so CodeClimate is happy * fix user_spec.rb * correctly write user_spect this time * slightly better way of adding the classes * add comments to the system-font stack for clarification * use .system-font for the class instead * don't use multiple lines for comments * remove trailing whitespace * use the classnames module for consistency * use `mastodon-font-sans-serif` instead of Roboto directly
2017-06-29Reduce number of commands in FeedManager#trim (#3989)Akihiko Odaki (@fn_aki@pawoo.net)
2017-06-17Whitelist allowed classes for federated statuses (#3810)nightpool
* Whitelist allowed classes for federated statuses Allowed classes are currently: - Any microformats class (h/p/u/dt/e-*) - the classes mention, hashtag, ellipses and invisible. this last one is somewhat suspect, but Mastodon currently uses it to render hidden link text. resolved #3790 * Fix code style
2017-06-15Fix regression from #3490 - filter out hidden statuses from ↵Eugen Rochko
ancestors/descendants even if the viewer is anonymous (#3752)
2017-06-09Language detection defaults to nil (#3666)Matt Jankowski
* Default to nil for statuses.language * Language detection defaults to nil instead of instance UI default
2017-06-08Improve RuboCop rules (compatibility to Code Climate) (#3636)Yamagishi Kazutoshi
https://github.com/codeclimate/codeclimate-rubocop/blob/08f8de84ebfb39caa96391e23816877278f6441c/Gemfile.lock#L38 Code Climate is using RuboCop v0.46.0. Change several rules to maintain compatibility.
2017-06-07Allow "class" attribute on the "a" tag in sanitization (#3623)unarist
This preserves `<a ... class="u-url mention">` from other Mastodon instances.
2017-06-05Introduce StatusThreadingConcern (#3490)Matt Jankowski
* Add a StatusFilter class to identify visibility of statuses by accounts * Extract StatusThreadingConcern from Status * Clarify purpose of checking for nil account
2017-06-04Remove some code in TagManager and spec (#3547)Akihiko Odaki (@fn_aki@pawoo.net)
* Do not fall back to StreamEntry if object_type is unavailable in TagManager Since 6d6a429af8fe4bd92ed497f401676353fdc603e0, when Status, the only model with stream_entry, and StreamEntry got its own logic in uri_for and url_for, the purpose of the fallbacks to activity_type of StreamEntry became unclear. This commit removes the fallbacks. When adding another model with stream_entry in future, consider to update uri_for and url_for. * Cover TagManager more
2017-06-04A minor change for ProviderDiscovery and spec (#3543)Akihiko Odaki (@fn_aki@pawoo.net)
* Do not default the format in ProviderDiscovery The format should be determined when discovering, as it is in the current implementation, and it is a flaw if it is not determined. * Spec ProviderDiscovery
2017-06-04Remove some arguments of Formatter.instance.format and spec (#3541)Akihiko Odaki (@fn_aki@pawoo.net)
* Remove some arguments of Formatter.instance.format * Improve spec for Formatter
2017-06-03Remove redundant code in AtomSerializer and spec (#3528)Akihiko Odaki (@fn_aki@pawoo.net)
* Remove redundant status.reply? in AtomSerializer#object * Cover AtomSerializer more
2017-06-03Execute PushUpdateWorker only for accounts who uses StreamingAPI just now. ↵Clworld
(#3278) * Add redis key "subscribed:timeline:#{account.id}" to indicate active streaming API listeners exists. * Add endpoint for notification only stream. * Run PushUpdateWorker only for users uses Streaming API now. * Move close hander streamTo(Http/Ws) -> stream(Http/Ws)End (Deal with #3370) * Add stream type for stream start log message.
2017-06-01Remove usernames and hashtags from language detection (#3503)Matt Jankowski
* Add failing specs for hashtag and username extraction in language detector * Remove usernames and hashtags from text before language detection * Handle multiple instances of special case, and reduce whitespace
2017-05-31Misc tidying and clean ups (#3445)Matt Jankowski
* Remove trailing whitespace in i18n mailers * Use query methods instead of #present? on AR attributes * Delegate Status#account_domain method * Delegate Mention #account_username and #account_acct methods