about summary refs log tree commit diff
path: root/app/services
AgeCommit message (Collapse)Author
2017-11-07Fix process mentions for local users, as local users are considered to use ↵ThibG
OStatus (#5618)
2017-11-07Twidere mention workaround (#5552)ThibG
* Work around Twidere and Tootdon bug Tootdon and Twidere construct @user@domain handles from mentions in toots based solely on the mention text and account URI's domain without performing any webfinger call or retrieving account info from the Mastodon server. As a result, when a remote user has WEB_DOMAIN ≠ LOCAL_DOMAIN, Twidere and Tootdon will construct the mention as @user@WEB_DOMAIN. Now, this will usually resolve to the correct account (since the recommended configuration is to have WEB_DOMAIN perform webfinger redirections to LOCAL_DOMAIN) when processing mentions, but won't do so when displaying them (as it does not go through the whole account resolution at that time). This change rewrites mentions to the resolved account, so that displaying the mentions will work. * Use lookbehind instead of non-capturing group in MENTION_RE Indeed, substitutions with the previous regexp would erroneously eat any preceding whitespace, which would lead to concatenated mentions in the previous commit. Note that users will “lose” up to one character space per mention for their toots, as that regexp is also used to remove the domain-part of mentioned users for character counting purposes, and it also erroneously removed the preceding character if it was a space.
2017-11-07Add ability to disable login and mark accounts as memorial (#5615)Eugen Rochko
Fix #5597
2017-11-07Do not process undeliverable mentions (#5598)ThibG
* Resolve remote accounts when mentioned even if they are already known This commit reduces the risk of not having up-to-date public key or protocol information for a remote account, which is required to deliver toots (especially direct messages). * Do not add mentions in private messages for remote users we cannot deliver to Mastodon does not deliver private and direct toots to OStatus users, as there is no guarantee the remote software understands the toot's privacy. However, users currently do not get any feedback on it (Mastodon won't attempt delivery, but the toot will be displayed exactly the same way to the user). This change introduces *some* feedback by not processing mentions that are not going to be delivered. A long-term solution is still needed to have delivery receipts or at least some better indication of what is going on, but at least an user can see *something* is up.
2017-11-07Resolve remote accounts when mentioned even if they are already known (#5539)ThibG
This commit reduces the risk of not having up-to-date public key or protocol information for a remote account, which is required to deliver toots (especially direct messages).
2017-10-30Update remote ActivityPub users when fetching their toots (#5545)ThibG
2017-10-27Instantiate service classes for each call (fixes #5540) (#5543)ThibG
2017-10-25Merge remote-tracking branch 'STJrInuyasha/feature/direct-timeline' into ↵David Yip
gs-direct-timeline
2017-10-22Added a timeline for Direct statusesMatthew Walsh
* Lists all Direct statuses you've sent and received * Displayed in Getting Started * Streaming server support for direct TL
2017-10-18Merge tag 'v2.0.0' into gs-masterDavid Yip
2017-10-17Don't capture scheme-less URLs in the status (#5435)unarist
Specifically, this fixes status length calculation to be same as JS side. BTW, since this pattern used in not only preview card fetching, we should extract it (with twitter-regex?) and write tests I think.
2017-10-16Merge remote-tracking branch 'origin/master' into gs-masterDavid Yip
2017-10-14Close connection when succeeded posting (#5390)abcang
* Close connection when succeeded posting * Update webmock
2017-10-13Fix remote status fetching for “pure” ActivityPub WEB_ACCOUNT users (#5372)ThibG
Remote ActivityPub users that have never been known as OStatus users (whether or not they support it) will not have a “remote_url” attribute set. In case they reside on an instance with WEB_DOMAIN ≠ LOCAL_DOMAIN, the current check did rely on “remote_url” to verify the user's domain.
2017-10-12Fix some failure cases on FetchLinkCardService (#5347)unarist
* If OEmbed response doesn't have a required property `type`, ignore it. e.g. `NoMethodError: undefined method 'type' for ...` * If we failed to detect encoding, fallback to default behavior of Nokogiri. e.g. `KeyError: key not found: :encoding`
2017-10-12Restore variable assignment in MuteService#call.David Yip
291feba6f113588cce4f06206754b31eba60044b made MuteService return the result of Account#mute!; this commit restores that behavior.
2017-10-11Merge upstream 2.0ish #165kibigo!
2017-10-08Fix #5272 - Order of checks in ActivityPub handler (#5276)Eugen Rochko
2017-10-08Set snowflake IDs for backdated statuses (#5260)Eugen Rochko
- Rename Mastodon::TimestampIds into Mastodon::Snowflake for clarity - Skip for statuses coming from inbox, aka delivered in real-time - Skip for statuses that claim to be from the future
2017-10-06Improve error handling on LinkCrawlWorker (#5250)unarist
* Improve error handling on LinkCrawlWorker * Ignore TimeoutError and InvalidURIError too * Record errors to debug log * Enable dead job queue on LinkCrawlWorker Since most of acceptable errors were already ignored, only our side issue should go to dead job queue. * Ignore all http gem errors
2017-10-05Fix regression in FetchRemoteResourceService (#5217)ThibG
* Fix regression in FetchRemoteResourceService * Update specs to match interface changes made in #5114
2017-10-04Check Webfinger-returned author URI even when not redirected (#5213)ThibG
The whole point of verified_webfinger? is to check the WebFinger-discoverable URI maps back to the known author URI. This was not actually verified if the first Webfinger request was not a redirection.
2017-10-04Non-Serial ("Snowflake") IDs (#4801)aschmitz
* Use non-serial IDs This change makes a number of nontrivial tweaks to the data model in Mastodon: * All IDs are now 8 byte integers (rather than mixed 4- and 8-byte) * IDs are now assigned as: * Top 6 bytes: millisecond-resolution time from epoch * Bottom 2 bytes: serial (within the millisecond) sequence number * See /lib/tasks/db.rake's `define_timestamp_id` for details, but note that the purpose of these changes is to make it difficult to determine the number of objects in a table from the ID of any object. * The Redis sorted set used for the feed will have values used to look up toots, rather than scores. This is almost always the same as the existing behavior, except in the case of boosted toots. This change was made because Redis stores scores as double-precision floats, which cannot store the new ID format exactly. Note that this doesn't cause problems with sorting/pagination, because ZREVRANGEBYSCORE sorts lexicographically when scores are tied. (This will still cause sorting issues when the ID gains a new significant digit, but that's extraordinarily uncommon.) Note a couple of tradeoffs have been made in this commit: * lib/tasks/db.rake is used to enforce many/most column constraints, because this commit seems likely to take a while to bring upstream. Enforcing a post-migrate hook is an easier way to maintain the code in the interim. * Boosted toots will appear in the timeline as many times as they have been boosted. This is a tradeoff due to the way the feed is saved in Redis at the moment, but will be handled by a future commit. This would effectively close Mastodon's #1059, as it is a snowflake-like system of generating IDs. However, given how involved the changes were simply within Mastodon, it may have unexpected interactions with some clients, if they store IDs as doubles (or as 4-byte integers). This was a problem that Twitter ran into with their "snowflake" transition, particularly in JavaScript clients that treated IDs as JS integers, rather than strings. It therefore would be useful to test these changes at least in the web interface and popular clients before pushing them to all users. * Fix JavaScript interface with long IDs Somewhat predictably, the JS interface handled IDs as numbers, which in JS are IEEE double-precision floats. This loses some precision when working with numbers as large as those generated by the new ID scheme, so we instead handle them here as strings. This is relatively simple, and doesn't appear to have caused any problems, but should definitely be tested more thoroughly than the built-in tests. Several days of use appear to support this working properly. BREAKING CHANGE: The major(!) change here is that IDs are now returned as strings by the REST endpoints, rather than as integers. In practice, relatively few changes were required to make the existing JS UI work with this change, but it will likely hit API clients pretty hard: it's an entirely different type to consume. (The one API client I tested, Tusky, handles this with no problems, however.) Twitter ran into this issue when introducing Snowflake IDs, and decided to instead introduce an `id_str` field in JSON responses. I have opted to *not* do that, and instead force all IDs to 64-bit integers represented by strings in one go. (I believe Twitter exacerbated their problem by rolling out the changes three times: once for statuses, once for DMs, and once for user IDs, as well as by leaving an integer ID value in JSON. As they said, "If you’re using the `id` field with JSON in a Javascript-related language, there is a very high likelihood that the integers will be silently munged by Javascript interpreters. In most cases, this will result in behavior such as being unable to load or delete a specific direct message, because the ID you're sending to the API is different than the actual identifier associated with the message." [1]) However, given that this is a significant change for API users, alternatives or a transition time may be appropriate. 1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html * Restructure feed pushes/unpushes This was necessary because the previous behavior used Redis zset scores to identify statuses, but those are IEEE double-precision floats, so we can't actually use them to identify all 64-bit IDs. However, it leaves the code in a much better state for refactoring reblog handling / coalescing. Feed-management code has been consolidated in FeedManager, including: * BatchedRemoveStatusService no longer directly manipulates feed zsets * RemoveStatusService no longer directly manipulates feed zsets * PrecomputeFeedService has moved its logic to FeedManager#populate_feed (PrecomputeFeedService largely made lots of calls to FeedManager, but didn't follow the normal adding-to-feed process.) This has the effect of unifying all of the feed push/unpush logic in FeedManager, making it much more tractable to update it in the future. Due to some additional checks that must be made during, for example, batch status removals, some Redis pipelining has been removed. It does not appear that this should cause significantly increased load, but if necessary, some optimizations are possible in batch cases. These were omitted in the pursuit of simplicity, but a batch_push and batch_unpush would be possible in the future. Tests were added to verify that pushes happen under expected conditions, and to verify reblog behavior (both on pushing and unpushing). In the case of unpushing, this includes testing behavior that currently leads to confusion such as Mastodon's #2817, but this codifies that the behavior is currently expected. * Rubocop fixes I could swear I made these changes already, but I must have lost them somewhere along the line. * Address review comments This addresses the first two comments from review of this feature: https://github.com/tootsuite/mastodon/pull/4801#discussion_r139336735 https://github.com/tootsuite/mastodon/pull/4801#discussion_r139336931 This adds an optional argument to FeedManager#key, the subtype of feed key to generate. It also tests to ensure that FeedManager's settings are such that reblogs won't be tracked forever. * Hardcode IdToBigints migration columns This addresses a comment during review: https://github.com/tootsuite/mastodon/pull/4801#discussion_r139337452 This means we'll need to make sure that all _id columns going forward are bigints, but that should happen automatically in most cases. * Additional fixes for stringified IDs in JSON These should be the last two. These were identified using eslint to try to identify any plain casts to JavaScript numbers. (Some such casts are legitimate, but these were not.) Adding the following to .eslintrc.yml will identify casts to numbers: ~~~ no-restricted-syntax: - warn - selector: UnaryExpression[operator='+'] > :not(Literal) message: Avoid the use of unary + - selector: CallExpression[callee.name='Number'] message: Casting with Number() may coerce string IDs to numbers ~~~ The remaining three casts appear legitimate: two casts to array indices, one in a server to turn an environment variable into a number. * Only implement timestamp IDs for Status IDs Per discussion in #4801, this is only being merged in for Status IDs at this point. We do this in a migration, as there is no longer use for a post-migration hook. We keep the initialization of the timestamp_id function as a Rake task, as it is also needed after db:schema:load (as db/schema.rb doesn't store Postgres functions). * Change internal streaming payloads to stringified IDs as well This is equivalent to 591a9af356faf2d5c7e66e3ec715502796c875cd from #5019, with an extra change for the addition to FeedManager#unpush. * Ensure we have a status_id_seq sequence Apparently this is not a given when specifying a custom ID function, so now we ensure it gets created. This uses the generic version of this function to more easily support adding additional tables with timestamp IDs in the future, although it would be possible to cut this down to a less generic version if necessary. It is only run during db:schema:load or the relevant migration, so the overhead is extraordinarily minimal. * Transition reblogs to new Redis format This provides a one-way migration to transition old Redis reblog entries into the new format, with a separate tracking entry for reblogs. It is not invertible because doing so could (if timestamp IDs are used) require a database query for each status in each users' feed, which is likely to be a significant toll on major instances. * Address review comments from @akihikodaki No functional changes. * Additional review changes * Heredoc cleanup * Run db:schema:load hooks for test in development This matches the behavior in Rails' ActiveRecord::Tasks::DatabaseTasks.each_current_configuration, which would otherwise break `rake db:setup` in development. It also moves some functionality out to a library, which will be a good place to put additional related functionality in the near future.
2017-10-04Fix undefined local variable (regression from #5114) (#5210)Yamagishi Kazutoshi
2017-10-04Follow up to #5172, clean up notifications after mute like after block (#5198)Eugen Rochko
2017-10-04Validate id of ActivityPub representations (#5114)Akihiko Odaki
Additionally, ActivityPub::FetchRemoteStatusService no longer parses activities. OStatus::Activity::Creation no longer delegates to ActivityPub because the provided ActivityPub representations are not signed while OStatus representations are.
2017-10-04Fix possible acct: uri usurpation in ActivityPub account discovery (#5208)Eugen Rochko
Signed-off-by: Eugen Rochko <eugen@zeonfederated.com>
2017-09-28If HTTP signature is wrong and webfinger cache is stale, retry with resolve ↵Eugen Rochko
(#5129) If the signature could not be verified and the webfinger of the account was last retrieved longer than the cache period, try re-resolving the account and then attempting to verify the signature again
2017-09-28Flush body when POST requests (#5128)abcang
2017-09-28Merge commit 'b9f59ebcc68e9da0a7158741a1a2ef3564e1321e' into merging-upstreamOndřej Hruška
2017-09-28Merge commit '4aea3f88a6d30f102a79c2da7fcfac96465ba1a8' into merging-upstreamOndřej Hruška
2017-09-26Follow-up to #4582 and #5027, removing dead code (#5101)Eugen Rochko
2017-09-26Fix #5059 - Stop processing payload if it's from local account (#5100)Eugen Rochko
2017-09-26Send streaming API delete to people mentioned in status (#5103)Eugen Rochko
- Previously they wouldn't receive it unless they were author's followers - Skip unpush from public/hashtag timelines if status wasn't public in the first place
2017-09-20Change IDs to strings rather than numbers in API JSON output (#5019)aschmitz
* Fix JavaScript interface with long IDs Somewhat predictably, the JS interface handled IDs as numbers, which in JS are IEEE double-precision floats. This loses some precision when working with numbers as large as those generated by the new ID scheme, so we instead handle them here as strings. This is relatively simple, and doesn't appear to have caused any problems, but should definitely be tested more thoroughly than the built-in tests. Several days of use appear to support this working properly. BREAKING CHANGE: The major(!) change here is that IDs are now returned as strings by the REST endpoints, rather than as integers. In practice, relatively few changes were required to make the existing JS UI work with this change, but it will likely hit API clients pretty hard: it's an entirely different type to consume. (The one API client I tested, Tusky, handles this with no problems, however.) Twitter ran into this issue when introducing Snowflake IDs, and decided to instead introduce an `id_str` field in JSON responses. I have opted to *not* do that, and instead force all IDs to 64-bit integers represented by strings in one go. (I believe Twitter exacerbated their problem by rolling out the changes three times: once for statuses, once for DMs, and once for user IDs, as well as by leaving an integer ID value in JSON. As they said, "If you’re using the `id` field with JSON in a Javascript-related language, there is a very high likelihood that the integers will be silently munged by Javascript interpreters. In most cases, this will result in behavior such as being unable to load or delete a specific direct message, because the ID you're sending to the API is different than the actual identifier associated with the message." [1]) However, given that this is a significant change for API users, alternatives or a transition time may be appropriate. 1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html * Additional fixes for stringified IDs in JSON These should be the last two. These were identified using eslint to try to identify any plain casts to JavaScript numbers. (Some such casts are legitimate, but these were not.) Adding the following to .eslintrc.yml will identify casts to numbers: ~~~ no-restricted-syntax: - warn - selector: UnaryExpression[operator='+'] > :not(Literal) message: Avoid the use of unary + - selector: CallExpression[callee.name='Number'] message: Casting with Number() may coerce string IDs to numbers ~~~ The remaining three casts appear legitimate: two casts to array indices, one in a server to turn an environment variable into a number. * Back out RelationshipsController Change This was made to make a test a bit less flakey, but has nothing to do with this branch. * Change internal streaming payloads to stringified IDs as well Per https://github.com/tootsuite/mastodon/pull/5019#issuecomment-330736452 we need these changes to send deleted status IDs as strings, not integers.
2017-09-19Introduce OStatus::TagManager (#5008)Akihiko Odaki
2017-09-19Fix incomplete account records being read (#4998)Eugen Rochko
* Fix incomplete account records being read - Put account processing into redis lock - Do not save until record is complete * Fix spaces
2017-09-19Admin interface for listing, adding and removing custom emojis (#5002)Eugen Rochko
* Admin interface for listing, adding and removing custom emojis * Only display local ones in the list
2017-09-17Fix an error when actor json couldn't be fetched in ↵unarist
ResolveRemoteAccountService (#4979) * Fix an error when actor json couldn't be fetched in ResolveRemoteAccountService * Add specs
2017-09-16Fix filterable_languages method of SettingsHelper (#4966)Akihiko Odaki
2017-09-14Enable to recognize most kinds of characters as URL paths (#4941)ふぁぼ原
2017-09-13Refactor handling of default params for muting to make code cleanerSurinna Curtis
2017-09-13Less gross passing of notifications flagSurinna Curtis
2017-09-13Add support for muting notifications in MuteServiceSurinna Curtis
2017-09-13block notifications in notify_service from hard muted accountsSurinna Curtis
2017-09-14Support OpenGraph video embeds (#4897)Eugen Rochko
* Support OpenGraph video embeds It's not really OpenGraph, it's twitter:player property, but it's not OEmbed so that fits. For example, this allows Twitch clips to be displayed as embeds. Also, fixes glitch-soc/mastodon#135 * Fix invalid OpenGraph cards being saved through attaching and revisit URLs after 14 days
2017-09-14Fix refollowing (#4931)ThibG
* Make RefollowWorker ActivityPub-only to avoid potential identifier mismatches * Don't call RefollowWorker on new accounts
2017-09-13Fix #4917 - Add missing suspend checks (#4921)Eugen Rochko
2017-09-12[WiP] Whenever a remote keypair changes, unfollow them and re-subscribe to ↵ThibG
… (#4907) * Whenever a remote keypair changes, unfollow them and re-subscribe to them In Mastodon (it could be different for other OStatus or AP-enabled software), a keypair change is indicative of whole user (or instance) data loss. In this situation, the “new” user might be different, and almost certainly has an empty followers list. In this case, Mastodon instances will disagree on follower lists, leading to unreliable delivery and “shadow followers”, that is users believed by a remote instance to be followers, without the affected user knowing. Drawbacks of this change are: 1. If an user legitimately changes public key for some reason without losing data (not possible in Mastodon at the moment), they will have their remote followers unsubscribed/re-subscribed needlessly. 2. Depending of the number of remote followers, this may generate quite some traffic. 3. If the user change is an attempt at usurpation, the remote followers will unknowingly follow the usurper. Note that this is *not* a change of behavior, Mastodon already behaves like that, although delivery might be unreliable, and the usurper would not have known the former user's followers. * Rename ResubscribeWorker to RefollowWorker * Process followers in batches
2017-09-10Merge tag 'v1.6.0' into sync/upstreamDavid Yip