From ba3a399d8899c55f03b5648ed668c9f32f9b8a26 Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Sat, 27 Jun 2020 20:48:54 -0500
Subject: [Privacy, Transparency] Reduce allowlist mode restrictions; make
publishing trusted servers to about page possible.
---
app/controllers/about_controller.rb | 11 ++++++++++-
app/controllers/accounts_controller.rb | 2 +-
app/controllers/activitypub/claims_controller.rb | 2 +-
app/controllers/activitypub/inboxes_controller.rb | 2 +-
app/controllers/api/base_controller.rb | 2 +-
app/controllers/api/v1/instances/activity_controller.rb | 4 ++--
app/controllers/api/v1/instances/peers_controller.rb | 4 ++--
app/controllers/api/v1/instances_controller.rb | 2 +-
app/controllers/concerns/account_owned_concern.rb | 2 +-
app/controllers/home_controller.rb | 2 +-
app/controllers/media_controller.rb | 4 ++--
app/controllers/media_proxy_controller.rb | 2 +-
app/controllers/remote_interaction_controller.rb | 4 ++--
app/controllers/statuses_controller.rb | 2 +-
app/controllers/tags_controller.rb | 4 ++--
15 files changed, 29 insertions(+), 20 deletions(-)
(limited to 'app/controllers')
diff --git a/app/controllers/about_controller.rb b/app/controllers/about_controller.rb
index 5d5db937c..218dcb99e 100644
--- a/app/controllers/about_controller.rb
+++ b/app/controllers/about_controller.rb
@@ -4,7 +4,7 @@ class AboutController < ApplicationController
before_action :set_pack
layout 'public'
- before_action :require_open_federation!, only: [:show, :more]
+ #before_action :require_open_federation!, only: [:show, :more]
before_action :set_body_classes, only: :show
before_action :set_instance_presenter
before_action :set_expires_in, only: [:show, :more, :terms]
@@ -21,10 +21,13 @@ class AboutController < ApplicationController
@contents = toc_generator.html
@table_of_contents = toc_generator.toc
@blocks = DomainBlock.with_user_facing_limitations.by_severity if display_blocks?
+ @allows = DomainAllow.all if display_allows?
end
def terms; end
+ helper_method :display_allows?
+
helper_method :display_blocks?
helper_method :display_blocks_rationale?
helper_method :public_fetch_mode?
@@ -66,4 +69,10 @@ class AboutController < ApplicationController
def set_expires_in
expires_in 0, public: true
end
+
+ # Monsterfork additions
+
+ def display_allows?
+ Setting.show_domain_allows == 'all' || (Setting.show_domain_allows == 'users' && user_signed_in?)
+ end
end
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index 5c8cdd174..f4fce456f 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -11,7 +11,7 @@ class AccountsController < ApplicationController
before_action :set_body_classes
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
- skip_before_action :require_functional!, unless: :whitelist_mode?
+ skip_before_action :require_functional! #, unless: :whitelist_mode?
def show
respond_to do |format|
diff --git a/app/controllers/activitypub/claims_controller.rb b/app/controllers/activitypub/claims_controller.rb
index 08ad952df..5009a9f05 100644
--- a/app/controllers/activitypub/claims_controller.rb
+++ b/app/controllers/activitypub/claims_controller.rb
@@ -4,7 +4,7 @@ class ActivityPub::ClaimsController < ActivityPub::BaseController
include SignatureVerification
include AccountOwnedConcern
- skip_before_action :authenticate_user!
+ #skip_before_action :authenticate_user!
before_action :require_signature!
before_action :set_claim_result
diff --git a/app/controllers/activitypub/inboxes_controller.rb b/app/controllers/activitypub/inboxes_controller.rb
index 0a561e7f0..3e67f3909 100644
--- a/app/controllers/activitypub/inboxes_controller.rb
+++ b/app/controllers/activitypub/inboxes_controller.rb
@@ -7,7 +7,7 @@ class ActivityPub::InboxesController < ActivityPub::BaseController
before_action :skip_unknown_actor_delete
before_action :require_signature!
- skip_before_action :authenticate_user!
+ #skip_before_action :authenticate_user!
def create
upgrade_account
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 045e7dd26..ca5bda8f1 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -7,7 +7,7 @@ class Api::BaseController < ApplicationController
include RateLimitHeaders
skip_before_action :store_current_location
- skip_before_action :require_functional!, unless: :whitelist_mode?
+ skip_before_action :require_functional! #, unless: :whitelist_mode?
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
before_action :set_cache_headers
diff --git a/app/controllers/api/v1/instances/activity_controller.rb b/app/controllers/api/v1/instances/activity_controller.rb
index 4f6b4bcbf..f2ac902e1 100644
--- a/app/controllers/api/v1/instances/activity_controller.rb
+++ b/app/controllers/api/v1/instances/activity_controller.rb
@@ -4,7 +4,7 @@ class Api::V1::Instances::ActivityController < Api::BaseController
before_action :require_enabled_api!
skip_before_action :set_cache_headers
- skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+ skip_before_action :require_authenticated_user! #, unless: :whitelist_mode?
def show
expires_in 1.day, public: true
@@ -33,6 +33,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController
end
def require_enabled_api!
- head 404 unless Setting.activity_api_enabled && !whitelist_mode?
+ head 404 unless Setting.activity_api_enabled #&& !whitelist_mode?
end
end
diff --git a/app/controllers/api/v1/instances/peers_controller.rb b/app/controllers/api/v1/instances/peers_controller.rb
index 9fa440935..d30ef1fe9 100644
--- a/app/controllers/api/v1/instances/peers_controller.rb
+++ b/app/controllers/api/v1/instances/peers_controller.rb
@@ -4,7 +4,7 @@ class Api::V1::Instances::PeersController < Api::BaseController
before_action :require_enabled_api!
skip_before_action :set_cache_headers
- skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+ skip_before_action :require_authenticated_user! #, unless: :whitelist_mode?
def index
expires_in 1.day, public: true
@@ -14,6 +14,6 @@ class Api::V1::Instances::PeersController < Api::BaseController
private
def require_enabled_api!
- head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+ head 404 unless Setting.peers_api_enabled #&& !whitelist_mode?
end
end
diff --git a/app/controllers/api/v1/instances_controller.rb b/app/controllers/api/v1/instances_controller.rb
index 5b5058a7b..844bab68a 100644
--- a/app/controllers/api/v1/instances_controller.rb
+++ b/app/controllers/api/v1/instances_controller.rb
@@ -2,7 +2,7 @@
class Api::V1::InstancesController < Api::BaseController
skip_before_action :set_cache_headers
- skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+ skip_before_action :require_authenticated_user! #, unless: :whitelist_mode?
def show
expires_in 3.minutes, public: true
diff --git a/app/controllers/concerns/account_owned_concern.rb b/app/controllers/concerns/account_owned_concern.rb
index 460f71f65..65168efff 100644
--- a/app/controllers/concerns/account_owned_concern.rb
+++ b/app/controllers/concerns/account_owned_concern.rb
@@ -4,7 +4,7 @@ module AccountOwnedConcern
extend ActiveSupport::Concern
included do
- before_action :authenticate_user!, if: -> { whitelist_mode? && request.format != :json }
+ #before_action :authenticate_user!, if: -> { whitelist_mode? && request.format != :json }
before_action :set_account, if: :account_required?
before_action :check_account_approval, if: :account_required?
before_action :check_account_suspension, if: :account_required?
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
index c9b840881..d15adbf62 100644
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -47,7 +47,7 @@ class HomeController < ApplicationController
end
def default_redirect_path
- if request.path.start_with?('/web') || whitelist_mode?
+ if request.path.start_with?('/web') #|| whitelist_mode?
new_user_session_path
elsif single_user_mode?
short_account_path(Account.local.without_suspended.where('id > 0').first)
diff --git a/app/controllers/media_controller.rb b/app/controllers/media_controller.rb
index 772fc42cb..ae63bb7c5 100644
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@@ -4,9 +4,9 @@ class MediaController < ApplicationController
include Authorization
skip_before_action :store_current_location
- skip_before_action :require_functional!, unless: :whitelist_mode?
+ skip_before_action :require_functional! #, unless: :whitelist_mode?
- before_action :authenticate_user!, if: :whitelist_mode?
+ #before_action :authenticate_user!, if: :whitelist_mode?
before_action :set_media_attachment
before_action :verify_permitted_status!
before_action :check_playable, only: :player
diff --git a/app/controllers/media_proxy_controller.rb b/app/controllers/media_proxy_controller.rb
index 0b1d09de9..8f9c2e14d 100644
--- a/app/controllers/media_proxy_controller.rb
+++ b/app/controllers/media_proxy_controller.rb
@@ -7,7 +7,7 @@ class MediaProxyController < ApplicationController
skip_before_action :store_current_location
skip_before_action :require_functional!
- before_action :authenticate_user!, if: :whitelist_mode?
+ #before_action :authenticate_user!, if: :whitelist_mode?
rescue_from ActiveRecord::RecordInvalid, with: :not_found
rescue_from Mastodon::UnexpectedResponseError, with: :not_found
diff --git a/app/controllers/remote_interaction_controller.rb b/app/controllers/remote_interaction_controller.rb
index a277bfa10..5ead3aaa0 100644
--- a/app/controllers/remote_interaction_controller.rb
+++ b/app/controllers/remote_interaction_controller.rb
@@ -5,13 +5,13 @@ class RemoteInteractionController < ApplicationController
layout 'modal'
- before_action :authenticate_user!, if: :whitelist_mode?
+ #before_action :authenticate_user!, if: :whitelist_mode?
before_action :set_interaction_type
before_action :set_status
before_action :set_body_classes
before_action :set_pack
- skip_before_action :require_functional!, unless: :whitelist_mode?
+ skip_before_action :require_functional! #, unless: :whitelist_mode?
def new
@remote_follow = RemoteFollow.new(session_params)
diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index a6ab8828f..0360dc390 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -19,7 +19,7 @@ class StatusesController < ApplicationController
before_action :set_autoplay, only: :embed
skip_around_action :set_locale, if: -> { request.format == :json }
- skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
+ skip_before_action :require_functional!, only: [:show, :embed] #, unless: :whitelist_mode?
content_security_policy only: :embed do |p|
p.frame_ancestors(false)
diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb
index 69db89eb3..0b8ac7c6d 100644
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@@ -9,13 +9,13 @@ class TagsController < ApplicationController
layout 'public'
before_action :require_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
- before_action :authenticate_user!, if: :whitelist_mode?
+ #before_action :authenticate_user!, if: :whitelist_mode?
before_action :set_tag
before_action :set_local
before_action :set_body_classes
before_action :set_instance_presenter
- skip_before_action :require_functional!, unless: :whitelist_mode?
+ skip_before_action :require_functional! #, unless: :whitelist_mode?
def show
respond_to do |format|
--
cgit