From b8243c1b49a1d0a3c102901e5facd90dd88b9c13 Mon Sep 17 00:00:00 2001 From: JantsoP Date: Tue, 4 Apr 2017 08:26:59 +0200 Subject: changed line 25 for better translation --- app/assets/javascripts/components/locales/fi.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/assets/javascripts/components/locales/fi.jsx b/app/assets/javascripts/components/locales/fi.jsx index 5bef99923..39fa655e6 100644 --- a/app/assets/javascripts/components/locales/fi.jsx +++ b/app/assets/javascripts/components/locales/fi.jsx @@ -22,7 +22,7 @@ const fi = { "account.followers": "Seuraajia", "account.follows_you": "Seuraa sinua", "account.requested": "Odottaa hyväksyntää", - "getting_started.heading": "Päästä alkuun", + "getting_started.heading": "Aloitus", "getting_started.about_addressing": "Voit seurata ihmisiä jos tiedät heidän käyttäjänimensä ja domainin missä he ovat syöttämällä e-mail-esque osoitteen Etsi kenttään.", "getting_started.about_shortcuts": "Jos etsimäsi henkilö on samassa domainissa kuin sinä, pelkkä käyttäjänimi kelpaa. Sama pätee kun mainitset ihmisiä statuksessasi", "getting_started.open_source_notice": "Mastodon Mastodon on avoimen lähdekoodin ohjelma. Voit avustaa tai raportoida ongelmia githubissa {github}. {apps}.", -- cgit From 10a8666e04c1a1b20481bd67fb47c760cf508d68 Mon Sep 17 00:00:00 2001 From: JantsoP Date: Tue, 4 Apr 2017 15:07:15 +0200 Subject: updated line 28 about GitHub --- app/assets/javascripts/components/locales/fi.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/assets/javascripts/components/locales/fi.jsx b/app/assets/javascripts/components/locales/fi.jsx index 39fa655e6..7b151d6f8 100644 --- a/app/assets/javascripts/components/locales/fi.jsx +++ b/app/assets/javascripts/components/locales/fi.jsx @@ -25,7 +25,7 @@ const fi = { "getting_started.heading": "Aloitus", "getting_started.about_addressing": "Voit seurata ihmisiä jos tiedät heidän käyttäjänimensä ja domainin missä he ovat syöttämällä e-mail-esque osoitteen Etsi kenttään.", "getting_started.about_shortcuts": "Jos etsimäsi henkilö on samassa domainissa kuin sinä, pelkkä käyttäjänimi kelpaa. Sama pätee kun mainitset ihmisiä statuksessasi", - "getting_started.open_source_notice": "Mastodon Mastodon on avoimen lähdekoodin ohjelma. Voit avustaa tai raportoida ongelmia githubissa {github}. {apps}.", + "getting_started.open_source_notice": "Mastodon Mastodon on avoimen lähdekoodin ohjelma. Voit avustaa tai raportoida ongelmia GitHub palvelussa {github}. {apps}.", "column.home": "Koti", "column.community": "Paikallinen aikajana", "column.public": "Yhdistetty aikajana", -- cgit From e9a6da6bc739f4f68447f56b93810762da388ce8 Mon Sep 17 00:00:00 2001 From: Pete Keen Date: Tue, 4 Apr 2017 11:04:44 -0400 Subject: [#817] Add email whitelist This adds the ability to filter user signup with a whitelist instead of or in addition to a blacklist. Fixes #817 --- .env.production.sample | 2 ++ app/lib/email_validator.rb | 17 +++++++++++++++-- config/initializers/blacklists.rb | 1 + spec/models/user_spec.rb | 37 +++++++++++++++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/.env.production.sample b/.env.production.sample index bd81b8fca..a7f9eb4bf 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -22,6 +22,8 @@ OTP_SECRET= # SINGLE_USER_MODE=true # Prevent registrations with following e-mail domains # EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc +# Only allow registrations with the following e-mail domains +# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc # E-mail configuration SMTP_SERVER=smtp.mailgun.org diff --git a/app/lib/email_validator.rb b/app/lib/email_validator.rb index 856b8b1f7..06e9375f6 100644 --- a/app/lib/email_validator.rb +++ b/app/lib/email_validator.rb @@ -2,17 +2,30 @@ class EmailValidator < ActiveModel::EachValidator def validate_each(record, attribute, value) - return if Rails.configuration.x.email_domains_blacklist.empty? - record.errors.add(attribute, I18n.t('users.invalid_email')) if blocked_email?(value) end private def blocked_email?(value) + on_blacklist?(value) || not_on_whitelist?(value) + end + + def on_blacklist?(value) + return false if Rails.configuration.x.email_domains_blacklist.blank? + domains = Rails.configuration.x.email_domains_blacklist.gsub('.', '\.') regexp = Regexp.new("@(.+\\.)?(#{domains})", true) value =~ regexp end + + def not_on_whitelist?(value) + return false if Rails.configuration.x.email_domains_whitelist.blank? + + domains = Rails.configuration.x.email_domains_whitelist.gsub('.', '\.') + regexp = Regexp.new("@(.+\\.)?(#{domains})", true) + + value !~ regexp + end end diff --git a/config/initializers/blacklists.rb b/config/initializers/blacklists.rb index 52646e64d..6db7be7dc 100644 --- a/config/initializers/blacklists.rb +++ b/config/initializers/blacklists.rb @@ -2,4 +2,5 @@ Rails.application.configure do config.x.email_domains_blacklist = ENV.fetch('EMAIL_DOMAIN_BLACKLIST') { 'mvrht.com' } + config.x.email_domains_whitelist = ENV.fetch('EMAIL_DOMAIN_WHITELIST') { '' } end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 64de06749..aa777fd39 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -1,5 +1,42 @@ require 'rails_helper' RSpec.describe User, type: :model do + let(:account) { Fabricate(:account, username: 'alice') } + let(:password) { 'abcd1234' } + describe 'blacklist' do + it 'should allow a non-blacklisted user to be created' do + user = User.new(email: 'foo@example.com', account: account, password: password) + + expect(user.valid?).to be_truthy + end + + it 'should not allow a blacklisted user to be created' do + user = User.new(email: 'foo@mvrht.com', account: account, password: password) + + expect(user.valid?).to be_falsey + end + end + + describe 'whitelist' do + around(:each) do |example| + old_whitelist = Rails.configuration.x.email_whitelist + + Rails.configuration.x.email_domains_whitelist = 'mastodon.space' + + example.run + + Rails.configuration.x.email_domains_whitelist = old_whitelist + end + + it 'should not allow a user to be created unless they are whitelisted' do + user = User.new(email: 'foo@example.com', account: account, password: password) + expect(user.valid?).to be_falsey + end + + it 'should allow a user to be created if they are whitelisted' do + user = User.new(email: 'foo@mastodon.space', account: account, password: password) + expect(user.valid?).to be_truthy + end + end end -- cgit From 731e650681004bcb8ad11d610e017975a706f57d Mon Sep 17 00:00:00 2001 From: Kurtis Rainbolt-Greene Date: Tue, 4 Apr 2017 09:04:07 -0700 Subject: Use active record shorthand --- app/lib/feed_manager.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app') diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb index a2efcce10..9398d6c70 100644 --- a/app/lib/feed_manager.rb +++ b/app/lib/feed_manager.rb @@ -118,7 +118,7 @@ class FeedManager def filter_from_mentions?(status, receiver) check_for_blocks = [status.account_id] - check_for_blocks.concat(status.mentions.select('account_id').map(&:account_id)) + check_for_blocks.concat(status.mentions.pluck(:account_id)) check_for_blocks.concat([status.in_reply_to_account]) if status.reply? && !status.in_reply_to_account_id.nil? should_filter = receiver.id == status.account_id # Filter if I'm mentioning myself -- cgit From 6fd865c0004efbf11ee87c06fea9f48af567fabe Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 4 Apr 2017 19:21:37 +0200 Subject: Spawn FeedInsertWorker to deliver status into personal feed --- app/lib/feed_manager.rb | 32 ++++++++++++++++---------------- app/services/fan_out_on_write_service.rb | 13 ++++++------- app/services/notify_service.rb | 2 +- app/services/precompute_feed_service.rb | 2 +- app/workers/feed_insert_worker.rb | 15 +++++++++++++++ 5 files changed, 39 insertions(+), 25 deletions(-) create mode 100644 app/workers/feed_insert_worker.rb (limited to 'app') diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb index a2efcce10..28e712704 100644 --- a/app/lib/feed_manager.rb +++ b/app/lib/feed_manager.rb @@ -11,11 +11,11 @@ class FeedManager "feed:#{type}:#{id}" end - def filter?(timeline_type, status, receiver) + def filter?(timeline_type, status, receiver_id) if timeline_type == :home - filter_from_home?(status, receiver) + filter_from_home?(status, receiver_id) elsif timeline_type == :mentions - filter_from_mentions?(status, receiver) + filter_from_mentions?(status, receiver_id) else false end @@ -91,39 +91,39 @@ class FeedManager Redis.current end - def filter_from_home?(status, receiver) + def filter_from_home?(status, receiver_id) return true if status.reply? && status.in_reply_to_id.nil? check_for_mutes = [status.account_id] check_for_mutes.concat([status.reblog.account_id]) if status.reblog? - return true if receiver.muting?(check_for_mutes) + return true if Mute.where(account_id: receiver_id, target_account_id: check_for_mutes).any? check_for_blocks = status.mentions.map(&:account_id) check_for_blocks.concat([status.reblog.account_id]) if status.reblog? - return true if receiver.blocking?(check_for_blocks) + return true if Block.where(account_id: receiver_id, target_account_id: check_for_blocks).any? - if status.reply? && !status.in_reply_to_account_id.nil? # Filter out if it's a reply - should_filter = !receiver.following?(status.in_reply_to_account) # and I'm not following the person it's a reply to - should_filter &&= !(receiver.id == status.in_reply_to_account_id) # and it's not a reply to me - should_filter &&= !(status.account_id == status.in_reply_to_account_id) # and it's not a self-reply + if status.reply? && !status.in_reply_to_account_id.nil? # Filter out if it's a reply + should_filter = !Follow.where(account_id: receiver_id, target_account_id: status.in_reply_to_account_id).exists? # and I'm not following the person it's a reply to + should_filter &&= !(receiver_id == status.in_reply_to_account_id) # and it's not a reply to me + should_filter &&= !(status.account_id == status.in_reply_to_account_id) # and it's not a self-reply return should_filter - elsif status.reblog? # Filter out a reblog - return status.reblog.account.blocking?(receiver) # or if the author of the reblogged status is blocking me + elsif status.reblog? # Filter out a reblog + return Block.where(account_id: status.reblog.account_id, target_account_id: receiver_id).exists? # or if the author of the reblogged status is blocking me end false end - def filter_from_mentions?(status, receiver) + def filter_from_mentions?(status, receiver_id) check_for_blocks = [status.account_id] check_for_blocks.concat(status.mentions.select('account_id').map(&:account_id)) check_for_blocks.concat([status.in_reply_to_account]) if status.reply? && !status.in_reply_to_account_id.nil? - should_filter = receiver.id == status.account_id # Filter if I'm mentioning myself - should_filter ||= receiver.blocking?(check_for_blocks) # or it's from someone I blocked, in reply to someone I blocked, or mentioning someone I blocked - should_filter ||= (status.account.silenced? && !receiver.following?(status.account)) # of if the account is silenced and I'm not following them + should_filter = receiver_id == status.account_id # Filter if I'm mentioning myself + should_filter ||= Block.where(account_id: receiver_id, target_account_id: check_for_blocks).any? # or it's from someone I blocked, in reply to someone I blocked, or mentioning someone I blocked + should_filter ||= (status.account.silenced? && !Follow.where(account_id: receiver_id, target_account_id: status.account_id).exists?) # of if the account is silenced and I'm not following them should_filter end diff --git a/app/services/fan_out_on_write_service.rb b/app/services/fan_out_on_write_service.rb index df404cbef..42222c25b 100644 --- a/app/services/fan_out_on_write_service.rb +++ b/app/services/fan_out_on_write_service.rb @@ -33,9 +33,8 @@ class FanOutOnWriteService < BaseService def deliver_to_followers(status) Rails.logger.debug "Delivering status #{status.id} to followers" - status.account.followers.where(domain: nil).joins(:user).where('users.current_sign_in_at > ?', 14.days.ago).find_each do |follower| - next if FeedManager.instance.filter?(:home, status, follower) - FeedManager.instance.push(:home, follower, status) + status.account.followers.where(domain: nil).joins(:user).where('users.current_sign_in_at > ?', 14.days.ago).select(:id).find_each do |follower| + FeedInsertWorker.perform_async(status.id, follower.id) end end @@ -44,7 +43,7 @@ class FanOutOnWriteService < BaseService status.mentions.includes(:account).each do |mention| mentioned_account = mention.account - next if !mentioned_account.local? || !mentioned_account.following?(status.account) || FeedManager.instance.filter?(:home, status, mentioned_account) + next if !mentioned_account.local? || !mentioned_account.following?(status.account) || FeedManager.instance.filter?(:home, status, mention.account_id) FeedManager.instance.push(:home, mentioned_account, status) end end @@ -54,9 +53,9 @@ class FanOutOnWriteService < BaseService payload = FeedManager.instance.inline_render(nil, 'api/v1/statuses/show', status) - status.tags.find_each do |tag| - FeedManager.instance.broadcast("hashtag:#{tag.name}", event: 'update', payload: payload) - FeedManager.instance.broadcast("hashtag:#{tag.name}:local", event: 'update', payload: payload) if status.account.local? + status.tags.pluck(:name).each do |hashtag| + FeedManager.instance.broadcast("hashtag:#{hashtag}", event: 'update', payload: payload) + FeedManager.instance.broadcast("hashtag:#{hashtag}:local", event: 'update', payload: payload) if status.account.local? end end diff --git a/app/services/notify_service.rb b/app/services/notify_service.rb index 942cd9d21..24486f220 100644 --- a/app/services/notify_service.rb +++ b/app/services/notify_service.rb @@ -17,7 +17,7 @@ class NotifyService < BaseService private def blocked_mention? - FeedManager.instance.filter?(:mentions, @notification.mention.status, @recipient) + FeedManager.instance.filter?(:mentions, @notification.mention.status, @recipient.id) end def blocked_favourite? diff --git a/app/services/precompute_feed_service.rb b/app/services/precompute_feed_service.rb index a57c401d0..07dcb81da 100644 --- a/app/services/precompute_feed_service.rb +++ b/app/services/precompute_feed_service.rb @@ -7,7 +7,7 @@ class PrecomputeFeedService < BaseService def call(_, account) redis.pipelined do Status.as_home_timeline(account).limit(FeedManager::MAX_ITEMS / 4).each do |status| - next if status.direct_visibility? || FeedManager.instance.filter?(:home, status, account) + next if status.direct_visibility? || FeedManager.instance.filter?(:home, status, account.id) redis.zadd(FeedManager.instance.key(:home, account.id), status.id, status.reblog? ? status.reblog_of_id : status.id) end end diff --git a/app/workers/feed_insert_worker.rb b/app/workers/feed_insert_worker.rb new file mode 100644 index 000000000..a58dfaa74 --- /dev/null +++ b/app/workers/feed_insert_worker.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class FeedInsertWorker + include Sidekiq::Worker + + def perform(status_id, follower_id) + status = Status.find(status_id) + follower = Account.find(follower_id) + + return if FeedManager.instance.filter?(:home, status, follower.id) + FeedManager.instance.push(:home, follower, status) + rescue ActiveRecord::RecordNotFound + true + end +end -- cgit From bda37489ac5c14d18b1bb4290f2a2931dc8728c9 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 5 Apr 2017 02:32:18 +0200 Subject: Remove PuSH subscriptions when delivery is answered with a 4xx error --- app/workers/pubsubhubbub/delivery_worker.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app') diff --git a/app/workers/pubsubhubbub/delivery_worker.rb b/app/workers/pubsubhubbub/delivery_worker.rb index 15005bc80..466def3a8 100644 --- a/app/workers/pubsubhubbub/delivery_worker.rb +++ b/app/workers/pubsubhubbub/delivery_worker.rb @@ -22,6 +22,7 @@ class Pubsubhubbub::DeliveryWorker .headers(headers) .post(subscription.callback_url, body: payload) + return subscription.destroy! if response.code > 299 && response.code < 500 && response.code != 429 # HTTP 4xx means error is not temporary, except for 429 (throttling) raise "Delivery failed for #{subscription.callback_url}: HTTP #{response.code}" unless response.code > 199 && response.code < 300 subscription.touch(:last_successful_delivery_at) -- cgit From f7e35d90db3a08dbb4e4104f513e5817e18659b9 Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Tue, 4 Apr 2017 20:16:14 -0400 Subject: Remote follow improvements This stores the @username@instance you provide in your session and reuses it the next time you remote follow someone from this instance. --- app/controllers/remote_follow_controller.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'app') diff --git a/app/controllers/remote_follow_controller.rb b/app/controllers/remote_follow_controller.rb index 7d4bfe6ce..1e3f786ec 100644 --- a/app/controllers/remote_follow_controller.rb +++ b/app/controllers/remote_follow_controller.rb @@ -8,6 +8,7 @@ class RemoteFollowController < ApplicationController def new @remote_follow = RemoteFollow.new + @remote_follow.acct = session[:remote_follow] if session.key?(:remote_follow) end def create @@ -22,6 +23,8 @@ class RemoteFollowController < ApplicationController render(:new) && return end + session[:remote_follow] = @remote_follow.acct + redirect_to Addressable::Template.new(redirect_url_link.template).expand(uri: "#{@account.username}@#{Rails.configuration.x.local_domain}").to_s else render :new -- cgit