hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/develop' into shigusegubu

Browse source 
* origin/develop: (129 commits)
  Uploaders.S3: Replace unsafe characters in object key
  update pleroma frontend
  test: add smoketests for the scrubbing policies
  html: twittertext: add missing catchall scrub function
  twitter api: add no_rich_text option to userview for account prefs
  test: add tests for new User.html_filter_policy()
  mastodon api: formatting
  twitter api: add support for disabling rich text
  mastodon api: add support for user-supplied html policy
  twitter api: add support for user-specified html policy
  user: add User.html_filter_policy()
  html: default to using normal scrub policy if provided scrub policy is nil
  mix: remove fix_ap_users task, now obsolete
  test: add test proving that users are refreshed when stale
  user: implement dynamic refresh of profiles (gets rid of need for fix_ap_users task)
  Update mastodon frontend
  [Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
  [Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
  [Pleroma.Web.Router]: Fake /api/v1/endorsements
  [Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
  ...
This commit is contained in:
Henry Jameson 2018-09-25 16:18:28 +03:00
commit d5e4b906c9
3162 changed files with 5491 additions and 3792 deletions
Download patch file Download diff file Expand all files Collapse all files

28
lib/mix/tasks/fix_ap_users.ex
View file

@ -1,28 +0,0 @@
defmodule Mix.Tasks.FixApUsers do
use Mix.Task
import Ecto.Query
alias Pleroma.{Repo, User}
@shortdoc "Grab all ap users again"
def run([]) do
Mix.Task.run("app.start")
q =
from(
u in User,
where: fragment("? @> ?", u.info, ^%{"ap_enabled" => true}),
where: u.local == false
)
users = Repo.all(q)
Enum.each(users, fn user ->
try do
IO.puts("Fetching #{user.nickname}")
Pleroma.Web.ActivityPub.Transmogrifier.upgrade_user_from_ap_id(user.ap_id, false)
rescue
e -> IO.inspect(e)
end
end)
end
end

21
lib/mix/tasks/sample_config.eex
View file

@ -29,8 +29,7 @@ config :pleroma, Pleroma.Repo,
# The public S3 endpoint is different depending on region and provider,
# consult your S3 provider's documentation for details on what to use.
#
# config :pleroma, Pleroma.Upload,
# use_s3: true,
# config :pleroma, Pleroma.Uploaders.S3,
# bucket: "some-bucket",
# public_endpoint: "https://s3.amazonaws.com"
#
@ -44,3 +43,21 @@ config :pleroma, Pleroma.Repo,
# For using third-party S3 clones like wasabi, also do:
# config :ex_aws, :s3,
# host: "s3.wasabisys.com"
# Configure Openstack Swift support if desired.
#
# Many openstack deployments are different, so config is left very open with
# no assumptions made on which provider you're using. This should allow very
# wide support without needing separate handlers for OVH, Rackspace, etc.
#
# config :pleroma, Pleroma.Uploaders.Swift,
# container: "some-container",
# username: "api-username-yyyy",
# password: "api-key-xxxx",
# tenant_id: "<openstack-project/tenant-id>",
# auth_url: "https://keystone-endpoint.provider.com",
# storage_url: "https://swift-endpoint.prodider.com/v1/AUTH_<tenant>/<container>",
# object_url: "https://cdn-endpoint.provider.com/<container>"
#

62
lib/pleroma/filter.ex Normal file
View file

@ -0,0 +1,62 @@
defmodule Pleroma.Filter do
use Ecto.Schema
import Ecto.{Changeset, Query}
alias Pleroma.{User, Repo, Activity}
schema "filters" do
belongs_to(:user, Pleroma.User)
field(:filter_id, :integer)
field(:hide, :boolean, default: false)
field(:whole_word, :boolean, default: true)
field(:phrase, :string)
field(:context, {:array, :string})
field(:expires_at, :utc_datetime)
timestamps()
end
def get(id, %{id: user_id} = _user) do
query =
from(
f in Pleroma.Filter,
where: f.filter_id == ^id,
where: f.user_id == ^user_id
)
Repo.one(query)
end
def get_filters(%Pleroma.User{id: user_id} = user) do
query =
from(
f in Pleroma.Filter,
where: f.user_id == ^user_id
)
Repo.all(query)
end
def create(%Pleroma.Filter{} = filter) do
Repo.insert(filter)
end
def delete(%Pleroma.Filter{id: filter_key} = filter) when is_number(filter_key) do
Repo.delete(filter)
end
def delete(%Pleroma.Filter{id: filter_key} = filter) when is_nil(filter_key) do
%Pleroma.Filter{id: id} = get(filter.filter_id, %{id: filter.user_id})
filter
|> Map.put(:id, id)
|> Repo.delete()
end
def update(%Pleroma.Filter{} = filter) do
destination = Map.from_struct(filter)
Pleroma.Filter.get(filter.filter_id, %{id: filter.user_id})
|> cast(destination, [:phrase, :context, :hide, :expires_at, :whole_word])
|> Repo.update()
end
end

10
lib/pleroma/formatter.ex
View file

@ -1,6 +1,7 @@
defmodule Pleroma.Formatter do
alias Pleroma.User
alias Pleroma.Web.MediaProxy
alias Pleroma.HTML
@tag_regex ~r/\#\w+/u
def parse_tags(text, data \\ %{}) do
@ -144,8 +145,8 @@ defmodule Pleroma.Formatter do
def emojify(text, emoji) do
Enum.reduce(emoji, text, fn {emoji, file}, text ->
emoji = HtmlSanitizeEx.strip_tags(emoji)
file = HtmlSanitizeEx.strip_tags(file)
emoji = HTML.strip_tags(emoji)
file = HTML.strip_tags(file)
String.replace(
text,
@ -154,13 +155,16 @@ defmodule Pleroma.Formatter do
MediaProxy.url(file)
}' />"
)
|> HTML.filter_tags()
end)
end
def get_emoji(text) do
def get_emoji(text) when is_binary(text) do
Enum.filter(@emoji, fn {emoji, _} -> String.contains?(text, ":#{emoji}:") end)
end
def get_emoji(_), do: []
def get_custom_emoji() do
@emoji
end

7
lib/pleroma/gopher/server.ex
View file

@ -35,6 +35,7 @@ defmodule Pleroma.Gopher.Server.ProtocolHandler do
alias Pleroma.User
alias Pleroma.Activity
alias Pleroma.Repo
alias Pleroma.HTML
@instance Application.get_env(:pleroma, :instance)
@gopher Application.get_env(:pleroma, :gopher)
@ -78,11 +79,7 @@ defmodule Pleroma.Gopher.Server.ProtocolHandler do
link("Post ##{activity.id} by #{user.nickname}", "/notices/#{activity.id}") <>
info("#{like_count} likes, #{announcement_count} repeats") <>
"i\tfake\t(NULL)\t0\r\n" <>
info(
HtmlSanitizeEx.strip_tags(
String.replace(activity.data["object"]["content"], "<br>", "\r")
)
)
info(HTML.strip_tags(String.replace(activity.data["object"]["content"], "<br>", "\r")))
end)
|> Enum.join("i\tfake\t(NULL)\t0\r\n")
end

179
lib/pleroma/html.ex Normal file
View file

@ -0,0 +1,179 @@
defmodule Pleroma.HTML do
alias HtmlSanitizeEx.Scrubber
@markup Application.get_env(:pleroma, :markup)
defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]
def get_scrubbers() do
Keyword.get(@markup, :scrub_policy)
|> get_scrubbers
end
def filter_tags(html, nil) do
get_scrubbers()
|> Enum.reduce(html, fn scrubber, html ->
filter_tags(html, scrubber)
end)
end
def filter_tags(html, scrubber) do
html |> Scrubber.scrub(scrubber)
end
def filter_tags(html), do: filter_tags(html, nil)
def strip_tags(html) do
html |> Scrubber.scrub(Scrubber.StripTags)
end
end
defmodule Pleroma.HTML.Scrubber.TwitterText do
@moduledoc """
An HTML scrubbing policy which limits to twitter-style text. Only
paragraphs, breaks and links are allowed through the filter.
"""
require HtmlSanitizeEx.Scrubber.Meta
alias HtmlSanitizeEx.Scrubber.Meta
@valid_schemes ["http", "https"]
Meta.remove_cdata_sections_before_scrub()
Meta.strip_comments()
# links
Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes)
Meta.allow_tag_with_these_attributes("a", ["name", "title"])
# paragraphs and linebreaks
Meta.allow_tag_with_these_attributes("br", [])
Meta.allow_tag_with_these_attributes("p", [])
# microformats
Meta.allow_tag_with_these_attributes("span", [])
# allow inline images for custom emoji
@markup Application.get_env(:pleroma, :markup)
@allow_inline_images Keyword.get(@markup, :allow_inline_images)
if @allow_inline_images do
Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes)
Meta.allow_tag_with_these_attributes("img", [
"width",
"height",
"title",
"alt"
])
end
Meta.strip_everything_not_covered()
end
defmodule Pleroma.HTML.Scrubber.Default do
@doc "The default HTML scrubbing policy: no "
require HtmlSanitizeEx.Scrubber.Meta
alias HtmlSanitizeEx.Scrubber.Meta
@valid_schemes ["http", "https"]
Meta.remove_cdata_sections_before_scrub()
Meta.strip_comments()
Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes)
Meta.allow_tag_with_these_attributes("a", ["name", "title"])
Meta.allow_tag_with_these_attributes("b", [])
Meta.allow_tag_with_these_attributes("blockquote", [])
Meta.allow_tag_with_these_attributes("br", [])
Meta.allow_tag_with_these_attributes("code", [])
Meta.allow_tag_with_these_attributes("del", [])
Meta.allow_tag_with_these_attributes("em", [])
Meta.allow_tag_with_these_attributes("i", [])
Meta.allow_tag_with_these_attributes("li", [])
Meta.allow_tag_with_these_attributes("ol", [])
Meta.allow_tag_with_these_attributes("p", [])
Meta.allow_tag_with_these_attributes("pre", [])
Meta.allow_tag_with_these_attributes("span", [])
Meta.allow_tag_with_these_attributes("strong", [])
Meta.allow_tag_with_these_attributes("u", [])
Meta.allow_tag_with_these_attributes("ul", [])
@markup Application.get_env(:pleroma, :markup)
@allow_inline_images Keyword.get(@markup, :allow_inline_images)
if @allow_inline_images do
Meta.allow_tag_with_uri_attributes("img", ["src"], @valid_schemes)
Meta.allow_tag_with_these_attributes("img", [
"width",
"height",
"title",
"alt"
])
end
@allow_tables Keyword.get(@markup, :allow_tables)
if @allow_tables do
Meta.allow_tag_with_these_attributes("table", [])
Meta.allow_tag_with_these_attributes("tbody", [])
Meta.allow_tag_with_these_attributes("td", [])
Meta.allow_tag_with_these_attributes("th", [])
Meta.allow_tag_with_these_attributes("thead", [])
Meta.allow_tag_with_these_attributes("tr", [])
end
@allow_headings Keyword.get(@markup, :allow_headings)
if @allow_headings do
Meta.allow_tag_with_these_attributes("h1", [])
Meta.allow_tag_with_these_attributes("h2", [])
Meta.allow_tag_with_these_attributes("h3", [])
Meta.allow_tag_with_these_attributes("h4", [])
Meta.allow_tag_with_these_attributes("h5", [])
end
@allow_fonts Keyword.get(@markup, :allow_fonts)
if @allow_fonts do
Meta.allow_tag_with_these_attributes("font", ["face"])
end
Meta.strip_everything_not_covered()
end
defmodule Pleroma.HTML.Transform.MediaProxy do
@moduledoc "Transforms inline image URIs to use MediaProxy."
alias Pleroma.Web.MediaProxy
def before_scrub(html), do: html
def scrub_attribute("img", {"src", "http" <> target}) do
media_url =
("http" <> target)
|> MediaProxy.url()
{"src", media_url}
end
def scrub_attribute(tag, attribute), do: attribute
def scrub({"img", attributes, children}) do
attributes =
attributes
|> Enum.map(fn attr -> scrub_attribute("img", attr) end)
|> Enum.reject(&is_nil(&1))
{"img", attributes, children}
end
def scrub({tag, attributes, children}), do: {tag, attributes, children}
def scrub({tag, children}), do: children
def scrub(text), do: text
end

64
lib/pleroma/plugs/authentication_plug.ex
View file

@ -9,54 +9,34 @@ defmodule Pleroma.Plugs.AuthenticationPlug do
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
def call(conn, opts) do
with {:ok, username, password} <- decode_header(conn),
{:ok, user} <- opts[:fetcher].(username),
false <- !!user.info["deactivated"],
saved_user_id <- get_session(conn, :user_id),
{:ok, verified_user} <- verify(user, password, saved_user_id) do
def call(
%{
assigns: %{
auth_user: %{password_hash: password_hash} = auth_user,
auth_credentials: %{password: password}
}
} = conn,
_
) do
if Pbkdf2.checkpw(password, password_hash) do
conn
|> assign(:user, verified_user)
|> put_session(:user_id, verified_user.id)
|> assign(:user, auth_user)
else
_ -> conn |> halt_or_continue(opts)
conn
end
end
# Short-circuit if we have a cookie with the id for the given user.
defp verify(%{id: id} = user, _password, id) do
{:ok, user}
end
defp verify(nil, _password, _user_id) do
def call(
%{
assigns: %{
auth_credentials: %{password: password}
}
} = conn,
_
) do
Pbkdf2.dummy_checkpw()
:error
end
defp verify(user, password, _user_id) do
if Pbkdf2.checkpw(password, user.password_hash) do
{:ok, user}
else
:error
end
end
defp decode_header(conn) do
with ["Basic " <> header] <- get_req_header(conn, "authorization"),
{:ok, userinfo} <- Base.decode64(header),
[username, password] <- String.split(userinfo, ":", parts: 2) do
{:ok, username, password}
end
end
defp halt_or_continue(conn, %{optional: true}) do
conn |> assign(:user, nil)
end
defp halt_or_continue(conn, _) do
conn
|> put_resp_content_type("application/json")
|> send_resp(403, Jason.encode!(%{error: "Invalid credentials."}))
|> halt
end
def call(conn, _), do: conn
end

21
lib/pleroma/plugs/basic_auth_decoder_plug.ex Normal file
View file

@ -0,0 +1,21 @@
defmodule Pleroma.Plugs.BasicAuthDecoderPlug do
import Plug.Conn
def init(options) do
options
end
def call(conn, opts) do
with ["Basic " <> header] <- get_req_header(conn, "authorization"),
{:ok, userinfo} <- Base.decode64(header),
[username, password] <- String.split(userinfo, ":", parts: 2) do
conn
|> assign(:auth_credentials, %{
username: username,
password: password
})
else
_ -> conn
end
end
end

19
lib/pleroma/plugs/ensure_authenticated_plug.ex Normal file
View file

@ -0,0 +1,19 @@
defmodule Pleroma.Plugs.EnsureAuthenticatedPlug do
import Plug.Conn
alias Pleroma.User
def init(options) do
options
end
def call(%{assigns: %{user: %User{}}} = conn, _) do
conn
end
def call(conn, _) do
conn
|> put_resp_content_type("application/json")
|> send_resp(403, Jason.encode!(%{error: "Invalid credentials."}))
|> halt
end
end

14
lib/pleroma/plugs/ensure_user_key_plug.ex Normal file
View file

@ -0,0 +1,14 @@
defmodule Pleroma.Plugs.EnsureUserKeyPlug do
import Plug.Conn
def init(opts) do
opts
end
def call(%{assigns: %{user: _}} = conn, _), do: conn
def call(conn, _) do
conn
|> assign(:user, nil)
end
end

35
lib/pleroma/plugs/legacy_authentication_plug.ex Normal file
View file

@ -0,0 +1,35 @@
defmodule Pleroma.Plugs.LegacyAuthenticationPlug do
import Plug.Conn
alias Pleroma.User
def init(options) do
options
end
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
def call(
%{
assigns: %{
auth_user: %{password_hash: "$6$" <> _ = password_hash} = auth_user,
auth_credentials: %{password: password}
}
} = conn,
_
) do
with ^password_hash <- :crypt.crypt(password, password_hash),
{:ok, user} <-
User.reset_password(auth_user, %{password: password, password_confirmation: password}) do
conn
|> assign(:auth_user, user)
|> assign(:user, user)
else
_ ->
conn
end
end
def call(conn, _) do
conn
end
end

18
lib/pleroma/plugs/session_authentication_plug.ex Normal file
View file

@ -0,0 +1,18 @@
defmodule Pleroma.Plugs.SessionAuthenticationPlug do
import Plug.Conn
alias Pleroma.User
def init(options) do
options
end
def call(conn, _) do
with saved_user_id <- get_session(conn, :user_id),
%{auth_user: %{id: ^saved_user_id}} <- conn.assigns do
conn
|> assign(:user, conn.assigns.auth_user)
else
_ -> conn
end
end
end

15
lib/pleroma/plugs/set_user_session_id_plug.ex Normal file
View file

@ -0,0 +1,15 @@
defmodule Pleroma.Plugs.SetUserSessionIdPlug do
import Plug.Conn
alias Pleroma.User
def init(opts) do
opts
end
def call(%{assigns: %{user: %User{id: id}}} = conn, _) do
conn
|> put_session(:user_id, id)
end
def call(conn, _), do: conn
end

17
lib/pleroma/plugs/user_enabled_plug.ex Normal file
View file

@ -0,0 +1,17 @@
defmodule Pleroma.Plugs.UserEnabledPlug do
import Plug.Conn
alias Pleroma.User
def init(options) do
options
end
def call(%{assigns: %{user: %User{info: %{"deactivated" => true}}}} = conn, _) do
conn
|> assign(:user, nil)
end
def call(conn, _) do
conn
end
end

34
lib/pleroma/plugs/user_fetcher_plug.ex Normal file
View file

@ -0,0 +1,34 @@
defmodule Pleroma.Plugs.UserFetcherPlug do
import Plug.Conn
alias Pleroma.Repo
alias Pleroma.User
def init(options) do
options
end
def call(conn, options) do
with %{auth_credentials: %{username: username}} <- conn.assigns,
{:ok, %User{} = user} <- user_fetcher(username) do
conn
|> assign(:auth_user, user)
else
_ -> conn
end
end
defp user_fetcher(username_or_email) do
{
:ok,
cond do
# First, try logging in as if it was a name
user = Repo.get_by(User, %{nickname: username_or_email}) ->
user
# If we get nil, we try using it as an email
user = Repo.get_by(User, %{email: username_or_email}) ->
user
end
}
end
end

128
lib/pleroma/upload.ex
View file

@ -1,34 +1,19 @@
defmodule Pleroma.Upload do
alias Ecto.UUID
alias Pleroma.Web
@storage_backend Application.get_env(:pleroma, Pleroma.Upload)
|> Keyword.fetch!(:uploader)
def store(%Plug.Upload{} = file, should_dedupe) do
settings = Application.get_env(:pleroma, Pleroma.Upload)
use_s3 = Keyword.fetch!(settings, :use_s3)
content_type = get_content_type(file.path)
uuid = get_uuid(file, should_dedupe)
name = get_name(file, uuid, content_type, should_dedupe)
upload_folder = get_upload_path(uuid, should_dedupe)
url_path = get_url(name, uuid, should_dedupe)
strip_exif_data(content_type, file.path)
File.mkdir_p!(upload_folder)
result_file = Path.join(upload_folder, name)
if File.exists?(result_file) do
File.rm!(file.path)
else
File.cp!(file.path, result_file)
end
url_path =
if use_s3 do
put_s3_file(name, uuid, result_file, content_type)
else
url_path
end
{:ok, url_path} =
@storage_backend.put_file(name, uuid, file.path, content_type, should_dedupe)
%{
"type" => "Document",
@ -43,22 +28,16 @@ defmodule Pleroma.Upload do
}
end
# XXX: does this code actually work? i am skeptical. --kaniini
def store(%{"img" => "data:image/" <> image_data}, should_dedupe) do
settings = Application.get_env(:pleroma, Pleroma.Upload)
use_s3 = Keyword.fetch!(settings, :use_s3)
parsed = Regex.named_captures(~r/(?<filetype>jpeg|png|gif);base64,(?<data>.*)/, image_data)
data = Base.decode64!(parsed["data"], ignore: :whitespace)
uuid = UUID.generate()
uuidpath = Path.join(upload_path(), uuid)
tmp_path = tempfile_for_image(data)
uuid = UUID.generate()
File.mkdir_p!(upload_path())
File.write!(uuidpath, data)
content_type = get_content_type(uuidpath)
content_type = get_content_type(tmp_path)
strip_exif_data(content_type, tmp_path)
name =
create_name(
@ -67,30 +46,7 @@ defmodule Pleroma.Upload do
content_type
)
upload_folder = get_upload_path(uuid, should_dedupe)
url_path = get_url(name, uuid, should_dedupe)
File.mkdir_p!(upload_folder)
result_file = Path.join(upload_folder, name)
if should_dedupe do
if !File.exists?(result_file) do
File.rename(uuidpath, result_file)
else
File.rm!(uuidpath)
end
else
File.rename(uuidpath, result_file)
end
strip_exif_data(content_type, result_file)
url_path =
if use_s3 do
put_s3_file(name, uuid, result_file, content_type)
else
url_path
end
{:ok, url_path} = @storage_backend.put_file(name, uuid, tmp_path, content_type, should_dedupe)
%{
"type" => "Image",
@ -105,21 +61,28 @@ defmodule Pleroma.Upload do
}
end
@doc """
Creates a tempfile using the Plug.Upload Genserver which cleans them up
automatically.
"""
def tempfile_for_image(data) do
{:ok, tmp_path} = Plug.Upload.random_file("profile_pics")
{:ok, tmp_file} = File.open(tmp_path, [:write, :raw, :binary])
IO.binwrite(tmp_file, data)
tmp_path
end
def strip_exif_data(content_type, file) do
settings = Application.get_env(:pleroma, Pleroma.Upload)
do_strip = Keyword.fetch!(settings, :strip_exif)
[filetype, ext] = String.split(content_type, "/")
[filetype, _ext] = String.split(content_type, "/")
if filetype == "image" and do_strip == true do
Mogrify.open(file) |> Mogrify.custom("strip") |> Mogrify.save(in_place: true)
end
end
def upload_path do
settings = Application.get_env(:pleroma, Pleroma.Upload)
Keyword.fetch!(settings, :uploads)
end
defp create_name(uuid, ext, type) do
case type do
"application/octet-stream" ->
@ -163,26 +126,6 @@ defmodule Pleroma.Upload do
end
end
defp get_upload_path(uuid, should_dedupe) do
if should_dedupe do
upload_path()
else
Path.join(upload_path(), uuid)
end
end
defp get_url(name, uuid, should_dedupe) do
if should_dedupe do
url_for(:cow_uri.urlencode(name))
else
url_for(Path.join(uuid, :cow_uri.urlencode(name)))
end
end
defp url_for(file) do
"#{Web.base_url()}/media/#{file}"
end
def get_content_type(file) do
match =
File.open(file, [:read], fn f ->
@ -224,25 +167,4 @@ defmodule Pleroma.Upload do
_e -> "application/octet-stream"
end
end
defp put_s3_file(name, uuid, path, content_type) do
settings = Application.get_env(:pleroma, Pleroma.Upload)
bucket = Keyword.fetch!(settings, :bucket)
public_endpoint = Keyword.fetch!(settings, :public_endpoint)
{:ok, file_data} = File.read(path)
File.rm!(path)
s3_name = "#{uuid}/#{name}"
{:ok, result} =
ExAws.S3.put_object(bucket, s3_name, file_data, [
{:acl, :public_read},
{:content_type, content_type}
])
|> ExAws.request()
"#{public_endpoint}/#{bucket}/#{s3_name}"
end
end

51
lib/pleroma/uploaders/local.ex Normal file
View file

@ -0,0 +1,51 @@
defmodule Pleroma.Uploaders.Local do
@behaviour Pleroma.Uploaders.Uploader
alias Pleroma.Web
def put_file(name, uuid, tmpfile, _content_type, should_dedupe) do
upload_folder = get_upload_path(uuid, should_dedupe)
url_path = get_url(name, uuid, should_dedupe)
File.mkdir_p!(upload_folder)
result_file = Path.join(upload_folder, name)
if File.exists?(result_file) do
File.rm!(tmpfile)
else
File.cp!(tmpfile, result_file)
end
{:ok, url_path}
end
def upload_path do
settings = Application.get_env(:pleroma, Pleroma.Uploaders.Local)
Keyword.fetch!(settings, :uploads)
end
defp get_upload_path(uuid, should_dedupe) do
if should_dedupe do
upload_path()
else
Path.join(upload_path(), uuid)
end
end
defp get_url(name, uuid, should_dedupe) do
if should_dedupe do
url_for(:cow_uri.urlencode(name))
else
url_for(Path.join(uuid, :cow_uri.urlencode(name)))
end
end
defp url_for(file) do
settings = Application.get_env(:pleroma, Pleroma.Uploaders.Local)
Keyword.get(settings, :uploads_url)
|> String.replace("{{file}}", file)
|> String.replace("{{base_url}}", Web.base_url())
end
end

28
lib/pleroma/uploaders/s3.ex Normal file
View file

@ -0,0 +1,28 @@
defmodule Pleroma.Uploaders.S3 do
@behaviour Pleroma.Uploaders.Uploader
def put_file(name, uuid, path, content_type, _should_dedupe) do
settings = Application.get_env(:pleroma, Pleroma.Uploaders.S3)
bucket = Keyword.fetch!(settings, :bucket)
public_endpoint = Keyword.fetch!(settings, :public_endpoint)
{:ok, file_data} = File.read(path)
File.rm!(path)
s3_name = "#{uuid}/#{encode(name)}"
{:ok, _} =
ExAws.S3.put_object(bucket, s3_name, file_data, [
{:acl, :public_read},
{:content_type, content_type}
])
|> ExAws.request()
{:ok, "#{public_endpoint}/#{bucket}/#{s3_name}"}
end
defp encode(name) do
String.replace(name, ~r/[^0-9a-zA-Z!.*'()_-]/, "-")
end
end

48
lib/pleroma/uploaders/swift/keystone.ex Normal file
View file

@ -0,0 +1,48 @@
defmodule Pleroma.Uploaders.Swift.Keystone do
use HTTPoison.Base
@settings Application.get_env(:pleroma, Pleroma.Uploaders.Swift)
def process_url(url) do
Enum.join(
[Keyword.fetch!(@settings, :auth_url), url],
"/"
)
end
def process_response_body(body) do
body
|> Poison.decode!()
end
def get_token() do
username = Keyword.fetch!(@settings, :username)
password = Keyword.fetch!(@settings, :password)
tenant_id = Keyword.fetch!(@settings, :tenant_id)
case post(
"/tokens",
make_auth_body(username, password, tenant_id),
["Content-Type": "application/json"],
hackney: [:insecure]
) do
{:ok, %HTTPoison.Response{status_code: 200, body: body}} ->
body["access"]["token"]["id"]
{:ok, %HTTPoison.Response{status_code: _}} ->
""
end
end
def make_auth_body(username, password, tenant) do
Poison.encode!(%{
:auth => %{
:passwordCredentials => %{
:username => username,
:password => password
},
:tenantId => tenant
}
})
end
end

28
lib/pleroma/uploaders/swift/swift.ex Normal file
View file

@ -0,0 +1,28 @@
defmodule Pleroma.Uploaders.Swift.Client do
use HTTPoison.Base
@settings Application.get_env(:pleroma, Pleroma.Uploaders.Swift)
def process_url(url) do
Enum.join(
[Keyword.fetch!(@settings, :storage_url), url],
"/"
)
end
def upload_file(filename, body, content_type) do
object_url = Keyword.fetch!(@settings, :object_url)
token = Pleroma.Uploaders.Swift.Keystone.get_token()
case put("#{filename}", body, "X-Auth-Token": token, "Content-Type": content_type) do
{:ok, %HTTPoison.Response{status_code: 201}} ->
{:ok, "#{object_url}/#{filename}"}
{:ok, %HTTPoison.Response{status_code: 401}} ->
{:error, "Unauthorized, Bad Token"}
{:error, _} ->
{:error, "Swift Upload Error"}
end
end
end

10
lib/pleroma/uploaders/swift/uploader.ex Normal file
View file

@ -0,0 +1,10 @@
defmodule Pleroma.Uploaders.Swift do
@behaviour Pleroma.Uploaders.Uploader
def put_file(name, uuid, tmp_path, content_type, _should_dedupe) do
{:ok, file_data} = File.read(tmp_path)
remote_name = "#{uuid}/#{name}"
Pleroma.Uploaders.Swift.Client.upload_file(remote_name, file_data, content_type)
end
end

20
lib/pleroma/uploaders/uploader.ex Normal file
View file

@ -0,0 +1,20 @@
defmodule Pleroma.Uploaders.Uploader do
@moduledoc """
Defines the contract to put an uploaded file to any backend.
"""
@doc """
Put a file to the backend.
Returns `{:ok, String.t } | {:error, String.t} containing the path of the
uploaded file, or error information if the file failed to be saved to the
respective backend.
"""
@callback put_file(
name :: String.t(),
uuid :: String.t(),
file :: File.t(),
content_type :: String.t(),
should_dedupe :: Boolean.t()
) :: {:ok, String.t()} | {:error, String.t()}
end

38
lib/pleroma/user.ex
View file

@ -22,6 +22,7 @@ defmodule Pleroma.User do
field(:info, :map, default: %{})
field(:follower_address, :string)
field(:search_distance, :float, virtual: true)
field(:last_refreshed_at, :naive_datetime)
has_many(:notifications, Notification)
timestamps()
@ -68,7 +69,8 @@ defmodule Pleroma.User do
following_count: length(user.following) - oneself,
note_count: user.info["note_count"] || 0,
follower_count: user.info["follower_count"] || 0,
locked: user.info["locked"] || false
locked: user.info["locked"] || false,
default_scope: user.info["default_scope"] || "public"
}
end
@ -111,8 +113,12 @@ defmodule Pleroma.User do
end
def upgrade_changeset(struct, params \\ %{}) do
params =
params
|> Map.put(:last_refreshed_at, NaiveDateTime.utc_now())
struct
|> cast(params, [:bio, :name, :info, :follower_address, :avatar])
|> cast(params, [:bio, :name, :info, :follower_address, :avatar, :last_refreshed_at])
|> unique_constraint(:nickname)
|> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/)
|> validate_length(:bio, max: 5000)
@ -168,6 +174,16 @@ defmodule Pleroma.User do
end
end
def needs_update?(%User{local: true}), do: false
def needs_update?(%User{local: false, last_refreshed_at: nil}), do: true
def needs_update?(%User{local: false} = user) do
NaiveDateTime.diff(NaiveDateTime.utc_now(), user.last_refreshed_at) >= 86400
end
def needs_update?(_), do: true
def maybe_direct_follow(%User{} = follower, %User{info: info} = followed) do
user_config = Application.get_env(:pleroma, :user)
deny_follow_blocked = Keyword.get(user_config, :deny_follow_blocked)
@ -608,6 +624,14 @@ defmodule Pleroma.User do
)
end
def moderator_user_query() do
from(
u in User,
where: u.local == true,
where: fragment("?->'is_moderator' @> 'true'", u.info)
)
end
def deactivate(%User{} = user) do
new_info = Map.put(user.info, "deactivated", true)
cs = User.info_changeset(user, %{info: new_info})
@ -645,8 +669,16 @@ defmodule Pleroma.User do
:ok
end
def html_filter_policy(%User{info: %{"no_rich_text" => true}}) do
Pleroma.HTML.Scrubber.TwitterText
end
def html_filter_policy(_), do: nil
def get_or_fetch_by_ap_id(ap_id) do
if user = get_by_ap_id(ap_id) do
user = get_by_ap_id(ap_id)
if !is_nil(user) and !User.needs_update?(user) do
user
else
ap_try = ActivityPub.make_user_from_ap_id(ap_id)

6
lib/pleroma/web/activity_pub/activity_pub.ex
View file

@ -93,6 +93,11 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
Pleroma.Web.Streamer.stream("public:local", activity)
end
activity.data["object"]
|> Map.get("tag", [])
|> Enum.filter(fn tag -> is_bitstring(tag) end)
|> Enum.map(fn tag -> Pleroma.Web.Streamer.stream("hashtag:" <> tag, activity) end)
if activity.data["object"]["attachment"] != [] do
Pleroma.Web.Streamer.stream("public:media", activity)
@ -747,6 +752,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
"actor" => data["attributedTo"],
"object" => data
},
:ok <- Transmogrifier.contain_origin(id, params),
{:ok, activity} <- Transmogrifier.handle_incoming(params) do
{:ok, Object.normalize(activity.data["object"])}
else

25
lib/pleroma/web/activity_pub/mrf/normalize_markup.ex Normal file
View file

@ -0,0 +1,25 @@
defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkup do
alias Pleroma.HTML
@behaviour Pleroma.Web.ActivityPub.MRF
@mrf_normalize_markup Application.get_env(:pleroma, :mrf_normalize_markup)
def filter(%{"type" => activity_type} = object) when activity_type == "Create" do
scrub_policy = Keyword.get(@mrf_normalize_markup, :scrub_policy)
child = object["object"]
content =
child["content"]
|> HTML.filter_tags(scrub_policy)
child = Map.put(child, "content", content)
object = Map.put(object, "object", child)
{:ok, object}
end
def filter(object), do: {:ok, object}
end

65
lib/pleroma/web/activity_pub/mrf/reject_non_public.ex
View file

@ -7,43 +7,42 @@ defmodule Pleroma.Web.ActivityPub.MRF.RejectNonPublic do
@allow_direct Keyword.get(@mrf_rejectnonpublic, :allow_direct)
@impl true
def filter(object) do
if object["type"] == "Create" do
user = User.get_cached_by_ap_id(object["actor"])
public = "https://www.w3.org/ns/activitystreams#Public"
def filter(%{"type" => "Create"} = object) do
user = User.get_cached_by_ap_id(object["actor"])
public = "https://www.w3.org/ns/activitystreams#Public"
# Determine visibility
visibility =
cond do
public in object["to"] -> "public"
public in object["cc"] -> "unlisted"
user.follower_address in object["to"] -> "followers"
true -> "direct"
# Determine visibility
visibility =
cond do
public in object["to"] -> "public"
public in object["cc"] -> "unlisted"
user.follower_address in object["to"] -> "followers"
true -> "direct"
end
case visibility do
"public" ->
{:ok, object}
"unlisted" ->
{:ok, object}
"followers" ->
with true <- @allow_followersonly do
{:ok, object}
else
_e -> {:reject, nil}
end
case visibility do
"public" ->
"direct" ->
with true <- @allow_direct do
{:ok, object}
"unlisted" ->
{:ok, object}
"followers" ->
with true <- @allow_followersonly do
{:ok, object}
else
_e -> {:reject, nil}
end
"direct" ->
with true <- @allow_direct do
{:ok, object}
else
_e -> {:reject, nil}
end
end
else
{:ok, object}
else
_e -> {:reject, nil}
end
end
end
@impl true
def filter(object), do: {:ok, object}
end

109
lib/pleroma/web/activity_pub/mrf/simple_policy.ex
View file

@ -5,80 +5,77 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
@mrf_policy Application.get_env(:pleroma, :mrf_simple)
@accept Keyword.get(@mrf_policy, :accept)
defp check_accept(actor_info, object) do
if length(@accept) > 0 and not (actor_info.host in @accept) do
{:reject, nil}
else
{:ok, object}
end
defp check_accept(%{host: actor_host} = actor_info, object)
when length(@accept) > 0 and not (actor_host in @accept) do
{:reject, nil}
end
defp check_accept(actor_info, object), do: {:ok, object}
@reject Keyword.get(@mrf_policy, :reject)
defp check_reject(actor_info, object) do
if actor_info.host in @reject do
{:reject, nil}
else
{:ok, object}
end
defp check_reject(%{host: actor_host} = actor_info, object) when actor_host in @reject do
{:reject, nil}
end
defp check_reject(actor_info, object), do: {:ok, object}
@media_removal Keyword.get(@mrf_policy, :media_removal)
defp check_media_removal(actor_info, object) do
if actor_info.host in @media_removal do
child_object = Map.delete(object["object"], "attachment")
object = Map.put(object, "object", child_object)
{:ok, object}
else
{:ok, object}
end
defp check_media_removal(%{host: actor_host} = actor_info, %{"type" => "Create"} = object)
when actor_host in @media_removal do
child_object = Map.delete(object["object"], "attachment")
object = Map.put(object, "object", child_object)
{:ok, object}
end
defp check_media_removal(actor_info, object), do: {:ok, object}
@media_nsfw Keyword.get(@mrf_policy, :media_nsfw)
defp check_media_nsfw(actor_info, object) do
child_object = object["object"]
if actor_info.host in @media_nsfw and child_object["attachment"] != nil and
length(child_object["attachment"]) > 0 do
tags = (child_object["tag"] || []) ++ ["nsfw"]
child_object = Map.put(child_object, "tags", tags)
child_object = Map.put(child_object, "sensitive", true)
object = Map.put(object, "object", child_object)
{:ok, object}
else
{:ok, object}
end
defp check_media_nsfw(
%{host: actor_host} = actor_info,
%{
"type" => "Create",
"object" => %{"attachment" => child_attachment} = child_object
} = object
)
when actor_host in @media_nsfw and length(child_attachment) > 0 do
tags = (child_object["tag"] || []) ++ ["nsfw"]
child_object = Map.put(child_object, "tags", tags)
child_object = Map.put(child_object, "sensitive", true)
object = Map.put(object, "object", child_object)
{:ok, object}
end
defp check_media_nsfw(actor_info, object), do: {:ok, object}
@ftl_removal Keyword.get(@mrf_policy, :federated_timeline_removal)
defp check_ftl_removal(actor_info, object) do
if actor_info.host in @ftl_removal do
user = User.get_by_ap_id(object["actor"])
defp check_ftl_removal(%{host: actor_host} = actor_info, object)
when actor_host in @ftl_removal do
user = User.get_by_ap_id(object["actor"])
# flip to/cc relationship to make the post unlisted
object =
if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and
user.follower_address in object["cc"] do
to =
List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++
[user.follower_address]
# flip to/cc relationship to make the post unlisted
object =
if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and
user.follower_address in object["cc"] do
to =
List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++
[user.follower_address]
cc =
List.delete(object["cc"], user.follower_address) ++
["https://www.w3.org/ns/activitystreams#Public"]
cc =
List.delete(object["cc"], user.follower_address) ++
["https://www.w3.org/ns/activitystreams#Public"]
object
|> Map.put("to", to)
|> Map.put("cc", cc)
else
object
end
object
|> Map.put("to", to)
|> Map.put("cc", cc)
else
object
end
{:ok, object}
else
{:ok, object}
end
{:ok, object}
end
defp check_ftl_removal(actor_info, object), do: {:ok, object}
@impl true
def filter(object) do
actor_info = URI.parse(object["actor"])

19
lib/pleroma/web/activity_pub/transmogrifier.ex
View file

@ -30,6 +30,20 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
actor["id"]
end
@doc """
Checks that an imported AP object's actor matches the domain it came from.
"""
def contain_origin(id, %{"actor" => actor} = params) do
id_uri = URI.parse(id)
actor_uri = URI.parse(get_actor(params))
if id_uri.host == actor_uri.host do
:ok
else
:error
end
end
@doc """
Modifies an incoming AP object (mastodon format) to our internal format.
"""
@ -341,9 +355,10 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
end
def handle_incoming(
%{"type" => "Update", "object" => %{"type" => "Person"} = object, "actor" => actor_id} =
%{"type" => "Update", "object" => %{"type" => object_type} = object, "actor" => actor_id} =
data
) do
)
when object_type in ["Person", "Application", "Service", "Organization"] do
with %User{ap_id: ^actor_id} = actor <- User.get_by_ap_id(object["id"]) do
{:ok, new_user_data} = ActivityPub.user_data_from_user_object(object)

8
lib/pleroma/web/endpoint.ex
View file

@ -11,7 +11,7 @@ defmodule Pleroma.Web.Endpoint do
#
# You should set gzip to true if you are running phoenix.digest
# when deploying your static files in production.
plug(Plug.Static, at: "/media", from: Pleroma.Upload.upload_path(), gzip: false)
plug(Plug.Static, at: "/media", from: Pleroma.Uploaders.Local.upload_path(), gzip: false)
plug(
Plug.Static,
@ -49,7 +49,11 @@ defmodule Pleroma.Web.Endpoint do
Plug.Session,
store: :cookie,
key: "_pleroma_key",
signing_salt: "CqaoopA2"
signing_salt: "CqaoopA2",
http_only: true,
secure:
Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
extra: "SameSite=Strict"
)
plug(Pleroma.Web.Router)

137
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
View file

@ -2,11 +2,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
use Pleroma.Web, :controller
alias Pleroma.{Repo, Object, Activity, User, Notification, Stats}
alias Pleroma.Web
alias Pleroma.Web.MastodonAPI.{StatusView, AccountView, MastodonView, ListView}
alias Pleroma.Web.MastodonAPI.{StatusView, AccountView, MastodonView, ListView, FilterView}
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.OAuth.{Authorization, Token, App}
alias Pleroma.Web.MediaProxy
alias Comeonin.Pbkdf2
import Ecto.Query
require Logger
@ -97,7 +98,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
CommonAPI.update(user)
end
json(conn, AccountView.render("account.json", %{user: user}))
json(conn, AccountView.render("account.json", %{user: user, for: user}))
else
_e ->
conn
@ -107,13 +108,13 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
def verify_credentials(%{assigns: %{user: user}} = conn, _) do
account = AccountView.render("account.json", %{user: user})
account = AccountView.render("account.json", %{user: user, for: user})
json(conn, account)
end
def user(conn, %{"id" => id}) do
def user(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
with %User{} = user <- Repo.get(User, id) do
account = AccountView.render("account.json", %{user: user})
account = AccountView.render("account.json", %{user: user, for: for_user})
json(conn, account)
else
_e ->
@ -124,7 +125,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
@instance Application.get_env(:pleroma, :instance)
@mastodon_api_level "2.3.3"
@mastodon_api_level "2.5.0"
def masto_instance(conn, _params) do
response = %{
@ -440,7 +441,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
new_data = %{object.data | "name" => description}
change = Object.change(object, %{data: new_data})
{:ok, media_obj} = Repo.update(change)
{:ok, _} = Repo.update(change)
data =
new_data
@ -587,7 +588,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
with %User{} = followed <- Repo.get_by(User, nickname: uri),
{:ok, follower} <- User.maybe_direct_follow(follower, followed),
{:ok, _activity} <- ActivityPub.follow(follower, followed) do
render(conn, AccountView, "account.json", %{user: followed})
render(conn, AccountView, "account.json", %{user: followed, for: follower})
else
{:error, message} ->
conn
@ -653,9 +654,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
json(conn, %{})
end
def search2(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
accounts = User.search(query, params["resolve"] == "true")
def status_search(query) do
fetched =
if Regex.match?(~r/https?:/, query) do
with {:ok, object} <- ActivityPub.fetch_object_from_id(query) do
@ -680,7 +679,13 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
order_by: [desc: :id]
)
statuses = Repo.all(q) ++ fetched
Repo.all(q) ++ fetched
end
def search2(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
accounts = User.search(query, params["resolve"] == "true")
statuses = status_search(query)
tags_path = Web.base_url() <> "/tag/"
@ -704,31 +709,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
def search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
accounts = User.search(query, params["resolve"] == "true")
fetched =
if Regex.match?(~r/https?:/, query) do
with {:ok, object} <- ActivityPub.fetch_object_from_id(query) do
[Activity.get_create_activity_by_object_ap_id(object.data["id"])]
else
_e -> []
end
end || []
q =
from(
a in Activity,
where: fragment("?->>'type' = 'Create'", a.data),
where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
where:
fragment(
"to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",
a.data,
^query
),
limit: 20,
order_by: [desc: :id]
)
statuses = Repo.all(q) ++ fetched
statuses = status_search(query)
tags =
String.split(query)
@ -877,7 +858,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
if user && token do
mastodon_emoji = mastodonized_emoji()
accounts = Map.put(%{}, user.id, AccountView.render("account.json", %{user: user}))
accounts =
Map.put(%{}, user.id, AccountView.render("account.json", %{user: user, for: user}))
initial_state =
%{
@ -1049,13 +1032,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
NaiveDateTime.to_iso8601(created_at)
|> String.replace(~r/(\.\d+)?$/, ".000Z", global: false)
id = id |> to_string
case activity.data["type"] do
"Create" ->
%{
id: id,
type: "mention",
created_at: created_at,
account: AccountView.render("account.json", %{user: actor}),
account: AccountView.render("account.json", %{user: actor, for: user}),
status: StatusView.render("status.json", %{activity: activity, for: user})
}
@ -1066,7 +1051,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
id: id,
type: "favourite",
created_at: created_at,
account: AccountView.render("account.json", %{user: actor}),
account: AccountView.render("account.json", %{user: actor, for: user}),
status: StatusView.render("status.json", %{activity: liked_activity, for: user})
}
@ -1077,7 +1062,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
id: id,
type: "reblog",
created_at: created_at,
account: AccountView.render("account.json", %{user: actor}),
account: AccountView.render("account.json", %{user: actor, for: user}),
status: StatusView.render("status.json", %{activity: announced_activity, for: user})
}
@ -1086,7 +1071,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
id: id,
type: "follow",
created_at: created_at,
account: AccountView.render("account.json", %{user: actor})
account: AccountView.render("account.json", %{user: actor, for: user})
}
_ ->
@ -1094,6 +1079,65 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
end
def get_filters(%{assigns: %{user: user}} = conn, _) do
filters = Pleroma.Filter.get_filters(user)
res = FilterView.render("filters.json", filters: filters)
json(conn, res)
end
def create_filter(
%{assigns: %{user: user}} = conn,
%{"phrase" => phrase, "context" => context} = params
) do
query = %Pleroma.Filter{
user_id: user.id,
phrase: phrase,
context: context,
hide: Map.get(params, "irreversible", nil),
whole_word: Map.get(params, "boolean", true)
# expires_at
}
{:ok, response} = Pleroma.Filter.create(query)
res = FilterView.render("filter.json", filter: response)
json(conn, res)
end
def get_filter(%{assigns: %{user: user}} = conn, %{"id" => filter_id}) do
filter = Pleroma.Filter.get(filter_id, user)
res = FilterView.render("filter.json", filter: filter)
json(conn, res)
end
def update_filter(
%{assigns: %{user: user}} = conn,
%{"phrase" => phrase, "context" => context, "id" => filter_id} = params
) do
query = %Pleroma.Filter{
user_id: user.id,
filter_id: filter_id,
phrase: phrase,
context: context,
hide: Map.get(params, "irreversible", nil),
whole_word: Map.get(params, "boolean", true)
# expires_at
}
{:ok, response} = Pleroma.Filter.update(query)
res = FilterView.render("filter.json", filter: response)
json(conn, res)
end
def delete_filter(%{assigns: %{user: user}} = conn, %{"id" => filter_id}) do
query = %Pleroma.Filter{
user_id: user.id,
filter_id: filter_id
}
{:ok, _} = Pleroma.Filter.delete(query)
json(conn, %{})
end
def errors(conn, _) do
conn
|> put_status(500)
@ -1106,6 +1150,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
if Keyword.get(@suggestions, :enabled, false) do
api = Keyword.get(@suggestions, :third_party_engine, "")
timeout = Keyword.get(@suggestions, :timeout, 5000)
limit = Keyword.get(@suggestions, :limit, 23)
host =
Application.get_env(:pleroma, Pleroma.Web.Endpoint)
@ -1119,7 +1164,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
@httpoison.get(url, [], timeout: timeout, recv_timeout: timeout),
{:ok, data} <- Jason.decode(body) do
data2 =
Enum.slice(data, 0, 40)
Enum.slice(data, 0, limit)
|> Enum.map(fn x ->
Map.put(
x,
@ -1130,6 +1175,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
)
end)
|> Enum.map(fn x ->
Map.put(x, "avatar", MediaProxy.url(x["avatar"]))
end)
|> Enum.map(fn x ->
Map.put(x, "avatar_static", MediaProxy.url(x["avatar_static"]))
end)
conn
|> json(data2)

6
lib/pleroma/web/mastodon_api/mastodon_socket.ex
View file

@ -23,16 +23,18 @@ defmodule Pleroma.Web.MastodonAPI.MastodonSocket do
"public:local:media",
"user",
"direct",
"list"
"list",
"hashtag"
] <- params["stream"] do
topic = if stream == "list", do: "list:#{params["list"]}", else: stream
socket_stream = if stream == "hashtag", do: "hashtag:#{params["tag"]}", else: stream
socket =
socket
|> assign(:topic, topic)
|> assign(:user, user)
Pleroma.Web.Streamer.add_socket(params["stream"], socket)
Pleroma.Web.Streamer.add_socket(socket_stream, socket)
{:ok, socket}
else
_e -> :error

25
lib/pleroma/web/mastodon_api/views/account_view.ex
View file

@ -4,15 +4,17 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
alias Pleroma.Web.MastodonAPI.AccountView
alias Pleroma.Web.CommonAPI.Utils
alias Pleroma.Web.MediaProxy
alias Pleroma.HTML
def render("accounts.json", %{users: users} = opts) do
render_many(users, AccountView, "account.json", opts)
end
def render("account.json", %{user: user}) do
def render("account.json", %{user: user} = opts) do
image = User.avatar_url(user) |> MediaProxy.url()
header = User.banner_url(user) |> MediaProxy.url()
user_info = User.user_info(user)
bot = (user.info["source_data"]["type"] || "Person") in ["Application", "Service"]
emojis =
(user.info["source_data"]["tag"] || [])
@ -26,6 +28,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
}
end)
fields =
(user.info["source_data"]["attachment"] || [])
|> Enum.filter(fn %{"type" => t} -> t == "PropertyValue" end)
|> Enum.map(fn fields -> Map.take(fields, ["name", "value"]) end)
bio = HTML.filter_tags(user.bio, User.html_filter_policy(opts[:for]))
%{
id: to_string(user.id),
username: username_from_nickname(user.nickname),
@ -36,18 +45,19 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
followers_count: user_info.follower_count,
following_count: user_info.following_count,
statuses_count: user_info.note_count,
note: HtmlSanitizeEx.basic_html(user.bio) || "",
note: bio || "",
url: user.ap_id,
avatar: image,
avatar_static: image,
header: header,
header_static: header,
emojis: emojis,
fields: [],
fields: fields,
bot: bot,
source: %{
note: "",
privacy: "public",
sensitive: "false"
privacy: user_info.default_scope,
sensitive: false
}
}
end
@ -68,8 +78,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
followed_by: User.following?(target, user),
blocking: User.blocks?(user, target),
muting: false,
muting_notifications: false,
requested: false,
domain_blocking: false
domain_blocking: false,
showing_reblogs: false,
endorsed: false
}
end

27
lib/pleroma/web/mastodon_api/views/filter_view.ex Normal file
View file

@ -0,0 +1,27 @@
defmodule Pleroma.Web.MastodonAPI.FilterView do
use Pleroma.Web, :view
alias Pleroma.Web.MastodonAPI.FilterView
alias Pleroma.Web.CommonAPI.Utils
def render("filters.json", %{filters: filters} = opts) do
render_many(filters, FilterView, "filter.json", opts)
end
def render("filter.json", %{filter: filter}) do
expires_at =
if filter.expires_at do
Utils.to_masto_date(filter.expires_at)
else
nil
end
%{
id: to_string(filter.filter_id),
phrase: filter.phrase,
context: filter.context,
expires_at: expires_at,
irreversible: filter.hide,
whole_word: false
}
end
end

25
lib/pleroma/web/mastodon_api/views/status_view.ex
View file

@ -5,6 +5,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
alias Pleroma.Web.CommonAPI.Utils
alias Pleroma.Web.MediaProxy
alias Pleroma.Repo
alias Pleroma.HTML
# TODO: Add cached version.
defp get_replied_to_activities(activities) do
@ -62,6 +63,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
content: reblogged[:content],
created_at: created_at,
reblogs_count: 0,
replies_count: 0,
favourites_count: 0,
reblogged: false,
favourited: false,
@ -111,15 +113,19 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
emojis =
(activity.data["object"]["emoji"] || [])
|> Enum.map(fn {name, url} ->
name = HtmlSanitizeEx.strip_tags(name)
name = HTML.strip_tags(name)
url =
HtmlSanitizeEx.strip_tags(url)
HTML.strip_tags(url)
|> MediaProxy.url()
%{shortcode: name, url: url, static_url: url}
%{shortcode: name, url: url, static_url: url, visible_in_picker: false}
end)
content =
render_content(object)
|> HTML.filter_tags(User.html_filter_policy(opts[:for]))
%{
id: to_string(activity.id),
uri: object["id"],
@ -128,9 +134,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
in_reply_to_id: reply_to && to_string(reply_to.id),
in_reply_to_account_id: reply_to_user && to_string(reply_to_user.id),
reblog: nil,
content: render_content(object),
content: content,
created_at: created_at,
reblogs_count: announcement_count,
replies_count: 0,
favourites_count: like_count,
reblogged: !!repeated,
favourited: !!favorited,
@ -153,7 +160,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
def render("attachment.json", %{attachment: attachment}) do
[attachment_url | _] = attachment["url"]
media_type = attachment_url["mediaType"] || attachment_url["mimeType"]
media_type = attachment_url["mediaType"] || attachment_url["mimeType"] || "image"
href = attachment_url["href"]
type =
@ -221,7 +228,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
object["content"]
end
HtmlSanitizeEx.basic_html(content)
content
end
def render_content(%{"type" => "Article"} = object) do
@ -234,10 +241,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
object["content"]
end
HtmlSanitizeEx.basic_html(content)
content
end
def render_content(object) do
HtmlSanitizeEx.basic_html(object["content"])
end
def render_content(object), do: object["content"]
end

14
lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
View file

@ -3,6 +3,7 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do
alias Pleroma.Stats
alias Pleroma.Web
alias Pleroma.{User, Repo}
def schemas(conn, _params) do
response = %{
@ -22,8 +23,15 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do
instance = Application.get_env(:pleroma, :instance)
media_proxy = Application.get_env(:pleroma, :media_proxy)
suggestions = Application.get_env(:pleroma, :suggestions)
chat = Application.get_env(:pleroma, :chat)
gopher = Application.get_env(:pleroma, :gopher)
stats = Stats.get_stats()
staff_accounts =
User.moderator_user_query()
|> Repo.all()
|> Enum.map(fn u -> u.ap_id end)
response = %{
version: "2.0",
software: %{
@ -51,8 +59,12 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do
enabled: Keyword.get(suggestions, :enabled, false),
thirdPartyEngine: Keyword.get(suggestions, :third_party_engine, ""),
timeout: Keyword.get(suggestions, :timeout, 5000),
limit: Keyword.get(suggestions, :limit, 23),
web: Keyword.get(suggestions, :web, "")
}
},
staffAccounts: staff_accounts,
chat: Keyword.get(chat, :enabled),
gopher: Keyword.get(gopher, :enabled)
}
}

27
lib/pleroma/web/oauth/oauth_controller.ex
View file

@ -39,15 +39,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
})
else
connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
url = "#{redirect_uri}#{connector}code=#{auth.token}"
url = "#{redirect_uri}#{connector}"
url_params = %{:code => auth.token}
url =
url_params =
if params["state"] do
url <> "&state=#{params["state"]}"
Map.put(url_params, :state, params["state"])
else
url
url_params
end
url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
redirect(conn, external: url)
end
end
@ -60,11 +63,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do
fixed_token = fix_padding(params["code"]),
%Authorization{} = auth <-
Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
{:ok, token} <- Token.exchange_token(app, auth) do
{:ok, token} <- Token.exchange_token(app, auth),
{:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
response = %{
token_type: "Bearer",
access_token: token.token,
refresh_token: token.refresh_token,
created_at: DateTime.to_unix(inserted_at),
expires_in: 60 * 10,
scope: "read write follow"
}
@ -116,6 +121,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
token_exchange(conn, params)
end
def token_revoke(conn, %{"token" => token} = params) do
with %App{} = app <- get_app_from_request(conn, params),
%Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
{:ok, %Token{}} <- Repo.delete(token) do
json(conn, %{})
else
_error ->
# RFC 7009: invalid tokens [in the request] do not cause an error response
json(conn, %{})
end
end
defp fix_padding(token) do
token
|> Base.url_decode64!(padding: false)

65
lib/pleroma/web/router.ex
View file

@ -9,47 +9,57 @@ defmodule Pleroma.Web.Router do
@public Keyword.get(@instance, :public)
@registrations_open Keyword.get(@instance, :registrations_open)
def user_fetcher(username_or_email) do
{
:ok,
cond do
# First, try logging in as if it was a name
user = Repo.get_by(User, %{nickname: username_or_email}) ->
user
# If we get nil, we try using it as an email
user = Repo.get_by(User, %{email: username_or_email}) ->
user
end
}
end
pipeline :api do
plug(:accepts, ["json"])
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.AuthenticationPlug, %{fetcher: &Router.user_fetcher/1, optional: true})
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug)
end
pipeline :authenticated_api do
plug(:accepts, ["json"])
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.AuthenticationPlug, %{fetcher: &Router.user_fetcher/1})
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
end
pipeline :mastodon_html do
plug(:accepts, ["html"])
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.AuthenticationPlug, %{fetcher: &Router.user_fetcher/1, optional: true})
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.LegacyAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.UserEnabledPlug)
plug(Pleroma.Plugs.SetUserSessionIdPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug)
end
pipeline :pleroma_html do
plug(:accepts, ["html"])
plug(:fetch_session)
plug(Pleroma.Plugs.OAuthPlug)
plug(Pleroma.Plugs.AuthenticationPlug, %{fetcher: &Router.user_fetcher/1, optional: true})
plug(Pleroma.Plugs.BasicAuthDecoderPlug)
plug(Pleroma.Plugs.UserFetcherPlug)
plug(Pleroma.Plugs.SessionAuthenticationPlug)
plug(Pleroma.Plugs.AuthenticationPlug)
plug(Pleroma.Plugs.EnsureUserKeyPlug)
end
pipeline :well_known do
@ -93,6 +103,7 @@ defmodule Pleroma.Web.Router do
get("/authorize", OAuthController, :authorize)
post("/authorize", OAuthController, :create_authorization)
post("/token", OAuthController, :token_exchange)
post("/revoke", OAuthController, :token_revoke)
end
scope "/api/v1", Pleroma.Web.MastodonAPI do
@ -154,7 +165,15 @@ defmodule Pleroma.Web.Router do
post("/domain_blocks", MastodonAPIController, :block_domain)
delete("/domain_blocks", MastodonAPIController, :unblock_domain)
get("/filters", MastodonAPIController, :get_filters)
post("/filters", MastodonAPIController, :create_filter)
get("/filters/:id", MastodonAPIController, :get_filter)
put("/filters/:id", MastodonAPIController, :update_filter)
delete("/filters/:id", MastodonAPIController, :delete_filter)
get("/suggestions", MastodonAPIController, :suggestions)
get("/endorsements", MastodonAPIController, :empty_array)
end
scope "/api/web", Pleroma.Web.MastodonAPI do
@ -381,6 +400,8 @@ defmodule Pleroma.Web.Router do
scope "/", Fallback do
get("/registration/:token", RedirectController, :registration_page)
get("/*path", RedirectController, :redirector)
options("/*path", RedirectController, :empty)
end
end
@ -398,4 +419,10 @@ defmodule Fallback.RedirectController do
def registration_page(conn, params) do
redirector(conn, params)
end
def empty(conn, _params) do
conn
|> put_status(204)
|> text("")
end
end

55
lib/pleroma/web/twitter_api/controllers/util_controller.ex
View file

@ -156,28 +156,39 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
|> send_resp(200, response)
_ ->
json(conn, %{
site: %{
name: Keyword.get(@instance, :name),
description: Keyword.get(@instance, :description),
server: Web.base_url(),
textlimit: to_string(Keyword.get(@instance, :limit)),
closed: if(Keyword.get(@instance, :registrations_open), do: "0", else: "1"),
private: if(Keyword.get(@instance, :public, true), do: "0", else: "1"),
pleromafe: %{
theme: Keyword.get(@instance_fe, :theme),
background: Keyword.get(@instance_fe, :background),
logo: Keyword.get(@instance_fe, :logo),
redirectRootNoLogin: Keyword.get(@instance_fe, :redirect_root_no_login),
redirectRootLogin: Keyword.get(@instance_fe, :redirect_root_login),
chatDisabled: !Keyword.get(@instance_chat, :enabled),
showInstanceSpecificPanel: Keyword.get(@instance_fe, :show_instance_panel),
scopeOptionsEnabled: Keyword.get(@instance_fe, :scope_options_enabled),
collapseMessageWithSubject:
Keyword.get(@instance_fe, :collapse_message_with_subject)
}
}
})
data = %{
name: Keyword.get(@instance, :name),
description: Keyword.get(@instance, :description),
server: Web.base_url(),
textlimit: to_string(Keyword.get(@instance, :limit)),
closed: if(Keyword.get(@instance, :registrations_open), do: "0", else: "1"),
private: if(Keyword.get(@instance, :public, true), do: "0", else: "1")
}
pleroma_fe = %{
theme: Keyword.get(@instance_fe, :theme),
background: Keyword.get(@instance_fe, :background),
logo: Keyword.get(@instance_fe, :logo),
logoMask: Keyword.get(@instance_fe, :logo_mask),
logoMargin: Keyword.get(@instance_fe, :logo_margin),
redirectRootNoLogin: Keyword.get(@instance_fe, :redirect_root_no_login),
redirectRootLogin: Keyword.get(@instance_fe, :redirect_root_login),
chatDisabled: !Keyword.get(@instance_chat, :enabled),
showInstanceSpecificPanel: Keyword.get(@instance_fe, :show_instance_panel),
scopeOptionsEnabled: Keyword.get(@instance_fe, :scope_options_enabled),
collapseMessageWithSubject: Keyword.get(@instance_fe, :collapse_message_with_subject)
}
managed_config = Keyword.get(@instance, :managed_config)
data =
if managed_config do
data |> Map.put("pleromafe", pleroma_fe)
else
data
end
json(conn, %{site: data})
end
end

5
lib/pleroma/web/twitter_api/representers/activity_representer.ex
View file

@ -7,6 +7,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do
alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView, ActivityView}
alias Pleroma.Web.CommonAPI.Utils
alias Pleroma.Formatter
alias Pleroma.HTML
defp user_by_ap_id(user_list, ap_id) do
Enum.find(user_list, fn %{ap_id: user_id} -> ap_id == user_id end)
@ -167,7 +168,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do
{summary, content} = ActivityView.render_content(object)
html =
HtmlSanitizeEx.basic_html(content)
HTML.filter_tags(content, User.html_filter_policy(opts[:for]))
|> Formatter.emojify(object["emoji"])
video =
@ -184,7 +185,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do
"uri" => activity.data["object"]["id"],
"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
"statusnet_html" => html,
"text" => HtmlSanitizeEx.strip_tags(content),
"text" => HTML.strip_tags(content),
"is_local" => activity.local,
"is_post_verb" => true,
"created_at" => created_at,

2
lib/pleroma/web/twitter_api/representers/object_representer.ex
View file

@ -17,7 +17,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter do
def to_map(%Object{data: %{"url" => url} = data}, _opts) when is_binary(url) do
%{
url: url |> Pleroma.Web.MediaProxy.url(),
mimetype: data["mediaType"] || url["mimeType"],
mimetype: data["mediaType"] || data["mimeType"],
id: data["uuid"],
oembed: false,
description: data["name"]

14
lib/pleroma/web/twitter_api/twitter_api_controller.ex
View file

@ -443,6 +443,20 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
user
end
user =
if no_rich_text = params["no_rich_text"] do
with no_rich_text <- no_rich_text == "true",
new_info <- Map.put(user.info, "no_rich_text", no_rich_text),
change <- User.info_changeset(user, %{info: new_info}),
{:ok, user} <- User.update_and_set_cache(change) do
user
else
_e -> user
end
else
user
end
user =
if default_scope = params["default_scope"] do
with new_info <- Map.put(user.info, "default_scope", default_scope),

8
lib/pleroma/web/twitter_api/views/activity_view.ex
View file

@ -11,6 +11,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do
alias Pleroma.User
alias Pleroma.Repo
alias Pleroma.Formatter
alias Pleroma.HTML
import Ecto.Query
@ -181,6 +182,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do
def render("activity.json", %{activity: %{data: %{"type" => "Like"}} = activity} = opts) do
user = get_user(activity.data["actor"], opts)
liked_activity = Activity.get_create_activity_by_object_ap_id(activity.data["object"])
liked_activity_id = if liked_activity, do: liked_activity.id, else: nil
created_at =
activity.data["published"]
@ -197,7 +199,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do
"is_post_verb" => false,
"uri" => "tag:#{activity.data["id"]}:objectType=Favourite",
"created_at" => created_at,
"in_reply_to_status_id" => liked_activity.id,
"in_reply_to_status_id" => liked_activity_id,
"external_url" => activity.data["id"],
"activity_type" => "like"
}
@ -231,7 +233,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do
{summary, content} = render_content(object)
html =
HtmlSanitizeEx.basic_html(content)
HTML.filter_tags(content, User.html_filter_policy(opts[:for]))
|> Formatter.emojify(object["emoji"])
%{
@ -239,7 +241,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do
"uri" => activity.data["object"]["id"],
"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
"statusnet_html" => html,
"text" => HtmlSanitizeEx.strip_tags(content),
"text" => HTML.strip_tags(content),
"is_local" => activity.local,
"is_post_verb" => true,
"created_at" => created_at,

11
lib/pleroma/web/twitter_api/views/user_view.ex
View file

@ -4,6 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
alias Pleroma.Formatter
alias Pleroma.Web.CommonAPI.Utils
alias Pleroma.Web.MediaProxy
alias Pleroma.HTML
def render("show.json", %{user: user = %User{}} = assigns) do
render_one(user, Pleroma.Web.TwitterAPI.UserView, "user.json", assigns)
@ -38,9 +39,8 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
data = %{
"created_at" => user.inserted_at |> Utils.format_naive_asctime(),
"description" =>
HtmlSanitizeEx.strip_tags((user.bio || "") |> String.replace("<br>", "\n")),
"description_html" => HtmlSanitizeEx.basic_html(user.bio),
"description" => HTML.strip_tags((user.bio || "") |> String.replace("<br>", "\n")),
"description_html" => HTML.filter_tags(user.bio, User.html_filter_policy(assigns[:for])),
"favourites_count" => 0,
"followers_count" => user_info[:follower_count],
"following" => following,
@ -49,7 +49,7 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
"friends_count" => user_info[:following_count],
"id" => user.id,
"name" => user.name,
"name_html" => HtmlSanitizeEx.strip_tags(user.name) |> Formatter.emojify(emoji),
"name_html" => HTML.strip_tags(user.name) |> Formatter.emojify(emoji),
"profile_image_url" => image,
"profile_image_url_https" => image,
"profile_image_url_profile_size" => image,
@ -64,7 +64,8 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
"background_image" => image_url(user.info["background"]) |> MediaProxy.url(),
"is_local" => user.local,
"locked" => !!user.info["locked"],
"default_scope" => user.info["default_scope"] || "public"
"default_scope" => user.info["default_scope"] || "public",
"no_rich_text" => user.info["no_rich_text"] || false
}
if assigns[:token] do