* HTML sanitization in apub code
* Sanitize API inputs
* fmt
* Dont allow html a, img tags
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* add option to only show posts from moderated communities
* rename moderated_only to moderator_view and show blocked users in moderator view
* add test for moderator view
* bump lemmy-js-client version for moderation view tests
* fix yarn lockfile
* retry build
* Delete logfile
* retry checks
* remove unused select statement from list posts
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Added controversy rank property to posts and comments, and ability to sort by it
* Triggers instead of schedules tasks, integer -> double, TODO: comments don't seem to get updated with floats, divide SortTypes
* Created PersonSortType
* PersonSortType::MostComments case
* Removed unused PartialOrd trait
* Added new person sort type mappings
* SortType -> PersonSortType
* fixes
* cargo fmt
* fixes after merge with main
* Fixed bug in controversy rank trigger, removed TopX sorts from PersonSortType and added CommentScore instead
* Uncovered enum case
* clippy
* reset translation changes
* translations
* translations
* Added additional hot ordering on controversial posts and comments
* featured local and featured community added to controversy rank index, additional order_by removed (?), added post_score and post_count to PersonSortType
* Woodpecker rerun
* cargo fmt
* woodpecker rerun
* fixed controversy_rank order
* fix
* Readded migration as latest, removed second update statement for setting controversy rank
* Resolves issue #3685
If user isn't authenticated with resolve_object, only allow a local search instead of possibly making an http request.
* Making sure to validate auth before doing a potential remote lookup.
* detailed error message for blocked domains (#3698)
* Pass the domain as an error param
Not formatting the error message to support i18n
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Remove SendActivity and Perform traits, rely on channel
These traits arent necessary anymore now that websocket is removed.
Removing them allows us to use normal actix http handler methods
which are much more flexible, and allow using different middlewares
as well as setting response attributes.
* compiling and create post federating
* clippy
* rename methods, join outgoing activities task
* fix api tests
* no unwrap
* conditional compile
* add back getrandom
* make crates optional
* fmt
* Try using drone cache plugin
* Try another path
* Include volume
* Fix formatting
* Include fmt
* Exclude cargo dir from prettier
* Don't override cargo
* Just do check
* Add cache key
* Use different cache plugin
* Add clippy
* Try minio
* Add quotes
* Try adding secrets
* Try again
* Again
* Use correct secret formation
* Add back clippy
* Use secret for the root bucket name
* Try drone cache instead
* Add region
* Add path-style option
* Include cargo clippy
* Include everything again
* Fix formatting
* Don't run clippy twice
* Add `allow` statements for tests to pass
* Adjust endpoint to be a secret
* Fix prettier
* Merge & fix tests
* Try to restart the woodpecker test
* Change the ENV var name
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* change pool fields to parameters for list
* remove my_person_id and admin fields
* Change recipient id to list param
* Remove TypedBuilder from db_views and db_views_actor
* Split activity table into sent and received parts (fixes#3103)
The received activities are only stored in order to avoid processing
the same incoming activity multiple times. For this purpose it is
completely unnecessary to store the data. So we can split the
table into sent_activity and received_activity parts, where
only sent_activity table needs to store activity data. This should
reduce storage use significantly.
Also reduces activity storage duration to three months, we can reduce
this further if necessary.
Additionally the id columns of activity tables are removed because
they are completely unused and risk overflowing (fixes#3560).
* address review
* move insert_received_activity() methods to verify handlers
* remove unnecessary conflict line
* clippy
* use on conflict, add tests
* Check for dead federated instances (fixes#2221)
* move to apub crate, use timestamp
* make it compile
* clippy
* use moka to cache blocklists, dead instances, restore orig scheduled tasks
* remove leftover last_alive var
* error handling
* wip
* fix alive check for instances without nodeinfo, add coalesce
* clippy
* move federation blocklist cache to #3486
* unused deps
* a lot
* merge
* Fix stuff broken by merge
* Get rid of repetitive `&mut *context.conn().await?`
* Add blank lines under each line with `conn =`
* Fix style mistakes (partial)
* Revert "Fix style mistakes (partial)"
This reverts commit 48a033b87f.
* Revert "Add blank lines under each line with `conn =`"
This reverts commit 773a6d3beb.
* Revert "Get rid of repetitive `&mut *context.conn().await?`"
This reverts commit d2c6263ea1.
* Use DbConn for CaptchaAnswer methods
* DbConn trait
* Remove more `&mut *`
* Fix stuff
* Re-run CI
* try to make ci start
* fix
* fix
* Fix api_common::utils
* Fix apub::activities::block
* Fix apub::api::resolve_object
* Fix some things
* Revert "Fix some things"
This reverts commit 2bf8574bc8.
* Revert "Fix apub::api::resolve_object"
This reverts commit 3e4059aabb.
* Revert "Fix apub::activities::block"
This reverts commit 3b02389abd.
* Revert "Fix api_common::utils"
This reverts commit 7dc73de613.
* Revert "Revert "Fix api_common::utils""
This reverts commit f740f115e5.
* Revert "Revert "Fix apub::activities::block""
This reverts commit 2ee206af7c.
* Revert "Revert "Fix apub::api::resolve_object""
This reverts commit 96ed8bf2e9.
* Fix fetch_local_site_data
* Fix get_comment_parent_creator
* Remove unused perma deleted text
* Fix routes::feeds
* Fix lib.rs
* Update lib.rs
* rerun ci
* Attempt to create custom GetConn and RunQueryDsl traits
* Start over
* Add GetConn trait
* aaaa
* Revert "aaaa"
This reverts commit acc9ca1aed.
* Revert "Revert "aaaa""
This reverts commit 443a2a00a5.
* still aaaaaaaaaaaaa
* Return to earlier thing
Revert "Add GetConn trait"
This reverts commit ab4e94aea5.
* Try to use DbPool enum
* Revert "Try to use DbPool enum"
This reverts commit e4d1712646.
* DbConn and DbPool enums (db_schema only fails to compile for tests)
* fmt
* Make functions take `&mut DbPool<'_>` and make db_schema tests compile
* Add try_join_with_pool macro and run fix-clippy on more crates
* Fix some errors
* I did it
* Remove function variants that take connection
* rerun ci
* rerun ci
* rerun ci
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
* improve performance of community followers inbox query
* nightly format
* force woodpecker to retry
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Remove PerformApub trait
This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.
* params need to use query
* Remove `actix_rt` & use standard tokio spawn
* Adjust rust log back down
* Format correctly
* Update cargo lock
* Add DB settings
* Change name and update to latest rev
* Clean up formatting changes
* Move `worker_count` and `worker_retry_count` to settings
* Update defaults
* Use `0.4.4` instead of git branch
* Only show hidden communities when explicitly searching for them rather then in "all"
* dont set hidden to false when creating and updating - let DB set default
* lint
---------
Co-authored-by: Alex Maras <alexmaras@gmail.com>
* Fix handling of follows addressed to single value
* Switch to deserialize_skip_error for Follow to
* Also use deserialize_skip_error for AcceptFollow and UndoFollow
* actually import deserialize_skip_error
This field is unnecessary because we already set a default language
with the same logic if none is passed in CreatePost. So if the user
doesnt set a post language, it should simply be passed as None. This
also has the advantage that it works with clients that dont support
language tags.
Technically not a breaking change because its optional, but better
be safe.
* Adding typescript generation for API. Fixes#2824
* Try to fix Ltree issue 1.
* Forgot a few types.
* Fixing api tests.
* Removing url_serde line.
* Manually deriving TS for some types.
* Adding diesel enums for SortType and ListingType
- Uses diesel-derive-enum.
- Adds diesel.toml , so we can again use the auto-generated schema.rs
- Fixes a lot of DB null issues and column ordering issues.
- Fixes#1136
- Also replaces RegistrationMode boilerplate.
* Fixing unit tests 1.
* Remove comment line.
* Before patch.
* Before again.
* Using patch file to fix diesel_ltree issue with diesel.toml
* Adding some yalc ignores
* Fixing RegistrationMode enums
* Adding woodpecker diesel schema check.
* Try adding openssl 1.
* Try using diesel-cli image 1
* Try using diesel-cli image 2
* Try using diesel-cli image 3
* Try using diesel-cli image 4
* Try using diesel-cli image 5
* Try using diesel-cli image 6
* Try using diesel-cli image 7
* Try using diesel-cli image 8
* Try using diesel-cli image 9
* Try using diesel-cli image 10
* Try using diesel-cli image 11
* Try using diesel-cli image 12
* Try using diesel-cli image 13
* Making the chat server an actor.
- Fixes#2778
- #2787
* Forgot to add handlers folder.
* Some cleanup.
* Forgot to remove a comment.
* Address PR comments.
* Using ToString for enum operations.
* Fix listing type default value
The listing type parameter is only meant for the frontpage, but is
also applied inside of communities. The result is that this call
returns nothing, because it defaults to ListingType::Local:
https://fedibb.ml/api/v3/post/list?community_id=3
It needs to be called like this to get any posts:
https://fedibb.ml/api/v3/post/list?community_id=3&type_=All
This is clearly not expected behaviour, when a community is
specified, the listing type should default to All.
* fix clippy
* update activitypub-federation crate to 0.4.0
* fixes
* apub compiles!
* everything compiling!
* almost done, federated follow failing
* some test fixes
* use release
* add code back in
* Get rid of Safe Views, use serde_skip
- Also change the ViewToVec, to work with non-vector cases. Might be
necessary in preparation for #2763
- Fixes#2712
* Forgot one safe
---------
Co-authored-by: Nutomic <me@nutomic.com>
* Show deleted and removed posts for profile views. Fixes#2624
* Only showing non-deleted/removed posts for creator.
* Add a admin or mod check to views, to show deleted and removed posts.
- Also removed the pointless "blanking" functions
* Fix clippy
* Make hidden posts comment clearer.
* Fixing federation tests.
* Fixing fmt.
This is not necessary because the domain cant change, so we only
need to insert if no row exists for this domain.
Also fetch instance actor when parsing person, not only community
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Implement separate mod activities for feature, lock post
Also includes collection for featured posts. Later we also need
to do the same for Comment.distinguished
* some changes
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Combine prod and dev docker setups using build-arg
- Fixes#2603
* Dont use cache for release build.
* Separate comment distinguish into its own action.
- Fixes#2708
---------
Co-authored-by: Nutomic <me@nutomic.com>
- Other platforms can support additional language tags. Treat those
as None instead of throwing error
- deserialize_skip_error was implemented incorrectly and failed on
array values (6d9682f4e6)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Post creation from Mastodon (fixes#2590)
* better logic for page title
* add deserialize helper
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Breaking: remove compatiblity with page.url field (ref #2182)
* Breaking: change type of Instance to `Application` (ref #2200)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Merge websocket crate into api_common
* Add SendActivity trait so that api crates compile in parallel with lemmy_apub
* Rework websocket code
* fix websocket heartbeat
* Implement federated user following (fixes#752)
* rewrite send_activity_in_community and add docs, remove default for column pending
* improve migration
* replace null values in db migration
* Specify dependencies and metadata for entire workspace (fixes#2474)
* building api_common shouldnt depend on diesel
* remove drone task
* try with quotes
* fix clippy
* more clippy
* Moving settings to Database.
- Moves many settings into the database. Fixes#2285
- Adds a local_site and instance table. Fixes#2365 . Fixes#2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.
* Fix weird clippy issue.
* Removing extra lines.
* Some fixes from suggestions.
* Fixing apub tests.
* Using instance creation helper function.
* Move forms to their own line.
* Trying to fix local_site_data, still broken.
* Testing out async
* Testing out async 2
* Fixing federation tests.
* Trying to fix check features 1.
* Starting on adding diesel async. 1/4th done.
* Added async to views and schema.
* Adding some more async
* Compiling now.
* Added diesel async. Fixes#2465
* Running clippy --fix
* Trying to fix cargo test on drone.
* Trying new muslrust.
* Trying a custom dns
* Trying a custom dns 2
* Trying a custom dns 3
* Trying a custom dns 4
* Trying a custom dns 5
* Trying a custom dns 6
* Trying a custom dns 7
* Addressing PR comments.
* Adding check_apub to all verify functions.
* Reverting back drone.
* Fixing merge
* Fix docker images.
* Adding missing discussion_languages.
* Trying to fix federation tests.
* Fix site setup user creation.
* Fix clippy
* Fix clippy 2
* Test api faster
* Try to fix 1
* Try to fix 2
* What are these lines about
* Trying to fix 3
* Moving federation test back to top.
* Remove logging cat.
* Moving settings to Database.
- Moves many settings into the database. Fixes#2285
- Adds a local_site and instance table. Fixes#2365 . Fixes#2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.
* Fix weird clippy issue.
* Removing extra lines.
* Some fixes from suggestions.
* Fixing apub tests.
* Using instance creation helper function.
* Move forms to their own line.
* Trying to fix local_site_data, still broken.
* Fixing federation tests.
* Trying to fix check features 1.
* Addressing PR comments.
* Adding check_apub to all verify functions.
* implement language tags for site/community in db and api
* add api checks for valid languages
* during db migration, update existing users, sites, communities to have all languages enabled
* init new users/communities with site languages (not all languages)
* federate site/community languages
* fix tests
* when updating site languages, limit community languages to this subset
also, when making a new post and subset of user lang, community lang
contains only one item, use that as post lang
* add tests for actor_language db functions
* include language list in siteview/communityview
* Fix some of the review comments
* Some more review changes
* Add todo about boxed query
* Add default_post_language to GetCommunityResponse
* Initial commit to bump diesel to 2.0.0-rc.0 and see what happens
* Add chrono feature from diesel
* db_schema crate is close to building?
* Upgrade diesel-derive-newtype
* Mostly modifying references to connections to be mutable ones; also used
new way to do migrations as suggested by the migration guide; a lot more
compiles now, though I can't figure out this tricky ToSql issue at the
moment
* Running clippy --fix
* Trying to fix drone clippy 1
* Fix clippy
* Upgrade clux-musl
* Trying to fix drone clippy 2
* Trying to fix drone clippy 3
* Trying to fix drone clippy 5
* Adding diesel table aliases, removing sql view hack. Fixes#2101
Co-authored-by: Steven Chu <stevenc1@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
* Tag posts and comments with language (fixes#440)
* Untangle PostView tests
* Implement test for PostView language query
* Store languages directly in database
* finish moving languages into db, it compiles
* update post_view
* serde skip Language.id field
* add local_user_language table, other changes suggested in review
* add code for local_user_discussion_language_view
* Remove unnecessary clones in db view converteres
* Fixing up some table and join issues.
* Clearing the current languages.
* Fix formatting.
* update user languages in single transaction
* proper test for user language queries
* Some fixes for all / missing user languages. (#2404)
* Some fixes for all / missing user languages.
* Adding back in transaction.
* fix test
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* First pass at adding comment trees.
- Extracted comment replies into its own table.
- Added ltree column to comment
- Added parent_id param to GetComments to fetch a tree branch
- No paging / limiting yet
* Adding child_count to comment_aggregates.
* Adding parent comment update counts
* Fix unit tests.
* Comment tree paging mostly done.
* Fix clippy
* Fix drone tests wrong postgres version.
* Fix unit tests.
* Add back in delete in unit test.
* Add postgres upgrade script.
* Fixing some PR comments.
* Move update ltree into Comment::create
* Updating based on comments.
* Fix send soft fail.
* First pass at adding admin purge. #904#1331
* Breaking out purge into 4 tables for the 4 purgeable types.
* Using CommunitySafe instead in view
* Fix db_schema features flags.
* Attempting to pass API key.
* Adding pictrs image purging
- Added pictrs_config block, for API_KEY
- Clear out image columns after purging
* Remove the remove_images field from a few of the purge API calls.
* Fix some suggestions by @nutomic.
* Add separate pictrs reqwest client.
* Update defaults.hjson
Co-authored-by: Nutomic <me@nutomic.com>
* Create example for apub lib
* some rewriting of apub lib
* Add LocalInstance struct for apub lib to avoid using Lemmy Settings
* Move ActorType trait to lemmy_apub, because its not needed in library
* Use reqwest_retry instead of custom impl, dont specify timeout on every send()
* Some improvements to example
* Moved inbox handling to library
* bug fixes
* Move context and serde helpers into library
* wip: example changes
* Add lemmy_utils feature to build only LemmyError
* Rename to activitypub_federation
* Remove lemmy_utils dep from activitypub_federation using generic error type
* Finish activitypub example
* Cleanup and fix tests
* Reorganize library files
* Remove ApubObject.to_tombstone()
* Extract activitypub library into separate git repository
* Use SourceCompat everywhere (better compat with other software)
* Name field should not be mandatory in Group
* also check page.cc field for community id
* add gnu social tests
* better to use option<sourcecompat>
* update gnu social tests, marked vote as "unlisted"
* Initial working of hiding communities and adding a db entry for mod log
* Return mod log for hidden communities
* Clean up hidding communities PR
* use lower case like other migration files
* Formatting fix
* pass in admin id to list, make match logic the same in post_view as community_view. Dont force non null for reason
* Clean PR review stuff
* Change person_id to mod_person_id on hide community table
* Make bools optional, add a space for formating
Co-authored-by: Thor Odinson <odinson@asgard.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Implement instance actor
* wip: make site bans federate
* finish implementation and unit tests for federated bans
* start adding api tests
* fix api test
* remve site from GetCommunityResponse
* only federate site bans originating from user's home instance
* dont expose site.private_key in api
* Respond directly with LemmyError
Instrument Perform implementations for more precise traces
Use ApiError to format JSON errors when messages are present
Keep SpanTrace output in LemmyError Display impl
* Hide SpanTrace debug output from LemmyError
* Don't log when entering spans, only when leaving
* Update actix-web
* Update actix-rt
* Add newline after error info in LemmyError Display impl
* Propogate span information to blocking operations
* Instrument apub functions
* Use skip_all for more instrument attributes, don't skip 'self' in some api actions
* Make message a static string
* Send proper JSON over websocket
* Add 'message' to LemmyError display if present
* Use a quieter root span builder, don't pretty-print logs
* Keep passwords and emails out of logs
* Re-enable logging Login
* Instrument feeds
* Emit our own errors
* Move error log after status code recording
* Make Sensitive generic over the inner type
* Remove line that logged secrets
* Check if post or comment are deleted first. Fixes#1864
* Refactoring delete apub.
* Revert "Refactoring delete apub."
This reverts commit ba2c3d06cfb870efe792f4b2541036265b425156.
* Merge traits ToApub and FromApub into ApubObject
* Rewrite community outbox to use new fetcher
* Rewrite community moderators collection
* Rewrite tombstone
* Remove CommentInReplyToMigration
* Remove compat for RemovePostCommentOrCommunity
* Remove PublicUrlMigration
* Change type of pm to ChatMessage from Pleroma, make pm.to array
* Use person.summary instead of person.content for pleroma compat
* Also change group.content to summary
* Rewrite apub object test json to serve as nice examples
* Also add test case for parsing pleroma private message
* Allow fetching person from Pleroma, including test case (ref #1461)
* Added test case for parsing community from apub json
- fixed a bug with objectid (de)serialization
- fixed a bug with outbox fetching (ref #1582)
* Added apub test for post
* Ignore errors when reading community outbox (fixes#1582)
* Dont fetch community outbox/moderators during tests
* added test for lemmy comment
* Added federation test for pleroma comment
* Added html2md crate to parse comment html from pleroma (fixes#1461)
* some fixes for update_apub_test_files.sh
* Add tests for ToApub, private message, remove update script
* Delete objects from db at the end of each test
* Dont allow posts to deleted / removed communities. Fixes#1827
* Fixing couldnt find community error.
* Adding check in createorupdate post and comment.
* make sure post wasn't deleted or removed.
* Adding a post not deleted or removed check to creatorupdatecomment.
* Using pub(crate)
* Use new fetcher implementation for post/comment
* rewrite person fetch to use new fetcher
* rewrite community to use new fetcher
* rename new_fetcher to dereference_object_id
* make ObjectId a newtype
* handle deletion in new fetcher
* rewrite apub object search to be generic
* move upsert() method out of ApubObject trait
* simplify ObjectId::new (and fix clippy)