* Add a blocklist for URLs.
* Fix SQL format
* Make clippy happy.
* Use regex for URL matching.
* Escape regex chars in URLs.
* Use post for modification.
* Make URL block regex static and remove API routes.
* Add date fields to table and use transaction.
* Use Cache for blocklist.
* Rename check_links + move list to parameters of process_markdown.
* SQL format.
* Format, again.
* Remove println.
* Add API test.
* Set a shorter lifetime for regex in debug mode.
* Add missing macro.
* Update lemmy-js-client
* Update api_test/pnpm-lock.yaml
* Don't break other tests
* Use different URL for test
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Nutomic <me@nutomic.com>
* Fix missing private key for signed fetch (fixes#4451)
* clippy
* instance actor name and webfinger
* better webfinger handling
* upgrade lib
* update test asset
* When banning a federated user, also remove their content from our local
communities.
- This works by:
- Before a site ban, find all posts and comments to local communities
- Send a federated community ban action for each local comm.
- This also removes their content in the apub receive code.
- Adding back in federated community ban api tests.
- Adding in two more api tests for site bans.
- Fixes#4118
* Add local community ban, and nonlocal person check.
* Ignoring errors.
* Move local check into function.
* Addressing PR comments 2
* Adding ability to hide posts.
- Adds an post/hide API route.
- Adds a `show_hidden` (default false) to `GetPosts`.
- Adds a `hidden` field to `PostView`.
- Removes the single `post_id` from MarkPostAsRead.
- Fixes#1403
* Add a check to make sure hidden field is true.
* Fixing test.
* Add back semicolon
* Expose LemmyErrorType in lemmy_api_common
* Make conditional compilation gates for utils
* Make it so api_common doesn't pull in unnecessary deps
* Make error type non exhaustive
* Fix formatting
* Format toml
* Add some convenience derives to LemmyError
* Simplify features
* Fix CI compile error
---------
Co-authored-by: SleeplessOne1917 <insomnia-void@protonmail.com>
* Make it so the signed in user can see if they're banned from a community
* Use more appropriate field name
---------
Co-authored-by: SleeplessOne1917 <insomnia-void@protonmail.com>
* Use the Accept-Language header to set new users' language
* Implement clippy suggestions
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Add support for local only community (fixes#1576)
* add filters and tests to db views
* dont federate local only community
* test get apub community http
* tests
* more checks
* wip
* api test
* fix tests
* change community.local_only column to visibility enum
(for private communities)
* sql fmt
* rename vars
* clippy
* fix tests
* update lib
* review
* fix js client version
* update client
* Add markdown rule to add rel=nofollow for all links
* Add markdown image rule to add local image proxy (fixes#1036)
* comments
* rewrite markdown image links working
* add comment
* perform markdown image processing in api/apub receivers
* clippy
* add db table to validate proxied links
* rewrite link fields for avatar, banner etc
* sql fmt
* proxy links received over federation
* add config option
* undo post.url rewriting, move http route definition
* add tests
* proxy images through pictrs
* testing
* cleanup request.rs file
* more cleanup (fixes#2611)
* include url content type when sending post over apub (fixes#2611)
* store post url content type in db
* should be media_type
* get rid of cache_remote_thumbnails setting, instead automatically
take thumbnail from federation data if available.
* fix tests
* add setting disable_external_link_previews
* federate post url as image depending on mime type
* change setting again
* machete
* invert
* support custom emoji
* clippy
* update defaults
* add image proxy test, fix test
* fix test
* clippy
* revert accidental changes
* address review
* clippy
* Markdown link rule-dess (#4356)
* Extracting opengraph_data to its own type.
* A few additions for markdown-link-rule.
---------
Co-authored-by: Nutomic <me@nutomic.com>
* fix setting
* use enum for image proxy setting
* fix test configs
* add config backwards compat
* clippy
* machete
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Add upload timeout to PictrsConfig
* Bad space 🤔
* Update PictrsConfig upload timeout to include units.
* Add local_subscribers field to CommunityAggregates
struct and schema
* sql format
* local_subscribers test
* fix local_subscribers test
* Revert "fix local_subscribers test"
This reverts commit 4bbac5ce4a.
* Revert "local_subscribers test"
This reverts commit 735107e1f7.
* Create trigger for local_subscribers
* Rename variable
* re-trigger ci
* re-trigger ci
* Add local_subscribers count to follow.spec.ts
* Rename local_subscribers to subscribers_local
* Add subscribers_local to community_aggregates
* added subscribers_local to the aggregate tests
* Check if person exists on community_follower trigger
* Delete community follows before deleting person
* Update lemmy-js-client in api_tests
* Refactor local_subscriber migration
* fix format
* Move migration files date to now
* Fix test to wait for aggregates to federate
* re-trigger ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Allow community mods to see votes in addition to admins
* Use Post instead of PostView
---------
Co-authored-by: SleeplessOne1917 <insomnia-void@protonmail.com>
* Move apub context to join-lemmy.org (fixes#4234)
* Dont store federation context in sent_activity table
* include basic activitypub context
* update lib
* ci
* Fix fetching of community posts (fixes#4283)
Also use spawn_try_task to fetch community outbox, mods etc to avoid
delay/timeout when fetching new community.
* prettier
* fix test
* fix api test
* prettier
* add delay
* Update run-federation-test.sh
* fix test
* Prevent crates that shouldn't be published from being published
* Make dependent crates publishable
* Make dependent crates publishable
* fix toml formatting
* Removing publish=true
* Removing versioned deps.
---------
Co-authored-by: SleeplessOne1917 <insomnia-void@protonmail.com>
Co-authored-by: Dessalines <tyhou13@gmx.com>
* Sort by post id in post view
* Remove tie_breaker
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Nutomic <me@nutomic.com>
* Make db queries for GET /api/v3/site in parallel (ref #4244)
* Cache site response
* machete
* Use try_join_with_pool macro
* machete
* taplo
* ttl 1s
* Adding creator_is_admin to PersonView, CommentView, and PostView.
* Removing left joins from comment_view.
* Removing joins from person_mention and comment_reply views.
* Removing extra left join from person_view.
* Reverting some changes in post_view.
* Fixing compile error.
* Merge /site_inbox into /inbox (fixes#4137)
Get rid of different inboxes, only use /inbox
Remove shared_inbox_url db columns
add code migration
move to db migration, fixes
machete
fix sql
drop inbox url unique constraints
Dont create auth cookie in backend (#4136)
dont change individual inboxes to shared inbox
Dont send comment reply to user who has community blocked. Fixes#3684 (#4096)
* Dont send comment reply to user who has community blocked. Fixes#3684
* Adding source instance block check.
* Adding api test.
* Addressing PR comments.
* move site inbox rewrite to db
* fix test
* clippy
* clippy 2
* fix test
* Dont send comment reply to user who has community blocked. Fixes#3684
* Adding source instance block check.
* Adding api test.
* Addressing PR comments.
* Adding cors_origin to settings. Fixes#3665
* Fix result to option.
* Forgot to update config defaults.
* Setting a cors origin doku default.
* Adding comments for CORS.
* Use starts_with for forbidden unicode (Fix#3888)
* Require 3 visible chars in display name
* Run cargo fmt and scripts/lint
* Undo invisibly_starts_with_at
* Remove 3 min chars.count() check for display name
* Fixing problem with SaveUserSettings, when either the Person or LocalUser update is null.
- Fixes#4076
- Also upgrading api_test deps
* Move function into test.
* Adding /version route. Fixes#2914
* Using a simple version string.
* Use nginx rewriting to solve version.
* Forgot to remove version.
* Using an actix redirect.
* Revert "Convert more responses to SuccessResponse. Fixes#2860 (#4058)"
This reverts commit 8deb4e5752.
* Removing purgeitem and deletecustomemoji response.
* Adding back in utils building.
* Handle invalid ban expires values (fixes#4045)
* Adding a few missing expire time checks. Fixing up time conversions. (#4051)
* Adding a few missing expire time checks. Fixing up time conversions.
* Increase settings export wait time.
* get rid of RemoveCommunity.expires
* fmt
* tests
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* List distinguished comments first (fixes#3843)
* then_order_by
* Fixing assert.
* move line
* then
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
* feat: Add user setting for toggling avatar gif animations
* Add forgotten post listing mode option to settings form
* Fix compilation error
* Fix formatting
* Change name of column to be more general purpose
* Fix sql format.
* Fix comments
* Running format.
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Ignore activities in remote communities without local followers (fixes#3568)
* x
* comments
* prettier
* fix api test
* fix test
* cleanup
* fix remaining test
* clippy
* decrease delay
This is the fix suggested in #4019
I've manually tested both legacy pagination (`page=2&limit=20`) as well as the new pagination (`cursor_next=XXXXXXX&limit=20`) using the same endpoint as #4019, and both methods appear to work as expected.
* wip
* stuff
* fmt
* fmt 2
* fmt 3
* fix default feature
* use Authorization header
* store ip and user agent for each login
* add list_logins endpoint
* serde(skip) for token
* fix api tests
* A few suggestions for login_token (#3991)
* A few suggestions.
* Fixing SQL format.
* review
* review
* rename cookie
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Make input length checks consistent with HTML maxlength attr (fixes#3688)
* ci
* Extricating min and max length checks (#4018)
* revert string change
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Remove explicit auth params (ref #3725)
Only take auth via header or cookie. This requires a new version
of lemmy-js-client for api tests to pass.
* rework api_crud
* remove remaining auth params, move logic to session middleware
* fmt, fix test
* update js client
* remove auth param from api tests
* Pass auth as header
* add !
* url vars, setHeader
* cleanup
* fmt
* update
* Updating for new lemmy-js-client.
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Rework the way 2FA is enabled/disabled (fixes#3309)
* postgres format
* change algo to sha1 for better compat
* review comments
* review
* clippy
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* User can block instances (fixes#2397)
* update comments
* review comments
* use route
* update
* add api test
* update tests
* fix
* fix test
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
This removes the possibility of using a mix of sanitized and
non-sanitized values for `username` in code.
Signed-off-by: Apple Sheeple <AppleSheeple@github>
* persistent activity queue
* fixes
* fixes
* make federation workers function callable from outside
* log federation instances
* dead instance detection not needed here
* taplo fmt
* split federate bin/lib
* minor fix
* better logging
* log
* create struct to hold cancellable task for readability
* use boxfuture for readability
* reset submodule
* fix
* fix lint
* swap
* remove json column, use separate array columns instead
* some review comments
* make worker a struct for readability
* minor readability
* add local filter to community follower view
* remove separate lemmy_federate entry point
* fix remaining duration
* address review comments mostly
* fix lint
* upgrade actitypub-fed to simpler interface
* fix sql format
* increase delays a bit
* fixes after merge
* remove selectable
* fix instance selectable
* add comment
* start federation based on latest id at the time
* rename federate process args
* dead instances in one query
* filter follow+report activities by local
* remove synchronous federation
remove activity sender queue
* lint
* fix federation tests by waiting for results to change
* fix fed test
* fix comment report
* wait some more
* Apply suggestions from code review
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* fix most remaining tests
* wait until private messages
* fix community tests
* fix community tests
* move arg parse
* use instance_id instead of domain in federation_queue_state table
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: SorteKanin <sortekanin@gmail.com>
* Adding a scaled sort, to boost smaller communities.
- Previously referred to as *best* .
- Fixes#3622
* Fixing scheduled task update.
* Converting hot_rank integers to floats.
* Altering hot_rank psql function to default to zero after a week.
* Setting scaled_rank to zero, where hot_rank is zero.
* Adding image_upload table.
* Revert "Automatically resolve report when post/comment is removed (#3850)"
This reverts commit f7f6766650.
* Automatically resolve reports using db trigger
* lint
* use mod log tables
* fix migration
* fix ci
* fix clippy
* add logic to prevent downloading remote pictrs images
* apply formatting
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance
* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance and cache_federated_images is false
* Generalising the no caching option to handle all remote images
* rustfmt
* Return None if the URL is not an image
* Updating defaults.hjson
* fixing typo
* Fixing typo
* Skip cloning the Url unless we need to
* using a HEAD request for checking the content type, saving bandwidth/improving perf
* Removing early returns
* Switching back to GET requests for Content-Type because pictrs does not handle HEAD requests
* Simplifying logic and using metadata_image instead of url if we do not get a pictrs thumbnail
* Removing unused import
* Return None as a thumbnail if caching is disabled
* formatting
---------
Co-authored-by: Djones4822 <david.jones4822@gmail.com>
* update api tests for new moderator view
* chage moderator view to be a listing type in get posts
Note: Internally, the listing type is called ListingType.ModeratorView,
but it's called "Moderator View" in the api endpoint
* fix formatting
* add support for moderator view to list comments
* add api test for moderator view when listing comments
* fix api test formatting
* retry tests
* don't filter out blocked users and communities when using moderator view
* fix cargo tests failing
* fix formatting
* fix previous merge
* Adding ModeratorView to listing_type_enums
* Fixing fmt.
* Adding a default to ListingType.
* Upgrading to use new lemmy-js-client.
---------
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Dessalines <tyhou13@gmx.com>
* Move admin flag from person to local_user (fixes#3060)
The person table is for federated data, but admin flag can only
apply to local users. Thats why it really belongs in the local_user
table. This will also prevent the federation code from accidentally
overwriting the admin flag
* fmt
* try to fix api tests
* lint
* fix person view
* ci
* ci
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Lowercase domain on db query filters (#3849)
* Add test to get a community on different cased domain (#3849)
* Lowercase the identity for webfinger (#3849)
* Lowercase both sides of the domain comparison (#3849)
* Format api_tests (#3849)
* Lowercase domain lookup on Instance and Person (#3849)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
Co-authored-by: Freakazoid182 <>
* generate sitemap.xml file
* set up endpoint for sitemap
* Update sitemap generation
- remove sitemap generation from scheduled tasks
- add posts query for sitemap
- create sitemap module in API crate
* remove priority and change freq from sitemap
* add configuration option for number of posts for sitemap
* fix default config
* rate limit sitemap endpoint
* update sitemap query
* update sitemap generation
- remove config value for query limit
- adjust sitemap generation to query changes
- tidy up error handling
* refactor sitemap generation loop
* remove `limit` argument
* refactor `generate_urlset` and add unit test
* change query to only fetch local posts of past 24h
* fix outdated comment and log
* cargo fmt
* Add person name to PersonIsBannedFromSite error (#3786)
* Log PersonId instead of Person name (#3850)
* Log actor_id for PersonIsBannedFromSite (#3850)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Replace Option<bool> with bool for PostQuery and CommentQuery (#3819)
* Replace Option<bool> from all list queries (#3819)
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
* Allow filtering posts and comments by whether they were liked/disliked
* Switch to 2 args - liked_only, disliked_only - taking bools
* Make liked_only and disliked_only Option<bool>
* Fix unrelated is_profile_view compilation error
* remove n^2 part of person triggers, improve community aggregate trigger
* comment out comment_score tests since previously they only accidentally succeeded
* empty
* more robust test of unlike a comment, confirm replication to instance downstream from community home
* more robust 'delete a comment' test, confirm replication
* Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report
* typo and actually have Gamma comment check use gamma, not alpha
* prepare-drone-federation-test.sh has some more echo output and note about the LEMMY_DATABASE_URL format (#3651)
* Add http cache for webfingers (#3317)
* Add http cache for webfingers
* Remove the outgoing cache middleware & adjust the cache headers directive
* Use 1h & 3day cache header
* Update routes and adjust the cache headers location
* revert apub caching
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Rewrite activity lists to fix delete federation (fixes#3625)
* Revert "typo and actually have Gamma comment check use gamma, not alpha"
This reverts commit 7dfb6ee0f4.
* Revert "Far more robust "Report a comment" test. Many comments about situation, this is currently failing because gamma does not get the report"
This reverts commit 7bd3b20ae0.
* prettier TypeScript
* revised comments, as ResolveObject isn't using routine replication
* fmt
* fix api tests
* remove comment
---------
Co-authored-by: cetra3 <cetra3@hotmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* HTML sanitization in apub code
* Sanitize API inputs
* fmt
* Dont allow html a, img tags
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* add option to only show posts from moderated communities
* rename moderated_only to moderator_view and show blocked users in moderator view
* add test for moderator view
* bump lemmy-js-client version for moderation view tests
* fix yarn lockfile
* retry build
* Delete logfile
* retry checks
* remove unused select statement from list posts
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Added controversy rank property to posts and comments, and ability to sort by it
* Triggers instead of schedules tasks, integer -> double, TODO: comments don't seem to get updated with floats, divide SortTypes
* Created PersonSortType
* PersonSortType::MostComments case
* Removed unused PartialOrd trait
* Added new person sort type mappings
* SortType -> PersonSortType
* fixes
* cargo fmt
* fixes after merge with main
* Fixed bug in controversy rank trigger, removed TopX sorts from PersonSortType and added CommentScore instead
* Uncovered enum case
* clippy
* reset translation changes
* translations
* translations
* Added additional hot ordering on controversial posts and comments
* featured local and featured community added to controversy rank index, additional order_by removed (?), added post_score and post_count to PersonSortType
* Woodpecker rerun
* cargo fmt
* woodpecker rerun
* fixed controversy_rank order
* fix
* Readded migration as latest, removed second update statement for setting controversy rank
* Resolves issue #3685
If user isn't authenticated with resolve_object, only allow a local search instead of possibly making an http request.
* Making sure to validate auth before doing a potential remote lookup.
* add new flag to api
* add new ui settings for local user
* remove extraneous def
* add props to application reg.
* fix clippy updated these
* re-order db schema entries
* remove dupe
* update lemmy sdk
* update lemmy js client
---------
Co-authored-by: Nutomic <me@nutomic.com>
* detailed error message for blocked domains (#3698)
* Pass the domain as an error param
Not formatting the error message to support i18n
---------
Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
I noticed that stopping the Lemmy process with ctrl+c wasnt working
because the activity channel isnt properly closed. This is now fixed.
Later we should also move the channel from static into LemmyContext,
Im not doing that now to avoid conflicts with #3670.
* Denormalize community_id into post_aggregates for a 1000x speed-up when loading posts
* Remove unused index
* Add creator_id to post_aggregates
* Use post_aggregates as main table for PostQuery
* Make post_aggregates the main table for PostView
* Reformat SQL
* Remove SendActivity and Perform traits, rely on channel
These traits arent necessary anymore now that websocket is removed.
Removing them allows us to use normal actix http handler methods
which are much more flexible, and allow using different middlewares
as well as setting response attributes.
* compiling and create post federating
* clippy
* rename methods, join outgoing activities task
* fix api tests
* no unwrap
* conditional compile
* add back getrandom
* make crates optional
* fmt
* add new function build_post_response_deleted_allowed
* PostDelete uses new function build_post_response_deleted_allowed
* RemovePost uses new build_post_response_deleted_allowed function
* code comments about mod or admin flag having other use
* reformat "cargo +nightly fmt --all"
* Try using drone cache plugin
* Try another path
* Include volume
* Fix formatting
* Include fmt
* Exclude cargo dir from prettier
* Don't override cargo
* Just do check
* Add cache key
* Use different cache plugin
* Add clippy
* Try minio
* Add quotes
* Try adding secrets
* Try again
* Again
* Use correct secret formation
* Add back clippy
* Use secret for the root bucket name
* Try drone cache instead
* Add region
* Add path-style option
* Include cargo clippy
* Include everything again
* Fix formatting
* Don't run clippy twice
* Add `allow` statements for tests to pass
* Adjust endpoint to be a secret
* Fix prettier
* Merge & fix tests
* Try to restart the woodpecker test
* Change the ENV var name
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* change pool fields to parameters for list
* remove my_person_id and admin fields
* Change recipient id to list param
* Remove TypedBuilder from db_views and db_views_actor
* Split activity table into sent and received parts (fixes#3103)
The received activities are only stored in order to avoid processing
the same incoming activity multiple times. For this purpose it is
completely unnecessary to store the data. So we can split the
table into sent_activity and received_activity parts, where
only sent_activity table needs to store activity data. This should
reduce storage use significantly.
Also reduces activity storage duration to three months, we can reduce
this further if necessary.
Additionally the id columns of activity tables are removed because
they are completely unused and risk overflowing (fixes#3560).
* address review
* move insert_received_activity() methods to verify handlers
* remove unnecessary conflict line
* clippy
* use on conflict, add tests