Commit graph

156 commits

Author SHA1 Message Date
Josephos
cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
phiresky
cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Nina Blanson
e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
cetra3
9406c3ad2b
Adjust the config check to be a separate faster to compile binary (#3313) 2023-06-26 06:23:21 -04:00
Neshura
203e35899e
Add separate Post check for is_valid_body_field (#3263)
* Add separate Post check for is_valid_body_field

* Modify is_valid_body_check for posts only

* Fix check var reinit in validation.rs

* Extra empty line to rerun woodpecker with changes

* Change Option to bool, add false to non-post calls

* Woodpecker trick.. again

* Probable rust_fmt fail fixed

* cargo_clippy changes

* Missing space between = and if

* Remove ; after body length checks
2023-06-26 10:47:01 +02:00
cetra3
d7da911a48
Remove actix_rt & use standard tokio spawn (#3158)
* Remove `actix_rt` & use standard tokio spawn

* Adjust rust log back down

* Format correctly

* Update cargo lock

* Add DB settings

* Change name and update to latest rev

* Clean up formatting changes

* Move `worker_count` and `worker_retry_count` to settings

* Update defaults

* Use `0.4.4` instead of git branch
2023-06-26 10:24:11 +02:00
Scott
da3e3b6d8a
Ensure site can only either be a private instance or federated when creating or editing site (#3237)
* Add site visibility validation

* Fix formatting

* linter changes

* Update error message to match existing check

* Remove existing check

---------

Co-authored-by: Scott Merchant <97430840+scottmerchant@users.noreply.github.com>
2023-06-21 22:14:12 +02:00
Michał
4cdb9583e9
feat: allow overriding smtp_password with the LEMMY_SMTP_PASSWORD env var (#3154)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 13:36:42 -04:00
dullbananas
45818fb4c5
Reduce memory usage of rate limiting (#3111)
* Reduce Vec allocations

* Optimize stuff

* Move embedded migrations to separate crate

* Revert "Move embedded migrations to separate crate"

This reverts commit 44b1049970.

* clippy, fmt

* Shrink rate limit allowance to f32

* Initialize rate limit allowance directly

* Add removal of old rate limit buckets

* Improve readability

* Remove usage of is_okay_and for Rust 1.67 compatibility

* Add dhat-heap feature

* Fix api_benchmark.sh and add run_and_benchmark.sh

* Revert "Fix api_benchmark.sh and add run_and_benchmark.sh"

This reverts commit b4528e5b85.

* Revert "Add dhat-heap feature"

This reverts commit 08e835d487.

* Manually revert remaining stuff

* Use Ipv6Addr in RateLimitStorage

* Shrink last_checked in RateLimitBucket to 32 bits

* Fix rate_limit::get_ip

* Stuff (#1)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Dullbananas patch 1 (#2)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Rate limit IPv6 addresses in groups

* Fmt lib.rs

* woodpicker trigger

* Refactor and comment `check_rate_limit_full`

* Add `test_split_ipv6`

* Replace -2.0 with UNINITIALIZED_TOKEN_AMOUNT

* Add `test_rate_limiter`

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 10:28:20 +02:00
Nina Blanson
1c7bfd6be8
Fixes #1884 - Support Spoiler Tags (#3018)
* Fixes #1884 - Switches markdown libraries and creates a custom rule to manage spoiler blocks

* Add tests to cover invalid spoiler input

* Consolidate tests, add comments

* Make immutable, static instance of markdown parser

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-14 13:15:59 +02:00
Andy Brandt
b47ce4c2e6
use usize::MAX for line wrap length, since lettre does it for us (#3034)
fixes #2921
2023-06-12 15:29:15 +02:00
Charles Hall
14c18dbdae
allow specifying db uri in config file (#2956)
* allow specifying db uri in config file

* succumb to a bug in doku

See <https://github.com/anixe/doku/issues/33>.
2023-06-09 08:18:22 -04:00
af5175a282
Set attribute deny_unknown_fields for Lemmy config (#2852)
With this attribute, Lemmy will throw an error and exit if any
invalid entry is found in the config file. I think can be useful
to notice typos or keys that were removed or renamed in an upgrade.
Currently you wouldnt notice these at all unless you manually
compare the config file with settings that are listed in documentation.

This should be considered a breaking change.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-05-11 20:12:12 -04:00
Dessalines
38d4429ae7
Adding check to description and body length fields. (#2805)
* Adding check to description and body length fields.

- Also making the checks return `LemmyError`
- Fixes #1747

* Address PR comments.

* PR comments 2
2023-04-15 10:45:11 -04:00
844cde9db3
Use pretty print for federation json responses (#2801) 2023-04-12 20:17:23 -04:00
6f513793cb
Activitypub crate rewrite (#2782)
* update activitypub-federation crate to 0.4.0

* fixes

* apub compiles!

* everything compiling!

* almost done, federated follow failing

* some test fixes

* use release

* add code back in
2023-03-21 16:03:05 +01:00
Dessalines
1dba94c9cb
Adding TOTP / 2FA to lemmy (#2741)
* Combine prod and dev docker setups using build-arg

- Fixes #2603

* Dont use cache for release build.

* Adding 2FA / TOTP support.

- Fixes #2363

* Changed name to totp_2fa for clarity.

* Switch to sha256 for totp.
2023-03-02 21:37:41 +01:00
Dessalines
209c8a9185
Switch from bb8 to deadpool. Fixes #2765 (#2768)
* Switch from bb8 to deadpool. Fixes #2765

* Remove unecessary deadpool dependency.

* Ignoring nodeinfo test.
2023-02-28 22:45:37 +01:00
Dessalines
8c0c1628e0
Adding a vector indexing check to prevent panics. Fixes #2753 (#2754)
* Adding a vector indexing check to prevent panics. Fixes #2753

* Fixing for new clippy lint.

* Externalizing get_top_mod check. Adding get_first clippy lint

* Removing unit tests get(0)s

* Fixing some firsts manually
2023-02-28 12:34:50 +01:00
80571567e1
Add default attribute for webfinger properties (fixes #2756) (#2759) 2023-02-23 09:51:33 -05:00
675353d4e9
Include type information with webfinger responses (fixes #2037) (#2746)
So that it is easier to parse for other software
2023-02-22 11:25:26 +09:00
Dessalines
36aaa50644
Organize utils into separate files. Fixes #2295 (#2736)
* Organize utils into separate files. Fixes #2295

* Moving tests.

* Fix test.

* Fix test 2
2023-02-16 05:05:14 +01:00
Dessalines
a610211557
Fixing .drone.yml (#2677)
* Try to fix docker/drone plugin

* Trying to use one rust image.

* Fixing drone 1.

* Fixing drone 2.

* Add drone notify.

* Fixing drone 3.

* Fixing drone 4.

* Fix clippy.

* Remove uninlined format lint.

* Combine all cargo tasks

* Fixing drone 5.

* Fixing drone 6.

* Fixing drone 7.

* Fixing drone 8.

* Fixing drone 9.

* Fixing drone 10.

* Fixing drone 12.

* Fixing drone 13.

* Fixing drone 14.

* Fixing drone 15.

* Fixing drone 16.

* Fixing drone 17.

* Fixing drone 18.

* Fixing drone 19.

* Fixing drone 20.

* Fixing drone 21.

* Fixing drone 22.

* Fixing drone 23.

* Fixing drone 24.

* Fixing drone 25.

* Fixing drone 26.

* Fixing drone 27.

* Fixing drone 28.

* Fixing drone 29.

* Fixing drone 30.

* Fixing drone 31.

* Fixing drone 32.

* Fixing drone 33.

* Fixing drone 34.

* Fixing drone 35.

* Fixing drone 36.

* Fixing drone 37.

* Fixing drone 38.

* Fixing drone 39.

* Fixing drone 40.

* Fixing drone 41.

* Fixing drone 43.

* Fixing drone 44.

* Fixing drone 45.

* Last cleanup.

* Fixing drone 46.

* Separate ci steps (#2679)

* separate ci steps

* fix 1

* add comments

* dont add rustfmt explicitly

* Revert "dont add rustfmt explicitly"

This reverts commit 358ce3302a134b7ac88d90a854079356995e9725.

* dont use all features for tests

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-01-30 14:17:24 -05:00
Kradyz
c416e4ce14
Update message_id to comply with RFC 2822 (#2668)
The RFC 2822 format standard requires the message ID to be enclosed within angle brackets. If the standard is not followed, SpamAssassin deducts points from the e-mail.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-01-30 11:10:51 -05:00
1eaf2c8a03
Add feature to embed pictrs in lemmy binary (fixes #2627) (#2633)
* Add feature to embed pictrs in lemmy binary (fixes #2627)

* Add pictrs config

* add protobuf

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-01-20 12:46:49 -05:00
0d4cdb579c
Improve application question check (#2628)
The check was failing if only require_application was passed
and not application_question, despite application_question
being set in database.
2022-12-23 01:31:39 +00:00
904d7bec2f Builds lemmy_routes in parallel with lemmy_apub 2022-12-02 10:46:49 +01:00
6f3bf4634b
Various pedantic clippy fixes (#2568)
* Various pedantic clippy fixes

* more clippy pedantic fixes

* try to fix ci

* add fix clippy script, use rust 1.65

* fix clippy
2022-11-19 04:33:54 +00:00
63c237d6df
Use enum_delegate crate (#2554) 2022-11-16 22:51:05 +00:00
24756af84b
Live reload settings (fixes #2508) (#2543)
* Live reload rate limit settings (fixes #2508)

* fix tests
2022-11-16 14:06:22 -05:00
ceae0f5993
Use urlencoding for db url params (fixes #2532) (#2537) 2022-11-07 21:29:32 -05:00
9393195827
Send error message when rate limit is reached (#2527)
* Send error message when rate limit is reached

* l18n key
2022-11-03 18:13:40 +00:00
Dessalines
cb753b045f
Group imports dess (#2526)
* Group imports with rustfmt

* Running cargo fmt again.

Co-authored-by: Felix Ableitner <me@nutomic.com>
2022-11-02 15:18:22 -04:00
Dessalines
235cc8b228
Moving settings to Database. (#2492)
* Moving settings to Database.

- Moves many settings into the database. Fixes #2285
- Adds a local_site and instance table. Fixes #2365 . Fixes #2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.

* Fix weird clippy issue.

* Removing extra lines.

* Some fixes from suggestions.

* Fixing apub tests.

* Using instance creation helper function.

* Move forms to their own line.

* Trying to fix local_site_data, still broken.

* Fixing federation tests.

* Trying to fix check features 1.

* Addressing PR comments.

* Adding check_apub to all verify functions.
2022-10-27 09:24:07 +00:00
Dessalines
265dc54627
Increase default search rate limit. (#2424) 2022-09-03 11:37:27 +02:00
Dessalines
8bfeb4b627
Fix a few form options for diesel. Fixes #2287 (#2376)
* Fix a few form options for diesel. Fixes #2287

* Adding TODO comment.
2022-07-29 15:04:21 +02:00
16fe149a6d
Change config pictrs key name (#2360) 2022-07-14 14:25:10 -04:00
d0a3d99636
Config changes, remove unused image purge function (#2343)
* Throw error if old pictrs config item is used, make api key optional

* use doku url feature

* fix doku version

* fix clippy

* remove unused image purge function, remove config migration
2022-07-11 16:38:37 -04:00
Luna
e33736ae47
remove parking_lot (#2350) 2022-07-11 17:12:12 +00:00
Dessalines
a745fa6f43
Remove update and read site config. Fixes #2306 (#2329)
* Remove update and read site config. Fixes #2306

* Removing lazy_static, removing Settings::get()
2022-06-22 20:24:54 +00:00
cd4d235171
Move setting http_fetch_retry_limit into federation block (#2314) 2022-06-14 01:20:30 -04:00
Dessalines
4e12e25c59
Adding admin purging of DB items and pictures. #904 #1331 (#1809)
* First pass at adding admin purge. #904 #1331

* Breaking out purge into 4 tables for the 4 purgeable types.

* Using CommunitySafe instead in view

* Fix db_schema features flags.

* Attempting to pass API key.

* Adding pictrs image purging

- Added pictrs_config block, for API_KEY
- Clear out image columns after purging

* Remove the remove_images field from a few of the purge API calls.

* Fix some suggestions by @nutomic.

* Add separate pictrs reqwest client.

* Update defaults.hjson

Co-authored-by: Nutomic <me@nutomic.com>
2022-06-13 19:15:04 +00:00
fcaf7a084c
Upgrade activitypub_federation to 0.2.0, add setting federation.debug (#2300) 2022-06-08 11:45:39 -04:00
7bc2f9fd6d
Remove unused setup config vars (#2302) 2022-06-08 11:44:53 -04:00
a2a594b763
Extract Activitypub logic into separate library (#2288)
* Create example for apub lib

* some rewriting of apub lib

* Add LocalInstance struct for apub lib to avoid using Lemmy Settings

* Move ActorType trait to lemmy_apub, because its not needed in library

* Use reqwest_retry instead of custom impl, dont specify timeout on every send()

* Some improvements to example

* Moved inbox handling to library

* bug fixes

* Move context and serde helpers into library

* wip: example changes

* Add lemmy_utils feature to build only LemmyError

* Rename to activitypub_federation

* Remove lemmy_utils dep from activitypub_federation using generic error type

* Finish activitypub example

* Cleanup and fix tests

* Reorganize library files

* Remove ApubObject.to_tombstone()

* Extract activitypub library into separate git repository
2022-06-02 16:33:41 +02:00
Paolo Barbolini
559e43075a
Simplify building plain/html emails (#2251) 2022-05-08 17:00:12 +00:00
3aa3d75a1e
Add cargo feature for building lemmy_api_common with mininum deps (#2243) 2022-05-03 17:44:13 +00:00
56b7030901
Fix link metadata unit test (#2237) 2022-04-27 15:42:10 +00:00