Commit graph

124 commits

Author SHA1 Message Date
6a9f924d20
More test coverage for user deletion (#5259) 2024-12-12 10:03:55 -05:00
5e7b30ac6a
Reorganize api endpoints (fixes #2022) (#5216)
* Reorganize api endpoints (fixes #2022)

* scopes

* move message rate limit

* move rate limit

* apply suggestions

* move my_user to separate endpoint

* remove taglines and custom emojis from siteview

* routes for api v3 and v4

* remove new features from api v3

* js client

* replace occurences of `v3`, fix routes

* replace getSite().my_user with getMyUser()

* update

* update config

* remove web::

* update

* prettier

* lockfile

* v

* fix settings

* move block endpoints

* more changes

* fmt

* update

* change some routes

* lockfile

* Add comment about deprecation
2024-12-07 14:06:33 -07:00
Mikoto
9505d1d205
feat: add PKCE (#5189)
Co-authored-by: Nutomic <me@nutomic.com>
2024-12-02 16:47:03 -05:00
f6de3b0388
Enable site languages for new user (fixes #5234) (#5235)
* Enable site languages for new user (fixes #5234)

* test coverage
2024-11-28 18:03:14 -05:00
797aac7281
Check for error when fetching link metadata (fixes #5127) (#5129)
* Check for error when fetching link metadata (fixes #5127)

* use error_for_status everywhere

* dont ignore errors

* enable lint

* fixes

* review

* more review
2024-11-15 09:13:43 -05:00
Dessalines
fa4825b524
Removing a few expects from production and test code. (#5193)
* Removing a few expects from production and test code.

- Fixes #5192

* Using if let filter for admin emails.

* Fixing unused error.

* Adding expect_used = deny to clippy lints.

* Update src/lib.rs

Co-authored-by: Nutomic <me@nutomic.com>

* Update crates/utils/src/settings/structs.rs

Co-authored-by: Nutomic <me@nutomic.com>

* Update crates/utils/src/settings/mod.rs

Co-authored-by: Nutomic <me@nutomic.com>

* Some more cleanup.

* Fix clippy

---------

Co-authored-by: Nutomic <me@nutomic.com>
2024-11-15 08:18:52 -05:00
ad90cd77f9
Implement private communities (#5076)
* add private visibility

* filter private communities in post_view.rs

* also filter in comment_view

* community follower state

* remove unused method

* sql fmt

* add CommunityFollower.approved_by

* implement api endpoints

* api changes

* only admins can create private community for now

* add local api tests

* fix api tests

* follow remote private community

* use authorized fetch for content in private community

* federate community visibility

* dont mark content in private community as public

* expose ApprovalRequired in api

* also check content fetchable for outbox/featured

* address private community content to followers

* implement reject activity

* fix tests

* add files

* remove local api tests

* dont use delay

* is_new_instance

* single query for is_new_instance

* return subscribed type for pending follow

* working

* need to catch errors in waitUntil

* clippy

* fix query

* lint for unused async

* diesel.toml comment

* add comment

* avoid db reads

* rename approved_by to approver_id

* add helper

* form init

* list pending follows should return items for all communities

* clippy

* ci

* fix down migration

* fix api tests

* references

* rename

* run git diff

* ci

* fix schema check

* fix joins

* ci

* ci

* skip_serializing_none

* fix test

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2024-11-07 05:49:05 -05:00
f05afead02
Remove individual user/community inboxes (#5124)
* Remove endpoints for individual community/user inboxes

fixes #4147
fixes #3928

* Remove shared_inbox_url columns

* fmt
2024-10-26 14:54:29 -04:00
61a02482ff
Cleanup remaining use of Result<bool, Error> (fixes #4862) (#5047) 2024-09-24 13:25:33 -04:00
Dessalines
d476d32200
Removing a few more Result<bool> . (#4977)
* Removing a few more Result<bool> .

* Running taplo fmt.

* Running fmt.

* Adding email taken test.

* Fixing tests.

* Adding back in missing admin check.

* Rename check_has_local_followers function.
2024-09-23 20:55:35 -04:00
a8843335a6
Simplify handling of NotFound SQL errors (fixes #4633) (#5031)
* Simplify handling of NotFound SQL errors (fixes #4633)

* fmt

* wip

* compiling

* clippy

* api tests

* fix
2024-09-23 11:26:50 -04:00
privacyguard
b26aaac523
SSO Support (#4881)
* Added OAUTH2 OIDC support

* Fixes and improvements based on review feedback

* use derive_new::new instead of TypedBuilder

* merge migrations into a single file

* fixes based on review feedback

* remove unnecessary hostname_ui config

* improvement based on review feedback

* improvements based on review feedback

* delete user oauth accounts at account deletion

* fixes and improvements based on review feedback

* removed auto_approve_application

* support registration application with sso

* improvements based on review feedback

* making the TokenResponse an internal struct as it should be

* remove duplicate struct

* prevent oauth linking to unverified accounts

* switched to manually entered username and removed the oauth name claim

* fix cargo fmt

* fix compile error

* improvements based on review feedback

* fixes and improvements based on review feedback

---------

Co-authored-by: privacyguard <privacyguard@users.noreply.github.com>
2024-09-18 14:52:33 +02:00
6454a4d43d
Remove enable nsfw (#5017)
* Remove `local_site.enable_nsfw` in favor of `site.content_warning` (fixes #4627)

* cleanup usage of SiteView::read_local

* test

* uppercase
2024-09-16 11:18:16 -04:00
Dessalines
ba044c7d98
Adding checks for higher admin and mod. (#4860)
* Adding checks for higher admin and mod.

* Adding admin/mod checks for ban and comment removal.

* Combining mod or admin check with an SQL union.

* Making community ban or add mod also allow higher admins.

* Making sure remove post also checks higher mods or admins.

* Add unit test for is_higher_mod_or_admin_check

* Fixing comment.

* Addressing PR comments.

* Get rid of pointless wrapper functions, return lemmyresult directly.
2024-07-16 12:22:47 +02:00
dullbananas
79e6dbf0de
Remove PersonInsertForm builder (#4779)
* Update session_middleware.rs

* Update private_message_report_view.rs

* Update session_middleware.rs

* Update private_message_view.rs

* Update private_message.rs

* Update registration_application_view.rs

* Update actor_language.rs

* Update vote_view.rs

* Update code_migrations.rs

* Update comment_aggregates.rs

* Update person_view.rs

* Update user_settings_backup.rs

* Update person.rs

* Update create.rs

* Update comment_view.rs

* Update moderator.rs

* Update site_aggregates.rs

* Update claims.rs

* Update community_aggregates.rs

* Update post_report.rs

* Update person_mention_view.rs

* Update community_view.rs

* Update comment_report_view.rs

* Update post_report_view.rs

* Update community_moderators.rs

* Update comment.rs

* Update person_aggregates.rs

* Update comment_reply_view.rs

* Update password_reset_request.rs

* Update post_aggregates.rs

* Update community.rs

* Update main.rs

* Update post.rs

* Update person.rs

* Update person.rs

* Update claims.rs

* Update person.rs

* Update create.rs

* Update user_settings_backup.rs

* Update community_moderators.rs

* Update main.rs

* Update comment_aggregates.rs

* Update community_aggregates.rs

* Update person.rs

* Update Cargo.toml

* Update Cargo.toml

* Update person.rs

* fix

* Update code_migrations.rs

* fix submodule

* Update person.rs
2024-06-06 08:29:18 -04:00
c96017c009
Configure max comment width in clippy (#4738)
* Configure max comment width in clippy

* update default config
2024-05-23 08:46:26 -04:00
cfdc732d3a
On registration set show_nsfw based on site.content_warning (#4616)
Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com>
2024-05-07 16:18:58 -04:00
Dessalines
d075acce43
Make all single-fetch database calls return an Option. (#4617)
- Diesel ordinarily throws an error when no results are returned for a
  single fetch, which is a bit confusing. This PR ensures that the
  missing value cases are all caught, and wrapped with new LemmyErrors,
  rather than diesel errors.
- Fixes #4601
2024-04-16 14:48:15 +02:00
Dessalines
5dea21d531
Convert all Result<..., LemmyError> into LemmyResult<...> Fixes #4613 (#4614)
* Convert all Result<..., LemmyError> into LemmyResult<...> Fixes #4613

* Fixing clippy.
2024-04-10 10:14:11 -04:00
846848c4f6
On registration, automatically set content languages from accept-language header (#4550)
* On registration, automatically set content languages from accept header

* no need to set site language or default language for new user anymore

* fix test

* fix langs

* avoid duplicate writing of new user languages
2024-03-25 16:02:12 -04:00
Dessalines
15f02f00a9
Add a vote_display_mode local_user setting. (#4450)
* Add a vote_display_mode local_user setting.

- Fixes #4449

* Changing HideDownvotes to Score.

* Adding ScoreAndDownvote display mode.

* Adding upvote and downvote mode.

* Extracting vote_display_mode to another table.

* Fixing fmt.

* Remove published and updated columns.

---------

Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com>
2024-03-13 12:10:58 -04:00
86b44c2a4d
Add site.content_warning, local_site.default_post_listing_mode (#4393)
* Include local_site.content_warning setting for showing nsfw by default

* Add community setting `only_followers_can_vote`

* clippy

* add auto_expand_images site setting

* cleanup

* add missing api params

* postquery/communityquery changes

* clippy

* change error

* replace auto_expand_images with default_site_post_listing_mode

* change post/community query params

* get rid of only_followers_can_vote

* machete

* fix

* clippy

* revert remaining vote changes

* remove dead code

* remove unused var

* fmt
2024-02-16 07:24:35 -05:00
Elara
3c5b1ac6dd
Use the Accept-Language header to set new users' language (#4435)
* Use the Accept-Language header to set new users' language

* Implement clippy suggestions

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2024-02-08 10:53:03 +01:00
a00313e680
Merge /site_inbox into /inbox, remove unique constraint for inboxes (#4138)
* Merge /site_inbox into /inbox (fixes #4137)

Get rid of different inboxes, only use /inbox

Remove shared_inbox_url db columns

add code migration

move to db migration, fixes

machete

fix sql

drop inbox url unique constraints

Dont create auth cookie in backend (#4136)

dont change individual inboxes to shared inbox

Dont send comment reply to user who has community blocked. Fixes #3684 (#4096)

* Dont send comment reply to user who has community blocked. Fixes #3684

* Adding source instance block check.

* Adding api test.

* Addressing PR comments.

* move site inbox rewrite to db

* fix test

* clippy

* clippy 2

* fix test
2023-11-16 14:22:40 +01:00
aaaf17486d
Dont create auth cookie in backend (#4136) 2023-11-08 07:55:09 -05:00
6cfbb8fc3b
Remove empty API responses (#3993)
* Remove empty API responses

* also remove change password response

* fix invalidate

* Run clippy.

* Fixing api_test lints.

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-16 12:36:53 -04:00
291ff19718
Only sanitize strings when generating RSS feeds and emails (fixes #4003) (#4024)
* Only sanitize strings when generating RSS feeds and emails (fixes #4003)

* clippy

* fix test
2023-10-11 16:48:19 +02:00
dc327652a5
Add db table for login tokens which allows for invalidation (#3818)
* wip

* stuff

* fmt

* fmt 2

* fmt 3

* fix default feature

* use Authorization header

* store ip and user agent for each login

* add list_logins endpoint

* serde(skip) for token

* fix api tests

* A few suggestions for login_token (#3991)

* A few suggestions.

* Fixing SQL format.

* review

* review

* rename cookie

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-09 12:46:12 +02:00
210c470ebd
Notify admin about registration application after email verification (fixes #3024) (#3995) 2023-09-28 10:06:45 -04:00
f858d8cbce
Remove explicit auth params (#3946)
* Remove explicit auth params (ref #3725)

Only take auth via header or cookie. This requires a new version
of lemmy-js-client for api tests to pass.

* rework api_crud

* remove remaining auth params, move logic to session middleware

* fmt, fix test

* update js client

* remove auth param from api tests

* Pass auth as header

* add !

* url vars, setHeader

* cleanup

* fmt

* update

* Updating for new lemmy-js-client.

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-09-21 06:42:28 -04:00
8c419103b2 Fixing formatting. 2023-09-18 19:19:13 -04:00
Apple Sheeple
c05458adcd Sanitize registration application answer
Signed-off-by: Apple Sheeple <AppleSheeple@github>
2023-09-18 22:39:29 +03:00
Apple Sheeple
5fff7504e5 Reject registration application if sanitizing the username modifies it
This removes the possibility of using a mix of sanitized and
 non-sanitized values for `username` in code.

Signed-off-by: Apple Sheeple <AppleSheeple@github>
2023-09-18 22:39:20 +03:00
71d61138bc
Replace ammonia lib with manual html escaping (fixes #3774) (#3938)
* Replace ammonia lib with manual html escaping (fixes #3774)

* prettier

* clippy

* remove sanitize unit test

* fix tests

* fix schema
2023-09-06 10:56:26 -04:00
Dessalines
56e26fc3d4
Adding a post_view mode. Fixes #3730 (#3731)
* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Fixing column order.

* Fix default Ok returns.

* Removing return Err(... where feasible.
2023-08-31 09:01:08 -04:00
7fd14b3d2a
Make remove content optional during account deletion (fixes #1617) (#3817)
* Make remove content optional during account deletion (fixes #1617)

* simplify purge params by passing context

* update js client

* add delete content

* update woodpecker config

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-08-28 12:23:45 +02:00
6047257bfc
Move admin flag from person to local_user (fixes #3060) (#3403)
* Move admin flag from person to local_user (fixes #3060)

The person table is for federated data, but admin flag can only
apply to local users. Thats why it really belongs in the local_user
table. This will also prevent the federation code from accidentally
overwriting the admin flag

* fmt

* try to fix api tests

* lint

* fix person view

* ci

* ci

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-08-24 05:40:08 -04:00
27be1efb74
Rewrite remaining federation actions, get rid of PerformCrud trait (#3794)
* Rewrite ban actions

* Rewrite delete/remove actions

* Rewrite remove/delete community

* Rewrite report actions

* Rewrite feature/lock post

* Rewrite update community actions

* Rewrite remaining federation actions

* Get rid of PerformCrud trait

* clippy
2023-08-02 12:52:41 -04:00
3471f3533c
Sanitize html (#3708)
* HTML sanitization in apub code

* Sanitize API inputs

* fmt

* Dont allow html a, img tags

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-26 14:01:15 -04:00
Sander Saarend
d7051c40f8
Use local_site.default_post_listing_type as the initial default listing type for new users (#3666) 2023-07-19 11:04:43 -04:00
dullbananas
1d38aad9d3
Make functions work with both connection and pool (#3420)
* a lot

* merge

* Fix stuff broken by merge

* Get rid of repetitive `&mut *context.conn().await?`

* Add blank lines under each line with `conn =`

* Fix style mistakes (partial)

* Revert "Fix style mistakes (partial)"

This reverts commit 48a033b87f.

* Revert "Add blank lines under each line with `conn =`"

This reverts commit 773a6d3beb.

* Revert "Get rid of repetitive `&mut *context.conn().await?`"

This reverts commit d2c6263ea1.

* Use DbConn for CaptchaAnswer methods

* DbConn trait

* Remove more `&mut *`

* Fix stuff

* Re-run CI

* try to make ci start

* fix

* fix

* Fix api_common::utils

* Fix apub::activities::block

* Fix apub::api::resolve_object

* Fix some things

* Revert "Fix some things"

This reverts commit 2bf8574bc8.

* Revert "Fix apub::api::resolve_object"

This reverts commit 3e4059aabb.

* Revert "Fix apub::activities::block"

This reverts commit 3b02389abd.

* Revert "Fix api_common::utils"

This reverts commit 7dc73de613.

* Revert "Revert "Fix api_common::utils""

This reverts commit f740f115e5.

* Revert "Revert "Fix apub::activities::block""

This reverts commit 2ee206af7c.

* Revert "Revert "Fix apub::api::resolve_object""

This reverts commit 96ed8bf2e9.

* Fix fetch_local_site_data

* Fix get_comment_parent_creator

* Remove unused perma deleted text

* Fix routes::feeds

* Fix lib.rs

* Update lib.rs

* rerun ci

* Attempt to create custom GetConn and RunQueryDsl traits

* Start over

* Add GetConn trait

* aaaa

* Revert "aaaa"

This reverts commit acc9ca1aed.

* Revert "Revert "aaaa""

This reverts commit 443a2a00a5.

* still aaaaaaaaaaaaa

* Return to earlier thing

Revert "Add GetConn trait"

This reverts commit ab4e94aea5.

* Try to use DbPool enum

* Revert "Try to use DbPool enum"

This reverts commit e4d1712646.

* DbConn and DbPool enums (db_schema only fails to compile for tests)

* fmt

* Make functions take `&mut DbPool<'_>` and make db_schema tests compile

* Add try_join_with_pool macro and run fix-clippy on more crates

* Fix some errors

* I did it

* Remove function variants that take connection

* rerun ci

* rerun ci

* rerun ci
2023-07-11 09:09:59 -04:00
93225e5ddf
Error enum fixed (#3487)
* Create error type enum

* Replace magic string slices with LemmyErrorTypes

* Remove unused enum

* Add rename snake case to error enum

* Rename functions

* clippy

* Fix merge errors

* Serialize in PascalCase instead of snake_case

* Revert src/lib

* Add serialization tests

* Update translations

* Fix compilation error in test

* Fix another compilation error

* Add code for generating typescript types

* Various fixes to avoid breaking api

* impl From<LemmyErrorType> for LemmyError

* with_lemmy_type

* trigger ci

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
2023-07-10 16:50:07 +02:00
TKilFree
2aef6a5a33
feat: re-added captcha checks (#3289) 2023-06-27 06:38:53 -04:00
Dessalines
1f1c0ad17a
Revert "feat: re-added captcha checks (#3249)" (#3288)
This reverts commit 8a086c8240.
2023-06-23 07:02:05 -04:00
TKilFree
8a086c8240
feat: re-added captcha checks (#3249) 2023-06-23 11:47:12 +02:00
e3eda68147
Correct error messages if user registers with taken user/email (#3093)
* Correct error messages if user registers with taken user/email (fixes #2955)

* exists
2023-06-21 05:26:07 -04:00
Dessalines
5af831c6fa
Fix unapproved users being able to log in after registration mode set to closed. (#3096)
- Fixes #3095
2023-06-14 19:02:17 -04:00
3565ad984a
Remove chatserver (#2919)
* Remove chatserver

* fix clippy

* Remove captchas (fixes #2922)

* fix prettier

* fix api_common build

* cargo fmt
2023-06-06 12:27:22 -04:00
a5707328cf
Dont return error in case optional auth is invalid (#2879)
* Dont return error in case optional auth is invalid

* fixes
2023-05-25 10:50:07 -04:00
Dessalines
d8722b6e91
Adding diesel enums for SortType and ListingType (#2808)
* Adding diesel enums for SortType and ListingType

- Uses diesel-derive-enum.
- Adds diesel.toml , so we can again use the auto-generated schema.rs
- Fixes a lot of DB null issues and column ordering issues.
- Fixes #1136
- Also replaces RegistrationMode boilerplate.

* Fixing unit tests 1.

* Remove comment line.

* Before patch.

* Before again.

* Using patch file to fix diesel_ltree issue with diesel.toml

* Adding some yalc ignores

* Fixing RegistrationMode enums

* Adding woodpecker diesel schema check.

* Try adding openssl 1.

* Try using diesel-cli image 1

* Try using diesel-cli image 2

* Try using diesel-cli image 3

* Try using diesel-cli image 4

* Try using diesel-cli image 5

* Try using diesel-cli image 6

* Try using diesel-cli image 7

* Try using diesel-cli image 8

* Try using diesel-cli image 9

* Try using diesel-cli image 10

* Try using diesel-cli image 11

* Try using diesel-cli image 12

* Try using diesel-cli image 13
2023-04-17 15:19:51 -04:00