Commit graph

634 commits

Author SHA1 Message Date
cee72065e9 Merge branch 'main' into inbox-refactoring 2020-07-29 15:41:05 +02:00
04cb1e0161 Version v0.7.33 2020-07-29 09:06:26 -04:00
Dessalines
49bd28e2d4
Adding visual captchas for register and login. (#1027)
* Adding visual captchas for register and login.

* Adding audio wav file for Captcha using espeak.

* Lots of captcha fixes.

- Removed login captchas.
- Added settings to disable captchas, and change difficulty.
- Captchas can only be checked / used once, front end gives a new one on
  failure.
- Added front end button for regenerating captcha.
- Added a disabled / pause button audio playing.

* Some more fixes.
2020-07-29 09:02:46 -04:00
8ad4378960 Disable ID domain check in FromApub until we figure it out properly 2020-07-29 13:58:39 +02:00
a85873d294 Take correct community uri in shared_inbox, rename fetch_remote* methods 2020-07-29 13:46:11 +02:00
5dd0efb280 Version v0.7.32 2020-07-29 00:29:56 -04:00
52b221e3c9 Version v0.7.31 2020-07-28 21:20:19 -04:00
ced3cbde73 Merge branch 'main' into inbox-refactoring-dessalines 2020-07-28 18:55:50 -04:00
494fcfdb8f Add helper function to generate proper activity IDs 2020-07-28 19:23:16 +02:00
e605d58888 Merge branch 'main' into inbox-refactoring-merge 2020-07-28 12:08:28 -04:00
1ed63e99d9 Fix post thumbnail_url to use full urls. Fixes #632 2020-07-28 11:42:40 -04:00
1ed7c59491 Refactor inbox, simplify and split into multiple files 2020-07-28 14:41:15 +02:00
Dessalines
6e4599411b
Adding inferno-helmet to fix page titles. Fixes #1028 (#1030) 2020-07-27 11:54:42 -04:00
Dessalines
c066915b8e
Federate sticky flag dessalines (#1021)
* Federate sticky flag (ref #1018)

* Adding tests for federated sticky and lock.

* Changing test to make sure it returns the correct locked error.

Co-authored-by: Felix Ableitner <me@nutomic.com>
2020-07-27 11:42:15 -04:00
Dessalines
d1342afe93
Remove extra jwt claims (for user settings) (#1025)
* Remove extra jwt claims (for user settings)

- The JWT token only contains the issuer, and your user id now.
- Now only a page refresh is necessary to pick up your settings on all
  clients, including theme, language, etc.
- GetSiteResponse now gives you your user and settings if logged in.
- Fixes #773

* Remove extra comment line, I tested nsfw

* Adding a todo to add a User_::readSafe()
2020-07-27 09:23:08 -04:00
617d636432 Version v0.7.30 2020-07-25 10:43:42 -04:00
0ff9af5ba5 Version v0.7.29 2020-07-24 22:06:16 -04:00
edfd10262f Version v0.7.28 2020-07-23 09:48:39 -04:00
59da2976ab Some more API cleanup.
- Extracted methods for is_mod_or_admin, and is_admin.
- Removed admins from GetPostResponse and GetCommunityResponse.
- Some cleanup.
2020-07-22 14:20:08 -04:00
b6a6d52a92 Merge branch 'main' into api_edit_separation 2020-07-22 13:47:52 -04:00
db0d213710 Version v0.7.26 2020-07-22 09:56:15 -04:00
5e5063cbdd Adding some helper functions. 2020-07-21 13:52:57 -04:00
f81a7ad9ab Adding form_id to comment creates and edits.
- This adds a form_id to CreateComment, EditComment, and CommentResponse
- This is so any front end clients can add a randomly generated string,
  and know which comment they submitted, is the one they're getting
  back.
- This gets rid of all the weird complicated logic in handleFinished(),
  and should stop the comment forms getting cleared once and for all.
2020-07-21 10:56:41 -04:00
4b6a762a56 Added an is_mod_or_admin function to Community 2020-07-21 10:15:17 -04:00
Dessalines
55ce7b1339
Adding version to GetSite. Fixes #1001 (#1002)
* Adding version to GetSite. Fixes #1001

* Removing version.ts file
2020-07-21 13:20:23 +00:00
2eac037408 Adding post delete, remove, lock, and sticky. 2020-07-20 23:46:36 -04:00
fd96dfdb5e Added comment delete, remove, read. 2020-07-20 21:37:44 -04:00
ca7d2feedb Some GetUserDetails cleanup. 2020-07-20 15:32:15 -04:00
9bc6698f58 Added community delete and remove. 2020-07-20 13:37:39 -04:00
a67f46bec5 EditUserMention changed to MarkUserMentionAsRead. 2020-07-20 10:56:40 -04:00
0a28ffb9c4 Private message delete and read extracted. 2020-07-20 00:29:44 -04:00
87202b4915 Fixing duplicate actor_id for community and user. Fixes #957 2020-07-19 13:12:42 -04:00
b03a2d7995 Ran cargo fmt. 2020-07-19 12:26:23 -04:00
3342a6a910 Version v0.7.25 2020-07-17 18:54:34 -04:00
eiknat
03758a4f92
validate post URLs on the backend (#990)
* added serverside url validation

* api.post: use if let instead of is_some

also add "invalid_url" to en.json

Co-authored-by: John Doe <dhas8m@protonmail.com>
2020-07-17 18:46:59 -04:00
nutomic
77a2a5eb01 Update activitystreams library to latest version (#71)
Merge branch 'main' into more-upgrade-apub-3

Update activitystreams library to latest version

Remove remaining usages of old activitystreams library

Migrate community inbox and user inbox

Migrate private message

Migrate post

Migrate community activities

Migrate extensions to new activitystreams library

Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/71
2020-07-17 21:11:07 +00:00
2a206e1b4d Version v0.7.24 2020-07-16 21:17:34 -04:00
1e30fcf235 Version v0.7.23 2020-07-16 21:13:18 -04:00
2d4c41d2be Convert comments to new apub lib (including comment activities) 2020-07-15 18:26:37 +02:00
ef8118f40f migrate post to new apub lib 2020-07-15 18:03:09 +02:00
f69f044aaa Version v0.7.22 2020-07-15 10:16:31 -04:00
Dessalines
9f36fd50b4
GetSite fixes. Fixes #975 (#978) 2020-07-15 10:00:55 -04:00
Dessalines
fc15276c10
Don't allow duplicate community names in API. #957 (#974) 2020-07-15 09:55:38 -04:00
Dessalines
78cb306c07
Don't allow community name editing. Fixes #964 (#973) 2020-07-15 09:53:52 -04:00
70f15ffd6f Version v0.7.21 2020-07-14 12:12:13 -04:00
Dessalines
cc0ae6343c
Fixing user mention reading. (#968) 2020-07-14 12:12:04 -04:00
5ccf81349e Version v0.7.20 2020-07-14 09:17:36 -04:00
ryexandra
29037b4995
Security/fix permission bugs (#966)
* secure the `EditPost` API endpoint

* Check user is moderator in BanFromCommunity

* secure the `EditComment` API endpoint

* pass orig `read` prob when not explicitly updating it.

* Block random users from adding mods.

* use cleaner logic from `EditPost`

* prevent editing a community by a mod from transfering ownership to them

* secure `read` action in `EditPrivateMessage`

* Add check in UserMention

* only let the indended recipient mark as read

* simplify booleans to satisfy clippy

* requested changes + cargo +nightly fmt

* fix to pass federation tests for deleting comments and posts

Co-authored-by: chiminh <chiminh.tutanota.com>
Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>
2020-07-14 09:17:25 -04:00
52983907c4 Version v0.7.19 2020-07-13 15:21:16 -04:00
abe7a41f58 Version v0.7.18 2020-07-13 13:32:01 -04:00