* Re-organizing federation tests. #746#1040
* Add more checks in inbox, plus some refactoring (#76)
Merge branch 'main' into more-inbox-permissions
Move check_community_ban() into helper function
Move slur check into helper functions
Move Claims::decode and site ban check into helper function
Note: this changes behaviour in that site ban is checked in more
places now. we could easily add a boolean parameter
check_for_site_ban to get the previous behaviour back
Rewrite user_inbox and community_inbox in the same way as shared_inbox
Add check against instance allowlist etc in shared_inbox
Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/76
* Adding verbose to test results.
Co-authored-by: nutomic <nutomic@noreply.yerbamate.dev>
Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Federate sticky flag (ref #1018)
* Adding tests for federated sticky and lock.
* Changing test to make sure it returns the correct locked error.
Co-authored-by: Felix Ableitner <me@nutomic.com>
- This adds a form_id to CreateComment, EditComment, and CommentResponse
- This is so any front end clients can add a randomly generated string,
and know which comment they submitted, is the one they're getting
back.
- This gets rid of all the weird complicated logic in handleFinished(),
and should stop the comment forms getting cleared once and for all.
Merge branch 'main' into more-upgrade-apub-3
Update activitystreams library to latest version
Remove remaining usages of old activitystreams library
Migrate community inbox and user inbox
Migrate private message
Migrate post
Migrate community activities
Migrate extensions to new activitystreams library
Co-authored-by: dessalines <dessalines@noreply.yerbamate.dev>
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/71
* secure the `EditPost` API endpoint
* Check user is moderator in BanFromCommunity
* secure the `EditComment` API endpoint
* pass orig `read` prob when not explicitly updating it.
* Block random users from adding mods.
* use cleaner logic from `EditPost`
* prevent editing a community by a mod from transfering ownership to them
* secure `read` action in `EditPrivateMessage`
* Add check in UserMention
* only let the indended recipient mark as read
* simplify booleans to satisfy clippy
* requested changes + cargo +nightly fmt
* fix to pass federation tests for deleting comments and posts
Co-authored-by: chiminh <chiminh.tutanota.com>
Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>
More fixes
- fixed docker builds
- fixed mentions regex test
- fixed DATABASE_URL stuff
- change schema path in diesel.toml
Address review comments
- add jsonb column back into activity table
- remove authors field from cargo.toml
- adjust LEMMY_DATABASE_URL env var usage
- rename all occurences of LEMMY_DATABASE_URL to DATABASE_URL
Decouple utils and db
Split code into cargo workspaces
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.dev/LemmyNet/lemmy/pulls/67
* Asyncify more
* I guess these changed
* Clean PR a bit
* Convert more away from failure error
* config changes for testing federation
* It was DNS
So actix-web's client relies on TRust DNS Resolver to figure out
where to send data, but TRust DNS Resolver seems to not play nice
with docker, which expressed itself as not resolving the name to
an IP address _the first time_ when making a request. The fix was
literally to make the request again (which I limited to 3 times
total, and not exceeding the request timeout in total)
* Only retry for connecterror
Since TRust DNS Resolver was causing ConnectError::Timeout,
this change limits the retry to only this error, returning
immediately for any other error
* Use http sig norm 0.4.0-alpha for actix-web 3.0 support
* Blocking function, retry http requests
* cargo +nightly fmt
* Only create one pictrs dir
* Don't yarn build
* cargo +nightly fmt
- When a comment or post doesn't exist locally, yet we receive
an activitypub with it (for example, a nested comment update,
for a community we just subscribed to, also with a post we
don't have...), then fetch it.