Merge branch 'develop' into release-docs

author: rinpatch <rinpatch@sdf.org> 2019-06-22 02:00:18 +0300
committer: rinpatch <rinpatch@sdf.org> 2019-06-22 02:00:18 +0300
commit: 452d5d32317ef204c465ea56c341c86ab59bd171 (patch)
tree: a9b612cf4ed8a422c421ef0c7613e9ef971b72ab /lib
parent: 743bd648832eb1fd6033c3484059c08f88af40f3 (diff)
parent: 55742d978d15bba75bcae9c6f2d91afbb77d0dc5 (diff)
download: pleroma-452d5d32317ef204c465ea56c341c86ab59bd171.tar.gz
7 files changed, 94 insertions, 134 deletions
diff --git a/lib/mix/tasks/pleroma/instance.ex b/lib/mix/tasks/pleroma/instance.ex
index 9e26c066b..9b14871c9 100644
--- a/lib/mix/tasks/pleroma/instance.ex
+++ b/lib/mix/tasks/pleroma/instance.ex
@@ -155,10 +155,11 @@ defmodule Mix.Tasks.Pleroma.Instance do
       secret = :crypto.strong_rand_bytes(64) |> Base.encode64() |> binary_part(0, 64)
       signing_salt = :crypto.strong_rand_bytes(8) |> Base.encode64() |> binary_part(0, 8)
       {web_push_public_key, web_push_private_key} = :crypto.generate_key(:ecdh, :prime256v1)
+      template_dir = Application.app_dir(:pleroma, "priv") <> "/templates"
 
       result_config =
         EEx.eval_file(
-          "sample_config.eex" |> Path.expand(__DIR__),
+          template_dir <> "/sample_config.eex",
           domain: domain,
           port: port,
           email: email,
@@ -179,7 +180,7 @@ defmodule Mix.Tasks.Pleroma.Instance do
 
       result_psql =
         EEx.eval_file(
-          "sample_psql.eex" |> Path.expand(__DIR__),
+          template_dir <> "/sample_psql.eex",
           dbname: dbname,
           dbuser: dbuser,
           dbpass: dbpass
@@ -193,7 +194,7 @@ defmodule Mix.Tasks.Pleroma.Instance do
       shell_info("Writing #{psql_path}.")
       File.write(psql_path, result_psql)
 
-      write_robots_txt(indexable)
+      write_robots_txt(indexable, template_dir)
 
       shell_info(
         "\n" <>
@@ -217,10 +218,10 @@ defmodule Mix.Tasks.Pleroma.Instance do
     end
   end
 
-  defp write_robots_txt(indexable) do
+  defp write_robots_txt(indexable, template_dir) do
     robots_txt =
       EEx.eval_file(
-        Path.expand("robots_txt.eex", __DIR__),
+        template_dir <> "/robots_txt.eex",
         indexable: indexable
       )
 
diff --git a/lib/mix/tasks/pleroma/robots_txt.eex b/lib/mix/tasks/pleroma/robots_txt.eex
deleted file mode 100644
index 1af3c47ee..000000000
--- a/lib/mix/tasks/pleroma/robots_txt.eex
+++ /dev/null
@@ -1,2 +0,0 @@
-User-Agent: *
-Disallow: <%= if indexable, do: "", else: "/" %>
diff --git a/lib/mix/tasks/pleroma/sample_config.eex b/lib/mix/tasks/pleroma/sample_config.eex
deleted file mode 100644
index 8b45acb05..000000000
--- a/lib/mix/tasks/pleroma/sample_config.eex
+++ /dev/null
@@ -1,81 +0,0 @@
-# Pleroma instance configuration
-
-# NOTE: This file should not be committed to a repo or otherwise made public
-# without removing sensitive information.
-
-use Mix.Config
-
-config :pleroma, Pleroma.Web.Endpoint,
-   url: [host: "<%= domain %>", scheme: "https", port: <%= port %>],
-   secret_key_base: "<%= secret %>",
-   signing_salt: "<%= signing_salt %>"
-
-config :pleroma, :instance,
-  name: "<%= name %>",
-  email: "<%= email %>",
-  notify_email: "<%= notify_email %>",
-  limit: 5000,
-  registrations_open: true,
-  dynamic_configuration: <%= db_configurable? %>
-
-config :pleroma, :media_proxy,
-  enabled: false,
-  redirect_on_failure: true
-  #base_url: "https://cache.pleroma.social"
-
-config :pleroma, Pleroma.Repo,
-  adapter: Ecto.Adapters.Postgres,
-  username: "<%= dbuser %>",
-  password: "<%= dbpass %>",
-  database: "<%= dbname %>",
-  hostname: "<%= dbhost %>",
-  pool_size: 10
-
-# Configure web push notifications
-config :web_push_encryption, :vapid_details,
-  subject: "mailto:<%= email %>",
-  public_key: "<%= web_push_public_key %>",
-  private_key: "<%= web_push_private_key %>"
-
-config :pleroma, :instance, static_dir: "<%= static_dir %>"
-config :pleroma, Pleroma.Uploaders.Local, uploads: "<%= uploads_dir %>"
-
-# Enable Strict-Transport-Security once SSL is working:
-# config :pleroma, :http_security,
-#   sts: true
-
-# Configure S3 support if desired.
-# The public S3 endpoint is different depending on region and provider,
-# consult your S3 provider's documentation for details on what to use.
-#
-# config :pleroma, Pleroma.Uploaders.S3,
-#   bucket: "some-bucket",
-#   public_endpoint: "https://s3.amazonaws.com"
-#
-# Configure S3 credentials:
-# config :ex_aws, :s3,
-#   access_key_id: "xxxxxxxxxxxxx",
-#   secret_access_key: "yyyyyyyyyyyy",
-#   region: "us-east-1",
-#   scheme: "https://"
-#
-# For using third-party S3 clones like wasabi, also do:
-# config :ex_aws, :s3,
-#   host: "s3.wasabisys.com"
-
-
-# Configure Openstack Swift support if desired.
-#
-# Many openstack deployments are different, so config is left very open with
-# no assumptions made on which provider you're using. This should allow very
-# wide support without needing separate handlers for OVH, Rackspace, etc.
-#
-# config :pleroma, Pleroma.Uploaders.Swift,
-#  container: "some-container",
-#  username: "api-username-yyyy",
-#  password: "api-key-xxxx",
-#  tenant_id: "<openstack-project/tenant-id>",
-#  auth_url: "https://keystone-endpoint.provider.com",
-#  storage_url: "https://swift-endpoint.prodider.com/v1/AUTH_<tenant>/<container>",
-#  object_url: "https://cdn-endpoint.provider.com/<container>"
-#
diff --git a/lib/mix/tasks/pleroma/sample_psql.eex b/lib/mix/tasks/pleroma/sample_psql.eex
deleted file mode 100644
index f0ac05e57..000000000
--- a/lib/mix/tasks/pleroma/sample_psql.eex
+++ /dev/null
@@ -1,7 +0,0 @@
-CREATE USER <%= dbuser %> WITH ENCRYPTED PASSWORD '<%= dbpass %>';
-CREATE DATABASE <%= dbname %> OWNER <%= dbuser %>;
-\c <%= dbname %>;
---Extensions made by ecto.migrate that need superuser access
-CREATE EXTENSION IF NOT EXISTS citext;
-CREATE EXTENSION IF NOT EXISTS pg_trgm;
-CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
diff --git a/lib/pleroma/web/activity_pub/mrf/anti_link_spam_policy.ex b/lib/pleroma/web/activity_pub/mrf/anti_link_spam_policy.ex
new file mode 100644
index 000000000..2da3eac2f
--- /dev/null
+++ b/lib/pleroma/web/activity_pub/mrf/anti_link_spam_policy.ex
@@ -0,0 +1,48 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy do
+  alias Pleroma.User
+
+  require Logger
+
+  # has the user successfully posted before?
+  defp old_user?(%User{} = u) do
+    u.info.note_count > 0 || u.info.follower_count > 0
+  end
+
+  # does the post contain links?
+  defp contains_links?(%{"content" => content} = _object) do
+    content
+    |> Floki.filter_out("a.mention,a.hashtag,a[rel~=\"tag\"],a.zrl")
+    |> Floki.attribute("a", "href")
+    |> length() > 0
+  end
+
+  defp contains_links?(_), do: false
+
+  def filter(%{"type" => "Create", "actor" => actor, "object" => object} = message) do
+    with {:ok, %User{} = u} <- User.get_or_fetch_by_ap_id(actor),
+         {:contains_links, true} <- {:contains_links, contains_links?(object)},
+         {:old_user, true} <- {:old_user, old_user?(u)} do
+      {:ok, message}
+    else
+      {:contains_links, false} ->
+        {:ok, message}
+
+      {:old_user, false} ->
+        {:reject, nil}
+
+      {:error, _} ->
+        {:reject, nil}
+
+      e ->
+        Logger.warn("[MRF anti-link-spam] WTF: unhandled error #{inspect(e)}")
+        {:reject, nil}
+    end
+  end
+
+  # in all other cases, pass through
+  def filter(message), do: {:ok, message}
+end
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 35a7c582e..3f8e3b074 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -64,26 +64,34 @@ defmodule Pleroma.Web.OAuth.OAuthController do
 
   defp handle_existing_authorization(
          %Plug.Conn{assigns: %{token: %Token{} = token}} = conn,
-         params
+         %{"redirect_uri" => @oob_token_redirect_uri}
        ) do
-    token = Repo.preload(token, :app)
+    render(conn, "oob_token_exists.html", %{token: token})
+  end
+
+  defp handle_existing_authorization(
+         %Plug.Conn{assigns: %{token: %Token{} = token}} = conn,
+         %{} = params
+       ) do
+    app = Repo.preload(token, :app).app
 
     redirect_uri =
       if is_binary(params["redirect_uri"]) do
         params["redirect_uri"]
       else
-        default_redirect_uri(token.app)
+        default_redirect_uri(app)
       end
 
-    redirect_uri = redirect_uri(conn, redirect_uri)
-
-    if redirect_uri == @oob_token_redirect_uri do
-      render(conn, "oob_token_exists.html", %{token: token})
-    else
+    if redirect_uri in String.split(app.redirect_uris) do
+      redirect_uri = redirect_uri(conn, redirect_uri)
       url_params = %{access_token: token.token}
       url_params = UriHelper.append_param_if_present(url_params, :state, params["state"])
       url = UriHelper.append_uri_params(redirect_uri, url_params)
       redirect(conn, external: url)
+    else
+      conn
+      |> put_flash(:error, "Unlisted redirect_uri.")
+      |> redirect(external: redirect_uri(conn, redirect_uri))
     end
   end
 
@@ -101,17 +109,27 @@ defmodule Pleroma.Web.OAuth.OAuthController do
   end
 
   def after_create_authorization(%Plug.Conn{} = conn, %Authorization{} = auth, %{
+        "authorization" => %{"redirect_uri" => @oob_token_redirect_uri}
+      }) do
+    render(conn, "oob_authorization_created.html", %{auth: auth})
+  end
+
+  def after_create_authorization(%Plug.Conn{} = conn, %Authorization{} = auth, %{
         "authorization" => %{"redirect_uri" => redirect_uri} = auth_attrs
       }) do
-    redirect_uri = redirect_uri(conn, redirect_uri)
+    app = Repo.preload(auth, :app).app
 
-    if redirect_uri == @oob_token_redirect_uri do
-      render(conn, "oob_authorization_created.html", %{auth: auth})
-    else
+    # An extra safety measure before we redirect (also done in `do_create_authorization/2`)
+    if redirect_uri in String.split(app.redirect_uris) do
+      redirect_uri = redirect_uri(conn, redirect_uri)
       url_params = %{code: auth.token}
       url_params = UriHelper.append_param_if_present(url_params, :state, auth_attrs["state"])
       url = UriHelper.append_uri_params(redirect_uri, url_params)
       redirect(conn, external: url)
+    else
+      conn
+      |> put_flash(:error, "Unlisted redirect_uri.")
+      |> redirect(external: redirect_uri(conn, redirect_uri))
     end
   end
 
@@ -324,7 +342,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
             })
 
           conn
-          |> put_session(:registration_id, registration.id)
+          |> put_session_registration_id(registration.id)
           |> registration_details(%{"authorization" => registration_params})
       end
     else
@@ -445,7 +463,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
     |> Scopes.validates(app.scopes)
   end
 
-  defp default_redirect_uri(%App{} = app) do
+  def default_redirect_uri(%App{} = app) do
     app.redirect_uris
     |> String.split()
     |> Enum.at(0)
diff --git a/lib/pleroma/web/rich_media/parsers/meta_tags_parser.ex b/lib/pleroma/web/rich_media/parsers/meta_tags_parser.ex
index 82f1cce29..4a7c5eae0 100644
--- a/lib/pleroma/web/rich_media/parsers/meta_tags_parser.ex
+++ b/lib/pleroma/web/rich_media/parsers/meta_tags_parser.ex
@@ -1,19 +1,15 @@
 defmodule Pleroma.Web.RichMedia.Parsers.MetaTagsParser do
   def parse(html, data, prefix, error_message, key_name, value_name \\ "content") do
-    meta_data =
-      html
-      |> get_elements(key_name, prefix)
-      |> Enum.reduce(data, fn el, acc ->
-        attributes = normalize_attributes(el, prefix, key_name, value_name)
+    with elements = [_ | _] <- get_elements(html, key_name, prefix),
+         meta_data =
+           Enum.reduce(elements, data, fn el, acc ->
+             attributes = normalize_attributes(el, prefix, key_name, value_name)
 
-        Map.merge(acc, attributes)
-      end)
-      |> maybe_put_title(html)
-
-    if Enum.empty?(meta_data) do
-      {:error, error_message}
-    else
+             Map.merge(acc, attributes)
+           end) do
       {:ok, meta_data}
+    else
+      _e -> {:error, error_message}
     end
   end
 
@@ -31,17 +27,4 @@ defmodule Pleroma.Web.RichMedia.Parsers.MetaTagsParser do
 
     %{String.to_atom(data[key_name]) => data[value_name]}
   end
-
-  defp maybe_put_title(%{title: _} = meta, _), do: meta
-
-  defp maybe_put_title(meta, html) do
-    case get_page_title(html) do
-      "" -> meta
-      title -> Map.put_new(meta, :title, title)
-    end
-  end
-
-  defp get_page_title(html) do
-    Floki.find(html, "title") |> Floki.text()
-  end
 end
author	rinpatch <rinpatch@sdf.org>	2019-06-22 02:00:18 +0300
committer	rinpatch <rinpatch@sdf.org>	2019-06-22 02:00:18 +0300
commit	452d5d32317ef204c465ea56c341c86ab59bd171 (patch)
tree	a9b612cf4ed8a422c421ef0c7613e9ef971b72ab /lib
parent	743bd648832eb1fd6033c3484059c08f88af40f3 (diff)
parent	55742d978d15bba75bcae9c6f2d91afbb77d0dc5 (diff)
download	pleroma-452d5d32317ef204c465ea56c341c86ab59bd171.tar.gz