Merge remote-tracking branch 'upstream/develop' into patch-bio

7 files changed, 128 insertions, 16 deletions

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index c77fd6816..207674999 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -104,7 +104,7 @@ defmodule Pleroma.User do
     |> cast(params, [:bio, :name])
     |> unique_constraint(:nickname)
     |> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/)
-    |> validate_length(:bio, max: 1000)
+    |> validate_length(:bio, max: 5000)
     |> validate_length(:name, min: 1, max: 100)
   end
 
@@ -322,6 +322,16 @@ defmodule Pleroma.User do
     update_and_set_cache(cs)
   end
 
+  def decrease_note_count(%User{} = user) do
+    note_count = user.info["note_count"] || 0
+    note_count = if note_count <= 0, do: 0, else: note_count - 1
+    new_info = Map.put(user.info, "note_count", note_count)
+
+    cs = info_changeset(user, %{info: new_info})
+
+    update_and_set_cache(cs)
+  end
+
   def update_note_count(%User{} = user) do
     note_count_query =
       from(
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index d071135c4..99c169034 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -10,6 +10,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
 
   @httpoison Application.get_env(:pleroma, :httpoison)
 
+  @instance Application.get_env(:pleroma, :instance)
+  @rewrite_policy Keyword.get(@instance, :rewrite_policy)
+
   def get_recipients(data) do
     (data["to"] || []) ++ (data["cc"] || [])
   end
@@ -17,7 +20,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
   def insert(map, local \\ true) when is_map(map) do
     with nil <- Activity.get_by_ap_id(map["id"]),
          map <- lazy_put_activity_defaults(map),
-         :ok <- insert_full_object(map) do
+         :ok <- insert_full_object(map),
+         {:ok, map} <- @rewrite_policy.filter(map) do
       {:ok, activity} =
         Repo.insert(%Activity{
           data: map,
@@ -172,7 +176,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     with Repo.delete(object),
          Repo.delete_all(Activity.all_non_create_by_object_ap_id_q(id)),
          {:ok, activity} <- insert(data, local),
-         :ok <- maybe_federate(activity) do
+         :ok <- maybe_federate(activity),
+         {:ok, actor} <- User.decrease_note_count(user) do
       {:ok, activity}
     end
   end
diff --git a/lib/pleroma/web/activity_pub/mrf/drop_policy.ex b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex
new file mode 100644
index 000000000..4333bca28
--- /dev/null
+++ b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex
@@ -0,0 +1,8 @@
+defmodule Pleroma.Web.ActivityPub.MRF.DropPolicy do
+  require Logger
+
+  def filter(object) do
+    Logger.info("REJECTING #{inspect(object)}")
+    {:reject, object}
+  end
+end
diff --git a/lib/pleroma/web/activity_pub/mrf/noop_policy.ex b/lib/pleroma/web/activity_pub/mrf/noop_policy.ex
new file mode 100644
index 000000000..9dd3acb04
--- /dev/null
+++ b/lib/pleroma/web/activity_pub/mrf/noop_policy.ex
@@ -0,0 +1,5 @@
+defmodule Pleroma.Web.ActivityPub.MRF.NoOpPolicy do
+  def filter(object) do
+    {:ok, object}
+  end
+end
diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
new file mode 100644
index 000000000..ea1af0f4d
--- /dev/null
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -0,0 +1,76 @@
+defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
+  alias Pleroma.User
+
+  @mrf_policy Application.get_env(:pleroma, :mrf_simple)
+
+  @reject Keyword.get(@mrf_policy, :reject)
+  defp check_reject(actor_info, object) do
+    if actor_info.host in @reject do
+      {:reject, nil}
+    else
+      {:ok, object}
+    end
+  end
+
+  @media_removal Keyword.get(@mrf_policy, :media_removal)
+  defp check_media_removal(actor_info, object) do
+    if actor_info.host in @media_removal do
+      child_object = Map.delete(object["object"], "attachment")
+      object = Map.put(object, "object", child_object)
+    end
+
+    {:ok, object}
+  end
+
+  @media_nsfw Keyword.get(@mrf_policy, :media_nsfw)
+  defp check_media_nsfw(actor_info, object) do
+    child_object = object["object"]
+
+    if actor_info.host in @media_nsfw and child_object["attachment"] != nil and
+         length(child_object["attachment"]) > 0 do
+      tags = (child_object["tag"] || []) ++ ["nsfw"]
+      child_object = Map.put(child_object, "tags", tags)
+      child_object = Map.put(child_object, "sensitive", true)
+      object = Map.put(object, "object", child_object)
+    end
+
+    {:ok, object}
+  end
+
+  @ftl_removal Keyword.get(@mrf_policy, :federated_timeline_removal)
+  defp check_ftl_removal(actor_info, object) do
+    if actor_info.host in @ftl_removal do
+      user = User.get_by_ap_id(object["actor"])
+
+      # flip to/cc relationship to make the post unlisted
+      if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and
+           user.follower_address in object["cc"] do
+        to =
+          List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++
+            [user.follower_address]
+
+        cc =
+          List.delete(object["cc"], user.follower_address) ++
+            ["https://www.w3.org/ns/activitystreams#Public"]
+
+        object = Map.put(object, "to", to)
+        object = Map.put(object, "cc", cc)
+      end
+    end
+
+    {:ok, object}
+  end
+
+  def filter(object) do
+    actor_info = URI.parse(object["actor"])
+
+    with {:ok, object} <- check_reject(actor_info, object),
+         {:ok, object} <- check_media_removal(actor_info, object),
+         {:ok, object} <- check_media_nsfw(actor_info, object),
+         {:ok, object} <- check_ftl_removal(actor_info, object) do
+      {:ok, object}
+    else
+      e -> {:reject, nil}
+    end
+  end
+end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 8f63fdc70..cecf5527c 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -5,6 +5,8 @@ defmodule Pleroma.Web.Router do
 
   @instance Application.get_env(:pleroma, :instance)
   @federating Keyword.get(@instance, :federating)
+  @public Keyword.get(@instance, :public)
+  @registrations_open Keyword.get(@instance, :registrations_open)
 
   def user_fetcher(username) do
     {:ok, Repo.get_by(User, %{nickname: username})}
@@ -160,21 +162,9 @@ defmodule Pleroma.Web.Router do
     get("/statusnet/version", TwitterAPI.UtilController, :version)
   end
 
-  @instance Application.get_env(:pleroma, :instance)
-  @registrations_open Keyword.get(@instance, :registrations_open)
-
   scope "/api", Pleroma.Web do
     pipe_through(:api)
 
-    get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)
-
-    get(
-      "/statuses/public_and_external_timeline",
-      TwitterAPI.Controller,
-      :public_and_external_timeline
-    )
-
-    get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline)
     get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
     get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
     get("/users/show", TwitterAPI.Controller, :show_user)
@@ -193,6 +183,24 @@ defmodule Pleroma.Web.Router do
   end
 
   scope "/api", Pleroma.Web do
+    if @public do
+      pipe_through(:api)
+    else
+      pipe_through(:authenticated_api)
+    end
+
+    get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)
+
+    get(
+      "/statuses/public_and_external_timeline",
+      TwitterAPI.Controller,
+      :public_and_external_timeline
+    )
+
+    get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline)
+  end
+
+  scope "/api", Pleroma.Web do
     pipe_through(:authenticated_api)
 
     get("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)
diff --git a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
index 2bb54977e..34cd7ed89 100644
--- a/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
+++ b/lib/pleroma/web/templates/mastodon_api/mastodon/login.html.eex
@@ -1,4 +1,4 @@
-<h2>Login in to Mastodon Frontend</h2>
+<h2>Login to Mastodon Frontend</h2>
 <%= if @error do %>
   <h2><%= @error %></h2>
 <% end %>