11 files changed, 105 insertions, 21 deletions

diff --git a/config/config.exs b/config/config.exs
index cd4c8e562..f889e3259 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -35,6 +35,7 @@ config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.
 config :pleroma, Pleroma.Upload,
   uploader: Pleroma.Uploaders.Local,
   filters: [],
+  link_name: true,
   proxy_remote: false,
   proxy_opts: [
     redirect_on_failure: false,
diff --git a/config/test.exs b/config/test.exs
index 6dfa698c8..a3f36c9e1 100644
--- a/config/test.exs
+++ b/config/test.exs
@@ -17,6 +17,8 @@ config :pleroma, Pleroma.Captcha,
 # Print only warnings and errors during test
 config :logger, level: :warn
 
+config :pleroma, Pleroma.Upload, link_name: false
+
 config :pleroma, Pleroma.Uploaders.Local, uploads: "test/uploads"
 
 config :pleroma, Pleroma.Mailer, adapter: Swoosh.Adapters.Test
diff --git a/docs/config.md b/docs/config.md
index a09ea95f3..e34ffe980 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -6,6 +6,7 @@ If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherw
 ## Pleroma.Upload
 * `uploader`: Select which `Pleroma.Uploaders` to use
 * `filters`: List of `Pleroma.Upload.Filter` to use.
+* `link_name`: When enabled Pleroma will add a `name` parameter to the url of the upload, for example `https://instance.tld/media/corndog.png?name=corndog.png`. This is needed to provide the correct filename in Content-Disposition headers when using filters like `Pleroma.Upload.Filter.Dedupe`
 * `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host.
 * `proxy_remote`: If you\'re using a remote uploader, Pleroma will proxy media requests instead of redirecting to it.
 * `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.
diff --git a/lib/pleroma/plugs/uploaded_media.ex b/lib/pleroma/plugs/uploaded_media.ex
index 13aa8641a..fd77b8d8f 100644
--- a/lib/pleroma/plugs/uploaded_media.ex
+++ b/lib/pleroma/plugs/uploaded_media.ex
@@ -24,6 +24,18 @@ defmodule Pleroma.Plugs.UploadedMedia do
   end
 
   def call(%{request_path: <<"/", @path, "/", file::binary>>} = conn, opts) do
+    conn =
+      case fetch_query_params(conn) do
+        %{query_params: %{"name" => name}} = conn ->
+          name = String.replace(name, "\"", "\\\"")
+
+          conn
+          |> put_resp_header("content-disposition", "filename=\"#{name}\"")
+
+        conn ->
+          conn
+      end
+
     config = Pleroma.Config.get([Pleroma.Upload])
 
     with uploader <- Keyword.fetch!(config, :uploader),
diff --git a/lib/pleroma/upload.ex b/lib/pleroma/upload.ex
index 1a97e9fde..f72334930 100644
--- a/lib/pleroma/upload.ex
+++ b/lib/pleroma/upload.ex
@@ -70,7 +70,7 @@ defmodule Pleroma.Upload do
            %{
              "type" => "Link",
              "mediaType" => upload.content_type,
-             "href" => url_from_spec(opts.base_url, url_spec)
+             "href" => url_from_spec(upload, opts.base_url, url_spec)
            }
          ],
          "name" => Map.get(opts, :description) || upload.name
@@ -219,14 +219,18 @@ defmodule Pleroma.Upload do
     tmp_path
   end
 
-  defp url_from_spec(base_url, {:file, path}) do
+  defp url_from_spec(%__MODULE__{name: name}, base_url, {:file, path}) do
     path =
-      path
-      |> URI.encode(&char_unescaped?/1)
+      URI.encode(path, &char_unescaped?/1) <>
+        if Pleroma.Config.get([__MODULE__, :link_name], false) do
+          "?name=#{URI.encode(name, &char_unescaped?/1)}"
+        else
+          ""
+        end
 
     [base_url, "media", path]
     |> Path.join()
   end
 
-  defp url_from_spec(_base_url, {:url, url}), do: url
+  defp url_from_spec(_upload, _base_url, {:url, url}), do: url
 end
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index d5b03cd24..70db419ca 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -310,7 +310,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
 
   def delete(%Object{data: %{"id" => id, "actor" => actor}} = object, local \\ true) do
     user = User.get_cached_by_ap_id(actor)
-    to = object.data["to"] || [] ++ object.data["cc"] || []
+    to = (object.data["to"] || []) ++ (object.data["cc"] || [])
 
     with {:ok, object, activity} <- Object.delete(object),
          data <- %{
diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex
index 75c2c6061..6d9bf2895 100644
--- a/lib/pleroma/web/admin_api/admin_api_controller.ex
+++ b/lib/pleroma/web/admin_api/admin_api_controller.ex
@@ -8,7 +8,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
   use Pleroma.Web, :controller
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.Relay
-  alias Pleroma.Web.MastodonAPI.Admin.AccountView
+  alias Pleroma.Web.AdminAPI.AccountView
 
   import Pleroma.Web.ControllerHelper, only: [json_response: 3]
 
diff --git a/lib/pleroma/web/mastodon_api/views/admin/account_view.ex b/lib/pleroma/web/admin_api/views/account_view.ex
index 5ce017124..4d6f921ef 100644
--- a/lib/pleroma/web/mastodon_api/views/admin/account_view.ex
+++ b/lib/pleroma/web/admin_api/views/account_view.ex
@@ -2,11 +2,11 @@
 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
-defmodule Pleroma.Web.MastodonAPI.Admin.AccountView do
+defmodule Pleroma.Web.AdminAPI.AccountView do
   use Pleroma.Web, :view
 
   alias Pleroma.User.Info
-  alias Pleroma.Web.MastodonAPI.Admin.AccountView
+  alias Pleroma.Web.AdminAPI.AccountView
 
   def render("index.json", %{users: users, count: count, page_size: page_size}) do
     %{
@@ -21,7 +21,9 @@ defmodule Pleroma.Web.MastodonAPI.Admin.AccountView do
       "id" => user.id,
       "nickname" => user.nickname,
       "deactivated" => user.info.deactivated,
-      "roles" => Info.roles(user.info)
+      "local" => user.local,
+      "roles" => Info.roles(user.info),
+      "tags" => user.tags || []
     }
   end
 end
diff --git a/test/plugs/uploaded_media_plug_test.exs b/test/plugs/uploaded_media_plug_test.exs
new file mode 100644
index 000000000..49cf5396a
--- /dev/null
+++ b/test/plugs/uploaded_media_plug_test.exs
@@ -0,0 +1,43 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.UploadedMediaPlugTest do
+  use Pleroma.Web.ConnCase
+  alias Pleroma.Upload
+
+  defp upload_file(context) do
+    Pleroma.DataCase.ensure_local_uploader(context)
+    File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
+
+    file = %Plug.Upload{
+      content_type: "image/jpg",
+      path: Path.absname("test/fixtures/image_tmp.jpg"),
+      filename: "nice_tf.jpg"
+    }
+
+    {:ok, data} = Upload.store(file)
+    [%{"href" => attachment_url} | _] = data["url"]
+    [attachment_url: attachment_url]
+  end
+
+  setup_all :upload_file
+
+  test "does not send Content-Disposition header when name param is not set", %{
+    attachment_url: attachment_url
+  } do
+    conn = get(build_conn(), attachment_url)
+    refute Enum.any?(conn.resp_headers, &(elem(&1, 0) == "content-disposition"))
+  end
+
+  test "sends Content-Disposition header when name param is set", %{
+    attachment_url: attachment_url
+  } do
+    conn = get(build_conn(), attachment_url <> "?name=\"cofe\".gif")
+
+    assert Enum.any?(
+             conn.resp_headers,
+             &(&1 == {"content-disposition", "filename=\"\\\"cofe\\\".gif\""})
+           )
+  end
+end
diff --git a/test/upload_test.exs b/test/upload_test.exs
index bdda01b3f..770226478 100644
--- a/test/upload_test.exs
+++ b/test/upload_test.exs
@@ -150,7 +150,8 @@ defmodule Pleroma.UploadTest do
       {:ok, data} = Upload.store(file)
       [attachment_url | _] = data["url"]
 
-      assert Path.basename(attachment_url["href"]) == "an%E2%80%A6%20image.jpg"
+      assert Path.basename(attachment_url["href"]) ==
+               "an%E2%80%A6%20image.jpg"
     end
 
     test "escapes reserved uri characters" do
diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs
index 0470a439b..e50f0edde 100644
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@@ -334,7 +334,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
   describe "GET /api/pleroma/admin/users" do
     test "renders users array for the first page" do
       admin = insert(:user, info: %{is_admin: true})
-      user = insert(:user)
+      user = insert(:user, local: false, tags: ["foo", "bar"])
 
       conn =
         build_conn()
@@ -349,13 +349,17 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => admin.info.deactivated,
                    "id" => admin.id,
                    "nickname" => admin.nickname,
-                   "roles" => %{"admin" => true, "moderator" => false}
+                   "roles" => %{"admin" => true, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  },
                  %{
                    "deactivated" => user.info.deactivated,
                    "id" => user.id,
                    "nickname" => user.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => false,
+                   "tags" => ["foo", "bar"]
                  }
                ]
              }
@@ -394,7 +398,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => user.info.deactivated,
                    "id" => user.id,
                    "nickname" => user.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  }
                ]
              }
@@ -418,7 +424,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => user.info.deactivated,
                    "id" => user.id,
                    "nickname" => user.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  }
                ]
              }
@@ -436,7 +444,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => user2.info.deactivated,
                    "id" => user2.id,
                    "nickname" => user2.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  }
                ]
              }
@@ -461,7 +471,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => user.info.deactivated,
                    "id" => user.id,
                    "nickname" => user.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  }
                ]
              }
@@ -486,13 +498,17 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "deactivated" => admin.info.deactivated,
                    "id" => admin.id,
                    "nickname" => admin.nickname,
-                   "roles" => %{"admin" => true, "moderator" => false}
+                   "roles" => %{"admin" => true, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  },
                  %{
                    "deactivated" => user.info.deactivated,
                    "id" => user.id,
                    "nickname" => user.nickname,
-                   "roles" => %{"admin" => false, "moderator" => false}
+                   "roles" => %{"admin" => false, "moderator" => false},
+                   "local" => true,
+                   "tags" => []
                  }
                ]
              }
@@ -513,7 +529,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                "deactivated" => !user.info.deactivated,
                "id" => user.id,
                "nickname" => user.nickname,
-               "roles" => %{"admin" => false, "moderator" => false}
+               "roles" => %{"admin" => false, "moderator" => false},
+               "local" => true,
+               "tags" => []
              }
   end
 end