diff options
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | config/config.exs | 3 | ||||
| -rw-r--r-- | docs/config.md | 9 | ||||
| -rw-r--r-- | lib/pleroma/activity/search.ex | 8 | ||||
| -rw-r--r-- | lib/pleroma/user/search.ex | 25 | ||||
| -rw-r--r-- | test/activity_test.exs | 14 | ||||
| -rw-r--r-- | test/user_test.exs | 22 |
7 files changed, 72 insertions, 10 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 376df2e57..cf2232b09 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -27,6 +27,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Configuration: `notify_email` option - Configuration: Media proxy `whitelist` option - Configuration: `report_uri` option +- Configuration: `limit_unauthenticated_to_local_content` option - Pleroma API: User subscriptions - Pleroma API: Healthcheck endpoint - Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints diff --git a/config/config.exs b/config/config.exs index a3f33cfbb..4e2b1703b 100644 --- a/config/config.exs +++ b/config/config.exs @@ -244,7 +244,8 @@ config :pleroma, :instance, safe_dm_mentions: false, healthcheck: false, remote_post_retention_days: 90, - skip_thread_containment: false + skip_thread_containment: false, + limit_unauthenticated_to_local_content: true config :pleroma, :app_account_creation, enabled: true, max_requests: 25, interval: 1800 diff --git a/docs/config.md b/docs/config.md index 93ede6464..c61a5d8a3 100644 --- a/docs/config.md +++ b/docs/config.md @@ -108,10 +108,11 @@ config :pleroma, Pleroma.Emails.Mailer, * `welcome_message`: A message that will be send to a newly registered users as a direct message. * `welcome_user_nickname`: The nickname of the local user that sends the welcome message. * `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) -* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). (Default: `false`) -* `healthcheck`: if set to true, system data will be shown on ``/api/pleroma/healthcheck``. -* `remote_post_retention_days`: the default amount of days to retain remote posts when pruning the database -* `skip_thread_containment`: Skip filter out broken threads. the default is `false`. +* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. +* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. +* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. +* `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`. ## :app_account_creation REST API for creating an account settings diff --git a/lib/pleroma/activity/search.ex b/lib/pleroma/activity/search.ex index f2fdfffe1..9ccedcd13 100644 --- a/lib/pleroma/activity/search.ex +++ b/lib/pleroma/activity/search.ex @@ -60,7 +60,13 @@ defmodule Pleroma.Activity.Search do defp maybe_restrict_local(q, %User{}), do: q # unauthenticated users can only search local activities - defp maybe_restrict_local(q, _), do: where(q, local: true) + defp maybe_restrict_local(q, _) do + if Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true) do + where(q, local: true) + else + q + end + end defp maybe_fetch(activities, user, search_query) do with true <- Regex.match?(~r/https?:/, search_query), diff --git a/lib/pleroma/user/search.ex b/lib/pleroma/user/search.ex index d5b2eaa9f..e74143cd0 100644 --- a/lib/pleroma/user/search.ex +++ b/lib/pleroma/user/search.ex @@ -14,7 +14,7 @@ defmodule Pleroma.User.Search do # Strip the beginning @ off if there is a query query = String.trim_leading(query, "@") - if match?(%User{}, for_user) and resolve, do: User.get_or_fetch(query) + maybe_resolve(resolve, for_user, query) {:ok, results} = Repo.transaction(fn -> @@ -28,6 +28,16 @@ defmodule Pleroma.User.Search do results end + defp maybe_resolve(true, %User{}, query) do + User.get_or_fetch(query) + end + + defp maybe_resolve(true, _, query) do + unless restrict_local?(), do: User.get_or_fetch(query) + end + + defp maybe_resolve(_, _, _), do: :noop + defp search_query(query, for_user) do query |> union_query() @@ -39,6 +49,10 @@ defmodule Pleroma.User.Search do |> maybe_restrict_local(for_user) end + defp restrict_local? do + Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true) + end + defp union_query(query) do fts_subquery = fts_search_subquery(query) trigram_subquery = trigram_search_subquery(query) @@ -52,7 +66,14 @@ defmodule Pleroma.User.Search do # unauthenticated users can only search local activities defp maybe_restrict_local(q, %User{}), do: q - defp maybe_restrict_local(q, _), do: where(q, [u], u.local == true) + + defp maybe_restrict_local(q, _) do + if restrict_local?() do + where(q, [u], u.local == true) + else + q + end + end defp boost_search_rank_query(query, nil), do: query diff --git a/test/activity_test.exs b/test/activity_test.exs index 1814e313d..e56e39096 100644 --- a/test/activity_test.exs +++ b/test/activity_test.exs @@ -138,5 +138,19 @@ defmodule Pleroma.ActivityTest do test "find only local statuses for unauthenticated users", %{local_activity: local_activity} do assert [^local_activity] = Activity.search(nil, "find me") end + + test "find all statuses for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`", + %{ + local_activity: local_activity, + remote_activity: remote_activity + } do + Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false) + + activities = Enum.sort_by(Activity.search(nil, "find me"), & &1.id) + + assert [^local_activity, ^remote_activity] = activities + + Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true) + end end end diff --git a/test/user_test.exs b/test/user_test.exs index 108883ba3..8dd672173 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -1077,7 +1077,7 @@ defmodule Pleroma.UserTest do Enum.map(User.search("doe", resolve: false, for_user: u1), & &1.id) == [] end - test "find local and remote statuses for authenticated users" do + test "find local and remote users for authenticated users" do u1 = insert(:user, %{name: "lain"}) u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false}) u3 = insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false}) @@ -1091,7 +1091,7 @@ defmodule Pleroma.UserTest do assert [u1.id, u2.id, u3.id] == results end - test "find only local statuses for unauthenticated users" do + test "find only local users for unauthenticated users" do %{id: id} = insert(:user, %{name: "lain"}) insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false}) insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false}) @@ -1099,6 +1099,24 @@ defmodule Pleroma.UserTest do assert [%{id: ^id}] = User.search("lain") end + test "find all users for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`" do + Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false) + + u1 = insert(:user, %{name: "lain"}) + u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false}) + u3 = insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false}) + + results = + "lain" + |> User.search() + |> Enum.map(& &1.id) + |> Enum.sort() + + assert [u1.id, u2.id, u3.id] == results + + Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true) + end + test "finds a user whose name is nil" do _user = insert(:user, %{name: "notamatch", nickname: "testuser@pleroma.amplifie.red"}) user_two = insert(:user, %{name: nil, nickname: "lain@pleroma.soykaf.com"}) |