aboutsummaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2019-07-24squash! Expose expires_at datetime in mastoAPI only for the activity actorMike Verdone
NOTE: rewrite the commit msg
2019-07-24Merge branch 'develop' into feature/digest-emailRoman Chvanikov
2019-07-24Expose expires_at datetime in mastoAPI only for the activity actorMike Verdone
In the "pleroma" section of the MastoAPI for status activities you can see an expires_at item that states when the activity will expire, or nothing if the activity will not expire. The expires_at date is only visible to the person who posted the activity. This is the conservative approach in case some attacker decides to write a logger for expiring posts. However, in the future of OCAP, signed requests, and all that stuff, this attack might not be that likely. Some other pleroma dev should remove the restriction in the code at that time, if they're satisfied with the security implications of doing so.
2019-07-24Require that ephemeral posts live for at least one hourMike Verdone
If we didn't put some kind of lifetime requirement on these, I guess you could annoy people by sending large numbers of ephemeral posts that provoke notifications but then disappear before anyone can read them.
2019-07-24Add support for activity expiration to common and Masto APIMike Verdone
The "expires_at" parameter accepts an ISO8601-formatted date which defines when the activity will expire. At this point the API will not give you any feedback about if your post will expire or not.
2019-07-24Add activity expiration workerMike Verdone
This is a worker that runs every minute and deletes expired activities. It's based heavily on the scheduled activities worker.
2019-07-24Add activity expirations tableMike Verdone
Add a table to store activity expirations. An activity can have zero or one expirations. The expiration has a scheduled_at field which stores the time at which the activity should expire and be deleted.
2019-07-24Cleanup: fix a commentMike Verdone
2019-07-24check both item and parent domain blockssadposter
2019-07-24honour domain blocks on streaming notificationsSadposter
2019-07-23Merge branch 'feature/admin-api-user-statuses' into 'develop'kaniini
Admin API: Endpoint for fetching latest user's statuses See merge request pleroma/pleroma!1413
2019-07-23rich media: parser: splice the given URL into the resultAriadne Conill
2019-07-24Merge branch 'develop' into feature/admin-api-user-statusesMaxim Filippov
2019-07-24AdminAPI: Add "godmode" while fetching user statuses (i.e. admin can see ↵Maxim Filippov
private statuses)
2019-07-23Admin config fixAlexander Strizhakov
2019-07-23tests for Pleroma.Web.ActivityPub.PublisherMaksim
2019-07-23Merge branch 'bugfix/unauthed-liked-by' into 'develop'kaniini
Bugfix: don't error out on unauthorized request to liked/favourited_by See merge request pleroma/pleroma!1474
2019-07-23Merge branch 'fix/subscriber-notifications' into 'develop'kaniini
Do not notify subscribers for messages from users which are replies to others See merge request pleroma/pleroma!1477
2019-07-23Fix testMark Felder
2019-07-23Do not notify subscribers for messages from users which are replies to othersMark Felder
2019-07-23signature: properly deduce the actor from misskey key IDsAriadne Conill
2019-07-23fix test names because i cannot typeSadposter
2019-07-23actually reblog on the reblog testSadposter
2019-07-23Use correct URL for testsSadposter
2019-07-23Mix formatSadposter
2019-07-23add tests for unauthed reqs to liked/reblogged_bySadposter
2019-07-23remove pryMaxim Filippov
2019-07-22Exclude tests that use :crypt.crypt/2 on macOSSergey Suprunenko
2019-07-22Feature/1087 wildcard option for blocksAlexander Strizhakov
2019-07-22Merge branch 'hardening/stop-misusing-sharedinbox' into 'develop'Haelwenn
activitypub: publisher: align sharedinbox usage with AP specification rules See merge request pleroma/pleroma!1464
2019-07-22Bugfix: muted/blocked user notification streamingSadposter
2019-07-22Add tests for users tasks and PleromaAuthenticatorSergey Suprunenko
2019-07-22Hide blocked users from interactionsSadposter
2019-07-22activitypub: publisher: align sharedinbox usage with AP specification rulesAriadne Conill
While debugging the follow breakage, I observed that our sharedInbox usage did not match the rules in the specification. Accordingly, I have better aligned our usage of sharedInbox with the rules outlined in the ActivityPub specification.
2019-07-20Resolve merge conflictsrinpatch
2019-07-20Merge branch 'develop' into feature/digest-emailRoman Chvanikov
2019-07-20[tests] Mock :crypt.crypt/2 function in AuthenticationPlugTestSergey Suprunenko
2019-07-20Merge developRoman Chvanikov
2019-07-19Merge branch 'feature/richmedia-ttl' into 'develop'kaniini
add the rich media ttl based on image exp time See merge request pleroma/pleroma!1438
2019-07-19Merge branch 'refactor/http-signature-plug' into 'develop'kaniini
http signature plug: separation of concerns See merge request pleroma/pleroma!1449
2019-07-19#1110 fixed /api/pleroma/healthcheckMaksim
2019-07-19change the structure of image ttl parsarSachin Joshi
2019-07-18Merge branch 'develop' into feature/admin-api-user-statusesMaxim Filippov
2019-07-18mapped signature plug: use `user` assign like authentication plugAriadne Conill
2019-07-18tests for Plugs.AuthenticationPlugMaksim
2019-07-18tests: add tests for mapped signature plugAriadne Conill
2019-07-18http signature plug: remove redundant checks handled by HTTPSignatures libraryAriadne Conill
the redundant checks assumed a POST request, which will not work for signed GETs. this check was originally needed because the HTTPSignatures adapter assumed that the requests were also POST requests. but now, the adapter has been corrected.
2019-07-18Merge branch 'feature/signed-object-fetches' into 'develop'kaniini
signed object fetches See merge request pleroma/pleroma!1446
2019-07-18tests for Uploader with webhookMaksim
2019-07-17tests: add tests for signed object fetchesAriadne Conill
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-22 23:12:37 +0000