Commit Graph

1148 Commits (d58173e45bf0fdf5a6015d40eb88c313a3d99e5c)

Author SHA1 Message Date
Claire a89b02af92
Check domain suspensions before trying to fetch resources (#24535) 2 years ago
Claire b233da5996
Optimize archive export service and export zip files instead of gzipped tar files (#23360) 2 years ago
Claire 32a030dd74
Rewrite import feature (#21054) 2 years ago
Matt Jankowski d902a707a3
Fix Rails/CompactBlank cop (#24690) 2 years ago
Nick Schonning 49fad26eca
Drop EOL Ruby 2.7 (#24237) 2 years ago
Matt Jankowski 0a5f0a8b20
Remove instance variables from helper usage (#24203) 2 years ago
Claire 85b1b45820
Fix crash in NotifyService when trying to send an email notification for polls (#24558) 2 years ago
Claire 99e3e152cd
Fix crash in NotifyService when trying to send an email notification for post edits (#24460) 2 years ago
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2 years ago
Christian Schmidt eb38e9df31
Requeue expiration notification (#24311) 2 years ago
Takeshi Umeda 38c84f57b6
Refactoring relations_map (#24195) 2 years ago
Christian Schmidt bd047acc35
Replace `Status#translatable?` with language matrix in separate endpoint (#24037) 2 years ago
Claire 1d0ad558ff
Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (#24034) 2 years ago
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2 years ago
Claire 050f1669c6
Fix original account being unfollowed on migration before the follow request could be sent (#21957) 2 years ago
Christian Schmidt 5a8c651e8f
Only offer translation for supported languages (#23879) 2 years ago
Claire c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2 years ago
Nick Schonning 56489cdc4f
Autofix Rubocop Style/HashConversion (#23852) 2 years ago
Nick Schonning 4ff44be134
Autofix Rubocop Rails/Blank (#23765) 2 years ago
Nick Schonning 0cfdd1a401
Enable Rubocop Style/StringConcatenation defaults (#23792) 2 years ago
Nick Schonning 59c8d43d94
Autofix Rubocop Style/RescueStandardError (#23745) 2 years ago
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2 years ago
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2 years ago
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2 years ago
Nick Schonning 634368c491
Autofix Rubocop Lint/SymbolConversion (#23683) 2 years ago
Nick Schonning 669f6d2c0a
Run rubocop formatting except line length (#23632) 2 years ago
Claire d6930b3847
Add API parameter to safeguard unexpect mentions in new posts (#18350) 2 years ago
Claire 0c9eac80d8
Fix unbounded recursion in post discovery (#23506)
* Add a limit to how many posts can get fetched as a result of a single request

* Add tests

* Always pass `request_id` when processing `Announce` activities

---------

Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2 years ago
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2 years ago
Nick Schonning ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2 years ago
Claire bb89f0af8a
Fix ActivityPub::ProcessingWorker error on incoming malformed JSON-LD (#23416) 2 years ago
Markus Unterwaditzer f2a6e71bb6
Suppress AddressFamilyError in link verification (#23204)
* Suppress AddressFamilyError

* clarify comment
2 years ago
Claire 628dcbb732
Revert "Remove LDSignature on actor Delete activities (#21466)" (#23185)
This reverts commit f4f2b062ec.
2 years ago
Claire 68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2 years ago
Claire 4b92e59f4f
Add support for editing media description and focus point of already-posted statuses (#20878)
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
2 years ago
Markus Unterwaditzer 0c689b9d01
fix: allow verification when page size exceeds 1MB (using HTML5 parser) (#22879)
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead

Closes #15316

* switch to HTML5 parser, fix rubocop errors

* undo rubocop fixes

Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2 years ago
Kaspar V ae62e5fa53
Fix/remove calling private method with send in model (#22951)
* fix(status): remove send usage for private unlink_from_conversations

- make unlink_from_conversations public method
- rename unlink_from_conversations to unlink_from_conversations!
- fix send call on private method in statuses_vacuum and batched_remove_status_service

* fix(feeds_vacuum): replace find_in_batches with in_batches

because active record query results should be a little more efficient than
itterating with map and each. Postgres can grasp such lists of ids much quicker
than ruby can.
Will probably make allmost no difference, but cannot hurt either.
2 years ago
Claire 18fb01ef7c
Fix possible race conditions when suspending/unsuspending accounts (#22363)
* Fix possible race conditions when suspending/unsuspending accounts

* Fix tests

Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
2 years ago
Effy Elden 4dc9152b3e
Be more lenient with OEmbed detection and validation (#22533) 2 years ago
Claire c1de673060
Fix suspension worker crashing on S3-compatible setups without ACL support (#22487) 2 years ago
Claire bf1c7e2122
Ensure exact match is the first result in hashtag searches (#21315)
Fixes #17494
2 years ago
Claire 2644a28cb3
Change remote media files to be downloaded outside of transactions (#21796) 2 years ago
Brian Campbell 2d12948220
Fix idempotency when database writes are slow (#21840)
There is an idempotency key generated by clients when authoring a post,
and stored in Redis, to ensure that if a user or client retries posting
the same status, we don't get a duplicate.

Hachyderm.io has been experiencing some filesystem and database
performance issues, causing database writes to be slow. This can mean
that there are successful posts, but the reverse proxy returns 504
Gateway Timeout before the idempotency status has been updated; users or
clients who retry (such as Tusky which retries automatically, see
tuskyapp/Tusky#2951) can re-try the same post with the same idempotency
key before it has actually been recorded in Redis, leading to duplicate
posts.

To address this issue, move all of the database updates after the
initial transaction that creates the status into the
`postprocess_status!` method, so we can insert the idempotency key
immediately after the status has been created, significantly reducing
the window in which the status could be created but the idempotency key
not yet stored.

Note: this has not yet been tested; I'm submitting this PR for
discussion and to offer to the Hachyderm.io admins to try out to fix the
multiple posting problem.

Co-authored-by: Brian Campbell <brcampbell@beta.team>
2 years ago
Claire c8849d6cee
Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2 years ago
Claire f4f2b062ec
Remove LDSignature on actor Delete activities (#21466)
They are currently not used for anything and represent more than half of the
payload size.
2 years ago
Claire 625216d8e1
Fix attachments of edited statuses not being fetched (#21565)
* Fix attachments of edited statuses not being fetched

* Fix tests
2 years ago
Joshua Wood daf6f3453e
Handle links with no href in VerifyLinkService (#20741)
Before this change, the following error would cause VerifyAccountLinksWorker to fail:

NoMethodError: undefined method `downcase' for nil:NilClass
  [PROJECT_ROOT]/app/services/verify_link_service.rb:31 :in `block in link_back_present?`
2 years ago
Hampton Lintorn-Catlin 147d8bd8fc
Support UTF-8 Characters in Domains During CSV Import (#20592)
* Support UTF-8 Characters in Domains During Import

* Update Changelong
2 years ago
James Tucker 78a6b871fe
Improve performance by avoiding regex construction (#20215)
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
2 years ago
Claire a5394980f2
Fix NameError in Webfinger redirect handling in ActivityPub::FetchRemoteActorService (#20260) 2 years ago
Eugen Rochko e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2 years ago
trwnh b1a48e05b6
Change Report category to "violation" if rule IDs are provided (#20137)
* Change Report category to "violation" if rule IDs are provided

* Fix LiteralAsCondition

* Add parentheses to conditional statement
2 years ago
Claire bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2 years ago
Eugen Rochko c4b92b1aee
Fix n+1 query during status removal (#19753) 2 years ago
Claire c2170991c7
Fix reblogs being discarded after the reblogged status (#19731) 2 years ago
Eugen Rochko 5f9e47be34
Add caching for payload serialization during fan-out (#19642) 2 years ago
Claire 4fb0aae636
Change mentions of blocked users to not be processed (#19725)
Fixes #19698
2 years ago
Claire e0eb39d41b
Fix bookmark import stopping at the first failure (#19669)
Fixes #19389
2 years ago
Eugen Rochko dc5c86add7
Fix account migration form ever using outdated account data (#18429) 2 years ago
Eugen Rochko f6bcf86caf
Fix wrong math function used in search query (#19481) 2 years ago
Eugen Rochko 7d25f72b9f
Fix negatives values in search index causing queries to fail (#19464) 2 years ago
Eugen Rochko 1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2 years ago
Yamagishi Kazutoshi 45d3b32488
Fix `Settings::FeaturedTagsController` (#19418)
Regression from #19409
2 years ago
Takeshi Umeda 74ead7d106
Change featured tag updates to add/remove activity (#19409)
* Change featured tag updates to add/remove activity

* Fix to check for the existence of feature tag

* Rename service and worker

* Merge AddHashtagSerializer with AddSerializer

* Undo removal of sidekiq_options
2 years ago
Yamagishi Kazutoshi 94feb2b93f
Fix `FetchFeaturedCollectionService` spec (#19401)
Regression from #19380
2 years ago
Takeshi Umeda b0e3f0312c
Add synchronization of remote featured tags (#19380)
* Add LIMIT of featured tag to instance API response

* Add featured_tags_collection_url to Account

* Add synchronization of remote featured tags

* Deliver update activity when updating featured tag

* Remove featured_tags_collection_url

* Revert "Add featured_tags_collection_url to Account"

This reverts commit cff349fc27.

* Add hashtag sync from featured collections

* Fix tag name normalize

* Add target option to fetch featured collection

* Refactor fetch_featured_tags_collection_service

* Add LIMIT of featured tag to v1/instance API response
2 years ago
Claire cedcece0cc
Fix deleted pinned posts potentially counting towards the pinned posts limit (#19005)
Fixes #18938
2 years ago
Eugen Rochko 55a2e9b5be
Fix translations not being formatted, other issues in web UI (#19245)
Fix #19237
2 years ago
Claire 85890bc80f
Fix crash in FetchRemoteKeyService (#19225)
Fix regression from #19212
2 years ago
Eugen Rochko 0d6b878808
Add user content translations with configurable backends (#19218) 2 years ago
Claire 8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2 years ago
Eugen Rochko 50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2 years ago
Claire 7b38cb88ca
Fix ProcessMentionService swallowing unprocessed mentions to unconfirmed/unapproved users (#19191) 2 years ago
Claire 1145dbd327
Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2 years ago
Claire c7147bab90
Fix incorrect and slow cache invalidation in ClearDomainMediaService (#19062)
Fixes #19060
2 years ago
Eugen Rochko d83faa1a89
Add ability to block sign-ups from IP (#19037) 2 years ago
Jeong Arm 6aa83b13ba
Properly delete remote account's avatar/header when fetch/update (#18973) 2 years ago
Eugen Rochko c3f0621a59
Add ability to follow hashtags (#18809) 2 years ago
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
3 years ago
Claire 1b4054256f
Fix crash when a remote Flag activity mentions a private post (#18760)
* Add tests

* Fix crash when a remote Flag activity mentions a private post
3 years ago
Eugen Rochko 2936f42a14
Add notifications for new reports (#18697) 3 years ago
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
3 years ago
Eugen Rochko 52f4e834f2
Fix concurrent unfollowing decrementing follower count more than once (#18527) 3 years ago
Eugen Rochko 8a9acbe604
Fix being able to appeal a strike unlimited times (#18529)
Peculiarity of the `has_one` association is that the convenience
creation method deletes the previous association even if the new
one is invalid
3 years ago
Eugen Rochko c4d2c39a75
Fix being able to report otherwise inaccessible statuses (#18528) 3 years ago
Eugen Rochko 1ff4877945
Fix empty votes arbitrarily increasing voters count in polls (#18526) 3 years ago
Eugen Rochko 976cd6413e
Fix moderator leak in undo_mark_statuses_as_sensitive (#18525)
Signed-off-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: 40826d <74816220+40826d@users.noreply.github.com>
3 years ago
Claire 440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API (#17530)
* Change unapproved and unconfirmed account to not be accessible in the REST API

* Change Account#searchable? to reject unconfirmed and unapproved users

* Disable search for unapproved and unconfirmed users in Account.search_for

* Disable search for unapproved and unconfirmed users in Account.advanced_search_for

* Remove unconfirmed and unapproved accounts from Account.searchable scope

* Prevent mentions to unapproved/unconfirmed accounts

* Fix some old tests for Account.advanced_search_for

* Add some Account.advanced_search_for tests for existing behaviors

* Add some tests for Account.search_for

* Add Account.advanced_search_for tests unconfirmed and unapproved accounts

* Add Account.searchable tests

* Fix Account.without_unapproved scope potentially messing with previously-applied scopes

* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup

This is so that the API can still be used to check whether an username is free
to use.
3 years ago
Claire e0bdaeab65
Fix NoMethodError when resolving a link that redirects to a local post (#18314)
* Fix NoMethodError when resolving a link that redirects to a local post

* Fix tests
3 years ago
Eugen Rochko 6cf57c6765
Refactor how Redis locks are created (#18400)
* Refactor how Redis locks are created

* Fix autorelease duration on account deletion lock
3 years ago
Sara Golemon 336c23336a
Allow VerifyLinkService to accept backlinks with differing case (#18320) 3 years ago
Claire 0597e5db68
Fix ArgumentError when processing pinned posts from Friendica (#18260)
Follow-up to #18254
3 years ago
Claire 71d02ffcf3
Fix compatibility with Friendica regarding pinned posts (#18254)
* Fix multiple database queries when fetching pinned posts for remote account

* Fix compatibility with Friendica regarding pinned posts

Fixes #18066

* Add tests
3 years ago
Claire 9a3be0ad68
Fix error when looking handle with surrounding spaces (#18225) 3 years ago
Claire 84d991988e
Fix temporary network/remote server error prevent from interactions with remote accounts (#18161)
* Fix temporary network/remote server error prevent from interactions with remote accounts

* Fix and add tests
3 years ago
Eugen Rochko 3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
3 years ago
Jeong Arm 1de748bf5e
Fix FetchFeaturedCollectionService (#18030) 3 years ago
Eugen Rochko 8e20e16cf0
Change e-mail notifications to only be sent when recipient is offline (#17984)
* Change e-mail notifications to only be sent when recipient is offline

Change the default for follow and mention notifications back on

* Add preference to always send e-mail notifications

* Change wording
3 years ago
Claire 8f91e304a5
Fix spurious edits and require incoming edits to be explicitly marked as such (#17918)
* Change post text edit to not be considered significant if it's identical after reformatting

* We don't need to clear previous change information anymore

* Require status edits to be explicit, except for poll tallies

* Fix tests

* Add some tests

* Add poll-related tests

* Add HTML-formatting related tests
3 years ago
Claire 454ef42aab
Fix error when encountering invalid pinned posts (#17964) 3 years ago
Claire abb11778d7
Fix inconsistency in error handling when removing a status (#17974)
Not completely sure this could actually have any ill effect, but if
`RemoveStatusService` fails to acquire a lock in an
`ActivityPub::ProcessingWorker` job processing a `Delete`, the status
is currently discarded and causes a job failure but the next time the
job is attempted, it will skip deleting the status due to it being
discarded.

This commit makes the behavior of `RemoveStatusService` a bit more consistent
in case of failure to acquire the lock.
3 years ago
Claire 2cc7ba2671
Refactor `response_to_recipient?` CTE (#17899)
* Optimize and clean up `response_to_recipient?` CTE

Marginally improve performances, and make the CTE much more readable

* Limit max depth in `response_to_recipient?` CTE
3 years ago
Eugen Rochko cefa526c6d
Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
3 years ago
Eugen Rochko 71f2b95106
Fix edits with no actual changes being allowed (#17843)
* Fix edits with no actual changes being allowed locally

* Fix edits with no actual changes being allowed through ActivityPub

* Fix false positive changes caused by description processing in model

* Fix not recording poll expiration update

* Fix test

* Revert changes to ProcessStatusUpdateService

* Various fixes and improvements

* Fix code style issues

* Various changes and improvements

* Add guard clause
3 years ago
Claire 92a86b958e
Fix issues with processing toot edits (#17748)
* Fix searching for an already-known status by URL not working

* Fix Update processing from statuses prior to 20220302232632

`ordered_media_attachment_ids_changed?` would return `true` when going from
`nil` to anything (including `[]`).

* Add tests
3 years ago
Claire d3aa9cf774
Fix Updates being forwarded even when not processable or causing no change (#17699)
* Fix Updates being forwarded even when not processable or causing no change

* Refactor and ensure status edit is strictly newer than last known edit
3 years ago
Eugen Rochko ddbe906c25
Fix not updating a status when newer version is fetched manually (#17745) 3 years ago
Eugen Rochko b2cd34474b
Add rate limit for editing (#17728) 3 years ago
Eugen Rochko d17fb70131
Change how changes to media attachments are stored for edits (#17696)
* Change how changes to media attachments are stored for edits

Fix not being able to re-order media attachments

* Fix not broadcasting updates when polls/media is changed through ActivityPub

* Various fixes and improvements

* Update app/models/report.rb

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Add tracking of media attachment description changes

* Change poll in status edit to have a structure closer to the real one

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
3 years ago
Eugen Rochko c0327ff31f
Fix invalid language resulting in no fallback being set on statuses (#17722) 3 years ago
Eugen Rochko 2ea754b861
Fix duplicate notifications being possible after poll expiration (#17697) 3 years ago
Eugen Rochko 02b8d63fce
Fix report category not being saved in REST API (#17682) 3 years ago
Eugen Rochko 25d3dc4373
Add ability to mark statuses as sensitive from reports in admin UI (#17668)
* Add ability to mark statuses as sensitive from reports in admin UI

* Allow mark as sensitive action on statuses with preview cards
3 years ago
Eugen Rochko 27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
3 years ago
Claire 1c3e5e44e2
Fix new sign-up notification not working because of incorrect type name (#17629) 3 years ago
Eugen Rochko 7b816eb5ae
Add notifications for new sign-ups (#16953) 3 years ago
luzpaz 73f5e4a1d9
Fix various typos (#17621)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
3 years ago
Eugen Rochko 564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
3 years ago
Eugen Rochko 8f03b7a2fb
Add notifications when a reblogged status has been updated (#17404)
* Add notifications when a reblogged status has been updated

* Change wording to say "edit" instead of "update" and add missing controls

* Replace previous update notifications with the most up-to-date one
3 years ago
Eugen Rochko c9a52833b6
Fix deletes not being signed in authorized fetch mode (#17484)
Fix #17483
3 years ago
Claire 63854bee6c
Fix poll votes not being properly reset on poll change (#17498)
* Fix poll votes not being properly reset on poll change

* Fix and add tests

* Fix poll update handling when the number of options changes
3 years ago
Eugen Rochko 1bfcb75105
Fix outdated iso-639 reference in update status service (#17496) 3 years ago
Eugen Rochko 63002cde03
Add editing for published statuses (#17320)
* Add editing for published statuses

* Fix change of multiple-choice boolean in poll not resetting votes

* Remove the ability to update existing media attachments for now
3 years ago
Eugen Rochko 2f8159baad
Add `category` and `rule_ids` params to `POST /api/v1/reports` (#17492) 3 years ago
Eugen Rochko b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Claire c8b1e72a4f
Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428) 3 years ago
Claire 948235592a
Fix response_to_recipient? CTE (#17427) 3 years ago
Claire d1ecc323e7
Compact JSON-LD signed incoming activities (#17426)
Co-authored-by: Puck Meerburg <puck@puck.moe>
3 years ago
Claire 03d59340da
Fix Sidekiq warnings about JSON serialization (#17381)
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
3 years ago
Claire 166cc5b89d
Fix local distribution of edited statuses (#17380)
Because `FanOutOnWriteService#update?` was broken, edits were considered as new
toots and a regular `update` payload was sent.
3 years ago
Eugen Rochko 6505b39e5d
Fix poll updates being saved as status edits (#17373)
Fix #17344
3 years ago
Eugen Rochko d412a8d1f2
Fix error when processing poll updates (#17333)
Regression from #16697
3 years ago
Eugen Rochko 1060666c58
Add support for editing for published statuses (#16697)
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
3 years ago
Jeong Arm 2d1f082bb6
Fix NameError on ActivityPub::FetchFeaturedCollectionService (#17326)
Related: #16954
3 years ago
Eugen Rochko 14f436c457
Add notifications for statuses deleted by moderators (#17204) 3 years ago
Claire d5c9feb7b7
Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
3 years ago
Jeong Arm d3db2eb7fb
Remove custom emojis on domain purge (#17210) 3 years ago
Claire 7f803c41e2
Add ability to purge undeliverable domains from admin interface (#16686)
* Add ability to purge undeliverable domains from admin interface

* Add tests
3 years ago
Eugen Rochko 7de0ee7aba
Remove Keybase integration (#17045) 3 years ago
Claire 013bee6afb
Fix filtering DMs from non-followed users (#17042) 3 years ago
Eugen Rochko 6e50134a42
Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
3 years ago
Takeshi Umeda 3419d3ec84
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
* Bump chewy from 5.2.0 to 7.2.2

* fix style (codeclimate)

* fix style

* fix style

* Bump chewy from 7.2.2 to 7.2.3
3 years ago
Eugen Rochko 39cdf61ab7
Add support for structured data and more OpenGraph tags to link cards (#16938)
Save preview cards under their canonical URL

Increase max redirects to follow from 2 to 3
3 years ago
Claire ec059317fa
Fix some link previews being incorrectly generated from other prior links (#16885)
* Add tests

* Fix some link previews being incorrectly generated from different prior links

PR #12403 added a cache to avoid redundant queries when the OEmbed endpoint can
be guessed from the URL. This caching mechanism is not perfectly correct as
there is no guarantee that all pages from a given domain share the same
OEmbed provider endpoint.

This PR prevents the FetchOEmbedService from caching OEmbed endpoint that
cannot be generalized by replacing a fully-qualified URL from the endpoint's
parameters, greatly reducing the number of incorrect cached generalizations.
3 years ago
Claire 3f9b28ce26
Add support for fetching Create and Announce activities by URI (#16383)
* Add support for fetching Create and Announce activities by URI

This should improve compatibility with ZAP and offer a way to fetch boosts,
which is currently not possible.

* Add tests
3 years ago
Takeshi Umeda 17f4e457b3
Add remove from followers api (#16864)
* Add followed_by? to account_interactions

* Add RemoveFromFollowersService

* Fix AccountBatch to use RemoveFromFollowersService

* Add remove from followers API
3 years ago
Claire 216570ad98
Fix scheduled statuses decreasing statuses counts (#16791)
* Add tests

* Fix scheduled statuses decreasing statuses counts

Fixes #16774
3 years ago
Eugen Rochko a0d4129893
Refactor notifications to go through a separate stream in streaming API (#16765)
Eliminate need to have custom notifications filtering logic in the
streaming API code by publishing notifications into a separate stream
and then simply using the multi-stream capability to subscribe to that
stream when necessary
3 years ago
Claire 9ac7e6fef7
Fix remotely-suspended accounts' toots being merged back into timelines (#16628)
* Fix remotely-suspended accounts' toots being merged back into timelines

* Mark remotely-deleted accounts as remotely suspended
3 years ago
Holger 0cae6c07bb
Fix #16603 (#16605)
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
3 years ago
Claire 4ac78e2a06
Add feature to automatically delete old toots (#16529)
* Add account statuses cleanup policy model

* Record last inspected toot to delete to speed up successive calls to statuses_to_delete

* Add service to cleanup a given account's statuses within a budget

* Add worker to go through account policies and delete old toots

* Fix last inspected status id logic

All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.

* Add tests

* Refactor scheduler and add tests

* Add user interface

* Add support for discriminating based on boosts/favs

* Add UI support for min_reblogs and min_favs, rework UI

* Address first round of review comments

* Replace Snowflake#id_at_start with with_random parameter

* Add tests

* Add tests for StatusesCleanupController

* Rework settings page

* Adjust load-avoiding mechanisms

* Please CodeClimate
3 years ago
Claire 763ab0c7eb
Fix owned account notes not being deleted when an account is deleted (#16579)
* Add account_notes relationship

* Add tests

* Fix owned account notes not being deleted when an account is deleted

* Add post-migration to clean up orphaned account notes
3 years ago
Claire 1d67acb72f
Fix scoped order warning in RemoveStatusService (#16531)
Fixes “Scoped order is ignored, it's forced to be batch order.”
3 years ago
Claire d8629e7b86
Add logging of S3-related errors (#16381) 3 years ago
Claire 9a19227f17
Fix some RedisLocks auto-releasing too fast (#16276)
* Fix Delete and Create-related locks expiring too fast

Fixes #16238

By default, RedisLock expires after 10 seconds, which may not be enough to
process statuses, especially when those have attached media files.

This commit extends those 10 seconds to 15 minutes, which should be plenty
enough to handle any status, while being short enough to not waste many
sidekiq job retries in the exceedingly rare case in which a sidekiq process
would crash when processing a `Create` or `Delete`.

* Fix other RedisLock autorelease durations

Fixes #15645

- things that only perform a few simple database queries (e.g. finding and
  saving a record) have been left unchanged, so they'll still use the default
  10s duration
- things that perform significantly more complex database queries have been
  changed to a 5 minutes timeout
- things that perform multiple HTTP queries have been changed to a 15 minutes
  timeout
4 years ago
Takeshi Umeda c403c3695b
Fix to be able to redownload avatar and header (#16190)
* Fix to reset if header and avatar download fails

* Add RedownloadAvatarWorker and RedownloadHeaderWorker
4 years ago
Claire afb7882189
Fix blocking someone not clearing up list feeds (#16205) 4 years ago
Takeshi Umeda 9da5e0b350
Fix webfinger_update_due to run WebFinger on stale activitypub-account (#16182) 4 years ago
Eugen Rochko 74081433d0
Change trending hashtags to be affected be reblogs (#16164)
If a status with a hashtag becomes very popular, it stands to
reason that the hashtag should have a chance at trending

Fix no stats being recorded for hashtags that are not allowed
to trend, and stop ignoring bots

Remove references to hashtags in profile directory from the code
and the admin UI
4 years ago
Eugen Rochko 2c77d97e0d
Add joined date to profiles in web UI (#16169) 4 years ago
Eugen Rochko fab65848d2
Fix empty home feed before first follow has finished processing (#16152)
Change queue of merge worker from pull to default
4 years ago
Eugen Rochko f627d2eb93
Fix trying to fetch key from empty URI when verifying HTTP signature (#16100) 4 years ago
Eugen Rochko daccc07dc1
Change auto-following admin-selected accounts, show in recommendations (#16078) 4 years ago
Claire 0b36e3419d
Fix processing of remote Delete activities (#16084)
* Add tests

* Ensure deleted statuses are marked as such

* Save some redis memory by not storing URIs in delete_upon_arrival values

* Avoid possible race condition when processing incoming Deletes

* Avoid potential duplicate Delete forwards

* Lower lock durations to reduce issues in case of hard crash of the Rails process

* Check for `lock.aquired?` and improve comment

* Refactor RedisLock usage in app/lib/activitypub

* Fix using incorrect or non-existent sender for relaying Deletes
4 years ago
Eugen Rochko ca3bc1b09f
Refactor StatusReachFinder to handle followers and relays as well (#16051) 4 years ago
Eugen Rochko 6d6000f61f
Fix remote reporters not receiving suspend/unsuspend activities (#16050) 4 years ago
Eugen Rochko dde8739020
Fix reports of already suspended accounts being recorded (#16047) 4 years ago
Eugen Rochko 619fad6cf8
Remove spam check and dependency on nilsimsa gem (#16011) 4 years ago
Claire cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
4 years ago
Claire 5614e6724e
Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
4 years ago
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
4 years ago
Claire 5f4c0b79c2
Change ResolveAccountService's handling of skip_webfinger (#15750)
* Change ResolveAccountService's handling of skip_webfinger

Change it so it never makes any webfinger query, as the name would imply.

* Add tests

* Change FollowService to not take an URI for target_account

* Restore domain-block check in FollowService

* Fix tests
4 years ago
Eugen Rochko f8972d4503
Fix YouTube embeds failing due to YouTube serving wrong OEmbed URLs (#15716) 4 years ago
Takeshi Umeda 7f1c56954b
Fix first return value of FetchLinkCardService.html method (#15630) 4 years ago
luigi 7ea9588520
Use Enumerable#filter_map in more places (#15527) 4 years ago
luigi eb51e43fb4
Optimize some regex matching (#15528)
* Use Regex#match?

* Replace =~ too

* Avoid to call match? from Nil

* Keep value of Regexp.last_match
4 years ago
luigi 087ed84367
Optimize map { ... }.compact calls (#15513)
* Optimize map { ... }.compact

using Enumerable#filter_map, supported since Ruby 2.7

* Add poyfill for Enumerable#filter_map
4 years ago
abcang efffdd3778
Fix rubocop config and warnings (#15503)
* disable NewCops

* update TargetRubyVersion

* Fix Lint/MissingSuper for ActiveModelSerializers::Model

* Fix Lint/MissingSuper for feed

* Fix Lint/FloatComparison

* Do not use instance variables
4 years ago
ThibG f1f96ebf02
Fix being able to import more than allowed number of follows (#15384)
* Fix being able to import more than allowed number of follows

Without this commit, if someone tries importing a second list of accounts to
follow before the first one has been processed, this will queue imports for
the two whole lists, even if they exceed the account's allowed number of
outgoing follows.

This commit changes it so the individual queued imports aren't exempt from
the follow limit check (they remain exempt from the rate-limiting check
though).

* Catch validation errors to not re-queue failed follows

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
Eugen Rochko e89648574f
Fix error when changing ACL on missing objects during suspension (#15420) 4 years ago
Eugen Rochko ba0b79fc5c
Fix undefined method error when batch-removing statuses with ElasticSearch on (#15421) 4 years ago
ThibG de57efd055
Fix mentions not being deleted efficiently (#15416)
As a regression from the recent optimizations, mentions were left untouched
until `account.destroy`, which would then delete them individually,
and executing queries to find and delete associated notifications, resulting
in a massive slowdown.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
Eugen Rochko 473abc35a1
Fix trying to privatize empty media attachments (#15414) 4 years ago
ThibG 814b7775fb
Improve performances of deleting favourites when deleting accounts (#15412)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 2ab3e91eaf
Fix BatchedRemoveStatusService not working without ES in rails console (#15408)
Not a huge deal but may cause surprising failures in custom scripts and
development.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 3249d35bdc
Improve account deletion performances further (#15407)
* Delete status records by batches of 50

* Do not precompute values that are only used once

* Do not generate redis events for removal of public toots older than two weeks

* Filter reported toots a priori for polls and status deletion

* Do not process reblogs when cleaning up public timelines

As in Mastodon proper, reblogs don't appear in public TLs

* Clean the deleted account's own feed in one go

* Refactor Account#clean_feed_manager and List#clean_feed_manager

* Delete instead of destroy a few more associations

* Fix preloading

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG f18349640b
Fix batch order warnings in BatchedRemoveStatusService (#15409)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
Eugen Rochko 9915d11c0d
Fix unnecessary queries when batch-removing statuses, 100x faster (#15387) 4 years ago
ThibG 43961035a9
Fix some notifications not being deleted on poll/status deletion (#15402)
* Fix deleting polls not deleting notifications

* Fix fav notification deletion when deleting a toot

* Refactor DeleteAccountService spec

* Add DeleteAccountService tests for other associations and notifications

* Add favourite handling spec in status removal

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 7bf3c6e57b
Fix AccountDeletionWorker crashing and clogging sidekiq queues (#15380)
* Fix account deletion workers being queued multiple times for a single account

* Fix poll votes being unnecessarily instantiated on poll deletion

* Fix favourites being unnecessarily instantiated on status deletion

* Remove inaccurate comments

* Delete polls instead of destroying them

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG a60d9335d8
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364)
* Fix ResolveAccountService accepting mismatching acct: URI

* Set attributes that should be updated regardless of suspension

* Fix key fetching

* Automatically merge remote accounts with duplicate `uri`

* Add tests

* Add "tootctl accounts fix-duplicates"

Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and
merge them under the canonical `acct:` URI.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
Eugen Rochko eb35be0431
Fix follow limit preventing re-following of a moved account (#14207) 4 years ago
ThibG b1feb47055
Improve searching for private toots from URL (#14856)
* Improve searching for private toots from URL

Most of the time, when sharing toots, people use the toot URL rather than
the toot URI, which makes sense since it is the user-facing URL.

In Mastodon's case, the URL and URI are different, and Mastodon does not
have an index on URL, which means searching a private toot by URL is done
with a slow query that will only succeed for very recent toots.

This change gets rid of the slow query, and attempts to guess the URI from
URL instead, as Mastodon's are predictable.

* Add tests

* Only return status with guessed uri if url matches

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 1390cc194b
Add indication to admin UI of whether a report has been forwarded (#13237)
* Add indication to admin UI of whether a report has been forwarded

* Rework how forwarded status is displayed

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
Eugen Rochko e7e099d1a0
Fix deletes not reaching every server that interacted with status (#15200)
Extract logic for determining ActivityPub inboxes to send deletes
to to its own class and explicitly include the person the status
replied to (even if not mentioned), people who favourited it, and
people who replied to it (though that one is still not recursive)
4 years ago
ThibG 66832cbf33
Undo outgoing follows when suspending a remote account (#15188) 4 years ago
ThibG 8b8004a962
Fix webfinger redirect handling in ResolveAccountService (#15187)
* Fix webfinger redirect handling in ResolveAccountService

ResolveAccountService#process_webfinger! handled a one-step webfinger
redirection, but only accepting the result if it matched the exact URI passed
as input, defeating the point of a redirection check.

Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`,
updating the resulting `acct:` URI with the result of the first webfinger
query.

* Add tests
4 years ago
ThibG 96c1e71329
Add import/export feature for bookmarks (#14956)
* Add ability to export bookmarks

* Add support for importing bookmarks

* Add bookmark import tests

* Add bookmarks export test
4 years ago
ThibG 2f6831f318
Fix sending spurious Rejects when processing remote account deletion (#15104)
* Fix sending spurious Rejects when processing remote account deletion

* Make skip_side_effects imply skip_activitypub
4 years ago
Eugen Rochko df1653174b
Add cache buster feature for media files (#15155)
Nginx can be configured to bypass proxy cache when a special header
is in the request. If the response is cacheable, it will replace
the cache for that request. Proxy caching of media files is
desirable when using object storage as a way of minimizing bandwidth
costs, but has the drawback of leaving deleted media files for
a configured amount of cache time. A cache buster can make those
media files immediately unavailable. This especially makes sense
when suspending and unsuspending an account.
4 years ago