Commit graph

874 commits

Author SHA1 Message Date
Thomas Citharel 33bf8334fe
Allow all rel values for event & post links in descriptions
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-09 14:26:19 +02:00
Thomas Citharel 783486a366
Support denying registration based on email or domain
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-08 19:56:33 +02:00
Thomas Citharel 51cd066a14
Add resizing filter to make sure pictures are not too big
Closes #810

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-05 16:10:03 +02:00
Thomas Citharel f3a05929d9
Allow members-restricted posts to be viewable by instance moderators
But add a warning message on top of the post

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-05 16:10:03 +02:00
Thomas Citharel 93ba408671
Improve group profile metadata
* Add canonical link
* Add link alternate to application/activity+json representation
* add robots noindex on remote profiles

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-04 10:49:02 +02:00
Thomas Citharel d0ff547417
Fix a typo in a with clause in Upload module
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-03 18:47:28 +02:00
Thomas Citharel bd71dd6cf1
Handle SSL being already started in LDAP connection
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-03 14:58:06 +02:00
Thomas Citharel cceb083ad7
Improve error reporting and add test
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-03 12:15:54 +02:00
Thomas Citharel 056146a566
Translate two backend errors from password change
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 19:31:16 +02:00
Thomas Citharel 8c480af4bd
Upgrade deps
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 18:11:22 +02:00
Thomas Citharel a5822d179c
Fix editing event from original instance on a group event
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 11:45:50 +02:00
Thomas Citharel 630de6fee9
Add Actors.get_single_group_moderator_actor/1 and refactor
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 11:45:49 +02:00
Thomas Citharel c788c020db
Fix updating event organizer actor
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 11:45:49 +02:00
Thomas Citharel 4b864ba423
Allow to use inline "Join" when processing an Accept
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-02 11:45:48 +02:00
Thomas Citharel 099b85e9a9
Refactor audience to introduce maybe_add_followers/2
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:23 +02:00
Thomas Citharel e6c05c481a
Fix variables names
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:22 +02:00
Thomas Citharel ecf7bb1fef
Various event AP converter changes and add tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:22 +02:00
Thomas Citharel caf9493a00
Various changes needed for AP refactor
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:22 +02:00
Thomas Citharel 78dc7613bc
Refactor Mobilizon.Federation.ActivityPub.Audience and add tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:21 +02:00
Thomas Citharel 221dd0609e
Fix accessing group draft post
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:21 +02:00
Thomas Citharel 011128b0fb
Make sure draft events are not selected in search
Closes https://framagit.org/framasoft/mobilizon/-/issues/807

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:21 +02:00
Thomas Citharel acd921432f
Refactor checking permissions when managing events and tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:21 +02:00
Thomas Citharel ecfcc4fe83
Don't preload just public events, group draft can be fetched as well
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:20 +02:00
Thomas Citharel 6066a44ae8
Change can_be_managed_by/2 to can_be_managed_by?/2
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:20 +02:00
Thomas Citharel 505b16611b
Fix event local detection
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:20 +02:00
Thomas Citharel 8b2ddbda2b
Fix whether group draft events should federate or not
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:20 +02:00
Thomas Citharel 20ff0a7f6c
Refactor Mobilizon.Federation.ActivityPub.Permission to handle
permissions

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:19 +02:00
Thomas Citharel c394f2cc5a
Use Permission module to check if user can have access to resource
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:18 +02:00
Thomas Citharel 0995043d04
Add the :role_needed_to_access permission check and refactor
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:17 +02:00
Thomas Citharel 867e88481d
Fix getting visibility from AP Post
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-08-01 10:51:17 +02:00
Thomas Citharel a670a7d7a7
Fix and improve language handling
- Refactor plugs to detect and set language
- Translate ecto validation errors
- Use Gettext directly, not Mobilizon.Web.Gettext
- Set the language in the <html> attribute according to the one loaded
  on front-end

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-27 20:11:56 +02:00
Thomas Citharel ae25cba97a
Use correct default language when no Accept-Language is set
Closes #792

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-22 17:01:34 +02:00
Thomas Citharel cc33ee7ada Merge branch 'fix-unattached-media-cleanup' into 'master'
Refactor the query to detect unattached media

See merge request framasoft/mobilizon!996
2021-07-22 14:40:03 +00:00
Thomas Citharel fa8cae681f
Add possibility to create users with provider (such as LDAP)
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-22 15:09:12 +02:00
Thomas Citharel db1649ded8
Refactor the query to detect unattached media
The previous one was going 💥 in production

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-21 19:44:13 +02:00
Thomas Citharel c6098b33e3 Merge branch 'event-description-new-tabs' into 'master'
Add target to allowed attributes on <a> links so that links open in new tabs

Closes #786

See merge request framasoft/mobilizon!988
2021-07-21 09:30:49 +00:00
Thomas Citharel a31e97110b Merge branch 'rootwork-master-patch-42184' into 'master'
Correct link in password reset email, from demo site forum to Mobilizon forum

Closes #779

See merge request framasoft/mobilizon!981
2021-07-21 09:03:26 +00:00
Ivan Boothe 3f0e189a04 Correct link in password reset email, from demo site forum to Mobilizon forum 2021-07-21 09:03:26 +00:00
Thomas Citharel d7bcfd5be6
Add target to allowed attributes on <a> links so that links open in new
tabs

Closes #786

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-21 10:34:07 +02:00
Thomas Citharel 11e75eaf66
Add the possibility to create profiles and groups from CLI
- Create an actor at the same time when creating an user
- or create either a profile and attach it to an existing user
- or create a group and set the admin to an existing profile

Closes #785

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-20 18:29:38 +02:00
Thomas Citharel b196719238
Remove unsafe-inline from CSP
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-07-02 09:46:38 +02:00
Thomas Citharel 69e3db1e9b
Fix push notifications for group, members & post activities
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-30 12:16:06 +02:00
Thomas Citharel f5aa7ffa74
Fix crash when trying to notify activities not from groups
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-30 10:13:57 +02:00
Thomas Citharel 57b71cb85a
Fix typo in user.modify task help text
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-28 17:23:17 +02:00
Thomas Citharel b782ca6527
Replace GraphiQL with graphql-playground
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-28 12:07:43 +02:00
Thomas Citharel bac2d3188c
Fix GraphiQL CSP headers
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-28 11:57:11 +02:00
Thomas Citharel 5cdac95a85
Send announcement notifications to anonymous participants
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-27 18:16:34 +02:00
Thomas Citharel ed182e358b
Fix scheduler test
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-27 16:18:53 +02:00
Thomas Citharel 7ec6f158ec
Add wrapper to Sentry to not load it when not configured
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-27 15:21:33 +02:00
Thomas Citharel 3ed25bab81
Send notifications to event organizer when new comment is posted
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-27 13:16:17 +02:00
Thomas Citharel 93297931bb
Disable Cldr warning that it didn't match any language
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-27 13:16:17 +02:00
Thomas Citharel b1eeebe05a
Default to UTC when no timezone in user settings in recaps
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-26 17:52:07 +02:00
Thomas Citharel 2ec7457783
Handle actor being something else than Group or Person when deleting it
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-26 17:22:34 +02:00
Thomas Citharel 0ca6997f7f
Add a task to generate web_push key pairs
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-26 16:09:03 +02:00
Thomas Citharel 784c607c65
Send activity digests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-26 16:09:02 +02:00
Thomas Citharel 7a6667bd3b
Make mentions send notifications
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-23 20:12:13 +02:00
Thomas Citharel 6c6ae7c712
Fix resource preview crash when resource has no image_remote_url
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-22 17:13:04 +02:00
Thomas Citharel 7bb8568504
Add an unique index on posts URLs
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-22 16:51:21 +02:00
Thomas Citharel 8caf1e302b
Add basic metadata to opengraph preview
Also refactor datetime & address utils

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-22 16:01:55 +02:00
Thomas Citharel 691d71d9f7
Decode URI sent in notification payloads
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-17 16:19:35 +02:00
Thomas Citharel 3c2dfba880
Add .ics to the event files names attached to email
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-16 17:42:50 +02:00
Thomas Citharel 725a3c8b9e
Fix accessing outdated page of group
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-16 11:27:14 +02:00
Thomas Citharel 33838974c5
Improve resources display on mobile
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-14 15:13:08 +02:00
Thomas Citharel 24b94d1860
Add pagination to resources
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-14 15:12:38 +02:00
Thomas Citharel 19792abd41
Better handling of bad host-meta responses
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-10 15:18:12 +02:00
Thomas Citharel a24e08a6de
Add blurhash support to backend
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-10 15:18:08 +02:00
Thomas Citharel a336e76aae
Run mix format on Elixir 12
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-07 16:49:43 +02:00
Thomas Citharel 95913ba28b
Handle crypto for different OTP versions better in media proxy
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-07 16:39:14 +02:00
Thomas Citharel 005f7e20ca
Remove compile-time dependencies for some config values
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-07 10:24:57 +02:00
Thomas Citharel 8298f50b3d
Fix metadata injection in html
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-06 20:25:16 +02:00
Thomas Citharel f100fce0da
Finally fix backend tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 16:32:26 +02:00
Thomas Citharel d3164899f3
Fix tests
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:26 +02:00
Thomas Citharel c0ab3d9905
Fix credo warnings
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:25 +02:00
Thomas Citharel 37c1790273
Test CommentActivity legacy notifications
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:25 +02:00
Thomas Citharel 57c07836aa
Add a test to LegacyNotifierBuilder
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:25 +02:00
Thomas Citharel 58bffc5c66
WIP notification settings
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:25 +02:00
Thomas Citharel 6adbbc6a1d
Handle accessing ws socket without auth
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:25 +02:00
Thomas Citharel 15b3940262
Revoke old refresh token when doing a refresh token rotation
See
https://auth0.com/blog/securing-single-page-applications-with-refresh-token-rotation/
for details for instance

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:24 +02:00
Thomas Citharel a7da5ab269
Improve JWT tokens expiration
- Reduce access tokens TTL to 15 minutes
- Set refresh tokens TTL to 60 days
- Set Guardian.DB to only track refresh tokens
- Remove refresh token when logging out

Closes #710 #705 #706

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:22 +02:00
Thomas Citharel 6cf6e47ec7
Only show errors in tasks
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:21 +02:00
Thomas Citharel c9700906f5
Paginate the list of conversations
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:20 +02:00
Thomas Citharel bab751591f
Make sure we have a valid timezone
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:19 +02:00
Thomas Citharel 679600f003
Comment fixes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:18 +02:00
Thomas Citharel b5a5de5c0c
Event edit and participant fixes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:18 +02:00
Thomas Citharel 80f951680f
Order actor organized events by begins_on
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:17 +02:00
Thomas Citharel 4ad67e1efc
Fix an issue when deleting an actor
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:17 +02:00
Thomas Citharel bfb04bb84d
Make deleting an actor ignoring error when deleting files
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel f84cc299ba
Log when a follow request is auto-accepted
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel 4100b2f962
Refresh profiles in a background task
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel 8c53ea442f
Make List report returns a paginated list
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:16 +02:00
Thomas Citharel 74778925e0
Refactor accessing person details resolver
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:15 +02:00
Thomas Citharel 628c55cd84
Make sure relay and anonymous actors don't automatically approve
followers

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:14 +02:00
Thomas Citharel 938f698b7a
Add webpush front-end support
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:33:12 +02:00
Thomas Citharel 9f5e3a39ec
Add Push notifications backend support
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:32:06 +02:00
Thomas Citharel 86c2512c62
WIP
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-06-04 13:32:05 +02:00
Thomas Citharel b0394fdb02
Use post picture as OGP picture if existing
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-19 11:35:19 +02:00
Thomas Citharel df4b947c25
Fix removed call to :crypto.hmac/3
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-18 17:56:50 +02:00
Thomas Citharel a56f28f98e
Make koena connect picture configurable
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-18 17:56:49 +02:00
Thomas Citharel 5b36e71581
Fix rich media parsers
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-03 15:34:25 +02:00
Thomas Citharel 46120b16b6
Fix merging URIs for media from url when doing a rich media preview
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-03 14:57:30 +02:00