Commit Graph

440 Commits

Author SHA1 Message Date
Baptiste Gelez b52b8fc880 Fix wrong condition, resulting in 404 for valid NodeInfo endpoints (#464)
* Fix wrong condition, resulting in 404 for valid NodeInfo endpoints

* Forgot to remove that dbg!
2019-03-12 17:00:23 +01:00
Baptiste Gelez fe6e69d7c4
Add a fqn field to blogs and users (#457)
Fixes #319
2019-03-06 18:28:10 +01:00
Baptiste Gelez eff2698664
Slightly improve the media experience (#452)
* Slightly improve the media experience

- Use a grid to display the list of media
- Add icons for non-image media preview
- Paginate the gallery
- Add links to the gallery in the editor and in the profile settings to make it more discoverable when you need it

Fixes #432

* Allow video and audio tags in SafeString

Otherwise we can't display their preview, nor show them in articles

Also show controls by default for these two elements

* Show fallback images for audio and unknown files, to make them more visible

* Add a new constructor to SafeString when the input is trusted and doesn't need to be escaped.

And use it to generate media previews.

* Make it possible to insert video/audio in articles
2019-03-06 14:11:36 +01:00
Baptiste Gelez a5e0486da0
Make media extension parsing safer (#459)
Only keep it if contains letters and numbers only, otherwise remove it.

To be merged before #452
2019-03-06 14:09:43 +01:00
Baptiste Gelez 2a188abfa1
Fix follow IDs (#455)
* Generate valid IDs for Follow

Fixes #449

* Use the new post-insert hook for all the models

* Fix plume-cli build
2019-03-04 21:35:03 +01:00
Baptiste Gelez a2b9d7ec44
Password reset (#448)
* Password reset

* Various improvements and fixes for password reset

- Reorganize src/mail.rs to make it  cleaner
- add a build_mail function
- only make the requests invalid after 2 hours
- avoid infintely-growing list of requests by deleting them once completed, or after 24 hours
- avoid sending many requests for the same user
- validate the password reset form

* Avoid locking so many times

Fix durations

* Remove old requests even if the current one is not valid

* Remove unused feature

* Also remove the custom_derive and plugin features while we are at it

* Forgot a 0 è_é

* Avoid panicking while owning a request lock

* Use master branch of lettre so that we can build with the latest OpenSSL

* Fix the debug mailer
2019-02-27 13:29:26 +01:00
Baptiste Gelez e28371bbe4
Add a page listing people someone follows (#444)
Nothing exceptional, the layout is the same as the followers page.

Fixes #325
2019-02-26 13:13:00 +01:00
zcdunn 7bac70a483 Update nodeinfo (#446)
Fix #433

I added the repo link to Cargo.toml so that `software.repository` could be configurable like @rhaamo suggested. I don't know if it's ok to include `software.repository` without bumping the schema version, but I didn't know if that would break any clients that parse nodeinfo with a hardcoded schema version.
2019-02-17 13:42:59 +01:00
Baptiste Gelez 576a4ed499
Pull i18n from Funkwhale's weblate (#439)
* Added translation using Weblate (Arabic)

* Translated using Weblate (Arabic)

Currently translated at 66.7% (124 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (English)

Currently translated at 100.0% (186 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/en/

* Translated using Weblate (Japanese)

Currently translated at 100.0% (186 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ja/

* Translated using Weblate (Arabic)

Currently translated at 68.8% (128 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (Norwegian Bokmål)

Currently translated at 96.8% (180 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/nb/

* Translated using Weblate (Arabic)

Currently translated at 95.7% (178 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Added translation using Weblate (Spanish)

* Translated using Weblate (Spanish)

Currently translated at 3.8% (7 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Added translation using Weblate (Portuguese (Portugal))

* Translated using Weblate (Arabic)

Currently translated at 99.5% (185 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/ar/

* Translated using Weblate (Portuguese (Portugal))

Currently translated at 95.7% (178 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/pt_PT/

* Translated using Weblate (Spanish)

Currently translated at 26.9% (50 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Translated using Weblate (Spanish)

Currently translated at 34.9% (65 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/

* Translated using Weblate (Spanish)

Currently translated at 34.9% (65 of 186 strings)

Translation: Plume/Plume
Translate-URL: https://translate.funkwhale.audio/projects/plume/Plume/es/
2019-02-13 13:39:42 +01:00
Baptiste Gelez 77bfe635d7
Update dependencies (#440) 2019-02-13 13:39:30 +01:00
Baptiste Gelez 7eef4643c8
Update rocket_i18n and add gettext_macros (#431)
Internationalization now uses proc-macros that generate the .pot file
automatically.
2019-02-02 15:23:50 +01:00
Baptiste Gelez 5880dc1957
Improve search UI (#375) 2019-01-28 13:12:56 +01:00
fdb-hiroshima e77e4d86e8
Better big form handling (#430)
* Allow customizing max form size from env vars

* Add error page for unprocessable entities

And change default http port to 7878

* Improve char counter: under the editor, more discrete, and give it a default value
2019-01-27 10:55:22 +01:00
zcdunn 06d6bd361a Add categories to web manifest (#434)
This pull request add a `categories` key to the web manifest. The categories key was [recently added](https://www.aaron-gustafson.com/notebook/categories-land-in-the-web-app-manifest/ "Blog post detailing the addition of categories to the spec") to the Web Manifest spec and is a list of categorizations you want to apply to your site that serves as a hint to search engines and webapp catalogs.

The categories can be anything and there is no standardized list of vaues. The W3C is maintaining a list of commonly used values [here](https://github.com/w3c/manifest/wiki/Categories). I added _social_ to Plume's manifest based on that list, but I think eventually allowing a user defined list would be better. I don't know if there's anything in Plume currently that would enable that.
2019-01-24 13:16:48 +01:00
fdb-hiroshima c4a4ea5b6c Support blind key rotation (#399)
* Allow receiving objects with new unknown key

* Rotate key after sending Delete activity

* Do the right check
2019-01-05 22:30:28 +01:00
fdb-hiroshima 7c8599b0a2
Disallow interaction with medias owned by others (#410)
Notably prevent media deletion by other users
2019-01-05 22:09:57 +01:00
fdb-hiroshima 2896eb1705
Fix login issue (#401)
Regression introduced by 4059a840be
2018-12-31 11:45:59 +01:00
Baptiste Gelez 80a4dae8bd
Avoid panics (#392)
- Use `Result` as much as possible
- Display errors instead of panicking

TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug

(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
2018-12-29 09:36:07 +01:00
fdb-hiroshima ccba485215
Trim email and username (#386)
Also forbid whitespaces in username
Fix #385
2018-12-25 18:00:21 +01:00
Baptiste Gelez 4ec2480f50
Post creation API (#307) 2018-12-24 16:42:40 +01:00
fdb-hiroshima fdfeeed6d9 Comment visibility (#364)
Add some support for comment visibility, fix #217 

This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.

What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
2018-12-24 11:23:04 +01:00
fdb-hiroshima 5c5cf36b0d
Allow for comment deletion (#363)
* Allow for comment deletion

Receive and emit deletion activity
Add button to delete comment

* Remove debug print and fix copy-past typo

* Improve style of comment deletion button
2018-12-23 11:13:36 +01:00
fdb-hiroshima 0df9c4d400
Give reshare and like ap_url before inserting (#369)
Fix #367
2018-12-23 11:13:02 +01:00
fdb-hiroshima 0ea1d57e48
Fix some federation issues (#357)
* Fix some follow issues

Fix not receiving notifications when followed by remote users
Fix imposibility to be unfollowed by Mastodon/Pleroma users (tested only against Pleroma)

* Fix notification on every post

* Fix issues with federation

Send Link instead of Object when emiting Follow request
Receive both Link and Object for Follow request
Don't panic when fetching user with no followers or posts from Pleroma
Reorder follower routes so Activity Pub one is reachable

* Generate absolute urls for mentions and tags

* Verify author when undoing activity by Link
2018-12-23 11:12:15 +01:00
fdb-hiroshima ab2998e214
Make Plume compile on release (#365)
* Remove use of String for body parameters

Create SignedJson and implement FromData for it

* Make Travis test on release

* Remove warning when installing and fix coverage
2018-12-22 18:27:21 +01:00
Baptiste Gelez 38302203f4
Count items in database as much as possible (#344)
* Count items in database as much as possible

* Fix the tests

* Remove two useless queries

* Run pragma directive before each sqlite connection

* Pragma for tests too

* Remove debug messages
2018-12-14 23:16:18 +01:00
Baptiste Gelez b0089e59b7
Remove useless pagination routes (#351)
Rocket 0.4 let us have routes with optional query parameter
2018-12-13 22:20:19 +01:00
Trinity Pointard fcbaf6eee3 Allow to keep query params in paginate
Fix #349
2018-12-12 00:52:26 +01:00
Baptiste Gelez b73fbd3768
License federation (#343)
* Federate license

* Make it possible to use no license
2018-12-09 18:43:34 +01:00
fdb-hiroshima e9f2f769be Add microformat tags (#341)
Close #229 
Adding `<div>` might have broken the layout in some places. I've tried to fix it, tell me if I missed it somewhere
2018-12-08 21:52:46 +01:00
fdb-hiroshima e1ecc7289f
Upgrade plume dependencies (#332)
* Bump base64 from 0.9.3 to 0.10.0
* Bump bcrypt from 0.2.0 to 0.2.1
* Bump canapi from 0.1.0 to 0.2.0
* Bump failure from 0.1.2 to 0.1.3
* Bump hyper from 0.11.27 to 0.12.11
* Bump hyper from 0.11.27 to 0.12.16
* Bump lazy_static from 1.1.0 to 1.2.0
* Bump multipart from 0.15.3 to 0.15.4
* Bump openssl from 0.10.12 to 0.10.15
* Bump pulldown-cmark from 0.1.2 to 0.2.0
* Bump reqwest from 0.9.2 to 0.9.5
* Bump rocket from 0.4.0-rc.1 to 0.4.0
* Bump rpassword from 2.0.0 to 2.1.0
* Bump ructe from 0.5.2 to 0.5.4
* Bump serde_derive from 1.0.79 to 1.0.80
* Bump serde from 1.0.79 to 1.0.80
* Bump serde_json from 1.0.32 to 1.0.33
* Bump tera from 0.11.17 to 0.11.20
* Bump url from 1.7.1 to 1.7.2
* Bump validator to from 0.7.2 to 0.8.0
* Bump validator_derive from 0.7.2 to 0.8.0
* Bump whatlang from 0.5.0 to 0.6.0
* Remove hyper from plume-common dependencies
* Remove rpassword from Plume dependancies
* Upgrade compiler to nightly-2018-12-06
2018-12-07 21:00:12 +01:00
Trinity Pointard b4e4b497ee Works on template
Use uri! to generate links instead of hardcoded urls
Fix #110
Fix invalid links needing to be POST forms
Translate login message for boost and like directly from template
Put js for search in its own file
2018-12-07 12:10:03 +01:00
Baptiste Gelez 70af57c6e1
Use Ructe (#327)
All the template are now compiled at compile-time with the `ructe` crate.

I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).

The diff is quite huge, but there is normally no changes in functionality.

Fixes #161 and unblocks #110 and #273
2018-12-06 18:54:16 +01:00
Trinity Pointard 5f059c3e98 Fix issues with tags and mentions
Fix issue where leading @ or # of a mention/hashtag get duplicated
Fix issue where normal tags were being overwritten by hashtags
2018-12-06 15:10:07 +01:00
fdb-hiroshima 449641d158
Add a search engine into Plume (#324)
* Add search engine to the model

Add a Tantivy based search engine to the model
Implement most required functions for it

* Implement indexing and plm subcommands

Implement indexation on insert, update and delete
Modify func args to get the indexer where required
Add subcommand to initialize, refill and unlock search db

* Move to a new threadpool engine allowing scheduling

* Autocommit search index every half an hour

* Implement front part of search

Add default fields for search
Add new routes and templates for search and result
Implement FromFormValue for Page to reuse it on search result pagination
Add optional query parameters to paginate template's macro
Update to newer rocket_csrf, don't get csrf token on GET forms

* Handle process termination to release lock

Handle process termination
Add tests to search

* Add proper support for advanced search

Add an advanced search form to /search, in template and route
Modify Tantivy schema, add new tokenizer for some properties
Create new String query parser
Create Tantivy query AST from our own

* Split search.rs, add comment and tests

Split search.rs into multiple submodules
Add comments and tests for Query
Make user@domain be treated as one could assume
2018-12-02 17:37:51 +01:00
Trinity Pointard 9714bafded Verify username for special characters on signup 2018-12-02 12:43:03 +01:00
fdb-hiroshima 74c398d60c
Run cargo clippy on whole project (#322)
* Run cargo clippy on plume-common

Run clippy on plume-common and adjuste code accordingly

* Run cargo clippy on plume-model

Run clippy on plume-model and adjuste code accordingly

* Reduce need for allocation in plume-common

* Reduce need for allocation in plume-model

add a quick compilation failure if no database backend is enabled

* Run cargo clippy on plume-cli

* Run cargo clippy on plume
2018-11-26 10:21:52 +01:00
fdb-hiroshima 8a4702df92 Add unit tests for main model parts (#310)
Add tests for following models:
- Blog
- Instance
- Media
- User
2018-11-24 12:44:17 +01:00
KokaKiwi 67fe28177e Decode unfollow activities in inbox properly (#316) 2018-11-23 13:17:37 +01:00
Baptiste Gelez a64c4912cf
Add support for CW in comments (#308)
All the backend/federation code was already, I just added the UI 🤷‍♀️ 

Fixes #253
2018-11-07 15:57:31 +01:00
Baptiste Gelez 94904fa3d5 Escape titles in RSS feeds 2018-11-06 10:49:46 +01:00
Baptiste Gelez f593ce40af Remove some debug messages 2018-10-31 15:07:40 +01:00
Baptiste Gelez 485aac2e20 Add an interface to select an article illustration 2018-10-31 15:07:40 +01:00
Baptiste Gelez ab5edbc6a5 Add a cover field to posts
Referencing the media to use to illustrate the article
2018-10-31 15:07:40 +01:00
Baptiste Gelez e26a150164 Make Authorization optional for read routes
Only require it when reading draft articles.
2018-10-30 18:13:49 +01:00
Baptiste Gelez 28fbf35779 Use PhantomData intead of two Options useless for Authorization
And remove some warnings about unused parameters
2018-10-30 18:13:49 +01:00
Baptiste Gelez 647a5af070 Make it impossible to know if an username is used or not with the API 2018-10-30 18:13:49 +01:00
Baptiste Gelez 31641b1ea1 New request guard: Authorization<Action, Scope>
Filter requests that don't have an API token authorized to read or write
a specific scope;
2018-10-30 18:13:49 +01:00
Baptiste Gelez 9a13d804c5 impl FromRequest for ApiToken
and use it for the posts API
2018-10-30 18:13:49 +01:00
Baptiste Gelez 663ec52fea Disable CSRF for the whole API 2018-10-30 18:13:49 +01:00