Commit Graph

1026 Commits

Author SHA1 Message Date
Trinity Pointard 62c94ed463 Refactor and verify http signature on personnal inbox
Verify signature on personnal inbox
Reduce code duplication
Put Headers in plume-models
2018-10-03 20:48:25 +02:00
Trinity Pointard 0a5d435249 Verify http signatures 2018-10-03 09:31:38 +02:00
Baptiste Gelez 96a97e4949
Fix a typo in README 2018-10-02 13:20:54 +01:00
Trinity Pointard d3ed2d8af5 Fix regression and update rocket_csrf
Fix account creation, introduced by fceb9ab
Update to latest rocket_csrf
2018-10-02 11:51:12 +02:00
Baptiste Gelez 6738883f2b
Merge pull request #250 from fdb-hiroshima/feature/underlined_links
Add link underline for main body
2018-10-01 12:42:54 +01:00
Bat 07f2c979ec Make the REST API compatible with SQlite 2018-09-30 14:21:07 +01:00
Bat bd80430b1b
Document model macros 2018-09-30 14:13:56 +02:00
Bat 743620eb6a
Fix the SQlite build 2018-09-30 14:13:56 +02:00
Bat 535c68b423
Run Travis for SQlite too 2018-09-30 14:13:55 +02:00
Bat 38d737ed0c
Introduce features to choose between SQlite or Postgres 2018-09-30 14:13:54 +02:00
Igor Galić 88456faf84
align types between sqlite & postgres
this one's achieved by adding "NOT NULL" at the *correct* position in
SQLite's create tables.
2018-09-30 14:13:53 +02:00
Igor Galić b28bef20a7
align types between sqlite & postgres
use DATETIME for SQLite's time type. This way, Diesel picks up on what
it's supposed to be.
2018-09-30 14:13:52 +02:00
Igor Galić 1f8680c4c5
add sqlite migrations
we move our PostgreSQL specific migrations to a subdirectory.
The SQLite migrations have been created by running `diesel` against a
copy, and then fixing what's broken.
In the end i reduced all modifications to a single create, since we
*are* starting out fresh with SQLite.

n.b.: i'm not entirely happy with the results yet, because diesel
heavily modifies our `plume-models/src/schema.rs`.
I'll keep fiddling until we have the same types between the two
databases.
2018-09-30 14:13:52 +02:00
Igor Galić e5691f7b23
add sqlite as diesel dependency 2018-09-30 14:13:42 +02:00
Trinity Pointard d610ed1641 Add verify() to the Signer trait
And implement it for Blog and User
2018-09-30 12:08:04 +02:00
Trinity Pointard eafe1ed490 Add content digest to signed http headers
Sign the Digest HTTP header
2018-09-30 12:08:04 +02:00
Trinity Pointard fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Dominik Pataky 31a3e6c825 Revert icon injection 2018-09-29 21:42:51 +02:00
Dominik Pataky 83c4387e94 Add link underline for main body; add link icon
Links in the main body part are now underlined on mouse hover.
<a> tags in the article content are expanded by an icon from
FontAwesome.

Fixes #140
2018-09-29 21:41:02 +02:00
Baptiste Gelez 1e3f40833d
Add a link to Loomio in the README 2018-09-29 19:25:27 +01:00
Bat 6f8630df2e Use <div> for avatars
<img> is displayed as an error without src, in Chrome

Fixes #222
2018-09-29 18:29:22 +01:00
Baptiste Gelez 05f3ecabd6
Merge pull request #248 from maximesrd/patch-4
Bad commands in the update guide
2018-09-29 17:03:33 +01:00
maximesrd a1530791ef
Update UPDATE.md 2018-09-29 18:00:48 +02:00
Baptiste Gelez 236cf14406
Merge pull request #245 from Plume-org/rest-api
Some API endpoints for articles
2018-09-29 16:33:31 +01:00
Bat 72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
maximesrd 3b288c2dad
Update UPDATE.md 2018-09-29 15:34:59 +02:00
maximesrd b97b0233da
Update UPDATE.md 2018-09-29 15:34:29 +02:00
maximesrd db4c939be8
Bad commands 2018-09-29 15:02:17 +02:00
Baptiste Gelez 975f8d0393
Merge pull request #246 from fediverse-pl/master
i18n: Update Polish translation
2018-09-27 19:25:12 +01:00
Marcin Mikołajczak 47eeed1008 i18n: Update Polish translation
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-09-27 12:42:09 +02:00
Bat f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat 472da486e9 Fix the canapi::Provider impl for Post 2018-09-25 20:10:18 +01:00
Baptiste Gelez ba3dd3304c
Merge pull request #243 from rhonda/master
Updated German translation
2018-09-25 15:38:58 +01:00
Rhonda D'Vine 88d8fb95c3 Updated German translation 2018-09-25 16:27:59 +02:00
Baptiste Gelez 9650fdbfb5
Merge pull request #242 from Atul9/fix-broken-link
#227 Fix broken link on blog page
2018-09-24 20:35:20 +01:00
Atul Bhosale 3dce53d899
Fix broken link on blog page 2018-09-24 23:46:32 +05:30
Baptiste Gelez 05fb7c9b42
Merge pull request #238 from Plume-org/csrf-issues
Fix CSRF issues
2018-09-21 13:37:35 +01:00
Baptiste Gelez 7afe249a75
Merge pull request #240 from OpenAlgeria/patch-1
Update INSTALL.md
2018-09-20 19:23:49 +01:00
OpenAlgeria 5d21e26406
Update INSTALL.md 2018-09-20 15:21:32 +02:00
Bat d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Trinity Pointard f0fb030c7f Update recommended nginx config
Update recommended nginx config to allow iframes
close #234
2018-09-19 18:18:39 +02:00
Bat 1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Trinity Pointard fab6360100 Be less restrictive on authorized html tags
Allow users to add ids to tags
Allow users to use iframes
2018-09-19 10:51:27 +02:00
Baptiste Gelez 2bc6052a35
Replace plume by DATABASE_NAME in the docs
To make it clearer you can have multiple Plume instances/databases on the same server, and that this part of the URL may change too.
2018-09-18 21:40:20 +01:00
Baptiste Gelez d8bfd6d39f
Create ISSUE_TEMPLATE.md 2018-09-18 15:40:17 +01:00
Baptiste Gelez 064c5961e7
Add a CoC
Finally!
2018-09-18 13:59:43 +01:00
Baptiste Gelez eb24ba1774
Merge pull request #223 from igalic/fix/safe-string
make blog/instance description a SafeString
2018-09-14 20:56:13 +01:00
Igor Galić fb074e6344
render SafeString thru |safe
thanks again to @fdb-hiroshima for pointing me in the right direction!
2018-09-14 21:44:32 +02:00
Igor Galić 06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić d62c72dde0
allocate new SafeString in FromFormValue impl
thanks to @fdb-hiroshima for this review!
2018-09-14 19:50:59 +02:00