Commit Graph

70 Commits

Author SHA1 Message Date
Diogo Cordeiro
235122280d [ActivityPub] Increase type strictness on Explorer 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
05790c124c [ActivityPub] Fix wrong type handling on AProfile:update_profile 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
b5180d6096 [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
8ec2af0020 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
d81e795cc0 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
4bbfb2dd56 [ActivityPub][QUEUES] Add Like, Undo and Delete 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
2b4aaca14a [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
64108aa51d [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
9f4c4edb02 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2021-07-16 19:44:37 +01:00
Alexei Sorokin
26115482ef [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
eb993df072 [DATABASE] Fix MariaDB schema verification 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
32a7cd6458 [ActivityPub][HTTPSignatures] Fix verify 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
78f0ab022c [ActivityPub][Inbox] Signature verification after Actor update would always fail 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
c7e1352618 [ActivityPub][Inbox] With PHP 7.3 we don't need get_all_headers workaround anymore
Furthermore, it was broken on Apache2 because the actual function
doesn't put the resulting array's key in lowercase.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
25f67a1ce9 [ActivityPub][Inbox] get_all_headers was nginx only 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
bc1af78bf7 [TESTS] Move AcceptHeader from ActivityPub plugin to Core
Delete temporary ActivityPub tests (they were to be deleted long ago)
2021-07-16 19:44:37 +01:00
Alexei Sorokin
d01f44ee99 [DATABASE] Some query improvements
Make common_sql_weight employ standard SQL functions for the timestamp
difference in seconds.
Also replace UTC_TIMESTAMP in the MariaDB-specific part with CURRENT_TIMESTAMP
as it is the only occurence and GNU social sets UTC as a default timezone.

In a delete_orphan_files.php script simplify the main query considerably.

In clean_profiles.php stop using COUNT as if it is ANY, that is unnecessary
punishment for the database. Instead implement the anti-join with a
left outer join.

In Autocomplete and Activitypub_profile use joins instead of a WHERE OR
anti-pattern for the semi-joins.

In lib/ui/galleryaction.php replace a CROSS JOIN with an INNER JOIN.

In actions/sup.php remove a redundant subquery: WHERE is applied before
grouping either way.
2021-07-16 19:44:36 +01:00
Alexei Sorokin
434f07430d [DATABASE] Use "<>" as an SQL non-equality sign in more cases
A follow-up to commit 644b417f6c
2021-07-16 19:44:36 +01:00
susdiv
4153a93390 [ActivityPub] Fix Postgres incompatible query in Following and Followed collection 2021-07-16 19:44:36 +01:00
tenma
12945c4d20 [ActivityPub] Remove TFN's deprecated Census event 2021-07-16 19:44:36 +01:00
tenma
9fcccd8b5a [ActivityPub] Add TheFreeNetwork module's support in handling profile insertion
Activitypub_profile:
- Update do_insert to trigger TFN's assistance in inserting the profile

explorer:
- Use the new LRDD's method for grabbing profile aliases
2021-07-16 19:44:36 +01:00
tenma
a17c010bb9 [ActivityPub] Autofix profile URIs through alias discovering
Activitypub_profile:
- Add updateUri method

explorer:
- Add grab_aliases method
- Update grab_local_user's online course to grab and test aliases
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
6598b89db0 [ActivityPub] Fix profile url handling 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
4a90f281ed [ActivityPub] Fix undefined tag index 'type' in Activitypub_notice 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
351e356bb4 [ActivityPub][Postman] Fix not sending notices to self 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
e7778bd5d7 [ActivityPub][RSA] Revision, increase type scrictness and improve docs 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
73af7be061 [ActivityPub] Properly handle Actor URIs by using events correctly
This should fix nulls on explorer lookups inputed by postman after generate_followers/getSubscribers, that I think were caused by calling common_profile_uri that, curiously, only handles local profiles
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
c96dafa191 [ActivityPub][RSA] Fix types of generate_keys 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
3b01aa31d3 [REALTIME] Reviewed both the superclass and its dist plugins 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
fd68965255 [ActivityPub] New URI system 2021-07-16 19:44:35 +01:00
tenma
b19da881c7 [TheFreeNetwork] First code: Module class and census event 2021-07-16 19:44:35 +01:00
tenma
6a37c21ead [ActivityPub] Fix some small known problems
ActivityPubPlugin:
- Rework onProfileDeleteRelated to account for the tables _rsa and _pending_follow_requests
- Update onEndShowAccountProfileBlock to stop creating the ap_profile if it doesn't exist (we'll handle this in a different manner)

Activitypub_profile:
- Remove unnecessary code from from_profile method and add return type information

Explorer:
- Update travel_collection to call itself instead of _lookup, that was wrong
2021-07-16 19:44:35 +01:00
tenma
234ba7705f [ActivityPub] Fix successive "Cannot use object of type stdClass as array" errors in the postman 2021-07-16 19:44:35 +01:00
tenma
4901126519 [ActivityPub] Revert usage of bitwise-operator & in the inbox_handler class. 2021-07-16 19:44:35 +01:00
Diogo Cordeiro
9088e58a64 [ActivityPub] The protocol allows content to be null, GNU social doesn't, we'll reject silentiously
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
4133874e59 [ActivityPub] attributedTo itself is not required, if not present then it should be inferred from the actor
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
b7ce5b91a4 [ActivityPub] Fix security issue concerning remote profile deletes
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
48eee0e018 [ActivityPub] Inbox Handler: Remove old guzzle import
Improve exception information in doc blocks
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
174733edc8 [ActivityPub] Slightly increase robustness on exception handling
Also ported Activitypub_rsa to PHP7
Minor indentation fixes
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
c93049d0da [ActivityPub] Consistent headers in explorer requests
Minor indentation fixes
2021-07-16 19:44:35 +01:00
Alexei Sorokin
1ba3416cd1 [SCRIPTS] Set PUBLICDIR in plugin scripts as well 2021-07-16 19:44:35 +01:00
Diogo Cordeiro
344db5dcdf [ActivityPub] Add missing parenthesis in class instantiation
Fixed some issues related to thrown exceptions in the doblocks; also boolean -> bool
2021-07-16 19:44:35 +01:00
Alexei Sorokin
5f87c14bf8 [ActivityPub] Fix an unhandled error in onStartGetProfileFromURI 2021-07-16 19:44:35 +01:00
Diogo Cordeiro
d0e3f9c823 [ActivityPub] Fix some bugs with onStartNoticeSearch
Refactored Activitypub_profile::ensure_web_finger to Activitypub_profile::ensure_webfinger
Do not throw exceptions in the handling of this event because we don't
want to stop the regular search just because we were unable to find
ActivityPub actors or notes.
2021-07-16 19:44:35 +01:00
Alexei Sorokin
2b0251213f [DATABASE] Various table schema related fixes 2021-07-16 19:44:35 +01:00
tenma
fe2168c5ae [ActivityPub] Add support fox search-box profile/notice grabbing
NoticeSearchAction:
- Add new event before finding query matches

ActivityPubPlugin:
- Subscribe new searchNotice event
- Bump minor version number

Activitypub_explorer:
- Update lookup to make remote-grabbing optional
2021-07-16 19:44:34 +01:00
tenma
3392939004 [ActivityPub] Handle DELETE-Person activity
ActivityPubPlugin:
- update grab_notice_from_url to make online grab optional
- subscribe events of user and profile deletion
- bump minor version number

Activitypub_inbox_handler:
- separate handle_delete for delete-note and delete-person

Activitypub_postman:
- add delete-person logic

Activitypub_delete:
- update validation method to check for the "Person" type
- update to_array method to target the activity
2021-07-16 19:44:34 +01:00
tenma
58a9c71391 [AP] Fix subscription events
Both StartSubscribe and StartUnsubscribe had a wrong initial if-condition.
Furthermore, this events were calling Activitypub_profile::from_profile()
which is wrong because it creates the Activitypub_profile object when
the goal is only to check if it exists already.
2021-07-16 19:44:34 +01:00
tenma
6af86536aa [AP] Subscribe RemoteFollow plugin events for allowing following with the remote-follow button 2021-07-16 19:44:34 +01:00
tenma
84ba14426c [AP] Update version info 2021-07-16 19:44:34 +01:00