Commit Graph

19608 Commits

Author SHA1 Message Date
Alexei Sorokin
f9e38c1a8d [LRDD] Fix unhandled bad data in HostMeta, LinkHTML and WebFinger 2020-07-22 01:30:04 +03:00
Diogo Cordeiro
6db56cc949 [ActivityPub][AProfile] Complete strict typing 2020-07-21 23:22:07 +01:00
Alexei Sorokin
7081720ecb [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2020-07-21 18:06:39 +03:00
Diogo Cordeiro
f7ded4d87b [UserFlag] Fix type of onUserRightsCheck 2020-07-21 13:37:36 +01:00
Diogo Cordeiro
67780ca4a9 [UserFlag] Increase strict typing of main file
Run php-cs-fixer
Correct case of class name onDeleteRelated event handlers
2020-07-21 12:43:52 +01:00
Diogo Cordeiro
871f3c4bfe [ActivityPub] Increase type strictness on Explorer 2020-07-21 12:26:23 +01:00
Diogo Cordeiro
395fe8cb10 [ActivityPub] Fix wrong type handling on AProfile:update_profile 2020-07-21 12:02:07 +01:00
Diogo Cordeiro
af936f6f8e [Bookmark] Fix misuse of XMLOutputter
Argument 3 passed to htmloutputter::input() must be of the type string or null, array given, called in /srv/gnusocial/plugins/Bookmark/forms/bookmark.php on line 166
2020-07-17 20:56:51 +01:00
Diogo Cordeiro
5512e95e0a [ExtendedProfile] Fix misuse of XMLOutputter
Argument 1 passed to xmloutputter::text() must be of the type string, null given, called in /srv/gnusocial/plugins/ExtendedProfile/lib/extendedprofilewidget.php on line 556
2020-07-17 20:50:16 +01:00
Hugo Sales
5e14f18c83 [NOTICE][UI] Fix bug: Option to message "Everyone at site" when using private instance 2020-07-16 22:29:59 +00:00
Alexei Sorokin
5adb971d9a [DOCUMENTATION] Adapt the nginx config for avatars located in /file 2020-07-09 18:39:36 +03:00
Alexei Sorokin
f51e5ba19d [CORE] Avoid materialisation in the TaggedProfileNoticeStream query
This is analogous to c862589dcf
2020-07-07 22:41:03 +03:00
Alexei Sorokin
488bddb02a [NOTICE] Update index for verbs in ProfileNoticeStream
After adding a verb condition there, MariaDB now prefers the
("created", "id", "is_local") and ("profile_id", "verb", "created", "id")
indices for that query, even though they are slow for the job.
So replace them with ("is_local", "created", "id") and
("profile_id", "verb", "created", "id") respectively.
Also fix the naming of the ("profile_id", "created", "id") index.
2020-07-07 20:43:08 +03:00
Diogo Cordeiro
3a2ec3ef9c [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2020-07-07 17:57:48 +01:00
Alexei Sorokin
08283f6c54 [RedisCache] Catch string return type from Predis\Client::setex 2020-07-06 20:10:12 +03:00
Alexei Sorokin
f7d3f58318 [CORE] Do not set "confirm_address"."user_id" to 0 by default
That breaks the foreign key constraint, it is better to just have it nullable.
2020-07-06 20:01:16 +03:00
Alexei Sorokin
89e84e9b1b [NOTICES] Revert "We want the profile stream to be as raw as possible!"
There are only three possible visible notice verbs: POST, SHARE and DELETE.
What including all verbs does is it makes limiting (FETCH FIRST) unreliable as
the query will fetch invisible stuff (like favourites) and count it in, but
nothing will be displayed.
NoticeStream only allows POST and SHARE, so this effectively removes tombstones
from the profile page like in 78a111b57d
2020-07-06 19:20:44 +03:00
Alexei Sorokin
9226cce151 [NOTICES] Fix InboxNoticeStream caching
Introduce a new property in CachingNoticeStream for always checking if there
are any new elements in the stream.
It would be extremely hard to blow InboxNoticeStream, so instead the database
hit will still occur, but it is be much faster than starting fresh.

This fixes a regression introduced in 36a55d8436
2020-07-06 18:12:50 +03:00
Diogo Cordeiro
6526bdc824 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2020-07-05 18:26:49 +01:00
Diogo Cordeiro
1967f46a69 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2020-07-05 17:38:28 +01:00
Diogo Cordeiro
e504d13120 [ActivityPub][QUEUES] Add Like, Undo and Delete 2020-07-05 16:58:05 +01:00
Diogo Cordeiro
2f284f4274 [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2020-07-05 16:46:37 +01:00
Diogo Cordeiro
4d171b27a4 [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2020-07-05 15:38:12 +01:00
Diogo Cordeiro
fe4a9a6189 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2020-07-05 15:37:52 +01:00
Alexei Sorokin
c862589dcf [CORE] Avoid materialisation in the TagNoticeStream query
The notice.created sort forced the notice_tag by notice join plain to employ
materialisation, which can have a serious performance penalty depending on the
size of the database.
Sort by notice_tag.created instead, which should be exactly the same.
2020-07-01 18:20:44 +03:00
Alexei Sorokin
61765b0e33 [CORE] Avoid the old "reply" relation in inboxnoticestream
All verbs for not visible notices are filtered out, so this should not
break the timeline.
Additionally, filter by profile outside of the derived relation as that shows
better performance in PostgreSQL and MariaDB both.
2020-07-01 17:11:04 +03:00
Alexei Sorokin
78a111b57d Revert "FullNoticeStream selects all verbs"
It appears this was added to display "tombstones" of deleted notices.
However, it has other side-effects and the concept of keeping them visible has
not been adopted by the wider fediverse.
2020-06-30 23:03:41 +03:00
Alexei Sorokin
9a515b9234 [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2020-06-29 01:41:46 +03:00
Alexei Sorokin
b924c180ae [DATABASE] Fix MariaDB schema verification 2020-06-28 20:05:11 +03:00
Diogo Cordeiro
737f3eb553 [ActivityPub][HTTPSignatures] Fix verify 2020-06-28 00:58:16 +01:00
Diogo Cordeiro
6e3954f3bb [ActivityPub][Inbox] Signature verification after Actor update would always fail 2020-06-28 00:49:55 +01:00
Diogo Cordeiro
4544f29832 [AVATAR] Ensure this Action stays secure 2020-06-28 00:11:47 +01:00
Hugo Sales
477c357f11 [MEDIA] Move AttachmentAction::sendFile to common_send_file
This fixed the wrong content type and status code returned by the Avatar action
2020-06-27 23:23:10 +01:00
Diogo Cordeiro
7869a7c1b0 [ActivityPub][Inbox] With PHP 7.3 we don't need get_all_headers workaround anymore
Furthermore, it was broken on Apache2 because the actual function
doesn't put the resulting array's key in lowercase.
2020-06-27 20:43:43 +01:00
Alexei Sorokin
edc7159ef6 [Memcached_DataObject] Check if it is possible to sort efficiently 2020-06-27 11:22:19 +03:00
Diogo Cordeiro
1db6943702 [ActivityPub][Inbox] get_all_headers was nginx only 2020-06-26 14:08:47 +01:00
Diogo Cordeiro
e8dff6c4a0 [TESTS] Move AcceptHeader from ActivityPub plugin to Core
Delete temporary ActivityPub tests (they were to be deleted long ago)
2020-06-25 15:50:12 +01:00
Diogo Cordeiro
23ed816035 [ExtendedProfile] Fix XML type bug 2020-06-24 21:44:25 +01:00
Diogo Cordeiro
324b7f38a9 [FORMAT] Run php-cs-fixer on tests/ 2020-06-24 13:55:10 +01:00
Diogo Cordeiro
aa7aff3f6b [TESTS] Fix CommandInterpreterTest
Also corrected a bad refactoring that affected Xmpp plugin test
2020-06-24 13:54:38 +01:00
Diogo Cordeiro
236929a166 [PEAR] I'm tired of this issue still popping up, this seems to silence it 2020-06-24 13:08:58 +01:00
Diogo Cordeiro
953e243639 [UI] Make neo-quitter default theme 2020-06-21 00:34:55 +01:00
Diogo Cordeiro
338d53c982 [XML] Inscrease types strictness 2020-06-21 00:34:54 +01:00
Diogo Cordeiro
37ebcc509b [AVATAR] Temporary ImageFile wasn't 2020-06-21 00:34:27 +01:00
Diogo Cordeiro
f9be6f9a85 [AVATAR] Try to delete tmp avatar if something goes wrong during the process 2020-06-20 14:47:35 +01:00
Diogo Cordeiro
2cc2b5b856 [MEDIA] ImageFile fromUpload method wasn't ensuring uploaded file was an image 2020-06-20 14:47:33 +01:00
Alexei Sorokin
194976135f [DATABASE] Some query improvements
Make common_sql_weight employ standard SQL functions for the timestamp
difference in seconds.
Also replace UTC_TIMESTAMP in the MariaDB-specific part with CURRENT_TIMESTAMP
as it is the only occurence and GNU social sets UTC as a default timezone.

In a delete_orphan_files.php script simplify the main query considerably.

In clean_profiles.php stop using COUNT as if it is ANY, that is unnecessary
punishment for the database. Instead implement the anti-join with a
left outer join.

In Autocomplete and Activitypub_profile use joins instead of a WHERE OR
anti-pattern for the semi-joins.

In lib/ui/galleryaction.php replace a CROSS JOIN with an INNER JOIN.

In actions/sup.php remove a redundant subquery: WHERE is applied before
grouping either way.
2020-06-10 16:52:00 +03:00
Alexei Sorokin
ef17f3ea7d [CORE][DATABASE] Another approach to semi-join in the inboxnoticestream query
Compared to the solution with INNER JOIN this seems to have better performance
as there is no need to deduplicate the subquery result before use.
2020-06-10 14:21:47 +03:00
Alexei Sorokin
0eec6fcfb6 [DATABASE] Replace NOW() with CURRENT_TIMESTAMP 2020-06-09 20:26:06 +03:00
Alexei Sorokin
09a772419a [DATABASE] Use "<>" as an SQL non-equality sign in more cases
A follow-up to commit 644b417f6c
2020-06-08 18:31:22 +03:00