Commit Graph

5127 Commits

Author SHA1 Message Date
Alexei Sorokin
e206995268 Set HTTP status codes with http_​response_​code() 2020-08-04 14:12:17 +03:00
Diogo Cordeiro
a9c365a5eb [VersionBump] 2.0.0alpha0
Ran composer update and locale updater
2020-08-04 05:31:44 +01:00
t3nma
1675916fda [ActivityPub][QUEUES] Handle Create (AS1 POST) verb properly
Fixes a bug introduced in e504d13120
2020-08-03 18:21:47 +01:00
Alexei Sorokin
20be1d179a [OpenID][DATABASE] Store UNIX timestamps as BIGINT 2020-07-31 18:40:53 +03:00
Alexei Sorokin
92e8c40c55 [DATABASE] Add explicit indices for all foreign keys
This adds a requirement for all definitions that have foreign keys to also
require indices for all source (local) attributes mentioned in foreign keys.

MariaDB/MySQL creates indices for source attributes automatically, so this
serves as a way to get rid of those automatic indices and create clean explicit
ones instead.

In PostgreSQL, most of the time, indices on the source are necessary to
decrease performance penalty of foreign keys (like in MariaDB), but they aren't
created automatically, so this serves to remove that difference between
PostgreSQL and MariaDB.
2020-07-31 16:36:40 +03:00
Alexei Sorokin
0bfa747382 [DATABASE] Fix index identifiers and clean up redundant ones 2020-07-31 16:12:48 +03:00
t3nma
be3c4263b3 [DirectMessage] Update ApiDirectMessageNew action
- Messages are now saved as Notices
2020-07-29 17:50:29 +01:00
t3nma
f00852a619 [DirectMessage] Update ApiDirectMessage action
- getMessages() is now fetching from the Notice table as supposed
- every show{format}* method is properly updated to use Notice objects
- json and xml responses retrieve multi-recipients without compromising
  backwards compatibility
2020-07-28 05:49:37 +01:00
t3nma
83df8848c8 [DirectMessage] Update inboxMessages() to stop fetching replies
This is yet to be supported in the plugin.
2020-07-28 05:48:43 +01:00
t3nma
99183ce4e2 [DirectMessage] PSR12-format 2020-07-28 04:46:10 +01:00
Alexei Sorokin
434ce56e33 [DOCUMENTATION] Adopt PSR-12 and clarify on arrays 2020-07-27 19:19:42 +03:00
Alexei Sorokin
ec86de2bc4 [DATABASE] Update "modified" in Managed_DataObject instead of a DBMS trigger
Instead of relying on the MariaDB's ON UPDATE CURRENT_TIMESTAMP trigger update
"modified" attributes in Managed_DataObject. Every raw query that needs
adjusting is adjusted, as they won't update "modified" automatically anymore.

The main goal behind this change is to fix "modified" updates on PostgreSQL.
2020-07-27 19:10:33 +03:00
Alexei Sorokin
341f3d0ea5 [DATABASE] Fix more incorrect uses of quotation in SQL 2020-07-26 15:28:05 +03:00
Diogo Cordeiro
0def5f1dca [ActivityPub][Explorer] More robust exception handler for invalid remote answers 2020-07-23 15:54:40 +01:00
Alexei Sorokin
ac94374f48 [RemoteFollow] Fix location display 2020-07-22 19:49:24 +03:00
Alexei Sorokin
f9e38c1a8d [LRDD] Fix unhandled bad data in HostMeta, LinkHTML and WebFinger 2020-07-22 01:30:04 +03:00
Diogo Cordeiro
6db56cc949 [ActivityPub][AProfile] Complete strict typing 2020-07-21 23:22:07 +01:00
Alexei Sorokin
7081720ecb [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2020-07-21 18:06:39 +03:00
Diogo Cordeiro
f7ded4d87b [UserFlag] Fix type of onUserRightsCheck 2020-07-21 13:37:36 +01:00
Diogo Cordeiro
67780ca4a9 [UserFlag] Increase strict typing of main file
Run php-cs-fixer
Correct case of class name onDeleteRelated event handlers
2020-07-21 12:43:52 +01:00
Diogo Cordeiro
871f3c4bfe [ActivityPub] Increase type strictness on Explorer 2020-07-21 12:26:23 +01:00
Diogo Cordeiro
395fe8cb10 [ActivityPub] Fix wrong type handling on AProfile:update_profile 2020-07-21 12:02:07 +01:00
Diogo Cordeiro
af936f6f8e [Bookmark] Fix misuse of XMLOutputter
Argument 3 passed to htmloutputter::input() must be of the type string or null, array given, called in /srv/gnusocial/plugins/Bookmark/forms/bookmark.php on line 166
2020-07-17 20:56:51 +01:00
Diogo Cordeiro
5512e95e0a [ExtendedProfile] Fix misuse of XMLOutputter
Argument 1 passed to xmloutputter::text() must be of the type string, null given, called in /srv/gnusocial/plugins/ExtendedProfile/lib/extendedprofilewidget.php on line 556
2020-07-17 20:50:16 +01:00
Diogo Cordeiro
3a2ec3ef9c [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2020-07-07 17:57:48 +01:00
Alexei Sorokin
08283f6c54 [RedisCache] Catch string return type from Predis\Client::setex 2020-07-06 20:10:12 +03:00
Diogo Cordeiro
6526bdc824 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2020-07-05 18:26:49 +01:00
Diogo Cordeiro
1967f46a69 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2020-07-05 17:38:28 +01:00
Diogo Cordeiro
e504d13120 [ActivityPub][QUEUES] Add Like, Undo and Delete 2020-07-05 16:58:05 +01:00
Diogo Cordeiro
2f284f4274 [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2020-07-05 16:46:37 +01:00
Diogo Cordeiro
4d171b27a4 [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2020-07-05 15:38:12 +01:00
Diogo Cordeiro
fe4a9a6189 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2020-07-05 15:37:52 +01:00
Alexei Sorokin
9a515b9234 [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2020-06-29 01:41:46 +03:00
Alexei Sorokin
b924c180ae [DATABASE] Fix MariaDB schema verification 2020-06-28 20:05:11 +03:00
Diogo Cordeiro
737f3eb553 [ActivityPub][HTTPSignatures] Fix verify 2020-06-28 00:58:16 +01:00
Diogo Cordeiro
6e3954f3bb [ActivityPub][Inbox] Signature verification after Actor update would always fail 2020-06-28 00:49:55 +01:00
Diogo Cordeiro
7869a7c1b0 [ActivityPub][Inbox] With PHP 7.3 we don't need get_all_headers workaround anymore
Furthermore, it was broken on Apache2 because the actual function
doesn't put the resulting array's key in lowercase.
2020-06-27 20:43:43 +01:00
Diogo Cordeiro
1db6943702 [ActivityPub][Inbox] get_all_headers was nginx only 2020-06-26 14:08:47 +01:00
Diogo Cordeiro
e8dff6c4a0 [TESTS] Move AcceptHeader from ActivityPub plugin to Core
Delete temporary ActivityPub tests (they were to be deleted long ago)
2020-06-25 15:50:12 +01:00
Diogo Cordeiro
23ed816035 [ExtendedProfile] Fix XML type bug 2020-06-24 21:44:25 +01:00
Diogo Cordeiro
aa7aff3f6b [TESTS] Fix CommandInterpreterTest
Also corrected a bad refactoring that affected Xmpp plugin test
2020-06-24 13:54:38 +01:00
Alexei Sorokin
194976135f [DATABASE] Some query improvements
Make common_sql_weight employ standard SQL functions for the timestamp
difference in seconds.
Also replace UTC_TIMESTAMP in the MariaDB-specific part with CURRENT_TIMESTAMP
as it is the only occurence and GNU social sets UTC as a default timezone.

In a delete_orphan_files.php script simplify the main query considerably.

In clean_profiles.php stop using COUNT as if it is ANY, that is unnecessary
punishment for the database. Instead implement the anti-join with a
left outer join.

In Autocomplete and Activitypub_profile use joins instead of a WHERE OR
anti-pattern for the semi-joins.

In lib/ui/galleryaction.php replace a CROSS JOIN with an INNER JOIN.

In actions/sup.php remove a redundant subquery: WHERE is applied before
grouping either way.
2020-06-10 16:52:00 +03:00
Alexei Sorokin
0eec6fcfb6 [DATABASE] Replace NOW() with CURRENT_TIMESTAMP 2020-06-09 20:26:06 +03:00
Alexei Sorokin
09a772419a [DATABASE] Use "<>" as an SQL non-equality sign in more cases
A follow-up to commit 644b417f6c
2020-06-08 18:31:22 +03:00
Alexei Sorokin
6c035d01d4 [DATABASE] Start transactions with START TRANSACTION
"BEGIN" is non-standard and unnecessary.
2020-06-08 12:25:01 +03:00
susdiv
97bddc4537 [Autocomplete] Fix postgres incompatible query in AutocompleteAction 2020-06-05 19:14:37 +00:00
susdiv
b8c0fa9fa0 [ActivityPub] Fix Postgres incompatible query in Following and Followed collection 2020-06-05 17:48:21 +00:00
Hugo Sales
7e83ddf80e [FIX] Fix 'Trying to access array offset on value of type null' in AntiBrutePlugin and SimpleCaptchaPlugin when using scripts 2020-05-24 16:55:37 +00:00
tenma
a9be720f09 [OStatus] Remove TFN's deprecated Census event and fix small typo in the code 2020-05-09 11:50:26 +01:00
tenma
d7906f113e [ActivityPub] Remove TFN's deprecated Census event 2020-05-09 11:50:26 +01:00
tenma
cfba91ea43 [OStatus] Add TheFreeNetwork module's support in handling profile insertion
Ostatus_profile:
- Update createActivityObjectProfile to trigger TFN's assistance in inserting the profile
2020-05-09 11:50:26 +01:00
tenma
134b6f6478 [ActivityPub] Add TheFreeNetwork module's support in handling profile insertion
Activitypub_profile:
- Update do_insert to trigger TFN's assistance in inserting the profile

explorer:
- Use the new LRDD's method for grabbing profile aliases
2020-05-09 11:50:25 +01:00
tenma
9aedcc7997 [OStatus] Update salmonaction to use the new LRDD's method for grabbing aliases 2020-05-09 11:50:25 +01:00
tenma
35547e28ea [LRDD] Add a new method for grabing profile aliases 2020-05-09 11:50:25 +01:00
tenma
c6543e1f95 [ActivityPub] Autofix profile URIs through alias discovering
Activitypub_profile:
- Add updateUri method

explorer:
- Add grab_aliases method
- Update grab_local_user's online course to grab and test aliases
2020-05-09 11:50:25 +01:00
Hugo Sales
6c844315aa [CORE] Fix 'Array and string offset access syntax with curly braces is deprecated' in AuthCryptModule and DirectionDetectorPlugin 2020-05-04 10:47:23 +00:00
Alexei Sorokin
872bb1388d [Nodeinfo] Count active users for full days and without silenced 2020-04-17 18:13:05 +03:00
Diogo Cordeiro
e58188d136 [UI] Small improvement on attachment's visual 2020-04-07 13:28:34 +01:00
Diogo Cordeiro
bb32c0af3b [SensitiveContent] Fix plugin settings
Also reformatted the code and minor bug fixed it
2020-04-07 13:28:29 +01:00
nee
63fd2c7037 [SensitiveContent] Add option to activate for not-logged-in visitors
Remove redundant setting retrival code.

An example config.php entry to activate the new config:
$config['site']['sensitivecontent']['hideforvisitors'] = true;
2020-04-07 02:59:35 +01:00
nee
520a2ba202 [SensitiveContent] Don't crash in GNU social classic
When an attachment has no thumbnail (for example when it's a video).
2020-04-07 02:59:30 +01:00
Diogo Cordeiro
6898cff623 [PLUGINS] Remove VideoThumbnails not useful anymore 2020-04-03 12:20:27 +01:00
Diogo Cordeiro
f4558e3c41 [ActivityPub] Fix profile url handling 2020-03-28 03:16:24 +00:00
Diogo Cordeiro
073a181778 [ActivityPub] Fix undefined tag index 'type' in Activitypub_notice 2020-02-14 17:25:26 +00:00
Alexei Sorokin
e7ab305335 [CORE] Use monotonic time via hrtime() where applicable
The realtime clock is not reliable when calculating elapsed time.
2020-01-07 19:48:13 +03:00
Diogo Cordeiro
60446dfc20 [CORE] Better queues defaults 2019-12-11 02:23:37 +00:00
Diogo Cordeiro
dc211c9c44 [ActivityPub][Postman] Fix not sending notices to self 2019-12-11 01:30:25 +00:00
Diogo Cordeiro
27babac6dc [Ostatus] Partially revert 69add504e6
updateuris isn't needed after alll, we should solve this with TFNM and existing infrastructure.
2019-12-11 01:30:15 +00:00
Diogo Cordeiro
3e2b7cddc8 [ActivityPub][RSA] Revision, increase type scrictness and improve docs 2019-12-10 23:51:40 +00:00
Diogo Cordeiro
80ba2b3ccc [ActivityPub] Properly handle Actor URIs by using events correctly
This should fix nulls on explorer lookups inputed by postman after generate_followers/getSubscribers, that I think were caused by calling common_profile_uri that, curiously, only handles local profiles
2019-12-10 23:50:56 +00:00
Diogo Cordeiro
b730582336 [CORE] Add GNUSOCIAL_ENGINE_REPO_URL and increase usage of GNUSOCIAL_ENGINE_URL 2019-11-21 00:21:22 +00:00
Alexei Sorokin
562d84c375 [Xmpp] Adjust type declarations for changes in XMPPHP 2019-11-16 20:44:18 +03:00
Diogo Cordeiro
51b5b1c08c [ActivityPub][RSA] Fix types of generate_keys 2019-11-16 15:32:49 +00:00
Diogo Cordeiro
ca2dde9a41 [ExtendedProfile] Fix updates and allow to delete values 2019-11-03 19:49:10 +03:00
Diogo Cordeiro
e0b17fc97d [REALTIME] Reviewed both the superclass and its dist plugins 2019-11-03 15:37:49 +00:00
Alexei Sorokin
9124617055 [Xmpp] Latin-1 space characters are not forbidden for XMPP resources
Also use mb_strlen() with the 8bit encoding to count octets, strlen() is not as
reliable (mbstring.func_overload).
2019-11-02 13:54:26 +03:00
Alexei Sorokin
b312712d1b [Xmpp] Use UnexpectedValueException in splitJid, a bit narrower 2019-11-02 13:29:00 +03:00
Alexei Sorokin
5bc1b8695e [DATABASE] Disable 'NULL' strings evaluation as SQL NULLs
Use $object->sqlValue('NULL') (identical to DataObject_Cast'ing) instead and
fix related issues like (email|sms)settings considering these NULLs as a
false positive for the E-Mail address still being set when it's been removed.

There could also be security implications to the now-disabled approach of
considering 'NULL' strings as SQL NULLs.
2019-11-02 12:21:43 +03:00
Diogo Cordeiro
d921f3dadb [ActivityPub] New URI system 2019-11-10 17:47:51 +00:00
tenma
3634af3fdc [TheFreeNetwork] First code: Module class and census event 2019-11-03 00:43:21 +00:00
tenma
69add504e6 [OStatus] Add script for profile deduplication and URI fixing 2019-11-03 00:43:21 +00:00
tenma
a0d30b6872 [ActivityPub] Fix some small known problems
ActivityPubPlugin:
- Rework onProfileDeleteRelated to account for the tables _rsa and _pending_follow_requests
- Update onEndShowAccountProfileBlock to stop creating the ap_profile if it doesn't exist (we'll handle this in a different manner)

Activitypub_profile:
- Remove unnecessary code from from_profile method and add return type information

Explorer:
- Update travel_collection to call itself instead of _lookup, that was wrong
2019-11-03 00:43:21 +00:00
Alexei Sorokin
a06b33be66 [AnonymousFave][DATABASE] Set the created timestamp on INSERT 2019-11-01 16:09:09 +03:00
Alexei Sorokin
fe3e33e702 [DAEMONS][TwitterBridge] Set PUBLICDIR 2019-11-01 15:27:36 +03:00
Alexei Sorokin
3f56459734 [COMPOSER] Remove some pre-composer remnants from the code 2019-11-01 14:19:42 +03:00
tenma
bddc1c0f9d [ActivityPub] Fix successive "Cannot use object of type stdClass as array" errors in the postman 2019-11-01 02:23:39 +00:00
tenma
2ae93dbec6 [ActivityPub] Revert usage of bitwise-operator & in the inbox_handler class. 2019-10-17 20:25:00 +01:00
Diogo Cordeiro
b434bead2c [ActivityPub] The protocol allows content to be null, GNU social doesn't, we'll reject silentiously
Reported by kaniini
2019-10-11 19:09:12 +01:00
Diogo Cordeiro
6284b155b8 [ActivityPub] attributedTo itself is not required, if not present then it should be inferred from the actor
Reported by kaniini
2019-10-11 17:51:20 +01:00
Diogo Cordeiro
b12c2d17d5 [ActivityPub] Fix security issue concerning remote profile deletes
Reported by kaniini
2019-10-11 17:41:43 +01:00
Diogo Cordeiro
5fb1e26a4c [ActivityPub] Inbox Handler: Remove old guzzle import
Improve exception information in doc blocks
2019-10-11 17:18:50 +01:00
Diogo Cordeiro
6423750250 [ActivityPub] Slightly increase robustness on exception handling
Also ported Activitypub_rsa to PHP7
Minor indentation fixes
2019-10-11 17:08:41 +01:00
Diogo Cordeiro
d9b5ef1cee [ActivityPub] Consistent headers in explorer requests
Minor indentation fixes
2019-10-11 16:00:14 +01:00
Miguel Dantas
f1717bde51 Fix 'Call to a member function getPayload() on null'
Trying to enable the RedisCache with the latest nightly, getting this with the daemon:

sep 25 11:40:18 friedrich startdaemons.sh[21428]: PHP Fatal error:  Uncaught Error: Call to a member function getPayload() on null in /var/www/social/plugins/RedisCache/RedisCachePlugin.php:96
sep 25 11:40:18 friedrich startdaemons.sh[21428]: Stack trace:
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #0 /var/www/social/lib/util/event.php(89): RedisCachePlugin->onStartCacheSet('gnusocial:herds...', Object(HubSub), NULL, 86400, false)
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #1 /var/www/social/lib/cache/cache.php(202): Event::handle('StartCacheSet', Array)
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #2 /var/www/social/classes/Memcached_DataObject.php(520): Cache->set('gnusocial:herds...', Object(HubSub))
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #3 /var/www/social/classes/Memcached_DataObject.php(52): Memcached_DataObject->encache()
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #4 /var/www/social/classes/Managed_DataObject.php(50): Memcached_DataObject::getClassKV('HubSub', 'hashkey', 'a38b9dc516371af...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #5 /var/www/social/plugins/OStatus/classes/HubSub.php(47): Managed_DataObject::getKV('hashkey', 'a38b9dc516371af...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #6 /var/www/social/plugins/OStatus/lib/hubprepqueuehandler.php(68): HubSub::getByHashkey('https://herds.e...', 'https://raki.so...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #7 /var/www/social/plugins/RedisQueue/classes/RedisQueueManager.php(58): HubPrepQueueHandl in /var/www/social/plugins/RedisCache/RedisCachePlugin.php on line 96
Sign in to j
2019-09-26 11:29:31 +01:00
Alexei Sorokin
65f1b1e1e3 Fix minor git merge resolving issues 2019-09-18 17:43:00 +03:00
Alexei Sorokin
ad91ef66bd [SCRIPTS] Set PUBLICDIR in plugin scripts as well 2019-09-18 17:15:00 +03:00
Diogo Cordeiro
3ea580b537 [ActivityPub] Add missing parenthesis in class instantiation
Fixed some issues related to thrown exceptions in the doblocks; also boolean -> bool
2019-09-13 18:58:41 +01:00
Alexei Sorokin
87b0b493eb [ActivityPub] Fix an unhandled error in onStartGetProfileFromURI 2019-09-13 20:55:23 +03:00
Diogo Cordeiro
4eb4a2de00 [ActivityPub] Fix some bugs with onStartNoticeSearch
Refactored Activitypub_profile::ensure_web_finger to Activitypub_profile::ensure_webfinger
Do not throw exceptions in the handling of this event because we don't
want to stop the regular search just because we were unable to find
ActivityPub actors or notes.
2019-09-13 18:10:20 +01:00
Diogo Cordeiro
c3ba2e0f94 [BugFix] Plugins ExtendedProfile and OverwriteThemeBackground - admin is identical to system path names. 2019-09-12 23:18:50 +01:00