Commit Graph

114 Commits

Author SHA1 Message Date
Matt Baer 8d8e671a07 Fix suspension check in fetchPost()
Previously, this check would return a "user not found" error when
retrieving a collection post by its post ID, e.g. /api/posts/abc123
instead of /api/collections/demo/posts/my-slug -- this happens
particularly when `Announce`ing a post in the fediverse. This change
fixes that.
2019-11-19 09:59:13 +09:00
Matt Baer 2899d98cfd Fix collection post 500 when not logged in
This reverts some code from 5429ca4a, which broke collection post
loading on blog posts when not logged in.
2019-11-12 19:43:41 +09:00
Rob Loranger 7e014ca659
Rename Suspend status to Silence
This changes all variables and functions from using Suspend{ed} to using
Silence{d} as well as documentation, errors and logging.
2019-11-11 15:25:19 -08:00
Matt Baer 53586d9cb8 Merge branch 'develop' into T661-disable-accounts 2019-11-12 01:46:37 +09:00
Rob Loranger f66d5bf1e8
use .Host instead of adding .Hostname 2019-11-09 11:41:39 -08:00
Rob Loranger c0b75f6b65
pass hostname to canonical url in post templates
the change to take a hostname in Post.CanonicalURL broke a few template
using that function. This adds a Hostname string to the Post being
passed to templates and passes it to calls to Post.CanonicalURL
2019-11-08 08:47:03 -08:00
Matt Baer e1149cd1e9 Fix URLs in CSV exports
This includes the instance's hostname in calls to export a CSV file and
PublicPost.CanonicalURL().

It also fixes a panic in that method during CSV export caused by draft
posts.
2019-11-07 17:25:42 +09:00
Rob Loranger 5429ca4ab0
add check for suspended user on single posts
also fix logic bug in posts.go viewCollectionPost checking the page
owner
2019-10-25 13:40:32 -07:00
Rob Loranger f85f0751a3
address PR comments
- update error messages to be correct
- move suspended message into template and include for other pages
- check suspended status on all relevant pages and show message if
logged in user is suspended.
- fix possible nil pointer error
- remove changes to db schema files
- add version comment to migration
- add UserStatus type with UserActive and UserSuspended
- change database table to use status column instead of suspended
- update toggle suspended handler to be toggle status in prep for
possible future inclusion of further user statuses
2019-10-25 12:04:24 -07:00
Matt Baer 9873fc443f Merge branch 'develop' into T661-disable-accounts 2019-10-24 13:22:26 -04:00
Michael Demetriou db14f04b59 Redirects from the intermediate page work and if there's an old mention
there it updates the table to include the handle.

migrations WIP
2019-10-10 16:04:43 +03:00
Michael Demetriou 99bb77153e Handles are saved in `remoteusers` while the links take you to an
intermediate page (WIP) that shows the user profile page url
2019-10-10 15:11:46 +03:00
Michael Demetriou 3eb638b14a Fix @thebaer's comments in dccfae7a61 (commitcomment-35410380) 2019-10-09 14:34:31 +03:00
Michael Demetriou dccfae7a61 Mentioning pleroma accounts works! Mastodon still needs the type to b
be Note to work but I will open an issue for them and see what their
reaction will be.
2019-10-08 15:58:19 +03:00
Rob Loranger f87371b594
update IsJSON to check for Accept header
this changes the helper IsJSON to take a request instead of a string,
allowing to check multiple headers. In this case both Content-Type and
Accept.
2019-09-18 12:39:53 -07:00
Matt Baer 40ffb3a5f9 Merge branch 'develop' into chorus 2019-09-10 21:41:28 +02:00
Matt Baer b7acd39051 Add Cache-Control headers on AP endpoints
Includes:

* AP Collection fetching via canonical URL
* AP Collection fetching via API
* AP Post fetching via canonical URL
* AP Post fetching via API

Ref T693
2019-09-09 22:07:03 +02:00
Rob Loranger 77f7b4a522
Add account suspension features
This renders all requests for that user's posts, collections and related
ActivityPub endpoints with 404 responses.

While suspended, users may not create or edit posts or collections.

User status is listed in the admin user page

Admin view of user details shows status and now has a button to activate
or suspend a user.
2019-08-29 09:09:11 -07:00
Rob Loranger f241d69425
reduce GetPinnedPosts calls to single line 2019-08-12 14:12:35 -07:00
Rob Loranger b373aad298
prevent future posts from showing in pins
this changes GetPinnedPosts to accept an includeFutre bool, which
returns future dated pinned posts when true.
2019-08-12 09:58:30 -07:00
Matt Baer deec914ccb Merge branch 'develop' into chorus 2019-08-08 07:55:49 -04:00
Matt Baer adfcc82241
Merge pull request #148 from writeas/default-visibility
Support setting default blog visibility on instance

Resolves T675
2019-08-07 17:44:37 -04:00
Matt Baer afadf6fdf6 Set default visibility in datastore.CreateCollection
instead of updating it later. This is more correct behavior, prevents an
additional query, and ensures that potential collection-creation when
claiming posts also respects the default (which it didn't before).

Ref T675
2019-08-07 16:20:32 -04:00
Matt Baer 3cc397ad76 Merge branch 'develop' into chorus 2019-08-07 10:58:34 -04:00
Matt Baer ef4a5b20d1
Merge pull request #144 from writeas/fix-api-missing-hostname
Fix missing hostname when publishing via API
2019-08-07 10:40:45 -04:00
Matt Baer 582f041748 Return plainer message on coll .txt post 404
Ref T493
2019-08-07 10:26:36 -04:00
Matt Baer 35906118d0 Return only 404 on ActivityPub coll post request
Ref T493
2019-08-07 10:18:40 -04:00
Matt Baer ff7828c558 Link hashtags to Reader when Chorus mode enabled
instead of linking to posts only on a user's blog.

Ref T681
2019-08-07 09:40:07 -04:00
Matt Baer 1a80cd3c02 Add site-wide navigation on colls when chorus = true
This adds a new config value: `chorus` that signifies an instance is
more about the Reader view than individual blogs / writers. When
enabled, user navigation will show on all pages, including About,
Reader, and Privacy (ref T680).

It also uses different collection templates that keep the instance-wide
navigation at the top of the page, instead of the author's name --
again, branded more for the collective than the individual.

Ref T681
2019-08-07 09:00:16 -04:00
Matt Baer f6f116d672 Fix missing hostname when publishing via API
This fixes a bug that occurred only when publishing via API and
authenticating via token (rather than cookie).

Previously, the instance's hostname wouldn't be added to the Collection
that got passed around after retrieving the owned post, meaning an
incomplete URL was returned in the API response, and federation failed due
to the missing host.
2019-07-22 14:02:53 -04:00
Matt Baer f541f72224 Style collection 404 page like rest of blog
This displays the "page is missing" text within the same page as any
other blog post, keeping customizations, pinned pages, and general blog
navigation.

Ref T493
2019-07-21 15:15:52 -04:00
Matt Baer ba3cb4b4ff
Merge pull request #138 from writeas/fix-unpublished-state
Don't consider post unpublished when title exists
2019-07-21 11:35:16 -04:00
Matt Baer 909976dd90 Don't consider post unpublished when title exists
Previously, you could create a post with a title but no body, e.g. by
publishing via email. This would still show the post on a blog, but
would give a 410 Gone page when trying to access the page.

This issue originally reported on the forum:
https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
2019-07-14 12:59:33 -04:00
Matt Baer 31b521c11c Prevent transliterated slugs exceeding limit
Transliteration during slug generation can cause slugs to exceed their
80-character limit. This fixes that by making a second truncation pass
on the slug during generation.

Originally reported on the forum:
https://discuss.write.as/t/title-convert-to-url-function-bug-under-chinese/723
2019-07-11 09:18:39 -04:00
Matt Baer bd180f56a8 Add comments about isRaw logic 2019-07-01 19:10:29 -04:00
Matt Baer 77bf403443 Merge branch 'develop' into private-instance 2019-06-20 21:10:36 -04:00
Matt Baer 86a128483b Fix more missing hostNames
This fixes places, especially around federation, where the Collection's
`hostName` wasn't set.
2019-06-20 21:08:30 -04:00
Matt Baer 63b536ec87 Don't federate anything when instance is private
Ref T576
2019-06-16 20:34:32 -04:00
Matt Baer b3a36a3be7 Allow completely private instances, part 1
This is the start of all changes needed to support entirely private
instances, where all blogs are only visible to other authenticated users
on an instance (ref T576). It begins by changing how Handler methods check an
endpoint's permissions.

- Renames UserLevelLEVEL consts to UserLevelLEVELType
- Adds UserLevelLEVEL funcs with same names as previous consts. Each
  returns a UserLevel
- Adds a new UserLevelReader that restricts access based on app
  configuration. This is now used on collections and posts.
- Changes routing a bit so static files are always accessible
2019-06-16 18:55:50 -04:00
Matt Baer f38a135bfa Remove global hostName var
This moves `hostName` to the `Collection` struct, where it's needed. The
field is populated after successful `GetCollection...()` calls.

This isn't the cleanest way to do things, but it accomplishes the goal.
Eventually, we should accept the AppCfg to `GetCollection...()` calls,
or make them `App` methods, instead of `datastore` methods.

Ref T613
2019-06-14 18:54:04 -04:00
Matt Baer d5c2fe47da
Merge branch 'develop' into librarization 2019-06-13 20:44:55 -04:00
Matt Baer ed4aacd1ac Move static file ServeMux to App struct 2019-06-13 18:45:03 -04:00
Rob Loranger d58c142467
change delete post authentication logic
this reorders the logic for checking authentication on post deletes to
first check for a provided edit token and after check for an access
token or auth'd user.
2019-06-05 09:39:22 -07:00
Matt Baer b9b41b1ef7 Enable un-setting RTL setting via web
Previously, once RTL was enabled on a post, you couldn't unset it via
the web application. This fixes that. (Fixes #103)
2019-05-18 23:16:42 -04:00
Matt Baer d8937e89a8 Make App struct public 2019-05-12 17:19:38 -04:00
Matt Baer 1dc93c076d Revert "Support new commentsEnabled property"
This reverts commit 5e7da6678d.

There are better standards in progress like a `capabilities` object:
https://litepub.social/litepub/lice.html
2019-04-11 22:04:51 -04:00
Matt Baer 24c56af6ee
Merge pull request #89 from writeas/comments-enabled
Support new commentsEnabled property
2019-04-07 12:34:14 -04:00
Matt Baer 4af9fa66aa Don't federate scheduled posts upon claiming
Previously, moving an anonymous post to a blog would instantly federate
the post, regardless of its `created` date. This now respects that value
and doesn't federate the post if its `created` date is in the future.

This is the first part of supporting scheduled, federated posts (ref T567)
but technically fixes #76.
2019-04-05 18:50:18 -04:00
Matt Baer 5e7da6678d Support new commentsEnabled property
This is a field previously supported by PeerTube, and just recently
added on PixelFed, that should inform other ActivityPub services whether
or not comments are enabled on any given post. WriteFreely doesn't
support comments today, so this will always be false.
2019-04-04 17:03:54 -04:00
Matt Baer 54edb2562d Strip HTML from post summary
This removes HTML, in addition to the Markdown stripping that was
already happening.

This fixes #83
2019-03-14 08:59:59 -04:00
Matt Baer 32e99d0041 Fix hashes in code blocks rendered as hashtags
Previously, our hashtag parser would indiscriminately replace
hashtag-like text with hashtag HTML -- including in places it shouldn't
have, like inside code blocks. Along with the v1.7.0 changes to
writeas/saturday, this fixes that and closes #6.

As a bonus, strings of #spaceless#hashtags#in#a#row are now rendered
correctly.
2019-02-04 17:50:37 +01:00
Matt Baer 8a07c0f0a0 Extract images with .image extension 2018-12-31 16:19:26 -05:00
Matt Baer 3ae45bc156 Fix spacing around copyright notices 2018-12-31 01:05:26 -05:00
Matt Baer 1274914207 Add copyright / license notices to .go files 2018-12-24 12:45:15 -05:00
Matt Baer 7f5551105a Fix metadata update redirect on single-user instances
Fixes #50
2018-12-24 10:33:40 -05:00
Matt Baer fc856e36eb Fix editing metadata on single-user instances
This closes #40
2018-12-01 16:27:14 -05:00
Matt Baer bdc4f270f8 Support editing About and Privacy pages from Admin panel
This allows admin to edit these pages from the web, using Markdown. It
also dynamically loads information on those pages now, and makes loading
`pages` templates a little easier to find in the code / more explicit.

It requires this new schema change:

CREATE TABLE IF NOT EXISTS `appcontent` (
  `id` varchar(36) NOT NULL,
  `content` mediumtext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
  `updated` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

This closes T533
2018-11-18 21:58:50 -05:00
Matt Baer 99a10a2563 Accept different `created` time on post publish
This helps with post importing and clients that want to support post
scheduling. It also changes how Collection.ForPublic() works, no longer
resetting the ID.

Closes T532
2018-11-18 14:39:50 -05:00
Matt Baer 8e6d0daa06 Federate draft when published to a blog
This now sends out a `Create` activity when a post is moved from a draft
to a blog.

This closes #9. Closes T526.
2018-11-16 12:42:21 -05:00
Matt Baer 8a8db3be53 Support retrieving posts as AS2 object
Previously this was only supported on
/api/collections/{alias}/posts/{id} -- this also allows it on
/api/posts/{id}, so things like `Announce`s work.

This closes #4
2018-11-10 01:29:48 -05:00
Matt Baer 001fc8bb2d Fully support single-user mode
- New editor nav
- New backend nav
- Support for drafts
- Different footers on backend
2018-11-09 22:10:46 -05:00
Matt Baer 3afdd8c1b4 Add backend post handling, endpoints, rendering 2018-11-07 23:43:11 -05:00
Matt Baer 39477cfcab Fix parse package import 2018-10-16 23:49:01 -04:00
Matt Baer 0c1e1dd57e Add data layer
This includes config changes, collections, posts, some post rendering
funcs, and actual database connection when the server starts up.
2018-10-16 22:31:27 -04:00