From 9d57a8355509462d64d3bd2af370037a3c29bf37 Mon Sep 17 00:00:00 2001 From: KMY Date: Sun, 18 Feb 2024 12:03:17 +0900 Subject: [PATCH 01/11] Pumb version to 11.0 --- lib/mastodon/version.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index 06563f3501..6676ee99d7 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -14,8 +14,8 @@ module Mastodon def kmyblue_flag # 'LTS' - 'dev' - # nil + # 'dev' + nil end def major From ad723b0cbd832f013d98bdc0dfc3e7cf0c47e2f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?KMY=EF=BC=88=E9=9B=AA=E3=81=82=E3=81=99=E3=81=8B=EF=BC=89?= Date: Mon, 19 Feb 2024 09:20:57 +0900 Subject: [PATCH 02/11] =?UTF-8?q?Change:=20=E3=83=9B=E3=83=AF=E3=82=A4?= =?UTF-8?q?=E3=83=88=E3=83=AA=E3=82=B9=E3=83=88=E3=81=8C=E7=A9=BA=E3=81=A7?= =?UTF-8?q?=E3=82=82=E8=A8=AD=E5=AE=9A=E3=81=8C=E6=9C=89=E5=8A=B9=E3=81=A7?= =?UTF-8?q?=E3=81=82=E3=82=8C=E3=81=B0=E3=82=A2=E3=82=AB=E3=82=A6=E3=83=B3?= =?UTF-8?q?=E3=83=88=E4=BD=9C=E6=88=90=E3=82=92=E4=BF=9D=E7=95=99=20(#601)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Change: ホワイトリストが空でも設定が有効であればアカウント作成を保留 * Fix test --- app/services/activitypub/process_account_service.rb | 1 - config/locales/en.yml | 2 +- config/locales/ja.yml | 2 +- spec/services/activitypub/process_account_service_spec.rb | 6 +++--- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index 632de6091d..c9f17bdd45 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -141,7 +141,6 @@ class ActivityPub::ProcessAccountService < BaseService def blocking_new_account? return false unless Setting.hold_remote_new_accounts - return false if permit_new_account_domains.blank? permit_new_account_domains.exclude?(@domain) end diff --git a/config/locales/en.yml b/config/locales/en.yml index 8a5e5a4a3a..ccaf72a417 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -661,7 +661,7 @@ en: post_mentions_max: Mentions max for posts post_stranger_mentions_max: 投稿に設定可能なメンションの最大数 (If the mentions include at least one person who is not a follower of yours) remote_approval_list: List of remote accounts awaiting approval - remote_approval_hint: If you set one or more domains on the list of domains for which you want to automatically approve new users, newly recognized accounts on unspecified domains will be placed in suspend status. You can review that list and approve them if necessary. If none is specified, all remote accounts are approved immediately. + remote_approval_hint: Newly recognized accounts with unspecified domains will be placed in Suspended status. You can review that list and approve them if necessary. If this setting is not enabled, all remote accounts will be approved immediately. stranger_mention_from_local_ng: フォローしていないアカウントへのメンションのNGワードを、ローカルユーザーによる投稿にも適用する stranger_mention_from_local_ng_hint: サーバーの登録が承認制でない場合、あなたのサーバーにもスパムが入り込む可能性があります test_error: Testing is returned any errors diff --git a/config/locales/ja.yml b/config/locales/ja.yml index d49383038b..e11eb52ce7 100644 --- a/config/locales/ja.yml +++ b/config/locales/ja.yml @@ -654,7 +654,7 @@ ja: post_mentions_max: 投稿に設定可能なメンションの最大数 post_stranger_mentions_max: 投稿に設定可能なメンションの最大数 (メンション先にフォロワー以外を1人でも含む場合) remote_approval_list: 承認待ちのリモートアカウント一覧 - remote_approval_hint: 新規ユーザーを自動承認するドメインリストに1つ以上のドメインを設定すると、指定されていないドメインで新しく認識されたアカウントはサスペンド状態になります。その一覧を確認し、必要であれば承認を行うことができます。何も指定しなかった場合、全てのリモートアカウントが即座に承認されます。 + remote_approval_hint: 指定されていないドメインで新しく認識されたアカウントはサスペンド状態になります。その一覧を確認し、必要であれば承認を行うことができます。この設定が有効でない場合、全てのリモートアカウントが即座に承認されます。 stranger_mention_from_local_ng: フォローしていないアカウントへのメンションのNGワードを、ローカルユーザーによる投稿にも適用する stranger_mention_from_local_ng_hint: サーバーの登録が承認制でない場合、あなたのサーバーにもスパムが入り込む可能性があります test_error: NGワードのテストに失敗しました。正規表現のミスが含まれているかもしれません diff --git a/spec/services/activitypub/process_account_service_spec.rb b/spec/services/activitypub/process_account_service_spec.rb index c9460f9b18..37817f204a 100644 --- a/spec/services/activitypub/process_account_service_spec.rb +++ b/spec/services/activitypub/process_account_service_spec.rb @@ -29,11 +29,11 @@ RSpec.describe ActivityPub::ProcessAccountService, type: :service do Setting.permit_new_account_domains = permit_new_account_domains end - it 'created account in a simple case' do + it 'creates pending account in a simple case' do expect(subject).to_not be_nil expect(subject.uri).to eq 'https://foo.test' - expect(subject.suspended?).to be false - expect(subject.remote_pending).to be false + expect(subject.suspended?).to be true + expect(subject.remote_pending).to be true end context 'when is blocked' do From 8a9a29cba1d9b5635c09f164c77bf8ed30508858 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?KMY=EF=BC=88=E9=9B=AA=E3=81=82=E3=81=99=E3=81=8B=EF=BC=89?= Date: Tue, 20 Feb 2024 09:24:58 +0900 Subject: [PATCH 03/11] =?UTF-8?q?Fix:=20=E6=96=B0=E8=A6=8F=E7=99=BB?= =?UTF-8?q?=E9=8C=B2=E5=8F=AF=E8=83=BD=E6=99=82=E9=96=93=E5=B8=AF=E3=82=92?= =?UTF-8?q?=E7=A9=BA=E6=AC=84=E3=81=AB=E3=81=99=E3=82=8B=E3=81=A8=E3=80=81?= =?UTF-8?q?=E7=94=BB=E9=9D=A2=E3=81=8C=E8=A1=A8=E7=A4=BA=E3=81=A7=E3=81=8D?= =?UTF-8?q?=E3=81=AA=E3=81=8F=E3=81=AA=E3=82=8B=E5=95=8F=E9=A1=8C=20(#603)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix: 新規登録可能時間帯を空欄にすると、画面が表示できなくなる問題 * リファクタリング * Fix test --- app/helpers/registration_limitation_helper.rb | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/app/helpers/registration_limitation_helper.rb b/app/helpers/registration_limitation_helper.rb index 65e295720c..4ac04450aa 100644 --- a/app/helpers/registration_limitation_helper.rb +++ b/app/helpers/registration_limitation_helper.rb @@ -32,20 +32,22 @@ module RegistrationLimitationHelper end def registrations_in_time? - start_hour = Setting.registrations_start_hour || 0 - end_hour = Setting.registrations_end_hour || 24 - secondary_start_hour = Setting.registrations_secondary_start_hour || 0 - secondary_end_hour = Setting.registrations_secondary_end_hour || 0 + start_hour = Setting.registrations_start_hour + end_hour = Setting.registrations_end_hour + secondary_start_hour = Setting.registrations_secondary_start_hour + secondary_end_hour = Setting.registrations_secondary_end_hour + + start_hour = 0 unless start_hour.is_a?(Integer) + end_hour = 0 unless end_hour.is_a?(Integer) + secondary_start_hour = 0 unless secondary_start_hour.is_a?(Integer) + secondary_end_hour = 0 unless secondary_end_hour.is_a?(Integer) return true if start_hour >= end_hour && secondary_start_hour >= secondary_end_hour current_hour = Time.now.utc.hour - primary_permitted = false - primary_permitted = start_hour <= current_hour && current_hour < end_hour if start_hour < end_hour && end_hour.positive? - secondary_permitted = false - secondary_permitted = secondary_start_hour <= current_hour && current_hour < secondary_end_hour if secondary_start_hour < secondary_end_hour && secondary_end_hour.positive? - primary_permitted || secondary_permitted + (start_hour < end_hour && end_hour.positive? && current_hour.between?(start_hour, end_hour - 1)) || + (secondary_start_hour < secondary_end_hour && secondary_end_hour.positive? && current_hour.between?(secondary_start_hour, secondary_end_hour - 1)) end def reset_registration_limit_caches! From 9669a25d46ada2ef19ad80ae81251c92cdf6670c Mon Sep 17 00:00:00 2001 From: KMY Date: Wed, 21 Feb 2024 10:54:50 +0900 Subject: [PATCH 04/11] =?UTF-8?q?Fix:=20=E5=85=AC=E9=96=8B=E6=8A=95?= =?UTF-8?q?=E7=A8=BF=E7=A6=81=E6=AD=A2=E4=B8=AD=E3=80=81=E3=83=AD=E3=83=BC?= =?UTF-8?q?=E3=82=AB=E3=83=AB=E5=85=AC=E9=96=8B=E4=BB=A5=E5=A4=96=E3=82=92?= =?UTF-8?q?=E6=8A=95=E7=A8=BF=E3=81=A7=E3=81=8D=E3=81=AA=E3=81=84=E5=95=8F?= =?UTF-8?q?=E9=A1=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/services/post_status_service.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/services/post_status_service.rb b/app/services/post_status_service.rb index 3c4eb9c12f..d6ce7fa771 100644 --- a/app/services/post_status_service.rb +++ b/app/services/post_status_service.rb @@ -70,11 +70,11 @@ class PostStatusService < BaseService def preprocess_attributes! @sensitive = (@options[:sensitive].nil? ? @account.user&.setting_default_sensitive : @options[:sensitive]) || @options[:spoiler_text].present? @text = @options.delete(:spoiler_text) if @text.blank? && @options[:spoiler_text].present? - @visibility = @options[:visibility]&.to_sym || @account.user&.setting_default_privacy&.to_sym + @visibility = @options[:visibility]&.to_sym || @account.user&.setting_default_privacy&.to_sym || :public @visibility = :limited if %w(mutual circle reply).include?(@options[:visibility]) @visibility = :unlisted if (@visibility == :public || @visibility == :public_unlisted || @visibility == :login) && @account.silenced? @visibility = :public_unlisted if @visibility == :public && !@options[:force_visibility] && !@options[:application]&.superapp && @account.user&.setting_public_post_to_unlisted && Setting.enable_public_unlisted_visibility - @visibility = Setting.enable_public_unlisted_visibility ? :public_unlisted : :unlisted unless Setting.enable_public_visibility + @visibility = Setting.enable_public_unlisted_visibility ? :public_unlisted : :unlisted if !Setting.enable_public_visibility && @visibility == :public @limited_scope = @options[:visibility]&.to_sym if @visibility == :limited && @options[:visibility] != 'limited' @searchability = searchability @searchability = :private if @account.silenced? && %i(public public_unlisted).include?(@searchability&.to_sym) From 2025ac1a328b44e9069c61e659224d07f685f2a2 Mon Sep 17 00:00:00 2001 From: KMY Date: Wed, 21 Feb 2024 10:55:13 +0900 Subject: [PATCH 05/11] Bump version to 11.1 --- lib/mastodon/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index 6676ee99d7..da2896561e 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -9,7 +9,7 @@ module Mastodon end def kmyblue_minor - 0 + 1 end def kmyblue_flag From eebd6ba39a2a1d6c3e73ff5dc00d2c21bdd35a2c Mon Sep 17 00:00:00 2001 From: Claire Date: Wed, 21 Feb 2024 18:45:06 +0100 Subject: [PATCH 06/11] Automatically switch from open to approved registrations in absence of moderators (#29318) --- app/mailers/admin_mailer.rb | 6 ++ .../auto_close_registrations.text.erb | 3 + .../auto_close_registrations_scheduler.rb | 33 ++++++++++ config/locales/en.yml | 3 + config/sidekiq.yml | 4 ++ ...auto_close_registrations_scheduler_spec.rb | 60 +++++++++++++++++++ 6 files changed, 109 insertions(+) create mode 100644 app/views/admin_mailer/auto_close_registrations.text.erb create mode 100644 app/workers/scheduler/auto_close_registrations_scheduler.rb create mode 100644 spec/workers/scheduler/auto_close_registrations_scheduler_spec.rb diff --git a/app/mailers/admin_mailer.rb b/app/mailers/admin_mailer.rb index 9a2c8ac4a4..80e734df94 100644 --- a/app/mailers/admin_mailer.rb +++ b/app/mailers/admin_mailer.rb @@ -69,6 +69,12 @@ class AdminMailer < ApplicationMailer end end + def auto_close_registrations + locale_for_account(@me) do + mail subject: default_i18n_subject(instance: @instance) + end + end + private def process_params diff --git a/app/views/admin_mailer/auto_close_registrations.text.erb b/app/views/admin_mailer/auto_close_registrations.text.erb new file mode 100644 index 0000000000..c0f8486929 --- /dev/null +++ b/app/views/admin_mailer/auto_close_registrations.text.erb @@ -0,0 +1,3 @@ +<%= raw t('admin_mailer.auto_close_registrations.body', instance: @instance) %> + +<%= raw t('application_mailer.view')%> <%= admin_settings_registrations_url %> diff --git a/app/workers/scheduler/auto_close_registrations_scheduler.rb b/app/workers/scheduler/auto_close_registrations_scheduler.rb new file mode 100644 index 0000000000..17516dd23f --- /dev/null +++ b/app/workers/scheduler/auto_close_registrations_scheduler.rb @@ -0,0 +1,33 @@ +# frozen_string_literal: true + +class Scheduler::AutoCloseRegistrationsScheduler + include Sidekiq::Worker + include Redisable + + sidekiq_options retry: 0 + + # Automatically switch away from open registrations if no + # moderator had any activity in that period of time + OPEN_REGISTRATIONS_MODERATOR_THRESHOLD = 1.week + UserTrackingConcern::SIGN_IN_UPDATE_FREQUENCY + + def perform + return if Rails.configuration.x.email_domains_whitelist.present? || ENV['DISABLE_AUTOMATIC_SWITCHING_TO_APPROVED_REGISTRATIONS'] == 'true' + return unless Setting.registrations_mode == 'open' + + switch_to_approval_mode! unless active_moderators? + end + + private + + def active_moderators? + User.those_who_can(:manage_reports).exists?(current_sign_in_at: OPEN_REGISTRATIONS_MODERATOR_THRESHOLD.ago...) + end + + def switch_to_approval_mode! + Setting.registrations_mode = 'approved' + + User.those_who_can(:view_devops).includes(:account).find_each do |user| + AdminMailer.with(recipient: user.account).auto_close_registrations.deliver_later + end + end +end diff --git a/config/locales/en.yml b/config/locales/en.yml index ccaf72a417..c73cdeb827 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1112,6 +1112,9 @@ en: title: Webhooks webhook: Webhook admin_mailer: + auto_close_registrations: + body: Due to a lack of recent moderator activity, registrations on %{instance} have been automatically switched to requiring manual review, to prevent %{instance} from being used as a platform for potential bad actors. You can switch it back to open registrations at any time. + subject: Registrations for %{instance} have been automatically switched to requiring approval new_appeal: actions: delete_statuses: to delete their posts diff --git a/config/sidekiq.yml b/config/sidekiq.yml index f083e372c1..4b28670817 100644 --- a/config/sidekiq.yml +++ b/config/sidekiq.yml @@ -64,3 +64,7 @@ interval: 30 minutes class: Scheduler::SoftwareUpdateCheckScheduler queue: scheduler + auto_close_registrations_scheduler: + interval: 1 hour + class: Scheduler::AutoCloseRegistrationsScheduler + queue: scheduler diff --git a/spec/workers/scheduler/auto_close_registrations_scheduler_spec.rb b/spec/workers/scheduler/auto_close_registrations_scheduler_spec.rb new file mode 100644 index 0000000000..c0c50b128d --- /dev/null +++ b/spec/workers/scheduler/auto_close_registrations_scheduler_spec.rb @@ -0,0 +1,60 @@ +# frozen_string_literal: true + +require 'rails_helper' + +describe Scheduler::AutoCloseRegistrationsScheduler do + subject { described_class.new } + + describe '#perform' do + let(:moderator_activity_date) { Time.now.utc } + + before do + Fabricate(:user, role: UserRole.find_by(name: 'Owner'), current_sign_in_at: 10.years.ago) + Fabricate(:user, role: UserRole.find_by(name: 'Moderator'), current_sign_in_at: moderator_activity_date) + end + + context 'when registrations are open' do + before do + Setting.registrations_mode = 'open' + end + + context 'when a moderator has logged in recently' do + let(:moderator_activity_date) { Time.now.utc } + + it 'does not change registrations mode' do + expect { subject.perform }.to_not change(Setting, :registrations_mode) + end + end + + context 'when a moderator has not recently signed in' do + let(:moderator_activity_date) { 1.year.ago } + + it 'changes registrations mode from open to approved' do + expect { subject.perform }.to change(Setting, :registrations_mode).from('open').to('approved') + end + end + end + + context 'when registrations are closed' do + before do + Setting.registrations_mode = 'none' + end + + context 'when a moderator has logged in recently' do + let(:moderator_activity_date) { Time.now.utc } + + it 'does not change registrations mode' do + expect { subject.perform }.to_not change(Setting, :registrations_mode) + end + end + + context 'when a moderator has not recently signed in' do + let(:moderator_activity_date) { 1.year.ago } + + it 'does not change registrations mode' do + expect { subject.perform }.to_not change(Setting, :registrations_mode) + end + end + end + end +end From 69acc5ebbeabdeb780a81be26dd11ec4860c16af Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 22 Feb 2024 15:52:14 +0100 Subject: [PATCH 07/11] Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29355) --- app/workers/scheduler/auto_close_registrations_scheduler.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/workers/scheduler/auto_close_registrations_scheduler.rb b/app/workers/scheduler/auto_close_registrations_scheduler.rb index 17516dd23f..6874502915 100644 --- a/app/workers/scheduler/auto_close_registrations_scheduler.rb +++ b/app/workers/scheduler/auto_close_registrations_scheduler.rb @@ -26,7 +26,7 @@ class Scheduler::AutoCloseRegistrationsScheduler def switch_to_approval_mode! Setting.registrations_mode = 'approved' - User.those_who_can(:view_devops).includes(:account).find_each do |user| + User.those_who_can(:manage_settings).includes(:account).find_each do |user| AdminMailer.with(recipient: user.account).auto_close_registrations.deliver_later end end From 38c91aeff74b0b0d0444bb09f5898c5b72764f0b Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 22 Feb 2024 14:28:19 +0100 Subject: [PATCH 08/11] Change registrations to be disabled by default for new servers (#29280) --- app/javascript/packs/admin.jsx | 4 ++++ app/views/admin/settings/registrations/show.html.haml | 4 +++- config/locales/en.yml | 2 ++ config/settings.yml | 2 +- spec/spec_helper.rb | 6 ++++++ spec/support/streaming_server_manager.rb | 7 +++++++ 6 files changed, 23 insertions(+), 2 deletions(-) diff --git a/app/javascript/packs/admin.jsx b/app/javascript/packs/admin.jsx index ad263d8192..110437beb6 100644 --- a/app/javascript/packs/admin.jsx +++ b/app/javascript/packs/admin.jsx @@ -155,6 +155,10 @@ Rails.delegate(document, '#form_admin_settings_enable_bootstrap_timeline_account const onChangeRegistrationMode = (target) => { const enabled = target.value === 'approved'; + [].forEach.call(document.querySelectorAll('.form_admin_settings_registrations_mode .warning-hint'), (warning_hint) => { + warning_hint.style.display = target.value === 'open' ? 'inline' : 'none'; + }); + [].forEach.call(document.querySelectorAll('#form_admin_settings_require_invite_text'), (input) => { input.disabled = !enabled; if (enabled) { diff --git a/app/views/admin/settings/registrations/show.html.haml b/app/views/admin/settings/registrations/show.html.haml index dbf46c5cca..9b55f3cd8f 100644 --- a/app/views/admin/settings/registrations/show.html.haml +++ b/app/views/admin/settings/registrations/show.html.haml @@ -10,9 +10,11 @@ %p.lead= t('admin.settings.registrations.preamble') + .flash-message= t('admin.settings.registrations.moderation_recommandation') + .fields-row .fields-row__column.fields-row__column-6.fields-group - = f.input :registrations_mode, collection: %w(open approved none), wrapper: :with_label, include_blank: false, label_method: ->(mode) { I18n.t("admin.settings.registrations_mode.modes.#{mode}") } + = f.input :registrations_mode, collection: %w(open approved none), wrapper: :with_label, include_blank: false, label_method: ->(mode) { I18n.t("admin.settings.registrations_mode.modes.#{mode}") }, warning_hint: I18n.t('admin.settings.registrations_mode.warning_hint') .fields-row__column.fields-row__column-6.fields-group = f.input :require_invite_text, as: :boolean, wrapper: :with_label, disabled: !approved_registrations? diff --git a/config/locales/en.yml b/config/locales/en.yml index c73cdeb827..1e022e7e55 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -899,6 +899,7 @@ en: disabled: To no one users: To logged-in local users registrations: + moderation_recommandation: Please make sure you have an adequate and reactive moderation team before you open registrations to everyone! preamble: Control who can create an account on your server. title: Registrations registrations_mode: @@ -906,6 +907,7 @@ en: approved: Approval required for sign up none: Nobody can sign up open: Anyone can sign up + warning_hint: We recommend using “Approval required for sign up” unless you are confident your moderation team can handle spam and malicious registrations in a timely fashion. security: authorized_fetch: Require authentication from federated servers authorized_fetch_hint: Requiring authentication from federated servers enables stricter enforcement of both user-level and server-level blocks. However, this comes at the cost of a performance penalty, reduces the reach of your replies, and may introduce compatibility issues with some federated services. In addition, this will not prevent dedicated actors from fetching your public posts and accounts. diff --git a/config/settings.yml b/config/settings.yml index 21b7839a4d..b58b4bb966 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -9,7 +9,7 @@ defaults: &defaults site_terms: '' site_contact_username: '' site_contact_email: '' - registrations_mode: 'open' + registrations_mode: 'none' registrations_limit: 0 registrations_limit_per_day: 0 registrations_start_hour: 0 diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 47ded4c6b4..3e4ef03237 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,6 +25,12 @@ RSpec.configure do |config| config.before :suite do Rails.application.load_seed Chewy.strategy(:bypass) + + # NOTE: we switched registrations mode to closed by default, but the specs + # very heavily rely on having it enabled by default, as it relies on users + # being approved by default except in select cases where explicitly testing + # other registration modes + Setting.registrations_mode = 'open' end config.after :suite do diff --git a/spec/support/streaming_server_manager.rb b/spec/support/streaming_server_manager.rb index 39657586f2..3381918299 100644 --- a/spec/support/streaming_server_manager.rb +++ b/spec/support/streaming_server_manager.rb @@ -102,6 +102,13 @@ RSpec.configure do |config| self.use_transactional_tests = false DatabaseCleaner.cleaning do + # NOTE: we switched registrations mode to closed by default, but the specs + # very heavily rely on having it enabled by default, as it relies on users + # being approved by default except in select cases where explicitly testing + # other registration modes + # Also needs to be set per-example here because of the database cleaner. + Setting.registrations_mode = 'open' + example.run end From 3f469e1adcf0e05a1956203e886fb20e649080b2 Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 22 Feb 2024 18:31:50 +0100 Subject: [PATCH 09/11] Fix link verifications when page size exceeds 1MB (#29358) --- app/services/verify_link_service.rb | 2 +- spec/services/verify_link_service_spec.rb | 27 ++++++++++++----------- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/app/services/verify_link_service.rb b/app/services/verify_link_service.rb index 707aeb4e08..b317fc31a8 100644 --- a/app/services/verify_link_service.rb +++ b/app/services/verify_link_service.rb @@ -19,7 +19,7 @@ class VerifyLinkService < BaseService def perform_request! @body = Request.new(:get, @url).add_headers('Accept' => 'text/html').perform do |res| - res.code == 200 ? res.body_with_limit : nil + res.code == 200 ? res.truncated_body : nil end end diff --git a/spec/services/verify_link_service_spec.rb b/spec/services/verify_link_service_spec.rb index 415788cb58..d06344f9cc 100644 --- a/spec/services/verify_link_service_spec.rb +++ b/spec/services/verify_link_service_spec.rb @@ -76,6 +76,20 @@ RSpec.describe VerifyLinkService, type: :service do end context 'when a document is truncated but the link back is valid' do + let(:html) do + " + + + + " + end + + it 'marks the field as verified' do + expect(field.verified?).to be true + end + end + + context 'when a link tag might be truncated' do let(:html) do " @@ -89,19 +103,6 @@ RSpec.describe VerifyLinkService, type: :service do end end - context 'when a link back might be truncated' do - let(:html) do - " - - - Date: Thu, 22 Feb 2024 22:27:24 +0100 Subject: [PATCH 10/11] Fix processing of `Link` objects in `Image` objects (#29335) --- .../activitypub/process_account_service.rb | 11 +++++--- .../process_account_service_spec.rb | 25 ++++++++++++++++--- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index c9f17bdd45..ce7c23e567 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -246,10 +246,15 @@ class ActivityPub::ProcessAccountService < BaseService value = first_of_value(@json[key]) return if value.nil? - return value['url'] if value.is_a?(Hash) - image = fetch_resource_without_id_validation(value) - image['url'] if image + if value.is_a?(String) + value = fetch_resource_without_id_validation(value) + return if value.nil? + end + + value = first_of_value(value['url']) if value.is_a?(Hash) && value['type'] == 'Image' + value = value['href'] if value.is_a?(Hash) + value if value.is_a?(String) end def public_key diff --git a/spec/services/activitypub/process_account_service_spec.rb b/spec/services/activitypub/process_account_service_spec.rb index 37817f204a..79f424189d 100644 --- a/spec/services/activitypub/process_account_service_spec.rb +++ b/spec/services/activitypub/process_account_service_spec.rb @@ -325,7 +325,7 @@ RSpec.describe ActivityPub::ProcessAccountService, type: :service do end end - context 'with property values' do + context 'with property values, an avatar, and a profile header' do let(:payload) do { id: 'https://foo.test', @@ -336,14 +336,29 @@ RSpec.describe ActivityPub::ProcessAccountService, type: :service do { type: 'PropertyValue', name: 'Occupation', value: 'Unit test' }, { type: 'PropertyValue', name: 'non-string', value: %w(foo bar) }, ], + image: { + type: 'Image', + mediaType: 'image/png', + url: 'https://foo.test/image.png', + }, + icon: { + type: 'Image', + url: [ + { + mediaType: 'image/png', + href: 'https://foo.test/icon.png', + }, + ], + }, }.with_indifferent_access end before do - stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(body: '{}') + stub_request(:get, 'https://foo.test/image.png').to_return(request_fixture('avatar.txt')) + stub_request(:get, 'https://foo.test/icon.png').to_return(request_fixture('avatar.txt')) end - it 'parses out of attachment' do + it 'parses property values, avatar and profile header as expected' do account = subject.call('alice', 'example.com', payload) expect(account.fields) @@ -361,6 +376,10 @@ RSpec.describe ActivityPub::ProcessAccountService, type: :service do name: eq('Occupation'), value: eq('Unit test') ) + expect(account).to have_attributes( + avatar_remote_url: 'https://foo.test/icon.png', + header_remote_url: 'https://foo.test/image.png' + ) end end From 51b8c5b04520b0cce5f7a1b996c547476bb7579b Mon Sep 17 00:00:00 2001 From: KMY Date: Sat, 24 Feb 2024 08:32:27 +0900 Subject: [PATCH 11/11] Bump version to 11.2 --- lib/mastodon/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index da2896561e..e8bbd9015c 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -9,7 +9,7 @@ module Mastodon end def kmyblue_minor - 1 + 2 end def kmyblue_flag