Compare commits

..

1 commit

Author SHA1 Message Date
Vivian Lim ⭐ 027516fea8
Merge 2cd5abfdcf into d3d6e3f920 2024-10-04 13:39:09 -04:00
14 changed files with 70 additions and 387 deletions

View file

@ -177,10 +177,6 @@ It's also easy for admins to [add their own custom themes](https://docs.gotosoci
<img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-midnight-trip.png"/> <img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-midnight-trip.png"/>
<figcaption>Midnight trip</figcaption> <figcaption>Midnight trip</figcaption>
</figure> </figure>
<figure>
<img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-moonlight-hunt.png"/>
<figcaption>Moonlight hunt</figcaption>
</figure>
<hr/> <hr/>
<figure> <figure>
<img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-rainforest.png"/> <img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-rainforest.png"/>

View file

@ -8947,7 +8947,7 @@ paths:
Providing this parameter will cause ScheduledStatus to be returned instead of Status. Providing this parameter will cause ScheduledStatus to be returned instead of Status.
Must be at least 5 minutes in the future. Must be at least 5 minutes in the future.
This feature isn't implemented yet; attemping to set it will return 501 Not Implemented. This feature isn't implemented yet.
in: formData in: formData
name: scheduled_at name: scheduled_at
type: string type: string
@ -9008,8 +9008,6 @@ paths:
description: not acceptable description: not acceptable
"500": "500":
description: internal server error description: internal server error
"501":
description: scheduled_at was set, but this feature is not yet implemented
security: security:
- OAuth2 Bearer: - OAuth2 Bearer:
- write:statuses - write:statuses

Binary file not shown.

Before

Width:  |  Height:  |  Size: 682 KiB

View file

@ -80,18 +80,10 @@ host: "localhost"
# Default: "" # Default: ""
account-domain: "" account-domain: ""
# String. Protocol over which the server is reachable from the outside world. # String. Protocol to use for the server. Only change to http for local testing!
# # This should be the protocol part of the URI that your server is actually reachable on. So even if you're
# ONLY CHANGE THIS TO HTTP FOR LOCAL TESTING! IN 99.99% OF CASES YOU SHOULD NOT CHANGE THIS! # running GoToSocial behind a reverse proxy that handles SSL certificates for you, instead of using built-in
# # letsencrypt, it should still be https.
# This should be the protocol part of the URI that your server is actually reachable on.
# So even if you're running GoToSocial behind a reverse proxy that handles SSL certificates
# for you, instead of using built-in letsencrypt, it should still be https, not http.
#
# Again, ONLY CHANGE THIS TO HTTP FOR LOCAL TESTING! If you set this to `http`, start your instance,
# and then later change it to `https`, you will have already broken URI generation for any created
# users on the instance. You should only touch this setting if you 100% know what you're doing.
#
# Options: ["http","https"] # Options: ["http","https"]
# Default: "https" # Default: "https"
protocol: "https" protocol: "https"

View file

@ -88,18 +88,10 @@ host: "localhost"
# Default: "" # Default: ""
account-domain: "" account-domain: ""
# String. Protocol over which the server is reachable from the outside world. # String. Protocol to use for the server. Only change to http for local testing!
# # This should be the protocol part of the URI that your server is actually reachable on. So even if you're
# ONLY CHANGE THIS TO HTTP FOR LOCAL TESTING! IN 99.99% OF CASES YOU SHOULD NOT CHANGE THIS! # running GoToSocial behind a reverse proxy that handles SSL certificates for you, instead of using built-in
# # letsencrypt, it should still be https.
# This should be the protocol part of the URI that your server is actually reachable on.
# So even if you're running GoToSocial behind a reverse proxy that handles SSL certificates
# for you, instead of using built-in letsencrypt, it should still be https, not http.
#
# Again, ONLY CHANGE THIS TO HTTP FOR LOCAL TESTING! If you set this to `http`, start your instance,
# and then later change it to `https`, you will have already broken URI generation for any created
# users on the instance. You should only touch this setting if you 100% know what you're doing.
#
# Options: ["http","https"] # Options: ["http","https"]
# Default: "https" # Default: "https"
protocol: "https" protocol: "https"

View file

@ -181,7 +181,7 @@
// Providing this parameter will cause ScheduledStatus to be returned instead of Status. // Providing this parameter will cause ScheduledStatus to be returned instead of Status.
// Must be at least 5 minutes in the future. // Must be at least 5 minutes in the future.
// //
// This feature isn't implemented yet; attemping to set it will return 501 Not Implemented. // This feature isn't implemented yet.
// type: string // type: string
// in: formData // in: formData
// - // -
@ -254,8 +254,6 @@
// description: not acceptable // description: not acceptable
// '500': // '500':
// description: internal server error // description: internal server error
// '501':
// description: scheduled_at was set, but this feature is not yet implemented
func (m *Module) StatusCreatePOSTHandler(c *gin.Context) { func (m *Module) StatusCreatePOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true) authed, err := oauth.Authed(c, true, true, true, true)
if err != nil { if err != nil {
@ -288,8 +286,8 @@ func (m *Module) StatusCreatePOSTHandler(c *gin.Context) {
// } // }
// form.Status += "\n\nsent from " + user + "'s iphone\n" // form.Status += "\n\nsent from " + user + "'s iphone\n"
if errWithCode := validateStatusCreateForm(form); errWithCode != nil { if err := validateNormalizeCreateStatus(form); err != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
return return
} }
@ -376,61 +374,46 @@ func parseStatusCreateForm(c *gin.Context) (*apimodel.StatusCreateRequest, error
return form, nil return form, nil
} }
// validateStatusCreateForm checks the form for disallowed // validateNormalizeCreateStatus checks the form
// combinations of attachments, overlength inputs, etc. // for disallowed combinations of attachments and
// overlength inputs.
// //
// Side effect: normalizes the post's language tag. // Side effect: normalizes the post's language tag.
func validateStatusCreateForm(form *apimodel.StatusCreateRequest) gtserror.WithCode { func validateNormalizeCreateStatus(form *apimodel.StatusCreateRequest) error {
var ( hasStatus := form.Status != ""
chars = len([]rune(form.Status)) + len([]rune(form.SpoilerText)) hasMedia := len(form.MediaIDs) != 0
maxChars = config.GetStatusesMaxChars() hasPoll := form.Poll != nil
mediaFiles = len(form.MediaIDs)
maxMediaFiles = config.GetStatusesMediaMaxFiles()
hasMedia = mediaFiles != 0
hasPoll = form.Poll != nil
)
if chars == 0 && !hasMedia && !hasPoll { if !hasStatus && !hasMedia && !hasPoll {
// Status must contain *some* kind of content. return errors.New("no status, media, or poll provided")
const text = "no status content, content warning, media, or poll provided"
return gtserror.NewErrorBadRequest(errors.New(text), text)
} }
if chars > maxChars { if hasMedia && hasPoll {
text := fmt.Sprintf( return errors.New("can't post media + poll in same status")
"status too long, %d characters provided (including content warning) but limit is %d",
chars, maxChars,
)
return gtserror.NewErrorBadRequest(errors.New(text), text)
} }
if mediaFiles > maxMediaFiles { maxChars := config.GetStatusesMaxChars()
text := fmt.Sprintf( if length := len([]rune(form.Status)) + len([]rune(form.SpoilerText)); length > maxChars {
"too many media files attached to status, %d attached but limit is %d", return fmt.Errorf("status too long, %d characters provided (including spoiler/content warning) but limit is %d", length, maxChars)
mediaFiles, maxMediaFiles, }
)
return gtserror.NewErrorBadRequest(errors.New(text), text) maxMediaFiles := config.GetStatusesMediaMaxFiles()
if len(form.MediaIDs) > maxMediaFiles {
return fmt.Errorf("too many media files attached to status, %d attached but limit is %d", len(form.MediaIDs), maxMediaFiles)
} }
if form.Poll != nil { if form.Poll != nil {
if errWithCode := validateStatusPoll(form); errWithCode != nil { if err := validateNormalizeCreatePoll(form); err != nil {
return errWithCode return err
} }
} }
if form.ScheduledAt != "" {
const text = "scheduled_at is not yet implemented"
return gtserror.NewErrorNotImplemented(errors.New(text), text)
}
// Validate + normalize
// language tag if provided.
if form.Language != "" { if form.Language != "" {
lang, err := validate.Language(form.Language) language, err := validate.Language(form.Language)
if err != nil { if err != nil {
return gtserror.NewErrorBadRequest(err, err.Error()) return err
} }
form.Language = lang form.Language = language
} }
// Check if the deprecated "federated" field was // Check if the deprecated "federated" field was
@ -442,36 +425,9 @@ func validateStatusCreateForm(form *apimodel.StatusCreateRequest) gtserror.WithC
return nil return nil
} }
func validateStatusPoll(form *apimodel.StatusCreateRequest) gtserror.WithCode { func validateNormalizeCreatePoll(form *apimodel.StatusCreateRequest) error {
var ( maxPollOptions := config.GetStatusesPollMaxOptions()
maxPollOptions = config.GetStatusesPollMaxOptions() maxPollChars := config.GetStatusesPollOptionMaxChars()
pollOptions = len(form.Poll.Options)
maxPollOptionChars = config.GetStatusesPollOptionMaxChars()
)
if pollOptions == 0 {
const text = "poll with no options"
return gtserror.NewErrorBadRequest(errors.New(text), text)
}
if pollOptions > maxPollOptions {
text := fmt.Sprintf(
"too many poll options provided, %d provided but limit is %d",
pollOptions, maxPollOptions,
)
return gtserror.NewErrorBadRequest(errors.New(text), text)
}
for _, option := range form.Poll.Options {
optionChars := len([]rune(option))
if optionChars > maxPollOptionChars {
text := fmt.Sprintf(
"poll option too long, %d characters provided but limit is %d",
optionChars, maxPollOptionChars,
)
return gtserror.NewErrorBadRequest(errors.New(text), text)
}
}
// Normalize poll expiry if necessary. // Normalize poll expiry if necessary.
// If we parsed this as JSON, expires_in // If we parsed this as JSON, expires_in
@ -484,15 +440,27 @@ func validateStatusPoll(form *apimodel.StatusCreateRequest) gtserror.WithCode {
case string: case string:
expiresIn, err := strconv.Atoi(e) expiresIn, err := strconv.Atoi(e)
if err != nil { if err != nil {
text := fmt.Sprintf("could not parse expires_in value %s as integer: %v", e, err) return fmt.Errorf("could not parse expires_in value %s as integer: %w", e, err)
return gtserror.NewErrorBadRequest(errors.New(text), text)
} }
form.Poll.ExpiresIn = expiresIn form.Poll.ExpiresIn = expiresIn
default: default:
text := fmt.Sprintf("could not parse expires_in type %T as integer", ei) return fmt.Errorf("could not parse expires_in type %T as integer", ei)
return gtserror.NewErrorBadRequest(errors.New(text), text) }
}
if len(form.Poll.Options) == 0 {
return errors.New("poll with no options")
}
if len(form.Poll.Options) > maxPollOptions {
return fmt.Errorf("too many poll options provided, %d provided but limit is %d", len(form.Poll.Options), maxPollOptions)
}
for _, p := range form.Poll.Options {
if length := len([]rune(p)); length > maxPollChars {
return fmt.Errorf("poll option too long, %d characters provided but limit is %d", length, maxPollChars)
} }
} }

View file

@ -365,25 +365,6 @@ func (suite *StatusCreateTestSuite) TestPostNewStatusMessedUpIntPolicy() {
}`, out) }`, out)
} }
func (suite *StatusCreateTestSuite) TestPostNewScheduledStatus() {
out, recorder := suite.postStatus(map[string][]string{
"status": {"this is a brand new status! #helloworld"},
"spoiler_text": {"hello hello"},
"sensitive": {"true"},
"visibility": {string(apimodel.VisibilityMutualsOnly)},
"scheduled_at": {"2080-10-04T15:32:02.018Z"},
}, "")
// We should have 501 from
// our call to the function.
suite.Equal(http.StatusNotImplemented, recorder.Code)
// We should have a helpful error message.
suite.Equal(`{
"error": "Not Implemented: scheduled_at is not yet implemented"
}`, out)
}
func (suite *StatusCreateTestSuite) TestPostNewStatusMarkdown() { func (suite *StatusCreateTestSuite) TestPostNewStatusMarkdown() {
out, recorder := suite.postStatus(map[string][]string{ out, recorder := suite.postStatus(map[string][]string{
"status": {statusMarkdown}, "status": {statusMarkdown},

View file

@ -302,9 +302,9 @@ func (i *interactionDB) GetInteractionsRequestsForAcct(
bun.Ident("interaction_request"), bun.Ident("interaction_request"),
). ).
// Select only interaction requests that // Select only interaction requests that
// are neither accepted or rejected yet. // are neither accepted or rejected yet,
Where("? IS NULL", bun.Ident("accepted_at")). // ie., without an Accept or Reject URI.
Where("? IS NULL", bun.Ident("rejected_at")) Where("? IS NULL", bun.Ident("uri"))
// Select interactions targeting status. // Select interactions targeting status.
if statusID != "" { if statusID != "" {

View file

@ -1,57 +0,0 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package migrations
import (
"context"
"github.com/uptrace/bun"
)
func init() {
up := func(ctx context.Context, db *bun.DB) error {
return db.RunInTx(ctx, nil, func(ctx context.Context, tx bun.Tx) error {
for idx, col := range map[string]string{
"interaction_requests_accepted_at_idx": "accepted_at",
"interaction_requests_rejected_at_idx": "rejected_at",
} {
if _, err := tx.
NewCreateIndex().
Table("interaction_requests").
Index(idx).
Column(col).
IfNotExists().
Exec(ctx); err != nil {
return err
}
}
return nil
})
}
down := func(ctx context.Context, db *bun.DB) error {
return db.RunInTx(ctx, nil, func(ctx context.Context, tx bun.Tx) error {
return nil
})
}
if err := Migrations.Register(up, down); err != nil {
panic(err)
}
}

View file

@ -170,6 +170,12 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
// //
// Post the activity to the Actor's inbox and trigger side effects. // Post the activity to the Actor's inbox and trigger side effects.
if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil { if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil {
// Check if a function in the federatingDB
// has returned an explicit errWithCode for us.
if errWithCode, ok := err.(gtserror.WithCode); ok {
return false, errWithCode
}
// Check if it's a bad request because the // Check if it's a bad request because the
// object or target props weren't populated, // object or target props weren't populated,
// or we failed parsing activity details. // or we failed parsing activity details.
@ -187,12 +193,6 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
return false, gtserror.NewErrorBadRequest(errors.New(text), text) return false, gtserror.NewErrorBadRequest(errors.New(text), text)
} }
// Check if a function in the federatingDB
// has returned an explicit errWithCode for us.
if errWithCode, ok := err.(gtserror.WithCode); ok {
return false, errWithCode
}
// Default: there's been some real error. // Default: there's been some real error.
err := gtserror.Newf("error calling sideEffectActor.PostInbox: %w", err) err := gtserror.Newf("error calling sideEffectActor.PostInbox: %w", err)
return false, gtserror.NewErrorInternalError(err) return false, gtserror.NewErrorInternalError(err)

View file

@ -306,7 +306,7 @@ func (f *Filter) StatusBoostable(
status.InteractionPolicy.CanAnnounce, status.InteractionPolicy.CanAnnounce,
) )
// If status has no policy set but it's local, // If status is local and has no policy set,
// check against the default policy for this // check against the default policy for this
// visibility, as we're interaction-policy aware. // visibility, as we're interaction-policy aware.
case *status.Local: case *status.Local:
@ -318,20 +318,12 @@ func (f *Filter) StatusBoostable(
policy.CanAnnounce, policy.CanAnnounce,
) )
// Status is from an instance that does not use // Otherwise, assume the status is from an
// or does not care about interaction policies. // instance that does not use / does not care
// We can boost it if it's unlisted or public. // about interaction policies, and just return OK.
case status.Visibility == gtsmodel.VisibilityPublic ||
status.Visibility == gtsmodel.VisibilityUnlocked:
return &gtsmodel.PolicyCheckResult{
Permission: gtsmodel.PolicyPermissionPermitted,
}, nil
// Not permitted by any of the
// above checks, so it's forbidden.
default: default:
return &gtsmodel.PolicyCheckResult{ return &gtsmodel.PolicyCheckResult{
Permission: gtsmodel.PolicyPermissionForbidden, Permission: gtsmodel.PolicyPermissionPermitted,
}, nil }, nil
} }
} }

View file

@ -191,19 +191,6 @@ func NewErrorGone(original error, helpText ...string) WithCode {
} }
} }
// NewErrorNotImplemented returns an ErrorWithCode 501 with the given original error and optional help text.
func NewErrorNotImplemented(original error, helpText ...string) WithCode {
safe := http.StatusText(http.StatusNotImplemented)
if helpText != nil {
safe = safe + ": " + strings.Join(helpText, ": ")
}
return withCode{
original: original,
safe: errors.New(safe),
code: http.StatusNotImplemented,
}
}
// NewErrorClientClosedRequest returns an ErrorWithCode 499 with the given original error. // NewErrorClientClosedRequest returns an ErrorWithCode 499 with the given original error.
// This error type should only be used when an http caller has already hung up their request. // This error type should only be used when an http caller has already hung up their request.
// See: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx // See: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx

View file

@ -2711,7 +2711,7 @@ func (c *Converter) InteractionReqToAPIInteractionReq(
} }
var reply *apimodel.Status var reply *apimodel.Status
if req.InteractionType == gtsmodel.InteractionReply && req.Reply != nil { if req.InteractionType == gtsmodel.InteractionReply {
reply, err = c.statusToAPIStatus( reply, err = c.statusToAPIStatus(
ctx, ctx,
req.Reply, req.Reply,

View file

@ -1,166 +0,0 @@
/*
theme-title: Moonlight Hunt
theme-description: Ominous dark blue / black with a tinge of blood red. You may think it all a mere bad dream.
*/
:root {
/* Define our palette */
--bleached-bone: #f3e3d4;
--void-blue: #0e131f;
--outer-space: #06080e;
--ghastly-blue: #88bebe;
--blood-red: #6c1619;
--bright-red: #f61a1ae6;
--feral-orange: #f78d17;
/* Restyle basic colors */
--white1: var(--void-blue);
--white2: var(--void-blue);
--orange2: var(--bright-red);
--blue1: var(--ghastly-blue);
--blue2: var(--ghastly-blue);
--blue3: var(--ghastly-blue);
/* Basic page styling (background + foreground) */
--bg: var(--void-blue);
--bg-accent: var(--void-blue);
--fg: var(--bleached-bone);
--fg-reduced: var(--bleached-bone);
--profile-bg: var(--void-blue);
/* Buttons */
--bloodshot: linear-gradient(
var(--blood-red) 0%,
var(--feral-orange) 2%,
var(--bright-red) 5%,
var(--blood-red) 40%,
var(--blood-red) 60%,
var(--bright-red) 95%,
var(--feral-orange) 98%,
var(--blood-red) 100%
);
--button-bg: var(--bloodshot);
--button-fg: var(--bleached-bone);
/* Statuses */
--status-bg: var(--void-blue);
--status-focus-bg: var(--void-blue);
/* Used around statuses + other items */
--ghastly-border: 0.1rem solid var(--ghastly-blue);
--boxshadow-border: var(--ghastly-border);
}
/* Main page background */
body {
background: linear-gradient(
90deg,
var(--blood-red),
black 20%,
black 80%,
var(--blood-red)
);
}
/* Scroll bar */
html, body {
scrollbar-color: var(--bright-red) var(--outer-space);
text-shadow: 1px 1px var(--blood-red);
}
/* Instance title color */
.page-header a h1 {
color: var(--bleached-bone);
}
.profile .profile-header {
border: var(--ghastly-border);
}
.col-header {
border: var(--ghastly-border);
background: var(--outer-space);
}
.profile .about-user .col-header {
background: var(--void-blue);
border-bottom: none;
margin-bottom: 0;
}
/* Fiddle around with borders on about sections */
.profile .about-user .fields,
.profile .about-user .bio,
.profile .about-user .accountstats {
border-left: var(--ghastly-border);
border-right: var(--ghastly-border);
}
.profile .about-user .accountstats {
border-bottom: var(--ghastly-border);
background: var(--outer-space);
}
/* Role and bot badge backgrounds */
.profile .profile-header .basic-info .namerole .role,
.profile .profile-header .basic-info .namerole .bot-username-wrapper .bot-legend-wrapper {
background: var(--outer-space);
}
/* Status media */
.status .media .media-wrapper {
border: var(--ghastly-border);
}
.status .media .media-wrapper details .unknown-attachment .placeholder {
color: var(--bleached-bone);
}
.status .media .media-wrapper details video.plyr-video {
background: var(--outer-space);
}
/* Status polls */
.status .text .poll {
background-color: var(--outer-space);
border: var(--ghastly-border);
}
.status .text .poll .poll-info {
background-color: var(--void-blue);
}
/* Code snippets */
pre, pre[class*="language-"],
code, code[class*="language-"] {
background-color: var(--outer-space);
color: var(--bleached-bone);
}
/* Block quotes */
blockquote {
background-color: var(--outer-space);
color: var(--bleached-bone);
}
/* Status info bars */
.status .status-info,
.status.expanded .status-info {
color: var(--ghastly-blue);
border-top: 0.1rem dotted var(--ghastly-blue);
background: var(--outer-space);
}
/* Make show more/less buttons more legible */
.status .button {
border: 1px solid var(--feral-orange);
}
.status .button:hover {
border: 1px solid var(--bleached-bone);
background: var(--bloodshot);
}
/* Back + next links */
.profile .statuses .backnextlinks a {
color: var(--bleached-bone);
}
.page-footer nav ul li a {
color: var(--bleached-bone);
}