mirror of
https://git.joinsharkey.org/Sharkey/Sharkey.git
synced 2024-11-22 10:33:08 +02:00
Compare commits
48 commits
f8769efefc
...
14eb42c5ef
| Author | SHA1 | Date | |
|---|---|---|---|
|
14eb42c5ef | ||
|
|
e0afeff248 | ||
|
|
cfc8081cec | ||
|
|
011ccd3a9a | ||
|
|
28065fc1d1 | ||
|
|
960f4fcff7 | ||
|
|
92eec2178f | ||
|
|
56dca6dbf5 | ||
|
|
2a634e0309 | ||
|
|
e6970a0e7c | ||
|
|
571272a564 | ||
|
|
30bb0f60a2 | ||
|
|
328546c4cd | ||
|
|
f4e89f2e6b | ||
|
|
606531a4b3 | ||
|
|
2cad97c1ab | ||
|
|
6ecfe7c7c3 | ||
|
|
23f476dbf3 | ||
|
|
7a1251423f | ||
|
|
7f5492a395 | ||
|
|
11d9fd9199 | ||
|
|
6132bc3b3e | ||
|
|
fef7a7b99a | ||
|
|
1948ca9aa8 | ||
|
|
848e1f9a56 | ||
|
|
9c4353ee79 | ||
|
|
a6e257f502 | ||
|
|
310e1a1262 | ||
|
|
15f3c046d1 | ||
|
|
01d695428a | ||
|
|
acf3e3460f | ||
|
|
4c8116859c | ||
|
|
0e13397db7 | ||
|
|
ad8818508f | ||
|
|
d444ee662f | ||
|
|
4c354fff2d | ||
|
|
b81448edf6 | ||
|
|
134d2895f0 | ||
|
|
7ba8fde9b9 | ||
|
|
1022280465 | ||
|
|
021d3924e6 | ||
|
|
b6d50d781f | ||
|
|
1d411bb885 | ||
|
|
f7afd1ae4a | ||
|
|
1ef1f2a03c | ||
|
|
829ce4f86a | ||
|
|
6d5d863150 | ||
|
|
fc7d4bc420 |
8 changed files with 46 additions and 10 deletions
|
|
@ -11,7 +11,7 @@ testCommit:
|
||||||
variables:
|
variables:
|
||||||
POSTGRES_PASSWORD: ci
|
POSTGRES_PASSWORD: ci
|
||||||
script:
|
script:
|
||||||
- apt-get update && apt-get install -y git wget curl build-essential python3
|
- apt-get update && apt-get install -y git wget curl build-essential python3
|
||||||
- cp .config/ci.yml .config/default.yml
|
- cp .config/ci.yml .config/default.yml
|
||||||
- corepack enable
|
- corepack enable
|
||||||
- corepack prepare pnpm@latest --activate
|
- corepack prepare pnpm@latest --activate
|
||||||
|
|
@ -55,6 +55,8 @@ getImageTag:
|
||||||
only:
|
only:
|
||||||
- stable
|
- stable
|
||||||
- develop
|
- develop
|
||||||
|
- tags
|
||||||
|
|
||||||
buildDocker:
|
buildDocker:
|
||||||
stage: deploy
|
stage: deploy
|
||||||
needs:
|
needs:
|
||||||
|
|
@ -78,6 +80,8 @@ buildDocker:
|
||||||
only:
|
only:
|
||||||
- stable
|
- stable
|
||||||
- develop
|
- develop
|
||||||
|
- tags
|
||||||
|
|
||||||
mergeManifests:
|
mergeManifests:
|
||||||
stage: deploy
|
stage: deploy
|
||||||
needs:
|
needs:
|
||||||
|
|
@ -103,3 +107,4 @@ mergeManifests:
|
||||||
only:
|
only:
|
||||||
- stable
|
- stable
|
||||||
- develop
|
- develop
|
||||||
|
- tags
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "sharkey",
|
"name": "sharkey",
|
||||||
"version": "2024.3.1",
|
"version": "2024.3.2-devel",
|
||||||
"codename": "shonk",
|
"codename": "shonk",
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
|
|
|
||||||
|
|
@ -172,7 +172,7 @@
|
||||||
"stringz": "2.1.0",
|
"stringz": "2.1.0",
|
||||||
"systeminformation": "5.22.0",
|
"systeminformation": "5.22.0",
|
||||||
"tinycolor2": "1.6.0",
|
"tinycolor2": "1.6.0",
|
||||||
"tmp": "0.2.2",
|
"tmp": "0.2.3",
|
||||||
"tsc-alias": "1.8.8",
|
"tsc-alias": "1.8.8",
|
||||||
"tsconfig-paths": "4.2.0",
|
"tsconfig-paths": "4.2.0",
|
||||||
"typeorm": "0.3.20",
|
"typeorm": "0.3.20",
|
||||||
|
|
|
||||||
|
|
@ -421,7 +421,7 @@ export class ImportNotesProcessorService {
|
||||||
if (file.name) {
|
if (file.name) {
|
||||||
this.driveService.updateFile(exists, { comment: file.name }, user);
|
this.driveService.updateFile(exists, { comment: file.name }, user);
|
||||||
}
|
}
|
||||||
|
|
||||||
files.push(exists);
|
files.push(exists);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -31,6 +31,7 @@ import type { MiNote } from '@/models/Note.js';
|
||||||
import { QueryService } from '@/core/QueryService.js';
|
import { QueryService } from '@/core/QueryService.js';
|
||||||
import { UtilityService } from '@/core/UtilityService.js';
|
import { UtilityService } from '@/core/UtilityService.js';
|
||||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
|
import { UserBlockingService } from '@/core/UserBlockingService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { IActivity } from '@/core/activitypub/type.js';
|
import { IActivity } from '@/core/activitypub/type.js';
|
||||||
import { isPureRenote } from '@/misc/is-pure-renote.js';
|
import { isPureRenote } from '@/misc/is-pure-renote.js';
|
||||||
|
|
@ -78,6 +79,7 @@ export class ActivityPubServerService {
|
||||||
private metaService: MetaService,
|
private metaService: MetaService,
|
||||||
private utilityService: UtilityService,
|
private utilityService: UtilityService,
|
||||||
private userEntityService: UserEntityService,
|
private userEntityService: UserEntityService,
|
||||||
|
private userBlockingService: UserBlockingService,
|
||||||
private instanceActorService: InstanceActorService,
|
private instanceActorService: InstanceActorService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
private apDbResolverService: ApDbResolverService,
|
private apDbResolverService: ApDbResolverService,
|
||||||
|
|
@ -206,6 +208,17 @@ export class ActivityPubServerService {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (userId) {
|
||||||
|
/* this check is not really effective, because most requests we
|
||||||
|
get are signed by the remote instance user, not the user
|
||||||
|
who's requesting the information 😭 */
|
||||||
|
const blocked = await this.userBlockingService.checkBlocked(userId, authUser.user.id);
|
||||||
|
if (blocked) {
|
||||||
|
reply.code(401);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
||||||
|
|
||||||
if (!httpSignatureValidated) {
|
if (!httpSignatureValidated) {
|
||||||
|
|
@ -706,6 +719,8 @@ export class ActivityPubServerService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (await this.shouldRefuseGetRequest(request, reply, note.userId)) return;
|
||||||
|
|
||||||
// リモートだったらリダイレクト
|
// リモートだったらリダイレクト
|
||||||
if (note.userHost != null) {
|
if (note.userHost != null) {
|
||||||
if (note.uri == null || this.utilityService.isSelfHost(note.userHost)) {
|
if (note.uri == null || this.utilityService.isSelfHost(note.userHost)) {
|
||||||
|
|
@ -739,6 +754,8 @@ export class ActivityPubServerService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (await this.shouldRefuseGetRequest(request, reply, note.userId)) return;
|
||||||
|
|
||||||
if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
|
if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
|
||||||
this.setResponseType(request, reply);
|
this.setResponseType(request, reply);
|
||||||
return (this.apRendererService.addContext(await this.packActivity(note)));
|
return (this.apRendererService.addContext(await this.packActivity(note)));
|
||||||
|
|
@ -861,6 +878,8 @@ export class ActivityPubServerService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (await this.shouldRefuseGetRequest(request, reply, note.userId)) return;
|
||||||
|
|
||||||
if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
|
if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
|
||||||
this.setResponseType(request, reply);
|
this.setResponseType(request, reply);
|
||||||
return (this.apRendererService.addContext(await this.apRendererService.renderLike(reaction, note)));
|
return (this.apRendererService.addContext(await this.apRendererService.renderLike(reaction, note)));
|
||||||
|
|
@ -868,7 +887,7 @@ export class ActivityPubServerService {
|
||||||
|
|
||||||
// follow
|
// follow
|
||||||
fastify.get<{ Params: { follower: string; followee: string; } }>('/follows/:follower/:followee', async (request, reply) => {
|
fastify.get<{ Params: { follower: string; followee: string; } }>('/follows/:follower/:followee', async (request, reply) => {
|
||||||
if (await this.shouldRefuseGetRequest(request, reply)) return;
|
if (await this.shouldRefuseGetRequest(request, reply, request.params.follwer)) return;
|
||||||
|
|
||||||
// This may be used before the follow is completed, so we do not
|
// This may be used before the follow is completed, so we do not
|
||||||
// check if the following exists.
|
// check if the following exists.
|
||||||
|
|
@ -910,6 +929,8 @@ export class ActivityPubServerService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (await this.shouldRefuseGetRequest(request, reply, followRequest.followerId)) return;
|
||||||
|
|
||||||
const [follower, followee] = await Promise.all([
|
const [follower, followee] = await Promise.all([
|
||||||
this.usersRepository.findOneBy({
|
this.usersRepository.findOneBy({
|
||||||
id: followRequest.followerId,
|
id: followRequest.followerId,
|
||||||
|
|
|
||||||
|
|
@ -192,6 +192,7 @@ export class FileServerService {
|
||||||
reply.header('Content-Range', `bytes ${start}-${end}/${file.file.size}`);
|
reply.header('Content-Range', `bytes ${start}-${end}/${file.file.size}`);
|
||||||
reply.header('Accept-Ranges', 'bytes');
|
reply.header('Accept-Ranges', 'bytes');
|
||||||
reply.header('Content-Length', chunksize);
|
reply.header('Content-Length', chunksize);
|
||||||
|
reply.code(206);
|
||||||
} else {
|
} else {
|
||||||
image = {
|
image = {
|
||||||
data: fs.createReadStream(file.path),
|
data: fs.createReadStream(file.path),
|
||||||
|
|
@ -261,7 +262,6 @@ export class FileServerService {
|
||||||
const parts = range.replace(/bytes=/, '').split('-');
|
const parts = range.replace(/bytes=/, '').split('-');
|
||||||
const start = parseInt(parts[0], 10);
|
const start = parseInt(parts[0], 10);
|
||||||
let end = parts[1] ? parseInt(parts[1], 10) : file.file.size - 1;
|
let end = parts[1] ? parseInt(parts[1], 10) : file.file.size - 1;
|
||||||
console.log(end);
|
|
||||||
if (end > file.file.size) {
|
if (end > file.file.size) {
|
||||||
end = file.file.size - 1;
|
end = file.file.size - 1;
|
||||||
}
|
}
|
||||||
|
|
@ -431,6 +431,7 @@ export class FileServerService {
|
||||||
reply.header('Content-Range', `bytes ${start}-${end}/${file.file.size}`);
|
reply.header('Content-Range', `bytes ${start}-${end}/${file.file.size}`);
|
||||||
reply.header('Accept-Ranges', 'bytes');
|
reply.header('Accept-Ranges', 'bytes');
|
||||||
reply.header('Content-Length', chunksize);
|
reply.header('Content-Length', chunksize);
|
||||||
|
reply.code(206);
|
||||||
} else {
|
} else {
|
||||||
image = {
|
image = {
|
||||||
data: fs.createReadStream(file.path),
|
data: fs.createReadStream(file.path),
|
||||||
|
|
@ -527,6 +528,9 @@ export class FileServerService {
|
||||||
if (!file.storedInternal) {
|
if (!file.storedInternal) {
|
||||||
if (!(file.isLink && file.uri)) return '204';
|
if (!(file.isLink && file.uri)) return '204';
|
||||||
const result = await this.downloadAndDetectTypeFromUrl(file.uri);
|
const result = await this.downloadAndDetectTypeFromUrl(file.uri);
|
||||||
|
if (!file.size) {
|
||||||
|
file.size = (await fs.promises.stat(result.path)).size;
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
...result,
|
...result,
|
||||||
url: file.uri,
|
url: file.uri,
|
||||||
|
|
|
||||||
|
|
@ -5,8 +5,8 @@ block vars
|
||||||
- const title = user.name ? `${user.name} (@${user.username})` : `@${user.username}`;
|
- const title = user.name ? `${user.name} (@${user.username})` : `@${user.username}`;
|
||||||
- const url = `${config.url}/notes/${note.id}`;
|
- const url = `${config.url}/notes/${note.id}`;
|
||||||
- const isRenote = note.renote && note.text == null && note.fileIds.length == 0 && note.poll == null;
|
- const isRenote = note.renote && note.text == null && note.fileIds.length == 0 && note.poll == null;
|
||||||
- const images = (note.files || []).filter(file => file.type.startsWith('image/') && !file.isSensitive)
|
- const images = note.cw ? [] : (note.files || []).filter(file => file.type.startsWith('image/') && !file.isSensitive)
|
||||||
- const videos = (note.files || []).filter(file => file.type.startsWith('video/') && !file.isSensitive)
|
- const videos = note.cw ? [] : (note.files || []).filter(file => file.type.startsWith('video/') && !file.isSensitive)
|
||||||
|
|
||||||
block title
|
block title
|
||||||
= `${title} | ${instanceName}`
|
= `${title} | ${instanceName}`
|
||||||
|
|
|
||||||
|
|
@ -392,8 +392,8 @@ importers:
|
||||||
specifier: 1.6.0
|
specifier: 1.6.0
|
||||||
version: 1.6.0
|
version: 1.6.0
|
||||||
tmp:
|
tmp:
|
||||||
specifier: 0.2.2
|
specifier: 0.2.3
|
||||||
version: 0.2.2
|
version: 0.2.3
|
||||||
tsc-alias:
|
tsc-alias:
|
||||||
specifier: 1.8.8
|
specifier: 1.8.8
|
||||||
version: 1.8.8
|
version: 1.8.8
|
||||||
|
|
@ -18813,6 +18813,12 @@ packages:
|
||||||
engines: {node: '>=14'}
|
engines: {node: '>=14'}
|
||||||
dependencies:
|
dependencies:
|
||||||
rimraf: 5.0.5
|
rimraf: 5.0.5
|
||||||
|
dev: true
|
||||||
|
|
||||||
|
/tmp@0.2.3:
|
||||||
|
resolution: {integrity: sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==}
|
||||||
|
engines: {node: '>=14.14'}
|
||||||
|
dev: false
|
||||||
|
|
||||||
/tmpl@1.0.5:
|
/tmpl@1.0.5:
|
||||||
resolution: {integrity: sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==}
|
resolution: {integrity: sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue