Commit Graph

18585 Commits

Author SHA1 Message Date
t3nma
1675916fda [ActivityPub][QUEUES] Handle Create (AS1 POST) verb properly
Fixes a bug introduced in e504d13120
2020-08-03 18:21:47 +01:00
Alexei Sorokin
a38c608420 [SCHEMA] Better DBMS information fetching
On PostgreSQL:
  - Parse defaults for strings and booleans properly.
  - Parse the "serial" definition type properly.
  - Get information on the "enum" definition type.
  - Re-work getting information about keys/indices.

On MariaDB:
  - Get information about lengths in indices.
  - Get foreign key information separately from the rest as they can have
    colliding names.
2020-08-01 19:05:48 +03:00
Alexei Sorokin
20be1d179a [OpenID][DATABASE] Store UNIX timestamps as BIGINT 2020-07-31 18:40:53 +03:00
Alexei Sorokin
1870f38099 [SCHEMA] Fix a few mistakes 2020-07-31 18:24:12 +03:00
Alexei Sorokin
96eced9845 [BLOCK] Increase type strictness 2020-07-31 16:35:27 +03:00
Alexei Sorokin
92e8c40c55 [DATABASE] Add explicit indices for all foreign keys
This adds a requirement for all definitions that have foreign keys to also
require indices for all source (local) attributes mentioned in foreign keys.

MariaDB/MySQL creates indices for source attributes automatically, so this
serves as a way to get rid of those automatic indices and create clean explicit
ones instead.

In PostgreSQL, most of the time, indices on the source are necessary to
decrease performance penalty of foreign keys (like in MariaDB), but they aren't
created automatically, so this serves to remove that difference between
PostgreSQL and MariaDB.
2020-07-31 16:36:40 +03:00
Alexei Sorokin
0bfa747382 [DATABASE] Fix index identifiers and clean up redundant ones 2020-07-31 16:12:48 +03:00
t3nma
be3c4263b3 [DirectMessage] Update ApiDirectMessageNew action
- Messages are now saved as Notices
2020-07-29 17:50:29 +01:00
t3nma
f00852a619 [DirectMessage] Update ApiDirectMessage action
- getMessages() is now fetching from the Notice table as supposed
- every show{format}* method is properly updated to use Notice objects
- json and xml responses retrieve multi-recipients without compromising
  backwards compatibility
2020-07-28 05:49:37 +01:00
t3nma
83df8848c8 [DirectMessage] Update inboxMessages() to stop fetching replies
This is yet to be supported in the plugin.
2020-07-28 05:48:43 +01:00
t3nma
99183ce4e2 [DirectMessage] PSR12-format 2020-07-28 04:46:10 +01:00
Alexei Sorokin
434ce56e33 [DOCUMENTATION] Adopt PSR-12 and clarify on arrays 2020-07-27 19:19:42 +03:00
Alexei Sorokin
ec86de2bc4 [DATABASE] Update "modified" in Managed_DataObject instead of a DBMS trigger
Instead of relying on the MariaDB's ON UPDATE CURRENT_TIMESTAMP trigger update
"modified" attributes in Managed_DataObject. Every raw query that needs
adjusting is adjusted, as they won't update "modified" automatically anymore.

The main goal behind this change is to fix "modified" updates on PostgreSQL.
2020-07-27 19:10:33 +03:00
Alexei Sorokin
341f3d0ea5 [DATABASE] Fix more incorrect uses of quotation in SQL 2020-07-26 15:28:05 +03:00
Alexei Sorokin
579120df70 [Notice] Fix clearReplies() and clearRepeats() 2020-07-26 15:12:00 +03:00
Alexei Sorokin
63eb323e8b [SHOWSTREAM] Add "noindex" robots meta-tag for silenced profiles 2020-07-26 13:59:37 +03:00
Alexei Sorokin
2861ae2823 [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2020-07-25 20:16:21 +03:00
Diogo Cordeiro
0b947ce2c7 [AuthCrypt] Update README and fix formatting 2020-07-25 17:42:46 +01:00
Diogo Cordeiro
2222d6d173 [MODULES] Make settings great again
Plugin main class doesn't use this construct despite extending this class.
2020-07-25 17:47:53 +01:00
Alexei Sorokin
33e9b57b78 [Profile][User_group] Fix profile deletion violating foreign keys 2020-07-24 13:09:02 +03:00
Alexei Sorokin
62f4dfdc7a [Favorite] Properly trigger DisfavorNotice on profile deletion 2020-07-24 12:45:30 +03:00
Alexei Sorokin
7e01fd9c38 [DATABASE][MariaDB] Fix index changes with foreign keys enabled 2020-07-23 19:09:41 +03:00
Alexei Sorokin
eefaf7a2b4 [DATABASE][Schema_version] Change the hashing algorithm to SHA3-512 2020-07-23 18:16:56 +03:00
Alexei Sorokin
31dcf99e61 [DATABASE] Make unprefixed schema.php a bit more DBMS-neutral 2020-07-23 18:12:01 +03:00
Diogo Cordeiro
0def5f1dca [ActivityPub][Explorer] More robust exception handler for invalid remote answers 2020-07-23 15:54:40 +01:00
Alexei Sorokin
ac94374f48 [RemoteFollow] Fix location display 2020-07-22 19:49:24 +03:00
Diogo Cordeiro
9f72b6e2c0 [MEDIA] Fix headers when using x-static-delivery 2020-07-22 16:07:52 +01:00
Alexei Sorokin
f9e38c1a8d [LRDD] Fix unhandled bad data in HostMeta, LinkHTML and WebFinger 2020-07-22 01:30:04 +03:00
Diogo Cordeiro
6db56cc949 [ActivityPub][AProfile] Complete strict typing 2020-07-21 23:22:07 +01:00
Alexei Sorokin
7081720ecb [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2020-07-21 18:06:39 +03:00
Diogo Cordeiro
f7ded4d87b [UserFlag] Fix type of onUserRightsCheck 2020-07-21 13:37:36 +01:00
Diogo Cordeiro
67780ca4a9 [UserFlag] Increase strict typing of main file
Run php-cs-fixer
Correct case of class name onDeleteRelated event handlers
2020-07-21 12:43:52 +01:00
Diogo Cordeiro
871f3c4bfe [ActivityPub] Increase type strictness on Explorer 2020-07-21 12:26:23 +01:00
Diogo Cordeiro
395fe8cb10 [ActivityPub] Fix wrong type handling on AProfile:update_profile 2020-07-21 12:02:07 +01:00
Diogo Cordeiro
af936f6f8e [Bookmark] Fix misuse of XMLOutputter
Argument 3 passed to htmloutputter::input() must be of the type string or null, array given, called in /srv/gnusocial/plugins/Bookmark/forms/bookmark.php on line 166
2020-07-17 20:56:51 +01:00
Diogo Cordeiro
5512e95e0a [ExtendedProfile] Fix misuse of XMLOutputter
Argument 1 passed to xmloutputter::text() must be of the type string, null given, called in /srv/gnusocial/plugins/ExtendedProfile/lib/extendedprofilewidget.php on line 556
2020-07-17 20:50:16 +01:00
Hugo Sales
5e14f18c83 [NOTICE][UI] Fix bug: Option to message "Everyone at site" when using private instance 2020-07-16 22:29:59 +00:00
Alexei Sorokin
5adb971d9a [DOCUMENTATION] Adapt the nginx config for avatars located in /file 2020-07-09 18:39:36 +03:00
Alexei Sorokin
f51e5ba19d [CORE] Avoid materialisation in the TaggedProfileNoticeStream query
This is analogous to c862589dcf
2020-07-07 22:41:03 +03:00
Alexei Sorokin
488bddb02a [NOTICE] Update index for verbs in ProfileNoticeStream
After adding a verb condition there, MariaDB now prefers the
("created", "id", "is_local") and ("profile_id", "verb", "created", "id")
indices for that query, even though they are slow for the job.
So replace them with ("is_local", "created", "id") and
("profile_id", "verb", "created", "id") respectively.
Also fix the naming of the ("profile_id", "created", "id") index.
2020-07-07 20:43:08 +03:00
Diogo Cordeiro
3a2ec3ef9c [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2020-07-07 17:57:48 +01:00
Alexei Sorokin
08283f6c54 [RedisCache] Catch string return type from Predis\Client::setex 2020-07-06 20:10:12 +03:00
Alexei Sorokin
f7d3f58318 [CORE] Do not set "confirm_address"."user_id" to 0 by default
That breaks the foreign key constraint, it is better to just have it nullable.
2020-07-06 20:01:16 +03:00
Alexei Sorokin
89e84e9b1b [NOTICES] Revert "We want the profile stream to be as raw as possible!"
There are only three possible visible notice verbs: POST, SHARE and DELETE.
What including all verbs does is it makes limiting (FETCH FIRST) unreliable as
the query will fetch invisible stuff (like favourites) and count it in, but
nothing will be displayed.
NoticeStream only allows POST and SHARE, so this effectively removes tombstones
from the profile page like in 78a111b57d
2020-07-06 19:20:44 +03:00
Alexei Sorokin
9226cce151 [NOTICES] Fix InboxNoticeStream caching
Introduce a new property in CachingNoticeStream for always checking if there
are any new elements in the stream.
It would be extremely hard to blow InboxNoticeStream, so instead the database
hit will still occur, but it is be much faster than starting fresh.

This fixes a regression introduced in 36a55d8436
2020-07-06 18:12:50 +03:00
Diogo Cordeiro
6526bdc824 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2020-07-05 18:26:49 +01:00
Diogo Cordeiro
1967f46a69 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2020-07-05 17:38:28 +01:00
Diogo Cordeiro
e504d13120 [ActivityPub][QUEUES] Add Like, Undo and Delete 2020-07-05 16:58:05 +01:00
Diogo Cordeiro
2f284f4274 [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2020-07-05 16:46:37 +01:00
Diogo Cordeiro
4d171b27a4 [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2020-07-05 15:38:12 +01:00