Commit Graph

1030 Commits

Author SHA1 Message Date
d4b7e990ce
[CORE][Event] Make all events return \EventResult, enforced at container build time 2022-04-03 21:40:32 +01:00
aef1fac536
[SECURITY] Refactor security hardening code and disable unused stream wrappers
Ensure unwanted enviorment variables are removed from the actual
global environment rather than just the `$_ENV` superglobal variable

Disable stream wrappers, as this is an unexpected feature for most
developers and can be exploited. For instance, `phar://` can be used
to override any class and thus provide code execution (through
`__wakeup` or `__costruct`, for instance). Not a complete solution, as
`php://` can also be abused, but we can't disable it as it gets used
_somewhere_ in our dependencies
2022-04-03 18:02:54 +01:00
ca9945a4be
[ENTITY][Actor][COMPONENT][Tag] Add Actor->getNoteTags(?string $note_type) which gets a cached list of NoteTags for notes of type $note_type for the actor 2022-04-01 00:11:01 +01:00
94ab4ce8c4
[PLUGIN][Pinboard] Invalidate token and it's cache when actor information is changed via ActorForms 2022-03-31 03:47:14 +01:00
ded9c86054
[CORE][DB] Add DB::refetch, which refetches an entity from the database, so it's managed and definitely up to date (use when wanting to update entities from cache) 2022-03-31 03:29:31 +01:00
20e07c9140
[CORE][DB] Make DB::dql return an object rather than an array if limit 1 is specified 2022-03-31 03:29:31 +01:00
83599ef866
[CORE][Modules][Plugin] version should be static 2022-03-28 23:54:18 +01:00
87e35716c1
[UTIL] Add Formatting::explode(array , string ) 2022-03-28 20:59:16 +01:00
dac94f53cd
[CORE][Entity] Rename createOrUpdate to 'checkExistingAndCreateOrUpdate', remove update feature from 'create' and add 'createOrUpdate' and fix users 2022-03-28 20:59:15 +01:00
483983790a
[CORE][Router] Rename \App\Core\Router\Router to \App\Core\Router and merge \App\Core\Router\RouteLoader with \App\Core\Router 2022-03-28 20:59:15 +01:00
60af9f5e9b
[CORE][Queue] Rename App\Core\Queue\Queue to App\Core\Queue 2022-03-28 20:59:15 +01:00
abe35428da
[CORE][DB] Rename App\Core\DB\DB to App\Core\DB 2022-03-28 20:59:14 +01:00
be33c20614
[PLUGIN][ActivityPub] Improve flexibility of Type layer, accomodate more elaborate understanding of Group Announces after FEP-2100 development 2022-03-28 20:58:48 +01:00
16f51e5143
[COMPONENT][Notification] ->getSubscribers() should not be pre-included
Notification bug fix on Subscription component
Correct docblock
2022-03-28 20:53:19 +01:00
259d2da05a
[CORE][Controller] Add default handler for when using http methods 2022-03-23 13:23:43 +00:00
dd62825169
[PLUGIN][ActivityPub][Model][Note] fromJson: Respect source attribute and @language from context 2022-03-15 17:49:09 +00:00
27706d63f4
[PLUGIN][OAuth] Fix login for OAuth 2022-03-14 21:41:22 +00:00
20f690c532
[TESTS] Fix a couple of issues from last changes 2022-03-14 18:37:39 +00:00
888c3798b7
[COMPONENT][Notification] Make logic more generic and robust
Fixed various bugs

Some important concepts to bear in mind:

* Notification: Associated with activities, won't be reconstructed
together with objects, can be thought of as transient

* Attention: Associated with objects, will be reconstructed with them, can
be thought as persistent

* Notifications and Attentions have no direct implications.

* Mentions are a specific form of attentions in notes, leads to the creation of Attentions.

Finally,

Potential PHP issue detected and reported: https://github.com/php/php-src/issues/8199
`static::method()` from a non static context (such as a class method) calls `__call`, rather than
the expected `__callStatic`. Can be fixed by using `(static fn() => static::method())()`, but the
usage of the magic method is strictly unnecessary in this case.
2022-03-14 11:37:09 +00:00
e1cceac150
[CORE][Form][TESTS] Fix FormTest::handle 2022-03-13 18:53:53 +00:00
1d8bba3949
[TESTS][MODULES] Move Test Fixtures to tests/fixtures folder and add support for loading fixtures from components and plugins 2022-03-13 18:00:21 +00:00
18864ca9fa
[CONTROLLER][Security] Override the _next form field in Security->register to redirect to login page 2022-03-13 16:01:51 +00:00
d8108dbc32
[COMPONENT][Posting] Fix request handling issues that resulted from splitting creation and controller 2022-03-13 15:52:48 +00:00
cf05d3dbb0
[ENTITY][TESTS] Fix Note->isVisibleTo with and associated test 2022-03-13 15:03:03 +00:00
5c708af272
[CORE][Form] Remove unweildy return of form errors from Form::handle 2022-03-13 14:19:56 +00:00
9a9eed1457
[CORE][Router][Form] Add Router::sanitizeLocalURL and use it in Form::forceRedirect 2022-03-09 20:51:42 +00:00
f540711948
[CORE][GNUsocial] Remove Session parameter, as it's no longer a service. Use session from Request 2022-03-09 20:51:42 +00:00
301421ea15
[SECURITY][EVENT] Remove deprecated uses of Symfony Guard. Add LoginSucess and LoginFailure events 2022-03-09 20:51:16 +00:00
893d299e29
[UTIL][Common] Respect detect language setting
Minor bug fix
2022-03-09 14:24:50 +00:00
cac68a6372
[TESTS] Fix Entity/NoteTest 2022-03-09 01:42:11 +00:00
28453c585f
[COMPONENT][Attachment][TESTS] Fix Entity/AttachmentThumbnailTest 2022-03-09 01:42:11 +00:00
47f03d4c9f
[COMPONENT][Attachment][TESTS] Fix Entity/AttachmentTest 2022-03-09 01:42:06 +00:00
cc4f967186
[TESTS] Fix Circle SelfTags Setting test 2022-03-09 01:40:35 +00:00
e67ed58286
[TESTS] Temporarily Disable Controller/AdminTest: It seems we are repeating values arbitrarily - specially in plugins, and the generated file is just nonsense overall really, wrong sections and stuff 2022-03-09 01:40:34 +00:00
416665d830
[COMPONENT][Attachment][TESTS] Fix Controller/AttachmentTest 2022-03-09 01:40:09 +00:00
46de2d47e9
[TOOLS] Add explicit return types to fix deprecation warnings raised by PHPUnit 2022-03-09 01:37:10 +00:00
a37ce86d05
[TESTS] Fix DataFixtures 2022-03-07 15:26:27 +00:00
9a0c74cb0c
[CORE][SECURITY] Replicate 'next' form submission feature on login form 2022-03-07 15:26:27 +00:00
6ddc176faf
[CORE][Form] Add facilities for automattically adding a _next field to all forms, which can be customized by the in Form::create and defaults to the current URL. Usage of RedirectedException should mostly be replaced with Form::forceRedirect 2022-03-07 15:26:26 +00:00
d629976322
[UTIL][Notification] Remove deprecated code 2022-03-07 15:26:24 +00:00
6fa5ec3218
[CORE][Queue] Fix some minor issues 2022-03-05 14:22:44 +00:00
7814697f82
[UTIL][EXCEPTION] Forward given status code in RedirectException 2022-03-04 15:15:04 +00:00
7a8d67f1e2
[CORE][Controller] Fix bug where a JSON request could not recieve a redirect response 2022-03-04 15:14:05 +00:00
94449c9153
[CORE][Form] Add facilities for automattically adding a _next field to all forms, which can be customized by the in Form::create and defaults to the current URL. Usage of RedirectedException should mostly be replaced with Form::forceRedirect 2022-03-04 15:12:35 +00:00
7c9b01c516
[UTIL][Common] Add Common::getRequest 2022-03-04 15:09:39 +00:00
5600218924
[TWIG][I18N] Remove unnecessary wrappers for translation functions, use them directly 2022-03-01 17:25:51 +00:00
070f53c10e
[TWIG][I18N] Add transList function, which uses _m_list 2022-03-01 13:46:01 +00:00
f73e9c12ba
[CORE][I18n] Add I18n::_m_list, which formats an array of elements into a list. Limited to 5 elements, as that should be enough (tm) and ICU doesn't support this natively 2022-03-01 13:45:40 +00:00
fc203e2e38
[TWIG][TEMPLATES] Rename transchoice to trans and make it more generic 2022-03-01 13:45:11 +00:00
4cc4d06b11
[CORE][Cache] Fix bug where empty lists must be stored as a string in Redis (not supported natively), so we can't directly push to it, but the key still exists 2022-03-01 11:07:21 +00:00