Commit graph

66 commits

Author SHA1 Message Date
Matt Baer
b336e95e12 Render HTML entities in Drafts list
Previously, we'd show the raw HTML entities in the summaries of Draft
posts, instead of rendering them. This fixes that.
2020-01-20 15:20:45 -05:00
Matt Baer
9958a1122b Show published date on post pages if Blog
Dates now display on blog post pages if the collection's chosen display
format is "Blog". It updates the chorus-collection-post template to now
respect this value (previously, it always showed the date).

Ref T669
2020-01-09 16:50:02 -05:00
Matt Baer
8dc1ef0fdb
Merge pull request #215 from writeas/prevent-fail-on-suspend-check
Prevent failed requests on failed user silence check
2019-12-17 21:12:58 -05:00
Matt Baer
6afafa4d67 Fix whitespace 2019-12-17 21:10:39 -05:00
Matt Baer
cfea887b78 Suppress "user not found" log when post not found
This also saves a user suspension check when a post isn't found.
2019-12-17 20:58:32 -05:00
Rob Loranger
4c0e4d04c1
404 for protected posts when previously authorized
a user who had previously authenticated on a protected collection would
still see the post after the owner was silenced, with a banner meant for
the owner displayed.
2019-12-17 10:42:31 -08:00
Matt Baer
44a6703742 Prevent failed requests on failed user silence check 2019-11-26 13:14:52 -05:00
Matt Baer
c81927a69f Fix empty hostname when fetching AS post via ID
Previously, fetching ActivityStreams data about a post via
/api/posts/ID, instead of /api/collections/ALIAS/posts/SLUG wouldn't
include the instance's base URL. This fixes that.
2019-11-26 12:59:15 -05:00
Matt Baer
8d8e671a07 Fix suspension check in fetchPost()
Previously, this check would return a "user not found" error when
retrieving a collection post by its post ID, e.g. /api/posts/abc123
instead of /api/collections/demo/posts/my-slug -- this happens
particularly when `Announce`ing a post in the fediverse. This change
fixes that.
2019-11-19 09:59:13 +09:00
Matt Baer
2899d98cfd Fix collection post 500 when not logged in
This reverts some code from 5429ca4a, which broke collection post
loading on blog posts when not logged in.
2019-11-12 19:43:41 +09:00
Matt Baer
53586d9cb8 Merge branch 'develop' into T661-disable-accounts 2019-11-12 01:46:37 +09:00
Rob Loranger
f66d5bf1e8
use .Host instead of adding .Hostname 2019-11-09 11:41:39 -08:00
Rob Loranger
c0b75f6b65
pass hostname to canonical url in post templates
the change to take a hostname in Post.CanonicalURL broke a few template
using that function. This adds a Hostname string to the Post being
passed to templates and passes it to calls to Post.CanonicalURL
2019-11-08 08:47:03 -08:00
Matt Baer
e1149cd1e9 Fix URLs in CSV exports
This includes the instance's hostname in calls to export a CSV file and
PublicPost.CanonicalURL().

It also fixes a panic in that method during CSV export caused by draft
posts.
2019-11-07 17:25:42 +09:00
Rob Loranger
5429ca4ab0
add check for suspended user on single posts
also fix logic bug in posts.go viewCollectionPost checking the page
owner
2019-10-25 13:40:32 -07:00
Rob Loranger
f85f0751a3
address PR comments
- update error messages to be correct
- move suspended message into template and include for other pages
- check suspended status on all relevant pages and show message if
logged in user is suspended.
- fix possible nil pointer error
- remove changes to db schema files
- add version comment to migration
- add UserStatus type with UserActive and UserSuspended
- change database table to use status column instead of suspended
- update toggle suspended handler to be toggle status in prep for
possible future inclusion of further user statuses
2019-10-25 12:04:24 -07:00
Matt Baer
9873fc443f Merge branch 'develop' into T661-disable-accounts 2019-10-24 13:22:26 -04:00
Rob Loranger
f87371b594
update IsJSON to check for Accept header
this changes the helper IsJSON to take a request instead of a string,
allowing to check multiple headers. In this case both Content-Type and
Accept.
2019-09-18 12:39:53 -07:00
Matt Baer
40ffb3a5f9 Merge branch 'develop' into chorus 2019-09-10 21:41:28 +02:00
Rob Loranger
77f7b4a522
Add account suspension features
This renders all requests for that user's posts, collections and related
ActivityPub endpoints with 404 responses.

While suspended, users may not create or edit posts or collections.

User status is listed in the admin user page

Admin view of user details shows status and now has a button to activate
or suspend a user.
2019-08-29 09:09:11 -07:00
Rob Loranger
f241d69425
reduce GetPinnedPosts calls to single line 2019-08-12 14:12:35 -07:00
Rob Loranger
b373aad298
prevent future posts from showing in pins
this changes GetPinnedPosts to accept an includeFutre bool, which
returns future dated pinned posts when true.
2019-08-12 09:58:30 -07:00
Matt Baer
deec914ccb Merge branch 'develop' into chorus 2019-08-08 07:55:49 -04:00
Matt Baer
adfcc82241
Merge pull request #148 from writeas/default-visibility
Support setting default blog visibility on instance

Resolves T675
2019-08-07 17:44:37 -04:00
Matt Baer
afadf6fdf6 Set default visibility in datastore.CreateCollection
instead of updating it later. This is more correct behavior, prevents an
additional query, and ensures that potential collection-creation when
claiming posts also respects the default (which it didn't before).

Ref T675
2019-08-07 16:20:32 -04:00
Matt Baer
3cc397ad76 Merge branch 'develop' into chorus 2019-08-07 10:58:34 -04:00
Matt Baer
ef4a5b20d1
Merge pull request #144 from writeas/fix-api-missing-hostname
Fix missing hostname when publishing via API
2019-08-07 10:40:45 -04:00
Matt Baer
582f041748 Return plainer message on coll .txt post 404
Ref T493
2019-08-07 10:26:36 -04:00
Matt Baer
35906118d0 Return only 404 on ActivityPub coll post request
Ref T493
2019-08-07 10:18:40 -04:00
Matt Baer
ff7828c558 Link hashtags to Reader when Chorus mode enabled
instead of linking to posts only on a user's blog.

Ref T681
2019-08-07 09:40:07 -04:00
Matt Baer
1a80cd3c02 Add site-wide navigation on colls when chorus = true
This adds a new config value: `chorus` that signifies an instance is
more about the Reader view than individual blogs / writers. When
enabled, user navigation will show on all pages, including About,
Reader, and Privacy (ref T680).

It also uses different collection templates that keep the instance-wide
navigation at the top of the page, instead of the author's name --
again, branded more for the collective than the individual.

Ref T681
2019-08-07 09:00:16 -04:00
Matt Baer
f6f116d672 Fix missing hostname when publishing via API
This fixes a bug that occurred only when publishing via API and
authenticating via token (rather than cookie).

Previously, the instance's hostname wouldn't be added to the Collection
that got passed around after retrieving the owned post, meaning an
incomplete URL was returned in the API response, and federation failed due
to the missing host.
2019-07-22 14:02:53 -04:00
Matt Baer
f541f72224 Style collection 404 page like rest of blog
This displays the "page is missing" text within the same page as any
other blog post, keeping customizations, pinned pages, and general blog
navigation.

Ref T493
2019-07-21 15:15:52 -04:00
Matt Baer
ba3cb4b4ff
Merge pull request #138 from writeas/fix-unpublished-state
Don't consider post unpublished when title exists
2019-07-21 11:35:16 -04:00
Matt Baer
909976dd90 Don't consider post unpublished when title exists
Previously, you could create a post with a title but no body, e.g. by
publishing via email. This would still show the post on a blog, but
would give a 410 Gone page when trying to access the page.

This issue originally reported on the forum:
https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
2019-07-14 12:59:33 -04:00
Matt Baer
31b521c11c Prevent transliterated slugs exceeding limit
Transliteration during slug generation can cause slugs to exceed their
80-character limit. This fixes that by making a second truncation pass
on the slug during generation.

Originally reported on the forum:
https://discuss.write.as/t/title-convert-to-url-function-bug-under-chinese/723
2019-07-11 09:18:39 -04:00
Matt Baer
bd180f56a8 Add comments about isRaw logic 2019-07-01 19:10:29 -04:00
Matt Baer
77bf403443 Merge branch 'develop' into private-instance 2019-06-20 21:10:36 -04:00
Matt Baer
86a128483b Fix more missing hostNames
This fixes places, especially around federation, where the Collection's
`hostName` wasn't set.
2019-06-20 21:08:30 -04:00
Matt Baer
63b536ec87 Don't federate anything when instance is private
Ref T576
2019-06-16 20:34:32 -04:00
Matt Baer
b3a36a3be7 Allow completely private instances, part 1
This is the start of all changes needed to support entirely private
instances, where all blogs are only visible to other authenticated users
on an instance (ref T576). It begins by changing how Handler methods check an
endpoint's permissions.

- Renames UserLevelLEVEL consts to UserLevelLEVELType
- Adds UserLevelLEVEL funcs with same names as previous consts. Each
  returns a UserLevel
- Adds a new UserLevelReader that restricts access based on app
  configuration. This is now used on collections and posts.
- Changes routing a bit so static files are always accessible
2019-06-16 18:55:50 -04:00
Matt Baer
f38a135bfa Remove global hostName var
This moves `hostName` to the `Collection` struct, where it's needed. The
field is populated after successful `GetCollection...()` calls.

This isn't the cleanest way to do things, but it accomplishes the goal.
Eventually, we should accept the AppCfg to `GetCollection...()` calls,
or make them `App` methods, instead of `datastore` methods.

Ref T613
2019-06-14 18:54:04 -04:00
Matt Baer
d5c2fe47da
Merge branch 'develop' into librarization 2019-06-13 20:44:55 -04:00
Matt Baer
ed4aacd1ac Move static file ServeMux to App struct 2019-06-13 18:45:03 -04:00
Rob Loranger
d58c142467
change delete post authentication logic
this reorders the logic for checking authentication on post deletes to
first check for a provided edit token and after check for an access
token or auth'd user.
2019-06-05 09:39:22 -07:00
Matt Baer
b9b41b1ef7 Enable un-setting RTL setting via web
Previously, once RTL was enabled on a post, you couldn't unset it via
the web application. This fixes that. (Fixes #103)
2019-05-18 23:16:42 -04:00
Matt Baer
d8937e89a8 Make App struct public 2019-05-12 17:19:38 -04:00
Matt Baer
1dc93c076d Revert "Support new commentsEnabled property"
This reverts commit 5e7da6678d.

There are better standards in progress like a `capabilities` object:
https://litepub.social/litepub/lice.html
2019-04-11 22:04:51 -04:00
Matt Baer
24c56af6ee
Merge pull request #89 from writeas/comments-enabled
Support new commentsEnabled property
2019-04-07 12:34:14 -04:00
Matt Baer
4af9fa66aa Don't federate scheduled posts upon claiming
Previously, moving an anonymous post to a blog would instantly federate
the post, regardless of its `created` date. This now respects that value
and doesn't federate the post if its `created` date is in the future.

This is the first part of supporting scheduled, federated posts (ref T567)
but technically fixes #76.
2019-04-05 18:50:18 -04:00