2016-11-15 16:56:29 +01:00
# frozen_string_literal: true
2017-05-02 02:14:47 +02:00
# == Schema Information
#
# Table name: accounts
#
2020-04-26 23:29:08 +02:00
# id :bigint(8) not null, primary key
# username :string default(""), not null
# domain :string
# private_key :text
# public_key :text default(""), not null
# created_at :datetime not null
# updated_at :datetime not null
# note :text default(""), not null
# display_name :string default(""), not null
# uri :string default(""), not null
# url :string
# avatar_file_name :string
# avatar_content_type :string
# avatar_file_size :integer
# avatar_updated_at :datetime
# header_file_name :string
# header_content_type :string
# header_file_size :integer
# header_updated_at :datetime
# avatar_remote_url :string
# locked :boolean default(FALSE), not null
# header_remote_url :string default(""), not null
# last_webfingered_at :datetime
# inbox_url :string default(""), not null
# outbox_url :string default(""), not null
# shared_inbox_url :string default(""), not null
# followers_url :string default(""), not null
# protocol :integer default("ostatus"), not null
# memorial :boolean default(FALSE), not null
# moved_to_account_id :bigint(8)
# featured_collection_url :string
# fields :jsonb
# actor_type :string
# discoverable :boolean
# also_known_as :string is an Array
# silenced_at :datetime
# suspended_at :datetime
# hide_collections :boolean
# avatar_storage_schema_version :integer
# header_storage_schema_version :integer
2020-06-02 19:24:53 +02:00
# devices_url :string
2020-11-08 00:28:39 +01:00
# suspension_origin :integer
2021-05-07 19:32:58 +02:00
# sensitized_at :datetime
2022-02-25 00:34:14 +01:00
# trendable :boolean
# reviewed_at :datetime
# requested_review_at :datetime
2017-05-02 02:14:47 +02:00
#
2016-11-15 16:56:29 +01:00
2016-08-17 17:56:23 +02:00
class Account < ApplicationRecord
2021-05-07 19:32:58 +02:00
self . ignored_columns = %w(
subscription_expires_at
secret
remote_url
salmon_url
hub_url
2022-02-25 00:34:14 +01:00
trust_level
2021-05-07 19:32:58 +02:00
)
2021-03-12 05:25:24 +01:00
2021-08-11 17:48:42 +02:00
USERNAME_RE = / [a-z0-9_]+([a-z0-9_ \ .-]+[a-z0-9_]+)? /i
2021-09-01 22:06:40 +02:00
MENTION_RE = / (?<=^|[^ \/ [:word:]])@(( #{ USERNAME_RE } )(?:@[[:word:] \ . \ -]+[[:word:]]+)?) /i
2021-08-11 17:48:42 +02:00
URL_PREFIX_RE = / \ Ahttp(s?): \/ \/ [^ \/ ]+ /
2017-05-05 21:37:02 +02:00
2021-09-29 23:52:36 +02:00
include Attachmentable
2018-12-03 01:32:08 +01:00
include AccountAssociations
2017-05-05 21:37:02 +02:00
include AccountAvatar
2017-05-31 20:28:45 +02:00
include AccountFinderConcern
2017-05-05 21:37:02 +02:00
include AccountHeader
Account domain blocks (#2381)
* Add <ostatus:conversation /> tag to Atom input/output
Only uses ref attribute (not href) because href would be
the alternate link that's always included also.
Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.
* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute
Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle
* Display "Dismiss notifications" on all statuses in notifications column, not just own
* Add "muted" as a boolean attribute on statuses JSON
For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested
Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column
* Up max class length
* Remove pending test for conversation mute
* Add tests, clean up
* Rename to "mute conversation" and "unmute conversation"
* Raise validation error when trying to mute/unmute status without conversation
* Adding account domain blocks that filter notifications and public timelines
* Add tests for domain blocks in notifications, public timelines
Filter reblogs of blocked domains from home
* Add API for listing and creating account domain blocks
* API for creating/deleting domain blocks, tests for Status#ancestors
and Status#descendants, filter domain blocks from them
* Filter domains in streaming API
* Update account_domain_block_spec.rb
2017-05-19 01:14:30 +02:00
include AccountInteractions
2017-11-18 00:16:48 +01:00
include Paginable
2018-11-19 00:43:52 +01:00
include AccountCounters
2018-12-26 06:38:42 +01:00
include DomainNormalizable
2020-12-14 09:06:34 +01:00
include DomainMaterializable
2020-11-23 17:50:16 +01:00
include AccountMerging
2016-09-12 18:22:43 +02:00
2018-10-22 02:57:25 +02:00
MAX_DISPLAY_NAME_LENGTH = ( ENV [ 'MAX_DISPLAY_NAME_CHARS' ] || 30 ) . to_i
MAX_NOTE_LENGTH = ( ENV [ 'MAX_BIO_CHARS' ] || 500 ) . to_i
MAX_FIELDS = ( ENV [ 'MAX_PROFILE_FIELDS' ] || 4 ) . to_i
2017-09-11 02:43:52 +02:00
2017-07-19 17:06:46 +02:00
enum protocol : [ :ostatus , :activitypub ]
2020-11-08 00:28:39 +01:00
enum suspension_origin : [ :local , :remote ] , _prefix : true
2017-07-19 17:06:46 +02:00
2017-05-07 16:40:57 +02:00
validates :username , presence : true
2020-02-01 15:42:24 +01:00
validates_with UniqueUsernameValidator , if : - > { will_save_change_to_username? }
2017-06-08 15:22:01 +02:00
# Remote user validations
2018-07-30 22:29:52 +02:00
validates :username , format : { with : / \ A #{ USERNAME_RE } \ z /i } , if : - > { ! local? && will_save_change_to_username? }
2017-05-07 16:40:57 +02:00
# Local user validations
2019-07-19 01:44:42 +02:00
validates :username , format : { with : / \ A[a-z0-9_]+ \ z /i } , length : { maximum : 30 } , if : - > { local? && will_save_change_to_username? && actor_type != 'Application' }
2017-06-11 17:01:32 +02:00
validates_with UnreservedUsernameValidator , if : - > { local? && will_save_change_to_username? }
2018-10-22 02:57:25 +02:00
validates :display_name , length : { maximum : MAX_DISPLAY_NAME_LENGTH } , if : - > { local? && will_save_change_to_display_name? }
2019-01-10 19:12:10 +01:00
validates :note , note_length : { maximum : MAX_NOTE_LENGTH } , if : - > { local? && will_save_change_to_note? }
2018-10-22 02:57:25 +02:00
validates :fields , length : { maximum : MAX_FIELDS } , if : - > { local? && will_save_change_to_fields? }
2016-03-16 11:18:09 +01:00
2016-09-20 00:39:03 +02:00
scope :remote , - > { where . not ( domain : nil ) }
scope :local , - > { where ( domain : nil ) }
2018-04-17 13:50:48 +02:00
scope :partitioned , - > { order ( Arel . sql ( 'row_number() over (partition by domain)' ) ) }
2019-05-14 19:05:02 +02:00
scope :silenced , - > { where . not ( silenced_at : nil ) }
scope :suspended , - > { where . not ( suspended_at : nil ) }
2020-11-04 20:45:01 +01:00
scope :sensitized , - > { where . not ( sensitized_at : nil ) }
2019-05-14 19:05:02 +02:00
scope :without_suspended , - > { where ( suspended_at : nil ) }
scope :without_silenced , - > { where ( silenced_at : nil ) }
2020-12-15 17:23:58 +01:00
scope :without_instance_actor , - > { where . not ( id : - 99 ) }
2017-01-08 02:55:40 +01:00
scope :recent , - > { reorder ( id : :desc ) }
2018-11-26 15:53:27 +01:00
scope :bots , - > { where ( actor_type : %w( Application Service ) ) }
2019-12-04 20:36:33 +01:00
scope :groups , - > { where ( actor_type : 'Group' ) }
2017-01-08 02:55:40 +01:00
scope :alphabetic , - > { order ( domain : :asc , username : :asc ) }
2017-05-22 21:50:58 +02:00
scope :matches_username , - > ( value ) { where ( arel_table [ :username ] . matches ( " #{ value } % " ) ) }
scope :matches_display_name , - > ( value ) { where ( arel_table [ :display_name ] . matches ( " #{ value } % " ) ) }
2017-09-13 12:30:07 +02:00
scope :matches_domain , - > ( value ) { where ( arel_table [ :domain ] . matches ( " % #{ value } % " ) ) }
2019-01-02 10:47:32 +01:00
scope :searchable , - > { without_suspended . where ( moved_to_account_id : nil ) }
2019-08-30 00:14:36 +02:00
scope :discoverable , - > { searchable . without_silenced . where ( discoverable : true ) . left_outer_joins ( :account_stat ) }
2021-04-12 12:37:14 +02:00
scope :followable_by , - > ( account ) { joins ( arel_table . join ( Follow . arel_table , Arel :: Nodes :: OuterJoin ) . on ( arel_table [ :id ] . eq ( Follow . arel_table [ :target_account_id ] ) . and ( Follow . arel_table [ :account_id ] . eq ( account . id ) ) ) . join_sources ) . where ( Follow . arel_table [ :id ] . eq ( nil ) ) . joins ( arel_table . join ( FollowRequest . arel_table , Arel :: Nodes :: OuterJoin ) . on ( arel_table [ :id ] . eq ( FollowRequest . arel_table [ :target_account_id ] ) . and ( FollowRequest . arel_table [ :account_id ] . eq ( account . id ) ) ) . join_sources ) . where ( FollowRequest . arel_table [ :id ] . eq ( nil ) ) }
2019-08-30 00:14:36 +02:00
scope :by_recent_status , - > { order ( Arel . sql ( '(case when account_stats.last_status_at is null then 1 else 0 end) asc, account_stats.last_status_at desc, accounts.id desc' ) ) }
2020-03-08 15:39:13 +01:00
scope :by_recent_sign_in , - > { order ( Arel . sql ( '(case when users.current_sign_in_at is null then 1 else 0 end) asc, users.current_sign_in_at desc, accounts.id desc' ) ) }
2018-12-17 04:32:36 +01:00
scope :popular , - > { order ( 'account_stats.followers_count desc' ) }
2019-06-22 00:13:10 +02:00
scope :by_domain_and_subdomains , - > ( domain ) { where ( domain : domain ) . or ( where ( arel_table [ :domain ] . matches ( '%.' + domain ) ) ) }
2019-08-30 00:14:36 +02:00
scope :not_excluded_by_account , - > ( account ) { where . not ( id : account . excluded_from_timeline_account_ids ) }
scope :not_domain_blocked_by_account , - > ( account ) { where ( arel_table [ :domain ] . eq ( nil ) . or ( arel_table [ :domain ] . not_in ( account . excluded_from_timeline_domains ) ) ) }
2016-10-16 18:57:54 +02:00
2017-04-28 15:12:37 +02:00
delegate :email ,
2018-04-10 09:16:06 +02:00
:unconfirmed_email ,
2017-05-01 16:31:02 +02:00
:current_sign_in_at ,
2021-12-05 21:48:39 +01:00
:created_at ,
:sign_up_ip ,
2017-05-01 16:31:02 +02:00
:confirmed? ,
2019-03-14 05:28:30 +01:00
:approved? ,
:pending? ,
2019-06-20 02:52:34 +02:00
:disabled? ,
2019-09-11 16:32:44 +02:00
:unconfirmed_or_pending? ,
2019-06-20 02:52:34 +02:00
:role ,
2017-08-16 17:12:58 +02:00
:admin? ,
2017-11-17 01:22:38 +01:00
:moderator? ,
:staff? ,
2017-05-08 23:10:50 +02:00
:locale ,
2018-05-18 02:26:51 +02:00
:hides_network? ,
2019-01-21 19:36:33 +01:00
:shows_application? ,
2017-05-01 16:31:02 +02:00
to : :user ,
prefix : true ,
allow_nil : true
2017-04-28 15:12:37 +02:00
2018-06-17 13:54:02 +02:00
delegate :chosen_languages , to : :user , prefix : false , allow_nil : true
2017-05-01 17:42:13 +02:00
2021-11-18 22:02:08 +01:00
update_index ( 'accounts' , :self )
2019-08-16 01:24:03 +02:00
2016-02-22 16:00:20 +01:00
def local?
2016-09-29 21:28:21 +02:00
domain . nil?
2016-02-22 16:00:20 +01:00
end
2017-11-18 19:39:02 +01:00
def moved?
moved_to_account_id . present?
end
2018-05-07 09:31:07 +02:00
def bot?
%w( Application Service ) . include? actor_type
end
2019-07-19 01:44:42 +02:00
def instance_actor?
id == - 99
end
2018-05-07 09:31:07 +02:00
alias bot bot?
def bot = ( val )
self . actor_type = ActiveModel :: Type :: Boolean . new . cast ( val ) ? 'Service' : 'Person'
end
2019-12-04 20:36:33 +01:00
def group?
actor_type == 'Group'
end
alias group group?
2016-02-22 18:10:30 +01:00
def acct
2016-09-29 21:28:21 +02:00
local? ? username : " #{ username } @ #{ domain } "
2016-02-22 18:10:30 +01:00
end
2019-12-30 19:20:43 +01:00
def pretty_acct
local? ? username : " #{ username } @ #{ Addressable :: IDNA . to_unicode ( domain ) } "
end
2017-04-10 22:58:06 +02:00
def local_username_and_domain
" #{ username } @ #{ Rails . configuration . x . local_domain } "
end
Add local followers page to admin account UI (#9610)
* Add local followers page to admin account UI
For moderation, I often find myself wondering who, locally, is following
a remote user. Currently, to see this, I have to go back to the web UI,
paste in their full handle, click their profile, and go to the
"Followers" tab (plus, this information is incidental, and if mastodon
ever decides to resolve all of the follower information, there will be
no place local followers are shown). This PR adds a new page which is
accessible via the "following" count on the admin's account view
page, which shows the local followers. (It has filter parameters for
account location to indicate that only local followers are shown, and
leave room for expansion if mastodon ever decides to store the entire
remote follow list).
* Normalize en.yml
2018-12-27 13:15:39 +01:00
def local_followers_count
Follow . where ( target_account_id : id ) . count
end
2017-04-10 22:58:06 +02:00
def to_webfinger_s
" acct: #{ local_username_and_domain } "
end
2019-08-16 01:24:03 +02:00
def searchable?
! ( suspended? || moved? )
end
2017-09-28 17:50:14 +02:00
def possibly_stale?
last_webfingered_at . nil? || last_webfingered_at < = 1 . day . ago
end
def refresh!
2019-07-06 23:26:16 +02:00
ResolveAccountService . new . call ( acct ) unless local?
2017-09-28 17:50:14 +02:00
end
2019-05-14 19:05:02 +02:00
def silenced?
silenced_at . present?
end
2019-07-13 16:45:50 +02:00
def silence! ( date = Time . now . utc )
2019-05-14 19:05:02 +02:00
update! ( silenced_at : date )
Add moderation warnings (#9519)
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
2018-12-22 20:02:09 +01:00
end
def unsilence!
2019-10-09 07:11:23 +02:00
update! ( silenced_at : nil )
2019-05-14 19:05:02 +02:00
end
def suspended?
2020-12-15 17:23:58 +01:00
suspended_at . present? && ! instance_actor?
Add moderation warnings (#9519)
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
2018-12-22 20:02:09 +01:00
end
2020-11-08 00:28:39 +01:00
def suspended_permanently?
suspended? && deletion_request . nil?
end
def suspended_temporarily?
suspended? && deletion_request . present?
end
2021-07-14 05:35:49 +02:00
def suspend! ( date : Time . now . utc , origin : :local , block_email : true )
2018-08-22 11:53:41 +02:00
transaction do
2020-09-15 14:37:58 +02:00
create_deletion_request!
2020-11-08 00:28:39 +01:00
update! ( suspended_at : date , suspension_origin : origin )
2021-07-14 05:35:49 +02:00
create_canonical_email_block! if block_email
2018-08-22 11:53:41 +02:00
end
end
2017-11-07 19:06:44 +01:00
def unsuspend!
transaction do
2020-09-15 14:37:58 +02:00
deletion_request & . destroy!
2020-11-08 00:28:39 +01:00
update! ( suspended_at : nil , suspension_origin : nil )
2021-04-17 03:14:25 +02:00
destroy_canonical_email_block!
2017-11-07 19:06:44 +01:00
end
end
2020-11-04 20:45:01 +01:00
def sensitized?
sensitized_at . present?
end
def sensitize! ( date = Time . now . utc )
update! ( sensitized_at : date )
end
def unsensitize!
update! ( sensitized_at : nil )
end
2017-11-07 19:06:44 +01:00
def memorialize!
2020-09-15 14:37:58 +02:00
update! ( memorial : true )
2017-11-07 19:06:44 +01:00
end
2019-06-04 23:11:18 +02:00
def sign?
true
end
2022-02-14 21:27:53 +01:00
def previous_strikes_count
strikes . where ( overruled_at : nil ) . count
end
2016-02-22 16:00:20 +01:00
def keypair
2017-08-21 17:32:41 +02:00
@keypair || = OpenSSL :: PKey :: RSA . new ( private_key || public_key )
2016-02-22 16:00:20 +01:00
end
2018-12-06 17:36:11 +01:00
def tags_as_strings = ( tag_names )
2021-01-12 09:27:38 +01:00
hashtags_map = Tag . find_or_create_by_names ( tag_names ) . index_by ( & :name )
2018-12-06 17:36:11 +01:00
# Remove hashtags that are to be deleted
tags . each do | tag |
if hashtags_map . key? ( tag . name )
hashtags_map . delete ( tag . name )
else
2021-05-07 14:33:43 +02:00
tags . delete ( tag )
2018-12-06 17:36:11 +01:00
end
end
# Add hashtags that were so far missing
hashtags_map . each_value do | tag |
2021-05-07 14:33:43 +02:00
tags << tag
2018-12-06 17:36:11 +01:00
end
end
2019-01-10 18:46:17 +01:00
def also_known_as
self [ :also_known_as ] || [ ]
end
2018-04-14 12:41:08 +02:00
def fields
2021-08-11 16:40:55 +02:00
( self [ :fields ] || [ ] ) . map do | f |
Field . new ( self , f )
rescue
nil
end . compact
2018-04-14 12:41:08 +02:00
end
def fields_attributes = ( attributes )
2018-09-18 16:45:58 +02:00
fields = [ ]
old_fields = self [ :fields ] || [ ]
2019-03-05 15:19:54 +01:00
old_fields = [ ] if old_fields . is_a? ( Hash )
2018-04-14 12:41:08 +02:00
2018-05-05 21:11:19 +02:00
if attributes . is_a? ( Hash )
attributes . each_value do | attr |
next if attr [ :name ] . blank?
2018-09-18 16:45:58 +02:00
previous = old_fields . find { | item | item [ 'value' ] == attr [ :value ] }
if previous && previous [ 'verified_at' ] . present?
attr [ :verified_at ] = previous [ 'verified_at' ]
end
2018-05-05 21:11:19 +02:00
fields << attr
end
2018-04-14 12:41:08 +02:00
end
self [ :fields ] = fields
end
def build_fields
2018-10-22 02:57:25 +02:00
return if fields . size > = MAX_FIELDS
2018-09-18 16:45:58 +02:00
tmp = self [ :fields ] || [ ]
2019-03-08 19:59:08 +01:00
tmp = [ ] if tmp . is_a? ( Hash )
2018-09-18 16:45:58 +02:00
2018-10-22 02:57:25 +02:00
( MAX_FIELDS - tmp . size ) . times do
2018-09-18 16:45:58 +02:00
tmp << { name : '' , value : '' }
end
2018-04-14 12:41:08 +02:00
2018-09-18 16:45:58 +02:00
self . fields = tmp
2018-04-14 12:41:08 +02:00
end
2017-05-05 21:37:02 +02:00
def save_with_optional_media!
2016-12-02 14:14:49 +01:00
save!
2017-01-19 02:14:57 +01:00
rescue ActiveRecord :: RecordInvalid
2019-10-09 07:10:46 +02:00
self . avatar = nil
self . header = nil
2017-01-19 02:14:57 +01:00
save!
2016-02-28 14:33:13 +01:00
end
2020-03-09 00:10:29 +01:00
def hides_followers?
2022-03-07 09:36:47 +01:00
hide_collections?
2020-03-09 00:10:29 +01:00
end
def hides_following?
2022-03-07 09:36:47 +01:00
hide_collections?
2020-03-09 00:10:29 +01:00
end
2016-03-25 02:13:30 +01:00
def object_type
:person
end
2016-02-29 19:42:08 +01:00
def to_param
2016-09-29 21:28:21 +02:00
username
2016-02-29 19:42:08 +01:00
end
2017-04-28 15:10:41 +02:00
def excluded_from_timeline_account_ids
2021-04-12 12:37:14 +02:00
Rails . cache . fetch ( " exclude_account_ids_for: #{ id } " ) { block_relationships . pluck ( :target_account_id ) + blocked_by_relationships . pluck ( :account_id ) + mute_relationships . pluck ( :target_account_id ) }
2017-04-28 15:10:41 +02:00
end
Account domain blocks (#2381)
* Add <ostatus:conversation /> tag to Atom input/output
Only uses ref attribute (not href) because href would be
the alternate link that's always included also.
Creates new conversation for every non-reply status. Carries
over conversation for every reply. Keeps remote URIs verbatim,
generates local URIs on the fly like the rest of them.
* Conversation muting - prevents notifications that reference a conversation
(including replies, favourites, reblogs) from being created. API endpoints
/api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute
Currently no way to tell when a status/conversation is muted, so the web UI
only has a "disable notifications" button, doesn't work as a toggle
* Display "Dismiss notifications" on all statuses in notifications column, not just own
* Add "muted" as a boolean attribute on statuses JSON
For now always false on contained reblogs, since it's only relevant for
statuses returned from the notifications endpoint, which are not nested
Remove "Disable notifications" from detailed status view, since it's
only relevant in the notifications column
* Up max class length
* Remove pending test for conversation mute
* Add tests, clean up
* Rename to "mute conversation" and "unmute conversation"
* Raise validation error when trying to mute/unmute status without conversation
* Adding account domain blocks that filter notifications and public timelines
* Add tests for domain blocks in notifications, public timelines
Filter reblogs of blocked domains from home
* Add API for listing and creating account domain blocks
* API for creating/deleting domain blocks, tests for Status#ancestors
and Status#descendants, filter domain blocks from them
* Filter domains in streaming API
* Update account_domain_block_spec.rb
2017-05-19 01:14:30 +02:00
def excluded_from_timeline_domains
Rails . cache . fetch ( " exclude_domains_for: #{ id } " ) { domain_blocks . pluck ( :domain ) }
end
2017-11-30 03:50:05 +01:00
def preferred_inbox_url
shared_inbox_url . presence || inbox_url
end
Add follower synchronization mechanism (#14510)
* Add support for followers synchronization on the receiving end
Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.
* Add tests for followers synchronization on the receiving end
* Add support for follower synchronization on the sender's end
* Add tests for the sending end
* Switch from AS attributes to HTTP header
Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
receiving instance (where “receiving instance” is determined by accounts
sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor
Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.
* Add environment variable to disable followers synchronization
Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.
The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
netloc as a managed account must be managed by the same Mastodon instance
as well.
As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.
Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.
* Only set follower synchronization header on non-public statuses
This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)
* Change how ActivityPub::SynchronizeFollowersService handles follow requests
If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.
* Integrate review feeback
- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes
* Only select required fields when computing followers_hash
* Use actor URI rather than webfinger domain in synchronization endpoint
* Change hash computation to be a XOR of individual hashes
Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.
* Marginally improve followers_hash computation speed
* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
def synchronization_uri_prefix
return 'local' if local?
2021-08-11 17:48:42 +02:00
@synchronization_uri_prefix || = " #{ uri [ URL_PREFIX_RE ] } / "
Add follower synchronization mechanism (#14510)
* Add support for followers synchronization on the receiving end
Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.
* Add tests for followers synchronization on the receiving end
* Add support for follower synchronization on the sender's end
* Add tests for the sending end
* Switch from AS attributes to HTTP header
Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
receiving instance (where “receiving instance” is determined by accounts
sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor
Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.
* Add environment variable to disable followers synchronization
Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.
The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
netloc as a managed account must be managed by the same Mastodon instance
as well.
As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.
Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.
* Only set follower synchronization header on non-public statuses
This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)
* Change how ActivityPub::SynchronizeFollowersService handles follow requests
If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.
* Integrate review feeback
- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes
* Only select required fields when computing followers_hash
* Use actor URI rather than webfinger domain in synchronization endpoint
* Change hash computation to be a XOR of individual hashes
Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.
* Marginally improve followers_hash computation speed
* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
end
2022-02-25 00:34:14 +01:00
def requires_review?
reviewed_at . nil?
end
def reviewed?
reviewed_at . present?
end
def requested_review?
requested_review_at . present?
end
def requires_review_notification?
requires_review? && ! requested_review?
end
2018-04-14 12:41:08 +02:00
class Field < ActiveModelSerializers :: Model
2021-01-07 09:40:55 +01:00
attributes :name , :value , :verified_at , :account
2018-09-18 16:45:58 +02:00
def initialize ( account , attributes )
2021-01-07 09:40:55 +01:00
@original_field = attributes
string_limit = account . local? ? 255 : 2047
super (
account : account ,
name : attributes [ 'name' ] . strip [ 0 , string_limit ] ,
value : attributes [ 'value' ] . strip [ 0 , string_limit ] ,
verified_at : attributes [ 'verified_at' ] & . to_datetime ,
)
2018-09-18 16:45:58 +02:00
end
def verified?
verified_at . present?
end
2018-10-04 15:47:03 +02:00
def value_for_verification
@value_for_verification || = begin
if account . local?
value
else
ActionController :: Base . helpers . strip_tags ( value )
end
end
end
2018-09-18 16:45:58 +02:00
def verifiable?
2018-10-04 15:47:03 +02:00
value_for_verification . present? && value_for_verification . start_with? ( 'http://' , 'https://' )
2018-09-18 16:45:58 +02:00
end
2018-04-14 12:41:08 +02:00
2018-09-18 16:45:58 +02:00
def mark_verified!
2021-01-07 09:40:55 +01:00
self . verified_at = Time . now . utc
@original_field [ 'verified_at' ] = verified_at
2018-04-14 12:41:08 +02:00
end
2018-05-02 15:57:37 +02:00
def to_h
2021-01-07 09:40:55 +01:00
{ name : name , value : value , verified_at : verified_at }
2018-10-04 15:47:03 +02:00
end
2018-04-14 12:41:08 +02:00
end
2016-11-09 17:48:44 +01:00
class << self
2022-01-23 18:10:10 +01:00
DISALLOWED_TSQUERY_CHARACTERS = / ['? \\ :‘ ’ ] / . freeze
TEXTSEARCH = " (setweight(to_tsvector('simple', accounts.display_name), 'A') || setweight(to_tsvector('simple', accounts.username), 'B') || setweight(to_tsvector('simple', coalesce(accounts.domain, '')), 'C')) "
2017-09-12 00:16:03 +02:00
def readonly_attributes
super - %w( statuses_count following_count followers_count )
end
2017-08-13 00:44:41 +02:00
def inboxes
2020-12-07 12:08:30 +01:00
urls = reorder ( nil ) . where ( protocol : :activitypub ) . group ( :preferred_inbox_url ) . pluck ( Arel . sql ( " coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url) AS preferred_inbox_url " ) )
2020-04-15 20:33:24 +02:00
DeliveryFailureTracker . without_unavailable ( urls )
2017-08-13 00:44:41 +02:00
end
Add type, limit, offset, min_id, max_id, account_id to search API (#10091)
* Add type, limit, offset, min_id, max_id, account_id to search API
Fix #8939
* Make the offset work on accounts and hashtags search as well
* Assure brakeman we are not doing mass assignment here
* Do not allow paginating unless a type is chosen
* Fix search query and index id field on statuses instead of created_at
2019-02-26 15:21:36 +01:00
def search_for ( terms , limit = 10 , offset = 0 )
2022-01-23 18:10:10 +01:00
tsquery = generate_query_for_search ( terms )
2017-03-17 20:47:38 +01:00
2017-04-09 14:45:01 +02:00
sql = <<-SQL.squish
2017-03-17 20:47:38 +01:00
SELECT
accounts . * ,
2022-01-23 18:10:10 +01:00
ts_rank_cd ( #{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
2017-03-17 20:47:38 +01:00
FROM accounts
2022-01-23 18:10:10 +01:00
WHERE to_tsquery ( 'simple' , :tsquery ) @ @ #{TEXTSEARCH}
2019-05-14 19:05:02 +02:00
AND accounts . suspended_at IS NULL
2017-12-12 02:14:33 +01:00
AND accounts . moved_to_account_id IS NULL
2017-03-17 20:47:38 +01:00
ORDER BY rank DESC
2022-01-23 18:10:10 +01:00
LIMIT :limit OFFSET :offset
2017-04-09 14:45:01 +02:00
SQL
2017-03-17 20:47:38 +01:00
2022-01-23 18:10:10 +01:00
records = find_by_sql ( [ sql , limit : limit , offset : offset , tsquery : tsquery ] )
2018-11-19 00:43:52 +01:00
ActiveRecord :: Associations :: Preloader . new . preload ( records , :account_stat )
records
2017-03-17 20:47:38 +01:00
end
Add type, limit, offset, min_id, max_id, account_id to search API (#10091)
* Add type, limit, offset, min_id, max_id, account_id to search API
Fix #8939
* Make the offset work on accounts and hashtags search as well
* Assure brakeman we are not doing mass assignment here
* Do not allow paginating unless a type is chosen
* Fix search query and index id field on statuses instead of created_at
2019-02-26 15:21:36 +01:00
def advanced_search_for ( terms , account , limit = 10 , following = false , offset = 0 )
2022-01-23 18:10:10 +01:00
tsquery = generate_query_for_search ( terms )
sql = advanced_search_for_sql_template ( following )
records = find_by_sql ( [ sql , id : account . id , limit : limit , offset : offset , tsquery : tsquery ] )
ActiveRecord :: Associations :: Preloader . new . preload ( records , :account_stat )
records
end
def from_text ( text )
return [ ] if text . blank?
2017-03-17 20:47:38 +01:00
2022-01-23 18:10:10 +01:00
text . scan ( MENTION_RE ) . map { | match | match . first . split ( '@' , 2 ) } . uniq . filter_map do | ( username , domain ) |
domain = begin
if TagManager . instance . local_domain? ( domain )
nil
else
TagManager . instance . normalize_domain ( domain )
end
end
EntityCache . instance . mention ( username , domain )
end
end
private
def generate_query_for_search ( unsanitized_terms )
terms = unsanitized_terms . gsub ( DISALLOWED_TSQUERY_CHARACTERS , ' ' )
# The final ":*" is for prefix search.
# The trailing space does not seem to fit any purpose, but `to_tsquery`
# behaves differently with and without a leading space if the terms start
# with `./`, `../`, or `.. `. I don't understand why, so, in doubt, keep
# the same query.
" ' #{ terms } ':* "
end
def advanced_search_for_sql_template ( following )
2017-12-05 23:02:27 +01:00
if following
2022-01-23 18:10:10 +01:00
<<-SQL.squish
2017-12-05 23:02:27 +01:00
WITH first_degree AS (
SELECT target_account_id
FROM follows
2022-01-23 18:10:10 +01:00
WHERE account_id = :id
2019-11-04 13:02:01 +01:00
UNION ALL
2022-01-23 18:10:10 +01:00
SELECT :id
2017-12-05 23:02:27 +01:00
)
SELECT
accounts . * ,
2022-01-23 18:10:10 +01:00
( count ( f . id ) + 1 ) * ts_rank_cd ( #{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
2017-12-05 23:02:27 +01:00
FROM accounts
2022-01-23 18:10:10 +01:00
LEFT OUTER JOIN follows AS f ON ( accounts . id = f . account_id AND f . target_account_id = :id )
2017-12-05 23:02:27 +01:00
WHERE accounts . id IN ( SELECT * FROM first_degree )
2022-01-23 18:10:10 +01:00
AND to_tsquery ( 'simple' , :tsquery ) @ @ #{TEXTSEARCH}
2019-05-14 19:05:02 +02:00
AND accounts . suspended_at IS NULL
2017-12-12 02:14:33 +01:00
AND accounts . moved_to_account_id IS NULL
2017-12-05 23:02:27 +01:00
GROUP BY accounts . id
ORDER BY rank DESC
2022-01-23 18:10:10 +01:00
LIMIT :limit OFFSET :offset
2017-12-05 23:02:27 +01:00
SQL
else
2022-01-23 18:10:10 +01:00
<<-SQL.squish
2017-12-05 23:02:27 +01:00
SELECT
accounts . * ,
2022-01-23 18:10:10 +01:00
( count ( f . id ) + 1 ) * ts_rank_cd ( #{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
2017-12-05 23:02:27 +01:00
FROM accounts
2022-01-23 18:10:10 +01:00
LEFT OUTER JOIN follows AS f ON ( accounts . id = f . account_id AND f . target_account_id = :id ) OR ( accounts . id = f . target_account_id AND f . account_id = :id )
WHERE to_tsquery ( 'simple' , :tsquery ) @ @ #{TEXTSEARCH}
2019-05-14 19:05:02 +02:00
AND accounts . suspended_at IS NULL
2017-12-12 02:14:33 +01:00
AND accounts . moved_to_account_id IS NULL
2017-12-05 23:02:27 +01:00
GROUP BY accounts . id
ORDER BY rank DESC
2022-01-23 18:10:10 +01:00
LIMIT :limit OFFSET :offset
2017-12-05 23:02:27 +01:00
SQL
2021-01-10 00:32:01 +01:00
end
2020-01-23 22:00:13 +01:00
end
2016-10-03 17:16:58 +02:00
end
2018-04-01 23:55:42 +02:00
def emojis
2018-05-06 11:48:51 +02:00
@emojis || = CustomEmoji . from_text ( emojifiable_text , domain )
2018-04-01 23:55:42 +02:00
end
2017-04-25 02:47:31 +02:00
before_create :generate_keys
2017-07-14 19:47:53 +02:00
before_validation :prepare_contents , if : :local?
2019-03-11 20:48:24 +01:00
before_validation :prepare_username , on : :create
2018-12-03 01:32:08 +01:00
before_destroy :clean_feed_manager
2017-04-18 23:15:44 +02:00
private
2017-07-14 19:47:53 +02:00
def prepare_contents
display_name & . strip!
note & . strip!
end
2019-03-11 20:48:24 +01:00
def prepare_username
username & . squish!
end
2017-04-25 02:47:31 +02:00
def generate_keys
2019-07-19 01:44:42 +02:00
return unless local? && private_key . blank? && public_key . blank?
2017-04-25 02:47:31 +02:00
2018-05-02 15:45:24 +02:00
keypair = OpenSSL :: PKey :: RSA . new ( 2048 )
2017-04-25 02:47:31 +02:00
self . private_key = keypair . to_pem
self . public_key = keypair . public_key . to_pem
end
def normalize_domain
return if local?
2018-12-26 06:38:42 +01:00
super
2017-04-25 02:47:31 +02:00
end
2018-05-06 11:48:51 +02:00
def emojifiable_text
2019-08-11 13:15:18 +02:00
[ note , display_name , fields . map ( & :name ) , fields . map ( & :value ) ] . join ( ' ' )
2018-05-06 11:48:51 +02:00
end
2018-12-03 01:32:08 +01:00
def clean_feed_manager
2020-12-22 23:57:46 +01:00
FeedManager . instance . clean_feeds! ( :home , [ id ] )
2018-12-03 01:32:08 +01:00
end
2021-04-17 03:14:25 +02:00
def create_canonical_email_block!
return unless local? && user_email . present?
2021-07-02 12:03:15 +02:00
begin
CanonicalEmailBlock . create ( reference_account : self , email : user_email )
rescue ActiveRecord :: RecordNotUnique
# A canonical e-mail block may already exist for the same e-mail
end
2021-04-17 03:14:25 +02:00
end
def destroy_canonical_email_block!
return unless local?
CanonicalEmailBlock . where ( reference_account : self ) . delete_all
end
2016-02-20 22:53:20 +01:00
end