From 2816b1bf8efa61af5abc045a2567220e71f6dad1 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 18 Mar 2017 22:51:20 +0100 Subject: [PATCH] Federate header images, fix open-uri http->https redirection error --- app/helpers/atom_builder_helper.rb | 5 +++++ app/models/account.rb | 13 +++++++++++++ app/services/update_remote_profile_service.rb | 1 + config/initializers/open_uri_redirection.rb | 8 ++++++++ ...70318214217_add_header_remote_url_to_accounts.rb | 5 +++++ db/schema.rb | 3 ++- 6 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 config/initializers/open_uri_redirection.rb create mode 100644 db/migrate/20170318214217_add_header_remote_url_to_accounts.rb diff --git a/app/helpers/atom_builder_helper.rb b/app/helpers/atom_builder_helper.rb index 8ca3cde2654..b750eeb0790 100644 --- a/app/helpers/atom_builder_helper.rb +++ b/app/helpers/atom_builder_helper.rb @@ -124,6 +124,10 @@ module AtomBuilderHelper single_link_avatar(xml, account, :original, 120) end + def link_header(xml, account) + xml.link('rel' => 'header', 'type' => account.header_content_type, 'media:width' => 700, 'media:height' => 335, 'href' => full_asset_url(account.header.url(:original))) + end + def logo(xml, url) xml.logo url end @@ -160,6 +164,7 @@ module AtomBuilderHelper summary xml, account.note link_alternate xml, TagManager.instance.url_for(account) link_avatar xml, account + link_header xml, account portable_contact xml, account privacy_scope xml, account.locked? ? :private : :public end diff --git a/app/models/account.rb b/app/models/account.rb index 978dc2d7165..aa0af563cd4 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -144,7 +144,9 @@ class Account < ApplicationRecord save! rescue ActiveRecord::RecordInvalid self.avatar = nil + self.header = nil self[:avatar_remote_url] = '' + self[:header_remote_url] = '' save! end @@ -159,6 +161,17 @@ class Account < ApplicationRecord Rails.logger.debug "Error fetching remote avatar: #{e}" end + def header_remote_url=(url) + parsed_url = URI.parse(url) + + return if !%w(http https).include?(parsed_url.scheme) || parsed_url.host.empty? || self[:header_remote_url] == url + + self.header = parsed_url + self[:header_remote_url] = url + rescue OpenURI::HTTPError => e + Rails.logger.debug "Error fetching remote header: #{e}" + end + def object_type :person end diff --git a/app/services/update_remote_profile_service.rb b/app/services/update_remote_profile_service.rb index dc315db197b..74baa1cc598 100644 --- a/app/services/update_remote_profile_service.rb +++ b/app/services/update_remote_profile_service.rb @@ -14,6 +14,7 @@ class UpdateRemoteProfileService < BaseService unless account.suspended? || DomainBlock.find_by(domain: account.domain)&.reject_media? account.avatar_remote_url = author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS)['href'] unless author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS).nil? || author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS)['href'].blank? + account.header_remote_url = author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS)['href'] unless author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS).nil? || author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS)['href'].blank? end end diff --git a/config/initializers/open_uri_redirection.rb b/config/initializers/open_uri_redirection.rb new file mode 100644 index 00000000000..e24fdecabc0 --- /dev/null +++ b/config/initializers/open_uri_redirection.rb @@ -0,0 +1,8 @@ +require 'open-uri' + +module OpenURI + def OpenURI.redirectable?(uri1, uri2) # :nodoc: + uri1.scheme.downcase == uri2.scheme.downcase || + (/\A(?:http|https|ftp)\z/i =~ uri1.scheme && /\A(?:http|https|ftp)\z/i =~ uri2.scheme) + end +end diff --git a/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb b/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb new file mode 100644 index 00000000000..0ba38d3e001 --- /dev/null +++ b/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb @@ -0,0 +1,5 @@ +class AddHeaderRemoteUrlToAccounts < ActiveRecord::Migration[5.0] + def change + add_column :accounts, :header_remote_url, :string, null: false, default: '' + end +end diff --git a/db/schema.rb b/db/schema.rb index c571fa3a83e..395034375af 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20170317193015) do +ActiveRecord::Schema.define(version: 20170318214217) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -43,6 +43,7 @@ ActiveRecord::Schema.define(version: 20170317193015) do t.boolean "silenced", default: false, null: false t.boolean "suspended", default: false, null: false t.boolean "locked", default: false, null: false + t.string "header_remote_url", default: "", null: false t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin t.index ["username", "domain"], name: "index_accounts_on_username_and_domain", unique: true, using: :btree end