Merge branch 'main' of https://github.com/mastodon/mastodon into mastodon-main

weex · weex · commit b4c00a6305d3 · 2021-08-20T20:49:06.000-07:00
diff --git a/Gemfile b/Gemfile
@@ -63,7 +63,7 @@ gem 'link_header', '~> 0.0'
 gem 'mime-types', '~> 3.3.1', require: 'mime/types/columnar'
 gem 'nokogiri', '~> 1.12'
 gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.12'
+gem 'oj', '~> 3.13'
 gem 'ox', '~> 2.14'
 gem 'parslet'
 gem 'parallel', '~> 1.20'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -220,7 +220,7 @@ GEM
       multipart-post (>= 1.2, < 3)
       ruby2_keywords
     faraday-net_http (1.0.1)
-    fast_blank (1.0.0)
+    fast_blank (1.0.1)
     fastimage (2.2.5)
     ffi (1.15.0)
     ffi-compiler (1.0.1)
@@ -343,7 +343,7 @@ GEM
       activesupport (>= 4)
       railties (>= 4)
       request_store (~> 1.0)
-    loofah (2.10.0)
+    loofah (2.12.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -383,7 +383,7 @@ GEM
       concurrent-ruby (~> 1.0, >= 1.0.2)
       sidekiq (>= 3.5)
       statsd-ruby (~> 1.4, >= 1.4.0)
-    oj (3.12.2)
+    oj (3.13.2)
     omniauth (1.9.1)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
@@ -504,7 +504,7 @@ GEM
       rake (>= 0.13)
       thor (~> 1.0)
     rainbow (3.0.0)
-    rake (13.0.3)
+    rake (13.0.6)
     rdf (3.1.15)
       hamster (~> 3.0)
       link_header (~> 0.0, >= 0.0.8)
@@ -534,7 +534,7 @@ GEM
     rspec-mocks (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
-    rspec-rails (5.0.1)
+    rspec-rails (5.0.2)
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       railties (>= 5.2)
@@ -771,7 +771,7 @@ DEPENDENCIES
   net-ldap (~> 0.17)
   nokogiri (~> 1.12)
   nsa (~> 0.2)
-  oj (~> 3.12)
+  oj (~> 3.13)
   omniauth (~> 1.9)
   omniauth-cas (~> 2.0)
   omniauth-rails_csrf_protection (~> 0.1)
diff --git a/app/services/resolve_account_service.rb b/app/services/resolve_account_service.rb
@@ -142,6 +142,7 @@ def not_yet_deleted?
   end
 
   def queue_deletion!
+    @account.suspend!(origin: :remote)
     AccountDeletionWorker.perform_async(@account.id, reserve_username: false, skip_activitypub: true)
   end
 
diff --git a/app/services/unsuspend_account_service.rb b/app/services/unsuspend_account_service.rb
@@ -1,13 +1,14 @@
 # frozen_string_literal: true
 
 class UnsuspendAccountService < BaseService
+  include Payloadable
   def call(account)
     @account = account
 
     unsuspend!
     refresh_remote_account!
 
-    return if @account.nil?
+    return if @account.nil? || @account.suspended?
 
     merge_into_home_timelines!
     merge_into_list_timelines!
diff --git a/app/views/settings/profiles/show.html.haml b/app/views/settings/profiles/show.html.haml
@@ -29,9 +29,8 @@
   .fields-group
     = f.input :bot, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.bot')
 
-  - if Setting.profile_directory
-    .fields-group
-      = f.input :discoverable, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.discoverable'), recommended: true
+  .fields-group
+    = f.input :discoverable, as: :boolean, wrapper: :with_label, hint: t(Setting.profile_directory ? 'simple_form.hints.defaults.discoverable' : 'simple_form.hints.defaults.discoverable_no_directory'), recommended: true
 
   %hr.spacer/
 
diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml
@@ -35,7 +35,8 @@ en:
         current_password: For security purposes please enter the password of the current account
         current_username: To confirm, please enter the username of the current account
         digest: Only sent after a long period of inactivity and only if you have received any personal messages in your absence
-        discoverable: Allow your account to be discovered by strangers through recommendations and other features
+        discoverable: Allow your account to be discovered by strangers through recommendations, profile directory and other features
+        discoverable_no_directory: Allow your account to be discovered by strangers through recommendations and other features
         email: You will be sent a confirmation e-mail
         fields: You can have up to 4 items displayed as a table on your profile
         header: PNG, GIF or JPG. At most %{size}. Will be downscaled to %{dimensions}px
diff --git a/dist/nginx.conf b/dist/nginx.conf
@@ -31,6 +31,7 @@ server {
   ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:SSL:10m;
+  ssl_session_tickets off;
 
   # Uncomment these lines once you acquire a certificate:
   # ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
@@ -51,7 +52,7 @@ server {
   gzip_http_version 1.1;
   gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 
-  add_header Strict-Transport-Security "max-age=31536000";
+  add_header Strict-Transport-Security "max-age=31536000" always;
   add_header Referrer-Policy "same-origin";
 
   location / {
@@ -60,13 +61,13 @@ server {
 
   location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
     add_header Cache-Control "public, max-age=31536000, immutable";
-    add_header Strict-Transport-Security "max-age=31536000";
+    add_header Strict-Transport-Security "max-age=31536000" always;
     try_files $uri @proxy;
   }
 
   location /sw.js {
     add_header Cache-Control "public, max-age=0";
-    add_header Strict-Transport-Security "max-age=31536000";
+    add_header Strict-Transport-Security "max-age=31536000" always;
     try_files $uri @proxy;
   }
 
@@ -90,7 +91,7 @@ server {
     proxy_cache_valid 410 24h;
     proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
     add_header X-Cached $upstream_cache_status;
-    add_header Strict-Transport-Security "max-age=31536000";
+    add_header Strict-Transport-Security "max-age=31536000" always;
 
     tcp_nodelay on;
   }
diff --git a/package.json b/package.json
@@ -151,7 +151,7 @@
     "requestidlecallback": "^0.3.0",
     "reselect": "^4.0.0",
     "rimraf": "^3.0.2",
-    "sass": "^1.37.0",
+    "sass": "^1.38.0",
     "sass-loader": "^10.2.0",
     "stacktrace-js": "^2.0.2",
     "stringz": "^2.1.0",
diff --git a/spec/services/suspend_account_service_spec.rb b/spec/services/suspend_account_service_spec.rb
@@ -0,0 +1,85 @@
+require 'rails_helper'
+
+RSpec.describe SuspendAccountService, type: :service do
+  shared_examples 'common behavior' do
+    let!(:local_follower) { Fabricate(:user, current_sign_in_at: 1.hour.ago).account }
+    let!(:list)           { Fabricate(:list, account: local_follower) }
+
+    subject do
+      -> { described_class.new.call(account) }
+    end
+
+    before do
+      allow(FeedManager.instance).to receive(:unmerge_from_home).and_return(nil)
+      allow(FeedManager.instance).to receive(:unmerge_from_list).and_return(nil)
+
+      local_follower.follow!(account)
+      list.accounts << account
+    end
+
+    it "unmerges from local followers' feeds" do
+      subject.call
+      expect(FeedManager.instance).to have_received(:unmerge_from_home).with(account, local_follower)
+      expect(FeedManager.instance).to have_received(:unmerge_from_list).with(account, list)
+    end
+
+    it 'marks account as suspended' do
+      is_expected.to change { account.suspended? }.from(false).to(true)
+    end
+  end
+
+  describe 'suspending a local account' do
+    def match_update_actor_request(req, account)
+      json = JSON.parse(req.body)
+      actor_id = ActivityPub::TagManager.instance.uri_for(account)
+      json['type'] == 'Update' && json['actor'] == actor_id && json['object']['id'] == actor_id && json['object']['suspended']
+    end
+
+    before do
+      stub_request(:post, 'https://alice.com/inbox').to_return(status: 201)
+      stub_request(:post, 'https://bob.com/inbox').to_return(status: 201)
+    end
+
+    include_examples 'common behavior' do
+      let!(:account)         { Fabricate(:account) }
+      let!(:remote_follower) { Fabricate(:account, uri: 'https://alice.com', inbox_url: 'https://alice.com/inbox', protocol: :activitypub) }
+      let!(:remote_reporter) { Fabricate(:account, uri: 'https://bob.com', inbox_url: 'https://bob.com/inbox', protocol: :activitypub) }
+      let!(:report)          { Fabricate(:report, account: remote_reporter, target_account: account) }
+
+      before do
+        remote_follower.follow!(account)
+      end
+
+      it 'sends an update actor to followers and reporters' do
+        subject.call
+        expect(a_request(:post, remote_follower.inbox_url).with { |req| match_update_actor_request(req, account) }).to have_been_made.once
+        expect(a_request(:post, remote_reporter.inbox_url).with { |req| match_update_actor_request(req, account) }).to have_been_made.once
+      end
+    end
+  end
+
+  describe 'suspending a remote account' do
+    def match_reject_follow_request(req, account, followee)
+      json = JSON.parse(req.body)
+      json['type'] == 'Reject' && json['actor'] == ActivityPub::TagManager.instance.uri_for(followee) && json['object']['actor'] == account.uri
+    end
+
+    before do
+      stub_request(:post, 'https://bob.com/inbox').to_return(status: 201)
+    end
+
+    include_examples 'common behavior' do
+      let!(:account)        { Fabricate(:account, domain: 'bob.com', uri: 'https://bob.com', inbox_url: 'https://bob.com/inbox', protocol: :activitypub) }
+      let!(:local_followee) { Fabricate(:account) }
+
+      before do
+        account.follow!(local_followee)
+      end
+
+      it 'sends a reject follow' do
+        subject.call
+        expect(a_request(:post, account.inbox_url).with { |req| match_reject_follow_request(req, account, local_followee) }).to have_been_made.once
+      end
+    end
+  end
+end
diff --git a/spec/services/unsuspend_account_service_spec.rb b/spec/services/unsuspend_account_service_spec.rb
@@ -0,0 +1,135 @@
+require 'rails_helper'
+
+RSpec.describe UnsuspendAccountService, type: :service do
+  shared_examples 'common behavior' do
+    let!(:local_follower) { Fabricate(:user, current_sign_in_at: 1.hour.ago).account }
+    let!(:list)           { Fabricate(:list, account: local_follower) }
+
+    subject do
+      -> { described_class.new.call(account) }
+    end
+
+    before do
+      allow(FeedManager.instance).to receive(:merge_into_home).and_return(nil)
+      allow(FeedManager.instance).to receive(:merge_into_list).and_return(nil)
+
+      local_follower.follow!(account)
+      list.accounts << account
+
+      account.suspend!(origin: :local)
+    end
+  end
+
+  describe 'unsuspending a local account' do
+    def match_update_actor_request(req, account)
+      json = JSON.parse(req.body)
+      actor_id = ActivityPub::TagManager.instance.uri_for(account)
+      json['type'] == 'Update' && json['actor'] == actor_id && json['object']['id'] == actor_id && !json['object']['suspended']
+    end
+
+    before do
+      stub_request(:post, 'https://alice.com/inbox').to_return(status: 201)
+      stub_request(:post, 'https://bob.com/inbox').to_return(status: 201)
+    end
+
+    it 'marks account as unsuspended' do
+      is_expected.to change { account.suspended? }.from(true).to(false)
+    end
+
+    include_examples 'common behavior' do
+      let!(:account)         { Fabricate(:account) }
+      let!(:remote_follower) { Fabricate(:account, uri: 'https://alice.com', inbox_url: 'https://alice.com/inbox', protocol: :activitypub) }
+      let!(:remote_reporter) { Fabricate(:account, uri: 'https://bob.com', inbox_url: 'https://bob.com/inbox', protocol: :activitypub) }
+      let!(:report)          { Fabricate(:report, account: remote_reporter, target_account: account) }
+
+      before do
+        remote_follower.follow!(account)
+      end
+
+      it "merges back into local followers' feeds" do
+        subject.call
+        expect(FeedManager.instance).to have_received(:merge_into_home).with(account, local_follower)
+        expect(FeedManager.instance).to have_received(:merge_into_list).with(account, list)
+      end
+
+      it 'sends an update actor to followers and reporters' do
+        subject.call
+        expect(a_request(:post, remote_follower.inbox_url).with { |req| match_update_actor_request(req, account) }).to have_been_made.once
+        expect(a_request(:post, remote_reporter.inbox_url).with { |req| match_update_actor_request(req, account) }).to have_been_made.once
+      end
+    end
+  end
+
+  describe 'unsuspending a remote account' do
+    include_examples 'common behavior' do
+      let!(:account)                 { Fabricate(:account, domain: 'bob.com', uri: 'https://bob.com', inbox_url: 'https://bob.com/inbox', protocol: :activitypub) }
+      let!(:reslove_account_service) { double }
+
+      before do
+        allow(ResolveAccountService).to receive(:new).and_return(reslove_account_service)
+      end
+
+      context 'when the account is not remotely suspended' do
+        before do
+          allow(reslove_account_service).to receive(:call).with(account).and_return(account)
+        end
+
+        it 're-fetches the account' do
+          subject.call
+          expect(reslove_account_service).to have_received(:call).with(account)
+        end
+
+        it "merges back into local followers' feeds" do
+          subject.call
+          expect(FeedManager.instance).to have_received(:merge_into_home).with(account, local_follower)
+          expect(FeedManager.instance).to have_received(:merge_into_list).with(account, list)
+        end
+
+        it 'marks account as unsuspended' do
+          is_expected.to change { account.suspended? }.from(true).to(false)
+        end
+      end
+
+      context 'when the account is remotely suspended' do
+        before do
+          allow(reslove_account_service).to receive(:call).with(account) do |account|
+            account.suspend!(origin: :remote)
+            account
+          end
+        end
+
+        it 're-fetches the account' do
+          subject.call
+          expect(reslove_account_service).to have_received(:call).with(account)
+        end
+
+        it "does not merge back into local followers' feeds" do
+          subject.call
+          expect(FeedManager.instance).to_not have_received(:merge_into_home).with(account, local_follower)
+          expect(FeedManager.instance).to_not have_received(:merge_into_list).with(account, list)
+        end
+
+        it 'does not mark the account as unsuspended' do
+          is_expected.not_to change { account.suspended? }
+        end
+      end
+
+      context 'when the account is remotely deleted' do
+        before do
+          allow(reslove_account_service).to receive(:call).with(account).and_return(nil)
+        end
+
+        it 're-fetches the account' do
+          subject.call
+          expect(reslove_account_service).to have_received(:call).with(account)
+        end
+
+        it "does not merge back into local followers' feeds" do
+          subject.call
+          expect(FeedManager.instance).to_not have_received(:merge_into_home).with(account, local_follower)
+          expect(FeedManager.instance).to_not have_received(:merge_into_list).with(account, list)
+        end
+      end
+    end
+  end
+end
diff --git a/yarn.lock b/yarn.lock
@@ -9859,10 +9859,10 @@ sass-loader@^10.2.0:
     schema-utils "^3.0.0"
     semver "^7.3.2"
 
-sass@^1.37.0:
-  version "1.37.0"
-  resolved "https://registry.yarnpkg.com/sass/-/sass-1.37.0.tgz#f1b03a9d072ee9053a29d125c8130c78e92827c2"
-  integrity sha512-B+Tu6cSAG8ffs/cqsZl/bgSH2pCmavDaPTYAoW8QA1qNHh/RqndNfVKuABKYkLjUQ5aq/BnCENVpE80cqdSM1w==
+sass@^1.38.0:
+  version "1.38.0"
+  resolved "https://registry.yarnpkg.com/sass/-/sass-1.38.0.tgz#2f3e60a1efdcdc910586fa79dc89d3399a145b4f"
+  integrity sha512-WBccZeMigAGKoI+NgD7Adh0ab1HUq+6BmyBUEaGxtErbUtWUevEbdgo5EZiJQofLUGcKtlNaO2IdN73AHEua5g==
   dependencies:
     chokidar ">=3.0.0 <4.0.0"
 
