Commit graph

723 commits

Author SHA1 Message Date
Matthias Pfefferle
ee3574a8a3
Merge pull request #362 from Automattic/short-code-hardening
Hardening the use of a shortcode
2023-07-18 08:31:11 +02:00
Matthias Pfefferle
f4c8264e9a move function to Shortcode class 2023-07-18 08:20:09 +02:00
Matthias Pfefferle
bf8acf9f51 use wp_rand and change hashtags too 2023-07-18 08:14:28 +02:00
Alex Kirk
ab6aefe446 Add missing output escaping 2023-07-18 06:30:06 +02:00
Matthias Pfefferle
964ceee869 fix tests 2023-07-17 17:23:13 +02:00
Matthias Pfefferle
d7e9d54063 Checks if item (WP_Post) is "public", a supported post type and not password protected. 2023-07-17 15:25:30 +02:00
Matthias Pfefferle
0f54ea465e fix CSRF flaw 2023-07-17 14:37:17 +02:00
Matthias Pfefferle
626616a747 always use host as default username 2023-07-14 11:29:03 +02:00
Matthias Pfefferle
5ae978a8bc user_id could be an int and meta always returns strings
remove strict comparison in this case and add tests to verify the correct behaviour
2023-07-13 10:35:15 +02:00
Matthias Pfefferle
00fbc296b3 fix #343 2023-07-11 14:48:49 +02:00
Matthias Pfefferle
4a82edcd22 Revert "fix #358"
This reverts commit ad18edbcea.
2023-07-11 14:48:04 +02:00
Matthias Pfefferle
ad18edbcea fix #358 2023-07-11 14:40:31 +02:00
Matthias Pfefferle
002d4e7981 refactoring 2023-07-11 14:34:11 +02:00
Matthias Pfefferle
e0d767ed98 Fix WebFinger endpoint 2023-07-11 14:26:07 +02:00
Matthias Pfefferle
57bc4214b7 If the Blog is in "single user" mode, return "Person" insted of "Group". 2023-07-11 09:28:10 +02:00
Matthias Pfefferle
befd0d4f1e do not persist data in a getter! 2023-07-11 09:21:16 +02:00
Matthias Pfefferle
a461ea3b1f some refactorings 2023-07-11 09:09:37 +02:00
Matthias Pfefferle
0ab61b6441 make is_user_disabled filterable 2023-07-11 08:58:50 +02:00
Matthias Pfefferle
d5a389420d some fixes based on the feedback of @mattwiebe 2023-07-11 08:53:18 +02:00
Matthias Pfefferle
8920c60c61 final fixes and more tests 2023-07-10 15:14:37 +02:00
Matthias Pfefferle
be6d8a1792 fix activity 2023-07-10 14:59:12 +02:00
Matthias Pfefferle
465a912a70 fix user settings 2023-07-10 14:08:51 +02:00
Matthias Pfefferle
2f5a321474 fix missing user_id issue 2023-07-10 12:12:12 +02:00
Matthias Pfefferle
81d0e09f6e fix wrong function names 2023-07-10 11:56:46 +02:00
Matthias Pfefferle
64d2d2995b oops 2023-07-10 11:49:43 +02:00
Matthias Pfefferle
2252b87b1b check what activity should be send 2023-07-10 10:58:34 +02:00
Matthias Pfefferle
69326d027c return blog-user when in single mode 2023-07-10 10:57:06 +02:00
Matthias Pfefferle
fe99fffab6 use Group type for blog-user 2023-07-10 10:29:15 +02:00
Matthias Pfefferle
799f4be1d8 check for "single user mode" 2023-07-10 10:29:02 +02:00
Matthias Pfefferle
a0a1e33dc8 Fall back to ID id URL is empty 2023-07-10 10:28:45 +02:00
Matthias Pfefferle
9559a089be fix sanitization 2023-07-07 16:45:38 +02:00
Matthias Pfefferle
f3d2243afb use paged instead of offset 2023-07-07 15:10:22 +02:00
Matthias Pfefferle
7f3d31c59e add prev 2023-07-07 15:09:22 +02:00
Matthias Pfefferle
4b8ffc874a add pager to followers endpoint 2023-07-07 15:02:34 +02:00
Matthias Pfefferle
d00b7b54f2 use esc_sql 2023-07-07 14:54:28 +02:00
Matthias Pfefferle
5b712fb7cd fix some last "follower" issues 2023-07-07 13:43:12 +02:00
Matthias Pfefferle
d4f5ad8ec1 use post_meta instead of post_content 2023-07-06 16:10:48 +02:00
Matthias Pfefferle
96c1e92151 optimize and simplify followers 2023-07-06 14:42:18 +02:00
Matthias Pfefferle
c1da689d66 fix is_activitypub_request function 2023-07-05 18:13:46 +02:00
Matthias Pfefferle
19d60d8fec fix sending activities 2023-07-05 16:16:31 +02:00
Matthias Pfefferle
5c59834a0c various fixes mainly regarding send_follow_response 2023-07-05 15:34:22 +02:00
Matthias Pfefferle
1269cc6248 better instancing 2023-07-05 15:33:16 +02:00
Matthias Pfefferle
eed43355b3 fix inbox 2023-07-05 15:33:07 +02:00
Matthias Pfefferle
862de71cd2 fix WebFinger for pseudo-users 2023-07-05 15:32:49 +02:00
Matthias Pfefferle
52038c9f43 fix image and username handling 2023-07-05 15:32:26 +02:00
Matthias Pfefferle
1380025d4a always use Followers::add_follower
to not ran into inconsistencies
2023-07-05 15:31:45 +02:00
Matthias Pfefferle
7a360dbf6f fix object handling 2023-07-05 15:31:06 +02:00
Matthias Pfefferle
e65b70763d use URL as post-name 2023-07-05 12:18:48 +02:00
Matthias Pfefferle
07b0ae6e2d fix namespaces 2023-07-03 20:02:00 +02:00
Matthias Pfefferle
52e644631a add missing attributed_to 2023-07-03 20:00:47 +02:00
Matthias Pfefferle
be07574cfe fix code 2023-07-03 19:56:06 +02:00
Matthias Pfefferle
47957c2a6a fix code 2023-07-03 19:52:54 +02:00
Matthias Pfefferle
7c9258eb1d consistent use of namespaces 2023-07-03 19:25:49 +02:00
Matthias Pfefferle
7f3059427d fix tests 2023-07-03 18:18:03 +02:00
Matthias Pfefferle
f1c1eff267
Merge branch 'add/catchall' into rewrite-user-management 2023-07-03 18:03:42 +02:00
Matthias Pfefferle
493b8ffad5 use transformer instead of post-model 2023-07-03 17:59:42 +02:00
Matthias Pfefferle
1685ec7cc8 allow sending blog-wide activities 2023-07-03 11:56:25 +02:00
Matthias Pfefferle
359eabf671 use collection instead of factory 2023-07-03 11:20:44 +02:00
Matthias Pfefferle
dd67f76db1 fix class names 2023-06-30 16:12:04 +02:00
Matthias Pfefferle
f207089269 revert scheduler/dispatcher changes 2023-06-30 16:08:28 +02:00
Matthias Pfefferle
ced8cd0e29 send activities for blog-wide user 2023-06-29 19:10:49 +02:00
Matthias Pfefferle
3e969c859a send blog-wide activities if enabled 2023-06-29 18:44:25 +02:00
Matthias Pfefferle
1543c49c19 some doc changes 2023-06-29 14:54:45 +02:00
Matthias Pfefferle
68e9bfdc79 this is now part of the Base_Object 2023-06-28 19:38:50 +02:00
Matthias Pfefferle
1fe8c26b1d ignore prefixed attributes 2023-06-28 19:38:19 +02:00
Matthias Pfefferle
75a77b3f5c finalize account handling
still missing: publishing
2023-06-28 18:02:14 +02:00
Matthias Pfefferle
c02702f773 replace filters 2023-06-28 16:43:41 +02:00
Matthias Pfefferle
a706bef130 check for option field 2023-06-28 16:42:33 +02:00
Matthias Pfefferle
913c9aeac4 put @context at the top of the JSON output 2023-06-28 16:42:20 +02:00
Matthias Pfefferle
c266c927da transform users to actors 2023-06-28 14:22:27 +02:00
Matthias Pfefferle
83ddca8f28 fix templating 2023-06-28 10:14:13 +02:00
Matthias Pfefferle
36540c0f78 fix delete 2023-06-28 09:56:18 +02:00
Matthias Pfefferle
58c04856c9 check if a user is enabled or not 2023-06-27 14:30:52 +02:00
Matthias Pfefferle
359cd57081 normalizing 2023-06-27 14:30:52 +02:00
Matthias Pfefferle
6ddbe25852 overwrite activity-object-user on single_user_mode 2023-06-27 14:30:52 +02:00
Matthias Pfefferle
e88ee59113 make user filterable, to change author to blog wide user 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
5f1abd2461 fail early 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
255ace3ae6 revert latest changes to simplify dispatching for now 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
a8fe587f91 prepare federation method 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
723a3e3363 fix signature issue 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
d251060624 migrated missing parts 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
112eb51af1 updated signature feature to new structure 2023-06-27 14:29:42 +02:00
Matthias Pfefferle
4f2a162f6c Fix follower-list actions 2023-06-27 14:28:52 +02:00
Matthias Pfefferle
e1fd0e1c39 move signature to user object 2023-06-27 14:28:52 +02:00
Matthias Pfefferle
e2ad08b61b use correct blog-user-id 2023-06-27 14:26:37 +02:00
Matthias Pfefferle
0f72f94406 small updates 2023-06-27 14:26:37 +02:00
Matthias Pfefferle
913b60c7c7 Fix WebFinger resources for Blog-User and updated settings. 2023-06-27 14:26:37 +02:00
Matthias Pfefferle
4d8170413b avatar and header-image settings 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
7b9b3dbc37 add @-urls to webfinger aliases 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
2feca1388a generate default username 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
daf228fd44 move permanently 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
c95e501f98 redirect to canonical URL if it is not an ActivityPub request 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
a617553ddf fix profile pages 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
503353bcd0 Added settings for blog-wide user 2023-06-27 14:26:00 +02:00
Matthias Pfefferle
3feef1e8cf send user and blog activities
and set the blog to "single-mode"
2023-06-27 14:26:00 +02:00
Matthias Pfefferle
f8b93760df fix copy&paste issue
thanks @mattwiebe
2023-06-27 14:25:39 +02:00
Matthias Pfefferle
a1791b963c try new id urls 2023-06-27 14:25:39 +02:00
Matthias Pfefferle
03f2c24892 small improvements 2023-06-27 14:25:39 +02:00
Matthias Pfefferle
09518ea66b prepare pseudo users like a blog wide user.
this allows also other constructs like tag oder category users

fix #1
2023-06-27 14:25:12 +02:00
Matthias Pfefferle
235b5aa4a1 build a simple to_array converter 2023-06-26 11:08:04 +02:00
Matthias Pfefferle
ffa02e7b18 oops 2023-06-23 15:41:19 +02:00
Matthias Pfefferle
6fcd19554a updated is not needed 2023-06-23 15:21:14 +02:00
Matthias Pfefferle
2cacd374dc fix PHPCS issues 2023-06-23 14:57:46 +02:00
Matthias Pfefferle
5478be1355 a follower is now a valid ActivityPub Actor
this helps with API handling
2023-06-23 14:54:29 +02:00
Matthias Pfefferle
d47a048329 save meta to post-meta and persist summary in post-content 2023-06-22 10:01:15 +02:00
Matthias Pfefferle
a215203777 because post_types have length limitations, we should abbreviate the "activitypub" prefix, to be more flexible and consistent when adding other post_types in the future
"Must not exceed 20 characters and may only contain lowercase alphanumeric characters, dashes, and underscores"
2023-06-20 09:51:13 +02:00
Matthias Pfefferle
e7bc9706a8 remove url attribute 2023-06-19 11:36:59 +02:00
Matthias Pfefferle
08e3104a1e better add_follower handling 2023-06-19 11:04:45 +02:00
Matthias Pfefferle
28922d51dd Fix follower list 2023-06-16 16:56:30 +02:00
Matthias Pfefferle
daf7acb1b0 implement missing get_follower logic 2023-06-16 16:46:49 +02:00
Matthias Pfefferle
793214cea2 now tests are green again 2023-06-16 11:40:26 +02:00
Matthias Pfefferle
46f376e05e fix tests 2023-06-15 12:24:13 +02:00
Matthias Pfefferle
37c61fbf07 fix queries 2023-06-15 12:17:48 +02:00
Matthias Pfefferle
4414121502 add missing user_id 2023-06-15 12:13:30 +02:00
Matthias Pfefferle
fcf6740d36 fix query 2023-06-15 11:53:07 +02:00
Matthias Pfefferle
9036b644d1 add user connection 2023-06-15 11:48:43 +02:00
Matthias Pfefferle
fc0fc295bb fix follower creation 2023-06-15 11:48:09 +02:00
Matthias Pfefferle
8b7744a5ea fix queries 2023-06-15 11:47:50 +02:00
Matthias Pfefferle
7ed998d81f fix follower table 2023-06-15 11:45:25 +02:00
Matt Wiebe
87de87b2a5 Followers: use custom post types and postmeta to store 2023-06-12 11:38:15 -05:00
Matthias Pfefferle
bfe5381d99
Merge pull request #299 from mediaformat/signature_verification
Signature verification
2023-06-01 11:21:33 +02:00
Matthias Pfefferle
00e56ca112 always use is_activitypub_request to check if it is an AP request 2023-06-01 11:17:08 +02:00
Matthias Pfefferle
00dd5d2c52 some phpdoc 2023-06-01 11:05:47 +02:00
Matthias Pfefferle
b834666eda add missing slash 2023-06-01 10:44:05 +02:00
Matthias Pfefferle
9118e50623 fix signature verification path 2023-06-01 10:25:18 +02:00
Matthias Pfefferle
c1bf6691c1 fix route issues 2023-06-01 10:13:49 +02:00
Matthias Pfefferle
96881b940a some refactorings and fixed the tests 2023-06-01 09:49:40 +02:00
Django Doucet
73cd19ec20 added test and pre_get_remote_key filter 2023-05-31 23:23:40 -06:00
Matthias Pfefferle
758912da64 do not use cache for new followers 2023-05-31 14:03:46 +02:00
Matthias Pfefferle
084f108161 only schedule migration if DB is not on the latest version 2023-05-31 10:48:51 +02:00
Matthias Pfefferle
c04cf3fc7e move schedule to scheduler-class 2023-05-31 10:48:06 +02:00
Matthias Pfefferle
ab0f48389c deregister schedules on uninstall 2023-05-31 10:47:49 +02:00
Django Doucet
273493e768 update header parsing in get_signed_data() 2023-05-26 12:40:46 -06:00
Matthias Pfefferle
221c577826 Fix federation with pixelfed! 2023-05-25 14:03:30 +02:00
Matthias Pfefferle
27dd8217e8
Merge branch 'master' into fix/sanitization 2023-05-23 19:20:23 +02:00
Matthias Pfefferle
2117f78106 fix #321 2023-05-23 12:28:57 +02:00
Matthias Pfefferle
2aa7077ae7 add wpautop to user description
fix #279
2023-05-23 12:26:02 +02:00
Matthias Pfefferle
83991c0cd8 fix #332
and some of the feedback of @mattwiebe
2023-05-23 12:14:39 +02:00
Matthias Pfefferle
d91eaeae72 phpdoc 2023-05-23 11:26:12 +02:00
Matthias Pfefferle
3d1a0af6cb moved strip style/script 2023-05-23 11:13:17 +02:00
Matthias Pfefferle
677d507fe9 Revorked "sanitize output"
This reverts commit 77873d12b3.
2023-05-23 11:10:05 +02:00
Matthias Pfefferle
750d071c8d
Merge branch 'master' into signature_verification 2023-05-22 14:50:49 +02:00
Matthias Pfefferle
b8ee030d78
Merge pull request #324 from Automattic/add/caching
Introduce Caching
2023-05-22 14:34:49 +02:00
Matthias Pfefferle
d2b7c287fc code doc 2023-05-22 13:35:46 +02:00
Matthias Pfefferle
ec4e22f570 fix routing checks 2023-05-22 13:34:14 +02:00
Matthias Pfefferle
467a349b16 some small improvements 2023-05-22 11:31:46 +02:00
Matthias Pfefferle
68002db291 prevent sweeping of followers taxonomies
thanks @akirk

b0db9db87e
2023-05-22 10:58:13 +02:00
Matthias Pfefferle
e04ccdc961 fix missing namespace 2023-05-19 18:06:39 +02:00
Matthias Pfefferle
a1753242f3 fix missing namespace 2023-05-19 18:03:05 +02:00
Matthias Pfefferle
e48ce0ebce I would remove the settings for now 2023-05-19 17:16:19 +02:00
Matthias Pfefferle
92712e1d4a
Merge branch 'master' into signature_verification 2023-05-19 12:01:53 +02:00
Matthias Pfefferle
dd486e552f some code cleanups 2023-05-19 12:00:11 +02:00
Django Doucet
f4aadc00fc phpcs 2023-05-18 00:10:03 -06:00
Django Doucet
ed77ffce26 update rest paths to namespace 2023-05-18 00:03:11 -06:00
Matthias Pfefferle
cfb162c620
Merge branch 'master' into signature_verification 2023-05-17 09:59:02 +02:00
Matthias Pfefferle
c34fb74b41 coding style 2023-05-17 09:03:26 +02:00
Matthias Pfefferle
60fc581e1d coding style 2023-05-17 09:02:37 +02:00
Matthias Pfefferle
4b294bb8a6
Merge branch 'master' into signature_verification 2023-05-16 08:15:35 +02:00
Matthias Pfefferle
9cd2a04955 re-added some namespace consts 2023-05-16 08:14:04 +02:00
Django Doucet
e79f2e8991 fix keyId url 2023-05-16 00:11:27 -06:00
Matthias Pfefferle
2e537e423c
Merge branch 'master' into add/rest-namespace-constant 2023-05-16 08:10:06 +02:00
Matthias Pfefferle
ec23742b9a
Merge pull request #318 from Automattic/schedule
update scheduler for followers
2023-05-16 08:08:42 +02:00
Django Doucet
12724a3681 Switch secure_mode to a filter 2023-05-16 00:07:15 -06:00
Matthias Pfefferle
8b9026ab5e fix get_post_content_template function 2023-05-15 10:55:07 +02:00
Matthias Pfefferle
7456d36834 use const instead of -1 2023-05-15 10:48:34 +02:00
Matt Wiebe
31e7e44642 remove filter 2023-05-12 18:25:49 -05:00
Matt Wiebe
ec00ace234 add a activitypub_rest_url filter 2023-05-12 16:55:04 -05:00
Matthias Pfefferle
c99daa3e72
Merge branch 'master' into add/rest-namespace-constant 2023-05-12 22:44:41 +02:00
Matt Wiebe
5a91fdcf0a remove debug log 2023-05-12 15:43:04 -05:00
Matt Wiebe
3fa5e4f37e now with more use 2023-05-12 15:31:53 -05:00
Matt Wiebe
314ccf43a6 add a get_rest_url_by_path helper function, and use it 2023-05-12 15:24:24 -05:00
Matthias Pfefferle
94e5539d75 reset errors if new is set 2023-05-12 10:23:58 +02:00
Matthias Pfefferle
7d5cfb3078 phpdoc 2023-05-12 10:17:36 +02:00
Matt Wiebe
abfa7c7969 Allow setting the REST namespace with ACTIVITYPUB_REST_NAMESPACE 2023-05-11 13:25:30 -05:00
Jeremy Herve
d16014911b
Compat: introduce a conditional to detect ActivityPub requests
This conditional could be used within the plugin, but also by third-party plugins, to detect whether a request is an ActivityPub request, without having to manually check for query vars and headers every time.
2023-05-11 19:53:53 +02:00
Matthias Pfefferle
77873d12b3 sanitize output 2023-05-11 14:20:35 +02:00
Matthias Pfefferle
f196047901 remove casts
after feedback from @akirk
2023-05-11 11:02:06 +02:00
Matthias Pfefferle
b803914180 removed output formatting 2023-05-11 09:46:26 +02:00
Matthias Pfefferle
47b1b10955 Fix migration script 2023-05-11 09:45:01 +02:00
Django Doucet
fc1b89561e If WP_REST_Request set actor for get_remote_key() 2023-05-10 19:46:52 -06:00
Matthias Pfefferle
26a1dc9be5 use time() instead of strtotime( 'now' ) 2023-05-10 18:52:13 +02:00
Matthias Pfefferle
6fce2c30d2
Update includes/class-scheduler.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-10 18:47:46 +02:00
Matthias Pfefferle
9da559be6a
Update includes/collection/class-followers.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-10 18:45:32 +02:00
Matthias Pfefferle
463bff834b delete if response code is 410 or 404 2023-05-10 17:21:59 +02:00
Matthias Pfefferle
154b0018af PHPDoc 2023-05-10 15:36:45 +02:00
Matthias Pfefferle
df02d2202e PHPDoc 2023-05-10 15:02:01 +02:00
Matthias Pfefferle
2570928b00 PHPDoc 2023-05-10 14:55:10 +02:00
Matthias Pfefferle
17b66cb23d implement cleanup_followers and update_followers 2023-05-10 14:18:56 +02:00
Matthias Pfefferle
74be5d6b51 implemented feedback of @akirk 2023-05-10 09:04:33 +02:00
Matthias Pfefferle
ca8aff1823 cast to bool, to be sure that '0' is false 2023-05-09 12:25:25 +02:00
Matthias Pfefferle
b88c5f606d fixed copy/paste issue 2023-05-09 12:17:48 +02:00
Matthias Pfefferle
c872cb69d0 remove var_dump :( 2023-05-09 12:13:35 +02:00
Matthias Pfefferle
180e882c4a generate key if not existent 2023-05-09 12:12:05 +02:00
Matthias Pfefferle
96953dfc7e fail early and always return $response as fallback 2023-05-09 11:57:43 +02:00
Matthias Pfefferle
c42edfce68 use WP_Error 2023-05-09 11:51:53 +02:00
Matthias Pfefferle
378f5dacdc fix issue with missing array 2023-05-09 11:32:26 +02:00
Matthias Pfefferle
4abd5aefb4 cache inbox list 2023-05-09 10:28:23 +02:00
Matthias Pfefferle
f64a765129 phpdoc fixes 2023-05-09 10:08:51 +02:00
Matthias Pfefferle
6d96daa635 fix NodeInfo check 2023-05-08 21:05:20 +02:00
Django Doucet
abedf014ae remove redundant 2023-05-05 23:56:39 -06:00