* add private visibility
* filter private communities in post_view.rs
* also filter in comment_view
* community follower state
* remove unused method
* sql fmt
* add CommunityFollower.approved_by
* implement api endpoints
* api changes
* only admins can create private community for now
* add local api tests
* fix api tests
* follow remote private community
* use authorized fetch for content in private community
* federate community visibility
* dont mark content in private community as public
* expose ApprovalRequired in api
* also check content fetchable for outbox/featured
* address private community content to followers
* implement reject activity
* fix tests
* add files
* remove local api tests
* dont use delay
* is_new_instance
* single query for is_new_instance
* return subscribed type for pending follow
* working
* need to catch errors in waitUntil
* clippy
* fix query
* lint for unused async
* diesel.toml comment
* add comment
* avoid db reads
* rename approved_by to approver_id
* add helper
* form init
* list pending follows should return items for all communities
* clippy
* ci
* fix down migration
* fix api tests
* references
* rename
* run git diff
* ci
* fix schema check
* fix joins
* ci
* ci
* skip_serializing_none
* fix test
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Added OAUTH2 OIDC support
* Fixes and improvements based on review feedback
* use derive_new::new instead of TypedBuilder
* merge migrations into a single file
* fixes based on review feedback
* remove unnecessary hostname_ui config
* improvement based on review feedback
* improvements based on review feedback
* delete user oauth accounts at account deletion
* fixes and improvements based on review feedback
* removed auto_approve_application
* support registration application with sso
* improvements based on review feedback
* making the TokenResponse an internal struct as it should be
* remove duplicate struct
* prevent oauth linking to unverified accounts
* switched to manually entered username and removed the oauth name claim
* fix cargo fmt
* fix compile error
* improvements based on review feedback
* fixes and improvements based on review feedback
---------
Co-authored-by: privacyguard <privacyguard@users.noreply.github.com>
* wip
* stuff
* fmt
* fmt 2
* fmt 3
* fix default feature
* use Authorization header
* store ip and user agent for each login
* add list_logins endpoint
* serde(skip) for token
* fix api tests
* A few suggestions for login_token (#3991)
* A few suggestions.
* Fixing SQL format.
* review
* review
* rename cookie
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Remove explicit auth params (ref #3725)
Only take auth via header or cookie. This requires a new version
of lemmy-js-client for api tests to pass.
* rework api_crud
* remove remaining auth params, move logic to session middleware
* fmt, fix test
* update js client
* remove auth param from api tests
* Pass auth as header
* add !
* url vars, setHeader
* cleanup
* fmt
* update
* Updating for new lemmy-js-client.
---------
Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* First pass at adding admin purge. #904#1331
* Breaking out purge into 4 tables for the 4 purgeable types.
* Using CommunitySafe instead in view
* Fix db_schema features flags.
* Attempting to pass API key.
* Adding pictrs image purging
- Added pictrs_config block, for API_KEY
- Clear out image columns after purging
* Remove the remove_images field from a few of the purge API calls.
* Fix some suggestions by @nutomic.
* Add separate pictrs reqwest client.
* Update defaults.hjson
Co-authored-by: Nutomic <me@nutomic.com>
* Create example for apub lib
* some rewriting of apub lib
* Add LocalInstance struct for apub lib to avoid using Lemmy Settings
* Move ActorType trait to lemmy_apub, because its not needed in library
* Use reqwest_retry instead of custom impl, dont specify timeout on every send()
* Some improvements to example
* Moved inbox handling to library
* bug fixes
* Move context and serde helpers into library
* wip: example changes
* Add lemmy_utils feature to build only LemmyError
* Rename to activitypub_federation
* Remove lemmy_utils dep from activitypub_federation using generic error type
* Finish activitypub example
* Cleanup and fix tests
* Reorganize library files
* Remove ApubObject.to_tombstone()
* Extract activitypub library into separate git repository
* First pass at invite-only migration.
* Implement email verification (fixes#219)
* remove unwrap
* Adding views and functionality to registration application. #209
* Add private instance site column, and back end checks.
* Adding some message fields to LoginResponse
* Adding private instance to site setup.
* A few additions:
- Add a DeleteAccount response.
- RegistrationApplicationView now has the safe LocalUserSettings.
- Adding VerifyEmail to websocket API, added a proper response type.
* Adding and reorganizing some email helpers.
* A few fixes for private sites:
- Added a check_registration_application function.
- Only send a verification email if its been changed.
- VerifyEmail now returns LoginResponse.
- Deleting the old tokens after a successful email verify.
- If port is missing on email config, display a better error message.
* Version 0.15.0-rc.3
* Adding published to email_verification table.
* Adding fixes from comments.
* Version 0.15.0-rc.4
* Adding modlog private site check.
* Version 0.15.0-rc.6
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Respond directly with LemmyError
Instrument Perform implementations for more precise traces
Use ApiError to format JSON errors when messages are present
Keep SpanTrace output in LemmyError Display impl
* Hide SpanTrace debug output from LemmyError
* Don't log when entering spans, only when leaving
* Update actix-web
* Update actix-rt
* Add newline after error info in LemmyError Display impl
* Propogate span information to blocking operations
* Instrument apub functions
* Use skip_all for more instrument attributes, don't skip 'self' in some api actions
* Make message a static string
* Send proper JSON over websocket
* Add 'message' to LemmyError display if present
* Use a quieter root span builder, don't pretty-print logs
* Keep passwords and emails out of logs
* Re-enable logging Login
* Instrument feeds
* Emit our own errors
* Move error log after status code recording
* Make Sensitive generic over the inner type
* Remove line that logged secrets
