mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 21:55:15 +00:00
Merge branch 'dev' into collect
This commit is contained in:
Mike Macgirvin
commit
f5f9b5ce3c
10 changed files with 65 additions and 36 deletions
|
|
@ -55,8 +55,8 @@ class Socgraph {
|
|||
return;
|
||||
}
|
||||
|
||||
$max = intval(get_config('system', 'max_imported_follow', MAX_IMPORTED_FOLLOW));
|
||||
if (! intval($max)) {
|
||||
$max = intval(get_config('system', 'max_imported_follow', 0));
|
||||
if (!$max) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -254,8 +254,8 @@ class Socgraph {
|
|||
public static function ap_poco_load($xchan)
|
||||
{
|
||||
|
||||
$max = intval(get_config('system', 'max_imported_follow', MAX_IMPORTED_FOLLOW));
|
||||
if (! intval($max)) {
|
||||
$max = intval(get_config('system', 'max_imported_follow', 0));
|
||||
if (!$max) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,10 +15,14 @@ class Webfinger
|
|||
|
||||
public static function exec($resource)
|
||||
{
|
||||
|
||||
if (!$resource) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Config::Get('system', 'webfinger_trace')) {
|
||||
btlogger('webfinger: ' . $resource);
|
||||
}
|
||||
self::parse_resource($resource);
|
||||
|
||||
if (!(self::$server && self::$resource)) {
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ class Zotfinger
|
|||
$result['signature'] = HTTPSig::verify($x, EMPTY_STR, 'zot6');
|
||||
}
|
||||
elseif (!empty($result['data']['public_key'])) {
|
||||
$result['signature'] = HTTPSig::verify($x, EMPTY_STR, $result['data']['public_key']);
|
||||
$result['signature'] = HTTPSig::verify($x, $result['data']['public_key']);
|
||||
}
|
||||
|
||||
return $result;
|
||||
|
|
@ -173,7 +173,7 @@ class Zotfinger
|
|||
$result['signature'] = HTTPSig::verify($x, EMPTY_STR, 'zot6');
|
||||
}
|
||||
elseif (!empty($result['data']['public_key'])) {
|
||||
$result['signature'] = HTTPSig::verify($x, EMPTY_STR, $result['data']['public_key']);
|
||||
$result['signature'] = HTTPSig::verify($x, $result['data']['public_key']);
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ class Site
|
|||
$no_community_page = !((x($_POST, 'no_community_page')) ? true : false);
|
||||
$default_expire_days = ((array_key_exists('default_expire_days', $_POST)) ? intval($_POST['default_expire_days']) : 0);
|
||||
$active_expire_days = ((array_key_exists('active_expire_days', $_POST)) ? intval($_POST['active_expire_days']) : 7);
|
||||
$max_imported_follow = ((x($_POST, 'max_imported_follow')) ? intval(trim($_POST['max_imported_follow'])) : MAX_IMPORTED_FOLLOW);
|
||||
$max_imported_follow = ((x($_POST, 'max_imported_follow')) ? intval(trim($_POST['max_imported_follow'])) : 0);
|
||||
|
||||
$reply_address = ((array_key_exists('reply_address', $_POST) && trim($_POST['reply_address'])) ? trim($_POST['reply_address']) : 'noreply@' . App::get_hostname());
|
||||
$from_email = ((array_key_exists('from_email', $_POST) && trim($_POST['from_email'])) ? trim($_POST['from_email']) : 'Administrator@' . App::get_hostname());
|
||||
|
|
@ -258,9 +258,9 @@ class Site
|
|||
];
|
||||
|
||||
$perm_roles = PermissionRoles::roles();
|
||||
$default_role = get_config('system', 'default_permissions_role', 'social');
|
||||
$default_role = get_config('system', 'default_permissions_role', 'social_restricted');
|
||||
|
||||
$role = ['permissions_role', t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'), $perm_roles];
|
||||
$role = ['permissions_role', t('Default permission role for new accounts'), $default_role, '', $perm_roles];
|
||||
|
||||
$legal = PConfig::Get(App::$sys_channel['channel_id'], 'system', 'legal');
|
||||
if (!$legal) {
|
||||
|
|
@ -314,7 +314,7 @@ class Site
|
|||
'$animations' => ['animations', t('Permit animated profile photos'), get_config('system', 'animated_avatars', true), t('Changing this may take several days to work through the system')],
|
||||
'$incl' => ['pub_incl', t('Only import Public stream posts with this text'), get_config('system', 'pubstream_incl'), t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
|
||||
'$excl' => ['pub_excl', t('Do not import Public stream posts with this text'), get_config('system', 'pubstream_excl'), t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
|
||||
'$max_imported_follow' => ['max_imported_follow', t('Maximum number of imported friends of friends'), get_config('system', 'max_imported_follow', MAX_IMPORTED_FOLLOW), t('Warning: higher numbers will improve the quality of friend suggestions and directory results but can exponentially increase resource usage')],
|
||||
'$max_imported_follow' => ['max_imported_follow', t('Directory and friend suggestion discovery level'), get_config('system', 'max_imported_follow', 0), t('Recommended setting between 3 and 10. Every digit change will significantly increase database/disk usage, but also increase the quality of the directory and friend suggestions.')],
|
||||
'$login_on_homepage' => ['login_on_homepage', t("Login on Homepage"), ((intval($homelogin) || $homelogin === false) ? 1 : ''), t("Present a login box to visitors on the home page if no other content has been configured.")],
|
||||
'$reply_address' => ['reply_address', t('Reply-to email address for system generated email.'), get_config('system', 'reply_address', 'noreply@' . App::get_hostname()), ''],
|
||||
'$from_email' => ['from_email', t('Sender (From) email address for system generated email.'), get_config('system', 'from_email', 'Administrator@' . App::get_hostname()), ''],
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ use Code\Lib\Libzot;
|
|||
use Code\Lib\Activity;
|
||||
use Code\Lib\Libprofile;
|
||||
use Code\Lib\ActivityStreams;
|
||||
use Code\Lib\JcsEddsa2022;
|
||||
use Code\Lib\Crypto;
|
||||
use Code\Lib\PConfig;
|
||||
use Code\Lib as Zlib;
|
||||
|
|
@ -133,24 +132,25 @@ class Channel extends Controller
|
|||
goaway(z_root());
|
||||
}
|
||||
|
||||
$sigdata = HTTPSig::verify(EMPTY_STR);
|
||||
if ($sigdata['portable_id'] && $sigdata['header_valid']) {
|
||||
$portable_id = $sigdata['portable_id'];
|
||||
if (!check_channelallowed($portable_id)) {
|
||||
if (Config::Get('system', 'require_authenticated_fetch', false)) {
|
||||
$sigdata = HTTPSig::verify(EMPTY_STR);
|
||||
if ($sigdata && $sigdata['portable_id'] && $sigdata['header_valid']) {
|
||||
$portable_id = $sigdata['portable_id'];
|
||||
if (!check_channelallowed($portable_id)) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
if (!check_siteallowed($sigdata['signer'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
if (LibBlock::fetch_by_entity($channel['channel_id'], $sigdata['signer'])
|
||||
|| LibBlock::fetch_by_entity($channel['channel_id'], $sigdata['portable_id'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
observer_auth($portable_id);
|
||||
}
|
||||
else {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
if (!check_siteallowed($sigdata['signer'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
if (LibBlock::fetch_by_entity($channel['channel_id'],$sigdata['signer'])
|
||||
|| LibBlock::fetch_by_entity($channel['channel_id'],$sigdata['portable_id'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
|
||||
observer_auth($portable_id);
|
||||
}
|
||||
elseif (Config::Get('system', 'require_authenticated_fetch', false)) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
|
||||
as_return_and_die(Activity::actorEncode($channel, true, true), $channel);
|
||||
|
|
@ -159,6 +159,7 @@ class Channel extends Controller
|
|||
// handle zot6 channel discovery
|
||||
|
||||
if (Libzot::is_nomad_request()) {
|
||||
|
||||
$sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : '', EMPTY_STR, 'zot6');
|
||||
|
||||
if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
|
||||
|
|
|
|||
|
|
@ -48,6 +48,8 @@ class Home extends Controller
|
|||
|
||||
if (Libzot::is_nomad_request()) {
|
||||
$channel = Channel::get_system();
|
||||
|
||||
/*
|
||||
$sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6');
|
||||
|
||||
if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
|
||||
|
|
@ -61,8 +63,9 @@ class Home extends Controller
|
|||
$data = json_encode(Crypto::encapsulate($data, $s[0]['hubloc_sitekey'], Libzot::best_algorithm($s[0]['site_crypto'])));
|
||||
}
|
||||
} else {
|
||||
*/
|
||||
$data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash']]));
|
||||
}
|
||||
// }
|
||||
|
||||
$headers = [
|
||||
'Content-Type' => 'application/x-nomad+json',
|
||||
|
|
|
|||
|
|
@ -279,7 +279,7 @@ class Register extends Controller
|
|||
|
||||
|
||||
$auto_create = (bool)get_config('system', 'auto_channel_create');
|
||||
$default_role = get_config('system', 'default_permissions_role');
|
||||
$default_role = get_config('system', 'default_permissions_role', 'social_restricted');
|
||||
$email_verify = get_config('system', 'verify_email');
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -73,12 +73,6 @@ if (! defined('STORAGE_DEFAULT_PERMISSIONS')) {
|
|||
define ( 'STORAGE_DEFAULT_PERMISSIONS', 0770 );
|
||||
}
|
||||
|
||||
// imported followers for friend suggestions.
|
||||
|
||||
if (! defined('MAX_IMPORTED_FOLLOW')) {
|
||||
define ( 'MAX_IMPORTED_FOLLOW', 10);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* An alternate way of limiting picture upload sizes. Specify the maximum pixel
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
<?php
|
||||
define ('STD_VERSION', '24.02.09');
|
||||
define ('STD_VERSION', '24.02.14');
|
||||
|
|
|
|||
|
|
@ -70,6 +70,33 @@ App::$config['system']['verify_email'] = 1;
|
|||
|
||||
App::$config['system']['access_policy'] = ACCESS_PRIVATE;
|
||||
|
||||
// This software has a focus on online safety and user privacy. The default
|
||||
// channel configuration is a restricted role where all posts are private to
|
||||
// your connections and one needs to change the audience manually in order to
|
||||
// create a public post ('social_restricted'). You might want to instead
|
||||
// change this to post publicly by default, and require a manual change to
|
||||
// restrict the audience to only your connections. To do that, change this
|
||||
// to 'social'.
|
||||
|
||||
App::$config['system']['default_permissions_role'] = 'social_restricted';
|
||||
|
||||
// This setting affects the quality of the site directory and friend suggestions.
|
||||
// It controls how many "friends of friends" to import into your site from connections
|
||||
// that are made on this site. Every digit increase can have a dramatic effect on disk
|
||||
// and database use depending on the size of your site and the number of connections that
|
||||
// have been made. If set to 100 or more and you have more than a dozen local accounts,
|
||||
// each with a modest number of connections, your directory could ultimately discover most
|
||||
// of the known fediverse, or tens of millions of entries.
|
||||
// The default setting of 10 will provide you with a very well connected fediverse instance
|
||||
// with an interesting and well-rounded directory, and provide good quality friend suggestions.
|
||||
// You might wish to reduce this or change it to 0 if resource use is a concern.
|
||||
// The quality of your directory and friend suggestions will decrease accordingly. If you
|
||||
// raise it, it is recommend that you raise it incrementally and not make large or sudden
|
||||
// jumps, as this could quickly mushroom into millions or tens of millions of new
|
||||
// directory records.
|
||||
|
||||
App::$config['system']['max_imported_follow'] = 10;
|
||||
|
||||
// If you operate a public site, you might wish that people are directed
|
||||
// to a "sellpage" where you can describe for features or policies or service plans in depth.
|
||||
// This must be an absolute URL beginning with http:// or https:// .
|
||||
|
|
|
|||
Loading…
Reference in a new issue