MetuFSS
/
metu.life
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master

Browse Source
master
Jenkins 7 years ago
parent 2649cce3a0 ac49c7932d
commit e8aeec4fea
8 changed files with 79 additions and 46 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      app/javascript/mastodon/actions/compose.js
  2. 13
      app/lib/request.rb
  3. 2
      app/services/activitypub/process_account_service.rb
  4. 4
      config/application.rb
  5. 4
      config/environments/production.rb
  6. 3
      config/initializers/devise.rb
  7. 76
      lib/devise/ldap_authenticatable.rb
  8. 11
      spec/lib/request_spec.rb

12
app/javascript/mastodon/actions/compose.js
Unescape View File

@ -1,4 +1,5 @@
import api from '../api';
import { CancelToken } from 'axios';
import { throttle } from 'lodash';
import { search as emojiSearch } from '../features/emoji/emoji_mart_search_light';
import { tagHistory } from '../settings';
@ -11,6 +12,8 @@ import {
refreshPublicTimeline,
} from './timelines';
let cancelFetchComposeSuggestionsAccounts;
export const COMPOSE_CHANGE = 'COMPOSE_CHANGE';
export const COMPOSE_SUBMIT_REQUEST = 'COMPOSE_SUBMIT_REQUEST';
export const COMPOSE_SUBMIT_SUCCESS = 'COMPOSE_SUBMIT_SUCCESS';
@ -257,13 +260,22 @@ export function undoUploadCompose(media_id) {
};
export function clearComposeSuggestions() {
if (cancelFetchComposeSuggestionsAccounts) {
cancelFetchComposeSuggestionsAccounts();
}
return {
type: COMPOSE_SUGGESTIONS_CLEAR,
};
};
const fetchComposeSuggestionsAccounts = throttle((dispatch, getState, token) => {
if (cancelFetchComposeSuggestionsAccounts) {
cancelFetchComposeSuggestionsAccounts();
}
api(getState).get('/api/v1/accounts/search', {
cancelToken: new CancelToken(cancel => {
cancelFetchComposeSuggestionsAccounts = cancel;
}),
params: {
q: token.slice(1),
resolve: false,

13
app/lib/request.rb
Unescape View File

@ -94,9 +94,16 @@ class Request
class Socket < TCPSocket
class << self
def open(host, *args)
address = IPSocket.getaddress(host)
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address)
super address, *args
outer_e = nil
Addrinfo.foreach(host, nil, nil, :SOCK_STREAM) do |address|
begin
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address.ip_address)
return super address.ip_address, *args
rescue => e
outer_e = e
end
end
raise outer_e if outer_e
end
alias new open

2
app/services/activitypub/process_account_service.rb
Unescape View File

@ -16,7 +16,7 @@ class ActivityPub::ProcessAccountService < BaseService
RedisLock.acquire(lock_options) do |lock|
if lock.acquired?
@account = Account.find_by(uri: @uri)
@account = Account.find_remote(@username, @domain)
@old_public_key = @account&.public_key
@old_protocol = @account&.protocol

4
config/application.rb
Unescape View File

@ -77,9 +77,7 @@ module Mastodon
]
config.i18n.default_locale = ENV['DEFAULT_LOCALE']&.to_sym
if config.i18n.available_locales.include?(config.i18n.default_locale)
config.i18n.fallbacks = [:en]
else
unless config.i18n.available_locales.include?(config.i18n.default_locale)
config.i18n.default_locale = :en
end

4
config/environments/production.rb
Unescape View File

@ -55,8 +55,8 @@ Rails.application.configure do
# config.action_mailer.raise_delivery_errors = false
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true
# English when a translation cannot be found).
config.i18n.fallbacks = [:en]
# Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify

3
config/initializers/devise.rb
Unescape View File

@ -55,6 +55,8 @@ module Devise
@@ldap_bind_dn = nil
mattr_accessor :ldap_password
@@ldap_password = nil
mattr_accessor :ldap_tls_no_verify
@@ldap_tls_no_verify = false
class Strategies::PamAuthenticatable
def valid?
@ -357,5 +359,6 @@ Devise.setup do |config|
config.ldap_bind_dn = ENV.fetch('LDAP_BIND_DN')
config.ldap_password = ENV.fetch('LDAP_PASSWORD')
config.ldap_uid = ENV.fetch('LDAP_UID', 'cn')
config.ldap_tls_no_verify = ENV['LDAP_TLS_NO_VERIFY'] == 'true'
end
end

76
lib/devise/ldap_authenticatable.rb
Unescape View File

@ -1,49 +1,53 @@
# frozen_string_literal: true
if ENV['LDAP_ENABLED'] == 'true'
require 'net/ldap'
require 'devise/strategies/authenticatable'
require 'net/ldap'
require 'devise/strategies/authenticatable'
module Devise
module Strategies
class LdapAuthenticatable < Authenticatable
def authenticate!
if params[:user]
ldap = Net::LDAP.new(
host: Devise.ldap_host,
port: Devise.ldap_port,
base: Devise.ldap_base,
encryption: {
method: Devise.ldap_method,
tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS,
},
auth: {
method: :simple,
username: Devise.ldap_bind_dn,
password: Devise.ldap_password,
},
connect_timeout: 10
)
module Devise
module Strategies
class LdapAuthenticatable < Authenticatable
def authenticate!
if params[:user]
ldap = Net::LDAP.new(
host: Devise.ldap_host,
port: Devise.ldap_port,
base: Devise.ldap_base,
encryption: {
method: Devise.ldap_method,
tls_options: tls_options,
},
auth: {
method: :simple,
username: Devise.ldap_bind_dn,
password: Devise.ldap_password,
},
connect_timeout: 10
)
if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password))
user = User.ldap_get_user(user_info.first)
success!(user)
else
return fail(:invalid_login)
end
if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password))
user = User.ldap_get_user(user_info.first)
success!(user)
else
return fail(:invalid_login)
end
end
end
def email
params[:user][:email]
end
def email
params[:user][:email]
end
def password
params[:user][:password]
def password
params[:user][:password]
end
def tls_options
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.tap do |options|
options[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if Devise.ldap_tls_no_verify
end
end
end
end
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)
end
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)

11
spec/lib/request_spec.rb
Unescape View File

@ -48,6 +48,13 @@ describe Request do
expect(a_request(:get, 'http://example.com')).to have_been_made.once
end
it 'executes a HTTP request when the first address is private' do
allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:4860:4860::8844"], :PF_INET6, :SOCK_STREAM))
expect(a_request(:get, 'http://example.com')).to have_been_made.once
end
it 'sets headers' do
expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made
end
@ -61,7 +68,9 @@ describe Request do
end
it 'raises Mastodon::ValidationError' do
allow(IPSocket).to receive(:getaddress).with('example.com').and_return('0.0.0.0')
allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:db8::face"], :PF_INET6, :SOCK_STREAM))
expect{ subject.perform }.to raise_error Mastodon::ValidationError
end
end

Write Preview
Loading…
Cancel
Save