MetuFSS
/
metu.life
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master

Browse Source
master
Jenkins 7 years ago
parent 2649cce3a0 ac49c7932d
commit e8aeec4fea
8 changed files with 79 additions and 46 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      app/javascript/mastodon/actions/compose.js
  2. 13
      app/lib/request.rb
  3. 2
      app/services/activitypub/process_account_service.rb
  4. 4
      config/application.rb
  5. 4
      config/environments/production.rb
  6. 3
      config/initializers/devise.rb
  7. 76
      lib/devise/ldap_authenticatable.rb
  8. 11
      spec/lib/request_spec.rb

12
app/javascript/mastodon/actions/compose.js
Unescape View File

@ -1,4 +1,5 @@
import api from '../api'; import api from '../api';
import { CancelToken } from 'axios';
import { throttle } from 'lodash'; import { throttle } from 'lodash';
import { search as emojiSearch } from '../features/emoji/emoji_mart_search_light'; import { search as emojiSearch } from '../features/emoji/emoji_mart_search_light';
import { tagHistory } from '../settings'; import { tagHistory } from '../settings';
@ -11,6 +12,8 @@ import {
refreshPublicTimeline, refreshPublicTimeline,
} from './timelines'; } from './timelines';
let cancelFetchComposeSuggestionsAccounts;
export const COMPOSE_CHANGE = 'COMPOSE_CHANGE'; export const COMPOSE_CHANGE = 'COMPOSE_CHANGE';
export const COMPOSE_SUBMIT_REQUEST = 'COMPOSE_SUBMIT_REQUEST'; export const COMPOSE_SUBMIT_REQUEST = 'COMPOSE_SUBMIT_REQUEST';
export const COMPOSE_SUBMIT_SUCCESS = 'COMPOSE_SUBMIT_SUCCESS'; export const COMPOSE_SUBMIT_SUCCESS = 'COMPOSE_SUBMIT_SUCCESS';
@ -257,13 +260,22 @@ export function undoUploadCompose(media_id) {
}; };
export function clearComposeSuggestions() { export function clearComposeSuggestions() {
if (cancelFetchComposeSuggestionsAccounts) {
cancelFetchComposeSuggestionsAccounts();
}
return { return {
type: COMPOSE_SUGGESTIONS_CLEAR, type: COMPOSE_SUGGESTIONS_CLEAR,
}; };
}; };
const fetchComposeSuggestionsAccounts = throttle((dispatch, getState, token) => { const fetchComposeSuggestionsAccounts = throttle((dispatch, getState, token) => {
if (cancelFetchComposeSuggestionsAccounts) {
cancelFetchComposeSuggestionsAccounts();
}
api(getState).get('/api/v1/accounts/search', { api(getState).get('/api/v1/accounts/search', {
cancelToken: new CancelToken(cancel => {
cancelFetchComposeSuggestionsAccounts = cancel;
}),
params: { params: {
q: token.slice(1), q: token.slice(1),
resolve: false, resolve: false,

13
app/lib/request.rb
Unescape View File

@ -94,9 +94,16 @@ class Request
class Socket < TCPSocket class Socket < TCPSocket
class << self class << self
def open(host, *args) def open(host, *args)
address = IPSocket.getaddress(host) outer_e = nil
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address) Addrinfo.foreach(host, nil, nil, :SOCK_STREAM) do |address|
super address, *args begin
raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address.ip_address)
return super address.ip_address, *args
rescue => e
outer_e = e
end
end
raise outer_e if outer_e
end end
alias new open alias new open

2
app/services/activitypub/process_account_service.rb
Unescape View File

@ -16,7 +16,7 @@ class ActivityPub::ProcessAccountService < BaseService
RedisLock.acquire(lock_options) do |lock| RedisLock.acquire(lock_options) do |lock|
if lock.acquired? if lock.acquired?
@account = Account.find_by(uri: @uri) @account = Account.find_remote(@username, @domain)
@old_public_key = @account&.public_key @old_public_key = @account&.public_key
@old_protocol = @account&.protocol @old_protocol = @account&.protocol

4
config/application.rb
Unescape View File

@ -77,9 +77,7 @@ module Mastodon
] ]
config.i18n.default_locale = ENV['DEFAULT_LOCALE']&.to_sym config.i18n.default_locale = ENV['DEFAULT_LOCALE']&.to_sym
if config.i18n.available_locales.include?(config.i18n.default_locale) unless config.i18n.available_locales.include?(config.i18n.default_locale)
config.i18n.fallbacks = [:en]
else
config.i18n.default_locale = :en config.i18n.default_locale = :en
end end

4
config/environments/production.rb
Unescape View File

@ -55,8 +55,8 @@ Rails.application.configure do
# config.action_mailer.raise_delivery_errors = false # config.action_mailer.raise_delivery_errors = false
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found). # English when a translation cannot be found).
config.i18n.fallbacks = true config.i18n.fallbacks = [:en]
# Send deprecation notices to registered listeners. # Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify config.active_support.deprecation = :notify

3
config/initializers/devise.rb
Unescape View File

@ -55,6 +55,8 @@ module Devise
@@ldap_bind_dn = nil @@ldap_bind_dn = nil
mattr_accessor :ldap_password mattr_accessor :ldap_password
@@ldap_password = nil @@ldap_password = nil
mattr_accessor :ldap_tls_no_verify
@@ldap_tls_no_verify = false
class Strategies::PamAuthenticatable class Strategies::PamAuthenticatable
def valid? def valid?
@ -357,5 +359,6 @@ Devise.setup do |config|
config.ldap_bind_dn = ENV.fetch('LDAP_BIND_DN') config.ldap_bind_dn = ENV.fetch('LDAP_BIND_DN')
config.ldap_password = ENV.fetch('LDAP_PASSWORD') config.ldap_password = ENV.fetch('LDAP_PASSWORD')
config.ldap_uid = ENV.fetch('LDAP_UID', 'cn') config.ldap_uid = ENV.fetch('LDAP_UID', 'cn')
config.ldap_tls_no_verify = ENV['LDAP_TLS_NO_VERIFY'] == 'true'
end end
end end

76
lib/devise/ldap_authenticatable.rb
Unescape View File

@ -1,49 +1,53 @@
# frozen_string_literal: true # frozen_string_literal: true
if ENV['LDAP_ENABLED'] == 'true' require 'net/ldap'
require 'net/ldap' require 'devise/strategies/authenticatable'
require 'devise/strategies/authenticatable'
module Devise module Devise
module Strategies module Strategies
class LdapAuthenticatable < Authenticatable class LdapAuthenticatable < Authenticatable
def authenticate! def authenticate!
if params[:user] if params[:user]
ldap = Net::LDAP.new( ldap = Net::LDAP.new(
host: Devise.ldap_host, host: Devise.ldap_host,
port: Devise.ldap_port, port: Devise.ldap_port,
base: Devise.ldap_base, base: Devise.ldap_base,
encryption: { encryption: {
method: Devise.ldap_method, method: Devise.ldap_method,
tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS, tls_options: tls_options,
}, },
auth: { auth: {
method: :simple, method: :simple,
username: Devise.ldap_bind_dn, username: Devise.ldap_bind_dn,
password: Devise.ldap_password, password: Devise.ldap_password,
}, },
connect_timeout: 10 connect_timeout: 10
) )
if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password)) if (user_info = ldap.bind_as(base: Devise.ldap_base, filter: "(#{Devise.ldap_uid}=#{email})", password: password))
user = User.ldap_get_user(user_info.first) user = User.ldap_get_user(user_info.first)
success!(user) success!(user)
else else
return fail(:invalid_login) return fail(:invalid_login)
end
end end
end end
end
def email def email
params[:user][:email] params[:user][:email]
end end
def password def password
params[:user][:password] params[:user][:password]
end
def tls_options
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.tap do |options|
options[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if Devise.ldap_tls_no_verify
end end
end end
end end
end end
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)
end end
Warden::Strategies.add(:ldap_authenticatable, Devise::Strategies::LdapAuthenticatable)

11
spec/lib/request_spec.rb
Unescape View File

@ -48,6 +48,13 @@ describe Request do
expect(a_request(:get, 'http://example.com')).to have_been_made.once expect(a_request(:get, 'http://example.com')).to have_been_made.once
end end
it 'executes a HTTP request when the first address is private' do
allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:4860:4860::8844"], :PF_INET6, :SOCK_STREAM))
expect(a_request(:get, 'http://example.com')).to have_been_made.once
end
it 'sets headers' do it 'sets headers' do
expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made
end end
@ -61,7 +68,9 @@ describe Request do
end end
it 'raises Mastodon::ValidationError' do it 'raises Mastodon::ValidationError' do
allow(IPSocket).to receive(:getaddress).with('example.com').and_return('0.0.0.0') allow(Addrinfo).to receive(:foreach).with('example.com', nil, nil, :SOCK_STREAM)
.and_yield(Addrinfo.new(["AF_INET", 0, "example.com", "0.0.0.0"], :PF_INET, :SOCK_STREAM))
.and_yield(Addrinfo.new(["AF_INET6", 0, "example.com", "2001:db8::face"], :PF_INET6, :SOCK_STREAM))
expect{ subject.perform }.to raise_error Mastodon::ValidationError expect{ subject.perform }.to raise_error Mastodon::ValidationError
end end
end end

Write Preview
Loading…
Cancel
Save