2023-03-12 16:00:57 +01:00
|
|
|
// GoToSocial
|
|
|
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
|
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
|
//
|
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
// (at your option) any later version.
|
|
|
|
|
//
|
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
|
//
|
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2021-07-05 13:23:03 +02:00
|
|
|
|
|
|
|
|
package account
|
|
|
|
|
|
|
|
|
|
import (
|
2021-08-25 15:34:33 +02:00
|
|
|
"context"
|
2024-06-26 15:01:16 +00:00
|
|
|
"errors"
|
2021-07-05 13:23:03 +02:00
|
|
|
"fmt"
|
|
|
|
|
"io"
|
|
|
|
|
"mime/multipart"
|
|
|
|
|
|
2025-04-26 15:34:10 +02:00
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/ap"
|
|
|
|
|
apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/config"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/gtserror"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/gtsmodel"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/log"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/media"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/messages"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/text"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/typeutils"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/util"
|
|
|
|
|
"code.superseriousbusiness.org/gotosocial/internal/validate"
|
2024-07-12 09:39:47 +00:00
|
|
|
"codeberg.org/gruf/go-iotools"
|
2021-07-05 13:23:03 +02:00
|
|
|
)
|
|
|
|
|
|
2023-05-09 12:16:10 +02:00
|
|
|
func (p *Processor) selectNoteFormatter(contentType string) text.FormatFunc {
|
|
|
|
|
if contentType == "text/markdown" {
|
|
|
|
|
return p.formatter.FromMarkdown
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return p.formatter.FromPlain
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-22 16:05:26 +01:00
|
|
|
// Update processes the update of an account with the given form.
|
|
|
|
|
func (p *Processor) Update(ctx context.Context, account *gtsmodel.Account, form *apimodel.UpdateCredentialsRequest) (*apimodel.Account, gtserror.WithCode) {
|
2024-03-22 14:03:46 +01:00
|
|
|
// Ensure account populated; we'll need settings.
|
|
|
|
|
if err := p.state.DB.PopulateAccount(ctx, account); err != nil {
|
|
|
|
|
log.Errorf(ctx, "error(s) populating account, will continue: %s", err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
var (
|
|
|
|
|
// Indicates that the account's
|
|
|
|
|
// note, display name, and/or fields
|
|
|
|
|
// have changed, and so emojis should
|
|
|
|
|
// be re-parsed and updated as well.
|
|
|
|
|
textChanged bool
|
|
|
|
|
|
|
|
|
|
// DB columns on the account
|
|
|
|
|
// that need to be updated.
|
|
|
|
|
acctColumns []string
|
|
|
|
|
|
|
|
|
|
// DB columns on the settings
|
|
|
|
|
// that need to be updated.
|
|
|
|
|
settingsColumns []string
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Account flags.
|
|
|
|
|
|
2021-07-05 13:23:03 +02:00
|
|
|
if form.Discoverable != nil {
|
2022-08-15 12:35:05 +02:00
|
|
|
account.Discoverable = form.Discoverable
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, "discoverable")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2025-04-11 16:36:40 +02:00
|
|
|
if bot := form.Bot; bot != nil {
|
|
|
|
|
if *bot {
|
|
|
|
|
// Mark account as an Application.
|
|
|
|
|
// See: https://www.w3.org/TR/activitystreams-vocabulary/#dfn-application
|
|
|
|
|
account.ActorType = gtsmodel.AccountActorTypeApplication
|
|
|
|
|
} else {
|
|
|
|
|
// Mark account as a Person.
|
|
|
|
|
// See: https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person
|
|
|
|
|
account.ActorType = gtsmodel.AccountActorTypePerson
|
|
|
|
|
}
|
2025-04-06 14:39:40 +02:00
|
|
|
acctColumns = append(acctColumns, "actor_type")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
if form.Locked != nil {
|
|
|
|
|
account.Locked = form.Locked
|
|
|
|
|
acctColumns = append(acctColumns, "locked")
|
|
|
|
|
}
|
2022-09-26 11:56:01 +02:00
|
|
|
|
2021-07-05 13:23:03 +02:00
|
|
|
if form.DisplayName != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
// Display name text
|
|
|
|
|
// is changing.
|
|
|
|
|
textChanged = true
|
|
|
|
|
|
2023-05-09 12:16:10 +02:00
|
|
|
displayName := *form.DisplayName
|
|
|
|
|
if err := validate.DisplayName(displayName); err != nil {
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2023-05-09 12:16:10 +02:00
|
|
|
|
2025-03-07 15:04:34 +01:00
|
|
|
// HTML tags not allowed in display name.
|
|
|
|
|
account.DisplayName = text.StripHTMLFromText(displayName)
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, "display_name")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.Note != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
// Note text is changing.
|
|
|
|
|
textChanged = true
|
|
|
|
|
|
2023-05-09 12:16:10 +02:00
|
|
|
note := *form.Note
|
|
|
|
|
if err := validate.Note(note); err != nil {
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
// Store raw version of note
|
|
|
|
|
// for now, we'll process
|
|
|
|
|
// the proper version later.
|
2023-05-09 12:16:10 +02:00
|
|
|
account.NoteRaw = note
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, []string{
|
|
|
|
|
"note",
|
|
|
|
|
"note_raw",
|
|
|
|
|
}...)
|
2023-05-09 12:16:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.FieldsAttributes != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
// Field text is changing.
|
|
|
|
|
textChanged = true
|
2023-05-09 12:16:10 +02:00
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
if err := p.updateFields(
|
|
|
|
|
account,
|
|
|
|
|
*form.FieldsAttributes,
|
|
|
|
|
); err != nil {
|
|
|
|
|
return nil, err
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, []string{
|
|
|
|
|
"fields",
|
|
|
|
|
"fields_raw",
|
|
|
|
|
}...)
|
2023-02-07 08:58:36 +00:00
|
|
|
}
|
2022-05-07 16:55:27 +01:00
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
if textChanged {
|
|
|
|
|
// Process display name, note, fields,
|
|
|
|
|
// and any concomitant emoji changes.
|
|
|
|
|
p.processAccountText(ctx, account)
|
|
|
|
|
acctColumns = append(acctColumns, "emojis")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-07-08 15:47:03 +02:00
|
|
|
if form.AvatarDescription != nil {
|
2025-03-07 15:04:34 +01:00
|
|
|
desc := text.StripHTMLFromText(*form.AvatarDescription)
|
2024-09-09 18:07:25 +02:00
|
|
|
form.AvatarDescription = &desc
|
2024-07-08 15:47:03 +02:00
|
|
|
}
|
|
|
|
|
|
2021-07-05 13:23:03 +02:00
|
|
|
if form.Avatar != nil && form.Avatar.Size != 0 {
|
2024-06-26 15:01:16 +00:00
|
|
|
avatarInfo, errWithCode := p.UpdateAvatar(ctx,
|
|
|
|
|
account,
|
|
|
|
|
form.Avatar,
|
2024-07-08 15:47:03 +02:00
|
|
|
form.AvatarDescription,
|
2024-06-26 15:01:16 +00:00
|
|
|
)
|
|
|
|
|
if errWithCode != nil {
|
|
|
|
|
return nil, errWithCode
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2021-09-11 13:19:06 +02:00
|
|
|
account.AvatarMediaAttachmentID = avatarInfo.ID
|
|
|
|
|
account.AvatarMediaAttachment = avatarInfo
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, "avatar_media_attachment_id")
|
2024-07-08 15:47:03 +02:00
|
|
|
} else if form.AvatarDescription != nil && account.AvatarMediaAttachment != nil {
|
|
|
|
|
// Update just existing description if possible.
|
|
|
|
|
account.AvatarMediaAttachment.Description = *form.AvatarDescription
|
|
|
|
|
if err := p.state.DB.UpdateAttachment(
|
|
|
|
|
ctx,
|
|
|
|
|
account.AvatarMediaAttachment,
|
|
|
|
|
"description",
|
|
|
|
|
); err != nil {
|
|
|
|
|
err := gtserror.Newf("db error updating account avatar description: %w", err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.HeaderDescription != nil {
|
2025-03-07 15:04:34 +01:00
|
|
|
desc := text.StripHTMLFromText(*form.HeaderDescription)
|
2024-07-08 15:47:03 +02:00
|
|
|
form.HeaderDescription = util.Ptr(desc)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.Header != nil && form.Header.Size != 0 {
|
2024-06-26 15:01:16 +00:00
|
|
|
headerInfo, errWithCode := p.UpdateHeader(ctx,
|
|
|
|
|
account,
|
|
|
|
|
form.Header,
|
2024-07-08 15:47:03 +02:00
|
|
|
form.HeaderDescription,
|
2024-06-26 15:01:16 +00:00
|
|
|
)
|
|
|
|
|
if errWithCode != nil {
|
|
|
|
|
return nil, errWithCode
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2021-09-11 13:19:06 +02:00
|
|
|
account.HeaderMediaAttachmentID = headerInfo.ID
|
|
|
|
|
account.HeaderMediaAttachment = headerInfo
|
2024-09-09 18:07:25 +02:00
|
|
|
acctColumns = append(acctColumns, "header_media_attachment_id")
|
2024-07-08 15:47:03 +02:00
|
|
|
} else if form.HeaderDescription != nil && account.HeaderMediaAttachment != nil {
|
|
|
|
|
// Update just existing description if possible.
|
|
|
|
|
account.HeaderMediaAttachment.Description = *form.HeaderDescription
|
|
|
|
|
if err := p.state.DB.UpdateAttachment(
|
|
|
|
|
ctx,
|
|
|
|
|
account.HeaderMediaAttachment,
|
|
|
|
|
"description",
|
|
|
|
|
); err != nil {
|
|
|
|
|
err := gtserror.Newf("db error updating account avatar description: %w", err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
|
|
|
}
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
[feature] Use `hidesToPublicFromUnauthedWeb` and `hidesCcPublicFromUnauthedWeb` properties for web visibility of statuses (#4315)
This pull request implements two new properties on ActivityPub actors: `hidesToPublicFromUnauthedWeb` and `hidesCcPublicFromUnauthedWeb`.
As documented, these properties allow actors to signal their preference for whether or not their posts should be hidden from unauthenticated web views (ie., web pages like the GtS frontend, web apps like the Mastodon frontend, web APIs like the Mastodon public timeline API, etc). This allows remote accounts to *opt in* to having their unlisted visibility posts shown in (for example) the replies section of the web view of a GtS thread. In future, we can also use these properties to determine whether we should show boosts of a remote actor's post on a GtS profile, and that sort of thing.
In keeping with our stance around privacy by default, GtS assumes `true` for `hidesCcPublicFromUnauthedWeb` if the property is not set on a remote actor, ie., hide unlisted/unlocked posts by default. `hidesToPublicFromUnauthedWeb` is assumed to be `false` if the property is not set on a remote actor, ie., show public posts by default.
~~WIP as I still want to work on the documentation for this a bit.~~
New props are already in the namespace document: https://gotosocial.org/ns
Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4315
Reviewed-by: kim <gruf@noreply.codeberg.org>
Co-authored-by: tobi <tobi.smethurst@protonmail.com>
Co-committed-by: tobi <tobi.smethurst@protonmail.com>
2025-07-09 16:50:25 +02:00
|
|
|
if form.WebVisibility != nil {
|
|
|
|
|
switch apimodel.Visibility(*form.WebVisibility) {
|
|
|
|
|
|
|
|
|
|
// Show none.
|
|
|
|
|
case apimodel.VisibilityNone:
|
|
|
|
|
account.HidesToPublicFromUnauthedWeb = util.Ptr(true)
|
|
|
|
|
account.HidesCcPublicFromUnauthedWeb = util.Ptr(true)
|
|
|
|
|
|
|
|
|
|
// Show public only (GtS default).
|
|
|
|
|
case apimodel.VisibilityPublic:
|
|
|
|
|
account.HidesToPublicFromUnauthedWeb = util.Ptr(false)
|
|
|
|
|
account.HidesCcPublicFromUnauthedWeb = util.Ptr(true)
|
|
|
|
|
|
|
|
|
|
// Show public and unlisted (Masto default).
|
|
|
|
|
case apimodel.VisibilityUnlisted:
|
|
|
|
|
account.HidesToPublicFromUnauthedWeb = util.Ptr(false)
|
|
|
|
|
account.HidesCcPublicFromUnauthedWeb = util.Ptr(false)
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
const text = "web_visibility must be one of public, unlisted, or none"
|
|
|
|
|
err := errors.New(text)
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, text)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
acctColumns = append(
|
|
|
|
|
acctColumns,
|
|
|
|
|
"hides_to_public_from_unauthed_web",
|
|
|
|
|
"hides_cc_public_from_unauthed_web",
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
// Account settings flags.
|
2021-07-05 13:23:03 +02:00
|
|
|
|
|
|
|
|
if form.Source != nil {
|
|
|
|
|
if form.Source.Language != nil {
|
2023-08-07 01:25:54 -07:00
|
|
|
language, err := validate.Language(*form.Source.Language)
|
|
|
|
|
if err != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
|
2024-03-22 14:03:46 +01:00
|
|
|
account.Settings.Language = language
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "language")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.Source.Sensitive != nil {
|
2024-03-22 14:03:46 +01:00
|
|
|
account.Settings.Sensitive = form.Source.Sensitive
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "sensitive")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if form.Source.Privacy != nil {
|
2021-09-01 18:29:25 +02:00
|
|
|
if err := validate.Privacy(*form.Source.Privacy); err != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
|
|
|
|
|
priv := apimodel.Visibility(*form.Source.Privacy)
|
|
|
|
|
account.Settings.Privacy = typeutils.APIVisToVis(priv)
|
|
|
|
|
settingsColumns = append(settingsColumns, "privacy")
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2022-08-06 12:09:21 +02:00
|
|
|
|
2023-03-02 03:06:40 -08:00
|
|
|
if form.Source.StatusContentType != nil {
|
|
|
|
|
if err := validate.StatusContentType(*form.Source.StatusContentType); err != nil {
|
2022-08-06 12:09:21 +02:00
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-22 14:03:46 +01:00
|
|
|
account.Settings.StatusContentType = *form.Source.StatusContentType
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "status_content_type")
|
2022-08-06 12:09:21 +02:00
|
|
|
}
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-03-25 18:32:24 +01:00
|
|
|
if form.Theme != nil {
|
|
|
|
|
theme := *form.Theme
|
|
|
|
|
if theme == "" {
|
|
|
|
|
// Empty is easy, just clear this.
|
|
|
|
|
account.Settings.Theme = ""
|
|
|
|
|
} else {
|
|
|
|
|
// Theme was provided, check
|
|
|
|
|
// against known available themes.
|
|
|
|
|
if _, ok := p.themes.ByFileName[theme]; !ok {
|
|
|
|
|
err := fmt.Errorf("theme %s not available on this instance, see /api/v1/accounts/themes for available themes", theme)
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
|
|
|
|
}
|
|
|
|
|
account.Settings.Theme = theme
|
|
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "theme")
|
2024-03-25 18:32:24 +01:00
|
|
|
}
|
|
|
|
|
|
2022-09-12 13:14:29 +02:00
|
|
|
if form.CustomCSS != nil {
|
|
|
|
|
customCSS := *form.CustomCSS
|
|
|
|
|
if err := validate.CustomCSS(customCSS); err != nil {
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, err.Error())
|
|
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
|
2025-03-07 15:04:34 +01:00
|
|
|
account.Settings.CustomCSS = text.StripHTMLFromText(customCSS)
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "custom_css")
|
2022-09-12 13:14:29 +02:00
|
|
|
}
|
|
|
|
|
|
2022-10-08 14:00:39 +02:00
|
|
|
if form.EnableRSS != nil {
|
2024-03-22 14:03:46 +01:00
|
|
|
account.Settings.EnableRSS = form.EnableRSS
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "enable_rss")
|
2022-10-08 14:00:39 +02:00
|
|
|
}
|
|
|
|
|
|
2024-04-02 11:42:24 +02:00
|
|
|
if form.HideCollections != nil {
|
|
|
|
|
account.Settings.HideCollections = form.HideCollections
|
2024-09-09 18:07:25 +02:00
|
|
|
settingsColumns = append(settingsColumns, "hide_collections")
|
2024-04-02 11:42:24 +02:00
|
|
|
}
|
|
|
|
|
|
2025-03-26 16:59:39 +01:00
|
|
|
if form.WebLayout != nil {
|
|
|
|
|
webLayout := gtsmodel.ParseWebLayout(*form.WebLayout)
|
|
|
|
|
if webLayout == gtsmodel.WebLayoutUnknown {
|
|
|
|
|
const text = "web_layout must be one of microblog or gallery"
|
|
|
|
|
err := errors.New(text)
|
|
|
|
|
return nil, gtserror.NewErrorBadRequest(err, text)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
account.Settings.WebLayout = webLayout
|
|
|
|
|
settingsColumns = append(settingsColumns, "web_layout")
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
// We've parsed + set everything, do
|
|
|
|
|
// necessary database updates now.
|
|
|
|
|
|
|
|
|
|
if len(acctColumns) > 0 {
|
|
|
|
|
if err := p.state.DB.UpdateAccount(ctx, account, acctColumns...); err != nil {
|
|
|
|
|
err := gtserror.Newf("db error updating account %s: %w", account.ID, err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
|
|
|
}
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
if len(settingsColumns) > 0 {
|
|
|
|
|
if err := p.state.DB.UpdateAccountSettings(ctx, account.Settings, settingsColumns...); err != nil {
|
|
|
|
|
err := gtserror.Newf("db error updating account settings %s: %w", account.ID, err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
|
|
|
}
|
2024-03-22 14:03:46 +01:00
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
// Send out Update message over the s2s (fedi) API.
|
2024-04-26 13:50:46 +01:00
|
|
|
p.state.Workers.Client.Queue.Push(&messages.FromClientAPI{
|
2024-06-06 15:43:25 +02:00
|
|
|
APObjectType: ap.ActorPerson,
|
2021-08-31 15:59:12 +02:00
|
|
|
APActivityType: ap.ActivityUpdate,
|
2022-11-15 18:45:15 +00:00
|
|
|
GTSModel: account,
|
2024-04-26 13:50:46 +01:00
|
|
|
Origin: account,
|
2022-04-28 13:23:11 +01:00
|
|
|
})
|
2021-07-05 13:23:03 +02:00
|
|
|
|
2023-09-23 17:44:11 +01:00
|
|
|
acctSensitive, err := p.converter.AccountToAPIAccountSensitive(ctx, account)
|
2021-07-05 13:23:03 +02:00
|
|
|
if err != nil {
|
2024-09-09 18:07:25 +02:00
|
|
|
err := gtserror.Newf("error converting account: %w", err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
2024-09-09 18:07:25 +02:00
|
|
|
|
2021-07-05 13:23:03 +02:00
|
|
|
return acctSensitive, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-09 18:07:25 +02:00
|
|
|
// updateFields sets FieldsRaw on the given
|
|
|
|
|
// account, and resets account.Fields to an
|
|
|
|
|
// empty slice, ready for further processing.
|
|
|
|
|
func (p *Processor) updateFields(
|
|
|
|
|
account *gtsmodel.Account,
|
|
|
|
|
fieldsAttributes []apimodel.UpdateField,
|
|
|
|
|
) gtserror.WithCode {
|
|
|
|
|
var (
|
|
|
|
|
fieldsLen = len(fieldsAttributes)
|
|
|
|
|
fieldsRaw = make([]*gtsmodel.Field, 0, fieldsLen)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
for _, updateField := range fieldsAttributes {
|
|
|
|
|
if updateField.Name == nil || updateField.Value == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
name string = *updateField.Name
|
|
|
|
|
value string = *updateField.Value
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if name == "" || value == "" {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Sanitize raw field values.
|
|
|
|
|
fieldRaw := >smodel.Field{
|
2025-03-07 15:04:34 +01:00
|
|
|
Name: text.StripHTMLFromText(name),
|
|
|
|
|
Value: text.StripHTMLFromText(value),
|
2024-09-09 18:07:25 +02:00
|
|
|
}
|
|
|
|
|
fieldsRaw = append(fieldsRaw, fieldRaw)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check length of parsed raw fields.
|
|
|
|
|
if err := validate.ProfileFields(fieldsRaw); err != nil {
|
|
|
|
|
return gtserror.NewErrorBadRequest(err, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// OK, new raw fields are valid.
|
|
|
|
|
account.FieldsRaw = fieldsRaw
|
|
|
|
|
account.Fields = make([]*gtsmodel.Field, 0, fieldsLen)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// processAccountText processes the raw versions of the given
|
|
|
|
|
// account's display name, note, and fields, and sets those
|
|
|
|
|
// processed versions on the account, while also updating the
|
|
|
|
|
// account's emojis entry based on the results of the processing.
|
|
|
|
|
func (p *Processor) processAccountText(
|
|
|
|
|
ctx context.Context,
|
|
|
|
|
account *gtsmodel.Account,
|
|
|
|
|
) {
|
|
|
|
|
// Use map to deduplicate emojis by their ID.
|
|
|
|
|
emojis := make(map[string]*gtsmodel.Emoji)
|
|
|
|
|
|
|
|
|
|
// Retrieve display name emojis.
|
2025-03-07 15:04:34 +01:00
|
|
|
for _, emoji := range p.formatter.FromPlainBasic(
|
2024-09-09 18:07:25 +02:00
|
|
|
ctx,
|
|
|
|
|
p.parseMention,
|
|
|
|
|
account.ID,
|
|
|
|
|
"",
|
|
|
|
|
account.DisplayName,
|
|
|
|
|
).Emojis {
|
|
|
|
|
emojis[emoji.ID] = emoji
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Format + set note according to user prefs.
|
|
|
|
|
f := p.selectNoteFormatter(account.Settings.StatusContentType)
|
|
|
|
|
formatNoteResult := f(ctx, p.parseMention, account.ID, "", account.NoteRaw)
|
|
|
|
|
account.Note = formatNoteResult.HTML
|
|
|
|
|
|
|
|
|
|
// Retrieve note emojis.
|
|
|
|
|
for _, emoji := range formatNoteResult.Emojis {
|
|
|
|
|
emojis[emoji.ID] = emoji
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Process raw fields.
|
|
|
|
|
account.Fields = make([]*gtsmodel.Field, 0, len(account.FieldsRaw))
|
|
|
|
|
for _, fieldRaw := range account.FieldsRaw {
|
|
|
|
|
field := >smodel.Field{}
|
|
|
|
|
|
|
|
|
|
// Name stays plain, but we still need to
|
|
|
|
|
// see if there are any emojis set in it.
|
|
|
|
|
field.Name = fieldRaw.Name
|
2025-03-07 15:04:34 +01:00
|
|
|
for _, emoji := range p.formatter.FromPlainBasic(
|
2024-09-09 18:07:25 +02:00
|
|
|
ctx,
|
|
|
|
|
p.parseMention,
|
|
|
|
|
account.ID,
|
|
|
|
|
"",
|
|
|
|
|
fieldRaw.Name,
|
|
|
|
|
).Emojis {
|
|
|
|
|
emojis[emoji.ID] = emoji
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Value can be HTML, but we don't want
|
|
|
|
|
// to wrap the result in <p> tags.
|
|
|
|
|
fieldFormatValueResult := p.formatter.FromPlainNoParagraph(ctx, p.parseMention, account.ID, "", fieldRaw.Value)
|
|
|
|
|
field.Value = fieldFormatValueResult.HTML
|
|
|
|
|
|
|
|
|
|
// Retrieve field emojis.
|
|
|
|
|
for _, emoji := range fieldFormatValueResult.Emojis {
|
|
|
|
|
emojis[emoji.ID] = emoji
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We're done, append the shiny new field.
|
|
|
|
|
account.Fields = append(account.Fields, field)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update the account's emojis.
|
|
|
|
|
emojisCount := len(emojis)
|
|
|
|
|
account.Emojis = make([]*gtsmodel.Emoji, 0, emojisCount)
|
|
|
|
|
account.EmojiIDs = make([]string, 0, emojisCount)
|
|
|
|
|
|
|
|
|
|
for id, emoji := range emojis {
|
|
|
|
|
account.Emojis = append(account.Emojis, emoji)
|
|
|
|
|
account.EmojiIDs = append(account.EmojiIDs, id)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-10 19:29:26 +01:00
|
|
|
// UpdateAvatar does the dirty work of checking the avatar
|
|
|
|
|
// part of an account update form, parsing and checking the
|
|
|
|
|
// media, and doing the necessary updates in the database
|
|
|
|
|
// for this to become the account's new avatar.
|
|
|
|
|
func (p *Processor) UpdateAvatar(
|
|
|
|
|
ctx context.Context,
|
2024-06-26 15:01:16 +00:00
|
|
|
account *gtsmodel.Account,
|
2023-11-10 19:29:26 +01:00
|
|
|
avatar *multipart.FileHeader,
|
|
|
|
|
description *string,
|
2024-06-26 15:01:16 +00:00
|
|
|
) (
|
|
|
|
|
*gtsmodel.MediaAttachment,
|
|
|
|
|
gtserror.WithCode,
|
|
|
|
|
) {
|
2024-07-12 09:39:47 +00:00
|
|
|
// Get maximum supported local media size.
|
|
|
|
|
maxsz := config.GetMediaLocalMaxSize()
|
2024-10-16 14:13:58 +02:00
|
|
|
maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
|
2024-07-12 09:39:47 +00:00
|
|
|
|
|
|
|
|
// Ensure media within size bounds.
|
2024-10-16 14:13:58 +02:00
|
|
|
if avatar.Size > maxszInt64 {
|
2024-07-12 09:39:47 +00:00
|
|
|
text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
|
2024-06-26 15:01:16 +00:00
|
|
|
return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-07-12 09:39:47 +00:00
|
|
|
// Open multipart file reader.
|
|
|
|
|
mpfile, err := avatar.Open()
|
|
|
|
|
if err != nil {
|
|
|
|
|
err := gtserror.Newf("error opening multipart file: %w", err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-07-12 09:39:47 +00:00
|
|
|
// Wrap the multipart file reader to ensure is limited to max.
|
2024-10-16 14:13:58 +02:00
|
|
|
rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
|
2024-07-12 09:39:47 +00:00
|
|
|
|
2024-06-26 15:01:16 +00:00
|
|
|
// Write to instance storage.
|
|
|
|
|
return p.c.StoreLocalMedia(ctx,
|
|
|
|
|
account.ID,
|
2024-07-12 09:39:47 +00:00
|
|
|
func(ctx context.Context) (reader io.ReadCloser, err error) {
|
|
|
|
|
return rc, nil
|
|
|
|
|
},
|
2024-06-26 15:01:16 +00:00
|
|
|
media.AdditionalMediaInfo{
|
|
|
|
|
Avatar: util.Ptr(true),
|
|
|
|
|
Description: description,
|
|
|
|
|
},
|
|
|
|
|
)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2023-11-10 19:29:26 +01:00
|
|
|
// UpdateHeader does the dirty work of checking the header
|
|
|
|
|
// part of an account update form, parsing and checking the
|
|
|
|
|
// media, and doing the necessary updates in the database
|
|
|
|
|
// for this to become the account's new header.
|
|
|
|
|
func (p *Processor) UpdateHeader(
|
|
|
|
|
ctx context.Context,
|
2024-06-26 15:01:16 +00:00
|
|
|
account *gtsmodel.Account,
|
2023-11-10 19:29:26 +01:00
|
|
|
header *multipart.FileHeader,
|
|
|
|
|
description *string,
|
2024-06-26 15:01:16 +00:00
|
|
|
) (
|
|
|
|
|
*gtsmodel.MediaAttachment,
|
|
|
|
|
gtserror.WithCode,
|
|
|
|
|
) {
|
2024-07-12 09:39:47 +00:00
|
|
|
// Get maximum supported local media size.
|
|
|
|
|
maxsz := config.GetMediaLocalMaxSize()
|
2024-10-16 14:13:58 +02:00
|
|
|
maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
|
2024-07-12 09:39:47 +00:00
|
|
|
|
|
|
|
|
// Ensure media within size bounds.
|
2024-10-16 14:13:58 +02:00
|
|
|
if header.Size > maxszInt64 {
|
2024-07-12 09:39:47 +00:00
|
|
|
text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
|
2024-06-26 15:01:16 +00:00
|
|
|
return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-07-12 09:39:47 +00:00
|
|
|
// Open multipart file reader.
|
|
|
|
|
mpfile, err := header.Open()
|
|
|
|
|
if err != nil {
|
|
|
|
|
err := gtserror.Newf("error opening multipart file: %w", err)
|
|
|
|
|
return nil, gtserror.NewErrorInternalError(err)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
|
|
|
|
|
2024-07-12 09:39:47 +00:00
|
|
|
// Wrap the multipart file reader to ensure is limited to max.
|
2024-10-16 14:13:58 +02:00
|
|
|
rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
|
2024-07-12 09:39:47 +00:00
|
|
|
|
2024-06-26 15:01:16 +00:00
|
|
|
// Write to instance storage.
|
|
|
|
|
return p.c.StoreLocalMedia(ctx,
|
|
|
|
|
account.ID,
|
2024-07-12 09:39:47 +00:00
|
|
|
func(ctx context.Context) (reader io.ReadCloser, err error) {
|
|
|
|
|
return rc, nil
|
|
|
|
|
},
|
2024-06-26 15:01:16 +00:00
|
|
|
media.AdditionalMediaInfo{
|
|
|
|
|
Header: util.Ptr(true),
|
|
|
|
|
Description: description,
|
|
|
|
|
},
|
|
|
|
|
)
|
2021-07-05 13:23:03 +02:00
|
|
|
}
|
