Commit graph

1143 commits

Author SHA1 Message Date
Pere Lev
ff2c5659af
S2S: Project: Accept: Switch from basic to full OCAP verification 2024-02-01 20:26:49 +02:00
Pere Lev
bce8079cb5
S2S: Project: Add: Handle adding a child/parent; also update C2S Add 2024-02-01 16:51:52 +02:00
Pere Lev
ab786eb67c
UI, Vocab: Link from project/team to children & parents pages 2023-12-13 00:09:28 +02:00
Pere Lev
802df6b15b
UI, AP: Display project and team children and parents 2023-12-12 23:21:06 +02:00
Pere Lev
1f06d689f5
Tables for project/team parent/child tracking 2023-12-11 18:49:42 +02:00
Pere Lev
ee91a6403e
UI: Add 'Accept' button to invites you haven't yet accepted 2023-12-09 10:24:20 +02:00
Pere Lev
ce1e542401
UI: HomeR: Display personal invites 2023-12-09 08:55:39 +02:00
Pere Lev
e65563cd19
UI: For each Permit, display delegator-Grant and extensions 2023-12-09 07:58:16 +02:00
Pere Lev
119779b9b3
UI: Display personal resources using Permit records 2023-12-09 07:13:34 +02:00
Pere Lev
5af2fdd58b
UI: Group: Buttons for adding and removing members 2023-12-09 03:03:06 +02:00
Pere Lev
702ad39b96
S2S: Group: Adapt collab-mode code from Project 2023-12-09 02:46:11 +02:00
Pere Lev
b2b4d8778d
DB: For each CollabRecipLocal record, produce a matching Permit record 2023-12-09 01:04:21 +02:00
Pere Lev
12e2284389
C2S: When creating a resource, insert a Permit record 2023-12-07 18:50:44 +02:00
Pere Lev
e2462627a5
Remove old empty Vervis.Federation.Collab module 2023-12-07 18:22:51 +02:00
Pere Lev
cfc8add212
S2S: Common: Remove: When deleting Collab record, delete CollabDeleg*s too 2023-12-07 18:21:35 +02:00
Pere Lev
6dceaa1cff
S2S: Person: Revoke: Delete Permit records 2023-12-07 17:03:26 +02:00
Pere Lev
11a79b00fb
S2S: Person: Implement response to direct-Grant and extension-Grant 2023-12-02 21:09:13 +02:00
Pere Lev
39dc2089b2
S2S: Person: Accept: If topic is approving an Invite, update Permit record 2023-11-23 18:21:41 +02:00
Pere Lev
442e36dcc1
C2S: Accept: If accepting an Invite-for-me, update the Permit record 2023-11-23 01:03:50 +02:00
Pere Lev
0c0007c892
C2S: Person: Implement Join handler, inserting a Permit record to DB 2023-11-22 23:12:32 +02:00
Pere Lev
3c0a3d1317
S2S: Person: Update Invite handler to create a Permit record 2023-11-22 19:30:33 +02:00
Pere Lev
05d3a1eaef
DB: Tables for the person side of Collabs (i.e. direct-Grants they got)
Until now I've managed to avoid having to implement this piece quite
easily. The only temptation to implement it has been pseudo-client
features, which are basically just a workaround until Vervis gets a
separate client app.

But now, Person actors need to be able to automatically send
delegator-Grants when they receive a direct-Grant from a resource they
either asked to Join or got an Invite to. So, this creates a need to
track these joins and invites on the server side.

I'm not checking the exact minimal pieces necessary for
delegator-Grants. Instead, I'm starting a full implementation of the
person-side of Collab records (AKA direct-Grants), called Permit
records. This will also allow very convenient display of these Grants
and the extensions received through them, as well as UI buttons such as
accepting/rejecting a received Join or Invite.
2023-11-22 18:11:07 +02:00
Pere Lev
88e6818edc
S2S: Project: Send ext-Grants to new collab upon getting their delegator-Grant
Until now, adding a direct collaborator to a Project worked exactly like
with components: Invite or Join, then Accept, finally the direct-Grant.
I missed the fact that much like with project-component relationships,
projects (and teams) need to be able to send extension-Grants to their
direct collaborators.

So in Project's Grant handler it now:

- Recognizes the delegator-Grant coming from a new collaborator
- Sends extension-Grants, using the delegator-Grant as the capability
- When getting a new component and sending extension-Grants for it to
  direct collaborators, Project uses their delegator-Grants as
  capability

And in Project's Accept handler, it no longer sends extension-Grants
(because it doesn't yet have the collaborator's delegator-Grant at this
point).

NOTE, THIS TEMPORARILY BREAKS grant chains: If you create a Project and
add a Deck to it, you won't get an extension-Grant-for-the-Deck from the
Project, because the Project doesn't yet have your delegator-Grant.

The next commits will implement the Person-side of Collab records, and
will cause Person actors to automatically send the delegator-Grant,
fixing the break.
2023-11-22 14:16:08 +02:00
Pere Lev
5d0f707c55
DB: Allow to record the delegator-Grant sent by people to projects/teams 2023-11-21 20:44:09 +02:00
Pere Lev
7517db9619
Client, UI: Team: Creation, invite/join display, list in personal overview 2023-11-21 18:28:05 +02:00
Pere Lev
8584c6387c
S2S: Group: Implement Follow & Undo handlers, adapted from Project 2023-11-21 17:02:58 +02:00
Pere Lev
8d543c0016
S2S: Group: Implement Create handler, sending back an admin-Grant 2023-11-21 16:52:16 +02:00
Pere Lev
ea7476db9d
C2S: Implement team creation 2023-11-21 15:48:14 +02:00
Pere Lev
2797e5f3be
UI: Team & team members HTML page + AP JSON object 2023-11-21 15:01:51 +02:00
Pere Lev
80a08dea0a
UI: Browse: Update intro text & list projects' components 2023-11-21 10:56:09 +02:00
Pere Lev
840b13eff1
UI: Tweak the footer repo/commit display 2023-11-21 10:55:38 +02:00
Pere Lev
22c7b88a79
Remove federation check from PublishResolveR 2023-11-13 14:15:13 +02:00
Pere Lev
34386bcf52
S2S: Deck: Resolve: Use the full OCAP-authorization algorithm
deckResolve now supports Resolve requests that use extension-Grants. It
iterates the verifies the Grant-chain using the process described in the
ForgeFed specification.
2023-11-12 17:43:11 +02:00
Pere Lev
1a3a46b6b2
Implement OCAP "Verifying an invocation" process from ForgeFed spec
Vervis currently supports only direct grants. The new process supports
delegation chains as well. This commit just implements the new process
as a new function, without yet using it anywhere. The next commits will
plug it into Deck actor handlers.
2023-11-07 10:51:42 +02:00
Pere Lev
b420c982c0
UI: Add page for publishing a Resolve with custom ticket and OCAP URIs 2023-11-05 20:41:24 +02:00
Pere Lev
91ed2c82b5
UI: Add reopen-this-ticket button to ticket page 2023-11-05 17:50:55 +02:00
Pere Lev
ebe676d94b
Client: Port/implement pseudo-client for unresolve-a-ticket 2023-11-05 17:41:16 +02:00
Pere Lev
3a95e6d302
C2S: Implement trivial Undo handler, remove old undoC code 2023-11-05 16:27:38 +02:00
Pere Lev
cbd81d1d0b
C2S, UI: Deck ticket closing button on ticket page
Ticket closing can now be done via the new C2S, and the "Close ticket"
button on TicketR page is back, and uses that new C2S.

S2S, C2S and pseudo-client are implemented for both Deck and Loom, but
the actual button and POST handler are provided here only for Deck. Will
add ones for Loom soon, as needed.
2023-11-05 16:13:09 +02:00
Pere Lev
222ba823c1
S2S: Person: Trivial Resolve handler 2023-11-05 12:52:16 +02:00
Pere Lev
35eb4917a1
S2S: Port Deck's & Loom's Resolve handlers from the old system 2023-11-05 12:40:19 +02:00
Pere Lev
cb693184f8
UI: Use the actor system for opening a ticket, and remove offerTicketC 2023-11-05 11:31:36 +02:00
Pere Lev
be569ab26d
C2S: Implement Offer{ticket/MR} handler 2023-11-03 14:55:34 +02:00
Pere Lev
a06003c361
S2S: Loom: Port Offer{MR} handler from old federation code
This is to allow getting rid of the old C2S offerTicketC and write a C2S
Offer handler in the new actor system.

And that is to allow ticket opening and closing to work, so that it can
use delegated OCAPs too, as a first demo of delegated OCAPs in action.
2023-11-03 14:18:41 +02:00
Pere Lev
909ba94b49
S2S: Person: Implement trivial Offer handler 2023-11-03 11:08:35 +02:00
Pere Lev
1694d77705
S2S: Deck: Port the Offer{Ticket} handler from the old code 2023-11-03 10:56:25 +02:00
Pere Lev
7edb7a9760
Fix some little bugs in component implementation 2023-11-02 23:14:29 +02:00
Pere Lev
df6ece2889
UI: Deck: 'Approve' button for accepting invites-to-projects 2023-11-02 22:27:54 +02:00
Pere Lev
47f993d63f
Client: Project UI for adding a component 2023-11-02 18:03:28 +02:00
Pere Lev
fe6f95d497
UI: Deck: Projects list page 2023-11-02 14:48:22 +02:00
Pere Lev
acc1d13c63
UI: Project: Component list HTML version 2023-11-02 12:35:35 +02:00
Pere Lev
5d52db9377
C2S: Implement Accept handler (without any filters) 2023-10-23 19:39:58 +03:00
Pere Lev
14ef892032
C2S: Implement Add handler, for adding a component to a project 2023-10-23 19:11:51 +03:00
Pere Lev
477793688f
C2S: Invite: Support component mode 2023-10-23 18:26:44 +03:00
Pere Lev
21aa4e7c49
S2S: projectAccept: When adding a Collab, delegate access-to-my-components 2023-10-23 15:21:12 +03:00
Pere Lev
fa43a49b16
S2S: Person Grant handler: Handle component-mode Grants too 2023-09-09 17:01:18 +03:00
Pere Lev
4ac73a9515
S2S: Implement component delegator-Grant handler 2023-09-09 16:41:12 +03:00
Pere Lev
9a78c83233
S2S: Deck Accept handler: Implement component mode 2023-09-01 19:50:48 +03:00
Pere Lev
e8970c1f4a
S2S: Deck Invite handler: Implement component mode 2023-08-14 15:24:08 +03:00
Pere Lev
521eed8bb2
S2S: Deck Add handler 2023-08-02 15:13:54 +03:00
Pere Lev
06e5ab9e90
S2S: Project Grant handler 2023-07-17 20:57:19 +03:00
Pere Lev
a083b0d866
S2S: Update Project-Accept handler to handle Components 2023-07-12 16:50:29 +03:00
Pere Lev
aec2235fdc
S2S: Project Add handler: Rearrange code in preparation for Component mode
Also add Component mode details into the behavior comment (but haven't
yet implemented the newly described Component-mode behavior)
2023-06-29 20:56:03 +03:00
Pere Lev
2920deb900
S2S: Copy topicAccept code into projectAccept and reorganize the comment
This is in preparation to implementing Component mode
2023-06-29 14:48:55 +03:00
Pere Lev
afb83b7761
Add a ProjectCollabLiveR route for use as Grant revocation URI 2023-06-28 22:24:01 +03:00
Pere Lev
4a2f97d9dd
S2S: Upgrade the Project Invite handler to handle components 2023-06-28 21:34:19 +03:00
Pere Lev
5e87dd99d3
DB: Make the Accept unique per CollabFulfillsInvite 2023-06-28 14:18:45 +03:00
Pere Lev
afc45257b4
S2S: topicInvite, projectInvite: If approved, send an Accept 2023-06-28 14:10:09 +03:00
Pere Lev
b45aa78d7b
Copy topicInvite impl into projectInvite instead of reusing topicInvite
That's because projectInvite is about to get changes and can't use
topicInvite anymore; that's probably suitable only for components
2023-06-28 10:44:13 +03:00
Pere Lev
043667ed76
S2S, C2S, Client: Update parseRemove to support project+component 2023-06-28 10:22:53 +03:00
Pere Lev
710bfc27c0
C2S: When HTTP GETing an Invite/Remove topic, compare with collabs URI
Until now the code GETs the collabs URI to find the resource, but it
didn't make sure the URI was really the collabs URI specified by the
resource. This commit adds the check.
2023-06-28 09:38:53 +03:00
Pere Lev
1093d4e67d
Vocab: Support project/component in parseInvite, update handlers 2023-06-28 02:23:46 +03:00
Pere Lev
c98d8d1cc0
Vocab & UI: Repo, Deck and Loom now serve their collabs URI 2023-06-28 01:09:35 +03:00
Pere Lev
b2657589dd
Switch Invite/Join/Remove to use resource collabs URI
Until now, the resource object itself would be specified. This no longer
works, because it's unclear whether we're adding/removing a collaborator
or a component.

From now on, adding a collaborator is done by pointing to the resource's
'collaborators' URI, not to the resource itself
2023-06-28 00:30:35 +03:00
Pere Lev
034194f2aa
DB & Vocab: Specify role in Add, store it in Component & Stem 2023-06-27 22:56:52 +03:00
Pere Lev
1fd46b0590
UI & Vocab: Project components list & link from collabs JSON to project 2023-06-27 21:07:21 +03:00
Pere Lev
6ae079a310
S2S: Project Add handler 2023-06-27 17:55:59 +03:00
Pere Lev
89185164b8
DB: Store the 'type' of remote actors 2023-06-27 13:27:51 +03:00
Pere Lev
224025b9b6
DB: Entities for project-component system 2023-06-27 03:20:30 +03:00
Pere Lev
64aae37b4f
UI: Minimal HTML page for Project 2023-06-26 23:50:33 +03:00
Pere Lev
232a0cd4df
S2S: Implement project handlers, based on the Deck ones 2023-06-26 23:26:53 +03:00
Pere Lev
224c290b04
S2S: Project creation and following 2023-06-26 23:12:40 +03:00
Pere Lev
9d6bbfdf92
C2S: Project creation 2023-06-26 23:01:41 +03:00
Pere Lev
372fd35f2c
Project routes, handlers and creation UI 2023-06-26 22:02:54 +03:00
Pere Lev
3db602e3bd
DB entity for Project 2023-06-26 17:26:20 +03:00
Pere Lev
050e8d09bc
Vocabulary for Project 2023-06-26 17:25:56 +03:00
Pere Lev
cc87b6e17d
Port deck creation to the new actor system 2023-06-19 18:44:12 +03:00
Pere Lev
0bd2ca8d5d
DB: Allow actors to mark they've just been created by someone
This will be used for sending that someone a grant with Admin access
2023-06-19 11:38:25 +03:00
Pere Lev
6e8cedadd1
Client: Fix bug: Invite target isn't addressed 2023-06-19 10:38:22 +03:00
Pere Lev
581838e550
Support the 6 ForgeFed roles + launch repo/deck/loom actor upon creation 2023-06-17 21:35:00 +03:00
Pere Lev
c8c2106eab
UI: In deck collaborator list, have a Remove button for each 2023-06-17 01:27:28 +03:00
Pere Lev
58518811e3
UI for publishing a Remove 2023-06-17 00:39:02 +03:00
Pere Lev
9673887479
C2S Remove handler 2023-06-17 00:28:35 +03:00
Pere Lev
7b64ab56b1
S2S Remove handlers for Person and Deck 2023-06-16 23:42:50 +03:00
Pere Lev
928ad8f9a9
UI in deck collaborators list, for adding a new collaborator 2023-06-16 20:12:40 +03:00
Pere Lev
aaa92d8141
UI for publishing an Invite 2023-06-16 17:39:11 +03:00
Pere Lev
ffb5dadac7
Link C2S handler with ClientMsg Person actor handler & port inviteC 2023-06-16 17:15:15 +03:00
Pere Lev
a683185918
Actor system: Add support for C2S actor methods 2023-06-15 20:23:50 +03:00
Pere Lev
d33f272ede
Switch to converged handlers than handle both local and remote activities
I was writing a topicLocalInvite handler when I realized how cumbersome
it's becoming, to have separate handlers for local activities. While it
allows me to pick custom specific message names and parameters (which is
why I took that approach in the first place), it causes a lot of
duplication and complexity (because I have to write the remote-activity
handlers anyway; adding local ones doesn't reduce complexity).

So this commit switches the entire system to communicate only using
AP/FF activities, including between local actors.
2023-06-15 15:44:43 +03:00
Pere Lev
d5d6b0af61
On app start, launch only verified Persons 2023-06-10 10:56:02 +03:00
Pere Lev
a41356c261
Upon account verification, launch the Person actor 2023-06-10 10:51:01 +03:00
Pere Lev
59e99f405a
Deck: Port Join handler 2023-06-09 09:40:10 +03:00
Pere Lev
85f77fcac4
Deck: Port Invite handler 2023-06-08 15:38:09 +03:00
Pere Lev
9955a3c0ad
Deck: Port/write Accept, Reject, Follow, Undo 2023-06-07 10:15:30 +03:00
Pere Lev
d467626049
Person: Implement (trivial) Revoke handler 2023-06-05 12:38:08 +03:00
Pere Lev
b4ebd08c5a
Person: Port Undo{Follow} handler 2023-06-05 11:34:58 +03:00
Pere Lev
552ef760e6
Person: Port Reject{Follow} handler 2023-06-05 10:03:20 +03:00
Pere Lev
9b0622cd7a
Person: Port the Accept{Follow} handler 2023-06-05 09:43:28 +03:00
Pere Lev
b759b87d0f
Person: Implement (the quite trivial) Join handler 2023-05-30 22:21:51 +03:00
Pere Lev
4d8e5de8b8
Person: Port Invite and Follow handlers to new system 2023-05-30 22:02:11 +03:00
Pere Lev
cc135692c0
Web.ActivityPub: Add Grant 'allows' & 'delegates' fields 2023-05-30 14:34:37 +03:00
Pere Lev
621275e257
Verify integrity proof on remote activities coming into local inboxes
Limitations:

- Only jcs-eddsa-2022 is supported for now, can add more easily if
  needed
- Not verifying forwarded local activities, only remotely-authored ones
- Fetching key and actor with HTTP without using the DB cache, because
  the current cache system is deprecated and I haven't yet created the
  new one
2023-05-30 12:51:41 +03:00
Pere Lev
e8e587af26
Generate FEP-8b32 authenticity proofs when delivering activities
Limitations:

- Verification of proofs not implemeneted yet, just generation.
  Verification probably coming in the next commit.
- Only jcs-eddsa-2022 is supported. Can add more cryptosuites once
  they're updated for the requirements of the VC Data Integrity spec.
- Bug: The proofs aren't stored in the DB versions of outgoing activities, i.e.
  HTTP GETing an activity won't include the proof. Probably not urgent
  to fix. Ideally, change the whole PersistJSONObject/Envelope/etc.
  thing to allow to serialize the activity exactly once.
2023-05-30 09:48:21 +03:00
Pere Lev
ba02d62eb5
Web.ActivityPub: Add Grant startTime and endTime 2023-05-29 10:47:41 +03:00
Pere Lev
a22aeb85d0
Web.ActivityPub: Add grantResult field, with optional duration 2023-05-29 09:50:17 +03:00
Pere Lev
906b5e8f44
Update docs for darcs->git switch, and switch from darcs-rev to gitrev 2023-05-25 13:55:56 +03:00
fr33domlover
6786e2e0e1 Implement theater-based remote delivery and port personGrant 2023-05-24 22:17:14 +00:00
fr33domlover
c9db823c8c Implement actor-model system and start moving Person actor to it
This patch makes Vervis temporarily unusable, because all actors' inbox POST
handlers use the new system, but the actual federation handler code hasn't been
ported. The next patches will port all the S2S activities supported so far, as
well as C2S.
2023-04-29 10:40:44 +00:00
fr33domlover
72796a6bdc UI, S2S: Implement Join flow in S2S + deck devs page now lists join requests 2022-11-14 15:11:25 +00:00
fr33domlover
e4d7156cbc S2S: Implement repoUndoF, loomUndoF, personUndoF 2022-10-31 14:13:18 +00:00
fr33domlover
9b158c13cd S2S: Implement deckUndoF 2022-10-27 16:27:58 +00:00
fr33domlover
934c69daae UI, S2S: Re-implement and re-enable Push activity
- When pushing to a repo, a Push activity is now automatically published
- The 'actor' is now the repo, and 'attributedTo' specifies the person who
  pushed
- No need for 'context' in the Push anymore, since it's always the 'actor'
- 'target' now specifies the branch as a Branch object rather than URI (since
  Vervis doesn't keep AS2 objects for branches anymore)
- I deleted 'pushCommitsC' (from Vervis.API) because the code for preparing and
  pushing an activity is so simple with the new delivery API, doesn't need a
  dedicated pushCommitsC function
- The generated Push activity does generate an HTML summary, unlike all other
  generated activities (in which I removed the summary generating code); I'm
  still unsure whether to bring back those summaries (extra code to write, for
  a problematic feature that may become useless when the new UI comes)
2022-10-26 10:47:38 +00:00
fr33domlover
340d1eacb1 S2S: loomFollowF & repoFollowF 2022-10-26 05:25:44 +00:00
fr33domlover
ee3548a940 S2S: Re-implement and re-enable deckFollowF 2022-10-25 19:02:07 +00:00
fr33domlover
648204ef80 S2S: Implement loomResolveF, allowing to close MR without Applying 2022-10-25 18:49:19 +00:00
fr33domlover
756c2952f2 S2S: Re-implement and re-enable personFollowF 2022-10-25 18:02:06 +00:00
fr33domlover
f76e80c028 S2S: Re-implement and re-enable deckResolveF 2022-10-25 16:12:48 +00:00
fr33domlover
8f8354ea5e C2S: Re-implement and enable resolveC, followC, undoC 2022-10-25 04:54:56 +00:00
fr33domlover
fa7f765e2e DB: Remote Ticket.status field 2022-10-20 15:41:47 +00:00
fr33domlover
fdf6a83c40 DB, UI: Prepare DB schema for Join flow + display deck collaborators & invites 2022-10-20 12:53:54 +00:00
fr33domlover
eb342b47ed DB: Move new entity declarations to a new module Vervis.Migration.Entities 2022-10-19 09:06:38 +00:00
fr33domlover
6407aaf897 DB: Avoid bulk-selecting specific-actor records
When looking up a specfic actor record for a given ActorId, you're pretty much
guaranteed to find the actor if it exists, because there's 1 function in the
codebase that handles this. Whenever a new actor type is added, which is a rare
event, that function gets updated.

But when mass-selecting actors using Esqueleto? Then, you need to LeftOuterJoin
by yourself on each actor type. This is both ugly and error prone, because all
those places in the codebase need to be updated when adding an actor type. The
only downside is that it means O(n) DB queries instead of O(1).

Perhaps there's some elegant way to "add" the specific-actor Joins to a given
Esqueleto query. Something to do some other time, as an optimization, if the
need arises.
2022-10-18 16:05:33 +00:00
fr33domlover
118b787416 UI: New ticket/MR creation form + deck/loom navigation links 2022-10-17 15:08:00 +00:00
fr33domlover
d8c65930ca UI, DB: Switch ticket filter to use TicketResolve instead of TicketStatus 2022-10-16 23:44:16 +00:00
fr33domlover
7ddb79d78d DB: If no workflow exists, add a dummy one 2022-10-16 23:42:41 +00:00
fr33domlover
e638ff4117 UI: In ticket/MR pages, display when and by whom the ticket was resolved 2022-10-16 22:25:21 +00:00
fr33domlover
58ca5e998e UI: Redirect DeckR to DeckTicketsR 2022-10-16 22:24:41 +00:00
fr33domlover
b99d864429 UI, Web: Re-enable ticket/MR replies view and commenting forms/buttons 2022-10-16 20:34:00 +00:00
fr33domlover
d5e913d97a S2S: Implement loomCreateNoteF 2022-10-16 12:24:41 +00:00
fr33domlover
2e7f9ef5e6 S2S: Re-enable deckCreateNoteF 2022-10-16 12:14:30 +00:00
fr33domlover
71bceec18b C2S, S2S: Re-enable createNoteC and personCreateNoteF 2022-10-16 11:26:24 +00:00
fr33domlover
8424c76de7 Link to per-actor keys from actor documents
Per-actor keys are now fully supported in Vervis! Caveats:

- The HTTP Signature keys produced by Vervis are Ed25519 keys; software that
  expects only RSA keys will fail here
- Like instance keys, per-actor keys are currently served in separate
  documents, not embedded in the actor document; so software that expects
  embedded keys will fail here
2022-10-12 18:01:52 +00:00
fr33domlover
32c87e3839 Improve the AP async HTTP delivery API and per-actor key support
New iteration of the ActivityPub delivery implementation and interface.
Advantages over previous interface:

* When sending a ByteString body, the sender is explicitly passed as a
  parameter instead of JSON-parsing it out of the ByteString
* Clear 3 operations provided: Send, Resend and Forward
* Support for per-actor keys
* Actor-type-specific functions (e.g. deliverRemoteDB_D) removed
* Only the most high-level API is exposed to Activity handler code, making
  handler code more concise and clear

Also added in this patch:

* Foundation for per-actor key support
* 1 key per actor allowed in DB
* Disabled C2S and S2S handlers now un-exported for clarity
* Audience and capability parsing automatically done for all C2S handlers
* Audience and activity composition automatically done for Vervis.Client
  builder functions

Caveats:

* Actor documents still don't link to their per-actor keys; that should be the
  last piece to complete per-actor key support
* No moderation and anti-spam tools yet
* Delivery API doesn't yet have good integration of persistence layer, e.g.
  activity is separately encoded into bytestring for DB and for HTTP; this will
  be improved in the next iteration
* Periodic delivery now done in 3 separate steps, running sequentially; it
  simplifies the code, but may be changed for efficiency/robustness in the next
  iterations
* Periodic delivery collects per-actor keys in a
  1-DB-transaction-for-each-delivery fashion, rather than grabbing them in the
  big Esqueleto query (or keeping the signed output in the DB; this isn't done
  currently to allow for smooth actor key renewal)
* No support yet in the API for delivery where the actor key has already been
  fetched, rather than doing a DB transaction to grab it; such support would be
  just an optimization, so it's low-priority, but will be added in later
  iterations
2022-10-12 16:50:11 +00:00
fr33domlover
0cc1e20f85 UX: Don't redirect to referer after login
It causes first login after verification to redirect to registration page,
which is weird, and the default Yesod falue is False, so, switching back to
False
2022-09-28 14:10:20 +00:00
fr33domlover
861d7636bc UX: Don't require login for verifying email address 2022-09-28 14:09:10 +00:00
fr33domlover
0d1de1278b UI: Add settings option to change main UI color 2022-09-28 06:03:43 +00:00
fr33domlover
84b70aa7b3 UI: If MR is applied, don't do the canApply check and display "RESOLVED" 2022-09-27 18:11:13 +00:00
fr33domlover
088d166d13 Fix infinite loop in getBundleR 2022-09-27 18:08:59 +00:00
fr33domlover
c5b85d11a9 UI: Since getLoomR doesn't have UI, redirect to LoomClothsR 2022-09-27 10:52:31 +00:00
fr33domlover
587ae5e8cc Fix query error in getTicketSummaries 2022-09-27 10:49:32 +00:00