Commit graph

643 commits

Author SHA1 Message Date
fr33domlover
1ae924558f Use updateGet for atomic access to projectNextTicket
`updateGet` isn't atomic by default. In PostgreSQL the default isolation level
if committed read, and an `update` followed by a `get` doesn't guarantee you
get the same value you sent. However I'm making a patch for `persistent` to
make `updateGet` atomic for PostgreSQL.
2019-06-18 10:47:01 +00:00
fr33domlover
fb909adf2e Handle Offer{Ticket} in project inbox, and turn DB ticketTitle into HTML 2019-06-17 19:55:03 +00:00
fr33domlover
4d5fa0551f Refactor the types used in activity authentication and handle project recipient
- The data returned from activity authentication has nicer types now, and no
  mess of big tuples.
- Activity authentication code has its own module now, Vervis.Federation.Auth.
- The sharer inbox handler can now handle and store activities by a local
  project actor, forwarded from a remote actor. This isn't in use right now,
  but once projects start publishing Accept activities, or other things, it may
  be needed.
2019-06-16 21:39:50 +00:00
fr33domlover
e1ae75b50c Add project outbox and outbox item routes 2019-06-16 21:37:31 +00:00
fr33domlover
a65979f5af Give Project an Outbox in the DB 2019-06-16 21:34:06 +00:00
fr33domlover
64a377b12f Use syntax highlighting in outbox item JSON display 2019-06-16 21:32:18 +00:00
fr33domlover
5aaf2ba8a9 Rename OutboxR to SharerOutboxR, because projects will have outboxes too 2019-06-16 14:58:00 +00:00
fr33domlover
ade24bb534 Pretty JSON display for getActorKey1/2 and getOutboxItemR 2019-06-15 19:03:39 +00:00
fr33domlover
499479b662 Decouple OutboxItem from Person via a new table named Outbox 2019-06-15 18:51:26 +00:00
fr33domlover
6452d239f2 Optional activity summary, set it when handling a Note in C2S 2019-06-15 16:24:34 +00:00
fr33domlover
68bdaf65a7 S2S sharer inbox: Handle Offer{Ticket} yay! 2019-06-15 14:51:48 +00:00
fr33domlover
2abb6a44a4 Load settings from default settings filename, not reading it from command line 2019-06-15 08:58:20 +00:00
fr33domlover
057f57ff0d Load settings only at run time, not using compile time settings at all 2019-06-15 08:56:20 +00:00
fr33domlover
4b20ed23b6 Stop using Vervis.Import and NoImplicitPrelude, switch to plain regular imports 2019-06-15 08:24:08 +00:00
fr33domlover
7686f3777e New module structure for ActivityPub C2S and S2S code 2019-06-15 04:39:13 +00:00
fr33domlover
1fb1829f6e Generate an Offer Ticket for every ticket, including project inbox item
CRITICAL: Due to the requirement that each new ticket points to its Offer
activity, ticket creation has been disabled! The next patches should implement
C2S submission of Offer Ticket, and then ticket creation will work again. Sorry
for that.
2019-06-14 17:45:37 +00:00
fr33domlover
4d61672f94 Add a MonadUnliftIO constraint in RemoteActorStore, was removed from MonadSite
Since MonadSite now requires MonadIO, and not MonadUnliftIO, to allow for more
instances, the MonadUnliftIO constraint may need to be added manually
sometimes.
2019-06-14 17:40:57 +00:00
fr33domlover
698059763a When building with dev flag, disable the approot host check middleware
This allows to browse via e.g. localhost:3000 even if the instance host is
something else and the rendered URLs don't have a port number. It still makes
many things impossible or inconvenient, but at least you can launch Vervis
locally for development and see pages. Right now even CSS doesn't work because
of the URLs not matching the actual localhost:3000 access. Maybe gradually I'll
figure it out.
2019-06-14 17:36:31 +00:00
fr33domlover
f8f3a31a8d Yesod.FedURI and Yesod.Hashids switch from MonadHandler to MonadSite 2019-06-14 17:21:38 +00:00
fr33domlover
6df2200f47 Yesod.MonadSite module gets some nice upgrades
- Fork and async are no longer class methods, which simplifies things a lot and
  allows for many more trivial instances, much like with MonadHandler. Fork and
  async are still available, but instead of unnecessarily being class methods,
  they are now provided as follows: You can fork and async a worker (no more
  fork/async for handler, because I never actually need that, and not sure
  there's ever a need for that in general), and you can do that from any
  MonadSite. So, you can fork or async a worker from a Handler, from a Worker,
  from a ReaderT on top of them e.g. inside runDB, and so on.
- Following the simplification, new MonadSite instances are provided, so far
  just the ones in actual use in the code. ReaderT, ExceptT and lazy RWST. More
  can be added easily. Oh, and WidgetFor got an instance too.

In particular, this change means there's no usage of `forkHandler` anymore, at
all. I wonder if it ever makes a difference to `forkWorker` versus
`forkHandler`. Like, does it cause memory leaks or anything. I guess could
check why `forkResource` etc. is good for in `forkHandler` implementation. I
suppose if needed, I could fix possible memory leaks in `forkWorker`.
2019-06-14 17:10:12 +00:00
fr33domlover
42febca91f Run DB migrations in Worker monad, to allow convenient MonadSite access 2019-06-12 22:17:06 +00:00
fr33domlover
b40ef116b1 For tickets by remote authors, link in the DB to the RemoteActivity, the Offer 2019-06-12 22:14:19 +00:00
fr33domlover
5df8965488 Some cleanup and term updates in Web.ActivityPub to match the spec and plans
* No more full URIs, all terms are used as short non-prefixed names
* Some terms support parsing full URI form for compatibility with objects in DB
* No more @context checking when parsing
* Use the new ForgeFed context URI specified in the spec draft
* Use an extension context URI for all custom properties not specific to forges
* Rename "events" property to "history", thanks cjslep for suggesting this name
2019-06-12 00:11:24 +00:00
fr33domlover
61d1029926 Project team and followers
* Have a project team collection, content is the same as ticket team (but
  potentially ticket team allows people to opt out of updates on specific
  tickets, while project team isn't tied to any specific ticket or other child
  object)
* Have a project followers collection, and address it in ticket comments in
  addition to the already used recipients (project, ticket team, ticket
  followers)
2019-06-11 12:19:51 +00:00
fr33domlover
970fa240fc Deliver to project inbox in postOutboxR and postProjectInboxR 2019-06-09 21:06:26 +00:00
fr33domlover
322d09658e (Hopefully correctly) fill project inboxes with ticket comment Create Notes 2019-06-09 18:41:37 +00:00
fr33domlover
bad1844cfc Reuse the getSharerInboxR code to implement getProjectInboxR 2019-06-09 16:45:53 +00:00
fr33domlover
f4e324e587 Give each project an inbox in DB 2019-06-09 16:21:23 +00:00
fr33domlover
f70aa42060 Add UniquePersonInbox to persistent model; each user has their own unique inbox 2019-06-09 15:56:42 +00:00
fr33domlover
71ab1c4459 Syntax-highlight the pretty JSON display of AP objects 2019-06-09 14:32:57 +00:00
fr33domlover
090c562553 Add an Inbox table in DB, make inbox related tables use it instead of Person
This allows the inbox system to be separate from Person, allowing other kinds
of objects to have inboxes too. Much like there's FollowerSet which works
separately from Tickets, and will allow to have follower sets for projects,
users, etc. too.

Inboxes are made independent from Person users because I'm going to give
Projects inboxes too.
2019-06-09 13:16:32 +00:00
fr33domlover
b1897a20c0 Allow ticket author to be a remote actor 2019-06-07 04:26:32 +00:00
fr33domlover
d73b113b4f Wrap AP Ticket in an Offer activity, this is how tickets will be created 2019-06-06 14:16:48 +00:00
fr33domlover
b69442b448 Move AP Ticket local URI fields into a dedicated TicketLocal type 2019-06-06 10:25:16 +00:00
fr33domlover
e31c8c600b Turn some AP ticket fields into Maybes 2019-06-04 09:36:14 +00:00
fr33domlover
04a2e9a817 In HTML pages with AP support, display link to pretty formatted JSON 2019-06-03 22:22:32 +00:00
fr33domlover
708f626294 Provide ActivityPub representation of tickets in getTicketR 2019-06-03 21:52:34 +00:00
fr33domlover
f7432e515c Add ticketDescription DB entity field, containing pandoc-rendered HTML 2019-06-03 12:45:02 +00:00
fr33domlover
17fe163c09 Rename ticketDesc to ticketSource 2019-06-03 11:02:28 +00:00
fr33domlover
5111cd9bc7 Forgot to record this line of code when renamed ProjectRole entity to Role 2019-06-03 11:01:21 +00:00
fr33domlover
46f116da60 In new comment form, turn CRLF into LF when running the form 2019-06-02 14:59:47 +00:00
fr33domlover
c7dccbb7fe Render in advance and store comment content as HTML alongside Markdown source 2019-06-02 14:41:51 +00:00
fr33domlover
facf4d7f3e Rename messageContent field to messageSource; content will soon be HTML 2019-06-02 12:04:35 +00:00
fr33domlover
21b7325c1b Rename role related tables to reflect the role unification
There used to be project roles and repo roles, and they were separate. A while
ago I merged them, and there has been a single role system, used with both
repos and projects. However the table names were still "ProjectRole" and things
like that. This patch renames some tables to just refer to a "Role" because
there's only one kind of role system.
2019-05-31 15:02:57 +00:00
fr33domlover
eb514b8c3f Use path segment in HighlightStyleR, addStylesheet doesn't support query params 2019-05-27 19:54:11 +00:00
fr33domlover
e02a0fa4db Make pandoc highlight style configurable in settings and in query parameter 2019-05-27 18:30:48 +00:00
fr33domlover
b8b226d15c Highlight code segments in pandoc rendered source file views 2019-05-27 13:28:57 +00:00
fr33domlover
18e9c16afb Define breadcrumbs for TicketTeamR and TicketParticipantsR 2019-05-26 10:32:56 +00:00
fr33domlover
70d51faa70 In notifications page, remove accidental display of hidden field labels 2019-05-25 22:27:20 +00:00
fr33domlover
b7e2776e6a Implement getTicketTeamR & getTicketParticipantsR (AS2 & HTML showing the JSON) 2019-05-25 22:05:59 +00:00
fr33domlover
ae1e10cab2 Vervis.Handler.Ticket: Import esqueleto qualified 2019-05-25 22:04:06 +00:00
fr33domlover
9689e9d471 Fix redirection bug in SharerInboxR 2019-05-25 20:24:13 +00:00
fr33domlover
95a0806ef3 Fix MessageR, setting audience to the one specified in the Create activity 2019-05-25 13:01:15 +00:00
fr33domlover
e848fe5fed Add unique UniqueLocalMessageCreate 2019-05-25 12:59:54 +00:00
fr33domlover
2eade80cfb Rewrite the localMessageCreate migration to insert real activities
A thing still missing there is that it sets empty audience for comments on
remote tickets, but that's fine because dev.angeley.es doesn't have such
comments in the database.
2019-05-25 12:44:09 +00:00
fr33domlover
e81eb80b8b Add field localMessageCreate, pointing to the OutboxItem that created it
I added a migration that creates an ugly fake OutboxItem for messages that
don't have one. I'll try to turn it into a real one. And then very possibly
remove the whole ugly migration, replacing it with addFielfRefRequiredEmpty,
which should work for empty instances.
2019-05-25 03:23:57 +00:00
fr33domlover
d77877eba5 In persistent models for migrations, suffix the names of uniques too 2019-05-25 03:20:01 +00:00
fr33domlover
5479c99e1c Serve trivial HTML (that just displays the JSON object) in getMessageR 2019-05-24 16:09:58 +00:00
fr33domlover
bd99729656 Loading settings was using deprecated functions, switch to new ones 2019-05-24 15:45:36 +00:00
fr33domlover
23e760e373 Build with LTS 13, GHC 8.6 2019-05-24 11:49:39 +00:00
fr33domlover
b64984495f Switch all HandlerT/WidgetT uses to HandlerFor/WidgetFor 2019-05-23 09:12:24 +00:00
fr33domlover
c531f41565 Implement basic notifications in DB and UI 2019-05-22 21:50:30 +00:00
fr33domlover
6d55b8c5d7 Display remote actor name in remote message view 2019-05-21 09:11:13 +00:00
fr33domlover
d1fea9eb51 Store names of remote actors in DB for display 2019-05-21 08:44:11 +00:00
fr33domlover
2573ff1d93 Parse and publish actor outboxes 2019-05-21 00:36:05 +00:00
fr33domlover
40d9a0990d Serve AS2 in getSharerInboxR 2019-05-21 00:14:49 +00:00
fr33domlover
7bcbe52274 Implement getOutboxR, both (trivial) HTML and AS2 2019-05-20 23:51:06 +00:00
fr33domlover
f07b56c259 Implement getOutboxItemR, serving AS2 and basic HTML 2019-05-18 10:09:47 +00:00
fr33domlover
6d304b9307 Smarter treatment of recipients that are collections
- Allow client to specify recipients that don't need to be delivered to
- When fetching recipient, recognize collections and don't try to deliver to
  them
- Remember collections in DB, and use that to skip HTTP delivery
2019-05-17 22:42:01 +00:00
fr33domlover
48882d65ad Allow AP C2S client to list recipients that aren't actors to deliver to 2019-05-17 10:47:53 +00:00
fr33domlover
07281f6900 Fix infinite loop in ActivityPub audience parsing 2019-05-16 21:22:45 +00:00
fr33domlover
b12ad49b62 Remove unused accidentally left line 2019-05-16 21:21:51 +00:00
fr33domlover
ebc3f016b6 In outbox POST handler logging, fix the display of OutboxItemId number 2019-05-12 20:24:33 +00:00
fr33domlover
d70d34bb6b Debug logs for periodic delivery 2019-05-11 22:26:06 +00:00
fr33domlover
48cfccd3d2 Use forkFinally in ResultShare to be sure we always catch exceptions & set MVar 2019-05-10 21:33:08 +00:00
fr33domlover
f88dcef0d7 Do some debug logging during delivery in outbox POST handler 2019-05-10 20:38:55 +00:00
fr33domlover
770983e829 In outbox POST handler, run async delivery using Worker instead of Handler
Worker is enough and seems much simpler. forkHandler does stuff with
forkResourceT and more stuff that I don't exactly understand and which may
involve more resource allocation. I guess forkWorker would generally be the
preferred approach, and there are bugs with delivery leading to sudden
CPU/memory peaks forcing me to kill the process. Maybe not related, just
mentioning it ^_^
2019-05-10 04:36:21 +00:00
fr33domlover
e29053145f Log errors for linked delivery from outbox, both in handler and periodic 2019-05-09 23:09:34 +00:00
fr33domlover
635952a797 When parsing a LocalURI, use a *valid* dummy host
The previous dummy host was "h", which doesn't contain periods, so the `FedURI`
parser rejects it.
2019-05-09 22:03:19 +00:00
fr33domlover
273fcf972f When delivering activities, sign the Digest header
Looks like I forgot to add it to the list of headers to sign
2019-05-09 21:26:33 +00:00
fr33domlover
ddb6bb0472 When publishing a comment via PublishR, don't specify 'published' time
The server expects not to see it, and wants to set it by itself
2019-05-07 03:12:47 +00:00
fr33domlover
0e4070db75 In ticket discussion, have links to the individual messages (MessageR route) 2019-05-07 02:54:45 +00:00
fr33domlover
9bc78bf303 When posting ticket comment in regular UI, don't specify published time
The outbox handler wants to set it, and it expects it not be set by the client.
2019-05-07 01:51:21 +00:00
fr33domlover
a6bfb0cf36 Show note about federation being disabled, and list other known instances 2019-05-05 22:00:26 +00:00
fr33domlover
6bba8ff47f Fix breadcrumb of TicketMessageR 2019-05-05 21:02:26 +00:00
fr33domlover
67a77b1897 In layout header, link to federation status info page 2019-05-05 11:36:10 +00:00
fr33domlover
8303baa69d Implement GETing the personal inbox 2019-05-05 10:20:55 +00:00
fr33domlover
f6eaca2fa8 When project receives remote ticket comment, add author to followers 2019-05-03 23:55:49 +00:00
fr33domlover
5770c62692 Plug the project inbox handler code into the actual POST handler function 2019-05-03 23:18:57 +00:00
fr33domlover
b0a26722d3 Do inbox forwarding in project inbox handler 2019-05-03 21:04:53 +00:00
fr33domlover
5d5c56695e Remember for deliveries in the DB, whether they should sign forwarding 2019-05-02 09:31:56 +00:00
fr33domlover
93cf861ed0 When delivering a comment on a remote ticket, enable inbox forwarding
In the new inbox forwarding scheme, we use an additional special HTTP signature
to indicate that we allow or expect forwarding, and to allow that forwarding to
later be verified. When delivering a comment on a remote ticket, we'd like the
project to do inbox forwarding. Based on the URI alone, it's impossible to tell
which recipient is the project, and I guess there are various tricks we could
use here, but for now a very simple solution is used: Enable forwarding for all
remote recipients whose host is the same as the ticket's host.
2019-05-02 02:06:47 +00:00
fr33domlover
3d9438714b In sharer inbox, accept forwarded activities, including ones of local users 2019-05-01 23:13:22 +00:00
fr33domlover
f789a773e4 Stop using YesodHttpSig, move code from Foundation to Federation 2019-04-29 07:39:20 +00:00
fr33domlover
951364036f Update activity POSTing code to use the new forwarding mechanism
It's not documented yet, but basically I replaced the custom input string with
an HTTPSig based one.
2019-04-28 10:18:50 +00:00
fr33domlover
1fcec035f0 Do some checks on the host in FedURI parsing
Until now, there were some simple host checks when verifying the HTTP sig,
meant to forbid hosts that are IP addresses, local hosts, and maybe other weird
cases. These checks moved to Network.FedURI, so now FedURIs in general aren't
allowed to have such hosts. The host type is still `Text` though, for now.
2019-04-28 09:47:32 +00:00
fr33domlover
342467297a Put inbox activity auth code in a dedicated function in Vervis.Federation 2019-04-26 21:41:01 +00:00
fr33domlover
9d5399d636 Give project actors signing keys, just like user actors, needed for forwarding
Since project actors are the ones sending inbox forwards, they need to announce
keys and allow their HTTP Signatures to be verified.
2019-04-26 13:04:00 +00:00
fr33domlover
811217fd17 Return keyid and digest after inbox verification, for use in forwarding 2019-04-26 04:15:07 +00:00
fr33domlover
f346da9106 New module Yesod.ActivityPub, use it in Vervis.Federation for delivery POSTing 2019-04-26 03:23:49 +00:00