1
0
Commit Graph

1252 Commits

Author SHA1 Message Date
Hazelnoot 7c002ce56e move all Rate Limit type defs to rate-limit-utils.ts 2024-12-08 11:33:57 -05:00
Hazelnoot 8b091f77ca check for invalid rate limit inputs 2024-12-08 09:46:49 -05:00
Hazelnoot a7a1edc92e fix NaN from extremely high rate limits 2024-12-08 09:22:38 -05:00
Hazelnoot 2781f53d6b support fractional rate limit scaling 2024-12-08 08:32:05 -05:00
Hazelnoot afb026ebea fix import order in SigninWithPasskeyApiService 2024-12-08 07:49:06 -05:00
Hazelnoot fc5399a67d revert un-needed changes to RateLimiterService 2024-12-08 07:47:52 -05:00
Hazelnoot f6b256620b separate SkRateLimiterService from RateLimiterService and update all usages 2024-12-07 13:13:19 -05:00
Hazelnoot 32635ecc25 fix rate limit storage in redis 2024-12-07 12:15:38 -05:00
Hazelnoot 8239ce4282 fix incorrect X-RateLimit-Remaining header 2024-12-07 12:14:42 -05:00
Hazelnoot 7698db88e5 fix DI in SkRateLimiterService 2024-12-07 12:14:25 -05:00
Hazelnoot ffc2737478 implement SkRateLimiterService with Leaky Bucket rate limiting 2024-12-07 10:22:49 -05:00
Julia 52976588a7 merge: Bump develop version (!789)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/789
2024-11-28 06:15:32 +00:00
dakkar 9309872cff simpler check for "property present" 2024-11-27 21:25:54 +00:00
dakkar 3ea85b14a3 silence linter
those objects always have the normal prototype, and can't have
`hasOwnProperty` redefined, let me call it normally

(otherwise I'd have to write
`Object.prototype.hasOwnProperty.call(newUser, field)` and that's
ugly)
2024-11-27 21:01:12 +00:00
dakkar fc277839b6 only "publish to followers" when things really change - fixes #733 2024-11-27 10:36:19 +00:00
dakkar 8e07eb7f44 remove duplicate limit
the `users/lists/push` endpoint already has a limit, of 30/hour
2024-11-22 23:14:37 +00:00
dakkar caaa78d98d merge: Add default rate limit (!768)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/768

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Tess K <me@thvxl.se>
Approved-by: Marie <github@yuugi.dev>
2024-11-22 23:03:34 +00:00
Hazelnoot dbab122a99 fix typo "to many requests" 2024-11-22 15:26:55 -05:00
Hazelnoot e3b826db5a add rate limits to all public endpoints 2024-11-22 15:19:24 -05:00
Hazelnoot 6b54405003 add default / fallback rate limit 2024-11-22 13:53:41 -05:00
Julia 41536480ce merge: Bump develop version (!766)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/766
2024-11-21 02:58:28 +00:00
Julia Johannesen cbf8cc376e fix: primitive 18: ap/get bypasses access checks
One might argue that we could make this one actually preform access
checks against the returned activity object, but I feel like that's a
lot more work than just restricting it to administrators, since, to me
at least, it seems more like a debugging tool than anything else.
2024-11-20 19:17:25 -05:00
Julia Johannesen c04f344049 fix: primitive 13: check attribution against actor in notes 2024-11-20 19:17:25 -05:00
Julia Johannesen fb54546573 Fix linter error in emojis endpoint 2024-11-20 01:17:24 -05:00
dakkar 482538c7f8 merge: make emoji categories and names case insensitive. (!746)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/746

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
2024-11-17 13:22:39 +00:00
Hazelnoot da2dfee0a8 merge: Remove check to prevent admin reporting (Fixes #757) (!727)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/727

Closes #757

Approved-by: Julia <julia@insertdomain.name>
Approved-by: Marie <github@yuugi.dev>
Approved-by: Hazelnoot <acomputerdog@gmail.com>
2024-11-17 00:39:08 +00:00
piuvas eaad96aae3 edit query 2024-11-15 13:40:53 -03:00
Caramel 03559156b9 Improve performance of notes/following API 2024-11-09 00:32:03 +01:00
Kio! 8477909af2 Update report-abuse.ts 2024-11-03 19:50:25 +00:00
Hazel K 37fd454f70 factor out shared code 2024-11-02 17:39:16 -04:00
Hazel K 3a72bf453a respect following privacy settings 2024-11-02 17:39:16 -04:00
Hazel K 65d81a4ae2 Revert "fix incorrect populated object in followers endpoint"
This reverts commit 7b9473bf4c0b55facede0e1d1e33297d14184110.
2024-11-02 17:39:16 -04:00
Hazel K 8f0df1f01c check for blocks in following / followers endpoints 2024-11-02 17:39:16 -04:00
Hazel K c566fa1f36 require auth for followers & following endpoints 2024-11-02 17:39:16 -04:00
Marie d786e96c2b upd: add FriendlyCaptcha as a captcha solution
FriendlyCaptcha is a german captcha solution which is GDPR compliant and has a non-commerical free license
2024-11-02 02:20:35 +01:00
Hazelnoot ade801ec58 check token permissions in admin/accounts/create.ts 2024-11-01 10:12:28 -04:00
Hazelnoot f36a1a5701 allow admins to create approved users 2024-11-01 09:29:40 -04:00
Hazelnoot ca1cdc4ea3 fix poll option limit in masto API 2024-10-26 10:38:29 -04:00
Hazelnoot 01e98c75ab add separate limits for CW length 2024-10-26 10:04:23 -04:00
Hazelnoot 10d3d9f382 fix unit tests 2024-10-26 09:49:28 -04:00
Hazel K 67185a5d5d fix UUID format 2024-10-26 09:49:28 -04:00
Hazel K 560ee43dcf separate character limits for local and remote notes 2024-10-26 09:49:28 -04:00
Lhc_fl 67f977f4ff fix: return getfromdb when FanoutTimeline is not enabled 2024-10-23 23:14:46 +08:00
dakkar 60be692a0a merge: fix: should use invite limit cycle to calculate invite/limit (!706)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/706

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
2024-10-22 14:07:17 +00:00
Lhc_fl 6aaeda13b9 fix: should use invite limit cycle to calculate invite/limit 2024-10-22 18:48:24 +08:00
Hazelnoot 04654b2f84 add "followers" tab to following feed 2024-10-21 17:55:06 -04:00
Hazelnoot 053b47d78a return error when calling following feed with both includeReplies and filesOnly 2024-10-21 17:55:06 -04:00
Hazelnoot 6430a191f7 fix duplicate users in the following feed 2024-10-21 17:55:06 -04:00
Marie 65ac5fef46 fix: default sensitive not letting users unmark files 2024-10-20 11:04:48 +02:00
dakkar 2a4c91efcc Merge branch 'develop' into feature/2024.9.0 2024-10-18 22:09:11 +01:00