Backport fixes to 3.2 (#15360)
* Fix 2FA/sign-in token sessions being valid after password change (#14802) If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token * Fix Move handler not being triggered when failing to fetch target (#15107) When failing to fetch the target account, the ProcessingWorker fails as expected, but since it hasn't cleared the `move_in_progress` flag, the next attempt at processing skips the `Move` activity altogether. This commit changes it to clear the flag when encountering any unexpected error on fetching the target account. This is likely to occur because, of, e.g., a timeout, when many instances query the same actor at the same time. * Fix slow distinct queries where grouped queries are faster (#15287) About 2x speed-up on inboxes query * Fix possible inconsistencies in tag search (#14906) Do not downcase the queried tag before passing it to postgres when searching: - tags are not downcased on creation - `arel_table[:name].lower.matches(pattern)` generates an ILIKE anyway - if Postgres and Rails happen to use different case-folding rules, downcasing before query but not before insertion may mean that some tags with some casings are not searchable * Fix updating account counters when account_stat is not yet created (#15108) * Fix account processing failing because of large collections (#15027) Fixes #15025 * Fix downloading remote media files when server returns empty filename (#14867) Fixes #14817 * Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests * Remove dependency on unused and unmaintained http_parser.rb gem (#14574) It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem (it now depends on the “http-parser” gem), and, still years ago, we pulled it from git in order to benefit from a bugfix that wasn't released yet (#7467). * Add tootctl maintenance fix-duplicates (#14860, #15201, #15264, #15349, #15359) * Fix old migration script not being able to run if it fails midway (#15361) * Fix old migration script not being able to run if it fails midway Improve the robustness of a migration script likely to fail because of database corruption so it can run again once database corruptions are fixed. * Display a specific error message in case of index corruption Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com> Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
This commit is contained in:
parent
a583e54023
commit
406adfca27
24 changed files with 821 additions and 77 deletions
|
@ -415,7 +415,7 @@ class Account < ApplicationRecord
|
|||
end
|
||||
|
||||
def inboxes
|
||||
urls = reorder(nil).where(protocol: :activitypub).pluck(Arel.sql("distinct coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url)"))
|
||||
urls = reorder(nil).where(protocol: :activitypub).group(:preferred_inbox_url).pluck(Arel.sql("coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url) AS preferred_inbox_url"))
|
||||
DeliveryFailureTracker.without_unavailable(urls)
|
||||
end
|
||||
|
||||
|
|
|
@ -21,26 +21,26 @@ class AccountStat < ApplicationRecord
|
|||
|
||||
def increment_count!(key)
|
||||
update(attributes_for_increment(key))
|
||||
rescue ActiveRecord::StaleObjectError
|
||||
rescue ActiveRecord::StaleObjectError, ActiveRecord::RecordNotUnique
|
||||
begin
|
||||
reload_with_id
|
||||
rescue ActiveRecord::RecordNotFound
|
||||
# Nothing to do
|
||||
else
|
||||
retry
|
||||
return
|
||||
end
|
||||
|
||||
retry
|
||||
end
|
||||
|
||||
def decrement_count!(key)
|
||||
update(key => [public_send(key) - 1, 0].max)
|
||||
rescue ActiveRecord::StaleObjectError
|
||||
update(attributes_for_decrement(key))
|
||||
rescue ActiveRecord::StaleObjectError, ActiveRecord::RecordNotUnique
|
||||
begin
|
||||
reload_with_id
|
||||
rescue ActiveRecord::RecordNotFound
|
||||
# Nothing to do
|
||||
else
|
||||
retry
|
||||
return
|
||||
end
|
||||
|
||||
retry
|
||||
end
|
||||
|
||||
private
|
||||
|
@ -51,8 +51,13 @@ class AccountStat < ApplicationRecord
|
|||
attrs
|
||||
end
|
||||
|
||||
def attributes_for_decrement(key)
|
||||
attrs = { key => [public_send(key) - 1, 0].max }
|
||||
attrs
|
||||
end
|
||||
|
||||
def reload_with_id
|
||||
self.id = find_by!(account: account).id if new_record?
|
||||
self.id = self.class.find_by!(account: account).id if new_record?
|
||||
reload
|
||||
end
|
||||
end
|
||||
|
|
|
@ -43,7 +43,7 @@ class Form::AccountBatch
|
|||
end
|
||||
|
||||
def account_domains
|
||||
accounts.pluck(Arel.sql('distinct domain')).compact
|
||||
accounts.group(:domain).pluck(:domain).compact
|
||||
end
|
||||
|
||||
def accounts
|
||||
|
|
|
@ -126,7 +126,7 @@ class Tag < ApplicationRecord
|
|||
end
|
||||
|
||||
def search_for(term, limit = 5, offset = 0, options = {})
|
||||
normalized_term = normalize(term.strip).mb_chars.downcase.to_s
|
||||
normalized_term = normalize(term.strip)
|
||||
pattern = sanitize_sql_like(normalized_term) + '%'
|
||||
query = Tag.listable.where(arel_table[:name].lower.matches(pattern))
|
||||
query = query.where(arel_table[:name].lower.eq(normalized_term).or(arel_table[:reviewed_at].not_eq(nil))) if options[:exclude_unreviewed]
|
||||
|
|
|
@ -61,7 +61,7 @@ class User < ApplicationRecord
|
|||
devise :two_factor_backupable,
|
||||
otp_number_of_backup_codes: 10
|
||||
|
||||
devise :registerable, :recoverable, :rememberable, :trackable, :validatable,
|
||||
devise :registerable, :recoverable, :rememberable, :validatable,
|
||||
:confirmable
|
||||
|
||||
include Omniauthable
|
||||
|
@ -161,6 +161,24 @@ class User < ApplicationRecord
|
|||
prepare_new_user! if new_user && approved?
|
||||
end
|
||||
|
||||
def update_sign_in!(request, new_sign_in: false)
|
||||
old_current, new_current = current_sign_in_at, Time.now.utc
|
||||
self.last_sign_in_at = old_current || new_current
|
||||
self.current_sign_in_at = new_current
|
||||
|
||||
old_current, new_current = current_sign_in_ip, request.remote_ip
|
||||
self.last_sign_in_ip = old_current || new_current
|
||||
self.current_sign_in_ip = new_current
|
||||
|
||||
if new_sign_in
|
||||
self.sign_in_count ||= 0
|
||||
self.sign_in_count += 1
|
||||
end
|
||||
|
||||
save(validate: false) unless new_record?
|
||||
prepare_returning_user!
|
||||
end
|
||||
|
||||
def pending?
|
||||
!approved?
|
||||
end
|
||||
|
@ -192,11 +210,6 @@ class User < ApplicationRecord
|
|||
prepare_new_user!
|
||||
end
|
||||
|
||||
def update_tracked_fields!(request)
|
||||
super
|
||||
prepare_returning_user!
|
||||
end
|
||||
|
||||
def disable_two_factor!
|
||||
self.otp_required_for_login = false
|
||||
otp_backup_codes&.clear
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue