diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..7ab0722 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,10 @@ +root = true + +[*] +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +charset = utf-8 + +[*.go] +indent_style = tab diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d1a7fc2..c4deaa9 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,3 +5,11 @@ updates: open-pull-requests-limit: 50 schedule: interval: "monthly" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + - package-ecosystem: "docker" + directory: "/Dockerfile" + schedule: + interval: "daily" diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 0000000..683d5c4 --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,61 @@ +name: Build container image, publish as GitHub-package + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +on: + push: + branches: [ main, develop ] + # Publish semver tags as releases. + tags: + - 'v*.*.*' + +env: + # Use docker.io for Docker Hub if empty + REGISTRY: ghcr.io + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + +jobs: + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@v3.0.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v4.6.0 + with: + images: | + ghcr.io/${{ github.repository }} + flavor: latest=true + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker images + uses: docker/build-push-action@v5.0.0 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.gitignore b/.gitignore index f33ebb0..45bf28e 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ node_modules *.swp *.swo +static/local/custom.css build tmp *.ini diff --git a/Dockerfile b/Dockerfile index 53e7ba5..44bf954 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,21 @@ # Build image -FROM golang:1.15-alpine as build +FROM golang:1.19-alpine as build + +LABEL org.opencontainers.image.source=https://github.com/writefreely/writefreely +LABEL org.opencontainers.image.description="WriteFreely is a clean, minimalist publishing platform made for writers. Start a blog, share knowledge within your organization, or build a community around the shared act of writing." RUN apk add --update nodejs npm make g++ git RUN npm install -g less less-plugin-clean-css -RUN go get -u github.com/go-bindata/go-bindata/... RUN mkdir -p /go/src/github.com/writefreely/writefreely WORKDIR /go/src/github.com/writefreely/writefreely COPY . . +RUN cat ossl_legacy.cnf > /etc/ssl/openssl.cnf + ENV GO111MODULE=on +ENV NODE_OPTIONS=--openssl-legacy-provider RUN make build \ && make ui @@ -24,7 +29,7 @@ RUN mkdir /stage && \ /stage # Final image -FROM alpine:3.12 +FROM alpine:3 RUN apk add --no-cache openssl ca-certificates COPY --from=build --chown=daemon:daemon /stage /go diff --git a/Makefile b/Makefile index 10d04b2..b230cb7 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ GITREV=`git describe | cut -c 2-` -LDFLAGS=-ldflags="-X 'github.com/writefreely/writefreely.softwareVer=$(GITREV)'" +LDFLAGS=-ldflags="-s -w -X 'github.com/writefreely/writefreely.softwareVer=$(GITREV)'" GOCMD=go GOINSTALL=$(GOCMD) install $(LDFLAGS) @@ -14,50 +14,50 @@ TMPBIN=./tmp all : build -ci: ci-assets deps +ci: deps cd cmd/writefreely; $(GOBUILD) -v -build: assets deps - cd cmd/writefreely; $(GOBUILD) -v -tags='sqlite' +build: deps + cd cmd/writefreely; $(GOBUILD) -v -tags='netgo sqlite' -build-no-sqlite: assets-no-sqlite deps-no-sqlite - cd cmd/writefreely; $(GOBUILD) -v -o $(BINARY_NAME) +build-no-sqlite: deps-no-sqlite + cd cmd/writefreely; $(GOBUILD) -v -tags='netgo' -o $(BINARY_NAME) build-linux: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=linux/amd64, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=linux/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-windows: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=windows/amd64, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=windows/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-darwin: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=darwin/amd64, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=darwin/amd64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-arm6: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=linux/arm-6, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=linux/arm-6, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-arm7: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=linux/arm-7, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=linux/arm-7, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-arm64: deps @hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u src.techknowlogick.com/xgo; \ + $(GOCMD) install src.techknowlogick.com/xgo@latest; \ fi - xgo --targets=linux/arm64, -dest build/ $(LDFLAGS) -tags='sqlite' -go go-1.15.x -out writefreely ./cmd/writefreely + xgo --targets=linux/arm64, -dest build/ $(LDFLAGS) -tags='netgo sqlite' -go go-1.19.x -out writefreely -pkg ./cmd/writefreely . build-docker : $(DOCKERCMD) build -t $(IMAGE_NAME):latest -t $(IMAGE_NAME):$(GITREV) . @@ -65,8 +65,8 @@ build-docker : test: $(GOTEST) -v ./... -run: dev-assets - $(GOINSTALL) -tags='sqlite' ./... +run: + $(GOINSTALL) -tags='netgo sqlite' ./... $(BINARY_NAME) --debug deps : @@ -81,11 +81,12 @@ install : build cmd/writefreely/$(BINARY_NAME) --init-db cd less/; $(MAKE) install $(MFLAGS) -release : clean ui assets +release : clean ui mkdir -p $(BUILDPATH) cp -r templates $(BUILDPATH) cp -r pages $(BUILDPATH) cp -r static $(BUILDPATH) + rm -r $(BUILDPATH)/static/local scripts/invalidate-css.sh $(BUILDPATH) mkdir $(BUILDPATH)/keys $(MAKE) build-linux @@ -133,35 +134,12 @@ ui : force_look cd less/; $(MAKE) $(MFLAGS) cd prose/; $(MAKE) $(MFLAGS) -assets : generate - go-bindata -pkg writefreely -ignore=\\.gitignore -tags="!wflib" schema.sql sqlite.sql - -assets-no-sqlite: generate - go-bindata -pkg writefreely -ignore=\\.gitignore -tags="!wflib" schema.sql - -dev-assets : generate - go-bindata -pkg writefreely -ignore=\\.gitignore -debug -tags="!wflib" schema.sql sqlite.sql - -lib-assets : generate - go-bindata -pkg writefreely -ignore=\\.gitignore -o bindata-lib.go -tags="wflib" schema.sql - -generate : - @hash go-bindata > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ - $(GOGET) -u github.com/jteeuwen/go-bindata/go-bindata; \ - fi - $(TMPBIN): mkdir -p $(TMPBIN) -$(TMPBIN)/go-bindata: deps $(TMPBIN) - $(GOBUILD) -o $(TMPBIN)/go-bindata github.com/jteeuwen/go-bindata/go-bindata - $(TMPBIN)/xgo: deps $(TMPBIN) $(GOBUILD) -o $(TMPBIN)/xgo src.techknowlogick.com/xgo -ci-assets : $(TMPBIN)/go-bindata - $(TMPBIN)/go-bindata -pkg writefreely -ignore=\\.gitignore -tags="!wflib" schema.sql sqlite.sql - clean : -rm -rf build -rm -rf tmp diff --git a/README.md b/README.md index c165820..7831e57 100644 --- a/README.md +++ b/README.md @@ -86,4 +86,4 @@ Before contributing anything, please read our [Contributing Guide](https://githu ## License -Copyright © 2018-2021 [A Bunch Tell LLC](https://abunchtell.com) and contributing authors. Licensed under the [AGPL](https://github.com/writefreely/writefreely/blob/develop/LICENSE). +Copyright © 2018-2022 [Musing Studio LLC](https://musing.studio) and contributing authors. Licensed under the [AGPL](https://github.com/writefreely/writefreely/blob/develop/LICENSE). diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..4bf2cfd --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy + +## Reporting a Vulnerability + +To report a vulnerability, send an email to security@writefreely.org. diff --git a/account.go b/account.go index 6ab73bd..4af1ba3 100644 --- a/account.go +++ b/account.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -13,6 +13,7 @@ package writefreely import ( "encoding/json" "fmt" + "github.com/mailgun/mailgun-go" "html/template" "net/http" "regexp" @@ -504,7 +505,7 @@ func login(app *App, w http.ResponseWriter, r *http.Request) error { // User has no email set, so check if they haven't added a password, either, // so we can return a more helpful error message. if hasPass, _ := app.db.IsUserPassSet(u.ID); !hasPass { - log.Info("Tried logging in to %s, but no password or email.", signin.Alias) + log.Info("Tried logging into %s, but no password or email.", signin.Alias) return impart.HTTPError{http.StatusPreconditionFailed, "This user never added a password or email address. Please contact us for help."} } } @@ -577,7 +578,7 @@ func getVerboseAuthUser(app *App, token string, u *User, verbose bool) *AuthUser } passIsSet, err := app.db.IsUserPassSet(u.ID) if err != nil { - // TODO: correct error meesage + // TODO: correct error message log.Error("Login: Unable to get user collections: %v", err) } @@ -787,6 +788,9 @@ func viewArticles(app *App, u *User, w http.ResponseWriter, r *http.Request) err silenced, err := app.db.IsUserSilenced(u.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("view articles: %v", err) } d := struct { @@ -822,7 +826,10 @@ func viewCollections(app *App, u *User, w http.ResponseWriter, r *http.Request) silenced, err := app.db.IsUserSilenced(u.ID) if err != nil { - log.Error("view collections %v", err) + if err == ErrUserNotFound { + return err + } + log.Error("view collections: %v", err) return fmt.Errorf("view collections: %v", err) } d := struct { @@ -856,11 +863,11 @@ func viewEditCollection(app *App, u *User, w http.ResponseWriter, r *http.Reques return ErrCollectionNotFound } - // Add collection properties - c.Monetization = app.db.GetCollectionAttribute(c.ID, "monetization_pointer") - silenced, err := app.db.IsUserSilenced(u.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("view edit collection %v", err) return fmt.Errorf("view edit collection: %v", err) } @@ -869,12 +876,19 @@ func viewEditCollection(app *App, u *User, w http.ResponseWriter, r *http.Reques *UserPage *Collection Silenced bool + + config.EmailCfg + LetterReplyTo string }{ UserPage: NewUserPage(app, r, u, "Edit "+c.DisplayTitle(), flashes), Collection: c, Silenced: silenced, + EmailCfg: app.cfg.Email, } obj.UserPage.CollAlias = c.Alias + if obj.EmailCfg.Enabled() { + obj.LetterReplyTo = app.db.GetCollectionAttribute(c.ID, collAttrLetterReplyTo) + } showUserPage(w, "collection", obj) return nil @@ -1038,22 +1052,28 @@ func viewStats(app *App, u *User, w http.ResponseWriter, r *http.Request) error silenced, err := app.db.IsUserSilenced(u.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("view stats: %v", err) return err } obj := struct { *UserPage - VisitsBlog string - Collection *Collection - TopPosts *[]PublicPost - APFollowers int - Silenced bool + VisitsBlog string + Collection *Collection + TopPosts *[]PublicPost + APFollowers int + EmailEnabled bool + EmailSubscribers int + Silenced bool }{ - UserPage: NewUserPage(app, r, u, titleStats+"Stats", flashes), - VisitsBlog: alias, - Collection: c, - TopPosts: topPosts, - Silenced: silenced, + UserPage: NewUserPage(app, r, u, titleStats+"Stats", flashes), + VisitsBlog: alias, + Collection: c, + TopPosts: topPosts, + EmailEnabled: app.cfg.Email.Enabled(), + Silenced: silenced, } obj.UserPage.CollAlias = c.Alias if app.cfg.App.Federation { @@ -1063,14 +1083,79 @@ func viewStats(app *App, u *User, w http.ResponseWriter, r *http.Request) error } obj.APFollowers = len(*folls) } + if obj.EmailEnabled { + subs, err := app.db.GetEmailSubscribers(c.ID, true) + if err != nil { + return err + } + obj.EmailSubscribers = len(subs) + } showUserPage(w, "stats", obj) return nil } +func handleViewSubscribers(app *App, u *User, w http.ResponseWriter, r *http.Request) error { + vars := mux.Vars(r) + c, err := app.db.GetCollection(vars["collection"]) + if err != nil { + return err + } + + filter := r.FormValue("filter") + + flashes, _ := getSessionFlashes(app, w, r, nil) + obj := struct { + *UserPage + Collection CollectionNav + EmailSubs []*EmailSubscriber + Followers *[]RemoteUser + Silenced bool + + Filter string + FederationEnabled bool + CanEmailSub bool + CanAddSubs bool + EmailSubsEnabled bool + }{ + UserPage: NewUserPage(app, r, u, c.DisplayTitle()+" Subscribers", flashes), + Collection: CollectionNav{ + Collection: c, + Path: r.URL.Path, + SingleUser: app.cfg.App.SingleUser, + }, + Silenced: u.IsSilenced(), + Filter: filter, + FederationEnabled: app.cfg.App.Federation, + CanEmailSub: app.cfg.Email.Enabled(), + EmailSubsEnabled: c.EmailSubsEnabled(), + } + + obj.Followers, err = app.db.GetAPFollowers(c) + if err != nil { + return err + } + + obj.EmailSubs, err = app.db.GetEmailSubscribers(c.ID, true) + if err != nil { + return err + } + + if obj.Filter == "" { + // Set permission to add email subscribers + //obj.CanAddSubs = app.db.GetUserAttribute(c.OwnerID, userAttrCanAddEmailSubs) == "1" + } + + showUserPage(w, "subscribers", obj) + return nil +} + func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) error { fullUser, err := app.db.GetUserByID(u.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("Unable to get user for settings: %s", err) return impart.HTTPError{http.StatusInternalServerError, "Unable to retrieve user data. The humans have been alerted."} } @@ -1153,6 +1238,54 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err return nil } +func loginViaEmail(app *App, alias, redirectTo string) error { + if !app.cfg.Email.Enabled() { + return fmt.Errorf("EMAIL ISN'T CONFIGURED on this server") + } + + // Make sure user has added an email + // TODO: create a new func to just get user's email; "ForAuth" doesn't match here + u, _ := app.db.GetUserForAuth(alias) + if u == nil { + if strings.IndexAny(alias, "@") > 0 { + return ErrUserNotFoundEmail + } + return ErrUserNotFound + } + if u.Email.String == "" { + return impart.HTTPError{http.StatusPreconditionFailed, "User doesn't have an email address. Log in with password, instead."} + } + + // Generate one-time login token + t, err := app.db.GetTemporaryOneTimeAccessToken(u.ID, 60*15, true) + if err != nil { + log.Error("Unable to generate token for email login: %s", err) + return impart.HTTPError{http.StatusInternalServerError, "Unable to generate token."} + } + + // Send email + gun := mailgun.NewMailgun(app.cfg.Email.Domain, app.cfg.Email.MailgunPrivate) + toEmail := u.EmailClear(app.keys) + footerPara := "This link will only work once and expires in 15 minutes. Didn't ask us to log in? You can safely ignore this email." + + plainMsg := fmt.Sprintf("Log in to %s here: %s/login?to=%s&with=%s\n\n%s", app.cfg.App.SiteName, app.cfg.App.Host, redirectTo, t, footerPara) + m := mailgun.NewMessage(app.cfg.App.SiteName+" ", "Log in to "+app.cfg.App.SiteName, plainMsg, fmt.Sprintf("<%s>", toEmail)) + m.AddTag("Email Login") + + m.SetHtml(fmt.Sprintf(` + +
+

%s

+

Log in to %s here.

+

%s

+
+ +`, app.cfg.App.Host, app.cfg.App.SiteName, app.cfg.App.Host, redirectTo, t, app.cfg.App.SiteName, footerPara)) + _, _, err = gun.Send(m) + + return err +} + func saveTempInfo(app *App, key, val string, r *http.Request, w http.ResponseWriter) error { session, err := app.sessionStore.Get(r, "t") if err != nil { diff --git a/account_import.go b/account_import.go index b34f3a7..656852f 100644 --- a/account_import.go +++ b/account_import.go @@ -5,7 +5,6 @@ import ( "fmt" "html/template" "io" - "io/ioutil" "net/http" "os" "path/filepath" @@ -100,7 +99,7 @@ func handleImport(app *App, u *User, w http.ResponseWriter, r *http.Request) err } defer file.Close() - tempFile, err := ioutil.TempFile("", "post-upload-*.txt") + tempFile, err := os.CreateTemp("", "post-upload-*.txt") if err != nil { fileErrs = append(fileErrs, fmt.Errorf("Internal error for %s", formFile.Filename)) log.Error("import file: create temp file %s: %v", formFile.Filename, err) diff --git a/activitypub.go b/activitypub.go index 720d5c9..02fb9e7 100644 --- a/activitypub.go +++ b/activitypub.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -17,22 +17,25 @@ import ( "encoding/base64" "encoding/json" "fmt" - "io/ioutil" + "io" "net/http" "net/http/httputil" "net/url" "path/filepath" "strconv" + "strings" "time" "github.com/gorilla/mux" "github.com/writeas/activity/streams" + "github.com/writeas/activityserve" "github.com/writeas/httpsig" "github.com/writeas/impart" "github.com/writeas/web-core/activitypub" "github.com/writeas/web-core/activitystreams" "github.com/writeas/web-core/id" "github.com/writeas/web-core/log" + "github.com/writeas/web-core/silobridge" ) const ( @@ -60,6 +63,7 @@ type RemoteUser struct { ActorID string Inbox string SharedInbox string + URL string Handle string } @@ -452,7 +456,7 @@ func handleFetchCollectionInbox(app *App, w http.ResponseWriter, r *http.Request followerID = remoteUser.ID } else { // Add follower locally, since it wasn't found before - res, err := t.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox) VALUES (?, ?, ?)", fullActor.ID, fullActor.Inbox, fullActor.Endpoints.SharedInbox) + res, err := t.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox, url) VALUES (?, ?, ?, ?)", fullActor.ID, fullActor.Inbox, fullActor.Endpoints.SharedInbox, fullActor.URL) if err != nil { // if duplicate key, res will be nil and panic on // res.LastInsertId below @@ -549,7 +553,7 @@ func makeActivityPost(hostName string, p *activitystreams.Person, url string, m defer resp.Body.Close() } - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { return err } @@ -601,7 +605,7 @@ func resolveIRI(hostName, url string) ([]byte, error) { defer resp.Body.Close() } - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { return nil, err } @@ -644,10 +648,7 @@ func deleteFederatedPost(app *App, p *PublicPost, collID int64) error { for si, instFolls := range inboxes { na.CC = []string{} - for _, f := range instFolls { - na.CC = append(na.CC, f) - } - + na.CC = append(na.CC, instFolls...) da := activitystreams.NewDeleteActivity(na) // Make the ID unique to ensure it works in Pleroma // See: https://git.pleroma.social/pleroma/pleroma/issues/1481 @@ -713,9 +714,7 @@ func federatePost(app *App, p *PublicPost, collID int64, isUpdate bool) error { // add all followers from that instance // to the CC field na.CC = []string{} - for _, f := range instFolls { - na.CC = append(na.CC, f) - } + na.CC = append(na.CC, instFolls...) // create a new "Create" activity // with our article as object if isUpdate { @@ -764,8 +763,8 @@ func federatePost(app *App, p *PublicPost, collID int64, isUpdate bool) error { func getRemoteUser(app *App, actorID string) (*RemoteUser, error) { u := RemoteUser{ActorID: actorID} - var handle sql.NullString - err := app.db.QueryRow("SELECT id, inbox, shared_inbox, handle FROM remoteusers WHERE actor_id = ?", actorID).Scan(&u.ID, &u.Inbox, &u.SharedInbox, &handle) + var urlVal, handle sql.NullString + err := app.db.QueryRow("SELECT id, inbox, shared_inbox, url, handle FROM remoteusers WHERE actor_id = ?", actorID).Scan(&u.ID, &u.Inbox, &u.SharedInbox, &urlVal, &handle) switch { case err == sql.ErrNoRows: return nil, impart.HTTPError{http.StatusNotFound, "No remote user with that ID."} @@ -774,6 +773,7 @@ func getRemoteUser(app *App, actorID string) (*RemoteUser, error) { return nil, err } + u.URL = urlVal.String u.Handle = handle.String return &u, nil @@ -783,7 +783,8 @@ func getRemoteUser(app *App, actorID string) (*RemoteUser, error) { // from the @user@server.tld handle func getRemoteUserFromHandle(app *App, handle string) (*RemoteUser, error) { u := RemoteUser{Handle: handle} - err := app.db.QueryRow("SELECT id, actor_id, inbox, shared_inbox FROM remoteusers WHERE handle = ?", handle).Scan(&u.ID, &u.ActorID, &u.Inbox, &u.SharedInbox) + var urlVal sql.NullString + err := app.db.QueryRow("SELECT id, actor_id, inbox, shared_inbox, url FROM remoteusers WHERE handle = ?", handle).Scan(&u.ID, &u.ActorID, &u.Inbox, &u.SharedInbox, &urlVal) switch { case err == sql.ErrNoRows: return nil, ErrRemoteUserNotFound @@ -791,6 +792,7 @@ func getRemoteUserFromHandle(app *App, handle string) (*RemoteUser, error) { log.Error("Couldn't get remote user %s: %v", handle, err) return nil, err } + u.URL = urlVal.String return &u, nil } @@ -824,6 +826,69 @@ func getActor(app *App, actorIRI string) (*activitystreams.Person, *RemoteUser, return actor, remoteUser, nil } +func GetProfileURLFromHandle(app *App, handle string) (string, error) { + handle = strings.TrimLeft(handle, "@") + actorIRI := "" + parts := strings.Split(handle, "@") + if len(parts) != 2 { + return "", fmt.Errorf("invalid handle format") + } + domain := parts[1] + + // Check non-AP instances + if siloProfileURL := silobridge.Profile(parts[0], domain); siloProfileURL != "" { + return siloProfileURL, nil + } + + remoteUser, err := getRemoteUserFromHandle(app, handle) + if err != nil { + // can't find using handle in the table but the table may already have this user without + // handle from a previous version + // TODO: Make this determination. We should know whether a user exists without a handle, or doesn't exist at all + actorIRI = RemoteLookup(handle) + _, errRemoteUser := getRemoteUser(app, actorIRI) + // if it exists then we need to update the handle + if errRemoteUser == nil { + _, err := app.db.Exec("UPDATE remoteusers SET handle = ? WHERE actor_id = ?", handle, actorIRI) + if err != nil { + log.Error("Couldn't update handle '%s' for user %s", handle, actorIRI) + } + } else { + // this probably means we don't have the user in the table so let's try to insert it + // here we need to ask the server for the inboxes + remoteActor, err := activityserve.NewRemoteActor(actorIRI) + if err != nil { + log.Error("Couldn't fetch remote actor: %v", err) + } + if debugging { + log.Info("Got remote actor: %s %s %s %s %s", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), remoteActor.URL(), handle) + } + _, err = app.db.Exec("INSERT INTO remoteusers (actor_id, inbox, shared_inbox, url, handle) VALUES(?, ?, ?, ?, ?)", actorIRI, remoteActor.GetInbox(), remoteActor.GetSharedInbox(), remoteActor.URL(), handle) + if err != nil { + log.Error("Couldn't insert remote user: %v", err) + return "", err + } + actorIRI = remoteActor.URL() + } + } else if remoteUser.URL == "" { + log.Info("Remote user %s URL empty, fetching", remoteUser.ActorID) + newRemoteActor, err := activityserve.NewRemoteActor(remoteUser.ActorID) + if err != nil { + log.Error("Couldn't fetch remote actor: %v", err) + } else { + _, err := app.db.Exec("UPDATE remoteusers SET url = ? WHERE actor_id = ?", newRemoteActor.URL(), remoteUser.ActorID) + if err != nil { + log.Error("Couldn't update handle '%s' for user %s", handle, actorIRI) + } else { + actorIRI = newRemoteActor.URL() + } + } + } else { + actorIRI = remoteUser.URL + } + return actorIRI, nil +} + // unmarshal actor normalizes the actor response to conform to // the type Person from github.com/writeas/web-core/activitysteams // diff --git a/admin.go b/admin.go index 2b757ca..258d0b8 100644 --- a/admin.go +++ b/admin.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -13,6 +13,7 @@ package writefreely import ( "database/sql" "fmt" + "html/template" "net/http" "runtime" "strconv" @@ -102,13 +103,16 @@ func NewAdminPage(app *App) *AdminPage { return ap } -func (c instanceContent) UpdatedFriendly() string { +func (c instanceContent) UpdatedFriendly() template.HTML { /* // TODO: accept a locale in this method and use that for the format var loc monday.Locale = monday.LocaleEnUS return monday.Format(u.Created, monday.DateTimeFormatsByLocale[loc], loc) */ - return c.Updated.Format("January 2, 2006, 3:04 PM") + if c.Updated.IsZero() { + return "Never" + } + return template.HTML(c.Updated.Format("January 2, 2006, 3:04 PM")) } func handleViewAdminDash(app *App, u *User, w http.ResponseWriter, r *http.Request) error { @@ -426,9 +430,9 @@ func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Requ } // Add in default pages - var hasAbout, hasPrivacy bool + var hasAbout, hasContact, hasPrivacy bool for i, c := range p.Pages { - if hasAbout && hasPrivacy { + if hasAbout && hasContact && hasPrivacy { break } if c.ID == "about" { @@ -436,6 +440,11 @@ func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Requ if !c.Title.Valid { p.Pages[i].Title = defaultAboutTitle(app.cfg) } + } else if c.ID == "contact" { + hasContact = true + if !c.Title.Valid { + p.Pages[i].Title = defaultContactTitle() + } } else if c.ID == "privacy" { hasPrivacy = true if !c.Title.Valid { @@ -451,6 +460,13 @@ func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Requ Updated: defaultPageUpdatedTime, }) } + if !hasContact { + p.Pages = append(p.Pages, &instanceContent{ + ID: "contact", + Title: defaultContactTitle(), + Content: defaultContactPage(app), + }) + } if !hasPrivacy { p.Pages = append(p.Pages, &instanceContent{ ID: "privacy", @@ -489,6 +505,8 @@ func handleViewAdminPage(app *App, u *User, w http.ResponseWriter, r *http.Reque // Get pre-defined pages, or select slug if slug == "about" { p.Content, err = getAboutPage(app) + } else if slug == "contact" { + p.Content, err = getContactPage(app) } else if slug == "privacy" { p.Content, err = getPrivacyPage(app) } else if slug == "landing" { @@ -523,7 +541,7 @@ func handleAdminUpdateSite(app *App, u *User, w http.ResponseWriter, r *http.Req id := vars["page"] // Validate - if id != "about" && id != "privacy" && id != "landing" && id != "reader" { + if id != "about" && id != "contact" && id != "privacy" && id != "landing" && id != "reader" { return impart.HTTPError{http.StatusNotFound, "No such page."} } diff --git a/app.go b/app.go index 4c4aeb9..42d9891 100644 --- a/app.go +++ b/app.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -13,9 +13,10 @@ package writefreely import ( "crypto/tls" "database/sql" + _ "embed" "fmt" "html/template" - "io/ioutil" + "net" "net/http" "net/url" "os" @@ -35,12 +36,13 @@ import ( "github.com/writeas/web-core/auth" "github.com/writeas/web-core/converter" "github.com/writeas/web-core/log" + "golang.org/x/crypto/acme/autocert" + "github.com/writefreely/writefreely/author" "github.com/writefreely/writefreely/config" "github.com/writefreely/writefreely/key" "github.com/writefreely/writefreely/migrations" "github.com/writefreely/writefreely/page" - "golang.org/x/crypto/acme/autocert" ) const ( @@ -56,7 +58,7 @@ var ( debugging bool // Software version can be set from git env using -ldflags - softwareVer = "0.13.1" + softwareVer = "0.14.0" // DEPRECATED VARS isSingleUser bool @@ -174,7 +176,7 @@ func (app *App) LoadKeys() error { executable = filepath.Base(executable) } - app.keys.EmailKey, err = ioutil.ReadFile(emailKeyPath) + app.keys.EmailKey, err = os.ReadFile(emailKeyPath) if err != nil { return err } @@ -182,7 +184,7 @@ func (app *App) LoadKeys() error { if debugging { log.Info(" %s", cookieAuthKeyPath) } - app.keys.CookieAuthKey, err = ioutil.ReadFile(cookieAuthKeyPath) + app.keys.CookieAuthKey, err = os.ReadFile(cookieAuthKeyPath) if err != nil { return err } @@ -190,7 +192,7 @@ func (app *App) LoadKeys() error { if debugging { log.Info(" %s", cookieKeyPath) } - app.keys.CookieKey, err = ioutil.ReadFile(cookieKeyPath) + app.keys.CookieKey, err = os.ReadFile(cookieKeyPath) if err != nil { return err } @@ -198,7 +200,7 @@ func (app *App) LoadKeys() error { if debugging { log.Info(" %s", csrfKeyPath) } - app.keys.CSRFKey, err = ioutil.ReadFile(csrfKeyPath) + app.keys.CSRFKey, err = os.ReadFile(csrfKeyPath) if err != nil { if os.IsNotExist(err) { log.Error(`Missing key: %s. @@ -315,7 +317,7 @@ func handleTemplatedPage(app *App, w http.ResponseWriter, r *http.Request, t *te }{ StaticPage: pageForReq(app, r), } - if r.URL.Path == "/about" || r.URL.Path == "/privacy" { + if r.URL.Path == "/about" || r.URL.Path == "/contact" || r.URL.Path == "/privacy" { var c *instanceContent var err error @@ -326,6 +328,12 @@ func handleTemplatedPage(app *App, w http.ResponseWriter, r *http.Request, t *te p.AboutStats = &InstanceStats{} p.AboutStats.NumPosts, _ = app.db.GetTotalPosts() p.AboutStats.NumBlogs, _ = app.db.GetTotalCollections() + } else if r.URL.Path == "/contact" { + c, err = getContactPage(app) + if c.Updated.IsZero() { + // Page was never set up, so return 404 + return ErrPostNotFound + } } else { c, err = getPrivacyPage(app) } @@ -356,6 +364,11 @@ func pageForReq(app *App, r *http.Request) page.StaticPage { Version: "v" + softwareVer, } + // Use custom style, if file exists + if _, err := os.Stat(filepath.Join(staticDir, "local", "custom.css")); err == nil { + p.CustomCSS = true + } + // Add user information, if given var u *User accessToken := r.FormValue("t") @@ -415,6 +428,17 @@ func Initialize(apper Apper, debug bool) (*App, error) { initActivityPub(apper.App()) + if apper.App().cfg.Email.Domain != "" || apper.App().cfg.Email.MailgunPrivate != "" { + if apper.App().cfg.Email.Domain == "" { + log.Error("[FAILED] Starting publish jobs queue: no [letters]domain config value set.") + } else if apper.App().cfg.Email.MailgunPrivate == "" { + log.Error("[FAILED] Starting publish jobs queue: no [letters]mailgun_private config value set.") + } else { + log.Info("Starting publish jobs queue...") + go startPublishJobsQueue(apper.App()) + } + } + // Handle local timeline, if enabled if apper.App().cfg.App.LocalTimeline { log.Info("Initializing local timeline...") @@ -503,9 +527,41 @@ requests. We recommend supplying a valid host name.`) err = http.ListenAndServeTLS(fmt.Sprintf("%s:443", bindAddress), app.cfg.Server.TLSCertPath, app.cfg.Server.TLSKeyPath, r) } } else { - log.Info("Serving on http://%s:%d\n", bindAddress, app.cfg.Server.Port) + network := "tcp" + protocol := "http" + if strings.HasPrefix(bindAddress, "/") { + network = "unix" + protocol = "http+unix" + + // old sockets will remain after server closes; + // we need to delete them in order to open new ones + err = os.Remove(bindAddress) + if err != nil && !os.IsNotExist(err) { + log.Error("%s already exists but could not be removed: %v", bindAddress, err) + os.Exit(1) + } + } else { + bindAddress = fmt.Sprintf("%s:%d", bindAddress, app.cfg.Server.Port) + } + + log.Info("Serving on %s://%s", protocol, bindAddress) log.Info("---") - err = http.ListenAndServe(fmt.Sprintf("%s:%d", bindAddress, app.cfg.Server.Port), r) + listener, err := net.Listen(network, bindAddress) + if err != nil { + log.Error("Could not bind to address: %v", err) + os.Exit(1) + } + + if network == "unix" { + err = os.Chmod(bindAddress, 0o666) + if err != nil { + log.Error("Could not update socket permissions: %v", err) + os.Exit(1) + } + } + + defer listener.Close() + err = http.Serve(listener, r) } if err != nil { log.Error("Unable to start: %v", err) @@ -529,8 +585,8 @@ func (app *App) InitDecoder() { // tests the connection. func ConnectToDatabase(app *App) error { // Check database configuration - if app.cfg.Database.Type == driverMySQL && (app.cfg.Database.User == "" || app.cfg.Database.Password == "") { - return fmt.Errorf("Database user or password not set.") + if app.cfg.Database.Type == driverMySQL && app.cfg.Database.User == "" { + return fmt.Errorf("Database user not set.") } if app.cfg.Database.Host == "" { app.cfg.Database.Host = "localhost" @@ -812,6 +868,16 @@ func connectToDatabase(app *App) { func shutdown(app *App) { log.Info("Closing database connection...") app.db.Close() + if strings.HasPrefix(app.cfg.Server.Bind, "/") { + // Clean up socket + log.Info("Removing socket file...") + err := os.Remove(app.cfg.Server.Bind) + if err != nil { + log.Error("Unable to remove socket: %s", err) + os.Exit(1) + } + log.Info("Success.") + } } // CreateUser creates a new admin or normal user from the given credentials. @@ -874,15 +940,18 @@ func CreateUser(apper Apper, username, password string, isAdmin bool) error { return nil } -func adminInitDatabase(app *App) error { - schemaFileName := "schema.sql" - if app.cfg.Database.Type == driverSQLite { - schemaFileName = "sqlite.sql" - } +//go:embed schema.sql +var schemaSql string - schema, err := Asset(schemaFileName) - if err != nil { - return fmt.Errorf("Unable to load schema file: %v", err) +//go:embed sqlite.sql +var sqliteSql string + +func adminInitDatabase(app *App) error { + var schema string + if app.cfg.Database.Type == driverSQLite { + schema = sqliteSql + } else { + schema = schemaSql } tblReg := regexp.MustCompile("CREATE TABLE (IF NOT EXISTS )?`([a-z_]+)`") @@ -898,7 +967,7 @@ func adminInitDatabase(app *App) error { } else { log.Info("Creating table ??? (Weird query) No match in: %v", parts) } - _, err = app.db.Exec(q) + _, err := app.db.Exec(q) if err != nil { log.Error("%s", err) } else { @@ -908,7 +977,7 @@ func adminInitDatabase(app *App) error { // Set up migrations table log.Info("Initializing appmigrations table...") - err = migrations.SetInitialMigrations(migrations.NewDatastore(app.db.DB, app.db.driverName)) + err := migrations.SetInitialMigrations(migrations.NewDatastore(app.db.DB, app.db.driverName)) if err != nil { return fmt.Errorf("Unable to set initial migrations: %v", err) } diff --git a/auth.go b/auth.go index fbee601..e871bdd 100644 --- a/auth.go +++ b/auth.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/author/author.go b/author/author.go index 7431ac5..a95eb61 100644 --- a/author/author.go +++ b/author/author.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -11,6 +11,7 @@ package author import ( + "github.com/writeas/web-core/log" "github.com/writefreely/writefreely/config" "os" "path/filepath" @@ -113,10 +114,17 @@ func IsValidUsername(cfg *config.Config, username string) bool { // Username is invalid if page with the same name exists. So traverse // available pages, adding them to reservedUsernames map that'll be checked // later. - filepath.Walk(filepath.Join(cfg.Server.PagesParentDir, "pages"), func(path string, i os.FileInfo, err error) error { + err := filepath.Walk(filepath.Join(cfg.Server.PagesParentDir, "pages"), func(path string, i os.FileInfo, err error) error { + if err != nil { + return err + } reservedUsernames[i.Name()] = true return nil }) + if err != nil { + log.Error("[IMPORTANT WARNING]: Could not determine IsValidUsername! %s", err) + return false + } // Username is invalid if it is reserved! if _, reserved := reservedUsernames[username]; reserved { diff --git a/bindata-lib.go b/bindata-lib.go deleted file mode 100644 index 9f4a3fd..0000000 --- a/bindata-lib.go +++ /dev/null @@ -1,106 +0,0 @@ -// +build wflib - -package writefreely - -import ( - "bytes" - "compress/gzip" - "fmt" - "io" - "strings" -) - -func bindata_read(data []byte, name string) ([]byte, error) { - gz, err := gzip.NewReader(bytes.NewBuffer(data)) - if err != nil { - return nil, fmt.Errorf("Read %q: %v", name, err) - } - - var buf bytes.Buffer - _, err = io.Copy(&buf, gz) - gz.Close() - - if err != nil { - return nil, fmt.Errorf("Read %q: %v", name, err) - } - - return buf.Bytes(), nil -} - -var _schema_sql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xd4\x59\x5f\x6f\xa3\x38\x10\x7f\xef\xa7\xf0\xdb\xa6\x52\x23\x6d\x7a\xdd\xaa\xba\xd3\x3e\x64\x53\x76\x2f\xba\x94\xee\x25\x44\xba\x7d\x02\x03\x93\xd4\xaa\xb1\x91\x6d\x92\xe6\xdb\x9f\x8c\x49\x08\x86\x24\xd0\xdb\x3b\x71\x7d\x2a\xcc\x6f\x8c\xfd\x9b\x3f\x9e\x99\x0c\x87\x57\xc3\x21\x7a\xc4\x0a\x87\x58\xc2\xaf\x28\xd8\x0a\xa2\x60\x25\x00\xe8\x2e\xb8\x1a\x0e\xaf\xb4\x78\xf8\xce\x3f\xad\xac\xf5\x3d\x1c\x52\x40\x52\x89\x2c\x52\x99\x00\xb4\xe2\x02\xa9\xfc\x5d\x80\xa3\x08\xa4\x54\xfc\x15\x98\x34\xdf\x9b\xcc\x9d\xb1\xe7\x20\x6f\xfc\x65\xe6\xa0\xe9\x57\xe4\x3e\x7b\xc8\xf9\x6b\xba\xf0\x16\x16\x1a\x0d\xae\x10\x0a\xf2\x87\x00\x85\x84\x61\xb1\x1b\x8c\xee\xaf\x73\x05\x77\x39\x9b\xdd\x68\x71\x26\x41\xf8\x24\x0e\x10\x61\x6a\x60\x0b\x65\x16\xf3\x00\x29\xc2\x76\x5a\x3a\x2a\xa5\xe8\xd1\xf9\x3a\x5e\xce\x3c\xf4\xe1\xe3\x87\x1c\xc9\x19\xf8\x8a\x24\xd0\x0e\x1d\x09\xc0\x0a\xe2\x00\xc5\x58\x81\x56\xab\x43\x27\xcb\xf9\xdc\x71\x3d\xdf\x9b\x3e\x39\x0b\x6f\xfc\xf4\x3d\x57\x84\xb7\x94\x08\x90\x47\x8a\x7b\x7c\xf5\x40\x78\x0d\x4c\x05\x68\x83\x45\xf4\x82\xc5\xe0\xf6\xd3\xa7\xeb\x1a\xf2\xfb\x7c\xfa\x34\x9e\xff\x40\x7f\x38\x3f\xd0\xa0\xa0\xe9\xfa\xea\x1a\x39\xee\xb7\xa9\xeb\x7c\x9e\x32\xc6\x1f\xbf\x94\xfb\xf9\x7d\x3c\x5f\x38\xde\x67\x8a\x15\x61\xa3\xdf\xfe\x75\xb3\xa7\x69\xc4\x99\xd2\xa7\xb8\x6c\xf4\x12\x6b\x4c\xae\xcd\xb9\x3f\xfa\x2f\xb6\x4d\x0f\xd0\x04\x62\x92\x25\x0a\xde\x54\x7e\xb8\xf1\xc4\x73\xe6\x68\xe1\x78\x28\x53\xab\x07\x34\x79\x9e\xcd\xf4\x17\xf5\x83\x1f\x12\x66\x79\x4d\x1a\xbf\xcb\x80\x55\xce\x49\xdc\x2b\xc2\x13\xb2\x16\x58\x11\xde\x18\x68\x16\xc0\x10\xbd\x01\x21\x09\x67\x26\x78\x46\x23\x8b\x69\x03\x6f\x64\x29\x97\x0b\x90\x19\x55\x01\xca\x4d\xb0\x97\xf4\x85\x8f\x88\x53\x0a\x91\x3e\x2c\x56\x4a\x90\x30\x53\xd0\x22\xff\x34\x6a\x19\xae\x4a\xd1\xc9\x74\x73\xd0\x29\xdd\x77\x74\xfb\x60\x81\x36\x98\x66\x60\x85\x76\xdd\x7f\x93\xf0\xae\xe2\xc2\x49\x78\x57\xf3\xe2\xaa\x33\x56\xf7\x77\x73\xb4\x99\xde\xf8\x68\xb9\xc5\x57\xd8\x75\xb2\x46\x8e\x6f\x6d\x87\x34\x0b\x29\x89\xfc\x57\xd8\x05\x28\xa4\x3c\xb4\xa4\x82\x6c\xb0\x82\x13\xe2\x73\xa4\xf6\x90\xc8\x14\x4b\xb9\xe5\x22\xee\xc4\x66\xa9\xd4\x9e\xd2\x42\x25\x40\xb9\xd7\xde\x7f\xbc\xfe\x3f\xb3\x26\x20\x26\x02\x22\xd5\x89\xb5\x52\xc9\xb0\x96\x0a\xd8\xf8\x98\x12\x2c\x8f\xc2\xfd\xa3\x45\x4c\xc0\x60\x7b\x11\x54\x65\xef\x68\xdd\x1e\x52\xd7\x89\x32\x79\x74\xa1\x5b\x5e\x85\xc6\x4b\xef\xd9\x9f\xba\x93\xb9\xf3\xe4\xb8\x9e\xc9\x9f\x0d\x3c\xb5\x4f\x8d\xb5\x4a\x4a\x11\x45\x7f\x4e\xa6\x0d\x62\x90\x91\x20\xa9\xca\x2f\xcb\xc3\xfe\xee\x3b\xed\xaf\x5a\x99\xaa\x1d\x05\x5f\xbe\x00\x14\x17\xa8\x79\x9b\x7f\xa4\xb8\x51\x5b\xaf\x9c\xab\xae\xb8\x48\xf0\x51\xc9\xf8\x50\x2f\x18\x4d\xe6\x8b\x76\x8d\x35\xae\xa9\x82\xb7\xec\x4c\x35\xbd\x21\xb0\xf5\x23\x9e\xe9\xe2\xab\x41\x5e\xaf\x8d\xf4\xdb\xa5\x3b\xfd\x73\xe9\xe4\x2f\xf7\xf6\x1d\x04\x3d\xf3\xee\x94\xcb\x36\xa9\xc0\xc0\x4a\x8f\x2e\x9c\xc0\xee\x39\x68\xb6\xb6\x7c\xb8\x66\x88\x84\xc7\x64\xb5\xf3\x8b\xd6\xc6\xd4\xb9\xb7\x0d\x38\xed\x07\x3e\x4e\x53\xc0\x02\xb3\x08\x0a\xe8\x5d\x53\x67\xc2\xb8\x48\x4c\x73\x42\x31\x5b\x67\x78\xbd\x47\x37\xad\x2b\x14\xad\x38\xc1\x4f\xf0\x94\xda\x12\xcd\x97\x4a\xfd\x4b\x84\x31\x88\xfd\x94\x4b\x62\xa2\xeb\xe8\x8b\x4b\x77\x31\xfd\xe6\x3a\x8f\x0d\x8b\xef\x1b\x30\x5d\x95\x4a\x85\x93\xb4\x6d\x07\x76\xa8\xfc\x3b\x6b\x5e\x70\x7f\x3b\xdd\xfc\x93\xec\x70\xe8\x71\xba\x25\x82\x8e\xe1\x48\x62\xdf\x38\x6b\xbd\x78\xcc\xdf\xd7\x14\x4a\xa3\x0f\xca\xff\x6f\x0e\x6b\xe7\x98\xc2\x73\x0a\xd4\xde\x8f\x6e\x7a\xd5\x2b\x09\x48\xb8\x82\x15\xa7\x94\x6f\x5b\xc4\x7d\x15\x7e\xb2\x64\xaa\xf5\x4f\x46\xcf\xaf\x4c\x28\x6a\xa0\xd3\xa3\x84\xcb\x25\xbe\xf5\x81\x9e\xf1\xab\xb7\xd5\xae\xce\xb7\xf0\xf5\x21\x40\x7e\x75\x77\xe7\xf6\x6c\x1f\x70\x39\x3e\x8c\xc5\x0f\x1e\xdf\x7f\xb6\x3b\x51\x6d\xd7\x66\xc7\xec\x35\x16\x67\x91\xe2\x86\x8a\xd3\x56\x21\x2c\xe4\x6f\xe7\x00\xf2\x05\x0b\x88\xfd\x4b\xb8\xcb\xb6\xb1\xe2\x6f\x50\x6e\xaf\x37\x76\xd1\x24\x77\x99\x3d\x58\x78\x63\x9d\xb3\xe3\xcd\x86\x79\xc3\xfd\xdd\x7f\x34\x6e\xd8\x6f\xac\x97\x83\x06\xbd\x39\xc2\x36\xa4\x99\xf7\x8a\xd8\x2a\xe7\x6c\x8a\xab\x75\x4e\x7d\x44\x86\xdf\x74\x42\x90\x01\x92\x09\xa6\xf4\x64\x2d\x74\x36\xc9\xb7\x99\x0a\x13\x86\x23\x45\x36\xcd\xf3\xe9\x3e\xd1\xde\xd2\xd1\x3b\x76\x86\x5a\x85\xe1\x04\xde\xdd\x1c\x5e\x1a\x66\x54\x57\x32\x7c\x1d\x16\x32\x8f\xf5\x75\x20\xc1\x84\xe6\x5b\x2a\x7e\x9d\x68\x9c\xd3\xbf\xfb\xd7\x82\xcb\x59\xb0\xa4\x65\x50\xfe\xdf\xab\x28\x94\x26\xce\xe2\x53\x61\x78\x90\x17\xee\x90\x3f\xf9\x27\xc3\xf1\xe4\x7d\xdf\xfa\xcc\x7f\x07\x00\x00\xff\xff\xbe\x79\x68\xa8\x10\x1b\x00\x00") - -func schema_sql() ([]byte, error) { - return bindata_read( - _schema_sql, - "schema.sql", - ) -} - -// Asset loads and returns the asset for the given name. -// It returns an error if the asset could not be found or -// could not be loaded. -func Asset(name string) ([]byte, error) { - cannonicalName := strings.Replace(name, "\\", "/", -1) - if f, ok := _bindata[cannonicalName]; ok { - return f() - } - return nil, fmt.Errorf("Asset %s not found", name) -} - -// AssetNames returns the names of the assets. -func AssetNames() []string { - names := make([]string, 0, len(_bindata)) - for name := range _bindata { - names = append(names, name) - } - return names -} - -// _bindata is a table, holding each asset generator, mapped to its name. -var _bindata = map[string]func() ([]byte, error){ - "schema.sql": schema_sql, -} - -// AssetDir returns the file names below a certain -// directory embedded in the file by go-bindata. -// For example if you run go-bindata on data/... and data contains the -// following hierarchy: -// data/ -// foo.txt -// img/ -// a.png -// b.png -// then AssetDir("data") would return []string{"foo.txt", "img"} -// AssetDir("data/img") would return []string{"a.png", "b.png"} -// AssetDir("foo.txt") and AssetDir("notexist") would return an error -// AssetDir("") will return []string{"data"}. -func AssetDir(name string) ([]string, error) { - node := _bintree - if len(name) != 0 { - cannonicalName := strings.Replace(name, "\\", "/", -1) - pathList := strings.Split(cannonicalName, "/") - for _, p := range pathList { - node = node.Children[p] - if node == nil { - return nil, fmt.Errorf("Asset %s not found", name) - } - } - } - if node.Func != nil { - return nil, fmt.Errorf("Asset %s not found", name) - } - rv := make([]string, 0, len(node.Children)) - for name := range node.Children { - rv = append(rv, name) - } - return rv, nil -} - -type _bintree_t struct { - Func func() ([]byte, error) - Children map[string]*_bintree_t -} - -var _bintree = &_bintree_t{nil, map[string]*_bintree_t{ - "schema.sql": &_bintree_t{schema_sql, map[string]*_bintree_t{}}, -}} diff --git a/cache.go b/cache.go index b1b1be9..47cff3a 100644 --- a/cache.go +++ b/cache.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/config.go b/cmd/writefreely/config.go index 32e3801..1c3e769 100644 --- a/cmd/writefreely/config.go +++ b/cmd/writefreely/config.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/db.go b/cmd/writefreely/db.go index ccae418..908e163 100644 --- a/cmd/writefreely/db.go +++ b/cmd/writefreely/db.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/keys.go b/cmd/writefreely/keys.go index 680cd4d..2e7cc8e 100644 --- a/cmd/writefreely/keys.go +++ b/cmd/writefreely/keys.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/main.go b/cmd/writefreely/main.go index 992d611..cd7ed69 100644 --- a/cmd/writefreely/main.go +++ b/cmd/writefreely/main.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/user.go b/cmd/writefreely/user.go index 8429513..2efb4b9 100644 --- a/cmd/writefreely/user.go +++ b/cmd/writefreely/user.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/cmd/writefreely/web.go b/cmd/writefreely/web.go index 02ae1c9..b91910c 100644 --- a/cmd/writefreely/web.go +++ b/cmd/writefreely/web.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/collections.go b/collections.go index beadf19..8368447 100644 --- a/collections.go +++ b/collections.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2022 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -24,18 +24,23 @@ import ( "unicode" "github.com/gorilla/mux" + stripmd "github.com/writeas/go-strip-markdown/v2" "github.com/writeas/impart" "github.com/writeas/web-core/activitystreams" "github.com/writeas/web-core/auth" "github.com/writeas/web-core/bots" + "github.com/writeas/web-core/i18n" "github.com/writeas/web-core/log" - waposts "github.com/writeas/web-core/posts" + "github.com/writeas/web-core/posts" "github.com/writefreely/writefreely/author" "github.com/writefreely/writefreely/config" "github.com/writefreely/writefreely/page" + "github.com/writefreely/writefreely/spam" "golang.org/x/net/idna" ) +const collAttrLetterReplyTo = "letter_reply_to" + type ( // TODO: add Direction to db // TODO: add Language to db @@ -58,6 +63,7 @@ type ( URL string `json:"url,omitempty"` Monetization string `json:"monetization_pointer,omitempty"` + Verification string `json:"verification_link"` db *datastore hostName string @@ -72,11 +78,20 @@ type ( DisplayCollection struct { *CollectionObj Prefix string + NavSuffix string IsTopLevel bool CurrentPage int TotalPages int Silenced bool } + + CollectionNav struct { + *Collection + Path string + SingleUser bool + CanPost bool + } + SubmittedCollection struct { // Data used for updating a given collection ID int64 @@ -87,6 +102,7 @@ type ( Privacy int `schema:"privacy" json:"privacy"` Pass string `schema:"password" json:"password"` MathJax bool `schema:"mathjax" json:"mathjax"` + EmailSubs bool `schema:"email_subs" json:"email_subs"` Handle string `schema:"handle" json:"handle"` // Actual collection values updated in the DB @@ -97,6 +113,8 @@ type ( Script *sql.NullString `schema:"script" json:"script"` Signature *sql.NullString `schema:"signature" json:"signature"` Monetization *string `schema:"monetization_pointer" json:"monetization_pointer"` + Verification *string `schema:"verification_link" json:"verification_link"` + LetterReply *string `schema:"letter_reply" json:"letter_reply"` Visibility *int `schema:"visibility" json:"public"` Format *sql.NullString `schema:"format" json:"format"` } @@ -258,16 +276,16 @@ func (c *Collection) RedirectingCanonicalURL(isRedir bool) string { // PrevPageURL provides a full URL for the previous page of collection posts, // returning a /page/N result for pages >1 -func (c *Collection) PrevPageURL(prefix string, n int, tl bool) string { +func (c *Collection) PrevPageURL(prefix, navSuffix string, n int, tl bool) string { u := "" if n == 2 { // Previous page is 1; no need for /page/ prefix if prefix == "" { - u = "/" + u = navSuffix + "/" } // Else leave off trailing slash } else { - u = fmt.Sprintf("/page/%d", n-1) + u = fmt.Sprintf("%s/page/%d", navSuffix, n-1) } if tl { @@ -277,11 +295,12 @@ func (c *Collection) PrevPageURL(prefix string, n int, tl bool) string { } // NextPageURL provides a full URL for the next page of collection posts -func (c *Collection) NextPageURL(prefix string, n int, tl bool) string { +func (c *Collection) NextPageURL(prefix, navSuffix string, n int, tl bool) string { + if tl { - return fmt.Sprintf("/page/%d", n+1) + return fmt.Sprintf("%s/page/%d", navSuffix, n+1) } - return fmt.Sprintf("/%s%s/page/%d", prefix, c.Alias, n+1) + return fmt.Sprintf("/%s%s%s/page/%d", prefix, c.Alias, navSuffix, n+1) } func (c *Collection) DisplayTitle() string { @@ -355,6 +374,10 @@ func (c *Collection) RenderMathJax() bool { return c.db.CollectionHasAttribute(c.ID, "render_mathjax") } +func (c *Collection) EmailSubsEnabled() bool { + return c.db.CollectionHasAttribute(c.ID, "email_subs") +} + func (c *Collection) MonetizationURL() string { if c.Monetization == "" { return "" @@ -362,10 +385,40 @@ func (c *Collection) MonetizationURL() string { return strings.Replace(c.Monetization, "$", "https://", 1) } +// DisplayDescription returns the description with rendered Markdown and HTML. +func (c *Collection) DisplayDescription() *template.HTML { + if c.Description == "" { + s := template.HTML("") + return &s + } + t := template.HTML(posts.ApplyBasicAccessibleMarkdown([]byte(c.Description))) + return &t +} + +// PlainDescription returns the description with all Markdown and HTML removed. +func (c *Collection) PlainDescription() string { + if c.Description == "" { + return "" + } + desc := stripHTMLWithoutEscaping(c.Description) + desc = stripmd.Strip(desc) + return desc +} + func (c CollectionPage) DisplayMonetization() string { return displayMonetization(c.Monetization, c.Alias) } +func (c *DisplayCollection) Direction() string { + if c.Language == "" { + return "auto" + } + if i18n.LangIsRTL(c.Language) { + return "rtl" + } + return "ltr" +} + func newCollection(app *App, w http.ResponseWriter, r *http.Request) error { reqJSON := IsJSON(r) alias := r.FormValue("alias") @@ -475,8 +528,7 @@ func apiCheckCollectionPermissions(app *App, r *http.Request, c *Collection) (in // fetchCollection handles the API endpoint for retrieving collection data. func fetchCollection(app *App, w http.ResponseWriter, r *http.Request) error { - accept := r.Header.Get("Accept") - if strings.Contains(accept, "application/activity+json") { + if IsActivityPubRequest(r) { return handleFetchCollectionActivities(app, w, r) } @@ -551,11 +603,11 @@ func fetchCollectionPosts(app *App, w http.ResponseWriter, r *http.Request) erro } } - posts, err := app.db.GetPosts(app.cfg, c, page, isCollOwner, false, false) + ps, err := app.db.GetPosts(app.cfg, c, page, isCollOwner, false, false) if err != nil { return err } - coll := &CollectionObj{Collection: *c, Posts: posts} + coll := &CollectionObj{Collection: *c, Posts: ps} app.db.GetPostsCount(coll, isCollOwner) // Strip non-public information coll.Collection.ForPublic() @@ -563,7 +615,7 @@ func fetchCollectionPosts(app *App, w http.ResponseWriter, r *http.Request) erro // Transform post bodies if needed if r.FormValue("body") == "html" { for _, p := range *coll.Posts { - p.Content = waposts.ApplyMarkdown([]byte(p.Content)) + p.Content = posts.ApplyMarkdown([]byte(p.Content)) } } @@ -577,18 +629,46 @@ type CollectionPage struct { IsWelcome bool IsOwner bool IsCollLoggedIn bool + Honeypot string + IsSubscriber bool CanPin bool Username string Monetization string + Flash template.HTML Collections *[]Collection PinnedPosts *[]PublicPost - IsAdmin bool - CanInvite bool + + IsAdmin bool + CanInvite bool // Helper field for Chorus mode CollAlias string } +type TagCollectionPage struct { + CollectionPage + Tag string +} + +func (tcp TagCollectionPage) PrevPageURL(prefix string, n int, tl bool) string { + u := fmt.Sprintf("/tag:%s", tcp.Tag) + if n > 2 { + u += fmt.Sprintf("/page/%d", n-1) + } + if tl { + return u + } + return "/" + prefix + tcp.Alias + u + +} + +func (tcp TagCollectionPage) NextPageURL(prefix string, n int, tl bool) string { + if tl { + return fmt.Sprintf("/tag:%s/page/%d", tcp.Tag, n+1) + } + return fmt.Sprintf("/%s%s/tag:%s/page/%d", prefix, tcp.Alias, tcp.Tag, n+1) +} + func NewCollectionObj(c *Collection) *CollectionObj { return &CollectionObj{ Collection: *c, @@ -823,14 +903,20 @@ func handleViewCollection(app *App, w http.ResponseWriter, r *http.Request) erro StaticPage: pageForReq(app, r), IsCustomDomain: cr.isCustomDomain, IsWelcome: r.FormValue("greeting") != "", + Honeypot: spam.HoneypotFieldName(), CollAlias: c.Alias, } + flashes, _ := getSessionFlashes(app, w, r, nil) + for _, f := range flashes { + displayPage.Flash = template.HTML(f) + } displayPage.IsAdmin = u != nil && u.IsAdmin() displayPage.CanInvite = canUserInvite(app.cfg, displayPage.IsAdmin) var owner *User if u != nil { displayPage.Username = u.Username displayPage.IsOwner = u.ID == coll.OwnerID + displayPage.IsSubscriber = u.IsEmailSubscriber(app, coll.ID) if displayPage.IsOwner { // Add in needed information for users viewing their own collection owner = u @@ -930,16 +1016,29 @@ func handleViewCollectionTag(app *App, w http.ResponseWriter, r *http.Request) e coll := newDisplayCollection(c, cr, page) + taggedPostIDs, err := app.db.GetAllPostsTaggedIDs(c, tag, cr.isCollOwner) + if err != nil { + return err + } + + ttlPosts := len(taggedPostIDs) + pagePosts := coll.Format.PostsPerPage() + coll.TotalPages = int(math.Ceil(float64(ttlPosts) / float64(pagePosts))) + if coll.TotalPages > 0 && page > coll.TotalPages { + redirURL := fmt.Sprintf("/page/%d", coll.TotalPages) + if !app.cfg.App.SingleUser { + redirURL = fmt.Sprintf("/%s%s%s", cr.prefix, coll.Alias, redirURL) + } + return impart.HTTPError{http.StatusFound, redirURL} + } + coll.Posts, _ = app.db.GetPostsTagged(app.cfg, c, tag, page, cr.isCollOwner) if coll.Posts != nil && len(*coll.Posts) == 0 { return ErrCollectionPageNotFound } // Serve collection - displayPage := struct { - CollectionPage - Tag string - }{ + displayPage := TagCollectionPage{ CollectionPage: CollectionPage{ DisplayCollection: coll, StaticPage: pageForReq(app, r), @@ -991,6 +1090,111 @@ func handleViewCollectionTag(app *App, w http.ResponseWriter, r *http.Request) e return nil } +func handleViewCollectionLang(app *App, w http.ResponseWriter, r *http.Request) error { + vars := mux.Vars(r) + lang := vars["lang"] + + cr := &collectionReq{} + err := processCollectionRequest(cr, vars, w, r) + if err != nil { + return err + } + + u, err := checkUserForCollection(app, cr, r, false) + if err != nil { + return err + } + + page := getCollectionPage(vars) + + c, err := processCollectionPermissions(app, cr, u, w, r) + if c == nil || err != nil { + return err + } + + coll := newDisplayCollection(c, cr, page) + coll.Language = lang + coll.NavSuffix = fmt.Sprintf("/lang:%s", lang) + + ttlPosts, err := app.db.GetCollLangTotalPosts(coll.ID, lang) + if err != nil { + log.Error("Unable to getCollLangTotalPosts: %s", err) + } + pagePosts := coll.Format.PostsPerPage() + coll.TotalPages = int(math.Ceil(float64(ttlPosts) / float64(pagePosts))) + if coll.TotalPages > 0 && page > coll.TotalPages { + redirURL := fmt.Sprintf("/lang:%s/page/%d", lang, coll.TotalPages) + if !app.cfg.App.SingleUser { + redirURL = fmt.Sprintf("/%s%s%s", cr.prefix, coll.Alias, redirURL) + } + return impart.HTTPError{http.StatusFound, redirURL} + } + + coll.Posts, _ = app.db.GetLangPosts(app.cfg, c, lang, page, cr.isCollOwner) + if err != nil { + return ErrCollectionPageNotFound + } + + // Serve collection + displayPage := struct { + CollectionPage + Tag string + }{ + CollectionPage: CollectionPage{ + DisplayCollection: coll, + StaticPage: pageForReq(app, r), + IsCustomDomain: cr.isCustomDomain, + }, + Tag: lang, + } + var owner *User + if u != nil { + displayPage.Username = u.Username + displayPage.IsOwner = u.ID == coll.OwnerID + if displayPage.IsOwner { + // Add in needed information for users viewing their own collection + owner = u + displayPage.CanPin = true + + pubColls, err := app.db.GetPublishableCollections(owner, app.cfg.App.Host) + if err != nil { + log.Error("unable to fetch collections: %v", err) + } + displayPage.Collections = pubColls + } + } + isOwner := owner != nil + if !isOwner { + // Current user doesn't own collection; retrieve owner information + owner, err = app.db.GetUserByID(coll.OwnerID) + if err != nil { + // Log the error and just continue + log.Error("Error getting user for collection: %v", err) + } + if owner.IsSilenced() { + return ErrCollectionNotFound + } + } + displayPage.Silenced = owner != nil && owner.IsSilenced() + displayPage.Owner = owner + coll.Owner = displayPage.Owner + // Add more data + // TODO: fix this mess of collections inside collections + displayPage.PinnedPosts, _ = app.db.GetPinnedPosts(coll.CollectionObj, isOwner) + displayPage.Monetization = app.db.GetCollectionAttribute(coll.ID, "monetization_pointer") + + collTmpl := "collection" + if app.cfg.App.Chorus { + collTmpl = "chorus-collection" + } + err = templates[collTmpl].ExecuteTemplate(w, "collection", displayPage) + if err != nil { + log.Error("Unable to render collection lang page: %v", err) + } + + return nil +} + func handleCollectionPostRedirect(app *App, w http.ResponseWriter, r *http.Request) error { vars := mux.Vars(r) slug := vars["slug"] @@ -1075,7 +1279,7 @@ func existingCollection(app *App, w http.ResponseWriter, r *http.Request) error } } - err = app.db.UpdateCollection(&c, collAlias) + err = app.db.UpdateCollection(app, &c, collAlias) if err != nil { if err, ok := err.(impart.HTTPError); ok { if reqJSON { diff --git a/config/config.go b/config/config.go index 0f07329..1afd5f3 100644 --- a/config/config.go +++ b/config/config.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -15,9 +15,9 @@ import ( "net/url" "strings" + "github.com/go-ini/ini" "github.com/writeas/web-core/log" "golang.org/x/net/idna" - "gopkg.in/ini.v1" ) const ( @@ -170,11 +170,17 @@ type ( DisablePasswordAuth bool `ini:"disable_password_auth"` } + EmailCfg struct { + Domain string `ini:"domain"` + MailgunPrivate string `ini:"mailgun_private"` + } + // Config holds the complete configuration for running a writefreely instance Config struct { Server ServerCfg `ini:"server"` Database DatabaseCfg `ini:"database"` App AppCfg `ini:"app"` + Email EmailCfg `ini:"email"` SlackOauth SlackOauthCfg `ini:"oauth.slack"` WriteAsOauth WriteAsOauthCfg `ini:"oauth.writeas"` GitlabOauth GitlabOauthCfg `ini:"oauth.gitlab"` @@ -235,6 +241,10 @@ func (ac *AppCfg) LandingPath() string { return ac.Landing } +func (lc EmailCfg) Enabled() bool { + return lc.Domain != "" && lc.MailgunPrivate != "" +} + func (ac AppCfg) SignupPath() string { if !ac.OpenRegistration { return "" diff --git a/config/data.go b/config/data.go index 1c12fdc..35b61cd 100644 --- a/config/data.go +++ b/config/data.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/config/funcs.go b/config/funcs.go index fc8c687..7c6fd4f 100644 --- a/config/funcs.go +++ b/config/funcs.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018, 2020-2021 A Bunch Tell LLC. + * Copyright © 2018, 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/config/setup.go b/config/setup.go index 08c479f..b00392d 100644 --- a/config/setup.go +++ b/config/setup.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -57,7 +57,7 @@ func Configure(fname string, configSections string) (*SetupData, error) { Success: "{{ . | bold | faint }}: ", } selTmpls := &promptui.SelectTemplates{ - Selected: fmt.Sprintf(`{{.Label}} {{ . | faint }}`), + Selected: `{{.Label}} {{ . | faint }}`, } var selPrompt promptui.Select diff --git a/config/validation.go b/config/validation.go index 598c9fe..f6b8a14 100644 --- a/config/validation.go +++ b/config/validation.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/database-lib.go b/database-lib.go index 8b28577..87a9dee 100644 --- a/database-lib.go +++ b/database-lib.go @@ -1,7 +1,8 @@ +//go:build wflib // +build wflib /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/database-no-sqlite.go b/database-no-sqlite.go index f2c7ffc..ef5104e 100644 --- a/database-no-sqlite.go +++ b/database-no-sqlite.go @@ -1,7 +1,8 @@ +//go:build !sqlite && !wflib // +build !sqlite,!wflib /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/database-sqlite.go b/database-sqlite.go index 10e701e..7d33315 100644 --- a/database-sqlite.go +++ b/database-sqlite.go @@ -1,7 +1,8 @@ +//go:build sqlite && !wflib // +build sqlite,!wflib /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/database.go b/database.go index f474ae9..85cce90 100644 --- a/database.go +++ b/database.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -14,9 +14,11 @@ import ( "context" "database/sql" "fmt" + "github.com/go-sql-driver/mysql" "github.com/writeas/web-core/silobridge" wf_db "github.com/writefreely/writefreely/db" "net/http" + "net/url" "strings" "time" @@ -95,7 +97,7 @@ type writestore interface { GetCollection(alias string) (*Collection, error) GetCollectionForPad(alias string) (*Collection, error) GetCollectionByID(id int64) (*Collection, error) - UpdateCollection(c *SubmittedCollection, alias string) error + UpdateCollection(app *App, c *SubmittedCollection, alias string) error DeleteCollection(alias string, userID int64) error UpdatePostPinState(pinned bool, postID string, collID, ownerID, pos int64) error @@ -113,6 +115,7 @@ type writestore interface { GetPostsCount(c *CollectionObj, includeFuture bool) GetPosts(cfg *config.Config, c *Collection, page int, includeFuture, forceRecentFirst, includePinned bool) (*[]PublicPost, error) + GetAllPostsTaggedIDs(c *Collection, tag string, includeFuture bool) ([]string, error) GetPostsTagged(cfg *config.Config, c *Collection, tag string, page int, includeFuture bool) (*[]PublicPost, error) GetAPFollowers(c *Collection) (*[]RemoteUser, error) @@ -171,6 +174,13 @@ func (db *datastore) upsert(indexedCols ...string) string { return "ON DUPLICATE KEY UPDATE" } +func (db *datastore) dateAdd(l int, unit string) string { + if db.driverName == driverSQLite { + return fmt.Sprintf("DATETIME('now', '%d %s')", l, unit) + } + return fmt.Sprintf("DATE_ADD(NOW(), INTERVAL %d %s)", l, unit) +} + func (db *datastore) dateSub(l int, unit string) string { if db.driverName == driverSQLite { return fmt.Sprintf("DATETIME('now', '-%d %s')", l, unit) @@ -332,7 +342,7 @@ func (db *datastore) IsUserSilenced(id int64) (bool, error) { err := db.QueryRow("SELECT status FROM users WHERE id = ?", id).Scan(&u.Status) switch { case err == sql.ErrNoRows: - return false, fmt.Errorf("is user silenced: %v", ErrUserNotFound) + return false, ErrUserNotFound case err != nil: log.Error("Couldn't SELECT user status: %v", err) return false, fmt.Errorf("is user silenced: %v", err) @@ -564,7 +574,7 @@ func (db *datastore) GetTemporaryOneTimeAccessToken(userID int64, validSecs int, expirationVal := "NULL" if validSecs > 0 { - expirationVal = fmt.Sprintf("DATE_ADD("+db.now()+", INTERVAL %d SECOND)", validSecs) + expirationVal = db.dateAdd(validSecs, "SECOND") } _, err = db.Exec("INSERT INTO accesstokens (token, user_id, one_time, expires) VALUES (?, ?, ?, "+expirationVal+")", string(binTok), userID, oneTime) @@ -661,7 +671,7 @@ func (db *datastore) CreatePost(userID, collID int64, post *SubmittedPost) (*Pos // SQLite stores datetimes in UTC, so convert time.Now() to it here created = created.UTC() } - if post.Created != nil { + if post.Created != nil && *post.Created != "" { created, err = time.Parse("2006-01-02T15:04:05Z", *post.Created) if err != nil { log.Error("Unable to parse Created time '%s': %v", *post.Created, err) @@ -814,6 +824,7 @@ func (db *datastore) GetCollectionBy(condition string, value interface{}) (*Coll c.Format = format.String c.Public = c.IsPublic() c.Monetization = db.GetCollectionAttribute(c.ID, "monetization_pointer") + c.Verification = db.GetCollectionAttribute(c.ID, "verification_link") c.db = db @@ -850,7 +861,7 @@ func (db *datastore) GetCollectionFromDomain(host string) (*Collection, error) { return db.GetCollectionBy("host = ?", host) } -func (db *datastore) UpdateCollection(c *SubmittedCollection, alias string) error { +func (db *datastore) UpdateCollection(app *App, c *SubmittedCollection, alias string) error { q := query.NewUpdate(). SetStringPtr(c.Title, "title"). SetStringPtr(c.Description, "description"). @@ -909,6 +920,44 @@ func (db *datastore) UpdateCollection(c *SubmittedCollection, alias string) erro } } + // Update Verification link value + if c.Verification != nil { + skipUpdate := false + if *c.Verification != "" { + // Strip away any excess spaces + trimmed := strings.TrimSpace(*c.Verification) + if strings.HasPrefix(trimmed, "@") && strings.Count(trimmed, "@") == 2 { + // This looks like a fediverse handle, so resolve profile URL + profileURL, err := GetProfileURLFromHandle(app, trimmed) + if err != nil || profileURL == "" { + log.Error("Couldn't find user %s: %v", trimmed, err) + skipUpdate = true + } else { + c.Verification = &profileURL + } + } else { + if !strings.HasPrefix(trimmed, "http") { + trimmed = "https://" + trimmed + } + vu, err := url.Parse(trimmed) + if err != nil { + // Value appears invalid, so don't update + skipUpdate = true + } else { + s := vu.String() + c.Verification = &s + } + } + } + if !skipUpdate { + err = db.SetCollectionAttribute(collID, "verification_link", *c.Verification) + if err != nil { + log.Error("Unable to insert verification_link value: %v", err) + return err + } + } + } + // Update Monetization value if c.Monetization != nil { skipUpdate := false @@ -924,7 +973,7 @@ func (db *datastore) UpdateCollection(c *SubmittedCollection, alias string) erro } } if !skipUpdate { - _, err = db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE value = ?", collID, "monetization_pointer", *c.Monetization, *c.Monetization) + _, err = db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?) "+db.upsert("collection_id", "attribute")+" value = ?", collID, "monetization_pointer", *c.Monetization, *c.Monetization) if err != nil { log.Error("Unable to insert monetization_pointer value: %v", err) return err @@ -932,6 +981,40 @@ func (db *datastore) UpdateCollection(c *SubmittedCollection, alias string) erro } } + // Update EmailSub value + if c.EmailSubs { + err = db.SetCollectionAttribute(collID, "email_subs", "1") + if err != nil { + log.Error("Unable to insert email_subs value: %v", err) + return err + } + skipUpdate := false + if c.LetterReply != nil { + // Strip away any excess spaces + trimmed := strings.TrimSpace(*c.LetterReply) + // Only update value when it contains "@" + if strings.IndexRune(trimmed, '@') > 0 { + c.LetterReply = &trimmed + } else { + // Value appears invalid, so don't update + skipUpdate = true + } + if !skipUpdate { + err = db.SetCollectionAttribute(collID, collAttrLetterReplyTo, *c.LetterReply) + if err != nil { + log.Error("Unable to insert %s value: %v", collAttrLetterReplyTo, err) + return err + } + } + } + } else { + _, err = db.Exec("DELETE FROM collectionattributes WHERE collection_id = ? AND attribute = ?", collID, "email_subs") + if err != nil { + log.Error("Unable to delete email_subs value: %v", err) + return err + } + } + // Update rest of the collection data if q.Updates != "" { res, err = db.Exec("UPDATE collections SET "+q.Updates+" WHERE "+q.Conditions, q.Params...) @@ -1195,6 +1278,51 @@ func (db *datastore) GetPosts(cfg *config.Config, c *Collection, page int, inclu return &posts, nil } +func (db *datastore) GetAllPostsTaggedIDs(c *Collection, tag string, includeFuture bool) ([]string, error) { + collID := c.ID + + cf := c.NewFormat() + order := "DESC" + if cf.Ascending() { + order = "ASC" + } + + timeCondition := "" + if !includeFuture { + timeCondition = "AND created <= NOW()" + } + var rows *sql.Rows + var err error + if db.driverName == driverSQLite { + rows, err = db.Query("SELECT id FROM posts WHERE collection_id = ? AND LOWER(content) regexp ? "+timeCondition+" ORDER BY created "+order, collID, `.*#`+strings.ToLower(tag)+`\b.*`) + } else { + rows, err = db.Query("SELECT id FROM posts WHERE collection_id = ? AND LOWER(content) RLIKE ? "+timeCondition+" ORDER BY created "+order, collID, "#"+strings.ToLower(tag)+"[[:>:]]") + } + if err != nil { + log.Error("Failed selecting tagged posts: %v", err) + return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve tagged collection posts."} + } + defer rows.Close() + + ids := []string{} + for rows.Next() { + var id string + err = rows.Scan(&id) + if err != nil { + log.Error("Failed scanning row: %v", err) + break + } + + ids = append(ids, id) + } + err = rows.Err() + if err != nil { + log.Error("Error after Next() on rows: %v", err) + } + + return ids, nil +} + // GetPostsTagged retrieves all posts on the given Collection that contain the // given tag. // It will return future posts if `includeFuture` is true. @@ -1260,6 +1388,74 @@ func (db *datastore) GetPostsTagged(cfg *config.Config, c *Collection, tag strin return &posts, nil } +func (db *datastore) GetCollLangTotalPosts(collID int64, lang string) (uint64, error) { + var articles uint64 + err := db.QueryRow("SELECT COUNT(*) FROM posts WHERE collection_id = ? AND language = ? AND created <= "+db.now(), collID, lang).Scan(&articles) + if err != nil && err != sql.ErrNoRows { + log.Error("Couldn't get total lang posts count for collection %d: %v", collID, err) + return 0, err + } + return articles, nil +} + +func (db *datastore) GetLangPosts(cfg *config.Config, c *Collection, lang string, page int, includeFuture bool) (*[]PublicPost, error) { + collID := c.ID + + cf := c.NewFormat() + order := "DESC" + if cf.Ascending() { + order = "ASC" + } + + pagePosts := cf.PostsPerPage() + start := page*pagePosts - pagePosts + if page == 0 { + start = 0 + pagePosts = 1000 + } + + limitStr := "" + if page > 0 { + limitStr = fmt.Sprintf(" LIMIT %d, %d", start, pagePosts) + } + timeCondition := "" + if !includeFuture { + timeCondition = "AND created <= " + db.now() + } + + rows, err := db.Query(`SELECT `+postCols+` +FROM posts +WHERE collection_id = ? AND language = ? `+timeCondition+` +ORDER BY created `+order+limitStr, collID, lang) + if err != nil { + log.Error("Failed selecting from posts: %v", err) + return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve collection posts."} + } + defer rows.Close() + + // TODO: extract this common row scanning logic for queries using `postCols` + posts := []PublicPost{} + for rows.Next() { + p := &Post{} + err = rows.Scan(&p.ID, &p.Slug, &p.Font, &p.Language, &p.RTL, &p.Privacy, &p.OwnerID, &p.CollectionID, &p.PinnedPosition, &p.Created, &p.Updated, &p.ViewCount, &p.Title, &p.Content) + if err != nil { + log.Error("Failed scanning row: %v", err) + break + } + p.extractData() + p.augmentContent(c) + p.formatContent(cfg, c, includeFuture, false) + + posts = append(posts, p.processPost()) + } + err = rows.Err() + if err != nil { + log.Error("Error after Next() on rows: %v", err) + } + + return &posts, nil +} + func (db *datastore) GetAPFollowers(c *Collection) (*[]RemoteUser, error) { rows, err := db.Query("SELECT actor_id, inbox, shared_inbox FROM remotefollows f INNER JOIN remoteusers u ON f.remote_user_id = u.id WHERE collection_id = ?", c.ID) if err != nil { @@ -1688,7 +1884,7 @@ func (db *datastore) GetPublicCollections(hostName string) (*[]Collection, error FROM collections c LEFT JOIN users u ON u.id = c.owner_id WHERE c.privacy = 1 AND u.status = 0 - ORDER BY id ASC`) + ORDER BY title ASC`) if err != nil { log.Error("Failed selecting public collections: %v", err) return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve public collections."} @@ -1774,7 +1970,7 @@ func (db *datastore) GetTopPosts(u *User, alias string, hostName string) (*[]Pub where = " AND alias = ?" params = append(params, alias) } - rows, err := db.Query("SELECT p.id, p.slug, p.view_count, p.title, c.alias, c.title, c.description, c.view_count FROM posts p LEFT JOIN collections c ON p.collection_id = c.id WHERE p.owner_id = ?"+where+" ORDER BY p.view_count DESC, created DESC LIMIT 25", params...) + rows, err := db.Query("SELECT p.id, p.slug, p.view_count, p.title, p.content, c.alias, c.title, c.description, c.view_count FROM posts p LEFT JOIN collections c ON p.collection_id = c.id WHERE p.owner_id = ?"+where+" ORDER BY p.view_count DESC, created DESC LIMIT 25", params...) if err != nil { log.Error("Failed selecting from posts: %v", err) return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user top posts."} @@ -1788,7 +1984,7 @@ func (db *datastore) GetTopPosts(u *User, alias string, hostName string) (*[]Pub c := Collection{} var alias, title, description sql.NullString var views sql.NullInt64 - err = rows.Scan(&p.ID, &p.Slug, &p.ViewCount, &p.Title, &alias, &title, &description, &views) + err = rows.Scan(&p.ID, &p.Slug, &p.ViewCount, &p.Title, &p.Content, &alias, &title, &description, &views) if err != nil { log.Error("Failed scanning User.getPosts() row: %v", err) gotErr = true @@ -1833,7 +2029,7 @@ func (db *datastore) GetAnonymousPosts(u *User, page int) (*[]PublicPost, error) if page > 0 { limitStr = fmt.Sprintf(" LIMIT %d, %d", start, pagePosts) } - rows, err := db.Query("SELECT id, view_count, title, created, updated, content FROM posts WHERE owner_id = ? AND collection_id IS NULL ORDER BY created DESC"+limitStr, u.ID) + rows, err := db.Query("SELECT id, view_count, title, language, created, updated, content FROM posts WHERE owner_id = ? AND collection_id IS NULL ORDER BY created DESC"+limitStr, u.ID) if err != nil { log.Error("Failed selecting from posts: %v", err) return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve user anonymous posts."} @@ -1843,7 +2039,7 @@ func (db *datastore) GetAnonymousPosts(u *User, page int) (*[]PublicPost, error) posts := []PublicPost{} for rows.Next() { p := Post{} - err = rows.Scan(&p.ID, &p.ViewCount, &p.Title, &p.Created, &p.Updated, &p.Content) + err = rows.Scan(&p.ID, &p.ViewCount, &p.Title, &p.Language, &p.Created, &p.Updated, &p.Content) if err != nil { log.Error("Failed scanning row: %v", err) break @@ -2228,7 +2424,7 @@ func (db *datastore) GetCollectionAttribute(id int64, attr string) string { } func (db *datastore) SetCollectionAttribute(id int64, attr, v string) error { - _, err := db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?)", id, attr, v) + _, err := db.Exec("INSERT INTO collectionattributes (collection_id, attribute, value) VALUES (?, ?, ?) "+db.upsert("collection_id", "attribute")+" value = ?", id, attr, v, v) if err != nil { log.Error("Unable to INSERT into collectionattributes: %v", err) return err @@ -2765,6 +2961,7 @@ func handleFailedPostInsert(err error) error { return err } +// Deprecated: use GetProfileURLFromHandle() instead, which returns user-facing URL instead of actor_id func (db *datastore) GetProfilePageFromHandle(app *App, handle string) (string, error) { handle = strings.TrimLeft(handle, "@") actorIRI := "" @@ -2813,3 +3010,247 @@ func (db *datastore) GetProfilePageFromHandle(app *App, handle string) (string, } return actorIRI, nil } + +func (db *datastore) AddEmailSubscription(collID, userID int64, email string, confirmed bool) (*EmailSubscriber, error) { + friendlyChars := "0123456789BCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz" + subID := id.GenerateRandomString(friendlyChars, 8) + token := id.GenerateRandomString(friendlyChars, 16) + emailVal := sql.NullString{ + String: email, + Valid: email != "", + } + userIDVal := sql.NullInt64{ + Int64: userID, + Valid: userID > 0, + } + + _, err := db.Exec("INSERT INTO emailsubscribers (id, collection_id, user_id, email, subscribed, token, confirmed) VALUES (?, ?, ?, ?, "+db.now()+", ?, ?)", subID, collID, userIDVal, emailVal, token, confirmed) + if err != nil { + if mysqlErr, ok := err.(*mysql.MySQLError); ok { + if mysqlErr.Number == mySQLErrDuplicateKey { + // Duplicate, so just return existing subscriber information + log.Info("Duplicate subscriber for email %s, user %d; returning existing subscriber", email, userID) + return db.FetchEmailSubscriber(email, userID, collID) + } + } + return nil, err + } + + return &EmailSubscriber{ + ID: subID, + CollID: collID, + UserID: userIDVal, + Email: emailVal, + Token: token, + }, nil +} + +func (db *datastore) IsEmailSubscriber(email string, userID, collID int64) bool { + var dummy int + var err error + if email != "" { + err = db.QueryRow("SELECT 1 FROM emailsubscribers WHERE email = ? AND collection_id = ?", email, collID).Scan(&dummy) + } else { + err = db.QueryRow("SELECT 1 FROM emailsubscribers WHERE user_id = ? AND collection_id = ?", userID, collID).Scan(&dummy) + } + switch { + case err == sql.ErrNoRows: + return false + case err != nil: + return false + } + return true +} + +func (db *datastore) GetEmailSubscribers(collID int64, reqConfirmed bool) ([]*EmailSubscriber, error) { + cond := "" + if reqConfirmed { + cond = " AND confirmed = 1" + } + rows, err := db.Query(`SELECT s.id, collection_id, user_id, s.email, u.email, subscribed, token, confirmed, allow_export +FROM emailsubscribers s +LEFT JOIN users u + ON u.id = user_id +WHERE collection_id = ?`+cond+` +ORDER BY subscribed DESC`, collID) + if err != nil { + log.Error("Failed selecting email subscribers for collection %d: %v", collID, err) + return nil, err + } + defer rows.Close() + + var subs []*EmailSubscriber + for rows.Next() { + s := &EmailSubscriber{} + err = rows.Scan(&s.ID, &s.CollID, &s.UserID, &s.Email, &s.acctEmail, &s.Subscribed, &s.Token, &s.Confirmed, &s.AllowExport) + if err != nil { + log.Error("Failed scanning row from email subscribers: %v", err) + continue + } + subs = append(subs, s) + } + return subs, nil +} + +func (db *datastore) FetchEmailSubscriberEmail(subID, token string) (string, error) { + var email sql.NullString + // TODO: return user email if there's a user_id ? + err := db.QueryRow("SELECT email FROM emailsubscribers WHERE id = ? AND token = ?", subID, token).Scan(&email) + switch { + case err == sql.ErrNoRows: + return "", fmt.Errorf("Subscriber doesn't exist or token is invalid.") + case err != nil: + log.Error("Couldn't SELECT email from emailsubscribers: %v", err) + return "", fmt.Errorf("Something went very wrong.") + } + + return email.String, nil +} + +func (db *datastore) FetchEmailSubscriber(email string, userID, collID int64) (*EmailSubscriber, error) { + const emailSubCols = "id, collection_id, user_id, email, subscribed, token, confirmed, allow_export" + + s := &EmailSubscriber{} + var row *sql.Row + if email != "" { + row = db.QueryRow("SELECT "+emailSubCols+" FROM emailsubscribers WHERE email = ? AND collection_id = ?", email, collID) + } else { + row = db.QueryRow("SELECT "+emailSubCols+" FROM emailsubscribers WHERE user_id = ? AND collection_id = ?", userID, collID) + } + err := row.Scan(&s.ID, &s.CollID, &s.UserID, &s.Email, &s.Subscribed, &s.Token, &s.Confirmed, &s.AllowExport) + switch { + case err == sql.ErrNoRows: + return nil, nil + case err != nil: + return nil, err + } + return s, nil +} + +func (db *datastore) DeleteEmailSubscriber(subID, token string) error { + res, err := db.Exec("DELETE FROM emailsubscribers WHERE id = ? AND token = ?", subID, token) + if err != nil { + return err + } + + rowsAffected, _ := res.RowsAffected() + if rowsAffected == 0 { + return impart.HTTPError{http.StatusNotFound, "Invalid token, or subscriber doesn't exist"} + } + return nil +} + +func (db *datastore) DeleteEmailSubscriberByUser(email string, userID, collID int64) error { + var res sql.Result + var err error + if email != "" { + res, err = db.Exec("DELETE FROM emailsubscribers WHERE email = ? AND collection_id = ?", email, collID) + } else { + res, err = db.Exec("DELETE FROM emailsubscribers WHERE user_id = ? AND collection_id = ?", userID, collID) + } + if err != nil { + return err + } + + rowsAffected, _ := res.RowsAffected() + if rowsAffected == 0 { + return impart.HTTPError{http.StatusNotFound, "Subscriber doesn't exist"} + } + return nil +} + +func (db *datastore) UpdateSubscriberConfirmed(subID, token string) error { + email, err := db.FetchEmailSubscriberEmail(subID, token) + if err != nil { + log.Error("Didn't fetch email subscriber: %v", err) + return err + } + + // TODO: ensure all addresses with original name are also confirmed, e.g. matt+fake@write.as and matt@write.as are now confirmed + _, err = db.Exec("UPDATE emailsubscribers SET confirmed = 1 WHERE email = ?", email) + if err != nil { + log.Error("Could not update email subscriber confirmation status: %v", err) + return err + } + return nil +} + +func (db *datastore) IsSubscriberConfirmed(email string) bool { + var dummy int64 + err := db.QueryRow("SELECT 1 FROM emailsubscribers WHERE email = ? AND confirmed = 1", email).Scan(&dummy) + switch { + case err == sql.ErrNoRows: + return false + case err != nil: + log.Error("Couldn't SELECT in isSubscriberConfirmed: %v", err) + return false + } + + return true +} + +func (db *datastore) InsertJob(j *PostJob) error { + res, err := db.Exec("INSERT INTO publishjobs (post_id, action, delay) VALUES (?, ?, ?)", j.PostID, j.Action, j.Delay) + if err != nil { + return err + } + jobID, err := res.LastInsertId() + if err != nil { + log.Error("[jobs] Couldn't get last insert ID! %s", err) + } + log.Info("[jobs] Queued %s job #%d for post %s, delayed %d minutes", j.Action, jobID, j.PostID, j.Delay) + return nil +} + +func (db *datastore) UpdateJobForPost(postID string, delay int64) error { + _, err := db.Exec("UPDATE publishjobs SET delay = ? WHERE post_id = ?", delay, postID) + if err != nil { + return fmt.Errorf("Unable to update publish job: %s", err) + } + log.Info("Updated job for post %s: delay %d", postID, delay) + return nil +} + +func (db *datastore) DeleteJob(id int64) error { + _, err := db.Exec("DELETE FROM publishjobs WHERE id = ?", id) + if err != nil { + return err + } + log.Info("[job #%d] Deleted.", id) + return nil +} + +func (db *datastore) DeleteJobByPost(postID string) error { + _, err := db.Exec("DELETE FROM publishjobs WHERE post_id = ?", postID) + if err != nil { + return err + } + log.Info("[job] Deleted job for post %s", postID) + return nil +} + +func (db *datastore) GetJobsToRun(action string) ([]*PostJob, error) { + timeWhere := "created < DATE_SUB(NOW(), INTERVAL delay MINUTE) AND created > DATE_SUB(NOW(), INTERVAL delay + 5 MINUTE)" + if db.driverName == driverSQLite { + timeWhere = "created < DATETIME('now', '-' || delay || ' MINUTE') AND created > DATETIME('now', '-' || (delay+5) || ' MINUTE')" + } + rows, err := db.Query(`SELECT pj.id, post_id, action, delay + FROM publishjobs pj + INNER JOIN posts p + ON post_id = p.id + WHERE action = ? AND `+timeWhere+` + ORDER BY created ASC`, action) + if err != nil { + log.Error("Failed selecting from publishjobs: %v", err) + return nil, impart.HTTPError{http.StatusInternalServerError, "Couldn't retrieve publish jobs."} + } + defer rows.Close() + + jobs := []*PostJob{} + for rows.Next() { + j := &PostJob{} + err = rows.Scan(&j.ID, &j.PostID, &j.Action, &j.Delay) + jobs = append(jobs, j) + } + return jobs, nil +} diff --git a/db/create.go b/db/create.go index 648f93a..1e9e679 100644 --- a/db/create.go +++ b/db/create.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -247,10 +247,7 @@ func (b *CreateTableSqlBuilder) ToSQL() (string, error) { } things = append(things, columnStr) } - for _, constraint := range b.Constraints { - things = append(things, constraint) - } - + things = append(things, b.Constraints...) if thingLen := len(things); thingLen > 0 { str.WriteString(" ( ") for i, thing := range things { diff --git a/email.go b/email.go new file mode 100644 index 0000000..da4590e --- /dev/null +++ b/email.go @@ -0,0 +1,462 @@ +/* + * Copyright © 2019-2021 Musing Studio LLC. + * + * This file is part of WriteFreely. + * + * WriteFreely is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, included + * in the LICENSE file in this source code package. + */ + +package writefreely + +import ( + "database/sql" + "encoding/json" + "fmt" + "html/template" + "net/http" + "strings" + "time" + + "github.com/aymerick/douceur/inliner" + "github.com/gorilla/mux" + "github.com/mailgun/mailgun-go" + stripmd "github.com/writeas/go-strip-markdown/v2" + "github.com/writeas/impart" + "github.com/writeas/web-core/data" + "github.com/writeas/web-core/log" + "github.com/writefreely/writefreely/key" + "github.com/writefreely/writefreely/spam" +) + +const ( + emailSendDelay = 15 +) + +type ( + SubmittedSubscription struct { + CollAlias string + UserID int64 + + Email string `schema:"email" json:"email"` + Web bool `schema:"web" json:"web"` + Slug string `schema:"slug" json:"slug"` + From string `schema:"from" json:"from"` + } + + EmailSubscriber struct { + ID string + CollID int64 + UserID sql.NullInt64 + Email sql.NullString + Subscribed time.Time + Token string + Confirmed bool + AllowExport bool + acctEmail sql.NullString + } +) + +func (es *EmailSubscriber) FinalEmail(keys *key.Keychain) string { + if !es.UserID.Valid || es.Email.Valid { + return es.Email.String + } + + decEmail, err := data.Decrypt(keys.EmailKey, []byte(es.acctEmail.String)) + if err != nil { + log.Error("Error decrypting user email: %v", err) + return "" + } + return string(decEmail) +} + +func (es *EmailSubscriber) SubscribedFriendly() string { + return es.Subscribed.Format("January 2, 2006") +} + +func handleCreateEmailSubscription(app *App, w http.ResponseWriter, r *http.Request) error { + reqJSON := IsJSON(r) + vars := mux.Vars(r) + var err error + + ss := SubmittedSubscription{ + CollAlias: vars["alias"], + } + u := getUserSession(app, r) + if u != nil { + ss.UserID = u.ID + } + if reqJSON { + // Decode JSON request + decoder := json.NewDecoder(r.Body) + err = decoder.Decode(&ss) + if err != nil { + log.Error("Couldn't parse new subscription JSON request: %v\n", err) + return ErrBadJSON + } + } else { + err = r.ParseForm() + if err != nil { + log.Error("Couldn't parse new subscription form request: %v\n", err) + return ErrBadFormData + } + + err = app.formDecoder.Decode(&ss, r.PostForm) + if err != nil { + log.Error("Continuing, but error decoding new subscription form request: %v\n", err) + //return ErrBadFormData + } + } + + c, err := app.db.GetCollection(ss.CollAlias) + if err != nil { + log.Error("getCollection: %s", err) + return err + } + c.hostName = app.cfg.App.Host + + from := c.CanonicalURL() + isAuthorBanned, err := app.db.IsUserSilenced(c.OwnerID) + if isAuthorBanned { + log.Info("Author is silenced, so subscription is blocked.") + return impart.HTTPError{http.StatusFound, from} + } + + if ss.Web { + if u != nil && u.ID == c.OwnerID { + from = "/" + c.Alias + "/" + } + from += ss.Slug + } + + if r.FormValue(spam.HoneypotFieldName()) != "" || r.FormValue("fake_password") != "" { + log.Info("Honeypot field was filled out! Not subscribing.") + return impart.HTTPError{http.StatusFound, from} + } + + if ss.Email == "" && ss.UserID < 1 { + log.Info("No subscriber data. Not subscribing.") + return impart.HTTPError{http.StatusFound, from} + } + + confirmed := app.db.IsSubscriberConfirmed(ss.Email) + es, err := app.db.AddEmailSubscription(c.ID, ss.UserID, ss.Email, confirmed) + if err != nil { + log.Error("addEmailSubscription: %s", err) + return err + } + + // Send confirmation email if needed + if !confirmed { + err = sendSubConfirmEmail(app, c, ss.Email, es.ID, es.Token) + if err != nil { + log.Error("Failed to send subscription confirmation email: %s", err) + return err + } + } + + if ss.Web { + session, err := app.sessionStore.Get(r, userEmailCookieName) + if err != nil { + // The cookie should still save, even if there's an error. + // Source: https://github.com/gorilla/sessions/issues/16#issuecomment-143642144 + log.Error("Getting user email cookie: %v; ignoring", err) + } + if confirmed { + addSessionFlash(app, w, r, "Subscribed. You'll now receive future blog posts via email.", nil) + } else { + addSessionFlash(app, w, r, "Please check your email and click the confirmation link to subscribe.", nil) + } + session.Values[userEmailCookieVal] = ss.Email + err = session.Save(r, w) + if err != nil { + log.Error("save email cookie: %s", err) + return err + } + + return impart.HTTPError{http.StatusFound, from} + } + return impart.WriteSuccess(w, "", http.StatusAccepted) +} + +func handleDeleteEmailSubscription(app *App, w http.ResponseWriter, r *http.Request) error { + alias := collectionAliasFromReq(r) + + vars := mux.Vars(r) + subID := vars["subscriber"] + email := r.FormValue("email") + token := r.FormValue("t") + slug := r.FormValue("slug") + isWeb := r.Method == "GET" + + // Display collection if this is a collection + var c *Collection + var err error + if app.cfg.App.SingleUser { + c, err = app.db.GetCollectionByID(1) + } else { + c, err = app.db.GetCollection(alias) + } + if err != nil { + log.Error("Get collection: %s", err) + return err + } + + from := c.CanonicalURL() + + if subID != "" { + // User unsubscribing via email, so assume action is taken by either current + // user or not current user, and only use the request's information to + // satisfy this unsubscribe, i.e. subscriberID and token. + err = app.db.DeleteEmailSubscriber(subID, token) + } else { + // User unsubscribing through the web app, so assume action is taken by + // currently-auth'd user. + var userID int64 + u := getUserSession(app, r) + if u != nil { + // User is logged in + userID = u.ID + if userID == c.OwnerID { + from = "/" + c.Alias + "/" + } + } + if email == "" && userID <= 0 { + // Get email address from saved cookie + session, err := app.sessionStore.Get(r, userEmailCookieName) + if err != nil { + log.Error("Unable to get email cookie: %s", err) + } else { + email = session.Values[userEmailCookieVal].(string) + } + } + + if email == "" && userID <= 0 { + err = fmt.Errorf("No subscriber given.") + log.Error("Not deleting subscription: %s", err) + return err + } + + err = app.db.DeleteEmailSubscriberByUser(email, userID, c.ID) + } + if err != nil { + log.Error("Unable to delete subscriber: %v", err) + return err + } + + if isWeb { + from += slug + addSessionFlash(app, w, r, "Unsubscribed. You will no longer receive these blog posts via email.", nil) + return impart.HTTPError{http.StatusFound, from} + } + return impart.WriteSuccess(w, "", http.StatusAccepted) +} + +func handleConfirmEmailSubscription(app *App, w http.ResponseWriter, r *http.Request) error { + alias := collectionAliasFromReq(r) + subID := mux.Vars(r)["subscriber"] + token := r.FormValue("t") + + var c *Collection + var err error + if app.cfg.App.SingleUser { + c, err = app.db.GetCollectionByID(1) + } else { + c, err = app.db.GetCollection(alias) + } + if err != nil { + log.Error("Get collection: %s", err) + return err + } + + from := c.CanonicalURL() + + err = app.db.UpdateSubscriberConfirmed(subID, token) + if err != nil { + addSessionFlash(app, w, r, err.Error(), nil) + return impart.HTTPError{http.StatusFound, from} + } + + addSessionFlash(app, w, r, "Confirmed! Thanks. Now you'll receive future blog posts via email.", nil) + return impart.HTTPError{http.StatusFound, from} +} + +func emailPost(app *App, p *PublicPost, collID int64) error { + p.augmentContent() + + // Do some shortcode replacement. + // Since the user is receiving this email, we can assume they're subscribed via email. + p.Content = strings.Replace(p.Content, "", `

You're subscribed to email updates.

`, -1) + + if p.HTMLContent == template.HTML("") { + p.formatContent(app.cfg, false, false) + } + p.augmentReadingDestination() + + title := p.Title.String + if title != "" { + title = p.Title.String + "\n\n" + } + plainMsg := title + "A new post from " + p.CanonicalURL(app.cfg.App.Host) + "\n\n" + stripmd.Strip(p.Content) + plainMsg += ` + +--------------------------------------------------------------------------------- + +Originally published on ` + p.Collection.DisplayTitle() + ` (` + p.Collection.CanonicalURL() + `), a blog you subscribe to. + +Sent to %recipient.to%. Unsubscribe: ` + p.Collection.CanonicalURL() + `email/unsubscribe/%recipient.id%?t=%recipient.token%` + + gun := mailgun.NewMailgun(app.cfg.Email.Domain, app.cfg.Email.MailgunPrivate) + m := mailgun.NewMessage(p.Collection.DisplayTitle()+" <"+p.Collection.Alias+"@"+app.cfg.Email.Domain+">", stripmd.Strip(p.DisplayTitle()), plainMsg) + replyTo := app.db.GetCollectionAttribute(collID, collAttrLetterReplyTo) + if replyTo != "" { + m.SetReplyTo(replyTo) + } + + subs, err := app.db.GetEmailSubscribers(collID, true) + if err != nil { + log.Error("Unable to get email subscribers: %v", err) + return err + } + if len(subs) == 0 { + return nil + } + + if title != "" { + title = string(`

` + p.FormattedDisplayTitle() + `

`) + } + m.AddTag("New post") + + fontFam := "Lora, Palatino, Baskerville, serif" + if p.IsSans() { + fontFam = `"Open Sans", Tahoma, Arial, sans-serif` + } else if p.IsMonospace() { + fontFam = `Hack, consolas, Menlo-Regular, Menlo, Monaco, monospace, monospace` + } + + // TODO: move this to a templated file and LESS-generated stylesheet + fullHTML := ` + + + + +
` + title + `

From ` + p.DisplayCanonicalURL() + `

+ +` + string(p.HTMLContent) + `
+
+ + +` + + // inline CSS + html, err := inliner.Inline(fullHTML) + if err != nil { + log.Error("Unable to inline email HTML: %v", err) + return err + } + + m.SetHtml(html) + + log.Info("[email] Adding %d recipient(s)", len(subs)) + for _, s := range subs { + e := s.FinalEmail(app.keys) + log.Info("[email] Adding %s", e) + err = m.AddRecipientAndVariables(e, map[string]interface{}{ + "id": s.ID, + "to": e, + "token": s.Token, + }) + if err != nil { + log.Error("Unable to add receipient %s: %s", e, err) + } + } + + res, _, err := gun.Send(m) + log.Info("[email] Send result: %s", res) + if err != nil { + log.Error("Unable to send post email: %v", err) + return err + } + + return nil +} + +func sendSubConfirmEmail(app *App, c *Collection, email, subID, token string) error { + if email == "" { + return fmt.Errorf("You must supply an email to verify.") + } + + // Send email + gun := mailgun.NewMailgun(app.cfg.Email.Domain, app.cfg.Email.MailgunPrivate) + + plainMsg := "Confirm your subscription to " + c.DisplayTitle() + ` (` + c.CanonicalURL() + `) to start receiving future posts. Simply click the following link (or copy and paste it into your browser): + +` + c.CanonicalURL() + "email/confirm/" + subID + "?t=" + token + ` + +If you didn't subscribe to this site or you're not sure why you're getting this email, you can delete it. You won't be subscribed or receive any future emails.` + m := mailgun.NewMessage(c.DisplayTitle()+" <"+c.Alias+"@"+app.cfg.Email.Domain+">", "Confirm your subscription to "+c.DisplayTitle(), plainMsg, fmt.Sprintf("<%s>", email)) + m.AddTag("Email Verification") + + m.SetHtml(` + +
+

Confirm your subscription to ` + c.DisplayTitle() + ` to start receiving future posts:

+

Subscribe to ` + c.DisplayTitle() + `

+

If you didn't subscribe to this site or you're not sure why you're getting this email, you can delete it. You won't be subscribed or receive any future emails.

+
+ +`) + gun.Send(m) + + return nil +} diff --git a/errors.go b/errors.go index cf52df1..f0d3099 100644 --- a/errors.go +++ b/errors.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2020 A Bunch Tell LLC. + * Copyright © 2018-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/export.go b/export.go index bdfd7c4..e6a09c1 100644 --- a/export.go +++ b/export.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019 A Bunch Tell LLC. + * Copyright © 2018-2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/feed.go b/feed.go index d85baf8..68dd2c0 100644 --- a/feed.go +++ b/feed.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2020 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -15,7 +15,7 @@ import ( "net/http" "time" - . "github.com/gorilla/feeds" + "github.com/gorilla/feeds" "github.com/gorilla/mux" stripmd "github.com/writeas/go-strip-markdown/v2" "github.com/writeas/web-core/log" @@ -87,11 +87,11 @@ func ViewFeed(app *App, w http.ResponseWriter, req *http.Request) error { siteURL += "tag:" + tag } - feed := &Feed{ + feed := &feeds.Feed{ Title: collectionTitle, - Link: &Link{Href: siteURL}, + Link: &feeds.Link{Href: siteURL}, Description: coll.Description, - Author: &Author{author, ""}, + Author: &feeds.Author{author, ""}, Created: time.Now(), } @@ -103,13 +103,13 @@ func ViewFeed(app *App, w http.ResponseWriter, req *http.Request) error { // Create the item for the feed title = p.PlainDisplayTitle() permalink = fmt.Sprintf("%s%s", baseUrl, p.Slug.String) - feed.Items = append(feed.Items, &Item{ + feed.Items = append(feed.Items, &feeds.Item{ Id: fmt.Sprintf("%s%s", basePermalinkUrl, p.Slug.String), Title: title, - Link: &Link{Href: permalink}, + Link: &feeds.Link{Href: permalink}, Description: "", Content: string(p.HTMLContent), - Author: &Author{author, ""}, + Author: &feeds.Author{author, ""}, Created: p.Created, Updated: p.Updated, }) diff --git a/go.mod b/go.mod index 395e5ec..1006487 100644 --- a/go.mod +++ b/go.mod @@ -1,49 +1,92 @@ module github.com/writefreely/writefreely require ( - git.mills.io/prologic/go-gopher v0.0.0-20210712135410-b7ebb55feece + github.com/PuerkitoBio/goquery v1.7.0 // indirect + github.com/aymerick/douceur v0.2.0 github.com/clbanning/mxj v1.8.4 // indirect - github.com/dustin/go-humanize v1.0.0 - github.com/fatih/color v1.10.0 - github.com/go-sql-driver/mysql v1.6.0 + github.com/dustin/go-humanize v1.0.1 + github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c // indirect + github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 // indirect + github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4 // indirect + github.com/fatih/color v1.15.0 + github.com/go-ini/ini v1.67.0 + github.com/go-sql-driver/mysql v1.7.1 github.com/go-test/deep v1.0.1 // indirect + github.com/gobuffalo/envy v1.9.0 // indirect github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e // indirect - github.com/gorilla/csrf v1.7.0 + github.com/gorilla/csrf v1.7.1 github.com/gorilla/feeds v1.1.1 github.com/gorilla/mux v1.8.0 github.com/gorilla/schema v1.2.0 - github.com/gorilla/sessions v1.2.0 - github.com/guregu/null v3.5.0+incompatible + github.com/gorilla/sessions v1.2.1 + github.com/guregu/null v4.0.0+incompatible github.com/hashicorp/go-multierror v1.1.1 github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2 - github.com/jtolds/gls v4.2.1+incompatible // indirect github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec - github.com/lunixbochs/vtclean v1.0.0 // indirect - github.com/manifoldco/promptui v0.8.0 - github.com/mattn/go-sqlite3 v1.14.6 - github.com/microcosm-cc/bluemonday v1.0.5 + github.com/mailgun/mailgun-go v2.0.0+incompatible + github.com/manifoldco/promptui v0.9.0 + github.com/mattn/go-sqlite3 v1.14.17 + github.com/microcosm-cc/bluemonday v1.0.25 github.com/mitchellh/go-wordwrap v1.0.1 github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d + github.com/onsi/ginkgo v1.16.4 // indirect + github.com/onsi/gomega v1.13.0 // indirect github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be // indirect github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 // indirect github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c // indirect - github.com/stretchr/testify v1.7.0 - github.com/urfave/cli/v2 v2.3.0 + github.com/stretchr/testify v1.8.4 + github.com/urfave/cli/v2 v2.25.7 github.com/writeas/activity v0.1.2 - github.com/writeas/activityserve v0.0.0-20200409150223-d7ab3eaa4481 + github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835 github.com/writeas/go-strip-markdown/v2 v2.1.1 github.com/writeas/go-webfinger v1.1.0 github.com/writeas/httpsig v1.0.0 github.com/writeas/impart v1.1.1 github.com/writeas/import v0.2.1 - github.com/writeas/monday v0.0.0-20181024183321-54a7dd579219 + github.com/writeas/monday v1.3.0 github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320 github.com/writeas/slug v1.2.0 - github.com/writeas/web-core v1.3.1-0.20210330164422-95a3a717ed8f + github.com/writeas/web-core v1.6.0 + github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b github.com/writefreely/go-nodeinfo v1.2.0 - golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 - golang.org/x/net v0.0.0-20200707034311-ab3426394381 - gopkg.in/ini.v1 v1.62.0 + golang.org/x/crypto v0.13.0 + golang.org/x/net v0.15.0 ) -go 1.15 +require ( + code.as/core/socks v1.0.0 // indirect + github.com/andybalholm/cascadia v1.1.0 // indirect + github.com/beevik/etree v1.1.0 // indirect + github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1 // indirect + github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 // indirect + github.com/fatih/structs v1.1.0 // indirect + github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe // indirect + github.com/gofrs/uuid v3.3.0+incompatible // indirect + github.com/gologme/log v1.2.0 // indirect + github.com/gorilla/css v1.0.0 // indirect + github.com/gorilla/securecookie v1.1.1 // indirect + github.com/hashicorp/errwrap v1.0.0 // indirect + github.com/joho/godotenv v1.3.0 // indirect + github.com/jtolds/gls v4.2.1+incompatible // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect + github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/rogpeppe/go-internal v1.3.2 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/sasha-s/go-deadlock v0.3.1 // indirect + github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect + github.com/writeas/go-writeas/v2 v2.0.2 // indirect + github.com/writeas/openssl-go v1.0.0 // indirect + github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect + golang.org/x/sys v0.12.0 // indirect + golang.org/x/text v0.13.0 // indirect + gopkg.in/ini.v1 v1.62.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) + +go 1.19 diff --git a/go.sum b/go.sum index 9411d34..0666a70 100644 --- a/go.sum +++ b/go.sum @@ -1,16 +1,15 @@ code.as/core/socks v1.0.0 h1:SPQXNp4SbEwjOAP9VzUahLHak8SDqy5n+9cm9tpjZOs= code.as/core/socks v1.0.0/go.mod h1:BAXBy5O9s2gmw6UxLqNJcVbWY7C/UPs+801CcSsfWOY= -git.mills.io/prologic/go-gopher v0.0.0-20210712135410-b7ebb55feece h1:0esmnntqeuM1iBgHH0HOeSynsLA1l28p2K3h/WZuIfQ= -git.mills.io/prologic/go-gopher v0.0.0-20210712135410-b7ebb55feece/go.mod h1:EMXlYOIbYJQhPTtIltgaaHtCYDawV/HL0dYf8ShzAck= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/PuerkitoBio/goquery v1.7.0 h1:O5SP3b9JWqMSVMG69zMfj577zwkSNpxrFf7ybS74eiw= +github.com/PuerkitoBio/goquery v1.7.0/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc= +github.com/andybalholm/cascadia v1.1.0 h1:BuuO6sSfQNFRu1LppgbD25Hr2vLYW25JvxHs5zzsLTo= +github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1 h1:AFSJaASPGYNbkUa5c8ZybrcW9pP3Cy7+z5dnpcc/qG8= github.com/captncraig/cors v0.0.0-20190703115713-e80254a89df1/go.mod h1:EIlIeMufZ8nqdUhnesledB15xLRl4wIJUppwDLPrdrQ= -github.com/chris-ramon/douceur v0.2.0 h1:IDMEdxlEUUBYBKE4z/mJnFyVXox+MjuEVDJNN27glkU= -github.com/chris-ramon/douceur v0.2.0/go.mod h1:wDW5xjJdeoMm1mRt4sD4c/LbF/mWdEpRXQKjTR8nIBE= github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= @@ -20,34 +19,61 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMn github.com/clbanning/mxj v1.8.3/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng= github.com/clbanning/mxj v1.8.4 h1:HuhwZtbyvyOw+3Z1AowPkU87JkJUSv751ELWaiTpj8I= github.com/clbanning/mxj v1.8.4/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 h1:RAV05c0xOkJ3dZGS0JFybxFKZ2WMLabgx3uXnd7rpGs= github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4= -github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/fatih/color v1.10.0 h1:s36xzo75JdqLaaWoiEHk767eHiwo0598uUxyfiPkDsg= -github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= +github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= +github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c h1:8ISkoahWXwZR41ois5lSJBSVw4D0OV19Ht/JSTzvSv0= +github.com/facebookgo/ensure v0.0.0-20200202191622-63f1cf65ac4c/go.mod h1:Yg+htXGokKKdzcwhuNDwVvN+uBxDGXJ7G/VN1d8fa64= +github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 h1:JWuenKqqX8nojtoVVWjGfOF9635RETekkoH6Cc9SX0A= +github.com/facebookgo/stack v0.0.0-20160209184415-751773369052/go.mod h1:UbMTZqLaRiH3MsBH8va0n7s1pQYcu3uTb8G4tygF4Zg= +github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4 h1:7HZCaLC5+BZpmbhCOZJ293Lz68O7PYrF2EzeiFMwCLk= +github.com/facebookgo/subset v0.0.0-20200203212716-c811ad88dec4/go.mod h1:5tD+neXqOorC30/tWg0LCSkrqj/AR6gu8yY8/fpw1q0= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/go-fed/httpsig v0.1.0/go.mod h1:T56HUNYZUQ1AGUzhAYPugZfp36sKApVnGBgKlIY+aIE= github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe h1:U71giCx5NjRn4Lb71UuprPHqhjxGv3Jqonb9fgcaJH8= github.com/go-fed/httpsig v0.1.1-0.20200204213531-0ef28562fabe/go.mod h1:T56HUNYZUQ1AGUzhAYPugZfp36sKApVnGBgKlIY+aIE= -github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= -github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= +github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= +github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg= github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/gobuffalo/envy v1.9.0 h1:eZR0DuEgVLfeIb1zIKt3bT4YovIMf9O9LXQeCZLXpqE= +github.com/gobuffalo/envy v1.9.0/go.mod h1:FurDp9+EDPE4aIUS3ZLyD+7/9fpx7YRt/ukY6jIHf0w= github.com/gofrs/uuid v3.3.0+incompatible h1:8K4tyRfvU1CYPgJsveYFQMhpFd/wXNM7iK6rR7UHz84= github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/gologme/log v1.2.0 h1:Ya5Ip/KD6FX7uH0S31QO87nCCSucKtF44TLbTtO7V4c= github.com/gologme/log v1.2.0/go.mod h1:gq31gQ8wEHkR+WekdWsqDuf8pXTUZA9BnnzTuPz1Y9U= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg= github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/csrf v1.7.0 h1:mMPjV5/3Zd460xCavIkppUdvnl5fPXMpv2uz2Zyg7/Y= -github.com/gorilla/csrf v1.7.0/go.mod h1:+a/4tCmqhG6/w4oafeAZ9pEa3/NZOWYVbD9fV0FwIQA= +github.com/gorilla/csrf v1.7.1 h1:Ir3o2c1/Uzj6FBxMlAUB6SivgVMy1ONXwYgXn+/aHPE= +github.com/gorilla/csrf v1.7.1/go.mod h1:+a/4tCmqhG6/w4oafeAZ9pEa3/NZOWYVbD9fV0FwIQA= github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY= github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c= github.com/gorilla/feeds v1.1.1 h1:HwKXxqzcRNg9to+BbvJog4+f3s/xzvtZXICcQGutYfY= @@ -59,56 +85,74 @@ github.com/gorilla/schema v1.2.0 h1:YufUaxZYCKGFuAq3c96BOhjgd5nmXiOY9NGzF247Tsc= github.com/gorilla/schema v1.2.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU= github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ= github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= -github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ= -github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= -github.com/guregu/null v3.5.0+incompatible h1:fSdvRTQtmBA4B4YDZXhLtxTIJZYuUxBFTTHS4B9djG4= -github.com/guregu/null v3.5.0+incompatible/go.mod h1:ePGpQaN9cw0tj45IR5E5ehMvsFlLlQZAkkOXZurJ3NM= +github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI= +github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= +github.com/guregu/null v4.0.0+incompatible h1:4zw0ckM7ECd6FNNddc3Fu4aty9nTlpkkzH7dPn4/4Gw= +github.com/guregu/null v4.0.0+incompatible/go.mod h1:ePGpQaN9cw0tj45IR5E5ehMvsFlLlQZAkkOXZurJ3NM= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2 h1:wIdDEle9HEy7vBPjC6oKz6ejs3Ut+jmsYvuOoAW2pSM= github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2/go.mod h1:WtaVKD9TeruTED9ydiaOJU08qGoEPP/LyzTKiD3jEsw= +github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= +github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jtolds/gls v4.2.1+incompatible h1:fSuqC+Gmlu6l/ZYAoZzx2pyucC8Xza35fpRVWLVmUEE= github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU= -github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec h1:ZXWuspqypleMuJy4bzYEqlMhJnGAYpLrWe5p7W3CdvI= github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec/go.mod h1:voECJzdraJmolzPBgL9Z7ANwXf4oMXaTCsIkdiPpR/g= -github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= -github.com/lunixbochs/vtclean v1.0.0 h1:xu2sLAri4lGiovBDQKxl5mrXyESr3gUr5m5SM5+LVb8= -github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= -github.com/manifoldco/promptui v0.8.0 h1:R95mMF+McvXZQ7j1g8ucVZE1gLP3Sv6j9vlF9kyRqQo= -github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8= -github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-sqlite3 v1.14.6 h1:dNPt6NO46WmLVt2DLNpwczCmdV5boIZ6g/tlDrlRUbg= -github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= -github.com/microcosm-cc/bluemonday v1.0.5 h1:cF59UCKMmmUgqN1baLvqU/B1ZsMori+duLVTLpgiG3w= -github.com/microcosm-cc/bluemonday v1.0.5/go.mod h1:8iwZnFn2CDDNZ0r6UXhF4xawGvzaqzCRa1n3/lO3W2w= +github.com/mailgun/mailgun-go v2.0.0+incompatible h1:0FoRHWwMUctnd8KIR3vtZbqdfjpIMxOZgcSa51s8F8o= +github.com/mailgun/mailgun-go v2.0.0+incompatible/go.mod h1:NWTyU+O4aczg/nsGhQnvHL6v2n5Gy6Sv5tNDVvC6FbU= +github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= +github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM= +github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/microcosm-cc/bluemonday v1.0.23/go.mod h1:mN70sk7UkkF8TUr2IGBpNN0jAgStuPzlK76QuruE/z4= +github.com/microcosm-cc/bluemonday v1.0.25 h1:4NEwSfiJ+Wva0VxN5B8OwMicaJvD8r9tlJWm9rtloEg= +github.com/microcosm-cc/bluemonday v1.0.25/go.mod h1:ZIOjCQp1OrzBBPIJmfX4qDYFuhU02nx4bn030ixfHLE= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ= github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= +github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E= +github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= +github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak= +github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY= +github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 h1:q2e307iGHPdTGp0hoxKjt1H5pDo6utceo3dQVK3I5XQ= +github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5/go.mod h1:jvVRKCrJTQWu0XVbaOlby/2lO20uSCHEMzzplHXte1o= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be h1:ta7tUOvsPHVHGom5hKW5VXNc2xZIkfCKP8iaqOyYtUQ= github.com/rainycape/unidecode v0.0.0-20150907023854-cb7f23ec59be/go.mod h1:MIDFMn7db1kT65GmV94GzpX9Qdi7N/pQlwb+AN8wh+Q= -github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/rogpeppe/go-internal v1.3.2 h1:XU784Pr0wdahMY2bYcyK6N1KuaRAdLtqD4qd8D18Bfs= +github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sasha-s/go-deadlock v0.3.1 h1:sqv7fDNShgjcaxkO0JNcOAlr8B9+cV5Ey/OB71efZx0= +github.com/sasha-s/go-deadlock v0.3.1/go.mod h1:F73l+cr82YSh10GxyRI6qZiCgK64VaZjwesgfQ1/iLM= github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 h1:Jpy1PXuP99tXNrhbq2BaPz9B+jNAvH1JPQQpG/9GCXY= @@ -116,19 +160,23 @@ github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1 github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c h1:Ho+uVpkel/udgjbwB5Lktg9BtvJSh2DT0Hi6LPSyI2w= github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M= -github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= +github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/writeas/activity v0.1.2 h1:Y12B5lIrabfqKE7e7HFCWiXrlfXljr9tlkFm2mp7DgY= github.com/writeas/activity v0.1.2/go.mod h1:mYYgiewmEM+8tlifirK/vl6tmB2EbjYaxwb+ndUw5T0= github.com/writeas/activityserve v0.0.0-20200409150223-d7ab3eaa4481 h1:BiSivIxLQFcKoUorpNN3rNwwFG5bITPnqUSyIccfdh0= github.com/writeas/activityserve v0.0.0-20200409150223-d7ab3eaa4481/go.mod h1:4akDJSl+sSp+QhrQKMqzAqdV1gJ1pPx6XPI77zgMM8o= +github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835 h1:bm/7gYo6y3GxtTa1qyUFyCk29CTnBAKt7z4D2MASYrw= +github.com/writeas/activityserve v0.0.0-20230428180247-dc13a4f4d835/go.mod h1:4akDJSl+sSp+QhrQKMqzAqdV1gJ1pPx6XPI77zgMM8o= github.com/writeas/go-strip-markdown/v2 v2.1.1 h1:hAxUM21Uhznf/FnbVGiJciqzska6iLei22Ijc3q2e28= github.com/writeas/go-strip-markdown/v2 v2.1.1/go.mod h1:UvvgPJgn1vvN8nWuE5e7v/+qmDu3BSVnKAB6Gl7hFzA= github.com/writeas/go-webfinger v1.1.0 h1:MzNyt0ry/GMsRmJGftn2o9mPwqK1Q5MLdh4VuJCfb1Q= github.com/writeas/go-webfinger v1.1.0/go.mod h1:w2VxyRO/J5vfNjJHYVubsjUGHd3RLDoVciz0DE3ApOc= -github.com/writeas/go-writeas v1.1.0 h1:WHGm6wriBkxYAOGbvriXH8DlMUGOi6jhSZLUZKQ+4mQ= github.com/writeas/go-writeas v1.1.0/go.mod h1:oh9U1rWaiE0p3kzdKwwvOpNXgp0P0IELI7OLOwV4fkA= github.com/writeas/go-writeas/v2 v2.0.2 h1:akvdMg89U5oBJiCkBwOXljVLTqP354uN6qnG2oOMrbk= github.com/writeas/go-writeas/v2 v2.0.2/go.mod h1:9sjczQJKmru925fLzg0usrU1R1tE4vBmQtGnItUMR0M= @@ -139,46 +187,128 @@ github.com/writeas/impart v1.1.1 h1:RyA9+CqbdbDuz53k+nXCWUY+NlEkdyw6+nWanxSBl5o= github.com/writeas/impart v1.1.1/go.mod h1:g0MpxdnTOHHrl+Ca/2oMXUHJ0PcRAEWtkCzYCJUXC9Y= github.com/writeas/import v0.2.1 h1:3k+bDNCyqaWdZinyUZtEO4je3mR6fr/nE4ozTh9/9Wg= github.com/writeas/import v0.2.1/go.mod h1:gFe0Pl7ZWYiXbI0TJxeMMyylPGZmhVvCfQxhMEc8CxM= -github.com/writeas/monday v0.0.0-20181024183321-54a7dd579219 h1:baEp0631C8sT2r/hqwypIw2snCFZa6h7U6TojoLHu/c= -github.com/writeas/monday v0.0.0-20181024183321-54a7dd579219/go.mod h1:NyM35ayknT7lzO6O/1JpfgGyv+0W9Z9q7aE0J8bXxfQ= +github.com/writeas/monday v1.3.0 h1:h51wJ0DULXIDZ1w11zutLL7YCBRO5LznXISSzqVLZeA= +github.com/writeas/monday v1.3.0/go.mod h1:9/CdGLDdIeAvzvf4oeihX++PE/qXUT2+tUlPQKCfRWY= github.com/writeas/openssl-go v1.0.0 h1:YXM1tDXeYOlTyJjoMlYLQH1xOloUimSR1WMF8kjFc5o= github.com/writeas/openssl-go v1.0.0/go.mod h1:WsKeK5jYl0B5y8ggOmtVjbmb+3rEGqSD25TppjJnETA= -github.com/writeas/saturday v1.6.0/go.mod h1:ETE1EK6ogxptJpAgUbcJD0prAtX48bSloie80+tvnzQ= +github.com/writeas/saturday v1.7.1/go.mod h1:ETE1EK6ogxptJpAgUbcJD0prAtX48bSloie80+tvnzQ= github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320 h1:PozPZ29CQ/xt6ym/+FvIz+KvKEObSSc5ye+95zbTjVU= github.com/writeas/saturday v1.7.2-0.20200427193424-392b95a03320/go.mod h1:ETE1EK6ogxptJpAgUbcJD0prAtX48bSloie80+tvnzQ= github.com/writeas/slug v1.2.0 h1:EMQ+cwLiOcA6EtFwUgyw3Ge18x9uflUnOnR6bp/J+/g= github.com/writeas/slug v1.2.0/go.mod h1:RE8shOqQP3YhsfsQe0L3RnuejfQ4Mk+JjY5YJQFubfQ= -github.com/writeas/web-core v1.3.1-0.20210330164422-95a3a717ed8f h1:ItBZYzdIbBmmqn8BZGWww00MBFgcUKy5ei0gJrzRDFk= -github.com/writeas/web-core v1.3.1-0.20210330164422-95a3a717ed8f/go.mod h1:DzNxa0YLV/wNeeWeHFPNa/nHmyJBFIIzXN/m9PpDm5c= +github.com/writeas/web-core v1.6.0 h1:qOcnbB4RE/kG9g+3ycMRqepj2PljDg2whG/K4A0QB48= +github.com/writeas/web-core v1.6.0/go.mod h1:7+idL4Y4woF7MnUfNX2mvkaQ8nLIJXths2y5iYPtA3k= +github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b h1:h3NzB8OZ50NNi5k9yrFeyFszt3LyqyVK4+xUHFYY8B0= +github.com/writefreely/go-gopher v0.0.0-20220429181814-40127126f83b/go.mod h1:T2UVVzt+R5KSSZe2xRSytnwc2M9AoDegi7foeIsik+M= github.com/writefreely/go-nodeinfo v1.2.0 h1:La+YbTCvmpTwFhBSlebWDDL81N88Qf/SCAvRLR7F8ss= github.com/writefreely/go-nodeinfo v1.2.0/go.mod h1:UTvE78KpcjYOlRHupZIiSEFcXHioTXuacCbHU+CAcPg= +github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= +github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20180527072434-ab813273cd59/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180525142821-c11f84a56e43/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/ini.v1 v1.55.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/gopher.go b/gopher.go index 7d86632..2ac1590 100644 --- a/gopher.go +++ b/gopher.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020 A Bunch Tell LLC. + * Copyright © 2020 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -18,8 +18,8 @@ import ( "regexp" "strings" - "git.mills.io/prologic/go-gopher" "github.com/writeas/web-core/log" + "github.com/writefreely/go-gopher" ) func initGopher(apper Apper) { diff --git a/handle.go b/handle.go index d746feb..7537b61 100644 --- a/handle.go +++ b/handle.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -20,10 +20,10 @@ import ( "strings" "time" - "git.mills.io/prologic/go-gopher" "github.com/gorilla/sessions" "github.com/writeas/impart" "github.com/writeas/web-core/log" + "github.com/writefreely/go-gopher" "github.com/writefreely/writefreely/config" "github.com/writefreely/writefreely/page" ) @@ -155,8 +155,14 @@ func (h *Handler) User(f userHandlerFunc) http.HandlerFunc { err := f(h.app.App(), u, w, r) if err == nil { status = http.StatusOK - } else if err, ok := err.(impart.HTTPError); ok { - status = err.Status + } else if impErr, ok := err.(impart.HTTPError); ok { + status = impErr.Status + if impErr == ErrUserNotFound { + log.Info("Logged-in user not found. Logging out.") + sendRedirect(w, http.StatusFound, "/me/logout?to="+h.app.App().cfg.App.LandingPath()) + // Reset err so handleHTTPError does nothing + err = nil + } } else { status = http.StatusInternalServerError } @@ -256,7 +262,7 @@ func apiAuth(app *App, r *http.Request) (*User, error) { return u, nil } -// optionaAPIAuth is used for endpoints that accept authenticated requests via +// optionalAPIAuth is used for endpoints that accept authenticated requests via // Authorization header or cookie, unlike apiAuth. It returns a different err // in the case where no Authorization header is present. func optionalAPIAuth(app *App, r *http.Request) (*User, error) { diff --git a/hostmeta.go b/hostmeta.go index 4f452c3..9152bec 100644 --- a/hostmeta.go +++ b/hostmeta.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019 A Bunch Tell LLC. + * Copyright © 2018-2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/instance.go b/instance.go index 6805a6e..bc6e063 100644 --- a/instance.go +++ b/instance.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/invites.go b/invites.go index 4024634..72f4890 100644 --- a/invites.go +++ b/invites.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2021 A Bunch Tell LLC. + * Copyright © 2019-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -78,6 +78,9 @@ func handleViewUserInvites(app *App, u *User, w http.ResponseWriter, r *http.Req p.Silenced, err = app.db.IsUserSilenced(u.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("view invites: %v", err) } diff --git a/jobs.go b/jobs.go new file mode 100644 index 0000000..251b82d --- /dev/null +++ b/jobs.go @@ -0,0 +1,72 @@ +package writefreely + +import ( + "github.com/writeas/web-core/log" + "time" +) + +type PostJob struct { + ID int64 + PostID string + Action string + Delay int64 +} + +func addJob(app *App, p *PublicPost, action string, delay int64) error { + j := &PostJob{ + PostID: p.ID, + Action: action, + Delay: delay, + } + return app.db.InsertJob(j) +} + +func startPublishJobsQueue(app *App) { + t := time.NewTicker(62 * time.Second) + for { + log.Info("[jobs] Done.") + <-t.C + log.Info("[jobs] Fetching email publish jobs...") + jobs, err := app.db.GetJobsToRun("email") + if err != nil { + log.Error("[jobs] %s - Skipping.", err) + continue + } + log.Info("[jobs] Running %d email publish jobs...", len(jobs)) + err = runJobs(app, jobs, true) + if err != nil { + log.Error("[jobs] Failed: %s", err) + } + } +} + +func runJobs(app *App, jobs []*PostJob, reqColl bool) error { + for _, j := range jobs { + p, err := app.db.GetPost(j.PostID, 0) + if err != nil { + log.Info("[job #%d] Unable to get post: %s", j.ID, err) + continue + } + if !p.CollectionID.Valid && reqColl { + log.Info("[job #%d] Post %s not part of a collection", j.ID, p.ID) + app.db.DeleteJob(j.ID) + continue + } + coll, err := app.db.GetCollectionByID(p.CollectionID.Int64) + if err != nil { + log.Info("[job #%d] Unable to get collection: %s", j.ID, err) + continue + } + coll.hostName = app.cfg.App.Host + coll.ForPublic() + p.Collection = &CollectionObj{Collection: *coll} + err = emailPost(app, p, p.Collection.ID) + if err != nil { + log.Error("[job #%d] Failed to email post %s", j.ID, p.ID) + continue + } + log.Info("[job #%d] Success for post %s.", j.ID, p.ID) + app.db.DeleteJob(j.ID) + } + return nil +} diff --git a/key/key.go b/key/key.go index 25490ca..1fa5625 100644 --- a/key/key.go +++ b/key/key.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019, 2021 A Bunch Tell LLC. + * Copyright © 2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/keys.go b/keys.go index 1b43d0b..b5896f7 100644 --- a/keys.go +++ b/keys.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019, 2021 A Bunch Tell LLC. + * Copyright © 2018-2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -13,7 +13,6 @@ package writefreely import ( "github.com/writeas/web-core/log" "github.com/writefreely/writefreely/key" - "io/ioutil" "os" "path/filepath" ) @@ -52,7 +51,7 @@ func initKeyPaths(app *App) { func generateKey(path string) error { // Check if key file exists if _, err := os.Stat(path); err == nil { - log.Info("%s already exists. rm the file if you understand the consquences.", path) + log.Info("%s already exists. rm the file if you understand the consequences.", path) return nil } else if !os.IsNotExist(err) { log.Error("%s", err) @@ -65,7 +64,7 @@ func generateKey(path string) error { log.Error("FAILED. %s. Run writefreely --gen-keys again.", err) return err } - err = ioutil.WriteFile(path, b, 0600) + err = os.WriteFile(path, b, 0600) if err != nil { log.Error("FAILED writing file: %s", err) return err diff --git a/less/admin.less b/less/admin.less index 86dc9ff..673a03b 100644 --- a/less/admin.less +++ b/less/admin.less @@ -60,6 +60,35 @@ nav#admin { background: #ccc; } } + + &.sub { + margin: 1em 0 2em; + a:not(.toggle) { + border: 0; + border-bottom: 2px transparent solid; + .rounded(0); + padding: 0.5em; + margin-left: 0.5em; + margin-right: 0.5em; + + &:hover { + color: @primary; + background: transparent; + } + &.selected { + color: @primary; + background: transparent; + border-bottom-color: @primary; + } + &+a { + margin-left: 1em; + } + } + a.toggle { + margin-top: -0.5em; + float: right; + } + } } .admin-actions { diff --git a/less/core.less b/less/core.less index 75a801b..1b418ba 100644 --- a/less/core.less +++ b/less/core.less @@ -210,6 +210,10 @@ body { pre { line-height: 1.5; } + .flash { + text-align: center; + margin-bottom: 4em; + } } &#subpage { #wrapper { @@ -695,6 +699,7 @@ table.downloads { select.inputform, textarea.inputform { border: 1px solid #999; + background: white; } input, button, select.inputform, textarea.inputform, a.btn { @@ -1596,6 +1601,18 @@ pre.code-block { overflow-x: auto; } +#emailsub { + text-align: center; +} +p#emailsub { + display: inline-block !important; + width: 100%; + font-style: italic; +} +#subscribe-btn { + margin-left: 0.5em; +} + #org-nav { font-family: @sansFont; font-size: 1.1em; diff --git a/less/fonts.less b/less/fonts.less index 7ee5356..e4b2659 100644 --- a/less/fonts.less +++ b/less/fonts.less @@ -3,7 +3,6 @@ font-family: 'Open Sans'; font-style: normal; font-weight: 400; - font-display: optional; src: url('/fonts/open-sans-v13-latin-regular.eot'); /* IE9 Compat Modes */ src: local('Open Sans'), local('OpenSans'), url('/fonts/open-sans-v13-latin-regular.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */ @@ -17,7 +16,6 @@ font-family: 'Open Sans'; font-style: normal; font-weight: 700; - font-display: optional; src: url('/fonts/open-sans-v13-latin-700.eot'); /* IE9 Compat Modes */ src: local('Open Sans Bold'), local('OpenSans-Bold'), url('/fonts/open-sans-v13-latin-700.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */ @@ -31,7 +29,6 @@ font-family: 'Lora'; font-style: normal; font-weight: 400; - font-display: optional; src: url('/fonts/Lora-Regular.eot'); /* IE9 Compat Modes */ src: local('Lora'), local('Lora-Regular'), url('/fonts/Lora-Regular.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */ @@ -44,7 +41,6 @@ font-family: 'Lora'; font-style: normal; font-weight: 700; - font-display: optional; src: url('/fonts/Lora-Bold.eot'); /* IE9 Compat Modes */ src: local('Lora Bold'), local('Lora-Bold'), url('/fonts/Lora-Bold.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */ @@ -56,7 +52,6 @@ font-family: 'Lora'; font-style: italic; font-weight: 400; - font-display: optional; src: url('/fonts/Lora-Italic.eot'); /* IE9 Compat Modes */ src: local('Lora Italic'), local('Lora-Italic'), url('/fonts/Lora-Italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */ diff --git a/less/login.less b/less/login.less index fefeb12..df6f246 100644 --- a/less/login.less +++ b/less/login.less @@ -1,5 +1,5 @@ /* - * Copyright © 2020 A Bunch Tell LLC. + * Copyright © 2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/drivers.go b/migrations/drivers.go index 1399411..800d2a6 100644 --- a/migrations/drivers.go +++ b/migrations/drivers.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019 A Bunch Tell LLC. + * Copyright © 2019 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -36,6 +36,13 @@ func (db *datastore) typeSmallInt() string { return "SMALLINT" } +func (db *datastore) typeTinyInt() string { + if db.driverName == driverSQLite { + return "INTEGER" + } + return "TINYINT" +} + func (db *datastore) typeText() string { return "TEXT" } @@ -65,6 +72,15 @@ func (db *datastore) typeDateTime() string { return "DATETIME" } +func (db *datastore) typeIntPrimaryKey() string { + if db.driverName == driverSQLite { + // From docs: "In SQLite, a column with type INTEGER PRIMARY KEY is an alias for the ROWID (except in WITHOUT + // ROWID tables) which is always a 64-bit signed integer." + return "INTEGER PRIMARY KEY" + } + return "INT AUTO_INCREMENT PRIMARY KEY" +} + func (db *datastore) collateMultiByte() string { if db.driverName == driverSQLite { return "" diff --git a/migrations/migrations.go b/migrations/migrations.go index b3ebcc0..d4f9d4b 100644 --- a/migrations/migrations.go +++ b/migrations/migrations.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019 A Bunch Tell LLC. + * Copyright © 2019 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -65,7 +65,10 @@ var migrations = []Migration{ New("support oauth attach", oauthAttach), // V6 -> V7 New("support oauth via invite", oauthInvites), // V7 -> V8 (v0.12.0) New("optimize drafts retrieval", optimizeDrafts), // V8 -> V9 - New("support post signatures", supportPostSignatures), // V9 -> V10 + New("support post signatures", supportPostSignatures), // V9 -> V10 (v0.13.0) + New("Widen oauth_users.access_token", widenOauthAcceesToken), // V10 -> V11 + New("support verifying fedi profile", fediverseVerifyProfile), // V11 -> V12 (v0.14.0) + New("support newsletters", supportLetters), // V12 -> V13 } // CurrentVer returns the current migration version the application is on diff --git a/migrations/v1.go b/migrations/v1.go index ef3a579..dcc956d 100644 --- a/migrations/v1.go +++ b/migrations/v1.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019 A Bunch Tell LLC. + * Copyright © 2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v10.go b/migrations/v10.go index 9c84a01..25a4a28 100644 --- a/migrations/v10.go +++ b/migrations/v10.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020 A Bunch Tell LLC. + * Copyright © 2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v11.go b/migrations/v11.go new file mode 100644 index 0000000..412c648 --- /dev/null +++ b/migrations/v11.go @@ -0,0 +1,38 @@ +/* + * Copyright © 2020 Musing Studio LLC. + * + * This file is part of WriteFreely. + * + * WriteFreely is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, included + * in the LICENSE file in this source code package. + */ + +package migrations + +/** + * Widen `oauth_users.access_token`, necessary only for mysql + */ +func widenOauthAcceesToken(db *datastore) error { + if db.driverName == driverMySQL { + t, err := db.Begin() + if err != nil { + t.Rollback() + return err + } + + _, err = t.Exec(`ALTER TABLE oauth_users MODIFY COLUMN access_token ` + db.typeText() + db.collateMultiByte() + ` NULL`) + if err != nil { + t.Rollback() + return err + } + + err = t.Commit() + if err != nil { + t.Rollback() + return err + } + } + + return nil +} diff --git a/migrations/v12.go b/migrations/v12.go new file mode 100644 index 0000000..bed93fd --- /dev/null +++ b/migrations/v12.go @@ -0,0 +1,33 @@ +/* + * Copyright © 2023 Musing Studio LLC. + * + * This file is part of WriteFreely. + * + * WriteFreely is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, included + * in the LICENSE file in this source code package. + */ + +package migrations + +func fediverseVerifyProfile(db *datastore) error { + t, err := db.Begin() + if err != nil { + t.Rollback() + return err + } + + _, err = t.Exec(`ALTER TABLE remoteusers ADD COLUMN url ` + db.typeVarChar(255) + ` NULL` + db.after("shared_inbox")) + if err != nil { + t.Rollback() + return err + } + + err = t.Commit() + if err != nil { + t.Rollback() + return err + } + + return nil +} diff --git a/migrations/v13.go b/migrations/v13.go new file mode 100644 index 0000000..908ceac --- /dev/null +++ b/migrations/v13.go @@ -0,0 +1,58 @@ +/* + * Copyright © 2021 Musing Studio LLC. + * + * This file is part of WriteFreely. + * + * WriteFreely is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, included + * in the LICENSE file in this source code package. + */ + +package migrations + +func supportLetters(db *datastore) error { + t, err := db.Begin() + if err != nil { + t.Rollback() + return err + } + + _, err = t.Exec(`CREATE TABLE publishjobs ( + id ` + db.typeIntPrimaryKey() + `, + post_id ` + db.typeVarChar(16) + ` not null, + action ` + db.typeVarChar(16) + ` not null, + delay ` + db.typeTinyInt() + ` not null +)`) + if err != nil { + t.Rollback() + return err + } + + _, err = t.Exec(`CREATE TABLE emailsubscribers ( + id ` + db.typeChar(8) + ` not null, + collection_id ` + db.typeInt() + ` not null, + user_id ` + db.typeInt() + ` null, + email ` + db.typeVarChar(255) + ` null, + subscribed ` + db.typeDateTime() + ` not null, + token ` + db.typeChar(16) + ` not null, + confirmed ` + db.typeBool() + ` default 0 not null, + allow_export ` + db.typeBool() + ` default 0 not null, + constraint eu_coll_email + unique (collection_id, email), + constraint eu_coll_user + unique (collection_id, user_id), + PRIMARY KEY (id) +)`) + if err != nil { + t.Rollback() + return err + } + + err = t.Commit() + if err != nil { + t.Rollback() + return err + } + + return nil +} diff --git a/migrations/v2.go b/migrations/v2.go index d282ec7..fb742b5 100644 --- a/migrations/v2.go +++ b/migrations/v2.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019 A Bunch Tell LLC. + * Copyright © 2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v3.go b/migrations/v3.go index e36b9d0..6236ae3 100644 --- a/migrations/v3.go +++ b/migrations/v3.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019 A Bunch Tell LLC. + * Copyright © 2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v4.go b/migrations/v4.go index c69dce1..4ae267d 100644 --- a/migrations/v4.go +++ b/migrations/v4.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2021 A Bunch Tell LLC. + * Copyright © 2019-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v5.go b/migrations/v5.go index 1fe3e30..db18fa1 100644 --- a/migrations/v5.go +++ b/migrations/v5.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2021 A Bunch Tell LLC. + * Copyright © 2019-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v6.go b/migrations/v6.go index 074f446..885d445 100644 --- a/migrations/v6.go +++ b/migrations/v6.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v7.go b/migrations/v7.go index 5737b21..2056aa0 100644 --- a/migrations/v7.go +++ b/migrations/v7.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v8.go b/migrations/v8.go index 28af523..36001af 100644 --- a/migrations/v8.go +++ b/migrations/v8.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/migrations/v9.go b/migrations/v9.go index c6b832e..f542189 100644 --- a/migrations/v9.go +++ b/migrations/v9.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020 A Bunch Tell LLC. + * Copyright © 2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/monetization.go b/monetization.go index 92375c2..4d6b42b 100644 --- a/monetization.go +++ b/monetization.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -16,7 +16,7 @@ import ( "github.com/gorilla/mux" "github.com/writeas/impart" "github.com/writeas/web-core/log" - "io/ioutil" + "io" "net/http" "net/url" "os" @@ -144,7 +144,7 @@ func verifyReceipt(receipt, id string) error { defer resp.Body.Close() } - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { log.Error("Unable to read %s response body: %s", receiptsHost, err) return err diff --git a/nodeinfo.go b/nodeinfo.go index f0c0b5e..6ce3572 100644 --- a/nodeinfo.go +++ b/nodeinfo.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019, 2021 A Bunch Tell LLC. + * Copyright © 2018-2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -94,14 +94,20 @@ INNER JOIN collections c ON collection_id = c.id WHERE collection_id IS NOT NULL AND updated > DATE_SUB(NOW(), INTERVAL 6 MONTH)) co`).Scan(&activeHalfYear) + if err != nil { + log.Error("Failed getting 6-month active user stats: %s", err) + } err = r.db.QueryRow(`SELECT COUNT(*) FROM ( SELECT DISTINCT collection_id FROM posts -INNER JOIN FROM collections c +INNER JOIN collections c ON collection_id = c.id WHERE collection_id IS NOT NULL AND updated > DATE_SUB(NOW(), INTERVAL 1 MONTH)) co`).Scan(&activeMonth) + if err != nil { + log.Error("Failed getting 1-month active user stats: %s", err) + } } return nodeinfo.Usage{ diff --git a/oauth.go b/oauth.go index 2958721..06a2d20 100644 --- a/oauth.go +++ b/oauth.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2021 A Bunch Tell LLC. + * Copyright © 2019-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -15,7 +15,6 @@ import ( "encoding/json" "fmt" "io" - "io/ioutil" "net/http" "net/url" "strings" @@ -293,10 +292,15 @@ func configureGiteaOauth(parentHandler *Handler, r *mux.Router, app *App) { ClientID: app.Config().GiteaOauth.ClientID, ClientSecret: app.Config().GiteaOauth.ClientSecret, ExchangeLocation: app.Config().GiteaOauth.Host + "/login/oauth/access_token", - InspectLocation: app.Config().GiteaOauth.Host + "/api/v1/user", + InspectLocation: app.Config().GiteaOauth.Host + "/login/oauth/userinfo", AuthLocation: app.Config().GiteaOauth.Host + "/login/oauth/authorize", HttpClient: config.DefaultHTTPClient(), CallbackLocation: callbackLocation, + Scope: "openid profile email", + MapUserID: "sub", + MapUsername: "login", + MapDisplayName: "full_name", + MapEmail: "email", } configureOauthRoutes(parentHandler, r, app, oauthClient, callbackProxy) } @@ -355,7 +359,7 @@ func (h oauthHandler) viewOauthCallback(app *App, w http.ResponseWriter, r *http } if localUserID != -1 && attachUserID > 0 { - if err = addSessionFlash(app, w, r, "This Slack account is already attached to another user.", nil); err != nil { + if err = addSessionFlash(app, w, r, "This OAuth account is already attached to another user.", nil); err != nil { return impart.HTTPError{Status: http.StatusInternalServerError, Message: err.Error()} } return impart.HTTPError{http.StatusFound, "/me/settings"} @@ -376,6 +380,7 @@ func (h oauthHandler) viewOauthCallback(app *App, w http.ResponseWriter, r *http } if attachUserID > 0 { log.Info("attaching to user %d", attachUserID) + log.Info("OAuth userid: %s", tokenInfo.UserID) err = h.DB.RecordRemoteUserID(r.Context(), attachUserID, tokenInfo.UserID, provider, clientID, tokenResponse.AccessToken) if err != nil { return impart.HTTPError{http.StatusInternalServerError, err.Error()} @@ -444,7 +449,7 @@ func (r *callbackProxyClient) register(ctx context.Context, state string) error func limitedJsonUnmarshal(body io.ReadCloser, n int, thing interface{}) error { lr := io.LimitReader(body, int64(n+1)) - data, err := ioutil.ReadAll(lr) + data, err := io.ReadAll(lr) if err != nil { return err } diff --git a/oauth_generic.go b/oauth_generic.go index ccf6a0f..25c162b 100644 --- a/oauth_generic.go +++ b/oauth_generic.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC and respective authors. + * Copyright © 2020-2021 Musing Studio LLC and respective authors. * * This file is part of WriteFreely. * diff --git a/oauth_gitea.go b/oauth_gitea.go index a9b7741..3ecd4a7 100644 --- a/oauth_gitea.go +++ b/oauth_gitea.go @@ -3,6 +3,8 @@ package writefreely import ( "context" "errors" + "fmt" + "github.com/writeas/web-core/log" "net/http" "net/url" "strings" @@ -15,6 +17,11 @@ type giteaOauthClient struct { ExchangeLocation string InspectLocation string CallbackLocation string + Scope string + MapUserID string + MapUsername string + MapDisplayName string + MapEmail string HttpClient HttpClient } @@ -46,7 +53,7 @@ func (c giteaOauthClient) buildLoginURL(state string) (string, error) { q.Set("redirect_uri", c.CallbackLocation) q.Set("response_type", "code") q.Set("state", state) - // q.Set("scope", "read_user") + q.Set("scope", c.Scope) u.RawQuery = q.Encode() return u.String(), nil } @@ -55,7 +62,7 @@ func (c giteaOauthClient) exchangeOauthCode(ctx context.Context, code string) (* form := url.Values{} form.Add("grant_type", "authorization_code") form.Add("redirect_uri", c.CallbackLocation) - // form.Add("scope", "read_user") + form.Add("scope", c.Scope) form.Add("code", code) req, err := http.NewRequest("POST", c.ExchangeLocation, strings.NewReader(form.Encode())) if err != nil { @@ -103,12 +110,24 @@ func (c giteaOauthClient) inspectOauthAccessToken(ctx context.Context, accessTok return nil, errors.New("unable to inspect access token") } - var inspectResponse InspectResponse - if err := limitedJsonUnmarshal(resp.Body, infoRequestMaxLen, &inspectResponse); err != nil { + // since we don't know what the JSON from the server will look like, we create a + // generic interface and then map manually to values set in the config + var genericInterface map[string]interface{} + if err := limitedJsonUnmarshal(resp.Body, infoRequestMaxLen, &genericInterface); err != nil { return nil, err } - if inspectResponse.Error != "" { - return nil, errors.New(inspectResponse.Error) + + // map each relevant field in inspectResponse to the mapped field from the config + var inspectResponse InspectResponse + inspectResponse.UserID, _ = genericInterface[c.MapUserID].(string) + // log.Info("Userid from Gitea: %s", inspectResponse.UserID) + if inspectResponse.UserID == "" { + log.Error("[CONFIGURATION ERROR] Gitea OAuth provider returned empty UserID value (`%s`).\n Do you need to configure a different `map_user_id` value for this provider?", c.MapUserID) + return nil, fmt.Errorf("no UserID (`%s`) value returned", c.MapUserID) } + inspectResponse.Username, _ = genericInterface[c.MapUsername].(string) + inspectResponse.DisplayName, _ = genericInterface[c.MapDisplayName].(string) + inspectResponse.Email, _ = genericInterface[c.MapEmail].(string) + return &inspectResponse, nil } diff --git a/oauth_signup.go b/oauth_signup.go index 8dff416..b9b52c5 100644 --- a/oauth_signup.go +++ b/oauth_signup.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/oauth_slack.go b/oauth_slack.go index bad3775..a2752db 100644 --- a/oauth_slack.go +++ b/oauth_slack.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/oauth_test.go b/oauth_test.go index 553c1cb..1bd0bfc 100644 --- a/oauth_test.go +++ b/oauth_test.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2021 A Bunch Tell LLC. + * Copyright © 2019-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/ossl_legacy.cnf b/ossl_legacy.cnf new file mode 100644 index 0000000..90c36f2 --- /dev/null +++ b/ossl_legacy.cnf @@ -0,0 +1,10 @@ + +[provider_sect] +default = default_sect +legacy = legacy_sect + +[default_sect] +activate = 1 + +[legacy_sect] +activate = 1 diff --git a/pad.go b/pad.go index d150334..55dde70 100644 --- a/pad.go +++ b/pad.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -55,6 +55,9 @@ func handleViewPad(app *App, w http.ResponseWriter, r *http.Request) error { } appData.Silenced, err = app.db.IsUserSilenced(appData.User.ID) if err != nil { + if err == ErrUserNotFound { + return err + } log.Error("Unable to get user status for Pad: %v", err) } } diff --git a/page/page.go b/page/page.go index 2cfb6cc..5ab7750 100644 --- a/page/page.go +++ b/page/page.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019, 2021 A Bunch Tell LLC. + * Copyright © 2018-2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -21,6 +21,7 @@ type StaticPage struct { config.AppCfg Version string HeaderNav bool + CustomCSS bool // Request values Path string diff --git a/pages.go b/pages.go index f871882..6ebc3dc 100644 --- a/pages.go +++ b/pages.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019, 2021 A Bunch Tell LLC. + * Copyright © 2018-2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -40,6 +40,28 @@ func defaultAboutTitle(cfg *config.Config) sql.NullString { return sql.NullString{String: "About " + cfg.App.SiteName, Valid: true} } +func getContactPage(app *App) (*instanceContent, error) { + c, err := app.db.GetDynamicContent("contact") + if err != nil { + return nil, err + } + if c == nil { + c = &instanceContent{ + ID: "contact", + Type: "page", + Content: defaultContactPage(app), + } + } + if !c.Title.Valid { + c.Title = defaultContactTitle() + } + return c, nil +} + +func defaultContactTitle() sql.NullString { + return sql.NullString{String: "Contact Us", Valid: true} +} + func getPrivacyPage(app *App) (*instanceContent, error) { c, err := app.db.GetDynamicContent("privacy") if err != nil { @@ -70,12 +92,24 @@ func defaultAboutPage(cfg *config.Config) string { return `_` + cfg.App.SiteName + `_ is a place for you to write and publish, powered by [WriteFreely](https://writefreely.org).` } +func defaultContactPage(app *App) string { + c, err := app.db.GetCollectionByID(1) + if err != nil { + return "" + } + return `_` + app.cfg.App.SiteName + `_ is administered by: [**` + c.Alias + `**](/` + c.Alias + `/). + +Contact them at this email address: _EMAIL GOES HERE_. + +You can also reach them here...` +} + func defaultPrivacyPolicy(cfg *config.Config) string { return `[WriteFreely](https://writefreely.org), the software that powers this site, is built to enforce your right to privacy by default. It retains as little data about you as possible, not even requiring an email address to sign up. However, if you _do_ give us your email address, it is stored encrypted in our database. We salt and hash your account's password. -We store log files, or data about what happens on our servers. We also use cookies to keep you logged in to your account. +We store log files, or data about what happens on our servers. We also use cookies to keep you logged into your account. Beyond this, it's important that you trust whoever runs **` + cfg.App.SiteName + `**. Software can only do so much to protect you -- your level of privacy protections will ultimately fall on the humans that run this particular service.` } diff --git a/pages/404-general.tmpl b/pages/404-general.tmpl index dfc4653..07f2549 100644 --- a/pages/404-general.tmpl +++ b/pages/404-general.tmpl @@ -1,7 +1,6 @@ {{define "head"}}Page not found — {{.SiteName}}{{end}} {{define "content"}}
-

This page is missing.

-

Are you sure it was ever here?

+

Page not found.

{{end}} diff --git a/pages/500.tmpl b/pages/500.tmpl index e148fb5..4240348 100644 --- a/pages/500.tmpl +++ b/pages/500.tmpl @@ -2,9 +2,7 @@ {{define "content"}}

Server error 😵

-

Please contact the human authors of this software and remind them of their many shortcomings.

-

Be gentle, though. They are fragile mortal beings.

-

Also, unlike the AI that will soon replace them, you will need to include an error log from the server in your report. (Utterly primitive, we know.)

+

There seems to be an issue with this server. Please contact the admin and let them know they'll need to fix it.

– {{.SiteName}} 🤖

{{end}} diff --git a/pages/contact.tmpl b/pages/contact.tmpl new file mode 100644 index 0000000..8dff9ae --- /dev/null +++ b/pages/contact.tmpl @@ -0,0 +1,8 @@ +{{define "head"}}{{.ContentTitle}} — {{.SiteName}} + +{{end}} +{{define "content"}}
+

{{.ContentTitle}}

+ {{.Content}} +
+{{end}} diff --git a/pages/login.tmpl b/pages/login.tmpl index f0a54eb..0fe29a1 100644 --- a/pages/login.tmpl +++ b/pages/login.tmpl @@ -1,13 +1,13 @@ {{define "head"}}Log in — {{.SiteName}} - - + + {{end}} {{define "content"}}
-

Log in to {{.SiteName}}

+

Log into {{.SiteName}}

{{if .Flashes}}
    {{range .Flashes}}
  • {{.}}
    • {{end}} diff --git a/parse/posts.go b/parse/posts.go index f660e08..6a9a910 100644 --- a/parse/posts.go +++ b/parse/posts.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2020 A Bunch Tell LLC. + * Copyright © 2018-2020 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/parse/posts_test.go b/parse/posts_test.go index 8f0d8b3..c377f57 100644 --- a/parse/posts_test.go +++ b/parse/posts_test.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/postrender.go b/postrender.go index 13bf02e..2156649 100644 --- a/postrender.go +++ b/postrender.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -120,7 +120,7 @@ func (p *PublicPost) augmentReadingDestination() { } func applyMarkdown(data []byte, baseURL string, cfg *config.Config) string { - return applyMarkdownSpecial(data, false, baseURL, cfg) + return applyMarkdownSpecial(data, baseURL, cfg, cfg.App.SingleUser) } func disableYoutubeAutoplay(outHTML string) string { @@ -142,7 +142,7 @@ func disableYoutubeAutoplay(outHTML string) string { return outHTML } -func applyMarkdownSpecial(data []byte, skipNoFollow bool, baseURL string, cfg *config.Config) string { +func applyMarkdownSpecial(data []byte, baseURL string, cfg *config.Config, skipNoFollow bool) string { mdExtensions := 0 | blackfriday.EXTENSION_TABLES | blackfriday.EXTENSION_FENCED_CODE | @@ -201,6 +201,9 @@ func applyBasicMarkdown(data []byte) string { md := blackfriday.Markdown(append([]byte("# "), data...), blackfriday.HtmlRenderer(htmlFlags, "", ""), mdExtensions) // Remove H1 markup md = bytes.TrimSpace(md) // blackfriday.Markdown adds a newline at the end of the

    + if len(md) == 0 { + return "" + } md = md[len("

    ") : len(md)-len("

    ")] // Strip out bad HTML policy := bluemonday.UGCPolicy() @@ -267,6 +270,7 @@ func getSanitizationPolicy() *bluemonday.Policy { policy.AllowAttrs("target").OnElements("a") policy.AllowAttrs("title").OnElements("abbr") policy.AllowAttrs("style", "class", "id").Globally() + policy.AllowAttrs("alt").OnElements("img") policy.AllowElements("header", "footer") policy.AllowURLSchemes("http", "https", "mailto", "xmpp") return policy @@ -281,12 +285,13 @@ func sanitizePost(content string) string { // choosing what to generate. In case a post has a title, this function will // fail, and logic should instead be implemented to skip this when there's no // title, like so: -// var desc string -// if title == "" { -// desc = postDescription(content, title, friendlyId) -// } else { -// desc = shortPostDescription(content) -// } +// +// var desc string +// if title == "" { +// desc = postDescription(content, title, friendlyId) +// } else { +// desc = shortPostDescription(content) +// } func postDescription(content, title, friendlyId string) string { maxLen := 140 diff --git a/postrender_test.go b/postrender_test.go index 531c0f1..ec6bbdd 100644 --- a/postrender_test.go +++ b/postrender_test.go @@ -1,5 +1,5 @@ /* - * Copyright © 2021 A Bunch Tell LLC. + * Copyright © 2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/posts.go b/posts.go index 21b66b9..1a44d28 100644 --- a/posts.go +++ b/posts.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -14,6 +14,7 @@ import ( "database/sql" "encoding/json" "fmt" + "github.com/writefreely/writefreely/spam" "html/template" "net/http" "net/url" @@ -139,6 +140,7 @@ type ( IsPinned bool IsCustomDomain bool Monetization string + Verification string PinnedPosts *[]PublicPost IsFound bool IsAdmin bool @@ -355,7 +357,7 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error { return impart.HTTPError{http.StatusFound, fmt.Sprintf("/%s%s", fixedID, ext)} } - err := app.db.QueryRow(fmt.Sprintf("SELECT owner_id, collection_id, title, content, text_appearance, view_count, language, rtl FROM posts WHERE id = ?"), friendlyID).Scan(&ownerID, &collectionID, &title, &content, &font, &views, &language, &rtl) + err := app.db.QueryRow("SELECT owner_id, collection_id, title, content, text_appearance, view_count, language, rtl FROM posts WHERE id = ?", friendlyID).Scan(&ownerID, &collectionID, &title, &content, &font, &views, &language, &rtl) switch { case err == sql.ErrNoRows: found = false @@ -533,9 +535,9 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error { // newPost creates a new post with or without an owning Collection. // // Endpoints: -// /posts -// /posts?collection={alias} -// ? /collections/{alias}/posts +// - /posts +// - /posts?collection={alias} +// - ? /collections/{alias}/posts func newPost(app *App, w http.ResponseWriter, r *http.Request) error { reqJSON := IsJSON(r) vars := mux.Vars(r) @@ -668,8 +670,17 @@ func newPost(app *App, w http.ResponseWriter, r *http.Request) error { // Write success now response := impart.WriteSuccess(w, newPost, http.StatusCreated) - if newPost.Collection != nil && !app.cfg.App.Private && app.cfg.App.Federation && !newPost.Created.After(time.Now()) { - go federatePost(app, newPost, newPost.Collection.ID, false) + if newPost.Collection != nil { + if !app.cfg.App.Private && app.cfg.App.Federation && !newPost.Created.After(time.Now()) { + go federatePost(app, newPost, newPost.Collection.ID, false) + } + if app.cfg.Email.Enabled() && newPost.Collection.EmailSubsEnabled() { + go app.db.InsertJob(&PostJob{ + PostID: newPost.ID, + Action: "email", + Delay: emailSendDelay, + }) + } } return response @@ -969,16 +980,23 @@ func addPost(app *App, w http.ResponseWriter, r *http.Request) error { return err } - if !app.cfg.App.Private && app.cfg.App.Federation { - for _, pRes := range *res { - if pRes.Code != http.StatusOK { - continue - } + for _, pRes := range *res { + if pRes.Code != http.StatusOK { + continue + } + if !app.cfg.App.Private && app.cfg.App.Federation { if !pRes.Post.Created.After(time.Now()) { pRes.Post.Collection.hostName = app.cfg.App.Host go federatePost(app, pRes.Post, pRes.Post.Collection.ID, false) } } + if app.cfg.Email.Enabled() && pRes.Post.Collection.EmailSubsEnabled() { + go app.db.InsertJob(&PostJob{ + PostID: pRes.Post.ID, + Action: "email", + Delay: emailSendDelay, + }) + } } return impart.WriteSuccess(w, res, http.StatusOK) } @@ -1084,7 +1102,7 @@ func pinPost(app *App, w http.ResponseWriter, r *http.Request) error { ppr := PinPostResult{ID: p.ID} if err != nil { ppr.Code = http.StatusInternalServerError - // TODO: set error messsage + // TODO: set error message } else { ppr.Code = http.StatusOK } @@ -1136,8 +1154,7 @@ func fetchPost(app *App, w http.ResponseWriter, r *http.Request) error { p.extractData() - accept := r.Header.Get("Accept") - if strings.Contains(accept, "application/activity+json") { + if IsActivityPubRequest(r) { if coll == nil { // This is a draft post; 404 for now // TODO: return ActivityObject @@ -1181,6 +1198,15 @@ func (p *PublicPost) CanonicalURL(hostName string) string { return p.Collection.CanonicalURL() + p.Slug.String } +func (pp *PublicPost) DisplayCanonicalURL() string { + us := pp.CanonicalURL(pp.Collection.hostName) + u, err := url.Parse(us) + if err != nil { + return us + } + return u.Hostname() + u.Path +} + func (p *PublicPost) ActivityObject(app *App) *activitystreams.Object { cfg := app.cfg var o *activitystreams.Object @@ -1264,6 +1290,8 @@ func getSlug(title, lang string) string { func getSlugFromPost(title, body, lang string) string { if title == "" { + // Remove Markdown, so e.g. link URLs and image alt text don't make it into the slug + body = strings.TrimSpace(stripmd.StripOptions(body, stripmd.Options{SkipImages: true})) title = postTitle(body, body) } title = parse.PostLede(title, false) @@ -1547,6 +1575,15 @@ Are you sure it was ever here?`, } else { p.extractData() p.Content = strings.Replace(p.Content, "", "", 1) + if app.cfg.Email.Enabled() && c.EmailSubsEnabled() { + // TODO: indicate plan is inactive or subs disabled when OWNER is viewing their own post. + if u != nil && u.IsEmailSubscriber(app, c.ID) { + p.Content = strings.Replace(p.Content, "", `

    You're subscribed to email updates. Unsubscribe.

    `, -1) + } else { + p.Content = strings.Replace(p.Content, "", `
    `, -1) + } + } + p.Content = strings.Replace(p.Content, "<!--emailsub-->", "", 1) // TODO: move this to function p.formatContent(app.cfg, cr.isCollOwner, true) tp := CollectionPostPage{ @@ -1562,7 +1599,8 @@ Are you sure it was ever here?`, tp.CanInvite = canUserInvite(app.cfg, tp.IsAdmin) tp.PinnedPosts, _ = app.db.GetPinnedPosts(coll, p.IsOwner) tp.IsPinned = len(*tp.PinnedPosts) > 0 && PostsContains(tp.PinnedPosts, p) - tp.Monetization = app.db.GetCollectionAttribute(coll.ID, "monetization_pointer") + tp.Monetization = coll.Monetization + tp.Verification = coll.Verification if !postFound { w.WriteHeader(http.StatusNotFound) @@ -1610,6 +1648,14 @@ func (p *Post) extractData() { p.extractImages() } +func (p *Post) IsSans() bool { + return p.Font == "sans" +} + +func (p *Post) IsMonospace() bool { + return p.Font == "mono" +} + func (rp *RawPost) UserFacingCreated() string { return rp.Created.Format(postMetaDateFormat) } diff --git a/posts_test.go b/posts_test.go index 0c9bc95..612c178 100644 --- a/posts_test.go +++ b/posts_test.go @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/prose/markdownSerializer.js b/prose/markdownSerializer.js index 6ccf6bc..685703c 100644 --- a/prose/markdownSerializer.js +++ b/prose/markdownSerializer.js @@ -92,8 +92,8 @@ export const writeFreelyMarkdownSerializer = new MarkdownSerializer( }, { em: { - open: "*", - close: "*", + open: "_", + close: "_", mixable: true, expelEnclosingWhitespace: true, }, diff --git a/prose/package-lock.json b/prose/package-lock.json index adcd161..e82ddc6 100644 --- a/prose/package-lock.json +++ b/prose/package-lock.json @@ -5,15 +5,16 @@ "requires": true, "packages": { "": { + "name": "prose", "version": "1.0.0", "license": "ISC", "dependencies": { "babel-core": "^6.26.3", "babel-preset-es2015": "^6.24.1", "markdown-it": "^12.0.4", - "prosemirror-example-setup": "^1.1.2", + "prosemirror-example-setup": "github:writefreely/prosemirror-example-setup", "prosemirror-keymap": "^1.1.4", - "prosemirror-markdown": "github:VV-EE/prosemirror-markdown", + "prosemirror-markdown": "github:writefreely/prosemirror-markdown", "prosemirror-model": "^1.9.1", "prosemirror-state": "^1.3.2", "prosemirror-view": "^1.14.2", @@ -7160,8 +7161,8 @@ }, "node_modules/prosemirror-example-setup": { "version": "1.1.2", - "resolved": "https://registry.npmjs.org/prosemirror-example-setup/-/prosemirror-example-setup-1.1.2.tgz", - "integrity": "sha512-MTpIMyqk08jFnzxeRMCinCEMtVSTUtxKgQBGxfCbVe9C6zIOqp9qZZJz5Ojaad1GETySyuj8+OIHHvQsIaaaGQ==", + "resolved": "git+ssh://git@github.com/writefreely/prosemirror-example-setup.git#aaea7d62ebc2fa769139faf8a097449441c8237c", + "license": "MIT", "dependencies": { "prosemirror-commands": "^1.0.0", "prosemirror-dropcursor": "^1.0.0", @@ -7214,7 +7215,9 @@ } }, "node_modules/prosemirror-markdown": { - "resolved": "git+ssh://git@github.com/VV-EE/prosemirror-markdown.git#809d0a444cf4d366d7c0c350d881df1b55d172f2", + "version": "1.5.1", + "resolved": "git+ssh://git@github.com/writefreely/prosemirror-markdown.git#809d0a444cf4d366d7c0c350d881df1b55d172f2", + "license": "MIT", "dependencies": { "markdown-it": "^10.0.0", "prosemirror-model": "^1.0.0" @@ -14934,9 +14937,8 @@ } }, "prosemirror-example-setup": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/prosemirror-example-setup/-/prosemirror-example-setup-1.1.2.tgz", - "integrity": "sha512-MTpIMyqk08jFnzxeRMCinCEMtVSTUtxKgQBGxfCbVe9C6zIOqp9qZZJz5Ojaad1GETySyuj8+OIHHvQsIaaaGQ==", + "version": "git+ssh://git@github.com/writefreely/prosemirror-example-setup.git#aaea7d62ebc2fa769139faf8a097449441c8237c", + "from": "prosemirror-example-setup@github:writefreely/prosemirror-example-setup", "requires": { "prosemirror-commands": "^1.0.0", "prosemirror-dropcursor": "^1.0.0", @@ -14989,8 +14991,8 @@ } }, "prosemirror-markdown": { - "version": "git+ssh://git@github.com/VV-EE/prosemirror-markdown.git#809d0a444cf4d366d7c0c350d881df1b55d172f2", - "from": "prosemirror-markdown@github:VV-EE/prosemirror-markdown", + "version": "git+ssh://git@github.com/writefreely/prosemirror-markdown.git#809d0a444cf4d366d7c0c350d881df1b55d172f2", + "from": "prosemirror-markdown@github:writefreely/prosemirror-markdown", "requires": { "markdown-it": "^10.0.0", "prosemirror-model": "^1.0.0" diff --git a/prose/prose.js b/prose/prose.js index ae8b3ce..cb39c6d 100644 --- a/prose/prose.js +++ b/prose/prose.js @@ -83,6 +83,14 @@ class ProseMirrorView { typingTimer = setTimeout(doneTyping, doneTypingInterval); this.updateState(newState); }, + handleDOMEvents: { + drop: (view, event) => { + // If a file is dropped externally into the editor, do not insert anything. This will not trigger if an image has been inserted after upload and is dragged and dropped internally to change its position. + if (event.dataTransfer.files.length > 0) { + event.preventDefault(); + } + } + }, }); // Editor is focused to the last position. This is a workaround for a bug: // 1. 1 type something in an existing entry diff --git a/read.go b/read.go index f2706a9..a8c2352 100644 --- a/read.go +++ b/read.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/request.go b/request.go index 2eb29f5..9ff9983 100644 --- a/request.go +++ b/request.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018 A Bunch Tell LLC. + * Copyright © 2018 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -13,6 +13,7 @@ package writefreely import ( "mime" "net/http" + "strings" ) func IsJSON(r *http.Request) bool { @@ -20,3 +21,9 @@ func IsJSON(r *http.Request) bool { accept := r.Header.Get("Accept") return ct == "application/json" || accept == "application/json" } + +func IsActivityPubRequest(r *http.Request) bool { + accept := r.Header.Get("Accept") + return strings.Contains(accept, "application/activity+json") || + accept == "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"" +} diff --git a/routes.go b/routes.go index 213958d..dc2a3c1 100644 --- a/routes.go +++ b/routes.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -82,7 +82,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { configureGenericOauth(handler, write, apper.App()) configureGiteaOauth(handler, write, apper.App()) - // Set up dyamic page handlers + // Set up dynamic page handlers // Handle auth auth := write.PathPrefix("/api/auth/").Subrouter() if apper.App().cfg.App.OpenRegistration { @@ -99,6 +99,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { me.HandleFunc("/c/", handler.User(viewCollections)).Methods("GET") me.HandleFunc("/c/{collection}", handler.User(viewEditCollection)).Methods("GET") me.HandleFunc("/c/{collection}/stats", handler.User(viewStats)).Methods("GET") + me.HandleFunc("/c/{collection}/subscribers", handler.User(handleViewSubscribers)).Methods("GET") me.Path("/delete").Handler(csrf.Protect(apper.App().keys.CSRFKey)(handler.User(handleUserDelete))).Methods("POST") me.HandleFunc("/posts", handler.Redirect("/me/posts/", UserLevelUser)).Methods("GET") me.HandleFunc("/posts/", handler.User(viewArticles)).Methods("GET") @@ -147,6 +148,9 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { apiColls.HandleFunc("/{alias}/collect", handler.All(addPost)).Methods("POST") apiColls.HandleFunc("/{alias}/pin", handler.All(pinPost)).Methods("POST") apiColls.HandleFunc("/{alias}/unpin", handler.All(pinPost)).Methods("POST") + apiColls.HandleFunc("/{alias}/email/subscribe", handler.All(handleCreateEmailSubscription)).Methods("POST") + apiColls.HandleFunc("/{alias}/email/subscribe", handler.All(handleDeleteEmailSubscription)).Methods("DELETE") + apiColls.HandleFunc("/{collection}/email/unsubscribe", handler.All(handleDeleteEmailSubscription)).Methods("GET") apiColls.HandleFunc("/{alias}/inbox", handler.All(handleFetchCollectionInbox)).Methods("POST") apiColls.HandleFunc("/{alias}/outbox", handler.AllReader(handleFetchCollectionOutbox)).Methods("GET") apiColls.HandleFunc("/{alias}/following", handler.AllReader(handleFetchCollectionFollowing)).Methods("GET") @@ -216,10 +220,15 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { func RouteCollections(handler *Handler, r *mux.Router) { r.HandleFunc("/logout", handler.Web(handleLogOutCollection, UserLevelOptional)) r.HandleFunc("/page/{page:[0-9]+}", handler.Web(handleViewCollection, UserLevelReader)) + r.HandleFunc("/lang:{lang:[a-z]{2}}", handler.Web(handleViewCollectionLang, UserLevelOptional)) + r.HandleFunc("/lang:{lang:[a-z]{2}}/page/{page:[0-9]+}", handler.Web(handleViewCollectionLang, UserLevelOptional)) r.HandleFunc("/tag:{tag}", handler.Web(handleViewCollectionTag, UserLevelReader)) + r.HandleFunc("/tag:{tag}/page/{page:[0-9]+}", handler.Web(handleViewCollectionTag, UserLevelReader)) r.HandleFunc("/tag:{tag}/feed/", handler.Web(ViewFeed, UserLevelReader)) r.HandleFunc("/sitemap.xml", handler.AllReader(handleViewSitemap)) r.HandleFunc("/feed/", handler.AllReader(ViewFeed)) + r.HandleFunc("/email/confirm/{subscriber}", handler.All(handleConfirmEmailSubscription)).Methods("GET") + r.HandleFunc("/email/unsubscribe/{subscriber}", handler.All(handleDeleteEmailSubscription)).Methods("GET") r.HandleFunc("/{slug}", handler.CollectionPostOrStatic) r.HandleFunc("/{slug}/edit", handler.Web(handleViewPad, UserLevelUser)) r.HandleFunc("/{slug}/edit/meta", handler.Web(handleViewMeta, UserLevelUser)) diff --git a/scripts/invalidate-css.sh b/scripts/invalidate-css.sh index c411f70..295599e 100755 --- a/scripts/invalidate-css.sh +++ b/scripts/invalidate-css.sh @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright © 2020 A Bunch Tell LLC. +# Copyright © 2020 Musing Studio LLC. # # This file is part of WriteFreely. # diff --git a/scripts/upgrade-server.sh b/scripts/upgrade-server.sh index 581085d..f010c94 100755 --- a/scripts/upgrade-server.sh +++ b/scripts/upgrade-server.sh @@ -2,7 +2,7 @@ ############################################################################### ## writefreely update script ## ## ## -## WARNING: running this script will overwrite any modifed assets or ## +## WARNING: running this script will overwrite any modified assets or ## ## template files. If you have any custom changes to these files you ## ## should back them up FIRST. ## ## ## @@ -11,7 +11,7 @@ ## have not installed the binary `writefreely` in another location. ## ############################################################################### # -# Copyright © 2019-2020 A Bunch Tell LLC. +# Copyright © 2019-2020 Musing Studio LLC. # # This file is part of WriteFreely. # diff --git a/session.go b/session.go index 81d628f..03d3963 100644 --- a/session.go +++ b/session.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019 A Bunch Tell LLC. + * Copyright © 2018-2019 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -21,6 +21,10 @@ import ( const ( day = 86400 sessionLength = 180 * day + + userEmailCookieName = "ue" + userEmailCookieVal = "email" + cookieName = "wfu" cookieUserVal = "u" @@ -130,12 +134,13 @@ func saveUserSession(app *App, r *http.Request, w http.ResponseWriter) error { return err } -func getFullUserSession(app *App, r *http.Request) *User { +func getFullUserSession(app *App, r *http.Request) (*User, error) { u := getUserSession(app, r) if u == nil { - return nil + return nil, nil } - u, _ = app.db.GetUserByID(u.ID) - return u + var err error + u, err = app.db.GetUserByID(u.ID) + return u, err } diff --git a/sitemap.go b/sitemap.go index 00e148f..0bbcefb 100644 --- a/sitemap.go +++ b/sitemap.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019 A Bunch Tell LLC. + * Copyright © 2018-2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/spam/email.go b/spam/email.go new file mode 100644 index 0000000..de017ab --- /dev/null +++ b/spam/email.go @@ -0,0 +1,43 @@ +/* + * Copyright © 2020-2021 Musing Studio LLC. + * + * This file is part of WriteFreely. + * + * WriteFreely is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, included + * in the LICENSE file in this source code package. + */ + +package spam + +import ( + "github.com/writeas/web-core/id" + "strings" +) + +var honeypotField string + +func HoneypotFieldName() string { + if honeypotField == "" { + honeypotField = id.Generate62RandomString(39) + } + return honeypotField +} + +// CleanEmail takes an email address and strips it down to a unique address that can be blocked. +func CleanEmail(email string) string { + emailParts := strings.Split(strings.ToLower(email), "@") + if len(emailParts) < 2 { + return "" + } + u := emailParts[0] + d := emailParts[1] + // Ignore anything after '+' + plusIdx := strings.IndexRune(u, '+') + if plusIdx > -1 { + u = u[:plusIdx] + } + // Strip dots in email address + u = strings.ReplaceAll(u, ".", "") + return u + "@" + d +} diff --git a/static/js/README.md b/static/js/README.md index 7e387db..8497b66 100644 --- a/static/js/README.md +++ b/static/js/README.md @@ -1,6 +1,6 @@ # static/js -This directory is for Javascript. +This directory is for JavaScript. ## Updating libraries diff --git a/static/js/modals.js b/static/js/modals.js index 6705afa..0910d7e 100644 --- a/static/js/modals.js +++ b/static/js/modals.js @@ -1,5 +1,5 @@ /* - * Copyright © 2016-2021 A Bunch Tell LLC. + * Copyright © 2016-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/static/js/webmonetization.js b/static/js/webmonetization.js index bbd828c..0e5faa7 100644 --- a/static/js/webmonetization.js +++ b/static/js/webmonetization.js @@ -1,5 +1,5 @@ /* - * Copyright © 2020-2021 A Bunch Tell LLC. + * Copyright © 2020-2021 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/templates.go b/templates.go index e0c728e..3bb7d13 100644 --- a/templates.go +++ b/templates.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -14,9 +14,8 @@ import ( "errors" "html/template" "io" - "io/ioutil" - "net/http" "os" + "net/http" "path/filepath" "strings" @@ -120,7 +119,7 @@ func initUserPage(parentDir, path, key string) { // InitTemplates loads all template files from the configured parent dir. func InitTemplates(cfg *config.Config) error { log.Info("Loading templates...") - tmplFiles, err := ioutil.ReadDir(filepath.Join(cfg.Server.TemplatesParentDir, templatesDir)) + tmplFiles, err := os.ReadDir(filepath.Join(cfg.Server.TemplatesParentDir, templatesDir)) if err != nil { return err } @@ -135,7 +134,10 @@ func InitTemplates(cfg *config.Config) error { log.Info("Loading pages...") // Initialize all static pages that use the base template - filepath.Walk(filepath.Join(cfg.Server.PagesParentDir, pagesDir), func(path string, i os.FileInfo, err error) error { + err = filepath.Walk(filepath.Join(cfg.Server.PagesParentDir, pagesDir), func(path string, i os.FileInfo, err error) error { + if err != nil { + return err + } if !i.IsDir() && !strings.HasPrefix(i.Name(), ".") { key := i.Name() initPage(cfg.Server.PagesParentDir, path, key) @@ -143,10 +145,16 @@ func InitTemplates(cfg *config.Config) error { return nil }) + if err != nil { + return err + } log.Info("Loading user pages...") // Initialize all user pages that use base templates - filepath.Walk(filepath.Join(cfg.Server.TemplatesParentDir, templatesDir, "user"), func(path string, f os.FileInfo, err error) error { + err = filepath.Walk(filepath.Join(cfg.Server.TemplatesParentDir, templatesDir, "user"), func(path string, f os.FileInfo, err error) error { + if err != nil { + return err + } if !f.IsDir() && !strings.HasPrefix(f.Name(), ".") { corePath := path if cfg.Server.TemplatesParentDir != "" { @@ -162,6 +170,9 @@ func InitTemplates(cfg *config.Config) error { return nil }) + if err != nil { + return err + } return nil } diff --git a/templates/bare.tmpl b/templates/bare.tmpl index f76eed9..cd0fa8c 100644 --- a/templates/bare.tmpl +++ b/templates/bare.tmpl @@ -5,6 +5,7 @@ {{if .Editing}}Editing {{if .Post.Title}}{{.Post.Title}}{{else}}{{.Post.Id}}{{end}}{{else}}New Post{{end}} — {{.SiteName}} + {{if .CustomCSS}}{{end}} @@ -27,7 +28,7 @@
- +
{{if .Editing}}{{end}}
diff --git a/templates/base.tmpl b/templates/base.tmpl index 604d0ff..273c2b9 100644 --- a/templates/base.tmpl +++ b/templates/base.tmpl @@ -2,8 +2,9 @@ {{ template "head" . }} - - + + {{if .CustomCSS}}{{end}} + @@ -86,7 +87,7 @@ {{end}} {{else}} - {{if .WebFonts}}{{end}} + {{if .WebFonts}}{{end}} {{end}} {{end}} diff --git a/templates/chorus-collection-post.tmpl b/templates/chorus-collection-post.tmpl index 537e4ef..468455c 100644 --- a/templates/chorus-collection-post.tmpl +++ b/templates/chorus-collection-post.tmpl @@ -6,6 +6,7 @@ {{.PlainDisplayTitle}} {{localhtml "title dash" .Language.String}} {{.Collection.DisplayTitle}} + {{if .CustomCSS}}{{end}} diff --git a/templates/chorus-collection.tmpl b/templates/chorus-collection.tmpl index d105dff..0fb5eaf 100644 --- a/templates/chorus-collection.tmpl +++ b/templates/chorus-collection.tmpl @@ -6,10 +6,11 @@ {{.DisplayTitle}}{{if not .SingleUser}} — {{.SiteName}}{{end}} + {{if .CustomCSS}}{{end}} - {{if gt .CurrentPage 1}}{{end}} - {{if lt .CurrentPage .TotalPages}}{{end}} + {{if gt .CurrentPage 1}}{{end}} + {{if lt .CurrentPage .TotalPages}}{{end}} {{if not .IsPrivate}}{{end}} @@ -91,11 +92,11 @@ body#collection header nav.tabs a:first-child { {{if gt .TotalPages 1}}{{end}} diff --git a/templates/classic.tmpl b/templates/classic.tmpl index ecc8cb9..58f82c7 100644 --- a/templates/classic.tmpl +++ b/templates/classic.tmpl @@ -6,6 +6,7 @@ + {{if .CustomCSS}}{{end}} @@ -61,7 +62,7 @@
- +
{{if .Editing}}{{end}} diff --git a/templates/collection-post.tmpl b/templates/collection-post.tmpl index 5d56abd..54d5298 100644 --- a/templates/collection-post.tmpl +++ b/templates/collection-post.tmpl @@ -6,6 +6,7 @@ {{.PlainDisplayTitle}} {{localhtml "title dash" .Language.String}} {{.Collection.DisplayTitle}} + {{if .CustomCSS}}{{end}} {{ if .IsFound }} diff --git a/templates/collection-tags.tmpl b/templates/collection-tags.tmpl index e2f8962..c8e8a12 100644 --- a/templates/collection-tags.tmpl +++ b/templates/collection-tags.tmpl @@ -6,6 +6,7 @@ {{.Tag}} — {{.Collection.DisplayTitle}} + {{if .CustomCSS}}{{end}} {{if not .Collection.IsPrivate}}{{end}} @@ -60,6 +61,17 @@ {{if .Posts}}
{{else}}
{{end}}

{{.Tag}}

{{template "posts" .}} + + {{if gt .TotalPages 1}}{{end}} + {{if .Posts}}
{{else}}
{{end}} {{ if .Collection.ShowFooterBranding }} diff --git a/templates/collection.tmpl b/templates/collection.tmpl index 493e6b7..93a01c5 100644 --- a/templates/collection.tmpl +++ b/templates/collection.tmpl @@ -6,26 +6,27 @@ {{.DisplayTitle}}{{if not .SingleUser}} — {{.SiteName}}{{end}} + {{if .CustomCSS}}{{end}} - {{if gt .CurrentPage 1}}{{end}} - {{if lt .CurrentPage .TotalPages}}{{end}} + {{if gt .CurrentPage 1}}{{end}} + {{if lt .CurrentPage .TotalPages}}{{end}} {{if not .IsPrivate}}{{end}} - + - + - + - + {{template "collection-meta" .}} {{if .StyleSheet}}{{end}} @@ -53,6 +54,7 @@ {{if .SimpleNav}}
  • New Post
    • {{end}}
  • Customize
  • Stats
    • +
  • Subscribers
    • {{if not .SingleUser}}
  • View Blogs
    • {{end}}
  • View Drafts
    • @@ -82,7 +84,7 @@ {{template "user-silenced"}} {{end}}

    {{if .Posts}}{{else}}write.as {{end}}{{.DisplayTitle}}

    - {{if .Description}}

    {{.Description}}

    {{end}} + {{if .Description}}

    {{.DisplayDescription}}

    {{end}} {{/*if not .Public/*}} {{/*end*/}} @@ -102,18 +104,26 @@ {{end}} + {{if .Flash}} +
    +

    {{.Flash}}

    +
    + {{end}} + {{template "posts" .}} {{if gt .TotalPages 1}}{{end}} + {{if not .IsWelcome}}{{template "emailsubscribe" .}}{{end}} + {{if .Posts}}{{else}}{{end}} {{if .ShowFooterBranding }} diff --git a/templates/edit-meta.tmpl b/templates/edit-meta.tmpl index 9f7faed..d3f93a8 100644 --- a/templates/edit-meta.tmpl +++ b/templates/edit-meta.tmpl @@ -5,6 +5,7 @@ Edit metadata: {{if .Post.Title}}{{.Post.Title}}{{else}}{{.Post.Id}}{{end}} — {{.SiteName}} + {{if .CustomCSS}}{{end}} + +
    + {{if .Silenced}} + {{template "user-silenced"}} + {{end}} + + {{if .Collection.Collection}}{{template "collection-breadcrumbs" .}}{{end}} + +

    Subscribers

    + {{if .Collection.Collection}} + {{template "collection-nav" .Collection}} + + + {{end}} + + {{if .Flashes -}} +
      + {{range .Flashes}}
    • {{.}}
      • {{end}} +
    + {{- end}} + + {{ if eq .Filter "fediverse" }} + + + + + + + {{if and (gt (len .Followers) 0) (not .FederationEnabled)}} +
    +

    Federation is disabled on this server, so followers won't receive any new posts.

    +
    + {{end}} + {{ if gt (len .Followers) 0 }} + {{range $el := .Followers}} + + + + + {{end}} + {{ else }} + + + + {{ end }} +
    UsernameSince
    @{{.EstimatedHandle}}{{.CreatedFriendly}}
    No followers yet.
    + {{ else }} + {{if or .CanEmailSub .EmailSubs}} + {{if not .CanEmailSub}} +
    +

    Email subscriptions are disabled on this server, so no new emails will be sent out.

    +
    + {{end}} + {{if not .EmailSubsEnabled}} +
    +

    Email subscriptions are disabled. {{if .EmailSubs}}No new emails will be sent out.{{end}} To enable email subscriptions, turn the option on from your blog's Customize page.

    +
    + {{end}} + + + + + + + {{ if .EmailSubs }} + {{range $el := .EmailSubs}} + + + + + {{end}} + {{ else }} + + + + {{ end }} +
    Email AddressSince
    {{.Email.String}}{{.SubscribedFriendly}}
    No subscribers yet.
    + {{end}} + {{ end }} + +
    + +{{template "foot" .}} + +{{template "body-end" .}} +{{end}} diff --git a/unregisteredusers.go b/unregisteredusers.go index b6f6ce6..9473c89 100644 --- a/unregisteredusers.go +++ b/unregisteredusers.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019 A Bunch Tell LLC. + * Copyright © 2018-2019 Musing Studio LLC. * * This file is part of WriteFreely. * diff --git a/updates.go b/updates.go index 8ecccf6..e29e13b 100644 --- a/updates.go +++ b/updates.go @@ -1,5 +1,5 @@ /* - * Copyright © 2019-2020 A Bunch Tell LLC. + * Copyright © 2019-2020 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -12,7 +12,7 @@ package writefreely import ( "github.com/writeas/web-core/log" - "io/ioutil" + "io" "net/http" "strings" "sync" @@ -121,7 +121,7 @@ func newVersionCheck() (string, error) { if err == nil && res.StatusCode == http.StatusOK { defer res.Body.Close() - body, err := ioutil.ReadAll(res.Body) + body, err := io.ReadAll(res.Body) if err != nil { return "", err } diff --git a/users.go b/users.go index cc6764f..449427d 100644 --- a/users.go +++ b/users.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2019, 2021 A Bunch Tell LLC. + * Copyright © 2018-2019, 2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -134,3 +134,7 @@ func (u *User) IsAdmin() bool { func (u *User) IsSilenced() bool { return u.Status&UserSilenced != 0 } + +func (u *User) IsEmailSubscriber(app *App, collID int64) bool { + return app.db.IsEmailSubscriber("", u.ID, collID) +} diff --git a/webfinger.go b/webfinger.go index 6c1341f..0c52f72 100644 --- a/webfinger.go +++ b/webfinger.go @@ -1,5 +1,5 @@ /* - * Copyright © 2018-2021 A Bunch Tell LLC. + * Copyright © 2018-2021 Musing Studio LLC. * * This file is part of WriteFreely. * @@ -12,7 +12,7 @@ package writefreely import ( "encoding/json" - "io/ioutil" + "io" "net/http" "strings" @@ -110,7 +110,7 @@ func RemoteLookup(handle string) string { return "" } - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { log.Error("Error on webfinger response: %v", err) return ""