Commit graph

34 commits

Author SHA1 Message Date
Eugen Rochko
34dd743b58 Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
ThibG
aa34a9519e Fix “tootctl accounts unfollow” (#15639)
Fixes #15635

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-01-29 18:38:56 +01:00
ThibG
82d014fd08 Fix being able to import more than allowed number of follows (#15384)
* Fix being able to import more than allowed number of follows

Without this commit, if someone tries importing a second list of accounts to
follow before the first one has been processed, this will queue imports for
the two whole lists, even if they exceed the account's allowed number of
outgoing follows.

This commit changes it so the individual queued imports aren't exempt from
the follow limit check (they remain exempt from the rate-limiting check
though).

* Catch validation errors to not re-queue failed follows

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-26 23:52:46 +01:00
ThibG
f894bb9220 Fix external user creation failing when invite request text is required (#15405)
* Fix external user creation failing when invite request text is required

Also fixes tootctl-based user creation.

* Add test about invites when invite request text is otherwise required

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-22 17:14:32 +01:00
ThibG
7eee08cab7 Fix "tootctl accounts fix-duplicates" (#15373)
- `pluck_each` cannot be used this way with `group`
- typo

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-19 13:34:16 +01:00
ThibG
0b3e9c1e4c Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364)
* Fix ResolveAccountService accepting mismatching acct: URI

* Set attributes that should be updated regardless of suspension

* Fix key fetching

* Automatically merge remote accounts with duplicate `uri`

* Add tests

* Add "tootctl accounts fix-duplicates"

Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and
merge them under the canonical `acct:` URI.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-18 23:26:26 +01:00
Eugen Rochko
876df5bb18 Add tootctl accounts merge (#15201)
* Add `tootctl accounts merge`

* Update lib/mastodon/accounts_cli.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-23 17:50:16 +01:00
Eugen Rochko
38be9af436 Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
Eugen Rochko
e514304a76 Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
ThibG
5ad9ee92f6 Add --reset-password option to tootctl accounts modify (#13126) 2020-02-22 01:29:14 +01:00
Jeong Arm
9fbb97a0c8 Remove unused option from tootctl accounts cull (#12074) 2019-10-06 04:30:07 +02:00
Eugen Rochko
4291b74031 Change deletes to preserve soft-deleted statuses in unresolved reports (#11805)
Change all account actions except "none" to resolve all unresolved reports

Refactor `SuspendAccountService` to be more readable
2019-09-11 16:32:44 +02:00
Eugen Rochko
666c1a8a06 Change tootctl to use inline parallelization instead of Sidekiq (#11776)
- Remove --background option
- Add --concurrency(=5) option
- Add progress bars
2019-09-10 13:48:48 +02:00
Stanislas
d67ad75a56 Limit "tootctl accounts follow" to local accounts (#11592)
To (somewhat) limit mass remote follow. Fix #11360
2019-08-17 22:59:40 +02:00
ThibG
f1a3135809 Record account suspend/silence time and keep track of domain blocks (#10660)
* Record account suspend/silence time and keep track of domain blocks

* Also unblock users who were suspended/silenced before dates were recorded

* Add tests

* Keep track of suspending date for users suspended through the CLI

* Show accurate number of accounts that would be affected by unsuspending an instance

* Change migration to set silenced_at and suspended_at

* Revert "Also unblock users who were suspended/silenced before dates were recorded"

This reverts commit a015c65d2d1e28c7b7cfab8b3f8cd5fb48b8b71c.

* Switch from using suspended and silenced to suspended_at and silenced_at

* Add post-deployment migration script to remove `suspended` and `silenced` columns

* Use Account#silence! and Account#suspend! instead of updating the underlying property

* Add silenced_at and suspended_at migration to post-migration

* Change account fabricator to translate suspended and silenced attributes

* Minor fixes

* Make unblocking domains always retroactive
2019-05-14 19:05:02 +02:00
Eugen Rochko
cc9851a479 Fix accounts created through tootctl not being always pre-approved (#10684)
Add `--approve` option to `tootctl accounts modify`
2019-05-03 20:49:27 +02:00
Takeshi Umeda
01f46add16 Add tootctl accounts reset-relationships (#10483)
* Add `tootctl accounts reset`

* Rename reset to reset-relationships

* Improve command description
2019-04-08 07:46:55 +02:00
Eugen Rochko
a9c29f6e15 Add tootctl accounts approve (#10480) 2019-04-06 04:47:05 +02:00
Ben Lubar
e9ef322e14 Fix tootctl accounts cull (#10460)
* List the actual accounts that would have been culled during a dry run.

Otherwise, the dry run mode is basically useless.

* Prevent unreachable domains from inheriting the previous status code.

* Update CHANGELOG.md for #10460.
2019-04-04 16:46:27 +02:00
Jeong Arm
dbabfec2ea Simplify culling and fix race condition (#10440) 2019-04-01 19:17:21 +02:00
Eugen Rochko
a338ea38bd Fix tootctl accounts delete not deleting user record as well (#9874) 2019-01-20 12:30:25 +01:00
Eugen Rochko
611a9ff3fe Add tootctl accounts follow ACCT (#9414)
Fix #9369
2019-01-01 16:24:26 +01:00
Eugen Rochko
bbf9f4f93b Add REST API for creating an account (#9572)
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
Eugen Rochko
652595d802 Fix tootctl accounts rotate not updating public keys (#9556)
This allowed you to brick your system when running that command, because the accounts would continue to advertise the old public key, but sign things with the new one
2018-12-18 01:22:29 +01:00
Renato "Lond" Cerqueira
55aa92b893 Touch account on successful response, change char shown when culled (#9293)
Just the color is not enough change since not everyone uses colored
terminals.
Touching the account makes it so that the account is not in the
threshold window in case of running again
2018-11-20 22:25:32 +01:00
Eugen Rochko
f435af86e7 Do not remove "dead" domains in tootctl accounts cull (#9108)
Leave `tootctl accounts cull` to simply check removed accounts from
live domains, and skip temporarily unavailable domains, while listing
them in the final output for further action.

Add `tootctl domains purge DOMAIN` to be able to purge a domain from
that list manually
2018-10-27 22:56:16 +02:00
Sascha
94b16add64 cli: set exit_on_failure for all CLI classes (#9094) 2018-10-25 16:05:33 +02:00
Eugen Rochko
7f1b063420 Fix cull tripping on nil in last_webfingered_at (#9051)
Fix #8741
2018-10-22 16:58:08 +02:00
Jeong Arm
e1a7e7b9cc Fix tootctl cull on dead servers (#9041)
* Delete first 9 accounts on dead servers

* Clean up code by moving dead server culling to the end
2018-10-21 22:52:27 +02:00
Eugen Rochko
20beab56e4 Fix tootctl accounts reattaching not unsuspending deleted account (#8812) 2018-09-29 18:40:40 +09:00
Eugen Rochko
6dd97b97be Add tootctl accounts backup (#8811) 2018-09-28 03:34:24 +02:00
Eugen Rochko
26d73847cb Move more tasks to tootctl (#8675)
* Move more tasks to tootctl

- tootctl feeds build
- tootctl feeds clear
- tootctl accounts refresh

Clean up exit codes and help messages

* Move user modifying to tootctl

* Improve user modification through CLI, rename commands

add -> create
mod -> modify
del -> delete

To remove ambiguity

* Fix code style issues

* Fix not being able to unset admin/mod role
2018-09-14 17:42:22 +02:00
Eugen Rochko
2aee3c9f23 tootctl accounts [add|del|cull] (#8642)
* CLI interface for creating/deleting local users

- tootctl accounts add USERNAME
- tootctl accounts del USERNAME

* Add CLI interface for culling remote users that no longer exist

- tootctl accounts cull
2018-09-09 13:33:36 +02:00
Eugen Rochko
1d319c531e Add CLI task for rotating keys (#8466)
* If an Update is signed with known key, skip re-following procedure

Because it means the remote actor did *not* lose their database

* Add CLI method for rotating keys

    bin/tootctl accounts rotate [USERNAME]

Generates a new RSA key per account and sends out an Update activity
signed with the old key.

* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts

* Skip suspended accounts in key rotation
2018-08-26 20:21:03 +02:00