Commit graph

17 commits

Author SHA1 Message Date
Eugen Rochko
a9c29f6e15 Add tootctl accounts approve (#10480) 2019-04-06 04:47:05 +02:00
Ben Lubar
e9ef322e14 Fix tootctl accounts cull (#10460)
* List the actual accounts that would have been culled during a dry run.

Otherwise, the dry run mode is basically useless.

* Prevent unreachable domains from inheriting the previous status code.

* Update CHANGELOG.md for #10460.
2019-04-04 16:46:27 +02:00
Jeong Arm
dbabfec2ea Simplify culling and fix race condition (#10440) 2019-04-01 19:17:21 +02:00
Eugen Rochko
a338ea38bd Fix tootctl accounts delete not deleting user record as well (#9874) 2019-01-20 12:30:25 +01:00
Eugen Rochko
611a9ff3fe Add tootctl accounts follow ACCT (#9414)
Fix #9369
2019-01-01 16:24:26 +01:00
Eugen Rochko
bbf9f4f93b Add REST API for creating an account (#9572)
* Add REST API for creating an account

The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.

The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.

The method is rate-limited by IP to 5 requests per 30 minutes.

* Redirect users back to app from confirmation if they were created with an app

* Add tests

* Return 403 on the method if registrations are not open

* Require agreement param to be true in the API when creating an account
2018-12-24 19:12:38 +01:00
Eugen Rochko
652595d802 Fix tootctl accounts rotate not updating public keys (#9556)
This allowed you to brick your system when running that command, because the accounts would continue to advertise the old public key, but sign things with the new one
2018-12-18 01:22:29 +01:00
Renato "Lond" Cerqueira
55aa92b893 Touch account on successful response, change char shown when culled (#9293)
Just the color is not enough change since not everyone uses colored
terminals.
Touching the account makes it so that the account is not in the
threshold window in case of running again
2018-11-20 22:25:32 +01:00
Eugen Rochko
f435af86e7 Do not remove "dead" domains in tootctl accounts cull (#9108)
Leave `tootctl accounts cull` to simply check removed accounts from
live domains, and skip temporarily unavailable domains, while listing
them in the final output for further action.

Add `tootctl domains purge DOMAIN` to be able to purge a domain from
that list manually
2018-10-27 22:56:16 +02:00
Sascha
94b16add64 cli: set exit_on_failure for all CLI classes (#9094) 2018-10-25 16:05:33 +02:00
Eugen Rochko
7f1b063420 Fix cull tripping on nil in last_webfingered_at (#9051)
Fix #8741
2018-10-22 16:58:08 +02:00
Jeong Arm
e1a7e7b9cc Fix tootctl cull on dead servers (#9041)
* Delete first 9 accounts on dead servers

* Clean up code by moving dead server culling to the end
2018-10-21 22:52:27 +02:00
Eugen Rochko
20beab56e4 Fix tootctl accounts reattaching not unsuspending deleted account (#8812) 2018-09-29 18:40:40 +09:00
Eugen Rochko
6dd97b97be Add tootctl accounts backup (#8811) 2018-09-28 03:34:24 +02:00
Eugen Rochko
26d73847cb Move more tasks to tootctl (#8675)
* Move more tasks to tootctl

- tootctl feeds build
- tootctl feeds clear
- tootctl accounts refresh

Clean up exit codes and help messages

* Move user modifying to tootctl

* Improve user modification through CLI, rename commands

add -> create
mod -> modify
del -> delete

To remove ambiguity

* Fix code style issues

* Fix not being able to unset admin/mod role
2018-09-14 17:42:22 +02:00
Eugen Rochko
2aee3c9f23 tootctl accounts [add|del|cull] (#8642)
* CLI interface for creating/deleting local users

- tootctl accounts add USERNAME
- tootctl accounts del USERNAME

* Add CLI interface for culling remote users that no longer exist

- tootctl accounts cull
2018-09-09 13:33:36 +02:00
Eugen Rochko
1d319c531e Add CLI task for rotating keys (#8466)
* If an Update is signed with known key, skip re-following procedure

Because it means the remote actor did *not* lose their database

* Add CLI method for rotating keys

    bin/tootctl accounts rotate [USERNAME]

Generates a new RSA key per account and sends out an Update activity
signed with the old key.

* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts

* Skip suspended accounts in key rotation
2018-08-26 20:21:03 +02:00