Sutty/panel
5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-05-19 12:20:48 +00:00
Code Issues Projects Releases Wiki Activity

Merge branch 'rails' into issue-13439

Browse source
This commit is contained in:
f 2024-05-02 17:11:36 -03:00
parent 2a983778b4 5334a2e046
commit c2bc0aa0c3
No known key found for this signature in database
417 changed files with 12378 additions and 3666 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
.editorconfig Normal file
View file

@ -0,0 +1,11 @@
root = true
[*]
end_of_line = lf
insert_final_newline = true
charset = utf-8
indent_style = space
indent_size = 2
[Makefile]
indent_style = tab

8
.env.example → .env
View file

@ -1,8 +1,8 @@
NODE_OPTIONS=--openssl-legacy-provider
# pwgen -1 32
RAILS_MASTER_KEY=11111111111111111111111111111111
RAILS_GROUPS=assets
DELEGATE=athshe.sutty.nl
HAINISH=../haini.sh/haini.sh
DELEGATE=panel.sutty.nl
DATABASE_URL=postgres://suttier@postgresql.sutty.local/sutty
RAILS_ENV=development
IMAP_SERVER=
@ -37,3 +37,7 @@ AIRBRAKE_API_KEY=
GITLAB_URI=https://0xacab.org
GITLAB_PROJECT=
GITLAB_TOKEN=
PGVER=15
PGPID=/run/postgresql.pid
PANEL_ACTOR_MENTION=@sutty@sutty.nl
PANEL_ACTOR_SITE_ID=1

1
.env.development Normal file
View file

@ -0,0 +1 @@
HAINISH=../haini.sh/haini.sh

2
.gitattributes vendored Normal file
View file

@ -0,0 +1,2 @@
public/assets/** filter=lfs diff=lfs merge=lfs -text
public/packs/** filter=lfs diff=lfs merge=lfs -text

13
.gitignore vendored
View file

@ -28,18 +28,13 @@
/data/*
/_storage/*
.env*
.env.*
# Ignore master key for decrypting credentials and more.
/config/master.key
/config/credentials.yml.enc
/public/packs
/public/packs-test
/public/assets
/public/assets-production
/public/packs
/public/packs-production
/node_modules
/yarn-error.log
yarn-debug.log*
@ -49,9 +44,11 @@ yarn-debug.log*
*.key
*.crt
/public/packs
/public/packs-test
/node_modules
/yarn-error.log
yarn-debug.log*
.yarn-integrity
/.task
/.yardoc
/public/doc/

120
.gitlab-ci.yml
View file

@ -1,33 +1,111 @@
image: "gitea.nulo.in/sutty/panel:3.14.10-2.7.8-panel.sutty.nl"
.apk-add: &apk-add
- "apk add go-task diffutils gitlab_ci_log_section"
.disable-hainish: &disable-hainish
- "rm -f .env.development"
.cache-ruby: &cache-ruby
- paths:
- "vendor/ruby"
- ".bundle"
key:
files:
- "Gemfile.lock"
.cache-node: &cache-node
- paths:
- "node_modules"
key:
files:
- "yarn.lock"
.cache-task: &cache-task
- paths:
- ".task"
image: "registry.0xacab.org/sutty/sutty:3.17.3-3.1.4-rails"
variables:
RAILS_ENV: "production"
LC_ALL: "C.UTF-8"
HAINISH: ""
cache:
paths:
- "vendor/ruby"
assets:
stage: "build"
rules:
- if: "$CI_COMMIT_BRANCH == \"panel.sutty.nl\""
- if: "$CI_COMMIT_BRANCH"
changes:
compare_to: "refs/heads/rails"
paths:
- "package.json"
- "app/javascript/**/*"
- "app/assets/**/*"
stage: "deploy"
only:
- "rails"
- "production.panel.sutty.nl"
- "panel.sutty.nl"
except:
- "schedules"
cache:
- *cache-ruby
- *cache-node
- *cache-task
before_script:
- *apk-add
- "gitlab_ci_log_section --name git --header=\"Configuring git\""
- "git config --global user.email \"${GIT_USER_EMAIL:-$GITLAB_USER_EMAIL}\""
- "git config --global user.name \"${GIT_USER_NAME:-$GITLAB_USER_NAME}\""
- "git remote set-url --push origin \"https://${GITLAB_USERNAME}:${GITLAB_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git\""
- "apk add python2 dotenv brotli"
- "mv config/credentials.yml.enc.ci config/credentials.yml.enc"
- "cp .env.example .env"
- "dotenv bundle install --path=vendor"
- "gitlab_ci_log_section --name git --end"
- "gitlab_ci_log_section --name apk --header=\"Installing dependencies\""
- "apk add brotli"
- *disable-hainish
- "gitlab_ci_log_section --name apk --end"
script:
- "dotenv RAILS_ENV=production bundle exec rails webpacker:clobber"
- "dotenv RAILS_ENV=production bundle exec rails assets:precompile"
- "dotenv RAILS_ENV=production bundle exec rails assets:clean"
- "gitlab_ci_log_section --name assets --header=\"Building\""
- "go-task assets"
after_script:
- "git add public && git commit -m \"ci: assets [skip ci]\""
- "git push -o ci.skip"
- "git push -o ci.skip origin HEAD:${CI_COMMIT_BRANCH}"
gem-audit:
stage: "test"
only:
- "schedules"
cache:
- *cache-ruby
before_script:
- *apk-add
- *disable-hainish
script:
- "go-task gem-audit"
node-audit:
stage: "test"
only:
- "schedules"
cache:
- *cache-node
before_script:
- *apk-add
- *disable-hainish
script:
- "apk add go-task"
- "go-task node-audit"
brakeman:
stage: "test"
cache:
- *cache-ruby
rules:
- if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
before_script:
- *apk-add
- *disable-hainish
script:
- "go-task bundle -- exec brakeman"
rubocop:
stage: "test"
cache:
- *cache-ruby
rules:
- if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
before_script:
- *apk-add
- *disable-hainish
script:
- "go-task rubocop"
haml:
stage: "test"
cache:
- *cache-ruby
rules:
- if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
before_script:
- *apk-add
- *disable-hainish
script:
- "go-task haml-lint"

47
.woodpecker.yml
View file

@ -19,54 +19,15 @@ pipeline:
when:
branch:
- "rails"
- "panel.sutty.nl"
- "17.3.alpine.panel.sutty.nl"
event: "push"
path:
include:
- "Dockerfile"
- ".dockerignore"
- ".woodpecker.yml"
assets:
image: "gitea.nulo.in/sutty/panel:${ALPINE_VERSION}-${RUBY_VERSION}.${RUBY_PATCH}"
commands:
- "apk add python2 dotenv openssh-client brotli"
- "install -d -m 700 ~/.ssh/"
- "echo \"$${KNOWN_HOSTS}\" | base64 -d >> ~/.ssh/known_hosts"
- "chmod 600 ~/.ssh/known_hosts"
- "eval $(ssh-agent -s)"
- "echo \"$${SSH_KEY}\" | base64 -d | ssh-add -"
- "ssh $${ORIGIN%:*}"
- "git config user.name Woodpecker"
- "git config user.email ci@sutty.coop.ar"
- "git remote add upstream $${ORIGIN}"
- "git checkout -B ${CI_COMMIT_BRANCH}"
- "mv config/credentials.yml.enc.ci config/credentials.yml.enc"
- "yarn"
- "cp .env.example .env"
- "dotenv bundle install --path=vendor"
- "dotenv RAILS_ENV=production bundle exec rails webpacker:clobber"
- "dotenv RAILS_ENV=production bundle exec rails assets:precompile"
- "dotenv RAILS_ENV=production bundle exec rails assets:clean"
- "find public -type f -print0 | xargs -r0 brotli -k9f"
- "git add public && git commit -m \"ci: assets [skip ci]\""
- "git pull upstream ${CI_COMMIT_BRANCH}"
- "git push upstream ${CI_COMMIT_BRANCH}"
secrets:
- "SSH_KEY"
- "KNOWN_HOSTS"
- "ORIGIN"
when:
branch:
- "rails"
- "panel.sutty.nl"
path:
include:
- "app/assets/**/*"
- "app/javascript/**/*"
- "package.json"
- "yarn.lock"
matrix:
include:
- ALPINE_VERSION: "3.14.10"
RUBY_VERSION: "2.7"
RUBY_PATCH: "8"
- ALPINE_VERSION: "3.17.3"
RUBY_VERSION: "3.1"
RUBY_PATCH: "4"

6
Dockerfile
View file

@ -1,6 +1,6 @@
ARG RUBY_VERSION=2.7
ARG RUBY_PATCH=6
ARG ALPINE_VERSION=3.13.10
ARG RUBY_VERSION=3.1
ARG RUBY_PATCH=4
ARG ALPINE_VERSION=3.17.3
ARG BASE_IMAGE=registry.nulo.in/sutty/rails
FROM ${BASE_IMAGE}:${ALPINE_VERSION}-${RUBY_VERSION}.${RUBY_PATCH}
ARG PANDOC_VERSION=2.18

46
Gemfile
View file

@ -1,14 +1,11 @@
# frozen_string_literal: true
puts 'Usa haini.sh para generar un entorno de trabajo reproducible'
source 'https://gems.sutty.nl'
source ENV.fetch('GEMS_SOURCE', 'https://17.3.alpine.gems.sutty.nl')
ruby '~> 2.7'
gem 'dotenv-rails', require: 'dotenv/rails-now'
ruby "~> #{ENV.fetch('RUBY_VERSION', '3.1')}"
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '~> 6'
gem 'rails', '~> 6.1.0'
# Use Puma as the app server
gem 'puma'
@ -33,14 +30,16 @@ gem 'turbolinks', '~> 5'
gem 'jbuilder', '~> 2.5'
# Use ActiveModel has_secure_password
gem 'bcrypt', '~> 3.1.7'
gem 'safely_block', '~> 0.3.0'
gem 'blazer'
gem 'chartkick'
gem 'commonmarker'
gem 'devise'
gem 'devise-i18n'
gem 'devise_invitable'
gem 'distributed-press-api-client', '~> 0.2.3'
gem 'njalla-api-client', '~> 0.2.0'
gem 'redis-client'
gem 'hiredis-client'
gem 'distributed-press-api-client', '~> 0.4.1'
gem 'email_address', git: 'https://github.com/fauno/email_address', branch: 'i18n'
gem 'exception_notification'
gem 'fast_blank'
@ -51,10 +50,9 @@ gem 'image_processing'
gem 'icalendar'
gem 'inline_svg'
gem 'httparty'
gem 'safe_yaml'
gem 'jekyll', '~> 4.2'
gem 'jekyll-data'
gem 'jekyll-commonmark'
gem 'safe_yaml', require: false
gem 'jekyll', '~> 4.2.0'
gem 'jekyll-commonmark', '~> 1.4.0'
gem 'jekyll-images'
gem 'jekyll-include-cache'
gem 'sutty-liquid', '>= 0.7.3'
@ -65,11 +63,13 @@ gem 'mobility'
gem 'pundit'
gem 'rails-i18n'
gem 'rails_warden'
gem 'redis', require: %w[redis redis/connection/hiredis]
gem 'redis', '~> 4.0', require: %w[redis redis/connection/hiredis]
gem 'redis-rails'
gem 'rollups', git: 'https://github.com/fauno/rollup.git', branch: 'update'
gem 'rubyzip'
gem 'rugged'
gem 'ruby-brs'
gem 'rugged', '1.5.0.1'
gem 'git_clone_url'
gem 'concurrent-ruby-ext'
gem 'que'
gem 'symbol-fstring', require: 'fstring/all'
@ -78,6 +78,13 @@ gem 'validates_hostname'
gem 'webpacker'
gem 'yaml_db', git: 'https://0xacab.org/sutty/yaml_db.git'
gem 'kaminari'
gem 'device_detector'
gem 'dry-schema'
gem 'rubanok'
gem 'after_commit_everywhere', '~> 1.0'
gem 'aasm'
gem 'que-web'
# database
gem 'hairtrigger'
@ -108,22 +115,25 @@ end
group :development, :test do
gem 'derailed_benchmarks'
gem 'dotenv-rails'
gem 'pry'
# Adds support for Capybara system testing and selenium driver
gem 'capybara', '~> 2.13'
gem 'selenium-webdriver'
gem 'selenium-webdriver', '~> 4.8.0'
gem 'sqlite3'
end
group :development do
gem 'yard'
gem 'brakeman'
gem 'bundler-audit'
gem 'haml-lint', require: false
gem 'letter_opener'
gem 'listen', '>= 3.0.5', '< 3.2'
gem 'listen'
gem 'rubocop-rails'
gem 'spring'
gem 'spring-watcher-listen', '~> 2.0.0'
gem 'web-console', '>= 3.3.0'
gem 'spring-watcher-listen'
gem 'web-console'
end
group :test do

635
Gemfile.lock
View file

@ -25,87 +25,99 @@ GIT
groupdate (>= 5.2)
GEM
remote: https://gems.sutty.nl/
remote: https://17.3.alpine.gems.sutty.nl/
specs:
actioncable (6.1.4.1)
actionpack (= 6.1.4.1)
activesupport (= 6.1.4.1)
aasm (5.5.0)
concurrent-ruby (~> 1.0)
actioncable (6.1.7.4)
actionpack (= 6.1.7.4)
activesupport (= 6.1.7.4)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.1.4.1)
actionpack (= 6.1.4.1)
activejob (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
actionmailbox (6.1.7.4)
actionpack (= 6.1.7.4)
activejob (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
mail (>= 2.7.1)
actionmailer (6.1.4.1)
actionpack (= 6.1.4.1)
actionview (= 6.1.4.1)
activejob (= 6.1.4.1)
activesupport (= 6.1.4.1)
actionmailer (6.1.7.4)
actionpack (= 6.1.7.4)
actionview (= 6.1.7.4)
activejob (= 6.1.7.4)
activesupport (= 6.1.7.4)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.1.4.1)
actionview (= 6.1.4.1)
activesupport (= 6.1.4.1)
actionpack (6.1.7.4)
actionview (= 6.1.7.4)
activesupport (= 6.1.7.4)
rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.4.1)
actionpack (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
actiontext (6.1.7.4)
actionpack (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
nokogiri (>= 1.8.5)
actionview (6.1.4.1)
activesupport (= 6.1.4.1)
actionview (6.1.7.4)
activesupport (= 6.1.7.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.4.1)
activesupport (= 6.1.4.1)
activejob (6.1.7.4)
activesupport (= 6.1.7.4)
globalid (>= 0.3.6)
activemodel (6.1.4.1)
activesupport (= 6.1.4.1)
activerecord (6.1.4.1)
activemodel (= 6.1.4.1)
activesupport (= 6.1.4.1)
activestorage (6.1.4.1)
actionpack (= 6.1.4.1)
activejob (= 6.1.4.1)
activerecord (= 6.1.4.1)
activesupport (= 6.1.4.1)
marcel (~> 1.0.0)
activemodel (6.1.7.4)
activesupport (= 6.1.7.4)
activerecord (6.1.7.4)
activemodel (= 6.1.7.4)
activesupport (= 6.1.7.4)
activestorage (6.1.7.4)
actionpack (= 6.1.7.4)
activejob (= 6.1.7.4)
activerecord (= 6.1.7.4)
activesupport (= 6.1.7.4)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (6.1.4.1)
activesupport (6.1.7.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
adsp (1.0.10)
after_commit_everywhere (1.4.0)
activerecord (>= 4.2)
activesupport
ast (2.4.2)
autoprefixer-rails (10.3.3.0)
autoprefixer-rails (10.4.13.0)
execjs (~> 2)
bcrypt (3.1.16-x86_64-linux-musl)
base64 (0.2.0)
bcrypt (3.1.20-x86_64-linux-musl)
bcrypt_pbkdf (1.1.0-x86_64-linux-musl)
benchmark-ips (2.9.2)
benchmark-ips (2.12.0)
bigdecimal (3.1.1)
bindex (0.8.1-x86_64-linux-musl)
blazer (2.4.7)
blazer (2.6.5)
activerecord (>= 5)
chartkick (>= 3.2)
railties (>= 5)
safely_block (>= 0.1.1)
bootstrap (4.6.0)
bootstrap (4.6.2)
autoprefixer-rails (>= 9.1.0)
popper_js (>= 1.14.3, < 2)
popper_js (>= 1.16.1, < 2)
sassc-rails (>= 2.0.0)
brakeman (5.1.2)
brakeman (6.1.1)
racc
builder (3.2.4)
bundler-audit (0.9.1)
bundler (>= 1.2.0, < 3)
thor (~> 1.0)
capybara (2.18.0)
addressable
mini_mime (>= 0.1.3)
@ -113,22 +125,25 @@ GEM
rack (>= 1.0.0)
rack-test (>= 0.5.4)
xpath (>= 2.0, < 4.0)
chartkick (4.1.2)
childprocess (4.1.0)
chartkick (5.0.2)
climate_control (1.2.0)
coderay (1.1.3)
colorator (1.1.0)
commonmarker (0.21.2-x86_64-linux-musl)
ruby-enum (~> 0.5)
commonmarker (0.23.10-x86_64-linux-musl)
concurrent-ruby (1.2.2)
concurrent-ruby-ext (1.2.2-x86_64-linux-musl)
concurrent-ruby (= 1.2.2)
connection_pool (2.4.1)
crass (1.0.6)
database_cleaner (2.0.1)
database_cleaner-active_record (~> 2.0.0)
database_cleaner-active_record (2.0.1)
database_cleaner (2.0.2)
database_cleaner-active_record (>= 2, < 3)
database_cleaner-active_record (2.1.0)
activerecord (>= 5.a)
database_cleaner-core (~> 2.0.0)
database_cleaner-core (2.0.1)
dead_end (3.1.0)
derailed_benchmarks (2.1.1)
date (3.3.4-x86_64-linux-musl)
dead_end (4.0.0)
derailed_benchmarks (2.1.2)
benchmark-ips (~> 2)
dead_end
get_process_mem (~> 0)
@ -140,34 +155,36 @@ GEM
rake (> 10, < 14)
ruby-statistics (>= 2.1)
thor (>= 0.19, < 2)
devise (4.8.0)
device_detector (1.1.2)
devise (4.9.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
devise-i18n (1.10.1)
devise (>= 4.8.0)
devise_invitable (2.0.5)
devise-i18n (1.11.0)
devise (>= 4.9.0)
devise_invitable (2.0.9)
actionmailer (>= 5.0)
devise (>= 4.6)
distributed-press-api-client (0.2.2)
distributed-press-api-client (0.4.1)
addressable (~> 2.3, >= 2.3.0)
climate_control
dry-schema
httparty (~> 0.18)
httparty-cache (~> 0.0.6)
json (~> 2.1, >= 2.1.0)
jwt (~> 2.6.0)
dotenv (2.7.6)
dotenv-rails (2.7.6)
dotenv (= 2.7.6)
dotenv (2.8.1)
dotenv-rails (2.8.1)
dotenv (= 2.8.1)
railties (>= 3.2)
down (5.2.4)
down (5.4.1)
addressable (~> 2.8)
dry-configurable (1.0.1)
dry-configurable (1.1.0)
dry-core (~> 1.0, < 2)
zeitwerk (~> 2.6)
dry-core (1.0.0)
dry-core (1.0.1)
concurrent-ruby (~> 1.0)
zeitwerk (~> 2.6)
dry-inflector (1.0.0)
@ -176,65 +193,69 @@ GEM
concurrent-ruby (~> 1.0)
dry-core (~> 1.0, < 2)
zeitwerk (~> 2.6)
dry-schema (1.13.0)
dry-schema (1.13.3)
concurrent-ruby (~> 1.0)
dry-configurable (~> 1.0, >= 1.0.1)
dry-core (~> 1.0, < 2)
dry-initializer (~> 3.0)
dry-logic (>= 1.5, < 2)
dry-logic (>= 1.4, < 2)
dry-types (>= 1.7, < 2)
zeitwerk (~> 2.6)
dry-types (1.7.0)
dry-types (1.7.2)
bigdecimal (~> 3.0)
concurrent-ruby (~> 1.0)
dry-core (~> 1.0, < 2)
dry-inflector (~> 1.0, < 2)
dry-logic (>= 1.4, < 2)
dry-core (~> 1.0)
dry-inflector (~> 1.0)
dry-logic (~> 1.4)
zeitwerk (~> 2.6)
ed25519 (1.2.4-x86_64-linux-musl)
ed25519 (1.3.0-x86_64-linux-musl)
em-websocket (0.5.3)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0)
errbase (0.2.1)
erubi (1.10.0)
errbase (0.2.2)
erubi (1.12.0)
eventmachine (1.2.7-x86_64-linux-musl)
exception_notification (4.4.3)
actionmailer (>= 4.0, < 7)
activesupport (>= 4.0, < 7)
exception_notification (4.5.0)
actionmailer (>= 5.2, < 8)
activesupport (>= 5.2, < 8)
execjs (2.8.1)
factory_bot (6.2.0)
factory_bot (6.2.1)
activesupport (>= 5.0.0)
factory_bot_rails (6.2.0)
factory_bot (~> 6.2.0)
railties (>= 5.0.0)
fast_blank (1.0.1-x86_64-linux-musl)
fast_jsonparser (0.5.0-x86_64-linux-musl)
ffi (1.15.4-x86_64-linux-musl)
ffi (1.15.5-x86_64-linux-musl)
flamegraph (0.9.5)
forwardable-extended (2.6.0)
friendly_id (5.4.2)
friendly_id (5.5.0)
activerecord (>= 4.0.0)
get_process_mem (0.2.7)
ffi (~> 1.0)
globalid (0.6.0)
activesupport (>= 5.0)
groupdate (6.1.0)
git_clone_url (2.0.0)
uri-ssh_git (>= 2.0)
globalid (1.2.1)
activesupport (>= 6.1)
groupdate (6.2.1)
activesupport (>= 5.2)
hairtrigger (0.2.24)
activerecord (>= 5.0, < 7)
hairtrigger (1.0.0)
activerecord (>= 6.0, < 8)
ruby2ruby (~> 2.4)
ruby_parser (~> 3.10)
haml (5.2.2)
temple (>= 0.8.0)
haml (6.3.0)
temple (>= 0.8.2)
thor
tilt
haml-lint (0.999.999)
haml_lint
haml_lint (0.37.1)
haml (>= 4.0, < 5.3)
haml_lint (0.53.0)
haml (>= 5.0)
parallel (~> 1.10)
rainbow
rubocop (>= 0.50.0)
rubocop (>= 1.0)
sysexits (~> 1.1)
hamlit (2.15.1-x86_64-linux-musl)
hamlit (3.0.3-x86_64-linux-musl)
temple (>= 0.8.2)
thor
tilt
@ -246,24 +267,29 @@ GEM
heapy (0.2.0)
thor
hiredis (0.6.3-x86_64-linux-musl)
hiredis-client (0.14.1-x86_64-linux-musl)
redis-client (= 0.14.1)
http_parser.rb (0.8.0-x86_64-linux-musl)
httparty (0.21.0)
mini_mime (>= 1.0.0)
multi_xml (>= 0.5.2)
i18n (1.8.11)
httparty-cache (0.0.6)
httparty (~> 0.18)
i18n (1.14.1)
concurrent-ruby (~> 1.0)
icalendar (2.7.1)
icalendar (2.8.0)
ice_cube (~> 0.16)
ice_cube (0.16.4)
image_processing (1.12.1)
image_processing (1.12.2)
mini_magick (>= 4.9.5, < 5)
ruby-vips (>= 2.0.17, < 3)
inline_svg (1.7.2)
inline_svg (1.9.0)
activesupport (>= 3.0)
nokogiri (>= 1.6)
jbuilder (2.11.3)
jbuilder (2.11.5)
actionview (>= 5.0.0)
activesupport (>= 5.0.0)
jekyll (4.2.1)
jekyll (4.2.2)
addressable (~> 2.4)
colorator (~> 1.0)
em-websocket (~> 0.5)
@ -278,243 +304,232 @@ GEM
rouge (~> 3.0)
safe_yaml (~> 1.0)
terminal-table (~> 2.0)
jekyll-commonmark (1.3.2)
commonmarker (~> 0.14, < 0.22)
jekyll (>= 3.7, < 5.0)
jekyll-data (1.1.2)
jekyll (>= 3.3, < 5.0.0)
jekyll-dotenv (0.2.0)
dotenv (~> 2.7)
jekyll (~> 4)
jekyll-feed (0.15.1)
jekyll (>= 3.7, < 5.0)
jekyll-hardlinks (0.1.2)
jekyll (~> 4)
jekyll-ignore-layouts (0.1.2)
jekyll (~> 4)
jekyll-images (0.3.2)
jekyll-commonmark (1.4.0)
commonmarker (~> 0.22)
jekyll-images (0.4.4)
jekyll (~> 4)
ruby-filemagic (~> 0.7)
ruby-vips (~> 2)
jekyll-include-cache (0.2.1)
jekyll (>= 3.7, < 5.0)
jekyll-linked-posts (0.4.2)
jekyll (~> 4)
jekyll-locales (0.1.13)
jekyll-lunr (0.3.0)
loofah (~> 2.4)
jekyll-order (0.1.4)
jekyll-relative-urls (0.0.6)
jekyll (~> 4)
jekyll-sass-converter (2.1.0)
jekyll-sass-converter (2.2.0)
sassc (> 2.0.1, < 3.0)
jekyll-seo-tag (2.7.1)
jekyll (>= 3.8, < 5.0)
jekyll-spree-client (0.1.19)
fast_blank (~> 1)
spree-api-client (>= 0.2.4)
jekyll-turbolinks (0.0.5)
jekyll (~> 4)
turbolinks-source (~> 5)
jekyll-unique-urls (0.1.1)
jekyll (~> 4)
jekyll-watch (2.2.1)
listen (~> 3.0)
jekyll-write-and-commit-changes (0.2.1)
jekyll (~> 4)
rugged (~> 1)
json (2.7.1-x86_64-linux-musl)
jwt (2.6.0)
kaminari (1.2.1)
kaminari (1.2.2)
activesupport (>= 4.1.0)
kaminari-actionview (= 1.2.1)
kaminari-activerecord (= 1.2.1)
kaminari-core (= 1.2.1)
kaminari-actionview (1.2.1)
kaminari-actionview (= 1.2.2)
kaminari-activerecord (= 1.2.2)
kaminari-core (= 1.2.2)
kaminari-actionview (1.2.2)
actionview
kaminari-core (= 1.2.1)
kaminari-activerecord (1.2.1)
kaminari-core (= 1.2.2)
kaminari-activerecord (1.2.2)
activerecord
kaminari-core (= 1.2.1)
kaminari-core (1.2.1)
kramdown (2.3.1)
kaminari-core (= 1.2.2)
kaminari-core (1.2.2)
kramdown (2.4.0)
rexml
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
launchy (2.5.0)
addressable (~> 2.7)
letter_opener (1.7.0)
launchy (~> 2.2)
liquid (4.0.3)
listen (3.1.5)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
ruby_dep (~> 1.2)
launchy (2.5.2)
addressable (~> 2.8)
letter_opener (1.8.1)
launchy (>= 2.2, < 3)
liquid (4.0.4)
listen (3.8.0)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
loaf (0.10.0)
railties (>= 3.2)
lockbox (0.6.6)
lograge (0.11.2)
lockbox (1.2.0)
lograge (0.14.0)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
request_store (~> 1.0)
loofah (2.12.0)
loofah (2.22.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
nokogiri (>= 1.12.0)
mail (2.8.1)
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
marcel (1.0.2)
memory_profiler (1.0.0)
memory_profiler (1.0.1)
mercenary (0.4.0)
method_source (1.0.0)
mime-types (3.4.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2021.1115)
mini_histogram (0.3.1)
mini_magick (4.11.0)
mini_mime (1.1.2)
mini_portile2 (2.6.1)
minitest (5.14.4)
mobility (1.2.4)
mini_magick (4.12.0)
mini_mime (1.1.5)
mini_portile2 (2.8.5)
minitest (5.21.1)
mobility (1.2.9)
i18n (>= 0.6.10, < 2)
request_store (~> 1.0)
multi_xml (0.6.0)
net-ssh (6.1.0)
netaddr (2.0.5)
nio4r (2.5.8-x86_64-linux-musl)
nokogiri (1.12.5-x86_64-linux-musl)
mini_portile2 (~> 2.6.1)
mustermann (3.0.0)
ruby2_keywords (~> 0.0.1)
net-imap (0.4.9)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.2)
timeout
net-smtp (0.4.0)
net-protocol
net-ssh (7.2.1)
netaddr (2.0.6)
nio4r (2.7.0-x86_64-linux-musl)
nokogiri (1.16.0-x86_64-linux-musl)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
njalla-api-client (0.2.0)
dry-schema
httparty (~> 0.18)
orm_adapter (0.5.0)
pairing_heap (3.0.0)
parallel (1.21.0)
parser (3.0.2.0)
pairing_heap (3.0.1)
parallel (1.24.0)
parser (3.2.2.3)
ast (~> 2.4.1)
racc
pathutil (0.16.2)
forwardable-extended (~> 2.6)
pg (1.2.3-x86_64-linux-musl)
pg_search (2.3.5)
pg (1.5.4-x86_64-linux-musl)
pg_search (2.3.6)
activerecord (>= 5.2)
activesupport (>= 5.2)
popper_js (1.16.0)
prometheus_exporter (1.0.0)
popper_js (1.16.1)
prometheus_exporter (2.0.8)
webrick
pry (0.14.1)
pry (0.14.2)
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (4.0.6)
puma (5.5.2-x86_64-linux-musl)
public_suffix (5.0.4)
puma (6.4.2-x86_64-linux-musl)
nio4r (~> 2.0)
pundit (2.1.1)
pundit (2.3.1)
activesupport (>= 3.0.0)
racc (1.6.0-x86_64-linux-musl)
que (2.2.0)
rack (2.2.3)
rack-cors (1.1.1)
que (2.2.1)
que-web (0.10.0)
que (>= 1)
sinatra
racc (1.7.3-x86_64-linux-musl)
rack (2.2.8)
rack-cors (2.0.1)
rack (>= 2.0.0)
rack-mini-profiler (2.3.3)
rack-mini-profiler (3.1.0)
rack (>= 1.2.0)
rack-proxy (0.7.0)
rack-protection (3.2.0)
base64 (>= 0.1.0)
rack (~> 2.2, >= 2.2.4)
rack-proxy (0.7.7)
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (6.1.4.1)
actioncable (= 6.1.4.1)
actionmailbox (= 6.1.4.1)
actionmailer (= 6.1.4.1)
actionpack (= 6.1.4.1)
actiontext (= 6.1.4.1)
actionview (= 6.1.4.1)
activejob (= 6.1.4.1)
activemodel (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
rack-test (2.1.0)
rack (>= 1.3)
rails (6.1.7.4)
actioncable (= 6.1.7.4)
actionmailbox (= 6.1.7.4)
actionmailer (= 6.1.7.4)
actionpack (= 6.1.7.4)
actiontext (= 6.1.7.4)
actionview (= 6.1.7.4)
activejob (= 6.1.7.4)
activemodel (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
bundler (>= 1.15.0)
railties (= 6.1.4.1)
railties (= 6.1.7.4)
sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.4.2)
loofah (~> 2.3)
rails-i18n (6.0.0)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
rails-i18n (7.0.8)
i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 7)
railties (>= 6.0.0, < 8)
rails_warden (0.6.0)
warden (>= 1.2.0)
railties (6.1.4.1)
actionpack (= 6.1.4.1)
activesupport (= 6.1.4.1)
railties (6.1.7.4)
actionpack (= 6.1.7.4)
activesupport (= 6.1.7.4)
method_source
rake (>= 0.13)
rake (>= 12.2)
thor (~> 1.0)
rainbow (3.0.0)
rake (13.0.6)
rb-fsevent (0.11.0)
rainbow (3.1.1)
rake (13.1.0)
rb-fsevent (0.11.2)
rb-inotify (0.10.1)
ffi (~> 1.0)
redis (4.5.1)
redis-actionpack (5.2.0)
actionpack (>= 5, < 7)
redis (4.8.1)
redis-actionpack (5.3.0)
actionpack (>= 5, < 8)
redis-rack (>= 2.1.0, < 3)
redis-store (>= 1.1.0, < 2)
redis-activesupport (5.2.1)
activesupport (>= 3, < 7)
redis-activesupport (5.3.0)
activesupport (>= 3, < 8)
redis-store (>= 1.3, < 2)
redis-rack (2.1.3)
redis-client (0.14.1)
connection_pool
redis-rack (2.1.4)
rack (>= 2.0.8, < 3)
redis-store (>= 1.2, < 2)
redis-rails (5.0.2)
redis-actionpack (>= 5.0, < 6)
redis-activesupport (>= 5.0, < 6)
redis-store (>= 1.2, < 2)
redis-store (1.9.0)
redis (>= 4, < 5)
regexp_parser (2.1.1)
request_store (1.5.0)
redis-store (1.9.2)
redis (>= 4, < 6)
regexp_parser (2.9.0)
request_store (1.5.1)
rack (>= 1.4)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
rexml (3.2.5)
rgl (0.6.2)
responders (3.1.1)
actionpack (>= 5.2)
railties (>= 5.2)
rexml (3.2.6)
rgl (0.6.3)
pairing_heap (>= 0.3.0)
rexml (~> 3.2, >= 3.2.4)
stream (~> 0.5.3)
rouge (3.26.1)
rubocop (1.23.0)
rouge (3.30.0)
rubanok (0.5.0)
rubocop (1.42.0)
json (~> 2.3)
parallel (~> 1.10)
parser (>= 3.0.0.0)
parser (>= 3.1.2.1)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml
rubocop-ast (>= 1.12.0, < 2.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.24.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.13.0)
parser (>= 3.0.1.1)
rubocop-rails (2.12.4)
rubocop-ast (1.30.0)
parser (>= 3.2.1.0)
rubocop-rails (2.23.1)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 1.7.0, < 2.0)
ruby-enum (0.9.0)
i18n
ruby-filemagic (0.7.2-x86_64-linux-musl)
ruby-progressbar (1.11.0)
ruby-statistics (3.0.0)
ruby-vips (2.1.4)
rubocop (>= 1.33.0, < 2.0)
rubocop-ast (>= 1.30.0, < 2.0)
ruby-brs (1.3.3-x86_64-linux-musl)
adsp (~> 1.0)
ruby-filemagic (0.7.3-x86_64-linux-musl)
ruby-progressbar (1.13.0)
ruby-statistics (3.0.2)
ruby-vips (2.2.0)
ffi (~> 1.12)
ruby2ruby (2.4.4)
ruby2_keywords (0.0.5)
ruby2ruby (2.5.0)
ruby_parser (~> 3.1)
sexp_processor (~> 4.6)
ruby_dep (1.5.0)
ruby_parser (3.18.1)
ruby_parser (3.20.1)
sexp_processor (~> 4.16)
rubyzip (2.3.2)
rugged (1.2.0-x86_64-linux-musl)
rugged (1.5.0.1-x86_64-linux-musl)
safe_yaml (1.0.6)
safely_block (0.3.0)
errbase (>= 0.1.1)
@ -526,56 +541,60 @@ GEM
sprockets (> 3.0)
sprockets-rails
tilt
selenium-webdriver (4.1.0)
childprocess (>= 0.5, < 5.0)
selenium-webdriver (4.8.6)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2)
rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0)
semantic_range (3.0.0)
sexp_processor (4.16.0)
sexp_processor (4.17.0)
simpleidn (0.2.1)
unf (~> 0.1.4)
sinatra (3.2.0)
mustermann (~> 3.0)
rack (~> 2.2, >= 2.2.4)
rack-protection (= 3.2.0)
tilt (~> 2.0)
sourcemap (0.1.1)
spree-api-client (0.2.4)
fast_blank (~> 1)
httparty (~> 0.18.0)
spring (2.1.1)
spring-watcher-listen (2.0.1)
spring (4.1.1)
spring-watcher-listen (2.1.0)
listen (>= 2.7, < 4.0)
spring (>= 1.2, < 3.0)
sprockets (4.0.2)
spring (>= 4)
sprockets (4.2.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.4.1)
rack (>= 2.2.4, < 4)
sprockets-rails (3.4.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
sqlite3 (1.4.2-x86_64-linux-musl)
stackprof (0.2.17-x86_64-linux-musl)
sutty-archives (2.5.4)
jekyll (>= 3.6, < 5.0)
sutty-liquid (0.7.4)
sqlite3 (1.7.0-x86_64-linux-musl)
mini_portile2 (~> 2.8.0)
stackprof (0.2.25-x86_64-linux-musl)
stream (0.5.5)
sutty-liquid (0.11.11)
fast_blank (~> 1.0)
jekyll (~> 4)
symbol-fstring (1.0.2-x86_64-linux-musl)
sysexits (1.2.0)
temple (0.8.2)
temple (0.10.3)
terminal-table (2.0.0)
unicode-display_width (~> 1.1, >= 1.1.1)
thor (1.1.0)
tilt (2.0.10)
timecop (0.9.4)
thor (1.3.0)
tilt (2.3.0)
timecop (0.9.6)
timeout (0.4.1)
turbolinks (5.2.1)
turbolinks-source (~> 5.2)
turbolinks-source (5.2.0)
tzinfo (2.0.4)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
uglifier (4.2.0)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.8-x86_64-linux-musl)
unf_ext (0.0.9-x86_64-linux-musl)
unicode-display_width (1.8.0)
validates_hostname (1.0.11)
uri-ssh_git (2.0.0)
validates_hostname (1.0.13)
activerecord (>= 3.0)
activesupport (>= 3.0)
warden (1.2.9)
@ -585,66 +604,73 @@ GEM
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webpacker (5.4.3)
webpacker (5.4.4)
activesupport (>= 5.2)
rack-proxy (>= 0.6.1)
railties (>= 5.2)
semantic_range (>= 2.3.0)
webrick (1.7.0)
websocket-driver (0.7.5-x86_64-linux-musl)
webrick (1.8.1)
websocket (1.2.9)
websocket-driver (0.7.6-x86_64-linux-musl)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.5.1)
yard (0.9.34)
zeitwerk (2.6.12)
PLATFORMS
ruby
x86_64-linux-musl
DEPENDENCIES
aasm
after_commit_everywhere (~> 1.0)
bcrypt (~> 3.1.7)
bcrypt_pbkdf
blazer
bootstrap (~> 4)
brakeman
bundler-audit
capybara (~> 2.13)
chartkick
commonmarker
concurrent-ruby-ext
database_cleaner
derailed_benchmarks
device_detector
devise
devise-i18n
devise_invitable
distributed-press-api-client (~> 0.2.3)
distributed-press-api-client (~> 0.4.1)
dotenv-rails
down
dry-schema
ed25519
email_address!
exception_notification
factory_bot_rails
fast_blank
fast_jsonparser
fast_jsonparser (~> 0.5.0)
flamegraph
friendly_id
git_clone_url
hairtrigger
haml-lint
hamlit-rails
hiredis
hiredis-client
httparty
icalendar
image_processing
inline_svg
jbuilder (~> 2.5)
jekyll (~> 4.2)
jekyll-commonmark
jekyll-data
jekyll (~> 4.2.0)
jekyll-commonmark (~> 1.4.0)
jekyll-images
jekyll-include-cache
kaminari
letter_opener
listen (>= 3.0.5, < 3.2)
listen
loaf
lockbox
lograge
@ -652,7 +678,6 @@ DEPENDENCIES
mini_magick
mobility
net-ssh
njalla-api-client
nokogiri
pg
pg_search
@ -661,24 +686,29 @@ DEPENDENCIES
puma
pundit
que
que-web
rack-cors
rack-mini-profiler
rails (~> 6)
rails (~> 6.1.0)
rails-i18n
rails_warden
redis
redis (~> 4.0)
redis-client
redis-rails
rgl
rollups!
rubanok
rubocop-rails
ruby-brs
rubyzip
rugged
rugged (= 1.5.0.1)
safe_yaml
safely_block (~> 0.3.0)
sassc-rails
selenium-webdriver
selenium-webdriver (~> 4.8.0)
sourcemap
spring
spring-watcher-listen (~> 2.0.0)
spring-watcher-listen
sqlite3
stackprof
sutty-liquid (>= 0.7.3)
@ -688,12 +718,13 @@ DEPENDENCIES
turbolinks (~> 5)
uglifier (>= 1.3.0)
validates_hostname
web-console (>= 3.3.0)
web-console
webpacker
yaml_db!
yard
RUBY VERSION
ruby 2.7.1p83
ruby 3.1.4p223
BUNDLED WITH
2.2.2
2.4.17

150
Makefile
View file

@ -1,150 +0,0 @@
SHELL := /bin/bash
.DEFAULT_GOAL := help
# Copiar el archivo de configuración y avisar cuando hay que
# actualizarlo.
.env: .env.example
@test -f $@ || cp -v $< $@
@test -f $@ && echo "Revisa $@ para actualizarlo con respecto a $<"
@test -f $@ && diff -auN --color $@ $<
include .env
export
# XXX: El espacio antes del comentario cuenta como espacio
args ?=## Argumentos para Hain
commit ?= origin/rails## Commit desde el que actualizar
env ?= staging## Entorno del nodo delegado
sutty ?= $(SUTTY)## Dirección local
delegate ?= $(DELEGATE)## Cambia el nodo delegado
hain ?= ENV_FILE=.env $(HAINISH)## Ubicación de Hainish
# El nodo delegado tiene dos entornos, production y staging.
# Dependiendo del entorno que elijamos, se van a generar los assets y el
# contenedor y subirse a un servidor u otro. No utilizamos CI/CD (aún).
#
# Production es el entorno de panel.sutty.nl
ifeq ($(env),production)
container ?= panel
## TODO: Cambiar a otra cosa
branch ?= rails
public ?= public
endif
# Staging es el entorno de panel.staging.sutty.nl
ifeq ($(env),staging)
container := staging
branch := staging
public := staging
endif
help: always ## Ayuda
@echo -e "Sutty\n" | sed -re "s/^.*/\x1B[38;5;197m&\x1B[0m/"
@echo -e "Servidor: https://panel.$(SUTTY_WITH_PORT)/\n"
@echo -e "Uso: make TAREA args=\"ARGUMENTOS\"\n"
@echo -e "Tareas:\n"
@grep -E "^[a-z\-]+:.*##" Makefile | sed -re "s/(.*):.*##(.*)/\1;\2/" | column -s ";" -t | sed -re "s/^([^ ]+) /\x1B[38;5;197m\1\x1B[0m/"
@echo -e "\nArgumentos:\n"
@grep -E "^[a-z\-]+ \?=.*##" Makefile | sed -re "s/(.*) \?=.*##(.*)/\1;\2/" | column -s ";" -t | sed -re "s/^([^ ]+) /\x1B[38;5;197m\1\x1B[0m/"
assets: public/packs/manifest.json.br ## Compilar los assets
test: always ## Ejecutar los tests
$(MAKE) rake args="test RAILS_ENV=test $(args)"
postgresql: /etc/hosts ## Iniciar la base de datos
pgrep postgres >/dev/null || $(hain) postgresql
serve-js: /etc/hosts node_modules ## Iniciar el servidor de desarrollo de Javascript
$(hain) 'bundle exec ./bin/webpack-dev-server'
serve: /etc/hosts postgresql Gemfile.lock ## Iniciar el servidor de desarrollo de Rails
$(MAKE) rails args=server
rails: ## Corre rails dentro del entorno de desarrollo (pasar argumentos con args=).
$(MAKE) bundle args="exec rails $(args)"
rake: ## Corre rake dentro del entorno de desarrollo (pasar argumentos con args=).
$(MAKE) bundle args="exec rake $(args)"
bundle: ## Corre bundle dentro del entorno de desarrollo (pasar argumentos con args=).
$(hain) 'bundle $(args)'
psql := psql -h $(PG_HOST) -U $(PG_USER) -p $(PG_PORT) -d sutty
copy-table:
test -n "$(table)"
echo "truncate $(table) $(cascade);" | $(psql)
ssh $(delegate) docker exec postgresql pg_dump -U sutty -d sutty -t $(table) | $(psql)
psql:
$(psql)
rubocop: ## Yutea el código que está por ser commiteado
git status --porcelain \
| grep -E "^(A|M)" \
| sed "s/^...//" \
| grep ".rb$$" \
| ../haini.sh/haini.sh "xargs -r ./bin/rubocop --auto-correct"
audit: ## Encuentra dependencias con vulnerabilidades
$(hain) 'gem install bundler-audit'
$(hain) 'bundle audit --update'
brakeman: ## Busca posibles vulnerabilidades en Sutty
$(MAKE) bundle args='exec brakeman'
yarn: ## Tareas de yarn
$(hain) 'yarn $(args)'
clean: ## Limpieza
rm -rf _sites/test-* _deploy/test-* log/*.log tmp/cache tmp/letter_opener tmp/miniprofiler tmp/storage
build: Gemfile.lock ## Generar la imagen Docker
time docker build --build-arg="BRANCH=$(branch)" --build-arg="RAILS_MASTER_KEY=`cat config/master.key`" -t sutty/$(container) .
docker tag sutty/$(container):latest sutty:keep
@echo -e "\a"
save: ## Subir la imagen Docker al nodo delegado
time docker save sutty/$(container):latest | ssh root@$(delegate) docker load
date +%F | xargs -I {} git tag -f $(container)-{}
@echo -e "\a"
ota-js: assets ## Actualizar Javascript en el nodo delegado
rsync -avi --delete-after --chown 1000:82 public/ root@$(delegate):/srv/sutty/srv/http/data/_$(public)/
ssh root@$(delegate) docker exec $(container) sh -c "cat /srv/http/tmp/puma.pid | xargs -r kill -USR2"
ota: ## Actualizar Rails en el nodo delegado
ssh $(delegate) git -C /srv/sutty/srv/http/panel.sutty.nl pull ; true
ssh $(delegate) chown -R 1000:82 /srv/sutty/srv/http/panel.sutty.nl
ssh $(delegate) docker exec $(container) rails reload
# Todos los archivos de assets. Si alguno cambia, se van a recompilar
# los assets que luego se suben al nodo delegado.
assets := package.json yarn.lock $(shell find app/assets/ app/javascript/ -type f)
public/packs/manifest.json.br: $(assets)
$(hain) 'PANEL_URL=https://panel.sutty.nl RAILS_ENV=production NODE_ENV=production bundle exec rake assets:precompile assets:clean'
# Correr un test en particular por ejemplo
# `make test/models/usuarie_test.rb`
tests := $(shell find test/ -name "*_test.rb")
$(tests): always
$(MAKE) test args="TEST=$@"
# Agrega las direcciones locales al sistema
/etc/hosts: always
@echo "Chequeando si es necesario agregar el dominio local $(SUTTY)"
@grep -q " $(SUTTY)$$" $@ || echo -e "127.0.0.1 $(SUTTY)\n::1 $(SUTTY)" | sudo tee -a $@
@grep -q " api.$(SUTTY)$$" $@ || echo -e "127.0.0.1 api.$(SUTTY)\n::1 api.$(SUTTY)" | sudo tee -a $@
@grep -q " panel.$(SUTTY)$$" $@ || echo -e "127.0.0.1 panel.$(SUTTY)\n::1 panel.$(SUTTY)" | sudo tee -a $@
@grep -q " postgresql.$(SUTTY)$$" $@ || echo -e "127.0.0.1 postgresql.$(SUTTY)\n::1 postgresql.$(SUTTY)" | sudo tee -a $@
# Instala las dependencias de Javascript
node_modules: package.json
$(MAKE) yarn
# Instala las dependencias de Rails
Gemfile.lock: Gemfile
$(MAKE) bundle args=install
.PHONY: always

2
Procfile
View file

@ -7,5 +7,7 @@ blazer: bundle exec rake blazer:send_failing_checks
prometheus: bundle exec prometheus_exporter -b 0.0.0.0 --prefix "sutty_"
distributed_press_tokens_renew: bundle exec rake distributed_press:tokens:renew
cleanup: bundle exec rake cleanup:everything
emergency_cleanup: bundle exec rake cleanup:everything BEFORE=7
stats: bundle exec rake stats:process_all
que: daemonize -c /srv/ -p /srv/tmp/que.pid -u rails /usr/local/bin/syslogize bundle exec que
fediblock: bundle exec rails activity_pub:fediblocks

51
README.md
View file

@ -17,14 +17,32 @@ Para más información visita el [sitio de Sutty](https://sutty.nl/).
### Desarrollar
Todas las tareas se gestionan con `make`, por favor instala GNU Make
antes de comenzar.
Para facilitar la gestión de dependencias y entorno de desarrollo,
instala [haini.sh](https://0xacab.org/sutty/haini.sh)
Todas las tareas se gestionan con `go-task`. [Instrucciones de
instalación (en inglés)](https://taskfile.dev/installation/)
```bash
make help
go-task
```
[Leer la documentación](https://docs.sutty.nl/)
### Variables de entorno
Las variables de entorno por defecto se encuentran en el archivo `.env`.
Para modificar las opciones, crear o modificar el archivo `.env.local`
con valores distintos.
### Documentación
Para navegar la documentación del código usando YARD:
```bash
go-task doc serve
```
Y luego navegar a <https://panel.sutty.local:3000/doc/>
## English
@ -39,10 +57,29 @@ For more information, visit [Sutty's website](https://sutty.nl/en/).
### Development
Every task is run via `make`, please install GNU Make before developing.
To facilitate dependencies and dev environment, install
[haini.sh](https://0xacab.org/sutty/haini.sh)
Every task is run via `go-task`. [Installation
instructions](https://taskfile.dev/installation/).
```bash
make help
go-task
```
[Read the documentation](https://docs.sutty.nl/en/)
### Environment variables
Default env vars are store on `.env`. For local options, copy them to
`.env.local`.
### Documentation
To browse documentation using YARD:
```bash
go-task doc serve
```
And then open <https://panel.sutty.local:3000/doc/>

197
Taskfile.yaml Normal file
View file

@ -0,0 +1,197 @@
---
version: "3"
vars:
CURRENT_BRANCH:
sh: "git rev-parse --abbrev-ref HEAD"
shopt:
- "globstar"
dotenv:
- ".env.development"
- ".env"
- ".env.local"
- ".env.development.local"
tasks:
credentials:
desc: "Generate credentials file"
cmds:
- "cp --no-clobber config/credentials.yml.enc.ci config/credentials.yml.enc"
sources:
- "config/credentials.yml.enc.ci"
generates:
- "config/credentials.yml.enc"
gems:
desc: "Install gems"
deps:
- "credentials"
cmds:
- "{{.HAINISH}} bundle config set --local path './vendor'"
- "{{.HAINISH}} bundle install"
sources:
- "Gemfile"
generates:
- "Gemfile.lock"
status:
- "test -d vendor/ruby"
clean:
desc: "Clean"
cmds:
- "rm -rf _sites/test-* _deploy/test-* log/*.log tmp/cache tmp/letter_opener tmp/miniprofiler tmp/storage"
node-modules:
desc: "Install Node modules"
cmds:
- "{{.HAINISH}} yarn"
sources:
- "package.json"
- "yarn.lock"
status:
- "test -d node_modules"
assets:
desc: "Generate assets"
deps:
- "node-modules"
- "gems"
cmds:
- "git lfs fetch"
- "git lfs checkout"
- task: "rails"
vars:
CLI_ARGS: "webpacker:clobber RAILS_ENV=production"
- task: "rails"
vars:
CLI_ARGS: "assets:precompile RAILS_ENV=production"
- task: "rails"
vars:
CLI_ARGS: "assets:clean RAILS_ENV=production"
sources:
- "package.json"
- "yarn.lock"
- "app/assets/**/*"
- "app/javascript/**/*"
generates:
- "public/packs/manifest.json"
hosts:
desc: "Local DNS resolution for hostnames"
interactive: true
cmds:
- "echo -e \"127.0.0.1 panel.{{.SUTTY}} api.{{.SUTTY}} postgresql.{{.SUTTY}}\" | sudo tee -a /etc/hosts"
- "echo -e \"::1 panel.{{.SUTTY}} api.{{.SUTTY}} postgresql.{{.SUTTY}}\" | sudo tee -a /etc/hosts"
status:
- "grep -q \" panel.{{.SUTTY}} \" /etc/hosts"
database-init:
desc: "Database install"
cmds:
- "{{.HAINISH}} /usr/bin/initdb --locale en_US.utf8 -E UTF8 -D /var/lib/postgresql/{{.PGVER}}/data"
- "echo \"host all all samenet trust\" >> ../hain/var/lib/postgresql/{{.PGVER}}/data/pg_hba.conf"
- "echo \"listen_addresses = '*'\" >> ../hain/var/lib/postgresql/{{.PGVER}}/data/postgresql.conf"
- "echo \"external_pid_file = '{{.PGPID}}'\" >> ../hain/var/lib/postgresql/{{.PGVER}}/data/postgresql.conf"
- "install -dm755 ../hain/run/postgresql"
status:
- "test -d ../hain/var/lib/postgresql/{{.PGVER}}/data"
- "test -f ../hain/var/lib/postgresql/{{.PGVER}}/data/postgresql.conf"
database:
desc: "Database"
deps:
- "database-init"
cmds:
- "{{.HAINISH}} daemonize -c /var/lib/postgresql/{{.PGVER}}/data /usr/bin/postgres -D /var/lib/postgresql/{{.PGVER}}/data"
status:
- "test -f ../hain{{.PGPID}}"
- "pgrep -F ../hain{{.PGPID}}"
prepare:
desc: "Create database or run pending migrations"
deps:
- "database"
cmds:
- task: "rails"
vars:
CLI_ARGS: "db:prepare"
serve:
desc: "Run Rails development server"
deps:
- "prepare"
- "gems"
cmds:
- ": == Development server running at https://panel.{{.SUTTY_WITH_PORT}} =="
- task: "rails"
vars:
CLI_ARGS: "server"
status:
- "test -f tmp/pids/server.pid"
- "pgrep -F tmp/pids/server.pid"
yarn:
desc: "Yarn. Call with: go-task yarn -- arguments"
deps:
- "node-modules"
cmds:
- "{{.HAINISH}} yarn {{.CLI_ARGS}}"
- defer:
task: "notify"
bundle:
desc: "Bundle. Call with: go-task bundle -- arguments"
interactive: true
deps:
- "gems"
cmds:
- "{{.HAINISH}} bundle {{.CLI_ARGS}}"
- defer:
task: "notify"
rails:
desc: "Rails. Call with: go-task rails -- arguments"
cmds:
- task: "bundle"
vars:
CLI_ARGS: "exec rails {{.CLI_ARGS}}"
console:
desc: "Rails console"
interactive: true
cmds:
- task: "rails"
vars:
CLI_ARGS: "console"
doc:
desc: "Build documentation"
deps:
- "gems"
cmds:
- task: "bundle"
vars:
CLI_ARGS: "exec yardoc -o public/doc app lib config db"
gem-audit:
desc: "Audit Gem dependencies"
deps:
- "gems"
- "bundler-audit"
cmds:
- task: "bundle"
vars:
CLI_ARGS: "audit --update"
node-audit:
desc: "Audit Node dependencies"
deps:
- "node-modules"
cmds:
- task: "yarn"
vars:
CLI_ARGS: "audit"
notify:
internal: true
cmds:
- "echo -e \"\a\""
bundler-audit:
internal: true
cmds:
- "{{.HAINISH}} gem install bundler-audit"
status:
- "test -f ../hain/usr/bin/bundler-audit"
rubocop:
desc: "Ruby linting"
deps:
- "gems"
cmds:
- "./bin/modified_files | ./bin/with_extension rb | xargs -r {{.HAINISH}} bundle exec rubocop {{.CLI_ARGS}}"
haml-lint:
desc: "HAML linting"
deps:
- "gems"
cmds:
- "./bin/modified_files | ./bin/with_extension haml | xargs -r {{.HAINISH}} bundle exec haml-lint {{.CLI_ARGS}}"

114
app/assets/stylesheets/application.scss
View file

@ -29,14 +29,25 @@ $sizes: (
"70ch": 70ch,
);
.btn {
background-color: var(--foreground);
color: var(--background);
}
@import "bootstrap";
@import "editor";
@each $color, $rgb in $theme-colors {
.#{$color} {
color: var(--#{$color});
&:focus {
color: var(--#{$color});
}
::-moz-selection,
::selection {
background: var(--#{$color});
color: white;
}
}
}
.editor {
.editor-content {
figure {
@ -57,6 +68,25 @@ $sizes: (
--background: #{$black};
--color: #{$cyan};
}
.btn-secondary {
background-color: $white;
color: $black;
border: none;
&:hover {
color: $black;
background-color: $cyan;
}
&:active {
background-color: $cyan;
}
&:focus {
box-shadow: 0 0 0 0.2rem $cyan;
}
}
}
// TODO: Encontrar la forma de generar esto desde los locales de Rails
@ -195,7 +225,7 @@ fieldset {
&[type=button] {
@extend .btn;
@extend .btn-info;
@extend .btn-secondary;
@extend .m-0;
}
}
@ -209,8 +239,6 @@ svg {
}
.btn {
border: none;
border-radius: 0;
margin-right: 0.3rem;
margin-bottom: 0.3rem;
@ -246,7 +274,7 @@ svg {
color: $magenta;
}
.btn {
.btn-secondary {
background-color: $white;
color: $black;
border: none;
@ -525,3 +553,71 @@ $bezier: cubic-bezier(0.75, 0, 0.25, 1);
}
}
}
@import "new_editor";
.new-editor {
.editor {
table {
@extend .table;
@extend .table-responsive;
}
}
}
.content {
p { min-height: $font-size-base * $line-height-base; }
h1 { min-height: $h1-font-size * $headings-line-height; }
h2 { min-height: $h2-font-size * $headings-line-height; }
h3 { min-height: $h3-font-size * $headings-line-height; }
h4 { min-height: $h4-font-size * $headings-line-height; }
h5 { min-height: $h5-font-size * $headings-line-height; }
h6 { min-height: $h6-font-size * $headings-line-height; }
iframe { border: 0; }
audio { width: 100%; }
img,
video,
iframe {
@extend .img-fluid;
height: auto;
}
& > * {
margin-bottom: 1rem;
&:last-child {
margin-bottom: 0;
}
}
}
// details styles
.details {
& > summary {
list-style: none;
cursor: pointer;
.hide-when-open {
display: inline;
}
.show-when-open {
display: none;
}
}
&[open] {
& > summary {
.hide-when-open {
display: none;
}
.show-when-open {
display: inline;
}
}
}
}

34
app/assets/stylesheets/dark.scss Normal file
View file

@ -0,0 +1,34 @@
$black: black;
$white: white;
$cyan: #13fefe;
:root {
--foreground: #{$white};
--background: #{$black};
--color: #{$cyan};
}
.btn {
background-color: $white;
}
.btn-secondary {
background-color: $white;
color: $black;
border: none;
&:hover {
color: $black;
background-color: $cyan;
}
&:active {
background-color: $cyan;
}
&:focus {
box-shadow: 0 0 0 0.2rem $cyan;
}
}

2
app/assets/stylesheets/editor.scss
View file

@ -1,4 +1,4 @@
.editor {
.old.editor {
box-sizing: border-box;
*, *::before, *::after { box-sizing: inherit; }

22
app/assets/stylesheets/new_editor.scss Normal file
View file

@ -0,0 +1,22 @@
.new-editor {
.editor {
.menubar {
z-index: 1;
label.btn {
margin-bottom: 0.3rem !important;
}
.btn-group {
.btn {
margin-right: 0;
}
}
}
.ProseMirror,
& > ol li {
margin-bottom: 1rem;
}
}
}

5
app/controllers/active_storage/direct_uploads_controller_decorator.rb
View file

@ -18,8 +18,9 @@ module ActiveStorage
# para que puedan propagarse correctamente a través de todo el
# stack.
def blob_args
params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type, metadata: {}).to_h.symbolize_keys.tap do |ba|
ba[:filename] = ba[:filename].unicode_normalize
params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type,
metadata: {}).to_h.symbolize_keys.tap do |ba|
ba[:filename] = ba[:filename].unicode_normalize.sub(/\A_+/, '')
end
end
end

46
app/controllers/active_storage/disk_controller_decorator.rb
View file

@ -6,16 +6,45 @@ module ActiveStorage
extend ActiveSupport::Concern
included do
alias_method :original_show, :show
# Permitir incrustar archivos subidos (especialmente PDFs) desde
# otros sitios.
def show
original_show.tap do |s|
response.headers.delete 'X-Frame-Options'
end
end
rescue_from ActiveRecord::RecordNotFound, with: :page_not_found
# Asociar el archivo subido al sitio correspondiente. Cada sitio
# tiene su propio servicio de subida de archivos.
def update
if (token = decode_verified_token)
if acceptable_content?(token)
named_disk_service(token[:service_name]).upload token[:key], request.body, checksum: token[:checksum]
blob = ActiveStorage::Blob.find_by_key token[:key]
blob = ActiveStorage::Blob.find_by_key! token[:key]
site = Site.find_by_name token[:service_name]
if remote_file?(token)
begin
url = request.body.read
body = Down.download(url, max_size: 111.megabytes)
checksum = Digest::MD5.file(body.path).base64digest
blob.metadata[:url] = url
blob.update_columns checksum: checksum, byte_size: body.size, metadata: blob.metadata
rescue StandardError => e
ExceptionNotifier.notify_exception(e, data: { key: token[:key], url: url, site: site.name })
head :content_too_large
end
else
body = request.body
checksum = token[:checksum]
end
named_disk_service(token[:service_name]).upload token[:key], body, checksum: checksum
site.static_files.attach(blob)
else
head :unprocessable_entity
@ -26,6 +55,17 @@ module ActiveStorage
rescue ActiveStorage::IntegrityError
head :unprocessable_entity
end
private
def remote_file?(token)
token[:content_type] == 'sutty/download-from-url'
end
def page_not_found(exception)
head :not_found
ExceptionNotifier.notify_exception(exception, data: {params: params.to_hash})
end
end
end
end

74
app/controllers/activity_pubs_controller.rb Normal file
View file

@ -0,0 +1,74 @@
# frozen_string_literal: true
# Gestiona acciones de moderación
class ActivityPubsController < ApplicationController
include ModerationConcern
ActivityPub.events.each do |event|
define_method(event) do
authorize activity_pub
if event == :report
remote_flag_params(activity_pub).tap do |p|
activity_pub.remote_flag_id = p[:remote_flag_attributes][:id]
activity_pub.update(p)
end
end
message =
if activity_pub.public_send(:"may_#{event}?") && activity_pub.public_send(:"#{event}!")
:success
else
:error
end
flash[message] = I18n.t("activity_pubs.#{event}.#{message}")
redirect_to_moderation_queue!
end
end
def action_on_several
redirect_to_moderation_queue!
activity_pubs = site.activity_pubs.where(id: params[:activity_pub])
return if activity_pubs.count.zero?
authorize activity_pubs
action = params[:activity_pub_action].to_sym
method = :"#{action}_all!"
may = :"may_#{action}?"
return unless ActivityPub.events.include? action
# Crear una sola remote flag por autore
ActivityPub.transaction do
if action == :report
message = remote_flag_params(activity_pubs.first).dig(:remote_flag_attributes, :message)
activity_pubs.distinct.pluck(:actor_id).each do |actor_id|
remote_flag = ActivityPub::RemoteFlag.find_or_initialize_by(actor_id: actor_id, site_id: site.id)
remote_flag.message = message
# Lo estamos actualizando, con lo que lo vamos a volver a enviar
remote_flag.requeue if remote_flag.persisted?
remote_flag.save
# XXX: Idealmente todas las ActivityPub que enviamos pueden
# cambiar de estado, pero chequeamos de todas formas.
remote_flag.activity_pubs << (activity_pubs.where(actor_id: actor_id).to_a.select { |a| a.public_send(may) })
end
end
message = activity_pubs.public_send(method) ? :success : :error
flash[message] = I18n.t("activity_pubs.action_on_several.#{message}")
end
end
private
def activity_pub
@activity_pub ||= site.activity_pubs.find(params[:activity_pub_id])
end
end

85
app/controllers/actor_moderations_controller.rb Normal file
View file

@ -0,0 +1,85 @@
# frozen_string_literal: true
# Gestiona la cola de moderación de actores
class ActorModerationsController < ApplicationController
include ModerationConcern
include ModerationFiltersConcern
before_action :authenticate_usuarie!
breadcrumb -> { current_usuarie.email }, :edit_usuarie_registration_path
breadcrumb 'sites.index', :sites_path, match: :exact
ActorModeration.events.each do |actor_event|
define_method(actor_event) do
authorize actor_moderation
# Crea una RemoteFlag si se envían los parámetros adecuados
if actor_event == :report
remote_flag_params(actor_moderation).tap do |p|
actor_moderation.remote_flag_id = p[:remote_flag_attributes][:id]
actor_moderation.update(p)
end
end
message =
if actor_moderation.public_send(:"may_#{actor_event}?") && actor_moderation.public_send(:"#{actor_event}!")
:success
else
:error
end
flash[message] = I18n.t("actor_moderations.#{actor_event}.#{message}")
redirect_to_moderation_queue!
end
end
# Ver el perfil remoto
def show
breadcrumb site.title, site_posts_path(site)
breadcrumb I18n.t('moderation_queue.index.title'), site_moderation_queue_path(site)
@remote_profile = actor_moderation.actor.content
@moderation_queue = rubanok_process(site.activity_pubs.where(actor_id: actor_moderation.actor_id),
with: ActivityPubProcessor)
breadcrumb @remote_profile['name'] || actor_moderation.actor.mention || actor_moderation.actor.uri, ''
end
def action_on_several
redirect_to_moderation_queue!
actor_moderations = site.actor_moderations.where(id: params[:actor_moderation])
return if actor_moderations.count.zero?
authorize actor_moderations
action = params[:actor_moderation_action].to_sym
method = :"#{action}_all!"
may = :"may_#{action}?"
return unless ActorModeration.events.include? action
ActorModeration.transaction do
if action == :report
actor_moderations.find_each do |actor_moderation|
next unless actor_moderation.public_send(may)
actor_moderation.update(actor_moderation_params(actor_moderation))
end
end
message = actor_moderations.public_send(method) ? :success : :error
flash[message] = I18n.t("actor_moderations.action_on_several.#{message}")
end
end
private
def actor_moderation
@actor_moderation ||= site.actor_moderations.find(params[:actor_moderation_id] || params[:id])
end
end

27
app/controllers/api/v1/activity_pub/remote_flags_controller.rb Normal file
View file

@ -0,0 +1,27 @@
# frozen_string_literal: true
module Api
module V1
module ActivityPub
# Devuelve los reportes remotos hechos
#
# @todo Verificar la firma. Por ahora no es necesario porque no es
# posible obtener remotamente todos los reportes y se identifican por
# UUIDv4.
class RemoteFlagsController < BaseController
skip_forgery_protection
def show
render json: (remote_flag&.content || {}), content_type: 'application/activity+json'
end
private
# @return [ActivityPub::RemoteFlag,nil]
def remote_flag
@remote_flag ||= ::ActivityPub::RemoteFlag.find(params[:id])
end
end
end
end
end

2
app/controllers/api/v1/contact_controller.rb
View file

@ -18,7 +18,7 @@ module Api
# Si todo salió bien, enviar los correos y redirigir al sitio.
# El sitio nos dice a dónde tenemos que ir.
ContactJob.perform_later site.id,
ContactJob.perform_later site,
params[:form],
contact_params.to_h.symbolize_keys,
params[:redirect]

43
app/controllers/api/v1/notices_controller.rb
View file

@ -10,8 +10,8 @@ module Api
# solo si la API key es verificable. Del otro lado siempre
# respondemos con lo mismo.
def create
if site&.airbrake_valid? airbrake_token
BacktraceJob.perform_later site_id: params[:site_id],
if (site&.airbrake_valid? airbrake_token) && !detected_device.bot?
BacktraceJob.perform_later site: site,
params: airbrake_params.to_h
end
@ -23,7 +23,39 @@ module Api
# XXX: Por alguna razón Airbrake envía los datos con Content-Type:
# text/plain.
def airbrake_params
@airbrake_params ||= params.merge!(FastJsonparser.parse(request.raw_post) || {}).permit!
@airbrake_params ||=
params.merge!(FastJsonparser.parse(request.raw_post) || {})
.permit(
{
errors: [
:type,
:message,
{ backtrace: %i[file line column function] }
]
},
{
context: [
:url,
:language,
:severity,
:userAgent,
:windowError,
:rootDirectory,
{
history: [
:date,
:type,
:severity,
:target,
:method,
:duration,
:statusCode,
{ arguments: [] }
]
}
]
}
)
end
def site
@ -34,6 +66,11 @@ module Api
def airbrake_token
@airbrake_token ||= params[:key]
end
# @return [DeviceDetector]
def detected_device
@detected_device ||= DeviceDetector.new(request.headers['User-Agent'], request.headers)
end
end
end
end

13
app/controllers/api/v1/sites_controller.rb
View file

@ -9,7 +9,7 @@ module Api
# Lista de nombres de dominios a emitir certificados
def index
render json: sites_names + alternative_names + api_names + www_names
render json: alternative_names + api_names + www_names
end
private
@ -18,17 +18,16 @@ module Api
name.end_with?('.') ? name[0..-2] : "#{name}.#{Site.domain}"
end
# Nombres de los sitios
def sites_names
Site.all.order(:name).pluck(:name).map do |name|
canonicalize name
end
def subdomain?(name)
name.end_with? ".#{Site.domain}"
end
# Dominios alternativos
def alternative_names
(DeployAlternativeDomain.all.map(&:hostname) + DeployLocalizedDomain.all.map(&:hostname)).map do |name|
canonicalize name
end.reject do |name|
subdomain? name
end
end
@ -41,6 +40,8 @@ module Api
.or(Site.where(colaboracion_anonima: true))
.select("'api.' || name as name").map(&:name).map do |name|
canonicalize name
end.reject do |name|
subdomain? name
end
end

79
app/controllers/api/v1/webhooks/concerns/webhook_concern.rb Normal file
View file

@ -0,0 +1,79 @@
# frozen_string_literal: true
module Api
module V1
module Webhooks
module Concerns
# Helpers para webhooks
module WebhookConcern
extend ActiveSupport::Concern
included do
skip_before_action :verify_authenticity_token
# Responde con forbidden si falla la validación del token
rescue_from ActiveRecord::RecordNotFound, with: :platforms_answer
rescue_from ActiveRecord::RecordInvalid, with: :platforms_answer
private
# Valida el token que envía la plataforma en el webhook
#
# @return [String]
def token
@token ||=
begin
header = request.headers
token = header['X-Social-Inbox'].presence
token ||= header['X-Gitlab-Token'].presence
token ||= token_from_signature(header['X-Gitea-Signature'].presence)
token ||= token_from_signature(header['X-Hub-Signature-256'].presence, 'sha256=')
token
ensure
raise ActiveRecord::RecordNotFound, 'Proveedor no soportado' if token.blank?
end
end
# Valida token a partir de firma
#
# @param signature [String,nil]
# @param prepend [String]
# @return [String, nil]
def token_from_signature(signature, prepend = '')
return if signature.nil?
payload = request.raw_post
site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
new_signature = prepend + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
ActiveSupport::SecurityUtils.secure_compare(new_signature, signature.to_s)
end
end
# Encuentra el sitio a partir de la URL
#
# @return [Site]
def site
@site ||= Site.find_by_name!(params[:site_id])
end
# Encuentra le usuarie
#
# @return [Site]
def usuarie
@usuarie ||= site.roles.find_by!(temporal: false, rol: 'usuarie', token: token).usuarie
end
# Respuesta de error a plataformas
def platforms_answer(exception)
ExceptionNotifier.notify_exception(exception, data: { headers: request.headers.to_h })
head :forbidden
end
end
end
end
end
end
end

25
app/controllers/api/v1/webhooks/pull_controller.rb Normal file
View file

@ -0,0 +1,25 @@
# frozen_string_literal: true
module Api
module V1
module Webhooks
# Recibe webhooks y lanza un PullJob
class PullController < BaseController
include Api::V1::Webhooks::Concerns::WebhookConcern
# Trae los cambios a partir de un post de Webhooks:
# (Gitlab, Github, Gitea, etc)
#
# @return [nil]
def pull
message = I18n.with_locale(site.default_locale) do
I18n.t('webhooks.pull.message')
end
GitPullJob.perform_later(site, usuarie, message)
head :ok
end
end
end
end
end

59
app/controllers/api/v1/webhooks/social_inbox_controller.rb Normal file
View file

@ -0,0 +1,59 @@
# frozen_string_literal: true
module Api
module V1
module Webhooks
# Recibe webhooks de la Social Inbox
#
# @see {https://www.w3.org/TR/activitypub/}
class SocialInboxController < BaseController
include Api::V1::Webhooks::Concerns::WebhookConcern
# Validar que el token sea correcto
before_action :usuarie
# Cuando una actividad ingresa en la cola de moderación, la
# recibimos por acá
#
# Vamos a recibir Create, Update, Delete, Follow, Undo,
# Announce, Like y obtener el objeto dentro de cada una para
# guardar un estado asociado al sitio.
#
# El objeto del estado puede ser un objeto o une actore,
# dependiendo de la actividad.
def moderationqueued
process! :paused
head :accepted
end
# Cuando la Social Inbox acepta una actividad, la recibimos
# igual y la guardamos por si cambiamos de idea.
def onapproved
process! :approved
head :accepted
end
# Cuando la Social Inbox rechaza una actividad, la recibimos
# igual y la guardamos por si cambiamos de idea.
def onrejected
process! :rejected
head :accepted
end
private
# Envía la actividad para procesamiento por separado.
#
# @param initial_state [Symbol]
def process!(initial_state)
::ActivityPub::ProcessJob
.set(wait: ApplicationJob.random_wait)
.perform_later(site: site, body: request.raw_post, initial_state: initial_state)
end
end
end
end
end

30
app/controllers/application_controller.rb
View file

@ -3,7 +3,7 @@
# Forma de ingreso a Sutty
class ApplicationController < ActionController::Base
include ExceptionHandler
include Pundit
include Pundit::Authorization
protect_from_forgery with: :null_session, prepend: true
@ -11,13 +11,10 @@ class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :notify_unconfirmed_email, unless: :devise_controller?
around_action :set_locale
rescue_from Pundit::NilPolicyError, with: :page_not_found
rescue_from ActionController::RoutingError, with: :page_not_found
rescue_from ActionController::ParameterMissing, with: :page_not_found
after_action :store_location!
before_action do
Rack::MiniProfiler.authorize_request if current_usuarie&.email&.ends_with?('@' + ENV.fetch('SUTTY', 'sutty.nl'))
Rack::MiniProfiler.authorize_request if current_usuarie&.email&.ends_with?("@#{ENV.fetch('SUTTY', 'sutty.nl')}")
end
# No tenemos índice de sutty, vamos directamente a ver el listado de
@ -59,7 +56,9 @@ class ApplicationController < ActionController::Base
#
# @return [String,Symbol]
def current_locale
session[:locale] = params[:change_locale_to] if params[:change_locale_to].present?
locale = params[:change_locale_to]
session[:locale] = params[:change_locale_to] if locale.present? && I18n.locale_available?(locale)
session[:locale] || current_usuarie&.lang || I18n.locale
end
@ -71,11 +70,6 @@ class ApplicationController < ActionController::Base
I18n.with_locale(current_locale, &action)
end
# Muestra una página 404
def page_not_found
render 'application/page_not_found', status: :not_found
end
# Necesario para poder acceder a Blazer. Solo les usuaries de este
# sitio pueden acceder al panel.
def require_usuarie
@ -111,6 +105,16 @@ class ApplicationController < ActionController::Base
def after_sign_in_path_for(resource)
session[:locale] = nil
sites_path
super
end
# Guardar la ubicación para que devise redirija a donde íbamos, a
# menos que estemos recibiendo información o intentando ingresar.
def store_location!
return if request.xhr?
return unless request.request_method_symbol == :GET
return if devise_controller? && !is_a?(Devise::RegistrationsController) && params[:action] != 'edit'
session[:usuarie_return_to] = request.fullpath
end
end

7
app/controllers/build_stats_controller.rb
View file

@ -22,7 +22,12 @@ class BuildStatsController < ApplicationController
@table = site.deployment_list.map do |deploy|
type = deploy.class.name.underscore
urls = deploy.respond_to?(:urls) ? deploy.urls : [deploy.url].compact
urls = deploy.urls.map do |url|
URI.parse(url)
rescue URI::Error
nil
end.compact
urls = [nil] if urls.empty?
build_stat = deploy.build_stats.where(status: true).last
seconds = build_stat&.seconds || 0

20
app/controllers/concerns/exception_handler.rb
View file

@ -12,13 +12,31 @@ module ExceptionHandler
rescue_from PageNotFound, with: :page_not_found
rescue_from ActionController::RoutingError, with: :page_not_found
rescue_from Pundit::NilPolicyError, with: :page_not_found
rescue_from Pundit::NilPolicyError, with: :page_not_found
rescue_from ActionController::RoutingError, with: :page_not_found
rescue_from ActionController::ParameterMissing, with: :page_not_found
end
def site_not_found
reset_response!
flash[:error] = I18n.t('errors.site_not_found')
redirect_to sites_path
end
def page_not_found
send_file Rails.root.join('public', '404.html')
reset_response!
render 'application/page_not_found', status: :not_found
end
private
def reset_response!
self.response_body = nil
@_response_body = nil
headers.delete('Location')
end
end

36
app/controllers/concerns/moderation_concern.rb Normal file
View file

@ -0,0 +1,36 @@
# frozen_string_literal: true
module ModerationConcern
extend ActiveSupport::Concern
included do
private
def redirect_to_moderation_queue!
redirect_back fallback_location: site_moderation_queue_path(**(session[:moderation_queue_filters] || {}))
end
# @return [String]
def panel_actor_mention
@panel_actor_mention ||= ENV.fetch('PANEL_ACTOR_MENTION', '@sutty@sutty.nl')
end
def remote_flag_params(model)
remote_flag = ActivityPub::RemoteFlag.find_by(actor_id: model.actor_id)
{ remote_flag_attributes: { id: remote_flag&.id, message: ''.dup } }.tap do |p|
p[:remote_flag_attributes][:site_id] = model.site_id
p[:remote_flag_attributes][:actor_id] = model.actor_id
I18n.available_locales.each do |locale|
p[:remote_flag_attributes][:message].tap do |m|
m << I18n.t(locale)
m << ': '
m << I18n.t('remote_flags.report_message', locale: locale, panel_actor_mention: panel_actor_mention)
m << '\n\n'
end
end
end
end
end
end

15
app/controllers/concerns/moderation_filters_concern.rb Normal file
View file

@ -0,0 +1,15 @@
# frozen_string_literal: true
module ModerationFiltersConcern
extend ActiveSupport::Concern
included do
before_action :store_filters_in_session!, only: %i[index show]
private
def store_filters_in_session!
session[:moderation_queue_filters] = params.permit(:instance_state, :actor_state, :activity_pub_state)
end
end
end

5
app/controllers/env_controller.rb
View file

@ -4,7 +4,8 @@ class EnvController < ActionController::Base
skip_before_action :verify_authenticity_token
def index
@site = Site.find_by_name('panel')
stale? @site
@site = Site.find_by_name('panel') || Site.first
stale? @site if @site
end
end

49
app/controllers/fediblock_states_controller.rb Normal file
View file

@ -0,0 +1,49 @@
# frozen_string_literal: true
# Estado de las listas de bloqueo en cada sitio
class FediblockStatesController < ApplicationController
# Realiza cambios en las listas de bloqueo
def action_on_several
# Encontrar todas y deshabilitar las que no se enviaron
site.fediblock_states.all.find_each do |fediblock_state|
if fediblock_states_ids.include? fediblock_state.id
fediblock_state.enable! if fediblock_state.may_enable?
elsif fediblock_state.may_disable?
fediblock_state.disable!
end
flash[:success] = I18n.t('fediblock_states.action_on_several.success')
rescue Exception => e
ExceptionNotifier.notify_exception(e, data: { site: site.name })
flash.delete(:success)
flash[:error] = I18n.t('fediblock_states.action_on_several.error')
end
# Bloquear otras instancias
if custom_blocklist.present?
if ActivityPub::InstanceModerationJob.perform_now(site: site, hostnames: custom_blocklist)
flash[:success] = I18n.t('fediblock_states.action_on_several.custom_blocklist_success')
else
flash[:error] = I18n.t('fediblock_states.action_on_several.custom_blocklist_error')
end
end
redirect_to site_moderation_queue_path
end
private
def fediblock_states_ids
params[:fediblock_states_ids] || []
end
# La lista de hostnames
def custom_blocklist
@custom_blocklist ||= fediblocks_states_params[:custom_blocklist].split("\n").map(&:strip).select(&:present?)
end
def fediblocks_states_params
@fediblocks_states_params ||= params.permit(:custom_blocklist, fediblock_states_ids: [])
end
end

51
app/controllers/instance_moderations_controller.rb Normal file
View file

@ -0,0 +1,51 @@
# frozen_string_literal: true
# Actualiza la relación entre un sitio y una instancia
class InstanceModerationsController < ApplicationController
include ModerationConcern
InstanceModeration.events.each do |event|
define_method(event) do
authorize instance_moderation
message =
if instance_moderation.public_send(:"may_#{event}?") && instance_moderation.public_send(:"#{event}!")
:success
else
:error
end
flash[message] = I18n.t("instance_moderations.#{event}.#{message}")
redirect_to_moderation_queue!
end
end
def action_on_several
redirect_to_moderation_queue!
instance_moderations = site.instance_moderations.where(id: params[:instance_moderation])
return if instance_moderations.count.zero?
authorize instance_moderations
action = params[:instance_moderation_action].to_sym
method = :"#{action}_all!"
return unless InstanceModeration.events.include? action
InstanceModeration.transaction do
message = instance_moderations.public_send(method) ? :success : :error
flash[:message] = I18n.t("instance_moderations.action_on_several.#{message}")
end
end
private
# @return [InstanceModeration]
def instance_moderation
@instance_moderation ||= site.instance_moderations.find(params[:instance_moderation_id])
end
end

26
app/controllers/moderation_queue_controller.rb Normal file
View file

@ -0,0 +1,26 @@
# frozen_string_literal: true
# Cola de moderación de ActivityPub
class ModerationQueueController < ApplicationController
include ModerationFiltersConcern
before_action :authenticate_usuarie!
breadcrumb -> { current_usuarie.email }, :edit_usuarie_registration_path
breadcrumb 'sites.index', :sites_path, match: :exact
# Cola de moderación viendo todo el sitio
def index
authorize ModerationQueue.new(site)
breadcrumb site.title, site_posts_path(site)
breadcrumb I18n.t('moderation_queue.index.title'), ''
site.moderation_checked!
# @todo cambiar el estado por query
@activity_pubs = site.activity_pubs
@instance_moderations = rubanok_process(site.instance_moderations, with: InstanceModerationProcessor)
@actor_moderations = rubanok_process(site.actor_moderations, with: ActorModerationProcessor)
@moderation_queue = rubanok_process(site.activity_pubs, with: ActivityPubProcessor)
end
end

3
app/controllers/posts_controller.rb
View file

@ -24,6 +24,7 @@ class PostsController < ApplicationController
# Todos los artículos de este sitio para el idioma actual
@posts = site.indexed_posts.where(locale: locale)
@posts = @posts.page(filter_params.delete(:page)) if site.pagination
# De este tipo
@posts = @posts.where(layout: filter_params[:layout]) if filter_params[:layout]
# Que estén dentro de la categoría
@ -154,7 +155,7 @@ class PostsController < ApplicationController
#
# @return [Hash]
def filter_params
@filter_params ||= params.permit(:q, :category, :layout).to_hash.select do |_, v|
@filter_params ||= params.permit(:q, :category, :layout, :page).to_hash.select do |_, v|
v.present?
end.transform_keys(&:to_sym)
end

35
app/controllers/sites_controller.rb
View file

@ -15,6 +15,19 @@ class SitesController < ApplicationController
fresh_when @sites
end
# Genera la caja del estado para HTMX
def status
authorize site
render('sites/status', layout: false) if stale? site
end
def button
authorize site
render('sites/build', layout: false)
end
# No tenemos propiedades de un sitio aún, así que vamos al listado de
# artículos
def show
@ -57,6 +70,7 @@ class SitesController < ApplicationController
usuarie: current_usuarie)
if service.update.valid?
flash[:notice] = I18n.t('sites.update.post')
redirect_to site_posts_path(site, locale: site.default_locale)
else
render 'edit'
@ -109,27 +123,6 @@ class SitesController < ApplicationController
redirect_to sites_path
end
# Obtiene y streamea archivos estáticos desde el repositorio mismo,
# pero sólo los públicos (es decir los archivos subidos desde Sutty).
def static_file
authorize site
file = params.require(:file) + '.' + params.require(:format)
raise ActionController::RoutingError.new(nil, nil) unless file.start_with? 'public/'
path = site.relative_path file
raise ActionController::RoutingError.new(nil, nil) unless File.exist? path
# TODO: Hacer esto usa recursos, pero menos que generar el sitio
# cada vez. Para poder usar X-Accel tendríamos que montar los
# repositorios en el servidor web, cosa que no queremos, o hacer
# links simbólicos desde todos los public, o usar un servidor web
# local que soporte sendfile mejor que Rails (nghttpd?)
send_file path
end
private
def site

26
app/helpers/application_helper.rb
View file

@ -13,7 +13,7 @@ module ApplicationHelper
root = names.shift
names.each do |n|
root += '[' + n.to_s + ']'
root += "[#{n}]"
end
[root, name]
@ -22,7 +22,7 @@ module ApplicationHelper
def plain_field_name_for(*names)
root, name = field_name_for(*names)
root + '[' + name.to_s + ']'
"#{root}[#{name}]"
end
def distance_of_time_in_words_if_more_than_a_minute(seconds)
@ -33,10 +33,24 @@ module ApplicationHelper
end
end
# Devuelve todas las etiquetas HTML que queremos mantener
def all_html_tags
%w[h1 h2 h3 h4 h5 h6 p a ul ol li table tr td th tbody thead
tfoot em strong sup blockquote cite pre section article]
# Sanitizador que elimina todo
#
# @param html [String]
# @return [String]
def text_plain(html)
sanitize(html, tags: [], attributes: [])
end
# Sanitizador con etiquetas y atributos por defecto
#
# @param html [String]
# @param options [Hash]
# @return [String]
def sanitize(html, options = {})
options[:tags] ||= Sutty::ALLOWED_TAGS
options[:attributes] ||= Sutty::ALLOWED_ATTRIBUTES
super(html, options)
end
# Genera HTML y limpia etiquetas innecesarias

15
app/helpers/moderation_queue_helper.rb Normal file
View file

@ -0,0 +1,15 @@
# frozen_string_literal: true
module ModerationQueueHelper
def filter_states(**args)
params.permit(:instance_state, :actor_state, :activity_pub_state).merge(**args)
end
def active?(states, state_name, state)
if params[state_name].present?
params[state_name] == state.to_s
else
states.first == state
end
end
end

17
app/javascript/controllers/details_controller.js Normal file
View file

@ -0,0 +1,17 @@
import { Controller } from "stimulus";
export default class extends Controller {
static targets = [];
connect() {
const state = window.sessionStorage.getItem(this.element.id);
if (state === "open") {
this.element.setAttribute("open", true);
}
}
store(event = undefined) {
window.sessionStorage.setItem(this.element.id, event.newState);
}
}

106
app/javascript/controllers/dropdown_controller.js Normal file
View file

@ -0,0 +1,106 @@
import { Controller } from "stimulus";
// https://getbootstrap.com/docs/4.6/components/dropdowns/#single-button
export default class extends Controller {
static targets = ["dropdown", "button", "item"];
// Al iniciar el controlador
connect() {
// Llevar la cuenta del item con foco
this.data.set("item", -1);
// Gestionar las teclas
this.keydownEvent = this.keydown.bind(this);
this.element.addEventListener("keydown", this.keydownEvent);
// Gestionar el foco
this.focusinEvent = this.focusin.bind(this);
}
// Al eliminar el controlador (al pasar a otra página)
disconnect() {
// Eliminar la gestión de teclas
this.element.removeEventListener("keydown", this.keydownEvent);
// Eliminar la gestión del foco
document.removeEventListener("focusin", this.focusinEvent);
}
// Mostrar u ocultar
toggle(event) {
(this.buttonTarget.ariaExpanded === "false") ? this.show() : this.hide();
}
// Mostrar
show() {
this.buttonTarget.ariaExpanded = "true";
this.element.classList.add("show");
this.dropdownTarget.classList.add("show");
// Activar la gestión del foco
document.addEventListener("focusin", this.focusinEvent);
}
// Ocultar
hide() {
this.buttonTarget.ariaExpanded = "false";
this.element.classList.remove("show");
this.dropdownTarget.classList.remove("show");
// Volver al inicio el foco de items
this.data.set("item", -1);
// Desactivar la gestión del foco
document.removeEventListener("focusin", this.focusinEvent);
}
// Gestionar el foco
focusin(event) {
const item = this.itemTargets.find(x => x === event.target);
// Si el foco se coloca sobre elementos del controlador, no hacer
// nada
if (event.target === this.buttonTarget || item) {
// Si es un item, el comportamiento de las flechas verticales y el
// Tab tiene que ser igual
if (item) this.data.set("item", this.itemTargets.indexOf(item));
return;
}
// De lo contrario, ocultar
this.hide();
}
// Gestionar las teclas
keydown(event) {
const initial = parseInt(this.data.get("item"));
let item = initial;
switch (event.keyCode) {
case 27:
// Esc cierra el menú y devuelve el foco
this.hide();
this.buttonTarget.focus();
break;
case 38:
// Moverse hacia arriba con tope en el primer item
if (item > -1) item--;
break;
case 40:
// Moverse hacia abajo con tope en el último ítem, si el
// dropdown estaba cerrado, abrirlo.
if (item === -1) this.show();
if (item <= this.itemTargets.length) item++;
break;
}
// Si cambió la posición del ítem, darle foco y actualizar el
// contador.
if (initial !== item) {
this.itemTargets[item]?.focus();
this.data.set("item", item);
}
}
}

19
app/javascript/controllers/file_preview_controller.js Normal file
View file

@ -0,0 +1,19 @@
import { Controller } from 'stimulus'
import bsCustomFileInput from "bs-custom-file-input";
document.addEventListener("turbolinks:load", () => {
bsCustomFileInput.init();
});
export default class extends Controller {
static targets = ["preview", "input"];
connect() {
}
update(event = undefined) {
if (!this.hasPreviewTarget) return;
this.previewTarget.src = window.URL.createObjectURL(this.inputTarget.files[0])
}
}

11
app/javascript/controllers/select_all_controller.js Normal file
View file

@ -0,0 +1,11 @@
import { Controller } from "stimulus";
export default class extends Controller {
static targets = ["toggle", "input"];
toggle(event = undefined) {
this.inputTargets.forEach(input => {
input.checked = this.toggleTarget.checked;
});
}
}

7
app/javascript/etc/htmx_abort.js Normal file
View file

@ -0,0 +1,7 @@
// Cancela las peticiones pendientes de htmx para todos los elementos al
// cambiar de página.
document.addEventListener("turbolinks:click", () => {
for (const hx of document.querySelectorAll("[hx-get]")) {
window.htmx.trigger(hx, "htmx:abort");
}
});

11
app/javascript/etc/image_preview.js
View file

@ -1,11 +0,0 @@
document.addEventListener('turbolinks:load', () => {
document.querySelectorAll('input[type=file]').forEach(file => {
if (!file.dataset.preview) return
file.addEventListener('change', event => {
if (file.files.length === 0) return
document.querySelector('#' + file.dataset.preview).src = window.URL.createObjectURL(file.files[0])
})
})
})

3
app/javascript/etc/index.js
View file

@ -1,8 +1,9 @@
import './external_links'
import './image_preview'
import './input-date'
import './input-tag'
import './prosemirror'
import './timezone'
import './turbolinks-anchors'
import './validation'
import './new_editor'
import './htmx_abort'

14
app/javascript/etc/new_editor.js Normal file
View file

@ -0,0 +1,14 @@
import SuttyEditor from "@suttyweb/editor";
import "@suttyweb/editor/dist/style.css";
document.addEventListener("turbolinks:load", () => {
document.querySelectorAll(".new-editor").forEach((editorContainer) => {
new SuttyEditor({
target: editorContainer,
props: {
textareaEl: editorContainer.querySelector("textarea"),
},
});
});
});

29
app/javascript/packs/application.js
View file

@ -2,11 +2,28 @@
import { Notifier } from '@airbrake/browser'
window.airbrake = new Notifier({
projectId: window.env.AIRBRAKE_SITE_ID,
projectKey: window.env.AIRBRAKE_API_KEY,
host: window.env.PANEL_URL
})
try {
window.airbrake = new Notifier({
projectId: window.env.AIRBRAKE_PROJECT_ID,
projectKey: window.env.AIRBRAKE_PROJECT_KEY,
host: window.env.PANEL_URL
});
const ignoredErrors = ["htmx:afterRequest", "htmx:sendAbort"];
console.originalError = console.error;
console.error = (...e) => {
const msg = e.join(" ");
if (!ignoredErrors.some(x => msg.includes(x))) {
window.airbrake.notify(e.join(" "));
}
return console.originalError(...e);
};
} catch(e) {
console.error(e);
}
import 'core-js/stable'
import 'regenerator-runtime/runtime'
@ -23,3 +40,5 @@ import 'chartkick/chart.js'
Rails.start()
Turbolinks.start()
ActiveStorage.start()
window.htmx = require('htmx.org/dist/htmx.js')

25
app/jobs/activity_pub/fediblock_fetch_job.rb Normal file
View file

@ -0,0 +1,25 @@
# frozen_string_literal: true
class ActivityPub
# Se encarga de mantener las listas de bloqueo actualizadas. Luego de
# actualizar el listado de instancias, bloquea las instancias en cada
# sitio que tenga el fediblock habilitado.
class FediblockFetchJob < ApplicationJob
self.priority = 50
def perform
ActivityPub::Fediblock.find_each do |fediblock|
fediblock.process!
hostnames_added = fediblock.hostnames - fediblock.hostnames_was
# No hacer nada si no cambió con respecto a la versión anterior
next if hostnames_added.empty?
ActivityPub::FediblockUpdatedJob.perform_later(fediblock: fediblock, hostnames: hostnames_added)
rescue ActivityPub::Fediblock::FediblockDownloadError => e
ExceptionNotifier.notify_exception(e, data: { fediblock: fediblock.title })
end
end
end
end

29
app/jobs/activity_pub/fediblock_updated_job.rb Normal file
View file

@ -0,0 +1,29 @@
# frozen_string_literal: true
# Se encarga de mantener sincronizadas las listas de instancias
# de los fediblocks con los sitios que las tengan activadas.
#
# También va a asociar las listas con todos los sitios que tengan la
# Social Inbox habilitada.
class ActivityPub
class FediblockUpdatedJob < ApplicationJob
self.priority = 50
# @param :fediblock [ActivityPub::Fediblock]
# @param :hostnames [Array<String>]
def perform(fediblock:, hostnames:)
instances = ActivityPub::Instance.where(hostname: hostnames)
# Todos los sitios con la Social Inbox habilitada
Site.where(id: DeploySocialDistributedPress.pluck(:site_id)).find_each do |site|
# Crea el estado si no existía
fediblock_state = site.fediblock_states.find_or_create_by(fediblock: fediblock)
# No hace nada con los deshabilitados
next unless fediblock_state.enabled?
ActivityPub::InstanceModerationJob.perform_later(site: site, hostnames: hostnames)
end
end
end
end

65
app/jobs/activity_pub/fetch_job.rb Normal file
View file

@ -0,0 +1,65 @@
# frozen_string_literal: true
# Obtiene o actualiza el contenido de un objeto, usando las credenciales
# del sitio.
#
# XXX: Esto usa las credenciales del sitio para volver el objeto
# disponible para todo el CMS. Asumimos que el objeto devuelto es el
# mismo para todo el mundo y las credenciales solo son para
# autenticación.
class ActivityPub
class FetchJob < ApplicationJob
self.priority = 50
attr_reader :object, :response
# Notificar errores de JSON con el contenido, tomar los errores de
# validación y conexión como errores temporales y notificar todo lo
# demás sin reintentar.
#
# @param error [Exception]
# @return [Bool]
discard_on(FastJsonparser::ParseError) do |error|
ExceptionNotifier.notify_exception(error, data: { site: site.name, object: object.uri, body: response.body })
end
retry_on ActiveRecord::RecordInvalid
retry_on SocketError, wait: ApplicationJob.random_wait
retry_on SystemCallError, wait: ApplicationJob.random_wait
retry_on Net::OpenTimeout, wait: ApplicationJob.random_wait
retry_on OpenSSL::OpenSSLError, wait: ApplicationJob.random_wait
def perform(site:, object_id:)
ActivityPub::Object.transaction do
@site = site
@object = ::ActivityPub::Object.find(object_id)
return if object.blank?
return if object.activity_pubs.where(aasm_state: 'removed').count.positive?
@response = site.social_inbox.dereferencer.get(uri: object.uri)
# @todo Fallar cuando la respuesta no funcione?
# @todo Eliminar en 410 Gone
return unless response.success?
# Ignorar si ya la caché fue revalidada y ya teníamos el
# contenido
return if response.hit? && object.content.present?
current_type = object.type
content = FastJsonparser.parse(response.body)
# Modificar atómicamente
::ActivityPub::Object.lock.find(object_id).update!(content: content,
type: ActivityPub::Object.type_from(content).name)
object = ::ActivityPub::Object.find(object_id)
# Actualiza la mención
object.actor&.save! if object.actor_type?
# Arreglar las relaciones con actividades también
ActivityPub.where(object_id: object.id).update_all(object_type: object.type, updated_at: Time.now)
end
end
end
end

16
app/jobs/activity_pub/inbox_job.rb Normal file
View file

@ -0,0 +1,16 @@
# frozen_string_literal: true
class ActivityPub
class InboxJob < ApplicationJob
self.priority = 10
# @param :site [Site]
# @param :activity [String]
# @param :action [Symbol]
def perform(site:, activity:, action:)
response = site.social_inbox.inbox.public_send(action, id: activity)
raise response.body unless response.success?
end
end
end

38
app/jobs/activity_pub/instance_fetch_job.rb Normal file
View file

@ -0,0 +1,38 @@
# frozen_string_literal: true
class ActivityPub
# Obtiene o actualiza los datos de una instancia. Usamos un cliente
# de ActivityPub porque la instancia podría estar en federación
# limitada.
class InstanceFetchJob < ApplicationJob
self.priority = 100
def perform(site:, instance:)
%w[/api/v2/instance /api/v1/instance].each do |api|
uri = SocialInbox.generate_uri(instance.hostname) do |u|
u.path = api
end
response = site.social_inbox.dereferencer.get(uri: uri)
next unless response.success?
# @todo Validate schema
next unless response.parsed_response.is_a?(DistributedPress::V1::Social::ReferencedObject)
instance.update(content: response.parsed_response.object)
break
rescue BRS::BaseError,
Errno::ECONNREFUSED,
HTTParty::Error,
JSON::JSONError,
Net::OpenTimeout,
OpenSSL::OpenSSLError,
SocketError,
Errno::ENETUNREACH => e
ExceptionNotifier.notify_exception(e, data: { instance: uri })
break
end
end
end
end

38
app/jobs/activity_pub/instance_moderation_job.rb Normal file
View file

@ -0,0 +1,38 @@
# frozen_string_literal: true
class ActivityPub
# Bloquea varias instancias de una sola vez
class InstanceModerationJob < ApplicationJob
# @param :site [Site]
# @param :hostnames [Array<String>]
# @param :perform_remotely [Bool]
def perform(site:, hostnames:, perform_remotely: true)
# Crear las instancias que no existan todavía
hostnames.each do |hostname|
ActivityPub::Instance.lock.find_or_create_by(hostname: hostname)
end
instances = ActivityPub::Instance.where(hostname: hostnames)
Site.transaction do
# Crea todas las moderaciones de instancia con un estado por
# defecto si no existen
instances.find_each do |instance|
# Esto bloquea cada una individualmente en la Social Inbox,
# idealmente son pocas instancias las que aparecen.
site.instance_moderations.lock.find_or_create_by(instance: instance)
end
scope = site.instance_moderations.where(instance_id: instances.ids)
if perform_remotely
scope.block_all!
else
scope.block_all_without_callbacks!
end
ActivityPub::SyncListsJob.perform_later(site: site)
end
end
end
end

145
app/jobs/activity_pub/process_job.rb Normal file
View file

@ -0,0 +1,145 @@
# frozen_string_literal: true
class ActivityPub
# Procesar las actividades a medida que llegan
class ProcessJob < ApplicationJob
attr_reader :body
retry_on ActiveRecord::RecordInvalid
# Procesa la actividad en segundo plano
#
# @param :body [String]
# @param :initial_state [Symbol,String]
def perform(site:, body:, initial_state: :paused)
@site = site
@body = body
ActiveRecord::Base.connection_pool.with_connection do
::ActivityPub.transaction do
# Crea todos los registros necesarios y actualiza el estado
actor.present?
instance.present?
object.present?
activity_pub.present?
activity_pub.update(aasm_state: initial_state)
activity.update_activity_pub_state!
end
end
end
private
# Si el objeto ya viene incorporado en la actividad o lo tenemos
# que traer remotamente.
#
# @return [Bool]
def object_embedded?
@object_embedded ||= original_activity[:object].is_a?(Hash)
end
# Encuentra la URI del objeto o falla si no la encuentra.
#
# @return [String]
def object_uri
@object_uri ||= ::ActivityPub.uri_from_object(original_activity[:object])
ensure
raise ActiveRecord::RecordNotFound, 'object id missing' if @object_uri.blank?
end
# Atajo a la instancia
#
# @return [ActivityPub::Instance]
def instance
actor.instance
end
# Genera un objeto a partir de la actividad. Si el objeto ya
# existe, actualiza su contenido. Si el objeto no viene
# incorporado, obtenemos el contenido más tarde.
#
# @return [ActivityPub::Object]
def object
@object ||= ::ActivityPub::Object.lock.find_or_initialize_by(uri: object_uri).tap do |o|
o.lock! if o.persisted?
o.content = original_object if object_embedded?
o.save!
# XXX: el objeto necesita ser guardado antes de poder
# procesarlo. No usamos GlobalID porque el tipo de objeto
# cambia y produce un error de deserialización.
::ActivityPub::FetchJob.perform_later(site: site, object_id: o.id) unless object_embedded?
end
end
# Genera el seguimiento del estado del objeto con respecto al
# sitio.
#
# @return [ActivityPub]
def activity_pub
@activity_pub ||= site.activity_pubs.lock.find_or_create_by!(site: site, actor: actor, instance: instance,
object_id: object.id, object_type: object.type)
end
# Crea la actividad y la vincula con el estado
#
# @return [ActivityPub::Activity]
def activity
@activity ||=
::ActivityPub::Activity
.type_from(original_activity)
.lock
.find_or_initialize_by(uri: original_activity[:id], activity_pub: activity_pub, actor: actor).tap do |a|
a.lock! if a.persisted?
a.content = original_activity.dup
a.content[:object] = object.uri
a.save!
end
end
# Actor, si no hay instancia, la crea en el momento, junto con
# su estado de moderación.
#
# @return [Actor]
def actor
@actor ||= ::ActivityPub::Actor.lock.find_or_initialize_by(uri: original_activity[:actor]).tap do |a|
a.lock! if a.persisted?
unless a.instance
a.instance = ::ActivityPub::Instance.lock.find_or_create_by(hostname: URI.parse(a.uri).hostname)
::ActivityPub::InstanceFetchJob.perform_later(site: site, instance: a.instance)
end
site.instance_moderations.lock.find_or_create_by(instance: a.instance)
a.save!
site.actor_moderations.lock.find_or_create_by(actor: a)
::ActivityPub::FetchJob.perform_later(site: site, object_id: a.object.id)
end
end
# @return [Hash,String]
def original_object
@original_object ||= original_activity[:object].dup.tap do |o|
o[:@context] = original_activity[:@context].dup
end
end
# Descubre la actividad recibida, generando un error si la
# actividad no está dirigida a nosotres.
#
# @todo Validar formato con Dry::Schema
# @return [Hash]
def original_activity
@original_activity ||= FastJsonparser.parse(body).tap do |activity|
raise '@context missing' unless activity[:@context].present?
raise 'id missing' unless activity[:id].present?
raise 'object missing' unless activity[:object].present?
end
end
end
end

37
app/jobs/activity_pub/remote_flag_job.rb Normal file
View file

@ -0,0 +1,37 @@
# frozen_string_literal: true
# Envía un reporte directamente a la instancia remota
#
# @todo El panel debería ser su propia instancia y firmar sus propios
# mensajes.
# @todo Como la Social Inbox no soporta enviar actividades
# a destinataries que no sean seguidores, enviamos el reporte
# directamente a la instancia.
# @see {https://github.com/hyphacoop/social.distributed.press/issues/14}
class ActivityPub
class RemoteFlagJob < ApplicationJob
self.priority = 30
def perform(remote_flag:)
return unless remote_flag.may_queue?
inbox = remote_flag.actor&.content&.[]('inbox')
raise 'Inbox is missing for actor' if inbox.blank?
remote_flag.queue!
uri = URI.parse(inbox)
client = remote_flag.main_site.social_inbox.client_for(uri.origin)
response = client.post(endpoint: uri.path, body: remote_flag.content)
raise 'No se pudo enviar el reporte' unless response.success?
remote_flag.report!
rescue Exception => e
ExceptionNotifier.notify_exception(e, data: { remote_flag: remote_flag.id, response: response.parsed_response })
remote_flag.resend!
raise
end
end
end

72
app/jobs/activity_pub/sync_lists_job.rb Normal file
View file

@ -0,0 +1,72 @@
# frozen_string_literal: true
class ActivityPub
# Sincroniza las listas de bloqueo y permitidas con el estado actual
# de la base de datos.
class SyncListsJob < ApplicationJob
# Siempre correr al final
self.priority = 100
attr_reader :logs
# Ejecuta todas las requests y consolida los posibles errores.
#
# @param site [Site]
def run(site:)
@logs = {}
instance_scope = site.instance_moderations.joins(:instance)
actor_scope = site.actor_moderations.joins(:actor)
blocklist = wildcardize(instance_scope.blocked.pluck(:hostname)) + actor_scope.blocked.distinct.pluck(:mention).compact + actor_scope.reported.distinct.pluck(:mention).compact
allowlist = wildcardize(instance_scope.allowed.pluck(:hostname)) + actor_scope.allowed.distinct.pluck(:mention).compact
pauselist = wildcardize(instance_scope.paused.pluck(:hostname)) + actor_scope.paused.distinct.pluck(:mention).compact
if blocklist.present?
Rails.logger.info "Bloqueando: #{blocklist.join(', ')}"
process(:blocked) { site.social_inbox.allowlist.delete(list: blocklist) }
process(:blocked) { site.social_inbox.blocklist.post(list: blocklist) }
end
if allowlist.present?
Rails.logger.info "Permitiendo: #{allowlist.join(', ')}"
process(:allowed) { site.social_inbox.blocklist.delete(list: allowlist) }
process(:allowed) { site.social_inbox.allowlist.post(list: allowlist) }
end
if pauselist.present?
Rails.logger.info "Pausando: #{pauselist.join(', ')}"
process(:paused) { site.social_inbox.blocklist.delete(list: pauselist) }
process(:paused) { site.social_inbox.allowlist.delete(list: pauselist) }
end
# Si alguna falló, reintentar
raise if logs.present?
rescue Exception => e
ExceptionNotifier.notify_exception(e,
data: { site: site.name, logs: logs, blocklist: blocklist,
allowlist: allowlist, pauselist: pauselist })
raise
end
private
def process(stage)
response = yield
return if response.success?
logs[stage] ||= []
logs[stage] << { body: response.body, code: response.code }
end
# @params hostnames [Array<String>]
# @return [Array<String>]
def wildcardize(hostnames)
hostnames.map do |hostname|
"@*@#{hostname}"
end
end
end
end

18
app/jobs/application_job.rb
View file

@ -4,9 +4,21 @@
class ApplicationJob < ActiveJob::Base
include Que::ActiveJob::JobExtensions
private
# Esperar una cantidad random de segundos primos, para que no se
# superpongan tareas
#
# @return [Array<Integer>]
RANDOM_WAIT = [3, 5, 7, 11, 13].freeze
def site
@site ||= Site.find @params[:site_id]
# @return [ActiveSupport::Duration]
def self.random_wait
RANDOM_WAIT.sample.seconds
end
attr_reader :site
# Si falla por cualquier cosa informar y descartar
discard_on(Exception) do |job, error|
ExceptionNotifier.notify_exception(error, data: { job: job })
end
end

14
app/jobs/backtrace_job.rb
View file

@ -6,10 +6,10 @@ class BacktraceJob < ApplicationJob
EMPTY_SOURCEMAP = { 'mappings' => '' }.freeze
attr_reader :params, :site_id
attr_reader :params
def perform(site_id:, params:)
@site_id = site_id
def perform(site:, params:)
@site = site
@params = params
unless sources.empty?
@ -44,10 +44,6 @@ class BacktraceJob < ApplicationJob
private
def site
@site ||= Site.find_by_id(site_id)
end
# Obtiene todos los archivos del backtrace solo si los puede descargar
# desde fuentes seguras.
#
@ -59,9 +55,7 @@ class BacktraceJob < ApplicationJob
x['backtrace']
end.flatten.map do |x|
x['file'].split('@').last
end.uniq.select do |x|
%r{\Ahttps://} =~ x
end
end.uniq.grep(%r{\Ahttps://})
end
# Descarga y devuelve los datos de un archivo

8
app/jobs/cleanup_job.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
# Realiza tareas de limpieza en segundo plano
class CleanupJob < ApplicationJob
def perform(before = nil)
CleanupService.new(before: before).cleanup_everything!
end
end

8
app/jobs/contact_job.rb
View file

@ -5,10 +5,8 @@ class ContactJob < ApplicationJob
# @param [Integer]
# @param [String]
# @param [Hash]
def perform(site_id, form_name, form, origin = nil)
# Retrocompabilidad al actualizar a 2.7.1
# @see ApplicationJob#site
@params = { site_id: site_id }
def perform(site, form_name, form, origin = nil)
@site = site
# Sanitizar los valores
form.each_key do |key|
@ -23,7 +21,7 @@ class ContactJob < ApplicationJob
usuaries.each_slice(10) do |u|
ContactMailer.with(form_name: form_name,
form: form,
site_id: site_id,
site: site,
usuaries_emails: u,
origin: origin)
.notify_usuaries.deliver_now

58
app/jobs/deploy_job.rb
View file

@ -11,47 +11,45 @@ class DeployJob < ApplicationJob
# Lanzar lo antes posible
self.priority = 10
def handle_error(error)
case error
when DeployAlreadyRunningException then retry_in 1.minute
when DeployTimedOutException then expire
else super
end
end
retry_on DeployAlreadyRunningException, wait: 1.minute
discard_on DeployTimedOutException
# rubocop:disable Metrics/MethodLength
def perform(site, notify: true, time: Time.now, output: false)
@output = output
@site = site
ActiveRecord::Base.connection_pool.with_connection do
@site = Site.find(site)
# Si ya hay una tarea corriendo, aplazar esta. Si estuvo
# esperando más de 10 minutos, recuperar el estado anterior.
#
# Como el trabajo actual se aplaza al siguiente, arrastrar la
# hora original para poder ir haciendo timeouts.
if @site.building?
if site.building?
notify = false
if 10.minutes.ago >= time
raise DeployTimedOutException,
"#{@site.name} la tarea estuvo más de 10 minutos esperando, volviendo al estado original"
else
raise DeployAlreadyRunningException
end
raise DeployAlreadyRunningException unless 10.minutes.ago >= time
raise DeployTimedOutException,
"#{site.name} la tarea estuvo más de 10 minutos esperando, volviendo al estado original"
end
@deployed = {}
@site.update status: 'building'
@site.deployment_list.each do |d|
site.update status: 'building'
site.deployment_list.each do |d|
begin
raise DeployException, 'Una dependencia falló' if failed_dependencies? d
status = d.deploy(output: @output)
status = d.deploy(output: output)
seconds = d.build_stats.last.try(:seconds) || 0
size = d.size
urls = d.respond_to?(:urls) ? d.urls : [d.url].compact
urls = d.urls.map do |url|
URI.parse url
rescue URI::Error
nil
end.compact
raise DeployException, 'Falló la compilación' if d == site.deployment_list.last && !status
rescue StandardError => e
status = false
seconds ||= 0
@ -70,9 +68,9 @@ class DeployJob < ApplicationJob
}
end
return unless @output
return unless output
puts (Terminal::Table.new do |t|
puts(Terminal::Table.new do |t|
t << (%w[type] + @deployed.values.first.keys)
t.add_separator
@deployed.each do |type, row|
@ -80,12 +78,12 @@ class DeployJob < ApplicationJob
end
end)
ensure
if @site.present?
@site.update status: 'waiting'
if site.present?
site.update status: 'waiting'
notify_usuaries if notify
puts "\a" if @output
puts "\a" if output
end
end
end
@ -115,7 +113,7 @@ class DeployJob < ApplicationJob
# @param :deploy [Deploy]
def notify_exception(exception, deploy = nil)
data = {
site: @site.id,
site: site.name,
deploy: deploy&.type,
log: deploy&.build_stats&.last&.log,
failed_dependencies: (failed_dependencies(deploy) if deploy)
@ -125,8 +123,10 @@ class DeployJob < ApplicationJob
end
def notify_usuaries
@site.roles.where(rol: 'usuarie', temporal: false).pluck(:usuarie_id).each do |usuarie|
DeployMailer.with(usuarie: usuarie, site: @site.id)
usuarie_ids = site.roles.where(rol: 'usuarie', temporal: false).pluck(:usuarie_id)
Usuarie.where(id: usuarie_ids).find_each do |usuarie|
DeployMailer.with(usuarie: usuarie, site: site)
.deployed(@deployed)
.deliver_now
end

18
app/jobs/git_pull_job.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
# Permite traer los cambios desde webhooks
class GitPullJob < ApplicationJob
# @param :site [Site]
# @param :usuarie [Usuarie]
# @return [nil]
def perform(site, usuarie)
@site = site
return unless site.repository.origin
return unless site.repository.fetch.positive?
site.repository.merge(usuarie)
site.reindex_changes!
end
end

13
app/jobs/git_push_job.rb Normal file
View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
# Permite pushear los cambios cada vez que se
# hacen commits en un sitio
class GitPushJob < ApplicationJob
# @param :site [Site]
# @return [nil]
def perform(site)
@site = site
site.repository.push if site.repository.origin
end
end

6
app/jobs/gitlab_notifier_job.rb
View file

@ -30,7 +30,7 @@ class GitlabNotifierJob < ApplicationJob
count: 1,
issue: @issue['iid'],
user_agents: [user_agent].compact,
params: [request&.filtered_parameters].compact,
params: request&.filtered_parameters&.as_json,
urls: [url].compact
}
end
@ -105,7 +105,7 @@ class GitlabNotifierJob < ApplicationJob
def title
@title ||= ''.dup.tap do |t|
t << "[#{exception.class}] " unless javascript?
t << exception.message
t << exception.message[0..200]
t << " [#{issue_data[:count]}]"
end
end
@ -192,7 +192,7 @@ class GitlabNotifierJob < ApplicationJob
```
#{request.request_method} #{url}
#{pp request.filtered_parameters}
#{pp request.filtered_parameters.as_json}
```
REQUEST

3
app/jobs/maintenance_job.rb
View file

@ -15,8 +15,7 @@
# Lo mismo para salir de mantenimiento, agregando el atributo
# are_we_back: true al crear el Maintenance.
class MaintenanceJob < ApplicationJob
def perform(maintenance_id:)
maintenance = Maintenance.find(maintenance_id)
def perform(maintenance:)
# Decidir cuál vamos a enviar según el estado de Maintenance
mailer = maintenance.are_we_back ? :were_back : :notice

3
app/jobs/periodic_job.rb
View file

@ -6,9 +6,6 @@ class PeriodicJob < ApplicationJob
STARTING_INTERVAL = Stat::INTERVALS.first
# Tener el sitio a mano
attr_reader :site
# Descartar y notificar si pasó algo más.
#
# XXX: En realidad deberíamos seguir reintentando?

6
app/jobs/stat_collection_job.rb
View file

@ -7,8 +7,8 @@ class StatCollectionJob < PeriodicJob
STAT_NAME = 'stat_collection_job'
def perform(site_id:, once: true)
@site = Site.find site_id
def perform(site:, once: true)
@site = site
beginning = beginning_of_interval
stat = site.stats.create! name: STAT_NAME
@ -22,7 +22,7 @@ class StatCollectionJob < PeriodicJob
rollup.average(:seconds)
end
dimensions = { site_id: site_id }
dimensions = { site_id: site.id }
reduce_rollup(name: 'builds', operation: :sum, dimensions: dimensions)
reduce_rollup(name: 'space_used', operation: :average, dimensions: dimensions)

4
app/jobs/uri_collection_job.rb
View file

@ -16,8 +16,8 @@ class UriCollectionJob < PeriodicJob
IMAGES = %w[.png .jpg .jpeg .gif .webp .jfif].freeze
STAT_NAME = 'uri_collection_job'
def perform(site_id:, once: true)
@site = Site.find site_id
def perform(site:, once: true)
@site = site
# Obtener el principio del intervalo anterior
beginning_of_interval

2
app/lib/action_dispatch/http/uploaded_file_decorator.rb
View file

@ -11,7 +11,7 @@ module ActionDispatch
# Devolver el nombre de archivo con caracteres unicode
# normalizados
def original_filename
@original_filename.unicode_normalize
@original_filename.unicode_normalize.sub(/\A_+/, '')
end
end
end

2
app/lib/active_storage/service/jekyll_service.rb
View file

@ -96,7 +96,7 @@ module ActiveStorage
end
def blob_for(key)
ActiveStorage::Blob.find_by(key: key, service_name: name)
ActiveStorage::Blob.find_by!(key: key, service_name: name)
end
end
end

6
app/lib/exception_notifier/gitlab_notifier.rb
View file

@ -8,9 +8,9 @@ module ExceptionNotifier
# Recibe la excepción y empieza la tarea de notificación en segundo
# plano.
#
# @param [Exception]
# @param [Hash]
def call(exception, **options)
# @param :exception [Exception]
# @param :options [Hash]
def call(exception, options, &block)
case exception
when BacktraceJob::BacktraceException
GitlabNotifierJob.perform_later(exception, **options)

38
app/lib/jekyll/readers/data_reader_decorator.rb Normal file
View file

@ -0,0 +1,38 @@
# frozen_string_literal: true
module Jekyll
module Readers
# Permite leer datos utilizando rutas absolutas.
#
# {Jekyll::DataReader} usa {Dir.chdir} con rutas relativas, lo que
# en nuestro uso provoca confusiones en el lector de datos.
#
# Con este módulo, podemos leer todos los archivos usando rutas
# absolutas, lo que nos permite reemplazar jekyll-data, que agregaba
# código duplicado.
module DataReaderDecorator
extend ActiveSupport::Concern
included do
DATA_EXTENSIONS = %w[.yaml .yml .json .csv .tsv].freeze
def read_data_to(dir, data)
return unless File.directory?(dir) && !@entry_filter.symlink?(dir)
Dir.glob(File.join(dir, '*')).each do |path|
next if @entry_filter.symlink?(path)
entry = Pathname.new(path).relative_path_from(dir).to_s
if File.directory?(path)
read_data_to(path, data[sanitize_filename(entry)] = {})
elsif DATA_EXTENSIONS.include?(File.extname(entry))
key = sanitize_filename(File.basename(entry, ".*"))
data[key] = read_data_file(path)
end
end
end
end
end
end
end

2
app/mailers/application_mailer.rb
View file

@ -10,7 +10,7 @@ class ApplicationMailer < ActionMailer::Base
private
def site
@site ||= Site.find @params[:site_id]
@site ||= @params[:site]
end
def inline_logo!

5
app/mailers/deploy_mailer.rb
View file

@ -13,8 +13,7 @@ class DeployMailer < ApplicationMailer
# rubocop:disable Metrics/AbcSize
def deployed(deploys = {})
usuarie = Usuarie.find(params[:usuarie])
site = usuarie.sites.find(params[:site])
usuarie = params[:usuarie]
hostname = site.hostname
deploys ||= {}
@ -52,7 +51,7 @@ class DeployMailer < ApplicationMailer
t << (row.map do |k, v|
case k
when :seconds then v[:human]
when :urls then url
when :urls then url.to_s
else v
end
end)

9
app/mailers/invitadx_mailer.rb
View file

@ -1,9 +0,0 @@
# frozen_string_literal: true
class InvitadxMailer < ApplicationMailer
def confirmation_required
@invitadx = params[:invitadx]
@site = params[:site]
mail from: "#{@site.config.dig('title')} <#{ENV.fetch('DEFAULT_FROM', 'sutty@kefir.red')}>", to: @invitadx.email, subject: t('.subject')
end
end

152
app/models/activity_pub.rb Normal file
View file

@ -0,0 +1,152 @@
# frozen_string_literal: true
# = ActivityPub =
#
# El registro de actividades recibidas y su estado. Cuando recibimos
# una actividad, puede estar destinada a varies actores dentro de Sutty,
# con lo que generamos una cola para cada une.
#
#
# @todo Ya que une actore puede hacer varias actividades sobre el mismo
# objeto, lo correcto sería que la actividad a moderar sea una sola en
# lugar de una lista acumulativa. Es decir cada ActivityPub representa
# el estado del conjunto (Actor, Object, Activity)
#
# @see {https://www.w3.org/TR/activitypub/#client-to-server-interactions}
class ActivityPub < ApplicationRecord
IGNORED_EVENTS = %i[pause remove].freeze
IGNORED_STATES = %i[removed].freeze
include AASM
belongs_to :instance
belongs_to :site
belongs_to :object, polymorphic: true
belongs_to :actor
belongs_to :remote_flag, optional: true, class_name: 'ActivityPub::RemoteFlag'
has_many :activities
validates :site_id, presence: true
validates :object_id, presence: true
validates :aasm_state, presence: true, inclusion: { in: %w[paused approved rejected reported removed] }
accepts_nested_attributes_for :remote_flag
# Encuentra la URI de un objeto
#
# @return [String, nil]
def self.uri_from_object(object)
case object
when Array then uri_from_object(object.first)
when String then object
when Hash then (object['id'] || object[:id])
end
end
# Obtiene el campo `url` de diversas formas. Si es una String, asumir
# que es una URL, si es un Hash, asumir que es un Link, si es un
# Array de Strings, obtener la primera, si es de Hash, obtener el
# primer link con rel=canonical y mediaType=text/html
#
# De lo contrario devolver el ID.
#
# @todo Refactorizar
# @param object [Hash]
# @return [String]
def self.url_from_object(object)
raise unless object.respond_to?(:[])
url =
case object['url']
when String then object['url']
when Hash then object['href']
# Esto es un lío porque queremos saber si es un Array<Hash> o
# Array<String> o mezcla y obtener el que más nos convenga o
# adivinar uno.
when Array
links = object['url'].map.with_index do |link, _i|
case link
when Hash then link
else { 'href' => link.to_s }
end
end
links.find do |link|
link['rel'] == 'canonical' && link['mediaType'] == 'text/html'
end&.[]('href') || links.first&.[]('href')
end
url || object['id']
end
aasm do
# Todavía no hay una decisión sobre el objeto
state :paused, initial: true
# Le usuarie aprobó el objeto
state :approved
# Le usuarie rechazó el objeto
state :rejected
# Le usuarie reportó el objeto
state :reported
# Le actore eliminó el objeto
state :removed
# Gestionar todos los errores
error_on_all_events do |e|
ExceptionNotifier.notify_exception(e,
data: { site: site.name, activity_pub: id, activity: activities.first.uri })
end
# Se puede volver a pausa en caso de actualización remota, para
# revisar los cambios.
event :pause do
transitions to: :paused
end
# Recibir una acción de eliminación, eliminar el contenido de la
# base de datos. Esto elimina el contenido para todos los sitios
# porque estamos respetando lo que pidió le actore.
event :remove do
transitions to: :removed
after do
next if object.blank?
object.update(content: {}) unless object.content.empty?
end
end
# La actividad se aprueba, informándole a la Social Inbox que está
# aprobada. También recibimos la aprobación via
# webhook a modo de confirmación.
event :approve do
transitions from: %i[paused], to: :approved
after do
ActivityPub::InboxJob.perform_later(site: site, activity: activities.first.uri, action: :accept)
end
end
# La actividad fue rechazada
event :reject do
transitions from: %i[paused approved], to: :rejected
after do
ActivityPub::InboxJob.perform_later(site: site, activity: activities.first.uri, action: :reject)
end
end
# Reportarla implica rechazarla
event :report do
transitions from: %i[paused approved rejected], to: :reported
after do
ActivityPub::InboxJob.perform_later(site: site, activity: activities.first.uri, action: :reject)
ActivityPub::RemoteFlagJob.perform_later(remote_flag: remote_flag) if remote_flag.waiting?
end
end
end
# Definir eventos en masa
include AasmEventsConcern
end

34
app/models/activity_pub/activity.rb Normal file
View file

@ -0,0 +1,34 @@
# frozen_string_literal: true
# = Activity =
#
# Lleva un registro de las actividades que nos piden hacer remotamente.
#
# Las actividades pueden tener distintos destinataries (sitios/actores).
#
# @todo Obtener el contenido del objeto dinámicamente si no existe
# localmente, por ejemplo cuando la actividad crea un objeto pero lo
# envía como referencia en lugar de anidarlo.
#
# @see {https://www.w3.org/TR/activitypub/#client-to-server-interactions}
class ActivityPub
class Activity < ApplicationRecord
include ActivityPub::Concerns::JsonLdConcern
belongs_to :activity_pub
belongs_to :actor, touch: true
has_one :object, through: :activity_pub
validates :activity_pub_id, presence: true
# Las actividades son únicas con respecto a su estado
validates :uri, presence: true, url: true, uniqueness: { scope: :activity_pub_id, message: 'estado duplicado' }
# Siempre en orden descendiente para saber el último estado
default_scope -> { order(created_at: :desc) }
# Cambia la máquina de estados según el tipo de actividad
def update_activity_pub_state!
nil
end
end
end

8
app/models/activity_pub/activity/announce.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
class ActivityPub
class Activity
# Boost
class Announce < ActivityPub::Activity; end
end
end

7
app/models/activity_pub/activity/create.rb Normal file
View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
class ActivityPub
class Activity
class Create < ActivityPub::Activity; end
end
end

38
app/models/activity_pub/activity/delete.rb Normal file
View file

@ -0,0 +1,38 @@
# frozen_string_literal: true
class ActivityPub
class Activity
class Delete < ActivityPub::Activity
# Los Delete se refieren a objetos. Al eliminar un objeto,
# cancelamos todas las actividades que tienen relacionadas.
#
# XXX: La actividad tiene una firma, pero la implementación no
# está recomendada
#
# @todo Validar que le Actor corresponda con los objetos. Esto ya
# lo haría la Social Inbox por nosotres.
# @see {https://docs.joinmastodon.org/spec/security/#ld}
def update_activity_pub_state!
ActiveRecord::Base.connection_pool.with_connection do
ActivityPub.transaction do
object = ActivityPub::Object.find_by(uri: ActivityPub.uri_from_object(content['object']))
if object.present?
object.activity_pubs.find_each do |activity_pub|
activity_pub.remove! if activity_pub.may_remove?
end
# Encontrar todas las acciones de moderación de le actore
# eliminade y moverlas a eliminar.
if (actor = ActivityPub::Actor.find_by(uri: object.uri)).present?
ActorModeration.where(actor_id: actor.id).remove_all!
end
end
activity_pub.remove! if activity_pub.may_remove?
end
end
end
end
end
end

7
app/models/activity_pub/activity/flag.rb Normal file
View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
class ActivityPub
class Activity
class Flag < ActivityPub::Activity; end
end
end

18
app/models/activity_pub/activity/follow.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
# = Follow =
#
# Una actividad de seguimiento se refiere siempre a une actore (el
# sitio) y proviene de otre actore.
#
# Por ahora las solicitudes de seguimiento se auto-aprueban.
class ActivityPub
class Activity
class Follow < ActivityPub::Activity
# Auto-aprobar la solicitud de seguimiento
def update_activity_pub_state!
activity_pub.approve! if activity_pub.may_approve?
end
end
end
end

7
app/models/activity_pub/activity/generic.rb Normal file
View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
class ActivityPub
class Activity
class Generic < ActivityPub::Activity; end
end
end

8
app/models/activity_pub/activity/like.rb Normal file
View file

@ -0,0 +1,8 @@
# frozen_string_literal: true
class ActivityPub
class Activity
# Like
class Like < ActivityPub::Activity; end
end
end

29
app/models/activity_pub/activity/undo.rb Normal file
View file

@ -0,0 +1,29 @@
# frozen_string_literal: true
# = Undo =
#
# Deshace una actividad, dependiendo de la actividad a la que se
# refiere.
class ActivityPub
class Activity
class Undo < ActivityPub::Activity
# Una actividad de deshacer tiene anidada como objeto la actividad
# a deshacer. Para respetar la voluntad de le actore remote,
# tendríamos que eliminar cualquier actividad pendiente sobre el
# objeto.
#
# Sin embargo, estas acciones nunca deberían llegar a nuestra
# Inbox.
#
# @todo Validar que le Actor corresponda con los objetos. Esto ya
# lo haría la Social Inbox por nosotres.
# @see {https://github.com/hyphacoop/social.distributed.press/issues/43}
def update_activity_pub_state!
ActivityPub.transaction do
ActivityPub::Activity.find_by(uri: content['object'])&.activity_pub&.remove!
activity_pub.remove!
end
end
end
end
end

13
app/models/activity_pub/activity/update.rb Normal file
View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
class ActivityPub
class Activity
class Update < ActivityPub::Activity
# Si estamos actualizando el objeto, tenemos que devolverlo a estado
# de moderación
def update_activity_pub_state!
activity_pub.pause! if activity_pub.approved?
end
end
end
end

43
app/models/activity_pub/actor.rb Normal file
View file

@ -0,0 +1,43 @@
# frozen_string_literal: true
# = Actor =
#
# Actor es la entidad que realiza acciones en ActivityPub
#
# @todo Obtener el perfil dinámicamente
class ActivityPub
class Actor < ApplicationRecord
include ActivityPub::Concerns::JsonLdConcern
belongs_to :instance
has_many :actor_moderation
has_many :activity_pubs, as: :object
has_many :activities
has_many :remote_flags
# Les actores son únicxs a toda la base de datos
validates :uri, presence: true, url: true, uniqueness: true
before_save :mentionize!
# Obtiene el nombre de la Actor como mención, solo si obtuvimos el
# contenido de antemano.
#
# @return [String, nil]
def mentionize!
return if mention.present?
return if content['preferredUsername'].blank?
return if instance.blank?
self.mention ||= "@#{content['preferredUsername']}@#{instance.hostname}"
end
def object
@object ||= ActivityPub::Object.lock.find_or_create_by(uri: uri)
end
def content
object.content
end
end
end

32
app/models/activity_pub/concerns/json_ld_concern.rb Normal file
View file

@ -0,0 +1,32 @@
# frozen_string_literal: true
class ActivityPub
module Concerns
module JsonLdConcern
extend ActiveSupport::Concern
included do
# Cuando asignamos contenido, obtener la URI si no lo hicimos ya
before_save :uri_from_content!, unless: :uri?
# Obtiene un tipo de actividad a partir del tipo informado
#
# @param object [Hash]
# @return [Activity]
def self.type_from(object)
raise NameError unless object.is_a?(Hash)
"#{model_name.name}::#{object[:type].presence || 'Generic'}".constantize
rescue NameError
model_name.name.constantize::Generic
end
private
def uri_from_content!
self.uri = content[:id]
end
end
end
end
end

82
app/models/activity_pub/fediblock.rb Normal file
View file

@ -0,0 +1,82 @@
# frozen_string_literal: true
require 'httparty'
# Listas de bloqueo y sus URLs de descarga
class ActivityPub
class Fediblock < ApplicationRecord
class Client
include ::HTTParty
# @param url [String]
# @return [HTTParty::Response]
def get(url)
self.class.get(url, parser: csv_parser)
end
# Procesa el CSV
#
# @return [Proc]
def csv_parser
@csv_parser ||=
begin
require 'csv'
proc do |body, _|
CSV.parse(body, headers: true)
end
end
end
end
class FediblockDownloadError < ::StandardError; end
validates_presence_of :title, :url, :format
validates_inclusion_of :format, in: %w[mastodon fediblock none]
HOSTNAME_HEADERS = {
'mastodon' => '#domain',
'fediblock' => 'domain'
}.freeze
def client
@client ||= Client.new
end
# Todas las instancias de este fediblock
def instances
ActivityPub::Instance.where(hostname: hostnames)
end
# Descarga la lista y crea las instancias con el estado necesario
def process!
response = client.get(download_url)
raise FediblockDownloadError unless response.success?
Fediblock.transaction do
csv = response.parsed_response
process_csv! csv
update(hostnames: csv.map { |r| r[hostname_header] })
end
end
private
def hostname_header
HOSTNAME_HEADERS[format]
end
# Crea o encuentra instancias que ya existían y las bloquea
#
# @param csv [CSV::Table]
def process_csv!(csv)
csv.each do |row|
ActivityPub::Instance.find_or_create_by(hostname: row[hostname_header]).tap do |i|
i.block! if i.may_block?
end
end
end
end
end

40
app/models/activity_pub/instance.rb Normal file
View file

@ -0,0 +1,40 @@
# frozen_string_literal: true
# = Instance =
#
# Representa cada instancia del fediverso que interactúa con la Social
# Inbox.
class ActivityPub
class Instance < ApplicationRecord
include AASM
validates :aasm_state, presence: true, inclusion: { in: %w[paused allowed blocked] }
validates :hostname, uniqueness: true, hostname: { allow_numeric_hostname: true }
has_many :activity_pubs
has_many :actors
has_many :instance_moderations
# XXX: Mantenemos esto por si queremos bloquear una instancia a
# nivel general
aasm do
state :paused, initial: true
state :allowed
state :blocked
# Al pasar una instancia a bloqueo, quiere decir que todos los
# sitios adoptan esta lista
event :block do
transitions from: %i[paused allowed], to: :blocked
end
end
def list_name
"@*@#{hostname}"
end
def uri
@uri ||= "https://#{hostname}/"
end
end
end

67
app/models/activity_pub/object.rb Normal file
View file

@ -0,0 +1,67 @@
# frozen_string_literal: true
# Almacena objetos de ActivityPub, como Note, Article, etc.
class ActivityPub
class Object < ApplicationRecord
include ActivityPub::Concerns::JsonLdConcern
before_validation :type_from_content!, unless: :type?
# Los objetos son únicos a toda la base de datos
validates :uri, presence: true, url: true, uniqueness: true
validate :uri_is_content_id?, if: :content?
has_many :activity_pubs, as: :object
# Encontrar le Actor por su relación con el objeto
#
# @return [ActivityPub::Actor,nil]
def actor
ActivityPub::Actor.find_by(uri: actor_uri)
end
# @return [String]
def actor_uri
content['attributedTo']
end
def actor_type?
false
end
def object_type?
true
end
# Poder explorar propiedades remotas
#
# @return [DistributedPress::V1::Social::ReferencedObject]
def referenced(site)
require 'distributed_press/v1/social/referenced_object'
@referenced ||= DistributedPress::V1::Social::ReferencedObject.new(object: content,
dereferencer: site.social_inbox.dereferencer)
end
private
def uri_is_content_id?
return if uri == content['id']
errors.add(:activity_pub_objects, 'El ID del objeto no coincide con su URI')
end
# Encuentra el tipo a partir del contenido, si existe.
#
# XXX: Si el objeto es una actividad, esto siempre va a ser
# Generic
def type_from_content!
self.type =
begin
"ActivityPub::Object::#{content['type'].presence || 'Generic'}".constantize
rescue NameError
ActivityPub::Object::Generic
end
end
end
end

12
app/models/activity_pub/object/application.rb Normal file
View file

@ -0,0 +1,12 @@
# frozen_string_literal: true
# = Application =
#
# Una aplicación o instancia
class ActivityPub
class Object
class Application < ActivityPub::Object
include Concerns::ActorTypeConcern
end
end
end

10
app/models/activity_pub/object/article.rb Normal file
View file

@ -0,0 +1,10 @@
# frozen_string_literal: true
# = Article =
#
# Representa artículos
class ActivityPub
class Object
class Article < ActivityPub::Object; end
end
end

10
app/models/activity_pub/object/audio.rb Normal file
View file

@ -0,0 +1,10 @@
# frozen_string_literal: true
# = Audio =
#
# Representa artículos
class ActivityPub
class Object
class Audio < ActivityPub::Object; end
end
end

34
app/models/activity_pub/object/concerns/actor_type_concern.rb Normal file
View file

@ -0,0 +1,34 @@
# frozen_string_literal: true
class ActivityPub
class Object
module Concerns
module ActorTypeConcern
extend ActiveSupport::Concern
included do
# La URI de le Actor en este caso es la misma id
#
# @return [String]
def actor_uri
uri
end
# El objeto referencia a une Actor
#
# @see {https://www.w3.org/TR/activitystreams-vocabulary/#actor-types}
def actor_type?
true
end
# El objeto es un objeto
#
# @see {https://www.w3.org/TR/activitystreams-vocabulary/#object-types}
def object_type?
false
end
end
end
end
end
end

10
app/models/activity_pub/object/document.rb Normal file
View file

@ -0,0 +1,10 @@
# frozen_string_literal: true
# = Document =
#
# Representa artículos
class ActivityPub
class Object
class Document < ActivityPub::Object; end
end
end

Some files were not shown because too many files have changed in this diff Show more