Merge branch 'main' into glitch-soc/merge-upstream

Conflicts:
- `app/controllers/home_controller.rb`:
  Upstream made it so `/web` is available to non-logged-in users
  and `/` redirects to `/web` instead of `/about`.
  Kept our version since glitch-soc's WebUI doesn't have what's
  needed yet and I think /about is still a much better landing
  page anyway.
- `app/models/form/admin_settings.rb`:
  Upstream added new settings, and glitch-soc had an extra setting.
  Not really a conflict.
  Added upstream's new settings.
- `app/serializers/initial_state_serializer.rb`:
  Upstream added a new `server` initial state object.
  Not really a conflict.
  Merged upstream's changes.
- `app/views/admin/settings/edit.html.haml`:
  Upstream added new settings.
  Not really a conflict.
  Merged upstream's changes.
- `app/workers/scheduler/feed_cleanup_scheduler.rb`:
  Upstream refactored that part and removed the file.
  Ported our relevant changes into `app/lib/vacuum/feeds_vacuum.rb`
- `config/settings.yml`:
  Upstream added new settings.
  Not a real conflict.
  Added upstream's new settings.

spec/lib/activitypub/activity/announce_spec.rb

@@ -115,7 +115,7 @@ RSpec.describe ActivityPub::Activity::Announce do
 
       let(:object_json) { 'https://example.com/actor/hello-world' }
 
-      subject { described_class.new(json, sender, relayed_through_account: relay_account) }
+      subject { described_class.new(json, sender, relayed_through_actor: relay_account) }
 
       before do
         stub_request(:get, 'https://example.com/actor/hello-world').to_return(body: Oj.dump(unknown_object_json))

spec/lib/activitypub/dereferencer_spec.rb

@@ -4,10 +4,10 @@ RSpec.describe ActivityPub::Dereferencer do
   describe '#object' do
     let(:object) { { '@context': 'https://www.w3.org/ns/activitystreams', id: 'https://example.com/foo', type: 'Note', content: 'Hoge' } }
     let(:permitted_origin) { 'https://example.com' }
-    let(:signature_account) { nil }
+    let(:signature_actor) { nil }
     let(:uri) { nil }
 
-    subject { described_class.new(uri, permitted_origin: permitted_origin, signature_account: signature_account).object }
+    subject { described_class.new(uri, permitted_origin: permitted_origin, signature_actor: signature_actor).object }
 
     before do
       stub_request(:get, 'https://example.com/foo').to_return(body: Oj.dump(object), headers: { 'Content-Type' => 'application/activity+json' })
@@ -21,7 +21,7 @@ RSpec.describe ActivityPub::Dereferencer do
       end
 
       context 'with signature account' do
-        let(:signature_account) { Fabricate(:account) }
+        let(:signature_actor) { Fabricate(:account) }
 
         it 'makes signed request' do
           subject
@@ -52,7 +52,7 @@ RSpec.describe ActivityPub::Dereferencer do
       end
 
       context 'with signature account' do
-        let(:signature_account) { Fabricate(:account) }
+        let(:signature_actor) { Fabricate(:account) }
 
         it 'makes signed request' do
           subject

spec/lib/activitypub/linked_data_signature_spec.rb

@@ -20,7 +20,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
     stub_jsonld_contexts!
   end
 
-  describe '#verify_account!' do
+  describe '#verify_actor!' do
     context 'when signature matches' do
       let(:raw_signature) do
         {
@@ -32,7 +32,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => sign(sender, raw_signature, raw_json)) }
 
       it 'returns creator' do
-        expect(subject.verify_account!).to eq sender
+        expect(subject.verify_actor!).to eq sender
       end
     end
 
@@ -40,7 +40,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
       let(:signature) { nil }
 
       it 'returns nil' do
-        expect(subject.verify_account!).to be_nil
+        expect(subject.verify_actor!).to be_nil
       end
     end
 
@@ -55,7 +55,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => 's69F3mfddd99dGjmvjdjjs81e12jn121Gkm1') }
 
       it 'returns nil' do
-        expect(subject.verify_account!).to be_nil
+        expect(subject.verify_actor!).to be_nil
       end
     end
   end
@@ -73,14 +73,14 @@ RSpec.describe ActivityPub::LinkedDataSignature do
     end
 
     it 'can be verified again' do
-      expect(described_class.new(subject).verify_account!).to eq sender
+      expect(described_class.new(subject).verify_actor!).to eq sender
     end
   end
 
-  def sign(from_account, options, document)
+  def sign(from_actor, options, document)
     options_hash   = Digest::SHA256.hexdigest(canonicalize(options.merge('@context' => ActivityPub::LinkedDataSignature::CONTEXT)))
     document_hash  = Digest::SHA256.hexdigest(canonicalize(document))
     to_be_verified = options_hash + document_hash
-    Base64.strict_encode64(from_account.keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_verified))
+    Base64.strict_encode64(from_actor.keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_verified))
   end
 end

spec/lib/feed_manager_spec.rb

@@ -134,6 +134,18 @@ RSpec.describe FeedManager do
         reblog = Fabricate(:status, reblog: status, account: jeff)
         expect(FeedManager.instance.filter?(:home, reblog, alice)).to be true
       end
+
+      it 'returns true for German post when follow is set to English only' do
+        alice.follow!(bob, languages: %w(en))
+        status = Fabricate(:status, text: 'Hallo Welt', account: bob, language: 'de')
+        expect(FeedManager.instance.filter?(:home, status, alice)).to be true
+      end
+
+      it 'returns false for German post when follow is set to German' do
+        alice.follow!(bob, languages: %w(de))
+        status = Fabricate(:status, text: 'Hallo Welt', account: bob, language: 'de')
+        expect(FeedManager.instance.filter?(:home, status, alice)).to be false
+      end
     end
 
     context 'for mentions feed' do

spec/lib/permalink_redirector_spec.rb

@@ -21,7 +21,7 @@ describe PermalinkRedirector do
 
     it 'returns path for legacy tag links' do
       redirector = described_class.new('web/timelines/tag/hoge')
-      expect(redirector.redirect_path).to eq '/tags/hoge'
+      expect(redirector.redirect_path).to be_nil
     end
 
     it 'returns path for pretty account links' do
@@ -36,7 +36,7 @@ describe PermalinkRedirector do
 
     it 'returns path for pretty tag links' do
       redirector = described_class.new('web/tags/hoge')
-      expect(redirector.redirect_path).to eq '/tags/hoge'
+      expect(redirector.redirect_path).to be_nil
     end
   end
 end

spec/lib/request_spec.rb

@@ -63,7 +63,7 @@ describe Request do
         expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made
       end
 
-      it 'closes underlaying connection' do
+      it 'closes underlying connection' do
         expect_any_instance_of(HTTP::Client).to receive(:close)
         expect { |block| subject.perform &block }.to yield_control
       end

spec/lib/vacuum/access_tokens_vacuum_spec.rb

@@ -0,0 +1,33 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::AccessTokensVacuum do
+  subject { described_class.new }
+
+  describe '#perform' do
+    let!(:revoked_access_token) { Fabricate(:access_token, revoked_at: 1.minute.ago) }
+    let!(:active_access_token) { Fabricate(:access_token) }
+
+    let!(:revoked_access_grant) { Fabricate(:access_grant, revoked_at: 1.minute.ago) }
+    let!(:active_access_grant) { Fabricate(:access_grant) }
+
+    before do
+      subject.perform
+    end
+
+    it 'deletes revoked access tokens' do
+      expect { revoked_access_token.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+
+    it 'deletes revoked access grants' do
+      expect { revoked_access_grant.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+
+    it 'does not delete active access tokens' do
+      expect { active_access_token.reload }.to_not raise_error
+    end
+
+    it 'does not delete active access grants' do
+      expect { active_access_grant.reload }.to_not raise_error
+    end
+  end
+end

spec/lib/vacuum/backups_vacuum_spec.rb

@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::BackupsVacuum do
+  let(:retention_period) { 7.days }
+
+  subject { described_class.new(retention_period) }
+
+  describe '#perform' do
+    let!(:expired_backup) { Fabricate(:backup, created_at: (retention_period + 1.day).ago) }
+    let!(:current_backup) { Fabricate(:backup) }
+
+    before do
+      subject.perform
+    end
+
+    it 'deletes backups past the retention period' do
+      expect { expired_backup.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+
+    it 'does not delete backups within the retention period' do
+      expect { current_backup.reload }.to_not raise_error
+    end
+  end
+end

spec/lib/vacuum/feeds_vacuum_spec.rb

@@ -0,0 +1,30 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::FeedsVacuum do
+  subject { described_class.new }
+
+  describe '#perform' do
+    let!(:active_user) { Fabricate(:user, current_sign_in_at: 2.days.ago) }
+    let!(:inactive_user) { Fabricate(:user, current_sign_in_at: 22.days.ago) }
+
+    before do
+      redis.zadd(feed_key_for(inactive_user), 1, 1)
+      redis.zadd(feed_key_for(active_user), 1, 1)
+      redis.zadd(feed_key_for(inactive_user, 'reblogs'), 2, 2)
+      redis.sadd(feed_key_for(inactive_user, 'reblogs:2'), 3)
+
+      subject.perform
+    end
+
+    it 'clears feeds of inactive users and lists' do
+      expect(redis.zcard(feed_key_for(inactive_user))).to eq 0
+      expect(redis.zcard(feed_key_for(active_user))).to eq 1
+      expect(redis.exists?(feed_key_for(inactive_user, 'reblogs'))).to be false
+      expect(redis.exists?(feed_key_for(inactive_user, 'reblogs:2'))).to be false
+    end
+  end
+
+  def feed_key_for(user, subtype = nil)
+    FeedManager.instance.key(:home, user.account_id, subtype)
+  end
+end

spec/lib/vacuum/media_attachments_vacuum_spec.rb

@@ -0,0 +1,47 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::MediaAttachmentsVacuum do
+  let(:retention_period) { 7.days }
+
+  subject { described_class.new(retention_period) }
+
+  let(:remote_status) { Fabricate(:status, account: Fabricate(:account, domain: 'example.com')) }
+  let(:local_status) { Fabricate(:status) }
+
+  describe '#perform' do
+    let!(:old_remote_media) { Fabricate(:media_attachment, remote_url: 'https://example.com/foo.png', status: remote_status, created_at: (retention_period + 1.day).ago, updated_at: (retention_period + 1.day).ago) }
+    let!(:old_local_media) { Fabricate(:media_attachment, status: local_status, created_at: (retention_period + 1.day).ago, updated_at: (retention_period + 1.day).ago) }
+    let!(:new_remote_media) { Fabricate(:media_attachment, remote_url: 'https://example.com/foo.png', status: remote_status) }
+    let!(:new_local_media) { Fabricate(:media_attachment, status: local_status) }
+    let!(:old_unattached_media) { Fabricate(:media_attachment, account_id: nil, created_at: 10.days.ago) }
+    let!(:new_unattached_media) { Fabricate(:media_attachment, account_id: nil, created_at: 1.hour.ago) }
+
+    before do
+      subject.perform
+    end
+
+    it 'deletes cache of remote media attachments past the retention period' do
+      expect(old_remote_media.reload.file).to be_blank
+    end
+
+    it 'does not touch local media attachments past the retention period' do
+      expect(old_local_media.reload.file).to_not be_blank
+    end
+
+    it 'does not delete cache of remote media attachments within the retention period' do
+      expect(new_remote_media.reload.file).to_not be_blank
+    end
+
+    it 'does not touch local media attachments within the retention period' do
+      expect(new_local_media.reload.file).to_not be_blank
+    end
+
+    it 'deletes unattached media attachments past TTL' do
+      expect { old_unattached_media.reload }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+
+    it 'does not delete unattached media attachments within TTL' do
+      expect(new_unattached_media.reload).to be_persisted
+    end
+  end
+end

spec/lib/vacuum/preview_cards_vacuum_spec.rb

@@ -0,0 +1,36 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::PreviewCardsVacuum do
+  let(:retention_period) { 7.days }
+
+  subject { described_class.new(retention_period) }
+
+  describe '#perform' do
+    let!(:orphaned_preview_card) { Fabricate(:preview_card, created_at: 2.days.ago) }
+    let!(:old_preview_card) { Fabricate(:preview_card, updated_at: (retention_period + 1.day).ago) }
+    let!(:new_preview_card) { Fabricate(:preview_card) }
+
+    before do
+      old_preview_card.statuses << Fabricate(:status)
+      new_preview_card.statuses << Fabricate(:status)
+
+      subject.perform
+    end
+
+    it 'deletes cache of preview cards last updated before the retention period' do
+      expect(old_preview_card.reload.image).to be_blank
+    end
+
+    it 'does not delete cache of preview cards last updated within the retention period' do
+      expect(new_preview_card.reload.image).to_not be_blank
+    end
+
+    it 'does not delete attached preview cards' do
+      expect(new_preview_card.reload).to be_persisted
+    end
+
+    it 'deletes preview cards not attached to any status' do
+      expect { orphaned_preview_card.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+  end
+end

spec/lib/vacuum/statuses_vacuum_spec.rb

@@ -0,0 +1,36 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::StatusesVacuum do
+  let(:retention_period) { 7.days }
+
+  let(:remote_account) { Fabricate(:account, domain: 'example.com') }
+
+  subject { described_class.new(retention_period) }
+
+  describe '#perform' do
+    let!(:remote_status_old) { Fabricate(:status, account: remote_account, created_at: (retention_period + 2.days).ago) }
+    let!(:remote_status_recent) { Fabricate(:status, account: remote_account, created_at: (retention_period - 2.days).ago) }
+    let!(:local_status_old) { Fabricate(:status, created_at: (retention_period + 2.days).ago) }
+    let!(:local_status_recent) { Fabricate(:status, created_at: (retention_period - 2.days).ago) }
+
+    before do
+      subject.perform
+    end
+
+    it 'deletes remote statuses past the retention period' do
+      expect { remote_status_old.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+
+    it 'does not delete local statuses past the retention period' do
+      expect { local_status_old.reload }.to_not raise_error
+    end
+
+    it 'does not delete remote statuses within the retention period' do
+      expect { remote_status_recent.reload }.to_not raise_error
+    end
+
+    it 'does not delete local statuses within the retention period' do
+      expect { local_status_recent.reload }.to_not raise_error
+    end
+  end
+end

spec/lib/vacuum/system_keys_vacuum_spec.rb

@@ -0,0 +1,22 @@
+require 'rails_helper'
+
+RSpec.describe Vacuum::SystemKeysVacuum do
+  subject { described_class.new }
+
+  describe '#perform' do
+    let!(:expired_system_key) { Fabricate(:system_key, created_at: (SystemKey::ROTATION_PERIOD * 4).ago) }
+    let!(:current_system_key) { Fabricate(:system_key) }
+
+    before do
+      subject.perform
+    end
+
+    it 'deletes the expired key' do
+      expect { expired_system_key.reload }.to raise_error ActiveRecord::RecordNotFound
+    end
+
+    it 'does not delete the current key' do
+      expect { current_system_key.reload }.to_not raise_error
+    end
+  end
+end