Merge pull request #68 from MozillaSocial/upstream-v4.2.8-main-changes

Reset to upstream v4.2.8 with select changes
MozillaSocial · Feb 29, 2024 · ad7a270 · ad7a270
2 parents bdb6650 + c9c611d
commit ad7a270
Show file tree

Hide file tree

Showing 29 changed files with 1,640 additions and 15 deletions.
diff --git a/.github/workflows/glean-probe-scraper.yml b/.github/workflows/glean-probe-scraper.yml
@@ -0,0 +1,5 @@
+name: Glean probe-scraper
+on: [push, pull_request]
+jobs:
+  glean-probe-scraper:
+    uses: mozilla/probe-scraper/.github/workflows/glean.yaml@main
diff --git a/.glean/metrics.yaml b/.glean/metrics.yaml
@@ -0,0 +1,110 @@
+# Any copyright is dedicated to the Public Domain.
+# https://creativecommons.org/publicdomain/zero/1.0/
+
+---
+$schema: moz://mozilla.org/schemas/glean/metrics/2-0-0
+
+identifiers:
+  fxa_account_id:
+    type: string
+    description: >
+      The user's FxA account ID, if available.
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    lifetime: application
+    send_in_pings:
+      - events
+
+  mastodon_account_id:
+    type: string
+    description: >
+      The user's numeric account ID from Mastodon.
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    lifetime: application
+    send_in_pings:
+      - events
+
+  mastodon_account_handle:
+    type: string
+    description: >
+      The user's full account handle, with domain.
+      For example, `account_name@mozilla.social`.
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    lifetime: application
+    send_in_pings:
+      - events
+
+  adjust_device_id:
+    type: string
+    description: >
+      The Adjust device ID for this user, if available.
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    lifetime: application
+    send_in_pings:
+      - events
+
+  user_agent:
+    type: string
+    description: >
+      The device user agent string.
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    lifetime: application
+    send_in_pings:
+      - events
+
+backend:
+  object_update:
+    type: event
+    description: >
+      Event triggered by the backend to record the change in state
+      of an object (e.g. API requests to the mozilla.social Mastodon
+      server).
+      In the future, we could potentially use this event to track
+      changes in state to core Mastodon objects (e.g. accounts and
+      posts).
+    bugs:
+      - TBD
+    data_reviews:
+      - TBD
+    notification_emails:
+      - mozillasocial-data-eng@mozilla.com
+    expires: never
+    extra_keys:
+      object_type:
+        description: >
+          A simple name to describe the object whose state changed.
+          For example, `api_request`.
+        type: string
+      object_state:
+        description: >
+          A JSON representation of the latest state of the object.
+        type: string
diff --git a/Gemfile b/Gemfile
@@ -80,6 +80,8 @@ gem 'rqrcode', '~> 2.2'
 gem 'ruby-progressbar', '~> 1.13'
 gem 'sanitize', '~> 6.0'
 gem 'scenic', '~> 1.7'
+gem 'sentry-ruby', '~> 5.16'
+gem 'sentry-rails', '~> 5.16'
 gem 'sidekiq', '~> 6.5'
 gem 'sidekiq-scheduler', '~> 5.0'
 gem 'sidekiq-unique-jobs', '~> 7.1'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -687,6 +687,11 @@ GEM
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
     semantic_range (3.0.0)
+    sentry-rails (5.16.1)
+      railties (>= 5.0)
+      sentry-ruby (~> 5.16.1)
+    sentry-ruby (5.16.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
     sidekiq (6.5.12)
       connection_pool (>= 2.2.5, < 3)
       rack (~> 2.0)
@@ -922,6 +927,8 @@ DEPENDENCIES
   sanitize (~> 6.0)
   scenic (~> 1.7)
   selenium-webdriver
+  sentry-rails (~> 5.16)
+  sentry-ruby (~> 5.16)
   sidekiq (~> 6.5)
   sidekiq-bulk (~> 0.2.0)
   sidekiq-scheduler (~> 5.0)

diff --git a/app/controllers/api/v1/admin/status_actions_controller.rb b/app/controllers/api/v1/admin/status_actions_controller.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::StatusActionsController < Api::BaseController
+  # modeled on api/v1/admin/account_actions_controller.rb
+
+  include Authorization
+
+  # only support a subset of StatusBatchAction types
+  ALLOWED_TYPES = %w(
+    delete
+    sensitive
+  ).freeze
+
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:statuses' }
+  before_action :set_status
+
+  after_action :verify_authorized
+
+  def create
+    authorize [:admin, @status], :update?
+    raise ActiveRecord::RecordInvalid unless valid_type?
+
+    status_batch_action                 = Admin::StatusBatchAction.new(resource_params)
+    status_batch_action.status_ids      = [@status.id]
+    status_batch_action.current_account = current_account
+    status_batch_action.save!
+
+    render_empty
+  end
+
+  private
+
+  def valid_type?
+    params[:type] && ALLOWED_TYPES.include?(params[:type])
+  end
+
+  def set_status
+    @status = Status.find(params[:status_id])
+  end
+
+  def resource_params
+    params.permit(
+      :type,
+      :report_id,
+      :text,
+      :send_email_notification
+    )
+  end
+end
diff --git a/app/controllers/api/v1/admin/statuses_controller.rb b/app/controllers/api/v1/admin/statuses_controller.rb
@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::StatusesController < Api::BaseController
+  # modeled on api/v1/admin/accounts_controller.rb
+
+  include Authorization
+  include AccountableConcern
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:statuses' }, only: [:show]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:statuses' }, except: [:show]
+  before_action :set_status
+
+  after_action :verify_authorized
+
+  def show
+    authorize [:admin, @status], :show?
+    render json: @status, serializer: REST::StatusSerializer
+  end
+
+  def destroy
+    # modeled on handle_delete from status_batch_action.rb
+    authorize [:admin, @status], :destroy?
+    ApplicationRecord.transaction do
+      @status.discard_with_reblogs
+      log_action :destroy, @status
+      Tombstone.find_or_create_by(uri: @status.uri, account: @status.account, by_moderator: true)
+
+      if @status.with_media?
+        # Immediately remove public copy of media instead of waiting for
+        # the vacuum_orphaned_records job to take care of it later on
+        Admin::MediaAttachmentDeletionWorker.perform_async(@status.media_attachments.map(&:id))
+      end
+    end
+
+    json = render_to_body json: @status, serializer: REST::StatusSerializer, source_requested: true
+
+    RemovalWorker.perform_async(@status.id, { 'preserve' => @status.account.local?, 'immediate' => !@status.account.local? })
+
+    render json: json
+  end
+
+  def unsensitive
+    # modeled on undo_mark_statuses_as_sensitive from approve_appeal_service.rb
+    authorize [:admin, @status], :update?
+    representative_account = Account.representative
+    ApplicationRecord.transaction do
+      UpdateStatusService.new.call(@status, representative_account.id, sensitive: false) if @status.with_media?
+      log_action :unsensitive, @status
+    end
+    render json: @status, serializer: REST::StatusSerializer
+  end
+
+  private
+
+  def set_status
+    @status = Status.find(params[:id])
+  end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,6 +1,17 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
+  # add instaniated Glean Logger
+  include Glean
+  GLEAN = Glean::GleanEventsLogger.new(
+    app_id: 'moso-mastodon-backend',
+    app_display_version: Mastodon::Version.to_s,
+    app_channel: ENV.fetch('RAILS_ENV', 'development'),
+    logger_options: $stdout
+  )
+  # add glean server side logging for controller calls
+  around_action :emit_glean
+
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
@@ -173,4 +184,38 @@ def respond_with_error(code)
   def set_cache_control_defaults
     response.cache_control.replace(private: true, no_store: true)
   end
+
+  private
+
+  def emit_glean
+    yield
+  ensure
+    event = {
+      'user_id' => current_user&.id,
+      'path' => request.fullpath,
+      'controller' => controller_name,
+      'method' => request.method,
+      'status_code' => response.status,
+    }
+    username = current_user&.account&.username
+    domain = current_user&.account&.domain
+
+    handle = nil
+    unless username.nil?
+      domain = 'mozilla.social' if domain.nil?
+      handle = "#{username}@#{domain}"
+    end
+
+    GLEAN.backend_object_update.record(
+      user_agent: request.user_agent,
+      ip_address: request.ip,
+      object_type: 'api_request',
+      object_state: event.to_json,
+      identifiers_adjust_device_id: nil,
+      identifiers_fxa_account_id: nil,
+      identifiers_mastodon_account_handle: handle,
+      identifiers_mastodon_account_id: current_user&.account&.id,
+      identifiers_user_agent: request.user_agent
+    )
+  end
 end
diff --git a/app/controllers/terms_controller.rb b/app/controllers/terms_controller.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class TermsController < ApplicationController
+  include WebAppControllerConcern
+
+  skip_before_action :require_functional!
+
+  before_action :set_instance_presenter
+
+  def show
+    expires_in 0, public: true if current_account.nil?
+  end
+
+  private
+
+  def set_instance_presenter
+    @instance_presenter = InstancePresenter.new
+  end
+end
diff --git a/app/javascript/images/logo-symbol-wordmark.svg b/app/javascript/images/logo-symbol-wordmark.svg