Federate header images, fix open-uri http->https redirection error

diff --git a/app/helpers/atom_builder_helper.rb b/app/helpers/atom_builder_helper.rb
index 8ca3cde2654d567b0e6b7631fe0b5ae75a05d258..b750eeb07907eeccc0e9ee966e9855cd175c51c3 100644 (file)
--- a/app/helpers/atom_builder_helper.rb
+++ b/app/helpers/atom_builder_helper.rb
@@ -124,6 +124,10 @@ module AtomBuilderHelper
     single_link_avatar(xml, account, :original, 120)
   end
 
+  def link_header(xml, account)
+    xml.link('rel' => 'header', 'type' => account.header_content_type, 'media:width' => 700, 'media:height' => 335, 'href' => full_asset_url(account.header.url(:original)))
+  end
+
   def logo(xml, url)
     xml.logo url
   end
@@ -160,6 +164,7 @@ module AtomBuilderHelper
     summary          xml, account.note
     link_alternate   xml, TagManager.instance.url_for(account)
     link_avatar      xml, account
+    link_header      xml, account
     portable_contact xml, account
     privacy_scope    xml, account.locked? ? :private : :public
   end

diff --git a/app/models/account.rb b/app/models/account.rb
index 978dc2d71655a9b01786959f3851ead928be8900..aa0af563cd44b619e04e1287ec7e3f3e0f1acea2 100644 (file)
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -144,7 +144,9 @@ class Account < ApplicationRecord
     save!
   rescue ActiveRecord::RecordInvalid
     self.avatar              = nil
+    self.header              = nil
     self[:avatar_remote_url] = ''
+    self[:header_remote_url] = ''
     save!
   end
 
@@ -159,6 +161,17 @@ class Account < ApplicationRecord
     Rails.logger.debug "Error fetching remote avatar: #{e}"
   end
 
+  def header_remote_url=(url)
+    parsed_url = URI.parse(url)
+
+    return if !%w(http https).include?(parsed_url.scheme) || parsed_url.host.empty? || self[:header_remote_url] == url
+
+    self.header              = parsed_url
+    self[:header_remote_url] = url
+  rescue OpenURI::HTTPError => e
+    Rails.logger.debug "Error fetching remote header: #{e}"
+  end
+
   def object_type
     :person
   end

diff --git a/app/services/update_remote_profile_service.rb b/app/services/update_remote_profile_service.rb
index dc315db197b6e4d6e47bad4399cd14cde0b6459f..74baa1cc598725846f8c7abc27bef585fa3176be 100644 (file)
--- a/app/services/update_remote_profile_service.rb
+++ b/app/services/update_remote_profile_service.rb
@@ -14,6 +14,7 @@ class UpdateRemoteProfileService < BaseService
 
       unless account.suspended? || DomainBlock.find_by(domain: account.domain)&.reject_media?
         account.avatar_remote_url = author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS)['href'] unless author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS).nil? || author_xml.at_xpath('./xmlns:link[@rel="avatar"]', xmlns: TagManager::XMLNS)['href'].blank?
+        account.header_remote_url = author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS)['href'] unless author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS).nil? || author_xml.at_xpath('./xmlns:link[@rel="header"]', xmlns: TagManager::XMLNS)['href'].blank?
       end
     end
 

diff --git a/config/initializers/open_uri_redirection.rb b/config/initializers/open_uri_redirection.rb
new file mode 100644 (file)
index 0000000..e24fdec
--- /dev/null
+++ b/config/initializers/open_uri_redirection.rb
@@ -0,0 +1,8 @@
+require 'open-uri'
+
+module OpenURI
+  def OpenURI.redirectable?(uri1, uri2) # :nodoc:
+    uri1.scheme.downcase == uri2.scheme.downcase ||
+      (/\A(?:http|https|ftp)\z/i =~ uri1.scheme && /\A(?:http|https|ftp)\z/i =~ uri2.scheme)
+  end
+end

diff --git a/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb b/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb
new file mode 100644 (file)
index 0000000..0ba38d3
--- /dev/null
+++ b/db/migrate/20170318214217_add_header_remote_url_to_accounts.rb
@@ -0,0 +1,5 @@
+class AddHeaderRemoteUrlToAccounts < ActiveRecord::Migration[5.0]
+  def change
+    add_column :accounts, :header_remote_url, :string, null: false, default: ''
+  end
+end

diff --git a/db/schema.rb b/db/schema.rb
index c571fa3a83ef0e2d489a39d3174733ad76b0c357..395034375afc28c3847d5c1b4f8b1a1100be9a4b 100644 (file)
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170317193015) do
+ActiveRecord::Schema.define(version: 20170318214217) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -43,6 +43,7 @@ ActiveRecord::Schema.define(version: 20170317193015) do
     t.boolean  "silenced",                default: false, null: false
     t.boolean  "suspended",               default: false, null: false
     t.boolean  "locked",                  default: false, null: false
+    t.string   "header_remote_url",       default: "",    null: false
     t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin
     t.index ["username", "domain"], name: "index_accounts_on_username_and_domain", unique: true, using: :btree
   end