diff options
Diffstat (limited to 'lib/pleroma/web/activity_pub')
| -rw-r--r-- | lib/pleroma/web/activity_pub/activity_pub.ex | 396 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/activity_pub_controller.ex | 41 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf.ex | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf/anti_followbot_policy.ex | 12 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex | 80 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf/keyword_policy.ex | 95 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/mrf/tag_policy.ex | 139 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/relay.ex | 6 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/transmogrifier.ex | 175 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/utils.ex | 189 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/views/object_view.ex | 7 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/views/user_view.ex | 134 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/visibility.ex | 56 |
13 files changed, 1077 insertions, 255 deletions
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index feff22400..f217e7bac 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -3,13 +3,23 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.ActivityPub.ActivityPub do - alias Pleroma.{Activity, Repo, Object, Upload, User, Notification} - alias Pleroma.Web.ActivityPub.{Transmogrifier, MRF} - alias Pleroma.Web.WebFinger + alias Pleroma.Activity + alias Pleroma.Instances + alias Pleroma.Notification + alias Pleroma.Object + alias Pleroma.Repo + alias Pleroma.Upload + alias Pleroma.User + alias Pleroma.Web.ActivityPub.MRF + alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.Federator alias Pleroma.Web.OStatus + alias Pleroma.Web.WebFinger + import Ecto.Query import Pleroma.Web.ActivityPub.Utils + import Pleroma.Web.ActivityPub.Visibility + require Logger @httpoison Application.get_env(:pleroma, :httpoison) @@ -19,19 +29,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp get_recipients(%{"type" => "Announce"} = data) do to = data["to"] || [] cc = data["cc"] || [] - recipients = to ++ cc actor = User.get_cached_by_ap_id(data["actor"]) - recipients - |> Enum.filter(fn recipient -> - case User.get_cached_by_ap_id(recipient) do - nil -> - true - - user -> - User.following?(user, actor) - end - end) + recipients = + (to ++ cc) + |> Enum.filter(fn recipient -> + case User.get_cached_by_ap_id(recipient) do + nil -> + true + + user -> + User.following?(user, actor) + end + end) {recipients, to, cc} end @@ -71,15 +81,47 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp check_remote_limit(_), do: true - def insert(map, local \\ true) when is_map(map) do + def increase_note_count_if_public(actor, object) do + if is_public?(object), do: User.increase_note_count(actor), else: {:ok, actor} + end + + def decrease_note_count_if_public(actor, object) do + if is_public?(object), do: User.decrease_note_count(actor), else: {:ok, actor} + end + + def increase_replies_count_if_reply(%{ + "object" => + %{"inReplyTo" => reply_ap_id, "inReplyToStatusId" => reply_status_id} = object, + "type" => "Create" + }) do + if is_public?(object) do + Activity.increase_replies_count(reply_status_id) + Object.increase_replies_count(reply_ap_id) + end + end + + def increase_replies_count_if_reply(_create_data), do: :noop + + def decrease_replies_count_if_reply(%Object{ + data: %{"inReplyTo" => reply_ap_id, "inReplyToStatusId" => reply_status_id} = object + }) do + if is_public?(object) do + Activity.decrease_replies_count(reply_status_id) + Object.decrease_replies_count(reply_ap_id) + end + end + + def decrease_replies_count_if_reply(_object), do: :noop + + def insert(map, local \\ true, fake \\ false) when is_map(map) do with nil <- Activity.normalize(map), - map <- lazy_put_activity_defaults(map), + map <- lazy_put_activity_defaults(map, fake), :ok <- check_actor_is_active(map["actor"]), {_, true} <- {:remote_limit_error, check_remote_limit(map)}, {:ok, map} <- MRF.filter(map), - :ok <- insert_full_object(map) do - {recipients, _, _} = get_recipients(map) - + {recipients, _, _} = get_recipients(map), + {:fake, false, map, recipients} <- {:fake, fake, map, recipients}, + {:ok, object} <- insert_full_object(map) do {:ok, activity} = Repo.insert(%Activity{ data: map, @@ -88,12 +130,39 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do recipients: recipients }) + # Splice in the child object if we have one. + activity = + if !is_nil(object) do + Map.put(activity, :object, object) + else + activity + end + + Task.start(fn -> + Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) + end) + Notification.create_notifications(activity) stream_out(activity) {:ok, activity} else - %Activity{} = activity -> {:ok, activity} - error -> {:error, error} + %Activity{} = activity -> + {:ok, activity} + + {:fake, true, map, recipients} -> + activity = %Activity{ + data: map, + local: local, + actor: map["actor"], + recipients: recipients, + id: "pleroma:fakeid" + } + + Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) + {:ok, activity} + + error -> + {:error, error} end end @@ -115,7 +184,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do activity.data["object"] |> Map.get("tag", []) |> Enum.filter(fn tag -> is_bitstring(tag) end) - |> Enum.map(fn tag -> Pleroma.Web.Streamer.stream("hashtag:" <> tag, activity) end) + |> Enum.each(fn tag -> Pleroma.Web.Streamer.stream("hashtag:" <> tag, activity) end) if activity.data["object"]["attachment"] != [] do Pleroma.Web.Streamer.stream("public:media", activity) @@ -136,7 +205,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end - def create(%{to: to, actor: actor, context: context, object: object} = params) do + def create(%{to: to, actor: actor, context: context, object: object} = params, fake \\ false) do additional = params[:additional] || %{} # only accept false as false value local = !(params[:local] == false) @@ -147,11 +216,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do %{to: to, actor: actor, published: published, context: context, object: object}, additional ), - {:ok, activity} <- insert(create_data, local), - # Changing note count prior to enqueuing federation task in order to avoid race conditions on updating user.info - {:ok, _actor} <- User.increase_note_count(actor), + {:ok, activity} <- insert(create_data, local, fake), + {:fake, false, activity} <- {:fake, fake, activity}, + _ <- increase_replies_count_if_reply(create_data), + # Changing note count prior to enqueuing federation task in order to avoid + # race conditions on updating user.info + {:ok, _actor} <- increase_note_count_if_public(actor, activity), :ok <- maybe_federate(activity) do {:ok, activity} + else + {:fake, true, activity} -> + {:ok, activity} end end @@ -159,7 +234,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do # only accept false as false value local = !(params[:local] == false) - with data <- %{"to" => to, "type" => "Accept", "actor" => actor, "object" => object}, + with data <- %{"to" => to, "type" => "Accept", "actor" => actor.ap_id, "object" => object}, {:ok, activity} <- insert(data, local), :ok <- maybe_federate(activity) do {:ok, activity} @@ -170,7 +245,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do # only accept false as false value local = !(params[:local] == false) - with data <- %{"to" => to, "type" => "Reject", "actor" => actor, "object" => object}, + with data <- %{"to" => to, "type" => "Reject", "actor" => actor.ap_id, "object" => object}, {:ok, activity} <- insert(data, local), :ok <- maybe_federate(activity) do {:ok, activity} @@ -287,18 +362,21 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do def delete(%Object{data: %{"id" => id, "actor" => actor}} = object, local \\ true) do user = User.get_cached_by_ap_id(actor) + to = (object.data["to"] || []) ++ (object.data["cc"] || []) - data = %{ - "type" => "Delete", - "actor" => actor, - "object" => id, - "to" => [user.follower_address, "https://www.w3.org/ns/activitystreams#Public"] - } - - with {:ok, _} <- Object.delete(object), + with {:ok, object, activity} <- Object.delete(object), + data <- %{ + "type" => "Delete", + "actor" => actor, + "object" => id, + "to" => to, + "deleted_activity_id" => activity && activity.id + }, {:ok, activity} <- insert(data, local), - # Changing note count prior to enqueuing federation task in order to avoid race conditions on updating user.info - {:ok, _actor} <- User.decrease_note_count(user), + _ <- decrease_replies_count_if_reply(object), + # Changing note count prior to enqueuing federation task in order to avoid + # race conditions on updating user.info + {:ok, _actor} <- decrease_note_count_if_public(user, object), :ok <- maybe_federate(activity) do {:ok, activity} end @@ -336,6 +414,49 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end + def flag( + %{ + actor: actor, + context: context, + account: account, + statuses: statuses, + content: content + } = params + ) do + # only accept false as false value + local = !(params[:local] == false) + forward = !(params[:forward] == false) + + additional = params[:additional] || %{} + + params = %{ + actor: actor, + context: context, + account: account, + statuses: statuses, + content: content + } + + additional = + if forward do + Map.merge(additional, %{"to" => [], "cc" => [account.ap_id]}) + else + Map.merge(additional, %{"to" => [], "cc" => []}) + end + + with flag_data <- make_flag_data(params, additional), + {:ok, activity} <- insert(flag_data, local), + :ok <- maybe_federate(activity) do + Enum.each(User.all_superusers(), fn superuser -> + superuser + |> Pleroma.AdminEmail.report(actor, account, statuses, content) + |> Pleroma.Mailer.deliver_async() + end) + + {:ok, activity} + end + end + def fetch_activities_for_context(context, opts \\ %{}) do public = ["https://www.w3.org/ns/activitystreams#Public"] @@ -362,6 +483,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do ), order_by: [desc: :id] ) + |> Activity.with_preloaded_object() Repo.all(query) end @@ -378,6 +500,30 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do @valid_visibilities ~w[direct unlisted public private] defp restrict_visibility(query, %{visibility: visibility}) + when is_list(visibility) do + if Enum.all?(visibility, &(&1 in @valid_visibilities)) do + query = + from( + a in query, + where: + fragment( + "activity_visibility(?, ?, ?) = ANY (?)", + a.actor, + a.recipients, + a.data, + ^visibility + ) + ) + + Ecto.Adapters.SQL.to_sql(:all, Repo, query) + + query + else + Logger.error("Could not restrict visibility to #{visibility}") + end + end + + defp restrict_visibility(query, %{visibility: visibility}) when visibility in @valid_visibilities do query = from( @@ -430,7 +576,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do when is_list(tag_reject) and tag_reject != [] do from( activity in query, - where: fragment("(not (? #> '{\"object\",\"tag\"}') \\?| ?)", activity.data, ^tag_reject) + where: fragment(~s(\(not \(? #> '{"object","tag"}'\) \\?| ?\)), activity.data, ^tag_reject) ) end @@ -440,7 +586,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do when is_list(tag_all) and tag_all != [] do from( activity in query, - where: fragment("(? #> '{\"object\",\"tag\"}') \\?& ?", activity.data, ^tag_all) + where: fragment(~s(\(? #> '{"object","tag"}'\) \\?& ?), activity.data, ^tag_all) ) end @@ -449,14 +595,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_tag(query, %{"tag" => tag}) when is_list(tag) do from( activity in query, - where: fragment("(? #> '{\"object\",\"tag\"}') \\?| ?", activity.data, ^tag) + where: fragment(~s(\(? #> '{"object","tag"}'\) \\?| ?), activity.data, ^tag) ) end defp restrict_tag(query, %{"tag" => tag}) when is_binary(tag) do from( activity in query, - where: fragment("? <@ (? #> '{\"object\",\"tag\"}')", ^tag, activity.data) + where: fragment(~s(? <@ (? #> '{"object","tag"}'\)), ^tag, activity.data) ) end @@ -517,7 +663,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_actor(query, _), do: query defp restrict_type(query, %{"type" => type}) when is_binary(type) do - restrict_type(query, %{"type" => [type]}) + from(activity in query, where: fragment("?->>'type' = ?", activity.data, ^type)) end defp restrict_type(query, %{"type" => type}) do @@ -529,7 +675,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_favorited_by(query, %{"favorited_by" => ap_id}) do from( activity in query, - where: fragment("? <@ (? #> '{\"object\",\"likes\"}')", ^ap_id, activity.data) + where: fragment(~s(? <@ (? #> '{"object","likes"}'\)), ^ap_id, activity.data) ) end @@ -538,7 +684,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_media(query, %{"only_media" => val}) when val == "true" or val == "1" do from( activity in query, - where: fragment("not (? #> '{\"object\",\"attachment\"}' = ?)", activity.data, ^[]) + where: fragment(~s(not (? #> '{"object","attachment"}' = ?\)), activity.data, ^[]) ) end @@ -559,6 +705,20 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_reblogs(query, _), do: query + defp restrict_muted(query, %{"with_muted" => val}) when val in [true, "true", "1"], do: query + + defp restrict_muted(query, %{"muting_user" => %User{info: info}}) do + mutes = info.mutes + + from( + activity in query, + where: fragment("not (? = ANY(?))", activity.actor, ^mutes), + where: fragment("not (?->'to' \\?| ?)", activity.data, ^mutes) + ) + end + + defp restrict_muted(query, _), do: query + defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do blocks = info.blocks || [] domain_blocks = info.domain_blocks || [] @@ -591,6 +751,30 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp restrict_pinned(query, _), do: query + defp restrict_muted_reblogs(query, %{"muting_user" => %User{info: info}}) do + muted_reblogs = info.muted_reblogs || [] + + from( + activity in query, + where: + fragment( + "not ( ?->>'type' = 'Announce' and ? = ANY(?))", + activity.data, + activity.actor, + ^muted_reblogs + ) + ) + end + + defp restrict_muted_reblogs(query, _), do: query + + defp maybe_preload_objects(query, %{"skip_preload" => true}), do: query + + defp maybe_preload_objects(query, _) do + query + |> Activity.with_preloaded_object() + end + def fetch_activities_query(recipients, opts \\ %{}) do base_query = from( @@ -600,6 +784,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do ) base_query + |> maybe_preload_objects(opts) |> restrict_recipients(recipients, opts["user"]) |> restrict_tag(opts) |> restrict_tag_reject(opts) @@ -612,11 +797,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_type(opts) |> restrict_favorited_by(opts) |> restrict_blocked(opts) + |> restrict_muted(opts) |> restrict_media(opts) |> restrict_visibility(opts) |> restrict_replies(opts) |> restrict_reblogs(opts) |> restrict_pinned(opts) + |> restrict_muted_reblogs(opts) end def fetch_activities(recipients, opts \\ %{}) do @@ -730,7 +917,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end def publish(actor, activity) do - followers = + remote_followers = if actor.follower_address in activity.recipients do {:ok, followers} = User.get_followers(actor) followers |> Enum.filter(&(!&1.local)) @@ -740,50 +927,67 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do public = is_public?(activity) - remote_inboxes = - (Pleroma.Web.Salmon.remote_users(activity) ++ followers) - |> Enum.filter(fn user -> User.ap_enabled?(user) end) - |> Enum.map(fn %{info: %{source_data: data}} -> - (is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) || data["inbox"] - end) - |> Enum.uniq() - |> Enum.filter(fn inbox -> should_federate?(inbox, public) end) - {:ok, data} = Transmogrifier.prepare_outgoing(activity.data) json = Jason.encode!(data) - Enum.each(remote_inboxes, fn inbox -> - Federator.enqueue(:publish_single_ap, %{ + (Pleroma.Web.Salmon.remote_users(activity) ++ remote_followers) + |> Enum.filter(fn user -> User.ap_enabled?(user) end) + |> Enum.map(fn %{info: %{source_data: data}} -> + (is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) || data["inbox"] + end) + |> Enum.uniq() + |> Enum.filter(fn inbox -> should_federate?(inbox, public) end) + |> Instances.filter_reachable() + |> Enum.each(fn {inbox, unreachable_since} -> + Federator.publish_single_ap(%{ inbox: inbox, json: json, actor: actor, - id: activity.data["id"] + id: activity.data["id"], + unreachable_since: unreachable_since }) end) end - def publish_one(%{inbox: inbox, json: json, actor: actor, id: id}) do + def publish_one(%{inbox: inbox, json: json, actor: actor, id: id} = params) do Logger.info("Federating #{id} to #{inbox}") host = URI.parse(inbox).host digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64()) + date = + NaiveDateTime.utc_now() + |> Timex.format!("{WDshort}, {0D} {Mshort} {YYYY} {h24}:{m}:{s} GMT") + signature = Pleroma.Web.HTTPSignatures.sign(actor, %{ host: host, "content-length": byte_size(json), - digest: digest + digest: digest, + date: date }) - @httpoison.post( - inbox, - json, - [ - {"Content-Type", "application/activity+json"}, - {"signature", signature}, - {"digest", digest} - ] - ) + with {:ok, %{status: code}} when code in 200..299 <- + result = + @httpoison.post( + inbox, + json, + [ + {"Content-Type", "application/activity+json"}, + {"Date", date}, + {"signature", signature}, + {"digest", digest} + ] + ) do + if !Map.has_key?(params, :unreachable_since) || params[:unreachable_since], + do: Instances.set_reachable(inbox) + + result + else + {_post_result, response} -> + unless params[:unreachable_since], do: Instances.set_unreachable(inbox) + {:error, response} + end end # TODO: @@ -792,8 +996,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do if object = Object.get_cached_by_ap_id(id) do {:ok, object} else - Logger.info("Fetching #{id} via AP") - with {:ok, data} <- fetch_and_contain_remote_object_from_id(id), nil <- Object.normalize(data), params <- %{ @@ -805,7 +1007,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do }, :ok <- Transmogrifier.contain_origin(id, params), {:ok, activity} <- Transmogrifier.handle_incoming(params) do - {:ok, Object.normalize(activity.data["object"])} + {:ok, Object.normalize(activity)} else {:error, {:reject, nil}} -> {:reject, nil} @@ -817,7 +1019,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do Logger.info("Couldn't get object via AP, trying out OStatus fetching...") case OStatus.fetch_activity_from_url(id) do - {:ok, [activity | _]} -> {:ok, Object.normalize(activity.data["object"])} + {:ok, [activity | _]} -> {:ok, Object.normalize(activity)} e -> e end end @@ -825,7 +1027,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end def fetch_and_contain_remote_object_from_id(id) do - Logger.info("Fetching #{id} via AP") + Logger.info("Fetching object #{id} via AP") with true <- String.starts_with?(id, "http"), {:ok, %{body: body, status: code}} when code in 200..299 <- @@ -842,52 +1044,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end - def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false - def is_public?(%Object{data: data}), do: is_public?(data) - def is_public?(%Activity{data: data}), do: is_public?(data) - def is_public?(%{"directMessage" => true}), do: false - - def is_public?(data) do - "https://www.w3.org/ns/activitystreams#Public" in (data["to"] ++ (data["cc"] || [])) - end - - def is_private?(activity) do - !is_public?(activity) && Enum.any?(activity.data["to"], &String.contains?(&1, "/followers")) - end - - def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true - def is_direct?(%Object{data: %{"directMessage" => true}}), do: true - - def is_direct?(activity) do - !is_public?(activity) && !is_private?(activity) - end - - def visible_for_user?(activity, nil) do - is_public?(activity) - end - - def visible_for_user?(activity, user) do - x = [user.ap_id | user.following] - y = activity.data["to"] ++ (activity.data["cc"] || []) - visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) - end - - # guard - def entire_thread_visible_for_user?(nil, _user), do: false - - # child - def entire_thread_visible_for_user?( - %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, - user - ) - when is_binary(parent_id) do - parent = Activity.get_in_reply_to_activity(tail) - visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) - end - - # root - def entire_thread_visible_for_user?(tail, user), do: visible_for_user?(tail, user) - # filter out broken threads def contain_broken_threads(%Activity{} = activity, %User{} = user) do entire_thread_visible_for_user?(activity, user) diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index 7eed0a600..7091d6927 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -4,12 +4,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do use Pleroma.Web, :controller - alias Pleroma.{Activity, User, Object} - alias Pleroma.Web.ActivityPub.{ObjectView, UserView} + + alias Pleroma.Activity + alias Pleroma.Object + alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.ObjectView alias Pleroma.Web.ActivityPub.Relay - alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Web.ActivityPub.UserView + alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Federator require Logger @@ -17,6 +22,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do action_fallback(:errors) plug(Pleroma.Web.FederatingPlug when action in [:inbox, :relay]) + plug(:set_requester_reachable when action in [:inbox]) plug(:relay_active? when action in [:relay]) def relay_active?(conn, _) do @@ -44,7 +50,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do def object(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)} do + {_, true} <- {:public?, Visibility.is_public?(object)} do conn |> put_resp_header("content-type", "application/activity+json") |> json(ObjectView.render("object.json", %{object: object})) @@ -57,7 +63,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do def object_likes(conn, %{"uuid" => uuid, "page" => page}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)}, + {_, true} <- {:public?, Visibility.is_public?(object)}, likes <- Utils.get_object_likes(object) do {page, _} = Integer.parse(page) @@ -73,7 +79,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do def object_likes(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)}, + {_, true} <- {:public?, Visibility.is_public?(object)}, likes <- Utils.get_object_likes(object) do conn |> put_resp_header("content-type", "application/activity+json") @@ -87,7 +93,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do def activity(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :activity, uuid), %Activity{} = activity <- Activity.normalize(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(activity)} do + {_, true} <- {:public?, Visibility.is_public?(activity)} do conn |> put_resp_header("content-type", "application/activity+json") |> json(ObjectView.render("object.json", %{object: activity})) @@ -150,13 +156,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do with %User{} = user <- User.get_cached_by_nickname(nickname), true <- Utils.recipient_in_message(user.ap_id, params), params <- Utils.maybe_splice_recipient(user.ap_id, params) do - Federator.enqueue(:incoming_ap_doc, params) + Federator.incoming_ap_doc(params) json(conn, "ok") end end def inbox(%{assigns: %{valid_signature: true}} = conn, params) do - Federator.enqueue(:incoming_ap_doc, params) + Federator.incoming_ap_doc(params) json(conn, "ok") end @@ -196,6 +202,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end end + def whoami(%{assigns: %{user: %User{} = user}} = conn, _params) do + conn + |> put_resp_header("content-type", "application/activity+json") + |> json(UserView.render("user.json", %{user: user})) + end + + def whoami(_conn, _params), do: {:error, :not_found} + def read_inbox(%{assigns: %{user: user}} = conn, %{"nickname" => nickname} = params) do if nickname == user.nickname do conn @@ -289,4 +303,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do |> put_status(500) |> json("error") end + + defp set_requester_reachable(%Plug.Conn{} = conn, _) do + with actor <- conn.params["actor"], + true <- is_binary(actor) do + Pleroma.Instances.set_reachable(actor) + end + + conn + end end diff --git a/lib/pleroma/web/activity_pub/mrf.ex b/lib/pleroma/web/activity_pub/mrf.ex index eebea207c..1aaa20050 100644 --- a/lib/pleroma/web/activity_pub/mrf.ex +++ b/lib/pleroma/web/activity_pub/mrf.ex @@ -16,7 +16,7 @@ defmodule Pleroma.Web.ActivityPub.MRF do end) end - def get_policies() do + def get_policies do Application.get_env(:pleroma, :instance, []) |> Keyword.get(:rewrite_policy, []) |> get_policies() diff --git a/lib/pleroma/web/activity_pub/mrf/anti_followbot_policy.ex b/lib/pleroma/web/activity_pub/mrf/anti_followbot_policy.ex index 7c6ad582a..34665a3a6 100644 --- a/lib/pleroma/web/activity_pub/mrf/anti_followbot_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/anti_followbot_policy.ex @@ -23,15 +23,21 @@ defmodule Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicy do defp score_displayname(_), do: 0.0 defp determine_if_followbot(%User{nickname: nickname, name: displayname}) do + # nickname will always be a binary string because it's generated by Pleroma. nick_score = nickname |> String.downcase() |> score_nickname() + # displayname will either be a binary string or nil, if a displayname isn't set. name_score = - displayname - |> String.downcase() - |> score_displayname() + if is_binary(displayname) do + displayname + |> String.downcase() + |> score_displayname() + else + 0.0 + end nick_score + name_score end diff --git a/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex b/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex index a3f516ae7..6736f3cb9 100644 --- a/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex @@ -3,20 +3,86 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.ActivityPub.MRF.HellthreadPolicy do + alias Pleroma.User @behaviour Pleroma.Web.ActivityPub.MRF + defp delist_message(message, threshold) when threshold > 0 do + follower_collection = User.get_cached_by_ap_id(message["actor"]).follower_address + + follower_collection? = Enum.member?(message["to"] ++ message["cc"], follower_collection) + + message = + case get_recipient_count(message) do + {:public, recipients} + when follower_collection? and recipients > threshold -> + message + |> Map.put("to", [follower_collection]) + |> Map.put("cc", ["https://www.w3.org/ns/activitystreams#Public"]) + + {:public, recipients} when recipients > threshold -> + message + |> Map.put("to", []) + |> Map.put("cc", ["https://www.w3.org/ns/activitystreams#Public"]) + + _ -> + message + end + + {:ok, message} + end + + defp delist_message(message, _threshold), do: {:ok, message} + + defp reject_message(message, threshold) when threshold > 0 do + with {_, recipients} <- get_recipient_count(message) do + if recipients > threshold do + {:reject, nil} + else + {:ok, message} + end + end + end + + defp reject_message(message, _threshold), do: {:ok, message} + + defp get_recipient_count(message) do + recipients = (message["to"] || []) ++ (message["cc"] || []) + follower_collection = User.get_cached_by_ap_id(message["actor"]).follower_address + + if Enum.member?(recipients, "https://www.w3.org/ns/activitystreams#Public") do + recipients = + recipients + |> List.delete("https://www.w3.org/ns/activitystreams#Public") + |> List.delete(follower_collection) + + {:public, length(recipients)} + else + recipients = + recipients + |> List.delete(follower_collection) + + {:not_public, length(recipients)} + end + end + @impl true - def filter(%{"type" => "Create"} = object) do - threshold = Pleroma.Config.get([:mrf_hellthread, :threshold]) - recipients = (object["to"] || []) ++ (object["cc"] || []) + def filter(%{"type" => "Create"} = message) do + reject_threshold = + Pleroma.Config.get( + [:mrf_hellthread, :reject_threshold], + Pleroma.Config.get([:mrf_hellthread, :threshold]) + ) + + delist_threshold = Pleroma.Config.get([:mrf_hellthread, :delist_threshold]) - if length(recipients) > threshold do - {:reject, nil} + with {:ok, message} <- reject_message(message, reject_threshold), + {:ok, message} <- delist_message(message, delist_threshold) do + {:ok, message} else - {:ok, object} + _e -> {:reject, nil} end end @impl true - def filter(object), do: {:ok, object} + def filter(message), do: {:ok, message} end diff --git a/lib/pleroma/web/activity_pub/mrf/keyword_policy.ex b/lib/pleroma/web/activity_pub/mrf/keyword_policy.ex new file mode 100644 index 000000000..e8dfba672 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/keyword_policy.ex @@ -0,0 +1,95 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.KeywordPolicy do + @behaviour Pleroma.Web.ActivityPub.MRF + defp string_matches?(string, _) when not is_binary(string) do + false + end + + defp string_matches?(string, pattern) when is_binary(pattern) do + String.contains?(string, pattern) + end + + defp string_matches?(string, pattern) do + String.match?(string, pattern) + end + + defp check_reject(%{"object" => %{"content" => content, "summary" => summary}} = message) do + if Enum.any?(Pleroma.Config.get([:mrf_keyword, :reject]), fn pattern -> + string_matches?(content, pattern) or string_matches?(summary, pattern) + end) do + {:reject, nil} + else + {:ok, message} + end + end + + defp check_ftl_removal( + %{"to" => to, "object" => %{"content" => content, "summary" => summary}} = message + ) do + if "https://www.w3.org/ns/activitystreams#Public" in to and + Enum.any?(Pleroma.Config.get([:mrf_keyword, :federated_timeline_removal]), fn pattern -> + string_matches?(content, pattern) or string_matches?(summary, pattern) + end) do + to = List.delete(to, "https://www.w3.org/ns/activitystreams#Public") + cc = ["https://www.w3.org/ns/activitystreams#Public" | message["cc"] || []] + + message = + message + |> Map.put("to", to) + |> Map.put("cc", cc) + + {:ok, message} + else + {:ok, message} + end + end + + defp check_replace(%{"object" => %{"content" => content, "summary" => summary}} = message) do + content = + if is_binary(content) do + content + else + "" + end + + summary = + if is_binary(summary) do + summary + else + "" + end + + {content, summary} = + Enum.reduce( + Pleroma.Config.get([:mrf_keyword, :replace]), + {content, summary}, + fn {pattern, replacement}, {content_acc, summary_acc} -> + {String.replace(content_acc, pattern, replacement), + String.replace(summary_acc, pattern, replacement)} + end + ) + + {:ok, + message + |> put_in(["object", "content"], content) + |> put_in(["object", "summary"], summary)} + end + + @impl true + def filter(%{"type" => "Create", "object" => %{"content" => _content}} = message) do + with {:ok, message} <- check_reject(message), + {:ok, message} <- check_ftl_removal(message), + {:ok, message} <- check_replace(message) do + {:ok, message} + else + _e -> + {:reject, nil} + end + end + + @impl true + def filter(message), do: {:ok, message} +end diff --git a/lib/pleroma/web/activity_pub/mrf/tag_policy.ex b/lib/pleroma/web/activity_pub/mrf/tag_policy.ex new file mode 100644 index 000000000..b242e44e6 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/tag_policy.ex @@ -0,0 +1,139 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.TagPolicy do + alias Pleroma.User + @behaviour Pleroma.Web.ActivityPub.MRF + + defp get_tags(%User{tags: tags}) when is_list(tags), do: tags + defp get_tags(_), do: [] + + defp process_tag( + "mrf_tag:media-force-nsfw", + %{"type" => "Create", "object" => %{"attachment" => child_attachment} = object} = message + ) + when length(child_attachment) > 0 do + tags = (object["tag"] || []) ++ ["nsfw"] + + object = + object + |> Map.put("tags", tags) + |> Map.put("sensitive", true) + + message = Map.put(message, "object", object) + + {:ok, message} + end + + defp process_tag( + "mrf_tag:media-strip", + %{"type" => "Create", "object" => %{"attachment" => child_attachment} = object} = message + ) + when length(child_attachment) > 0 do + object = Map.delete(object, "attachment") + message = Map.put(message, "object", object) + + {:ok, message} + end + + defp process_tag( + "mrf_tag:force-unlisted", + %{"type" => "Create", "to" => to, "cc" => cc, "actor" => actor} = message + ) do + user = User.get_cached_by_ap_id(actor) + + if Enum.member?(to, "https://www.w3.org/ns/activitystreams#Public") do + to = + List.delete(to, "https://www.w3.org/ns/activitystreams#Public") ++ [user.follower_address] + + cc = + List.delete(cc, user.follower_address) ++ ["https://www.w3.org/ns/activitystreams#Public"] + + object = + message["object"] + |> Map.put("to", to) + |> Map.put("cc", cc) + + message = + message + |> Map.put("to", to) + |> Map.put("cc", cc) + |> Map.put("object", object) + + {:ok, message} + else + {:ok, message} + end + end + + defp process_tag( + "mrf_tag:sandbox", + %{"type" => "Create", "to" => to, "cc" => cc, "actor" => actor} = message + ) do + user = User.get_cached_by_ap_id(actor) + + if Enum.member?(to, "https://www.w3.org/ns/activitystreams#Public") or + Enum.member?(cc, "https://www.w3.org/ns/activitystreams#Public") do + to = + List.delete(to, "https://www.w3.org/ns/activitystreams#Public") ++ [user.follower_address] + + cc = List.delete(cc, "https://www.w3.org/ns/activitystreams#Public") + + object = + message["object"] + |> Map.put("to", to) + |> Map.put("cc", cc) + + message = + message + |> Map.put("to", to) + |> Map.put("cc", cc) + |> Map.put("object", object) + + {:ok, message} + else + {:ok, message} + end + end + + defp process_tag( + "mrf_tag:disable-remote-subscription", + %{"type" => "Follow", "actor" => actor} = message + ) do + user = User.get_cached_by_ap_id(actor) + + if user.local == true do + {:ok, message} + else + {:reject, nil} + end + end + + defp process_tag("mrf_tag:disable-any-subscription", %{"type" => "Follow"}), do: {:reject, nil} + + defp process_tag(_, message), do: {:ok, message} + + def filter_message(actor, message) do + User.get_cached_by_ap_id(actor) + |> get_tags() + |> Enum.reduce({:ok, message}, fn + tag, {:ok, message} -> + process_tag(tag, message) + + _, error -> + error + end) + end + + @impl true + def filter(%{"object" => target_actor, "type" => "Follow"} = message), + do: filter_message(target_actor, message) + + @impl true + def filter(%{"actor" => actor, "type" => "Create"} = message), + do: filter_message(actor, message) + + @impl true + def filter(message), do: {:ok, message} +end diff --git a/lib/pleroma/web/activity_pub/relay.ex b/lib/pleroma/web/activity_pub/relay.ex index c0a52e349..a7a20ca37 100644 --- a/lib/pleroma/web/activity_pub/relay.ex +++ b/lib/pleroma/web/activity_pub/relay.ex @@ -3,7 +3,9 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.ActivityPub.Relay do - alias Pleroma.{User, Object, Activity} + alias Pleroma.Activity + alias Pleroma.Object + alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub require Logger @@ -39,7 +41,7 @@ defmodule Pleroma.Web.ActivityPub.Relay do def publish(%Activity{data: %{"type" => "Create"}} = activity) do with %User{} = user <- get_actor(), - %Object{} = object <- Object.normalize(activity.data["object"]["id"]) do + %Object{} = object <- Object.normalize(activity) do ActivityPub.announce(user, object, nil, true, false) else e -> Logger.error("error: #{inspect(e)}") diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index c2ced51d8..49ea73204 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -6,12 +6,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do @moduledoc """ A module to handle coding from internal to wire ActivityPub and back. """ - alias Pleroma.User - alias Pleroma.Object alias Pleroma.Activity + alias Pleroma.Object alias Pleroma.Repo + alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.ActivityPub.Visibility import Ecto.Query @@ -82,14 +83,34 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do |> fix_content_map |> fix_likes |> fix_addressing + |> fix_summary + end + + def fix_summary(%{"summary" => nil} = object) do + object + |> Map.put("summary", "") + end + + def fix_summary(%{"summary" => _} = object) do + # summary is present, nothing to do + object + end + + def fix_summary(object) do + object + |> Map.put("summary", "") end def fix_addressing_list(map, field) do - if is_binary(map[field]) do - map - |> Map.put(field, [map[field]]) - else - map + cond do + is_binary(map[field]) -> + Map.put(map, field, [map[field]]) + + is_nil(map[field]) -> + Map.put(map, field, []) + + true -> + map end end @@ -127,13 +148,42 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do |> fix_explicit_addressing(explicit_mentions) end + # if as:Public is addressed, then make sure the followers collection is also addressed + # so that the activities will be delivered to local users. + def fix_implicit_addressing(%{"to" => to, "cc" => cc} = object, followers_collection) do + recipients = to ++ cc + + if followers_collection not in recipients do + cond do + "https://www.w3.org/ns/activitystreams#Public" in cc -> + to = to ++ [followers_collection] + Map.put(object, "to", to) + + "https://www.w3.org/ns/activitystreams#Public" in to -> + cc = cc ++ [followers_collection] + Map.put(object, "cc", cc) + + true -> + object + end + else + object + end + end + + def fix_implicit_addressing(object, _), do: object + def fix_addressing(object) do + %User{} = user = User.get_or_fetch_by_ap_id(object["actor"]) + followers_collection = User.ap_followers(user) + object |> fix_addressing_list("to") |> fix_addressing_list("cc") |> fix_addressing_list("bto") |> fix_addressing_list("bcc") |> fix_explicit_addressing + |> fix_implicit_addressing(followers_collection) end def fix_actor(%{"attributedTo" => actor} = object) do @@ -313,6 +363,8 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do |> Map.put("tag", combined) end + def fix_tag(%{"tag" => %{} = tag} = object), do: Map.put(object, "tag", [tag]) + def fix_tag(object), do: object # content map usually only has one language so this will do for now. @@ -352,6 +404,40 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do end end + # Flag objects are placed ahead of the ID check because Mastodon 2.8 and earlier send them + # with nil ID. + def handle_incoming(%{"type" => "Flag", "object" => objects, "actor" => actor} = data) do + with context <- data["context"] || Utils.generate_context_id(), + content <- data["content"] || "", + %User{} = actor <- User.get_cached_by_ap_id(actor), + + # Reduce the object list to find the reported user. + %User{} = account <- + Enum.reduce_while(objects, nil, fn ap_id, _ -> + with %User{} = user <- User.get_cached_by_ap_id(ap_id) do + {:halt, user} + else + _ -> {:cont, nil} + end + end), + + # Remove the reported user from the object list. + statuses <- Enum.filter(objects, fn ap_id -> ap_id != account.ap_id end) do + params = %{ + actor: actor, + context: context, + account: account, + statuses: statuses, + content: content, + additional: %{ + "cc" => [account.ap_id] + } + } + + ActivityPub.flag(params) + end + end + # disallow objects with bogus IDs def handle_incoming(%{"id" => nil}), do: :error def handle_incoming(%{"id" => ""}), do: :error @@ -404,7 +490,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do if not User.locked?(followed) do ActivityPub.accept(%{ to: [follower.ap_id], - actor: followed.ap_id, + actor: followed, object: data, local: true }) @@ -430,7 +516,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do ActivityPub.accept(%{ to: follow_activity.data["to"], type: "Accept", - actor: followed.ap_id, + actor: followed, object: follow_activity.data["id"], local: false }) do @@ -453,10 +539,10 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do {:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "reject"), %User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]), {:ok, activity} <- - ActivityPub.accept(%{ + ActivityPub.reject(%{ to: follow_activity.data["to"], - type: "Accept", - actor: followed.ap_id, + type: "Reject", + actor: followed, object: follow_activity.data["id"], local: false }) do @@ -487,7 +573,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do with actor <- get_actor(data), %User{} = actor <- User.get_or_fetch_by_ap_id(actor), {:ok, object} <- get_obj_helper(object_id) || fetch_obj_helper(object_id), - public <- ActivityPub.is_public?(data), + public <- Visibility.is_public?(data), {:ok, activity, _object} <- ActivityPub.announce(actor, object, id, false, public) do {:ok, activity} else @@ -647,10 +733,10 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do if object = Object.normalize(id), do: {:ok, object}, else: nil end - def set_reply_to_uri(%{"inReplyTo" => inReplyTo} = object) do - with false <- String.starts_with?(inReplyTo, "http"), - {:ok, %{data: replied_to_object}} <- get_obj_helper(inReplyTo) do - Map.put(object, "inReplyTo", replied_to_object["external_url"] || inReplyTo) + def set_reply_to_uri(%{"inReplyTo" => in_reply_to} = object) when is_binary(in_reply_to) do + with false <- String.starts_with?(in_reply_to, "http"), + {:ok, %{data: replied_to_object}} <- get_obj_helper(in_reply_to) do + Map.put(object, "inReplyTo", replied_to_object["external_url"] || in_reply_to) else _e -> object end @@ -733,6 +819,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do def prepare_outgoing(%{"type" => _type} = data) do data = data + |> strip_internal_fields |> maybe_fix_object_url |> Map.merge(Utils.make_json_ld_header()) @@ -763,12 +850,18 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do def add_hashtags(object) do tags = (object["tag"] || []) - |> Enum.map(fn tag -> - %{ - "href" => Pleroma.Web.Endpoint.url() <> "/tags/#{tag}", - "name" => "##{tag}", - "type" => "Hashtag" - } + |> Enum.map(fn + # Expand internal representation tags into AS2 tags. + tag when is_binary(tag) -> + %{ + "href" => Pleroma.Web.Endpoint.url() <> "/tags/#{tag}", + "name" => "##{tag}", + "type" => "Hashtag" + } + + # Do not process tags which are already AS2 tag objects. + tag when is_map(tag) -> + tag end) object @@ -820,10 +913,10 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do end def add_attributed_to(object) do - attributedTo = object["attributedTo"] || object["actor"] + attributed_to = object["attributedTo"] || object["actor"] object - |> Map.put("attributedTo", attributedTo) + |> Map.put("attributedTo", attributed_to) end def add_likes(%{"id" => id, "like_count" => likes} = object) do @@ -861,7 +954,8 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do "announcements", "announcement_count", "emoji", - "context_id" + "context_id", + "deleted_activity_id" ]) end @@ -876,8 +970,9 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do defp strip_internal_tags(object), do: object - defp user_upgrade_task(user) do - old_follower_address = User.ap_followers(user) + def perform(:user_upgrade, user) do + # we pass a fake user so that the followers collection is stripped away + old_follower_address = User.ap_followers(%User{nickname: user.nickname}) q = from( @@ -920,28 +1015,18 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do Repo.update_all(q, []) end - def upgrade_user_from_ap_id(ap_id, async \\ true) do + def upgrade_user_from_ap_id(ap_id) do with %User{local: false} = user <- User.get_by_ap_id(ap_id), - {:ok, data} <- ActivityPub.fetch_and_prepare_user_from_ap_id(ap_id) do - already_ap = User.ap_enabled?(user) - - {:ok, user} = - User.upgrade_changeset(user, data) - |> Repo.update() - - if !already_ap do - # This could potentially take a long time, do it in the background - if async do - Task.start(fn -> - user_upgrade_task(user) - end) - else - user_upgrade_task(user) - end + {:ok, data} <- ActivityPub.fetch_and_prepare_user_from_ap_id(ap_id), + already_ap <- User.ap_enabled?(user), + {:ok, user} <- user |> User.upgrade_changeset(data) |> User.update_and_set_cache() do + unless already_ap do + PleromaJobQueue.enqueue(:transmogrifier, __MODULE__, [:user_upgrade, user]) end {:ok, user} else + %User{} = user -> {:ok, user} e -> e end end diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index e40d05fcd..0b53f71c3 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -3,11 +3,20 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.ActivityPub.Utils do - alias Pleroma.{Repo, Web, Object, Activity, User, Notification} - alias Pleroma.Web.Router.Helpers + alias Ecto.Changeset + alias Ecto.UUID + alias Pleroma.Activity + alias Pleroma.Notification + alias Pleroma.Object + alias Pleroma.Repo + alias Pleroma.User + alias Pleroma.Web + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Endpoint - alias Ecto.{Changeset, UUID} + alias Pleroma.Web.Router.Helpers + import Ecto.Query + require Logger @supported_object_types ["Article", "Note", "Video", "Page"] @@ -90,7 +99,10 @@ defmodule Pleroma.Web.ActivityPub.Utils do %{ "@context" => [ "https://www.w3.org/ns/activitystreams", - "#{Web.base_url()}/schemas/litepub-0.1.jsonld" + "#{Web.base_url()}/schemas/litepub-0.1.jsonld", + %{ + "@language" => "und" + } ] } end @@ -156,7 +168,7 @@ defmodule Pleroma.Web.ActivityPub.Utils do _ -> 5 end - Pleroma.Web.Federator.enqueue(:publish, activity, priority) + Pleroma.Web.Federator.publish(activity, priority) :ok end @@ -166,18 +178,26 @@ defmodule Pleroma.Web.ActivityPub.Utils do Adds an id and a published data if they aren't there, also adds it to an included object """ - def lazy_put_activity_defaults(map) do - %{data: %{"id" => context}, id: context_id} = create_context(map["context"]) - + def lazy_put_activity_defaults(map, fake \\ false) do map = - map - |> Map.put_new_lazy("id", &generate_activity_id/0) - |> Map.put_new_lazy("published", &make_date/0) - |> Map.put_new("context", context) - |> Map.put_new("context_id", context_id) + unless fake do + %{data: %{"id" => context}, id: context_id} = create_context(map["context"]) + + map + |> Map.put_new_lazy("id", &generate_activity_id/0) + |> Map.put_new_lazy("published", &make_date/0) + |> Map.put_new("context", context) + |> Map.put_new("context_id", context_id) + else + map + |> Map.put_new("id", "pleroma:fakeid") + |> Map.put_new_lazy("published", &make_date/0) + |> Map.put_new("context", "pleroma:fakecontext") + |> Map.put_new("context_id", -1) + end if is_map(map["object"]) do - object = lazy_put_object_defaults(map["object"], map) + object = lazy_put_object_defaults(map["object"], map, fake) %{map | "object" => object} else map @@ -187,7 +207,18 @@ defmodule Pleroma.Web.ActivityPub.Utils do @doc """ Adds an id and published date if they aren't there. """ - def lazy_put_object_defaults(map, activity \\ %{}) do + def lazy_put_object_defaults(map, activity \\ %{}, fake) + + def lazy_put_object_defaults(map, activity, true = _fake) do + map + |> Map.put_new_lazy("published", &make_date/0) + |> Map.put_new("id", "pleroma:fake_object_id") + |> Map.put_new("context", activity["context"]) + |> Map.put_new("fake", true) + |> Map.put_new("context_id", activity["context_id"]) + end + + def lazy_put_object_defaults(map, activity, _fake) do map |> Map.put_new_lazy("id", &generate_object_id/0) |> Map.put_new_lazy("published", &make_date/0) @@ -200,12 +231,12 @@ defmodule Pleroma.Web.ActivityPub.Utils do """ def insert_full_object(%{"object" => %{"type" => type} = object_data}) when is_map(object_data) and type in @supported_object_types do - with {:ok, _} <- Object.create(object_data) do - :ok + with {:ok, object} <- Object.create(object_data) do + {:ok, object} end end - def insert_full_object(_), do: :ok + def insert_full_object(_), do: {:ok, nil} def update_object_in_activities(%{data: %{"id" => id}} = object) do # TODO @@ -266,13 +297,31 @@ defmodule Pleroma.Web.ActivityPub.Utils do Repo.all(query) end - def make_like_data(%User{ap_id: ap_id} = actor, %{data: %{"id" => id}} = object, activity_id) do + def make_like_data( + %User{ap_id: ap_id} = actor, + %{data: %{"actor" => object_actor_id, "id" => id}} = object, + activity_id + ) do + object_actor = User.get_cached_by_ap_id(object_actor_id) + + to = + if Visibility.is_public?(object) do + [actor.follower_address, object.data["actor"]] + else + [object.data["actor"]] + end + + cc = + (object.data["to"] ++ (object.data["cc"] || [])) + |> List.delete(actor.ap_id) + |> List.delete(object_actor.follower_address) + data = %{ "type" => "Like", "actor" => ap_id, "object" => id, - "to" => [actor.follower_address, object.data["actor"]], - "cc" => ["https://www.w3.org/ns/activitystreams#Public"], + "to" => to, + "cc" => cc, "context" => object.data["context"] } @@ -285,7 +334,7 @@ defmodule Pleroma.Web.ActivityPub.Utils do |> Map.put("#{property}_count", length(element)) |> Map.put("#{property}s", element), changeset <- Changeset.change(object, data: new_data), - {:ok, object} <- Repo.update(changeset), + {:ok, object} <- Object.update_and_set_cache(changeset), _ <- update_object_in_activities(object) do {:ok, object} end @@ -316,6 +365,25 @@ defmodule Pleroma.Web.ActivityPub.Utils do @doc """ Updates a follow activity's state (for locked accounts). """ + def update_follow_state( + %Activity{data: %{"actor" => actor, "object" => object, "state" => "pending"}} = activity, + state + ) do + try do + Ecto.Adapters.SQL.query!( + Repo, + "UPDATE activities SET data = jsonb_set(data, '{state}', $1) WHERE data->>'type' = 'Follow' AND data->>'actor' = $2 AND data->>'object' = $3 AND data->>'state' = 'pending'", + [state, actor, object] + ) + + activity = Activity.get_by_id(activity.id) + {:ok, activity} + rescue + e -> + {:error, e} + end + end + def update_follow_state(%Activity{} = activity, state) do with new_data <- activity.data @@ -358,13 +426,15 @@ defmodule Pleroma.Web.ActivityPub.Utils do activity.data ), where: activity.actor == ^follower_id, + # this is to use the index where: fragment( - "? @> ?", + "coalesce((?)->'object'->>'id', (?)->>'object') = ?", + activity.data, activity.data, - ^%{object: followed_id} + ^followed_id ), - order_by: [desc: :id], + order_by: [fragment("? desc nulls last", activity.id)], limit: 1 ) @@ -521,13 +591,15 @@ defmodule Pleroma.Web.ActivityPub.Utils do activity.data ), where: activity.actor == ^blocker_id, + # this is to use the index where: fragment( - "? @> ?", + "coalesce((?)->'object'->>'id', (?)->>'object') = ?", + activity.data, activity.data, - ^%{object: blocked_id} + ^blocked_id ), - order_by: [desc: :id], + order_by: [fragment("? desc nulls last", activity.id)], limit: 1 ) @@ -571,4 +643,65 @@ defmodule Pleroma.Web.ActivityPub.Utils do } |> Map.merge(additional) end + + #### Flag-related helpers + + def make_flag_data(params, additional) do + status_ap_ids = + Enum.map(params.statuses || [], fn + %Activity{} = act -> act.data["id"] + act when is_map(act) -> act["id"] + act when is_binary(act) -> act + end) + + object = [params.account.ap_id] ++ status_ap_ids + + %{ + "type" => "Flag", + "actor" => params.actor.ap_id, + "content" => params.content, + "object" => object, + "context" => params.context + } + |> Map.merge(additional) + end + + @doc """ + Fetches the OrderedCollection/OrderedCollectionPage from `from`, limiting the amount of pages fetched after + the first one to `pages_left` pages. + If the amount of pages is higher than the collection has, it returns whatever was there. + """ + def fetch_ordered_collection(from, pages_left, acc \\ []) do + with {:ok, response} <- Tesla.get(from), + {:ok, collection} <- Poison.decode(response.body) do + case collection["type"] do + "OrderedCollection" -> + # If we've encountered the OrderedCollection and not the page, + # just call the same function on the page address + fetch_ordered_collection(collection["first"], pages_left) + + "OrderedCollectionPage" -> + if pages_left > 0 do + # There are still more pages + if Map.has_key?(collection, "next") do + # There are still more pages, go deeper saving what we have into the accumulator + fetch_ordered_collection( + collection["next"], + pages_left - 1, + acc ++ collection["orderedItems"] + ) + else + # No more pages left, just return whatever we already have + acc ++ collection["orderedItems"] + end + else + # Got the amount of pages needed, add them all to the accumulator + acc ++ collection["orderedItems"] + end + + _ -> + {:error, "Not an OrderedCollection or OrderedCollectionPage"} + end + end + end end diff --git a/lib/pleroma/web/activity_pub/views/object_view.ex b/lib/pleroma/web/activity_pub/views/object_view.ex index 394d82fbc..6028b773c 100644 --- a/lib/pleroma/web/activity_pub/views/object_view.ex +++ b/lib/pleroma/web/activity_pub/views/object_view.ex @@ -4,7 +4,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectView do use Pleroma.Web, :view - alias Pleroma.{Object, Activity} + alias Pleroma.Activity + alias Pleroma.Object alias Pleroma.Web.ActivityPub.Transmogrifier def render("object.json", %{object: %Object{} = object}) do @@ -16,7 +17,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectView do def render("object.json", %{object: %Activity{data: %{"type" => "Create"}} = activity}) do base = Pleroma.Web.ActivityPub.Utils.make_json_ld_header() - object = Object.normalize(activity.data["object"]) + object = Object.normalize(activity) additional = Transmogrifier.prepare_object(activity.data) @@ -27,7 +28,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectView do def render("object.json", %{object: %Activity{} = activity}) do base = Pleroma.Web.ActivityPub.Utils.make_json_ld_header() - object = Object.normalize(activity.data["object"]) + object = Object.normalize(activity) additional = Transmogrifier.prepare_object(activity.data) diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex index dcf681b6d..5926a3294 100644 --- a/lib/pleroma/web/activity_pub/views/user_view.ex +++ b/lib/pleroma/web/activity_pub/views/user_view.ex @@ -4,15 +4,34 @@ defmodule Pleroma.Web.ActivityPub.UserView do use Pleroma.Web, :view - alias Pleroma.Web.Salmon - alias Pleroma.Web.WebFinger - alias Pleroma.User + alias Pleroma.Repo + alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.Endpoint + alias Pleroma.Web.Router.Helpers + alias Pleroma.Web.Salmon + alias Pleroma.Web.WebFinger + import Ecto.Query + def render("endpoints.json", %{user: %User{nickname: nil, local: true} = _user}) do + %{"sharedInbox" => Helpers.activity_pub_url(Endpoint, :inbox)} + end + + def render("endpoints.json", %{user: %User{local: true} = _user}) do + %{ + "oauthAuthorizationEndpoint" => Helpers.o_auth_url(Endpoint, :authorize), + "oauthRegistrationEndpoint" => Helpers.mastodon_api_url(Endpoint, :create_app), + "oauthTokenEndpoint" => Helpers.o_auth_url(Endpoint, :token_exchange), + "sharedInbox" => Helpers.activity_pub_url(Endpoint, :inbox) + } + end + + def render("endpoints.json", _), do: %{} + # the instance itself is not a Person, but instead an Application def render("user.json", %{user: %{nickname: nil} = user}) do {:ok, user} = WebFinger.ensure_keys_present(user) @@ -20,6 +39,8 @@ defmodule Pleroma.Web.ActivityPub.UserView do public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key) public_key = :public_key.pem_encode([public_key]) + endpoints = render("endpoints.json", %{user: user}) + %{ "id" => user.ap_id, "type" => "Application", @@ -35,9 +56,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do "owner" => user.ap_id, "publicKeyPem" => public_key }, - "endpoints" => %{ - "sharedInbox" => "#{Pleroma.Web.Endpoint.url()}/inbox" - } + "endpoints" => endpoints } |> Map.merge(Utils.make_json_ld_header()) end @@ -48,6 +67,8 @@ defmodule Pleroma.Web.ActivityPub.UserView do public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key) public_key = :public_key.pem_encode([public_key]) + endpoints = render("endpoints.json", %{user: user}) + %{ "id" => user.ap_id, "type" => "Person", @@ -65,19 +86,11 @@ defmodule Pleroma.Web.ActivityPub.UserView do "owner" => user.ap_id, "publicKeyPem" => public_key }, - "endpoints" => %{ - "sharedInbox" => "#{Pleroma.Web.Endpoint.url()}/inbox" - }, - "icon" => %{ - "type" => "Image", - "url" => User.avatar_url(user) - }, - "image" => %{ - "type" => "Image", - "url" => User.banner_url(user) - }, + "endpoints" => endpoints, "tag" => user.info.source_data["tag"] || [] } + |> Map.merge(maybe_make_image(&User.avatar_url/2, "icon", user)) + |> Map.merge(maybe_make_image(&User.banner_url/2, "image", user)) |> Map.merge(Utils.make_json_ld_header()) end @@ -86,7 +99,14 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) following = Repo.all(query) - collection(following, "#{user.ap_id}/following", page, !user.info.hide_network) + total = + if !user.info.hide_follows do + length(following) + else + 0 + end + + collection(following, "#{user.ap_id}/following", page, !user.info.hide_follows, total) |> Map.merge(Utils.make_json_ld_header()) end @@ -95,11 +115,18 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) following = Repo.all(query) + total = + if !user.info.hide_follows do + length(following) + else + 0 + end + %{ "id" => "#{user.ap_id}/following", "type" => "OrderedCollection", - "totalItems" => length(following), - "first" => collection(following, "#{user.ap_id}/following", 1, !user.info.hide_network) + "totalItems" => total, + "first" => collection(following, "#{user.ap_id}/following", 1, !user.info.hide_follows) } |> Map.merge(Utils.make_json_ld_header()) end @@ -109,7 +136,14 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) followers = Repo.all(query) - collection(followers, "#{user.ap_id}/followers", page, !user.info.hide_network) + total = + if !user.info.hide_followers do + length(followers) + else + 0 + end + + collection(followers, "#{user.ap_id}/followers", page, !user.info.hide_followers, total) |> Map.merge(Utils.make_json_ld_header()) end @@ -118,19 +152,24 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) followers = Repo.all(query) + total = + if !user.info.hide_followers do + length(followers) + else + 0 + end + %{ "id" => "#{user.ap_id}/followers", "type" => "OrderedCollection", - "totalItems" => length(followers), - "first" => collection(followers, "#{user.ap_id}/followers", 1, !user.info.hide_network) + "totalItems" => total, + "first" => + collection(followers, "#{user.ap_id}/followers", 1, !user.info.hide_followers, total) } |> Map.merge(Utils.make_json_ld_header()) end def render("outbox.json", %{user: user, max_id: max_qid}) do - # XXX: technically note_count is wrong for this, but it's better than nothing - info = User.user_info(user) - params = %{ "limit" => "10" } @@ -143,14 +182,24 @@ defmodule Pleroma.Web.ActivityPub.UserView do end activities = ActivityPub.fetch_user_activities(user, nil, params) - min_id = Enum.at(Enum.reverse(activities), 0).id - max_id = Enum.at(activities, 0).id - collection = - Enum.map(activities, fn act -> - {:ok, data} = Transmogrifier.prepare_outgoing(act.data) - data - end) + {max_id, min_id, collection} = + if length(activities) > 0 do + { + Enum.at(Enum.reverse(activities), 0).id, + Enum.at(activities, 0).id, + Enum.map(activities, fn act -> + {:ok, data} = Transmogrifier.prepare_outgoing(act.data) + data + end) + } + else + { + 0, + 0, + [] + } + end iri = "#{user.ap_id}/outbox" @@ -158,7 +207,6 @@ defmodule Pleroma.Web.ActivityPub.UserView do "id" => "#{iri}?max_id=#{max_id}", "type" => "OrderedCollectionPage", "partOf" => iri, - "totalItems" => info.note_count, "orderedItems" => collection, "next" => "#{iri}?max_id=#{min_id}" } @@ -167,7 +215,6 @@ defmodule Pleroma.Web.ActivityPub.UserView do %{ "id" => iri, "type" => "OrderedCollection", - "totalItems" => info.note_count, "first" => page } |> Map.merge(Utils.make_json_ld_header()) @@ -205,7 +252,6 @@ defmodule Pleroma.Web.ActivityPub.UserView do "id" => "#{iri}?max_id=#{max_id}", "type" => "OrderedCollectionPage", "partOf" => iri, - "totalItems" => -1, "orderedItems" => collection, "next" => "#{iri}?max_id=#{min_id}" } @@ -214,7 +260,6 @@ defmodule Pleroma.Web.ActivityPub.UserView do %{ "id" => iri, "type" => "OrderedCollection", - "totalItems" => -1, "first" => page } |> Map.merge(Utils.make_json_ld_header()) @@ -239,6 +284,21 @@ defmodule Pleroma.Web.ActivityPub.UserView do if offset < total do Map.put(map, "next", "#{iri}?page=#{page + 1}") + else + map + end + end + + defp maybe_make_image(func, key, user) do + if image = func.(user, no_default: true) do + %{ + key => %{ + "type" => "Image", + "url" => image + } + } + else + %{} end end end diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex new file mode 100644 index 000000000..db52fe933 --- /dev/null +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -0,0 +1,56 @@ +defmodule Pleroma.Web.ActivityPub.Visibility do + alias Pleroma.Activity + alias Pleroma.Object + alias Pleroma.User + + def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false + def is_public?(%Object{data: data}), do: is_public?(data) + def is_public?(%Activity{data: data}), do: is_public?(data) + def is_public?(%{"directMessage" => true}), do: false + + def is_public?(data) do + "https://www.w3.org/ns/activitystreams#Public" in (data["to"] ++ (data["cc"] || [])) + end + + def is_private?(activity) do + unless is_public?(activity) do + follower_address = User.get_cached_by_ap_id(activity.data["actor"]).follower_address + Enum.any?(activity.data["to"], &(&1 == follower_address)) + else + false + end + end + + def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true + def is_direct?(%Object{data: %{"directMessage" => true}}), do: true + + def is_direct?(activity) do + !is_public?(activity) && !is_private?(activity) + end + + def visible_for_user?(activity, nil) do + is_public?(activity) + end + + def visible_for_user?(activity, user) do + x = [user.ap_id | user.following] + y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || []) + visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) + end + + # guard + def entire_thread_visible_for_user?(nil, _user), do: false + + # child + def entire_thread_visible_for_user?( + %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, + user + ) + when is_binary(parent_id) do + parent = Activity.get_in_reply_to_activity(tail) + visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) + end + + # root + def entire_thread_visible_for_user?(tail, user), do: visible_for_user?(tail, user) +end |