featured_address valition in AddRemoveValidator

This commit is contained in:
Alexander Strizhakov 2021-03-03 15:41:05 +03:00
parent ff612750b1
commit d1d2744ee3
No known key found for this signature in database
GPG Key ID: 022896A53AEF1381
7 changed files with 55 additions and 13 deletions

View File

@ -238,7 +238,7 @@ def validate(%{"type" => "Announce"} = object, meta) do
def validate(%{"type" => type} = object, meta) when type in ~w(Add Remove) do def validate(%{"type" => type} = object, meta) when type in ~w(Add Remove) do
with {:ok, object} <- with {:ok, object} <-
object object
|> AddRemoveValidator.cast_and_validate() |> AddRemoveValidator.cast_and_validate(meta)
|> Ecto.Changeset.apply_action(:insert) do |> Ecto.Changeset.apply_action(:insert) do
object = stringify_keys(object) object = stringify_keys(object)
{:ok, object, meta} {:ok, object, meta}

View File

@ -22,28 +22,28 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AddRemoveValidator do
field(:cc, ObjectValidators.Recipients, default: []) field(:cc, ObjectValidators.Recipients, default: [])
end end
def cast_and_validate(data) do def cast_and_validate(data, meta) do
data data
|> cast_data() |> cast_data()
|> validate_data() |> validate_data(meta)
end end
defp cast_data(data) do defp cast_data(data) do
cast(%__MODULE__{}, data, __schema__(:fields)) cast(%__MODULE__{}, data, __schema__(:fields))
end end
defp validate_data(changeset) do defp validate_data(changeset, meta) do
changeset changeset
|> validate_required([:id, :target, :object, :actor, :type, :to, :cc]) |> validate_required([:id, :target, :object, :actor, :type, :to, :cc])
|> validate_inclusion(:type, ~w(Add Remove)) |> validate_inclusion(:type, ~w(Add Remove))
|> validate_actor_presence() |> validate_actor_presence()
|> validate_collection_belongs_to_actor() |> validate_collection_belongs_to_actor(meta)
|> validate_object_presence() |> validate_object_presence()
end end
defp validate_collection_belongs_to_actor(changeset) do defp validate_collection_belongs_to_actor(changeset, meta) do
validate_change(changeset, :target, fn :target, target -> validate_change(changeset, :target, fn :target, target ->
if String.starts_with?(target, changeset.changes[:actor]) do if target == meta[:featured_address] do
[] []
else else
[target: "collection doesn't belong to actor"] [target: "collection doesn't belong to actor"]

View File

@ -557,7 +557,7 @@ def handle_incoming(
end end
def handle_incoming(%{"type" => type} = data, _options) when type in ~w(Add Remove) do def handle_incoming(%{"type" => type} = data, _options) when type in ~w(Add Remove) do
with {:ok, user} <- ObjectValidator.fetch_actor(data), with {:ok, %User{} = user} <- ObjectValidator.fetch_actor(data),
%Object{} <- Object.normalize(data["object"], fetch: true) do %Object{} <- Object.normalize(data["object"], fetch: true) do
# Mastodon sends pin/unpin objects without id, to, cc fields # Mastodon sends pin/unpin objects without id, to, cc fields
data = data =
@ -566,7 +566,10 @@ def handle_incoming(%{"type" => type} = data, _options) when type in ~w(Add Remo
|> Map.put_new("to", [Pleroma.Constants.as_public()]) |> Map.put_new("to", [Pleroma.Constants.as_public()])
|> Map.put_new("cc", [user.follower_address]) |> Map.put_new("cc", [user.follower_address])
case Pipeline.common_pipeline(data, local: false) do case Pipeline.common_pipeline(data,
local: false,
featured_address: user.featured_address
) do
{:ok, activity, _meta} -> {:ok, activity} {:ok, activity, _meta} -> {:ok, activity}
error -> error error -> error
end end

View File

@ -412,14 +412,18 @@ def post(user, %{status: _} = data) do
end end
@spec pin(String.t(), User.t()) :: {:ok, Activity.t()} | {:error, term()} @spec pin(String.t(), User.t()) :: {:ok, Activity.t()} | {:error, term()}
def pin(id, %User{ap_id: actor} = user) do def pin(id, %User{} = user) do
with %Activity{} = activity <- create_activity_by_id(id), with %Activity{} = activity <- create_activity_by_id(id),
true <- activity_belongs_to_actor(activity, actor), true <- activity_belongs_to_actor(activity, user.ap_id),
true <- object_type_is_allowed_for_pin(activity.object), true <- object_type_is_allowed_for_pin(activity.object),
true <- activity_is_public(activity), true <- activity_is_public(activity),
{:ok, pin_data, _} <- Builder.pin(user, activity.object), {:ok, pin_data, _} <- Builder.pin(user, activity.object),
{:ok, _pin, _} <- {:ok, _pin, _} <-
Pipeline.common_pipeline(pin_data, local: true, activity_id: id) do Pipeline.common_pipeline(pin_data,
local: true,
activity_id: id,
featured_address: user.featured_address
) do
{:ok, activity} {:ok, activity}
else else
{:error, {:execute_side_effects, error}} -> error {:error, {:execute_side_effects, error}} -> error
@ -456,7 +460,8 @@ def unpin(id, user) do
Pipeline.common_pipeline(unpin_data, Pipeline.common_pipeline(unpin_data,
local: true, local: true,
activity_id: activity.id, activity_id: activity.id,
expires_at: activity.data["expires_at"] expires_at: activity.data["expires_at"],
featured_address: user.featured_address
) do ) do
{:ok, activity} {:ok, activity}
end end

View File

@ -34,6 +34,7 @@
"owner": "https://example.com/users/{{nickname}}", "owner": "https://example.com/users/{{nickname}}",
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DLtwGXNZElJyxFGfcVc\nXANhaMadj/iYYQwZjOJTV9QsbtiNBeIK54PJrYuU0/0YIdrvS1iqheX5IwXRhcwa\nhm3ZyLz7XeN9st7FBni4BmZMBtMpxAuYuu5p/jbWy13qAiYOhPreCx0wrWgm/lBD\n9mkgaxIxPooBE0S4ZWEJIDIV1Vft3AWcRUyWW1vIBK0uZzs6GYshbQZB952S0yo4\nFzI1hABGHncH8UvuFauh4EZ8tY7/X5I0pGRnDOcRN1dAht5w5yTA+6r5kebiFQjP\nIzN/eCO/a9Flrj9YGW7HDNtjSOH0A31PLRGlJtJO3yK57dnf5ppyCZGfL4emShQo\ncQIDAQAB\n-----END PUBLIC KEY-----\n\n" "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DLtwGXNZElJyxFGfcVc\nXANhaMadj/iYYQwZjOJTV9QsbtiNBeIK54PJrYuU0/0YIdrvS1iqheX5IwXRhcwa\nhm3ZyLz7XeN9st7FBni4BmZMBtMpxAuYuu5p/jbWy13qAiYOhPreCx0wrWgm/lBD\n9mkgaxIxPooBE0S4ZWEJIDIV1Vft3AWcRUyWW1vIBK0uZzs6GYshbQZB952S0yo4\nFzI1hABGHncH8UvuFauh4EZ8tY7/X5I0pGRnDOcRN1dAht5w5yTA+6r5kebiFQjP\nIzN/eCO/a9Flrj9YGW7HDNtjSOH0A31PLRGlJtJO3yK57dnf5ppyCZGfL4emShQo\ncQIDAQAB\n-----END PUBLIC KEY-----\n\n"
}, },
"featured": "https://example.com/users/{{nickname}}/collections/featured",
"summary": "your friendly neighborhood pleroma developer<br>I like cute things and distributed systems, and really hate delete and redrafts", "summary": "your friendly neighborhood pleroma developer<br>I like cute things and distributed systems, and really hate delete and redrafts",
"tag": [], "tag": [],
"type": "Person", "type": "Person",

View File

@ -673,6 +673,17 @@ test "accepts Add/Remove activities", %{conn: conn} do
body: user, body: user,
headers: [{"content-type", "application/activity+json"}] headers: [{"content-type", "application/activity+json"}]
} }
%{method: :get, url: "https://example.com/users/lain/collections/featured"} ->
%Tesla.Env{
status: 200,
body:
"test/fixtures/users_mock/masto_featured.json"
|> File.read!()
|> String.replace("{{domain}}", "example.com")
|> String.replace("{{nickname}}", "lain"),
headers: [{"content-type", "application/activity+json"}]
}
end) end)
data = %{ data = %{
@ -753,6 +764,17 @@ test "mastodon pin/unpin", %{conn: conn} do
body: user, body: user,
headers: [{"content-type", "application/activity+json"}] headers: [{"content-type", "application/activity+json"}]
} }
%{method: :get, url: "https://example.com/users/lain/collections/featured"} ->
%Tesla.Env{
status: 200,
body:
"test/fixtures/users_mock/masto_featured.json"
|> File.read!()
|> String.replace("{{domain}}", "example.com")
|> String.replace("{{nickname}}", "lain"),
headers: [{"content-type", "application/activity+json"}]
}
end) end)
data = %{ data = %{

View File

@ -147,6 +147,17 @@ test "it accepts Add/Remove activities" do
body: object, body: object,
headers: [{"content-type", "application/activity+json"}] headers: [{"content-type", "application/activity+json"}]
} }
%{method: :get, url: "https://example.com/users/lain/collections/featured"} ->
%Tesla.Env{
status: 200,
body:
"test/fixtures/users_mock/masto_featured.json"
|> File.read!()
|> String.replace("{{domain}}", "example.com")
|> String.replace("{{nickname}}", "lain"),
headers: [{"content-type", "application/activity+json"}]
}
end) end)
message = %{ message = %{