Blocks: always see your own posts
This commit is contained in:
parent
1aabc0672e
commit
d2364276a1
|
@ -791,10 +791,10 @@ defp restrict_replies(query, %{
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"""
|
"""
|
||||||
?->>'type' != 'Create' -- This isn't a Create
|
?->>'type' != 'Create' -- This isn't a Create
|
||||||
OR ?->>'inReplyTo' is null -- this isn't a reply
|
OR ?->>'inReplyTo' is null -- this isn't a reply
|
||||||
OR ? && array_remove(?, ?) -- The recipient is us or one of our friends,
|
OR ? && array_remove(?, ?) -- The recipient is us or one of our friends,
|
||||||
-- unless they are the author (because authors
|
-- unless they are the author (because authors
|
||||||
-- are also part of the recipients). This leads
|
-- are also part of the recipients). This leads
|
||||||
-- to a bug that self-replies by friends won't
|
-- to a bug that self-replies by friends won't
|
||||||
-- show up.
|
-- show up.
|
||||||
|
@ -850,7 +850,10 @@ defp restrict_blocked(query, %{blocking_user: %User{} = user} = opts) do
|
||||||
|
|
||||||
from(
|
from(
|
||||||
[activity, object: o] in query,
|
[activity, object: o] in query,
|
||||||
|
# You don't block the author
|
||||||
where: fragment("not (? = ANY(?))", activity.actor, ^blocked_ap_ids),
|
where: fragment("not (? = ANY(?))", activity.actor, ^blocked_ap_ids),
|
||||||
|
|
||||||
|
# You don't block any recipients, and didn't author the post
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"((not (? && ?)) or ? = ?)",
|
"((not (? && ?)) or ? = ?)",
|
||||||
|
@ -859,12 +862,18 @@ defp restrict_blocked(query, %{blocking_user: %User{} = user} = opts) do
|
||||||
activity.actor,
|
activity.actor,
|
||||||
^user.ap_id
|
^user.ap_id
|
||||||
),
|
),
|
||||||
|
|
||||||
|
# You don't block the domain of any recipients, and didn't author the post
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"recipients_contain_blocked_domains(?, ?) = false",
|
"(recipients_contain_blocked_domains(?, ?) = false) or ? = ?",
|
||||||
activity.recipients,
|
activity.recipients,
|
||||||
^domain_blocks
|
^domain_blocks,
|
||||||
|
activity.actor,
|
||||||
|
^user.ap_id
|
||||||
),
|
),
|
||||||
|
|
||||||
|
# It's not a boost of a user you block
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"not (?->>'type' = 'Announce' and ?->'to' \\?| ?)",
|
"not (?->>'type' = 'Announce' and ?->'to' \\?| ?)",
|
||||||
|
@ -872,6 +881,8 @@ defp restrict_blocked(query, %{blocking_user: %User{} = user} = opts) do
|
||||||
activity.data,
|
activity.data,
|
||||||
^blocked_ap_ids
|
^blocked_ap_ids
|
||||||
),
|
),
|
||||||
|
|
||||||
|
# You don't block the author's domain, and also don't follow the author
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"(not (split_part(?, '/', 3) = ANY(?))) or ? = ANY(?)",
|
"(not (split_part(?, '/', 3) = ANY(?))) or ? = ANY(?)",
|
||||||
|
@ -880,6 +891,8 @@ defp restrict_blocked(query, %{blocking_user: %User{} = user} = opts) do
|
||||||
activity.actor,
|
activity.actor,
|
||||||
^following_ap_ids
|
^following_ap_ids
|
||||||
),
|
),
|
||||||
|
|
||||||
|
# Same as above, but checks the Object
|
||||||
where:
|
where:
|
||||||
fragment(
|
fragment(
|
||||||
"(not (split_part(?->>'actor', '/', 3) = ANY(?))) or (?->>'actor') = ANY(?)",
|
"(not (split_part(?->>'actor', '/', 3) = ANY(?))) or (?->>'actor') = ANY(?)",
|
||||||
|
|
|
@ -622,6 +622,18 @@ test "doesn't return blocked activities" do
|
||||||
assert Enum.member?(activities, activity_one)
|
assert Enum.member?(activities, activity_one)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "always see your own posts even when they address people you block" do
|
||||||
|
user = insert(:user)
|
||||||
|
blockee = insert(:user)
|
||||||
|
|
||||||
|
{:ok, _} = User.block(user, blockee)
|
||||||
|
{:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{blockee.nickname}"})
|
||||||
|
|
||||||
|
activities = ActivityPub.fetch_activities([], %{blocking_user: user})
|
||||||
|
|
||||||
|
assert Enum.member?(activities, activity)
|
||||||
|
end
|
||||||
|
|
||||||
test "doesn't return transitive interactions concerning blocked users" do
|
test "doesn't return transitive interactions concerning blocked users" do
|
||||||
blocker = insert(:user)
|
blocker = insert(:user)
|
||||||
blockee = insert(:user)
|
blockee = insert(:user)
|
||||||
|
@ -721,6 +733,21 @@ test "doesn't return activities from blocked domains" do
|
||||||
refute repeat_activity in activities
|
refute repeat_activity in activities
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "see your own posts even when they adress actors from blocked domains" do
|
||||||
|
user = insert(:user)
|
||||||
|
|
||||||
|
domain = "dogwhistle.zone"
|
||||||
|
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
|
||||||
|
|
||||||
|
{:ok, user} = User.block_domain(user, domain)
|
||||||
|
|
||||||
|
{:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{domain_user.nickname}"})
|
||||||
|
|
||||||
|
activities = ActivityPub.fetch_activities([], %{blocking_user: user})
|
||||||
|
|
||||||
|
assert Enum.member?(activities, activity)
|
||||||
|
end
|
||||||
|
|
||||||
test "does return activities from followed users on blocked domains" do
|
test "does return activities from followed users on blocked domains" do
|
||||||
domain = "meanies.social"
|
domain = "meanies.social"
|
||||||
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
|
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
|
||||||
|
|
Loading…
Reference in New Issue