ensure local statuses are not visible remotely
This commit is contained in:
parent
34e11cef47
commit
3928cecf6b
|
@ -84,8 +84,13 @@ def visible_for_user?(%{__struct__: module} = message, user)
|
||||||
when module in [Activity, Object] do
|
when module in [Activity, Object] do
|
||||||
x = [user.ap_id | User.following(user)]
|
x = [user.ap_id | User.following(user)]
|
||||||
y = [message.data["actor"]] ++ message.data["to"] ++ (message.data["cc"] || [])
|
y = [message.data["actor"]] ++ message.data["to"] ++ (message.data["cc"] || [])
|
||||||
|
|
||||||
|
if is_local_public?(message) do
|
||||||
|
user.local
|
||||||
|
else
|
||||||
is_public?(message) || Enum.any?(x, &(&1 in y))
|
is_public?(message) || Enum.any?(x, &(&1 in y))
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do
|
def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do
|
||||||
{:ok, %{rows: [[result]]}} =
|
{:ok, %{rows: [[result]]}} =
|
||||||
|
|
|
@ -16,6 +16,7 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
||||||
mentioned = insert(:user)
|
mentioned = insert(:user)
|
||||||
following = insert(:user)
|
following = insert(:user)
|
||||||
unrelated = insert(:user)
|
unrelated = insert(:user)
|
||||||
|
remote = insert(:user, local: false)
|
||||||
{:ok, following, user} = Pleroma.User.follow(following, user)
|
{:ok, following, user} = Pleroma.User.follow(following, user)
|
||||||
{:ok, list} = Pleroma.List.create("foo", user)
|
{:ok, list} = Pleroma.List.create("foo", user)
|
||||||
|
|
||||||
|
@ -33,6 +34,9 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
||||||
{:ok, unlisted} =
|
{:ok, unlisted} =
|
||||||
CommonAPI.post(user, %{status: "@#{mentioned.nickname}", visibility: "unlisted"})
|
CommonAPI.post(user, %{status: "@#{mentioned.nickname}", visibility: "unlisted"})
|
||||||
|
|
||||||
|
{:ok, local} =
|
||||||
|
CommonAPI.post(user, %{status: "@#{mentioned.nickname}", visibility: "local"})
|
||||||
|
|
||||||
{:ok, list} =
|
{:ok, list} =
|
||||||
CommonAPI.post(user, %{
|
CommonAPI.post(user, %{
|
||||||
status: "@#{mentioned.nickname}",
|
status: "@#{mentioned.nickname}",
|
||||||
|
@ -48,7 +52,9 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
|
||||||
mentioned: mentioned,
|
mentioned: mentioned,
|
||||||
following: following,
|
following: following,
|
||||||
unrelated: unrelated,
|
unrelated: unrelated,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local,
|
||||||
|
remote: remote
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -57,13 +63,15 @@ test "is_direct?", %{
|
||||||
private: private,
|
private: private,
|
||||||
direct: direct,
|
direct: direct,
|
||||||
unlisted: unlisted,
|
unlisted: unlisted,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local
|
||||||
} do
|
} do
|
||||||
assert Visibility.is_direct?(direct)
|
assert Visibility.is_direct?(direct)
|
||||||
refute Visibility.is_direct?(public)
|
refute Visibility.is_direct?(public)
|
||||||
refute Visibility.is_direct?(private)
|
refute Visibility.is_direct?(private)
|
||||||
refute Visibility.is_direct?(unlisted)
|
refute Visibility.is_direct?(unlisted)
|
||||||
assert Visibility.is_direct?(list)
|
assert Visibility.is_direct?(list)
|
||||||
|
refute Visibility.is_direct?(local)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "is_public?", %{
|
test "is_public?", %{
|
||||||
|
@ -71,12 +79,14 @@ test "is_public?", %{
|
||||||
private: private,
|
private: private,
|
||||||
direct: direct,
|
direct: direct,
|
||||||
unlisted: unlisted,
|
unlisted: unlisted,
|
||||||
|
local: local,
|
||||||
list: list
|
list: list
|
||||||
} do
|
} do
|
||||||
refute Visibility.is_public?(direct)
|
refute Visibility.is_public?(direct)
|
||||||
assert Visibility.is_public?(public)
|
assert Visibility.is_public?(public)
|
||||||
refute Visibility.is_public?(private)
|
refute Visibility.is_public?(private)
|
||||||
assert Visibility.is_public?(unlisted)
|
assert Visibility.is_public?(unlisted)
|
||||||
|
assert Visibility.is_public?(local)
|
||||||
refute Visibility.is_public?(list)
|
refute Visibility.is_public?(list)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -85,13 +95,15 @@ test "is_private?", %{
|
||||||
private: private,
|
private: private,
|
||||||
direct: direct,
|
direct: direct,
|
||||||
unlisted: unlisted,
|
unlisted: unlisted,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local
|
||||||
} do
|
} do
|
||||||
refute Visibility.is_private?(direct)
|
refute Visibility.is_private?(direct)
|
||||||
refute Visibility.is_private?(public)
|
refute Visibility.is_private?(public)
|
||||||
assert Visibility.is_private?(private)
|
assert Visibility.is_private?(private)
|
||||||
refute Visibility.is_private?(unlisted)
|
refute Visibility.is_private?(unlisted)
|
||||||
refute Visibility.is_private?(list)
|
refute Visibility.is_private?(list)
|
||||||
|
refute Visibility.is_private?(local)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "is_list?", %{
|
test "is_list?", %{
|
||||||
|
@ -99,13 +111,15 @@ test "is_list?", %{
|
||||||
private: private,
|
private: private,
|
||||||
direct: direct,
|
direct: direct,
|
||||||
unlisted: unlisted,
|
unlisted: unlisted,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local
|
||||||
} do
|
} do
|
||||||
refute Visibility.is_list?(direct)
|
refute Visibility.is_list?(direct)
|
||||||
refute Visibility.is_list?(public)
|
refute Visibility.is_list?(public)
|
||||||
refute Visibility.is_list?(private)
|
refute Visibility.is_list?(private)
|
||||||
refute Visibility.is_list?(unlisted)
|
refute Visibility.is_list?(unlisted)
|
||||||
assert Visibility.is_list?(list)
|
assert Visibility.is_list?(list)
|
||||||
|
refute Visibility.is_list?(local)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "visible_for_user? Activity", %{
|
test "visible_for_user? Activity", %{
|
||||||
|
@ -117,7 +131,9 @@ test "visible_for_user? Activity", %{
|
||||||
mentioned: mentioned,
|
mentioned: mentioned,
|
||||||
following: following,
|
following: following,
|
||||||
unrelated: unrelated,
|
unrelated: unrelated,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local,
|
||||||
|
remote: remote
|
||||||
} do
|
} do
|
||||||
# All visible to author
|
# All visible to author
|
||||||
|
|
||||||
|
@ -126,6 +142,7 @@ test "visible_for_user? Activity", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, user)
|
assert Visibility.visible_for_user?(unlisted, user)
|
||||||
assert Visibility.visible_for_user?(direct, user)
|
assert Visibility.visible_for_user?(direct, user)
|
||||||
assert Visibility.visible_for_user?(list, user)
|
assert Visibility.visible_for_user?(list, user)
|
||||||
|
assert Visibility.visible_for_user?(local, user)
|
||||||
|
|
||||||
# All visible to a mentioned user
|
# All visible to a mentioned user
|
||||||
|
|
||||||
|
@ -134,6 +151,7 @@ test "visible_for_user? Activity", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, mentioned)
|
assert Visibility.visible_for_user?(unlisted, mentioned)
|
||||||
assert Visibility.visible_for_user?(direct, mentioned)
|
assert Visibility.visible_for_user?(direct, mentioned)
|
||||||
assert Visibility.visible_for_user?(list, mentioned)
|
assert Visibility.visible_for_user?(list, mentioned)
|
||||||
|
assert Visibility.visible_for_user?(local, mentioned)
|
||||||
|
|
||||||
# DM not visible for just follower
|
# DM not visible for just follower
|
||||||
|
|
||||||
|
@ -142,6 +160,7 @@ test "visible_for_user? Activity", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, following)
|
assert Visibility.visible_for_user?(unlisted, following)
|
||||||
refute Visibility.visible_for_user?(direct, following)
|
refute Visibility.visible_for_user?(direct, following)
|
||||||
refute Visibility.visible_for_user?(list, following)
|
refute Visibility.visible_for_user?(list, following)
|
||||||
|
assert Visibility.visible_for_user?(local, following)
|
||||||
|
|
||||||
# Public and unlisted visible for unrelated user
|
# Public and unlisted visible for unrelated user
|
||||||
|
|
||||||
|
@ -149,6 +168,7 @@ test "visible_for_user? Activity", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, unrelated)
|
assert Visibility.visible_for_user?(unlisted, unrelated)
|
||||||
refute Visibility.visible_for_user?(private, unrelated)
|
refute Visibility.visible_for_user?(private, unrelated)
|
||||||
refute Visibility.visible_for_user?(direct, unrelated)
|
refute Visibility.visible_for_user?(direct, unrelated)
|
||||||
|
assert Visibility.visible_for_user?(local, unrelated)
|
||||||
|
|
||||||
# Public and unlisted visible for unauthenticated
|
# Public and unlisted visible for unauthenticated
|
||||||
|
|
||||||
|
@ -156,9 +176,13 @@ test "visible_for_user? Activity", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, nil)
|
assert Visibility.visible_for_user?(unlisted, nil)
|
||||||
refute Visibility.visible_for_user?(private, nil)
|
refute Visibility.visible_for_user?(private, nil)
|
||||||
refute Visibility.visible_for_user?(direct, nil)
|
refute Visibility.visible_for_user?(direct, nil)
|
||||||
|
refute Visibility.visible_for_user?(local, nil)
|
||||||
|
|
||||||
# Visible for a list member
|
# Visible for a list member
|
||||||
assert Visibility.visible_for_user?(list, unrelated)
|
assert Visibility.visible_for_user?(list, unrelated)
|
||||||
|
|
||||||
|
# Local not visible to remote user
|
||||||
|
refute Visibility.visible_for_user?(local, remote)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "visible_for_user? Object", %{
|
test "visible_for_user? Object", %{
|
||||||
|
@ -170,13 +194,16 @@ test "visible_for_user? Object", %{
|
||||||
mentioned: mentioned,
|
mentioned: mentioned,
|
||||||
following: following,
|
following: following,
|
||||||
unrelated: unrelated,
|
unrelated: unrelated,
|
||||||
list: list
|
list: list,
|
||||||
|
local: local,
|
||||||
|
remote: remote
|
||||||
} do
|
} do
|
||||||
public = Object.normalize(public)
|
public = Object.normalize(public)
|
||||||
private = Object.normalize(private)
|
private = Object.normalize(private)
|
||||||
unlisted = Object.normalize(unlisted)
|
unlisted = Object.normalize(unlisted)
|
||||||
direct = Object.normalize(direct)
|
direct = Object.normalize(direct)
|
||||||
list = Object.normalize(list)
|
list = Object.normalize(list)
|
||||||
|
local = Object.normalize(local)
|
||||||
|
|
||||||
# All visible to author
|
# All visible to author
|
||||||
|
|
||||||
|
@ -215,7 +242,10 @@ test "visible_for_user? Object", %{
|
||||||
assert Visibility.visible_for_user?(unlisted, nil)
|
assert Visibility.visible_for_user?(unlisted, nil)
|
||||||
refute Visibility.visible_for_user?(private, nil)
|
refute Visibility.visible_for_user?(private, nil)
|
||||||
refute Visibility.visible_for_user?(direct, nil)
|
refute Visibility.visible_for_user?(direct, nil)
|
||||||
|
refute Visibility.visible_for_user?(local, nil)
|
||||||
|
|
||||||
|
# Local posts to remote
|
||||||
|
refute Visibility.visible_for_user?(local, remote)
|
||||||
# Visible for a list member
|
# Visible for a list member
|
||||||
# assert Visibility.visible_for_user?(list, unrelated)
|
# assert Visibility.visible_for_user?(list, unrelated)
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue