reject activity creation

if passed expires_at option and expiring activities are not configured
This commit is contained in:
Alexander Strizhakov 2020-09-03 13:30:39 +03:00 committed by rinpatch
parent 4981b5a1a3
commit 93e1c8df9d
3 changed files with 80 additions and 25 deletions

View file

@ -110,23 +110,14 @@ def persist(object, meta) do
def insert(map, local \\ true, fake \\ false, bypass_actor_check \\ false) when is_map(map) do def insert(map, local \\ true, fake \\ false, bypass_actor_check \\ false) when is_map(map) do
with nil <- Activity.normalize(map), with nil <- Activity.normalize(map),
map <- lazy_put_activity_defaults(map, fake), map <- lazy_put_activity_defaults(map, fake),
true <- bypass_actor_check || check_actor_is_active(map["actor"]), {_, true} <- {:actor_check, bypass_actor_check || check_actor_is_active(map["actor"])},
{_, true} <- {:remote_limit_error, check_remote_limit(map)}, {_, true} <- {:remote_limit_pass, check_remote_limit(map)},
{:ok, map} <- MRF.filter(map), {:ok, map} <- MRF.filter(map),
{recipients, _, _} = get_recipients(map), {recipients, _, _} = get_recipients(map),
{:fake, false, map, recipients} <- {:fake, fake, map, recipients}, {:fake, false, map, recipients} <- {:fake, fake, map, recipients},
{:containment, :ok} <- {:containment, Containment.contain_child(map)}, {:containment, :ok} <- {:containment, Containment.contain_child(map)},
{:ok, map, object} <- insert_full_object(map) do {:ok, map, object} <- insert_full_object(map),
{:ok, activity} = {:ok, activity} <- insert_activity_with_expiration(map, local, recipients) do
%Activity{
data: map,
local: local,
actor: map["actor"],
recipients: recipients
}
|> Repo.insert()
|> maybe_create_activity_expiration()
# Splice in the child object if we have one. # Splice in the child object if we have one.
activity = Maps.put_if_present(activity, :object, object) activity = Maps.put_if_present(activity, :object, object)
@ -137,6 +128,15 @@ def insert(map, local \\ true, fake \\ false, bypass_actor_check \\ false) when
%Activity{} = activity -> %Activity{} = activity ->
{:ok, activity} {:ok, activity}
{:actor_check, _} ->
{:error, false}
{:containment, _} = error ->
error
{:error, _} = error ->
error
{:fake, true, map, recipients} -> {:fake, true, map, recipients} ->
activity = %Activity{ activity = %Activity{
data: map, data: map,
@ -149,11 +149,25 @@ def insert(map, local \\ true, fake \\ false, bypass_actor_check \\ false) when
Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
{:ok, activity} {:ok, activity}
error -> {:remote_limit_pass, _} ->
{:error, error} {:error, :remote_limit}
{:reject, reason} ->
{:error, reason}
end end
end end
defp insert_activity_with_expiration(data, local, recipients) do
%Activity{
data: data,
local: local,
actor: data["actor"],
recipients: recipients
}
|> Repo.insert()
|> maybe_create_activity_expiration()
end
def notify_and_stream(activity) do def notify_and_stream(activity) do
Notification.create_notifications(activity) Notification.create_notifications(activity)

View file

@ -13,6 +13,10 @@ defmodule Pleroma.Workers.PurgeExpiredActivity do
alias Pleroma.Activity alias Pleroma.Activity
@spec enqueue(map()) ::
{:ok, Oban.Job.t()}
| {:error, :expired_activities_disabled}
| {:error, :expiration_too_close}
def enqueue(args) do def enqueue(args) do
with true <- enabled?(), with true <- enabled?(),
args when is_map(args) <- validate_expires_at(args) do args when is_map(args) <- validate_expires_at(args) do

View file

@ -239,7 +239,7 @@ test "drops activities beyond a certain limit" do
} }
} }
assert {:error, {:remote_limit_error, _}} = ActivityPub.insert(data) assert {:error, :remote_limit} = ActivityPub.insert(data)
end end
test "doesn't drop activities with content being null" do test "doesn't drop activities with content being null" do
@ -386,9 +386,11 @@ test "can be fetched into a timeline" do
end end
describe "create activities" do describe "create activities" do
test "it reverts create" do setup do
user = insert(:user) [user: insert(:user)]
end
test "it reverts create", %{user: user} do
with_mock(Utils, [:passthrough], maybe_federate: fn _ -> {:error, :reverted} end) do with_mock(Utils, [:passthrough], maybe_federate: fn _ -> {:error, :reverted} end) do
assert {:error, :reverted} = assert {:error, :reverted} =
ActivityPub.create(%{ ActivityPub.create(%{
@ -407,9 +409,47 @@ test "it reverts create" do
assert Repo.aggregate(Object, :count, :id) == 0 assert Repo.aggregate(Object, :count, :id) == 0
end end
test "removes doubled 'to' recipients" do test "creates activity if expiration is not configured and expires_at is not passed", %{
user = insert(:user) user: user
} do
clear_config([Pleroma.Workers.PurgeExpiredActivity, :enabled], false)
assert {:ok, _} =
ActivityPub.create(%{
to: ["user1", "user2"],
actor: user,
context: "",
object: %{
"to" => ["user1", "user2"],
"type" => "Note",
"content" => "testing"
}
})
end
test "rejects activity if expires_at present but expiration is not configured", %{user: user} do
clear_config([Pleroma.Workers.PurgeExpiredActivity, :enabled], false)
assert {:error, :expired_activities_disabled} =
ActivityPub.create(%{
to: ["user1", "user2"],
actor: user,
context: "",
object: %{
"to" => ["user1", "user2"],
"type" => "Note",
"content" => "testing"
},
additional: %{
"expires_at" => DateTime.utc_now()
}
})
assert Repo.aggregate(Activity, :count, :id) == 0
assert Repo.aggregate(Object, :count, :id) == 0
end
test "removes doubled 'to' recipients", %{user: user} do
{:ok, activity} = {:ok, activity} =
ActivityPub.create(%{ ActivityPub.create(%{
to: ["user1", "user1", "user2"], to: ["user1", "user1", "user2"],
@ -427,9 +467,7 @@ test "removes doubled 'to' recipients" do
assert activity.recipients == ["user1", "user2", user.ap_id] assert activity.recipients == ["user1", "user2", user.ap_id]
end end
test "increases user note count only for public activities" do test "increases user note count only for public activities", %{user: user} do
user = insert(:user)
{:ok, _} = {:ok, _} =
CommonAPI.post(User.get_cached_by_id(user.id), %{ CommonAPI.post(User.get_cached_by_id(user.id), %{
status: "1", status: "1",
@ -458,8 +496,7 @@ test "increases user note count only for public activities" do
assert user.note_count == 2 assert user.note_count == 2
end end
test "increases replies count" do test "increases replies count", %{user: user} do
user = insert(:user)
user2 = insert(:user) user2 = insert(:user)
{:ok, activity} = CommonAPI.post(user, %{status: "1", visibility: "public"}) {:ok, activity} = CommonAPI.post(user, %{status: "1", visibility: "public"})