bookwyrm/fedireads/incoming.py

''' handles all of the activity coming in to the server '''
from base64 import b64decode
from Crypto.PublicKey import RSA
from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256
from django.http import HttpResponse, HttpResponseBadRequest, \
    HttpResponseNotFound, JsonResponse
from django.views.decorators.csrf import csrf_exempt
import django.db.utils
import json
import requests

from fedireads import activitypub
from fedireads import models
from fedireads import outgoing
from fedireads.status import create_review, create_status, create_tag, \
    create_notification
from fedireads.remote_user import get_or_create_remote_user


@csrf_exempt
def shared_inbox(request):
    ''' incoming activitypub events '''
    # TODO: should this be functionally different from the non-shared inbox??
    if request.method == 'GET':
        return HttpResponseNotFound()

    try:
        activity = json.loads(request.body)
    except json.decoder.JSONDecodeError:
        return HttpResponseBadRequest()

    try:
        verify_signature(request)
    except ValueError:
        return HttpResponse(status=401)

    response = HttpResponseNotFound()
    if activity['type'] == 'Follow':
        response = handle_incoming_follow(activity)

    elif activity['type'] == 'Undo':
        response = handle_incoming_undo(activity)

    elif activity['type'] == 'Create':
        response = handle_incoming_create(activity)

    elif activity['type'] == 'Accept':
        response = handle_incoming_follow_accept(activity)

    elif activity['type'] == 'Like':
        response = handle_incoming_favorite(activity)

    elif activity['type'] == 'Add':
        response = handle_incoming_add(activity)

    # TODO: Add, Undo, Remove, etc

    return response


def verify_signature(request):
    ''' verify rsa signature '''
    signature_dict = {}
    for pair in request.headers['Signature'].split(','):
        k, v = pair.split('=', 1)
        v = v.replace('"', '')
        signature_dict[k] = v

    try:
        key_id = signature_dict['keyId']
        headers = signature_dict['headers']
        signature = b64decode(signature_dict['signature'])
    except KeyError:
        raise ValueError('Invalid auth header')

    response = requests.get(
        key_id,
        headers={'Accept': 'application/activity+json'}
    )
    if not response.ok:
        raise ValueError('Could not load public key')

    actor = response.json()
    key = RSA.import_key(actor['publicKey']['publicKeyPem'])

    comparison_string = []
    for signed_header_name in headers.split(' '):
        if signed_header_name == '(request-target)':
            comparison_string.append('(request-target): post %s' % request.path)
        else:
            comparison_string.append('%s: %s' % (
                signed_header_name,
                request.headers[signed_header_name]
            ))
    comparison_string = '\n'.join(comparison_string)

    signer = pkcs1_15.new(key)
    digest = SHA256.new()
    digest.update(comparison_string.encode())

    # raises a ValueError if it fails
    signer.verify(digest, signature)

    return True


@csrf_exempt
def inbox(request, username):
    ''' incoming activitypub events '''
    # TODO: should do some kind of checking if the user accepts
    # this action from the sender probably? idk
    # but this will just throw a 404 if the user doesn't exist
    try:
        models.User.objects.get(localname=username)
    except models.User.DoesNotExist:
        return HttpResponseNotFound()

    return shared_inbox(request)


@csrf_exempt
def get_actor(request, username):
    ''' return an activitypub actor object '''
    if request.method != 'GET':
        return HttpResponseBadRequest()

    try:
        user = models.User.objects.get(localname=username)
    except models.User.DoesNotExist:
        return HttpResponseNotFound()
    return JsonResponse(activitypub.get_actor(user))


@csrf_exempt
def get_status(request, username, status_id):
    ''' return activity json for a specific status '''
    if request.method != 'GET':
        return HttpResponseBadRequest()

    try:
        user = models.User.objects.get(localname=username)
        status = models.Status.objects.get(id=status_id)
    except ValueError:
        return HttpResponseNotFound()

    if user != status.user:
        return HttpResponseNotFound()

    return JsonResponse(activitypub.get_status(status))


@csrf_exempt
def get_replies(request, username, status_id):
    ''' ordered collection of replies to a status '''
    # TODO: this isn't a full implmentation
    if request.method != 'GET':
        return HttpResponseBadRequest()

    status = models.Status.objects.get(id=status_id)
    if status.user.localname != username:
        return HttpResponseNotFound()

    replies = models.Status.objects.filter(
        reply_parent=status
    ).first()

    replies_activity = activitypub.get_replies(status, [replies])
    return JsonResponse(replies_activity)


@csrf_exempt
def get_followers(request, username):
    ''' return a list of followers for an actor '''
    if request.method != 'GET':
        return HttpResponseBadRequest()

    user = models.User.objects.get(localname=username)
    followers = user.followers
    page = request.GET.get('page')
    return JsonResponse(activitypub.get_followers(user, page, followers))


@csrf_exempt
def get_following(request, username):
    ''' return a list of following for an actor '''
    if request.method != 'GET':
        return HttpResponseBadRequest()

    user = models.User.objects.get(localname=username)
    following = user.following
    page = request.GET.get('page')
    return JsonResponse(activitypub.get_following(user, page, following))


def handle_incoming_follow(activity):
    ''' someone wants to follow a local user '''
    # figure out who they want to follow
    to_follow = models.User.objects.get(actor=activity['object'])
    # figure out who they are
    user = get_or_create_remote_user(activity['actor'])
    # TODO: allow users to manually approve requests
    try:
        models.UserRelationship.objects.create(
            user_subject=user,
            user_object=to_follow,
            status='follow_request',
            relationship_id=activity['id']
        )
    except django.db.utils.IntegrityError:
        # Duplicate follow request. Not sure what the correct behaviour is, but
        # just dropping it works for now. We should perhaps generate the
        # Accept, but then do we need to match the activity id?
        return HttpResponse()

    create_notification(to_follow, 'FOLLOW', related_user=user)
    outgoing.handle_outgoing_accept(user, to_follow, activity)
    return HttpResponse()


def handle_incoming_undo(activity):
    ''' unfollow a local user '''
    obj = activity['object']
    if not obj['type'] == 'Follow':
        #idk how to undo other things
        return HttpResponseNotFound()
    try:
        requester = get_or_create_remote_user(obj['actor'])
        to_unfollow = models.User.objects.get(actor=obj['object'])
    except models.User.DoesNotExist:
        return HttpResponseNotFound()

    to_unfollow.followers.remove(requester)
    return HttpResponse()


def handle_incoming_follow_accept(activity):
    ''' hurray, someone remote accepted a follow request '''
    # figure out who they want to follow
    requester = models.User.objects.get(actor=activity['object']['actor'])
    # figure out who they are
    accepter = get_or_create_remote_user(activity['actor'])

    accepter.followers.add(requester)
    return HttpResponse()


def handle_incoming_create(activity):
    ''' someone did something, good on them '''
    user = get_or_create_remote_user(activity['actor'])

    if not 'object' in activity:
        return HttpResponseBadRequest()

    # TODO: should only create notes if they are relevent to a book,
    # so, not every single thing someone posts on mastodon
    response = HttpResponse()
    content = activity['object'].get('content')
    if activity['object'].get('fedireadsType') == 'Review' and \
            'inReplyToBook' in activity['object']:
        book = activity['object']['inReplyToBook']
        book = book.split('/')[-1]
        name = activity['object'].get('name')
        rating = activity['object'].get('rating')
        published = activity['object'].get('published')
        if user.local:
            review_id = activity['object']['id'].split('/')[-1]
            models.Review.objects.get(id=review_id)
        else:
            try:
                create_review(user, book, name, content, rating, published)
            except ValueError:
                return HttpResponseBadRequest()
    elif not user.local:
        try:
            status = create_status(user, content)
            if status.reply_parent:
                create_notification(
                    status.reply_parent.user,
                    'REPLY',
                    related_user=status.user,
                    related_status=status,
                )
        except ValueError:
            return HttpResponseBadRequest()

    return response


def handle_incoming_favorite(activity):
    ''' approval of your good good post '''
    try:
        status_id = activity['object'].split('/')[-1]
        status = models.Status.objects.get(id=status_id)
        liker = get_or_create_remote_user(activity['actor'])
    except (models.Status.DoesNotExist, models.User.DoesNotExist):
        return HttpResponseNotFound()

    if not liker.local:
        status.favorites.add(liker)

    create_notification(
        status.user,
        'FAVORITE',
        related_user=liker,
        related_status=status,
    )
    return HttpResponse()


def handle_incoming_add(activity):
    ''' someone is tagging or shelving a book '''
    if activity['object']['type'] == 'Tag':
        user = get_or_create_remote_user(activity['actor'])
        if not user.local:
            book = activity['target']['id'].split('/')[-1]
            create_tag(user, book, activity['object']['name'])
            return HttpResponse()
        return HttpResponse()
    return HttpResponseNotFound()


def handle_incoming_accept(activity):
    ''' someone is accepting a follow request '''
    # our local user
    user = models.User.objects.get(actor=activity['actor'])
    # the person our local user wants to follow, who said yes
    followed = get_or_create_remote_user(activity['object']['actor'])

    # save this relationship in the db
    followed.followers.add(user)

    return HttpResponse()
Code cleanup 2020-01-28 19:45:27 +00:00			`''' handles all of the activity coming in to the server '''`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`from base64 import b64decode`
			`from Crypto.PublicKey import RSA`
			`from Crypto.Signature import pkcs1_15`
			`from Crypto.Hash import SHA256`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00			`from django.http import HttpResponse, HttpResponseBadRequest, \`
			`HttpResponseNotFound, JsonResponse`
			`from django.views.decorators.csrf import csrf_exempt`
Handle and ignore duplicate follower error. 2020-02-23 09:27:10 +00:00			`import django.db.utils`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00			`import json`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`import requests`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00
Move activitypub serialization into a module 2020-02-18 04:12:19 +00:00			`from fedireads import activitypub`
Code cleanup 2020-01-28 19:45:27 +00:00			`from fedireads import models`
Fixes accept follow request Fixes #3 2020-02-15 06:44:07 +00:00			`from fedireads import outgoing`
Adds notifications Fixes #70 2020-03-07 22:50:29 +00:00			`from fedireads.status import create_review, create_status, create_tag, \`
			`create_notification`
Fixes accept follow request Fixes #3 2020-02-15 06:44:07 +00:00			`from fedireads.remote_user import get_or_create_remote_user`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00

			`@csrf_exempt`
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00			`def shared_inbox(request):`
			`''' incoming activitypub events '''`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`# TODO: should this be functionally different from the non-shared inbox??`
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00			`if request.method == 'GET':`
			`return HttpResponseNotFound()`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00			`try:`
			`activity = json.loads(request.body)`
			`except json.decoder.JSONDecodeError:`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`return HttpResponseBadRequest()`

			`try:`
			`verify_signature(request)`
			`except ValueError:`
			`return HttpResponse(status=401)`

			`response = HttpResponseNotFound()`
Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`if activity['type'] == 'Follow':`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`response = handle_incoming_follow(activity)`

Follow/unfollow behavior Fixes #23 2020-02-19 06:44:13 +00:00			`elif activity['type'] == 'Undo':`
			`response = handle_incoming_undo(activity)`

Small syntax fix 2020-02-15 21:14:43 +00:00			`elif activity['type'] == 'Create':`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`response = handle_incoming_create(activity)`

Small syntax fix 2020-02-15 21:14:43 +00:00			`elif activity['type'] == 'Accept':`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`response = handle_incoming_follow_accept(activity)`

Adds favorit handling 2020-02-19 08:13:06 +00:00			`elif activity['type'] == 'Like':`
			`response = handle_incoming_favorite(activity)`

Tagging Works on #55 2020-02-21 06:19:19 +00:00			`elif activity['type'] == 'Add':`
			`response = handle_incoming_add(activity)`

Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`# TODO: Add, Undo, Remove, etc`
Small syntax fix 2020-02-15 21:14:43 +00:00
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`return response`
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00
Tidies up inbox code 2020-02-15 04:37:02 +00:00
			`def verify_signature(request):`
			`''' verify rsa signature '''`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`signature_dict = {}`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`for pair in request.headers['Signature'].split(','):`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`k, v = pair.split('=', 1)`
			`v = v.replace('"', '')`
			`signature_dict[k] = v`

Tidies up inbox code 2020-02-15 04:37:02 +00:00			`try:`
			`key_id = signature_dict['keyId']`
			`headers = signature_dict['headers']`
			`signature = b64decode(signature_dict['signature'])`
			`except KeyError:`
			`raise ValueError('Invalid auth header')`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00
			`response = requests.get(`
			`key_id,`
			`headers={'Accept': 'application/activity+json'}`
			`)`
			`if not response.ok:`
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`raise ValueError('Could not load public key')`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00
			`actor = response.json()`
			`key = RSA.import_key(actor['publicKey']['publicKeyPem'])`

			`comparison_string = []`
			`for signed_header_name in headers.split(' '):`
			`if signed_header_name == '(request-target)':`
			`comparison_string.append('(request-target): post %s' % request.path)`
			`else:`
			`comparison_string.append('%s: %s' % (`
			`signed_header_name,`
			`request.headers[signed_header_name]`
			`))`
			`comparison_string = '\n'.join(comparison_string)`

			`signer = pkcs1_15.new(key)`
			`digest = SHA256.new()`
			`digest.update(comparison_string.encode())`

Tidies up inbox code 2020-02-15 04:37:02 +00:00			`# raises a ValueError if it fails`
			`signer.verify(digest, signature)`
Accept 'Accept' activities in the inbox 2020-02-15 04:04:22 +00:00
Tidies up inbox code 2020-02-15 04:37:02 +00:00			`return True`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00

			`@csrf_exempt`
			`def inbox(request, username):`
			`''' incoming activitypub events '''`
			`# TODO: should do some kind of checking if the user accepts`
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`# this action from the sender probably? idk`
cleans up urls and views 2020-02-22 22:02:03 +00:00			`# but this will just throw a 404 if the user doesn't exist`
			`try:`
			`models.User.objects.get(localname=username)`
			`except models.User.DoesNotExist:`
			`return HttpResponseNotFound()`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00
RSA sign and verify (working) 2020-01-30 04:56:18 +00:00			`return shared_inbox(request)`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00

broadcast to shared inboxes 2020-01-28 19:13:13 +00:00			`@csrf_exempt`
			`def get_actor(request, username):`
			`''' return an activitypub actor object '''`
			`if request.method != 'GET':`
			`return HttpResponseBadRequest()`

cleans up urls and views 2020-02-22 22:02:03 +00:00			`try:`
			`user = models.User.objects.get(localname=username)`
			`except models.User.DoesNotExist:`
			`return HttpResponseNotFound()`
Move activitypub serialization into a module 2020-02-18 04:12:19 +00:00			`return JsonResponse(activitypub.get_actor(user))`
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00
Adds remote user public key 2020-01-29 23:59:43 +00:00
Endpoint for status 2020-02-15 20:32:40 +00:00			`@csrf_exempt`
			`def get_status(request, username, status_id):`
			`''' return activity json for a specific status '''`
			`if request.method != 'GET':`
			`return HttpResponseBadRequest()`

			`try:`
			`user = models.User.objects.get(localname=username)`
			`status = models.Status.objects.get(id=status_id)`
			`except ValueError:`
			`return HttpResponseNotFound()`

			`if user != status.user:`
			`return HttpResponseNotFound()`

Move activitypub serialization into a module 2020-02-18 04:12:19 +00:00			`return JsonResponse(activitypub.get_status(status))`
Endpoint for status 2020-02-15 20:32:40 +00:00

Adds commenting 2020-02-18 05:39:08 +00:00			`@csrf_exempt`
			`def get_replies(request, username, status_id):`
			`''' ordered collection of replies to a status '''`
Fixes replies ap access 2020-02-18 05:58:02 +00:00			`# TODO: this isn't a full implmentation`
Adds commenting 2020-02-18 05:39:08 +00:00			`if request.method != 'GET':`
			`return HttpResponseBadRequest()`

MOves replies formatter out of incoming 2020-02-18 05:50:30 +00:00			`status = models.Status.objects.get(id=status_id)`
			`if status.user.localname != username:`
			`return HttpResponseNotFound()`

Adds commenting 2020-02-18 05:39:08 +00:00			`replies = models.Status.objects.filter(`
MOves replies formatter out of incoming 2020-02-18 05:50:30 +00:00			`reply_parent=status`
Adds commenting 2020-02-18 05:39:08 +00:00			`).first()`

Fixes replies ap access 2020-02-18 05:58:02 +00:00			`replies_activity = activitypub.get_replies(status, [replies])`
Adds commenting 2020-02-18 05:39:08 +00:00			`return JsonResponse(replies_activity)`


Followers and following lists 2020-01-29 19:45:19 +00:00			`@csrf_exempt`
			`def get_followers(request, username):`
			`''' return a list of followers for an actor '''`
			`if request.method != 'GET':`
			`return HttpResponseBadRequest()`

			`user = models.User.objects.get(localname=username)`
			`followers = user.followers`
Moves incoming activitypub json to module 2020-02-18 05:23:08 +00:00			`page = request.GET.get('page')`
			`return JsonResponse(activitypub.get_followers(user, page, followers))`
Followers and following lists 2020-01-29 19:45:19 +00:00

			`@csrf_exempt`
			`def get_following(request, username):`
			`''' return a list of following for an actor '''`
			`if request.method != 'GET':`
			`return HttpResponseBadRequest()`

			`user = models.User.objects.get(localname=username)`
Add following as a related_name for followers. 2020-02-24 15:10:03 +00:00			`following = user.following`
Moves incoming activitypub json to module 2020-02-18 05:23:08 +00:00			`page = request.GET.get('page')`
			`return JsonResponse(activitypub.get_following(user, page, following))`
Followers and following lists 2020-01-29 19:45:19 +00:00
broadcast to shared inboxes 2020-01-28 19:13:13 +00:00
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00			`def handle_incoming_follow(activity):`
Formatting and display fixes 2020-02-15 21:07:57 +00:00			`''' someone wants to follow a local user '''`
Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00			`# figure out who they want to follow`
			`to_follow = models.User.objects.get(actor=activity['object'])`
			`# figure out who they are`
			`user = get_or_create_remote_user(activity['actor'])`
Fixes accept follow request Fixes #3 2020-02-15 06:44:07 +00:00			`# TODO: allow users to manually approve requests`
Handle and ignore duplicate follower error. 2020-02-23 09:27:10 +00:00			`try:`
			`models.UserRelationship.objects.create(`
Reverse user_subject & user_object. In the relationships table: user_subject should be the user doing the following. user_object should be the user who is followed. This fixes a bug where unfollowing a user deletes the relationship in both directions. 2020-02-24 16:10:09 +00:00			`user_subject=user,`
			`user_object=to_follow,`
Handle and ignore duplicate follower error. 2020-02-23 09:27:10 +00:00			`status='follow_request',`
			`relationship_id=activity['id']`
			`)`
			`except django.db.utils.IntegrityError:`
Minor formatting changes 2020-02-23 21:24:23 +00:00			`# Duplicate follow request. Not sure what the correct behaviour is, but`
			`# just dropping it works for now. We should perhaps generate the`
			`# Accept, but then do we need to match the activity id?`
Handle and ignore duplicate follower error. 2020-02-23 09:27:10 +00:00			`return HttpResponse()`

Adds notifications Fixes #70 2020-03-07 22:50:29 +00:00			`create_notification(to_follow, 'FOLLOW', related_user=user)`
Fixes accept follow request Fixes #3 2020-02-15 06:44:07 +00:00			`outgoing.handle_outgoing_accept(user, to_follow, activity)`
			`return HttpResponse()`

Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00
Follow/unfollow behavior Fixes #23 2020-02-19 06:44:13 +00:00			`def handle_incoming_undo(activity):`
			`''' unfollow a local user '''`
			`obj = activity['object']`
			`if not obj['type'] == 'Follow':`
			`#idk how to undo other things`
			`return HttpResponseNotFound()`
			`try:`
			`requester = get_or_create_remote_user(obj['actor'])`
			`to_unfollow = models.User.objects.get(actor=obj['object'])`
			`except models.User.DoesNotExist:`
			`return HttpResponseNotFound()`

			`to_unfollow.followers.remove(requester)`
			`return HttpResponse()`


Handle follow request accept activities 2020-02-15 04:24:35 +00:00			`def handle_incoming_follow_accept(activity):`
			`''' hurray, someone remote accepted a follow request '''`
			`# figure out who they want to follow`
			`requester = models.User.objects.get(actor=activity['object']['actor'])`
			`# figure out who they are`
			`accepter = get_or_create_remote_user(activity['actor'])`

			`accepter.followers.add(requester)`
			`return HttpResponse()`


Separates incoming and outgoing api actions 2020-01-28 09:01:33 +00:00			`def handle_incoming_create(activity):`
			`''' someone did something, good on them '''`
			`user = get_or_create_remote_user(activity['actor'])`
Cleans up review logic 2020-02-15 05:00:11 +00:00
			`if not 'object' in activity:`
			`return HttpResponseBadRequest()`

Send a different review to mastodon than to fedireads 2020-02-19 01:30:23 +00:00			`# TODO: should only create notes if they are relevent to a book,`
			`# so, not every single thing someone posts on mastodon`
Cleans up review logic 2020-02-15 05:00:11 +00:00			`response = HttpResponse()`
Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`content = activity['object'].get('content')`
Endpoint for status 2020-02-15 20:32:40 +00:00			`if activity['object'].get('fedireadsType') == 'Review' and \`
Send a different review to mastodon than to fedireads 2020-02-19 01:30:23 +00:00			`'inReplyToBook' in activity['object']:`
			`book = activity['object']['inReplyToBook']`
Endpoint for status 2020-02-15 20:32:40 +00:00			`book = book.split('/')[-1]`
Trying to get federated posting to work 2020-02-15 19:13:49 +00:00			`name = activity['object'].get('name')`
			`rating = activity['object'].get('rating')`
Adds published date separate from created date 2020-03-07 00:35:56 +00:00			`published = activity['object'].get('published')`
Endpoint for status 2020-02-15 20:32:40 +00:00			`if user.local:`
			`review_id = activity['object']['id'].split('/')[-1]`
Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`models.Review.objects.get(id=review_id)`
Endpoint for status 2020-02-15 20:32:40 +00:00			`else:`
			`try:`
Adds published date separate from created date 2020-03-07 00:35:56 +00:00			`create_review(user, book, name, content, rating, published)`
Endpoint for status 2020-02-15 20:32:40 +00:00			`except ValueError:`
			`return HttpResponseBadRequest()`
Status updates for shelving actions 2020-02-17 02:45:25 +00:00			`elif not user.local:`
Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`try:`
Adds notifications Fixes #70 2020-03-07 22:50:29 +00:00			`status = create_status(user, content)`
			`if status.reply_parent:`
			`create_notification(`
			`status.reply_parent.user,`
			`'REPLY',`
			`related_user=status.user,`
			`related_status=status,`
			`)`
Stop storing activitypub json in db entirely 2020-02-17 02:22:01 +00:00			`except ValueError:`
			`return HttpResponseBadRequest()`

Cleans up review logic 2020-02-15 05:00:11 +00:00			`return response`


Adds favorit handling 2020-02-19 08:13:06 +00:00			`def handle_incoming_favorite(activity):`
			`''' approval of your good good post '''`
			`try:`
			`status_id = activity['object'].split('/')[-1]`
			`status = models.Status.objects.get(id=status_id)`
			`liker = get_or_create_remote_user(activity['actor'])`
			`except (models.Status.DoesNotExist, models.User.DoesNotExist):`
			`return HttpResponseNotFound()`

			`if not liker.local:`
			`status.favorites.add(liker)`
Adds notifications Fixes #70 2020-03-07 22:50:29 +00:00
			`create_notification(`
			`status.user,`
			`'FAVORITE',`
			`related_user=liker,`
			`related_status=status,`
			`)`
Adds favorit handling 2020-02-19 08:13:06 +00:00			`return HttpResponse()`


Tagging Works on #55 2020-02-21 06:19:19 +00:00			`def handle_incoming_add(activity):`
			`''' someone is tagging or shelving a book '''`
			`if activity['object']['type'] == 'Tag':`
			`user = get_or_create_remote_user(activity['actor'])`
			`if not user.local:`
Fixes incoming tagging 2020-02-21 06:37:50 +00:00			`book = activity['target']['id'].split('/')[-1]`
Tagging Works on #55 2020-02-21 06:19:19 +00:00			`create_tag(user, book, activity['object']['name'])`
			`return HttpResponse()`
			`return HttpResponse()`
			`return HttpResponseNotFound()`


Code cleanup 2020-01-28 19:45:27 +00:00			`def handle_incoming_accept(activity):`
			`''' someone is accepting a follow request '''`
			`# our local user`
			`user = models.User.objects.get(actor=activity['actor'])`
			`# the person our local user wants to follow, who said yes`
			`followed = get_or_create_remote_user(activity['object']['actor'])`

			`# save this relationship in the db`
			`followed.followers.add(user)`

minor code cleanup and commenting 2020-02-07 23:11:53 +00:00			`return HttpResponse()`
Code cleanup 2020-01-28 19:45:27 +00:00