only federate site bans originating from user's home instance

2025-02-27 16:16:36 +00:00 · 2022-02-07 17:53:27 +01:00 · 2022-02-07 17:53:27 +01:00 · 1b4998e396
commit 1b4998e396
parent 52ce279664
2 changed files with 30 additions and 21 deletions
--- a/crates/api/src/local_user.rs
+++ b/crates/api/src/local_user.rs
@ -478,26 +478,29 @@ impl Perform for BanPerson {
        .await??
        .into(),
    );
-    if ban {
+    // if the action affects a local user, federate to other instances
-      BlockUser::send(
+    if person.local {
-        &site,
+      if ban {
-        &person.into(),
+        BlockUser::send(
-        &local_user_view.person.into(),
+          &site,
-        remove_data,
+          &person.into(),
-        data.reason.clone(),
+          &local_user_view.person.into(),
-        expires,
+          remove_data,
-        context,
+          data.reason.clone(),
-      )
+          expires,
-      .await?;
+          context,
-    } else {
+        )
-      UndoBlockUser::send(
+        .await?;
-        &site,
+      } else {
-        &person.into(),
+        UndoBlockUser::send(
-        &local_user_view.person.into(),
+          &site,
-        data.reason.clone(),
+          &person.into(),
-        context,
+          &local_user_view.person.into(),
-      )
+          data.reason.clone(),
-      .await?;
+          context,
        )
        .await?;
      }
    }
    let res = BanPersonResponse {
--- a/crates/apub/src/activities/block/block_user.rs
+++ b/crates/apub/src/activities/block/block_user.rs
@ -36,7 +36,7 @@ use lemmy_db_schema::{
  },
  traits::{Bannable, Crud, Followable},
 };
-use lemmy_utils::{utils::convert_datetime, LemmyError};
+use lemmy_utils::{settings::structs::Settings, utils::convert_datetime, LemmyError};
 use lemmy_websocket::LemmyContext;
 impl BlockUser {
@ -121,6 +121,12 @@ impl ActivityHandler for BlockUser {
      .await?
    {
      SiteOrCommunity::Site(site) => {
        let domain = self.object.inner().domain().expect("url needs domain");
        if Settings::get().hostname == domain {
          return Err(
            anyhow!("Site bans from remote instance can't affect user's home instance").into(),
          );
        }
        // site ban can only target a user who is on the same instance as the actor (admin)
        verify_domains_match(&site.actor_id(), self.actor.inner())?;
        verify_domains_match(&site.actor_id(), self.object.inner())?;