Correctly use and document check_is_apub_id_valid() param use_strict_allowlist

2024-06-18 05:10:34 +00:00 · 2021-11-02 14:18:12 +01:00 · 2021-11-02 14:18:12 +01:00 · 41f7bcc0d2
parent b396344eae
commit 41f7bcc0d2
4 changed files with 8 additions and 0 deletions
--- a/crates/apub/src/lib.rs
+++ b/crates/apub/src/lib.rs
@ -30,6 +30,8 @@ use url::{ParseError, Url};
 /// - URL being in the allowlist (if it is active)
 /// - URL not being in the blocklist (if it is active)
 ///
+/// `use_strict_allowlist` should be true only when parsing a remote community, or when parsing a
+/// post/comment in a local community.
 pub(crate) fn check_is_apub_id_valid(
  apub_id: &Url,
  use_strict_allowlist: bool,
--- a/crates/apub/src/objects/comment.rs
+++ b/crates/apub/src/objects/comment.rs
@ -28,6 +28,7 @@ use lemmy_websocket::LemmyContext;

 use crate::{
  activities::verify_person_in_community,
+  check_is_apub_id_valid,
  fetcher::object_id::ObjectId,
  protocol::{
    objects::{
@ -149,6 +150,7 @@ impl ApubObject for ApubComment {
      Community::read(conn, community_id)
    })
    .await??;
+    check_is_apub_id_valid(&note.id, community.local, &context.settings())?;
    verify_person_in_community(
      &note.attributed_to,
      &community.into(),
--- a/crates/apub/src/objects/post.rs
+++ b/crates/apub/src/objects/post.rs
@ -1,5 +1,6 @@
 use crate::{
  activities::verify_person_in_community,
+  check_is_apub_id_valid,
  fetcher::object_id::ObjectId,
  protocol::{
    objects::{page::Page, tombstone::Tombstone},
@ -148,6 +149,7 @@ impl ApubObject for ApubPost {
      .dereference(context, request_counter)
      .await?;
    let community = page.extract_community(context, request_counter).await?;
+    check_is_apub_id_valid(&page.id, community.local, &context.settings())?;
    verify_person_in_community(&page.attributed_to, &community, context, request_counter).await?;

    let thumbnail_url: Option<Url> = page.image.clone().map(|i| i.url);
--- a/crates/apub/src/protocol/objects/group.rs
+++ b/crates/apub/src/protocol/objects/group.rs
@ -1,4 +1,5 @@
 use crate::{
+  check_is_apub_id_valid,
  collections::{
    community_moderators::ApubCommunityModerators,
    community_outbox::ApubCommunityOutbox,
@ -60,6 +61,7 @@ impl Group {
    expected_domain: &Url,
    settings: &Settings,
  ) -> Result<CommunityForm, LemmyError> {
+    check_is_apub_id_valid(&group.id, true, settings)?;
    verify_domains_match(expected_domain, &group.id)?;
    let name = group.preferred_username.clone();
    let title = group.name.clone();