For verify_is_public() we also need to check cc field

This commit is contained in:
Felix Ableitner 2021-11-06 18:44:34 +01:00
parent a5a674a270
commit 888e683856
17 changed files with 22 additions and 16 deletions

View file

@ -75,7 +75,7 @@ impl ActivityHandler for CreateOrUpdateComment {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
let post = self.object.get_parents(context, request_counter).await?.0; let post = self.object.get_parents(context, request_counter).await?.0;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;

View file

@ -64,7 +64,7 @@ impl ActivityHandler for AddMod {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -59,7 +59,7 @@ impl ActivityHandler for AnnounceActivity {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
self.object.verify(context, request_counter).await?; self.object.verify(context, request_counter).await?;
Ok(()) Ok(())

View file

@ -75,7 +75,7 @@ impl ActivityHandler for BlockUserFromCommunity {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -63,7 +63,7 @@ impl ActivityHandler for RemoveMod {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -65,7 +65,7 @@ impl ActivityHandler for UndoBlockUserFromCommunity {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -58,7 +58,7 @@ impl ActivityHandler for UpdateCommunity {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -50,7 +50,7 @@ impl ActivityHandler for Delete {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_delete_activity( verify_delete_activity(

View file

@ -35,7 +35,7 @@ impl ActivityHandler for UndoDelete {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
self.object.verify(context, request_counter).await?; self.object.verify(context, request_counter).await?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;

View file

@ -116,8 +116,8 @@ fn verify_add_remove_moderator_target(
Ok(()) Ok(())
} }
pub(crate) fn verify_is_public(to: &[Url]) -> Result<(), LemmyError> { pub(crate) fn verify_is_public(to: &[Url], cc: &[Url]) -> Result<(), LemmyError> {
if !to.contains(&public()) { if !to.contains(&public()) && !cc.contains(&public()) {
return Err(anyhow!("Object is not public").into()); return Err(anyhow!("Object is not public").into());
} }
Ok(()) Ok(())

View file

@ -74,7 +74,7 @@ impl ActivityHandler for CreateOrUpdatePost {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -68,7 +68,7 @@ impl ActivityHandler for UndoVote {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -74,7 +74,7 @@ impl ActivityHandler for Vote {
context: &Data<LemmyContext>, context: &Data<LemmyContext>,
request_counter: &mut i32, request_counter: &mut i32,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_is_public(&self.to)?; verify_is_public(&self.to, &self.cc)?;
verify_activity(&self.id, self.actor.inner(), &context.settings())?; verify_activity(&self.id, self.actor.inner(), &context.settings())?;
let community = self.get_community(context, request_counter).await?; let community = self.get_community(context, request_counter).await?;
verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?;

View file

@ -107,6 +107,7 @@ impl ApubObject for ApubComment {
id: ObjectId::new(self.ap_id.clone()), id: ObjectId::new(self.ap_id.clone()),
attributed_to: ObjectId::new(creator.actor_id), attributed_to: ObjectId::new(creator.actor_id),
to: vec![public()], to: vec![public()],
cc: vec![],
content: markdown_to_html(&self.content), content: markdown_to_html(&self.content),
media_type: Some(MediaTypeHtml::Html), media_type: Some(MediaTypeHtml::Html),
source: SourceCompat::Lemmy(Source { source: SourceCompat::Lemmy(Source {
@ -137,7 +138,7 @@ impl ApubObject for ApubComment {
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
verify_domains_match(note.id.inner(), expected_domain)?; verify_domains_match(note.id.inner(), expected_domain)?;
verify_domains_match(note.attributed_to.inner(), note.id.inner())?; verify_domains_match(note.attributed_to.inner(), note.id.inner())?;
verify_is_public(&note.to)?; verify_is_public(&note.to, &note.cc)?;
let (post, _) = note.get_parents(context, request_counter).await?; let (post, _) = note.get_parents(context, request_counter).await?;
let community_id = post.community_id; let community_id = post.community_id;
let community = blocking(context.pool(), move |conn| { let community = blocking(context.pool(), move |conn| {

View file

@ -110,6 +110,7 @@ impl ApubObject for ApubPost {
id: ObjectId::new(self.ap_id.clone()), id: ObjectId::new(self.ap_id.clone()),
attributed_to: ObjectId::new(creator.actor_id), attributed_to: ObjectId::new(creator.actor_id),
to: vec![community.actor_id.into(), public()], to: vec![community.actor_id.into(), public()],
cc: vec![],
name: self.name.clone(), name: self.name.clone(),
content: self.body.as_ref().map(|b| markdown_to_html(b)), content: self.body.as_ref().map(|b| markdown_to_html(b)),
media_type: Some(MediaTypeHtml::Html), media_type: Some(MediaTypeHtml::Html),
@ -150,7 +151,7 @@ impl ApubObject for ApubPost {
verify_person_in_community(&page.attributed_to, &community, context, request_counter).await?; verify_person_in_community(&page.attributed_to, &community, context, request_counter).await?;
check_slurs(&page.name, &context.settings().slur_regex())?; check_slurs(&page.name, &context.settings().slur_regex())?;
verify_domains_match(page.attributed_to.inner(), page.id.inner())?; verify_domains_match(page.attributed_to.inner(), page.id.inner())?;
verify_is_public(&page.to.clone())?; verify_is_public(&page.to, &page.cc)?;
Ok(()) Ok(())
} }

View file

@ -23,6 +23,8 @@ pub struct Note {
pub(crate) id: ObjectId<ApubComment>, pub(crate) id: ObjectId<ApubComment>,
pub(crate) attributed_to: ObjectId<ApubPerson>, pub(crate) attributed_to: ObjectId<ApubPerson>,
pub(crate) to: Vec<Url>, pub(crate) to: Vec<Url>,
#[serde(default)]
pub(crate) cc: Vec<Url>,
pub(crate) content: String, pub(crate) content: String,
pub(crate) media_type: Option<MediaTypeHtml>, pub(crate) media_type: Option<MediaTypeHtml>,
pub(crate) source: SourceCompat, pub(crate) source: SourceCompat,

View file

@ -20,6 +20,8 @@ pub struct Page {
pub(crate) id: ObjectId<ApubPost>, pub(crate) id: ObjectId<ApubPost>,
pub(crate) attributed_to: ObjectId<ApubPerson>, pub(crate) attributed_to: ObjectId<ApubPerson>,
pub(crate) to: Vec<Url>, pub(crate) to: Vec<Url>,
#[serde(default)]
pub(crate) cc: Vec<Url>,
pub(crate) name: String, pub(crate) name: String,
pub(crate) content: Option<String>, pub(crate) content: Option<String>,
pub(crate) media_type: Option<MediaTypeHtml>, pub(crate) media_type: Option<MediaTypeHtml>,