From 6587fa43fcd05f8e949c86427897a9fb1620da79 Mon Sep 17 00:00:00 2001 From: Dessalines Date: Tue, 25 Oct 2022 11:33:10 -0400 Subject: [PATCH 1/2] Addressing PR comments. --- crates/api/src/lib.rs | 9 +++------ crates/api_common/src/utils.rs | 11 +++++++++-- crates/apub/src/lib.rs | 4 ---- crates/apub/src/objects/comment.rs | 14 ++++--------- crates/apub/src/objects/community.rs | 8 +++++--- crates/apub/src/objects/instance.rs | 20 ++++++++----------- crates/apub/src/objects/person.rs | 21 ++++++++------------ crates/apub/src/objects/post.rs | 24 ++++++++--------------- crates/apub/src/protocol/objects/group.rs | 12 +++--------- crates/db_schema/src/impls/instance.rs | 6 ++++++ crates/utils/src/utils.rs | 9 +++++++-- 11 files changed, 61 insertions(+), 77 deletions(-) diff --git a/crates/api/src/lib.rs b/crates/api/src/lib.rs index ee1992ef0..595ab10f8 100644 --- a/crates/api/src/lib.rs +++ b/crates/api/src/lib.rs @@ -7,14 +7,11 @@ use lemmy_api_common::{ post::*, private_message::*, site::*, + utils::local_site_to_slur_regex, websocket::*, }; use lemmy_db_schema::source::local_site::LocalSite; -use lemmy_utils::{ - error::LemmyError, - utils::{check_slurs, slur_regex}, - ConnectionId, -}; +use lemmy_utils::{error::LemmyError, utils::check_slurs, ConnectionId}; use lemmy_websocket::{serialize_websocket_message, LemmyContext, UserOperation}; use serde::Deserialize; @@ -233,7 +230,7 @@ pub(crate) fn captcha_as_wav_base64(captcha: &Captcha) -> String { /// Check size of report and remove whitespace pub(crate) fn check_report_reason(reason: &str, local_site: &LocalSite) -> Result<(), LemmyError> { - let slur_regex = &slur_regex(local_site.slur_filter_regex.as_deref()); + let slur_regex = &local_site_to_slur_regex(local_site); check_slurs(reason, slur_regex)?; if reason.is_empty() { diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index 2194bd259..6b0b011a9 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -36,7 +36,7 @@ use lemmy_utils::{ error::LemmyError, rate_limit::RateLimitConfig, settings::structs::Settings, - utils::{generate_random_string, slur_regex}, + utils::{build_slur_regex, generate_random_string}, }; use regex::Regex; use reqwest_middleware::ClientWithMiddleware; @@ -463,7 +463,14 @@ pub fn local_site_rate_limit_to_rate_limit_config( } pub fn local_site_to_slur_regex(local_site: &LocalSite) -> Option { - slur_regex(local_site.slur_filter_regex.as_deref()) + build_slur_regex(local_site.slur_filter_regex.as_deref()) +} + +pub fn local_site_opt_to_slur_regex(local_site: &Option) -> Option { + local_site + .as_ref() + .map(local_site_to_slur_regex) + .unwrap_or(None) } pub fn send_application_approved_email( diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index 7272b0e5f..471a7564f 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -244,10 +244,6 @@ pub fn generate_shared_inbox_url(actor_id: &DbUrl) -> Result Ok(Url::parse(&url)?.into()) } -pub fn generate_domain_url(actor_id: &Url) -> Result { - Ok(actor_id.host_str().context(location_info!())?.to_string()) -} - pub fn generate_outbox_url(actor_id: &DbUrl) -> Result { Ok(Url::parse(&format!("{}/outbox", actor_id))?.into()) } diff --git a/crates/apub/src/objects/comment.rs b/crates/apub/src/objects/comment.rs index fe745dcf1..154bd41c9 100644 --- a/crates/apub/src/objects/comment.rs +++ b/crates/apub/src/objects/comment.rs @@ -19,7 +19,7 @@ use activitypub_federation::{ }; use activitystreams_kinds::{object::NoteType, public}; use chrono::NaiveDateTime; -use lemmy_api_common::utils::blocking; +use lemmy_api_common::utils::{blocking, local_site_opt_to_slur_regex}; use lemmy_db_schema::{ source::{ comment::{Comment, CommentInsertForm, CommentUpdateForm}, @@ -32,7 +32,7 @@ use lemmy_db_schema::{ }; use lemmy_utils::{ error::LemmyError, - utils::{convert_datetime, markdown_to_html, remove_slurs, slur_regex}, + utils::{convert_datetime, markdown_to_html, remove_slurs}, }; use lemmy_websocket::LemmyContext; use std::ops::Deref; @@ -190,14 +190,8 @@ impl ApubObject for ApubComment { let content = read_from_string_or_source(¬e.content, ¬e.media_type, ¬e.source); - let slur_regex = &slur_regex( - blocking(context.pool(), LocalSite::read) - .await? - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); - + let local_site = blocking(context.pool(), LocalSite::read).await?.ok(); + let slur_regex = &local_site_opt_to_slur_regex(&local_site); let content_slurs_removed = remove_slurs(&content, slur_regex); let language_id = LanguageTag::to_language_id_single(note.language, context.pool()).await?; diff --git a/crates/apub/src/objects/community.rs b/crates/apub/src/objects/community.rs index c9156ee9a..6e04f2c1e 100644 --- a/crates/apub/src/objects/community.rs +++ b/crates/apub/src/objects/community.rs @@ -2,7 +2,6 @@ use crate::{ check_apub_id_valid_with_strictness, collections::{community_moderators::ApubCommunityModerators, CommunityContext}, fetch_local_site_data, - generate_domain_url, generate_moderators_url, generate_outbox_url, local_instance, @@ -145,8 +144,11 @@ impl ApubObject for ApubCommunity { context: &LemmyContext, request_counter: &mut i32, ) -> Result { - let domain = generate_domain_url(group.id.inner())?; - let instance = blocking(context.pool(), move |conn| Instance::create(conn, &domain)).await??; + let apub_id = group.id.inner().to_owned(); + let instance = blocking(context.pool(), move |conn| { + Instance::create_from_actor_id(conn, &apub_id) + }) + .await??; let form = Group::into_insert_form(group.clone(), instance.id); let languages = LanguageTag::to_language_id_multiple(group.language, context.pool()).await?; diff --git a/crates/apub/src/objects/instance.rs b/crates/apub/src/objects/instance.rs index 1372a3efc..521de64f3 100644 --- a/crates/apub/src/objects/instance.rs +++ b/crates/apub/src/objects/instance.rs @@ -1,7 +1,6 @@ use crate::{ check_apub_id_valid_with_strictness, fetch_local_site_data, - generate_domain_url, local_instance, objects::read_from_string_or_source_opt, protocol::{ @@ -21,7 +20,7 @@ use activitypub_federation::{ utils::verify_domains_match, }; use chrono::NaiveDateTime; -use lemmy_api_common::utils::blocking; +use lemmy_api_common::utils::{blocking, local_site_opt_to_slur_regex}; use lemmy_db_schema::{ source::{ actor_language::SiteLanguage, @@ -33,7 +32,7 @@ use lemmy_db_schema::{ }; use lemmy_utils::{ error::LemmyError, - utils::{check_slurs, check_slurs_opt, convert_datetime, markdown_to_html, slur_regex}, + utils::{check_slurs, check_slurs_opt, convert_datetime, markdown_to_html}, }; use lemmy_websocket::LemmyContext; use std::ops::Deref; @@ -123,13 +122,7 @@ impl ApubObject for ApubSite { check_apub_id_valid_with_strictness(apub.id.inner(), true, &local_site_data, data.settings())?; verify_domains_match(expected_domain, apub.id.inner())?; - let slur_regex = &slur_regex( - local_site_data - .local_site - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); + let slur_regex = &local_site_opt_to_slur_regex(&local_site_data.local_site); check_slurs(&apub.name, slur_regex)?; check_slurs_opt(&apub.summary, slur_regex)?; @@ -142,8 +135,11 @@ impl ApubObject for ApubSite { data: &Self::DataType, _request_counter: &mut i32, ) -> Result { - let domain = generate_domain_url(apub.id.inner())?; - let instance = blocking(data.pool(), move |conn| DbInstance::create(conn, &domain)).await??; + let apub_id = apub.id.inner().to_owned(); + let instance = blocking(data.pool(), move |conn| { + DbInstance::create_from_actor_id(conn, &apub_id) + }) + .await??; let site_form = SiteInsertForm { name: apub.name.clone(), diff --git a/crates/apub/src/objects/person.rs b/crates/apub/src/objects/person.rs index b22b2a4a7..e496da075 100644 --- a/crates/apub/src/objects/person.rs +++ b/crates/apub/src/objects/person.rs @@ -1,7 +1,6 @@ use crate::{ check_apub_id_valid_with_strictness, fetch_local_site_data, - generate_domain_url, generate_outbox_url, objects::{instance::fetch_instance_actor_for_object, read_from_string_or_source_opt}, protocol::{ @@ -20,7 +19,7 @@ use activitypub_federation::{ utils::verify_domains_match, }; use chrono::NaiveDateTime; -use lemmy_api_common::utils::blocking; +use lemmy_api_common::utils::{blocking, local_site_opt_to_slur_regex}; use lemmy_db_schema::{ source::{ instance::Instance, @@ -31,7 +30,7 @@ use lemmy_db_schema::{ }; use lemmy_utils::{ error::LemmyError, - utils::{check_slurs, check_slurs_opt, convert_datetime, markdown_to_html, slur_regex}, + utils::{check_slurs, check_slurs_opt, convert_datetime, markdown_to_html}, }; use lemmy_websocket::LemmyContext; use std::ops::Deref; @@ -126,13 +125,7 @@ impl ApubObject for ApubPerson { _request_counter: &mut i32, ) -> Result<(), LemmyError> { let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; - let slur_regex = &slur_regex( - local_site_data - .local_site - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); + let slur_regex = &local_site_opt_to_slur_regex(&local_site_data.local_site); check_slurs(&person.preferred_username, slur_regex)?; check_slurs_opt(&person.name, slur_regex)?; @@ -156,9 +149,11 @@ impl ApubObject for ApubPerson { context: &LemmyContext, request_counter: &mut i32, ) -> Result { - // TODO Maybe a better way to do this? Same for community and site from_apub - let domain = generate_domain_url(person.id.inner())?; - let instance = blocking(context.pool(), move |conn| Instance::create(conn, &domain)).await??; + let apub_id = person.id.inner().to_owned(); + let instance = blocking(context.pool(), move |conn| { + Instance::create_from_actor_id(conn, &apub_id) + }) + .await??; let person_form = PersonInsertForm { name: person.preferred_username, diff --git a/crates/apub/src/objects/post.rs b/crates/apub/src/objects/post.rs index fe250304e..2f6f628c2 100644 --- a/crates/apub/src/objects/post.rs +++ b/crates/apub/src/objects/post.rs @@ -21,7 +21,10 @@ use activitypub_federation::{ }; use activitystreams_kinds::public; use chrono::NaiveDateTime; -use lemmy_api_common::{request::fetch_site_data, utils::blocking}; +use lemmy_api_common::{ + request::fetch_site_data, + utils::{blocking, local_site_opt_to_slur_regex}, +}; use lemmy_db_schema::{ self, source::{ @@ -35,7 +38,7 @@ use lemmy_db_schema::{ }; use lemmy_utils::{ error::LemmyError, - utils::{check_slurs, convert_datetime, markdown_to_html, remove_slurs, slur_regex}, + utils::{check_slurs, convert_datetime, markdown_to_html, remove_slurs}, }; use lemmy_websocket::LemmyContext; use std::ops::Deref; @@ -154,13 +157,7 @@ impl ApubObject for ApubPost { )?; verify_person_in_community(&page.creator()?, &community, context, request_counter).await?; - let slur_regex = &slur_regex( - local_site_data - .local_site - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); + let slur_regex = &local_site_opt_to_slur_regex(&local_site_data.local_site); check_slurs(&page.name, slur_regex)?; verify_domains_match(page.creator()?.inner(), page.id.inner())?; @@ -202,13 +199,8 @@ impl ApubObject for ApubPost { let (embed_title, embed_description, embed_video_url) = metadata_res .map(|u| (u.title, u.description, u.embed_video_url)) .unwrap_or_default(); - let slur_regex = &slur_regex( - blocking(context.pool(), LocalSite::read) - .await? - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); + let local_site = blocking(context.pool(), LocalSite::read).await?.ok(); + let slur_regex = &local_site_opt_to_slur_regex(&local_site); let body_slurs_removed = read_from_string_or_source_opt(&page.content, &page.media_type, &page.source) diff --git a/crates/apub/src/protocol/objects/group.rs b/crates/apub/src/protocol/objects/group.rs index f264bf9c1..5abfa2b28 100644 --- a/crates/apub/src/protocol/objects/group.rs +++ b/crates/apub/src/protocol/objects/group.rs @@ -19,7 +19,7 @@ use activitypub_federation::{ }; use activitystreams_kinds::actor::GroupType; use chrono::{DateTime, FixedOffset}; -use lemmy_api_common::utils::blocking; +use lemmy_api_common::utils::{blocking, local_site_opt_to_slur_regex}; use lemmy_db_schema::{ newtypes::InstanceId, source::community::{CommunityInsertForm, CommunityUpdateForm}, @@ -27,7 +27,7 @@ use lemmy_db_schema::{ }; use lemmy_utils::{ error::LemmyError, - utils::{check_slurs, check_slurs_opt, slur_regex}, + utils::{check_slurs, check_slurs_opt}, }; use lemmy_websocket::LemmyContext; use serde::{Deserialize, Serialize}; @@ -85,13 +85,7 @@ impl Group { )?; verify_domains_match(expected_domain, self.id.inner())?; - let slur_regex = &slur_regex( - local_site_data - .local_site - .as_ref() - .map(|l| l.slur_filter_regex.as_deref()) - .unwrap_or(None), - ); + let slur_regex = &local_site_opt_to_slur_regex(&local_site_data.local_site); check_slurs(&self.preferred_username, slur_regex)?; check_slurs_opt(&self.name, slur_regex)?; diff --git a/crates/db_schema/src/impls/instance.rs b/crates/db_schema/src/impls/instance.rs index cbd249698..c2afa6ae1 100644 --- a/crates/db_schema/src/impls/instance.rs +++ b/crates/db_schema/src/impls/instance.rs @@ -5,6 +5,8 @@ use crate::{ utils::naive_now, }; use diesel::{dsl::*, result::Error, *}; +use lemmy_utils::utils::generate_domain_url; +use url::Url; impl Instance { fn create_from_form(conn: &mut PgConnection, form: &InstanceForm) -> Result { @@ -23,6 +25,10 @@ impl Instance { }; Self::create_from_form(conn, &form) } + pub fn create_from_actor_id(conn: &mut PgConnection, actor_id: &Url) -> Result { + let domain = &generate_domain_url(actor_id).expect("actor id missing a domain"); + Self::create(conn, domain) + } pub fn delete(conn: &mut PgConnection, instance_id: InstanceId) -> Result { diesel::delete(instance::table.find(instance_id)).execute(conn) } diff --git a/crates/utils/src/utils.rs b/crates/utils/src/utils.rs index 08c8ef6b0..9d481de19 100644 --- a/crates/utils/src/utils.rs +++ b/crates/utils/src/utils.rs @@ -1,5 +1,6 @@ -use crate::{error::LemmyError, IpAddr}; +use crate::{error::LemmyError, location_info, IpAddr}; use actix_web::dev::ConnectionInfo; +use anyhow::Context; use chrono::{DateTime, FixedOffset, NaiveDateTime}; use itertools::Itertools; use once_cell::sync::Lazy; @@ -60,7 +61,7 @@ pub(crate) fn slur_check<'a>( } } -pub fn slur_regex(regex_str: Option<&str>) -> Option { +pub fn build_slur_regex(regex_str: Option<&str>) -> Option { regex_str.map(|slurs| { RegexBuilder::new(slurs) .case_insensitive(true) @@ -201,6 +202,10 @@ pub fn clean_url_params(url: &Url) -> Url { url_out } +pub fn generate_domain_url(actor_id: &Url) -> Result { + Ok(actor_id.host_str().context(location_info!())?.to_string()) +} + #[cfg(test)] mod tests { use crate::utils::{clean_url_params, is_valid_post_title}; From 85b78b2707807732ab065f7c471036a79e858216 Mon Sep 17 00:00:00 2001 From: Dessalines Date: Wed, 26 Oct 2022 15:13:59 -0400 Subject: [PATCH 2/2] Adding check_apub to all verify functions. --- crates/apub/src/activities/block/block_user.rs | 6 ++++++ crates/apub/src/activities/block/undo_block_user.rs | 6 ++++++ crates/apub/src/activities/community/add_mod.rs | 6 ++++++ crates/apub/src/activities/community/announce.rs | 9 ++++++++- crates/apub/src/activities/community/remove_mod.rs | 6 ++++++ crates/apub/src/activities/community/report.rs | 6 ++++++ crates/apub/src/activities/community/update.rs | 5 +++++ crates/apub/src/activities/create_or_update/comment.rs | 6 ++++++ crates/apub/src/activities/create_or_update/post.rs | 5 +++++ .../src/activities/create_or_update/private_message.rs | 6 ++++++ crates/apub/src/activities/deletion/delete.rs | 5 +++++ crates/apub/src/activities/deletion/delete_user.rs | 7 ++++++- crates/apub/src/activities/deletion/undo_delete.rs | 5 +++++ crates/apub/src/activities/following/accept.rs | 6 ++++++ crates/apub/src/activities/following/follow.rs | 5 +++++ crates/apub/src/activities/following/undo_follow.rs | 5 +++++ crates/apub/src/activities/voting/undo_vote.rs | 5 +++++ crates/apub/src/activities/voting/vote.rs | 5 +++++ 18 files changed, 102 insertions(+), 2 deletions(-) diff --git a/crates/apub/src/activities/block/block_user.rs b/crates/apub/src/activities/block/block_user.rs index bef3b6a28..3e574232d 100644 --- a/crates/apub/src/activities/block/block_user.rs +++ b/crates/apub/src/activities/block/block_user.rs @@ -9,6 +9,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, instance::remote_instance_inboxes, person::ApubPerson}, protocol::activities::block::block_user::BlockUser, @@ -123,6 +125,10 @@ impl ActivityHandler for BlockUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; match self .target diff --git a/crates/apub/src/activities/block/undo_block_user.rs b/crates/apub/src/activities/block/undo_block_user.rs index cd9784f32..b93d0aa3a 100644 --- a/crates/apub/src/activities/block/undo_block_user.rs +++ b/crates/apub/src/activities/block/undo_block_user.rs @@ -7,6 +7,8 @@ use crate::{ verify_is_public, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, instance::remote_instance_inboxes, person::ApubPerson}, protocol::activities::block::{block_user::BlockUser, undo_block_user::UndoBlockUser}, @@ -90,6 +92,10 @@ impl ActivityHandler for UndoBlockUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; verify_domains_match(self.actor.inner(), self.object.actor.inner())?; self.object.verify(context, request_counter).await?; diff --git a/crates/apub/src/activities/community/add_mod.rs b/crates/apub/src/activities/community/add_mod.rs index 4dbd463b7..86ee91666 100644 --- a/crates/apub/src/activities/community/add_mod.rs +++ b/crates/apub/src/activities/community/add_mod.rs @@ -12,6 +12,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, generate_moderators_url, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, @@ -84,6 +86,10 @@ impl ActivityHandler for AddMod { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/community/announce.rs b/crates/apub/src/activities/community/announce.rs index e5419680e..2886c2bf0 100644 --- a/crates/apub/src/activities/community/announce.rs +++ b/crates/apub/src/activities/community/announce.rs @@ -1,6 +1,8 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_is_public}, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, insert_activity, objects::community::ApubCommunity, protocol::{ @@ -11,6 +13,7 @@ use crate::{ }; use activitypub_federation::{core::object_id::ObjectId, data::Data, traits::ActivityHandler}; use activitystreams_kinds::{activity::AnnounceType, public}; +use lemmy_api_common::utils::blocking; use lemmy_utils::error::LemmyError; use lemmy_websocket::LemmyContext; use tracing::debug; @@ -84,9 +87,13 @@ impl ActivityHandler for AnnounceActivity { #[tracing::instrument(skip_all)] async fn verify( &self, - _context: &Data, + context: &Data, _request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; Ok(()) } diff --git a/crates/apub/src/activities/community/remove_mod.rs b/crates/apub/src/activities/community/remove_mod.rs index ede6a0089..3dca02397 100644 --- a/crates/apub/src/activities/community/remove_mod.rs +++ b/crates/apub/src/activities/community/remove_mod.rs @@ -12,6 +12,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, generate_moderators_url, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, @@ -84,6 +86,10 @@ impl ActivityHandler for RemoveMod { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/community/report.rs b/crates/apub/src/activities/community/report.rs index c3b50abfe..de3fb3566 100644 --- a/crates/apub/src/activities/community/report.rs +++ b/crates/apub/src/activities/community/report.rs @@ -1,5 +1,7 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person_in_community}, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::community::report::Report, @@ -74,6 +76,10 @@ impl ActivityHandler for Report { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + let community = self.to[0] .dereference(context, local_instance(context), request_counter) .await?; diff --git a/crates/apub/src/activities/community/update.rs b/crates/apub/src/activities/community/update.rs index def4d7a4e..b444f4f5e 100644 --- a/crates/apub/src/activities/community/update.rs +++ b/crates/apub/src/activities/community/update.rs @@ -7,6 +7,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::community::update::UpdateCommunity, @@ -69,6 +71,9 @@ impl ActivityHandler for UpdateCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/comment.rs b/crates/apub/src/activities/create_or_update/comment.rs index dad6ada9b..3e0de366f 100644 --- a/crates/apub/src/activities/create_or_update/comment.rs +++ b/crates/apub/src/activities/create_or_update/comment.rs @@ -8,6 +8,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, mentions::MentionOrValue, objects::{comment::ApubComment, community::ApubCommunity, person::ApubPerson}, @@ -115,6 +117,10 @@ impl ActivityHandler for CreateOrUpdateComment { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_is_public(&self.to, &self.cc)?; let post = self.object.get_parents(context, request_counter).await?.0; let community = self.get_community(context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/post.rs b/crates/apub/src/activities/create_or_update/post.rs index d9d7b8545..1f997f72f 100644 --- a/crates/apub/src/activities/create_or_update/post.rs +++ b/crates/apub/src/activities/create_or_update/post.rs @@ -8,6 +8,8 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, objects::{community::ApubCommunity, person::ApubPerson, post::ApubPost}, protocol::activities::{create_or_update::post::CreateOrUpdatePost, CreateOrUpdateType}, ActorType, @@ -93,6 +95,9 @@ impl ActivityHandler for CreateOrUpdatePost { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/private_message.rs b/crates/apub/src/activities/create_or_update/private_message.rs index 9ad547691..20310bc41 100644 --- a/crates/apub/src/activities/create_or_update/private_message.rs +++ b/crates/apub/src/activities/create_or_update/private_message.rs @@ -1,5 +1,7 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person}, + check_apub_id_valid, + fetch_local_site_data, objects::{person::ApubPerson, private_message::ApubPrivateMessage}, protocol::activities::{ create_or_update::private_message::CreateOrUpdatePrivateMessage, @@ -69,6 +71,10 @@ impl ActivityHandler for CreateOrUpdatePrivateMessage { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_person(&self.actor, context, request_counter).await?; verify_domains_match(self.actor.inner(), self.object.id.inner())?; verify_domains_match(self.to[0].inner(), self.object.to[0].inner())?; diff --git a/crates/apub/src/activities/deletion/delete.rs b/crates/apub/src/activities/deletion/delete.rs index ca93b89f0..95024c475 100644 --- a/crates/apub/src/activities/deletion/delete.rs +++ b/crates/apub/src/activities/deletion/delete.rs @@ -4,6 +4,8 @@ use crate::{ deletion::{receive_delete_action, verify_delete_activity, DeletableObjects}, generate_activity_id, }, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::{activities::deletion::delete::Delete, IdOrNestedObject}, @@ -55,6 +57,9 @@ impl ActivityHandler for Delete { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_delete_activity(self, self.summary.is_some(), context, request_counter).await?; Ok(()) } diff --git a/crates/apub/src/activities/deletion/delete_user.rs b/crates/apub/src/activities/deletion/delete_user.rs index 9570d85d2..5fb453eef 100644 --- a/crates/apub/src/activities/deletion/delete_user.rs +++ b/crates/apub/src/activities/deletion/delete_user.rs @@ -1,5 +1,7 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_is_public, verify_person}, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{instance::remote_instance_inboxes, person::ApubPerson}, protocol::activities::deletion::delete_user::DeleteUser, @@ -11,7 +13,7 @@ use activitypub_federation::{ utils::verify_urls_match, }; use activitystreams_kinds::{activity::DeleteType, public}; -use lemmy_api_common::utils::delete_user_account; +use lemmy_api_common::utils::{blocking, delete_user_account}; use lemmy_utils::error::LemmyError; use lemmy_websocket::LemmyContext; use url::Url; @@ -36,6 +38,9 @@ impl ActivityHandler for DeleteUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &[])?; verify_person(&self.actor, context, request_counter).await?; verify_urls_match(self.actor.inner(), self.object.inner())?; diff --git a/crates/apub/src/activities/deletion/undo_delete.rs b/crates/apub/src/activities/deletion/undo_delete.rs index 1576e944c..f73c780c2 100644 --- a/crates/apub/src/activities/deletion/undo_delete.rs +++ b/crates/apub/src/activities/deletion/undo_delete.rs @@ -4,6 +4,8 @@ use crate::{ deletion::{receive_delete_action, verify_delete_activity, DeletableObjects}, generate_activity_id, }, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::deletion::{delete::Delete, undo_delete::UndoDelete}, @@ -54,6 +56,9 @@ impl ActivityHandler for UndoDelete { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; self.object.verify(context, request_counter).await?; verify_delete_activity( &self.object, diff --git a/crates/apub/src/activities/following/accept.rs b/crates/apub/src/activities/following/accept.rs index f964da086..c4bbbb1bb 100644 --- a/crates/apub/src/activities/following/accept.rs +++ b/crates/apub/src/activities/following/accept.rs @@ -1,5 +1,7 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity}, + check_apub_id_valid, + fetch_local_site_data, local_instance, protocol::activities::following::{accept::AcceptFollowCommunity, follow::FollowCommunity}, ActorType, @@ -67,6 +69,10 @@ impl ActivityHandler for AcceptFollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; + verify_urls_match(self.actor.inner(), self.object.object.inner())?; self.object.verify(context, request_counter).await?; Ok(()) diff --git a/crates/apub/src/activities/following/follow.rs b/crates/apub/src/activities/following/follow.rs index b0ae72c71..512c074cd 100644 --- a/crates/apub/src/activities/following/follow.rs +++ b/crates/apub/src/activities/following/follow.rs @@ -5,6 +5,8 @@ use crate::{ verify_person, verify_person_in_community, }, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::following::{accept::AcceptFollowCommunity, follow::FollowCommunity}, @@ -84,6 +86,9 @@ impl ActivityHandler for FollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_person(&self.actor, context, request_counter).await?; let community = self .object diff --git a/crates/apub/src/activities/following/undo_follow.rs b/crates/apub/src/activities/following/undo_follow.rs index 94b0b68ec..b37e21fb2 100644 --- a/crates/apub/src/activities/following/undo_follow.rs +++ b/crates/apub/src/activities/following/undo_follow.rs @@ -1,5 +1,7 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person}, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::following::{follow::FollowCommunity, undo_follow::UndoFollowCommunity}, @@ -63,6 +65,9 @@ impl ActivityHandler for UndoFollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; verify_urls_match(self.actor.inner(), self.object.actor.inner())?; verify_person(&self.actor, context, request_counter).await?; self.object.verify(context, request_counter).await?; diff --git a/crates/apub/src/activities/voting/undo_vote.rs b/crates/apub/src/activities/voting/undo_vote.rs index f6fc36a2d..80e319bf0 100644 --- a/crates/apub/src/activities/voting/undo_vote.rs +++ b/crates/apub/src/activities/voting/undo_vote.rs @@ -6,6 +6,8 @@ use crate::{ voting::{undo_vote_comment, undo_vote_post}, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::voting::{ @@ -82,6 +84,9 @@ impl ActivityHandler for UndoVote { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_urls_match(self.actor.inner(), self.object.actor.inner())?; diff --git a/crates/apub/src/activities/voting/vote.rs b/crates/apub/src/activities/voting/vote.rs index e33c95676..7d07fe8cd 100644 --- a/crates/apub/src/activities/voting/vote.rs +++ b/crates/apub/src/activities/voting/vote.rs @@ -6,6 +6,8 @@ use crate::{ voting::{vote_comment, vote_post}, }, activity_lists::AnnouncableActivities, + check_apub_id_valid, + fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::voting::vote::{Vote, VoteType}, @@ -81,6 +83,9 @@ impl ActivityHandler for Vote { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { + let local_site_data = blocking(context.pool(), fetch_local_site_data).await??; + check_apub_id_valid(self.id(), &local_site_data, context.settings()) + .map_err(LemmyError::from_message)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; let enable_downvotes = blocking(context.pool(), LocalSite::read)