diff --git a/Cargo.lock b/Cargo.lock index aa51f6c5a..5d5499cb5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,9 +4,9 @@ version = 3 [[package]] name = "activitypub_federation" -version = "0.2.2" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "690ed975ab70b883b4f0776f60fd7f23a7484a49f4257e7672e64d0990e95771" +checksum = "dd9ae511df7135c271dca3ef3751f5528891c965e47d8d7a70fed9d2f1e5b6b1" dependencies = [ "activitypub_federation_derive", "actix-web", @@ -16,6 +16,7 @@ dependencies = [ "base64", "chrono", "derive_builder 0.11.2", + "dyn-clone", "http", "http-signature-normalization-actix", "http-signature-normalization-reqwest", @@ -1240,6 +1241,12 @@ dependencies = [ "syn 1.0.103", ] +[[package]] +name = "dyn-clone" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4f94fa09c2aeea5b8839e414b7b841bf429fd25b9c522116ac97ee87856d88b2" + [[package]] name = "either" version = "1.8.0" diff --git a/Cargo.toml b/Cargo.toml index 2c5431c0c..c01d013c9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -49,7 +49,7 @@ lemmy_db_schema = { version = "=0.16.5", path = "./crates/db_schema" } lemmy_api_common = { version = "=0.16.5", path = "crates/api_common" } lemmy_websocket = { version = "=0.16.5", path = "./crates/websocket" } lemmy_routes = { version = "=0.16.5", path = "./crates/routes" } -activitypub_federation = "0.2.2" +activitypub_federation = "0.2.3" diesel = "2.0.2" diesel_migrations = "2.0.0" diesel-async = "0.1.1" diff --git a/crates/api/Cargo.toml b/crates/api/Cargo.toml index 5f93066be..51c8808c0 100644 --- a/crates/api/Cargo.toml +++ b/crates/api/Cargo.toml @@ -22,7 +22,7 @@ lemmy_db_views_moderator = { version = "=0.16.5", path = "../db_views_moderator" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.2" +activitypub_federation = "0.2.3" diesel = "2.0.2" bcrypt = "0.13.0" chrono = { version = "0.4.22", features = ["serde"], default-features = false } diff --git a/crates/api_crud/Cargo.toml b/crates/api_crud/Cargo.toml index 78581871b..aa1ec1a07 100644 --- a/crates/api_crud/Cargo.toml +++ b/crates/api_crud/Cargo.toml @@ -16,7 +16,7 @@ lemmy_db_views = { version = "=0.16.5", path = "../db_views", features = ["full" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.2" +activitypub_federation = "0.2.3" bcrypt = "0.13.0" serde_json = { version = "1.0.87", features = ["preserve_order"] } serde = { version = "1.0.147", features = ["derive"] } diff --git a/crates/api_crud/src/site/update.rs b/crates/api_crud/src/site/update.rs index 623ad129d..5f22d9f2a 100644 --- a/crates/api_crud/src/site/update.rs +++ b/crates/api_crud/src/site/update.rs @@ -74,7 +74,8 @@ impl PerformCrud for EditSite { let site_id = local_site.site_id; if let Some(discussion_languages) = data.discussion_languages.clone() { - SiteLanguage::update(context.pool(), discussion_languages.clone(), site_id).await?; + let site = Site::read(context.pool(), site_id).await?; + SiteLanguage::update(context.pool(), discussion_languages.clone(), &site).await?; } let name = data.name.to_owned(); diff --git a/crates/apub/Cargo.toml b/crates/apub/Cargo.toml index 3db6cce32..3fdd062aa 100644 --- a/crates/apub/Cargo.toml +++ b/crates/apub/Cargo.toml @@ -20,7 +20,7 @@ lemmy_db_views = { version = "=0.16.5", path = "../db_views", features = ["full" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.2" +activitypub_federation = "0.2.3" diesel = "2.0.2" activitystreams-kinds = "0.2.1" chrono = { version = "0.4.22", features = ["serde"], default-features = false } diff --git a/crates/apub/src/activities/block/block_user.rs b/crates/apub/src/activities/block/block_user.rs index fac686293..540847072 100644 --- a/crates/apub/src/activities/block/block_user.rs +++ b/crates/apub/src/activities/block/block_user.rs @@ -9,8 +9,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, instance::remote_instance_inboxes, person::ApubPerson}, protocol::activities::block::block_user::BlockUser, @@ -125,10 +123,6 @@ impl ActivityHandler for BlockUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; match self .target diff --git a/crates/apub/src/activities/block/undo_block_user.rs b/crates/apub/src/activities/block/undo_block_user.rs index e308d4c47..27fe816f6 100644 --- a/crates/apub/src/activities/block/undo_block_user.rs +++ b/crates/apub/src/activities/block/undo_block_user.rs @@ -1,19 +1,3 @@ -use crate::{ - activities::{ - block::{generate_cc, SiteOrCommunity}, - community::{announce::GetCommunity, send_activity_in_community}, - generate_activity_id, - send_lemmy_activity, - verify_is_public, - }, - activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, - local_instance, - objects::{community::ApubCommunity, instance::remote_instance_inboxes, person::ApubPerson}, - protocol::activities::block::{block_user::BlockUser, undo_block_user::UndoBlockUser}, - ActorType, -}; use activitypub_federation::{ core::object_id::ObjectId, data::Data, @@ -33,6 +17,21 @@ use lemmy_utils::error::LemmyError; use lemmy_websocket::LemmyContext; use url::Url; +use crate::{ + activities::{ + block::{generate_cc, SiteOrCommunity}, + community::{announce::GetCommunity, send_activity_in_community}, + generate_activity_id, + send_lemmy_activity, + verify_is_public, + }, + activity_lists::AnnouncableActivities, + local_instance, + objects::{community::ApubCommunity, instance::remote_instance_inboxes, person::ApubPerson}, + protocol::activities::block::{block_user::BlockUser, undo_block_user::UndoBlockUser}, + ActorType, +}; + impl UndoBlockUser { #[tracing::instrument(skip_all)] pub async fn send( @@ -91,10 +90,6 @@ impl ActivityHandler for UndoBlockUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; verify_domains_match(self.actor.inner(), self.object.actor.inner())?; self.object.verify(context, request_counter).await?; diff --git a/crates/apub/src/activities/community/add_mod.rs b/crates/apub/src/activities/community/add_mod.rs index 13a101205..ba78ec3b9 100644 --- a/crates/apub/src/activities/community/add_mod.rs +++ b/crates/apub/src/activities/community/add_mod.rs @@ -12,8 +12,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, generate_moderators_url, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, @@ -85,10 +83,6 @@ impl ActivityHandler for AddMod { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/community/announce.rs b/crates/apub/src/activities/community/announce.rs index 5d7475bb5..e5419680e 100644 --- a/crates/apub/src/activities/community/announce.rs +++ b/crates/apub/src/activities/community/announce.rs @@ -1,8 +1,6 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_is_public}, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, insert_activity, objects::community::ApubCommunity, protocol::{ @@ -86,13 +84,9 @@ impl ActivityHandler for AnnounceActivity { #[tracing::instrument(skip_all)] async fn verify( &self, - context: &Data, + _context: &Data, _request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; Ok(()) } diff --git a/crates/apub/src/activities/community/remove_mod.rs b/crates/apub/src/activities/community/remove_mod.rs index 5a505af1d..82c499e43 100644 --- a/crates/apub/src/activities/community/remove_mod.rs +++ b/crates/apub/src/activities/community/remove_mod.rs @@ -12,8 +12,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, generate_moderators_url, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, @@ -85,10 +83,6 @@ impl ActivityHandler for RemoveMod { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/community/report.rs b/crates/apub/src/activities/community/report.rs index 112508eab..33322bf38 100644 --- a/crates/apub/src/activities/community/report.rs +++ b/crates/apub/src/activities/community/report.rs @@ -1,7 +1,5 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person_in_community}, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::community::report::Report, @@ -76,10 +74,6 @@ impl ActivityHandler for Report { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - let community = self.to[0] .dereference(context, local_instance(context).await, request_counter) .await?; diff --git a/crates/apub/src/activities/community/update.rs b/crates/apub/src/activities/community/update.rs index cfa28f647..f19aafeca 100644 --- a/crates/apub/src/activities/community/update.rs +++ b/crates/apub/src/activities/community/update.rs @@ -7,8 +7,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::community::update::UpdateCommunity, @@ -70,9 +68,6 @@ impl ActivityHandler for UpdateCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/comment.rs b/crates/apub/src/activities/create_or_update/comment.rs index 1c9d72ec6..1c6ce5111 100644 --- a/crates/apub/src/activities/create_or_update/comment.rs +++ b/crates/apub/src/activities/create_or_update/comment.rs @@ -8,8 +8,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, local_instance, mentions::MentionOrValue, objects::{comment::ApubComment, community::ApubCommunity, person::ApubPerson}, @@ -113,10 +111,6 @@ impl ActivityHandler for CreateOrUpdateComment { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_is_public(&self.to, &self.cc)?; let post = self.object.get_parents(context, request_counter).await?.0; let community = self.get_community(context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/post.rs b/crates/apub/src/activities/create_or_update/post.rs index 7121d31a7..09e9ae0d3 100644 --- a/crates/apub/src/activities/create_or_update/post.rs +++ b/crates/apub/src/activities/create_or_update/post.rs @@ -8,8 +8,6 @@ use crate::{ verify_person_in_community, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, objects::{community::ApubCommunity, person::ApubPerson, post::ApubPost}, protocol::activities::{create_or_update::post::CreateOrUpdatePost, CreateOrUpdateType}, ActorType, @@ -90,9 +88,6 @@ impl ActivityHandler for CreateOrUpdatePost { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &self.cc)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; diff --git a/crates/apub/src/activities/create_or_update/private_message.rs b/crates/apub/src/activities/create_or_update/private_message.rs index 9470ff03f..523135db7 100644 --- a/crates/apub/src/activities/create_or_update/private_message.rs +++ b/crates/apub/src/activities/create_or_update/private_message.rs @@ -1,7 +1,5 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person}, - check_apub_id_valid, - fetch_local_site_data, objects::{person::ApubPerson, private_message::ApubPrivateMessage}, protocol::activities::{ create_or_update::private_message::CreateOrUpdatePrivateMessage, @@ -67,10 +65,6 @@ impl ActivityHandler for CreateOrUpdatePrivateMessage { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_person(&self.actor, context, request_counter).await?; verify_domains_match(self.actor.inner(), self.object.id.inner())?; verify_domains_match(self.to[0].inner(), self.object.to[0].inner())?; diff --git a/crates/apub/src/activities/deletion/delete.rs b/crates/apub/src/activities/deletion/delete.rs index cca9ac3bd..0124f2331 100644 --- a/crates/apub/src/activities/deletion/delete.rs +++ b/crates/apub/src/activities/deletion/delete.rs @@ -4,8 +4,6 @@ use crate::{ deletion::{receive_delete_action, verify_delete_activity, DeletableObjects}, generate_activity_id, }, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::{activities::deletion::delete::Delete, IdOrNestedObject}, @@ -56,9 +54,6 @@ impl ActivityHandler for Delete { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_delete_activity(self, self.summary.is_some(), context, request_counter).await?; Ok(()) } diff --git a/crates/apub/src/activities/deletion/delete_user.rs b/crates/apub/src/activities/deletion/delete_user.rs index 7d9991622..08d9d3959 100644 --- a/crates/apub/src/activities/deletion/delete_user.rs +++ b/crates/apub/src/activities/deletion/delete_user.rs @@ -1,7 +1,5 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_is_public, verify_person}, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{instance::remote_instance_inboxes, person::ApubPerson}, protocol::activities::deletion::delete_user::DeleteUser, @@ -38,9 +36,6 @@ impl ActivityHandler for DeleteUser { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_is_public(&self.to, &[])?; verify_person(&self.actor, context, request_counter).await?; verify_urls_match(self.actor.inner(), self.object.inner())?; diff --git a/crates/apub/src/activities/deletion/undo_delete.rs b/crates/apub/src/activities/deletion/undo_delete.rs index 3be114551..29f75e6d6 100644 --- a/crates/apub/src/activities/deletion/undo_delete.rs +++ b/crates/apub/src/activities/deletion/undo_delete.rs @@ -4,8 +4,6 @@ use crate::{ deletion::{receive_delete_action, verify_delete_activity, DeletableObjects}, generate_activity_id, }, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::deletion::{delete::Delete, undo_delete::UndoDelete}, @@ -55,9 +53,6 @@ impl ActivityHandler for UndoDelete { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; self.object.verify(context, request_counter).await?; verify_delete_activity( &self.object, diff --git a/crates/apub/src/activities/following/accept.rs b/crates/apub/src/activities/following/accept.rs index 68656b1d0..55a374495 100644 --- a/crates/apub/src/activities/following/accept.rs +++ b/crates/apub/src/activities/following/accept.rs @@ -1,7 +1,5 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity}, - check_apub_id_valid, - fetch_local_site_data, local_instance, protocol::activities::following::{accept::AcceptFollowCommunity, follow::FollowCommunity}, ActorType, @@ -69,10 +67,6 @@ impl ActivityHandler for AcceptFollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; - verify_urls_match(self.actor.inner(), self.object.object.inner())?; self.object.verify(context, request_counter).await?; Ok(()) diff --git a/crates/apub/src/activities/following/follow.rs b/crates/apub/src/activities/following/follow.rs index 9fa499fa8..57390b7fb 100644 --- a/crates/apub/src/activities/following/follow.rs +++ b/crates/apub/src/activities/following/follow.rs @@ -5,8 +5,6 @@ use crate::{ verify_person, verify_person_in_community, }, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::following::{accept::AcceptFollowCommunity, follow::FollowCommunity}, @@ -84,9 +82,6 @@ impl ActivityHandler for FollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_person(&self.actor, context, request_counter).await?; let community = self .object diff --git a/crates/apub/src/activities/following/undo_follow.rs b/crates/apub/src/activities/following/undo_follow.rs index 1adfd6afc..221d8184f 100644 --- a/crates/apub/src/activities/following/undo_follow.rs +++ b/crates/apub/src/activities/following/undo_follow.rs @@ -1,7 +1,5 @@ use crate::{ activities::{generate_activity_id, send_lemmy_activity, verify_person}, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::following::{follow::FollowCommunity, undo_follow::UndoFollowCommunity}, @@ -64,9 +62,6 @@ impl ActivityHandler for UndoFollowCommunity { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; verify_urls_match(self.actor.inner(), self.object.actor.inner())?; verify_person(&self.actor, context, request_counter).await?; self.object.verify(context, request_counter).await?; diff --git a/crates/apub/src/activities/voting/undo_vote.rs b/crates/apub/src/activities/voting/undo_vote.rs index 40c0453f7..9415e5477 100644 --- a/crates/apub/src/activities/voting/undo_vote.rs +++ b/crates/apub/src/activities/voting/undo_vote.rs @@ -6,8 +6,6 @@ use crate::{ voting::{undo_vote_comment, undo_vote_post}, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::voting::{ @@ -79,9 +77,6 @@ impl ActivityHandler for UndoVote { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; verify_urls_match(self.actor.inner(), self.object.actor.inner())?; diff --git a/crates/apub/src/activities/voting/vote.rs b/crates/apub/src/activities/voting/vote.rs index a014bef11..8a022f7d2 100644 --- a/crates/apub/src/activities/voting/vote.rs +++ b/crates/apub/src/activities/voting/vote.rs @@ -6,8 +6,6 @@ use crate::{ voting::{vote_comment, vote_post}, }, activity_lists::AnnouncableActivities, - check_apub_id_valid, - fetch_local_site_data, local_instance, objects::{community::ApubCommunity, person::ApubPerson}, protocol::activities::voting::vote::{Vote, VoteType}, @@ -78,9 +76,6 @@ impl ActivityHandler for Vote { context: &Data, request_counter: &mut i32, ) -> Result<(), LemmyError> { - let local_site_data = fetch_local_site_data(context.pool()).await?; - check_apub_id_valid(self.id(), &local_site_data, context.settings()) - .map_err(LemmyError::from_message)?; let community = self.get_community(context, request_counter).await?; verify_person_in_community(&self.actor, &community, context, request_counter).await?; let enable_downvotes = LocalSite::read(context.pool()) diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index 53d3a3a26..d8394a6e9 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -4,8 +4,10 @@ use activitypub_federation::{ traits::{Actor, ApubObject}, InstanceSettings, LocalInstance, + UrlVerifier, }; use anyhow::Context; +use async_trait::async_trait; use lemmy_db_schema::{ newtypes::DbUrl, source::{activity::Activity, instance::Instance, local_site::LocalSite}, @@ -55,9 +57,8 @@ async fn local_instance(context: &LemmyContext) -> &'static LocalInstance { .http_fetch_retry_limit(http_fetch_retry_limit) .worker_count(worker_count) .debug(federation_debug) - // TODO No idea why, but you can't pass context.settings() to the verify_url_function closure - // without the value getting captured. .http_signature_compat(true) + .url_verifier(Box::new(VerifyUrlData(context.clone()))) .build() .expect("configure federation"); LocalInstance::new( @@ -69,6 +70,19 @@ async fn local_instance(context: &LemmyContext) -> &'static LocalInstance { .await } +#[derive(Clone)] +struct VerifyUrlData(LemmyContext); + +#[async_trait] +impl UrlVerifier for VerifyUrlData { + async fn verify(&self, url: &Url) -> Result<(), &'static str> { + let local_site_data = fetch_local_site_data(self.0.pool()) + .await + .expect("read local site data"); + check_apub_id_valid(url, &local_site_data, self.0.settings()) + } +} + /// Checks if the ID is allowed for sending or receiving. /// /// In particular, it checks for: @@ -80,7 +94,6 @@ async fn local_instance(context: &LemmyContext) -> &'static LocalInstance { /// `use_strict_allowlist` should be true only when parsing a remote community, or when parsing a /// post/comment in a local community. #[tracing::instrument(skip(settings, local_site_data))] -// TODO This function needs to be called by incoming activities fn check_apub_id_valid( apub_id: &Url, local_site_data: &LocalSiteData, diff --git a/crates/apub/src/objects/instance.rs b/crates/apub/src/objects/instance.rs index 79dea8a80..e9c70da0b 100644 --- a/crates/apub/src/objects/instance.rs +++ b/crates/apub/src/objects/instance.rs @@ -153,7 +153,7 @@ impl ApubObject for ApubSite { let languages = LanguageTag::to_language_id_multiple(apub.language, data.pool()).await?; let site = Site::create(data.pool(), &site_form).await?; - SiteLanguage::update(data.pool(), languages, site.id).await?; + SiteLanguage::update(data.pool(), languages, &site).await?; Ok(site.into()) } } diff --git a/crates/db_schema/Cargo.toml b/crates/db_schema/Cargo.toml index 8dd7e5c4d..da508b29f 100644 --- a/crates/db_schema/Cargo.toml +++ b/crates/db_schema/Cargo.toml @@ -24,7 +24,7 @@ url = { version = "2.3.1", features = ["serde"] } strum = "0.24.1" strum_macros = "0.24.3" serde_json = { version = "1.0.87", features = ["preserve_order"], optional = true } -activitypub_federation = { version = "0.2.2", optional = true } +activitypub_federation = { version = "0.2.3", optional = true } lemmy_utils = { version = "=0.16.5", path = "../utils", optional = true } bcrypt = { version = "0.13.0", optional = true } diesel = { version = "2.0.2", features = ["postgres","chrono", "serde_json"], optional = true } diff --git a/crates/db_schema/src/impls/actor_language.rs b/crates/db_schema/src/impls/actor_language.rs index 7fd81e0bc..4b8f3e379 100644 --- a/crates/db_schema/src/impls/actor_language.rs +++ b/crates/db_schema/src/impls/actor_language.rs @@ -1,8 +1,8 @@ use crate::{ diesel::JoinOnDsl, - newtypes::{CommunityId, LanguageId, LocalUserId, SiteId}, + newtypes::{CommunityId, InstanceId, LanguageId, LocalUserId, SiteId}, schema::{local_site, site, site_language}, - source::{actor_language::*, language::Language}, + source::{actor_language::*, language::Language, site::Site}, utils::{get_conn, DbPool}, }; use diesel::{delete, dsl::*, insert_into, result::Error, select, ExpressionMethods, QueryDsl}; @@ -96,9 +96,11 @@ impl SiteLanguage { pub async fn update( pool: &DbPool, language_ids: Vec, - for_site_id: SiteId, + site: &Site, ) -> Result<(), Error> { let conn = &mut get_conn(pool).await?; + let for_site_id = site.id; + let instance_id = site.instance_id; conn .build_transaction() @@ -123,7 +125,7 @@ impl SiteLanguage { .await?; } - CommunityLanguage::limit_languages(conn).await?; + CommunityLanguage::limit_languages(conn, instance_id).await?; Ok(()) }) as _ @@ -165,7 +167,10 @@ impl CommunityLanguage { /// also part of site languages. This is because post/comment language is only checked against /// community language, and it shouldnt be possible to post content in languages which are not /// allowed by local site. - async fn limit_languages(conn: &mut AsyncPgConnection) -> Result<(), Error> { + async fn limit_languages( + conn: &mut AsyncPgConnection, + for_instance_id: InstanceId, + ) -> Result<(), Error> { use crate::schema::{ community::dsl as c, community_language::dsl as cl, @@ -174,7 +179,7 @@ impl CommunityLanguage { let community_languages: Vec = cl::community_language .left_outer_join(sl::site_language.on(cl::language_id.eq(sl::language_id))) .inner_join(c::community) - .filter(c::local) + .filter(c::instance_id.eq(for_instance_id)) .filter(sl::language_id.is_null()) .select(cl::language_id) .get_results(conn) @@ -401,7 +406,7 @@ mod tests { assert_eq!(184, site_languages1.len()); let test_langs = test_langs1(pool).await; - SiteLanguage::update(pool, test_langs.clone(), site.id) + SiteLanguage::update(pool, test_langs.clone(), &site) .await .unwrap(); @@ -421,7 +426,7 @@ mod tests { let (site, instance) = create_test_site(pool).await; let test_langs = test_langs1(pool).await; - SiteLanguage::update(pool, test_langs.clone(), site.id) + SiteLanguage::update(pool, test_langs.clone(), &site) .await .unwrap(); @@ -463,7 +468,7 @@ mod tests { let pool = &build_db_pool_for_tests().await; let (site, instance) = create_test_site(pool).await; let test_langs = test_langs1(pool).await; - SiteLanguage::update(pool, test_langs.clone(), site.id) + SiteLanguage::update(pool, test_langs.clone(), &site) .await .unwrap(); @@ -499,7 +504,7 @@ mod tests { // limit site languages to en, fi. after this, community languages should be updated to // intersection of old languages (en, fr, ru) and (en, fi), which is only fi. - SiteLanguage::update(pool, vec![test_langs[0], test_langs2[0]], site.id) + SiteLanguage::update(pool, vec![test_langs[0], test_langs2[0]], &site) .await .unwrap(); let community_langs2 = CommunityLanguage::read(pool, community.id).await.unwrap(); diff --git a/crates/db_schema/src/impls/site.rs b/crates/db_schema/src/impls/site.rs index 2986af9b7..0588f0088 100644 --- a/crates/db_schema/src/impls/site.rs +++ b/crates/db_schema/src/impls/site.rs @@ -31,7 +31,7 @@ impl Crud for Site { .await?; // initialize with all languages - SiteLanguage::update(pool, vec![], site_.id).await?; + SiteLanguage::update(pool, vec![], &site_).await?; Ok(site_) } diff --git a/crates/routes/src/images.rs b/crates/routes/src/images.rs index 3eb9bfd4e..97134078b 100644 --- a/crates/routes/src/images.rs +++ b/crates/routes/src/images.rs @@ -11,6 +11,8 @@ use actix_web::{ HttpResponse, }; use futures::stream::{Stream, StreamExt}; +use lemmy_api_common::utils::get_local_user_view_from_jwt; +use lemmy_db_schema::source::local_site::LocalSite; use lemmy_utils::{claims::Claims, rate_limit::RateLimit, REQWEST_TIMEOUT}; use lemmy_websocket::LemmyContext; use reqwest::Body; @@ -45,7 +47,7 @@ struct Images { #[derive(Deserialize)] struct PictrsParams { format: Option, - thumbnail: Option, + thumbnail: Option, } #[derive(Deserialize)] @@ -123,6 +125,21 @@ async fn full_res( client: web::Data, context: web::Data, ) -> Result { + // block access to images if instance is private and unauthorized, public + let local_site = LocalSite::read(context.pool()) + .await + .map_err(error::ErrorBadRequest)?; + if local_site.private_instance { + let jwt = req + .cookie("jwt") + .expect("No auth header for picture access"); + if get_local_user_view_from_jwt(jwt.value(), context.pool(), context.secret()) + .await + .is_err() + { + return Ok(HttpResponse::Unauthorized().finish()); + }; + } let name = &filename.into_inner(); // If there are no query params, the URL is original @@ -130,8 +147,10 @@ async fn full_res( let url = if params.format.is_none() && params.thumbnail.is_none() { format!("{}image/original/{}", pictrs_config.url, name,) } else { - // Use jpg as a default when none is given - let format = params.format.unwrap_or_else(|| "jpg".to_string()); + // Take file type from name, or jpg if nothing is given + let format = params + .format + .unwrap_or_else(|| name.split('.').last().unwrap_or("jpg").to_string()); let mut url = format!("{}image/process.{}?src={}", pictrs_config.url, format, name,); diff --git a/crates/utils/translations b/crates/utils/translations index 454debaed..f5d6f0eab 160000 --- a/crates/utils/translations +++ b/crates/utils/translations @@ -1 +1 @@ -Subproject commit 454debaede4cc932ac15fea9bf620cf1daf1ae4c +Subproject commit f5d6f0eabafd559417bf8f203fd655f7858bffcf diff --git a/docker/dev/lemmy.hjson b/docker/dev/lemmy.hjson index 23f405204..2bd0675a9 100644 --- a/docker/dev/lemmy.hjson +++ b/docker/dev/lemmy.hjson @@ -10,6 +10,9 @@ admin_password: "lemmylemmy" site_name: "lemmy-dev" } + database: { + host: postgres + } database: { host: "postgres"