mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2024-11-19 16:10:59 +00:00
AcceptValidation: Codify accept rules.
This commit is contained in:
parent
f1a0c10b17
commit
8b1e8bec2f
2 changed files with 26 additions and 1 deletions
|
@ -6,6 +6,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidator do
|
||||||
use Ecto.Schema
|
use Ecto.Schema
|
||||||
|
|
||||||
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
||||||
|
alias Pleroma.Activity
|
||||||
|
|
||||||
import Ecto.Changeset
|
import Ecto.Changeset
|
||||||
import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
|
import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
|
||||||
|
@ -31,7 +32,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidator do
|
||||||
|> validate_required([:id, :type, :actor, :to, :cc, :object])
|
|> validate_required([:id, :type, :actor, :to, :cc, :object])
|
||||||
|> validate_inclusion(:type, ["Accept"])
|
|> validate_inclusion(:type, ["Accept"])
|
||||||
|> validate_actor_presence()
|
|> validate_actor_presence()
|
||||||
|> validate_object_presence()
|
|> validate_object_presence(allowed_types: ["Follow"])
|
||||||
|
|> validate_accept_rights()
|
||||||
end
|
end
|
||||||
|
|
||||||
def cast_and_validate(data) do
|
def cast_and_validate(data) do
|
||||||
|
@ -39,4 +41,16 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidator do
|
||||||
|> cast_data
|
|> cast_data
|
||||||
|> validate_data
|
|> validate_data
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def validate_accept_rights(cng) do
|
||||||
|
with object_id when is_binary(object_id) <- get_field(cng, :object),
|
||||||
|
%Activity{data: %{"object" => followed_actor}} <- Activity.get_by_ap_id(object_id),
|
||||||
|
true <- followed_actor == get_field(cng, :actor) do
|
||||||
|
cng
|
||||||
|
else
|
||||||
|
_e ->
|
||||||
|
cng
|
||||||
|
|> add_error(:actor, "can't accept the given activity")
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -41,4 +41,15 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidationTest do
|
||||||
|
|
||||||
assert {:error, _} = ObjectValidator.validate(accept_data, [])
|
assert {:error, _} = ObjectValidator.validate(accept_data, [])
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "for an accepted follow, it only validates if the actor of the accept is the followed actor",
|
||||||
|
%{accept_data: accept_data} do
|
||||||
|
stranger = insert(:user)
|
||||||
|
|
||||||
|
accept_data =
|
||||||
|
accept_data
|
||||||
|
|> Map.put("actor", stranger.ap_id)
|
||||||
|
|
||||||
|
assert {:error, _} = ObjectValidator.validate(accept_data, [])
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue