about summary refs log tree commit diff
diff options
context:
space:
mode:
authormultiple creatures <dev@multiple-creature.party>2019-08-03 23:30:50 -0500
committermultiple creatures <dev@multiple-creature.party>2019-08-03 23:30:50 -0500
commit2be5c8a55c06505ea70159a5ab61e6f568f631f0 (patch)
tree0919080c346370f375def37478b68a35f3537a47
parent4801d5ac847f67681a633d041cfa639780c4f12b (diff)
automatically set `suspend` policy on domains that trigger `context` auto-rejections
-rw-r--r--app/helpers/autoreject_helper.rb35
1 files changed, 25 insertions, 10 deletions
diff --git a/app/helpers/autoreject_helper.rb b/app/helpers/autoreject_helper.rb
index 3e1bd57aa..264fd94e2 100644
--- a/app/helpers/autoreject_helper.rb
+++ b/app/helpers/autoreject_helper.rb
@@ -1,4 +1,8 @@
 module AutorejectHelper
+  include ModerationHelper
+
+  AUTOBLOCK_TRIGGERS = [:context, :context_starts_with, :context_contains]
+
 	def should_reject?(uri = nil)
     if uri.nil?
       if @object
@@ -12,7 +16,7 @@ module AutorejectHelper
 
     domain = uri.scan(/[\w\-]+\.[\w\-]+(?:\.[\w\-]+)*/).first
     blocks = DomainBlock.suspend
-    return :domain if blocks.where(domain: domain).or(blocks.where('domain LIKE ?', "%.#{domain}")).exists?
+    return [:domain, uri] if blocks.where(domain: domain).or(blocks.where('domain LIKE ?', "%.#{domain}")).exists?
 
     return unless @json || @object
 
@@ -21,8 +25,8 @@ module AutorejectHelper
     if @json
       oid = @json['id']
       if oid
-        return :id_starts_with if ENV.fetch('REJECT_IF_ID_STARTS_WITH', '').split.any? { |r| oid.start_with?(r) }
-        return :id_contains if ENV.fetch('REJECT_IF_ID_CONTAINS', '').split.any? { |r| r.in?(oid) }
+        return [:id_starts_with, uri] if ENV.fetch('REJECT_IF_ID_STARTS_WITH', '').split.any? { |r| oid.start_with?(r) }
+        return [:id_contains, uri] if ENV.fetch('REJECT_IF_ID_CONTAINS', '').split.any? { |r| r.in?(oid) }
       end
 
       username = @json['preferredUsername'] || @json['username']
@@ -33,9 +37,9 @@ module AutorejectHelper
 
       unless username.blank?
         username.downcase!
-        return :username if ENV.fetch('REJECT_IF_USERNAME_EQUALS', '').split.any? { |r| r == username }
-        return :username_starts_with if ENV.fetch('REJECT_IF_USERNAME_STARTS_WITH', '').split.any? { |r| username.start_with?(r) }
-        return :username_contains if ENV.fetch('REJECT_IF_USERNAME_CONTAINS', '').split.any? { |r| r.in?(username) }
+        return [:username, uri] if ENV.fetch('REJECT_IF_USERNAME_EQUALS', '').split.any? { |r| r == username }
+        return [:username_starts_with, uri] if ENV.fetch('REJECT_IF_USERNAME_STARTS_WITH', '').split.any? { |r| username.start_with?(r) }
+        return [:username_contains, uri] if ENV.fetch('REJECT_IF_USERNAME_CONTAINS', '').split.any? { |r| r.in?(username) }
       end
 
       context = @json['@context'] unless @object && context
@@ -47,9 +51,9 @@ module AutorejectHelper
       inline_context = context.find { |item| item.is_a?(Hash) }
       if inline_context
         keys = inline_context.keys
-        return :context if ENV.fetch('REJECT_IF_CONTEXT_EQUALS', '').split.any? { |r| r.in?(keys) }
-        return :context_starts_with if ENV.fetch('REJECT_IF_CONTEXT_STARTS_WITH', '').split.any? { |r| keys.any? { |k| k.start_with?(r) } }
-        return :context_contains if ENV.fetch('REJECT_IF_CONTEXT_CONTAINS', '').split.any? { |r| keys.any? { |k| r.in?(k) } }
+        return [:context, uri] if ENV.fetch('REJECT_IF_CONTEXT_EQUALS', '').split.any? { |r| r.in?(keys) }
+        return [:context_starts_with, uri] if ENV.fetch('REJECT_IF_CONTEXT_STARTS_WITH', '').split.any? { |r| keys.any? { |k| k.start_with?(r) } }
+        return [:context_contains, uri] if ENV.fetch('REJECT_IF_CONTEXT_CONTAINS', '').split.any? { |r| keys.any? { |k| r.in?(k) } }
       end
     end
 
@@ -81,12 +85,23 @@ module AutorejectHelper
     end
   end
 
+  def should_autoblock?(reason)
+    @json['type'] == 'Create' && reason.in?(AUTOBLOCK_TRIGGERS)
+  end
+
+  def autoblock!(uri, reason)
+    return if uri.nil?
+    domain = uri.scan(/[\w\-]+\.[\w\-]+(?:\.[\w\-]+)*/).first
+    domain_policy(uri, :suspend, "Sent an ActivityPub payload (#{uri}) where #{reason}.")
+  end
+
   def autoreject?(uri = nil)
     return false if @options && @options[:imported]
-    reason = should_reject?(uri)
+    reason, uri = should_reject?(uri)
     if reason
       reason = reject_reason(reason)
       if @json
+        autoblock!(uri, reason) if should_autoblock?(reason)
         Rails.logger.info("Rejected an incoming '#{@json['type']}#{@object && " #{@object['type']}".rstrip}' from #{@json['id']} because #{reason}.")
       elsif uri
         Rails.logger.info("Rejected an outgoing request to #{uri} because #{reason}.")