diff options
author | Reverite <github@reverite.sh> | 2019-03-21 15:35:55 -0700 |
---|---|---|
committer | Reverite <github@reverite.sh> | 2019-03-21 15:35:55 -0700 |
commit | 592735fd80acd0aeffb5a5674255ed48d7a8db0b (patch) | |
tree | 0eefc67f624a07df0af860edecd68d5dc64c7ee9 /app/controllers/activitypub | |
parent | 75eeb003b09c53d3b4e98046d1c20b0ad8a887bb (diff) | |
parent | bde9196b70299405ebe9b16500b7a3f65539b2c3 (diff) |
Merge remote-tracking branch 'glitch/master' into production
Diffstat (limited to 'app/controllers/activitypub')
-rw-r--r-- | app/controllers/activitypub/inboxes_controller.rb | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/app/controllers/activitypub/inboxes_controller.rb b/app/controllers/activitypub/inboxes_controller.rb index 8f5e1887e..1501b914e 100644 --- a/app/controllers/activitypub/inboxes_controller.rb +++ b/app/controllers/activitypub/inboxes_controller.rb @@ -2,11 +2,14 @@ class ActivityPub::InboxesController < Api::BaseController include SignatureVerification + include JsonLdHelper before_action :set_account def create - if signed_request_account + if unknown_deleted_account? + head 202 + elsif signed_request_account upgrade_account process_payload head 202 @@ -17,12 +20,19 @@ class ActivityPub::InboxesController < Api::BaseController private + def unknown_deleted_account? + json = Oj.load(body, mode: :strict) + json['type'] == 'Delete' && json['actor'].present? && json['actor'] == value_or_id(json['object']) && !Account.where(uri: json['actor']).exists? + rescue Oj::ParseError + false + end + def set_account @account = Account.find_local!(params[:account_username]) if params[:account_username] end def body - @body ||= request.body.read + @body ||= request.body.read.force_encoding('UTF-8') end def upgrade_account @@ -36,6 +46,6 @@ class ActivityPub::InboxesController < Api::BaseController end def process_payload - ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id) + ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body, @account&.id) end end |