diff options
author | ThibG <thib@sitedethib.com> | 2019-03-20 20:13:22 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-20 20:13:22 +0100 |
commit | bde9196b70299405ebe9b16500b7a3f65539b2c3 (patch) | |
tree | 4bec904a28c70b916d18055f8291f17c2e58e07b /app/controllers/activitypub | |
parent | b9a998f201913dd1c89ddcb0c4c9e181eb73bfcf (diff) | |
parent | 8b5b686f087f99d1a2b54e0760add8180d77fa7e (diff) |
Merge pull request #964 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/controllers/activitypub')
-rw-r--r-- | app/controllers/activitypub/inboxes_controller.rb | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/app/controllers/activitypub/inboxes_controller.rb b/app/controllers/activitypub/inboxes_controller.rb index 8f5e1887e..1501b914e 100644 --- a/app/controllers/activitypub/inboxes_controller.rb +++ b/app/controllers/activitypub/inboxes_controller.rb @@ -2,11 +2,14 @@ class ActivityPub::InboxesController < Api::BaseController include SignatureVerification + include JsonLdHelper before_action :set_account def create - if signed_request_account + if unknown_deleted_account? + head 202 + elsif signed_request_account upgrade_account process_payload head 202 @@ -17,12 +20,19 @@ class ActivityPub::InboxesController < Api::BaseController private + def unknown_deleted_account? + json = Oj.load(body, mode: :strict) + json['type'] == 'Delete' && json['actor'].present? && json['actor'] == value_or_id(json['object']) && !Account.where(uri: json['actor']).exists? + rescue Oj::ParseError + false + end + def set_account @account = Account.find_local!(params[:account_username]) if params[:account_username] end def body - @body ||= request.body.read + @body ||= request.body.read.force_encoding('UTF-8') end def upgrade_account @@ -36,6 +46,6 @@ class ActivityPub::InboxesController < Api::BaseController end def process_payload - ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id) + ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body, @account&.id) end end |