Do not accept ActivityPub follow requests from blocked user (#7756)

* Do not accept ActivityPub follow requests from blocked user

Fix #7745

* Deliver auto-rejection immediately when follow-requested by blocked account

* Fix trailing whitespace

1 files changed, 10 insertions, 0 deletions

diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb
index fbbf358a8..826dcf18e 100644
--- a/app/lib/activitypub/activity/follow.rb
+++ b/app/lib/activitypub/activity/follow.rb
@@ -6,6 +6,11 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
 
     return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account)
 
+    if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain)
+      reject_follow_request!(target_account)
+      return
+    end
+
     # Fast-forward repeat follow requests
     if @account.following?(target_account)
       AuthorizeFollowService.new.call(@account, target_account, skip_follow_request: true)
@@ -21,4 +26,9 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
       NotifyService.new.call(target_account, ::Follow.find_by(account: @account, target_account: target_account))
     end
   end
+
+  def reject_follow_request!(target_account)
+    json = Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter).as_json).sign!(target_account))
+    ActivityPub::DeliveryWorker.perform_async(json, target_account.id, @account.inbox_url)
+  end
 end