diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2022-02-11 14:52:45 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-11 14:52:45 +0100 |
commit | c9a52833b6840673bbed7454ca6b6b9cd88e7bfa (patch) | |
tree | ede935c6e61e63b9da4213c89da5dce5ad718d9f /app | |
parent | d4e6774a0c88931d907f275821eb001e6dd2cb2d (diff) |
Fix deletes not being signed in authorized fetch mode (#17484)
Fix #17483
Diffstat (limited to 'app')
-rw-r--r-- | app/services/concerns/payloadable.rb | 18 | ||||
-rw-r--r-- | app/services/delete_account_service.rb | 2 | ||||
-rw-r--r-- | app/services/remove_status_service.rb | 2 |
3 files changed, 15 insertions, 7 deletions
diff --git a/app/services/concerns/payloadable.rb b/app/services/concerns/payloadable.rb index 3e45570c3..04c3798fe 100644 --- a/app/services/concerns/payloadable.rb +++ b/app/services/concerns/payloadable.rb @@ -1,13 +1,21 @@ # frozen_string_literal: true module Payloadable + # @param [ActiveModelSerializers::Model] record + # @param [ActiveModelSerializers::Serializer] serializer + # @param [Hash] options + # @option options [Account] :signer + # @option options [String] :sign_with + # @option options [Boolean] :always_sign + # @return [Hash] def serialize_payload(record, serializer, options = {}) - signer = options.delete(:signer) - sign_with = options.delete(:sign_with) - payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json - object = record.respond_to?(:virtual_object) ? record.virtual_object : record + signer = options.delete(:signer) + sign_with = options.delete(:sign_with) + always_sign = options.delete(:always_sign) + payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json + object = record.respond_to?(:virtual_object) ? record.virtual_object : record - if (object.respond_to?(:sign?) && object.sign?) && signer && signing_enabled? + if (object.respond_to?(:sign?) && object.sign?) && signer && (always_sign || signing_enabled?) ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with) else payload diff --git a/app/services/delete_account_service.rb b/app/services/delete_account_service.rb index 0e3fedfe7..a572a7c59 100644 --- a/app/services/delete_account_service.rb +++ b/app/services/delete_account_service.rb @@ -265,7 +265,7 @@ class DeleteAccountService < BaseService end def delete_actor_json - @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account)) + @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account, always_sign: true)) end def delivery_inboxes diff --git a/app/services/remove_status_service.rb b/app/services/remove_status_service.rb index bec95bb1b..7fb9b6301 100644 --- a/app/services/remove_status_service.rb +++ b/app/services/remove_status_service.rb @@ -95,7 +95,7 @@ class RemoveStatusService < BaseService end def signed_activity_json - @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account)) + @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account, always_sign: true)) end def remove_reblogs |