about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2022-02-11 14:52:45 +0100
committerGitHub <noreply@github.com>2022-02-11 14:52:45 +0100
commitc9a52833b6840673bbed7454ca6b6b9cd88e7bfa (patch)
treeede935c6e61e63b9da4213c89da5dce5ad718d9f /app
parentd4e6774a0c88931d907f275821eb001e6dd2cb2d (diff)
Fix deletes not being signed in authorized fetch mode (#17484)
Fix #17483
Diffstat (limited to 'app')
-rw-r--r--app/services/concerns/payloadable.rb18
-rw-r--r--app/services/delete_account_service.rb2
-rw-r--r--app/services/remove_status_service.rb2
3 files changed, 15 insertions, 7 deletions
diff --git a/app/services/concerns/payloadable.rb b/app/services/concerns/payloadable.rb
index 3e45570c3..04c3798fe 100644
--- a/app/services/concerns/payloadable.rb
+++ b/app/services/concerns/payloadable.rb
@@ -1,13 +1,21 @@
 # frozen_string_literal: true
 
 module Payloadable
+  # @param [ActiveModelSerializers::Model] record
+  # @param [ActiveModelSerializers::Serializer] serializer
+  # @param [Hash] options
+  # @option options [Account] :signer
+  # @option options [String] :sign_with
+  # @option options [Boolean] :always_sign
+  # @return [Hash]
   def serialize_payload(record, serializer, options = {})
-    signer    = options.delete(:signer)
-    sign_with = options.delete(:sign_with)
-    payload   = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
-    object    = record.respond_to?(:virtual_object) ? record.virtual_object : record
+    signer      = options.delete(:signer)
+    sign_with   = options.delete(:sign_with)
+    always_sign = options.delete(:always_sign)
+    payload     = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
+    object      = record.respond_to?(:virtual_object) ? record.virtual_object : record
 
-    if (object.respond_to?(:sign?) && object.sign?) && signer && signing_enabled?
+    if (object.respond_to?(:sign?) && object.sign?) && signer && (always_sign || signing_enabled?)
       ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with)
     else
       payload
diff --git a/app/services/delete_account_service.rb b/app/services/delete_account_service.rb
index 0e3fedfe7..a572a7c59 100644
--- a/app/services/delete_account_service.rb
+++ b/app/services/delete_account_service.rb
@@ -265,7 +265,7 @@ class DeleteAccountService < BaseService
   end
 
   def delete_actor_json
-    @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account))
+    @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account, always_sign: true))
   end
 
   def delivery_inboxes
diff --git a/app/services/remove_status_service.rb b/app/services/remove_status_service.rb
index bec95bb1b..7fb9b6301 100644
--- a/app/services/remove_status_service.rb
+++ b/app/services/remove_status_service.rb
@@ -95,7 +95,7 @@ class RemoveStatusService < BaseService
   end
 
   def signed_activity_json
-    @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account))
+    @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account, always_sign: true))
   end
 
   def remove_reblogs