about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--app/helpers/autoreject_helper.rb77
-rw-r--r--app/lib/activitypub/activity/accept.rb1
-rw-r--r--app/lib/activitypub/activity/add.rb1
-rw-r--r--app/lib/activitypub/activity/announce.rb1
-rw-r--r--app/lib/activitypub/activity/create.rb1
-rw-r--r--app/lib/activitypub/activity/flag.rb1
-rw-r--r--app/lib/activitypub/activity/follow.rb1
-rw-r--r--app/lib/activitypub/activity/like.rb1
-rw-r--r--app/lib/activitypub/activity/move.rb1
-rw-r--r--app/lib/activitypub/activity/update.rb1
-rw-r--r--app/services/activitypub/fetch_remote_account_service.rb2
-rw-r--r--app/services/activitypub/fetch_remote_status_service.rb2
-rw-r--r--app/services/activitypub/fetch_replies_service.rb2
-rw-r--r--app/services/fetch_link_card_service.rb1
-rw-r--r--app/services/fetch_oembed_service.rb1
15 files changed, 1 insertions, 93 deletions
diff --git a/app/helpers/autoreject_helper.rb b/app/helpers/autoreject_helper.rb
deleted file mode 100644
index 2f869d405..000000000
--- a/app/helpers/autoreject_helper.rb
+++ /dev/null
@@ -1,77 +0,0 @@
-module AutorejectHelper
-  include ModerationHelper
-
-	def should_reject?(uri = nil)
-    if uri.nil?
-      if @object
-        uri = object_uri.start_with?('http') ? object_uri : @object['url']
-      elsif @json
-        uri = @json['id']
-      end
-    end
-
-    return if uri.nil?
-    return unless @json || @object
-
-    domain = uri.scan(/[\w\-]+\.[\w\-]+(?:\.[\w\-]+)*/).first
-    blocks = DomainBlock.suspend
-    return [:domain, uri] if blocks.where(domain: domain).or(blocks.where('domain LIKE ?', "%.#{domain}")).exists?
-
-    if @json
-      oid = @json['id']
-      if oid
-        return [:id_starts_with, uri] if ENV.fetch('REJECT_IF_ID_STARTS_WITH', '').split.any? { |r| oid.start_with?(r) }
-        return [:id_contains, uri] if ENV.fetch('REJECT_IF_ID_CONTAINS', '').split.any? { |r| r.in?(oid) }
-      end
-
-      username = @json['preferredUsername'] || @json['username']
-      if username && username.is_a?(String)
-        username = (@json['actor'] && @json['actor'].is_a?(String)) ? @json['actor'] : ''
-        username = username.scan(/(?<=\/user\/|\/@|\/users\/)([^\s\/]+)/).first
-      end
-
-      unless username.blank?
-        username.downcase!
-        return [:username, uri] if ENV.fetch('REJECT_IF_USERNAME_EQUALS', '').split.any? { |r| r == username }
-        return [:username_starts_with, uri] if ENV.fetch('REJECT_IF_USERNAME_STARTS_WITH', '').split.any? { |r| username.start_with?(r) }
-        return [:username_contains, uri] if ENV.fetch('REJECT_IF_USERNAME_CONTAINS', '').split.any? { |r| r.in?(username) }
-      end
-    end
-
-    nil
-  end
-
-  def reject_reason(reason)
-    case reason
-    when :domain
-      "the origin domain is blocked"
-    when :id_starts_with
-      "the object's URI starts with a blocked phrase"
-    when :id_contains
-      "the object's URI contains a blocked phrase"
-    when :username
-      "the author's username is blocked"
-    when :username_starts_with
-      "the author's username starts with a blocked phrase"
-    when :username_contains
-      "the author's username contains a blocked phrase"
-    else
-      "of an undefined reason"
-    end
-  end
-
-  def autoreject?(uri = nil)
-    return false if @options && @options[:imported]
-    reason, uri = should_reject?(uri)
-    if reason
-      reason = reject_reason(reason)
-      if @json
-        Rails.logger.info("Rejected an incoming '#{@json['type']}#{@object && " #{@object['type']}".rstrip}' from #{@json['id']} because #{reason}.")
-      elsif uri
-        Rails.logger.info("Rejected an outgoing request to #{uri} because #{reason}.")
-      end
-      return true
-    end
-    false
-  end
-end
diff --git a/app/lib/activitypub/activity/accept.rb b/app/lib/activitypub/activity/accept.rb
index 525d4ffd6..348ee0d1c 100644
--- a/app/lib/activitypub/activity/accept.rb
+++ b/app/lib/activitypub/activity/accept.rb
@@ -11,7 +11,6 @@ class ActivityPub::Activity::Accept < ActivityPub::Activity
   private
 
   def accept_follow
-    return if autoreject?
     return accept_follow_for_relay if relay_follow?
 
     target_account = account_from_uri(target_uri)
diff --git a/app/lib/activitypub/activity/add.rb b/app/lib/activitypub/activity/add.rb
index 1942448da..43c885c6f 100644
--- a/app/lib/activitypub/activity/add.rb
+++ b/app/lib/activitypub/activity/add.rb
@@ -2,7 +2,6 @@
 
 class ActivityPub::Activity::Add < ActivityPub::Activity
   def perform
-    return if autoreject?
     return unless @json['target'].present? && value_or_id(@json['target']) == @account.featured_collection_url
 
     status   = status_from_uri(object_uri)
diff --git a/app/lib/activitypub/activity/announce.rb b/app/lib/activitypub/activity/announce.rb
index 39b05f8f1..c9471f703 100644
--- a/app/lib/activitypub/activity/announce.rb
+++ b/app/lib/activitypub/activity/announce.rb
@@ -2,7 +2,6 @@
 
 class ActivityPub::Activity::Announce < ActivityPub::Activity
   def perform
-    return if autoreject?
     return reject_payload! if !@options[:imported] && (delete_arrived_first?(@json['id']) || !related_to_local_activity?)
 
     original_status = status_from_object(announced_by: @account, local_only: !@account.known?)
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 7b2d40ace..798250c9e 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -2,7 +2,6 @@
 
 class ActivityPub::Activity::Create < ActivityPub::Activity
   def perform
-    return if autoreject?
     return reject_payload! if unsupported_object_type? || !@options[:imported] && (invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?)
 
     unless known?
diff --git a/app/lib/activitypub/activity/flag.rb b/app/lib/activitypub/activity/flag.rb
index 1423cedef..1659bc61f 100644
--- a/app/lib/activitypub/activity/flag.rb
+++ b/app/lib/activitypub/activity/flag.rb
@@ -2,7 +2,6 @@
 
 class ActivityPub::Activity::Flag < ActivityPub::Activity
   def perform
-    return if autoreject?
     return if skip_reports?
 
     target_accounts            = object_uris.map { |uri| account_from_uri(uri) }.compact.select(&:local?)
diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb
index 8545ac096..94de89b86 100644
--- a/app/lib/activitypub/activity/follow.rb
+++ b/app/lib/activitypub/activity/follow.rb
@@ -4,7 +4,6 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
   include Payloadable
 
   def perform
-    return if autoreject?
     target_account = account_from_uri(object_uri)
 
     return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account)
diff --git a/app/lib/activitypub/activity/like.rb b/app/lib/activitypub/activity/like.rb
index 2c4a9d805..674d5fe47 100644
--- a/app/lib/activitypub/activity/like.rb
+++ b/app/lib/activitypub/activity/like.rb
@@ -2,7 +2,6 @@
 
 class ActivityPub::Activity::Like < ActivityPub::Activity
   def perform
-    return if autoreject?
     original_status = status_from_uri(object_uri)
 
     return if original_status.nil? || !original_status.account.local? || delete_arrived_first?(@json['id']) || @account.favourited?(original_status)
diff --git a/app/lib/activitypub/activity/move.rb b/app/lib/activitypub/activity/move.rb
index b1c986551..d7a5f595c 100644
--- a/app/lib/activitypub/activity/move.rb
+++ b/app/lib/activitypub/activity/move.rb
@@ -4,7 +4,6 @@ class ActivityPub::Activity::Move < ActivityPub::Activity
   PROCESSING_COOLDOWN = 7.days.seconds
 
   def perform
-    return if autoreject?
     return if origin_account.uri != object_uri || processed?
 
     mark_as_processing!
diff --git a/app/lib/activitypub/activity/update.rb b/app/lib/activitypub/activity/update.rb
index 8fb48e073..70035325b 100644
--- a/app/lib/activitypub/activity/update.rb
+++ b/app/lib/activitypub/activity/update.rb
@@ -4,7 +4,6 @@ class ActivityPub::Activity::Update < ActivityPub::Activity
   SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze
 
   def perform
-    return if autoreject?
     if equals_or_includes_any?(@object['type'], SUPPORTED_TYPES)
       update_account
     elsif equals_or_includes_any?(@object['type'], %w(Question))
diff --git a/app/services/activitypub/fetch_remote_account_service.rb b/app/services/activitypub/fetch_remote_account_service.rb
index 381726c35..36a327731 100644
--- a/app/services/activitypub/fetch_remote_account_service.rb
+++ b/app/services/activitypub/fetch_remote_account_service.rb
@@ -12,7 +12,6 @@ class ActivityPub::FetchRemoteAccountService < BaseService
     return if domain_not_allowed?(uri)
     return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri)
 
-    return if autoreject?(uri)
     @json = begin
       if prefetched_body.nil?
         fetch_resource(uri, id)
@@ -21,7 +20,6 @@ class ActivityPub::FetchRemoteAccountService < BaseService
       end
     end
 
-    return if autoreject?
     return if !supported_context? || !expected_type? || (break_on_redirect && @json['movedTo'].present?)
 
     @uri      = @json['id']
diff --git a/app/services/activitypub/fetch_remote_status_service.rb b/app/services/activitypub/fetch_remote_status_service.rb
index 9795cf651..0779f13cc 100644
--- a/app/services/activitypub/fetch_remote_status_service.rb
+++ b/app/services/activitypub/fetch_remote_status_service.rb
@@ -6,7 +6,6 @@ class ActivityPub::FetchRemoteStatusService < BaseService
 
   # Should be called when uri has already been checked for locality
   def call(uri, id: true, prefetched_body: nil, on_behalf_of: nil, announced_by: nil, requested: false)
-    return if autoreject?(uri)
     @json = begin
       if prefetched_body.nil?
         fetch_resource(uri, id, on_behalf_of)
@@ -15,7 +14,6 @@ class ActivityPub::FetchRemoteStatusService < BaseService
       end
     end
 
-    return if autoreject?
     return if !(supported_context? && expected_type?) || actor_id.nil? || !trustworthy_attribution?(@json['id'], actor_id)
 
     actor = ActivityPub::TagManager.instance.uri_to_resource(actor_id, Account)
diff --git a/app/services/activitypub/fetch_replies_service.rb b/app/services/activitypub/fetch_replies_service.rb
index 3e9a2f02a..6aae16dc1 100644
--- a/app/services/activitypub/fetch_replies_service.rb
+++ b/app/services/activitypub/fetch_replies_service.rb
@@ -45,7 +45,7 @@ class ActivityPub::FetchRepliesService < BaseService
     # amplification attacks.
 
     # Also limit to 5 fetched replies to limit potential for DoS.
-    @items.map { |item| value_or_id(item) }.reject { |uri| autoreject?(uri) || invalid_origin?(uri) }.take(5)
+    @items.map { |item| value_or_id(item) }.reject { |uri| invalid_origin?(uri) }.take(5)
   end
 
   def object_uri
diff --git a/app/services/fetch_link_card_service.rb b/app/services/fetch_link_card_service.rb
index 0c401ea83..8587ef2a9 100644
--- a/app/services/fetch_link_card_service.rb
+++ b/app/services/fetch_link_card_service.rb
@@ -22,7 +22,6 @@ class FetchLinkCardService < BaseService
 
     @url = sanitize_query_string(@url.to_s)
     return if @url.nil?
-    return if autoreject?(@url)
 
     RedisLock.acquire(lock_options) do |lock|
       if lock.acquired?
diff --git a/app/services/fetch_oembed_service.rb b/app/services/fetch_oembed_service.rb
index 74e77df2e..1cb0e28a7 100644
--- a/app/services/fetch_oembed_service.rb
+++ b/app/services/fetch_oembed_service.rb
@@ -9,7 +9,6 @@ class FetchOEmbedService
     @url     = url
     @options = options
 
-    return if autoreject?(@url)
     discover_endpoint!
     fetch!
   end