about summary refs log tree commit diff
path: root/app/lib/activitypub/activity.rb
AgeCommit message (Collapse)Author
2023-02-10Fix unbounded recursion in post discovery (#23506)Claire
* Add a limit to how many posts can get fetched as a result of a single request * Add tests * Always pass `request_id` when processing `Announce` activities --------- Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2022-09-21Refactor ActivityPub handling to prepare for non-Account actors (#19212)Claire
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-05-13Refactor how Redis locks are created (#18400)Eugen Rochko
* Refactor how Redis locks are created * Fix autorelease duration on account deletion lock
2022-04-28Fix single Redis connection being used across all threads (#18135)Eugen Rochko
* Fix single Redis connection being used across all Sidekiq threads * Fix tests
2022-03-12Fix not updating a status when newer version is fetched manually (#17745)Eugen Rochko
2022-01-19Add support for editing for published statuses (#16697)Eugen Rochko
* Add support for editing for published statuses * Fix references to stripped-out code * Various fixes and improvements * Further fixes and improvements * Fix updates being potentially sent to unauthorized recipients * Various fixes and improvements * Fix wrong words in test * Fix notifying accounts that were tagged but were not in the audience * Fix mistake
2021-11-25Add trending links (#16917)Eugen Rochko
* Add trending links * Add overriding specific links trendability * Add link type to preview cards and only trend articles Change trends review notifications from being sent every 5 minutes to being sent every 2 hours Change threshold from 5 unique accounts to 15 unique accounts * Fix tests
2021-05-19Fix some RedisLocks auto-releasing too fast (#16276)Claire
* Fix Delete and Create-related locks expiring too fast Fixes #16238 By default, RedisLock expires after 10 seconds, which may not be enough to process statuses, especially when those have attached media files. This commit extends those 10 seconds to 15 minutes, which should be plenty enough to handle any status, while being short enough to not waste many sidekiq job retries in the exceedingly rare case in which a sidekiq process would crash when processing a `Create` or `Delete`. * Fix other RedisLock autorelease durations Fixes #15645 - things that only perform a few simple database queries (e.g. finding and saving a record) have been left unchanged, so they'll still use the default 10s duration - things that perform significantly more complex database queries have been changed to a 5 minutes timeout - things that perform multiple HTTP queries have been changed to a 15 minutes timeout
2021-04-21Fix processing of remote Delete activities (#16084)Claire
* Add tests * Ensure deleted statuses are marked as such * Save some redis memory by not storing URIs in delete_upon_arrival values * Avoid possible race condition when processing incoming Deletes * Avoid potential duplicate Delete forwards * Lower lock durations to reduce issues in case of hard crash of the Rails process * Check for `lock.aquired?` and improve comment * Refactor RedisLock usage in app/lib/activitypub * Fix using incorrect or non-existent sender for relaying Deletes
2020-10-13Fix a bear check when the activity object is nil (#14981)Takeshi Umeda
2020-09-18Add option to be notified when a followed user posts (#13546)Eugen Rochko
* Add bell button Fix #4890 * Remove duplicate type from post-deployment migration * Fix legacy class type mappings * Improve query performance with better index * Fix validation * Remove redundant index from notifications
2020-08-30Add support for dereferencing objects through bearcaps (#14683)Eugen Rochko
2020-08-24Fix dereferencing remote statuses not using the correct account (#14656)ThibG
Follow-up to #14359 In the case of limited toots, the receiver may not be explicitly part of the audience. If a specific user's inbox URI was specified, it makes sense to dereference the toot from the corresponding user, instead of trying to find someone in the explicit audience.
2020-08-24Add support for inlined objects in activity audience (#14514)ThibG
* Add support for inlined objects in activity audience * Add tests
2020-07-22Dereference object URIs in Create and Update messages (#14359)ThibG
* Dereference object URIs in Create and Update messages Fixes #14353 Signed-off-by: Thibaut Girka <thib@sitedethib.com> * Refactor, and perform origin check *before* attempting to fetch object Co-authored-by: Fire Demon <firedemon@creature.cafe>
2020-07-14Improve group processing (#14279)Takeshi Umeda
* Fix the local group's followers collection * Fix to accept followed relayed_through_account * Add local delivery to the group's followers * Fix code style * Revert "Add local delivery to the group's followers" This reverts commit 3237effc199772e4c4d30f19082cbc5633f56196.
2020-07-01Change Redis#exists calls to Redis#exists? to avoid deprecation warning (#14191)Eugen Rochko
2020-01-11Clarify keyword arguments with ** (#12769)Daigo 3 Dango
This change is to suppress the warning below on on ruby-2.7.0: - warning: Using the last argument as keyword parameters is deprecated; maybe ** should be added to the call https://www.ruby-lang.org/en/news/2019/12/12/separation-of-positional-and-keyword-arguments-in-ruby-3-0/
2019-12-16Add Event activity-type support (#12637)Thomas Citharel
This adds support for Event AP type in Mastodon. Events are converted into toots by taking their title (AS name) and their URL (AP ID). Event picture is also brought in if available. Testable by fetching event content from https://test.mobilizon.org Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-12-04Add basic support for group actors (#12071)Takeshi Umeda
* Show badge on group actor in WebUI * Do not notify in case of by following group actor * If you mention group actor, also mention group actor followers * Relax characters that can be used in username (same as Application) * Revert "Relax characters that can be used in username (same as Application)" This reverts commit 7e10a137b878d0db1b5252c52106faef5e09ca4b. * Delete display_name method
2019-11-04Fix code referencing wrong class (#12263)ThibG
For some reason, I have seen this only triggered here: https://circleci.com/gh/tootsuite/mastodon/98324?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-checks-link But Follow.find_by referenced the ActivityPub::Activity::Follow class instead of the model class.
2019-10-24Allow Accept/Reject with a non-embedded object (#12199)puckipedia
Some ActivityPub servers refuse to embed remote objects into their own output. This is because they are not the authoritative source for these objects, and as such embedding them is always a waste of space. The follow request and follow models contain a URI, so this can be used to match them.
2019-06-26Add support for Audio activities (#11189)ThibG
Fixes #11127
2019-06-04Do not misattribute inlined boosts if `attributedTo` isn't present (#10967)ThibG
* Do not misattribute inlined boosts if `attributedTo` isn't present Fixes #10950 * Fix tests
2019-03-03Add polls (#10111)Eugen Rochko
* Add polls Fix #1629 * Add tests * Fixes * Change API for creating polls * Use name instead of content for votes * Remove poll validation for remote polls * Add polls to public pages * When updating the poll, update options just in case they were changed * Fix public pages showing both poll and other media
2019-02-17Fix Announce activities of unknown statuses not fetching those statuses (#10065)Eugen Rochko
Regression from #9998
2019-02-17Add logging for rejected ActivityPub payloads and add tests (#10062)Eugen Rochko
2019-02-15Filter incoming Announce activities by relation to local activity (#10041)Eugen Rochko
* Filter incoming Announce activities by relation to local activity Reject if announcer is not followed by local accounts, and is not from an enabled relay, and the object is not a local status Follow-up to #10005 * Fix tests
2019-02-13Alternative handling of private self-boosts (#9998)ThibG
* When self-boosting, embed original toot into Announce serialization * Process unknown self-boosts from Announce object if it is more than an URI * Add some self-boost specs * Only serialize private toots in self-Announces
2019-02-02Create Redisable#redis (#9633)ysksn
* Create Redisable * Use #redis instead of Redis.current
2018-12-29Add handler for Move activity (#9629)Eugen Rochko
2018-11-16Prevent multiple handlers for Delete of Actor from running (#9292)Eugen Rochko
2018-10-17Improve support for aspects/circles (#8950)Eugen Rochko
* Add silent column to mentions * Save silent mentions in ActivityPub Create handler and optimize it Move networking calls out of the database transaction * Add "limited" visibility level masked as "private" in the API Unlike DMs, limited statuses are pushed into home feeds. The access control rules between direct and limited statuses is almost the same, except for counter and conversation logic * Ensure silent column is non-null, add spec * Ensure filters don't check silent mentions for blocks/mutes As those are "this person is also allowed to see" rather than "this person is involved", therefore does not warrant filtering * Clean up code * Use Status#active_mentions to limit returned mentions * Fix code style issues * Use Status#active_mentions in Notification And remove stream_entry eager-loading from Notification
2018-08-26Spread out crawling randomly to avoid DDoSing the link (#8445)Eugen Rochko
* Spread out crawling randomly to avoid DDoSing the link Fix #4486 * Remove trailing whitespace
2018-05-18Resolve unknown status from Add activity, skip Remove if unknown (#7526)Eugen Rochko
Fix #7518
2018-05-03Fixes/do not override timestamps (#7336)ThibG
* Revert "Fixes/do not override timestamps (#7331)" This reverts commit 581a5c9d29ef2a12f46b67a1097a9ad6df1c6953. * Document Snowflake ID corner-case a bit more Snowflake IDs are used for two purposes: making object identifiers harder to guess and ensuring they are in chronological order. For this reason, they are based on the `created_at` attribute of the object. Unfortunately, inserting items with older snowflakes IDs will break the assumption of consumers of the paging APIs that new items will always have a greater identifier than the last seen one. * Add `override_timestamps` virtual attribute to not correlate snowflake ID with created_at
2018-05-03Fixes/do not override timestamps (#7331)ThibG
* Do not override timestamps for incoming toots * Remove every reference to override_timestamps Statuses are now created with the announced publishing date and are only pushed to timelines if that date is at most 6 hours earlier than the time at which it is processed.
2018-03-04Federate pinned statuses over ActivityPub (#6610)Eugen Rochko
* Federate pinned statuses over ActivityPub * Display pinned toots in web UI Fix #6117 * Fix migration * Fix tests * Update outbox_serializer.rb * Update remove_serializer.rb * Update add_serializer.rb * Update fetch_featured_collection_service.rb
2018-02-28Federated reports (#6570)Eugen Rochko
* Fix #2176: Federated reports * UI for federated reports * Add spec for ActivityPub Flag handler * Add spec for ReportService
2018-02-17Push discovered status through streaming API within a time window (#6484)Eugen Rochko
Time window of 6 hours
2018-01-19Process mentions and reblogs even from resolved threads (#6299)ThibG
This may lead to out-of-order notifications, but this is better than not having notifications at all.
2017-12-06Using double splat operator (#5859)Yamagishi Kazutoshi
2017-10-17When status is fetched instead of delivered, do not stream it (#5437)Eugen Rochko
2017-10-08Set snowflake IDs for backdated statuses (#5260)Eugen Rochko
- Rename Mastodon::TimestampIds into Mastodon::Snowflake for clarity - Skip for statuses coming from inbox, aka delivered in real-time - Skip for statuses that claim to be from the future
2017-09-01Do not rely on activity arriving exactly once after delete arrived (#4754)Eugen Rochko
2017-08-21Support more variations of ActivityPub keyId in signature (#4630)Eugen Rochko
- Tries to avoid performing HTTP request if the keyId is an actor URI - Likewise if the URI is a fragment URI on top of actor URI - Resolves public key, returns owner if the owner links back to the key
2017-08-13ActivityPub delivery (#4566)Eugen Rochko
* Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments
2017-08-10Handle ActivityPub follows correctly (#4571)Eugen Rochko
* Handle ActivityPub follows correctly ActivityPub follows are follow-requests. Always require an Accept. If account is not locked, auto-accept. * Handle ActivityPub Accept/Reject-Follow * Fix wrong method * Fix wrong class
2017-08-08Add ActivityPub inbox (#4216)Eugen Rochko
* Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests