From 13de392fc5769114015bb6780dce41e803fa6946 Mon Sep 17 00:00:00 2001 From: multiple creatures Date: Sat, 15 Feb 2020 10:42:01 -0600 Subject: add admin option to toggle whether service/app accounts should be auto-trusted in graylist mode + give options better descriptions --- app/lib/activitypub/activity.rb | 3 ++- app/models/account.rb | 8 ++++++++ app/models/form/admin_settings.rb | 2 ++ app/services/favourite_service.rb | 2 +- app/services/follow_service.rb | 2 +- app/services/post_status_service.rb | 2 +- app/services/reblog_service.rb | 2 +- app/views/admin/settings/edit.html.haml | 1 + config/locales/en.yml | 25 ++++++++++++++----------- config/settings.yml | 1 + 10 files changed, 32 insertions(+), 16 deletions(-) diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb index 30c854eda..27918883f 100644 --- a/app/lib/activitypub/activity.rb +++ b/app/lib/activitypub/activity.rb @@ -191,7 +191,8 @@ class ActivityPub::Activity def known?(account = nil) account = @account if account.nil? return true if account.known? - account.passive_relationships.exists? + + !account.service? && account.passive_relationships.exists? end def reject_payload! diff --git a/app/models/account.rb b/app/models/account.rb index ca298f5d8..a2fa60a83 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -474,6 +474,14 @@ class Account < ApplicationRecord target_account.following?(self) || ever_mentioned_by?(target_account) end + def service? + @_is_service ||= actor_type == "Application" || actor_type == "Service" || username == "relay" || username == domain + end + + def can_be_marked_known? + !known && (!service || (service? && Setting.auto_mark_services_known)) && Setting.auto_mark_known + end + class Field < ActiveModelSerializers::Model attributes :name, :value, :verified_at, :account, :errors diff --git a/app/models/form/admin_settings.rb b/app/models/form/admin_settings.rb index f5006c3e3..00abb3906 100644 --- a/app/models/form/admin_settings.rb +++ b/app/models/form/admin_settings.rb @@ -37,6 +37,7 @@ class Form::AdminSettings auto_reject_unknown auto_mark_known auto_mark_instance_actors_known + auto_mark_services_known always_mark_instance_actors_known werewolf_status spam_check_enabled @@ -62,6 +63,7 @@ class Form::AdminSettings auto_reject_unknown auto_mark_known auto_mark_instance_actors_known + auto_mark_services_known always_mark_instance_actors_known werewolf_status spam_check_enabled diff --git a/app/services/favourite_service.rb b/app/services/favourite_service.rb index aeac9728b..29838ed5f 100644 --- a/app/services/favourite_service.rb +++ b/app/services/favourite_service.rb @@ -15,7 +15,7 @@ class FavouriteService < BaseService return favourite unless favourite.nil? - account.mark_known! unless !Setting.auto_mark_known || !Setting.mark_known_from_favourites || account.known? + account.mark_known! if account.can_be_marked_known? && Setting.mark_known_from_favourites favourite = Favourite.create!(account: account, status: status) curate_status(status) diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 1d9f1c726..68dcbda23 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -15,7 +15,7 @@ class FollowService < BaseService raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended? raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved? - target_account.mark_known! unless !Setting.auto_mark_known || !Setting.mark_known_from_follows || target_account.known? + target_account.mark_known! if target_account.can_be_marked_known? && Setting.mark_known_from_follows SyncRemoteAccountWorker.perform_async(target_account.id) unless target_account.local? || target_account.passive_relationships.exists? diff --git a/app/services/post_status_service.rb b/app/services/post_status_service.rb index a36a1b074..7c36a5941 100644 --- a/app/services/post_status_service.rb +++ b/app/services/post_status_service.rb @@ -101,7 +101,7 @@ class PostStatusService < BaseService end def mark_recipient_known - @in_reply_to.account.mark_known! unless !Setting.auto_mark_known || !Setting.mark_known_from_mentions || @in_reply_to.account.known? + @in_reply_to.account.mark_known! if @in_reply_to.account.can_be_marked_known? && Setting.mark_known_from_mentions end def set_footer_from_i_am diff --git a/app/services/reblog_service.rb b/app/services/reblog_service.rb index 4b7002fca..1488a6361 100644 --- a/app/services/reblog_service.rb +++ b/app/services/reblog_service.rb @@ -18,7 +18,7 @@ class ReblogService < BaseService new_reblog = reblog.nil? if new_reblog - reblogged_status.account.mark_known! unless !Setting.auto_mark_known || !Setting.mark_known_from_boosts || reblogged_status.account.known? + reblogged_status.account.mark_known! if reblogged_status.account.can_be_marked_known? && Setting.mark_known_from_boosts reblogged_status.touch if reblogged_status.account.id == account.id visibility = options[:visibility] || account.user&.setting_default_privacy diff --git a/app/views/admin/settings/edit.html.haml b/app/views/admin/settings/edit.html.haml index 032188db3..bd1250ebd 100644 --- a/app/views/admin/settings/edit.html.haml +++ b/app/views/admin/settings/edit.html.haml @@ -46,6 +46,7 @@ .fields-row__column.fields-row__column-6.fields-group = f.input :auto_reject_unknown, as: :boolean, wrapper: :with_label, label: t('admin.settings.auto_reject_unknown.title'), hint: t('admin.settings.auto_reject_unknown.desc_html') = f.input :auto_mark_known, as: :boolean, wrapper: :with_label, label: t('admin.settings.auto_mark_known.title'), hint: t('admin.settings.auto_mark_known.desc_html') + = f.input :auto_mark_services_known, as: :boolean, wrapper: :with_label, label: t('admin.settings.auto_mark_services_known.title'), hint: t('admin.settings.auto_mark_services_known.desc_html') = f.input :auto_mark_instance_actors_known, as: :boolean, wrapper: :with_label, label: t('admin.settings.auto_mark_instance_actors_known.title'), hint: t('admin.settings.auto_mark_instance_actors_known.desc_html') = f.input :always_mark_instance_actors_known, as: :boolean, wrapper: :with_label, label: t('admin.settings.always_mark_instance_actors_known.title'), hint: t('admin.settings.always_mark_instance_actors_known.desc_html') .fields-row__column.fields-row__column-6.fields-group diff --git a/config/locales/en.yml b/config/locales/en.yml index 3c8bb4fb6..b19150699 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -515,22 +515,25 @@ en: desc_html: Display public timeline on landing page title: Timeline preview auto_reject_unknown: - desc_html: Automatically reject unknown accounts from newly-federated servers. Enables secure mode. - title: Graylist federation mode + desc_html: Automatically reject unknown peers from newly-federated servers. Enables secure mode. + title: Restricted federation mode auto_mark_known: - desc_html: Learn known accounts from outgoing interactions and incoming repeats from packmates. - title: Auto-learn known accounts + desc_html: Automatically trust remote peers based on community interactions. + title: Learn to trust peers + auto_mark_services_known: + desc_html: Allow instance services, such as relays, to be automatically trusted. Will make restricted mode less effective. + title: Auto-trust instance applicatons and services auto_mark_instance_actors_known: - desc_html: Automatically allow server actor accounts to fetch resources from this server when marking accounts known. - title: Auto-trust server actors + desc_html: Allow instance actors to interact with this server when trusting peers. + title: Auto-trust instance actors always_mark_instance_actors_known: - desc_html: Always allow server actor accounts to fetch resources from this server. May reduce privacy. + desc_html: Always allow server actor accounts to fetch resources from this server. Will make restricted mode less effective. title: Always trust server actors mark_known_from: - follows: Trust accounts when someone joins their pack - mentions: Trust accounts when locally mentioned - boosts: Trust accounts shared by known creatures - favourites: Trust accounts when locally admired + follows: Trust new peers when someone joins their pack + mentions: Trust new peers when they're mentioned locally + boosts: Trust new peers whose roars are shared by known creatures + favourites: Trust new peers whose roars are admired locally werewolf_status: desc_html: Enable werewolf status Easter egg (requires an announcer account) title: Werewolf status diff --git a/config/settings.yml b/config/settings.yml index e37ed821e..04d8bbaea 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -71,6 +71,7 @@ defaults: &defaults werewolf_status: true spam_check_enabled: true auto_mark_instance_actors_known: true + auto_mark_services_known: false always_mark_instance_actors_known: false mark_known_from_follows: true mark_known_from_mentions: true -- cgit