From 5d7349f2ab41f4e68080b10a988646d0aff17e2c Mon Sep 17 00:00:00 2001 From: multiple creatures Date: Sat, 7 Dec 2019 20:17:07 -0600 Subject: domain policies also now get applied to subdomains --- app/helpers/log_helper.rb | 6 ++++- .../activitypub/process_account_service.rb | 29 ++++++++++++++++++---- 2 files changed, 29 insertions(+), 6 deletions(-) diff --git a/app/helpers/log_helper.rb b/app/helpers/log_helper.rb index 9dd44e72d..54c741875 100644 --- a/app/helpers/log_helper.rb +++ b/app/helpers/log_helper.rb @@ -6,7 +6,11 @@ module LogHelper case action when :create if target.is_a? DomainBlock - LogWorker.perform_async("\xf0\x9f\x9a\xab <#{source}> applied a #{target.severity}#{target.force_sensitive? ? " and force sensitive media" : ''}#{target.reject_media? ? " and reject media" : ''}#{target.reject_unknown? ? " and reject unknown accounts" : ''} policy on '#{target.domain}'\u200b.\n\nReview (moderators only): https://#{web_domain}/admin/instances/#{target.domain}\n\n#{target.reason? ? "Comment: #{target.reason}" : ''}") + if source.is_a? DomainBlock + LogWorker.perform_async("\xf0\x9f\x9a\xab Applied the existing #{target.severity}#{target.force_sensitive? ? " and force sensitive media" : ''}#{target.reject_media? ? " and reject media" : ''}#{target.reject_unknown? ? " and reject unknown accounts" : ''} policy set on '#{source.domain}' to '#{target.domain}'\u200b.\n\nReview (moderators only): https://#{web_domain}/admin/instances/#{target.domain}") + else + LogWorker.perform_async("\xf0\x9f\x9a\xab <#{source}> applied a #{target.severity}#{target.force_sensitive? ? " and force sensitive media" : ''}#{target.reject_media? ? " and reject media" : ''}#{target.reject_unknown? ? " and reject unknown accounts" : ''} policy on '#{target.domain}'\u200b.\n\nReview (moderators only): https://#{web_domain}/admin/instances/#{target.domain}\n\n#{target.reason? ? "Comment: #{target.reason}" : ''}") + end elsif target.is_a? EmailDomainBlock LogWorker.perform_async("\u26d4 <#{source}> added a registration block on email domain '#{target.domain}'.\n\nReview (moderators only): https://#{web_domain}/admin/email_domain_blocks") elsif target.is_a? CustomEmoji diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index a1d508405..a863f1f11 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -23,7 +23,8 @@ class ActivityPub::ProcessAccountService < BaseService is_new_account = @account.nil? if is_new_account - set_reject_unknown_policy if Setting.auto_reject_unknown + copy_policy_of_parent_domain + set_reject_unknown_policy if Setting.auto_reject_unknown && new_domain? create_account end update_account @@ -101,11 +102,29 @@ class ActivityPub::ProcessAccountService < BaseService @account.moved_to_account = @json['movedTo'].present? ? moved_account : nil end + def copy_policy_of_parent_domain + domain_parts = @domain.split('.') + domains = (1..domain_parts.count-1).map { |i| domain_parts[i..-1] } + return if domains.empty? + + existing_policy = DomainBlock.find_by(domain: domains) + return if existing_policy.nil? + + policy_attributes = existing_policy.template + policy_attributes['domain'] = @domain + policy = DomainBlock.create!(policy_attributes) + user_friendly_action_log(existing_policy, :create, policy) + + @new_domain = false + end + def set_reject_unknown_policy - unless Account.where(domain: @domain).exists? || DomainBlock.where(domain: @domain).exists? - policy = DomainBlock.create!(domain: @domain, severity: :noop, reject_unknown: true) - user_friendly_action_log(nil, :mark_unknown, @domain) - end + policy = DomainBlock.create!(domain: @domain, severity: :noop, reject_unknown: true) + user_friendly_action_log(nil, :mark_unknown, @domain) + end + + def new_domain? + @new_domain ||= !(Account.where(domain: @domain).exists? || DomainBlock.where(domain: @domain).exists?) end def after_key_change! -- cgit