From fbf08920a0d73231c04b35c263ea4e04224b6e7d Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 4 Jun 2019 23:11:18 +0200 Subject: Refactor all ActivityPub deliveries to be serialized and signed through one concern (#10966) --- app/lib/activitypub/activity/follow.rb | 4 +++- app/models/account.rb | 4 ++++ app/models/form/account_batch.rb | 9 +++------ app/models/status.rb | 2 ++ .../after_block_domain_from_account_service.rb | 10 ++++------ app/services/authorize_follow_service.rb | 8 +++----- app/services/block_service.rb | 8 +++----- app/services/concerns/payloadable.rb | 19 +++++++++++++++++++ app/services/favourite_service.rb | 7 ++----- app/services/follow_service.rb | 7 ++----- app/services/process_mentions_service.rb | 12 +++++------- app/services/reblog_service.rb | 7 ++----- app/services/reject_follow_service.rb | 8 +++----- app/services/remove_status_service.rb | 11 ++--------- app/services/report_service.rb | 9 +++------ app/services/suspend_account_service.rb | 18 ++++-------------- app/services/unblock_service.rb | 8 +++----- app/services/unfavourite_service.rb | 8 +++----- app/services/unfollow_service.rb | 14 ++++---------- app/services/vote_service.rb | 7 ++----- .../activitypub/distribute_poll_update_worker.rb | 15 ++------------- app/workers/activitypub/distribution_worker.rb | 15 ++------------- app/workers/activitypub/reply_distribution_worker.rb | 15 ++------------- app/workers/activitypub/update_distribution_worker.rb | 11 ++--------- 24 files changed, 84 insertions(+), 152 deletions(-) create mode 100644 app/services/concerns/payloadable.rb diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb index bde507dcf..66df92601 100644 --- a/app/lib/activitypub/activity/follow.rb +++ b/app/lib/activitypub/activity/follow.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class ActivityPub::Activity::Follow < ActivityPub::Activity + include Payloadable + def perform return if autoreject? target_account = account_from_uri(object_uri) @@ -29,7 +31,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity end def reject_follow_request!(target_account) - json = ActiveModelSerializers::SerializableResource.new(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter).to_json + json = Oj.dump(serialize_payload(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), ActivityPub::RejectFollowSerializer)) ActivityPub::DeliveryWorker.perform_async(json, target_account.id, @account.inbox_url) end end diff --git a/app/models/account.rb b/app/models/account.rb index 36616c789..6841fba3a 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -307,6 +307,10 @@ class Account < ApplicationRecord end end + def sign? + true + end + def keypair @keypair ||= OpenSSL::PKey::RSA.new(private_key || public_key) end diff --git a/app/models/form/account_batch.rb b/app/models/form/account_batch.rb index eed65b47a..f1b7a4566 100644 --- a/app/models/form/account_batch.rb +++ b/app/models/form/account_batch.rb @@ -3,6 +3,7 @@ class Form::AccountBatch include ActiveModel::Model include Authorization + include Payloadable attr_accessor :account_ids, :action, :current_account @@ -52,13 +53,9 @@ class Form::AccountBatch def reject_follow!(follow) follow.destroy - json = ActiveModelSerializers::SerializableResource.new( - follow, - serializer: ActivityPub::RejectFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + return unless follow.account.activitypub? - ActivityPub::DeliveryWorker.perform_async(json, current_account.id, follow.account.inbox_url) + ActivityPub::DeliveryWorker.perform_async(Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)), current_account.id, follow.account.inbox_url) end def approve! diff --git a/app/models/status.rb b/app/models/status.rb index c1e68e2f2..ff83f5ad5 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -254,6 +254,8 @@ class Status < ApplicationRecord public_visibility? || unlisted_visibility? || local_visibility? end + alias sign? distributable? + def with_media? media_attachments.any? end diff --git a/app/services/after_block_domain_from_account_service.rb b/app/services/after_block_domain_from_account_service.rb index f12f18319..a87c2e792 100644 --- a/app/services/after_block_domain_from_account_service.rb +++ b/app/services/after_block_domain_from_account_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class AfterBlockDomainFromAccountService < BaseService + include Payloadable + # This service does not create an AccountDomainBlock record, # it's meant to be called after such a record has been created # synchronously, to "clean up" @@ -29,12 +31,8 @@ class AfterBlockDomainFromAccountService < BaseService def reject_follow!(follow) follow.destroy - json = ActiveModelSerializers::SerializableResource.new( - follow, - serializer: ActivityPub::RejectFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + return unless follow.account.activitypub? - ActivityPub::DeliveryWorker.perform_async(json, @account.id, follow.account.inbox_url) + ActivityPub::DeliveryWorker.perform_async(Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)), @account.id, follow.account.inbox_url) end end diff --git a/app/services/authorize_follow_service.rb b/app/services/authorize_follow_service.rb index dcb72d09b..77a389cc3 100644 --- a/app/services/authorize_follow_service.rb +++ b/app/services/authorize_follow_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class AuthorizeFollowService < BaseService + include Payloadable + def call(source_account, target_account, **options) if options[:skip_follow_request] follow_request = FollowRequest.new(account: source_account, target_account: target_account, uri: options[:follow_request_uri]) @@ -20,10 +22,6 @@ class AuthorizeFollowService < BaseService end def build_json(follow_request) - ActiveModelSerializers::SerializableResource.new( - follow_request, - serializer: ActivityPub::AcceptFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow_request, ActivityPub::AcceptFollowSerializer)) end end diff --git a/app/services/block_service.rb b/app/services/block_service.rb index 0ce425aa7..0057dfb4a 100644 --- a/app/services/block_service.rb +++ b/app/services/block_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class BlockService < BaseService + include Payloadable + def call(account, target_account) return if account.id == target_account.id @@ -22,10 +24,6 @@ class BlockService < BaseService end def build_json(block) - ActiveModelSerializers::SerializableResource.new( - block, - serializer: ActivityPub::BlockSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(block, ActivityPub::BlockSerializer)) end end diff --git a/app/services/concerns/payloadable.rb b/app/services/concerns/payloadable.rb new file mode 100644 index 000000000..13d9c3548 --- /dev/null +++ b/app/services/concerns/payloadable.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Payloadable + def serialize_payload(record, serializer, options = {}) + signer = options.delete(:signer) + sign_with = options.delete(:sign_with) + payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json + + if (record.respond_to?(:sign?) && record.sign?) && signer && signing_enabled? + ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with) + else + payload + end + end + + def signing_enabled? + true + end +end diff --git a/app/services/favourite_service.rb b/app/services/favourite_service.rb index 788b3a620..08d2c9c56 100644 --- a/app/services/favourite_service.rb +++ b/app/services/favourite_service.rb @@ -2,6 +2,7 @@ class FavouriteService < BaseService include Authorization + include Payloadable # Favourite a status and notify remote user # @param [Account] account @@ -44,11 +45,7 @@ class FavouriteService < BaseService end def build_json(favourite) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( - favourite, - serializer: ActivityPub::LikeSerializer, - adapter: ActivityPub::Adapter - ).as_json).sign!(favourite.account)) + Oj.dump(serialize_payload(favourite, ActivityPub::LikeSerializer)) end def curate_status(status) diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 1653253f5..8fbc54125 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -2,6 +2,7 @@ class FollowService < BaseService include Redisable + include Payloadable # Follow a remote user, notify remote user about the follow # @param [Account] source_account From which to follow @@ -55,10 +56,6 @@ class FollowService < BaseService end def build_json(follow_request) - ActiveModelSerializers::SerializableResource.new( - follow_request, - serializer: ActivityPub::FollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow_request, ActivityPub::FollowSerializer)) end end diff --git a/app/services/process_mentions_service.rb b/app/services/process_mentions_service.rb index 49647935f..86c3be70c 100644 --- a/app/services/process_mentions_service.rb +++ b/app/services/process_mentions_service.rb @@ -1,8 +1,11 @@ # frozen_string_literal: true class ProcessMentionsService < BaseService + include Payloadable + # Scan status for mentions and fetch remote mentioned users, create - # local mention pointers + # local mention pointers, send Salmon notifications to mentioned + # remote users # @param [Status] status def call(status, skip_notify: false) return unless status.local? && !status.draft? @@ -55,12 +58,7 @@ class ProcessMentionsService < BaseService def activitypub_json return @activitypub_json if defined?(@activitypub_json) - payload = ActiveModelSerializers::SerializableResource.new( - @status, - serializer: ActivityPub::ActivitySerializer, - adapter: ActivityPub::Adapter - ).as_json - @activitypub_json = Oj.dump(@status.distributable? ? ActivityPub::LinkedDataSignature.new(payload).sign!(@status.account) : payload) + @activitypub_json = Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @status.account)) end def resolve_account_service diff --git a/app/services/reblog_service.rb b/app/services/reblog_service.rb index 4e63caef8..8ade09861 100644 --- a/app/services/reblog_service.rb +++ b/app/services/reblog_service.rb @@ -2,6 +2,7 @@ class ReblogService < BaseService include Authorization + include Payloadable # Reblog a status and notify its remote author # @param [Account] account Account to reblog from @@ -63,11 +64,7 @@ class ReblogService < BaseService end def build_json(reblog) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( - reblog, - serializer: ActivityPub::ActivitySerializer, - adapter: ActivityPub::Adapter - ).as_json).sign!(reblog.account)) + Oj.dump(serialize_payload(reblog, ActivityPub::ActivitySerializer, signer: reblog.account)) end def curate_status(status) diff --git a/app/services/reject_follow_service.rb b/app/services/reject_follow_service.rb index f18c99583..2e51b11d7 100644 --- a/app/services/reject_follow_service.rb +++ b/app/services/reject_follow_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class RejectFollowService < BaseService + include Payloadable + def call(source_account, target_account) follow_request = FollowRequest.find_by!(account: source_account, target_account: target_account) follow_request.reject! @@ -15,10 +17,6 @@ class RejectFollowService < BaseService end def build_json(follow_request) - ActiveModelSerializers::SerializableResource.new( - follow_request, - serializer: ActivityPub::RejectFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow_request, ActivityPub::RejectFollowSerializer)) end end diff --git a/app/services/remove_status_service.rb b/app/services/remove_status_service.rb index 9d50e676b..20648217d 100644 --- a/app/services/remove_status_service.rb +++ b/app/services/remove_status_service.rb @@ -2,6 +2,7 @@ class RemoveStatusService < BaseService include Redisable + include Payloadable MIN_SCHEDULE_OFFSET = 60.seconds.freeze @@ -109,15 +110,7 @@ class RemoveStatusService < BaseService end def signed_activity_json - @signed_activity_json ||= Oj.dump(ActivityPub::LinkedDataSignature.new(activity_json).sign!(@account)) - end - - def activity_json - @activity_json ||= ActiveModelSerializers::SerializableResource.new( - @status, - serializer: @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, - adapter: ActivityPub::Adapter - ).as_json + @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account)) end def remove_reblogs diff --git a/app/services/report_service.rb b/app/services/report_service.rb index 73bd6694f..1e955c1e7 100644 --- a/app/services/report_service.rb +++ b/app/services/report_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class ReportService < BaseService + include Payloadable + def call(source_account, target_account, options = {}) @source_account = source_account @target_account = target_account @@ -44,12 +46,7 @@ class ReportService < BaseService end def payload - Oj.dump(ActiveModelSerializers::SerializableResource.new( - @report, - serializer: ActivityPub::FlagSerializer, - adapter: ActivityPub::Adapter, - account: some_local_account - ).as_json) + Oj.dump(serialize_payload(@report, ActivityPub::FlagSerializer, account: some_local_account)) end def some_local_account diff --git a/app/services/suspend_account_service.rb b/app/services/suspend_account_service.rb index 86c7ac137..f79257334 100644 --- a/app/services/suspend_account_service.rb +++ b/app/services/suspend_account_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class SuspendAccountService < BaseService + include Payloadable + ASSOCIATIONS_ON_SUSPEND = %w( account_pins active_relationships @@ -117,23 +119,11 @@ class SuspendAccountService < BaseService end def delete_actor_json - return @delete_actor_json if defined?(@delete_actor_json) - - payload = ActiveModelSerializers::SerializableResource.new( - @account, - serializer: ActivityPub::DeleteActorSerializer, - adapter: ActivityPub::Adapter - ).as_json - - @delete_actor_json = Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account)) + @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account)) end def build_reject_json(follow) - ActiveModelSerializers::SerializableResource.new( - follow, - serializer: ActivityPub::RejectFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)) end def delivery_inboxes diff --git a/app/services/unblock_service.rb b/app/services/unblock_service.rb index c85d31b96..24f567603 100644 --- a/app/services/unblock_service.rb +++ b/app/services/unblock_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class UnblockService < BaseService + include Payloadable + def call(account, target_account) return unless account.blocking?(target_account) @@ -16,10 +18,6 @@ class UnblockService < BaseService end def build_json(unblock) - ActiveModelSerializers::SerializableResource.new( - unblock, - serializer: ActivityPub::UndoBlockSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(unblock, ActivityPub::UndoBlockSerializer)) end end diff --git a/app/services/unfavourite_service.rb b/app/services/unfavourite_service.rb index 538ab2a8a..88c288126 100644 --- a/app/services/unfavourite_service.rb +++ b/app/services/unfavourite_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class UnfavouriteService < BaseService + include Payloadable + def call(account, status) favourite = Favourite.find_by!(account: account, status: status) favourite.destroy! @@ -16,10 +18,6 @@ class UnfavouriteService < BaseService end def build_json(favourite) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( - favourite, - serializer: ActivityPub::UndoLikeSerializer, - adapter: ActivityPub::Adapter - ).as_json).sign!(favourite.account)) + Oj.dump(serialize_payload(favourite, ActivityPub::UndoLikeSerializer)) end end diff --git a/app/services/unfollow_service.rb b/app/services/unfollow_service.rb index e11f19e14..4404492a7 100644 --- a/app/services/unfollow_service.rb +++ b/app/services/unfollow_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class UnfollowService < BaseService + include Payloadable + # Unfollow and notify the remote user # @param [Account] source_account Where to unfollow from # @param [Account] target_account Which to unfollow @@ -45,18 +47,10 @@ class UnfollowService < BaseService end def build_json(follow) - ActiveModelSerializers::SerializableResource.new( - follow, - serializer: ActivityPub::UndoFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow, ActivityPub::UndoFollowSerializer)) end def build_reject_json(follow) - ActiveModelSerializers::SerializableResource.new( - follow, - serializer: ActivityPub::RejectFollowSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)) end end diff --git a/app/services/vote_service.rb b/app/services/vote_service.rb index 81af9ef3a..0eeb8fd56 100644 --- a/app/services/vote_service.rb +++ b/app/services/vote_service.rb @@ -2,6 +2,7 @@ class VoteService < BaseService include Authorization + include Payloadable def call(account, poll, choices) authorize_with account, poll, :vote? @@ -50,10 +51,6 @@ class VoteService < BaseService end def build_json(vote) - ActiveModelSerializers::SerializableResource.new( - vote, - serializer: ActivityPub::VoteSerializer, - adapter: ActivityPub::Adapter - ).to_json + Oj.dump(serialize_payload(vote, ActivityPub::VoteSerializer)) end end diff --git a/app/workers/activitypub/distribute_poll_update_worker.rb b/app/workers/activitypub/distribute_poll_update_worker.rb index 310e42433..57379768f 100644 --- a/app/workers/activitypub/distribute_poll_update_worker.rb +++ b/app/workers/activitypub/distribute_poll_update_worker.rb @@ -2,6 +2,7 @@ class ActivityPub::DistributePollUpdateWorker include Sidekiq::Worker + include Payloadable sidekiq_options queue: 'push', unique: :until_executed, retry: 0 @@ -41,20 +42,8 @@ class ActivityPub::DistributePollUpdateWorker @inboxes end - def signed_payload - Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@account)) - end - - def unsigned_payload - ActiveModelSerializers::SerializableResource.new( - @status, - serializer: ActivityPub::UpdatePollSerializer, - adapter: ActivityPub::Adapter - ).as_json - end - def payload - @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload) + @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::UpdatePollSerializer, signer: @account)) end def relay! diff --git a/app/workers/activitypub/distribution_worker.rb b/app/workers/activitypub/distribution_worker.rb index d83f01700..11b6a6111 100644 --- a/app/workers/activitypub/distribution_worker.rb +++ b/app/workers/activitypub/distribution_worker.rb @@ -2,6 +2,7 @@ class ActivityPub::DistributionWorker include Sidekiq::Worker + include Payloadable sidekiq_options queue: 'push' @@ -41,20 +42,8 @@ class ActivityPub::DistributionWorker end end - def signed_payload - Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@account)) - end - - def unsigned_payload - ActiveModelSerializers::SerializableResource.new( - @status, - serializer: ActivityPub::ActivitySerializer, - adapter: ActivityPub::Adapter - ).as_json - end - def payload - @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload) + @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @account)) end def relay! diff --git a/app/workers/activitypub/reply_distribution_worker.rb b/app/workers/activitypub/reply_distribution_worker.rb index d8fea6c4e..1ff8a657e 100644 --- a/app/workers/activitypub/reply_distribution_worker.rb +++ b/app/workers/activitypub/reply_distribution_worker.rb @@ -5,6 +5,7 @@ class ActivityPub::ReplyDistributionWorker include Sidekiq::Worker + include Payloadable sidekiq_options queue: 'push' @@ -27,19 +28,7 @@ class ActivityPub::ReplyDistributionWorker @inboxes ||= @account.followers.inboxes end - def signed_payload - Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@status.account)) - end - - def unsigned_payload - ActiveModelSerializers::SerializableResource.new( - @status, - serializer: ActivityPub::ActivitySerializer, - adapter: ActivityPub::Adapter - ).as_json - end - def payload - @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload) + @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @status.account)) end end diff --git a/app/workers/activitypub/update_distribution_worker.rb b/app/workers/activitypub/update_distribution_worker.rb index b9e5ff064..3a207f071 100644 --- a/app/workers/activitypub/update_distribution_worker.rb +++ b/app/workers/activitypub/update_distribution_worker.rb @@ -2,6 +2,7 @@ class ActivityPub::UpdateDistributionWorker include Sidekiq::Worker + include Payloadable sidekiq_options queue: 'push' @@ -27,14 +28,6 @@ class ActivityPub::UpdateDistributionWorker end def signed_payload - @signed_payload ||= Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account, sign_with: @options[:sign_with])) - end - - def payload - @payload ||= ActiveModelSerializers::SerializableResource.new( - @account, - serializer: ActivityPub::UpdateSerializer, - adapter: ActivityPub::Adapter - ).as_json + @signed_payload ||= Oj.dump(serialize_payload(@account, ActivityPub::UpdateSerializer, signer: @account, sign_with: @options[:sign_with])) end end -- cgit