From 86f29a68fbf5344291b21253f597a914cec18f02 Mon Sep 17 00:00:00 2001
From: multiple creatures <dev@multiple-creature.party>
Date: Mon, 22 Jul 2019 20:04:15 -0500
Subject: allow autorejecting incoming ap activities by `id`, `@context`, and
 domain + autoject suspended domains & their subdomains

---
 app/lib/activitypub/activity.rb | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

(limited to 'app/lib/activitypub/activity.rb')

diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb
index c73b2c4f5..d7a805ab3 100644
--- a/app/lib/activitypub/activity.rb
+++ b/app/lib/activitypub/activity.rb
@@ -185,4 +185,37 @@ class ActivityPub::Activity
     Rails.logger.info("Rejected #{@json['type']} activity #{@json['id']} from #{@account.uri}#{@options[:relayed_through_account] && "via #{@options[:relayed_through_account].uri}"}")
     nil
   end
+
+  def should_reject?
+    return unless @object
+
+    oid = @json['id']
+    return true if ENV.fetch('REJECT_IF_ID_STARTS_WITH', '').split.any? { |r| oid.start_with?(r) }
+    return true if ENV.fetch('REJECT_IF_ID_CONTAINS', '').split.any? { |r| r.in?(oid) }
+
+    url = object_uri.start_with?('http') ? object_uri : @object['url']
+    return if url.nil?
+
+    domain = url.scan(/[\w\-]+\.[\w\-]+(?:\.[\w\-]+)*/).first
+    blocks = DomainBlock.suspend
+    return true if blocks.where(domain: domain).or(blocks.where('domain LIKE ?', "%.#{domain}")).exists?
+
+    if @object['@context'].is_a?(Array)
+      inline_context = @object['@context'].find { |item| item.is_a?(Hash) }
+      if inline_context
+        keys = inline_context.keys
+        return true if ENV.fetch('REJECT_IF_CONTEXT_EQUALS', '').split.any? { |r| r.in?(keys) }
+        return true if ENV.fetch('REJECT_IF_CONTEXT_STARTS_WITH', '').split.any? { |r| keys.any? { |k| k.start_with?(r) } }
+        return true if ENV.fetch('REJECT_IF_CONTEXT_CONTAINS', '').split.any? { |r| keys.any? { |k| r.in?(k) } }
+      end
+    end
+  end
+
+  def autoreject?
+    if @options[:imported] || should_reject?
+      Rails.logger.info("Auto-rejected #{@json['type']} activity #{@json['id']}")
+      return true
+    end
+    false
+  end
 end
-- 
cgit