From 2427cced78580da729a0ac6a1dc52b2d206aa11c Mon Sep 17 00:00:00 2001
From: multiple creatures <dev@multiple-creature.party>
Date: Mon, 17 Feb 2020 02:26:52 -0600
Subject: add a `manual_only` (manual trust only) moderation option + handle
 more `reject_unknown`/graylist mode caveats

---
 app/lib/activitypub/activity.rb          | 15 +++++++++++++--
 app/lib/activitypub/activity/add.rb      |  4 +++-
 app/lib/activitypub/activity/announce.rb |  4 ++--
 app/lib/activitypub/activity/create.rb   |  2 +-
 app/lib/activitypub/activity/follow.rb   |  2 +-
 5 files changed, 20 insertions(+), 7 deletions(-)

(limited to 'app/lib/activitypub')

diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb
index 27918883f..e4de18fce 100644
--- a/app/lib/activitypub/activity.rb
+++ b/app/lib/activitypub/activity.rb
@@ -137,11 +137,12 @@ class ActivityPub::Activity
     redis.setex("delete_upon_arrival:#{@account.id}:#{uri}", 6.hours.seconds, uri)
   end
 
-  def status_from_object(announced_by: nil)
+  def status_from_object(announced_by: nil, local_only: false, existing_only: false)
     # If the status is already known, return it
     status = status_from_uri(object_uri)
 
-    return status unless status.nil?
+    return status unless status.nil? || (local_only && !status.local?)
+    return if existing_only || local_only
 
     # If the boosted toot is embedded and it is a self-boost, handle it like a Create
     unless unsupported_object_type?
@@ -188,6 +189,11 @@ class ActivityPub::Activity
     DomainBlock.where(domain: account.domain, reject_unknown: true).exists?
   end
 
+  def manual_only?(account = nil)
+    account = @account if account.nil?
+    DomainBlock.where(domain: account.domain, manual_only: true).exists?
+  end
+
   def known?(account = nil)
     account = @account if account.nil?
     return true if account.known?
@@ -195,6 +201,11 @@ class ActivityPub::Activity
     !account.service? && account.passive_relationships.exists?
   end
 
+  def manual_only?(account = nil)
+    account = @account if account.nil?
+    account.manual_only?
+  end
+
   def reject_payload!
     Rails.logger.info("Rejected #{@json['type']} activity #{@json['id']} from #{@account.uri}#{@options[:relayed_through_account] && "via #{@options[:relayed_through_account].uri}"}")
     nil
diff --git a/app/lib/activitypub/activity/add.rb b/app/lib/activitypub/activity/add.rb
index d9ff9c5b9..1942448da 100644
--- a/app/lib/activitypub/activity/add.rb
+++ b/app/lib/activitypub/activity/add.rb
@@ -6,7 +6,9 @@ class ActivityPub::Activity::Add < ActivityPub::Activity
     return unless @json['target'].present? && value_or_id(@json['target']) == @account.featured_collection_url
 
     status   = status_from_uri(object_uri)
-    status ||= fetch_remote_original_status
+    if @account.known?
+      status ||= fetch_remote_original_status(announced_by: @account)
+    end
 
     return unless !status.nil? && status.account_id == @account.id && !@account.pinned?(status)
 
diff --git a/app/lib/activitypub/activity/announce.rb b/app/lib/activitypub/activity/announce.rb
index 714793d7a..39b05f8f1 100644
--- a/app/lib/activitypub/activity/announce.rb
+++ b/app/lib/activitypub/activity/announce.rb
@@ -3,9 +3,9 @@
 class ActivityPub::Activity::Announce < ActivityPub::Activity
   def perform
     return if autoreject?
-    return reject_payload! if !@options[:imported] && (delete_arrived_first?(@json['id']) || !related_to_local_activity? || !@account.known?)
+    return reject_payload! if !@options[:imported] && (delete_arrived_first?(@json['id']) || !related_to_local_activity?)
 
-    original_status = status_from_object(announced_by: @account)
+    original_status = status_from_object(announced_by: @account, local_only: !@account.known?)
 
     return reject_payload! if original_status.nil? || !announceable?(original_status)
 
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 03a7739d8..83330cb93 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -8,7 +8,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
     unless known?
       if @options[:announced_by].nil?
         return reject_payload! if !@options[:requested] && rejecting_unknown?
-      elsif Setting.auto_mark_known && Setting.mark_known_from_boosts && known?(@options[:announced_by])
+      elsif !@account.manual_only? && Setting.auto_mark_known && Setting.mark_known_from_boosts && known?(@options[:announced_by])
         @account.mark_known!
       else
         return reject_payload!
diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb
index 18b8348c7..8545ac096 100644
--- a/app/lib/activitypub/activity/follow.rb
+++ b/app/lib/activitypub/activity/follow.rb
@@ -9,7 +9,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
 
     return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account)
 
-    if (rejecting_unknown? && !known?) || target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) || target_account.moved? || target_account.instance_actor?
+    if !known? || target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) || target_account.moved? || target_account.instance_actor?
       reject_follow_request!(target_account)
       return
     end
-- 
cgit