From aa9a20cde0fe3eb2a4af570cd4437c34a18ce0da Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 26 Dec 2018 19:15:53 +0100 Subject: Fix ThreadResolveWorker getting queued with invalid URLs (#9628) --- app/lib/activitypub/activity/create.rb | 2 +- app/lib/ostatus/activity/creation.rb | 2 +- app/lib/request.rb | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) (limited to 'app/lib') diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index 9d2ddd3f6..2b238bc88 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -210,7 +210,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity end def resolve_thread(status) - return unless status.reply? && status.thread.nil? + return unless status.reply? && status.thread.nil? && Request.valid_url?(in_reply_to_uri) ThreadResolveWorker.perform_async(status.id, in_reply_to_uri) end diff --git a/app/lib/ostatus/activity/creation.rb b/app/lib/ostatus/activity/creation.rb index 8f8c70052..3840c8fbf 100644 --- a/app/lib/ostatus/activity/creation.rb +++ b/app/lib/ostatus/activity/creation.rb @@ -57,7 +57,7 @@ class OStatus::Activity::Creation < OStatus::Activity::Base save_emojis(status) end - if thread? && status.thread.nil? + if thread? && status.thread.nil? && Request.valid_url?(thread.second) Rails.logger.debug "Trying to attach #{status.id} (#{id}) to #{thread.first}" ThreadResolveWorker.perform_async(status.id, thread.second) end diff --git a/app/lib/request.rb b/app/lib/request.rb index 4a81773e3..ef4aeaf29 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -66,6 +66,18 @@ class Request (@account ? @headers.merge('Signature' => signature) : @headers).without(REQUEST_TARGET) end + class << self + def valid_url?(url) + begin + parsed_url = Addressable::URI.parse(url) + rescue Addressable::URI::InvalidURIError + return false + end + + %w(http https).include?(parsed_url.scheme) && parsed_url.host.present? + end + end + private def set_common_headers! -- cgit From 0f938ff29c2e9bf92e3eb9c23be8d4ba3a1b97f7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 29 Dec 2018 02:24:36 +0100 Subject: Add handler for Move activity (#9629) --- app/lib/activitypub/activity.rb | 2 + app/lib/activitypub/activity/follow.rb | 2 +- app/lib/activitypub/activity/move.rb | 43 ++++++++++++++++++ app/lib/activitypub/adapter.rb | 1 + app/models/account.rb | 5 +++ app/serializers/activitypub/actor_serializer.rb | 5 +++ .../activitypub/process_account_service.rb | 1 + app/services/follow_service.rb | 2 +- app/workers/unfollow_follow_worker.rb | 18 ++++++++ ...20181226021420_add_also_known_as_to_accounts.rb | 5 +++ db/schema.rb | 3 +- spec/lib/activitypub/activity/move_spec.rb | 52 ++++++++++++++++++++++ 12 files changed, 136 insertions(+), 3 deletions(-) create mode 100644 app/lib/activitypub/activity/move.rb create mode 100644 app/workers/unfollow_follow_worker.rb create mode 100644 db/migrate/20181226021420_add_also_known_as_to_accounts.rb create mode 100644 spec/lib/activitypub/activity/move_spec.rb (limited to 'app/lib') diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb index 0a729011f..87318fb1c 100644 --- a/app/lib/activitypub/activity.rb +++ b/app/lib/activitypub/activity.rb @@ -50,6 +50,8 @@ class ActivityPub::Activity ActivityPub::Activity::Add when 'Remove' ActivityPub::Activity::Remove + when 'Move' + ActivityPub::Activity::Move end end end diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb index c45832648..7ca650fdf 100644 --- a/app/lib/activitypub/activity/follow.rb +++ b/app/lib/activitypub/activity/follow.rb @@ -6,7 +6,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account) - if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) + if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) || target_account.moved? reject_follow_request!(target_account) return end diff --git a/app/lib/activitypub/activity/move.rb b/app/lib/activitypub/activity/move.rb new file mode 100644 index 000000000..d7a5f595c --- /dev/null +++ b/app/lib/activitypub/activity/move.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +class ActivityPub::Activity::Move < ActivityPub::Activity + PROCESSING_COOLDOWN = 7.days.seconds + + def perform + return if origin_account.uri != object_uri || processed? + + mark_as_processing! + + target_account = ActivityPub::FetchRemoteAccountService.new.call(target_uri) + + return if target_account.nil? || !target_account.also_known_as.include?(origin_account.uri) + + # In case for some reason we didn't have a redirect for the profile already, set it + origin_account.update(moved_to_account: target_account) if origin_account.moved_to_account_id.nil? + + # Initiate a re-follow for each follower + origin_account.followers.local.select(:id).find_in_batches do |follower_accounts| + UnfollowFollowWorker.push_bulk(follower_accounts.map(&:id)) do |follower_account_id| + [follower_account_id, origin_account.id, target_account.id] + end + end + end + + private + + def origin_account + @account + end + + def target_uri + value_or_id(@json['target']) + end + + def processed? + redis.exists("move_in_progress:#{@account.id}") + end + + def mark_as_processing! + redis.setex("move_in_progress:#{@account.id}", PROCESSING_COOLDOWN, true) + end +end diff --git a/app/lib/activitypub/adapter.rb b/app/lib/activitypub/adapter.rb index d35cae889..99f4d9305 100644 --- a/app/lib/activitypub/adapter.rb +++ b/app/lib/activitypub/adapter.rb @@ -10,6 +10,7 @@ class ActivityPub::Adapter < ActiveModelSerializers::Adapter::Base 'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers', 'sensitive' => 'as:sensitive', 'movedTo' => { '@id' => 'as:movedTo', '@type' => '@id' }, + 'alsoKnownAs' => { '@id' => 'as:alsoKnownAs', '@type' => '@id' }, 'Hashtag' => 'as:Hashtag', 'ostatus' => 'http://ostatus.org#', 'atomUri' => 'ostatus:atomUri', diff --git a/app/models/account.rb b/app/models/account.rb index 66f02b27d..f354bc29b 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -44,6 +44,7 @@ # fields :jsonb # actor_type :string # discoverable :boolean +# also_known_as :string is an Array # class Account < ApplicationRecord @@ -227,6 +228,10 @@ class Account < ApplicationRecord end end + def also_known_as + self[:also_known_as] || [] + end + def fields (self[:fields] || []).map { |f| Field.new(self, f) } end diff --git a/app/serializers/activitypub/actor_serializer.rb b/app/serializers/activitypub/actor_serializer.rb index 72c30dc73..6746c1782 100644 --- a/app/serializers/activitypub/actor_serializer.rb +++ b/app/serializers/activitypub/actor_serializer.rb @@ -14,6 +14,7 @@ class ActivityPub::ActorSerializer < ActiveModel::Serializer has_many :virtual_attachments, key: :attachment attribute :moved_to, if: :moved? + attribute :also_known_as, if: :also_known_as? class EndpointsSerializer < ActiveModel::Serializer include RoutingHelper @@ -116,6 +117,10 @@ class ActivityPub::ActorSerializer < ActiveModel::Serializer ActivityPub::TagManager.instance.uri_for(object.moved_to_account) end + def also_known_as? + !object.also_known_as.empty? + end + class CustomEmojiSerializer < ActivityPub::EmojiSerializer end diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index 5c865dae2..d6480028f 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -75,6 +75,7 @@ class ActivityPub::ProcessAccountService < BaseService @account.note = @json['summary'] || '' @account.locked = @json['manuallyApprovesFollowers'] || false @account.fields = property_values || {} + @account.also_known_as = as_array(@json['alsoKnownAs'] || []).map { |item| value_or_id(item) } @account.actor_type = actor_type end diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 0020bc9fe..862926260 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -12,7 +12,7 @@ class FollowService < BaseService target_account = ResolveAccountService.new.call(target_account, skip_webfinger: true) raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended? - raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) + raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved? if source_account.following?(target_account) # We're already following this account, but we'll call follow! again to diff --git a/app/workers/unfollow_follow_worker.rb b/app/workers/unfollow_follow_worker.rb new file mode 100644 index 000000000..a2133bb8c --- /dev/null +++ b/app/workers/unfollow_follow_worker.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +class UnfollowFollowWorker + include Sidekiq::Worker + + sidekiq_options queue: 'pull' + + def perform(follower_account_id, old_target_account_id, new_target_account_id) + follower_account = Account.find(follower_account_id) + old_target_account = Account.find(old_target_account_id) + new_target_account = Account.find(new_target_account_id) + + UnfollowService.new.call(follower_account, old_target_account) + FollowService.new.call(follower_account, new_target_account) + rescue ActiveRecord::RecordNotFound + true + end +end diff --git a/db/migrate/20181226021420_add_also_known_as_to_accounts.rb b/db/migrate/20181226021420_add_also_known_as_to_accounts.rb new file mode 100644 index 000000000..1fd956680 --- /dev/null +++ b/db/migrate/20181226021420_add_also_known_as_to_accounts.rb @@ -0,0 +1,5 @@ +class AddAlsoKnownAsToAccounts < ActiveRecord::Migration[5.2] + def change + add_column :accounts, :also_known_as, :string, array: true + end +end diff --git a/db/schema.rb b/db/schema.rb index e47960b16..066a90b52 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2018_12_19_235220) do +ActiveRecord::Schema.define(version: 2018_12_26_021420) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -134,6 +134,7 @@ ActiveRecord::Schema.define(version: 2018_12_19_235220) do t.jsonb "fields" t.string "actor_type" t.boolean "discoverable" + t.string "also_known_as", array: true t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin t.index "lower((username)::text), lower((domain)::text)", name: "index_accounts_on_username_and_domain_lower", unique: true t.index ["moved_to_account_id"], name: "index_accounts_on_moved_to_account_id" diff --git a/spec/lib/activitypub/activity/move_spec.rb b/spec/lib/activitypub/activity/move_spec.rb new file mode 100644 index 000000000..3574f273a --- /dev/null +++ b/spec/lib/activitypub/activity/move_spec.rb @@ -0,0 +1,52 @@ +require 'rails_helper' + +RSpec.describe ActivityPub::Activity::Move do + let(:follower) { Fabricate(:account) } + let(:old_account) { Fabricate(:account) } + let(:new_account) { Fabricate(:account) } + + before do + follower.follow!(old_account) + + old_account.update!(uri: 'https://example.org/alice', domain: 'example.org', protocol: :activitypub, inbox_url: 'https://example.org/inbox') + new_account.update!(uri: 'https://example.com/alice', domain: 'example.com', protocol: :activitypub, inbox_url: 'https://example.com/inbox', also_known_as: [old_account.uri]) + + stub_request(:post, 'https://example.org/inbox').to_return(status: 200) + stub_request(:post, 'https://example.com/inbox').to_return(status: 200) + + service_stub = double + allow(ActivityPub::FetchRemoteAccountService).to receive(:new).and_return(service_stub) + allow(service_stub).to receive(:call).and_return(new_account) + end + + let(:json) do + { + '@context': 'https://www.w3.org/ns/activitystreams', + id: 'foo', + type: 'Move', + actor: old_account.uri, + object: old_account.uri, + target: new_account.uri, + }.with_indifferent_access + end + + describe '#perform' do + subject { described_class.new(json, old_account) } + + before do + subject.perform + end + + it 'sets moved account on old account' do + expect(old_account.reload.moved_to_account_id).to eq new_account.id + end + + it 'makes followers unfollow old account' do + expect(follower.following?(old_account)).to be false + end + + it 'makes followers follow-request the new account' do + expect(follower.requested?(new_account)).to be true + end + end +end -- cgit From 290932602b32e3bdc2a4c5cb278fb73755a2cd52 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sun, 30 Dec 2018 09:48:59 +0100 Subject: Reduce usage of LD signatures (#9659) * Do not LDS-sign Follow, Accept, Reject, Undo, Block * Do not use LDS for Create activities of private toots * Minor cleanup * Ignore unsigned activities instead of misattributing them * Use status.distributable? instead of querying visibility directly --- app/lib/activitypub/activity/follow.rb | 2 +- app/services/activitypub/process_collection_service.rb | 2 +- app/services/after_block_domain_from_account_service.rb | 4 ++-- app/services/authorize_follow_service.rb | 4 ++-- app/services/block_service.rb | 6 ++---- app/services/follow_service.rb | 6 ++---- app/services/process_mentions_service.rb | 6 ++++-- app/services/reject_follow_service.rb | 4 ++-- app/services/unblock_service.rb | 4 ++-- app/services/unfollow_service.rb | 4 ++-- app/workers/activitypub/distribution_worker.rb | 14 +++++++++----- app/workers/activitypub/reply_distribution_worker.rb | 12 ++++++++---- .../activitypub/process_collection_service_spec.rb | 6 +++--- 13 files changed, 40 insertions(+), 34 deletions(-) (limited to 'app/lib') diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb index 7ca650fdf..1e805c0d1 100644 --- a/app/lib/activitypub/activity/follow.rb +++ b/app/lib/activitypub/activity/follow.rb @@ -28,7 +28,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity end def reject_follow_request!(target_account) - json = Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter).as_json).sign!(target_account)) + json = ActiveModelSerializers::SerializableResource.new(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter).to_json ActivityPub::DeliveryWorker.perform_async(json, target_account.id, @account.inbox_url) end end diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb index 79cdca297..5c54aad89 100644 --- a/app/services/activitypub/process_collection_service.rb +++ b/app/services/activitypub/process_collection_service.rb @@ -27,7 +27,7 @@ class ActivityPub::ProcessCollectionService < BaseService private def different_actor? - @json['actor'].present? && value_or_id(@json['actor']) != @account.uri && @json['signature'].present? + @json['actor'].present? && value_or_id(@json['actor']) != @account.uri end def process_items(items) diff --git a/app/services/after_block_domain_from_account_service.rb b/app/services/after_block_domain_from_account_service.rb index 56cc819fb..180f13403 100644 --- a/app/services/after_block_domain_from_account_service.rb +++ b/app/services/after_block_domain_from_account_service.rb @@ -31,11 +31,11 @@ class AfterBlockDomainFromAccountService < BaseService return unless follow.account.activitypub? - json = Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + json = ActiveModelSerializers::SerializableResource.new( follow, serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(@account)) + ).to_json ActivityPub::DeliveryWorker.perform_async(json, @account.id, follow.account.inbox_url) end diff --git a/app/services/authorize_follow_service.rb b/app/services/authorize_follow_service.rb index 1674239df..f2e3ebe7d 100644 --- a/app/services/authorize_follow_service.rb +++ b/app/services/authorize_follow_service.rb @@ -24,11 +24,11 @@ class AuthorizeFollowService < BaseService end def build_json(follow_request) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( follow_request, serializer: ActivityPub::AcceptFollowSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(follow_request.target_account)) + ).to_json end def build_xml(follow_request) diff --git a/app/services/block_service.rb b/app/services/block_service.rb index b39c3eef2..140b238df 100644 --- a/app/services/block_service.rb +++ b/app/services/block_service.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class BlockService < BaseService - include StreamEntryRenderer - def call(account, target_account) return if account.id == target_account.id @@ -27,11 +25,11 @@ class BlockService < BaseService end def build_json(block) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( block, serializer: ActivityPub::BlockSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(block.account)) + ).to_json end def build_xml(block) diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 862926260..9d36a1449 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -1,8 +1,6 @@ # frozen_string_literal: true class FollowService < BaseService - include StreamEntryRenderer - # Follow a remote user, notify remote user about the follow # @param [Account] source_account From which to follow # @param [String, Account] uri User URI to follow in the form of username@domain (or account record) @@ -82,10 +80,10 @@ class FollowService < BaseService end def build_json(follow_request) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( follow_request, serializer: ActivityPub::FollowSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(follow_request.account)) + ).to_json end end diff --git a/app/services/process_mentions_service.rb b/app/services/process_mentions_service.rb index ec7d33b1d..2595c5fd3 100644 --- a/app/services/process_mentions_service.rb +++ b/app/services/process_mentions_service.rb @@ -60,11 +60,13 @@ class ProcessMentionsService < BaseService end def activitypub_json - @activitypub_json ||= Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + return @activitypub_json if defined?(@activitypub_json) + payload = ActiveModelSerializers::SerializableResource.new( @status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(@status.account)) + ).as_json + @activitypub_json = Oj.dump(@status.distributable? ? ActivityPub::LinkedDataSignature.new(payload).sign!(@status.account) : payload) end def resolve_account_service diff --git a/app/services/reject_follow_service.rb b/app/services/reject_follow_service.rb index c1f7bcb60..a91266aa4 100644 --- a/app/services/reject_follow_service.rb +++ b/app/services/reject_follow_service.rb @@ -19,11 +19,11 @@ class RejectFollowService < BaseService end def build_json(follow_request) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( follow_request, serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(follow_request.target_account)) + ).to_json end def build_xml(follow_request) diff --git a/app/services/unblock_service.rb b/app/services/unblock_service.rb index 869f62d1c..72fc5ab15 100644 --- a/app/services/unblock_service.rb +++ b/app/services/unblock_service.rb @@ -20,11 +20,11 @@ class UnblockService < BaseService end def build_json(unblock) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( unblock, serializer: ActivityPub::UndoBlockSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(unblock.account)) + ).to_json end def build_xml(block) diff --git a/app/services/unfollow_service.rb b/app/services/unfollow_service.rb index 73a64929f..03e45912d 100644 --- a/app/services/unfollow_service.rb +++ b/app/services/unfollow_service.rb @@ -43,11 +43,11 @@ class UnfollowService < BaseService end def build_json(follow) - Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new( + ActiveModelSerializers::SerializableResource.new( follow, serializer: ActivityPub::UndoFollowSerializer, adapter: ActivityPub::Adapter - ).as_json).sign!(follow.account)) + ).to_json end def build_xml(follow) diff --git a/app/workers/activitypub/distribution_worker.rb b/app/workers/activitypub/distribution_worker.rb index 17c1ef7ff..59aacabfd 100644 --- a/app/workers/activitypub/distribution_worker.rb +++ b/app/workers/activitypub/distribution_worker.rb @@ -12,7 +12,7 @@ class ActivityPub::DistributionWorker return if skip_distribution? ActivityPub::DeliveryWorker.push_bulk(inboxes) do |inbox_url| - [signed_payload, @account.id, inbox_url] + [payload, @account.id, inbox_url] end relay! if relayable? @@ -35,20 +35,24 @@ class ActivityPub::DistributionWorker end def signed_payload - @signed_payload ||= Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account)) + Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@account)) end - def payload - @payload ||= ActiveModelSerializers::SerializableResource.new( + def unsigned_payload + ActiveModelSerializers::SerializableResource.new( @status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter ).as_json end + def payload + @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload) + end + def relay! ActivityPub::DeliveryWorker.push_bulk(Relay.enabled.pluck(:inbox_url)) do |inbox_url| - [signed_payload, @account.id, inbox_url] + [payload, @account.id, inbox_url] end end end diff --git a/app/workers/activitypub/reply_distribution_worker.rb b/app/workers/activitypub/reply_distribution_worker.rb index c0ed3a1f4..892cc1474 100644 --- a/app/workers/activitypub/reply_distribution_worker.rb +++ b/app/workers/activitypub/reply_distribution_worker.rb @@ -12,7 +12,7 @@ class ActivityPub::ReplyDistributionWorker return unless @account.present? && @status.distributable? ActivityPub::DeliveryWorker.push_bulk(inboxes) do |inbox_url| - [signed_payload, @status.account_id, inbox_url] + [payload, @status.account_id, inbox_url] end rescue ActiveRecord::RecordNotFound true @@ -25,14 +25,18 @@ class ActivityPub::ReplyDistributionWorker end def signed_payload - @signed_payload ||= Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@status.account)) + Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@status.account)) end - def payload - @payload ||= ActiveModelSerializers::SerializableResource.new( + def unsigned_payload + ActiveModelSerializers::SerializableResource.new( @status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter ).as_json end + + def payload + @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload) + end end diff --git a/spec/services/activitypub/process_collection_service_spec.rb b/spec/services/activitypub/process_collection_service_spec.rb index bbe97d211..b3baf6b6b 100644 --- a/spec/services/activitypub/process_collection_service_spec.rb +++ b/spec/services/activitypub/process_collection_service_spec.rb @@ -26,9 +26,9 @@ RSpec.describe ActivityPub::ProcessCollectionService, type: :service do context 'when actor differs from sender' do let(:forwarder) { Fabricate(:account, domain: 'example.com', uri: 'http://example.com/other_account') } - it 'processes payload with sender if no signature exists' do - expect_any_instance_of(ActivityPub::LinkedDataSignature).not_to receive(:verify_account!) - expect(ActivityPub::Activity).to receive(:factory).with(instance_of(Hash), forwarder, instance_of(Hash)) + it 'does not process payload if no signature exists' do + expect_any_instance_of(ActivityPub::LinkedDataSignature).to receive(:verify_account!).and_return(nil) + expect(ActivityPub::Activity).not_to receive(:factory) subject.call(json, forwarder) end -- cgit From b2f4114550d8cc3af929736c122d69b6e76fcea8 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sun, 30 Dec 2018 18:58:51 +0100 Subject: Do not ignore federated reports targetting already-reported accounts (#9534) --- app/lib/activitypub/activity/flag.rb | 2 -- 1 file changed, 2 deletions(-) (limited to 'app/lib') diff --git a/app/lib/activitypub/activity/flag.rb b/app/lib/activitypub/activity/flag.rb index 92e59bb81..0d10d6c3c 100644 --- a/app/lib/activitypub/activity/flag.rb +++ b/app/lib/activitypub/activity/flag.rb @@ -8,8 +8,6 @@ class ActivityPub::Activity::Flag < ActivityPub::Activity target_statuses_by_account = object_uris.map { |uri| status_from_uri(uri) }.compact.select(&:local?).group_by(&:account_id) target_accounts.each do |target_account| - next if Report.where(account: @account, target_account: target_account).exists? - target_statuses = target_statuses_by_account[target_account.id] ReportService.new.call( -- cgit From 70be301d6988c229b18e165b6501f988359181ff Mon Sep 17 00:00:00 2001 From: ThibG Date: Wed, 2 Jan 2019 01:12:02 +0100 Subject: Ensure blocked user unfollows blocker if Block/Undo Block are processed out of order (#9687) * Ensure blocked user unfollows blocker if Block/Undo Block are processed out of order * Add specs for Block causing unfollow and for out-of-order Block + Undo --- app/lib/activitypub/activity/block.rb | 5 ++- spec/lib/activitypub/activity/block_spec.rb | 67 ++++++++++++++++++++++++++--- 2 files changed, 65 insertions(+), 7 deletions(-) (limited to 'app/lib') diff --git a/app/lib/activitypub/activity/block.rb b/app/lib/activitypub/activity/block.rb index 26da8bdf5..a17a2d50a 100644 --- a/app/lib/activitypub/activity/block.rb +++ b/app/lib/activitypub/activity/block.rb @@ -4,9 +4,10 @@ class ActivityPub::Activity::Block < ActivityPub::Activity def perform target_account = account_from_uri(object_uri) - return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.blocking?(target_account) + return if target_account.nil? || !target_account.local? || @account.blocking?(target_account) UnfollowService.new.call(target_account, @account) if target_account.following?(@account) - @account.block!(target_account, uri: @json['id']) + + @account.block!(target_account, uri: @json['id']) unless delete_arrived_first?(@json['id']) end end diff --git a/spec/lib/activitypub/activity/block_spec.rb b/spec/lib/activitypub/activity/block_spec.rb index 23c8cc31c..94d37356d 100644 --- a/spec/lib/activitypub/activity/block_spec.rb +++ b/spec/lib/activitypub/activity/block_spec.rb @@ -14,15 +14,72 @@ RSpec.describe ActivityPub::Activity::Block do }.with_indifferent_access end - describe '#perform' do - subject { described_class.new(json, sender) } + context 'when the recipient does not follow the sender' do + describe '#perform' do + subject { described_class.new(json, sender) } + + before do + subject.perform + end + + it 'creates a block from sender to recipient' do + expect(sender.blocking?(recipient)).to be true + end + end + end + + context 'when the recipient follows the sender' do + before do + recipient.follow!(sender) + end + + describe '#perform' do + subject { described_class.new(json, sender) } + + before do + subject.perform + end + + it 'creates a block from sender to recipient' do + expect(sender.blocking?(recipient)).to be true + end + + it 'ensures recipient is not following sender' do + expect(recipient.following?(sender)).to be false + end + end + end + + context 'when a matching undo has been received first' do + let(:undo_json) do + { + '@context': 'https://www.w3.org/ns/activitystreams', + id: 'bar', + type: 'Undo', + actor: ActivityPub::TagManager.instance.uri_for(sender), + object: json, + }.with_indifferent_access + end before do - subject.perform + recipient.follow!(sender) + ActivityPub::Activity::Undo.new(undo_json, sender).perform end - it 'creates a block from sender to recipient' do - expect(sender.blocking?(recipient)).to be true + describe '#perform' do + subject { described_class.new(json, sender) } + + before do + subject.perform + end + + it 'does not create a block from sender to recipient' do + expect(sender.blocking?(recipient)).to be false + end + + it 'ensures recipient is not following sender' do + expect(recipient.following?(sender)).to be false + end end end end -- cgit From bb96a7463758687f8187ae4483becd346c2482b3 Mon Sep 17 00:00:00 2001 From: Thibaut Girka Date: Wed, 2 Jan 2019 13:56:31 +0100 Subject: Revert "Add handler for Move activity (#9629)" This reverts commit 0f938ff29c2e9bf92e3eb9c23be8d4ba3a1b97f7. --- app/lib/activitypub/activity.rb | 2 - app/lib/activitypub/activity/follow.rb | 2 +- app/lib/activitypub/activity/move.rb | 43 ------------------ app/lib/activitypub/adapter.rb | 1 - app/models/account.rb | 5 --- app/serializers/activitypub/actor_serializer.rb | 5 --- .../activitypub/process_account_service.rb | 1 - app/services/follow_service.rb | 2 +- app/workers/unfollow_follow_worker.rb | 18 -------- ...20181226021420_add_also_known_as_to_accounts.rb | 5 --- db/schema.rb | 3 +- spec/lib/activitypub/activity/move_spec.rb | 52 ---------------------- 12 files changed, 3 insertions(+), 136 deletions(-) delete mode 100644 app/lib/activitypub/activity/move.rb delete mode 100644 app/workers/unfollow_follow_worker.rb delete mode 100644 db/migrate/20181226021420_add_also_known_as_to_accounts.rb delete mode 100644 spec/lib/activitypub/activity/move_spec.rb (limited to 'app/lib') diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb index 87318fb1c..0a729011f 100644 --- a/app/lib/activitypub/activity.rb +++ b/app/lib/activitypub/activity.rb @@ -50,8 +50,6 @@ class ActivityPub::Activity ActivityPub::Activity::Add when 'Remove' ActivityPub::Activity::Remove - when 'Move' - ActivityPub::Activity::Move end end end diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb index 1e805c0d1..5e703dc61 100644 --- a/app/lib/activitypub/activity/follow.rb +++ b/app/lib/activitypub/activity/follow.rb @@ -6,7 +6,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account) - if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) || target_account.moved? + if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) reject_follow_request!(target_account) return end diff --git a/app/lib/activitypub/activity/move.rb b/app/lib/activitypub/activity/move.rb deleted file mode 100644 index d7a5f595c..000000000 --- a/app/lib/activitypub/activity/move.rb +++ /dev/null @@ -1,43 +0,0 @@ -# frozen_string_literal: true - -class ActivityPub::Activity::Move < ActivityPub::Activity - PROCESSING_COOLDOWN = 7.days.seconds - - def perform - return if origin_account.uri != object_uri || processed? - - mark_as_processing! - - target_account = ActivityPub::FetchRemoteAccountService.new.call(target_uri) - - return if target_account.nil? || !target_account.also_known_as.include?(origin_account.uri) - - # In case for some reason we didn't have a redirect for the profile already, set it - origin_account.update(moved_to_account: target_account) if origin_account.moved_to_account_id.nil? - - # Initiate a re-follow for each follower - origin_account.followers.local.select(:id).find_in_batches do |follower_accounts| - UnfollowFollowWorker.push_bulk(follower_accounts.map(&:id)) do |follower_account_id| - [follower_account_id, origin_account.id, target_account.id] - end - end - end - - private - - def origin_account - @account - end - - def target_uri - value_or_id(@json['target']) - end - - def processed? - redis.exists("move_in_progress:#{@account.id}") - end - - def mark_as_processing! - redis.setex("move_in_progress:#{@account.id}", PROCESSING_COOLDOWN, true) - end -end diff --git a/app/lib/activitypub/adapter.rb b/app/lib/activitypub/adapter.rb index 99f4d9305..d35cae889 100644 --- a/app/lib/activitypub/adapter.rb +++ b/app/lib/activitypub/adapter.rb @@ -10,7 +10,6 @@ class ActivityPub::Adapter < ActiveModelSerializers::Adapter::Base 'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers', 'sensitive' => 'as:sensitive', 'movedTo' => { '@id' => 'as:movedTo', '@type' => '@id' }, - 'alsoKnownAs' => { '@id' => 'as:alsoKnownAs', '@type' => '@id' }, 'Hashtag' => 'as:Hashtag', 'ostatus' => 'http://ostatus.org#', 'atomUri' => 'ostatus:atomUri', diff --git a/app/models/account.rb b/app/models/account.rb index 67d9a583e..722e47d65 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -44,7 +44,6 @@ # fields :jsonb # actor_type :string # discoverable :boolean -# also_known_as :string is an Array # class Account < ApplicationRecord @@ -233,10 +232,6 @@ class Account < ApplicationRecord end end - def also_known_as - self[:also_known_as] || [] - end - def fields (self[:fields] || []).map { |f| Field.new(self, f) } end diff --git a/app/serializers/activitypub/actor_serializer.rb b/app/serializers/activitypub/actor_serializer.rb index 6746c1782..72c30dc73 100644 --- a/app/serializers/activitypub/actor_serializer.rb +++ b/app/serializers/activitypub/actor_serializer.rb @@ -14,7 +14,6 @@ class ActivityPub::ActorSerializer < ActiveModel::Serializer has_many :virtual_attachments, key: :attachment attribute :moved_to, if: :moved? - attribute :also_known_as, if: :also_known_as? class EndpointsSerializer < ActiveModel::Serializer include RoutingHelper @@ -117,10 +116,6 @@ class ActivityPub::ActorSerializer < ActiveModel::Serializer ActivityPub::TagManager.instance.uri_for(object.moved_to_account) end - def also_known_as? - !object.also_known_as.empty? - end - class CustomEmojiSerializer < ActivityPub::EmojiSerializer end diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index d6480028f..5c865dae2 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -75,7 +75,6 @@ class ActivityPub::ProcessAccountService < BaseService @account.note = @json['summary'] || '' @account.locked = @json['manuallyApprovesFollowers'] || false @account.fields = property_values || {} - @account.also_known_as = as_array(@json['alsoKnownAs'] || []).map { |item| value_or_id(item) } @account.actor_type = actor_type end diff --git a/app/services/follow_service.rb b/app/services/follow_service.rb index 9d36a1449..24b3e1f70 100644 --- a/app/services/follow_service.rb +++ b/app/services/follow_service.rb @@ -10,7 +10,7 @@ class FollowService < BaseService target_account = ResolveAccountService.new.call(target_account, skip_webfinger: true) raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended? - raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved? + raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) if source_account.following?(target_account) # We're already following this account, but we'll call follow! again to diff --git a/app/workers/unfollow_follow_worker.rb b/app/workers/unfollow_follow_worker.rb deleted file mode 100644 index a2133bb8c..000000000 --- a/app/workers/unfollow_follow_worker.rb +++ /dev/null @@ -1,18 +0,0 @@ -# frozen_string_literal: true - -class UnfollowFollowWorker - include Sidekiq::Worker - - sidekiq_options queue: 'pull' - - def perform(follower_account_id, old_target_account_id, new_target_account_id) - follower_account = Account.find(follower_account_id) - old_target_account = Account.find(old_target_account_id) - new_target_account = Account.find(new_target_account_id) - - UnfollowService.new.call(follower_account, old_target_account) - FollowService.new.call(follower_account, new_target_account) - rescue ActiveRecord::RecordNotFound - true - end -end diff --git a/db/migrate/20181226021420_add_also_known_as_to_accounts.rb b/db/migrate/20181226021420_add_also_known_as_to_accounts.rb deleted file mode 100644 index 1fd956680..000000000 --- a/db/migrate/20181226021420_add_also_known_as_to_accounts.rb +++ /dev/null @@ -1,5 +0,0 @@ -class AddAlsoKnownAsToAccounts < ActiveRecord::Migration[5.2] - def change - add_column :accounts, :also_known_as, :string, array: true - end -end diff --git a/db/schema.rb b/db/schema.rb index b8a9f8c58..48ffea3dd 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2018_12_26_021420) do +ActiveRecord::Schema.define(version: 2018_12_19_235220) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -134,7 +134,6 @@ ActiveRecord::Schema.define(version: 2018_12_26_021420) do t.jsonb "fields" t.string "actor_type" t.boolean "discoverable" - t.string "also_known_as", array: true t.index "(((setweight(to_tsvector('simple'::regconfig, (display_name)::text), 'A'::\"char\") || setweight(to_tsvector('simple'::regconfig, (username)::text), 'B'::\"char\")) || setweight(to_tsvector('simple'::regconfig, (COALESCE(domain, ''::character varying))::text), 'C'::\"char\")))", name: "search_index", using: :gin t.index "lower((username)::text), lower((domain)::text)", name: "index_accounts_on_username_and_domain_lower", unique: true t.index ["moved_to_account_id"], name: "index_accounts_on_moved_to_account_id" diff --git a/spec/lib/activitypub/activity/move_spec.rb b/spec/lib/activitypub/activity/move_spec.rb deleted file mode 100644 index 3574f273a..000000000 --- a/spec/lib/activitypub/activity/move_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'rails_helper' - -RSpec.describe ActivityPub::Activity::Move do - let(:follower) { Fabricate(:account) } - let(:old_account) { Fabricate(:account) } - let(:new_account) { Fabricate(:account) } - - before do - follower.follow!(old_account) - - old_account.update!(uri: 'https://example.org/alice', domain: 'example.org', protocol: :activitypub, inbox_url: 'https://example.org/inbox') - new_account.update!(uri: 'https://example.com/alice', domain: 'example.com', protocol: :activitypub, inbox_url: 'https://example.com/inbox', also_known_as: [old_account.uri]) - - stub_request(:post, 'https://example.org/inbox').to_return(status: 200) - stub_request(:post, 'https://example.com/inbox').to_return(status: 200) - - service_stub = double - allow(ActivityPub::FetchRemoteAccountService).to receive(:new).and_return(service_stub) - allow(service_stub).to receive(:call).and_return(new_account) - end - - let(:json) do - { - '@context': 'https://www.w3.org/ns/activitystreams', - id: 'foo', - type: 'Move', - actor: old_account.uri, - object: old_account.uri, - target: new_account.uri, - }.with_indifferent_access - end - - describe '#perform' do - subject { described_class.new(json, old_account) } - - before do - subject.perform - end - - it 'sets moved account on old account' do - expect(old_account.reload.moved_to_account_id).to eq new_account.id - end - - it 'makes followers unfollow old account' do - expect(follower.following?(old_account)).to be false - end - - it 'makes followers follow-request the new account' do - expect(follower.requested?(new_account)).to be true - end - end -end -- cgit