hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Transmogrifier: Handle incoming deletes for non-user objects.

Browse source
This commit is contained in:
lain 2020-04-30 15:26:23 +02:00
commit 4dc5302f45
5 changed files with 42 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/pleroma/web/activity_pub/object_validator.ex
View file

@ -11,8 +11,9 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
alias Pleroma.Object
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ObjectValidators.LikeValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.LikeValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.Types
@spec validate(map(), keyword()) :: {:ok, map(), keyword()} | {:error, any()}
def validate(object, meta)

12
lib/pleroma/web/activity_pub/side_effects.ex
View file

@ -28,6 +28,18 @@ defmodule Pleroma.Web.ActivityPub.SideEffects do
result
end
# Tasks this handles:
# - Delete create activity
# - Replace object with Tombstone
# - Set up notification
def handle(%{data: %{"type" => "Delete", "object" => deleted_object}} = object, meta) do
with %Object{} = deleted_object <- Object.normalize(deleted_object),
{:ok, _, _} <- Object.delete(deleted_object) do
Notification.create_notifications(object)
{:ok, object, meta}
end
end
# Nothing to do
def handle(object, meta) do
{:ok, object, meta}

29
lib/pleroma/web/activity_pub/transmogrifier.ex
View file

@ -729,36 +729,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
end
end
# TODO: We presently assume that any actor on the same origin domain as the object being
# deleted has the rights to delete that object. A better way to validate whether or not
# the object should be deleted is to refetch the object URI, which should return either
# an error or a tombstone. This would allow us to verify that a deletion actually took
# place.
def handle_incoming(
%{"type" => "Delete", "object" => object_id, "actor" => actor, "id" => id} = data,
%{"type" => "Delete"} = data,
_options
) do
object_id = Utils.get_ap_id(object_id)
with actor <- Containment.get_actor(data),
{:ok, %User{} = actor} <- User.get_or_fetch_by_ap_id(actor),
{:ok, object} <- get_obj_helper(object_id),
:ok <- Containment.contain_origin(actor.ap_id, object.data),
{:ok, activity} <-
ActivityPub.delete(object, local: false, activity_id: id, actor: actor.ap_id) do
with {:ok, %User{}} <- ObjectValidator.fetch_actor(data),
{:ok, activity, _} <- Pipeline.common_pipeline(data, local: false) do
{:ok, activity}
else
nil ->
case User.get_cached_by_ap_id(object_id) do
%User{ap_id: ^actor} = user ->
User.delete(user)
nil ->
:error
end
_e ->
:error
end
end