hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

AP C2S: remove check for local user since user is already authenticated

Browse source 
Before a request arrives to update_outbox, it already passed through out
Plug authentication (:authenticate), so at this point all users should
be local.

Also adds Listen Activities to the list of allowed Activities that don't
need an existing normalized object referenced in them.
This commit is contained in:
Phantasm 2025-12-03 23:37:46 +01:00
commit 7f3b3c2491
No known key found for this signature in database
GPG key ID: 2669E588BCC634C8
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/pleroma/web/activity_pub/activity_pub_controller.ex
View file

@ -489,8 +489,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
{:ok, activity}
else
{:normalize, _} ->
if user.local and type == "Create" do
# Creating new object via C2S
if type in ["Create", "Listen"] do
# Creating new object via C2S; user is local and authenticated
# via the :authenticate Plug pipeline.
{:ok, activity}
else
{:error, "No such object found"}