is_local check in apub lib

This commit is contained in:
Felix Ableitner 2024-04-09 14:43:53 +02:00
parent 29ebf648c7
commit f89e8b90e8
9 changed files with 34 additions and 24 deletions

5
Cargo.lock generated
View file

@ -16,9 +16,8 @@ checksum = "8f27d075294830fcab6f66e320dab524bc6d048f4a151698e153205559113772"
[[package]] [[package]]
name = "activitypub_federation" name = "activitypub_federation"
version = "0.5.2" version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "git+https://github.com/LemmyNet/activitypub-federation-rust.git?branch=object-id-is-local#579319e75595a7d9ffbc616854fefc7aa9dadc67"
checksum = "a028034c642d3ed16b535f98f48b3df30397833c183d68852d79de16650d5ed5"
dependencies = [ dependencies = [
"activitystreams-kinds", "activitystreams-kinds",
"actix-web", "actix-web",

View file

@ -99,7 +99,7 @@ lemmy_db_views = { version = "=0.19.4-beta.2", path = "./crates/db_views" }
lemmy_db_views_actor = { version = "=0.19.4-beta.2", path = "./crates/db_views_actor" } lemmy_db_views_actor = { version = "=0.19.4-beta.2", path = "./crates/db_views_actor" }
lemmy_db_views_moderator = { version = "=0.19.4-beta.2", path = "./crates/db_views_moderator" } lemmy_db_views_moderator = { version = "=0.19.4-beta.2", path = "./crates/db_views_moderator" }
lemmy_federate = { version = "=0.19.4-beta.2", path = "./crates/federate" } lemmy_federate = { version = "=0.19.4-beta.2", path = "./crates/federate" }
activitypub_federation = { version = "0.5.2", default-features = false, features = [ activitypub_federation = { git = "https://github.com/LemmyNet/activitypub-federation-rust.git", branch = "object-id-is-local", default-features = false, features = [
"actix-web", "actix-web",
] } ] }
diesel = "2.1.4" diesel = "2.1.4"

View file

@ -139,7 +139,7 @@ impl Object for ApubComment {
let community = note.community(context).await?; let community = note.community(context).await?;
check_apub_id_valid_with_strictness(note.id.inner(), community.local, context).await?; check_apub_id_valid_with_strictness(note.id.inner(), community.local, context).await?;
verify_is_remote_object(note.id.inner(), context.settings())?; verify_is_remote_object(&note.id, context)?;
verify_person_in_community(&note.attributed_to, &community, context).await?; verify_person_in_community(&note.attributed_to, &community, context).await?;
let (post, _) = note.get_parents(context).await?; let (post, _) = note.get_parents(context).await?;
let creator = note.attributed_to.dereference(context).await?; let creator = note.attributed_to.dereference(context).await?;
@ -158,8 +158,8 @@ impl Object for ApubComment {
/// If the parent community, post and comment(s) are not known locally, these are also fetched. /// If the parent community, post and comment(s) are not known locally, these are also fetched.
#[tracing::instrument(skip_all)] #[tracing::instrument(skip_all)]
async fn from_json(note: Note, context: &Data<LemmyContext>) -> Result<ApubComment, LemmyError> { async fn from_json(note: Note, context: &Data<LemmyContext>) -> Result<ApubComment, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if note.id.inner().domain() == Some(context.domain()) { if note.id.is_local(context) {
return note.id.dereference_local(context).await; return note.id.dereference_local(context).await;
} }

View file

@ -138,8 +138,8 @@ impl Object for ApubCommunity {
group: Group, group: Group,
context: &Data<Self::DataType>, context: &Data<Self::DataType>,
) -> Result<ApubCommunity, LemmyError> { ) -> Result<ApubCommunity, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if group.id.inner().domain() == Some(context.domain()) { if group.id.is_local(context) {
return group.id.dereference_local(context).await; return group.id.dereference_local(context).await;
} }

View file

@ -138,8 +138,8 @@ impl Object for ApubSite {
#[tracing::instrument(skip_all)] #[tracing::instrument(skip_all)]
async fn from_json(apub: Self::Kind, context: &Data<Self::DataType>) -> Result<Self, LemmyError> { async fn from_json(apub: Self::Kind, context: &Data<Self::DataType>) -> Result<Self, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if apub.id.inner().domain() == Some(context.domain()) { if apub.id.is_local(context) {
return apub.id.dereference_local(context).await; return apub.id.dereference_local(context).await;
} }
let domain = apub.id.inner().domain().expect("group id has domain"); let domain = apub.id.inner().domain().expect("group id has domain");

View file

@ -1,9 +1,14 @@
use crate::protocol::Source; use crate::protocol::Source;
use activitypub_federation::protocol::values::MediaTypeMarkdownOrHtml; use activitypub_federation::{
config::Data,
fetch::object_id::ObjectId,
protocol::values::MediaTypeMarkdownOrHtml,
};
use anyhow::anyhow; use anyhow::anyhow;
use html2md::parse_html; use html2md::parse_html;
use lemmy_utils::{error::LemmyError, settings::structs::Settings}; use lemmy_api_common::context::LemmyContext;
use url::Url; use lemmy_utils::error::LemmyError;
use std::fmt::Debug;
pub mod comment; pub mod comment;
pub mod community; pub mod community;
@ -43,9 +48,15 @@ pub(crate) fn read_from_string_or_source_opt(
/// wrapped in Announce. If we simply receive this like any other federated object, overwrite the /// wrapped in Announce. If we simply receive this like any other federated object, overwrite the
/// existing, local Post. In particular, it will set the field local = false, so that the object /// existing, local Post. In particular, it will set the field local = false, so that the object
/// can't be fetched from the Activitypub HTTP endpoint anymore (which only serves local objects). /// can't be fetched from the Activitypub HTTP endpoint anymore (which only serves local objects).
pub(crate) fn verify_is_remote_object(id: &Url, settings: &Settings) -> Result<(), LemmyError> { pub(crate) fn verify_is_remote_object<T>(
let local_domain = settings.get_hostname_without_port()?; id: &ObjectId<T>,
if id.domain() == Some(&local_domain) { context: &Data<LemmyContext>,
) -> Result<(), LemmyError>
where
T: activitypub_federation::traits::Object<DataType = LemmyContext> + Debug + Send + 'static,
for<'de2> <T as activitypub_federation::traits::Object>::Kind: serde::Deserialize<'de2>,
{
if !id.is_local(context) {
Err(anyhow!("cant accept local object from remote instance").into()) Err(anyhow!("cant accept local object from remote instance").into())
} else { } else {
Ok(()) Ok(())

View file

@ -149,8 +149,8 @@ impl Object for ApubPerson {
person: Person, person: Person,
context: &Data<Self::DataType>, context: &Data<Self::DataType>,
) -> Result<ApubPerson, LemmyError> { ) -> Result<ApubPerson, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if person.id.inner().domain() == Some(context.domain()) { if person.id.is_local(context) {
return person.id.dereference_local(context).await; return person.id.dereference_local(context).await;
} }
let instance_id = fetch_instance_actor_for_object(&person.id, context).await?; let instance_id = fetch_instance_actor_for_object(&person.id, context).await?;

View file

@ -164,7 +164,7 @@ impl Object for ApubPost {
// instance from the post author. // instance from the post author.
if !page.is_mod_action(context).await? { if !page.is_mod_action(context).await? {
verify_domains_match(page.id.inner(), expected_domain)?; verify_domains_match(page.id.inner(), expected_domain)?;
verify_is_remote_object(page.id.inner(), context.settings())?; verify_is_remote_object(&page.id, context)?;
}; };
let community = page.community(context).await?; let community = page.community(context).await?;
@ -182,8 +182,8 @@ impl Object for ApubPost {
#[tracing::instrument(skip_all)] #[tracing::instrument(skip_all)]
async fn from_json(page: Page, context: &Data<Self::DataType>) -> Result<ApubPost, LemmyError> { async fn from_json(page: Page, context: &Data<Self::DataType>) -> Result<ApubPost, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if page.id.inner().domain() == Some(context.domain()) { if page.id.is_local(context) {
return page.id.dereference_local(context).await; return page.id.dereference_local(context).await;
} }

View file

@ -121,8 +121,8 @@ impl Object for ApubPrivateMessage {
note: ChatMessage, note: ChatMessage,
context: &Data<Self::DataType>, context: &Data<Self::DataType>,
) -> Result<ApubPrivateMessage, LemmyError> { ) -> Result<ApubPrivateMessage, LemmyError> {
// Dont allow overwriting local object // Avoid overwriting local object
if note.id.inner().domain() == Some(context.domain()) { if note.id.is_local(context) {
return note.id.dereference_local(context).await; return note.id.dereference_local(context).await;
} }