mirror of
https://github.com/LemmyNet/lemmy.git
synced 2025-01-11 04:25:55 +00:00
Nutomic
aef4403412
* Add test case to ensure all errors are in use * Add test case to find errors that are only used for federation * Move federation errors into separate enum (fixes #4926) * clippy * clippy * remove serde tag * Reduce errors dess (#5138) * Add option to search exclusively by post title (#5015) * Add option to search exclusively by post title * Address format issues * Remove duplicated 'removed' filter * Replace url_search with search_term * Build generic PostQuery before search match * Create default queries. Move title_only to Search struct. Rename Url to PostURL * Revert PostUrl to Url * Upgrading webmention to 0.6.0, removes native-tls (#4976) * Removing embedded pict-rs. (#5023) Some reasons for removing this: - Even as an optional dependency, it locks us to many specific versions of rust deps. - Pict-rs is a large app that can and should be run in on its own. - Violates the philosophy of separation of concerns. * Adding clearurls crate to clean tracking params from links and markdown. (#5018) * Adding clearurls crate to clean tracking params from links and markdown. - Thanks to @jenrdikw for creating this - Fixes #4905 * Upgrading to new version of clearurls * Fix clippy * Remove enable nsfw (#5017) * Remove `local_site.enable_nsfw` in favor of `site.content_warning` (fixes #4627) * cleanup usage of SiteView::read_local * test * uppercase * SSO Support (#4881) * Added OAUTH2 OIDC support * Fixes and improvements based on review feedback * use derive_new::new instead of TypedBuilder * merge migrations into a single file * fixes based on review feedback * remove unnecessary hostname_ui config * improvement based on review feedback * improvements based on review feedback * delete user oauth accounts at account deletion * fixes and improvements based on review feedback * removed auto_approve_application * support registration application with sso * improvements based on review feedback * making the TokenResponse an internal struct as it should be * remove duplicate struct * prevent oauth linking to unverified accounts * switched to manually entered username and removed the oauth name claim * fix cargo fmt * fix compile error * improvements based on review feedback * fixes and improvements based on review feedback --------- Co-authored-by: privacyguard <privacyguard@users.noreply.github.com> * Adding ability to restore content on user unban. (#4845) * Adding ability to restore content on user unban. - Fixes #4721 * Fixing api tests. * Fix package.json * Fixing lemmy-js-client dep. * Adding API test for restoring content. * Adding a default_comment_sort_type column for local_site and local_user. (#4469) * Adding a default_comment_sort_type column for local_site and local_user. - Renamed SortType to PostSortType in the DB and code. - Renamed references to default_sort_type to default_post_sort_type. - Fixes #4128 * Renaming migration to current date. * Simplifying PostSortType. * Simplify tests using default (#5026) * Feature/custom emoji and tagline views (#4580) * Add custom_emoji list route * Add tagline list route * Apply linting * Remove unecessary TaglineView * Add category filter for custom emoji * Add create tagline endpoint * Add update tagline endpoint * Add delete tagline endpoint * Format through lint.sh * Remove custom_emojis and taglines from site resource * Get random tagline on site requets * Impl Crud for Tagline Remove superfluous properties * Move tagline endpoints under /admin * Impl Crud for CustomEmoji * Remove delete from tagline and custom emoji impls * Check markdown for tagline * Validate markdown on tagline * Make content fields non optional Add error types for tagline validation * Use process_markdown instead of process_markdown_opt * Consolidate Tagline error types * Remove unecessary clone * Updat misleading comments * Remove local_site_id from tagline and custom_emoji * Update TaglineInserForm and TaglineUpdateForm * Add ignore_page_limits for custom emojis EmojiPicker needs to be able to retrieve all emojis in 1 call * Update custom_emoji_view Only keep get_all als helper function calling list with paging ignored Only order on category when filtering on category * Removing pointless get_all fn. * remove tagline length checks * make fields of TaglineInsertForm and TaglineUpdateForm mandatory * move emoji order statement * add comment for GetSiteResponse.tagline --------- Co-authored-by: Freakazoid182 <> Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com> Co-authored-by: Dessalines <tyhou13@gmx.com> Co-authored-by: Felix Ableitner <me@nutomic.com> * Add category to RSS feeds (fixes #3446) (#5030) * Unittest for Search by title only (#5033) * added test for search by title only * formatted rust files * Upgrading to rust 1.81 (#5032) * Remove TypedBuilder in favor of derive_new (fixes #4863) (#5020) * Remove TypedBuilder in favor of derive_new (fixes #4863) * fix * fix * Ignore zero values when setting rate limits (fixes #4280) (#5029) * Ignore zero values when setting rate limits (fixes #4280) Havent bothered to add an error message for such an uncommon case. * fmt * reorder, add test * Always save remote image data (#4875) * Always save remote image data * cleanup --------- Co-authored-by: Felix Ableitner <me@nutomic.com> Co-authored-by: Dessalines <dessalines@users.noreply.github.com> * Get rid of a lot of pointless mut form initializations. (#5037) * Get rid of a lot of pointless mut form initializations. - Fixes #5036 * Fix clippy. * Simplify handling of NotFound SQL errors (fixes #4633) (#5031) * Simplify handling of NotFound SQL errors (fixes #4633) * fmt * wip * compiling * clippy * api tests * fix * Adding saved_only, liked_only, and disliked_only filters to search. (#5034) * Adding saved_only, liked_only, and disliked_only filters to search. - Fixes #4547 * Removing duplicate Url return type for search (was actually post). - This now works like the post_title_only filter. * Address PR comments. * Add saved_only post_view test. * Removing a few more Result<bool> . (#4977) * Removing a few more Result<bool> . * Running taplo fmt. * Running fmt. * Adding email taken test. * Fixing tests. * Adding back in missing admin check. * Rename check_has_local_followers function. * Conditionally hide comments on nsfw posts (fixes #4237) (#5028) * Conditionally hide comments on nsfw posts (fixes #4237) * fix test * Post scheduling (fixes #234) (#5025) * Post scheduling (fixes #234) * clippy * replace map_err with inspect_err * ignore unpublished posts in read queries * add api test * fmt * add some checks * address some review comments * allow updating schedule time * rewrite scheduled task * fmt * machete * compare date in sql, more filters * check for community ban in sql * remove api test (scheduled task only runs every 10 mins) * remove mut * add index * remove Post::read impl * fmt * fix * correctly handle changes to schedule time * normal users can only schedule up to 10 posts * Remove redundant local_user.auto_expand setting. (#5041) - Fixes #4643 Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com> * Add ability to search for Community by its description (or title only). (#5044) - This changes the post_title_only for Search to title_only, since its also used in the community query now. - Fixes #4785 * Cleanup remaining use of Result<bool, Error> (fixes #4862) (#5047) * Replace clippy allow annotation with expect (fixes #5012) (#5048) * Add skip_serialize_none to OAuth structs with option fields (#5046) * Add skip_serialize_none to OAuth structs with option fields * PR feedback * Remove serde and ts export from SSO db-only structs * Apply scheduled post limit to future posts instead of past posts, and verify this in test (#5054) * test scheduled_post_count * fix syntax error * fix formatting * fix argument order * fix user_scheduled_post_count function * Avoid breaking changes, keep response fields as deprecated (#5058) * Adding skip_serializing_none to another OAuth API request. (#5060) * Handle partial settings backup (fixes #4307) (#5063) * Handle partial settings backup (fixes #4307) * clippy * Avoid stack overflow when fetching nested comments, reduce max comment depth to 50 (#5009) * Avoid stack overflow when fetching deeply nested comments * add test case * reduce comment depth, add docs * decrease * reduce max comment depth to 50 * fmt * clippy * cleanup * Update Rust crate clap to v4.5.18 (#5066) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate reqwest to v0.12.8 (#5068) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate sitemap-rs to v0.2.2 (#5069) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate tracing-actix-web to v0.7.13 (#5070) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Changing renovate to run on the weekends. (#5067) - Lemmy builds take a long time, and the current schedule only runs for about 4 hours once a month, and renovate also rate-limits itself to ~ 2 per hour. This gives it a large enough window, without clogging up my runner machines. * Update Rust crate async-trait to v0.1.83 (#5065) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update dependency @types/jest to v29.5.13 (#5071) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Attempt to fix test for fetching deeply nested comment (#5072) Co-authored-by: Dessalines <dessalines@users.noreply.github.com> * Add modlog entries for bulk removals. (#5050) * Add modlog entries for bulk removals. - Added unit tests for removal / restore to api_common/utils. - Fixes #4699 * Address PR comments. * Combining remove and restore functions. * Trigger build. * Trigger build 2. * Changing allow to expect. * Adding local site settings to reject federated upvotes or downvotes. (#5038) * Adding local site settings to reject federated upvotes or downvotes. - Should help defend against downvote spamming instances. - Fixes #4086 * Adding new vote mode types. * Simpler activitypub vote check. * Adding undo vote for failed vote mode check. * Update crates/api_common/src/utils.rs --------- Co-authored-by: Nutomic <me@nutomic.com> * Replace `clippy::unwrap_used` in tests (#5064) * Add LemmyResult to session_middleware tests * Add LemmyResult to inboxes tests * Add LemmyResult to slurs tests * Add LemmyResult to markdown tests * Add LemmyResult to rate_limiter tests * Add LemmyResult to error tests * Add LemmyResult to api_common utils tests * Add LemmyResult to request tests * Add LemmyResult to claims tests * Propagate registration_applications errors * Remove clippy::unwrap_used from community tests * Add LemmyResult to community_view tests * Add LemmyResult to db_schema post tests * Add LemmyResult to site_aggregates tests * Add LemmyResult to private_message tests * Add LemmyResult to activity tests * Add LemmyResult to federation_allowlist tests * Add LemmyResult to comment_aggregates tests * Add LemmyResult to post_report tests * Add LemmyResult to moderator tests * Add LemmyResult to community_aggregates tests * Add LemmyResult to person_aggregates tests * Add LemmyResult to language tests * Add LemmyResult to post_aggregates tests * Add LemmyResult to db_schema comment tests * Add LemmyResult to actor_language tests * Add LemmyResult to vote_view tests * Add LemmyResult to registration_application_view tests * Add LemmyResult to private_message_view tests * Add LemmyResult to private_message_report_view tests * Add LemmyResult to post_report_view tests * Add LemmyResult to comment_report_view tests * Add LemmyResult to sitemap tests * Replace .expect() with .unwrap() * Format code * Remove clippy::unwrap_used from activity tests * Add diesel result in db_schema tests * Format code * Map to_bytes() error to LemmyErrorType * Remove clippy::unwrap_used from error tests * Removing a few more unwraps, and cleaning up language code. * Replace map_err with unwrap_or_default * Replace ok_or with and_then --------- Co-authored-by: Dessalines <tyhou13@gmx.com> * Adding a get_random_community endpoint. (#5042) * Adding a get_random_community endpoint. - Fixes #4698 * Fixing issue from main. * Adding ListingType to the query. * More concise query filter. * Resolve links to remote posts into local URL (#5057) * move code to new file * rewrite markdown links (fixes #2987) * add missing file * add helper fn * also convert post.url * simplify search.rs * clippy * also rewrite user/community links in markdown * Call from apub handlers, cleanup * no network requests in test * clippy * fix tests * serial * test * no mut * add api test * fix api test * Update Rust crate clap to v4.5.19 (#5080) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate html2text to v0.12.6 (#5081) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate rustls to v0.23.14 (#5083) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update rust-futures monorepo to v0.3.31 (#5090) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate actix-web-prom to 0.9.0 (#5091) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate regex to v1.11.0 (#5093) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate serde_with to v3.10.0 (#5094) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate serde_with to v3.11.0 (#5095) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update dependency ts-jest to v29.2.5 (#5089) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update dependency typescript to v5.6.2 (#5098) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update dependency eslint to v9.12.0 (#5097) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update docker/dockerfile Docker tag to v1.10 (#5099) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update pnpm to v9.12.0 (#5100) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update Rust crate reqwest to v0.12.8 (#5082) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update dependency @types/node to v22.7.4 (#5096) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update tamasfe/taplo Docker tag to v0.9.3 (#5101) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update tmknom/prettier Docker tag to v3.2.5 (#5102) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Add test case for community.hidden in post_view (ref #5074) (#5106) * Resize post thumbnails (fixes #4053) (#5107) * Resize post thumbnails (fixes #4053) * 256px * Update typescript-eslint monorepo to v8.8.1 (#5103) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Update renovate config (#5109) * Update renovate config * ignroe rust updates, run on first day of month * fix * Add community alphabetic sorting (#5056) * Started * Finished? Need to write tests * Formatting * Formatting * Formatting * Write tests * Formatting * Formatting * Formatting * Unnecessary lifetime * Safety * Unwrap * Formatting * Formatting * Fix local_only test * Formatting * Name consistency * Adding lower to community name sort. --------- Co-authored-by: Dessalines <tyhou13@gmx.com> Co-authored-by: Dessalines <dessalines@users.noreply.github.com> * Support markdown sub/superscript, use external crate for spoilers (#5135) * Use external crate for spoiler tags * Also add other plugins * fix test * Remove comment_like.post_id column which is unnecessary (ref #5122) (#5134) * Allow admins to resolve removed or deleted objects via API (#5061) * Allow admins to resolve removed or deleted objects via API * Removing pointless TestUser. --------- Co-authored-by: Dessalines <tyhou13@gmx.com> * Remove individual user/community inboxes (#5124) * Remove endpoints for individual community/user inboxes fixes #4147 fixes #3928 * Remove shared_inbox_url columns * fmt * Fixing errors. --------- Co-authored-by: Carlos Cabello <carloscabello364@gmail.com> Co-authored-by: Nutomic <me@nutomic.com> Co-authored-by: privacyguard <92675882+privacyguard@users.noreply.github.com> Co-authored-by: privacyguard <privacyguard@users.noreply.github.com> Co-authored-by: Freakazoid182 <5238563+Freakazoid182@users.noreply.github.com> Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com> Co-authored-by: leoseg <70430884+leoseg@users.noreply.github.com> Co-authored-by: Sander Saarend <sander@saarend.com> Co-authored-by: Joseph Silva <dull.bananas0@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: netbrum <130702882+netbrum@users.noreply.github.com> Co-authored-by: Steven Vergenz <1882376+stevenvergenz@users.noreply.github.com> Co-authored-by: Richard Schwab <gitrichardschwab-7a2qxq42kj@central-intelligence.agency> * Search with LemmyErrorType prefix --------- Co-authored-by: Dessalines <dessalines@users.noreply.github.com> Co-authored-by: Carlos Cabello <carloscabello364@gmail.com> Co-authored-by: privacyguard <92675882+privacyguard@users.noreply.github.com> Co-authored-by: privacyguard <privacyguard@users.noreply.github.com> Co-authored-by: Freakazoid182 <5238563+Freakazoid182@users.noreply.github.com> Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com> Co-authored-by: leoseg <70430884+leoseg@users.noreply.github.com> Co-authored-by: Sander Saarend <sander@saarend.com> Co-authored-by: Joseph Silva <dull.bananas0@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: netbrum <130702882+netbrum@users.noreply.github.com> Co-authored-by: Steven Vergenz <1882376+stevenvergenz@users.noreply.github.com> Co-authored-by: Richard Schwab <gitrichardschwab-7a2qxq42kj@central-intelligence.agency> Co-authored-by: Dessalines <tyhou13@gmx.com>
215 lines
6.7 KiB
Rust
215 lines
6.7 KiB
Rust
use crate::fetcher::post_or_comment::PostOrComment;
|
|
use activitypub_federation::{
|
|
config::{Data, UrlVerifier},
|
|
error::Error as ActivityPubError,
|
|
};
|
|
use async_trait::async_trait;
|
|
use lemmy_api_common::context::LemmyContext;
|
|
use lemmy_db_schema::{
|
|
source::{activity::ReceivedActivity, instance::Instance, local_site::LocalSite},
|
|
utils::{ActualDbPool, DbPool},
|
|
};
|
|
use lemmy_utils::{
|
|
error::{FederationError, LemmyError, LemmyErrorType, LemmyResult},
|
|
CACHE_DURATION_FEDERATION,
|
|
};
|
|
use moka::future::Cache;
|
|
use serde_json::Value;
|
|
use std::sync::{Arc, LazyLock};
|
|
use url::Url;
|
|
|
|
pub mod activities;
|
|
pub mod activity_lists;
|
|
pub mod api;
|
|
pub(crate) mod collections;
|
|
pub mod fetcher;
|
|
pub mod http;
|
|
pub(crate) mod mentions;
|
|
pub mod objects;
|
|
pub mod protocol;
|
|
|
|
/// Maximum number of outgoing HTTP requests to fetch a single object. Needs to be high enough
|
|
/// to fetch a new community with posts, moderators and featured posts.
|
|
pub const FEDERATION_HTTP_FETCH_LIMIT: u32 = 100;
|
|
|
|
/// Only include a basic context to save space and bandwidth. The main context is hosted statically
|
|
/// on join-lemmy.org. Include activitystreams explicitly for better compat, but this could
|
|
/// theoretically also be moved.
|
|
pub static FEDERATION_CONTEXT: LazyLock<Value> = LazyLock::new(|| {
|
|
Value::Array(vec![
|
|
Value::String("https://join-lemmy.org/context.json".to_string()),
|
|
Value::String("https://www.w3.org/ns/activitystreams".to_string()),
|
|
])
|
|
});
|
|
|
|
#[derive(Clone)]
|
|
pub struct VerifyUrlData(pub ActualDbPool);
|
|
|
|
#[async_trait]
|
|
impl UrlVerifier for VerifyUrlData {
|
|
async fn verify(&self, url: &Url) -> Result<(), ActivityPubError> {
|
|
let local_site_data = local_site_data_cached(&mut (&self.0).into())
|
|
.await
|
|
.expect("read local site data");
|
|
use FederationError::*;
|
|
check_apub_id_valid(url, &local_site_data).map_err(|err| match err {
|
|
LemmyError {
|
|
error_type: LemmyErrorType::FederationError(Some(FederationDisabled)),
|
|
..
|
|
} => ActivityPubError::Other("Federation disabled".into()),
|
|
LemmyError {
|
|
error_type: LemmyErrorType::FederationError(Some(DomainBlocked(domain))),
|
|
..
|
|
} => ActivityPubError::Other(format!("Domain {domain:?} is blocked")),
|
|
LemmyError {
|
|
error_type: LemmyErrorType::FederationError(Some(DomainNotInAllowList(domain))),
|
|
..
|
|
} => ActivityPubError::Other(format!("Domain {domain:?} is not in allowlist")),
|
|
_ => ActivityPubError::Other("Failed validating apub id".into()),
|
|
})?;
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
/// Checks if the ID is allowed for sending or receiving.
|
|
///
|
|
/// In particular, it checks for:
|
|
/// - federation being enabled (if its disabled, only local URLs are allowed)
|
|
/// - the correct scheme (either http or https)
|
|
/// - URL being in the allowlist (if it is active)
|
|
/// - URL not being in the blocklist (if it is active)
|
|
#[tracing::instrument(skip(local_site_data))]
|
|
fn check_apub_id_valid(apub_id: &Url, local_site_data: &LocalSiteData) -> LemmyResult<()> {
|
|
let domain = apub_id
|
|
.domain()
|
|
.ok_or(FederationError::UrlWithoutDomain)?
|
|
.to_string();
|
|
|
|
if !local_site_data
|
|
.local_site
|
|
.as_ref()
|
|
.map(|l| l.federation_enabled)
|
|
.unwrap_or(true)
|
|
{
|
|
Err(FederationError::FederationDisabled)?
|
|
}
|
|
|
|
if local_site_data
|
|
.blocked_instances
|
|
.iter()
|
|
.any(|i| domain.to_lowercase().eq(&i.domain.to_lowercase()))
|
|
{
|
|
Err(FederationError::DomainBlocked(domain.clone()))?
|
|
}
|
|
|
|
// Only check this if there are instances in the allowlist
|
|
if !local_site_data.allowed_instances.is_empty()
|
|
&& !local_site_data
|
|
.allowed_instances
|
|
.iter()
|
|
.any(|i| domain.to_lowercase().eq(&i.domain.to_lowercase()))
|
|
{
|
|
Err(FederationError::DomainNotInAllowList(domain))?
|
|
}
|
|
|
|
Ok(())
|
|
}
|
|
|
|
#[derive(Clone)]
|
|
pub(crate) struct LocalSiteData {
|
|
local_site: Option<LocalSite>,
|
|
allowed_instances: Vec<Instance>,
|
|
blocked_instances: Vec<Instance>,
|
|
}
|
|
|
|
pub(crate) async fn local_site_data_cached(
|
|
pool: &mut DbPool<'_>,
|
|
) -> LemmyResult<Arc<LocalSiteData>> {
|
|
// All incoming and outgoing federation actions read the blocklist/allowlist and slur filters
|
|
// multiple times. This causes a huge number of database reads if we hit the db directly. So we
|
|
// cache these values for a short time, which will already make a huge difference and ensures that
|
|
// changes take effect quickly.
|
|
static CACHE: LazyLock<Cache<(), Arc<LocalSiteData>>> = LazyLock::new(|| {
|
|
Cache::builder()
|
|
.max_capacity(1)
|
|
.time_to_live(CACHE_DURATION_FEDERATION)
|
|
.build()
|
|
});
|
|
Ok(
|
|
CACHE
|
|
.try_get_with((), async {
|
|
let (local_site, allowed_instances, blocked_instances) =
|
|
lemmy_db_schema::try_join_with_pool!(pool => (
|
|
// LocalSite may be missing
|
|
|pool| async {
|
|
Ok(LocalSite::read(pool).await.ok())
|
|
},
|
|
Instance::allowlist,
|
|
Instance::blocklist
|
|
))?;
|
|
|
|
Ok::<_, diesel::result::Error>(Arc::new(LocalSiteData {
|
|
local_site,
|
|
allowed_instances,
|
|
blocked_instances,
|
|
}))
|
|
})
|
|
.await?,
|
|
)
|
|
}
|
|
|
|
pub(crate) async fn check_apub_id_valid_with_strictness(
|
|
apub_id: &Url,
|
|
is_strict: bool,
|
|
context: &LemmyContext,
|
|
) -> LemmyResult<()> {
|
|
let domain = apub_id
|
|
.domain()
|
|
.ok_or(FederationError::UrlWithoutDomain)?
|
|
.to_string();
|
|
let local_instance = context
|
|
.settings()
|
|
.get_hostname_without_port()
|
|
.expect("local hostname is valid");
|
|
if domain == local_instance {
|
|
return Ok(());
|
|
}
|
|
|
|
let local_site_data = local_site_data_cached(&mut context.pool()).await?;
|
|
check_apub_id_valid(apub_id, &local_site_data)?;
|
|
|
|
// Only check allowlist if this is a community, and there are instances in the allowlist
|
|
if is_strict && !local_site_data.allowed_instances.is_empty() {
|
|
// need to allow this explicitly because apub receive might contain objects from our local
|
|
// instance.
|
|
let mut allowed_and_local = local_site_data
|
|
.allowed_instances
|
|
.iter()
|
|
.map(|i| i.domain.clone())
|
|
.collect::<Vec<String>>();
|
|
let local_instance = context
|
|
.settings()
|
|
.get_hostname_without_port()
|
|
.expect("local hostname is valid");
|
|
allowed_and_local.push(local_instance);
|
|
|
|
let domain = apub_id
|
|
.domain()
|
|
.ok_or(FederationError::UrlWithoutDomain)?
|
|
.to_string();
|
|
if !allowed_and_local.contains(&domain) {
|
|
Err(FederationError::FederationDisabledByStrictAllowList)?
|
|
}
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
/// Store received activities in the database.
|
|
///
|
|
/// This ensures that the same activity doesn't get received and processed more than once, which
|
|
/// would be a waste of resources.
|
|
#[tracing::instrument(skip(data))]
|
|
async fn insert_received_activity(ap_id: &Url, data: &Data<LemmyContext>) -> LemmyResult<()> {
|
|
ReceivedActivity::create(&mut data.pool(), &ap_id.clone().into()).await?;
|
|
Ok(())
|
|
}
|