From 1a6f584fbb97784aaaf10fb5b29579ab963f602a Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Thu, 5 Nov 2020 16:49:10 +0100 Subject: [PATCH] Add `sensitive` column to activities table, so PMs arent served over HTTP --- lemmy_apub/src/activity_queue.rs | 7 ++++++- lemmy_apub/src/http/mod.rs | 6 +++++- lemmy_apub/src/inbox/community_inbox.rs | 2 +- lemmy_apub/src/inbox/shared_inbox.rs | 2 +- lemmy_apub/src/inbox/user_inbox.rs | 2 +- lemmy_apub/src/lib.rs | 3 ++- lemmy_db/src/activity.rs | 8 ++++++-- lemmy_db/src/schema.rs | 1 + 8 files changed, 23 insertions(+), 8 deletions(-) diff --git a/lemmy_apub/src/activity_queue.rs b/lemmy_apub/src/activity_queue.rs index ac96227dc..5e4f113b5 100644 --- a/lemmy_apub/src/activity_queue.rs +++ b/lemmy_apub/src/activity_queue.rs @@ -57,6 +57,7 @@ where vec![inbox], context.pool(), true, + true, ) .await?; } @@ -102,6 +103,7 @@ where follower_inboxes, context.pool(), true, + false, ) .await?; @@ -145,6 +147,7 @@ where vec![inbox], context.pool(), true, + false, ) .await?; } @@ -185,6 +188,7 @@ where mentions, context.pool(), false, // Don't create a new DB row + false, ) .await?; Ok(()) @@ -202,6 +206,7 @@ async fn send_activity_internal( inboxes: Vec, pool: &DbPool, insert_into_db: bool, + sensitive: bool, ) -> Result<(), LemmyError> where T: AsObject + Extends + Debug, @@ -219,7 +224,7 @@ where // might send the same ap_id if insert_into_db { let id = activity.id().context(location_info!())?; - insert_activity(id, activity.clone(), true, pool).await?; + insert_activity(id, activity.clone(), true, sensitive, pool).await?; } for i in inboxes { diff --git a/lemmy_apub/src/http/mod.rs b/lemmy_apub/src/http/mod.rs index 9f6c766c2..91af36b2d 100644 --- a/lemmy_apub/src/http/mod.rs +++ b/lemmy_apub/src/http/mod.rs @@ -54,5 +54,9 @@ pub async fn get_activity( }) .await??; - Ok(create_apub_response(&activity.data)) + if !activity.local || activity.sensitive { + Ok(HttpResponse::NotFound().finish()) + } else { + Ok(create_apub_response(&activity.data)) + } } diff --git a/lemmy_apub/src/inbox/community_inbox.rs b/lemmy_apub/src/inbox/community_inbox.rs index 0e7ad3315..b80d739a7 100644 --- a/lemmy_apub/src/inbox/community_inbox.rs +++ b/lemmy_apub/src/inbox/community_inbox.rs @@ -93,7 +93,7 @@ pub async fn community_inbox( ValidTypes::Undo => handle_undo_follow(any_base, user, community, &context).await, }; - insert_activity(&activity_id, activity.clone(), false, context.pool()).await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/inbox/shared_inbox.rs b/lemmy_apub/src/inbox/shared_inbox.rs index 3c7fa1bfb..3b07400d6 100644 --- a/lemmy_apub/src/inbox/shared_inbox.rs +++ b/lemmy_apub/src/inbox/shared_inbox.rs @@ -125,7 +125,7 @@ pub async fn shared_inbox( ValidTypes::Undo => receive_undo(&context, any_base, actor_id, request_counter).await, }; - insert_activity(&activity_id, activity.clone(), false, context.pool()).await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/inbox/user_inbox.rs b/lemmy_apub/src/inbox/user_inbox.rs index 35ff5c7ad..45fa5ee73 100644 --- a/lemmy_apub/src/inbox/user_inbox.rs +++ b/lemmy_apub/src/inbox/user_inbox.rs @@ -107,7 +107,7 @@ pub async fn user_inbox( } }; - insert_activity(&activity_id, activity.clone(), false, context.pool()).await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/lib.rs b/lemmy_apub/src/lib.rs index b2d64d53a..4bce4cdab 100644 --- a/lemmy_apub/src/lib.rs +++ b/lemmy_apub/src/lib.rs @@ -255,6 +255,7 @@ pub async fn insert_activity( ap_id: &Url, activity: T, local: bool, + sensitive: bool, pool: &DbPool, ) -> Result<(), LemmyError> where @@ -262,7 +263,7 @@ where { let ap_id = ap_id.to_string(); blocking(pool, move |conn| { - Activity::insert(conn, ap_id, &activity, local) + Activity::insert(conn, ap_id, &activity, local, sensitive) }) .await??; Ok(()) diff --git a/lemmy_db/src/activity.rs b/lemmy_db/src/activity.rs index 3c67070b0..b0ec1df69 100644 --- a/lemmy_db/src/activity.rs +++ b/lemmy_db/src/activity.rs @@ -15,6 +15,7 @@ pub struct Activity { pub ap_id: String, pub data: Value, pub local: bool, + pub sensitive: bool, pub published: chrono::NaiveDateTime, pub updated: Option, } @@ -25,6 +26,7 @@ pub struct ActivityForm { pub ap_id: String, pub data: Value, pub local: bool, + pub sensitive: bool, pub updated: Option, } @@ -59,6 +61,7 @@ impl Activity { ap_id: String, data: &T, local: bool, + sensitive: bool, ) -> Result where T: Serialize + Debug, @@ -68,6 +71,7 @@ impl Activity { ap_id, data: serde_json::to_value(&data)?, local, + sensitive, updated: None, }; let result = Activity::create(&conn, &activity_form); @@ -149,9 +153,9 @@ mod tests { .unwrap(); let activity_form = ActivityForm { ap_id: ap_id.to_string(), - user_id: inserted_creator.id, data: test_json.to_owned(), local: true, + sensitive: false, updated: None, }; @@ -160,9 +164,9 @@ mod tests { let expected_activity = Activity { ap_id: ap_id.to_string(), id: inserted_activity.id, - user_id: inserted_creator.id, data: test_json, local: true, + sensitive: false, published: inserted_activity.published, updated: None, }; diff --git a/lemmy_db/src/schema.rs b/lemmy_db/src/schema.rs index b01236050..ec1e25995 100644 --- a/lemmy_db/src/schema.rs +++ b/lemmy_db/src/schema.rs @@ -4,6 +4,7 @@ table! { ap_id -> Text, data -> Jsonb, local -> Bool, + sensitive -> Bool, published -> Timestamp, updated -> Nullable, }