grishka/lemmy
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Security/fix permission bugs (#966)

Browse source 
* secure the `EditPost` API endpoint

* Check user is moderator in BanFromCommunity

* secure the `EditComment` API endpoint

* pass orig `read` prob when not explicitly updating it.

* Block random users from adding mods.

* use cleaner logic from `EditPost`

* prevent editing a community by a mod from transfering ownership to them

* secure `read` action in `EditPrivateMessage`

* Add check in UserMention

* only let the indended recipient mark as read

* simplify booleans to satisfy clippy

* requested changes + cargo +nightly fmt

* fix to pass federation tests for deleting comments and posts

Co-authored-by: chiminh <chiminh.tutanota.com>
Co-authored-by: Hex Bear <buildadangtrain@protonmail.com>
This commit is contained in:
ryexandra 2020-07-14 07:17:25 -06:00 committed by GitHub
parent 52983907c4
commit 29037b4995
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 381 additions and 175 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
server/lemmy_db/src/lib.rs
View file

@ -181,7 +181,10 @@ mod tests {
pub fn establish_unpooled_connection() -> PgConnection { pub fn establish_unpooled_connection() -> PgConnection {
let db_url = match get_database_url_from_env() { let db_url = match get_database_url_from_env() {
Ok(url) => url, Ok(url) => url,
Err(e) => panic!("Failed to read database URL from env var LEMMY_DATABASE_URL: {}", e), Err(e) => panic!(
"Failed to read database URL from env var LEMMY_DATABASE_URL: {}",
e
),
}; };
PgConnection::establish(&db_url).unwrap_or_else(|_| panic!("Error connecting to {}", db_url)) PgConnection::establish(&db_url).unwrap_or_else(|_| panic!("Error connecting to {}", db_url))
} }

3
server/lemmy_utils/src/settings.rs
View file

@ -1,7 +1,6 @@
use config::{Config, ConfigError, Environment, File}; use config::{Config, ConfigError, Environment, File};
use serde::Deserialize; use serde::Deserialize;
use std::{fs, io::Error, net::IpAddr, sync::RwLock}; use std::{env, fs, io::Error, net::IpAddr, sync::RwLock};
use std::env;
static CONFIG_FILE_DEFAULTS: &str = "config/defaults.hjson"; static CONFIG_FILE_DEFAULTS: &str = "config/defaults.hjson";
static CONFIG_FILE: &str = "config/config.hjson"; static CONFIG_FILE: &str = "config/config.hjson";

176
server/src/api/comment.rs
View file

@ -243,28 +243,28 @@ impl Perform for Oper<EditComment> {
let orig_comment = let orig_comment =
blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??; blocking(pool, move |conn| CommentView::read(&conn, edit_id, None)).await??;
let mut editors: Vec<i32> = vec![orig_comment.creator_id];
let mut moderators: Vec<i32> = vec![];
let community_id = orig_comment.community_id;
moderators.append(
&mut blocking(pool, move |conn| {
CommunityModeratorView::for_community(&conn, community_id)
.map(|v| v.into_iter().map(|m| m.user_id).collect())
})
.await??,
);
moderators.append(
&mut blocking(pool, move |conn| {
UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
})
.await??,
);
editors.extend(&moderators);
// You are allowed to mark the comment as read even if you're banned. // You are allowed to mark the comment as read even if you're banned.
if data.read.is_none() { if data.read.is_none() {
// Verify its the creator or a mod, or an admin // Verify its the creator or a mod, or an admin
let mut editors: Vec<i32> = vec![data.creator_id];
let community_id = orig_comment.community_id;
editors.append(
&mut blocking(pool, move |conn| {
Ok(
CommunityModeratorView::for_community(&conn, community_id)?
.into_iter()
.map(|m| m.user_id)
.collect(),
) as Result<_, LemmyError>
})
.await??,
);
editors.append(
&mut blocking(pool, move |conn| {
Ok(UserView::admins(conn)?.into_iter().map(|a| a.id).collect()) as Result<_, LemmyError>
})
.await??,
);
if !editors.contains(&user_id) { if !editors.contains(&user_id) {
return Err(APIError::err("no_comment_edit_allowed").into()); return Err(APIError::err("no_comment_edit_allowed").into());
@ -282,6 +282,25 @@ impl Perform for Oper<EditComment> {
if user.banned { if user.banned {
return Err(APIError::err("site_ban").into()); return Err(APIError::err("site_ban").into());
} }
} else {
// check that user can mark as read
let parent_id = orig_comment.parent_id;
match parent_id {
Some(pid) => {
let parent_comment =
blocking(pool, move |conn| CommentView::read(&conn, pid, None)).await??;
if user_id != parent_comment.creator_id {
return Err(APIError::err("no_comment_edit_allowed").into());
}
}
None => {
let parent_post_id = orig_comment.post_id;
let parent_post = blocking(pool, move |conn| Post::read(conn, parent_post_id)).await??;
if user_id != parent_post.creator_id {
return Err(APIError::err("no_comment_edit_allowed").into());
}
}
}
} }
let content_slurs_removed = remove_slurs(&data.content.to_owned()); let content_slurs_removed = remove_slurs(&data.content.to_owned());
@ -289,22 +308,45 @@ impl Perform for Oper<EditComment> {
let edit_id = data.edit_id; let edit_id = data.edit_id;
let read_comment = blocking(pool, move |conn| Comment::read(conn, edit_id)).await??; let read_comment = blocking(pool, move |conn| Comment::read(conn, edit_id)).await??;
let comment_form = CommentForm { let comment_form = {
content: content_slurs_removed, if data.read.is_none() {
parent_id: data.parent_id, // the ban etc checks should been made and have passed
post_id: data.post_id, // the comment can be properly edited
creator_id: data.creator_id, let post_removed = if moderators.contains(&user_id) {
removed: data.removed.to_owned(), data.removed
deleted: data.deleted.to_owned(), } else {
read: data.read.to_owned(), Some(read_comment.removed)
published: None, };
updated: if data.read.is_some() {
orig_comment.updated CommentForm {
content: content_slurs_removed,
parent_id: read_comment.parent_id,
post_id: read_comment.post_id,
creator_id: read_comment.creator_id,
removed: post_removed.to_owned(),
deleted: data.deleted.to_owned(),
read: Some(read_comment.read),
published: None,
updated: Some(naive_now()),
ap_id: read_comment.ap_id,
local: read_comment.local,
}
} else { } else {
Some(naive_now()) // the only field that can be updated it the read field
}, CommentForm {
ap_id: read_comment.ap_id, content: read_comment.content,
local: read_comment.local, parent_id: read_comment.parent_id,
post_id: read_comment.post_id,
creator_id: read_comment.creator_id,
removed: Some(read_comment.removed).to_owned(),
deleted: Some(read_comment.deleted).to_owned(),
read: data.read.to_owned(),
published: None,
updated: orig_comment.updated,
ap_id: read_comment.ap_id,
local: read_comment.local,
}
}
}; };
let edit_id = data.edit_id; let edit_id = data.edit_id;
@ -318,30 +360,47 @@ impl Perform for Oper<EditComment> {
Err(_e) => return Err(APIError::err("couldnt_update_comment").into()), Err(_e) => return Err(APIError::err("couldnt_update_comment").into()),
}; };
if let Some(deleted) = data.deleted.to_owned() { if data.read.is_none() {
if deleted { if let Some(deleted) = data.deleted.to_owned() {
updated_comment if deleted {
.send_delete(&user, &self.client, pool) updated_comment
.await?; .send_delete(&user, &self.client, pool)
.await?;
} else {
updated_comment
.send_undo_delete(&user, &self.client, pool)
.await?;
}
} else if let Some(removed) = data.removed.to_owned() {
if moderators.contains(&user_id) {
if removed {
updated_comment
.send_remove(&user, &self.client, pool)
.await?;
} else {
updated_comment
.send_undo_remove(&user, &self.client, pool)
.await?;
}
}
} else { } else {
updated_comment updated_comment
.send_undo_delete(&user, &self.client, pool) .send_update(&user, &self.client, pool)
.await?; .await?;
} }
} else if let Some(removed) = data.removed.to_owned() {
if removed { // Mod tables
updated_comment if moderators.contains(&user_id) {
.send_remove(&user, &self.client, pool) if let Some(removed) = data.removed.to_owned() {
.await?; let form = ModRemoveCommentForm {
} else { mod_user_id: user_id,
updated_comment comment_id: data.edit_id,
.send_undo_remove(&user, &self.client, pool) removed: Some(removed),
.await?; reason: data.reason.to_owned(),
};
blocking(pool, move |conn| ModRemoveComment::create(conn, &form)).await??;
}
} }
} else {
updated_comment
.send_update(&user, &self.client, pool)
.await?;
} }
let post_id = data.post_id; let post_id = data.post_id;
@ -350,17 +409,6 @@ impl Perform for Oper<EditComment> {
let mentions = scrape_text_for_mentions(&comment_form.content); let mentions = scrape_text_for_mentions(&comment_form.content);
let recipient_ids = send_local_notifs(mentions, updated_comment, user, post, pool).await?; let recipient_ids = send_local_notifs(mentions, updated_comment, user, post, pool).await?;
// Mod tables
if let Some(removed) = data.removed.to_owned() {
let form = ModRemoveCommentForm {
mod_user_id: user_id,
comment_id: data.edit_id,
removed: Some(removed),
reason: data.reason.to_owned(),
};
blocking(pool, move |conn| ModRemoveComment::create(conn, &form)).await??;
}
let edit_id = data.edit_id; let edit_id = data.edit_id;
let comment_view = blocking(pool, move |conn| { let comment_view = blocking(pool, move |conn| {
CommentView::read(conn, edit_id, Some(user_id)) CommentView::read(conn, edit_id, Some(user_id))

46
server/src/api/community.rs
View file

@ -392,7 +392,7 @@ impl Perform for Oper<EditCommunity> {
title: data.title.to_owned(), title: data.title.to_owned(),
description: data.description.to_owned(), description: data.description.to_owned(),
category_id: data.category_id.to_owned(), category_id: data.category_id.to_owned(),
creator_id: user_id, creator_id: read_community.creator_id,
removed: data.removed.to_owned(), removed: data.removed.to_owned(),
deleted: data.deleted.to_owned(), deleted: data.deleted.to_owned(),
nsfw: data.nsfw, nsfw: data.nsfw,
@ -652,6 +652,28 @@ impl Perform for Oper<BanFromCommunity> {
let user_id = claims.id; let user_id = claims.id;
let mut community_moderators: Vec<i32> = vec![];
let community_id = data.community_id;
community_moderators.append(
&mut blocking(pool, move |conn| {
CommunityModeratorView::for_community(&conn, community_id)
.map(|v| v.into_iter().map(|m| m.user_id).collect())
})
.await??,
);
community_moderators.append(
&mut blocking(pool, move |conn| {
UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
})
.await??,
);
if !community_moderators.contains(&user_id) {
return Err(APIError::err("couldnt_update_community").into());
}
let community_user_ban_form = CommunityUserBanForm { let community_user_ban_form = CommunityUserBanForm {
community_id: data.community_id, community_id: data.community_id,
user_id: data.user_id, user_id: data.user_id,
@ -729,6 +751,28 @@ impl Perform for Oper<AddModToCommunity> {
user_id: data.user_id, user_id: data.user_id,
}; };
let mut community_moderators: Vec<i32> = vec![];
let community_id = data.community_id;
community_moderators.append(
&mut blocking(pool, move |conn| {
CommunityModeratorView::for_community(&conn, community_id)
.map(|v| v.into_iter().map(|m| m.user_id).collect())
})
.await??,
);
community_moderators.append(
&mut blocking(pool, move |conn| {
UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
})
.await??,
);
if !community_moderators.contains(&user_id) {
return Err(APIError::err("couldnt_update_community").into());
}
if data.added { if data.added {
let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form); let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form);
if blocking(pool, join).await?.is_err() { if blocking(pool, join).await?.is_err() {

151
server/src/api/post.rs
View file

@ -540,28 +540,36 @@ impl Perform for Oper<EditPost> {
let user_id = claims.id; let user_id = claims.id;
let edit_id = data.edit_id;
let read_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??;
// Verify its the creator or a mod or admin // Verify its the creator or a mod or admin
let community_id = data.community_id; let community_id = read_post.community_id;
let mut editors: Vec<i32> = vec![data.creator_id]; let mut editors: Vec<i32> = vec![read_post.creator_id];
editors.append( let mut moderators: Vec<i32> = vec![];
moderators.append(
&mut blocking(pool, move |conn| { &mut blocking(pool, move |conn| {
CommunityModeratorView::for_community(conn, community_id) CommunityModeratorView::for_community(conn, community_id)
.map(|v| v.into_iter().map(|m| m.user_id).collect()) .map(|v| v.into_iter().map(|m| m.user_id).collect())
}) })
.await??, .await??,
); );
editors.append( moderators.append(
&mut blocking(pool, move |conn| { &mut blocking(pool, move |conn| {
UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect()) UserView::admins(conn).map(|v| v.into_iter().map(|a| a.id).collect())
}) })
.await??, .await??,
); );
editors.extend(&moderators);
if !editors.contains(&user_id) { if !editors.contains(&user_id) {
return Err(APIError::err("no_post_edit_allowed").into()); return Err(APIError::err("no_post_edit_allowed").into());
} }
// Check for a community ban // Check for a community ban
let community_id = data.community_id; let community_id = read_post.community_id;
let is_banned = let is_banned =
move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok(); move |conn: &'_ _| CommunityUserBanView::get(conn, user_id, community_id).is_ok();
if blocking(pool, is_banned).await? { if blocking(pool, is_banned).await? {
@ -578,28 +586,51 @@ impl Perform for Oper<EditPost> {
let (iframely_title, iframely_description, iframely_html, pictrs_thumbnail) = let (iframely_title, iframely_description, iframely_html, pictrs_thumbnail) =
fetch_iframely_and_pictrs_data(&self.client, data.url.to_owned()).await; fetch_iframely_and_pictrs_data(&self.client, data.url.to_owned()).await;
let edit_id = data.edit_id; let post_form = {
let read_post = blocking(pool, move |conn| Post::read(conn, edit_id)).await??; // only modify some properties if they are a moderator
if moderators.contains(&user_id) {
let post_form = PostForm { PostForm {
name: data.name.trim().to_owned(), name: data.name.trim().to_owned(),
url: data.url.to_owned(), url: data.url.to_owned(),
body: data.body.to_owned(), body: data.body.to_owned(),
creator_id: data.creator_id.to_owned(), creator_id: read_post.creator_id.to_owned(),
community_id: data.community_id, community_id: read_post.community_id,
removed: data.removed.to_owned(), removed: data.removed.to_owned(),
deleted: data.deleted.to_owned(), deleted: data.deleted.to_owned(),
nsfw: data.nsfw, nsfw: data.nsfw,
locked: data.locked.to_owned(), locked: data.locked.to_owned(),
stickied: data.stickied.to_owned(), stickied: data.stickied.to_owned(),
updated: Some(naive_now()), updated: Some(naive_now()),
embed_title: iframely_title, embed_title: iframely_title,
embed_description: iframely_description, embed_description: iframely_description,
embed_html: iframely_html, embed_html: iframely_html,
thumbnail_url: pictrs_thumbnail, thumbnail_url: pictrs_thumbnail,
ap_id: read_post.ap_id, ap_id: read_post.ap_id,
local: read_post.local, local: read_post.local,
published: None, published: None,
}
} else {
PostForm {
name: read_post.name.trim().to_owned(),
url: data.url.to_owned(),
body: data.body.to_owned(),
creator_id: read_post.creator_id.to_owned(),
community_id: read_post.community_id,
removed: Some(read_post.removed),
deleted: data.deleted.to_owned(),
nsfw: data.nsfw,
locked: Some(read_post.locked),
stickied: Some(read_post.stickied),
updated: Some(naive_now()),
embed_title: iframely_title,
embed_description: iframely_description,
embed_html: iframely_html,
thumbnail_url: pictrs_thumbnail,
ap_id: read_post.ap_id,
local: read_post.local,
published: None,
}
}
}; };
let edit_id = data.edit_id; let edit_id = data.edit_id;
@ -617,33 +648,35 @@ impl Perform for Oper<EditPost> {
} }
}; };
// Mod tables if moderators.contains(&user_id) {
if let Some(removed) = data.removed.to_owned() { // Mod tables
let form = ModRemovePostForm { if let Some(removed) = data.removed.to_owned() {
mod_user_id: user_id, let form = ModRemovePostForm {
post_id: data.edit_id, mod_user_id: user_id,
removed: Some(removed), post_id: data.edit_id,
reason: data.reason.to_owned(), removed: Some(removed),
}; reason: data.reason.to_owned(),
blocking(pool, move |conn| ModRemovePost::create(conn, &form)).await??; };
} blocking(pool, move |conn| ModRemovePost::create(conn, &form)).await??;
}
if let Some(locked) = data.locked.to_owned() { if let Some(locked) = data.locked.to_owned() {
let form = ModLockPostForm { let form = ModLockPostForm {
mod_user_id: user_id, mod_user_id: user_id,
post_id: data.edit_id, post_id: data.edit_id,
locked: Some(locked), locked: Some(locked),
}; };
blocking(pool, move |conn| ModLockPost::create(conn, &form)).await??; blocking(pool, move |conn| ModLockPost::create(conn, &form)).await??;
} }
if let Some(stickied) = data.stickied.to_owned() { if let Some(stickied) = data.stickied.to_owned() {
let form = ModStickyPostForm { let form = ModStickyPostForm {
mod_user_id: user_id, mod_user_id: user_id,
post_id: data.edit_id, post_id: data.edit_id,
stickied: Some(stickied), stickied: Some(stickied),
}; };
blocking(pool, move |conn| ModStickyPost::create(conn, &form)).await??; blocking(pool, move |conn| ModStickyPost::create(conn, &form)).await??;
}
} }
if let Some(deleted) = data.deleted.to_owned() { if let Some(deleted) = data.deleted.to_owned() {
@ -655,12 +688,14 @@ impl Perform for Oper<EditPost> {
.await?; .await?;
} }
} else if let Some(removed) = data.removed.to_owned() { } else if let Some(removed) = data.removed.to_owned() {
if removed { if moderators.contains(&user_id) {
updated_post.send_remove(&user, &self.client, pool).await?; if removed {
} else { updated_post.send_remove(&user, &self.client, pool).await?;
updated_post } else {
.send_undo_remove(&user, &self.client, pool) updated_post
.await?; .send_undo_remove(&user, &self.client, pool)
.await?;
}
} }
} else { } else {
updated_post.send_update(&user, &self.client, pool).await?; updated_post.send_update(&user, &self.client, pool).await?;

61
server/src/api/user.rs
View file

@ -880,6 +880,9 @@ impl Perform for Oper<EditUserMention> {
}; };
let user_id = claims.id; let user_id = claims.id;
if user_id != data.user_mention_id {
return Err(APIError::err("couldnt_update_comment").into());
}
let user_mention_id = data.user_mention_id; let user_mention_id = data.user_mention_id;
let user_mention = let user_mention =
@ -1310,23 +1313,35 @@ impl Perform for Oper<EditPrivateMessage> {
let content_slurs_removed = match &data.content { let content_slurs_removed = match &data.content {
Some(content) => remove_slurs(content), Some(content) => remove_slurs(content),
None => orig_private_message.content, None => orig_private_message.content.clone(),
}; };
let private_message_form = PrivateMessageForm { let private_message_form = {
content: content_slurs_removed, if data.read.is_some() {
creator_id: orig_private_message.creator_id, PrivateMessageForm {
recipient_id: orig_private_message.recipient_id, content: orig_private_message.content.to_owned(),
deleted: data.deleted.to_owned(), creator_id: orig_private_message.creator_id,
read: data.read.to_owned(), recipient_id: orig_private_message.recipient_id,
updated: if data.read.is_some() { read: data.read.to_owned(),
orig_private_message.updated updated: orig_private_message.updated,
deleted: Some(orig_private_message.deleted),
ap_id: orig_private_message.ap_id,
local: orig_private_message.local,
published: None,
}
} else { } else {
Some(naive_now()) PrivateMessageForm {
}, content: content_slurs_removed,
ap_id: orig_private_message.ap_id, creator_id: orig_private_message.creator_id,
local: orig_private_message.local, recipient_id: orig_private_message.recipient_id,
published: None, deleted: data.deleted.to_owned(),
read: Some(orig_private_message.read),
updated: Some(naive_now()),
ap_id: orig_private_message.ap_id,
local: orig_private_message.local,
published: None,
}
}
}; };
let edit_id = data.edit_id; let edit_id = data.edit_id;
@ -1339,14 +1354,20 @@ impl Perform for Oper<EditPrivateMessage> {
Err(_e) => return Err(APIError::err("couldnt_update_private_message").into()), Err(_e) => return Err(APIError::err("couldnt_update_private_message").into()),
}; };
if let Some(deleted) = data.deleted.to_owned() { if data.read.is_none() {
if deleted { if let Some(deleted) = data.deleted.to_owned() {
updated_private_message if deleted {
.send_delete(&user, &self.client, pool) updated_private_message
.await?; .send_delete(&user, &self.client, pool)
.await?;
} else {
updated_private_message
.send_undo_delete(&user, &self.client, pool)
.await?;
}
} else { } else {
updated_private_message updated_private_message
.send_undo_delete(&user, &self.client, pool) .send_update(&user, &self.client, pool)
.await?; .await?;
} }
} else { } else {

17
server/src/apub/comment.rs
View file

@ -1,16 +1,25 @@
use crate::{ use crate::{
apub::{ apub::{
activities::{populate_object_props, send_activity_to_community}, activities::{populate_object_props, send_activity_to_community},
create_apub_response, create_apub_tombstone_response, create_tombstone, fetch_webfinger_url, create_apub_response,
create_apub_tombstone_response,
create_tombstone,
fetch_webfinger_url,
fetcher::{ fetcher::{
get_or_fetch_and_insert_remote_comment, get_or_fetch_and_insert_remote_post, get_or_fetch_and_insert_remote_comment,
get_or_fetch_and_insert_remote_post,
get_or_fetch_and_upsert_remote_user, get_or_fetch_and_upsert_remote_user,
}, },
ActorType, ApubLikeableType, ApubObjectType, FromApub, ToApub, ActorType,
ApubLikeableType,
ApubObjectType,
FromApub,
ToApub,
}, },
blocking, blocking,
routes::DbPoolParam, routes::DbPoolParam,
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Create, Delete, Dislike, Like, Remove, Undo, Update}, activity::{Create, Delete, Dislike, Like, Remove, Undo, Update},

18
server/src/apub/community.rs
View file

@ -1,18 +1,28 @@
use crate::{ use crate::{
apub::{ apub::{
activities::{populate_object_props, send_activity}, activities::{populate_object_props, send_activity},
create_apub_response, create_apub_tombstone_response, create_tombstone, create_apub_response,
create_apub_tombstone_response,
create_tombstone,
extensions::group_extensions::GroupExtension, extensions::group_extensions::GroupExtension,
fetcher::get_or_fetch_and_upsert_remote_user, fetcher::get_or_fetch_and_upsert_remote_user,
get_shared_inbox, insert_activity, ActorType, FromApub, GroupExt, ToApub, get_shared_inbox,
insert_activity,
ActorType,
FromApub,
GroupExt,
ToApub,
}, },
blocking, blocking,
routes::DbPoolParam, routes::DbPoolParam,
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Accept, Announce, Delete, Remove, Undo}, activity::{Accept, Announce, Delete, Remove, Undo},
Activity, Base, BaseBox, Activity,
Base,
BaseBox,
}; };
use activitystreams_ext::Ext2; use activitystreams_ext::Ext2;
use activitystreams_new::{ use activitystreams_new::{

7
server/src/apub/fetcher.rs
View file

@ -4,7 +4,8 @@ use crate::{
blocking, blocking,
request::{retry, RecvError}, request::{retry, RecvError},
routes::nodeinfo::{NodeInfo, NodeInfoWellKnown}, routes::nodeinfo::{NodeInfo, NodeInfoWellKnown},
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::object::Note; use activitystreams::object::Note;
use activitystreams_new::{base::BaseExt, prelude::*, primitives::XsdAnyUri}; use activitystreams_new::{base::BaseExt, prelude::*, primitives::XsdAnyUri};
@ -21,7 +22,9 @@ use lemmy_db::{
post_view::PostView, post_view::PostView,
user::{UserForm, User_}, user::{UserForm, User_},
user_view::UserView, user_view::UserView,
Crud, Joinable, SearchType, Crud,
Joinable,
SearchType,
}; };
use lemmy_utils::get_apub_protocol_string; use lemmy_utils::get_apub_protocol_string;
use log::debug; use log::debug;

3
server/src/apub/mod.rs
View file

@ -19,7 +19,8 @@ use crate::{
blocking, blocking,
request::{retry, RecvError}, request::{retry, RecvError},
routes::webfinger::WebFingerResponse, routes::webfinger::WebFingerResponse,
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::object::Page; use activitystreams::object::Page;
use activitystreams_ext::{Ext1, Ext2}; use activitystreams_ext::{Ext1, Ext2};

14
server/src/apub/post.rs
View file

@ -1,14 +1,22 @@
use crate::{ use crate::{
apub::{ apub::{
activities::{populate_object_props, send_activity_to_community}, activities::{populate_object_props, send_activity_to_community},
create_apub_response, create_apub_tombstone_response, create_tombstone, create_apub_response,
create_apub_tombstone_response,
create_tombstone,
extensions::page_extension::PageExtension, extensions::page_extension::PageExtension,
fetcher::{get_or_fetch_and_upsert_remote_community, get_or_fetch_and_upsert_remote_user}, fetcher::{get_or_fetch_and_upsert_remote_community, get_or_fetch_and_upsert_remote_user},
ActorType, ApubLikeableType, ApubObjectType, FromApub, PageExt, ToApub, ActorType,
ApubLikeableType,
ApubObjectType,
FromApub,
PageExt,
ToApub,
}, },
blocking, blocking,
routes::DbPoolParam, routes::DbPoolParam,
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Create, Delete, Dislike, Like, Remove, Undo, Update}, activity::{Create, Delete, Dislike, Like, Remove, Undo, Update},

13
server/src/apub/private_message.rs
View file

@ -1,9 +1,16 @@
use crate::{ use crate::{
apub::{ apub::{
activities::send_activity, create_tombstone, fetcher::get_or_fetch_and_upsert_remote_user, activities::send_activity,
insert_activity, ApubObjectType, FromApub, ToApub, create_tombstone,
fetcher::get_or_fetch_and_upsert_remote_user,
insert_activity,
ApubObjectType,
FromApub,
ToApub,
}, },
blocking, DbPool, LemmyError, blocking,
DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Create, Delete, Undo, Update}, activity::{Create, Delete, Undo, Update},

21
server/src/apub/shared_inbox.rs
View file

@ -8,10 +8,15 @@ use crate::{
community::do_announce, community::do_announce,
extensions::signatures::verify, extensions::signatures::verify,
fetcher::{ fetcher::{
get_or_fetch_and_insert_remote_comment, get_or_fetch_and_insert_remote_post, get_or_fetch_and_insert_remote_comment,
get_or_fetch_and_upsert_remote_community, get_or_fetch_and_upsert_remote_user, get_or_fetch_and_insert_remote_post,
get_or_fetch_and_upsert_remote_community,
get_or_fetch_and_upsert_remote_user,
}, },
insert_activity, FromApub, GroupExt, PageExt, insert_activity,
FromApub,
GroupExt,
PageExt,
}, },
blocking, blocking,
routes::{ChatServerParam, DbPoolParam}, routes::{ChatServerParam, DbPoolParam},
@ -19,12 +24,15 @@ use crate::{
server::{SendComment, SendCommunityRoomMessage, SendPost}, server::{SendComment, SendCommunityRoomMessage, SendPost},
UserOperation, UserOperation,
}, },
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Announce, Create, Delete, Dislike, Like, Remove, Undo, Update}, activity::{Announce, Create, Delete, Dislike, Like, Remove, Undo, Update},
object::Note, object::Note,
Activity, Base, BaseBox, Activity,
Base,
BaseBox,
}; };
use actix_web::{client::Client, web, HttpRequest, HttpResponse}; use actix_web::{client::Client, web, HttpRequest, HttpResponse};
use lemmy_db::{ use lemmy_db::{
@ -35,7 +43,8 @@ use lemmy_db::{
naive_now, naive_now,
post::{Post, PostForm, PostLike, PostLikeForm}, post::{Post, PostForm, PostLike, PostLikeForm},
post_view::PostView, post_view::PostView,
Crud, Likeable, Crud,
Likeable,
}; };
use lemmy_utils::scrape_text_for_mentions; use lemmy_utils::scrape_text_for_mentions;
use log::debug; use log::debug;

12
server/src/apub/user.rs
View file

@ -1,12 +1,18 @@
use crate::{ use crate::{
api::claims::Claims, api::claims::Claims,
apub::{ apub::{
activities::send_activity, create_apub_response, insert_activity, ActorType, FromApub, activities::send_activity,
PersonExt, ToApub, create_apub_response,
insert_activity,
ActorType,
FromApub,
PersonExt,
ToApub,
}, },
blocking, blocking,
routes::DbPoolParam, routes::DbPoolParam,
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams_ext::Ext1; use activitystreams_ext::Ext1;
use activitystreams_new::{ use activitystreams_new::{

9
server/src/apub/user_inbox.rs
View file

@ -3,12 +3,14 @@ use crate::{
apub::{ apub::{
extensions::signatures::verify, extensions::signatures::verify,
fetcher::{get_or_fetch_and_upsert_remote_community, get_or_fetch_and_upsert_remote_user}, fetcher::{get_or_fetch_and_upsert_remote_community, get_or_fetch_and_upsert_remote_user},
insert_activity, FromApub, insert_activity,
FromApub,
}, },
blocking, blocking,
routes::{ChatServerParam, DbPoolParam}, routes::{ChatServerParam, DbPoolParam},
websocket::{server::SendUserRoomMessage, UserOperation}, websocket::{server::SendUserRoomMessage, UserOperation},
DbPool, LemmyError, DbPool,
LemmyError,
}; };
use activitystreams::{ use activitystreams::{
activity::{Accept, Create, Delete, Undo, Update}, activity::{Accept, Create, Delete, Undo, Update},
@ -21,7 +23,8 @@ use lemmy_db::{
private_message::{PrivateMessage, PrivateMessageForm}, private_message::{PrivateMessage, PrivateMessageForm},
private_message_view::PrivateMessageView, private_message_view::PrivateMessageView,
user::User_, user::User_,
Crud, Followable, Crud,
Followable,
}; };
use log::debug; use log::debug;
use serde::Deserialize; use serde::Deserialize;