Merge pull request #1201 from LemmyNet/verify-activity-domains

Add method verify_activity_domains_valid() (ref #1196)
This commit is contained in:
Dessalines 2020-10-15 11:15:25 -04:00 committed by GitHub
commit a2df2b12e2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 162 additions and 139 deletions

View file

@ -597,7 +597,7 @@ Sent to: User
"type": "Delete", "type": "Delete",
"actor": "https://ds9.lemmy.ml/u/sisko", "actor": "https://ds9.lemmy.ml/u/sisko",
"to": "https://enterprise.lemmy.ml/u/riker/inbox", "to": "https://enterprise.lemmy.ml/u/riker/inbox",
"object": "https://enterprise.lemmy.ml/private_message/341" "object": "https://ds9.lemmy.ml/private_message/341"
} }
``` ```

View file

@ -4,7 +4,8 @@ use crate::{
}; };
use activitystreams::{ use activitystreams::{
activity::{ActorAndObjectRef, ActorAndObjectRefExt}, activity::{ActorAndObjectRef, ActorAndObjectRefExt},
base::{AsBase, Extends, ExtendsExt}, base::{AsBase, BaseExt, Extends, ExtendsExt},
error::DomainError,
object::{AsObject, ObjectExt}, object::{AsObject, ObjectExt},
}; };
use actix_web::HttpResponse; use actix_web::HttpResponse;
@ -121,3 +122,36 @@ pub(crate) async fn find_by_id(
return Err(NotFound.into()); return Err(NotFound.into());
} }
pub(crate) fn verify_activity_domains_valid<T, Kind>(
activity: &T,
actor_id: Url,
object_domain_must_match: bool,
) -> Result<(), LemmyError>
where
T: AsBase<Kind> + ActorAndObjectRef,
{
let expected_domain = actor_id.domain().context(location_info!())?;
activity.id(expected_domain)?;
let object_id = match activity.object().to_owned().single_xsd_any_uri() {
// object is just an ID
Some(id) => id,
// object is something like an activity, a comment or a post
None => activity
.object()
.to_owned()
.one()
.context(location_info!())?
.id()
.context(location_info!())?
.to_owned(),
};
if object_domain_must_match && object_id.domain() != Some(expected_domain) {
return Err(DomainError.into());
}
Ok(())
}

View file

@ -63,7 +63,7 @@ pub async fn sign_and_send(
Ok(response) Ok(response)
} }
pub fn verify(request: &HttpRequest, actor: &dyn ActorType) -> Result<(), LemmyError> { pub fn verify_signature(request: &HttpRequest, actor: &dyn ActorType) -> Result<(), LemmyError> {
let public_key = actor.public_key().context(location_info!())?; let public_key = actor.public_key().context(location_info!())?;
let verified = CONFIG2 let verified = CONFIG2
.begin_verify( .begin_verify(

View file

@ -93,7 +93,7 @@ pub async fn search_by_apub_id(
) -> Result<SearchResponse, LemmyError> { ) -> Result<SearchResponse, LemmyError> {
// Parse the shorthand query url // Parse the shorthand query url
let query_url = if query.contains('@') { let query_url = if query.contains('@') {
debug!("{}", query); debug!("Search for {}", query);
let split = query.split('@').collect::<Vec<&str>>(); let split = query.split('@').collect::<Vec<&str>>();
// User type will look like ['', username, instance] // User type will look like ['', username, instance]

View file

@ -1,6 +1,7 @@
use crate::{ use crate::{
activities::receive::verify_activity_domains_valid,
check_is_apub_id_valid, check_is_apub_id_valid,
extensions::signatures::verify, extensions::signatures::verify_signature,
fetcher::get_or_fetch_and_upsert_user, fetcher::get_or_fetch_and_upsert_user,
insert_activity, insert_activity,
ActorType, ActorType,
@ -48,15 +49,15 @@ pub async fn community_inbox(
}) })
.await??; .await??;
if !community.local { let to = activity
return Err( .to()
anyhow!( .context(location_info!())?
"Received activity is addressed to remote community {}", .to_owned()
&community.actor_id .single_xsd_any_uri();
) if Some(community.actor_id()?) != to {
.into(), return Err(anyhow!("Activity delivered to wrong community").into());
);
} }
info!( info!(
"Community {} received activity {:?}", "Community {} received activity {:?}",
&community.name, &activity &community.name, &activity
@ -75,7 +76,7 @@ pub async fn community_inbox(
let user = get_or_fetch_and_upsert_user(&user_uri, &context).await?; let user = get_or_fetch_and_upsert_user(&user_uri, &context).await?;
verify(&request, &user)?; verify_signature(&request, &user)?;
let any_base = activity.clone().into_any_base()?; let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?; let kind = activity.kind().context(location_info!())?;
@ -98,6 +99,8 @@ async fn handle_follow(
context: &LemmyContext, context: &LemmyContext,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let follow = Follow::from_any_base(activity)?.context(location_info!())?; let follow = Follow::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&follow, user.actor_id()?, false)?;
let community_follower_form = CommunityFollowerForm { let community_follower_form = CommunityFollowerForm {
community_id: community.id, community_id: community.id,
user_id: user.id, user_id: user.id,
@ -120,7 +123,12 @@ async fn handle_undo_follow(
community: Community, community: Community,
context: &LemmyContext, context: &LemmyContext,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let _undo = Undo::from_any_base(activity)?.context(location_info!())?; let undo = Undo::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&undo, user.actor_id()?, true)?;
let object = undo.object().to_owned().one().context(location_info!())?;
let follow = Follow::from_any_base(object)?.context(location_info!())?;
verify_activity_domains_valid(&follow, user.actor_id()?, false)?;
let community_follower_form = CommunityFollowerForm { let community_follower_form = CommunityFollowerForm {
community_id: community.id, community_id: community.id,

View file

@ -10,7 +10,7 @@ use crate::{
update::receive_update, update::receive_update,
}, },
check_is_apub_id_valid, check_is_apub_id_valid,
extensions::signatures::verify, extensions::signatures::verify_signature,
fetcher::get_or_fetch_and_upsert_actor, fetcher::get_or_fetch_and_upsert_actor,
insert_activity, insert_activity,
}; };
@ -62,7 +62,7 @@ pub async fn shared_inbox(
check_is_apub_id_valid(&actor)?; check_is_apub_id_valid(&actor)?;
let actor = get_or_fetch_and_upsert_actor(&actor, &context).await?; let actor = get_or_fetch_and_upsert_actor(&actor, &context).await?;
verify(&request, actor.as_ref())?; verify_signature(&request, actor.as_ref())?;
let any_base = activity.clone().into_any_base()?; let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?; let kind = activity.kind().context(location_info!())?;

View file

@ -1,19 +1,20 @@
use crate::{ use crate::{
activities::receive::verify_activity_domains_valid,
check_is_apub_id_valid, check_is_apub_id_valid,
extensions::signatures::verify, extensions::signatures::verify_signature,
fetcher::{get_or_fetch_and_upsert_actor, get_or_fetch_and_upsert_community}, fetcher::{get_or_fetch_and_upsert_actor, get_or_fetch_and_upsert_community},
insert_activity, insert_activity,
ActorType,
FromApub, FromApub,
}; };
use activitystreams::{ use activitystreams::{
activity::{Accept, ActorAndObject, Create, Delete, Undo, Update}, activity::{Accept, ActorAndObject, Create, Delete, Follow, Undo, Update},
base::AnyBase, base::AnyBase,
error::DomainError,
object::Note, object::Note,
prelude::*, prelude::*,
}; };
use actix_web::{web, HttpRequest, HttpResponse}; use actix_web::{web, HttpRequest, HttpResponse};
use anyhow::Context; use anyhow::{anyhow, Context};
use lemmy_db::{ use lemmy_db::{
community::{CommunityFollower, CommunityFollowerForm}, community::{CommunityFollower, CommunityFollowerForm},
private_message::{PrivateMessage, PrivateMessageForm}, private_message::{PrivateMessage, PrivateMessageForm},
@ -50,6 +51,19 @@ pub async fn user_inbox(
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let activity = input.into_inner(); let activity = input.into_inner();
let username = path.into_inner(); let username = path.into_inner();
let user = blocking(&context.pool(), move |conn| {
User_::read_from_name(&conn, &username)
})
.await??;
let to = activity
.to()
.context(location_info!())?
.to_owned()
.single_xsd_any_uri();
if Some(user.actor_id()?) != to {
return Err(anyhow!("Activity delivered to wrong user").into());
}
let actor_uri = activity let actor_uri = activity
.actor()? .actor()?
@ -57,7 +71,7 @@ pub async fn user_inbox(
.context(location_info!())?; .context(location_info!())?;
debug!( debug!(
"User {} inbox received activity {:?} from {}", "User {} inbox received activity {:?} from {}",
username, user.name,
&activity.id_unchecked(), &activity.id_unchecked(),
&actor_uri &actor_uri
); );
@ -65,16 +79,18 @@ pub async fn user_inbox(
check_is_apub_id_valid(actor_uri)?; check_is_apub_id_valid(actor_uri)?;
let actor = get_or_fetch_and_upsert_actor(actor_uri, &context).await?; let actor = get_or_fetch_and_upsert_actor(actor_uri, &context).await?;
verify(&request, actor.as_ref())?; verify_signature(&request, actor.as_ref())?;
let any_base = activity.clone().into_any_base()?; let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?; let kind = activity.kind().context(location_info!())?;
let res = match kind { let res = match kind {
ValidTypes::Accept => receive_accept(any_base, username, &context).await, ValidTypes::Accept => receive_accept(&context, any_base, actor.as_ref(), user).await,
ValidTypes::Create => receive_create_private_message(any_base, &context).await, ValidTypes::Create => receive_create_private_message(&context, any_base, actor.as_ref()).await,
ValidTypes::Update => receive_update_private_message(any_base, &context).await, ValidTypes::Update => receive_update_private_message(&context, any_base, actor.as_ref()).await,
ValidTypes::Delete => receive_delete_private_message(any_base, &context).await, ValidTypes::Delete => receive_delete_private_message(&context, any_base, actor.as_ref()).await,
ValidTypes::Undo => receive_undo_delete_private_message(any_base, &context).await, ValidTypes::Undo => {
receive_undo_delete_private_message(&context, any_base, actor.as_ref()).await
}
}; };
insert_activity(actor.user_id(), activity.clone(), false, context.pool()).await?; insert_activity(actor.user_id(), activity.clone(), false, context.pool()).await?;
@ -83,11 +99,20 @@ pub async fn user_inbox(
/// Handle accepted follows. /// Handle accepted follows.
async fn receive_accept( async fn receive_accept(
activity: AnyBase,
username: String,
context: &LemmyContext, context: &LemmyContext,
activity: AnyBase,
actor: &dyn ActorType,
user: User_,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let accept = Accept::from_any_base(activity)?.context(location_info!())?; let accept = Accept::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&accept, actor.actor_id()?, false)?;
// TODO: we should check that we actually sent this activity, because the remote instance
// could just put a fake Follow
let object = accept.object().to_owned().one().context(location_info!())?;
let follow = Follow::from_any_base(object)?.context(location_info!())?;
verify_activity_domains_valid(&follow, user.actor_id()?, false)?;
let community_uri = accept let community_uri = accept
.actor()? .actor()?
.to_owned() .to_owned()
@ -96,11 +121,6 @@ async fn receive_accept(
let community = get_or_fetch_and_upsert_community(&community_uri, context).await?; let community = get_or_fetch_and_upsert_community(&community_uri, context).await?;
let user = blocking(&context.pool(), move |conn| {
User_::read_from_name(conn, &username)
})
.await??;
// Now you need to add this to the community follower // Now you need to add this to the community follower
let community_follower_form = CommunityFollowerForm { let community_follower_form = CommunityFollowerForm {
community_id: community.id, community_id: community.id,
@ -113,15 +133,17 @@ async fn receive_accept(
}) })
.await?; .await?;
// TODO: make sure that we actually requested a follow
Ok(HttpResponse::Ok().finish()) Ok(HttpResponse::Ok().finish())
} }
async fn receive_create_private_message( async fn receive_create_private_message(
activity: AnyBase,
context: &LemmyContext, context: &LemmyContext,
activity: AnyBase,
actor: &dyn ActorType,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let create = Create::from_any_base(activity)?.context(location_info!())?; let create = Create::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&create, actor.actor_id()?, true)?;
let note = Note::from_any_base( let note = Note::from_any_base(
create create
.object() .object()
@ -131,18 +153,8 @@ async fn receive_create_private_message(
)? )?
.context(location_info!())?; .context(location_info!())?;
let actor = create let private_message =
.actor()? PrivateMessageForm::from_apub(&note, context, Some(actor.actor_id()?)).await?;
.to_owned()
.single_xsd_any_uri()
.context(location_info!())?;
let domain = Some(
create
.id(actor.domain().context(location_info!())?)?
.context(location_info!())?
.to_owned(),
);
let private_message = PrivateMessageForm::from_apub(&note, context, domain).await?;
let inserted_private_message = blocking(&context.pool(), move |conn| { let inserted_private_message = blocking(&context.pool(), move |conn| {
PrivateMessage::create(conn, &private_message) PrivateMessage::create(conn, &private_message)
@ -169,31 +181,22 @@ async fn receive_create_private_message(
} }
async fn receive_update_private_message( async fn receive_update_private_message(
activity: AnyBase,
context: &LemmyContext, context: &LemmyContext,
activity: AnyBase,
actor: &dyn ActorType,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let update = Update::from_any_base(activity)?.context(location_info!())?; let update = Update::from_any_base(activity)?.context(location_info!())?;
let note = Note::from_any_base( verify_activity_domains_valid(&update, actor.actor_id()?, true)?;
update
let object = update
.object() .object()
.as_one() .as_one()
.context(location_info!())? .context(location_info!())?
.to_owned(), .to_owned();
)? let note = Note::from_any_base(object)?.context(location_info!())?;
.context(location_info!())?;
let actor = update let private_message_form =
.actor()? PrivateMessageForm::from_apub(&note, context, Some(actor.actor_id()?)).await?;
.to_owned()
.single_xsd_any_uri()
.context(location_info!())?;
let domain = Some(
update
.id(actor.domain().context(location_info!())?)?
.context(location_info!())?
.to_owned(),
);
let private_message_form = PrivateMessageForm::from_apub(&note, context, domain).await?;
let private_message_ap_id = private_message_form let private_message_ap_id = private_message_form
.ap_id .ap_id
@ -232,27 +235,18 @@ async fn receive_update_private_message(
} }
async fn receive_delete_private_message( async fn receive_delete_private_message(
activity: AnyBase,
context: &LemmyContext, context: &LemmyContext,
activity: AnyBase,
actor: &dyn ActorType,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let delete = Delete::from_any_base(activity)?.context(location_info!())?; let delete = Delete::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&delete, actor.actor_id()?, true)?;
let private_message_id = delete let private_message_id = delete
.object() .object()
.to_owned() .to_owned()
.single_xsd_any_uri() .single_xsd_any_uri()
.context(location_info!())?; .context(location_info!())?;
let actor = delete
.actor()?
.to_owned()
.single_xsd_any_uri()
.context(location_info!())?;
let delete_id = delete
.id(actor.domain().context(location_info!())?)?
.map(|i| i.domain())
.flatten();
if private_message_id.domain() != delete_id {
return Err(DomainError.into());
}
let private_message = blocking(context.pool(), move |conn| { let private_message = blocking(context.pool(), move |conn| {
PrivateMessage::read_from_apub_id(conn, private_message_id.as_str()) PrivateMessage::read_from_apub_id(conn, private_message_id.as_str())
}) })
@ -280,30 +274,21 @@ async fn receive_delete_private_message(
} }
async fn receive_undo_delete_private_message( async fn receive_undo_delete_private_message(
activity: AnyBase,
context: &LemmyContext, context: &LemmyContext,
activity: AnyBase,
actor: &dyn ActorType,
) -> Result<HttpResponse, LemmyError> { ) -> Result<HttpResponse, LemmyError> {
let undo = Undo::from_any_base(activity)?.context(location_info!())?; let undo = Undo::from_any_base(activity)?.context(location_info!())?;
let delete = Delete::from_any_base(undo.object().as_one().context(location_info!())?.to_owned())? verify_activity_domains_valid(&undo, actor.actor_id()?, true)?;
.context(location_info!())?; let object = undo.object().to_owned().one().context(location_info!())?;
let delete = Delete::from_any_base(object)?.context(location_info!())?;
verify_activity_domains_valid(&delete, actor.actor_id()?, true)?;
let private_message_id = delete let private_message_id = delete
.object() .object()
.to_owned() .to_owned()
.single_xsd_any_uri() .single_xsd_any_uri()
.context(location_info!())?; .context(location_info!())?;
let actor = undo
.actor()?
.to_owned()
.single_xsd_any_uri()
.context(location_info!())?;
let undo_id = undo
.id(actor.domain().context(location_info!())?)?
.map(|i| i.domain())
.flatten();
if private_message_id.domain() != undo_id {
return Err(DomainError.into());
}
let private_message = blocking(context.pool(), move |conn| { let private_message = blocking(context.pool(), move |conn| {
PrivateMessage::read_from_apub_id(conn, private_message_id.as_str()) PrivateMessage::read_from_apub_id(conn, private_message_id.as_str())
}) })
@ -319,9 +304,7 @@ async fn receive_undo_delete_private_message(
.await??; .await??;
let res = PrivateMessageResponse { message }; let res = PrivateMessageResponse { message };
let recipient_id = res.message.recipient_id; let recipient_id = res.message.recipient_id;
context.chat_server().do_send(SendUserRoomMessage { context.chat_server().do_send(SendUserRoomMessage {
op: UserOperation::EditPrivateMessage, op: UserOperation::EditPrivateMessage,
response: res, response: res,

View file

@ -17,10 +17,8 @@ use crate::extensions::{
use activitystreams::{ use activitystreams::{
activity::Follow, activity::Follow,
actor::{ApActor, Group, Person}, actor::{ApActor, Group, Person},
base::{AnyBase, AsBase}, base::AnyBase,
markers::Base,
object::{Page, Tombstone}, object::{Page, Tombstone},
prelude::*,
}; };
use activitystreams_ext::{Ext1, Ext2}; use activitystreams_ext::{Ext1, Ext2};
use anyhow::{anyhow, Context}; use anyhow::{anyhow, Context};
@ -132,24 +130,6 @@ pub trait ApubObjectType {
async fn send_undo_remove(&self, mod_: &User_, context: &LemmyContext) -> Result<(), LemmyError>; async fn send_undo_remove(&self, mod_: &User_, context: &LemmyContext) -> Result<(), LemmyError>;
} }
pub(in crate) fn check_actor_domain<T, Kind>(
apub: &T,
expected_domain: Option<Url>,
) -> Result<String, LemmyError>
where
T: Base + AsBase<Kind>,
{
let actor_id = if let Some(url) = expected_domain {
let domain = url.domain().context(location_info!())?;
apub.id(domain)?.context(location_info!())?
} else {
let actor_id = apub.id_unchecked().context(location_info!())?;
check_is_apub_id_valid(&actor_id)?;
actor_id
};
Ok(actor_id.to_string())
}
#[async_trait::async_trait(?Send)] #[async_trait::async_trait(?Send)]
pub trait ApubLikeableType { pub trait ApubLikeableType {
async fn send_like(&self, creator: &User_, context: &LemmyContext) -> Result<(), LemmyError>; async fn send_like(&self, creator: &User_, context: &LemmyContext) -> Result<(), LemmyError>;

View file

@ -1,11 +1,10 @@
use crate::{ use crate::{
check_actor_domain,
fetcher::{ fetcher::{
get_or_fetch_and_insert_comment, get_or_fetch_and_insert_comment,
get_or_fetch_and_insert_post, get_or_fetch_and_insert_post,
get_or_fetch_and_upsert_user, get_or_fetch_and_upsert_user,
}, },
objects::create_tombstone, objects::{check_object_domain, create_tombstone},
FromApub, FromApub,
ToApub, ToApub,
}; };
@ -140,7 +139,7 @@ impl FromApub for CommentForm {
published: note.published().map(|u| u.to_owned().naive_local()), published: note.published().map(|u| u.to_owned().naive_local()),
updated: note.updated().map(|u| u.to_owned().naive_local()), updated: note.updated().map(|u| u.to_owned().naive_local()),
deleted: None, deleted: None,
ap_id: Some(check_actor_domain(note, expected_domain)?), ap_id: Some(check_object_domain(note, expected_domain)?),
local: false, local: false,
}) })
} }

View file

@ -1,8 +1,7 @@
use crate::{ use crate::{
check_actor_domain,
extensions::group_extensions::GroupExtension, extensions::group_extensions::GroupExtension,
fetcher::get_or_fetch_and_upsert_user, fetcher::get_or_fetch_and_upsert_user,
objects::create_tombstone, objects::{check_object_domain, create_tombstone},
ActorType, ActorType,
FromApub, FromApub,
GroupExt, GroupExt,
@ -189,7 +188,7 @@ impl FromApub for CommunityForm {
updated: group.inner.updated().map(|u| u.to_owned().naive_local()), updated: group.inner.updated().map(|u| u.to_owned().naive_local()),
deleted: None, deleted: None,
nsfw: group.ext_one.sensitive, nsfw: group.ext_one.sensitive,
actor_id: Some(check_actor_domain(group, expected_domain)?), actor_id: Some(check_object_domain(group, expected_domain)?),
local: false, local: false,
private_key: None, private_key: None,
public_key: Some(group.ext_two.to_owned().public_key.public_key_pem), public_key: Some(group.ext_two.to_owned().public_key.public_key_pem),

View file

@ -1,10 +1,13 @@
use crate::check_is_apub_id_valid;
use activitystreams::{ use activitystreams::{
base::BaseExt, base::{AsBase, BaseExt},
markers::Base,
object::{Tombstone, TombstoneExt}, object::{Tombstone, TombstoneExt},
}; };
use anyhow::anyhow; use anyhow::{anyhow, Context};
use chrono::NaiveDateTime; use chrono::NaiveDateTime;
use lemmy_utils::{utils::convert_datetime, LemmyError}; use lemmy_utils::{location_info, utils::convert_datetime, LemmyError};
use url::Url;
pub mod comment; pub mod comment;
pub mod community; pub mod community;
@ -36,3 +39,22 @@ where
Err(anyhow!("Cant convert object to tombstone if it wasnt deleted").into()) Err(anyhow!("Cant convert object to tombstone if it wasnt deleted").into())
} }
} }
pub(in crate::objects) fn check_object_domain<T, Kind>(
apub: &T,
expected_domain: Option<Url>,
) -> Result<String, LemmyError>
where
T: Base + AsBase<Kind>,
{
let actor_id = if let Some(url) = expected_domain {
check_is_apub_id_valid(&url)?;
let domain = url.domain().context(location_info!())?;
apub.id(domain)?.context(location_info!())?
} else {
let actor_id = apub.id_unchecked().context(location_info!())?;
check_is_apub_id_valid(&actor_id)?;
actor_id
};
Ok(actor_id.to_string())
}

View file

@ -1,8 +1,7 @@
use crate::{ use crate::{
check_actor_domain,
extensions::page_extension::PageExtension, extensions::page_extension::PageExtension,
fetcher::{get_or_fetch_and_upsert_community, get_or_fetch_and_upsert_user}, fetcher::{get_or_fetch_and_upsert_community, get_or_fetch_and_upsert_user},
objects::create_tombstone, objects::{check_object_domain, create_tombstone},
FromApub, FromApub,
PageExt, PageExt,
ToApub, ToApub,
@ -193,7 +192,7 @@ impl FromApub for PostForm {
embed_description: iframely_description, embed_description: iframely_description,
embed_html: iframely_html, embed_html: iframely_html,
thumbnail_url: pictrs_thumbnail, thumbnail_url: pictrs_thumbnail,
ap_id: Some(check_actor_domain(page, expected_domain)?), ap_id: Some(check_object_domain(page, expected_domain)?),
local: false, local: false,
}) })
} }

View file

@ -1,8 +1,7 @@
use crate::{ use crate::{
check_actor_domain,
check_is_apub_id_valid, check_is_apub_id_valid,
fetcher::get_or_fetch_and_upsert_user, fetcher::get_or_fetch_and_upsert_user,
objects::create_tombstone, objects::{check_object_domain, create_tombstone},
FromApub, FromApub,
ToApub, ToApub,
}; };
@ -96,7 +95,7 @@ impl FromApub for PrivateMessageForm {
updated: note.updated().map(|u| u.to_owned().naive_local()), updated: note.updated().map(|u| u.to_owned().naive_local()),
deleted: None, deleted: None,
read: None, read: None,
ap_id: Some(check_actor_domain(note, expected_domain)?), ap_id: Some(check_object_domain(note, expected_domain)?),
local: false, local: false,
}) })
} }

View file

@ -1,4 +1,4 @@
use crate::{check_actor_domain, ActorType, FromApub, PersonExt, ToApub}; use crate::{objects::check_object_domain, ActorType, FromApub, PersonExt, ToApub};
use activitystreams::{ use activitystreams::{
actor::{ApActor, Endpoints, Person}, actor::{ApActor, Endpoints, Person},
object::{Image, Tombstone}, object::{Image, Tombstone},
@ -145,7 +145,7 @@ impl FromApub for UserForm {
show_avatars: false, show_avatars: false,
send_notifications_to_email: false, send_notifications_to_email: false,
matrix_user_id: None, matrix_user_id: None,
actor_id: Some(check_actor_domain(person, expected_domain)?), actor_id: Some(check_object_domain(person, expected_domain)?),
bio: Some(bio), bio: Some(bio),
local: false, local: false,
private_key: None, private_key: None,