Allow remot moderators to do Remove/Post and Remove/Comment

This commit is contained in:
Felix Ableitner 2021-03-16 18:06:59 +01:00
parent de14636e10
commit be00f63fb2
2 changed files with 26 additions and 14 deletions

View file

@ -281,7 +281,6 @@ pub(in crate::inbox) async fn receive_undo_for_community(
let undo = Undo::from_any_base(activity)?.context(location_info!())?; let undo = Undo::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&undo, &expected_domain.to_owned(), true)?; verify_activity_domains_valid(&undo, &expected_domain.to_owned(), true)?;
verify_is_addressed_to_public(&undo)?; verify_is_addressed_to_public(&undo)?;
verify_modification_actor_instance(&undo, &announce, context).await?;
use UndoableActivities::*; use UndoableActivities::*;
match undo match undo
@ -290,7 +289,9 @@ pub(in crate::inbox) async fn receive_undo_for_community(
.and_then(|s| s.parse().ok()) .and_then(|s| s.parse().ok())
{ {
Some(Delete) => receive_undo_delete_for_community(context, undo, expected_domain).await, Some(Delete) => receive_undo_delete_for_community(context, undo, expected_domain).await,
Some(Remove) => receive_undo_remove_for_community(context, undo, expected_domain).await, Some(Remove) => {
receive_undo_remove_for_community(context, undo, announce, expected_domain).await
}
Some(Like) => { Some(Like) => {
receive_undo_like_for_community(context, undo, expected_domain, request_counter).await receive_undo_like_for_community(context, undo, expected_domain, request_counter).await
} }
@ -329,12 +330,14 @@ pub(in crate::inbox) async fn receive_undo_delete_for_community(
pub(in crate::inbox) async fn receive_undo_remove_for_community( pub(in crate::inbox) async fn receive_undo_remove_for_community(
context: &LemmyContext, context: &LemmyContext,
undo: Undo, undo: Undo,
announce: Option<Announce>,
expected_domain: &Url, expected_domain: &Url,
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
let remove = Remove::from_any_base(undo.object().to_owned().one().context(location_info!())?)? let remove = Remove::from_any_base(undo.object().to_owned().one().context(location_info!())?)?
.context(location_info!())?; .context(location_info!())?;
verify_activity_domains_valid(&remove, &expected_domain, false)?; verify_activity_domains_valid(&remove, &expected_domain, false)?;
verify_is_addressed_to_public(&remove)?; verify_is_addressed_to_public(&remove)?;
verify_undo_remove_actor_instance(&undo, &remove, &announce, context).await?;
let object = remove let object = remove
.object() .object()
@ -573,7 +576,7 @@ where
Ok(()) Ok(())
} }
/// For activities like Update, Delete or Undo, check that the actor is from the same instance /// For activities like Update, Delete or Remove, check that the actor is from the same instance
/// as the original object itself (or is a remote mod). /// as the original object itself (or is a remote mod).
/// ///
/// Note: This is only needed for mod actions. Normal user actions (edit post, undo vote etc) are /// Note: This is only needed for mod actions. Normal user actions (edit post, undo vote etc) are
@ -608,3 +611,21 @@ where
Ok(()) Ok(())
} }
pub(crate) async fn verify_undo_remove_actor_instance<T, Kind>(
undo: &Undo,
inner: &T,
announce: &Option<Announce>,
context: &LemmyContext,
) -> Result<(), LemmyError>
where
T: ActorAndObjectRef + BaseExt<Kind> + AsObject<Kind>,
{
if announce.is_none() {
let community = extract_community_from_cc(undo, context).await?;
verify_mod_activity(undo, announce.to_owned(), &community, context).await?;
verify_mod_activity(inner, announce.to_owned(), &community, context).await?;
}
Ok(())
}

View file

@ -1,6 +1,5 @@
use crate::{ use crate::{
activities::receive::{ activities::receive::{
comment::{receive_create_comment, receive_update_comment},
community::{ community::{
receive_delete_community, receive_delete_community,
receive_remove_community, receive_remove_community,
@ -335,12 +334,8 @@ async fn receive_create(
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
let create = Create::from_any_base(activity)?.context(location_info!())?; let create = Create::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&create, &expected_domain, true)?; verify_activity_domains_valid(&create, &expected_domain, true)?;
if verify_is_addressed_to_public(&create).is_ok() {
receive_create_comment(create, context, request_counter).await
} else {
receive_create_private_message(&context, create, expected_domain, request_counter).await receive_create_private_message(&context, create, expected_domain, request_counter).await
} }
}
async fn receive_update( async fn receive_update(
context: &LemmyContext, context: &LemmyContext,
@ -350,12 +345,8 @@ async fn receive_update(
) -> Result<(), LemmyError> { ) -> Result<(), LemmyError> {
let update = Update::from_any_base(activity)?.context(location_info!())?; let update = Update::from_any_base(activity)?.context(location_info!())?;
verify_activity_domains_valid(&update, &expected_domain, true)?; verify_activity_domains_valid(&update, &expected_domain, true)?;
if verify_is_addressed_to_public(&update).is_ok() {
receive_update_comment(update, context, request_counter).await
} else {
receive_update_private_message(&context, update, expected_domain, request_counter).await receive_update_private_message(&context, update, expected_domain, request_counter).await
} }
}
async fn receive_delete( async fn receive_delete(
context: &LemmyContext, context: &LemmyContext,