mirror of
https://github.com/Nutomic/ibis.git
synced 2024-12-23 12:51:22 +00:00
Dont allow editing main page of remote instance
This commit is contained in:
parent
458c2297d2
commit
8c03ec72b1
3 changed files with 13 additions and 9 deletions
|
@ -3,6 +3,7 @@ use crate::backend::error::MyResult;
|
|||
use crate::backend::federation::objects::article::ApubArticle;
|
||||
|
||||
use crate::backend::utils::generate_activity_id;
|
||||
use crate::common::DbArticle;
|
||||
use crate::common::DbInstance;
|
||||
use activitypub_federation::kinds::activity::UpdateType;
|
||||
use activitypub_federation::{
|
||||
|
@ -11,9 +12,6 @@ use activitypub_federation::{
|
|||
protocol::helpers::deserialize_one_or_many,
|
||||
traits::{ActivityHandler, Object},
|
||||
};
|
||||
|
||||
use crate::common::validation::can_edit_article;
|
||||
use crate::common::DbArticle;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use url::Url;
|
||||
|
||||
|
@ -68,9 +66,7 @@ impl ActivityHandler for UpdateLocalArticle {
|
|||
self.actor.inner()
|
||||
}
|
||||
|
||||
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||
let article = DbArticle::read_from_ap_id(&self.object.id, &data.db_connection)?;
|
||||
can_edit_article(&article, false)?;
|
||||
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@ use crate::backend::federation::activities::update_local_article::UpdateLocalArt
|
|||
use crate::backend::federation::objects::edit::ApubEdit;
|
||||
use crate::backend::federation::send_activity;
|
||||
use crate::backend::utils::generate_activity_id;
|
||||
use crate::common::validation::can_edit_article;
|
||||
use crate::common::DbArticle;
|
||||
use crate::common::DbEdit;
|
||||
use crate::common::DbInstance;
|
||||
|
@ -72,7 +73,9 @@ impl ActivityHandler for UpdateRemoteArticle {
|
|||
self.actor.inner()
|
||||
}
|
||||
|
||||
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||
let article = DbArticle::read_from_ap_id(&self.object.object, &data.db_connection)?;
|
||||
can_edit_article(&article, false)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
|
|
@ -3,8 +3,13 @@ use anyhow::anyhow;
|
|||
use anyhow::Result;
|
||||
|
||||
pub fn can_edit_article(article: &DbArticle, is_admin: bool) -> Result<()> {
|
||||
if article.local && article.title == MAIN_PAGE_NAME && !is_admin {
|
||||
return Err(anyhow!("Only admin can edit main page"));
|
||||
if article.title == MAIN_PAGE_NAME {
|
||||
if !article.local {
|
||||
return Err(anyhow!("Cannot edit main page of remote instance"));
|
||||
}
|
||||
if article.local && !is_admin {
|
||||
return Err(anyhow!("Only admin can edit main page"));
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue