mirror of
https://github.com/Nutomic/ibis.git
synced 2024-11-22 15:51:09 +00:00
Dont allow editing main page of remote instance
This commit is contained in:
parent
458c2297d2
commit
8c03ec72b1
3 changed files with 13 additions and 9 deletions
|
@ -3,6 +3,7 @@ use crate::backend::error::MyResult;
|
||||||
use crate::backend::federation::objects::article::ApubArticle;
|
use crate::backend::federation::objects::article::ApubArticle;
|
||||||
|
|
||||||
use crate::backend::utils::generate_activity_id;
|
use crate::backend::utils::generate_activity_id;
|
||||||
|
use crate::common::DbArticle;
|
||||||
use crate::common::DbInstance;
|
use crate::common::DbInstance;
|
||||||
use activitypub_federation::kinds::activity::UpdateType;
|
use activitypub_federation::kinds::activity::UpdateType;
|
||||||
use activitypub_federation::{
|
use activitypub_federation::{
|
||||||
|
@ -11,9 +12,6 @@ use activitypub_federation::{
|
||||||
protocol::helpers::deserialize_one_or_many,
|
protocol::helpers::deserialize_one_or_many,
|
||||||
traits::{ActivityHandler, Object},
|
traits::{ActivityHandler, Object},
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::common::validation::can_edit_article;
|
|
||||||
use crate::common::DbArticle;
|
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use url::Url;
|
use url::Url;
|
||||||
|
|
||||||
|
@ -68,9 +66,7 @@ impl ActivityHandler for UpdateLocalArticle {
|
||||||
self.actor.inner()
|
self.actor.inner()
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||||
let article = DbArticle::read_from_ap_id(&self.object.id, &data.db_connection)?;
|
|
||||||
can_edit_article(&article, false)?;
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,7 @@ use crate::backend::federation::activities::update_local_article::UpdateLocalArt
|
||||||
use crate::backend::federation::objects::edit::ApubEdit;
|
use crate::backend::federation::objects::edit::ApubEdit;
|
||||||
use crate::backend::federation::send_activity;
|
use crate::backend::federation::send_activity;
|
||||||
use crate::backend::utils::generate_activity_id;
|
use crate::backend::utils::generate_activity_id;
|
||||||
|
use crate::common::validation::can_edit_article;
|
||||||
use crate::common::DbArticle;
|
use crate::common::DbArticle;
|
||||||
use crate::common::DbEdit;
|
use crate::common::DbEdit;
|
||||||
use crate::common::DbInstance;
|
use crate::common::DbInstance;
|
||||||
|
@ -72,7 +73,9 @@ impl ActivityHandler for UpdateRemoteArticle {
|
||||||
self.actor.inner()
|
self.actor.inner()
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn verify(&self, _data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
|
||||||
|
let article = DbArticle::read_from_ap_id(&self.object.object, &data.db_connection)?;
|
||||||
|
can_edit_article(&article, false)?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,8 +3,13 @@ use anyhow::anyhow;
|
||||||
use anyhow::Result;
|
use anyhow::Result;
|
||||||
|
|
||||||
pub fn can_edit_article(article: &DbArticle, is_admin: bool) -> Result<()> {
|
pub fn can_edit_article(article: &DbArticle, is_admin: bool) -> Result<()> {
|
||||||
if article.local && article.title == MAIN_PAGE_NAME && !is_admin {
|
if article.title == MAIN_PAGE_NAME {
|
||||||
|
if !article.local {
|
||||||
|
return Err(anyhow!("Cannot edit main page of remote instance"));
|
||||||
|
}
|
||||||
|
if article.local && !is_admin {
|
||||||
return Err(anyhow!("Only admin can edit main page"));
|
return Err(anyhow!("Only admin can edit main page"));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue