2020-05-05 12:17:47 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-13 06:49:20 +00:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2020-05-05 12:17:47 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Web.ActivityPub.ObjectValidators.UndoValidator do
|
|
|
|
use Ecto.Schema
|
|
|
|
|
|
|
|
alias Pleroma.Activity
|
2021-06-30 06:14:34 +00:00
|
|
|
alias Pleroma.User
|
2020-05-05 12:17:47 +00:00
|
|
|
|
|
|
|
import Ecto.Changeset
|
|
|
|
import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
|
|
|
|
|
|
|
|
@primary_key false
|
|
|
|
|
|
|
|
embedded_schema do
|
2021-04-01 11:26:32 +00:00
|
|
|
quote do
|
|
|
|
unquote do
|
|
|
|
import Elixir.Pleroma.Web.ActivityPub.ObjectValidators.CommonFields
|
|
|
|
message_fields()
|
|
|
|
activity_fields()
|
|
|
|
end
|
|
|
|
end
|
2020-05-05 12:17:47 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def cast_and_validate(data) do
|
|
|
|
data
|
|
|
|
|> cast_data()
|
|
|
|
|> validate_data()
|
|
|
|
end
|
|
|
|
|
|
|
|
def cast_data(data) do
|
|
|
|
%__MODULE__{}
|
|
|
|
|> changeset(data)
|
|
|
|
end
|
|
|
|
|
|
|
|
def changeset(struct, data) do
|
|
|
|
struct
|
|
|
|
|> cast(data, __schema__(:fields))
|
|
|
|
end
|
|
|
|
|
2021-01-12 10:14:09 +00:00
|
|
|
defp validate_data(data_cng) do
|
2020-05-05 12:17:47 +00:00
|
|
|
data_cng
|
|
|
|
|> validate_inclusion(:type, ["Undo"])
|
|
|
|
|> validate_required([:id, :type, :object, :actor, :to, :cc])
|
2021-06-30 06:14:34 +00:00
|
|
|
|> validate_undo_actor(:actor)
|
2020-05-05 12:17:47 +00:00
|
|
|
|> validate_object_presence()
|
|
|
|
|> validate_undo_rights()
|
|
|
|
end
|
|
|
|
|
|
|
|
def validate_undo_rights(cng) do
|
|
|
|
actor = get_field(cng, :actor)
|
|
|
|
object = get_field(cng, :object)
|
|
|
|
|
|
|
|
with %Activity{data: %{"actor" => object_actor}} <- Activity.get_by_ap_id(object),
|
|
|
|
true <- object_actor != actor do
|
|
|
|
cng
|
|
|
|
|> add_error(:actor, "not the same as object actor")
|
|
|
|
else
|
|
|
|
_ -> cng
|
|
|
|
end
|
|
|
|
end
|
2021-06-30 06:14:34 +00:00
|
|
|
|
|
|
|
defp validate_undo_actor(cng, field_name) do
|
|
|
|
validate_change(cng, field_name, fn field_name, actor ->
|
|
|
|
case User.get_cached_by_ap_id(actor) do
|
|
|
|
%User{} -> []
|
|
|
|
_ -> [{field_name, "can't find user"}]
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
2020-05-05 12:17:47 +00:00
|
|
|
end
|