Merge mrf_simple-reject with quarantine
Some checks failed
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/pr/woodpecker Pipeline failed

This commit is contained in:
FloatingGhost 2022-08-02 14:48:10 +01:00
parent c3eea8dc7d
commit da8ede329f
7 changed files with 43 additions and 8 deletions

View file

@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
### Changed ### Changed
- quarantining is now considered absolutely; public activities are no longer - quarantining is now considered absolutely; public activities are no longer
an exception. an exception.
- also merged quarantine and mrf reject - quarantine is now deprecated
- flavours: - flavours:
- amd64 is built for debian stable. Compatible with ubuntu 20. - amd64 is built for debian stable. Compatible with ubuntu 20.
- ubuntu-jammy is built for... well, ubuntu 22 (LTS) - ubuntu-jammy is built for... well, ubuntu 22 (LTS)

View file

@ -215,7 +215,6 @@
], ],
allow_relay: true, allow_relay: true,
public: true, public: true,
quarantined_instances: [],
static_dir: "instance/static/", static_dir: "instance/static/",
allowed_post_formats: [ allowed_post_formats: [
"text/plain", "text/plain",

View file

@ -691,7 +691,7 @@
key_placeholder: "instance", key_placeholder: "instance",
value_placeholder: "reason", value_placeholder: "reason",
description: description:
"List of ActivityPub instances where activities will not be sent, and the reason for doing so", "(Deprecated, will be removed in next release) List of ActivityPub instances where activities will not be sent, and the reason for doing so",
suggestions: [ suggestions: [
{"quarantined.com", "Reason"}, {"quarantined.com", "Reason"},
{"*.quarantined.com", "Reason"} {"*.quarantined.com", "Reason"}

View file

@ -34,7 +34,7 @@ To add configuration to your config file, you can copy it from the base config.
* `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it. * `federation_reachability_timeout_days`: Timeout (in days) of each external federation target being unreachable prior to pausing federating to it.
* `allow_relay`: Permits remote instances to subscribe to all public posts of your instance. This may increase the visibility of your instance. * `allow_relay`: Permits remote instances to subscribe to all public posts of your instance. This may increase the visibility of your instance.
* `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. Note that there is a dependent setting restricting or allowing unauthenticated access to specific resources, see `restrict_unauthenticated` for more details. * `public`: Makes the client API in authenticated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network. Note that there is a dependent setting restricting or allowing unauthenticated access to specific resources, see `restrict_unauthenticated` for more details.
* `quarantined_instances`: ActivityPub instances where activities will not be sent. They can still reach there via other means, we just won't send them. * `quarantined_instances`: *DEPRECATED* ActivityPub instances where activities will not be sent. They can still reach there via other means, we just won't send them.
* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML). * `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML).
* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with * `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with
older software for theses nicknames. older software for theses nicknames.
@ -131,7 +131,7 @@ To add configuration to your config file, you can copy it from the base config.
* `media_removal`: List of instances to strip media attachments from and the reason for doing so. * `media_removal`: List of instances to strip media attachments from and the reason for doing so.
* `media_nsfw`: List of instances to tag all media as NSFW (sensitive) from and the reason for doing so. * `media_nsfw`: List of instances to tag all media as NSFW (sensitive) from and the reason for doing so.
* `federated_timeline_removal`: List of instances to remove from the Federated Timeline (aka The Whole Known Network) and the reason for doing so. * `federated_timeline_removal`: List of instances to remove from the Federated Timeline (aka The Whole Known Network) and the reason for doing so.
* `reject`: List of instances to reject activities (except deletes) from and the reason for doing so. * `reject`: List of instances to reject activities (except deletes) from and the reason for doing so. Additionally prevents activities from being sent to that instance.
* `accept`: List of instances to only accept activities (except deletes) from and the reason for doing so. * `accept`: List of instances to only accept activities (except deletes) from and the reason for doing so.
* `followers_only`: Force posts from the given instances to be visible by followers only and the reason for doing so. * `followers_only`: Force posts from the given instances to be visible by followers only and the reason for doing so.
* `report_removal`: List of instances to reject reports from and the reason for doing so. * `report_removal`: List of instances to reject reports from and the reason for doing so.

View file

@ -17,7 +17,9 @@ defmodule Pleroma.Config.DeprecationWarnings do
{[:instance, :mrf_transparency], [:mrf, :transparency], {[:instance, :mrf_transparency], [:mrf, :transparency],
"\n* `config :pleroma, :instance, mrf_transparency` is now `config :pleroma, :mrf, transparency`"}, "\n* `config :pleroma, :instance, mrf_transparency` is now `config :pleroma, :mrf, transparency`"},
{[:instance, :mrf_transparency_exclusions], [:mrf, :transparency_exclusions], {[:instance, :mrf_transparency_exclusions], [:mrf, :transparency_exclusions],
"\n* `config :pleroma, :instance, mrf_transparency_exclusions` is now `config :pleroma, :mrf, transparency_exclusions`"} "\n* `config :pleroma, :instance, mrf_transparency_exclusions` is now `config :pleroma, :mrf, transparency_exclusions`"},
{[:instance, :quarantined_instances], [:mrf_simple, :reject],
"\n* `config :pleroma, :instance, :quarantined_instances` is now covered by `:pleroma, :mrf_simple, :reject`"}
] ]
def check_simple_policy_tuples do def check_simple_policy_tuples do
@ -81,7 +83,7 @@ def check_simple_policy_tuples do
end end
def check_quarantined_instances_tuples do def check_quarantined_instances_tuples do
has_strings = Config.get([:instance, :quarantined_instances]) |> Enum.any?(&is_binary/1) has_strings = Config.get([:instance, :quarantined_instances], []) |> Enum.any?(&is_binary/1)
if has_strings do if has_strings do
Logger.warn(""" Logger.warn("""

View file

@ -103,11 +103,16 @@ defp signature_host(%URI{port: port, scheme: scheme, host: host}) do
end end
end end
defp blocked_instances do
Config.get([:instance, :quarantined_instances], []) ++
Config.get([:mrf_simple, :reject], [])
end
defp should_federate?(inbox) do defp should_federate?(inbox) do
%{host: host} = URI.parse(inbox) %{host: host} = URI.parse(inbox)
quarantined_instances = quarantined_instances =
Config.get([:instance, :quarantined_instances], []) blocked_instances()
|> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples() |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
|> Pleroma.Web.ActivityPub.MRF.subdomains_regex() |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()

View file

@ -26,6 +26,7 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
setup_all do setup_all do
clear_config([:instance, :federating], true) clear_config([:instance, :federating], true)
clear_config([:instance, :quarantined_instances], []) clear_config([:instance, :quarantined_instances], [])
clear_config([:mrf_simple, :reject], [])
end end
describe "gather_webfinger_links/1" do describe "gather_webfinger_links/1" do
@ -270,12 +271,14 @@ test "publish to url with with different ports" do
end end
describe "publish/2" do describe "publish/2" do
test_with_mock "doesn't publish any activity to quarantined instances.", test_with_mock "doesn't publish any activity to quarantined or rejected instances.",
Pleroma.Web.Federator.Publisher, Pleroma.Web.Federator.Publisher,
[:passthrough], [:passthrough],
[] do [] do
Config.put([:instance, :quarantined_instances], [{"domain.com", "some reason"}]) Config.put([:instance, :quarantined_instances], [{"domain.com", "some reason"}])
Config.put([:mrf_simple, :reject], [{"rejected.com", "some reason"}])
follower = follower =
insert(:user, %{ insert(:user, %{
local: false, local: false,
@ -283,9 +286,18 @@ test "publish to url with with different ports" do
ap_enabled: true ap_enabled: true
}) })
another_follower =
insert(:user, %{
local: false,
inbox: "https://rejected.com/users/nick2/inbox",
ap_enabled: true
})
actor = insert(:user, follower_address: follower.ap_id) actor = insert(:user, follower_address: follower.ap_id)
{:ok, follower, actor} = Pleroma.User.follow(follower, actor) {:ok, follower, actor} = Pleroma.User.follow(follower, actor)
{:ok, _another_follower, actor} = Pleroma.User.follow(another_follower, actor)
actor = refresh_record(actor) actor = refresh_record(actor)
note_activity = note_activity =
@ -321,6 +333,22 @@ test "publish to url with with different ports" do
id: public_note_activity.data["id"] id: public_note_activity.data["id"]
}) })
) )
assert not called(
Pleroma.Web.Federator.Publisher.enqueue_one(Publisher, %{
inbox: "https://rejected.com/users/nick2/inbox",
actor_id: actor.id,
id: note_activity.data["id"]
})
)
assert not called(
Pleroma.Web.Federator.Publisher.enqueue_one(Publisher, %{
inbox: "https://rejected.com/users/nick1/inbox",
actor_id: actor.id,
id: public_note_activity.data["id"]
})
)
end end
test_with_mock "Publishes a non-public activity to non-quarantined instances.", test_with_mock "Publishes a non-public activity to non-quarantined instances.",