[#943] Make the unauthenticated users limitation optional

2019-06-06 12:17:49 +00:00 · 2019-06-06 12:17:49 +00:00 · f82382de22
parent 3f6da9c45a
commit f82382de22
7 changed files with 72 additions and 10 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -27,6 +27,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Configuration: `notify_email` option
 - Configuration: Media proxy `whitelist` option
 - Configuration: `report_uri` option
+- Configuration: `limit_unauthenticated_to_local_content` option
 - Pleroma API: User subscriptions
 - Pleroma API: Healthcheck endpoint
 - Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints
--- a/config/config.exs
+++ b/config/config.exs
@ -244,7 +244,8 @@ config :pleroma, :instance,
  safe_dm_mentions: false,
  healthcheck: false,
  remote_post_retention_days: 90,
-  skip_thread_containment: false
+  skip_thread_containment: false,
+  limit_unauthenticated_to_local_content: true

 config :pleroma, :app_account_creation, enabled: true, max_requests: 25, interval: 1800

--- a/docs/config.md
+++ b/docs/config.md
@ -108,10 +108,11 @@ config :pleroma, Pleroma.Emails.Mailer,
 * `welcome_message`: A message that will be send to a newly registered users as a direct message.
 * `welcome_user_nickname`: The nickname of the local user that sends the welcome message.
 * `max_report_comment_size`: The maximum size of the report comment (Default: `1000`)
-* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). (Default: `false`)
-* `healthcheck`: if set to true, system data will be shown on ``/api/pleroma/healthcheck``.
-* `remote_post_retention_days`: the default amount of days to retain remote posts when pruning the database
-* `skip_thread_containment`: Skip filter out broken threads. the default is `false`.
+* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
+* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
+* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
+* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
+* `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`.

 ## :app_account_creation
 REST API for creating an account settings
--- a/lib/pleroma/activity/search.ex
+++ b/lib/pleroma/activity/search.ex
@ -60,7 +60,13 @@ defmodule Pleroma.Activity.Search do
  defp maybe_restrict_local(q, %User{}), do: q

  # unauthenticated users can only search local activities
-  defp maybe_restrict_local(q, _), do: where(q, local: true)
+  defp maybe_restrict_local(q, _) do
+    if Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true) do
+      where(q, local: true)
+    else
+      q
+    end
+  end

  defp maybe_fetch(activities, user, search_query) do
    with true <- Regex.match?(~r/https?:/, search_query),
--- a/lib/pleroma/user/search.ex
+++ b/lib/pleroma/user/search.ex
@ -14,7 +14,7 @@ defmodule Pleroma.User.Search do
    # Strip the beginning @ off if there is a query
    query = String.trim_leading(query, "@")

-    if match?(%User{}, for_user) and resolve, do: User.get_or_fetch(query)
+    maybe_resolve(resolve, for_user, query)

    {:ok, results} =
      Repo.transaction(fn ->
@ -28,6 +28,16 @@ defmodule Pleroma.User.Search do
    results
  end

+  defp maybe_resolve(true, %User{}, query) do
+    User.get_or_fetch(query)
+  end
+
+  defp maybe_resolve(true, _, query) do
+    unless restrict_local?(), do: User.get_or_fetch(query)
+  end
+
+  defp maybe_resolve(_, _, _), do: :noop
+
  defp search_query(query, for_user) do
    query
    |> union_query()
@ -39,6 +49,10 @@ defmodule Pleroma.User.Search do
    |> maybe_restrict_local(for_user)
  end

+  defp restrict_local? do
+    Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true)
+  end
+
  defp union_query(query) do
    fts_subquery = fts_search_subquery(query)
    trigram_subquery = trigram_search_subquery(query)
@ -52,7 +66,14 @@ defmodule Pleroma.User.Search do

  # unauthenticated users can only search local activities
  defp maybe_restrict_local(q, %User{}), do: q
-  defp maybe_restrict_local(q, _), do: where(q, [u], u.local == true)
+
+  defp maybe_restrict_local(q, _) do
+    if restrict_local?() do
+      where(q, [u], u.local == true)
+    else
+      q
+    end
+  end

  defp boost_search_rank_query(query, nil), do: query

--- a/test/activity_test.exs
+++ b/test/activity_test.exs
@ -138,5 +138,19 @@ defmodule Pleroma.ActivityTest do
    test "find only local statuses for unauthenticated users", %{local_activity: local_activity} do
      assert [^local_activity] = Activity.search(nil, "find me")
    end
+
+    test "find all statuses for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`",
+         %{
+           local_activity: local_activity,
+           remote_activity: remote_activity
+         } do
+      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
+
+      activities = Enum.sort_by(Activity.search(nil, "find me"), & &1.id)
+
+      assert [^local_activity, ^remote_activity] = activities
+
+      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
+    end
  end
 end
--- a/test/user_test.exs
+++ b/test/user_test.exs
@ -1077,7 +1077,7 @@ defmodule Pleroma.UserTest do
               Enum.map(User.search("doe", resolve: false, for_user: u1), & &1.id) == []
    end

-    test "find local and remote statuses for authenticated users" do
+    test "find local and remote users for authenticated users" do
      u1 = insert(:user, %{name: "lain"})
      u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
      u3 = insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
@ -1091,7 +1091,7 @@ defmodule Pleroma.UserTest do
      assert [u1.id, u2.id, u3.id] == results
    end

-    test "find only local statuses for unauthenticated users" do
+    test "find only local users for unauthenticated users" do
      %{id: id} = insert(:user, %{name: "lain"})
      insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
      insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
@ -1099,6 +1099,24 @@ defmodule Pleroma.UserTest do
      assert [%{id: ^id}] = User.search("lain")
    end

+    test "find all users for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`" do
+      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
+
+      u1 = insert(:user, %{name: "lain"})
+      u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
+      u3 = insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
+
+      results =
+        "lain"
+        |> User.search()
+        |> Enum.map(& &1.id)
+        |> Enum.sort()
+
+      assert [u1.id, u2.id, u3.id] == results
+
+      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
+    end
+
    test "finds a user whose name is nil" do
      _user = insert(:user, %{name: "notamatch", nickname: "testuser@pleroma.amplifie.red"})
      user_two = insert(:user, %{name: nil, nickname: "lain@pleroma.soykaf.com"})