From 2b6119dfbf47f118dfb102fc09f6450e59ccf15e Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Wed, 15 May 2019 07:59:24 +0800 Subject: [PATCH] Restrict reblogs of activities from blocked domains --- lib/pleroma/web/activity_pub/activity_pub.ex | 11 ++++++++++- test/web/activity_pub/activity_pub_test.exs | 9 +++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 233fee4fa..6087a1cdc 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -752,6 +752,14 @@ defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do from( activity in query, + inner_join: o in Object, + on: + fragment( + "(?->>'id') = COALESCE(?->'object'->>'id', ?->>'object')", + o.data, + activity.data, + activity.data + ), where: fragment("not (? = ANY(?))", activity.actor, ^blocks), where: fragment("not (? && ?)", activity.recipients, ^blocks), where: @@ -761,7 +769,8 @@ defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do activity.data, ^blocks ), - where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks) + where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks), + where: fragment("not (split_part(?->>'actor', '/', 3) = ANY(?))", o.data, ^domain_blocks) ) end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 442120ffd..dfee93f67 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -474,6 +474,15 @@ test "doesn't return activities from blocked domains" do ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true}) refute activity in activities + + followed_user = insert(:user) + ActivityPub.follow(user, followed_user) + {:ok, repeat_activity, _} = CommonAPI.repeat(activity.id, followed_user) + + activities = + ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true}) + + refute repeat_activity in activities end test "doesn't return muted activities" do