2020-06-11 18:23:10 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-13 06:49:20 +00:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2020-06-11 18:23:10 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
# Code based on CreateChatMessageValidator
|
|
|
|
# NOTES
|
|
|
|
# - doesn't embed, will only get the object id
|
2020-06-18 02:05:42 +00:00
|
|
|
defmodule Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidator do
|
2020-06-11 18:23:10 +00:00
|
|
|
use Ecto.Schema
|
|
|
|
|
2020-06-19 22:23:04 +00:00
|
|
|
alias Pleroma.EctoType.ActivityPub.ObjectValidators
|
2020-06-11 18:23:10 +00:00
|
|
|
alias Pleroma.Object
|
2020-09-10 17:45:42 +00:00
|
|
|
alias Pleroma.User
|
2020-08-20 00:00:04 +00:00
|
|
|
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonFixes
|
|
|
|
alias Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
|
2020-09-10 17:45:42 +00:00
|
|
|
alias Pleroma.Web.ActivityPub.Transmogrifier
|
2020-06-11 18:23:10 +00:00
|
|
|
|
|
|
|
import Ecto.Changeset
|
|
|
|
|
|
|
|
@primary_key false
|
|
|
|
|
|
|
|
embedded_schema do
|
2021-04-01 11:26:32 +00:00
|
|
|
quote do
|
|
|
|
unquote do
|
|
|
|
import Elixir.Pleroma.Web.ActivityPub.ObjectValidators.CommonFields
|
|
|
|
message_fields()
|
|
|
|
activity_fields()
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-06-19 22:23:04 +00:00
|
|
|
field(:expires_at, ObjectValidators.DateTime)
|
2020-07-02 03:45:19 +00:00
|
|
|
|
|
|
|
# Should be moved to object, done for CommonAPI.Utils.make_context
|
|
|
|
field(:context, :string)
|
2020-06-11 18:23:10 +00:00
|
|
|
end
|
|
|
|
|
2020-08-05 12:51:33 +00:00
|
|
|
def cast_data(data, meta \\ []) do
|
|
|
|
data = fix(data, meta)
|
|
|
|
|
2020-06-18 02:05:42 +00:00
|
|
|
%__MODULE__{}
|
|
|
|
|> changeset(data)
|
|
|
|
end
|
|
|
|
|
2020-06-11 18:23:10 +00:00
|
|
|
def cast_and_apply(data) do
|
|
|
|
data
|
|
|
|
|> cast_data
|
|
|
|
|> apply_action(:insert)
|
|
|
|
end
|
|
|
|
|
|
|
|
def cast_and_validate(data, meta \\ []) do
|
2020-06-18 02:05:42 +00:00
|
|
|
data
|
2020-08-05 12:51:33 +00:00
|
|
|
|> cast_data(meta)
|
2020-06-11 18:23:10 +00:00
|
|
|
|> validate_data(meta)
|
|
|
|
end
|
|
|
|
|
2020-06-18 02:05:42 +00:00
|
|
|
def changeset(struct, data) do
|
|
|
|
struct
|
|
|
|
|> cast(data, __schema__(:fields))
|
|
|
|
end
|
|
|
|
|
2020-09-10 17:45:42 +00:00
|
|
|
# CommonFixes.fix_activity_addressing adapted for Create specific behavior
|
|
|
|
defp fix_addressing(data, object) do
|
|
|
|
%User{follower_address: follower_collection} = User.get_cached_by_ap_id(data["actor"])
|
|
|
|
|
|
|
|
data
|
2020-09-15 15:22:08 +00:00
|
|
|
|> CommonFixes.cast_and_filter_recipients("to", follower_collection, object["to"])
|
|
|
|
|> CommonFixes.cast_and_filter_recipients("cc", follower_collection, object["cc"])
|
|
|
|
|> CommonFixes.cast_and_filter_recipients("bto", follower_collection, object["bto"])
|
|
|
|
|> CommonFixes.cast_and_filter_recipients("bcc", follower_collection, object["bcc"])
|
2020-09-10 17:45:42 +00:00
|
|
|
|> Transmogrifier.fix_implicit_addressing(follower_collection)
|
2020-08-05 12:51:33 +00:00
|
|
|
end
|
|
|
|
|
2020-09-10 17:45:42 +00:00
|
|
|
def fix(data, meta) do
|
|
|
|
object = meta[:object_data]
|
|
|
|
|
2020-08-05 12:51:33 +00:00
|
|
|
data
|
2020-08-20 00:00:04 +00:00
|
|
|
|> CommonFixes.fix_actor()
|
2020-09-10 17:45:42 +00:00
|
|
|
|> Map.put_new("context", object["context"])
|
|
|
|
|> fix_addressing(object)
|
2020-08-05 12:51:33 +00:00
|
|
|
end
|
|
|
|
|
2021-01-12 10:14:09 +00:00
|
|
|
defp validate_data(cng, meta) do
|
2020-09-10 17:45:42 +00:00
|
|
|
object = meta[:object_data]
|
|
|
|
|
2020-06-11 18:23:10 +00:00
|
|
|
cng
|
2020-09-10 17:45:42 +00:00
|
|
|
|> validate_required([:actor, :type, :object, :to, :cc])
|
2020-06-11 18:23:10 +00:00
|
|
|
|> validate_inclusion(:type, ["Create"])
|
2020-08-20 00:00:04 +00:00
|
|
|
|> CommonValidations.validate_actor_presence()
|
2020-09-10 17:45:42 +00:00
|
|
|
|> validate_actors_match(object)
|
|
|
|
|> validate_context_match(object)
|
|
|
|
|> validate_addressing_match(object)
|
2020-06-11 18:23:10 +00:00
|
|
|
|> validate_object_nonexistence()
|
2020-06-18 02:05:42 +00:00
|
|
|
|> validate_object_containment()
|
|
|
|
end
|
|
|
|
|
|
|
|
def validate_object_containment(cng) do
|
|
|
|
actor = get_field(cng, :actor)
|
|
|
|
|
|
|
|
cng
|
|
|
|
|> validate_change(:object, fn :object, object_id ->
|
|
|
|
%URI{host: object_id_host} = URI.parse(object_id)
|
|
|
|
%URI{host: actor_host} = URI.parse(actor)
|
|
|
|
|
|
|
|
if object_id_host == actor_host do
|
|
|
|
[]
|
|
|
|
else
|
|
|
|
[{:object, "The host of the object id doesn't match with the host of the actor"}]
|
|
|
|
end
|
|
|
|
end)
|
2020-06-11 18:23:10 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def validate_object_nonexistence(cng) do
|
|
|
|
cng
|
|
|
|
|> validate_change(:object, fn :object, object_id ->
|
|
|
|
if Object.get_cached_by_ap_id(object_id) do
|
|
|
|
[{:object, "The object to create already exists"}]
|
|
|
|
else
|
|
|
|
[]
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
2020-09-10 17:45:42 +00:00
|
|
|
def validate_actors_match(cng, object) do
|
|
|
|
attributed_to = object["attributedTo"] || object["actor"]
|
2020-06-11 18:23:10 +00:00
|
|
|
|
|
|
|
cng
|
|
|
|
|> validate_change(:actor, fn :actor, actor ->
|
2020-06-25 22:07:43 +00:00
|
|
|
if actor == attributed_to do
|
2020-06-11 18:23:10 +00:00
|
|
|
[]
|
|
|
|
else
|
2020-06-25 22:07:43 +00:00
|
|
|
[{:actor, "Actor doesn't match with object attributedTo"}]
|
2020-06-11 18:23:10 +00:00
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
2020-07-02 03:45:19 +00:00
|
|
|
|
2020-09-10 17:45:42 +00:00
|
|
|
def validate_context_match(cng, %{"context" => object_context}) do
|
2020-07-02 03:45:19 +00:00
|
|
|
cng
|
|
|
|
|> validate_change(:context, fn :context, context ->
|
|
|
|
if context == object_context do
|
|
|
|
[]
|
|
|
|
else
|
|
|
|
[{:context, "context field not matching between Create and object (#{object_context})"}]
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
2020-09-10 17:45:42 +00:00
|
|
|
def validate_addressing_match(cng, object) do
|
|
|
|
[:to, :cc, :bcc, :bto]
|
|
|
|
|> Enum.reduce(cng, fn field, cng ->
|
|
|
|
object_data = object[to_string(field)]
|
|
|
|
|
|
|
|
validate_change(cng, field, fn field, data ->
|
|
|
|
if data == object_data do
|
|
|
|
[]
|
|
|
|
else
|
|
|
|
[{field, "field doesn't match with object (#{inspect(object_data)})"}]
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end)
|
|
|
|
end
|
2020-06-11 18:23:10 +00:00
|
|
|
end
|