Add option to restrict all users to local content

CHANGELOG.md

@@ -28,7 +28,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Configuration: `notify_email` option
 - Configuration: Media proxy `whitelist` option
 - Configuration: `report_uri` option
-- Configuration: `limit_unauthenticated_to_local_content` option
+- Configuration: `limit_to_local_content` option
 - Pleroma API: User subscriptions
 - Pleroma API: Healthcheck endpoint
 - Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints

config/config.exs

@@ -245,7 +245,7 @@
   healthcheck: false,
   remote_post_retention_days: 90,
   skip_thread_containment: true,
-  limit_unauthenticated_to_local_content: true
+  limit_to_local_content: :unauthenticated
 
 config :pleroma, :markup,
   # XXX - unfortunately, inline images must be enabled by default right now, because

docs/config.md

@@ -112,7 +112,8 @@ config :pleroma, Pleroma.Emails.Mailer,
 * `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
 * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
 * `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
-* `limit_unauthenticated_to_local_content`: Limit unauthenticated users to search for local statutes and users only. The default is `true`.
+* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
+
 
 ## :logger
 * `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack

lib/pleroma/activity/search.ex

@@ -56,18 +56,19 @@ defp query_with(q, :rum, search_query) do
     )
   end
 
-  # users can search everything
-  defp maybe_restrict_local(q, %User{}), do: q
+  defp maybe_restrict_local(q, user) do
+    limit = Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated)
 
-  # unauthenticated users can only search local activities
-  defp maybe_restrict_local(q, _) do
-    if Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true) do
-      where(q, local: true)
-    else
-      q
+    case {limit, user} do
+      {:all, _} -> restrict_local(q)
+      {:unauthenticated, %User{}} -> q
+      {:unauthenticated, _} -> restrict_local(q)
+      {false, _} -> q
     end
   end
 
+  defp restrict_local(q), do: where(q, local: true)
+
   defp maybe_fetch(activities, user, search_query) do
     with true <- Regex.match?(~r/https?:/, search_query),
          {:ok, object} <- Fetcher.fetch_object_from_id(search_query),

lib/pleroma/user/search.ex

@@ -28,16 +28,6 @@ def search(query, opts \\ []) do
     results
   end
 
-  defp maybe_resolve(true, %User{}, query) do
-    User.get_or_fetch(query)
-  end
-
-  defp maybe_resolve(true, _, query) do
-    unless restrict_local?(), do: User.get_or_fetch(query)
-  end
-
-  defp maybe_resolve(_, _, _), do: :noop
-
   defp search_query(query, for_user) do
     query
     |> union_query()
@@ -49,10 +39,6 @@ defp search_query(query, for_user) do
     |> maybe_restrict_local(for_user)
   end
 
-  defp restrict_local? do
-    Pleroma.Config.get([:instance, :limit_unauthenticated_to_local_content], true)
-  end
-
   defp union_query(query) do
     fts_subquery = fts_search_subquery(query)
     trigram_subquery = trigram_search_subquery(query)
@@ -64,17 +50,30 @@ defp distinct_query(q) do
     from(s in subquery(q), order_by: s.search_type, distinct: s.id)
   end
 
-  # unauthenticated users can only search local activities
-  defp maybe_restrict_local(q, %User{}), do: q
-
-  defp maybe_restrict_local(q, _) do
-    if restrict_local?() do
-      where(q, [u], u.local == true)
-    else
-      q
+  defp maybe_resolve(true, user, query) do
+    case {limit(), user} do
+      {:all, _} -> :noop
+      {:unauthenticated, %User{}} -> User.get_or_fetch(query)
+      {:unauthenticated, _} -> :noop
+      {false, _} -> User.get_or_fetch(query)
     end
   end
 
+  defp maybe_resolve(_, _, _), do: :noop
+
+  defp maybe_restrict_local(q, user) do
+    case {limit(), user} do
+      {:all, _} -> restrict_local(q)
+      {:unauthenticated, %User{}} -> q
+      {:unauthenticated, _} -> restrict_local(q)
+      {false, _} -> q
+    end
+  end
+
+  defp limit, do: Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated)
+
+  defp restrict_local(q), do: where(q, [u], u.local == true)
+
   defp boost_search_rank_query(query, nil), do: query
 
   defp boost_search_rank_query(query, for_user) do

test/activity_test.exs

@@ -139,18 +139,25 @@ test "find only local statuses for unauthenticated users", %{local_activity: loc
       assert [^local_activity] = Activity.search(nil, "find me")
     end
 
-    test "find all statuses for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`",
+    test "find only local statuses for unauthenticated users  when `limit_to_local_content` is `:all`",
+         %{local_activity: local_activity} do
+      Pleroma.Config.put([:instance, :limit_to_local_content], :all)
+      assert [^local_activity] = Activity.search(nil, "find me")
+      Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
+    end
+
+    test "find all statuses for unauthenticated users when `limit_to_local_content` is `false`",
          %{
            local_activity: local_activity,
            remote_activity: remote_activity
          } do
-      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
+      Pleroma.Config.put([:instance, :limit_to_local_content], false)
 
       activities = Enum.sort_by(Activity.search(nil, "find me"), & &1.id)
 
       assert [^local_activity, ^remote_activity] = activities
 
-      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
+      Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
     end
   end
 end

test/user_test.exs

@@ -1099,8 +1099,20 @@ test "find only local users for unauthenticated users" do
       assert [%{id: ^id}] = User.search("lain")
     end
 
-    test "find all users for unauthenticated users when `limit_unauthenticated_to_local_content` is `false`" do
-      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], false)
+    test "find only local users for authenticated users when `limit_to_local_content` is `:all`" do
+      Pleroma.Config.put([:instance, :limit_to_local_content], :all)
+
+      %{id: id} = insert(:user, %{name: "lain"})
+      insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
+      insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
+
+      assert [%{id: ^id}] = User.search("lain")
+
+      Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
+    end
+
+    test "find all users for unauthenticated users when `limit_to_local_content` is `false`" do
+      Pleroma.Config.put([:instance, :limit_to_local_content], false)
 
       u1 = insert(:user, %{name: "lain"})
       u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
@@ -1114,7 +1126,7 @@ test "find all users for unauthenticated users when `limit_unauthenticated_to_lo
 
       assert [u1.id, u2.id, u3.id] == results
 
-      Pleroma.Config.put([:instance, :limit_unauthenticated_to_local_content], true)
+      Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
     end
 
     test "finds a user whose name is nil" do