Make mrfSimple work with tuples

* Changed SimplePolicy
* I also grepped in test/ for ':mrf_simple' to see what other things could be affected
This commit is contained in:
Ilja 2020-09-24 21:01:33 +02:00 committed by Haelwenn (lanodan) Monnier
parent 647087d7fd
commit 4ba0beb60c
No known key found for this signature in database
GPG key ID: D5B7A8E43C997DEE
4 changed files with 123 additions and 112 deletions
lib/pleroma/web/activity_pub/mrf
test/pleroma

View file

@ -15,7 +15,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
defp check_accept(%{host: actor_host} = _actor_info, object) do
accepts =
Config.get([:mrf_simple, :accept])
instance_list(:accept)
|> MRF.subdomains_regex()
cond do
@ -28,7 +28,7 @@ defp check_accept(%{host: actor_host} = _actor_info, object) do
defp check_reject(%{host: actor_host} = _actor_info, object) do
rejects =
Config.get([:mrf_simple, :reject])
instance_list(:reject)
|> MRF.subdomains_regex()
if MRF.subdomain_match?(rejects, actor_host) do
@ -44,7 +44,7 @@ defp check_media_removal(
)
when length(child_attachment) > 0 do
media_removal =
Config.get([:mrf_simple, :media_removal])
instance_list(:media_removal)
|> MRF.subdomains_regex()
object =
@ -68,7 +68,7 @@ defp check_media_nsfw(
} = object
) do
media_nsfw =
Config.get([:mrf_simple, :media_nsfw])
instance_list(:media_nsfw)
|> MRF.subdomains_regex()
object =
@ -85,7 +85,7 @@ defp check_media_nsfw(_actor_info, object), do: {:ok, object}
defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do
timeline_removal =
Config.get([:mrf_simple, :federated_timeline_removal])
instance_list(:federated_timeline_removal)
|> MRF.subdomains_regex()
object =
@ -112,7 +112,7 @@ defp intersection(list1, list2) do
defp check_followers_only(%{host: actor_host} = _actor_info, object) do
followers_only =
Config.get([:mrf_simple, :followers_only])
instance_list(:followers_only)
|> MRF.subdomains_regex()
object =
@ -137,7 +137,7 @@ defp check_followers_only(%{host: actor_host} = _actor_info, object) do
defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} = object) do
report_removal =
Config.get([:mrf_simple, :report_removal])
instance_list(:report_removal)
|> MRF.subdomains_regex()
if MRF.subdomain_match?(report_removal, actor_host) do
@ -151,7 +151,7 @@ defp check_report_removal(_actor_info, object), do: {:ok, object}
defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do
avatar_removal =
Config.get([:mrf_simple, :avatar_removal])
instance_list(:avatar_removal)
|> MRF.subdomains_regex()
if MRF.subdomain_match?(avatar_removal, actor_host) do
@ -165,7 +165,7 @@ defp check_avatar_removal(_actor_info, object), do: {:ok, object}
defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do
banner_removal =
Config.get([:mrf_simple, :banner_removal])
instance_list(:banner_removal)
|> MRF.subdomains_regex()
if MRF.subdomain_match?(banner_removal, actor_host) do
@ -185,12 +185,19 @@ defp check_object(%{"object" => object} = activity) do
defp check_object(object), do: {:ok, object}
defp instance_list(config_key) do
Config.get([:mrf_simple, config_key])
|> Enum.map(fn
{instance, _} -> instance
end)
end
@impl true
def filter(%{"type" => "Delete", "actor" => actor} = object) do
%{host: actor_host} = URI.parse(actor)
reject_deletes =
Config.get([:mrf_simple, :reject_deletes])
instance_list(:reject_deletes)
|> MRF.subdomains_regex()
if MRF.subdomain_match?(reject_deletes, actor_host) do
@ -257,7 +264,7 @@ def describe do
mrf_simple =
Config.get(:mrf_simple)
|> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn v -> v in exclusions end)} end)
|> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn {v, _} -> v in exclusions end)} end)
|> Enum.into(%{})
{:ok, %{mrf_simple: mrf_simple}}
@ -270,70 +277,67 @@ def config_description do
related_policy: "Pleroma.Web.ActivityPub.MRF.SimplePolicy",
label: "MRF Simple",
description: "Simple ingress policies",
children: [
%{
key: :media_removal,
type: {:list, :string},
description: "List of instances to strip media attachments from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :media_nsfw,
label: "Media NSFW",
type: {:list, :string},
description: "List of instances to tag all media as NSFW (sensitive) from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :federated_timeline_removal,
type: {:list, :string},
description:
"List of instances to remove from the Federated (aka The Whole Known Network) Timeline",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :reject,
type: {:list, :string},
description: "List of instances to reject activities from (except deletes)",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :accept,
type: {:list, :string},
description: "List of instances to only accept activities from (except deletes)",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :followers_only,
type: {:list, :string},
description: "Force posts from the given instances to be visible by followers only",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :report_removal,
type: {:list, :string},
description: "List of instances to reject reports from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :avatar_removal,
type: {:list, :string},
description: "List of instances to strip avatars from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :banner_removal,
type: {:list, :string},
description: "List of instances to strip banners from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :reject_deletes,
type: {:list, :string},
description: "List of instances to reject deletions from",
suggestions: ["example.com", "*.example.com"]
}
]
children:
[
%{
key: :media_removal,
description:
"List of instances to strip media attachments from and the reason for doing so"
},
%{
key: :media_nsfw,
label: "Media NSFW",
description:
"List of instances to tag all media as NSFW (sensitive) from and the reason for doing so"
},
%{
key: :federated_timeline_removal,
description:
"List of instances to remove from the Federated (aka The Whole Known Network) Timeline and the reason for doing so"
},
%{
key: :reject,
description:
"List of instances to reject activities from (except deletes) and the reason for doing so"
},
%{
key: :accept,
description:
"List of instances to only accept activities from (except deletes) and the reason for doing so"
},
%{
key: :followers_only,
description:
"Force posts from the given instances to be visible by followers only and the reason for doing so"
},
%{
key: :report_removal,
description: "List of instances to reject reports from and the reason for doing so"
},
%{
key: :avatar_removal,
description: "List of instances to strip avatars from and the reason for doing so"
},
%{
key: :banner_removal,
description: "List of instances to strip banners from and the reason for doing so"
},
%{
key: :reject_deletes,
description: "List of instances to reject deletions from and the reason for doing so"
}
]
|> Enum.map(fn setting ->
Map.merge(
setting,
%{
type: {:list, :tuple},
key_placeholder: "instance",
value_placeholder: "reason",
suggestions: [{"example.com", "Some reason"}, {"*.example.com", "Another reason"}]
}
)
end)
}
end
end

View file

@ -480,7 +480,7 @@ test "it sends a welcome chat message if it is set" do
)
test "it sends a welcome chat message when Simple policy applied to local instance" do
clear_config([:mrf_simple, :media_nsfw], ["localhost"])
clear_config([:mrf_simple, :media_nsfw], [{"localhost", ""}])
welcome_user = insert(:user)
clear_config([:welcome, :chat_message, :enabled], true)

View file

@ -33,7 +33,7 @@ test "is empty" do
end
test "has a matching host" do
clear_config([:mrf_simple, :media_removal], ["remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}])
media_message = build_media_message()
local_message = build_local_message()
@ -46,7 +46,7 @@ test "has a matching host" do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :media_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"*.remote.instance", "Whatever reason"}])
media_message = build_media_message()
local_message = build_local_message()
@ -70,7 +70,7 @@ test "is empty" do
end
test "has a matching host" do
clear_config([:mrf_simple, :media_nsfw], ["remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}])
media_message = build_media_message()
local_message = build_local_message()
@ -81,7 +81,7 @@ test "has a matching host" do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :media_nsfw], ["*.remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"*.remote.instance", "yeah yeah"}])
media_message = build_media_message()
local_message = build_local_message()
@ -115,7 +115,7 @@ test "is empty" do
end
test "has a matching host" do
clear_config([:mrf_simple, :report_removal], ["remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"remote.instance", "muh"}])
report_message = build_report_message()
local_message = build_local_message()
@ -124,7 +124,7 @@ test "has a matching host" do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :report_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"*.remote.instance", "suya"}])
report_message = build_report_message()
local_message = build_local_message()
@ -159,7 +159,7 @@ test "has a matching host" do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [{ftl_message_actor_host, "uwu"}])
local_message = build_local_message()
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@ -180,7 +180,10 @@ test "match with wildcard domain" do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{"*." <> ftl_message_actor_host, "owo"}
])
local_message = build_local_message()
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@ -203,7 +206,9 @@ test "has a matching host but only as:Public in to" do
ftl_message = Map.put(ftl_message, "cc", [])
clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{ftl_message_actor_host, "spiderwaifu goes 88w88"}
])
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
@ -232,7 +237,7 @@ test "is empty" do
end
test "activity has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
remote_message = build_remote_message()
@ -240,7 +245,7 @@ test "activity has a matching host" do
end
test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :reject], ["*.remote.instance"])
clear_config([:mrf_simple, :reject], [{"*.remote.instance", ""}])
remote_message = build_remote_message()
@ -248,7 +253,7 @@ test "activity matches with wildcard domain" do
end
test "actor has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
remote_user = build_remote_user()
@ -256,7 +261,7 @@ test "actor has a matching host" do
end
test "reject Announce when object would be rejected" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
announce = %{
"type" => "Announce",
@ -268,7 +273,7 @@ test "reject Announce when object would be rejected" do
end
test "reject by URI object" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
announce = %{
"type" => "Announce",
@ -322,7 +327,7 @@ test "has a matching host" do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :followers_only], [actor_domain])
clear_config([:mrf_simple, :followers_only], [{actor_domain, ""}])
assert {:ok, new_activity} = SimplePolicy.filter(activity)
assert actor.follower_address in new_activity["cc"]
@ -350,7 +355,7 @@ test "is empty" do
end
test "is not empty but activity doesn't have a matching host" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -360,7 +365,7 @@ test "is not empty but activity doesn't have a matching host" do
end
test "activity has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -370,7 +375,7 @@ test "activity has a matching host" do
end
test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :accept], ["*.remote.instance"])
clear_config([:mrf_simple, :accept], [{"*.remote.instance", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -380,7 +385,7 @@ test "activity matches with wildcard domain" do
end
test "actor has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
remote_user = build_remote_user()
@ -398,7 +403,7 @@ test "is empty" do
end
test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :avatar_removal], [{"non.matching.remote", ""}])
remote_user = build_remote_user()
@ -406,7 +411,7 @@ test "is not empty but it doesn't have a matching host" do
end
test "has a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -415,7 +420,7 @@ test "has a matching host" do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :avatar_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"*.remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -434,7 +439,7 @@ test "is empty" do
end
test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :banner_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :banner_removal], [{"non.matching.remote", ""}])
remote_user = build_remote_user()
@ -442,7 +447,7 @@ test "is not empty but it doesn't have a matching host" do
end
test "has a matching host" do
clear_config([:mrf_simple, :banner_removal], ["remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -451,7 +456,7 @@ test "has a matching host" do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :banner_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"*.remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -464,7 +469,7 @@ test "match with wildcard domain" do
setup do: clear_config([:mrf_simple, :reject_deletes], [])
test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
deletion_message = build_remote_deletion_message()
@ -472,7 +477,7 @@ test "it accepts deletions even from rejected servers" do
end
test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
deletion_message = build_remote_deletion_message()
@ -481,10 +486,10 @@ test "it accepts deletions even from non-whitelisted servers" do
end
describe "when :reject_deletes is not empty but it doesn't have a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["non.matching.remote"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"non.matching.remote", ""}])
test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
deletion_message = build_remote_deletion_message()
@ -492,7 +497,7 @@ test "it accepts deletions even from rejected servers" do
end
test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
deletion_message = build_remote_deletion_message()
@ -501,7 +506,7 @@ test "it accepts deletions even from non-whitelisted servers" do
end
describe "when :reject_deletes has a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"remote.instance", ""}])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()
@ -511,7 +516,7 @@ test "it rejects the deletion" do
end
describe "when :reject_deletes match with wildcard domain" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["*.remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"*.remote.instance", ""}])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()

View file

@ -154,15 +154,17 @@ test "it shows MRF transparency data if enabled", %{conn: conn} do
clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.SimplePolicy])
clear_config([:mrf, :transparency], true)
simple_config = %{"reject" => ["example.com"]}
simple_config = %{"reject" => [{"example.com", ""}]}
clear_config(:mrf_simple, simple_config)
expected_config = %{"reject" => [["example.com", ""]]}
response =
conn
|> get("/nodeinfo/2.1.json")
|> json_response(:ok)
assert response["metadata"]["federation"]["mrf_simple"] == simple_config
assert response["metadata"]["federation"]["mrf_simple"] == expected_config
end
test "it performs exclusions from MRF transparency data if configured", %{conn: conn} do
@ -170,10 +172,10 @@ test "it performs exclusions from MRF transparency data if configured", %{conn:
clear_config([:mrf, :transparency], true)
clear_config([:mrf, :transparency_exclusions], ["other.site"])
simple_config = %{"reject" => ["example.com", "other.site"]}
simple_config = %{"reject" => [{"example.com", ""}, {"other.site", ""}]}
clear_config(:mrf_simple, simple_config)
expected_config = %{"reject" => ["example.com"]}
expected_config = %{"reject" => [["example.com", ""]]}
response =
conn