From cbb3451023f557ece773bab20f79ac130f786d01 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 16:30:08 +0200 Subject: [PATCH 1/2] CommonAPI: Refactor visibility, forbid public to private replies. --- lib/pleroma/web/activity_pub/visibility.ex | 24 +++++++++++++++++ lib/pleroma/web/common_api/common_api.ex | 20 ++++++++++---- .../web/mastodon_api/views/status_view.ex | 26 ++----------------- .../web/twitter_api/views/activity_view.ex | 2 +- test/web/activity_pub/visibilty_test.exs | 12 +++++++++ test/web/common_api/common_api_test.exs | 22 ++++++++++++++++ 6 files changed, 76 insertions(+), 30 deletions(-) diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex index 6dee61dd6..b38ee0442 100644 --- a/lib/pleroma/web/activity_pub/visibility.ex +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -58,4 +58,28 @@ defmodule Pleroma.Web.ActivityPub.Visibility do visible_for_user?(tail, user) end end + + def get_visibility(object) do + public = "https://www.w3.org/ns/activitystreams#Public" + to = object.data["to"] || [] + cc = object.data["cc"] || [] + + cond do + public in to -> + "public" + + public in cc -> + "unlisted" + + # this should use the sql for the object's activity + Enum.any?(to, &String.contains?(&1, "/followers")) -> + "private" + + length(cc) > 0 -> + "private" + + true -> + "direct" + end + end end diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index b53869c75..c31e56d4c 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -126,22 +126,30 @@ defmodule Pleroma.Web.CommonAPI do "public" in_reply_to -> - # XXX: these heuristics should be moved out of MastodonAPI. - with %Object{} = object <- Object.normalize(in_reply_to) do - Pleroma.Web.MastodonAPI.StatusView.get_visibility(object) - end + get_replied_to_visibility(in_reply_to) end end def get_visibility(_), do: "public" + def get_replied_to_visibility(nil), do: nil + + def get_replied_to_visibility(activity) do + with %Object{} = object <- Object.normalize(activity) do + Pleroma.Web.ActivityPub.Visibility.get_visibility(object) + end + end + def post(user, %{"status" => status} = data) do - visibility = get_visibility(data) limit = Pleroma.Config.get([:instance, :limit]) with status <- String.trim(status), attachments <- attachments_from_ids(data), + visibility <- get_visibility(data), in_reply_to <- get_replied_to_activity(data["in_reply_to_status_id"]), + in_reply_to_visibility <- get_replied_to_visibility(in_reply_to), + {_, false} <- + {:private_to_public, in_reply_to_visibility == "direct" && visibility != "direct"}, {content_html, mentions, tags} <- make_content_html( status, @@ -185,6 +193,8 @@ defmodule Pleroma.Web.CommonAPI do ) res + else + e -> {:error, e} end end diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index bd2372944..c93d915e5 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -16,6 +16,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do alias Pleroma.Web.MastodonAPI.StatusView alias Pleroma.Web.MediaProxy + import Pleroma.Web.ActivityPub.Visibility, only: [get_visibility: 1] + # TODO: Add cached version. defp get_replied_to_activities(activities) do activities @@ -340,30 +342,6 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do end end - def get_visibility(object) do - public = "https://www.w3.org/ns/activitystreams#Public" - to = object.data["to"] || [] - cc = object.data["cc"] || [] - - cond do - public in to -> - "public" - - public in cc -> - "unlisted" - - # this should use the sql for the object's activity - Enum.any?(to, &String.contains?(&1, "/followers")) -> - "private" - - length(cc) > 0 -> - "private" - - true -> - "direct" - end - end - def render_content(%{data: %{"type" => "Video"}} = object) do with name when not is_nil(name) and name != "" <- object.data["name"] do "

#{name}

#{object.data["content"]}" diff --git a/lib/pleroma/web/twitter_api/views/activity_view.ex b/lib/pleroma/web/twitter_api/views/activity_view.ex index d084ad734..44bcafe0e 100644 --- a/lib/pleroma/web/twitter_api/views/activity_view.ex +++ b/lib/pleroma/web/twitter_api/views/activity_view.ex @@ -310,7 +310,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityView do "tags" => tags, "activity_type" => "post", "possibly_sensitive" => possibly_sensitive, - "visibility" => StatusView.get_visibility(object), + "visibility" => Pleroma.Web.ActivityPub.Visibility.get_visibility(object), "summary" => summary, "summary_html" => summary |> Formatter.emojify(object.data["emoji"]), "card" => card, diff --git a/test/web/activity_pub/visibilty_test.exs b/test/web/activity_pub/visibilty_test.exs index 24b96c4aa..9c03c8be2 100644 --- a/test/web/activity_pub/visibilty_test.exs +++ b/test/web/activity_pub/visibilty_test.exs @@ -95,4 +95,16 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do refute Visibility.visible_for_user?(private, unrelated) refute Visibility.visible_for_user?(direct, unrelated) end + + test "get_visibility", %{ + public: public, + private: private, + direct: direct, + unlisted: unlisted + } do + assert Visibility.get_visibility(public) == "public" + assert Visibility.get_visibility(private) == "private" + assert Visibility.get_visibility(direct) == "direct" + assert Visibility.get_visibility(unlisted) == "unlisted" + end end diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index a5b07c446..8d4f401ee 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -87,6 +87,28 @@ defmodule Pleroma.Web.CommonAPITest do assert object.data["content"] == "

2hu

alert('xss')" end + + test "it does not allow replies to direct messages that are not direct messages themselves" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "suya..", "visibility" => "direct"}) + + assert {:ok, _} = + CommonAPI.post(user, %{ + "status" => "suya..", + "visibility" => "direct", + "in_reply_to_status_id" => activity.id + }) + + Enum.each(["public", "private", "unlisted"], fn visibility -> + assert {:error, {:private_to_public, _}} = + CommonAPI.post(user, %{ + "status" => "suya..", + "visibility" => visibility, + "in_reply_to_status_id" => activity.id + }) + end) + end end describe "reactions" do From 7a92e701b974aa5ee70d617be323292c953d08de Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 16:35:33 +0200 Subject: [PATCH 2/2] CommonAPI: Visibility refactor. --- lib/pleroma/web/common_api/common_api.ex | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index c31e56d4c..29c4c1014 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -116,21 +116,16 @@ defmodule Pleroma.Web.CommonAPI do end end - def get_visibility(%{"visibility" => visibility}) + def get_visibility(%{"visibility" => visibility}, in_reply_to) when visibility in ~w{public unlisted private direct}, - do: visibility + do: {visibility, get_replied_to_visibility(in_reply_to)} - def get_visibility(%{"in_reply_to_status_id" => status_id}) when not is_nil(status_id) do - case get_replied_to_activity(status_id) do - nil -> - "public" - - in_reply_to -> - get_replied_to_visibility(in_reply_to) - end + def get_visibility(_, in_reply_to) when not is_nil(in_reply_to) do + visibility = get_replied_to_visibility(in_reply_to) + {visibility, visibility} end - def get_visibility(_), do: "public" + def get_visibility(_, in_reply_to), do: {"public", get_replied_to_visibility(in_reply_to)} def get_replied_to_visibility(nil), do: nil @@ -145,9 +140,8 @@ defmodule Pleroma.Web.CommonAPI do with status <- String.trim(status), attachments <- attachments_from_ids(data), - visibility <- get_visibility(data), in_reply_to <- get_replied_to_activity(data["in_reply_to_status_id"]), - in_reply_to_visibility <- get_replied_to_visibility(in_reply_to), + {visibility, in_reply_to_visibility} <- get_visibility(data, in_reply_to), {_, false} <- {:private_to_public, in_reply_to_visibility == "direct" && visibility != "direct"}, {content_html, mentions, tags} <-