git.squeep.com Git - akkoma/blob - lib/pleroma/web/activity_pub/activity_pub_controller.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.ActivityPub.ActivityPubController do
   6   use Pleroma.Web, :controller
   7   alias Pleroma.{User, Object}
   8   alias Pleroma.Web.ActivityPub.{ObjectView, UserView}
   9   alias Pleroma.Web.ActivityPub.ActivityPub
  10   alias Pleroma.Web.ActivityPub.Relay
  11   alias Pleroma.Web.ActivityPub.Utils
  12   alias Pleroma.Web.Federator
  13
  14   require Logger
  15
  16   action_fallback(:errors)
  17
  18   plug(Pleroma.Web.FederatingPlug when action in [:inbox, :relay])
  19   plug(:relay_active? when action in [:relay])
  20
  21   def relay_active?(conn, _) do
  22     if Keyword.get(Application.get_env(:pleroma, :instance), :allow_relay) do
  23       conn
  24     else
  25       conn
  26       |> put_status(404)
  27       |> json(%{error: "not found"})
  28       |> halt
  29     end
  30   end
  31
  32   def user(conn, %{"nickname" => nickname}) do
  33     with %User{} = user <- User.get_cached_by_nickname(nickname),
  34          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  35       conn
  36       |> put_resp_header("content-type", "application/activity+json")
  37       |> json(UserView.render("user.json", %{user: user}))
  38     else
  39       nil -> {:error, :not_found}
  40     end
  41   end
  42
  43   def object(conn, %{"uuid" => uuid}) do
  44     with ap_id <- o_status_url(conn, :object, uuid),
  45          %Object{} = object <- Object.get_cached_by_ap_id(ap_id),
  46          {_, true} <- {:public?, ActivityPub.is_public?(object)} do
  47       conn
  48       |> put_resp_header("content-type", "application/activity+json")
  49       |> json(ObjectView.render("object.json", %{object: object}))
  50     else
  51       {:public?, false} ->
  52         {:error, :not_found}
  53     end
  54   end
  55
  56   def following(conn, %{"nickname" => nickname, "page" => page}) do
  57     with %User{} = user <- User.get_cached_by_nickname(nickname),
  58          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  59       {page, _} = Integer.parse(page)
  60
  61       conn
  62       |> put_resp_header("content-type", "application/activity+json")
  63       |> json(UserView.render("following.json", %{user: user, page: page}))
  64     end
  65   end
  66
  67   def following(conn, %{"nickname" => nickname}) do
  68     with %User{} = user <- User.get_cached_by_nickname(nickname),
  69          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  70       conn
  71       |> put_resp_header("content-type", "application/activity+json")
  72       |> json(UserView.render("following.json", %{user: user}))
  73     end
  74   end
  75
  76   def followers(conn, %{"nickname" => nickname, "page" => page}) do
  77     with %User{} = user <- User.get_cached_by_nickname(nickname),
  78          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  79       {page, _} = Integer.parse(page)
  80
  81       conn
  82       |> put_resp_header("content-type", "application/activity+json")
  83       |> json(UserView.render("followers.json", %{user: user, page: page}))
  84     end
  85   end
  86
  87   def followers(conn, %{"nickname" => nickname}) do
  88     with %User{} = user <- User.get_cached_by_nickname(nickname),
  89          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  90       conn
  91       |> put_resp_header("content-type", "application/activity+json")
  92       |> json(UserView.render("followers.json", %{user: user}))
  93     end
  94   end
  95
  96   def outbox(conn, %{"nickname" => nickname} = params) do
  97     with %User{} = user <- User.get_cached_by_nickname(nickname),
  98          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
  99       conn
 100       |> put_resp_header("content-type", "application/activity+json")
 101       |> json(UserView.render("outbox.json", %{user: user, max_id: params["max_id"]}))
 102     end
 103   end
 104
 105   def inbox(%{assigns: %{valid_signature: true}} = conn, %{"nickname" => nickname} = params) do
 106     with %User{} = user <- User.get_cached_by_nickname(nickname),
 107          true <- Utils.recipient_in_message(user.ap_id, params),
 108          params <- Utils.maybe_splice_recipient(user.ap_id, params) do
 109       Federator.enqueue(:incoming_ap_doc, params)
 110       json(conn, "ok")
 111     end
 112   end
 113
 114   def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
 115     Federator.enqueue(:incoming_ap_doc, params)
 116     json(conn, "ok")
 117   end
 118
 119   # only accept relayed Creates
 120   def inbox(conn, %{"type" => "Create"} = params) do
 121     Logger.info(
 122       "Signature missing or not from author, relayed Create message, fetching object from source"
 123     )
 124
 125     ActivityPub.fetch_object_from_id(params["object"]["id"])
 126
 127     json(conn, "ok")
 128   end
 129
 130   def inbox(conn, params) do
 131     headers = Enum.into(conn.req_headers, %{})
 132
 133     if String.contains?(headers["signature"], params["actor"]) do
 134       Logger.info(
 135         "Signature validation error for: #{params["actor"]}, make sure you are forwarding the HTTP Host header!"
 136       )
 137
 138       Logger.info(inspect(conn.req_headers))
 139     end
 140
 141     json(conn, "error")
 142   end
 143
 144   def relay(conn, _params) do
 145     with %User{} = user <- Relay.get_actor(),
 146          {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
 147       conn
 148       |> put_resp_header("content-type", "application/activity+json")
 149       |> json(UserView.render("user.json", %{user: user}))
 150     else
 151       nil -> {:error, :not_found}
 152     end
 153   end
 154
 155   def read_inbox(%{assigns: %{user: user}} = conn, %{"nickname" => nickname} = params) do
 156     if nickname == user.nickname do
 157       Logger.info("read inbox #{inspect(params)}")
 158
 159       conn
 160       |> put_resp_header("content-type", "application/activity+json")
 161       |> json("ok!")
 162     else
 163       conn
 164       |> put_status(:forbidden)
 165       |> json("can't read inbox of #{nickname} as #{user.nickname}")
 166     end
 167   end
 168
 169   def update_outbox(%{assigns: %{user: user}} = conn, %{"nickname" => nickname} = params) do
 170     if nickname == user.nickname do
 171       Logger.info("update outbox #{inspect(params)}")
 172
 173       conn
 174       |> put_status(:created)
 175       |> json("ok!")
 176     else
 177       conn
 178       |> put_status(:forbidden)
 179       |> json("can't update outbox of #{nickname} as #{user.nickname}")
 180     end
 181   end
 182
 183   def errors(conn, {:error, :not_found}) do
 184     conn
 185     |> put_status(404)
 186     |> json("Not found")
 187   end
 188
 189   def errors(conn, _e) do
 190     conn
 191     |> put_status(500)
 192     |> json("error")
 193   end
 194 end