git.squeep.com Git - akkoma/blob - lib/pleroma/web/activity_pub/object_validators/accept_reject_validator.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptRejectValidator do
   6   use Ecto.Schema
   7
   8   alias Pleroma.Activity
   9   alias Pleroma.User
  10
  11   import Ecto.Changeset
  12   import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
  13
  14   @primary_key false
  15
  16   embedded_schema do
  17     quote do
  18       unquote do
  19         import Elixir.Pleroma.Web.ActivityPub.ObjectValidators.CommonFields
  20         message_fields()
  21         activity_fields()
  22       end
  23     end
  24   end
  25
  26   def cast_data(data) do
  27     %__MODULE__{}
  28     |> cast(data, __schema__(:fields))
  29   end
  30
  31   defp validate_data(cng) do
  32     cng
  33     |> validate_required([:type, :actor, :to, :cc, :object])
  34     |> validate_inclusion(:type, ["Accept", "Reject"])
  35     |> validate_actor_presence()
  36     |> validate_object_presence(allowed_types: ["Follow"])
  37     |> validate_accept_reject_rights()
  38   end
  39
  40   def cast_and_validate(data) do
  41     data
  42     |> maybe_fetch_object()
  43     |> cast_data
  44     |> validate_data
  45   end
  46
  47   def validate_accept_reject_rights(cng) do
  48     with object_id when is_binary(object_id) <- get_field(cng, :object),
  49          %Activity{data: %{"object" => followed_actor}} <- Activity.get_by_ap_id(object_id),
  50          true <- followed_actor == get_field(cng, :actor) do
  51       cng
  52     else
  53       _e ->
  54         cng
  55         |> add_error(:actor, "can't accept or reject the given activity")
  56     end
  57   end
  58
  59   defp maybe_fetch_object(%{"object" => %{} = object} = activity) do
  60     # If we don't have an ID, we may have to fetch the object
  61     if Map.has_key?(object, "id") do
  62       # Do nothing
  63       activity
  64     else
  65       Map.put(activity, "object", fetch_transient_object(object))
  66     end
  67   end
  68
  69   defp maybe_fetch_object(activity), do: activity
  70
  71   defp fetch_transient_object(
  72          %{"actor" => actor, "object" => target, "type" => "Follow"} = object
  73        ) do
  74     with %User{} = actor <- User.get_cached_by_ap_id(actor),
  75          %User{local: true} = target <- User.get_cached_by_ap_id(target),
  76          %Activity{} = activity <- Activity.follow_activity(actor, target) do
  77       activity.data
  78     else
  79       _e ->
  80         object
  81     end
  82   end
  83
  84   defp fetch_transient_object(_), do: {:error, "not a supported transient object"}
  85 end