Merge remote-tracking branch 'pleroma/develop' into cycles-streaming
[akkoma] / lib / pleroma / web / activity_pub / object_validators / undo_validator.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.ActivityPub.ObjectValidators.UndoValidator do
6 use Ecto.Schema
7
8 alias Pleroma.Activity
9 alias Pleroma.EctoType.ActivityPub.ObjectValidators
10
11 import Ecto.Changeset
12 import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
13
14 @primary_key false
15
16 embedded_schema do
17 field(:id, ObjectValidators.ObjectID, primary_key: true)
18 field(:type, :string)
19 field(:object, ObjectValidators.ObjectID)
20 field(:actor, ObjectValidators.ObjectID)
21 field(:to, ObjectValidators.Recipients, default: [])
22 field(:cc, ObjectValidators.Recipients, default: [])
23 end
24
25 def cast_and_validate(data) do
26 data
27 |> cast_data()
28 |> validate_data()
29 end
30
31 def cast_data(data) do
32 %__MODULE__{}
33 |> changeset(data)
34 end
35
36 def changeset(struct, data) do
37 struct
38 |> cast(data, __schema__(:fields))
39 end
40
41 defp validate_data(data_cng) do
42 data_cng
43 |> validate_inclusion(:type, ["Undo"])
44 |> validate_required([:id, :type, :object, :actor, :to, :cc])
45 |> validate_actor_presence()
46 |> validate_object_presence()
47 |> validate_undo_rights()
48 end
49
50 def validate_undo_rights(cng) do
51 actor = get_field(cng, :actor)
52 object = get_field(cng, :object)
53
54 with %Activity{data: %{"actor" => object_actor}} <- Activity.get_by_ap_id(object),
55 true <- object_actor != actor do
56 cng
57 |> add_error(:actor, "not the same as object actor")
58 else
59 _ -> cng
60 end
61 end
62 end