1 # Pleroma: A lightweight social networking server
2 # Copyright © 2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
9 alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
11 clear_config(:mrf_simple,
14 federated_timeline_removal: [],
22 describe "when :media_removal" do
24 Config.put([:mrf_simple, :media_removal], [])
25 media_message = build_media_message()
26 local_message = build_local_message()
28 assert SimplePolicy.filter(media_message) == {:ok, media_message}
29 assert SimplePolicy.filter(local_message) == {:ok, local_message}
32 test "has a matching host" do
33 Config.put([:mrf_simple, :media_removal], ["remote.instance"])
34 media_message = build_media_message()
35 local_message = build_local_message()
37 assert SimplePolicy.filter(media_message) ==
40 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
42 assert SimplePolicy.filter(local_message) == {:ok, local_message}
45 test "match with wildcard domain" do
46 Config.put([:mrf_simple, :media_removal], ["*.remote.instance"])
47 media_message = build_media_message()
48 local_message = build_local_message()
50 assert SimplePolicy.filter(media_message) ==
53 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
55 assert SimplePolicy.filter(local_message) == {:ok, local_message}
59 describe "when :media_nsfw" do
61 Config.put([:mrf_simple, :media_nsfw], [])
62 media_message = build_media_message()
63 local_message = build_local_message()
65 assert SimplePolicy.filter(media_message) == {:ok, media_message}
66 assert SimplePolicy.filter(local_message) == {:ok, local_message}
69 test "has a matching host" do
70 Config.put([:mrf_simple, :media_nsfw], ["remote.instance"])
71 media_message = build_media_message()
72 local_message = build_local_message()
74 assert SimplePolicy.filter(media_message) ==
77 |> put_in(["object", "tag"], ["foo", "nsfw"])
78 |> put_in(["object", "sensitive"], true)}
80 assert SimplePolicy.filter(local_message) == {:ok, local_message}
83 test "match with wildcard domain" do
84 Config.put([:mrf_simple, :media_nsfw], ["*.remote.instance"])
85 media_message = build_media_message()
86 local_message = build_local_message()
88 assert SimplePolicy.filter(media_message) ==
91 |> put_in(["object", "tag"], ["foo", "nsfw"])
92 |> put_in(["object", "sensitive"], true)}
94 assert SimplePolicy.filter(local_message) == {:ok, local_message}
98 defp build_media_message do
100 "actor" => "https://remote.instance/users/bob",
103 "attachment" => [%{}],
110 describe "when :report_removal" do
112 Config.put([:mrf_simple, :report_removal], [])
113 report_message = build_report_message()
114 local_message = build_local_message()
116 assert SimplePolicy.filter(report_message) == {:ok, report_message}
117 assert SimplePolicy.filter(local_message) == {:ok, local_message}
120 test "has a matching host" do
121 Config.put([:mrf_simple, :report_removal], ["remote.instance"])
122 report_message = build_report_message()
123 local_message = build_local_message()
125 assert SimplePolicy.filter(report_message) == {:reject, nil}
126 assert SimplePolicy.filter(local_message) == {:ok, local_message}
129 test "match with wildcard domain" do
130 Config.put([:mrf_simple, :report_removal], ["*.remote.instance"])
131 report_message = build_report_message()
132 local_message = build_local_message()
134 assert SimplePolicy.filter(report_message) == {:reject, nil}
135 assert SimplePolicy.filter(local_message) == {:ok, local_message}
139 defp build_report_message do
141 "actor" => "https://remote.instance/users/bob",
146 describe "when :federated_timeline_removal" do
148 Config.put([:mrf_simple, :federated_timeline_removal], [])
149 {_, ftl_message} = build_ftl_actor_and_message()
150 local_message = build_local_message()
152 assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
153 assert SimplePolicy.filter(local_message) == {:ok, local_message}
156 test "has a matching host" do
157 {actor, ftl_message} = build_ftl_actor_and_message()
159 ftl_message_actor_host =
161 |> Map.fetch!("actor")
165 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
166 local_message = build_local_message()
168 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
169 assert actor.follower_address in ftl_message["to"]
170 refute actor.follower_address in ftl_message["cc"]
171 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
172 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
174 assert SimplePolicy.filter(local_message) == {:ok, local_message}
177 test "match with wildcard domain" do
178 {actor, ftl_message} = build_ftl_actor_and_message()
180 ftl_message_actor_host =
182 |> Map.fetch!("actor")
186 Config.put([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
187 local_message = build_local_message()
189 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
190 assert actor.follower_address in ftl_message["to"]
191 refute actor.follower_address in ftl_message["cc"]
192 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
193 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
195 assert SimplePolicy.filter(local_message) == {:ok, local_message}
198 test "has a matching host but only as:Public in to" do
199 {_actor, ftl_message} = build_ftl_actor_and_message()
201 ftl_message_actor_host =
203 |> Map.fetch!("actor")
207 ftl_message = Map.put(ftl_message, "cc", [])
209 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
211 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
212 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
213 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
217 defp build_ftl_actor_and_message do
218 actor = insert(:user)
222 "actor" => actor.ap_id,
223 "to" => ["https://www.w3.org/ns/activitystreams#Public", "http://foo.bar/baz"],
224 "cc" => [actor.follower_address, "http://foo.bar/qux"]
228 describe "when :reject" do
230 Config.put([:mrf_simple, :reject], [])
232 remote_message = build_remote_message()
234 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
237 test "activity has a matching host" do
238 Config.put([:mrf_simple, :reject], ["remote.instance"])
240 remote_message = build_remote_message()
242 assert SimplePolicy.filter(remote_message) == {:reject, nil}
245 test "activity matches with wildcard domain" do
246 Config.put([:mrf_simple, :reject], ["*.remote.instance"])
248 remote_message = build_remote_message()
250 assert SimplePolicy.filter(remote_message) == {:reject, nil}
253 test "actor has a matching host" do
254 Config.put([:mrf_simple, :reject], ["remote.instance"])
256 remote_user = build_remote_user()
258 assert SimplePolicy.filter(remote_user) == {:reject, nil}
262 describe "when :accept" do
264 Config.put([:mrf_simple, :accept], [])
266 local_message = build_local_message()
267 remote_message = build_remote_message()
269 assert SimplePolicy.filter(local_message) == {:ok, local_message}
270 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
273 test "is not empty but activity doesn't have a matching host" do
274 Config.put([:mrf_simple, :accept], ["non.matching.remote"])
276 local_message = build_local_message()
277 remote_message = build_remote_message()
279 assert SimplePolicy.filter(local_message) == {:ok, local_message}
280 assert SimplePolicy.filter(remote_message) == {:reject, nil}
283 test "activity has a matching host" do
284 Config.put([:mrf_simple, :accept], ["remote.instance"])
286 local_message = build_local_message()
287 remote_message = build_remote_message()
289 assert SimplePolicy.filter(local_message) == {:ok, local_message}
290 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
293 test "activity matches with wildcard domain" do
294 Config.put([:mrf_simple, :accept], ["*.remote.instance"])
296 local_message = build_local_message()
297 remote_message = build_remote_message()
299 assert SimplePolicy.filter(local_message) == {:ok, local_message}
300 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
303 test "actor has a matching host" do
304 Config.put([:mrf_simple, :accept], ["remote.instance"])
306 remote_user = build_remote_user()
308 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
312 describe "when :avatar_removal" do
314 Config.put([:mrf_simple, :avatar_removal], [])
316 remote_user = build_remote_user()
318 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
321 test "is not empty but it doesn't have a matching host" do
322 Config.put([:mrf_simple, :avatar_removal], ["non.matching.remote"])
324 remote_user = build_remote_user()
326 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
329 test "has a matching host" do
330 Config.put([:mrf_simple, :avatar_removal], ["remote.instance"])
332 remote_user = build_remote_user()
333 {:ok, filtered} = SimplePolicy.filter(remote_user)
335 refute filtered["icon"]
338 test "match with wildcard domain" do
339 Config.put([:mrf_simple, :avatar_removal], ["*.remote.instance"])
341 remote_user = build_remote_user()
342 {:ok, filtered} = SimplePolicy.filter(remote_user)
344 refute filtered["icon"]
348 describe "when :banner_removal" do
350 Config.put([:mrf_simple, :banner_removal], [])
352 remote_user = build_remote_user()
354 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
357 test "is not empty but it doesn't have a matching host" do
358 Config.put([:mrf_simple, :banner_removal], ["non.matching.remote"])
360 remote_user = build_remote_user()
362 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
365 test "has a matching host" do
366 Config.put([:mrf_simple, :banner_removal], ["remote.instance"])
368 remote_user = build_remote_user()
369 {:ok, filtered} = SimplePolicy.filter(remote_user)
371 refute filtered["image"]
374 test "match with wildcard domain" do
375 Config.put([:mrf_simple, :banner_removal], ["*.remote.instance"])
377 remote_user = build_remote_user()
378 {:ok, filtered} = SimplePolicy.filter(remote_user)
380 refute filtered["image"]
384 defp build_local_message do
386 "actor" => "#{Pleroma.Web.base_url()}/users/alice",
392 defp build_remote_message do
393 %{"actor" => "https://remote.instance/users/bob"}
396 defp build_remote_user do
398 "id" => "https://remote.instance/users/bob",
400 "url" => "http://example.com/image.jpg",
404 "url" => "http://example.com/image.jpg",