1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
9 alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
12 clear_config(:mrf_simple,
15 federated_timeline_removal: [],
23 describe "when :media_removal" do
25 Config.put([:mrf_simple, :media_removal], [])
26 media_message = build_media_message()
27 local_message = build_local_message()
29 assert SimplePolicy.filter(media_message) == {:ok, media_message}
30 assert SimplePolicy.filter(local_message) == {:ok, local_message}
33 test "has a matching host" do
34 Config.put([:mrf_simple, :media_removal], ["remote.instance"])
35 media_message = build_media_message()
36 local_message = build_local_message()
38 assert SimplePolicy.filter(media_message) ==
41 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
43 assert SimplePolicy.filter(local_message) == {:ok, local_message}
46 test "match with wildcard domain" do
47 Config.put([:mrf_simple, :media_removal], ["*.remote.instance"])
48 media_message = build_media_message()
49 local_message = build_local_message()
51 assert SimplePolicy.filter(media_message) ==
54 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
56 assert SimplePolicy.filter(local_message) == {:ok, local_message}
60 describe "when :media_nsfw" do
62 Config.put([:mrf_simple, :media_nsfw], [])
63 media_message = build_media_message()
64 local_message = build_local_message()
66 assert SimplePolicy.filter(media_message) == {:ok, media_message}
67 assert SimplePolicy.filter(local_message) == {:ok, local_message}
70 test "has a matching host" do
71 Config.put([:mrf_simple, :media_nsfw], ["remote.instance"])
72 media_message = build_media_message()
73 local_message = build_local_message()
75 assert SimplePolicy.filter(media_message) ==
78 |> put_in(["object", "tag"], ["foo", "nsfw"])
79 |> put_in(["object", "sensitive"], true)}
81 assert SimplePolicy.filter(local_message) == {:ok, local_message}
84 test "match with wildcard domain" do
85 Config.put([:mrf_simple, :media_nsfw], ["*.remote.instance"])
86 media_message = build_media_message()
87 local_message = build_local_message()
89 assert SimplePolicy.filter(media_message) ==
92 |> put_in(["object", "tag"], ["foo", "nsfw"])
93 |> put_in(["object", "sensitive"], true)}
95 assert SimplePolicy.filter(local_message) == {:ok, local_message}
99 defp build_media_message do
101 "actor" => "https://remote.instance/users/bob",
104 "attachment" => [%{}],
111 describe "when :report_removal" do
113 Config.put([:mrf_simple, :report_removal], [])
114 report_message = build_report_message()
115 local_message = build_local_message()
117 assert SimplePolicy.filter(report_message) == {:ok, report_message}
118 assert SimplePolicy.filter(local_message) == {:ok, local_message}
121 test "has a matching host" do
122 Config.put([:mrf_simple, :report_removal], ["remote.instance"])
123 report_message = build_report_message()
124 local_message = build_local_message()
126 assert SimplePolicy.filter(report_message) == {:reject, nil}
127 assert SimplePolicy.filter(local_message) == {:ok, local_message}
130 test "match with wildcard domain" do
131 Config.put([:mrf_simple, :report_removal], ["*.remote.instance"])
132 report_message = build_report_message()
133 local_message = build_local_message()
135 assert SimplePolicy.filter(report_message) == {:reject, nil}
136 assert SimplePolicy.filter(local_message) == {:ok, local_message}
140 defp build_report_message do
142 "actor" => "https://remote.instance/users/bob",
147 describe "when :federated_timeline_removal" do
149 Config.put([:mrf_simple, :federated_timeline_removal], [])
150 {_, ftl_message} = build_ftl_actor_and_message()
151 local_message = build_local_message()
153 assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
154 assert SimplePolicy.filter(local_message) == {:ok, local_message}
157 test "has a matching host" do
158 {actor, ftl_message} = build_ftl_actor_and_message()
160 ftl_message_actor_host =
162 |> Map.fetch!("actor")
166 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
167 local_message = build_local_message()
169 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
170 assert actor.follower_address in ftl_message["to"]
171 refute actor.follower_address in ftl_message["cc"]
172 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
173 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
175 assert SimplePolicy.filter(local_message) == {:ok, local_message}
178 test "match with wildcard domain" do
179 {actor, ftl_message} = build_ftl_actor_and_message()
181 ftl_message_actor_host =
183 |> Map.fetch!("actor")
187 Config.put([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
188 local_message = build_local_message()
190 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
191 assert actor.follower_address in ftl_message["to"]
192 refute actor.follower_address in ftl_message["cc"]
193 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
194 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
196 assert SimplePolicy.filter(local_message) == {:ok, local_message}
199 test "has a matching host but only as:Public in to" do
200 {_actor, ftl_message} = build_ftl_actor_and_message()
202 ftl_message_actor_host =
204 |> Map.fetch!("actor")
208 ftl_message = Map.put(ftl_message, "cc", [])
210 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
212 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
213 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
214 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
218 defp build_ftl_actor_and_message do
219 actor = insert(:user)
223 "actor" => actor.ap_id,
224 "to" => ["https://www.w3.org/ns/activitystreams#Public", "http://foo.bar/baz"],
225 "cc" => [actor.follower_address, "http://foo.bar/qux"]
229 describe "when :reject" do
231 Config.put([:mrf_simple, :reject], [])
233 remote_message = build_remote_message()
235 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
238 test "activity has a matching host" do
239 Config.put([:mrf_simple, :reject], ["remote.instance"])
241 remote_message = build_remote_message()
243 assert SimplePolicy.filter(remote_message) == {:reject, nil}
246 test "activity matches with wildcard domain" do
247 Config.put([:mrf_simple, :reject], ["*.remote.instance"])
249 remote_message = build_remote_message()
251 assert SimplePolicy.filter(remote_message) == {:reject, nil}
254 test "actor has a matching host" do
255 Config.put([:mrf_simple, :reject], ["remote.instance"])
257 remote_user = build_remote_user()
259 assert SimplePolicy.filter(remote_user) == {:reject, nil}
262 test "always accept deletions" do
263 Config.put([:mrf_simple, :reject], ["remote.instance"])
265 deletion_message = build_remote_deletion_message()
267 assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
271 describe "when :accept" do
273 Config.put([:mrf_simple, :accept], [])
275 local_message = build_local_message()
276 remote_message = build_remote_message()
278 assert SimplePolicy.filter(local_message) == {:ok, local_message}
279 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
282 test "is not empty but activity doesn't have a matching host" do
283 Config.put([:mrf_simple, :accept], ["non.matching.remote"])
285 local_message = build_local_message()
286 remote_message = build_remote_message()
288 assert SimplePolicy.filter(local_message) == {:ok, local_message}
289 assert SimplePolicy.filter(remote_message) == {:reject, nil}
292 test "activity has a matching host" do
293 Config.put([:mrf_simple, :accept], ["remote.instance"])
295 local_message = build_local_message()
296 remote_message = build_remote_message()
298 assert SimplePolicy.filter(local_message) == {:ok, local_message}
299 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
302 test "activity matches with wildcard domain" do
303 Config.put([:mrf_simple, :accept], ["*.remote.instance"])
305 local_message = build_local_message()
306 remote_message = build_remote_message()
308 assert SimplePolicy.filter(local_message) == {:ok, local_message}
309 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
312 test "actor has a matching host" do
313 Config.put([:mrf_simple, :accept], ["remote.instance"])
315 remote_user = build_remote_user()
317 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
320 test "always accept deletions" do
321 Config.put([:mrf_simple, :accept], ["non.matching.remote"])
323 deletion_message = build_remote_deletion_message()
325 assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
329 describe "when :avatar_removal" do
331 Config.put([:mrf_simple, :avatar_removal], [])
333 remote_user = build_remote_user()
335 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
338 test "is not empty but it doesn't have a matching host" do
339 Config.put([:mrf_simple, :avatar_removal], ["non.matching.remote"])
341 remote_user = build_remote_user()
343 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
346 test "has a matching host" do
347 Config.put([:mrf_simple, :avatar_removal], ["remote.instance"])
349 remote_user = build_remote_user()
350 {:ok, filtered} = SimplePolicy.filter(remote_user)
352 refute filtered["icon"]
355 test "match with wildcard domain" do
356 Config.put([:mrf_simple, :avatar_removal], ["*.remote.instance"])
358 remote_user = build_remote_user()
359 {:ok, filtered} = SimplePolicy.filter(remote_user)
361 refute filtered["icon"]
365 describe "when :banner_removal" do
367 Config.put([:mrf_simple, :banner_removal], [])
369 remote_user = build_remote_user()
371 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
374 test "is not empty but it doesn't have a matching host" do
375 Config.put([:mrf_simple, :banner_removal], ["non.matching.remote"])
377 remote_user = build_remote_user()
379 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
382 test "has a matching host" do
383 Config.put([:mrf_simple, :banner_removal], ["remote.instance"])
385 remote_user = build_remote_user()
386 {:ok, filtered} = SimplePolicy.filter(remote_user)
388 refute filtered["image"]
391 test "match with wildcard domain" do
392 Config.put([:mrf_simple, :banner_removal], ["*.remote.instance"])
394 remote_user = build_remote_user()
395 {:ok, filtered} = SimplePolicy.filter(remote_user)
397 refute filtered["image"]
401 defp build_local_message do
403 "actor" => "#{Pleroma.Web.base_url()}/users/alice",
409 defp build_remote_message do
410 %{"actor" => "https://remote.instance/users/bob"}
413 defp build_remote_user do
415 "id" => "https://remote.instance/users/bob",
417 "url" => "http://example.com/image.jpg",
421 "url" => "http://example.com/image.jpg",
428 defp build_remote_deletion_message do
431 "actor" => "https://remote.instance/users/bob"