add allow_followersonly and allow_direct options for configuring mrf_rejectnonpublic

[akkoma] / lib / pleroma / web / activity_pub / activity_pub.ex

diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index 1a1bfbffd138547ce301575c08a1a9e81ea1b36a..75a71da98bb85f25e91d1fafc0b986d81599f86e 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -53,15 +53,24 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
   end
 
   def stream_out(activity) do
+    public = "https://www.w3.org/ns/activitystreams#Public"
+
     if activity.data["type"] in ["Create", "Announce"] do
       Pleroma.Web.Streamer.stream("user", activity)
 
-      if Enum.member?(activity.data["to"], "https://www.w3.org/ns/activitystreams#Public") do
+      if Enum.member?(activity.data["to"], public) do
         Pleroma.Web.Streamer.stream("public", activity)
 
         if activity.local do
           Pleroma.Web.Streamer.stream("public:local", activity)
         end
+      else
+        if !Enum.member?(activity.data["cc"] || [], public) &&
+             !Enum.member?(
+               activity.data["to"],
+               User.get_by_ap_id(activity.data["actor"]).follower_address
+             ),
+           do: Pleroma.Web.Streamer.stream("direct", activity)
       end
     end
   end
@@ -293,6 +302,32 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     |> Enum.reverse()
   end
 
+  @valid_visibilities ~w[direct unlisted public private]
+
+  defp restrict_visibility(query, %{visibility: "direct"}) do
+    public = "https://www.w3.org/ns/activitystreams#Public"
+
+    from(
+      activity in query,
+      join: sender in User,
+      on: sender.ap_id == activity.actor,
+      # Are non-direct statuses with no to/cc possible?
+      where:
+        fragment(
+          "not (? && ?)",
+          [^public, sender.follower_address],
+          activity.recipients
+        )
+    )
+  end
+
+  defp restrict_visibility(_query, %{visibility: visibility})
+       when visibility not in @valid_visibilities do
+    Logger.error("Could not restrict visibility to #{visibility}")
+  end
+
+  defp restrict_visibility(query, _visibility), do: query
+
   def fetch_user_activities(user, reading_user, params \\ %{}) do
     params =
       params
@@ -447,6 +482,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     |> restrict_recent(opts)
     |> restrict_blocked(opts)
     |> restrict_media(opts)
+    |> restrict_visibility(opts)
   end
 
   def fetch_activities(recipients, opts \\ %{}) do
@@ -526,6 +562,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     end
   end
 
+  @quarantined_instances Keyword.get(@instance, :quarantined_instances, [])
+
+  def should_federate?(inbox, public) do
+    if public do
+      true
+    else
+      inbox_info = URI.parse(inbox)
+      inbox_info.host not in @quarantined_instances
+    end
+  end
+
   def publish(actor, activity) do
     followers =
       if actor.follower_address in activity.recipients do
@@ -535,6 +582,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
         []
       end
 
+    public = is_public?(activity)
+
     remote_inboxes =
       (Pleroma.Web.Salmon.remote_users(activity) ++ followers)
       |> Enum.filter(fn user -> User.ap_enabled?(user) end)
@@ -542,6 +591,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
         (data["endpoints"] && data["endpoints"]["sharedInbox"]) || data["inbox"]
       end)
       |> Enum.uniq()
+      |> Enum.filter(fn inbox -> should_federate?(inbox, public) end)
 
     {:ok, data} = Transmogrifier.prepare_outgoing(activity.data)
     json = Jason.encode!(data)