@instance Application.get_env(:pleroma, :instance)
- def get_recipients(data) do
- (data["to"] || []) ++ (data["cc"] || [])
+ # For Announce activities, we filter the recipients based on following status for any actors
+ # that match actual users. See issue #164 for more information about why this is necessary.
+ defp get_recipients(%{"type" => "Announce"} = data) do
+ to = data["to"] || []
+ cc = data["cc"] || []
+ recipients = to ++ cc
+ actor = User.get_cached_by_ap_id(data["actor"])
+
+ recipients
+ |> Enum.filter(fn recipient ->
+ case User.get_cached_by_ap_id(recipient) do
+ nil ->
+ true
+
+ user ->
+ User.following?(user, actor)
+ end
+ end)
+
+ {recipients, to, cc}
+ end
+
+ defp get_recipients(data) do
+ to = data["to"] || []
+ cc = data["cc"] || []
+ recipients = to ++ cc
+ {recipients, to, cc}
end
defp check_actor_is_active(actor) do
end
def insert(map, local \\ true) when is_map(map) do
- with nil <- Activity.get_by_ap_id(map["id"]),
+ with nil <- Activity.normalize(map),
map <- lazy_put_activity_defaults(map),
:ok <- check_actor_is_active(map["actor"]),
{:ok, map} <- MRF.filter(map),
:ok <- insert_full_object(map) do
+ {recipients, _, _} = get_recipients(map)
+
{:ok, activity} =
Repo.insert(%Activity{
data: map,
local: local,
actor: map["actor"],
- recipients: get_recipients(map)
+ recipients: recipients
})
Notification.create_notifications(activity)
defp restrict_tag(query, _), do: query
+ defp restrict_to_cc(query, recipients_to, recipients_cc) do
+ from(
+ activity in query,
+ where:
+ fragment(
+ "(?->'to' \\?| ?) or (?->'cc' \\?| ?)",
+ activity.data,
+ ^recipients_to,
+ activity.data,
+ ^recipients_cc
+ )
+ )
+ end
+
defp restrict_recipients(query, [], _user), do: query
defp restrict_recipients(query, recipients, nil) do
|> Enum.reverse()
end
+ def fetch_activities_bounded(recipients_to, recipients_cc, opts \\ %{}) do
+ fetch_activities_query([], opts)
+ |> restrict_to_cc(recipients_to, recipients_cc)
+ |> Repo.all()
+ |> Enum.reverse()
+ end
+
def upload(file) do
data = Upload.store(file, Application.get_env(:pleroma, :instance)[:dedupe_media])
Repo.insert(%Object{data: data})
"locked" => locked
},
avatar: avatar,
- nickname: "#{data["preferredUsername"]}@#{URI.parse(data["id"]).host}",
name: data["name"],
follower_address: data["followers"],
bio: data["summary"]
}
+ # nickname can be nil because of virtual actors
+ user_data =
+ if data["preferredUsername"] do
+ Map.put(
+ user_data,
+ :nickname,
+ "#{data["preferredUsername"]}@#{URI.parse(data["id"]).host}"
+ )
+ else
+ Map.put(user_data, :nickname, nil)
+ end
+
{:ok, user_data}
end
def fetch_and_prepare_user_from_ap_id(ap_id) do
with {:ok, %{status_code: 200, body: body}} <-
- @httpoison.get(ap_id, Accept: "application/activity+json"),
+ @httpoison.get(ap_id, [Accept: "application/activity+json"], follow_redirect: true),
{:ok, data} <- Jason.decode(body) do
user_data_from_user_object(data)
else
Logger.info("Federating #{id} to #{inbox}")
host = URI.parse(inbox).host
+ digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64())
+
signature =
- Pleroma.Web.HTTPSignatures.sign(actor, %{host: host, "content-length": byte_size(json)})
+ Pleroma.Web.HTTPSignatures.sign(actor, %{
+ host: host,
+ "content-length": byte_size(json),
+ digest: digest
+ })
@httpoison.post(
inbox,
json,
- [{"Content-Type", "application/activity+json"}, {"signature", signature}],
+ [
+ {"Content-Type", "application/activity+json"},
+ {"signature", signature},
+ {"digest", digest}
+ ],
hackney: [pool: :default]
)
end