+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.OStatus.OStatusController do
use Pleroma.Web, :controller
- alias Pleroma.{User, Activity}
+ alias Pleroma.{User, Activity, Object}
alias Pleroma.Web.OStatus.{FeedRepresenter, ActivityRepresenter}
alias Pleroma.Repo
alias Pleroma.Web.{OStatus, Federator}
alias Pleroma.Web.XML
+ alias Pleroma.Web.ActivityPub.ObjectView
alias Pleroma.Web.ActivityPub.ActivityPubController
alias Pleroma.Web.ActivityPub.ActivityPub
- def feed_redirect(conn, %{"nickname" => nickname} = params) do
- user = User.get_cached_by_nickname(nickname)
+ plug(Pleroma.Web.FederatingPlug when action in [:salmon_incoming])
+ action_fallback(:errors)
+ def feed_redirect(conn, %{"nickname" => nickname}) do
case get_format(conn) do
- "html" -> Fallback.RedirectController.redirector(conn, nil)
- "activity+json" -> ActivityPubController.user(conn, params)
- _ -> redirect(conn, external: OStatus.feed_path(user))
+ "html" ->
+ Fallback.RedirectController.redirector(conn, nil)
+
+ "activity+json" ->
+ ActivityPubController.call(conn, :user)
+
+ _ ->
+ with %User{} = user <- User.get_cached_by_nickname(nickname) do
+ redirect(conn, external: OStatus.feed_path(user))
+ else
+ nil -> {:error, :not_found}
+ end
end
end
def feed(conn, %{"nickname" => nickname} = params) do
- user = User.get_cached_by_nickname(nickname)
-
- query_params =
- Map.take(params, ["max_id"])
- |> Map.merge(%{"whole_db" => true, "actor_id" => user.ap_id})
-
- activities =
- ActivityPub.fetch_public_activities(query_params)
- |> Enum.reverse()
-
- response =
- user
- |> FeedRepresenter.to_simple_form(activities, [user])
- |> :xmerl.export_simple(:xmerl_xml)
- |> to_string
-
- conn
- |> put_resp_content_type("application/atom+xml")
- |> send_resp(200, response)
+ with %User{} = user <- User.get_cached_by_nickname(nickname) do
+ query_params =
+ Map.take(params, ["max_id"])
+ |> Map.merge(%{"whole_db" => true, "actor_id" => user.ap_id})
+
+ activities =
+ ActivityPub.fetch_public_activities(query_params)
+ |> Enum.reverse()
+
+ response =
+ user
+ |> FeedRepresenter.to_simple_form(activities, [user])
+ |> :xmerl.export_simple(:xmerl_xml)
+ |> to_string
+
+ conn
+ |> put_resp_content_type("application/atom+xml")
+ |> send_resp(200, response)
+ else
+ nil -> {:error, :not_found}
+ end
end
defp decode_or_retry(body) do
|> send_resp(200, "")
end
- # TODO: Data leak
- def object(conn, %{"uuid" => uuid} = params) do
+ def object(conn, %{"uuid" => uuid}) do
if get_format(conn) == "activity+json" do
- ActivityPubController.object(conn, params)
+ ActivityPubController.call(conn, :object)
else
with id <- o_status_url(conn, :object, uuid),
- %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id),
+ {_, %Activity{} = activity} <-
+ {:activity, Activity.get_create_activity_by_object_ap_id(id)},
+ {_, true} <- {:public?, ActivityPub.is_public?(activity)},
%User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
case get_format(conn) do
"html" -> redirect(conn, to: "/notice/#{activity.id}")
- _ -> represent_activity(conn, activity, user)
+ _ -> represent_activity(conn, nil, activity, user)
end
+ else
+ {:public?, false} ->
+ {:error, :not_found}
+
+ {:activity, nil} ->
+ {:error, :not_found}
+
+ e ->
+ e
end
end
end
- # TODO: Data leak
def activity(conn, %{"uuid" => uuid}) do
- with id <- o_status_url(conn, :activity, uuid),
- %Activity{} = activity <- Activity.get_by_ap_id(id),
- %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
- case get_format(conn) do
- "html" -> redirect(conn, to: "/notice/#{activity.id}")
- _ -> represent_activity(conn, activity, user)
+ if get_format(conn) == "activity+json" do
+ ActivityPubController.call(conn, :activity)
+ else
+ with id <- o_status_url(conn, :activity, uuid),
+ {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)},
+ {_, true} <- {:public?, ActivityPub.is_public?(activity)},
+ %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
+ case format = get_format(conn) do
+ "html" -> redirect(conn, to: "/notice/#{activity.id}")
+ _ -> represent_activity(conn, format, activity, user)
+ end
+ else
+ {:public?, false} ->
+ {:error, :not_found}
+
+ {:activity, nil} ->
+ {:error, :not_found}
+
+ e ->
+ e
end
end
end
- # TODO: Data leak
def notice(conn, %{"id" => id}) do
- with %Activity{} = activity <- Repo.get(Activity, id),
+ with {_, %Activity{} = activity} <- {:activity, Repo.get(Activity, id)},
+ {_, true} <- {:public?, ActivityPub.is_public?(activity)},
%User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
- case get_format(conn) do
+ case format = get_format(conn) do
"html" ->
conn
|> put_resp_content_type("text/html")
- |> send_file(200, "priv/static/index.html")
+ |> send_file(200, Pleroma.Plugs.InstanceStatic.file_path("index.html"))
_ ->
- represent_activity(conn, activity, user)
+ represent_activity(conn, format, activity, user)
end
+ else
+ {:public?, false} ->
+ {:error, :not_found}
+
+ {:activity, nil} ->
+ {:error, :not_found}
+
+ e ->
+ e
end
end
- defp represent_activity(conn, activity, user) do
+ defp represent_activity(
+ conn,
+ "activity+json",
+ %Activity{data: %{"type" => "Create"}} = activity,
+ _user
+ ) do
+ object = Object.normalize(activity.data["object"])
+
+ conn
+ |> put_resp_header("content-type", "application/activity+json")
+ |> json(ObjectView.render("object.json", %{object: object}))
+ end
+
+ defp represent_activity(_conn, "activity+json", _, _) do
+ {:error, :not_found}
+ end
+
+ defp represent_activity(conn, _, activity, user) do
response =
activity
|> ActivityRepresenter.to_simple_form(user, true)
|> put_resp_content_type("application/atom+xml")
|> send_resp(200, response)
end
+
+ def errors(conn, {:error, :not_found}) do
+ conn
+ |> put_status(404)
+ |> text("Not found")
+ end
+
+ def errors(conn, _) do
+ conn
+ |> put_status(500)
+ |> text("Something went wrong")
+ end
end