X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Factivity_pub%2Factivity_pub_controller.ex;h=531e98237a1abb537da41ffbdb0f9010e93ecea3;hb=1e9ced5af478ba38c9e9d46140891a8f4473e02d;hp=47a8bf5ab4411e296d0358249008c3acbfb24860;hpb=3fcdfb75d03efa27903ba5fdd5c78f2b93a4d55b;p=akkoma diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index 47a8bf5ab..531e98237 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -1,13 +1,29 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do use Pleroma.Web, :controller - alias Pleroma.{User, Repo, Object, Activity} - alias Pleroma.Web.ActivityPub.{ObjectView, UserView, Transmogrifier} + alias Pleroma.{User, Object} + alias Pleroma.Web.ActivityPub.{ObjectView, UserView} alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Relay + alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.Federator + alias Pleroma.Config require Logger - action_fallback :errors + action_fallback(:errors) + + plug(:relay_active? when action in [:relay]) + + def relay_active?(conn, _) do + if Config.get([:instance, :allow_relay]) do + conn + else + conn + |> put_status(404) + |> json(%{error: "not found"}) + |> halt + end + end def user(conn, %{"nickname" => nickname}) do with %User{} = user <- User.get_cached_by_nickname(nickname), @@ -15,15 +31,21 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("user.json", %{user: user})) + else + nil -> {:error, :not_found} end end def object(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :object, uuid), - %Object{} = object <- Object.get_cached_by_ap_id(ap_id) do + %Object{} = object <- Object.get_cached_by_ap_id(ap_id), + {_, true} <- {:public?, ActivityPub.is_public?(object)} do conn |> put_resp_header("content-type", "application/activity+json") |> json(ObjectView.render("object.json", %{object: object})) + else + {:public?, false} -> + {:error, :not_found} end end @@ -31,6 +53,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do with %User{} = user <- User.get_cached_by_nickname(nickname), {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do {page, _} = Integer.parse(page) + conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("following.json", %{user: user, page: page})) @@ -50,6 +73,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do with %User{} = user <- User.get_cached_by_nickname(nickname), {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do {page, _} = Integer.parse(page) + conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("followers.json", %{user: user, page: page})) @@ -74,26 +98,64 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do end end - def outbox(conn, %{"nickname" => nickname}) do outbox(conn, %{"nickname" => nickname, "max_id" => nil}) end + def outbox(conn, %{"nickname" => nickname}) do + outbox(conn, %{"nickname" => nickname, "max_id" => nil}) + end + + def inbox(%{assigns: %{valid_signature: true}} = conn, %{"nickname" => nickname} = params) do + with %User{} = user <- User.get_cached_by_nickname(nickname), + true <- Utils.recipient_in_message(user.ap_id, params), + params <- Utils.maybe_splice_recipient(user.ap_id, params) do + Federator.enqueue(:incoming_ap_doc, params) + json(conn, "ok") + end + end - # TODO: Ensure that this inbox is a recipient of the message def inbox(%{assigns: %{valid_signature: true}} = conn, params) do Federator.enqueue(:incoming_ap_doc, params) json(conn, "ok") end + # only accept relayed Creates + def inbox(conn, %{"type" => "Create"} = params) do + Logger.info( + "Signature missing or not from author, relayed Create message, fetching object from source" + ) + + ActivityPub.fetch_object_from_id(params["object"]["id"]) + + json(conn, "ok") + end + def inbox(conn, params) do headers = Enum.into(conn.req_headers, %{}) - if !(String.contains?(headers["signature"] || "", params["actor"])) do - Logger.info("Signature not from author, relayed message, fetching from source") - ActivityPub.fetch_object_from_id(params["object"]["id"]) - else - Logger.info("Signature error") - Logger.info("Could not validate #{params["actor"]}") + + if String.contains?(headers["signature"], params["actor"]) do + Logger.info( + "Signature validation error for: #{params["actor"]}, make sure you are forwarding the HTTP Host header!" + ) + Logger.info(inspect(conn.req_headers)) end - json(conn, "ok") + json(conn, "error") + end + + def relay(conn, params) do + with %User{} = user <- Relay.get_actor(), + {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + conn + |> put_resp_header("content-type", "application/activity+json") + |> json(UserView.render("user.json", %{user: user})) + else + nil -> {:error, :not_found} + end + end + + def errors(conn, {:error, :not_found}) do + conn + |> put_status(404) + |> json("Not found") end def errors(conn, _e) do