activitypub: run user objects through MRF filters

author William Pitcock <nenolod@dereferenced.org>

Wed, 22 May 2019 04:33:10 +0000 (04:33 +0000)

committer William Pitcock <nenolod@dereferenced.org>

Wed, 22 May 2019 18:53:12 +0000 (18:53 +0000)
author William Pitcock <nenolod@dereferenced.org>
Wed, 22 May 2019 04:33:10 +0000 (04:33 +0000)
committer William Pitcock <nenolod@dereferenced.org>
Wed, 22 May 2019 18:53:12 +0000 (18:53 +0000)
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex

index 3d9679ec0d03728f7606c6fcd6875bf5996d0795..aa0229db7f3e77d89620c6f329d6ed3cb2acbb0e 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -909,7 +909,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
      end
    end
  
-  def user_data_from_user_object(data) do
+  defp object_to_user_data(data) do
      avatar =
        data["icon"]["url"] &&
          %{
@@ -956,9 +956,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
      {:ok, user_data}
    end
  
+  def user_data_from_user_object(data) do
+    with {:ok, data} <- MRF.filter(data),
+         {:ok, data} <- object_to_user_data(data) do
+      {:ok, data}
+    else
+      e -> {:error, e}
+    end
+  end
+
    def fetch_and_prepare_user_from_ap_id(ap_id) do
-    with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id) do
-      user_data_from_user_object(data)
+    with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id),
+         {:ok, data} <- user_data_from_user_object(data) do
+      {:ok, data}
      else
        e -> Logger.error("Could not decode user at fetch #{ap_id}, #{inspect(e)}")
      end
author	William Pitcock <nenolod@dereferenced.org>
	Wed, 22 May 2019 04:33:10 +0000 (04:33 +0000)
committer	William Pitcock <nenolod@dereferenced.org>
	Wed, 22 May 2019 18:53:12 +0000 (18:53 +0000)