1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.ActivityPub do
7 alias Pleroma.Conversation
8 alias Pleroma.Notification
10 alias Pleroma.Object.Fetcher
11 alias Pleroma.Pagination
15 alias Pleroma.Web.ActivityPub.MRF
16 alias Pleroma.Web.ActivityPub.Transmogrifier
17 alias Pleroma.Web.WebFinger
20 import Pleroma.Web.ActivityPub.Utils
21 import Pleroma.Web.ActivityPub.Visibility
25 # For Announce activities, we filter the recipients based on following status for any actors
26 # that match actual users. See issue #164 for more information about why this is necessary.
27 defp get_recipients(%{"type" => "Announce"} = data) do
30 actor = User.get_cached_by_ap_id(data["actor"])
34 |> Enum.filter(fn recipient ->
35 case User.get_cached_by_ap_id(recipient) do
40 User.following?(user, actor)
47 defp get_recipients(%{"type" => "Create"} = data) do
50 actor = data["actor"] || []
51 recipients = (to ++ cc ++ [actor]) |> Enum.uniq()
55 defp get_recipients(data) do
62 defp check_actor_is_active(actor) do
63 if not is_nil(actor) do
64 with user <- User.get_cached_by_ap_id(actor),
65 false <- user.info.deactivated do
75 defp check_remote_limit(%{"object" => %{"content" => content}}) when not is_nil(content) do
76 limit = Pleroma.Config.get([:instance, :remote_limit])
77 String.length(content) <= limit
80 defp check_remote_limit(_), do: true
82 def increase_note_count_if_public(actor, object) do
83 if is_public?(object), do: User.increase_note_count(actor), else: {:ok, actor}
86 def decrease_note_count_if_public(actor, object) do
87 if is_public?(object), do: User.decrease_note_count(actor), else: {:ok, actor}
90 def increase_replies_count_if_reply(%{
91 "object" => %{"inReplyTo" => reply_ap_id} = object,
94 if is_public?(object) do
95 Object.increase_replies_count(reply_ap_id)
99 def increase_replies_count_if_reply(_create_data), do: :noop
101 def decrease_replies_count_if_reply(%Object{
102 data: %{"inReplyTo" => reply_ap_id} = object
104 if is_public?(object) do
105 Object.decrease_replies_count(reply_ap_id)
109 def decrease_replies_count_if_reply(_object), do: :noop
111 def insert(map, local \\ true, fake \\ false) when is_map(map) do
112 with nil <- Activity.normalize(map),
113 map <- lazy_put_activity_defaults(map, fake),
114 :ok <- check_actor_is_active(map["actor"]),
115 {_, true} <- {:remote_limit_error, check_remote_limit(map)},
116 {:ok, map} <- MRF.filter(map),
117 {recipients, _, _} = get_recipients(map),
118 {:fake, false, map, recipients} <- {:fake, fake, map, recipients},
119 {:ok, map, object} <- insert_full_object(map) do
121 Repo.insert(%Activity{
125 recipients: recipients
128 # Splice in the child object if we have one.
130 if !is_nil(object) do
131 Map.put(activity, :object, object)
137 Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
140 Notification.create_notifications(activity)
144 |> Conversation.create_or_bump_for()
145 |> get_participations()
148 stream_out_participations(participations)
151 %Activity{} = activity ->
154 {:fake, true, map, recipients} ->
155 activity = %Activity{
159 recipients: recipients,
163 Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
171 defp get_participations({:ok, %{participations: participations}}), do: participations
172 defp get_participations(_), do: []
174 def stream_out_participations(participations) do
177 |> Repo.preload(:user)
179 Enum.each(participations, fn participation ->
180 Pleroma.Web.Streamer.stream("participation", participation)
184 def stream_out(activity) do
185 public = "https://www.w3.org/ns/activitystreams#Public"
187 if activity.data["type"] in ["Create", "Announce", "Delete"] do
188 Pleroma.Web.Streamer.stream("user", activity)
189 Pleroma.Web.Streamer.stream("list", activity)
191 if Enum.member?(activity.data["to"], public) do
192 Pleroma.Web.Streamer.stream("public", activity)
195 Pleroma.Web.Streamer.stream("public:local", activity)
198 if activity.data["type"] in ["Create"] do
199 object = Object.normalize(activity)
202 |> Map.get("tag", [])
203 |> Enum.filter(fn tag -> is_bitstring(tag) end)
204 |> Enum.each(fn tag -> Pleroma.Web.Streamer.stream("hashtag:" <> tag, activity) end)
206 if object.data["attachment"] != [] do
207 Pleroma.Web.Streamer.stream("public:media", activity)
210 Pleroma.Web.Streamer.stream("public:local:media", activity)
215 # TODO: Write test, replace with visibility test
216 if !Enum.member?(activity.data["cc"] || [], public) &&
219 User.get_cached_by_ap_id(activity.data["actor"]).follower_address
221 do: Pleroma.Web.Streamer.stream("direct", activity)
226 def create(%{to: to, actor: actor, context: context, object: object} = params, fake \\ false) do
227 additional = params[:additional] || %{}
228 # only accept false as false value
229 local = !(params[:local] == false)
230 published = params[:published]
234 %{to: to, actor: actor, published: published, context: context, object: object},
237 {:ok, activity} <- insert(create_data, local, fake),
238 {:fake, false, activity} <- {:fake, fake, activity},
239 _ <- increase_replies_count_if_reply(create_data),
240 # Changing note count prior to enqueuing federation task in order to avoid
241 # race conditions on updating user.info
242 {:ok, _actor} <- increase_note_count_if_public(actor, activity),
243 :ok <- maybe_federate(activity) do
246 {:fake, true, activity} ->
251 def accept(%{to: to, actor: actor, object: object} = params) do
252 # only accept false as false value
253 local = !(params[:local] == false)
255 with data <- %{"to" => to, "type" => "Accept", "actor" => actor.ap_id, "object" => object},
256 {:ok, activity} <- insert(data, local),
257 :ok <- maybe_federate(activity) do
262 def reject(%{to: to, actor: actor, object: object} = params) do
263 # only accept false as false value
264 local = !(params[:local] == false)
266 with data <- %{"to" => to, "type" => "Reject", "actor" => actor.ap_id, "object" => object},
267 {:ok, activity} <- insert(data, local),
268 :ok <- maybe_federate(activity) do
273 def update(%{to: to, cc: cc, actor: actor, object: object} = params) do
274 # only accept false as false value
275 local = !(params[:local] == false)
284 {:ok, activity} <- insert(data, local),
285 :ok <- maybe_federate(activity) do
290 # TODO: This is weird, maybe we shouldn't check here if we can make the activity.
292 %User{ap_id: ap_id} = user,
293 %Object{data: %{"id" => _}} = object,
297 with nil <- get_existing_like(ap_id, object),
298 like_data <- make_like_data(user, object, activity_id),
299 {:ok, activity} <- insert(like_data, local),
300 {:ok, object} <- add_like_to_object(activity, object),
301 :ok <- maybe_federate(activity) do
302 {:ok, activity, object}
304 %Activity{} = activity -> {:ok, activity, object}
305 error -> {:error, error}
315 with %Activity{} = like_activity <- get_existing_like(actor.ap_id, object),
316 unlike_data <- make_unlike_data(actor, like_activity, activity_id),
317 {:ok, unlike_activity} <- insert(unlike_data, local),
318 {:ok, _activity} <- Repo.delete(like_activity),
319 {:ok, object} <- remove_like_from_object(like_activity, object),
320 :ok <- maybe_federate(unlike_activity) do
321 {:ok, unlike_activity, like_activity, object}
328 %User{ap_id: _} = user,
329 %Object{data: %{"id" => _}} = object,
334 with true <- is_public?(object),
335 announce_data <- make_announce_data(user, object, activity_id, public),
336 {:ok, activity} <- insert(announce_data, local),
337 {:ok, object} <- add_announce_to_object(activity, object),
338 :ok <- maybe_federate(activity) do
339 {:ok, activity, object}
341 error -> {:error, error}
351 with %Activity{} = announce_activity <- get_existing_announce(actor.ap_id, object),
352 unannounce_data <- make_unannounce_data(actor, announce_activity, activity_id),
353 {:ok, unannounce_activity} <- insert(unannounce_data, local),
354 :ok <- maybe_federate(unannounce_activity),
355 {:ok, _activity} <- Repo.delete(announce_activity),
356 {:ok, object} <- remove_announce_from_object(announce_activity, object) do
357 {:ok, unannounce_activity, object}
363 def follow(follower, followed, activity_id \\ nil, local \\ true) do
364 with data <- make_follow_data(follower, followed, activity_id),
365 {:ok, activity} <- insert(data, local),
366 :ok <- maybe_federate(activity) do
371 def unfollow(follower, followed, activity_id \\ nil, local \\ true) do
372 with %Activity{} = follow_activity <- fetch_latest_follow(follower, followed),
373 {:ok, follow_activity} <- update_follow_state(follow_activity, "cancelled"),
374 unfollow_data <- make_unfollow_data(follower, followed, follow_activity, activity_id),
375 {:ok, activity} <- insert(unfollow_data, local),
376 :ok <- maybe_federate(activity) do
381 def delete(%Object{data: %{"id" => id, "actor" => actor}} = object, local \\ true) do
382 user = User.get_cached_by_ap_id(actor)
383 to = (object.data["to"] || []) ++ (object.data["cc"] || [])
385 with {:ok, object, activity} <- Object.delete(object),
391 "deleted_activity_id" => activity && activity.id
393 {:ok, activity} <- insert(data, local),
394 _ <- decrease_replies_count_if_reply(object),
395 # Changing note count prior to enqueuing federation task in order to avoid
396 # race conditions on updating user.info
397 {:ok, _actor} <- decrease_note_count_if_public(user, object),
398 :ok <- maybe_federate(activity) do
403 def block(blocker, blocked, activity_id \\ nil, local \\ true) do
404 ap_config = Application.get_env(:pleroma, :activitypub)
405 unfollow_blocked = Keyword.get(ap_config, :unfollow_blocked)
406 outgoing_blocks = Keyword.get(ap_config, :outgoing_blocks)
408 with true <- unfollow_blocked do
409 follow_activity = fetch_latest_follow(blocker, blocked)
411 if follow_activity do
412 unfollow(blocker, blocked, nil, local)
416 with true <- outgoing_blocks,
417 block_data <- make_block_data(blocker, blocked, activity_id),
418 {:ok, activity} <- insert(block_data, local),
419 :ok <- maybe_federate(activity) do
426 def unblock(blocker, blocked, activity_id \\ nil, local \\ true) do
427 with %Activity{} = block_activity <- fetch_latest_block(blocker, blocked),
428 unblock_data <- make_unblock_data(blocker, blocked, block_activity, activity_id),
429 {:ok, activity} <- insert(unblock_data, local),
430 :ok <- maybe_federate(activity) do
444 # only accept false as false value
445 local = !(params[:local] == false)
446 forward = !(params[:forward] == false)
448 additional = params[:additional] || %{}
460 Map.merge(additional, %{"to" => [], "cc" => [account.ap_id]})
462 Map.merge(additional, %{"to" => [], "cc" => []})
465 with flag_data <- make_flag_data(params, additional),
466 {:ok, activity} <- insert(flag_data, local),
467 :ok <- maybe_federate(activity) do
468 Enum.each(User.all_superusers(), fn superuser ->
470 |> Pleroma.Emails.AdminEmail.report(actor, account, statuses, content)
471 |> Pleroma.Emails.Mailer.deliver_async()
478 defp fetch_activities_for_context_query(context, opts) do
479 public = ["https://www.w3.org/ns/activitystreams#Public"]
482 if opts["user"], do: [opts["user"].ap_id | opts["user"].following] ++ public, else: public
484 from(activity in Activity)
485 |> restrict_blocked(opts)
486 |> restrict_recipients(recipients, opts["user"])
490 "?->>'type' = ? and ?->>'context' = ?",
497 |> order_by([activity], desc: activity.id)
500 @spec fetch_activities_for_context(String.t(), keyword() | map()) :: [Activity.t()]
501 def fetch_activities_for_context(context, opts \\ %{}) do
503 |> fetch_activities_for_context_query(opts)
504 |> Activity.with_preloaded_object()
508 @spec fetch_latest_activity_id_for_context(String.t(), keyword() | map()) ::
509 Pleroma.FlakeId.t() | nil
510 def fetch_latest_activity_id_for_context(context, opts \\ %{}) do
512 |> fetch_activities_for_context_query(opts)
518 def fetch_public_activities(opts \\ %{}) do
519 q = fetch_activities_query(["https://www.w3.org/ns/activitystreams#Public"], opts)
522 |> restrict_unlisted()
523 |> Pagination.fetch_paginated(opts)
527 @valid_visibilities ~w[direct unlisted public private]
529 defp restrict_visibility(query, %{visibility: visibility})
530 when is_list(visibility) do
531 if Enum.all?(visibility, &(&1 in @valid_visibilities)) do
537 "activity_visibility(?, ?, ?) = ANY (?)",
545 Ecto.Adapters.SQL.to_sql(:all, Repo, query)
549 Logger.error("Could not restrict visibility to #{visibility}")
553 defp restrict_visibility(query, %{visibility: visibility})
554 when visibility in @valid_visibilities do
559 fragment("activity_visibility(?, ?, ?) = ?", a.actor, a.recipients, a.data, ^visibility)
562 Ecto.Adapters.SQL.to_sql(:all, Repo, query)
567 defp restrict_visibility(_query, %{visibility: visibility})
568 when visibility not in @valid_visibilities do
569 Logger.error("Could not restrict visibility to #{visibility}")
572 defp restrict_visibility(query, _visibility), do: query
574 def fetch_user_activities(user, reading_user, params \\ %{}) do
577 |> Map.put("type", ["Create", "Announce"])
578 |> Map.put("actor_id", user.ap_id)
579 |> Map.put("whole_db", true)
580 |> Map.put("pinned_activity_ids", user.info.pinned_activities)
584 ["https://www.w3.org/ns/activitystreams#Public"] ++
585 [reading_user.ap_id | reading_user.following]
587 ["https://www.w3.org/ns/activitystreams#Public"]
590 fetch_activities(recipients, params)
594 defp restrict_since(query, %{"since_id" => ""}), do: query
596 defp restrict_since(query, %{"since_id" => since_id}) do
597 from(activity in query, where: activity.id > ^since_id)
600 defp restrict_since(query, _), do: query
602 defp restrict_tag_reject(_query, %{"tag_reject" => _tag_reject, "skip_preload" => true}) do
603 raise "Can't use the child object without preloading!"
606 defp restrict_tag_reject(query, %{"tag_reject" => tag_reject})
607 when is_list(tag_reject) and tag_reject != [] do
609 [_activity, object] in query,
610 where: fragment("not (?)->'tag' \\?| (?)", object.data, ^tag_reject)
614 defp restrict_tag_reject(query, _), do: query
616 defp restrict_tag_all(_query, %{"tag_all" => _tag_all, "skip_preload" => true}) do
617 raise "Can't use the child object without preloading!"
620 defp restrict_tag_all(query, %{"tag_all" => tag_all})
621 when is_list(tag_all) and tag_all != [] do
623 [_activity, object] in query,
624 where: fragment("(?)->'tag' \\?& (?)", object.data, ^tag_all)
628 defp restrict_tag_all(query, _), do: query
630 defp restrict_tag(_query, %{"tag" => _tag, "skip_preload" => true}) do
631 raise "Can't use the child object without preloading!"
634 defp restrict_tag(query, %{"tag" => tag}) when is_list(tag) do
636 [_activity, object] in query,
637 where: fragment("(?)->'tag' \\?| (?)", object.data, ^tag)
641 defp restrict_tag(query, %{"tag" => tag}) when is_binary(tag) do
643 [_activity, object] in query,
644 where: fragment("(?)->'tag' \\? (?)", object.data, ^tag)
648 defp restrict_tag(query, _), do: query
650 defp restrict_to_cc(query, recipients_to, recipients_cc) do
655 "(?->'to' \\?| ?) or (?->'cc' \\?| ?)",
664 defp restrict_recipients(query, [], _user), do: query
666 defp restrict_recipients(query, recipients, nil) do
667 from(activity in query, where: fragment("? && ?", ^recipients, activity.recipients))
670 defp restrict_recipients(query, recipients, user) do
673 where: fragment("? && ?", ^recipients, activity.recipients),
674 or_where: activity.actor == ^user.ap_id
678 defp restrict_local(query, %{"local_only" => true}) do
679 from(activity in query, where: activity.local == true)
682 defp restrict_local(query, _), do: query
684 defp restrict_actor(query, %{"actor_id" => actor_id}) do
685 from(activity in query, where: activity.actor == ^actor_id)
688 defp restrict_actor(query, _), do: query
690 defp restrict_type(query, %{"type" => type}) when is_binary(type) do
691 from(activity in query, where: fragment("?->>'type' = ?", activity.data, ^type))
694 defp restrict_type(query, %{"type" => type}) do
695 from(activity in query, where: fragment("?->>'type' = ANY(?)", activity.data, ^type))
698 defp restrict_type(query, _), do: query
700 defp restrict_favorited_by(query, %{"favorited_by" => ap_id}) do
703 where: fragment(~s(? <@ (? #> '{"object","likes"}'\)), ^ap_id, activity.data)
707 defp restrict_favorited_by(query, _), do: query
709 defp restrict_media(_query, %{"only_media" => _val, "skip_preload" => true}) do
710 raise "Can't use the child object without preloading!"
713 defp restrict_media(query, %{"only_media" => val}) when val == "true" or val == "1" do
715 [_activity, object] in query,
716 where: fragment("not (?)->'attachment' = (?)", object.data, ^[])
720 defp restrict_media(query, _), do: query
722 defp restrict_replies(query, %{"exclude_replies" => val}) when val == "true" or val == "1" do
725 where: fragment("?->'object'->>'inReplyTo' is null", activity.data)
729 defp restrict_replies(query, _), do: query
731 defp restrict_reblogs(query, %{"exclude_reblogs" => val}) when val == "true" or val == "1" do
732 from(activity in query, where: fragment("?->>'type' != 'Announce'", activity.data))
735 defp restrict_reblogs(query, _), do: query
737 defp restrict_muted(query, %{"with_muted" => val}) when val in [true, "true", "1"], do: query
739 defp restrict_muted(query, %{"muting_user" => %User{info: info}}) do
744 where: fragment("not (? = ANY(?))", activity.actor, ^mutes),
745 where: fragment("not (?->'to' \\?| ?)", activity.data, ^mutes)
749 defp restrict_muted(query, _), do: query
751 defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do
752 blocks = info.blocks || []
753 domain_blocks = info.domain_blocks || []
757 where: fragment("not (? = ANY(?))", activity.actor, ^blocks),
758 where: fragment("not (? && ?)", activity.recipients, ^blocks),
761 "not (?->>'type' = 'Announce' and ?->'to' \\?| ?)",
766 where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks)
770 defp restrict_blocked(query, _), do: query
772 defp restrict_unlisted(query) do
777 "not (coalesce(?->'cc', '{}'::jsonb) \\?| ?)",
779 ^["https://www.w3.org/ns/activitystreams#Public"]
784 defp restrict_pinned(query, %{"pinned" => "true", "pinned_activity_ids" => ids}) do
785 from(activity in query, where: activity.id in ^ids)
788 defp restrict_pinned(query, _), do: query
790 defp restrict_muted_reblogs(query, %{"muting_user" => %User{info: info}}) do
791 muted_reblogs = info.muted_reblogs || []
797 "not ( ?->>'type' = 'Announce' and ? = ANY(?))",
805 defp restrict_muted_reblogs(query, _), do: query
807 defp maybe_preload_objects(query, %{"skip_preload" => true}), do: query
809 defp maybe_preload_objects(query, _) do
811 |> Activity.with_preloaded_object()
814 defp maybe_preload_bookmarks(query, %{"skip_preload" => true}), do: query
816 defp maybe_preload_bookmarks(query, opts) do
818 |> Activity.with_preloaded_bookmark(opts["user"])
821 defp maybe_order(query, %{order: :desc}) do
823 |> order_by(desc: :id)
826 defp maybe_order(query, %{order: :asc}) do
828 |> order_by(asc: :id)
831 defp maybe_order(query, _), do: query
833 def fetch_activities_query(recipients, opts \\ %{}) do
834 base_query = from(activity in Activity)
837 |> maybe_preload_objects(opts)
838 |> maybe_preload_bookmarks(opts)
840 |> restrict_recipients(recipients, opts["user"])
841 |> restrict_tag(opts)
842 |> restrict_tag_reject(opts)
843 |> restrict_tag_all(opts)
844 |> restrict_since(opts)
845 |> restrict_local(opts)
846 |> restrict_actor(opts)
847 |> restrict_type(opts)
848 |> restrict_favorited_by(opts)
849 |> restrict_blocked(opts)
850 |> restrict_muted(opts)
851 |> restrict_media(opts)
852 |> restrict_visibility(opts)
853 |> restrict_replies(opts)
854 |> restrict_reblogs(opts)
855 |> restrict_pinned(opts)
856 |> restrict_muted_reblogs(opts)
859 def fetch_activities(recipients, opts \\ %{}) do
860 fetch_activities_query(recipients, opts)
861 |> Pagination.fetch_paginated(opts)
865 def fetch_activities_bounded(recipients_to, recipients_cc, opts \\ %{}) do
866 fetch_activities_query([], opts)
867 |> restrict_to_cc(recipients_to, recipients_cc)
868 |> Pagination.fetch_paginated(opts)
872 def upload(file, opts \\ []) do
873 with {:ok, data} <- Upload.store(file, opts) do
876 Map.put(data, "actor", opts[:actor])
881 Repo.insert(%Object{data: obj_data})
885 def user_data_from_user_object(data) do
887 data["icon"]["url"] &&
890 "url" => [%{"href" => data["icon"]["url"]}]
894 data["image"]["url"] &&
897 "url" => [%{"href" => data["image"]["url"]}]
900 locked = data["manuallyApprovesFollowers"] || false
901 data = Transmogrifier.maybe_fix_user_object(data)
906 "ap_enabled" => true,
907 "source_data" => data,
913 follower_address: data["followers"],
917 # nickname can be nil because of virtual actors
919 if data["preferredUsername"] do
923 "#{data["preferredUsername"]}@#{URI.parse(data["id"]).host}"
926 Map.put(user_data, :nickname, nil)
932 def fetch_and_prepare_user_from_ap_id(ap_id) do
933 with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id) do
934 user_data_from_user_object(data)
936 e -> Logger.error("Could not decode user at fetch #{ap_id}, #{inspect(e)}")
940 def make_user_from_ap_id(ap_id) do
941 if _user = User.get_cached_by_ap_id(ap_id) do
942 Transmogrifier.upgrade_user_from_ap_id(ap_id)
944 with {:ok, data} <- fetch_and_prepare_user_from_ap_id(ap_id) do
945 User.insert_or_update_user(data)
952 def make_user_from_nickname(nickname) do
953 with {:ok, %{"ap_id" => ap_id}} when not is_nil(ap_id) <- WebFinger.finger(nickname) do
954 make_user_from_ap_id(ap_id)
956 _e -> {:error, "No AP id in WebFinger"}
960 # filter out broken threads
961 def contain_broken_threads(%Activity{} = activity, %User{} = user) do
962 entire_thread_visible_for_user?(activity, user)
965 # do post-processing on a specific activity
966 def contain_activity(%Activity{} = activity, %User{} = user) do
967 contain_broken_threads(activity, user)
970 # do post-processing on a timeline
971 def contain_timeline(timeline, user) do
973 |> Enum.filter(fn activity ->
974 contain_activity(activity, user)