projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add ability to obfuscate domains in MRF transparency
[akkoma] / lib / pleroma / web / activity_pub / mrf / simple_policy.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
6 @moduledoc "Filter activities depending on their origin instance"
7 @behaviour Pleroma.Web.ActivityPub.MRF.Policy
8
9 alias Pleroma.Config
10 alias Pleroma.FollowingRelationship
11 alias Pleroma.User
12 alias Pleroma.Web.ActivityPub.MRF
13
14 require Pleroma.Constants
15
16 defp check_accept(%{host: actor_host} = _actor_info, object) do
17 accepts =
18 instance_list(:accept)
19 |> MRF.subdomains_regex()
20
21 cond do
22 accepts == [] -> {:ok, object}
23 actor_host == Config.get([Pleroma.Web.Endpoint, :url, :host]) -> {:ok, object}
24 MRF.subdomain_match?(accepts, actor_host) -> {:ok, object}
25 true -> {:reject, "[SimplePolicy] host not in accept list"}
26 end
27 end
28
29 defp check_reject(%{host: actor_host} = _actor_info, object) do
30 rejects =
31 instance_list(:reject)
32 |> MRF.subdomains_regex()
33
34 if MRF.subdomain_match?(rejects, actor_host) do
35 {:reject, "[SimplePolicy] host in reject list"}
36 else
37 {:ok, object}
38 end
39 end
40
41 defp check_media_removal(
42 %{host: actor_host} = _actor_info,
43 %{"type" => "Create", "object" => %{"attachment" => child_attachment}} = object
44 )
45 when length(child_attachment) > 0 do
46 media_removal =
47 instance_list(:media_removal)
48 |> MRF.subdomains_regex()
49
50 object =
51 if MRF.subdomain_match?(media_removal, actor_host) do
52 child_object = Map.delete(object["object"], "attachment")
53 Map.put(object, "object", child_object)
54 else
55 object
56 end
57
58 {:ok, object}
59 end
60
61 defp check_media_removal(_actor_info, object), do: {:ok, object}
62
63 defp check_media_nsfw(
64 %{host: actor_host} = _actor_info,
65 %{
66 "type" => "Create",
67 "object" => %{} = _child_object
68 } = object
69 ) do
70 media_nsfw =
71 instance_list(:media_nsfw)
72 |> MRF.subdomains_regex()
73
74 object =
75 if MRF.subdomain_match?(media_nsfw, actor_host) do
76 Kernel.put_in(object, ["object", "sensitive"], true)
77 else
78 object
79 end
80
81 {:ok, object}
82 end
83
84 defp check_media_nsfw(_actor_info, object), do: {:ok, object}
85
86 defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do
87 timeline_removal =
88 instance_list(:federated_timeline_removal)
89 |> MRF.subdomains_regex()
90
91 object =
92 with true <- MRF.subdomain_match?(timeline_removal, actor_host),
93 user <- User.get_cached_by_ap_id(object["actor"]),
94 true <- Pleroma.Constants.as_public() in object["to"] do
95 to = List.delete(object["to"], Pleroma.Constants.as_public()) ++ [user.follower_address]
96
97 cc = List.delete(object["cc"], user.follower_address) ++ [Pleroma.Constants.as_public()]
98
99 object
100 |> Map.put("to", to)
101 |> Map.put("cc", cc)
102 else
103 _ -> object
104 end
105
106 {:ok, object}
107 end
108
109 defp intersection(list1, list2) do
110 list1 -- list1 -- list2
111 end
112
113 defp check_followers_only(%{host: actor_host} = _actor_info, object) do
114 followers_only =
115 instance_list(:followers_only)
116 |> MRF.subdomains_regex()
117
118 object =
119 with true <- MRF.subdomain_match?(followers_only, actor_host),
120 user <- User.get_cached_by_ap_id(object["actor"]) do
121 # Don't use Map.get/3 intentionally, these must not be nil
122 fixed_to = object["to"] || []
123 fixed_cc = object["cc"] || []
124
125 to = FollowingRelationship.followers_ap_ids(user, fixed_to)
126 cc = FollowingRelationship.followers_ap_ids(user, fixed_cc)
127
128 object
129 |> Map.put("to", intersection([user.follower_address | to], fixed_to))
130 |> Map.put("cc", intersection([user.follower_address | cc], fixed_cc))
131 else
132 _ -> object
133 end
134
135 {:ok, object}
136 end
137
138 defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} = object) do
139 report_removal =
140 instance_list(:report_removal)
141 |> MRF.subdomains_regex()
142
143 if MRF.subdomain_match?(report_removal, actor_host) do
144 {:reject, "[SimplePolicy] host in report_removal list"}
145 else
146 {:ok, object}
147 end
148 end
149
150 defp check_report_removal(_actor_info, object), do: {:ok, object}
151
152 defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do
153 avatar_removal =
154 instance_list(:avatar_removal)
155 |> MRF.subdomains_regex()
156
157 if MRF.subdomain_match?(avatar_removal, actor_host) do
158 {:ok, Map.delete(object, "icon")}
159 else
160 {:ok, object}
161 end
162 end
163
164 defp check_avatar_removal(_actor_info, object), do: {:ok, object}
165
166 defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do
167 banner_removal =
168 instance_list(:banner_removal)
169 |> MRF.subdomains_regex()
170
171 if MRF.subdomain_match?(banner_removal, actor_host) do
172 {:ok, Map.delete(object, "image")}
173 else
174 {:ok, object}
175 end
176 end
177
178 defp check_banner_removal(_actor_info, object), do: {:ok, object}
179
180 defp check_object(%{"object" => object} = activity) do
181 with {:ok, _object} <- filter(object) do
182 {:ok, activity}
183 end
184 end
185
186 defp check_object(object), do: {:ok, object}
187
188 defp instance_list(config_key) do
189 Config.get([:mrf_simple, config_key])
190 |> MRF.instance_list_from_tuples()
191 end
192
193 @impl true
194 def filter(%{"type" => "Delete", "actor" => actor} = object) do
195 %{host: actor_host} = URI.parse(actor)
196
197 reject_deletes =
198 instance_list(:reject_deletes)
199 |> MRF.subdomains_regex()
200
201 if MRF.subdomain_match?(reject_deletes, actor_host) do
202 {:reject, "[SimplePolicy] host in reject_deletes list"}
203 else
204 {:ok, object}
205 end
206 end
207
208 @impl true
209 def filter(%{"actor" => actor} = object) do
210 actor_info = URI.parse(actor)
211
212 with {:ok, object} <- check_accept(actor_info, object),
213 {:ok, object} <- check_reject(actor_info, object),
214 {:ok, object} <- check_media_removal(actor_info, object),
215 {:ok, object} <- check_media_nsfw(actor_info, object),
216 {:ok, object} <- check_ftl_removal(actor_info, object),
217 {:ok, object} <- check_followers_only(actor_info, object),
218 {:ok, object} <- check_report_removal(actor_info, object),
219 {:ok, object} <- check_object(object) do
220 {:ok, object}
221 else
222 {:reject, nil} -> {:reject, "[SimplePolicy]"}
223 {:reject, _} = e -> e
224 _ -> {:reject, "[SimplePolicy]"}
225 end
226 end
227
228 def filter(%{"id" => actor, "type" => obj_type} = object)
229 when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do
230 actor_info = URI.parse(actor)
231
232 with {:ok, object} <- check_accept(actor_info, object),
233 {:ok, object} <- check_reject(actor_info, object),
234 {:ok, object} <- check_avatar_removal(actor_info, object),
235 {:ok, object} <- check_banner_removal(actor_info, object) do
236 {:ok, object}
237 else
238 {:reject, nil} -> {:reject, "[SimplePolicy]"}
239 {:reject, _} = e -> e
240 _ -> {:reject, "[SimplePolicy]"}
241 end
242 end
243
244 def filter(object) when is_binary(object) do
245 uri = URI.parse(object)
246
247 with {:ok, object} <- check_accept(uri, object),
248 {:ok, object} <- check_reject(uri, object) do
249 {:ok, object}
250 else
251 {:reject, nil} -> {:reject, "[SimplePolicy]"}
252 {:reject, _} = e -> e
253 _ -> {:reject, "[SimplePolicy]"}
254 end
255 end
256
257 def filter(object), do: {:ok, object}
258
259 defp obfuscate(string) when is_binary(string) do
260 string
261 |> to_charlist()
262 |> Enum.with_index()
263 |> Enum.map(fn
264 {?., _index} ->
265 ?.
266
267 {char, index} ->
268 if 3 <= index && index < String.length(string) - 3, do: ?*, else: char
269 end)
270 |> to_string()
271 end
272
273 defp maybe_obfuscate(host, obfuscations) do
274 if MRF.subdomain_match?(obfuscations, host) do
275 obfuscate(host)
276 else
277 host
278 end
279 end
280
281 @impl true
282 def describe do
283 exclusions = Config.get([:mrf, :transparency_exclusions]) |> MRF.instance_list_from_tuples()
284
285 obfuscations =
286 Config.get([:mrf, :transparency_obfuscate_domains], []) |> MRF.subdomains_regex()
287
288 mrf_simple_excluded =
289 Config.get(:mrf_simple)
290 |> Enum.map(fn {rule, instances} ->
291 {rule, Enum.reject(instances, fn {host, _} -> host in exclusions end)}
292 end)
293
294 mrf_simple =
295 mrf_simple_excluded
296 |> Enum.map(fn {rule, instances} ->
297 {rule, Enum.map(instances, fn {host, _} -> maybe_obfuscate(host, obfuscations) end)}
298 end)
299 |> Map.new()
300
301 # This is for backwards compatibility. We originally didn't sent
302 # extra info like a reason why an instance was rejected/quarantined/etc.
303 # Because we didn't want to break backwards compatibility it was decided
304 # to add an extra "info" key.
305 mrf_simple_info =
306 mrf_simple_excluded
307 |> Enum.map(fn {rule, instances} ->
308 {rule, Enum.reject(instances, fn {_, reason} -> reason == "" end)}
309 end)
310 |> Enum.reject(fn {_, instances} -> instances == [] end)
311 |> Enum.map(fn {rule, instances} ->
312 instances =
313 instances
314 |> Enum.map(fn {host, reason} ->
315 {maybe_obfuscate(host, obfuscations), %{"reason" => reason}}
316 end)
317 |> Map.new()
318
319 {rule, instances}
320 end)
321 |> Map.new()
322
323 {:ok, %{mrf_simple: mrf_simple, mrf_simple_info: mrf_simple_info}}
324 end
325
326 @impl true
327 def config_description do
328 %{
329 key: :mrf_simple,
330 related_policy: "Pleroma.Web.ActivityPub.MRF.SimplePolicy",
331 label: "MRF Simple",
332 description: "Simple ingress policies",
333 children:
334 [
335 %{
336 key: :media_removal,
337 description:
338 "List of instances to strip media attachments from and the reason for doing so"
339 },
340 %{
341 key: :media_nsfw,
342 label: "Media NSFW",
343 description:
344 "List of instances to tag all media as NSFW (sensitive) from and the reason for doing so"
345 },
346 %{
347 key: :federated_timeline_removal,
348 description:
349 "List of instances to remove from the Federated (aka The Whole Known Network) Timeline and the reason for doing so"
350 },
351 %{
352 key: :reject,
353 description:
354 "List of instances to reject activities from (except deletes) and the reason for doing so"
355 },
356 %{
357 key: :accept,
358 description:
359 "List of instances to only accept activities from (except deletes) and the reason for doing so"
360 },
361 %{
362 key: :followers_only,
363 description:
364 "Force posts from the given instances to be visible by followers only and the reason for doing so"
365 },
366 %{
367 key: :report_removal,
368 description: "List of instances to reject reports from and the reason for doing so"
369 },
370 %{
371 key: :avatar_removal,
372 description: "List of instances to strip avatars from and the reason for doing so"
373 },
374 %{
375 key: :banner_removal,
376 description: "List of instances to strip banners from and the reason for doing so"
377 },
378 %{
379 key: :reject_deletes,
380 description: "List of instances to reject deletions from and the reason for doing so"
381 }
382 ]
383 |> Enum.map(fn setting ->
384 Map.merge(
385 setting,
386 %{
387 type: {:list, :tuple},
388 key_placeholder: "instance",
389 value_placeholder: "reason",
390 suggestions: [{"example.com", "Some reason"}, {"*.example.com", "Another reason"}]
391 }
392 )
393 end)
394 }
395 end
396 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git