git.squeep.com Git - akkoma/blob - lib/pleroma/web/activity_pub/object_validators/create_generic_validator.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 # Code based on CreateChatMessageValidator
   6 # NOTES
   7 # - doesn't embed, will only get the object id
   8 defmodule Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidator do
   9   use Ecto.Schema
  10
  11   alias Pleroma.EctoType.ActivityPub.ObjectValidators
  12   alias Pleroma.Object
  13
  14   import Ecto.Changeset
  15   import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
  16
  17   @primary_key false
  18
  19   embedded_schema do
  20     field(:id, ObjectValidators.ObjectID, primary_key: true)
  21     field(:actor, ObjectValidators.ObjectID)
  22     field(:type, :string)
  23     field(:to, ObjectValidators.Recipients, default: [])
  24     field(:cc, ObjectValidators.Recipients, default: [])
  25     field(:object, ObjectValidators.ObjectID)
  26     field(:expires_at, ObjectValidators.DateTime)
  27
  28     # Should be moved to object, done for CommonAPI.Utils.make_context
  29     field(:context, :string)
  30   end
  31
  32   def cast_data(data) do
  33     %__MODULE__{}
  34     |> changeset(data)
  35   end
  36
  37   def cast_and_apply(data) do
  38     data
  39     |> cast_data
  40     |> apply_action(:insert)
  41   end
  42
  43   def cast_and_validate(data, meta \\ []) do
  44     data
  45     |> cast_data
  46     |> validate_data(meta)
  47   end
  48
  49   def changeset(struct, data) do
  50     struct
  51     |> cast(data, __schema__(:fields))
  52   end
  53
  54   def validate_data(cng, meta \\ []) do
  55     cng
  56     |> validate_required([:actor, :type, :object])
  57     |> validate_inclusion(:type, ["Create"])
  58     |> validate_actor_is_active()
  59     |> validate_any_presence([:to, :cc])
  60     |> validate_actors_match(meta)
  61     |> validate_context_match(meta)
  62     |> validate_object_nonexistence()
  63     |> validate_object_containment()
  64   end
  65
  66   def validate_object_containment(cng) do
  67     actor = get_field(cng, :actor)
  68
  69     cng
  70     |> validate_change(:object, fn :object, object_id ->
  71       %URI{host: object_id_host} = URI.parse(object_id)
  72       %URI{host: actor_host} = URI.parse(actor)
  73
  74       if object_id_host == actor_host do
  75         []
  76       else
  77         [{:object, "The host of the object id doesn't match with the host of the actor"}]
  78       end
  79     end)
  80   end
  81
  82   def validate_object_nonexistence(cng) do
  83     cng
  84     |> validate_change(:object, fn :object, object_id ->
  85       if Object.get_cached_by_ap_id(object_id) do
  86         [{:object, "The object to create already exists"}]
  87       else
  88         []
  89       end
  90     end)
  91   end
  92
  93   def validate_actors_match(cng, meta) do
  94     attributed_to = meta[:object_data]["attributedTo"] || meta[:object_data]["actor"]
  95
  96     cng
  97     |> validate_change(:actor, fn :actor, actor ->
  98       if actor == attributed_to do
  99         []
 100       else
 101         [{:actor, "Actor doesn't match with object attributedTo"}]
 102       end
 103     end)
 104   end
 105
 106   def validate_context_match(cng, %{object_data: %{"context" => object_context}}) do
 107     cng
 108     |> validate_change(:context, fn :context, context ->
 109       if context == object_context do
 110         []
 111       else
 112         [{:context, "context field not matching between Create and object (#{object_context})"}]
 113       end
 114     end)
 115   end
 116
 117   def validate_context_match(cng, _), do: cng
 118 end