1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
10 alias Pleroma.Web.ActivityPub.ObjectValidators.Types
13 import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
18 field(:id, Types.ObjectID, primary_key: true)
20 field(:actor, Types.ObjectID)
21 field(:to, Types.Recipients, default: [])
22 field(:cc, Types.Recipients, default: [])
23 field(:deleted_activity_id, Types.ObjectID)
24 field(:object, Types.ObjectID)
27 def cast_data(data) do
29 |> cast(data, __schema__(:fields))
32 def add_deleted_activity_id(cng) do
37 with %Activity{id: id} <- Activity.get_create_by_object_ap_id(object) do
39 |> put_change(:deleted_activity_id, id)
56 def validate_data(cng) do
58 |> validate_required([:id, :type, :actor, :to, :cc, :object])
59 |> validate_inclusion(:type, ["Delete"])
60 |> validate_actor_presence()
61 |> validate_deletion_rights()
62 |> validate_object_or_user_presence(allowed_types: @deletable_types)
63 |> add_deleted_activity_id()
66 def do_not_federate?(cng) do
70 defp same_domain?(cng) do
81 object_uri.host == actor_uri.host
84 def validate_deletion_rights(cng) do
85 actor = User.get_cached_by_ap_id(get_field(cng, :actor))
87 if User.superuser?(actor) || same_domain?(cng) do
91 |> add_error(:actor, "is not allowed to delete object")
95 def cast_and_validate(data) do