1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.Visibility do
10 alias Pleroma.Web.ActivityPub.Utils
12 require Pleroma.Constants
14 @spec is_public?(Object.t() | Activity.t() | map()) :: boolean()
15 def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false
16 def is_public?(%Object{data: data}), do: is_public?(data)
17 def is_public?(%Activity{data: %{"type" => "Move"}}), do: true
18 def is_public?(%Activity{data: data}), do: is_public?(data)
19 def is_public?(%{"directMessage" => true}), do: false
21 def is_public?(data) do
22 Utils.label_in_message?(Pleroma.Constants.as_public(), data) or
23 Utils.label_in_message?(Pleroma.Constants.as_local_public(), data)
26 def is_private?(activity) do
27 with false <- is_public?(activity),
28 %User{follower_address: follower_address} <-
29 User.get_cached_by_ap_id(activity.data["actor"]) do
30 follower_address in activity.data["to"]
36 def is_announceable?(activity, user, public \\ true) do
37 is_public?(activity) ||
38 (!public && is_private?(activity) && activity.data["actor"] == user.ap_id)
41 def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true
42 def is_direct?(%Object{data: %{"directMessage" => true}}), do: true
44 def is_direct?(activity) do
45 !is_public?(activity) && !is_private?(activity)
48 def is_list?(%{data: %{"listMessage" => _}}), do: true
49 def is_list?(_), do: false
51 @spec visible_for_user?(Activity.t() | nil, User.t() | nil) :: boolean()
52 def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true
54 def visible_for_user?(nil, _), do: false
56 def visible_for_user?(%Activity{data: %{"listMessage" => _}}, nil), do: false
58 def visible_for_user?(
59 %Activity{data: %{"listMessage" => list_ap_id}} = activity,
62 user.ap_id in activity.data["to"] ||
64 |> Pleroma.List.get_by_ap_id()
65 |> Pleroma.List.member?(user)
68 def visible_for_user?(%Activity{} = activity, nil) do
69 if restrict_unauthenticated_access?(activity),
71 else: is_public?(activity)
74 def visible_for_user?(%Activity{} = activity, user) do
75 x = [user.ap_id | User.following(user)]
76 y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || [])
77 is_public?(activity) || Enum.any?(x, &(&1 in y))
80 def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do
81 {:ok, %{rows: [[result]]}} =
82 Ecto.Adapters.SQL.query(Repo, "SELECT thread_visibility($1, $2)", [
90 def restrict_unauthenticated_access?(%Activity{local: local}) do
91 restrict_unauthenticated_access_to_activity?(local)
94 def restrict_unauthenticated_access?(%Object{} = object) do
97 |> restrict_unauthenticated_access_to_activity?()
100 def restrict_unauthenticated_access?(%User{} = user) do
101 User.visible_for(user, _reading_user = nil)
104 defp restrict_unauthenticated_access_to_activity?(local?) when is_boolean(local?) do
105 cfg_key = if local?, do: :local, else: :remote
107 Pleroma.Config.restrict_unauthenticated_access?(:activities, cfg_key)
110 def get_visibility(object) do
111 to = object.data["to"] || []
112 cc = object.data["cc"] || []
115 Pleroma.Constants.as_public() in to ->
118 Pleroma.Constants.as_public() in cc ->
121 # this should use the sql for the object's activity
122 Enum.any?(to, &String.contains?(&1, "/followers")) ->
125 object.data["directMessage"] == true ->
128 is_binary(object.data["listMessage"]) ->