1 # Pleroma: A lightweight social networking server
2 # Copyright © 2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
9 alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
11 clear_config([:mrf_simple]) do
12 Config.put(:mrf_simple,
15 federated_timeline_removal: [],
24 describe "when :media_removal" do
26 Config.put([:mrf_simple, :media_removal], [])
27 media_message = build_media_message()
28 local_message = build_local_message()
30 assert SimplePolicy.filter(media_message) == {:ok, media_message}
31 assert SimplePolicy.filter(local_message) == {:ok, local_message}
34 test "has a matching host" do
35 Config.put([:mrf_simple, :media_removal], ["remote.instance"])
36 media_message = build_media_message()
37 local_message = build_local_message()
39 assert SimplePolicy.filter(media_message) ==
42 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
44 assert SimplePolicy.filter(local_message) == {:ok, local_message}
47 test "match with wildcard domain" do
48 Config.put([:mrf_simple, :media_removal], ["*.remote.instance"])
49 media_message = build_media_message()
50 local_message = build_local_message()
52 assert SimplePolicy.filter(media_message) ==
55 |> Map.put("object", Map.delete(media_message["object"], "attachment"))}
57 assert SimplePolicy.filter(local_message) == {:ok, local_message}
61 describe "when :media_nsfw" do
63 Config.put([:mrf_simple, :media_nsfw], [])
64 media_message = build_media_message()
65 local_message = build_local_message()
67 assert SimplePolicy.filter(media_message) == {:ok, media_message}
68 assert SimplePolicy.filter(local_message) == {:ok, local_message}
71 test "has a matching host" do
72 Config.put([:mrf_simple, :media_nsfw], ["remote.instance"])
73 media_message = build_media_message()
74 local_message = build_local_message()
76 assert SimplePolicy.filter(media_message) ==
79 |> put_in(["object", "tag"], ["foo", "nsfw"])
80 |> put_in(["object", "sensitive"], true)}
82 assert SimplePolicy.filter(local_message) == {:ok, local_message}
85 test "match with wildcard domain" do
86 Config.put([:mrf_simple, :media_nsfw], ["*.remote.instance"])
87 media_message = build_media_message()
88 local_message = build_local_message()
90 assert SimplePolicy.filter(media_message) ==
93 |> put_in(["object", "tag"], ["foo", "nsfw"])
94 |> put_in(["object", "sensitive"], true)}
96 assert SimplePolicy.filter(local_message) == {:ok, local_message}
100 defp build_media_message do
102 "actor" => "https://remote.instance/users/bob",
105 "attachment" => [%{}],
112 describe "when :report_removal" do
114 Config.put([:mrf_simple, :report_removal], [])
115 report_message = build_report_message()
116 local_message = build_local_message()
118 assert SimplePolicy.filter(report_message) == {:ok, report_message}
119 assert SimplePolicy.filter(local_message) == {:ok, local_message}
122 test "has a matching host" do
123 Config.put([:mrf_simple, :report_removal], ["remote.instance"])
124 report_message = build_report_message()
125 local_message = build_local_message()
127 assert SimplePolicy.filter(report_message) == {:reject, nil}
128 assert SimplePolicy.filter(local_message) == {:ok, local_message}
131 test "match with wildcard domain" do
132 Config.put([:mrf_simple, :report_removal], ["*.remote.instance"])
133 report_message = build_report_message()
134 local_message = build_local_message()
136 assert SimplePolicy.filter(report_message) == {:reject, nil}
137 assert SimplePolicy.filter(local_message) == {:ok, local_message}
141 defp build_report_message do
143 "actor" => "https://remote.instance/users/bob",
148 describe "when :federated_timeline_removal" do
150 Config.put([:mrf_simple, :federated_timeline_removal], [])
151 {_, ftl_message} = build_ftl_actor_and_message()
152 local_message = build_local_message()
154 assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
155 assert SimplePolicy.filter(local_message) == {:ok, local_message}
158 test "has a matching host" do
159 {actor, ftl_message} = build_ftl_actor_and_message()
161 ftl_message_actor_host =
163 |> Map.fetch!("actor")
167 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
168 local_message = build_local_message()
170 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
171 assert actor.follower_address in ftl_message["to"]
172 refute actor.follower_address in ftl_message["cc"]
173 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
174 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
176 assert SimplePolicy.filter(local_message) == {:ok, local_message}
179 test "match with wildcard domain" do
180 {actor, ftl_message} = build_ftl_actor_and_message()
182 ftl_message_actor_host =
184 |> Map.fetch!("actor")
188 Config.put([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
189 local_message = build_local_message()
191 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
192 assert actor.follower_address in ftl_message["to"]
193 refute actor.follower_address in ftl_message["cc"]
194 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
195 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
197 assert SimplePolicy.filter(local_message) == {:ok, local_message}
200 test "has a matching host but only as:Public in to" do
201 {_actor, ftl_message} = build_ftl_actor_and_message()
203 ftl_message_actor_host =
205 |> Map.fetch!("actor")
209 ftl_message = Map.put(ftl_message, "cc", [])
211 Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
213 assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
214 refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
215 assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
219 defp build_ftl_actor_and_message do
220 actor = insert(:user)
224 "actor" => actor.ap_id,
225 "to" => ["https://www.w3.org/ns/activitystreams#Public", "http://foo.bar/baz"],
226 "cc" => [actor.follower_address, "http://foo.bar/qux"]
230 describe "when :reject" do
232 Config.put([:mrf_simple, :reject], [])
234 remote_message = build_remote_message()
236 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
239 test "activity has a matching host" do
240 Config.put([:mrf_simple, :reject], ["remote.instance"])
242 remote_message = build_remote_message()
244 assert SimplePolicy.filter(remote_message) == {:reject, nil}
247 test "activity matches with wildcard domain" do
248 Config.put([:mrf_simple, :reject], ["*.remote.instance"])
250 remote_message = build_remote_message()
252 assert SimplePolicy.filter(remote_message) == {:reject, nil}
255 test "actor has a matching host" do
256 Config.put([:mrf_simple, :reject], ["remote.instance"])
258 remote_user = build_remote_user()
260 assert SimplePolicy.filter(remote_user) == {:reject, nil}
264 describe "when :accept" do
266 Config.put([:mrf_simple, :accept], [])
268 local_message = build_local_message()
269 remote_message = build_remote_message()
271 assert SimplePolicy.filter(local_message) == {:ok, local_message}
272 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
275 test "is not empty but activity doesn't have a matching host" do
276 Config.put([:mrf_simple, :accept], ["non.matching.remote"])
278 local_message = build_local_message()
279 remote_message = build_remote_message()
281 assert SimplePolicy.filter(local_message) == {:ok, local_message}
282 assert SimplePolicy.filter(remote_message) == {:reject, nil}
285 test "activity has a matching host" do
286 Config.put([:mrf_simple, :accept], ["remote.instance"])
288 local_message = build_local_message()
289 remote_message = build_remote_message()
291 assert SimplePolicy.filter(local_message) == {:ok, local_message}
292 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
295 test "activity matches with wildcard domain" do
296 Config.put([:mrf_simple, :accept], ["*.remote.instance"])
298 local_message = build_local_message()
299 remote_message = build_remote_message()
301 assert SimplePolicy.filter(local_message) == {:ok, local_message}
302 assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
305 test "actor has a matching host" do
306 Config.put([:mrf_simple, :accept], ["remote.instance"])
308 remote_user = build_remote_user()
310 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
314 describe "when :avatar_removal" do
316 Config.put([:mrf_simple, :avatar_removal], [])
318 remote_user = build_remote_user()
320 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
323 test "is not empty but it doesn't have a matching host" do
324 Config.put([:mrf_simple, :avatar_removal], ["non.matching.remote"])
326 remote_user = build_remote_user()
328 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
331 test "has a matching host" do
332 Config.put([:mrf_simple, :avatar_removal], ["remote.instance"])
334 remote_user = build_remote_user()
335 {:ok, filtered} = SimplePolicy.filter(remote_user)
337 refute filtered["icon"]
340 test "match with wildcard domain" do
341 Config.put([:mrf_simple, :avatar_removal], ["*.remote.instance"])
343 remote_user = build_remote_user()
344 {:ok, filtered} = SimplePolicy.filter(remote_user)
346 refute filtered["icon"]
350 describe "when :banner_removal" do
352 Config.put([:mrf_simple, :banner_removal], [])
354 remote_user = build_remote_user()
356 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
359 test "is not empty but it doesn't have a matching host" do
360 Config.put([:mrf_simple, :banner_removal], ["non.matching.remote"])
362 remote_user = build_remote_user()
364 assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
367 test "has a matching host" do
368 Config.put([:mrf_simple, :banner_removal], ["remote.instance"])
370 remote_user = build_remote_user()
371 {:ok, filtered} = SimplePolicy.filter(remote_user)
373 refute filtered["image"]
376 test "match with wildcard domain" do
377 Config.put([:mrf_simple, :banner_removal], ["*.remote.instance"])
379 remote_user = build_remote_user()
380 {:ok, filtered} = SimplePolicy.filter(remote_user)
382 refute filtered["image"]
386 defp build_local_message do
388 "actor" => "#{Pleroma.Web.base_url()}/users/alice",
394 defp build_remote_message do
395 %{"actor" => "https://remote.instance/users/bob"}
398 defp build_remote_user do
400 "id" => "https://remote.instance/users/bob",
402 "url" => "http://example.com/image.jpg",
406 "url" => "http://example.com/image.jpg",