Merge branch 'buildx-multiarch-arm32v7' into 'develop'

[akkoma] / lib / pleroma / web / activity_pub / object_validators / common_validations.ex
diff --git a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex

index e981dacaa8e166585f1b095dce992d3eae3e7e95..603d87b8eb7e426215cf1da30847bd2bc970c8fb 100644 (file)
--- a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
@@ -34,23 +34,15 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do
  
      cng
      |> validate_change(field_name, fn field_name, actor ->
-      if User.get_cached_by_ap_id(actor) do
-        []
-      else
-        [{field_name, "can't find user"}]
-      end
-    end)
-  end
+      case User.get_cached_by_ap_id(actor) do
+        %User{deactivated: true} ->
+          [{field_name, "user is deactivated"}]
  
-  def validate_actor_is_active(cng, options \\ []) do
-    field_name = Keyword.get(options, :field_name, :actor)
+        %User{} ->
+          []
  
-    cng
-    |> validate_change(field_name, fn field_name, actor ->
-      if %User{deactivated: false} = User.get_cached_by_ap_id(actor) do
-        []
-      else
-        [{field_name, "can't find user (or deactivated)"}]
+        _ ->
+          [{field_name, "can't find user"}]
        end
      end)
    end
@@ -92,20 +84,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do
    end
  
    def validate_host_match(cng, fields \\ [:id, :actor]) do
-    unique_hosts =
-      fields
-      |> Enum.map(fn field ->
-        %URI{host: host} =
-          cng
-          |> get_field(field)
-          |> URI.parse()
-
-        host
-      end)
-      |> Enum.uniq()
-      |> Enum.count()
-
-    if unique_hosts == 1 do
+    if same_domain?(cng, fields) do
        cng
      else
        fields
@@ -117,13 +96,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do
    end
  
    def validate_fields_match(cng, fields) do
-    unique_fields =
-      fields
-      |> Enum.map(fn field -> get_field(cng, field) end)
-      |> Enum.uniq()
-      |> Enum.count()
-
-    if unique_fields == 1 do
+    if map_unique?(cng, fields) do
        cng
      else
        fields
@@ -133,4 +106,36 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do
        end)
      end
    end
+
+  defp map_unique?(cng, fields, func \\ & &1) do
+    Enum.reduce_while(fields, nil, fn field, acc ->
+      value =
+        cng
+        |> get_field(field)
+        |> func.()
+
+      case {value, acc} do
+        {value, nil} -> {:cont, value}
+        {value, value} -> {:cont, value}
+        _ -> {:halt, false}
+      end
+    end)
+  end
+
+  def same_domain?(cng, fields \\ [:actor, :object]) do
+    map_unique?(cng, fields, fn value -> URI.parse(value).host end)
+  end
+
+  # This figures out if a user is able to create, delete or modify something
+  # based on the domain and superuser status
+  def validate_modification_rights(cng) do
+    actor = User.get_cached_by_ap_id(get_field(cng, :actor))
+
+    if User.superuser?(actor) || same_domain?(cng) do
+      cng
+    else
+      cng
+      |> add_error(:actor, "is not allowed to modify object")
+    end
+  end
  end