X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;ds=inline;f=lib%2Fpleroma%2Fweb%2Factivity_pub%2Fobject_validators%2Fdelete_validator.ex;h=f0c99356e75aa3f54f773ce66b3cff37bafbe860;hb=df5359aa728211e570c98a7bd30fa3f84629417f;hp=e06de3dff02c00a68066e41545345c63aa9b1a34;hpb=4c92dfb73ef1f40438adf5da009499205a677912;p=akkoma
diff --git a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
index e06de3dff..f0c99356e 100644
--- a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
@@ -1,13 +1,13 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
use Ecto.Schema
alias Pleroma.Activity
+ alias Pleroma.EctoType.ActivityPub.ObjectValidators
alias Pleroma.User
- alias Pleroma.Web.ActivityPub.ObjectValidators.Types
import Ecto.Changeset
import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
@@ -15,13 +15,15 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
@primary_key false
embedded_schema do
- field(:id, Types.ObjectID, primary_key: true)
- field(:type, :string)
- field(:actor, Types.ObjectID)
- field(:to, Types.Recipients, default: [])
- field(:cc, Types.Recipients, default: [])
- field(:deleted_activity_id, Types.ObjectID)
- field(:object, Types.ObjectID)
+ quote do
+ unquote do
+ import Elixir.Pleroma.Web.ActivityPub.ObjectValidators.CommonFields
+ message_fields()
+ activity_fields()
+ end
+ end
+
+ field(:deleted_activity_id, ObjectValidators.ObjectID)
end
def cast_data(data) do
@@ -46,18 +48,20 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
Answer
Article
Audio
+ ChatMessage
Event
Note
Page
Question
+ Tombstone
Video
}
- def validate_data(cng) do
+ defp validate_data(cng) do
cng
|> validate_required([:id, :type, :actor, :to, :cc, :object])
|> validate_inclusion(:type, ["Delete"])
- |> validate_actor_presence()
- |> validate_deletion_rights()
+ |> validate_delete_actor(:actor)
+ |> validate_modification_rights()
|> validate_object_or_user_presence(allowed_types: @deletable_types)
|> add_deleted_activity_id()
end
@@ -66,34 +70,18 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
!same_domain?(cng)
end
- defp same_domain?(cng) do
- actor_uri =
- cng
- |> get_field(:actor)
- |> URI.parse()
-
- object_uri =
- cng
- |> get_field(:object)
- |> URI.parse()
-
- object_uri.host == actor_uri.host
- end
-
- def validate_deletion_rights(cng) do
- actor = User.get_cached_by_ap_id(get_field(cng, :actor))
-
- if User.superuser?(actor) || same_domain?(cng) do
- cng
- else
- cng
- |> add_error(:actor, "is not allowed to delete object")
- end
- end
-
def cast_and_validate(data) do
data
|> cast_data
|> validate_data
end
+
+ defp validate_delete_actor(cng, field_name) do
+ validate_change(cng, field_name, fn field_name, actor ->
+ case User.get_cached_by_ap_id(actor) do
+ %User{} -> []
+ _ -> [{field_name, "can't find user"}]
+ end
+ end)
+ end
end