X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Factivity_pub%2Fobject_validators%2Fdelete_validator.ex;h=7da67bf16bf6d845ca53fa007d8fc444e2f9fa47;hb=84f42b92f0f53c569d0f7628d0a4af3ee5c06eaa;hp=fa1713b507756c1ee30fc3c0d022193fae3e510f;hpb=1fb383f368b861d7aea77770ba7be6e3dfe3468e;p=akkoma

diff --git a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
index fa1713b50..7da67bf16 100644
--- a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
@@ -1,11 +1,12 @@
 # Pleroma: A lightweight social networking server
-# Copyright Â© 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright Â© 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
   use Ecto.Schema
 
-  alias Pleroma.Web.ActivityPub.ObjectValidators.Types
+  alias Pleroma.Activity
+  alias Pleroma.EctoType.ActivityPub.ObjectValidators
 
   import Ecto.Changeset
   import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
@@ -13,12 +14,13 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
   @primary_key false
 
   embedded_schema do
-    field(:id, Types.ObjectID, primary_key: true)
+    field(:id, ObjectValidators.ObjectID, primary_key: true)
     field(:type, :string)
-    field(:actor, Types.ObjectID)
-    field(:to, Types.Recipients, default: [])
-    field(:cc, Types.Recipients, default: [])
-    field(:object, Types.ObjectID)
+    field(:actor, ObjectValidators.ObjectID)
+    field(:to, ObjectValidators.Recipients, default: [])
+    field(:cc, ObjectValidators.Recipients, default: [])
+    field(:deleted_activity_id, ObjectValidators.ObjectID)
+    field(:object, ObjectValidators.ObjectID)
   end
 
   def cast_data(data) do
@@ -26,35 +28,45 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
     |> cast(data, __schema__(:fields))
   end
 
-  def validate_data(cng) do
-    cng
-    |> validate_required([:id, :type, :actor, :to, :cc, :object])
-    |> validate_inclusion(:type, ["Delete"])
-    |> validate_same_domain()
-    |> validate_object_or_user_presence()
-  end
-
-  def validate_same_domain(cng) do
-    actor_domain =
-      cng
-      |> get_field(:actor)
-      |> URI.parse()
-      |> (& &1.host).()
-
-    object_domain =
+  def add_deleted_activity_id(cng) do
+    object =
       cng
       |> get_field(:object)
-      |> URI.parse()
-      |> (& &1.host).()
 
-    if object_domain != actor_domain do
+    with %Activity{id: id} <- Activity.get_create_by_object_ap_id(object) do
       cng
-      |> add_error(:actor, "is not allowed to delete object")
+      |> put_change(:deleted_activity_id, id)
     else
-      cng
+      _ -> cng
     end
   end
 
+  @deletable_types ~w{
+    Answer
+    Article
+    Audio
+    ChatMessage
+    Event
+    Note
+    Page
+    Question
+    Tombstone
+    Video
+  }
+  defp validate_data(cng) do
+    cng
+    |> validate_required([:id, :type, :actor, :to, :cc, :object])
+    |> validate_inclusion(:type, ["Delete"])
+    |> validate_actor_presence()
+    |> validate_modification_rights()
+    |> validate_object_or_user_presence(allowed_types: @deletable_types)
+    |> add_deleted_activity_id()
+  end
+
+  def do_not_federate?(cng) do
+    !same_domain?(cng)
+  end
+
   def cast_and_validate(data) do
     data
     |> cast_data