X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Factivity_pub%2Fvisibility.ex;h=00234c0b05c7eddf9d0cac3b86f4f8b4e516d73a;hb=c186b059a77bf6cece831887948e23ee95222a1a;hp=6dee61dd61b02bf9dc337d86becb7faa807b711f;hpb=83589ca6a56ed4ff6d7e9a116fbbf1797ba50e39;p=akkoma diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex index 6dee61dd6..00234c0b0 100644 --- a/lib/pleroma/web/activity_pub/visibility.ex +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -1,26 +1,51 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.ActivityPub.Visibility do alias Pleroma.Activity alias Pleroma.Object + alias Pleroma.Repo alias Pleroma.User + alias Pleroma.Web.ActivityPub.Utils + + require Pleroma.Constants + @spec is_public?(Object.t() | Activity.t() | map()) :: boolean() def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false def is_public?(%Object{data: data}), do: is_public?(data) + def is_public?(%Activity{data: %{"type" => "Move"}}), do: true def is_public?(%Activity{data: data}), do: is_public?(data) def is_public?(%{"directMessage" => true}), do: false def is_public?(data) do - "https://www.w3.org/ns/activitystreams#Public" in (data["to"] ++ (data["cc"] || [])) + Utils.label_in_message?(Pleroma.Constants.as_public(), data) or + Utils.label_in_message?(Pleroma.Constants.as_local_public(), data) + end + + def is_local_public?(%Object{data: data}), do: is_local_public?(data) + def is_local_public?(%Activity{data: data}), do: is_local_public?(data) + + def is_local_public?(data) do + Utils.label_in_message?(Pleroma.Constants.as_local_public(), data) and + not Utils.label_in_message?(Pleroma.Constants.as_public(), data) end def is_private?(activity) do - unless is_public?(activity) do - follower_address = User.get_cached_by_ap_id(activity.data["actor"]).follower_address - Enum.any?(activity.data["to"], &(&1 == follower_address)) + with false <- is_public?(activity), + %User{follower_address: follower_address} <- + User.get_cached_by_ap_id(activity.data["actor"]) do + follower_address in activity.data["to"] else - false + _ -> false end end + def is_announceable?(activity, user, public \\ true) do + is_public?(activity) || + (!public && is_private?(activity) && activity.data["actor"] == user.ap_id) + end + def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true def is_direct?(%Object{data: %{"directMessage" => true}}), do: true @@ -28,34 +53,98 @@ defmodule Pleroma.Web.ActivityPub.Visibility do !is_public?(activity) && !is_private?(activity) end - def visible_for_user?(activity, nil) do - is_public?(activity) + def is_list?(%{data: %{"listMessage" => _}}), do: true + def is_list?(_), do: false + + @spec visible_for_user?(Object.t() | Activity.t() | nil, User.t() | nil) :: boolean() + def visible_for_user?(%Activity{actor: ap_id}, %User{ap_id: ap_id}), do: true + def visible_for_user?(%Object{data: %{"actor" => ap_id}}, %User{ap_id: ap_id}), do: true + def visible_for_user?(nil, _), do: false + def visible_for_user?(%Activity{data: %{"listMessage" => _}}, nil), do: false + + def visible_for_user?( + %Activity{data: %{"listMessage" => list_ap_id}} = activity, + %User{} = user + ) do + user.ap_id in activity.data["to"] || + list_ap_id + |> Pleroma.List.get_by_ap_id() + |> Pleroma.List.member?(user) end - def visible_for_user?(activity, user) do - x = [user.ap_id | user.following] - y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || []) - visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) + def visible_for_user?(%{__struct__: module} = message, nil) + when module in [Activity, Object] do + if restrict_unauthenticated_access?(message), + do: false, + else: is_public?(message) and not is_local_public?(message) end - # guard - def entire_thread_visible_for_user?(nil, _user), do: false + def visible_for_user?(%{__struct__: module} = message, user) + when module in [Activity, Object] do + x = [user.ap_id | User.following(user)] + y = [message.data["actor"]] ++ message.data["to"] ++ (message.data["cc"] || []) + is_public?(message) || Enum.any?(x, &(&1 in y)) + end - # XXX: Probably even more inefficient than the previous implementation intended to be a placeholder untill https://git.pleroma.social/pleroma/pleroma/merge_requests/971 is in develop - # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength + def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do + {:ok, %{rows: [[result]]}} = + Ecto.Adapters.SQL.query(Repo, "SELECT thread_visibility($1, $2)", [ + user.ap_id, + activity.data["id"] + ]) - def entire_thread_visible_for_user?( - %Activity{} = tail, - # %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, - user - ) do - case Object.normalize(tail) do - %{data: %{"inReplyTo" => parent_id}} when is_binary(parent_id) -> - parent = Activity.get_in_reply_to_activity(tail) - visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) + result + end + + def restrict_unauthenticated_access?(%Activity{local: local}) do + restrict_unauthenticated_access_to_activity?(local) + end + + def restrict_unauthenticated_access?(%Object{} = object) do + object + |> Object.local?() + |> restrict_unauthenticated_access_to_activity?() + end + + def restrict_unauthenticated_access?(%User{} = user) do + User.visible_for(user, _reading_user = nil) + end + + defp restrict_unauthenticated_access_to_activity?(local?) when is_boolean(local?) do + cfg_key = if local?, do: :local, else: :remote + + Pleroma.Config.restrict_unauthenticated_access?(:activities, cfg_key) + end + + def get_visibility(object) do + to = object.data["to"] || [] + cc = object.data["cc"] || [] + + cond do + Pleroma.Constants.as_public() in to -> + "public" + + Pleroma.Constants.as_public() in cc -> + "unlisted" + + Pleroma.Constants.as_local_public() in to -> + "local" + + # this should use the sql for the object's activity + Enum.any?(to, &String.contains?(&1, "/followers")) -> + "private" + + object.data["directMessage"] == true -> + "direct" + + is_binary(object.data["listMessage"]) -> + "list" + + length(cc) > 0 -> + "private" - _ -> - visible_for_user?(tail, user) + true -> + "direct" end end end