Introduced UserBlock.
end
defp exclude_blocked(query, user) do
+ blocked_ap_ids = User.blocked_ap_ids(user)
+
query
- |> where([n, a], a.actor not in ^user.blocks)
+ |> where([n, a], a.actor not in ^blocked_ap_ids)
|> where(
[n, a],
fragment("substring(? from '.*://([^/]*)')", a.actor) not in ^user.domain_blocks
import Ecto.Changeset
import Ecto.Query
+ import Ecto, only: [assoc: 2]
alias Comeonin.Pbkdf2
alias Ecto.Multi
alias Pleroma.Repo
alias Pleroma.RepoStreamer
alias Pleroma.User
+ alias Pleroma.UserBlock
alias Pleroma.Web
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.Utils
field(:password_reset_pending, :boolean, default: false)
field(:confirmation_token, :string, default: nil)
field(:default_scope, :string, default: "public")
- field(:blocks, {:array, :string}, default: [])
field(:domain_blocks, {:array, :string}, default: [])
field(:mutes, {:array, :string}, default: [])
field(:muted_reblogs, {:array, :string}, default: [])
has_many(:notifications, Notification)
has_many(:registrations, Registration)
has_many(:deliveries, Delivery)
+ has_many(:blocker_blocks, UserBlock, foreign_key: :blocker_id)
+ has_many(:blockee_blocks, UserBlock, foreign_key: :blockee_id)
+ has_many(:blocked_users, through: [:blocker_blocks, :blockee])
+ has_many(:blocker_users, through: [:blockee_blocks, :blocker])
field(:info, :map, default: %{})
+ # `:blocks` is deprecated (replaced with `blocked_users` relation)
+ field(:blocks, {:array, :string}, default: [])
+
timestamps()
end
end
end
- def block(blocker, %User{ap_id: ap_id} = blocked) do
+ def block(blocker, %User{} = blocked) do
# sever any follow relationships to prevent leaks per activitypub (Pleroma issue #213)
blocker =
if following?(blocker, blocked) do
{:ok, blocker} = update_follower_count(blocker)
{:ok, blocker, _} = Participation.mark_all_as_read(blocker, blocked)
- add_to_block(blocker, ap_id)
+ add_to_block(blocker, blocked)
end
# helper to handle the block given only an actor's AP id
block(blocker, get_cached_by_ap_id(ap_id))
end
+ def unblock(blocker, %User{} = blocked) do
+ remove_from_block(blocker, blocked)
+ end
+
+ # helper to handle the block given only an actor's AP id
def unblock(blocker, %{ap_id: ap_id}) do
- remove_from_block(blocker, ap_id)
+ unblock(blocker, get_cached_by_ap_id(ap_id))
end
def mutes?(nil, _), do: false
def blocks?(nil, _), do: false
def blocks_ap_id?(%User{} = user, %User{} = target) do
- Enum.member?(user.blocks, target.ap_id)
+ UserBlock.exists?(user, target)
end
def blocks_ap_id?(_, _), do: false
@spec blocked_users(User.t()) :: [User.t()]
def blocked_users(user) do
- User.Query.build(%{ap_id: user.blocks, deactivated: false})
+ user
+ |> assoc(:blocked_users)
+ |> restrict_deactivated()
|> Repo.all()
end
+ def blocked_ap_ids(user) do
+ Repo.all(
+ from(u in assoc(user, :blocked_users),
+ select: u.ap_id
+ )
+ )
+ end
+
@spec subscribers(User.t()) :: [User.t()]
def subscribers(user) do
User.Query.build(%{ap_id: user.subscribers, deactivated: false})
blocked_identifiers,
fn blocked_identifier ->
with {:ok, %User{} = blocked} <- get_or_fetch(blocked_identifier),
- {:ok, blocker} <- block(blocker, blocked),
+ {:ok, _user_block} <- block(blocker, blocked),
{:ok, _} <- ActivityPub.block(blocker, blocked) do
blocked
else
set_domain_blocks(user, List.delete(user.domain_blocks, domain_blocked))
end
- defp set_blocks(user, blocks) do
- params = %{blocks: blocks}
-
- user
- |> cast(params, [:blocks])
- |> validate_required([:blocks])
- |> update_and_set_cache()
- end
-
- def add_to_block(user, blocked) do
- set_blocks(user, Enum.uniq([blocked | user.blocks]))
+ @spec add_to_block(User.t(), User.t()) :: {:ok, UserBlock.t()} | {:error, Ecto.Changeset.t()}
+ defp add_to_block(%User{} = user, %User{} = blocked) do
+ UserBlock.create(user, blocked)
end
- def remove_from_block(user, blocked) do
- set_blocks(user, List.delete(user.blocks, blocked))
+ @spec add_to_block(User.t(), User.t()) ::
+ {:ok, UserBlock.t()} | {:ok, nil} | {:error, Ecto.Changeset.t()}
+ defp remove_from_block(%User{} = user, %User{} = blocked) do
+ UserBlock.delete(user, blocked)
end
defp set_mutes(user, mutes) do
defp base_query(_user, false), do: User
defp base_query(user, true), do: User.get_followers_query(user)
- defp filter_blocked_user(query, %User{blocks: blocks})
- when length(blocks) > 0 do
- from(q in query, where: not (q.ap_id in ^blocks))
+ defp filter_blocked_user(query, %User{} = blocker) do
+ blocker_id = FlakeId.from_string(blocker.id)
+
+ from(
+ q in query,
+ where:
+ fragment(
+ "? NOT IN (SELECT blockee_id FROM user_blocks WHERE user_blocks.blocker_id = ?)",
+ q.id,
+ ^blocker_id
+ )
+ )
end
defp filter_blocked_user(query, _), do: query
--- /dev/null
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.UserBlock do
+ use Ecto.Schema
+
+ import Ecto.Changeset
+ import Ecto.Query
+
+ alias Pleroma.Repo
+ alias Pleroma.User
+ alias Pleroma.UserBlock
+
+ schema "user_blocks" do
+ belongs_to(:blocker, User, type: FlakeId.Ecto.CompatType)
+ belongs_to(:blockee, User, type: FlakeId.Ecto.CompatType)
+
+ timestamps(updated_at: false)
+ end
+
+ def changeset(%UserBlock{} = user_block, params \\ %{}) do
+ user_block
+ |> cast(params, [:blocker_id, :blockee_id])
+ |> validate_required([:blocker_id, :blockee_id])
+ |> unique_constraint(:blockee_id, name: :user_blocks_blocker_id_blockee_id_index)
+ |> validate_not_self_block()
+ end
+
+ def exists?(%User{} = blocker, %User{} = blockee) do
+ UserBlock
+ |> where(blocker_id: ^blocker.id, blockee_id: ^blockee.id)
+ |> Repo.exists?()
+ end
+
+ def create(%User{} = blocker, %User{} = blockee) do
+ %UserBlock{}
+ |> changeset(%{blocker_id: blocker.id, blockee_id: blockee.id})
+ |> Repo.insert(
+ on_conflict: :replace_all_except_primary_key,
+ conflict_target: [:blocker_id, :blockee_id]
+ )
+ end
+
+ def delete(%User{} = blocker, %User{} = blockee) do
+ attrs = %{blocker_id: blocker.id, blockee_id: blockee.id}
+
+ if is_nil(existing_record = Repo.get_by(UserBlock, attrs)) do
+ {:ok, nil}
+ else
+ Repo.delete(existing_record)
+ end
+ end
+
+ defp validate_not_self_block(%Ecto.Changeset{} = changeset) do
+ changeset
+ |> validate_change(:blockee_id, fn _, blockee_id ->
+ if blockee_id == changeset.changes[:blocker_id] || changeset.data.blocker_id do
+ [blockee_id: "can't be equal to blocker_id"]
+ else
+ []
+ end
+ end)
+ |> validate_change(:blocker_id, fn _, blocker_id ->
+ if blocker_id == changeset.changes[:blockee_id] || changeset.data.blockee_id do
+ [blocker_id: "can't be equal to blockee_id"]
+ else
+ []
+ end
+ end)
+ end
+end
defp restrict_muted(query, _), do: query
defp restrict_blocked(query, %{"blocking_user" => %User{} = user}) do
- blocks = user.blocks || []
+ blocked_ap_ids = User.blocked_ap_ids(user)
domain_blocks = user.domain_blocks || []
query =
from(
[activity, object: o] in query,
- where: fragment("not (? = ANY(?))", activity.actor, ^blocks),
- where: fragment("not (? && ?)", activity.recipients, ^blocks),
+ where: fragment("not (? = ANY(?))", activity.actor, ^blocked_ap_ids),
+ where: fragment("not (? && ?)", activity.recipients, ^blocked_ap_ids),
where:
fragment(
"not (?->>'type' = 'Announce' and ?->'to' \\?| ?)",
activity.data,
activity.data,
- ^blocks
+ ^blocked_ap_ids
),
where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks),
where: fragment("not (split_part(?->>'actor', '/', 3) = ANY(?))", o.data, ^domain_blocks)
@doc "POST /api/v1/accounts/:id/block"
def block(%{assigns: %{user: blocker, account: blocked}} = conn, _params) do
- with {:ok, blocker} <- User.block(blocker, blocked),
+ with {:ok, _user_block} <- User.block(blocker, blocked),
{:ok, _activity} <- ActivityPub.block(blocker, blocked) do
render(conn, "relationship.json", user: blocker, target: blocked)
else
@doc "POST /api/v1/accounts/:id/unblock"
def unblock(%{assigns: %{user: blocker, account: blocked}} = conn, _params) do
- with {:ok, blocker} <- User.unblock(blocker, blocked),
+ with {:ok, _user_block} <- User.unblock(blocker, blocked),
{:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
render(conn, "relationship.json", user: blocker, target: blocked)
else
end
defp should_send?(%User{} = user, %Activity{} = item) do
- blocks = user.blocks || []
+ blocks = User.blocked_ap_ids(user)
mutes = user.mutes || []
reblog_mutes = user.muted_reblogs || []
recipient_blocks = MapSet.new(blocks ++ mutes)
--- /dev/null
+defmodule Pleroma.Repo.Migrations.CreateUserBlocks do
+ use Ecto.Migration
+
+ def change do
+ create_if_not_exists table(:user_blocks) do
+ add(:blocker_id, references(:users, type: :uuid, on_delete: :delete_all))
+ add(:blockee_id, references(:users, type: :uuid, on_delete: :delete_all))
+
+ timestamps(updated_at: false)
+ end
+
+ create_if_not_exists(unique_index(:user_blocks, [:blocker_id, :blockee_id]))
+ end
+end
--- /dev/null
+defmodule Pleroma.Repo.Migrations.DataMigrationPopulateUserBlocks do
+ use Ecto.Migration
+
+ alias Ecto.Adapters.SQL
+ alias Pleroma.Repo
+
+ require Logger
+
+ def up do
+ {:ok, %{rows: block_rows}} =
+ SQL.query(Repo, "SELECT id, blocks FROM users WHERE blocks != '{}'")
+
+ blockee_ap_ids =
+ Enum.flat_map(
+ block_rows,
+ fn [_, ap_ids] -> ap_ids end
+ )
+ |> Enum.uniq()
+
+ # Selecting ids of all blockees at once in order to reduce the number of SELECT queries
+ {:ok, %{rows: blockee_ap_id_id}} =
+ SQL.query(Repo, "SELECT ap_id, id FROM users WHERE ap_id = ANY($1)", [blockee_ap_ids])
+
+ blockee_id_by_ap_id = Enum.into(blockee_ap_id_id, %{}, fn [k, v] -> {k, v} end)
+
+ Enum.each(
+ block_rows,
+ fn [blocker_id, blockee_ap_ids] ->
+ blocker_uuid = Ecto.UUID.cast!(blocker_id)
+
+ for blockee_ap_id <- blockee_ap_ids do
+ blockee_id = blockee_id_by_ap_id[blockee_ap_id]
+ blockee_uuid = blockee_id && Ecto.UUID.cast!(blockee_id)
+
+ with {:ok, blockee_uuid} <- Ecto.UUID.cast(blockee_id) do
+ execute(
+ "INSERT INTO user_blocks(blocker_id, blockee_id, inserted_at) " <>
+ "VALUES('#{blocker_uuid}'::uuid, '#{blockee_uuid}'::uuid, now()) " <>
+ "ON CONFLICT (blocker_id, blockee_id) DO NOTHING"
+ )
+ else
+ _ -> Logger.warn("Missing reference: (#{blocker_uuid}, #{blockee_id})")
+ end
+ end
+ end
+ )
+ end
+
+ def down, do: :noop
+end
assert User.get_cached_by_id(blocker.id).unread_conversation_count == 4
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
# The conversations with the blocked user are marked as read
assert [%{read: true}, %{read: true}, %{read: true}, %{read: false}] =
blocked = insert(:user)
third_user = insert(:user)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
# When the blocked user is the author
{:ok, _direct1} =
"visibility" => "direct"
})
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
assert [%{read: true}] = Participation.for_user(blocker)
assert User.get_cached_by_id(blocker.id).unread_conversation_count == 0
activity = insert(:note_activity)
author = User.get_cached_by_ap_id(activity.data["actor"])
user = insert(:user)
- {:ok, user} = User.block(user, author)
+ {:ok, _user_block} = User.block(user, author)
assert Notification.create_notification(activity, user)
end
test "it doesn't return notifications for blocked user" do
user = insert(:user)
blocked = insert(:user)
- {:ok, user} = User.block(user, blocked)
+ {:ok, _user_block} = User.block(user, blocked)
{:ok, _activity} = CommonAPI.post(blocked, %{"status" => "hey @#{user.nickname}"})
test "it doesn't return notifications from a blocked user when with_muted is set" do
user = insert(:user)
blocked = insert(:user)
- {:ok, user} = User.block(user, blocked)
+ {:ok, _user_block} = User.block(user, blocked)
{:ok, _activity} = CommonAPI.post(blocked, %{"status" => "hey @#{user.nickname}"})
CommonAPI.follow(follower, followed)
assert [_activity] = User.get_follow_requests(followed)
- {:ok, _follower} = User.block(followed, follower)
+ {:ok, _user_block} = User.block(followed, follower)
assert [] = User.get_follow_requests(followed)
end
not_followed = insert(:user)
reverse_blocked = insert(:user)
- {:ok, user} = User.block(user, blocked)
- {:ok, reverse_blocked} = User.block(reverse_blocked, user)
+ {:ok, _user_block} = User.block(user, blocked)
+ {:ok, _user_block} = User.block(reverse_blocked, user)
{:ok, user} = User.follow(user, followed_zero)
blocker = insert(:user)
blockee = insert(:user)
- {:ok, blocker} = User.block(blocker, blockee)
+ {:ok, _user_block} = User.block(blocker, blockee)
{:error, _} = User.follow(blockee, blocker)
end
blocker = insert(:user)
blocked = insert(:user)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
{:error, _} = User.subscribe(blocked, blocker)
end
refute User.blocks?(user, blocked_user)
- {:ok, user} = User.block(user, blocked_user)
+ {:ok, _user_block} = User.block(user, blocked_user)
assert User.blocks?(user, blocked_user)
end
user = insert(:user)
blocked_user = insert(:user)
- {:ok, user} = User.block(user, blocked_user)
- {:ok, user} = User.unblock(user, blocked_user)
+ {:ok, _user_block} = User.block(user, blocked_user)
+ {:ok, _user_block} = User.unblock(user, blocked_user)
refute User.blocks?(user, blocked_user)
end
assert User.following?(blocker, blocked)
assert User.following?(blocked, blocker)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
blocked = User.get_cached_by_id(blocked.id)
assert User.blocks?(blocker, blocked)
assert User.following?(blocker, blocked)
refute User.following?(blocked, blocker)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
blocked = User.get_cached_by_id(blocked.id)
assert User.blocks?(blocker, blocked)
refute User.following?(blocker, blocked)
assert User.following?(blocked, blocker)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
blocked = User.get_cached_by_id(blocked.id)
assert User.blocks?(blocker, blocked)
assert User.subscribed_to?(blocked, blocker)
refute User.subscribed_to?(blocker, blocked)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
assert User.blocks?(blocker, blocked)
refute User.subscribed_to?(blocker, blocked)
{:ok, _follower2} = User.follow(follower2, user)
{:ok, _follower3} = User.follow(follower3, user)
- {:ok, user} = User.block(user, follower)
+ {:ok, _user_block} = User.block(user, follower)
+ user = refresh_record(user)
assert User.user_info(user).follower_count == 2
end
activity_five = insert(:note_activity)
user = insert(:user)
- {:ok, user} = User.block(user, %{ap_id: activity_five.data["actor"]})
+ {:ok, _user_block} = User.block(user, %{ap_id: activity_five.data["actor"]})
activities = ActivityPub.fetch_activities_for_context("2hu", %{"blocking_user" => user})
assert activities == [activity_two, activity]
activity_three = insert(:note_activity)
user = insert(:user)
booster = insert(:user)
- {:ok, user} = User.block(user, %{ap_id: activity_one.data["actor"]})
+ {:ok, _user_block} = User.block(user, %{ap_id: activity_one.data["actor"]})
activities =
ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true})
assert Enum.member?(activities, activity_three)
refute Enum.member?(activities, activity_one)
- {:ok, user} = User.unblock(user, %{ap_id: activity_one.data["actor"]})
+ {:ok, _user_block} = User.unblock(user, %{ap_id: activity_one.data["actor"]})
activities =
ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true})
assert Enum.member?(activities, activity_three)
assert Enum.member?(activities, activity_one)
- {:ok, user} = User.block(user, %{ap_id: activity_three.data["actor"]})
+ {:ok, _user_block} = User.block(user, %{ap_id: activity_three.data["actor"]})
{:ok, _announce, %{data: %{"id" => id}}} = CommonAPI.repeat(activity_three.id, booster)
%Activity{} = boost_activity = Activity.get_create_by_object_ap_id(id)
activity_three = Activity.get_by_id(activity_three.id)
blockee = insert(:user)
friend = insert(:user)
- {:ok, blocker} = User.block(blocker, blockee)
+ {:ok, _user_block} = User.block(blocker, blockee)
{:ok, activity_one} = CommonAPI.post(friend, %{"status" => "hey!"})
blockee = insert(:user)
friend = insert(:user)
- {:ok, blocker} = User.block(blocker, blockee)
+ {:ok, _user_block} = User.block(blocker, blockee)
{:ok, activity_one} = CommonAPI.post(friend, %{"status" => "hey!"})
user = insert(:user)
{:ok, target} = User.get_or_fetch("http://mastodon.example.org/users/admin")
- {:ok, user} = User.block(user, target)
+ {:ok, _user_block} = User.block(user, target)
data =
File.read!("test/fixtures/mastodon-follow-activity.json")
user = insert(:user)
other_user = insert(:user)
- {:ok, user} = User.block(user, other_user)
+ {:ok, _user_block} = User.block(user, other_user)
conn =
conn
activity: activity
} do
other_user = insert(:user)
- {:ok, user} = User.block(user, other_user)
+ {:ok, _user_block} = User.block(user, other_user)
{:ok, _, _} = CommonAPI.favorite(activity.id, other_user)
activity: activity
} do
other_user = insert(:user)
- {:ok, user} = User.block(user, other_user)
+ {:ok, _user_block} = User.block(user, other_user)
{:ok, _, _} = CommonAPI.repeat(activity.id, other_user)
blocker = insert(:user)
blocked = insert(:user)
user = insert(:user)
- {:ok, blocker} = User.block(blocker, blocked)
+ {:ok, _user_block} = User.block(blocker, blocked)
{:ok, _blocked_direct} =
CommonAPI.post(blocked, %{
{:ok, user} = User.follow(user, other_user)
{:ok, other_user} = User.subscribe(user, other_user)
- {:ok, user} = User.block(user, other_user)
- {:ok, other_user} = User.block(other_user, user)
+ {:ok, _user_block} = User.block(user, other_user)
+ {:ok, _user_block} = User.block(other_user, user)
expected = %{
id: to_string(other_user.id),
other_user = insert(:user)
{:ok, other_user} = User.follow(other_user, user)
- {:ok, other_user} = User.block(other_user, user)
+ {:ok, _user_block} = User.block(other_user, user)
{:ok, _} = User.follow(insert(:user), user)
expected = %{
user: user
} do
blocked = insert(:user)
- {:ok, user} = User.block(user, blocked)
+ {:ok, _user_block} = User.block(user, blocked)
task = Task.async(fn -> refute_receive {:text, _}, 4_000 end)
test "it doesn't send messages involving blocked users" do
user = insert(:user)
blocked_user = insert(:user)
- {:ok, user} = User.block(user, blocked_user)
+ {:ok, _user_block} = User.block(user, blocked_user)
task =
Task.async(fn ->
"public" => [fake_socket]
}
- {:ok, blocker} = User.block(blocker, blockee)
+ {:ok, _user_block} = User.block(blocker, blockee)
{:ok, activity_one} = CommonAPI.post(friend, %{"status" => "hey! @#{blockee.nickname}"})
user = insert(:user)
user2 = insert(:user)
- {:ok, _user} = Pleroma.User.block(user2, user)
+ {:ok, _user_block} = Pleroma.User.block(user2, user)
response =
conn
Pleroma.Config.put([:user, :deny_follow_blocked], true)
user = insert(:user)
user2 = insert(:user)
- {:ok, _user} = Pleroma.User.block(user2, user)
+ {:ok, _user_block} = Pleroma.User.block(user2, user)
response =
conn
projects / akkoma / commitdiff