Split create activity specifics from update_outbox

author sxsdv1 <sxsdv1@gmail.com>

Tue, 1 Jan 2019 21:16:46 +0000 (22:16 +0100)

committer sxsdv1 <sxsdv1@gmail.com>

Tue, 1 Jan 2019 22:20:28 +0000 (23:20 +0100)
author sxsdv1 <sxsdv1@gmail.com>
Tue, 1 Jan 2019 21:16:46 +0000 (22:16 +0100)
committer sxsdv1 <sxsdv1@gmail.com>
Tue, 1 Jan 2019 22:20:28 +0000 (23:20 +0100)
diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex

index fc7972eaf3effcee18de0a5032c68177ae3e84f0..d23c54933332494d0599c92e6e7ca83417c9d386 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
@@ -165,9 +165,29 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
      end
    end
  
+  def handle_user_activity(user, %{"type" => "Create"} = params) do
+    object =
+      params["object"]
+      |> Map.merge(Map.take(params, ["to", "cc"]))
+      |> Map.put("attributedTo", user.ap_id())
+      |> Transmogrifier.fix_object()
+
+    ActivityPub.create(%{
+      to: params["to"],
+      actor: user,
+      context: object["context"],
+      object: object,
+      additional: Map.take(params, ["cc"])
+    })
+  end
+
+  def handle_user_activity(_, _) do
+    {:error, "Unhandled activity type"}
+  end
+
    def update_outbox(
          %{assigns: %{user: user}} = conn,
-        %{"nickname" => nickname, "type" => "Create"} = params
+        %{"nickname" => nickname} = params
        ) do
      if nickname == user.nickname do
        actor = user.ap_id()
@@ -178,24 +198,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
          |> Map.put("actor", actor)
          |> Transmogrifier.fix_addressing()
  
-      object =
-        params["object"]
-        |> Map.merge(Map.take(params, ["to", "cc"]))
-        |> Map.put("attributedTo", actor)
-        |> Transmogrifier.fix_object()
-
-      with {:ok, %Activity{} = activity} <-
-             ActivityPub.create(%{
-               to: params["to"],
-               actor: user,
-               context: object["context"],
-               object: object,
-               additional: Map.take(params, ["cc"])
-             }) do
+      with {:ok, %Activity{} = activity} <- handle_user_activity(user, params) do
          conn
          |> put_status(:created)
          |> put_resp_header("location", activity.data["id"])
          |> json(activity.data)
+      else
+        {:error, message} ->
+          conn
+          |> put_status(:bad_request)
+          |> json(message)
        end
      else
        conn
diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs

index cb95e0e09fe4f47d4960c8706bb9050915e0ab54..77dc96617c7ff613fdc59aadb1ab0db9360beb1a 100644 (file)
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@@ -192,6 +192,23 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
        result = json_response(conn, 201)
        assert Activity.get_by_ap_id(result["id"])
      end
+
+    test "it rejects an incoming activity with bogus type", %{conn: conn} do
+      data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+      user = insert(:user)
+
+      data =
+        data
+        |> Map.put("type", "BadType")
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> put_req_header("content-type", "application/activity+json")
+        |> post("/users/#{user.nickname}/outbox", data)
+
+      assert json_response(conn, 400)
+    end
    end
  
    describe "/users/:nickname/followers" do
author	sxsdv1 <sxsdv1@gmail.com>
	Tue, 1 Jan 2019 21:16:46 +0000 (22:16 +0100)
committer	sxsdv1 <sxsdv1@gmail.com>
	Tue, 1 Jan 2019 22:20:28 +0000 (23:20 +0100)
lib/pleroma/web/activity_pub/activity_pub_controller.ex		patch \| blob \| history
test/web/activity_pub/activity_pub_controller_test.exs		patch \| blob \| history