mrf/simple_policy: check actor against accept/reject

author Haelwenn (lanodan) Monnier <contact@hacktivis.me>

Mon, 7 Oct 2019 00:55:09 +0000 (02:55 +0200)

committer Haelwenn (lanodan) Monnier <contact@hacktivis.me>

Mon, 7 Oct 2019 01:49:57 +0000 (03:49 +0200)
author Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Mon, 7 Oct 2019 00:55:09 +0000 (02:55 +0200)
committer Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Mon, 7 Oct 2019 01:49:57 +0000 (03:49 +0200)
diff --git a/CHANGELOG.md b/CHANGELOG.md

index 607643b7c5b0cf3517ae98471869b8c7b161ea63..33321e9901e331aae7420204ee046f58831e7454 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
  - Admin API: Return `total` when querying for reports
  - Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`)
  - Admin API: Return link alongside with token on password reset
+- MRF (Simple Policy): Also use `:accept`/`:reject` on the actors rather than only their activities
  
  ### Fixed
  - Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`)
diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex

index 8aa6852f0098acec9b8b1363553bc071495324ba..8e53296e76d6cf5c6d9a83a85dabe2174e5dd728 100644 (file)
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -168,7 +168,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
        when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do
      actor_info = URI.parse(actor)
  
-    with {:ok, object} <- check_avatar_removal(actor_info, object),
+    with {:ok, object} <- check_accept(actor_info, object),
+         {:ok, object} <- check_reject(actor_info, object),
+         {:ok, object} <- check_avatar_removal(actor_info, object),
           {:ok, object} <- check_banner_removal(actor_info, object) do
        {:ok, object}
      else
diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs

index 7203b27daaedb07ab9cabf13880033e3b19ba288..df0f223f8f4dec8dafc67c51e7c0c5b5f50d0a29 100644 (file)
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -236,7 +236,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
      end
  
-    test "has a matching host" do
+    test "activity has a matching host" do
        Config.put([:mrf_simple, :reject], ["remote.instance"])
  
        remote_message = build_remote_message()
@@ -244,13 +244,21 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(remote_message) == {:reject, nil}
      end
  
-    test "match with wildcard domain" do
+    test "activity matches with wildcard domain" do
        Config.put([:mrf_simple, :reject], ["*.remote.instance"])
  
        remote_message = build_remote_message()
  
        assert SimplePolicy.filter(remote_message) == {:reject, nil}
      end
+
+    test "actor has a matching host" do
+      Config.put([:mrf_simple, :reject], ["remote.instance"])
+
+      remote_user = build_remote_user()
+
+      assert SimplePolicy.filter(remote_user) == {:reject, nil}
+    end
    end
  
    describe "when :accept" do
@@ -264,7 +272,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
      end
  
-    test "is not empty but it doesn't have a matching host" do
+    test "is not empty but activity doesn't have a matching host" do
        Config.put([:mrf_simple, :accept], ["non.matching.remote"])
  
        local_message = build_local_message()
@@ -274,7 +282,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(remote_message) == {:reject, nil}
      end
  
-    test "has a matching host" do
+    test "activity has a matching host" do
        Config.put([:mrf_simple, :accept], ["remote.instance"])
  
        local_message = build_local_message()
@@ -284,7 +292,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
      end
  
-    test "match with wildcard domain" do
+    test "activity matches with wildcard domain" do
        Config.put([:mrf_simple, :accept], ["*.remote.instance"])
  
        local_message = build_local_message()
@@ -293,6 +301,14 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
        assert SimplePolicy.filter(local_message) == {:ok, local_message}
        assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
      end
+
+    test "actor has a matching host" do
+      Config.put([:mrf_simple, :accept], ["remote.instance"])
+
+      remote_user = build_remote_user()
+
+      assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
+    end
    end
  
    describe "when :avatar_removal" do
author	Haelwenn (lanodan) Monnier <contact@hacktivis.me>
	Mon, 7 Oct 2019 00:55:09 +0000 (02:55 +0200)
committer	Haelwenn (lanodan) Monnier <contact@hacktivis.me>
	Mon, 7 Oct 2019 01:49:57 +0000 (03:49 +0200)
CHANGELOG.md		patch \| blob \| history
lib/pleroma/web/activity_pub/mrf/simple_policy.ex		patch \| blob \| history
test/web/activity_pub/mrf/simple_policy_test.exs		patch \| blob \| history