CommonValidations: Extract modification right checker

diff --git a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
index 67352f801af7430819a5968d268d4bed644a4131..e4c5d961928c1d84a31459e2f1b1a00ebd5606ad 100644 (file)
--- a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
@@ -125,4 +125,31 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations do
       end)
     end
   end
+
+  def same_domain?(cng, field_one \\ :actor, field_two \\ :object) do
+    actor_uri =
+      cng
+      |> get_field(field_one)
+      |> URI.parse()
+
+    object_uri =
+      cng
+      |> get_field(field_two)
+      |> URI.parse()
+
+    object_uri.host == actor_uri.host
+  end
+
+  # This figures out if a user is able to create, delete or modify something
+  # based on the domain and superuser status
+  def validate_modification_rights(cng) do
+    actor = User.get_cached_by_ap_id(get_field(cng, :actor))
+
+    if User.superuser?(actor) || same_domain?(cng) do
+      cng
+    else
+      cng
+      |> add_error(:actor, "is not allowed to modify object")
+    end
+  end
 end

diff --git a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
index 93a7b0e0bc3757cf440540f0e7ad231b06d2820e..2634e8d4df6ecf73659ff7639ff8488c2b419587 100644 (file)
--- a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
@@ -7,7 +7,6 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
 
   alias Pleroma.Activity
   alias Pleroma.EctoType.ActivityPub.ObjectValidators
-  alias Pleroma.User
 
   import Ecto.Changeset
   import Pleroma.Web.ActivityPub.ObjectValidators.CommonValidations
@@ -59,7 +58,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
     |> validate_required([:id, :type, :actor, :to, :cc, :object])
     |> validate_inclusion(:type, ["Delete"])
     |> validate_actor_presence()
-    |> validate_deletion_rights()
+    |> validate_modification_rights()
     |> validate_object_or_user_presence(allowed_types: @deletable_types)
     |> add_deleted_activity_id()
   end
@@ -68,31 +67,6 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidator do
     !same_domain?(cng)
   end
 
-  defp same_domain?(cng) do
-    actor_uri =
-      cng
-      |> get_field(:actor)
-      |> URI.parse()
-
-    object_uri =
-      cng
-      |> get_field(:object)
-      |> URI.parse()
-
-    object_uri.host == actor_uri.host
-  end
-
-  def validate_deletion_rights(cng) do
-    actor = User.get_cached_by_ap_id(get_field(cng, :actor))
-
-    if User.superuser?(actor) || same_domain?(cng) do
-      cng
-    else
-      cng
-      |> add_error(:actor, "is not allowed to delete object")
-    end
-  end
-
   def cast_and_validate(data) do
     data
     |> cast_data

diff --git a/test/web/activity_pub/object_validators/delete_validation_test.exs b/test/web/activity_pub/object_validators/delete_validation_test.exs
index 42cd18298fe8ece9ab1ef604a84d5c3d38fad423..02683b899d762630c89cb5d3084f0ddbcfdc1908 100644 (file)
--- a/test/web/activity_pub/object_validators/delete_validation_test.exs
+++ b/test/web/activity_pub/object_validators/delete_validation_test.exs
@@ -87,7 +87,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidationTest do
 
       {:error, cng} = ObjectValidator.validate(invalid_other_actor, [])
 
-      assert {:actor, {"is not allowed to delete object", []}} in cng.errors
+      assert {:actor, {"is not allowed to modify object", []}} in cng.errors
     end
 
     test "it's valid if the actor of the object is a local superuser",