Containment: Add a catch-all clause to contain_origin.

diff --git a/lib/pleroma/object/containment.ex b/lib/pleroma/object/containment.ex
index a1f9c1250b3248c41cc79bf39042bda7b0101143..25aa32f60743dc21fef01e1184539b3b70a77638 100644 (file)
--- a/lib/pleroma/object/containment.ex
+++ b/lib/pleroma/object/containment.ex
@@ -64,6 +64,8 @@ defmodule Pleroma.Object.Containment do
   def contain_origin(id, %{"attributedTo" => actor} = params),
     do: contain_origin(id, Map.put(params, "actor", actor))
 
+  def contain_origin(_id, _data), do: :error
+
   def contain_origin_from_id(id, %{"id" => other_id} = _params) when is_binary(other_id) do
     id_uri = URI.parse(id)
     other_uri = URI.parse(other_id)

diff --git a/test/object/containment_test.exs b/test/object/containment_test.exs
index 71fe5204cbf634ce2ee96c04147df5fe5d99d900..7636803a63a97f6f313d91798d40f3ae39874770 100644 (file)
--- a/test/object/containment_test.exs
+++ b/test/object/containment_test.exs
@@ -17,6 +17,16 @@ defmodule Pleroma.Object.ContainmentTest do
   end
 
   describe "general origin containment" do
+    test "works for completely actorless posts" do
+      assert :error ==
+               Containment.contain_origin("https://glaceon.social/users/monorail", %{
+                 "deleted" => "2019-10-30T05:48:50.249606Z",
+                 "formerType" => "Note",
+                 "id" => "https://glaceon.social/users/monorail/statuses/103049757364029187",
+                 "type" => "Tombstone"
+               })
+    end
+
     test "contain_origin_from_id() catches obvious spoofing attempts" do
       data = %{
         "id" => "http://example.com/~alyssa/activities/1234.json"