[#1560] Misc. improvements in ActivityPubController federation state restrictions.
This commit is contained in:
parent
b6fc98d9cd
commit
40765875d4
@ -13,13 +13,17 @@ defmodule Pleroma.Web.FederatingPlug do
|
||||
if federating?() do
|
||||
conn
|
||||
else
|
||||
conn
|
||||
|> put_status(404)
|
||||
|> Phoenix.Controller.put_view(Pleroma.Web.ErrorView)
|
||||
|> Phoenix.Controller.render("404.json")
|
||||
|> halt()
|
||||
fail(conn)
|
||||
end
|
||||
end
|
||||
|
||||
def federating?, do: Pleroma.Config.get([:instance, :federating])
|
||||
|
||||
def fail(conn) do
|
||||
conn
|
||||
|> put_status(404)
|
||||
|> Phoenix.Controller.put_view(Pleroma.Web.ErrorView)
|
||||
|> Phoenix.Controller.render("404.json")
|
||||
|> halt()
|
||||
end
|
||||
end
|
||||
|
@ -29,6 +29,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
||||
@client_to_server_actions [
|
||||
:whoami,
|
||||
:read_inbox,
|
||||
:outbox,
|
||||
:update_outbox,
|
||||
:upload_media,
|
||||
:followers,
|
||||
@ -140,10 +141,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
||||
|
||||
# GET /relay/following
|
||||
def following(%{assigns: %{relay: true}} = conn, _params) do
|
||||
conn
|
||||
|> put_resp_content_type("application/activity+json")
|
||||
|> put_view(UserView)
|
||||
|> render("following.json", %{user: Relay.get_actor()})
|
||||
if FederatingPlug.federating?() do
|
||||
conn
|
||||
|> put_resp_content_type("application/activity+json")
|
||||
|> put_view(UserView)
|
||||
|> render("following.json", %{user: Relay.get_actor()})
|
||||
else
|
||||
FederatingPlug.fail(conn)
|
||||
end
|
||||
end
|
||||
|
||||
def following(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname, "page" => page}) do
|
||||
@ -177,10 +182,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
|
||||
|
||||
# GET /relay/followers
|
||||
def followers(%{assigns: %{relay: true}} = conn, _params) do
|
||||
conn
|
||||
|> put_resp_content_type("application/activity+json")
|
||||
|> put_view(UserView)
|
||||
|> render("followers.json", %{user: Relay.get_actor()})
|
||||
if FederatingPlug.federating?() do
|
||||
conn
|
||||
|> put_resp_content_type("application/activity+json")
|
||||
|> put_view(UserView)
|
||||
|> render("followers.json", %{user: Relay.get_actor()})
|
||||
else
|
||||
FederatingPlug.fail(conn)
|
||||
end
|
||||
end
|
||||
|
||||
def followers(%{assigns: %{user: for_user}} = conn, %{"nickname" => nickname, "page" => page}) do
|
||||
|
@ -577,7 +577,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
||||
end
|
||||
end
|
||||
|
||||
describe "/users/:nickname/outbox" do
|
||||
describe "GET /users/:nickname/outbox" do
|
||||
test "it will not bomb when there is no activity", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
|
||||
@ -614,7 +614,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
||||
|
||||
assert response(conn, 200) =~ announce_activity.data["object"]
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /users/:nickname/outbox" do
|
||||
test "it rejects posts from other users", %{conn: conn} do
|
||||
data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
|
||||
user = insert(:user)
|
||||
@ -1059,9 +1061,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
||||
|
||||
get_uris = [
|
||||
"/users/#{user.nickname}",
|
||||
"/users/#{user.nickname}/outbox",
|
||||
"/internal/fetch",
|
||||
"/relay"
|
||||
"/relay",
|
||||
"/relay/following",
|
||||
"/relay/followers"
|
||||
]
|
||||
|
||||
for get_uri <- get_uris do
|
||||
|
Loading…
Reference in New Issue
Block a user