Browse Source

Make mrfSimple work with tuples

* Changed SimplePolicy
* I also grepped in test/ for ':mrf_simple' to see what other things could be affected
merge-requests/3516/head
Ilja Haelwenn (lanodan) Monnier 3 years ago
parent
commit
4ba0beb60c
No known key found for this signature in database GPG Key ID: D5B7A8E43C997DEE
4 changed files with 123 additions and 112 deletions
  1. +79
    -75
      lib/pleroma/web/activity_pub/mrf/simple_policy.ex
  2. +1
    -1
      test/pleroma/user_test.exs
  3. +37
    -32
      test/pleroma/web/activity_pub/mrf/simple_policy_test.exs
  4. +6
    -4
      test/pleroma/web/node_info_test.exs

+ 79
- 75
lib/pleroma/web/activity_pub/mrf/simple_policy.ex View File

@@ -15,7 +15,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_accept(%{host: actor_host} = _actor_info, object) do
accepts =
Config.get([:mrf_simple, :accept])
instance_list(:accept)
|> MRF.subdomains_regex()

cond do
@@ -28,7 +28,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_reject(%{host: actor_host} = _actor_info, object) do
rejects =
Config.get([:mrf_simple, :reject])
instance_list(:reject)
|> MRF.subdomains_regex()

if MRF.subdomain_match?(rejects, actor_host) do
@@ -44,7 +44,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
)
when length(child_attachment) > 0 do
media_removal =
Config.get([:mrf_simple, :media_removal])
instance_list(:media_removal)
|> MRF.subdomains_regex()

object =
@@ -68,7 +68,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
} = object
) do
media_nsfw =
Config.get([:mrf_simple, :media_nsfw])
instance_list(:media_nsfw)
|> MRF.subdomains_regex()

object =
@@ -85,7 +85,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do
timeline_removal =
Config.get([:mrf_simple, :federated_timeline_removal])
instance_list(:federated_timeline_removal)
|> MRF.subdomains_regex()

object =
@@ -112,7 +112,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_followers_only(%{host: actor_host} = _actor_info, object) do
followers_only =
Config.get([:mrf_simple, :followers_only])
instance_list(:followers_only)
|> MRF.subdomains_regex()

object =
@@ -137,7 +137,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} = object) do
report_removal =
Config.get([:mrf_simple, :report_removal])
instance_list(:report_removal)
|> MRF.subdomains_regex()

if MRF.subdomain_match?(report_removal, actor_host) do
@@ -151,7 +151,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do
avatar_removal =
Config.get([:mrf_simple, :avatar_removal])
instance_list(:avatar_removal)
|> MRF.subdomains_regex()

if MRF.subdomain_match?(avatar_removal, actor_host) do
@@ -165,7 +165,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do
banner_removal =
Config.get([:mrf_simple, :banner_removal])
instance_list(:banner_removal)
|> MRF.subdomains_regex()

if MRF.subdomain_match?(banner_removal, actor_host) do
@@ -185,12 +185,19 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

defp check_object(object), do: {:ok, object}

defp instance_list(config_key) do
Config.get([:mrf_simple, config_key])
|> Enum.map(fn
{instance, _} -> instance
end)
end

@impl true
def filter(%{"type" => "Delete", "actor" => actor} = object) do
%{host: actor_host} = URI.parse(actor)

reject_deletes =
Config.get([:mrf_simple, :reject_deletes])
instance_list(:reject_deletes)
|> MRF.subdomains_regex()

if MRF.subdomain_match?(reject_deletes, actor_host) do
@@ -257,7 +264,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do

mrf_simple =
Config.get(:mrf_simple)
|> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn v -> v in exclusions end)} end)
|> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn {v, _} -> v in exclusions end)} end)
|> Enum.into(%{})

{:ok, %{mrf_simple: mrf_simple}}
@@ -270,70 +277,67 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
related_policy: "Pleroma.Web.ActivityPub.MRF.SimplePolicy",
label: "MRF Simple",
description: "Simple ingress policies",
children: [
%{
key: :media_removal,
type: {:list, :string},
description: "List of instances to strip media attachments from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :media_nsfw,
label: "Media NSFW",
type: {:list, :string},
description: "List of instances to tag all media as NSFW (sensitive) from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :federated_timeline_removal,
type: {:list, :string},
description:
"List of instances to remove from the Federated (aka The Whole Known Network) Timeline",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :reject,
type: {:list, :string},
description: "List of instances to reject activities from (except deletes)",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :accept,
type: {:list, :string},
description: "List of instances to only accept activities from (except deletes)",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :followers_only,
type: {:list, :string},
description: "Force posts from the given instances to be visible by followers only",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :report_removal,
type: {:list, :string},
description: "List of instances to reject reports from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :avatar_removal,
type: {:list, :string},
description: "List of instances to strip avatars from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :banner_removal,
type: {:list, :string},
description: "List of instances to strip banners from",
suggestions: ["example.com", "*.example.com"]
},
%{
key: :reject_deletes,
type: {:list, :string},
description: "List of instances to reject deletions from",
suggestions: ["example.com", "*.example.com"]
}
]
children:
[
%{
key: :media_removal,
description:
"List of instances to strip media attachments from and the reason for doing so"
},
%{
key: :media_nsfw,
label: "Media NSFW",
description:
"List of instances to tag all media as NSFW (sensitive) from and the reason for doing so"
},
%{
key: :federated_timeline_removal,
description:
"List of instances to remove from the Federated (aka The Whole Known Network) Timeline and the reason for doing so"
},
%{
key: :reject,
description:
"List of instances to reject activities from (except deletes) and the reason for doing so"
},
%{
key: :accept,
description:
"List of instances to only accept activities from (except deletes) and the reason for doing so"
},
%{
key: :followers_only,
description:
"Force posts from the given instances to be visible by followers only and the reason for doing so"
},
%{
key: :report_removal,
description: "List of instances to reject reports from and the reason for doing so"
},
%{
key: :avatar_removal,
description: "List of instances to strip avatars from and the reason for doing so"
},
%{
key: :banner_removal,
description: "List of instances to strip banners from and the reason for doing so"
},
%{
key: :reject_deletes,
description: "List of instances to reject deletions from and the reason for doing so"
}
]
|> Enum.map(fn setting ->
Map.merge(
setting,
%{
type: {:list, :tuple},
key_placeholder: "instance",
value_placeholder: "reason",
suggestions: [{"example.com", "Some reason"}, {"*.example.com", "Another reason"}]
}
)
end)
}
end
end

+ 1
- 1
test/pleroma/user_test.exs View File

@@ -480,7 +480,7 @@ defmodule Pleroma.UserTest do
)

test "it sends a welcome chat message when Simple policy applied to local instance" do
clear_config([:mrf_simple, :media_nsfw], ["localhost"])
clear_config([:mrf_simple, :media_nsfw], [{"localhost", ""}])

welcome_user = insert(:user)
clear_config([:welcome, :chat_message, :enabled], true)


+ 37
- 32
test/pleroma/web/activity_pub/mrf/simple_policy_test.exs View File

@@ -33,7 +33,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "has a matching host" do
clear_config([:mrf_simple, :media_removal], ["remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}])
media_message = build_media_message()
local_message = build_local_message()

@@ -46,7 +46,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "match with wildcard domain" do
clear_config([:mrf_simple, :media_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"*.remote.instance", "Whatever reason"}])
media_message = build_media_message()
local_message = build_local_message()

@@ -70,7 +70,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "has a matching host" do
clear_config([:mrf_simple, :media_nsfw], ["remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}])
media_message = build_media_message()
local_message = build_local_message()

@@ -81,7 +81,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "match with wildcard domain" do
clear_config([:mrf_simple, :media_nsfw], ["*.remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"*.remote.instance", "yeah yeah"}])
media_message = build_media_message()
local_message = build_local_message()

@@ -115,7 +115,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "has a matching host" do
clear_config([:mrf_simple, :report_removal], ["remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"remote.instance", "muh"}])
report_message = build_report_message()
local_message = build_local_message()

@@ -124,7 +124,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "match with wildcard domain" do
clear_config([:mrf_simple, :report_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"*.remote.instance", "suya"}])
report_message = build_report_message()
local_message = build_local_message()

@@ -159,7 +159,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)

clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [{ftl_message_actor_host, "uwu"}])
local_message = build_local_message()

assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@@ -180,7 +180,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)

clear_config([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{"*." <> ftl_message_actor_host, "owo"}
])

local_message = build_local_message()

assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@@ -203,7 +206,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do

ftl_message = Map.put(ftl_message, "cc", [])

clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{ftl_message_actor_host, "spiderwaifu goes 88w88"}
])

assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
@@ -232,7 +237,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "activity has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])

remote_message = build_remote_message()

@@ -240,7 +245,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :reject], ["*.remote.instance"])
clear_config([:mrf_simple, :reject], [{"*.remote.instance", ""}])

remote_message = build_remote_message()

@@ -248,7 +253,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "actor has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])

remote_user = build_remote_user()

@@ -256,7 +261,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "reject Announce when object would be rejected" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])

announce = %{
"type" => "Announce",
@@ -268,7 +273,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "reject by URI object" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])

announce = %{
"type" => "Announce",
@@ -322,7 +327,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)

clear_config([:mrf_simple, :followers_only], [actor_domain])
clear_config([:mrf_simple, :followers_only], [{actor_domain, ""}])

assert {:ok, new_activity} = SimplePolicy.filter(activity)
assert actor.follower_address in new_activity["cc"]
@@ -350,7 +355,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "is not empty but activity doesn't have a matching host" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])

local_message = build_local_message()
remote_message = build_remote_message()
@@ -360,7 +365,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "activity has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])

local_message = build_local_message()
remote_message = build_remote_message()
@@ -370,7 +375,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :accept], ["*.remote.instance"])
clear_config([:mrf_simple, :accept], [{"*.remote.instance", ""}])

local_message = build_local_message()
remote_message = build_remote_message()
@@ -380,7 +385,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "actor has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])

remote_user = build_remote_user()

@@ -398,7 +403,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :avatar_removal], [{"non.matching.remote", ""}])

remote_user = build_remote_user()

@@ -406,7 +411,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "has a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"remote.instance", ""}])

remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@@ -415,7 +420,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "match with wildcard domain" do
clear_config([:mrf_simple, :avatar_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"*.remote.instance", ""}])

remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@@ -434,7 +439,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :banner_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :banner_removal], [{"non.matching.remote", ""}])

remote_user = build_remote_user()

@@ -442,7 +447,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "has a matching host" do
clear_config([:mrf_simple, :banner_removal], ["remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"remote.instance", ""}])

remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@@ -451,7 +456,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "match with wildcard domain" do
clear_config([:mrf_simple, :banner_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"*.remote.instance", ""}])

remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@@ -464,7 +469,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
setup do: clear_config([:mrf_simple, :reject_deletes], [])

test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])

deletion_message = build_remote_deletion_message()

@@ -472,7 +477,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])

deletion_message = build_remote_deletion_message()

@@ -481,10 +486,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

describe "when :reject_deletes is not empty but it doesn't have a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["non.matching.remote"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"non.matching.remote", ""}])

test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])

deletion_message = build_remote_deletion_message()

@@ -492,7 +497,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])

deletion_message = build_remote_deletion_message()

@@ -501,7 +506,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

describe "when :reject_deletes has a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"remote.instance", ""}])

test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()
@@ -511,7 +516,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end

describe "when :reject_deletes match with wildcard domain" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["*.remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"*.remote.instance", ""}])

test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()


+ 6
- 4
test/pleroma/web/node_info_test.exs View File

@@ -154,15 +154,17 @@ defmodule Pleroma.Web.NodeInfoTest do
clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.SimplePolicy])
clear_config([:mrf, :transparency], true)

simple_config = %{"reject" => ["example.com"]}
simple_config = %{"reject" => [{"example.com", ""}]}
clear_config(:mrf_simple, simple_config)

expected_config = %{"reject" => [["example.com", ""]]}

response =
conn
|> get("/nodeinfo/2.1.json")
|> json_response(:ok)

assert response["metadata"]["federation"]["mrf_simple"] == simple_config
assert response["metadata"]["federation"]["mrf_simple"] == expected_config
end

test "it performs exclusions from MRF transparency data if configured", %{conn: conn} do
@@ -170,10 +172,10 @@ defmodule Pleroma.Web.NodeInfoTest do
clear_config([:mrf, :transparency], true)
clear_config([:mrf, :transparency_exclusions], ["other.site"])

simple_config = %{"reject" => ["example.com", "other.site"]}
simple_config = %{"reject" => [{"example.com", ""}, {"other.site", ""}]}
clear_config(:mrf_simple, simple_config)

expected_config = %{"reject" => ["example.com"]}
expected_config = %{"reject" => [["example.com", ""]]}

response =
conn


Loading…
Cancel
Save