From: Felix Ableitner Date: Tue, 16 Mar 2021 17:06:59 +0000 (+0100) Subject: Allow remot moderators to do Remove/Post and Remove/Comment X-Git-Url: http://these/git/%22https:/join-lemmy.org/%7BpictshareAvatarThumbnail%28node.comment.creator_avatar%29%7D?a=commitdiff_plain;h=be00f63fb26b806ebc6a9d99bcf69ad973729ab5;p=lemmy.git Allow remot moderators to do Remove/Post and Remove/Comment --- diff --git a/crates/apub/src/inbox/receive_for_community.rs b/crates/apub/src/inbox/receive_for_community.rs index 0448cccb..78c4107a 100644 --- a/crates/apub/src/inbox/receive_for_community.rs +++ b/crates/apub/src/inbox/receive_for_community.rs @@ -281,7 +281,6 @@ pub(in crate::inbox) async fn receive_undo_for_community( let undo = Undo::from_any_base(activity)?.context(location_info!())?; verify_activity_domains_valid(&undo, &expected_domain.to_owned(), true)?; verify_is_addressed_to_public(&undo)?; - verify_modification_actor_instance(&undo, &announce, context).await?; use UndoableActivities::*; match undo @@ -290,7 +289,9 @@ pub(in crate::inbox) async fn receive_undo_for_community( .and_then(|s| s.parse().ok()) { Some(Delete) => receive_undo_delete_for_community(context, undo, expected_domain).await, - Some(Remove) => receive_undo_remove_for_community(context, undo, expected_domain).await, + Some(Remove) => { + receive_undo_remove_for_community(context, undo, announce, expected_domain).await + } Some(Like) => { receive_undo_like_for_community(context, undo, expected_domain, request_counter).await } @@ -329,12 +330,14 @@ pub(in crate::inbox) async fn receive_undo_delete_for_community( pub(in crate::inbox) async fn receive_undo_remove_for_community( context: &LemmyContext, undo: Undo, + announce: Option, expected_domain: &Url, ) -> Result<(), LemmyError> { let remove = Remove::from_any_base(undo.object().to_owned().one().context(location_info!())?)? .context(location_info!())?; verify_activity_domains_valid(&remove, &expected_domain, false)?; verify_is_addressed_to_public(&remove)?; + verify_undo_remove_actor_instance(&undo, &remove, &announce, context).await?; let object = remove .object() @@ -573,7 +576,7 @@ where Ok(()) } -/// For activities like Update, Delete or Undo, check that the actor is from the same instance +/// For activities like Update, Delete or Remove, check that the actor is from the same instance /// as the original object itself (or is a remote mod). /// /// Note: This is only needed for mod actions. Normal user actions (edit post, undo vote etc) are @@ -608,3 +611,21 @@ where Ok(()) } + +pub(crate) async fn verify_undo_remove_actor_instance( + undo: &Undo, + inner: &T, + announce: &Option, + context: &LemmyContext, +) -> Result<(), LemmyError> +where + T: ActorAndObjectRef + BaseExt + AsObject, +{ + if announce.is_none() { + let community = extract_community_from_cc(undo, context).await?; + verify_mod_activity(undo, announce.to_owned(), &community, context).await?; + verify_mod_activity(inner, announce.to_owned(), &community, context).await?; + } + + Ok(()) +} diff --git a/crates/apub/src/inbox/user_inbox.rs b/crates/apub/src/inbox/user_inbox.rs index 691a5d41..2ea2e1d1 100644 --- a/crates/apub/src/inbox/user_inbox.rs +++ b/crates/apub/src/inbox/user_inbox.rs @@ -1,6 +1,5 @@ use crate::{ activities::receive::{ - comment::{receive_create_comment, receive_update_comment}, community::{ receive_delete_community, receive_remove_community, @@ -335,11 +334,7 @@ async fn receive_create( ) -> Result<(), LemmyError> { let create = Create::from_any_base(activity)?.context(location_info!())?; verify_activity_domains_valid(&create, &expected_domain, true)?; - if verify_is_addressed_to_public(&create).is_ok() { - receive_create_comment(create, context, request_counter).await - } else { - receive_create_private_message(&context, create, expected_domain, request_counter).await - } + receive_create_private_message(&context, create, expected_domain, request_counter).await } async fn receive_update( @@ -350,11 +345,7 @@ async fn receive_update( ) -> Result<(), LemmyError> { let update = Update::from_any_base(activity)?.context(location_info!())?; verify_activity_domains_valid(&update, &expected_domain, true)?; - if verify_is_addressed_to_public(&update).is_ok() { - receive_update_comment(update, context, request_counter).await - } else { - receive_update_private_message(&context, update, expected_domain, request_counter).await - } + receive_update_private_message(&context, update, expected_domain, request_counter).await } async fn receive_delete(