]> Untitled Git - lemmy.git/commitdiff
Allow remot moderators to do Remove/Post and Remove/Comment
authorFelix Ableitner <me@nutomic.com>
Tue, 16 Mar 2021 17:06:59 +0000 (18:06 +0100)
committerFelix Ableitner <me@nutomic.com>
Tue, 16 Mar 2021 17:06:59 +0000 (18:06 +0100)
crates/apub/src/inbox/receive_for_community.rs
crates/apub/src/inbox/user_inbox.rs

index 0448cccb5a6675217176b85939d492eafbf29fed..78c4107a1a855aa5ecb4480d8bdda0b7098a1209 100644 (file)
@@ -281,7 +281,6 @@ pub(in crate::inbox) async fn receive_undo_for_community(
   let undo = Undo::from_any_base(activity)?.context(location_info!())?;
   verify_activity_domains_valid(&undo, &expected_domain.to_owned(), true)?;
   verify_is_addressed_to_public(&undo)?;
-  verify_modification_actor_instance(&undo, &announce, context).await?;
 
   use UndoableActivities::*;
   match undo
@@ -290,7 +289,9 @@ pub(in crate::inbox) async fn receive_undo_for_community(
     .and_then(|s| s.parse().ok())
   {
     Some(Delete) => receive_undo_delete_for_community(context, undo, expected_domain).await,
-    Some(Remove) => receive_undo_remove_for_community(context, undo, expected_domain).await,
+    Some(Remove) => {
+      receive_undo_remove_for_community(context, undo, announce, expected_domain).await
+    }
     Some(Like) => {
       receive_undo_like_for_community(context, undo, expected_domain, request_counter).await
     }
@@ -329,12 +330,14 @@ pub(in crate::inbox) async fn receive_undo_delete_for_community(
 pub(in crate::inbox) async fn receive_undo_remove_for_community(
   context: &LemmyContext,
   undo: Undo,
+  announce: Option<Announce>,
   expected_domain: &Url,
 ) -> Result<(), LemmyError> {
   let remove = Remove::from_any_base(undo.object().to_owned().one().context(location_info!())?)?
     .context(location_info!())?;
   verify_activity_domains_valid(&remove, &expected_domain, false)?;
   verify_is_addressed_to_public(&remove)?;
+  verify_undo_remove_actor_instance(&undo, &remove, &announce, context).await?;
 
   let object = remove
     .object()
@@ -573,7 +576,7 @@ where
   Ok(())
 }
 
-/// For activities like Update, Delete or Undo, check that the actor is from the same instance
+/// For activities like Update, Delete or Remove, check that the actor is from the same instance
 /// as the original object itself (or is a remote mod).
 ///
 /// Note: This is only needed for mod actions. Normal user actions (edit post, undo vote etc) are
@@ -608,3 +611,21 @@ where
 
   Ok(())
 }
+
+pub(crate) async fn verify_undo_remove_actor_instance<T, Kind>(
+  undo: &Undo,
+  inner: &T,
+  announce: &Option<Announce>,
+  context: &LemmyContext,
+) -> Result<(), LemmyError>
+where
+  T: ActorAndObjectRef + BaseExt<Kind> + AsObject<Kind>,
+{
+  if announce.is_none() {
+    let community = extract_community_from_cc(undo, context).await?;
+    verify_mod_activity(undo, announce.to_owned(), &community, context).await?;
+    verify_mod_activity(inner, announce.to_owned(), &community, context).await?;
+  }
+
+  Ok(())
+}
index 691a5d41656ba2683868fe1a52684ab1ebca9474..2ea2e1d191f7d91af79ce542cc7cad133da24cfa 100644 (file)
@@ -1,6 +1,5 @@
 use crate::{
   activities::receive::{
-    comment::{receive_create_comment, receive_update_comment},
     community::{
       receive_delete_community,
       receive_remove_community,
@@ -335,11 +334,7 @@ async fn receive_create(
 ) -> Result<(), LemmyError> {
   let create = Create::from_any_base(activity)?.context(location_info!())?;
   verify_activity_domains_valid(&create, &expected_domain, true)?;
-  if verify_is_addressed_to_public(&create).is_ok() {
-    receive_create_comment(create, context, request_counter).await
-  } else {
-    receive_create_private_message(&context, create, expected_domain, request_counter).await
-  }
+  receive_create_private_message(&context, create, expected_domain, request_counter).await
 }
 
 async fn receive_update(
@@ -350,11 +345,7 @@ async fn receive_update(
 ) -> Result<(), LemmyError> {
   let update = Update::from_any_base(activity)?.context(location_info!())?;
   verify_activity_domains_valid(&update, &expected_domain, true)?;
-  if verify_is_addressed_to_public(&update).is_ok() {
-    receive_update_comment(update, context, request_counter).await
-  } else {
-    receive_update_private_message(&context, update, expected_domain, request_counter).await
-  }
+  receive_update_private_message(&context, update, expected_domain, request_counter).await
 }
 
 async fn receive_delete(