crates/apub/src/activities/deletion/mod.rs

   1 use url::Url;
   2
   3 use lemmy_api_common::blocking;
   4 use lemmy_apub_lib::{
   5   traits::{ActivityFields, ActorType, ApubObject},
   6   verify::verify_domains_match,
   7 };
   8 use lemmy_db_schema::source::{comment::Comment, community::Community, post::Post};
   9 use lemmy_utils::LemmyError;
  10 use lemmy_websocket::{
  11   send::{send_comment_ws_message_simple, send_community_ws_message, send_post_ws_message},
  12   LemmyContext,
  13   UserOperationCrud,
  14 };
  15
  16 use crate::{
  17   activities::{verify_mod_action, verify_person_in_community},
  18   fetcher::object_id::ObjectId,
  19   objects::{comment::ApubComment, community::ApubCommunity, person::ApubPerson, post::ApubPost},
  20   protocol::activities::deletion::{delete::Delete, undo_delete::UndoDelete},
  21 };
  22
  23 pub mod delete;
  24 pub mod undo_delete;
  25
  26 pub async fn send_apub_delete(
  27   actor: &ApubPerson,
  28   community: &ApubCommunity,
  29   object_id: Url,
  30   deleted: bool,
  31   context: &LemmyContext,
  32 ) -> Result<(), LemmyError> {
  33   if deleted {
  34     Delete::send(actor, community, object_id, None, context).await
  35   } else {
  36     UndoDelete::send(actor, community, object_id, None, context).await
  37   }
  38 }
  39
  40 // TODO: remove reason is actually optional in lemmy. we set an empty string in that case, but its
  41 //       ugly
  42 pub async fn send_apub_remove(
  43   actor: &ApubPerson,
  44   community: &ApubCommunity,
  45   object_id: Url,
  46   reason: String,
  47   removed: bool,
  48   context: &LemmyContext,
  49 ) -> Result<(), LemmyError> {
  50   if removed {
  51     Delete::send(actor, community, object_id, Some(reason), context).await
  52   } else {
  53     UndoDelete::send(actor, community, object_id, Some(reason), context).await
  54   }
  55 }
  56
  57 pub enum DeletableObjects {
  58   Community(Box<ApubCommunity>),
  59   Comment(Box<ApubComment>),
  60   Post(Box<ApubPost>),
  61 }
  62
  63 impl DeletableObjects {
  64   pub(crate) async fn read_from_db(
  65     ap_id: &Url,
  66     context: &LemmyContext,
  67   ) -> Result<DeletableObjects, LemmyError> {
  68     if let Some(c) = ApubCommunity::read_from_apub_id(ap_id.clone(), context).await? {
  69       return Ok(DeletableObjects::Community(Box::new(c)));
  70     }
  71     if let Some(p) = ApubPost::read_from_apub_id(ap_id.clone(), context).await? {
  72       return Ok(DeletableObjects::Post(Box::new(p)));
  73     }
  74     if let Some(c) = ApubComment::read_from_apub_id(ap_id.clone(), context).await? {
  75       return Ok(DeletableObjects::Comment(Box::new(c)));
  76     }
  77     Err(diesel::NotFound.into())
  78   }
  79 }
  80
  81 pub(in crate::activities) async fn verify_delete_activity(
  82   object: &Url,
  83   activity: &dyn ActivityFields,
  84   community: &ApubCommunity,
  85   is_mod_action: bool,
  86   context: &LemmyContext,
  87   request_counter: &mut i32,
  88 ) -> Result<(), LemmyError> {
  89   let object = DeletableObjects::read_from_db(object, context).await?;
  90   let actor = ObjectId::new(activity.actor().clone());
  91   match object {
  92     DeletableObjects::Community(community) => {
  93       if community.local {
  94         // can only do this check for local community, in remote case it would try to fetch the
  95         // deleted community (which fails)
  96         verify_person_in_community(&actor, &community, context, request_counter).await?;
  97       }
  98       // community deletion is always a mod (or admin) action
  99       verify_mod_action(&actor, &community, context, request_counter).await?;
 100     }
 101     DeletableObjects::Post(p) => {
 102       verify_delete_activity_post_or_comment(
 103         activity,
 104         &p.ap_id.clone().into(),
 105         community,
 106         is_mod_action,
 107         context,
 108         request_counter,
 109       )
 110       .await?;
 111     }
 112     DeletableObjects::Comment(c) => {
 113       verify_delete_activity_post_or_comment(
 114         activity,
 115         &c.ap_id.clone().into(),
 116         community,
 117         is_mod_action,
 118         context,
 119         request_counter,
 120       )
 121       .await?;
 122     }
 123   }
 124   Ok(())
 125 }
 126
 127 async fn verify_delete_activity_post_or_comment(
 128   activity: &dyn ActivityFields,
 129   object_id: &Url,
 130   community: &ApubCommunity,
 131   is_mod_action: bool,
 132   context: &LemmyContext,
 133   request_counter: &mut i32,
 134 ) -> Result<(), LemmyError> {
 135   let actor = ObjectId::new(activity.actor().clone());
 136   verify_person_in_community(&actor, community, context, request_counter).await?;
 137   if is_mod_action {
 138     verify_mod_action(&actor, community, context, request_counter).await?;
 139   } else {
 140     // domain of post ap_id and post.creator ap_id are identical, so we just check the former
 141     verify_domains_match(activity.actor(), object_id)?;
 142   }
 143   Ok(())
 144 }
 145
 146 struct WebsocketMessages {
 147   community: UserOperationCrud,
 148   post: UserOperationCrud,
 149   comment: UserOperationCrud,
 150 }
 151
 152 /// Write deletion or restoring of an object to the database, and send websocket message.
 153 /// TODO: we should do something similar for receive_remove_action(), but its much more complicated
 154 ///       because of the mod log
 155 async fn receive_delete_action(
 156   object: &Url,
 157   actor: &ObjectId<ApubPerson>,
 158   ws_messages: WebsocketMessages,
 159   deleted: bool,
 160   context: &LemmyContext,
 161   request_counter: &mut i32,
 162 ) -> Result<(), LemmyError> {
 163   match DeletableObjects::read_from_db(object, context).await? {
 164     DeletableObjects::Community(community) => {
 165       if community.local {
 166         let mod_ = actor.dereference(context, request_counter).await?;
 167         let object = community.actor_id();
 168         send_apub_delete(&mod_, &community.clone(), object, true, context).await?;
 169       }
 170
 171       let community = blocking(context.pool(), move |conn| {
 172         Community::update_deleted(conn, community.id, deleted)
 173       })
 174       .await??;
 175       send_community_ws_message(community.id, ws_messages.community, None, None, context).await?;
 176     }
 177     DeletableObjects::Post(post) => {
 178       let deleted_post = blocking(context.pool(), move |conn| {
 179         Post::update_deleted(conn, post.id, deleted)
 180       })
 181       .await??;
 182       send_post_ws_message(deleted_post.id, ws_messages.post, None, None, context).await?;
 183     }
 184     DeletableObjects::Comment(comment) => {
 185       let deleted_comment = blocking(context.pool(), move |conn| {
 186         Comment::update_deleted(conn, comment.id, deleted)
 187       })
 188       .await??;
 189       send_comment_ws_message_simple(deleted_comment.id, ws_messages.comment, context).await?;
 190     }
 191   }
 192   Ok(())
 193 }