crates/apub/src/activities/deletion/mod.rs

   1 use crate::{
   2   activities::{
   3     community::send_activity_in_community,
   4     send_lemmy_activity,
   5     verify_is_public,
   6     verify_mod_action,
   7     verify_person,
   8     verify_person_in_community,
   9   },
  10   activity_lists::AnnouncableActivities,
  11   local_instance,
  12   objects::{
  13     comment::ApubComment,
  14     community::ApubCommunity,
  15     person::ApubPerson,
  16     post::ApubPost,
  17     private_message::ApubPrivateMessage,
  18   },
  19   protocol::{
  20     activities::deletion::{delete::Delete, undo_delete::UndoDelete},
  21     InCommunity,
  22   },
  23   ActorType,
  24 };
  25 use activitypub_federation::{
  26   core::object_id::ObjectId,
  27   traits::{Actor, ApubObject},
  28   utils::verify_domains_match,
  29 };
  30 use activitystreams_kinds::public;
  31 use lemmy_db_schema::{
  32   source::{
  33     comment::{Comment, CommentUpdateForm},
  34     community::{Community, CommunityUpdateForm},
  35     person::Person,
  36     post::{Post, PostUpdateForm},
  37     private_message::{PrivateMessage, PrivateMessageUpdateForm},
  38   },
  39   traits::Crud,
  40 };
  41 use lemmy_utils::error::LemmyError;
  42 use lemmy_websocket::{
  43   send::{
  44     send_comment_ws_message_simple,
  45     send_community_ws_message,
  46     send_pm_ws_message,
  47     send_post_ws_message,
  48   },
  49   LemmyContext,
  50   UserOperationCrud,
  51 };
  52 use std::ops::Deref;
  53 use url::Url;
  54
  55 pub mod delete;
  56 pub mod delete_user;
  57 pub mod undo_delete;
  58
  59 /// Parameter `reason` being set indicates that this is a removal by a mod. If its unset, this
  60 /// action was done by a normal user.
  61 #[tracing::instrument(skip_all)]
  62 pub async fn send_apub_delete_in_community(
  63   actor: Person,
  64   community: Community,
  65   object: DeletableObjects,
  66   reason: Option<String>,
  67   deleted: bool,
  68   context: &LemmyContext,
  69 ) -> Result<(), LemmyError> {
  70   let actor = ApubPerson::from(actor);
  71   let is_mod_action = reason.is_some();
  72   let activity = if deleted {
  73     let delete = Delete::new(&actor, object, public(), Some(&community), reason, context)?;
  74     AnnouncableActivities::Delete(delete)
  75   } else {
  76     let undo = UndoDelete::new(&actor, object, public(), Some(&community), reason, context)?;
  77     AnnouncableActivities::UndoDelete(undo)
  78   };
  79   send_activity_in_community(
  80     activity,
  81     &actor,
  82     &community.into(),
  83     vec![],
  84     is_mod_action,
  85     context,
  86   )
  87   .await
  88 }
  89
  90 #[tracing::instrument(skip_all)]
  91 pub async fn send_apub_delete_private_message(
  92   actor: &ApubPerson,
  93   pm: PrivateMessage,
  94   deleted: bool,
  95   context: &LemmyContext,
  96 ) -> Result<(), LemmyError> {
  97   let recipient_id = pm.recipient_id;
  98   let recipient: ApubPerson = Person::read(context.pool(), recipient_id).await?.into();
  99
 100   let deletable = DeletableObjects::PrivateMessage(Box::new(pm.into()));
 101   let inbox = vec![recipient.shared_inbox_or_inbox()];
 102   if deleted {
 103     let delete = Delete::new(actor, deletable, recipient.actor_id(), None, None, context)?;
 104     send_lemmy_activity(context, delete, actor, inbox, true).await?;
 105   } else {
 106     let undo = UndoDelete::new(actor, deletable, recipient.actor_id(), None, None, context)?;
 107     send_lemmy_activity(context, undo, actor, inbox, true).await?;
 108   };
 109   Ok(())
 110 }
 111
 112 pub enum DeletableObjects {
 113   Community(Box<ApubCommunity>),
 114   Comment(Box<ApubComment>),
 115   Post(Box<ApubPost>),
 116   PrivateMessage(Box<ApubPrivateMessage>),
 117 }
 118
 119 impl DeletableObjects {
 120   #[tracing::instrument(skip_all)]
 121   pub(crate) async fn read_from_db(
 122     ap_id: &Url,
 123     context: &LemmyContext,
 124   ) -> Result<DeletableObjects, LemmyError> {
 125     if let Some(c) = ApubCommunity::read_from_apub_id(ap_id.clone(), context).await? {
 126       return Ok(DeletableObjects::Community(Box::new(c)));
 127     }
 128     if let Some(p) = ApubPost::read_from_apub_id(ap_id.clone(), context).await? {
 129       return Ok(DeletableObjects::Post(Box::new(p)));
 130     }
 131     if let Some(c) = ApubComment::read_from_apub_id(ap_id.clone(), context).await? {
 132       return Ok(DeletableObjects::Comment(Box::new(c)));
 133     }
 134     if let Some(p) = ApubPrivateMessage::read_from_apub_id(ap_id.clone(), context).await? {
 135       return Ok(DeletableObjects::PrivateMessage(Box::new(p)));
 136     }
 137     Err(diesel::NotFound.into())
 138   }
 139
 140   pub(crate) fn id(&self) -> Url {
 141     match self {
 142       DeletableObjects::Community(c) => c.actor_id(),
 143       DeletableObjects::Comment(c) => c.ap_id.clone().into(),
 144       DeletableObjects::Post(p) => p.ap_id.clone().into(),
 145       DeletableObjects::PrivateMessage(p) => p.ap_id.clone().into(),
 146     }
 147   }
 148 }
 149
 150 #[tracing::instrument(skip_all)]
 151 pub(in crate::activities) async fn verify_delete_activity(
 152   activity: &Delete,
 153   is_mod_action: bool,
 154   context: &LemmyContext,
 155   request_counter: &mut i32,
 156 ) -> Result<(), LemmyError> {
 157   let object = DeletableObjects::read_from_db(activity.object.id(), context).await?;
 158   match object {
 159     DeletableObjects::Community(community) => {
 160       verify_is_public(&activity.to, &[])?;
 161       if community.local {
 162         // can only do this check for local community, in remote case it would try to fetch the
 163         // deleted community (which fails)
 164         verify_person_in_community(&activity.actor, &community, context, request_counter).await?;
 165       }
 166       // community deletion is always a mod (or admin) action
 167       verify_mod_action(
 168         &activity.actor,
 169         activity.object.id(),
 170         community.id,
 171         context,
 172         request_counter,
 173       )
 174       .await?;
 175     }
 176     DeletableObjects::Post(p) => {
 177       verify_is_public(&activity.to, &[])?;
 178       verify_delete_post_or_comment(
 179         &activity.actor,
 180         &p.ap_id.clone().into(),
 181         &activity.community(context, request_counter).await?,
 182         is_mod_action,
 183         context,
 184         request_counter,
 185       )
 186       .await?;
 187     }
 188     DeletableObjects::Comment(c) => {
 189       verify_is_public(&activity.to, &[])?;
 190       verify_delete_post_or_comment(
 191         &activity.actor,
 192         &c.ap_id.clone().into(),
 193         &activity.community(context, request_counter).await?,
 194         is_mod_action,
 195         context,
 196         request_counter,
 197       )
 198       .await?;
 199     }
 200     DeletableObjects::PrivateMessage(_) => {
 201       verify_person(&activity.actor, context, request_counter).await?;
 202       verify_domains_match(activity.actor.inner(), activity.object.id())?;
 203     }
 204   }
 205   Ok(())
 206 }
 207
 208 #[tracing::instrument(skip_all)]
 209 async fn verify_delete_post_or_comment(
 210   actor: &ObjectId<ApubPerson>,
 211   object_id: &Url,
 212   community: &ApubCommunity,
 213   is_mod_action: bool,
 214   context: &LemmyContext,
 215   request_counter: &mut i32,
 216 ) -> Result<(), LemmyError> {
 217   verify_person_in_community(actor, community, context, request_counter).await?;
 218   if is_mod_action {
 219     verify_mod_action(actor, object_id, community.id, context, request_counter).await?;
 220   } else {
 221     // domain of post ap_id and post.creator ap_id are identical, so we just check the former
 222     verify_domains_match(actor.inner(), object_id)?;
 223   }
 224   Ok(())
 225 }
 226
 227 /// Write deletion or restoring of an object to the database, and send websocket message.
 228 #[tracing::instrument(skip_all)]
 229 async fn receive_delete_action(
 230   object: &Url,
 231   actor: &ObjectId<ApubPerson>,
 232   deleted: bool,
 233   context: &LemmyContext,
 234   request_counter: &mut i32,
 235 ) -> Result<(), LemmyError> {
 236   match DeletableObjects::read_from_db(object, context).await? {
 237     DeletableObjects::Community(community) => {
 238       if community.local {
 239         let mod_: Person = actor
 240           .dereference(context, local_instance(context).await, request_counter)
 241           .await?
 242           .deref()
 243           .clone();
 244         let object = DeletableObjects::Community(community.clone());
 245         let c: Community = community.deref().deref().clone();
 246         send_apub_delete_in_community(mod_, c, object, None, true, context).await?;
 247       }
 248
 249       let community = Community::update(
 250         context.pool(),
 251         community.id,
 252         &CommunityUpdateForm::builder()
 253           .deleted(Some(deleted))
 254           .build(),
 255       )
 256       .await?;
 257       send_community_ws_message(
 258         community.id,
 259         UserOperationCrud::DeleteCommunity,
 260         None,
 261         None,
 262         context,
 263       )
 264       .await?;
 265     }
 266     DeletableObjects::Post(post) => {
 267       if deleted != post.deleted {
 268         let deleted_post = Post::update(
 269           context.pool(),
 270           post.id,
 271           &PostUpdateForm::builder().deleted(Some(deleted)).build(),
 272         )
 273         .await?;
 274         send_post_ws_message(
 275           deleted_post.id,
 276           UserOperationCrud::DeletePost,
 277           None,
 278           None,
 279           context,
 280         )
 281         .await?;
 282       }
 283     }
 284     DeletableObjects::Comment(comment) => {
 285       if deleted != comment.deleted {
 286         let deleted_comment = Comment::update(
 287           context.pool(),
 288           comment.id,
 289           &CommentUpdateForm::builder().deleted(Some(deleted)).build(),
 290         )
 291         .await?;
 292         send_comment_ws_message_simple(
 293           deleted_comment.id,
 294           UserOperationCrud::DeleteComment,
 295           context,
 296         )
 297         .await?;
 298       }
 299     }
 300     DeletableObjects::PrivateMessage(pm) => {
 301       let deleted_private_message = PrivateMessage::update(
 302         context.pool(),
 303         pm.id,
 304         &PrivateMessageUpdateForm::builder()
 305           .deleted(Some(deleted))
 306           .build(),
 307       )
 308       .await?;
 309
 310       send_pm_ws_message(
 311         deleted_private_message.id,
 312         UserOperationCrud::DeletePrivateMessage,
 313         None,
 314         context,
 315       )
 316       .await?;
 317     }
 318   }
 319   Ok(())
 320 }