Forgot to add migrations
Add `sensitive` column to activities table, so PMs arent served over HTTP
Remove user_id column from actvity table
Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.ml/LemmyNet/lemmy/pulls/127
12 files changed:
self.private_key.to_owned()
}
self.private_key.to_owned()
}
- fn user_id(&self) -> i32 {
- self.creator_id
- }
-
async fn send_follow(
&self,
_follow_actor_id: &Url,
async fn send_follow(
&self,
_follow_actor_id: &Url,
self.private_key.to_owned()
}
self.private_key.to_owned()
}
- fn user_id(&self) -> i32 {
- self.id
- }
-
/// As a given local user, send out a follow request to a remote community.
async fn send_follow(
&self,
/// As a given local user, send out a follow request to a remote community.
async fn send_follow(
&self,
vec![inbox],
context.pool(),
true,
vec![inbox],
context.pool(),
true,
follower_inboxes,
context.pool(),
true,
follower_inboxes,
context.pool(),
true,
vec![inbox],
context.pool(),
true,
vec![inbox],
context.pool(),
true,
mentions,
context.pool(),
false, // Don't create a new DB row
mentions,
context.pool(),
false, // Don't create a new DB row
inboxes: Vec<Url>,
pool: &DbPool,
insert_into_db: bool,
inboxes: Vec<Url>,
pool: &DbPool,
insert_into_db: bool,
) -> Result<(), LemmyError>
where
T: AsObject<Kind> + Extends<Kind> + Debug,
) -> Result<(), LemmyError>
where
T: AsObject<Kind> + Extends<Kind> + Debug,
// might send the same ap_id
if insert_into_db {
let id = activity.id().context(location_info!())?;
// might send the same ap_id
if insert_into_db {
let id = activity.id().context(location_info!())?;
- insert_activity(id, actor.user_id(), activity.clone(), true, pool).await?;
+ insert_activity(id, activity.clone(), true, sensitive, pool).await?;
- Ok(create_apub_response(&activity.data))
+ if !activity.local || activity.sensitive {
+ Ok(HttpResponse::NotFound().finish())
+ } else {
+ Ok(create_apub_response(&activity.data))
+ }
let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?;
let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?;
let res = match kind {
ValidTypes::Follow => handle_follow(any_base, user, community, &context).await,
ValidTypes::Undo => handle_undo_follow(any_base, user, community, &context).await,
};
let res = match kind {
ValidTypes::Follow => handle_follow(any_base, user, community, &context).await,
ValidTypes::Undo => handle_undo_follow(any_base, user, community, &context).await,
};
- insert_activity(
- &activity_id,
- user_id,
- activity.clone(),
- false,
- context.pool(),
- )
- .await?;
+ insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
ValidTypes::Undo => receive_undo(&context, any_base, actor_id, request_counter).await,
};
ValidTypes::Undo => receive_undo(&context, any_base, actor_id, request_counter).await,
};
- insert_activity(
- &activity_id,
- actor.user_id(),
- activity.clone(),
- false,
- context.pool(),
- )
- .await?;
+ insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
- insert_activity(
- &activity_id,
- actor.user_id(),
- activity.clone(),
- false,
- context.pool(),
- )
- .await?;
+ insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
fn public_key(&self) -> Option<String>;
fn private_key(&self) -> Option<String>;
fn public_key(&self) -> Option<String>;
fn private_key(&self) -> Option<String>;
- /// numeric id in the database, used for insert_activity
- fn user_id(&self) -> i32;
-
async fn send_follow(
&self,
follow_actor_id: &Url,
async fn send_follow(
&self,
follow_actor_id: &Url,
/// persistent.
pub async fn insert_activity<T>(
ap_id: &Url,
/// persistent.
pub async fn insert_activity<T>(
ap_id: &Url,
activity: T,
local: bool,
activity: T,
local: bool,
pool: &DbPool,
) -> Result<(), LemmyError>
where
pool: &DbPool,
) -> Result<(), LemmyError>
where
{
let ap_id = ap_id.to_string();
blocking(pool, move |conn| {
{
let ap_id = ap_id.to_string();
blocking(pool, move |conn| {
- Activity::insert(conn, ap_id, user_id, &activity, local)
+ Activity::insert(conn, ap_id, &activity, local, sensitive)
pub struct Activity {
pub id: i32,
pub ap_id: String,
pub struct Activity {
pub id: i32,
pub ap_id: String,
pub data: Value,
pub local: bool,
pub data: Value,
pub local: bool,
pub published: chrono::NaiveDateTime,
pub updated: Option<chrono::NaiveDateTime>,
}
pub published: chrono::NaiveDateTime,
pub updated: Option<chrono::NaiveDateTime>,
}
#[table_name = "activity"]
pub struct ActivityForm {
pub ap_id: String,
#[table_name = "activity"]
pub struct ActivityForm {
pub ap_id: String,
pub data: Value,
pub local: bool,
pub data: Value,
pub local: bool,
pub updated: Option<chrono::NaiveDateTime>,
}
pub updated: Option<chrono::NaiveDateTime>,
}
pub fn insert<T>(
conn: &PgConnection,
ap_id: String,
pub fn insert<T>(
conn: &PgConnection,
ap_id: String,
) -> Result<Self, IoError>
where
T: Serialize + Debug,
{
) -> Result<Self, IoError>
where
T: Serialize + Debug,
{
- debug!("inserting activity for user {}: ", user_id);
debug!("{}", serde_json::to_string_pretty(&data)?);
let activity_form = ActivityForm {
ap_id,
debug!("{}", serde_json::to_string_pretty(&data)?);
let activity_form = ActivityForm {
ap_id,
data: serde_json::to_value(&data)?,
local,
data: serde_json::to_value(&data)?,
local,
updated: None,
};
let result = Activity::create(&conn, &activity_form);
updated: None,
};
let result = Activity::create(&conn, &activity_form);
.unwrap();
let activity_form = ActivityForm {
ap_id: ap_id.to_string(),
.unwrap();
let activity_form = ActivityForm {
ap_id: ap_id.to_string(),
- user_id: inserted_creator.id,
data: test_json.to_owned(),
local: true,
data: test_json.to_owned(),
local: true,
let expected_activity = Activity {
ap_id: ap_id.to_string(),
id: inserted_activity.id,
let expected_activity = Activity {
ap_id: ap_id.to_string(),
id: inserted_activity.id,
- user_id: inserted_creator.id,
data: test_json,
local: true,
data: test_json,
local: true,
published: inserted_activity.published,
updated: None,
};
published: inserted_activity.published,
updated: None,
};
activity (id) {
id -> Int4,
ap_id -> Text,
activity (id) {
id -> Int4,
ap_id -> Text,
data -> Jsonb,
local -> Bool,
data -> Jsonb,
local -> Bool,
published -> Timestamp,
updated -> Nullable<Timestamp>,
}
published -> Timestamp,
updated -> Nullable<Timestamp>,
}
-joinable!(activity -> user_ (user_id));
joinable!(comment -> post (post_id));
joinable!(comment -> user_ (creator_id));
joinable!(comment_like -> comment (comment_id));
joinable!(comment -> post (post_id));
joinable!(comment -> user_ (creator_id));
joinable!(comment_like -> comment (comment_id));
--- /dev/null
+ALTER TABLE activity ADD COLUMN user_id INTEGER;
+ALTER TABLE activity DROP COLUMN sensitive;
\ No newline at end of file
--- /dev/null
+ALTER TABLE activity DROP COLUMN user_id;
+ALTER TABLE activity ADD COLUMN sensitive BOOLEAN DEFAULT TRUE;
\ No newline at end of file