Remove check that avatars/banners are locally hosted (fixes #2254) (#2255)

diff --git a/crates/api/src/local_user/save_settings.rs b/crates/api/src/local_user/save_settings.rs
index cd34d6ddd0fcda153d04a8210f7e1538f77b770e..5e37470a9053a97d884ab7fb9f0c929c3c1510a9 100644 (file)
--- a/crates/api/src/local_user/save_settings.rs
+++ b/crates/api/src/local_user/save_settings.rs
@@ -2,12 +2,7 @@ use crate::Perform;
 use actix_web::web::Data;
 use lemmy_api_common::{
   person::{LoginResponse, SaveUserSettings},
-  utils::{
-    blocking,
-    check_image_has_local_domain,
-    get_local_user_view_from_jwt,
-    send_verification_email,
-  },
+  utils::{blocking, get_local_user_view_from_jwt, send_verification_email},
 };
 use lemmy_db_schema::{
   source::{
@@ -49,9 +44,6 @@ impl Perform for SaveUserSettings {
     let email_deref = data.email.as_deref().map(|e| e.to_owned());
     let email = diesel_option_overwrite(&email_deref);
 
-    check_image_has_local_domain(avatar.as_ref().unwrap_or(&None))?;
-    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
-
     if let Some(Some(email)) = &email {
       let previous_email = local_user_view.local_user.email.clone().unwrap_or_default();
       // Only send the verification email if there was an email change

diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs
index 38ea9a865e7b6f6926530f3942fa8bda64263578..d3c8a1f43df4ea578ef62a3127ce446bcb77260d 100644 (file)
--- a/crates/api_common/src/utils.rs
+++ b/crates/api_common/src/utils.rs
@@ -1,6 +1,6 @@
 use crate::{sensitive::Sensitive, site::FederatedInstances};
 use lemmy_db_schema::{
-  newtypes::{CommunityId, DbUrl, LocalUserId, PersonId, PostId},
+  newtypes::{CommunityId, LocalUserId, PersonId, PostId},
   source::{
     comment::Comment,
     community::Community,
@@ -592,14 +592,3 @@ pub async fn delete_user_account(person_id: PersonId, pool: &DbPool) -> Result<(
 
   Ok(())
 }
-
-pub fn check_image_has_local_domain(url: &Option<DbUrl>) -> Result<(), LemmyError> {
-  if let Some(url) = url {
-    let settings = Settings::get();
-    let domain = url.domain().expect("url has domain");
-    if domain != settings.hostname {
-      return Err(LemmyError::from_message("image_not_local"));
-    }
-  }
-  Ok(())
-}

diff --git a/crates/api_crud/src/community/create.rs b/crates/api_crud/src/community/create.rs
index 6838216ffab8af2c1114290f9d6542f0f97ab72d..a7582d2ec5bbbf138512bd9850f5b8fd2ece64d1 100644 (file)
--- a/crates/api_crud/src/community/create.rs
+++ b/crates/api_crud/src/community/create.rs
@@ -2,7 +2,7 @@ use crate::PerformCrud;
 use actix_web::web::Data;
 use lemmy_api_common::{
   community::{CommunityResponse, CreateCommunity},
-  utils::{blocking, check_image_has_local_domain, get_local_user_view_from_jwt, is_admin},
+  utils::{blocking, get_local_user_view_from_jwt, is_admin},
 };
 use lemmy_apub::{
   generate_followers_url,
@@ -65,8 +65,6 @@ impl PerformCrud for CreateCommunity {
     check_slurs(&data.name, &context.settings().slur_regex())?;
     check_slurs(&data.title, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
-    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     if !is_valid_actor_name(&data.name, context.settings().actor_name_max_length) {
       return Err(LemmyError::from_message("invalid_community_name"));

diff --git a/crates/api_crud/src/community/update.rs b/crates/api_crud/src/community/update.rs
index 4c7fa8ce608618c84f755a429cfbc575acf8358f..d933c9d8865d46713e92bd946dcb954b00a8411e 100644 (file)
--- a/crates/api_crud/src/community/update.rs
+++ b/crates/api_crud/src/community/update.rs
@@ -2,7 +2,7 @@ use crate::PerformCrud;
 use actix_web::web::Data;
 use lemmy_api_common::{
   community::{CommunityResponse, EditCommunity},
-  utils::{blocking, check_image_has_local_domain, get_local_user_view_from_jwt},
+  utils::{blocking, get_local_user_view_from_jwt},
 };
 use lemmy_apub::protocol::activities::community::update::UpdateCommunity;
 use lemmy_db_schema::{
@@ -34,8 +34,6 @@ impl PerformCrud for EditCommunity {
 
     check_slurs_opt(&data.title, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
-    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     // Verify its a mod (only mods can edit it)
     let community_id = data.community_id;

diff --git a/crates/api_crud/src/site/create.rs b/crates/api_crud/src/site/create.rs
index b9b3b601378ff2014afe9ca328abfbb6ddb755be..49550d66823c6964332516f20d7a0fdbf39123d9 100644 (file)
--- a/crates/api_crud/src/site/create.rs
+++ b/crates/api_crud/src/site/create.rs
@@ -2,13 +2,7 @@ use crate::PerformCrud;
 use actix_web::web::Data;
 use lemmy_api_common::{
   site::{CreateSite, SiteResponse},
-  utils::{
-    blocking,
-    check_image_has_local_domain,
-    get_local_user_view_from_jwt,
-    is_admin,
-    site_description_length_check,
-  },
+  utils::{blocking, get_local_user_view_from_jwt, is_admin, site_description_length_check},
 };
 use lemmy_apub::generate_site_inbox_url;
 use lemmy_db_schema::{
@@ -55,8 +49,6 @@ impl PerformCrud for CreateSite {
 
     check_slurs(&data.name, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
-    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     // Make sure user is an admin
     is_admin(&local_user_view)?;

diff --git a/crates/api_crud/src/site/update.rs b/crates/api_crud/src/site/update.rs
index d0c37bea9c26e6814e3731bb7713db0ad6ef4384..0251bddbdee8996c14c48875573bc46806bc67dc 100644 (file)
--- a/crates/api_crud/src/site/update.rs
+++ b/crates/api_crud/src/site/update.rs
@@ -2,13 +2,7 @@ use crate::PerformCrud;
 use actix_web::web::Data;
 use lemmy_api_common::{
   site::{EditSite, SiteResponse},
-  utils::{
-    blocking,
-    check_image_has_local_domain,
-    get_local_user_view_from_jwt,
-    is_admin,
-    site_description_length_check,
-  },
+  utils::{blocking, get_local_user_view_from_jwt, is_admin, site_description_length_check},
 };
 use lemmy_db_schema::{
   source::{
@@ -51,8 +45,6 @@ impl PerformCrud for EditSite {
 
     check_slurs_opt(&data.name, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
-    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     if let Some(Some(desc)) = &description {
       site_description_length_check(desc)?;

diff --git a/crates/apub/src/objects/instance.rs b/crates/apub/src/objects/instance.rs
index 57e115f610ccfe67ea3cbd126ea79205ba21d3ce..09b34fc533b384eeea27a23ff7ca2c3fc51cdc67 100644 (file)
--- a/crates/apub/src/objects/instance.rs
+++ b/crates/apub/src/objects/instance.rs
@@ -1,6 +1,6 @@
 use crate::{
   check_is_apub_id_valid,
-  objects::{read_from_string_or_source_opt, verify_image_domain_matches},
+  objects::read_from_string_or_source_opt,
   protocol::{
     objects::instance::{Instance, InstanceType},
     ImageObject,
@@ -107,8 +107,6 @@ impl ApubObject for ApubSite {
   ) -> Result<(), LemmyError> {
     check_is_apub_id_valid(apub.id.inner(), true, &data.settings())?;
     verify_domains_match(expected_domain, apub.id.inner())?;
-    verify_image_domain_matches(expected_domain, &apub.icon)?;
-    verify_image_domain_matches(expected_domain, &apub.image)?;
 
     let slur_regex = &data.settings().slur_regex();
     check_slurs(&apub.name, slur_regex)?;

diff --git a/crates/apub/src/objects/mod.rs b/crates/apub/src/objects/mod.rs
index 7d5fd26edb7a7d586d8a4167379eb3cb05cf1e18..b3aa80b54868d2c7a25c737692c261379e8750cd 100644 (file)
--- a/crates/apub/src/objects/mod.rs
+++ b/crates/apub/src/objects/mod.rs
@@ -1,7 +1,7 @@
-use crate::protocol::{ImageObject, Source};
+use crate::protocol::Source;
 use anyhow::anyhow;
 use html2md::parse_html;
-use lemmy_apub_lib::{values::MediaTypeMarkdownOrHtml, verify::verify_domains_match};
+use lemmy_apub_lib::values::MediaTypeMarkdownOrHtml;
 use lemmy_utils::{settings::structs::Settings, LemmyError};
 use url::Url;
 
@@ -39,17 +39,6 @@ pub(crate) fn read_from_string_or_source_opt(
     .map(|content| read_from_string_or_source(content, media_type, source))
 }
 
-pub(crate) fn verify_image_domain_matches(
-  a: &Url,
-  b: &Option<ImageObject>,
-) -> Result<(), LemmyError> {
-  if let Some(b) = b {
-    verify_domains_match(a, &b.url)
-  } else {
-    Ok(())
-  }
-}
-
 /// When for example a Post is made in a remote community, the community will send it back,
 /// wrapped in Announce. If we simply receive this like any other federated object, overwrite the
 /// existing, local Post. In particular, it will set the field local = false, so that the object

diff --git a/crates/apub/src/objects/person.rs b/crates/apub/src/objects/person.rs
index 8304322c6c40d0038ccdec583c8c170287628afd..bf2cb3cb608a9ef7c31237d7256682e6a90ce9ec 100644 (file)
--- a/crates/apub/src/objects/person.rs
+++ b/crates/apub/src/objects/person.rs
@@ -1,11 +1,7 @@
 use crate::{
   check_is_apub_id_valid,
   generate_outbox_url,
-  objects::{
-    instance::fetch_instance_actor_for_object,
-    read_from_string_or_source_opt,
-    verify_image_domain_matches,
-  },
+  objects::{instance::fetch_instance_actor_for_object, read_from_string_or_source_opt},
   protocol::{
     objects::{
       person::{Person, UserTypes},
@@ -128,8 +124,6 @@ impl ApubObject for ApubPerson {
   ) -> Result<(), LemmyError> {
     verify_domains_match(person.id.inner(), expected_domain)?;
     check_is_apub_id_valid(person.id.inner(), false, &context.settings())?;
-    verify_image_domain_matches(expected_domain, &person.icon)?;
-    verify_image_domain_matches(expected_domain, &person.image)?;
 
     let slur_regex = &context.settings().slur_regex();
     check_slurs(&person.preferred_username, slur_regex)?;

diff --git a/crates/apub/src/protocol/objects/group.rs b/crates/apub/src/protocol/objects/group.rs
index 5f03814a9b75bd79e9a3c4c8dece8afc5c0aab6c..8f161c2da7ed1d9dca8f10f3f06277176556e034 100644 (file)
--- a/crates/apub/src/protocol/objects/group.rs
+++ b/crates/apub/src/protocol/objects/group.rs
@@ -4,11 +4,7 @@ use crate::{
     community_moderators::ApubCommunityModerators,
     community_outbox::ApubCommunityOutbox,
   },
-  objects::{
-    community::ApubCommunity,
-    read_from_string_or_source_opt,
-    verify_image_domain_matches,
-  },
+  objects::{community::ApubCommunity, read_from_string_or_source_opt},
   protocol::{objects::Endpoints, ImageObject, Source},
 };
 use activitystreams_kinds::actor::GroupType;
@@ -65,8 +61,6 @@ impl Group {
   ) -> Result<(), LemmyError> {
     check_is_apub_id_valid(self.id.inner(), true, &context.settings())?;
     verify_domains_match(expected_domain, self.id.inner())?;
-    verify_image_domain_matches(expected_domain, &self.icon)?;
-    verify_image_domain_matches(expected_domain, &self.image)?;
 
     let slur_regex = &context.settings().slur_regex();
     check_slurs(&self.preferred_username, slur_regex)?;