From 1097ce6d9f06a7552652c5990cee12e7b7b3cc59 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Thu, 21 Feb 2019 18:55:19 +0300 Subject: [PATCH 01/68] Auth customization support. OAuthController#create_authorization user retrieval / creation, errors handling, template & layout selection. --- lib/pleroma/web/oauth.ex | 8 +++++++ lib/pleroma/web/oauth/authenticator.ex | 22 +++++++++++++++++++ .../web/oauth/authenticator_adapter.ex | 7 ++++++ lib/pleroma/web/oauth/oauth_controller.ex | 17 +++++++------- lib/pleroma/web/web.ex | 2 ++ 5 files changed, 48 insertions(+), 8 deletions(-) create mode 100644 lib/pleroma/web/oauth/authenticator.ex create mode 100644 lib/pleroma/web/oauth/authenticator_adapter.ex diff --git a/lib/pleroma/web/oauth.ex b/lib/pleroma/web/oauth.ex index d2835a0ba..f3bac33c8 100644 --- a/lib/pleroma/web/oauth.ex +++ b/lib/pleroma/web/oauth.ex @@ -3,6 +3,14 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.OAuth do + @authenticator Application.get_env( + :pleroma, + Pleroma.Web.AuthenticatorAdapter, + Pleroma.Web.Authenticator + ) + + def authenticator, do: @authenticator + def parse_scopes(scopes, _default) when is_list(scopes) do Enum.filter(scopes, &(&1 not in [nil, ""])) end diff --git a/lib/pleroma/web/oauth/authenticator.ex b/lib/pleroma/web/oauth/authenticator.ex new file mode 100644 index 000000000..86bbc41f0 --- /dev/null +++ b/lib/pleroma/web/oauth/authenticator.ex @@ -0,0 +1,22 @@ +defmodule Pleroma.Web.Authenticator do + alias Pleroma.User + alias Comeonin.Pbkdf2 + + @behaviour Pleroma.Web.AuthenticatorAdapter + + def get_user(%Plug.Conn{} = conn) do + %{"authorization" => %{"name" => name, "password" => password}} = conn.params + + with {_, %User{} = user} <- {:user, User.get_by_nickname_or_email(name)}, + {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do + {:ok, user} + else + error -> + {:error, error} + end + end + + def handle_error(%Plug.Conn{} = _conn, error) do + error + end +end diff --git a/lib/pleroma/web/oauth/authenticator_adapter.ex b/lib/pleroma/web/oauth/authenticator_adapter.ex new file mode 100644 index 000000000..282963b1c --- /dev/null +++ b/lib/pleroma/web/oauth/authenticator_adapter.ex @@ -0,0 +1,7 @@ +defmodule Pleroma.Web.AuthenticatorAdapter do + alias Pleroma.User + + @callback get_user(Plug.Conn.t()) :: {:ok, User.t()} | {:error, any()} + + @callback handle_error(Plug.Conn.t(), any()) :: any() +end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 7c1a3adbd..abe6fd2f2 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do use Pleroma.Web, :controller + alias Pleroma.Web.OAuth alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Token alias Pleroma.Web.OAuth.App @@ -24,27 +25,27 @@ def authorize(conn, params) do available_scopes = (app && app.scopes) || [] scopes = oauth_scopes(params, nil) || available_scopes - render(conn, "show.html", %{ + template = Application.get_env(:pleroma, :auth_template, "show.html") + + render(conn, template, %{ response_type: params["response_type"], client_id: params["client_id"], available_scopes: available_scopes, scopes: scopes, redirect_uri: params["redirect_uri"], - state: params["state"] + state: params["state"], + params: params }) end def create_authorization(conn, %{ "authorization" => %{ - "name" => name, - "password" => password, "client_id" => client_id, "redirect_uri" => redirect_uri } = auth_params }) do - with %User{} = user <- User.get_by_nickname_or_email(name), - true <- Pbkdf2.checkpw(password, user.password_hash), + with {_, {:ok, %User{} = user}} <- {:get_user, OAuth.authenticator().get_user(conn)}, %App{} = app <- Repo.get_by(App, client_id: client_id), true <- redirect_uri in String.split(app.redirect_uris), scopes <- oauth_scopes(auth_params, []), @@ -53,9 +54,9 @@ def create_authorization(conn, %{ {:missing_scopes, false} <- {:missing_scopes, scopes == []}, {:auth_active, true} <- {:auth_active, User.auth_active?(user)}, {:ok, auth} <- Authorization.create_authorization(app, user, scopes) do - # Special case: Local MastodonFE. redirect_uri = if redirect_uri == "." do + # Special case: Local MastodonFE mastodon_api_url(conn, :login) else redirect_uri @@ -97,7 +98,7 @@ def create_authorization(conn, %{ |> authorize(auth_params) error -> - error + OAuth.authenticator().handle_error(conn, error) end end diff --git a/lib/pleroma/web/web.ex b/lib/pleroma/web/web.ex index 853aa2a87..4f618743d 100644 --- a/lib/pleroma/web/web.ex +++ b/lib/pleroma/web/web.ex @@ -26,6 +26,8 @@ def controller do import Plug.Conn import Pleroma.Web.Gettext import Pleroma.Web.Router.Helpers + + plug(:put_layout, Application.get_env(:pleroma, :app_template, "app.html")) end end From afddce45b3d4d9ea61620c941838a372ca225825 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 22 Feb 2019 11:10:17 +0300 Subject: [PATCH 02/68] Minor setting name adjustment (:app_template -> :app_layout). --- lib/pleroma/web/web.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/web.ex b/lib/pleroma/web/web.ex index 4f618743d..4bf07a6ef 100644 --- a/lib/pleroma/web/web.ex +++ b/lib/pleroma/web/web.ex @@ -27,7 +27,7 @@ def controller do import Pleroma.Web.Gettext import Pleroma.Web.Router.Helpers - plug(:put_layout, Application.get_env(:pleroma, :app_template, "app.html")) + plug(:put_layout, Application.get_env(:pleroma, :app_layout, "app.html")) end end From b227ccab827471359f539d23a14413e70ad67e33 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 22 Feb 2019 14:00:18 +0300 Subject: [PATCH 03/68] Fixed `scopes` of apps / authorizations / tokens from apps initially created with space-delimited `scope`. --- ...20190222104808_data_migration_normalize_scopes.exs | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 priv/repo/migrations/20190222104808_data_migration_normalize_scopes.exs diff --git a/priv/repo/migrations/20190222104808_data_migration_normalize_scopes.exs b/priv/repo/migrations/20190222104808_data_migration_normalize_scopes.exs new file mode 100644 index 000000000..d44e5096b --- /dev/null +++ b/priv/repo/migrations/20190222104808_data_migration_normalize_scopes.exs @@ -0,0 +1,11 @@ +defmodule Pleroma.Repo.Migrations.DataMigrationNormalizeScopes do + use Ecto.Migration + + def up do + for t <- [:apps, :oauth_authorizations, :oauth_tokens] do + execute "UPDATE #{t} SET scopes = string_to_array(array_to_string(scopes, ' '), ' ');" + end + end + + def down, do: :noop +end From 62296f5a251e376bed5b234a66b20226dbd58419 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 22 Feb 2019 12:02:51 +0100 Subject: [PATCH 04/68] Fix private post card handling. --- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- .../web/mastodon_api/mastodon_api_controller.ex | 4 ++-- .../mastodon_api/mastodon_api_controller_test.exs | 12 ++++++++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 7e153f396..fb0b7b68e 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -943,7 +943,7 @@ def visible_for_user?(activity, nil) do def visible_for_user?(activity, user) do x = [user.ap_id | user.following] - y = activity.data["to"] ++ (activity.data["cc"] || []) + y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || []) visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 60738301b..cf7458d5f 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -1518,9 +1518,9 @@ def suggestions(%{assigns: %{user: user}} = conn, _) do end end - def status_card(conn, %{"id" => status_id}) do + def status_card(%{assigns: %{user: user}} = conn, %{"id" => status_id}) do with %Activity{} = activity <- Repo.get(Activity, status_id), - true <- ActivityPub.is_public?(activity) do + true <- ActivityPub.visible_for_user?(activity, user) do data = StatusView.render( "card.json", diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 3dfbc8669..b52c2b805 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1744,6 +1744,18 @@ test "Status rich-media Card", %{conn: conn, user: user} do } } + # works with private posts + {:ok, activity} = + CommonAPI.post(user, %{"status" => "http://example.com/ogp", "visibility" => "direct"}) + + response_two = + conn + |> assign(:user, user) + |> get("/api/v1/statuses/#{activity.id}/card") + |> json_response(200) + + assert response_two == response + Pleroma.Config.put([:rich_media, :enabled], false) end end From 9e0686efa61940fe78736c3e2669acb7233d8ada Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 22 Feb 2019 13:29:52 +0100 Subject: [PATCH 05/68] Move visibility into own module. --- lib/pleroma/gopher/server.ex | 3 +- lib/pleroma/web/activity_pub/activity_pub.ex | 52 +--------- .../activity_pub/activity_pub_controller.ex | 9 +- .../web/activity_pub/transmogrifier.ex | 3 +- lib/pleroma/web/activity_pub/visibility.ex | 56 +++++++++++ lib/pleroma/web/federator/federator.ex | 3 +- .../mastodon_api/mastodon_api_controller.ex | 11 ++- lib/pleroma/web/ostatus/ostatus_controller.ex | 9 +- lib/pleroma/web/streamer.ex | 6 +- .../web/twitter_api/twitter_api_controller.ex | 3 +- test/web/activity_pub/visibilty_test.exs | 98 +++++++++++++++++++ 11 files changed, 182 insertions(+), 71 deletions(-) create mode 100644 lib/pleroma/web/activity_pub/visibility.ex create mode 100644 test/web/activity_pub/visibilty_test.exs diff --git a/lib/pleroma/gopher/server.ex b/lib/pleroma/gopher/server.ex index 32cb817d2..ba9614029 100644 --- a/lib/pleroma/gopher/server.ex +++ b/lib/pleroma/gopher/server.ex @@ -37,6 +37,7 @@ def init([ip, port]) do defmodule Pleroma.Gopher.Server.ProtocolHandler do alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Activity alias Pleroma.HTML alias Pleroma.User @@ -110,7 +111,7 @@ def response("/main/all") do def response("/notices/" <> id) do with %Activity{} = activity <- Repo.get(Activity, id), - true <- ActivityPub.is_public?(activity) do + true <- Visibility.is_public?(activity) do activities = ActivityPub.fetch_activities_for_context(activity.data["context"]) |> render_activities diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index fb0b7b68e..cc255cc9e 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -18,6 +18,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do import Ecto.Query import Pleroma.Web.ActivityPub.Utils + import Pleroma.Web.ActivityPub.Visibility require Logger @@ -912,57 +913,6 @@ def fetch_and_contain_remote_object_from_id(id) do end end - def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false - def is_public?(%Object{data: data}), do: is_public?(data) - def is_public?(%Activity{data: data}), do: is_public?(data) - def is_public?(%{"directMessage" => true}), do: false - - def is_public?(data) do - "https://www.w3.org/ns/activitystreams#Public" in (data["to"] ++ (data["cc"] || [])) - end - - def is_private?(activity) do - unless is_public?(activity) do - follower_address = User.get_cached_by_ap_id(activity.data["actor"]).follower_address - Enum.any?(activity.data["to"], &(&1 == follower_address)) - else - false - end - end - - def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true - def is_direct?(%Object{data: %{"directMessage" => true}}), do: true - - def is_direct?(activity) do - !is_public?(activity) && !is_private?(activity) - end - - def visible_for_user?(activity, nil) do - is_public?(activity) - end - - def visible_for_user?(activity, user) do - x = [user.ap_id | user.following] - y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || []) - visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) - end - - # guard - def entire_thread_visible_for_user?(nil, _user), do: false - - # child - def entire_thread_visible_for_user?( - %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, - user - ) - when is_binary(parent_id) do - parent = Activity.get_in_reply_to_activity(tail) - visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) - end - - # root - def entire_thread_visible_for_user?(tail, user), do: visible_for_user?(tail, user) - # filter out broken threads def contain_broken_threads(%Activity{} = activity, %User{} = user) do entire_thread_visible_for_user?(activity, user) diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index 2bea51311..ff924a536 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -11,6 +11,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do alias Pleroma.Web.ActivityPub.ObjectView alias Pleroma.Web.ActivityPub.UserView alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.ActivityPub.Relay alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils @@ -49,7 +50,7 @@ def user(conn, %{"nickname" => nickname}) do def object(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)} do + {_, true} <- {:public?, Visibility.is_public?(object)} do conn |> put_resp_header("content-type", "application/activity+json") |> json(ObjectView.render("object.json", %{object: object})) @@ -62,7 +63,7 @@ def object(conn, %{"uuid" => uuid}) do def object_likes(conn, %{"uuid" => uuid, "page" => page}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)}, + {_, true} <- {:public?, Visibility.is_public?(object)}, likes <- Utils.get_object_likes(object) do {page, _} = Integer.parse(page) @@ -78,7 +79,7 @@ def object_likes(conn, %{"uuid" => uuid, "page" => page}) do def object_likes(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :object, uuid), %Object{} = object <- Object.get_cached_by_ap_id(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(object)}, + {_, true} <- {:public?, Visibility.is_public?(object)}, likes <- Utils.get_object_likes(object) do conn |> put_resp_header("content-type", "application/activity+json") @@ -92,7 +93,7 @@ def object_likes(conn, %{"uuid" => uuid}) do def activity(conn, %{"uuid" => uuid}) do with ap_id <- o_status_url(conn, :activity, uuid), %Activity{} = activity <- Activity.normalize(ap_id), - {_, true} <- {:public?, ActivityPub.is_public?(activity)} do + {_, true} <- {:public?, Visibility.is_public?(activity)} do conn |> put_resp_header("content-type", "application/activity+json") |> json(ObjectView.render("object.json", %{object: activity})) diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index 41d89a02b..88007aa16 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -12,6 +12,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do alias Pleroma.Repo alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.ActivityPub.Visibility import Ecto.Query @@ -489,7 +490,7 @@ def handle_incoming( with actor <- get_actor(data), %User{} = actor <- User.get_or_fetch_by_ap_id(actor), {:ok, object} <- get_obj_helper(object_id) || fetch_obj_helper(object_id), - public <- ActivityPub.is_public?(data), + public <- Visibility.is_public?(data), {:ok, activity, _object} <- ActivityPub.announce(actor, object, id, false, public) do {:ok, activity} else diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex new file mode 100644 index 000000000..db52fe933 --- /dev/null +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -0,0 +1,56 @@ +defmodule Pleroma.Web.ActivityPub.Visibility do + alias Pleroma.Activity + alias Pleroma.Object + alias Pleroma.User + + def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false + def is_public?(%Object{data: data}), do: is_public?(data) + def is_public?(%Activity{data: data}), do: is_public?(data) + def is_public?(%{"directMessage" => true}), do: false + + def is_public?(data) do + "https://www.w3.org/ns/activitystreams#Public" in (data["to"] ++ (data["cc"] || [])) + end + + def is_private?(activity) do + unless is_public?(activity) do + follower_address = User.get_cached_by_ap_id(activity.data["actor"]).follower_address + Enum.any?(activity.data["to"], &(&1 == follower_address)) + else + false + end + end + + def is_direct?(%Activity{data: %{"directMessage" => true}}), do: true + def is_direct?(%Object{data: %{"directMessage" => true}}), do: true + + def is_direct?(activity) do + !is_public?(activity) && !is_private?(activity) + end + + def visible_for_user?(activity, nil) do + is_public?(activity) + end + + def visible_for_user?(activity, user) do + x = [user.ap_id | user.following] + y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || []) + visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) + end + + # guard + def entire_thread_visible_for_user?(nil, _user), do: false + + # child + def entire_thread_visible_for_user?( + %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, + user + ) + when is_binary(parent_id) do + parent = Activity.get_in_reply_to_activity(tail) + visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) + end + + # root + def entire_thread_visible_for_user?(tail, user), do: visible_for_user?(tail, user) +end diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index d4e2a9742..fbfe97dbc 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -9,6 +9,7 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.Websub alias Pleroma.Web.Salmon alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.ActivityPub.Relay alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils @@ -94,7 +95,7 @@ def perform(:publish, activity) do with actor when not is_nil(actor) <- User.get_cached_by_ap_id(activity.data["actor"]) do {:ok, actor} = WebFinger.ensure_keys_present(actor) - if ActivityPub.is_public?(activity) do + if Visibility.is_public?(activity) do if OStatus.is_representable?(activity) do Logger.info(fn -> "Sending #{activity.data["id"]} out via WebSub" end) Websub.publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index cf7458d5f..12987442a 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -27,6 +27,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Web.MastodonAPI.ReportView alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Token @@ -307,7 +308,7 @@ def dm_timeline(%{assigns: %{user: user}} = conn, params) do def get_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{} = activity <- Repo.get(Activity, id), - true <- ActivityPub.visible_for_user?(activity, user) do + true <- Visibility.visible_for_user?(activity, user) do conn |> put_view(StatusView) |> try_render("status.json", %{activity: activity, for: user}) @@ -449,7 +450,7 @@ def unpin_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do def bookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{} = activity <- Repo.get(Activity, id), %User{} = user <- User.get_by_nickname(user.nickname), - true <- ActivityPub.visible_for_user?(activity, user), + true <- Visibility.visible_for_user?(activity, user), {:ok, user} <- User.bookmark(user, activity.data["object"]["id"]) do conn |> put_view(StatusView) @@ -460,7 +461,7 @@ def bookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do def unbookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{} = activity <- Repo.get(Activity, id), %User{} = user <- User.get_by_nickname(user.nickname), - true <- ActivityPub.visible_for_user?(activity, user), + true <- Visibility.visible_for_user?(activity, user), {:ok, user} <- User.unbookmark(user, activity.data["object"]["id"]) do conn |> put_view(StatusView) @@ -867,7 +868,7 @@ def status_search(user, query) do if Regex.match?(~r/https?:/, query) do with {:ok, object} <- ActivityPub.fetch_object_from_id(query), %Activity{} = activity <- Activity.get_create_by_object_ap_id(object.data["id"]), - true <- ActivityPub.visible_for_user?(activity, user) do + true <- Visibility.visible_for_user?(activity, user) do [activity] else _e -> [] @@ -1520,7 +1521,7 @@ def suggestions(%{assigns: %{user: user}} = conn, _) do def status_card(%{assigns: %{user: user}} = conn, %{"id" => status_id}) do with %Activity{} = activity <- Repo.get(Activity, status_id), - true <- ActivityPub.visible_for_user?(activity, user) do + true <- Visibility.visible_for_user?(activity, user) do data = StatusView.render( "card.json", diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index df723f638..4e963774a 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -9,6 +9,7 @@ defmodule Pleroma.Web.OStatus.OStatusController do alias Pleroma.Object alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.ActivityPub.ActivityPubController alias Pleroma.Web.ActivityPub.ObjectView alias Pleroma.Web.OStatus.ActivityRepresenter @@ -102,7 +103,7 @@ def object(conn, %{"uuid" => uuid}) do else with id <- o_status_url(conn, :object, uuid), {_, %Activity{} = activity} <- {:activity, Activity.get_create_by_object_ap_id(id)}, - {_, true} <- {:public?, ActivityPub.is_public?(activity)}, + {_, true} <- {:public?, Visibility.is_public?(activity)}, %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do case get_format(conn) do "html" -> redirect(conn, to: "/notice/#{activity.id}") @@ -127,7 +128,7 @@ def activity(conn, %{"uuid" => uuid}) do else with id <- o_status_url(conn, :activity, uuid), {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)}, - {_, true} <- {:public?, ActivityPub.is_public?(activity)}, + {_, true} <- {:public?, Visibility.is_public?(activity)}, %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do case format = get_format(conn) do "html" -> redirect(conn, to: "/notice/#{activity.id}") @@ -148,7 +149,7 @@ def activity(conn, %{"uuid" => uuid}) do def notice(conn, %{"id" => id}) do with {_, %Activity{} = activity} <- {:activity, Activity.get_by_id(id)}, - {_, true} <- {:public?, ActivityPub.is_public?(activity)}, + {_, true} <- {:public?, Visibility.is_public?(activity)}, %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do case format = get_format(conn) do "html" -> @@ -191,7 +192,7 @@ def notice(conn, %{"id" => id}) do # Returns an HTML embedded