From 4ba0beb60ccdc301f455c32773a3144b9448b2fb Mon Sep 17 00:00:00 2001 From: Ilja Date: Thu, 24 Sep 2020 21:01:33 +0200 Subject: [PATCH] Make mrfSimple work with tuples * Changed SimplePolicy * I also grepped in test/ for ':mrf_simple' to see what other things could be affected --- .../web/activity_pub/mrf/simple_policy.ex | 154 +++++++++--------- test/pleroma/user_test.exs | 2 +- .../activity_pub/mrf/simple_policy_test.exs | 69 ++++---- test/pleroma/web/node_info_test.exs | 10 +- 4 files changed, 123 insertions(+), 112 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 30562ac08..8ef03aa3a 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -15,7 +15,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do defp check_accept(%{host: actor_host} = _actor_info, object) do accepts = - Config.get([:mrf_simple, :accept]) + instance_list(:accept) |> MRF.subdomains_regex() cond do @@ -28,7 +28,7 @@ defp check_accept(%{host: actor_host} = _actor_info, object) do defp check_reject(%{host: actor_host} = _actor_info, object) do rejects = - Config.get([:mrf_simple, :reject]) + instance_list(:reject) |> MRF.subdomains_regex() if MRF.subdomain_match?(rejects, actor_host) do @@ -44,7 +44,7 @@ defp check_media_removal( ) when length(child_attachment) > 0 do media_removal = - Config.get([:mrf_simple, :media_removal]) + instance_list(:media_removal) |> MRF.subdomains_regex() object = @@ -68,7 +68,7 @@ defp check_media_nsfw( } = object ) do media_nsfw = - Config.get([:mrf_simple, :media_nsfw]) + instance_list(:media_nsfw) |> MRF.subdomains_regex() object = @@ -85,7 +85,7 @@ defp check_media_nsfw(_actor_info, object), do: {:ok, object} defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do timeline_removal = - Config.get([:mrf_simple, :federated_timeline_removal]) + instance_list(:federated_timeline_removal) |> MRF.subdomains_regex() object = @@ -112,7 +112,7 @@ defp intersection(list1, list2) do defp check_followers_only(%{host: actor_host} = _actor_info, object) do followers_only = - Config.get([:mrf_simple, :followers_only]) + instance_list(:followers_only) |> MRF.subdomains_regex() object = @@ -137,7 +137,7 @@ defp check_followers_only(%{host: actor_host} = _actor_info, object) do defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} = object) do report_removal = - Config.get([:mrf_simple, :report_removal]) + instance_list(:report_removal) |> MRF.subdomains_regex() if MRF.subdomain_match?(report_removal, actor_host) do @@ -151,7 +151,7 @@ defp check_report_removal(_actor_info, object), do: {:ok, object} defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do avatar_removal = - Config.get([:mrf_simple, :avatar_removal]) + instance_list(:avatar_removal) |> MRF.subdomains_regex() if MRF.subdomain_match?(avatar_removal, actor_host) do @@ -165,7 +165,7 @@ defp check_avatar_removal(_actor_info, object), do: {:ok, object} defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do banner_removal = - Config.get([:mrf_simple, :banner_removal]) + instance_list(:banner_removal) |> MRF.subdomains_regex() if MRF.subdomain_match?(banner_removal, actor_host) do @@ -185,12 +185,19 @@ defp check_object(%{"object" => object} = activity) do defp check_object(object), do: {:ok, object} + defp instance_list(config_key) do + Config.get([:mrf_simple, config_key]) + |> Enum.map(fn + {instance, _} -> instance + end) + end + @impl true def filter(%{"type" => "Delete", "actor" => actor} = object) do %{host: actor_host} = URI.parse(actor) reject_deletes = - Config.get([:mrf_simple, :reject_deletes]) + instance_list(:reject_deletes) |> MRF.subdomains_regex() if MRF.subdomain_match?(reject_deletes, actor_host) do @@ -257,7 +264,7 @@ def describe do mrf_simple = Config.get(:mrf_simple) - |> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn v -> v in exclusions end)} end) + |> Enum.map(fn {k, v} -> {k, Enum.reject(v, fn {v, _} -> v in exclusions end)} end) |> Enum.into(%{}) {:ok, %{mrf_simple: mrf_simple}} @@ -270,70 +277,67 @@ def config_description do related_policy: "Pleroma.Web.ActivityPub.MRF.SimplePolicy", label: "MRF Simple", description: "Simple ingress policies", - children: [ - %{ - key: :media_removal, - type: {:list, :string}, - description: "List of instances to strip media attachments from", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :media_nsfw, - label: "Media NSFW", - type: {:list, :string}, - description: "List of instances to tag all media as NSFW (sensitive) from", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :federated_timeline_removal, - type: {:list, :string}, - description: - "List of instances to remove from the Federated (aka The Whole Known Network) Timeline", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :reject, - type: {:list, :string}, - description: "List of instances to reject activities from (except deletes)", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :accept, - type: {:list, :string}, - description: "List of instances to only accept activities from (except deletes)", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :followers_only, - type: {:list, :string}, - description: "Force posts from the given instances to be visible by followers only", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :report_removal, - type: {:list, :string}, - description: "List of instances to reject reports from", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :avatar_removal, - type: {:list, :string}, - description: "List of instances to strip avatars from", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :banner_removal, - type: {:list, :string}, - description: "List of instances to strip banners from", - suggestions: ["example.com", "*.example.com"] - }, - %{ - key: :reject_deletes, - type: {:list, :string}, - description: "List of instances to reject deletions from", - suggestions: ["example.com", "*.example.com"] - } - ] + children: + [ + %{ + key: :media_removal, + description: + "List of instances to strip media attachments from and the reason for doing so" + }, + %{ + key: :media_nsfw, + label: "Media NSFW", + description: + "List of instances to tag all media as NSFW (sensitive) from and the reason for doing so" + }, + %{ + key: :federated_timeline_removal, + description: + "List of instances to remove from the Federated (aka The Whole Known Network) Timeline and the reason for doing so" + }, + %{ + key: :reject, + description: + "List of instances to reject activities from (except deletes) and the reason for doing so" + }, + %{ + key: :accept, + description: + "List of instances to only accept activities from (except deletes) and the reason for doing so" + }, + %{ + key: :followers_only, + description: + "Force posts from the given instances to be visible by followers only and the reason for doing so" + }, + %{ + key: :report_removal, + description: "List of instances to reject reports from and the reason for doing so" + }, + %{ + key: :avatar_removal, + description: "List of instances to strip avatars from and the reason for doing so" + }, + %{ + key: :banner_removal, + description: "List of instances to strip banners from and the reason for doing so" + }, + %{ + key: :reject_deletes, + description: "List of instances to reject deletions from and the reason for doing so" + } + ] + |> Enum.map(fn setting -> + Map.merge( + setting, + %{ + type: {:list, :tuple}, + key_placeholder: "instance", + value_placeholder: "reason", + suggestions: [{"example.com", "Some reason"}, {"*.example.com", "Another reason"}] + } + ) + end) } end end diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs index 4021a565d..c2ed2c2a3 100644 --- a/test/pleroma/user_test.exs +++ b/test/pleroma/user_test.exs @@ -480,7 +480,7 @@ test "it sends a welcome chat message if it is set" do ) test "it sends a welcome chat message when Simple policy applied to local instance" do - clear_config([:mrf_simple, :media_nsfw], ["localhost"]) + clear_config([:mrf_simple, :media_nsfw], [{"localhost", ""}]) welcome_user = insert(:user) clear_config([:welcome, :chat_message, :enabled], true) diff --git a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs index 0b0143d09..0a0f51bdb 100644 --- a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs +++ b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs @@ -33,7 +33,7 @@ test "is empty" do end test "has a matching host" do - clear_config([:mrf_simple, :media_removal], ["remote.instance"]) + clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}]) media_message = build_media_message() local_message = build_local_message() @@ -46,7 +46,7 @@ test "has a matching host" do end test "match with wildcard domain" do - clear_config([:mrf_simple, :media_removal], ["*.remote.instance"]) + clear_config([:mrf_simple, :media_removal], [{"*.remote.instance", "Whatever reason"}]) media_message = build_media_message() local_message = build_local_message() @@ -70,7 +70,7 @@ test "is empty" do end test "has a matching host" do - clear_config([:mrf_simple, :media_nsfw], ["remote.instance"]) + clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}]) media_message = build_media_message() local_message = build_local_message() @@ -81,7 +81,7 @@ test "has a matching host" do end test "match with wildcard domain" do - clear_config([:mrf_simple, :media_nsfw], ["*.remote.instance"]) + clear_config([:mrf_simple, :media_nsfw], [{"*.remote.instance", "yeah yeah"}]) media_message = build_media_message() local_message = build_local_message() @@ -115,7 +115,7 @@ test "is empty" do end test "has a matching host" do - clear_config([:mrf_simple, :report_removal], ["remote.instance"]) + clear_config([:mrf_simple, :report_removal], [{"remote.instance", "muh"}]) report_message = build_report_message() local_message = build_local_message() @@ -124,7 +124,7 @@ test "has a matching host" do end test "match with wildcard domain" do - clear_config([:mrf_simple, :report_removal], ["*.remote.instance"]) + clear_config([:mrf_simple, :report_removal], [{"*.remote.instance", "suya"}]) report_message = build_report_message() local_message = build_local_message() @@ -159,7 +159,7 @@ test "has a matching host" do |> URI.parse() |> Map.fetch!(:host) - clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host]) + clear_config([:mrf_simple, :federated_timeline_removal], [{ftl_message_actor_host, "uwu"}]) local_message = build_local_message() assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message) @@ -180,7 +180,10 @@ test "match with wildcard domain" do |> URI.parse() |> Map.fetch!(:host) - clear_config([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host]) + clear_config([:mrf_simple, :federated_timeline_removal], [ + {"*." <> ftl_message_actor_host, "owo"} + ]) + local_message = build_local_message() assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message) @@ -203,7 +206,9 @@ test "has a matching host but only as:Public in to" do ftl_message = Map.put(ftl_message, "cc", []) - clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host]) + clear_config([:mrf_simple, :federated_timeline_removal], [ + {ftl_message_actor_host, "spiderwaifu goes 88w88"} + ]) assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message) refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"] @@ -232,7 +237,7 @@ test "is empty" do end test "activity has a matching host" do - clear_config([:mrf_simple, :reject], ["remote.instance"]) + clear_config([:mrf_simple, :reject], [{"remote.instance", ""}]) remote_message = build_remote_message() @@ -240,7 +245,7 @@ test "activity has a matching host" do end test "activity matches with wildcard domain" do - clear_config([:mrf_simple, :reject], ["*.remote.instance"]) + clear_config([:mrf_simple, :reject], [{"*.remote.instance", ""}]) remote_message = build_remote_message() @@ -248,7 +253,7 @@ test "activity matches with wildcard domain" do end test "actor has a matching host" do - clear_config([:mrf_simple, :reject], ["remote.instance"]) + clear_config([:mrf_simple, :reject], [{"remote.instance", ""}]) remote_user = build_remote_user() @@ -256,7 +261,7 @@ test "actor has a matching host" do end test "reject Announce when object would be rejected" do - clear_config([:mrf_simple, :reject], ["blocked.tld"]) + clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}]) announce = %{ "type" => "Announce", @@ -268,7 +273,7 @@ test "reject Announce when object would be rejected" do end test "reject by URI object" do - clear_config([:mrf_simple, :reject], ["blocked.tld"]) + clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}]) announce = %{ "type" => "Announce", @@ -322,7 +327,7 @@ test "has a matching host" do |> URI.parse() |> Map.fetch!(:host) - clear_config([:mrf_simple, :followers_only], [actor_domain]) + clear_config([:mrf_simple, :followers_only], [{actor_domain, ""}]) assert {:ok, new_activity} = SimplePolicy.filter(activity) assert actor.follower_address in new_activity["cc"] @@ -350,7 +355,7 @@ test "is empty" do end test "is not empty but activity doesn't have a matching host" do - clear_config([:mrf_simple, :accept], ["non.matching.remote"]) + clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}]) local_message = build_local_message() remote_message = build_remote_message() @@ -360,7 +365,7 @@ test "is not empty but activity doesn't have a matching host" do end test "activity has a matching host" do - clear_config([:mrf_simple, :accept], ["remote.instance"]) + clear_config([:mrf_simple, :accept], [{"remote.instance", ""}]) local_message = build_local_message() remote_message = build_remote_message() @@ -370,7 +375,7 @@ test "activity has a matching host" do end test "activity matches with wildcard domain" do - clear_config([:mrf_simple, :accept], ["*.remote.instance"]) + clear_config([:mrf_simple, :accept], [{"*.remote.instance", ""}]) local_message = build_local_message() remote_message = build_remote_message() @@ -380,7 +385,7 @@ test "activity matches with wildcard domain" do end test "actor has a matching host" do - clear_config([:mrf_simple, :accept], ["remote.instance"]) + clear_config([:mrf_simple, :accept], [{"remote.instance", ""}]) remote_user = build_remote_user() @@ -398,7 +403,7 @@ test "is empty" do end test "is not empty but it doesn't have a matching host" do - clear_config([:mrf_simple, :avatar_removal], ["non.matching.remote"]) + clear_config([:mrf_simple, :avatar_removal], [{"non.matching.remote", ""}]) remote_user = build_remote_user() @@ -406,7 +411,7 @@ test "is not empty but it doesn't have a matching host" do end test "has a matching host" do - clear_config([:mrf_simple, :avatar_removal], ["remote.instance"]) + clear_config([:mrf_simple, :avatar_removal], [{"remote.instance", ""}]) remote_user = build_remote_user() {:ok, filtered} = SimplePolicy.filter(remote_user) @@ -415,7 +420,7 @@ test "has a matching host" do end test "match with wildcard domain" do - clear_config([:mrf_simple, :avatar_removal], ["*.remote.instance"]) + clear_config([:mrf_simple, :avatar_removal], [{"*.remote.instance", ""}]) remote_user = build_remote_user() {:ok, filtered} = SimplePolicy.filter(remote_user) @@ -434,7 +439,7 @@ test "is empty" do end test "is not empty but it doesn't have a matching host" do - clear_config([:mrf_simple, :banner_removal], ["non.matching.remote"]) + clear_config([:mrf_simple, :banner_removal], [{"non.matching.remote", ""}]) remote_user = build_remote_user() @@ -442,7 +447,7 @@ test "is not empty but it doesn't have a matching host" do end test "has a matching host" do - clear_config([:mrf_simple, :banner_removal], ["remote.instance"]) + clear_config([:mrf_simple, :banner_removal], [{"remote.instance", ""}]) remote_user = build_remote_user() {:ok, filtered} = SimplePolicy.filter(remote_user) @@ -451,7 +456,7 @@ test "has a matching host" do end test "match with wildcard domain" do - clear_config([:mrf_simple, :banner_removal], ["*.remote.instance"]) + clear_config([:mrf_simple, :banner_removal], [{"*.remote.instance", ""}]) remote_user = build_remote_user() {:ok, filtered} = SimplePolicy.filter(remote_user) @@ -464,7 +469,7 @@ test "match with wildcard domain" do setup do: clear_config([:mrf_simple, :reject_deletes], []) test "it accepts deletions even from rejected servers" do - clear_config([:mrf_simple, :reject], ["remote.instance"]) + clear_config([:mrf_simple, :reject], [{"remote.instance", ""}]) deletion_message = build_remote_deletion_message() @@ -472,7 +477,7 @@ test "it accepts deletions even from rejected servers" do end test "it accepts deletions even from non-whitelisted servers" do - clear_config([:mrf_simple, :accept], ["non.matching.remote"]) + clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}]) deletion_message = build_remote_deletion_message() @@ -481,10 +486,10 @@ test "it accepts deletions even from non-whitelisted servers" do end describe "when :reject_deletes is not empty but it doesn't have a matching host" do - setup do: clear_config([:mrf_simple, :reject_deletes], ["non.matching.remote"]) + setup do: clear_config([:mrf_simple, :reject_deletes], [{"non.matching.remote", ""}]) test "it accepts deletions even from rejected servers" do - clear_config([:mrf_simple, :reject], ["remote.instance"]) + clear_config([:mrf_simple, :reject], [{"remote.instance", ""}]) deletion_message = build_remote_deletion_message() @@ -492,7 +497,7 @@ test "it accepts deletions even from rejected servers" do end test "it accepts deletions even from non-whitelisted servers" do - clear_config([:mrf_simple, :accept], ["non.matching.remote"]) + clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}]) deletion_message = build_remote_deletion_message() @@ -501,7 +506,7 @@ test "it accepts deletions even from non-whitelisted servers" do end describe "when :reject_deletes has a matching host" do - setup do: clear_config([:mrf_simple, :reject_deletes], ["remote.instance"]) + setup do: clear_config([:mrf_simple, :reject_deletes], [{"remote.instance", ""}]) test "it rejects the deletion" do deletion_message = build_remote_deletion_message() @@ -511,7 +516,7 @@ test "it rejects the deletion" do end describe "when :reject_deletes match with wildcard domain" do - setup do: clear_config([:mrf_simple, :reject_deletes], ["*.remote.instance"]) + setup do: clear_config([:mrf_simple, :reject_deletes], [{"*.remote.instance", ""}]) test "it rejects the deletion" do deletion_message = build_remote_deletion_message() diff --git a/test/pleroma/web/node_info_test.exs b/test/pleroma/web/node_info_test.exs index ee6fdaae8..7731aadcc 100644 --- a/test/pleroma/web/node_info_test.exs +++ b/test/pleroma/web/node_info_test.exs @@ -154,15 +154,17 @@ test "it shows MRF transparency data if enabled", %{conn: conn} do clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.SimplePolicy]) clear_config([:mrf, :transparency], true) - simple_config = %{"reject" => ["example.com"]} + simple_config = %{"reject" => [{"example.com", ""}]} clear_config(:mrf_simple, simple_config) + expected_config = %{"reject" => [["example.com", ""]]} + response = conn |> get("/nodeinfo/2.1.json") |> json_response(:ok) - assert response["metadata"]["federation"]["mrf_simple"] == simple_config + assert response["metadata"]["federation"]["mrf_simple"] == expected_config end test "it performs exclusions from MRF transparency data if configured", %{conn: conn} do @@ -170,10 +172,10 @@ test "it performs exclusions from MRF transparency data if configured", %{conn: clear_config([:mrf, :transparency], true) clear_config([:mrf, :transparency_exclusions], ["other.site"]) - simple_config = %{"reject" => ["example.com", "other.site"]} + simple_config = %{"reject" => [{"example.com", ""}, {"other.site", ""}]} clear_config(:mrf_simple, simple_config) - expected_config = %{"reject" => ["example.com"]} + expected_config = %{"reject" => [["example.com", ""]]} response = conn