mrf/simple_policy: check actor against accept/reject

This commit is contained in:
Haelwenn (lanodan) Monnier 2019-10-07 02:55:09 +02:00
parent 25cffffaf1
commit 58aeabd020
No known key found for this signature in database
GPG Key ID: D5B7A8E43C997DEE
3 changed files with 25 additions and 6 deletions

View File

@ -22,6 +22,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Admin API: Return `total` when querying for reports - Admin API: Return `total` when querying for reports
- Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`) - Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`)
- Admin API: Return link alongside with token on password reset - Admin API: Return link alongside with token on password reset
- MRF (Simple Policy): Also use `:accept`/`:reject` on the actors rather than only their activities
### Fixed ### Fixed
- Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`) - Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`)

View File

@ -168,7 +168,9 @@ def filter(%{"id" => actor, "type" => obj_type} = object)
when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do
actor_info = URI.parse(actor) actor_info = URI.parse(actor)
with {:ok, object} <- check_avatar_removal(actor_info, object), with {:ok, object} <- check_accept(actor_info, object),
{:ok, object} <- check_reject(actor_info, object),
{:ok, object} <- check_avatar_removal(actor_info, object),
{:ok, object} <- check_banner_removal(actor_info, object) do {:ok, object} <- check_banner_removal(actor_info, object) do
{:ok, object} {:ok, object}
else else

View File

@ -236,7 +236,7 @@ test "is empty" do
assert SimplePolicy.filter(remote_message) == {:ok, remote_message} assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
end end
test "has a matching host" do test "activity has a matching host" do
Config.put([:mrf_simple, :reject], ["remote.instance"]) Config.put([:mrf_simple, :reject], ["remote.instance"])
remote_message = build_remote_message() remote_message = build_remote_message()
@ -244,13 +244,21 @@ test "has a matching host" do
assert SimplePolicy.filter(remote_message) == {:reject, nil} assert SimplePolicy.filter(remote_message) == {:reject, nil}
end end
test "match with wildcard domain" do test "activity matches with wildcard domain" do
Config.put([:mrf_simple, :reject], ["*.remote.instance"]) Config.put([:mrf_simple, :reject], ["*.remote.instance"])
remote_message = build_remote_message() remote_message = build_remote_message()
assert SimplePolicy.filter(remote_message) == {:reject, nil} assert SimplePolicy.filter(remote_message) == {:reject, nil}
end end
test "actor has a matching host" do
Config.put([:mrf_simple, :reject], ["remote.instance"])
remote_user = build_remote_user()
assert SimplePolicy.filter(remote_user) == {:reject, nil}
end
end end
describe "when :accept" do describe "when :accept" do
@ -264,7 +272,7 @@ test "is empty" do
assert SimplePolicy.filter(remote_message) == {:ok, remote_message} assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
end end
test "is not empty but it doesn't have a matching host" do test "is not empty but activity doesn't have a matching host" do
Config.put([:mrf_simple, :accept], ["non.matching.remote"]) Config.put([:mrf_simple, :accept], ["non.matching.remote"])
local_message = build_local_message() local_message = build_local_message()
@ -274,7 +282,7 @@ test "is not empty but it doesn't have a matching host" do
assert SimplePolicy.filter(remote_message) == {:reject, nil} assert SimplePolicy.filter(remote_message) == {:reject, nil}
end end
test "has a matching host" do test "activity has a matching host" do
Config.put([:mrf_simple, :accept], ["remote.instance"]) Config.put([:mrf_simple, :accept], ["remote.instance"])
local_message = build_local_message() local_message = build_local_message()
@ -284,7 +292,7 @@ test "has a matching host" do
assert SimplePolicy.filter(remote_message) == {:ok, remote_message} assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
end end
test "match with wildcard domain" do test "activity matches with wildcard domain" do
Config.put([:mrf_simple, :accept], ["*.remote.instance"]) Config.put([:mrf_simple, :accept], ["*.remote.instance"])
local_message = build_local_message() local_message = build_local_message()
@ -293,6 +301,14 @@ test "match with wildcard domain" do
assert SimplePolicy.filter(local_message) == {:ok, local_message} assert SimplePolicy.filter(local_message) == {:ok, local_message}
assert SimplePolicy.filter(remote_message) == {:ok, remote_message} assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
end end
test "actor has a matching host" do
Config.put([:mrf_simple, :accept], ["remote.instance"])
remote_user = build_remote_user()
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
end
end end
describe "when :avatar_removal" do describe "when :avatar_removal" do