From 8d064eb451f13b2cdb444fcdbdff6057a8022ac2 Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Fri, 14 Feb 2020 21:51:57 +0100
Subject: [PATCH] rich_media/helpers.ex: Add config to disable fetching from
 remote activities

---
 CHANGELOG.md                          |  1 +
 config/description.exs                |  5 +++--
 lib/pleroma/web/rich_media/helpers.ex | 11 ++++++++++-
 test/web/rich_media/helpers_test.exs  | 20 ++++++++++++++++++++
 4 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4127e21f7..9fd1f8924 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -75,6 +75,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - A new users admin digest email
 - OAuth: admin scopes support (relevant setting: `[:auth, :enforce_oauth_admin_scope_usage]`).
 - Add an option `authorized_fetch_mode` to require HTTP signatures for AP fetches.
+- Rich Media: Add `local_only` to `[:rich_media, :enabled]`, which forbids getting link previews for remote activities
 <details>
   <summary>API Changes</summary>
 
diff --git a/config/description.exs b/config/description.exs
index 53d980c83..b0966b60c 100644
--- a/config/description.exs
+++ b/config/description.exs
@@ -2105,8 +2105,9 @@
     children: [
       %{
         key: :enabled,
-        type: :boolean,
-        description: "Enables RichMedia parsing of URLs."
+        type: [:boolean, :atom],
+        description: "Enables/disables RichMedia or allows it only on local activities",
+        suggestions: [true, false, :local_only]
       },
       %{
         key: :ignore_hosts,
diff --git a/lib/pleroma/web/rich_media/helpers.ex b/lib/pleroma/web/rich_media/helpers.ex
index 6506de46c..96c9686bc 100644
--- a/lib/pleroma/web/rich_media/helpers.ex
+++ b/lib/pleroma/web/rich_media/helpers.ex
@@ -49,8 +49,17 @@ defp get_tld(host) do
     |> hd
   end
 
+  # Comparison with true/false done to handle :local_only
+  defp can_fetch?(%Activity{local: true}) do
+    Config.get([:rich_media, :enabled]) != false
+  end
+
+  defp can_fetch?(_activity) do
+    Config.get([:rich_media, :enabled]) == true
+  end
+
   def fetch_data_for_activity(%Activity{data: %{"type" => "Create"}} = activity) do
-    with true <- Config.get([:rich_media, :enabled]),
+    with true <- can_fetch?(activity),
          %Object{} = object <- Object.normalize(activity),
          false <- object.data["sensitive"] || false,
          {:ok, page_url} <- HTML.extract_first_external_url(object, object.data["content"]),
diff --git a/test/web/rich_media/helpers_test.exs b/test/web/rich_media/helpers_test.exs
index 48884319d..e74890fd5 100644
--- a/test/web/rich_media/helpers_test.exs
+++ b/test/web/rich_media/helpers_test.exs
@@ -118,4 +118,24 @@ test "refuses to crawl URLs of private network from posts" do
     assert %{} = Helpers.fetch_data_for_activity(activity4)
     assert %{} = Helpers.fetch_data_for_activity(activity5)
   end
+
+  test "only crawls from local posts when [:rich_media, :enabled] is set to :local_only" do
+    content = ~s[<a href="https://example.com/ogp">https://example.com/ogp</a>]
+    remote_user = insert(:user, local: false)
+    local_user = insert(:user, local: true)
+    remote_note = insert(:note, %{user: remote_user, data: %{"content" => content}})
+    local_note = insert(:note, %{user: local_user, data: %{"content" => content}})
+
+    remote_activity =
+      insert(:note_activity, %{user: remote_user, note: remote_note, local: false})
+
+    local_activity = insert(:note_activity, %{user: local_user, note: local_note, local: true})
+
+    Config.put([:rich_media, :enabled], :local_only)
+
+    assert %{} == Helpers.fetch_data_for_activity(remote_activity)
+
+    assert %{page_url: "https://example.com/ogp", rich_media: _} =
+             Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(local_activity)
+  end
 end