2017-08-08 21:52:15 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class ActivityPub::ProcessCollectionService < BaseService
|
|
|
|
include JsonLdHelper
|
2024-10-01 14:52:13 +02:00
|
|
|
include DomainControlHelper
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2022-09-21 22:45:57 +02:00
|
|
|
def call(body, actor, **options)
|
|
|
|
@account = actor
|
2022-02-03 14:09:04 +01:00
|
|
|
@json = original_json = Oj.load(body, mode: :strict)
|
2017-10-08 17:34:34 +02:00
|
|
|
@options = options
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2023-07-17 15:51:30 +02:00
|
|
|
return unless @json.is_a?(Hash)
|
|
|
|
|
2022-02-03 14:09:04 +01:00
|
|
|
begin
|
|
|
|
@json = compact(@json) if @json['signature'].is_a?(Hash)
|
|
|
|
rescue JSON::LD::JsonLdError => e
|
2023-02-07 03:44:36 +01:00
|
|
|
Rails.logger.debug { "Error when compacting JSON-LD document for #{value_or_id(@json['actor'])}: #{e.message}" }
|
2022-02-03 14:09:04 +01:00
|
|
|
@json = original_json.without('signature')
|
|
|
|
end
|
2022-02-03 14:07:29 +01:00
|
|
|
|
2020-11-08 00:28:39 +01:00
|
|
|
return if !supported_context? || (different_actor? && verify_account!.nil?) || suspended_actor? || @account.local?
|
2022-09-21 22:45:57 +02:00
|
|
|
return unless @account.is_a?(Account)
|
2017-08-26 13:47:38 +02:00
|
|
|
|
2022-02-03 14:09:04 +01:00
|
|
|
if @json['signature'].present?
|
|
|
|
# We have verified the signature, but in the compaction step above, might
|
|
|
|
# have introduced incompatibilities with other servers that do not
|
|
|
|
# normalize the JSON-LD documents (for instance, previous Mastodon
|
|
|
|
# versions), so skip redistribution if we can't get a safe document.
|
|
|
|
patch_for_forwarding!(original_json, @json)
|
|
|
|
@json.delete('signature') unless safe_for_forwarding?(original_json, @json)
|
|
|
|
end
|
|
|
|
|
2017-08-08 21:52:15 +02:00
|
|
|
case @json['type']
|
|
|
|
when 'Collection', 'CollectionPage'
|
|
|
|
process_items @json['items']
|
|
|
|
when 'OrderedCollection', 'OrderedCollectionPage'
|
|
|
|
process_items @json['orderedItems']
|
|
|
|
else
|
|
|
|
process_items [@json]
|
|
|
|
end
|
|
|
|
rescue Oj::ParseError
|
|
|
|
nil
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2017-08-26 13:47:38 +02:00
|
|
|
def different_actor?
|
2018-12-30 09:48:59 +01:00
|
|
|
@json['actor'].present? && value_or_id(@json['actor']) != @account.uri
|
2017-08-26 13:47:38 +02:00
|
|
|
end
|
|
|
|
|
2020-11-08 00:28:39 +01:00
|
|
|
def suspended_actor?
|
|
|
|
@account.suspended? && !activity_allowed_while_suspended?
|
|
|
|
end
|
|
|
|
|
|
|
|
def activity_allowed_while_suspended?
|
|
|
|
%w(Delete Reject Undo Update).include?(@json['type'])
|
|
|
|
end
|
|
|
|
|
2017-08-08 21:52:15 +02:00
|
|
|
def process_items(items)
|
2021-01-10 00:32:01 +01:00
|
|
|
items.reverse_each.filter_map { |item| process_item(item) }
|
2017-08-08 21:52:15 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def supported_context?
|
|
|
|
super(@json)
|
|
|
|
end
|
|
|
|
|
|
|
|
def process_item(item)
|
2020-01-10 21:57:05 +01:00
|
|
|
activity = ActivityPub::Activity.factory(item, @account, **@options)
|
2017-08-08 21:52:15 +02:00
|
|
|
activity&.perform
|
|
|
|
end
|
2017-08-26 13:47:38 +02:00
|
|
|
|
|
|
|
def verify_account!
|
2024-10-01 14:52:13 +02:00
|
|
|
return unless @json['signature'].is_a?(Hash)
|
|
|
|
return if domain_not_allowed?(@json['signature']['creator'])
|
|
|
|
|
2022-09-21 22:45:57 +02:00
|
|
|
@options[:relayed_through_actor] = @account
|
|
|
|
@account = ActivityPub::LinkedDataSignature.new(@json).verify_actor!
|
|
|
|
@account = nil unless @account.is_a?(Account)
|
|
|
|
@account
|
2023-02-06 21:00:58 +01:00
|
|
|
rescue JSON::LD::JsonLdError, RDF::WriterError => e
|
2023-02-07 03:44:36 +01:00
|
|
|
Rails.logger.debug { "Could not verify LD-Signature for #{value_or_id(@json['actor'])}: #{e.message}" }
|
2018-05-05 18:22:34 +02:00
|
|
|
nil
|
2017-08-26 13:47:38 +02:00
|
|
|
end
|
2017-08-08 21:52:15 +02:00
|
|
|
end
|