Skip to content
Extraits de code Groupes Projets
Valider 71b83160 rédigé par Eugen Rochko's avatar Eugen Rochko
Parcourir les fichiers

Add logging for rejected ActivityPub payloads and add tests (#10062)

parent e84c7618
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
...@@ -180,4 +180,9 @@ class ActivityPub::Activity ...@@ -180,4 +180,9 @@ class ActivityPub::Activity
def requested_through_relay? def requested_through_relay?
@options[:relayed_through_account] && Relay.find_by(inbox_url: @options[:relayed_through_account].inbox_url)&.enabled? @options[:relayed_through_account] && Relay.find_by(inbox_url: @options[:relayed_through_account].inbox_url)&.enabled?
end end
def reject_payload!
Rails.logger.info("Rejected #{@json['type']} activity #{@json['id']} from #{@account.uri}#{@options[:relayed_through_account] && "via #{@options[:relayed_through_account].uri}"}")
nil
end
end end
...@@ -2,9 +2,11 @@ ...@@ -2,9 +2,11 @@
class ActivityPub::Activity::Announce < ActivityPub::Activity class ActivityPub::Activity::Announce < ActivityPub::Activity
def perform def perform
return reject_payload! if delete_arrived_first?(@json['id']) || !related_to_local_activity?
original_status = status_from_object original_status = status_from_object
return if original_status.nil? || delete_arrived_first?(@json['id']) || !announceable?(original_status) || !related_to_local_activity? return reject_payload! if original_status.nil? || !announceable?(original_status)
status = Status.find_by(account: @account, reblog: original_status) status = Status.find_by(account: @account, reblog: original_status)
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
class ActivityPub::Activity::Create < ActivityPub::Activity class ActivityPub::Activity::Create < ActivityPub::Activity
def perform def perform
return if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity? return reject_payload! if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?
RedisLock.acquire(lock_options) do |lock| RedisLock.acquire(lock_options) do |lock|
if lock.acquired? if lock.acquired?
......
...@@ -18,16 +18,63 @@ RSpec.describe ActivityPub::Activity::Announce do ...@@ -18,16 +18,63 @@ RSpec.describe ActivityPub::Activity::Announce do
subject { described_class.new(json, sender) } subject { described_class.new(json, sender) }
before do before do
Fabricate(:account).follow!(sender)
sender.update(uri: ActivityPub::TagManager.instance.uri_for(sender)) sender.update(uri: ActivityPub::TagManager.instance.uri_for(sender))
end end
describe '#perform' do describe '#perform' do
before do context 'when sender is followed by a local account' do
subject.perform before do
Fabricate(:account).follow!(sender)
subject.perform
end
context 'a known status' do
let(:object_json) do
ActivityPub::TagManager.instance.uri_for(status)
end
it 'creates a reblog by sender of status' do
expect(sender.reblogged?(status)).to be true
end
end
context 'self-boost of a previously unknown status with missing attributedTo' do
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end
it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
end
end
context 'self-boost of a previously unknown status with correct attributedTo' do
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
to: 'http://example.com/followers',
}
end
it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
end
end
end end
context 'a known status' do context 'when the status belongs to a local user' do
before do
subject.perform
end
let(:object_json) do let(:object_json) do
ActivityPub::TagManager.instance.uri_for(status) ActivityPub::TagManager.instance.uri_for(status)
end end
...@@ -37,34 +84,68 @@ RSpec.describe ActivityPub::Activity::Announce do ...@@ -37,34 +84,68 @@ RSpec.describe ActivityPub::Activity::Announce do
end end
end end
context 'self-boost of a previously unknown status with missing attributedTo' do context 'when the sender is relayed' do
let(:object_json) do let!(:relay_account) { Fabricate(:account, inbox_url: 'https://relay.example.com/inbox') }
{ let!(:relay) { Fabricate(:relay, inbox_url: 'https://relay.example.com/inbox') }
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note', subject { described_class.new(json, sender, relayed_through_account: relay_account) }
content: 'Lorem ipsum',
to: 'http://example.com/followers', context 'and the relay is enabled' do
} before do
relay.update(state: :accepted)
subject.perform
end
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end
it 'creates a reblog by sender of status' do
expect(sender.statuses.count).to eq 2
end
end end
it 'creates a reblog by sender of status' do context 'and the relay is disabled' do
expect(sender.reblogged?(sender.statuses.first)).to be true before do
subject.perform
end
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end
it 'does not create anything' do
expect(sender.statuses.count).to eq 0
end
end end
end end
context 'self-boost of a previously unknown status with correct attributedTo' do context 'when the sender has no relevance to local activity' do
before do
subject.perform
end
let(:object_json) do let(:object_json) do
{ {
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join, id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note', type: 'Note',
content: 'Lorem ipsum', content: 'Lorem ipsum',
attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
to: 'http://example.com/followers', to: 'http://example.com/followers',
} }
end end
it 'creates a reblog by sender of status' do it 'does not create anything' do
expect(sender.reblogged?(sender.statuses.first)).to be true expect(sender.statuses.count).to eq 0
end end
end end
end end
......
Ce diff est replié.
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter