[github/Chocobozzz/PeerTube.git] / server / lib / activitypub / actor.ts

import * as Bluebird from 'bluebird'
import { extname } from 'path'
import { Op, Transaction } from 'sequelize'
import { URL } from 'url'
import { v4 as uuidv4 } from 'uuid'
import { getServerActor } from '@server/models/application/application'
import { ActorImageType } from '@shared/models'
import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
import { ActivityPubActor, ActivityPubActorType, ActivityPubOrderedCollection } from '../../../shared/models/activitypub'
import { ActivityPubAttributedTo } from '../../../shared/models/activitypub/objects'
import { checkUrlsSameHost, getAPId } from '../../helpers/activitypub'
import { ActorFetchByUrlType, fetchActorByUrl } from '../../helpers/actor'
import { sanitizeAndCheckActorObject } from '../../helpers/custom-validators/activitypub/actor'
import { isActivityPubUrlValid } from '../../helpers/custom-validators/activitypub/misc'
import { retryTransactionWrapper, updateInstanceWithAnother } from '../../helpers/database-utils'
import { logger } from '../../helpers/logger'
import { createPrivateAndPublicKeys } from '../../helpers/peertube-crypto'
import { doJSONRequest, PeerTubeRequestError } from '../../helpers/requests'
import { getUrlFromWebfinger } from '../../helpers/webfinger'
import { MIMETYPES, WEBSERVER } from '../../initializers/constants'
import { sequelizeTypescript } from '../../initializers/database'
import { AccountModel } from '../../models/account/account'
import { ActorModel } from '../../models/actor/actor'
import { ActorImageModel } from '../../models/actor/actor-image'
import { ServerModel } from '../../models/server/server'
import { VideoChannelModel } from '../../models/video/video-channel'
import {
  MAccount,
  MAccountDefault,
  MActor,
  MActorAccountChannelId,
  MActorAccountChannelIdActor,
  MActorAccountId,
  MActorFull,
  MActorFullActor,
  MActorId,
  MActorImage,
  MActorImages,
  MChannel
} from '../../types/models'
import { JobQueue } from '../job-queue'

// Set account keys, this could be long so process after the account creation and do not block the client
async function generateAndSaveActorKeys <T extends MActor> (actor: T) {
  const { publicKey, privateKey } = await createPrivateAndPublicKeys()

  actor.publicKey = publicKey
  actor.privateKey = privateKey

  return actor.save()
}

function getOrCreateActorAndServerAndModel (
  activityActor: string | ActivityPubActor,
  fetchType: 'all',
  recurseIfNeeded?: boolean,
  updateCollections?: boolean
): Promise<MActorFullActor>

function getOrCreateActorAndServerAndModel (
  activityActor: string | ActivityPubActor,
  fetchType?: 'association-ids',
  recurseIfNeeded?: boolean,
  updateCollections?: boolean
): Promise<MActorAccountChannelId>

async function getOrCreateActorAndServerAndModel (
  activityActor: string | ActivityPubActor,
  fetchType: ActorFetchByUrlType = 'association-ids',
  recurseIfNeeded = true,
  updateCollections = false
): Promise<MActorFullActor | MActorAccountChannelId> {
  const actorUrl = getAPId(activityActor)
  let created = false
  let accountPlaylistsUrl: string

  let actor = await fetchActorByUrl(actorUrl, fetchType)
  // Orphan actor (not associated to an account of channel) so recreate it
  if (actor && (!actor.Account && !actor.VideoChannel)) {
    await actor.destroy()
    actor = null
  }

  // We don't have this actor in our database, fetch it on remote
  if (!actor) {
    const { result } = await fetchRemoteActor(actorUrl)
    if (result === undefined) throw new Error('Cannot fetch remote actor ' + actorUrl)

    // Create the attributed to actor
    // In PeerTube a video channel is owned by an account
    let ownerActor: MActorFullActor
    if (recurseIfNeeded === true && result.actor.type === 'Group') {
      const accountAttributedTo = result.attributedTo.find(a => a.type === 'Person')
      if (!accountAttributedTo) throw new Error('Cannot find account attributed to video channel ' + actor.url)

      if (checkUrlsSameHost(accountAttributedTo.id, actorUrl) !== true) {
        throw new Error(`Account attributed to ${accountAttributedTo.id} does not have the same host than actor url ${actorUrl}`)
      }

      try {
        // Don't recurse another time
        const recurseIfNeeded = false
        ownerActor = await getOrCreateActorAndServerAndModel(accountAttributedTo.id, 'all', recurseIfNeeded)
      } catch (err) {
        logger.error('Cannot get or create account attributed to video channel ' + actorUrl)
        throw new Error(err)
      }
    }

    actor = await retryTransactionWrapper(saveActorAndServerAndModelIfNotExist, result, ownerActor)
    created = true
    accountPlaylistsUrl = result.playlists
  }

  if (actor.Account) (actor as MActorAccountChannelIdActor).Account.Actor = actor
  if (actor.VideoChannel) (actor as MActorAccountChannelIdActor).VideoChannel.Actor = actor

  const { actor: actorRefreshed, refreshed } = await retryTransactionWrapper(refreshActorIfNeeded, actor, fetchType)
  if (!actorRefreshed) throw new Error('Actor ' + actor.url + ' does not exist anymore.')

  if ((created === true || refreshed === true) && updateCollections === true) {
    const payload = { uri: actor.outboxUrl, type: 'activity' as 'activity' }
    await JobQueue.Instance.createJobWithPromise({ type: 'activitypub-http-fetcher', payload })
  }

  // We created a new account: fetch the playlists
  if (created === true && actor.Account && accountPlaylistsUrl) {
    const payload = { uri: accountPlaylistsUrl, accountId: actor.Account.id, type: 'account-playlists' as 'account-playlists' }
    await JobQueue.Instance.createJobWithPromise({ type: 'activitypub-http-fetcher', payload })
  }

  return actorRefreshed
}

function buildActorInstance (type: ActivityPubActorType, url: string, preferredUsername: string) {
  return new ActorModel({
    type,
    url,
    preferredUsername,
    publicKey: null,
    privateKey: null,
    followersCount: 0,
    followingCount: 0,
    inboxUrl: url + '/inbox',
    outboxUrl: url + '/outbox',
    sharedInboxUrl: WEBSERVER.URL + '/inbox',
    followersUrl: url + '/followers',
    followingUrl: url + '/following'
  }) as MActor
}

async function updateActorInstance (actorInstance: ActorModel, attributes: ActivityPubActor) {
  const followersCount = await fetchActorTotalItems(attributes.followers)
  const followingCount = await fetchActorTotalItems(attributes.following)

  actorInstance.type = attributes.type
  actorInstance.preferredUsername = attributes.preferredUsername
  actorInstance.url = attributes.id
  actorInstance.publicKey = attributes.publicKey.publicKeyPem
  actorInstance.followersCount = followersCount
  actorInstance.followingCount = followingCount
  actorInstance.inboxUrl = attributes.inbox
  actorInstance.outboxUrl = attributes.outbox
  actorInstance.followersUrl = attributes.followers
  actorInstance.followingUrl = attributes.following

  if (attributes.published) actorInstance.remoteCreatedAt = new Date(attributes.published)

  if (attributes.endpoints?.sharedInbox) {
    actorInstance.sharedInboxUrl = attributes.endpoints.sharedInbox
  }
}

type ImageInfo = {
  name: string
  fileUrl: string
  height: number
  width: number
  onDisk?: boolean
}
async function updateActorImageInstance (actor: MActorImages, type: ActorImageType, imageInfo: ImageInfo | null, t: Transaction) {
  const oldImageModel = type === ActorImageType.AVATAR
    ? actor.Avatar
    : actor.Banner

  if (oldImageModel) {
    // Don't update the avatar if the file URL did not change
    if (imageInfo?.fileUrl && oldImageModel.fileUrl === imageInfo.fileUrl) return actor

    try {
      await oldImageModel.destroy({ transaction: t })

      setActorImage(actor, type, null)
    } catch (err) {
      logger.error('Cannot remove old actor image of actor %s.', actor.url, { err })
    }
  }

  if (imageInfo) {
    const imageModel = await ActorImageModel.create({
      filename: imageInfo.name,
      onDisk: imageInfo.onDisk ?? false,
      fileUrl: imageInfo.fileUrl,
      height: imageInfo.height,
      width: imageInfo.width,
      type
    }, { transaction: t })

    setActorImage(actor, type, imageModel)
  }

  return actor
}

async function deleteActorImageInstance (actor: MActorImages, type: ActorImageType, t: Transaction) {
  try {
    if (type === ActorImageType.AVATAR) {
      await actor.Avatar.destroy({ transaction: t })

      actor.avatarId = null
      actor.Avatar = null
    } else {
      await actor.Banner.destroy({ transaction: t })

      actor.bannerId = null
      actor.Banner = null
    }
  } catch (err) {
    logger.error('Cannot remove old image of actor %s.', actor.url, { err })
  }

  return actor
}

async function fetchActorTotalItems (url: string) {
  try {
    const { body } = await doJSONRequest<ActivityPubOrderedCollection<unknown>>(url, { activityPub: true })

    return body.totalItems || 0
  } catch (err) {
    logger.warn('Cannot fetch remote actor count %s.', url, { err })
    return 0
  }
}

function getImageInfoIfExists (actorJSON: ActivityPubActor, type: ActorImageType) {
  const mimetypes = MIMETYPES.IMAGE
  const icon = type === ActorImageType.AVATAR
    ? actorJSON.icon
    : actorJSON.image

  if (!icon || icon.type !== 'Image' || !isActivityPubUrlValid(icon.url)) return undefined

  let extension: string

  if (icon.mediaType) {
    extension = mimetypes.MIMETYPE_EXT[icon.mediaType]
  } else {
    const tmp = extname(icon.url)

    if (mimetypes.EXT_MIMETYPE[tmp] !== undefined) extension = tmp
  }

  if (!extension) return undefined

  return {
    name: uuidv4() + extension,
    fileUrl: icon.url,
    height: icon.height,
    width: icon.width,
    type
  }
}

async function addFetchOutboxJob (actor: Pick<ActorModel, 'id' | 'outboxUrl'>) {
  // Don't fetch ourselves
  const serverActor = await getServerActor()
  if (serverActor.id === actor.id) {
    logger.error('Cannot fetch our own outbox!')
    return undefined
  }

  const payload = {
    uri: actor.outboxUrl,
    type: 'activity' as 'activity'
  }

  return JobQueue.Instance.createJob({ type: 'activitypub-http-fetcher', payload })
}

async function refreshActorIfNeeded <T extends MActorFull | MActorAccountChannelId> (
  actorArg: T,
  fetchedType: ActorFetchByUrlType
): Promise<{ actor: T | MActorFull, refreshed: boolean }> {
  if (!actorArg.isOutdated()) return { actor: actorArg, refreshed: false }

  // We need more attributes
  const actor = fetchedType === 'all'
    ? actorArg as MActorFull
    : await ActorModel.loadByUrlAndPopulateAccountAndChannel(actorArg.url)

  try {
    let actorUrl: string
    try {
      actorUrl = await getUrlFromWebfinger(actor.preferredUsername + '@' + actor.getHost())
    } catch (err) {
      logger.warn('Cannot get actor URL from webfinger, keeping the old one.', err)
      actorUrl = actor.url
    }

    const { result } = await fetchRemoteActor(actorUrl)

    if (result === undefined) {
      logger.warn('Cannot fetch remote actor in refresh actor.')
      return { actor, refreshed: false }
    }

    return sequelizeTypescript.transaction(async t => {
      updateInstanceWithAnother(actor, result.actor)

      await updateActorImageInstance(actor, ActorImageType.AVATAR, result.avatar, t)
      await updateActorImageInstance(actor, ActorImageType.BANNER, result.banner, t)

      // Force update
      actor.setDataValue('updatedAt', new Date())
      await actor.save({ transaction: t })

      if (actor.Account) {
        actor.Account.name = result.name
        actor.Account.description = result.summary

        await actor.Account.save({ transaction: t })
      } else if (actor.VideoChannel) {
        actor.VideoChannel.name = result.name
        actor.VideoChannel.description = result.summary
        actor.VideoChannel.support = result.support

        await actor.VideoChannel.save({ transaction: t })
      }

      return { refreshed: true, actor }
    })
  } catch (err) {
    if ((err as PeerTubeRequestError).statusCode === HttpStatusCode.NOT_FOUND_404) {
      logger.info('Deleting actor %s because there is a 404 in refresh actor.', actor.url)
      actor.Account
        ? await actor.Account.destroy()
        : await actor.VideoChannel.destroy()

      return { actor: undefined, refreshed: false }
    }

    logger.warn('Cannot refresh actor %s.', actor.url, { err })
    return { actor, refreshed: false }
  }
}

export {
  getOrCreateActorAndServerAndModel,
  buildActorInstance,
  generateAndSaveActorKeys,
  fetchActorTotalItems,
  getImageInfoIfExists,
  updateActorInstance,
  deleteActorImageInstance,
  refreshActorIfNeeded,
  updateActorImageInstance,
  addFetchOutboxJob
}

// ---------------------------------------------------------------------------

function setActorImage (actorModel: MActorImages, type: ActorImageType, imageModel: MActorImage) {
  const id = imageModel
    ? imageModel.id
    : null

  if (type === ActorImageType.AVATAR) {
    actorModel.avatarId = id
    actorModel.Avatar = imageModel
  } else {
    actorModel.bannerId = id
    actorModel.Banner = imageModel
  }

  return actorModel
}

function saveActorAndServerAndModelIfNotExist (
  result: FetchRemoteActorResult,
  ownerActor?: MActorFullActor,
  t?: Transaction
): Bluebird<MActorFullActor> | Promise<MActorFullActor> {
  const actor = result.actor

  if (t !== undefined) return save(t)

  return sequelizeTypescript.transaction(t => save(t))

  async function save (t: Transaction) {
    const actorHost = new URL(actor.url).host

    const serverOptions = {
      where: {
        host: actorHost
      },
      defaults: {
        host: actorHost
      },
      transaction: t
    }
    const [ server ] = await ServerModel.findOrCreate(serverOptions)

    // Save our new account in database
    actor.serverId = server.id

    // Avatar?
    if (result.avatar) {
      const avatar = await ActorImageModel.create({
        filename: result.avatar.name,
        fileUrl: result.avatar.fileUrl,
        width: result.avatar.width,
        height: result.avatar.height,
        onDisk: false,
        type: ActorImageType.AVATAR
      }, { transaction: t })

      actor.avatarId = avatar.id
    }

    // Banner?
    if (result.banner) {
      const banner = await ActorImageModel.create({
        filename: result.banner.name,
        fileUrl: result.banner.fileUrl,
        width: result.banner.width,
        height: result.banner.height,
        onDisk: false,
        type: ActorImageType.BANNER
      }, { transaction: t })

      actor.bannerId = banner.id
    }

    // Force the actor creation, sometimes Sequelize skips the save() when it thinks the instance already exists
    // (which could be false in a retried query)
    const [ actorCreated, created ] = await ActorModel.findOrCreate<MActorFullActor>({
      defaults: actor.toJSON(),
      where: {
        [Op.or]: [
          {
            url: actor.url
          },
          {
            serverId: actor.serverId,
            preferredUsername: actor.preferredUsername
          }
        ]
      },
      transaction: t
    })

    // Try to fix non HTTPS accounts of remote instances that fixed their URL afterwards
    if (created !== true && actorCreated.url !== actor.url) {
      // Only fix http://example.com/account/djidane to https://example.com/account/djidane
      if (actorCreated.url.replace(/^http:\/\//, '') !== actor.url.replace(/^https:\/\//, '')) {
        throw new Error(`Actor from DB with URL ${actorCreated.url} does not correspond to actor ${actor.url}`)
      }

      actorCreated.url = actor.url
      await actorCreated.save({ transaction: t })
    }

    if (actorCreated.type === 'Person' || actorCreated.type === 'Application') {
      actorCreated.Account = await saveAccount(actorCreated, result, t) as MAccountDefault
      actorCreated.Account.Actor = actorCreated
    } else if (actorCreated.type === 'Group') { // Video channel
      const channel = await saveVideoChannel(actorCreated, result, ownerActor, t)
      actorCreated.VideoChannel = Object.assign(channel, { Actor: actorCreated, Account: ownerActor.Account })
    }

    actorCreated.Server = server

    return actorCreated
  }
}

type ImageResult = {
  name: string
  fileUrl: string
  height: number
  width: number
}

type FetchRemoteActorResult = {
  actor: MActor
  name: string
  summary: string
  support?: string
  playlists?: string
  avatar?: ImageResult
  banner?: ImageResult
  attributedTo: ActivityPubAttributedTo[]
}
async function fetchRemoteActor (actorUrl: string): Promise<{ statusCode?: number, result: FetchRemoteActorResult }> {
  logger.info('Fetching remote actor %s.', actorUrl)

  const requestResult = await doJSONRequest<ActivityPubActor>(actorUrl, { activityPub: true })
  const actorJSON = requestResult.body

  if (sanitizeAndCheckActorObject(actorJSON) === false) {
    logger.debug('Remote actor JSON is not valid.', { actorJSON })
    return { result: undefined, statusCode: requestResult.statusCode }
  }

  if (checkUrlsSameHost(actorJSON.id, actorUrl) !== true) {
    logger.warn('Actor url %s has not the same host than its AP id %s', actorUrl, actorJSON.id)
    return { result: undefined, statusCode: requestResult.statusCode }
  }

  const followersCount = await fetchActorTotalItems(actorJSON.followers)
  const followingCount = await fetchActorTotalItems(actorJSON.following)

  const actor = new ActorModel({
    type: actorJSON.type,
    preferredUsername: actorJSON.preferredUsername,
    url: actorJSON.id,
    publicKey: actorJSON.publicKey.publicKeyPem,
    privateKey: null,
    followersCount: followersCount,
    followingCount: followingCount,
    inboxUrl: actorJSON.inbox,
    outboxUrl: actorJSON.outbox,
    followersUrl: actorJSON.followers,
    followingUrl: actorJSON.following,

    sharedInboxUrl: actorJSON.endpoints?.sharedInbox
      ? actorJSON.endpoints.sharedInbox
      : null
  })

  const avatarInfo = getImageInfoIfExists(actorJSON, ActorImageType.AVATAR)
  const bannerInfo = getImageInfoIfExists(actorJSON, ActorImageType.BANNER)

  const name = actorJSON.name || actorJSON.preferredUsername
  return {
    statusCode: requestResult.statusCode,
    result: {
      actor,
      name,
      avatar: avatarInfo,
      banner: bannerInfo,
      summary: actorJSON.summary,
      support: actorJSON.support,
      playlists: actorJSON.playlists,
      attributedTo: actorJSON.attributedTo
    }
  }
}

async function saveAccount (actor: MActorId, result: FetchRemoteActorResult, t: Transaction) {
  const [ accountCreated ] = await AccountModel.findOrCreate({
    defaults: {
      name: result.name,
      description: result.summary,
      actorId: actor.id
    },
    where: {
      actorId: actor.id
    },
    transaction: t
  })

  return accountCreated as MAccount
}

async function saveVideoChannel (actor: MActorId, result: FetchRemoteActorResult, ownerActor: MActorAccountId, t: Transaction) {
  const [ videoChannelCreated ] = await VideoChannelModel.findOrCreate({
    defaults: {
      name: result.name,
      description: result.summary,
      support: result.support,
      actorId: actor.id,
      accountId: ownerActor.Account.id
    },
    where: {
      actorId: actor.id
    },
    transaction: t
  })

  return videoChannelCreated as MChannel
}
Commit	Line	Data
	1	import * as Bluebird from 'bluebird'
	2	import { extname } from 'path'
	3	import { Op, Transaction } from 'sequelize'
	4	import { URL } from 'url'
	5	import { v4 as uuidv4 } from 'uuid'
	6	import { getServerActor } from '@server/models/application/application'
	7	import { ActorImageType } from '@shared/models'
	8	import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
	9	import { ActivityPubActor, ActivityPubActorType, ActivityPubOrderedCollection } from '../../../shared/models/activitypub'
	10	import { ActivityPubAttributedTo } from '../../../shared/models/activitypub/objects'
	11	import { checkUrlsSameHost, getAPId } from '../../helpers/activitypub'
	12	import { ActorFetchByUrlType, fetchActorByUrl } from '../../helpers/actor'
	13	import { sanitizeAndCheckActorObject } from '../../helpers/custom-validators/activitypub/actor'
	14	import { isActivityPubUrlValid } from '../../helpers/custom-validators/activitypub/misc'
	15	import { retryTransactionWrapper, updateInstanceWithAnother } from '../../helpers/database-utils'
	16	import { logger } from '../../helpers/logger'
	17	import { createPrivateAndPublicKeys } from '../../helpers/peertube-crypto'
	18	import { doJSONRequest, PeerTubeRequestError } from '../../helpers/requests'
	19	import { getUrlFromWebfinger } from '../../helpers/webfinger'
	20	import { MIMETYPES, WEBSERVER } from '../../initializers/constants'
	21	import { sequelizeTypescript } from '../../initializers/database'
	22	import { AccountModel } from '../../models/account/account'
	23	import { ActorModel } from '../../models/actor/actor'
	24	import { ActorImageModel } from '../../models/actor/actor-image'
	25	import { ServerModel } from '../../models/server/server'
	26	import { VideoChannelModel } from '../../models/video/video-channel'
	27	import {
	28	MAccount,
	29	MAccountDefault,
	30	MActor,
	31	MActorAccountChannelId,
	32	MActorAccountChannelIdActor,
	33	MActorAccountId,
	34	MActorFull,
	35	MActorFullActor,
	36	MActorId,
	37	MActorImage,
	38	MActorImages,
	39	MChannel
	40	} from '../../types/models'
	41	import { JobQueue } from '../job-queue'
	42
	43	// Set account keys, this could be long so process after the account creation and do not block the client
	44	async function generateAndSaveActorKeys <T extends MActor> (actor: T) {
	45	const { publicKey, privateKey } = await createPrivateAndPublicKeys()
	46
	47	actor.publicKey = publicKey
	48	actor.privateKey = privateKey
	49
	50	return actor.save()
	51	}
	52
	53	function getOrCreateActorAndServerAndModel (
	54	activityActor: string \| ActivityPubActor,
	55	fetchType: 'all',
	56	recurseIfNeeded?: boolean,
	57	updateCollections?: boolean
	58	): Promise<MActorFullActor>
	59
	60	function getOrCreateActorAndServerAndModel (
	61	activityActor: string \| ActivityPubActor,
	62	fetchType?: 'association-ids',
	63	recurseIfNeeded?: boolean,
	64	updateCollections?: boolean
	65	): Promise<MActorAccountChannelId>
	66
	67	async function getOrCreateActorAndServerAndModel (
	68	activityActor: string \| ActivityPubActor,
	69	fetchType: ActorFetchByUrlType = 'association-ids',
	70	recurseIfNeeded = true,
	71	updateCollections = false
	72	): Promise<MActorFullActor \| MActorAccountChannelId> {
	73	const actorUrl = getAPId(activityActor)
	74	let created = false
	75	let accountPlaylistsUrl: string
	76
	77	let actor = await fetchActorByUrl(actorUrl, fetchType)
	78	// Orphan actor (not associated to an account of channel) so recreate it
	79	if (actor && (!actor.Account && !actor.VideoChannel)) {
	80	await actor.destroy()
	81	actor = null
	82	}
	83
	84	// We don't have this actor in our database, fetch it on remote
	85	if (!actor) {
	86	const { result } = await fetchRemoteActor(actorUrl)
	87	if (result === undefined) throw new Error('Cannot fetch remote actor ' + actorUrl)
	88
	89	// Create the attributed to actor
	90	// In PeerTube a video channel is owned by an account
	91	let ownerActor: MActorFullActor
	92	if (recurseIfNeeded === true && result.actor.type === 'Group') {
	93	const accountAttributedTo = result.attributedTo.find(a => a.type === 'Person')
	94	if (!accountAttributedTo) throw new Error('Cannot find account attributed to video channel ' + actor.url)
	95
	96	if (checkUrlsSameHost(accountAttributedTo.id, actorUrl) !== true) {
	97	throw new Error(`Account attributed to ${accountAttributedTo.id} does not have the same host than actor url ${actorUrl}`)
	98	}
	99
	100	try {
	101	// Don't recurse another time
	102	const recurseIfNeeded = false
	103	ownerActor = await getOrCreateActorAndServerAndModel(accountAttributedTo.id, 'all', recurseIfNeeded)
	104	} catch (err) {
	105	logger.error('Cannot get or create account attributed to video channel ' + actorUrl)
	106	throw new Error(err)
	107	}
	108	}
	109
	110	actor = await retryTransactionWrapper(saveActorAndServerAndModelIfNotExist, result, ownerActor)
	111	created = true
	112	accountPlaylistsUrl = result.playlists
	113	}
	114
	115	if (actor.Account) (actor as MActorAccountChannelIdActor).Account.Actor = actor
	116	if (actor.VideoChannel) (actor as MActorAccountChannelIdActor).VideoChannel.Actor = actor
	117
	118	const { actor: actorRefreshed, refreshed } = await retryTransactionWrapper(refreshActorIfNeeded, actor, fetchType)
	119	if (!actorRefreshed) throw new Error('Actor ' + actor.url + ' does not exist anymore.')
	120
	121	if ((created === true \|\| refreshed === true) && updateCollections === true) {
	122	const payload = { uri: actor.outboxUrl, type: 'activity' as 'activity' }
	123	await JobQueue.Instance.createJobWithPromise({ type: 'activitypub-http-fetcher', payload })
	124	}
	125
	126	// We created a new account: fetch the playlists
	127	if (created === true && actor.Account && accountPlaylistsUrl) {
	128	const payload = { uri: accountPlaylistsUrl, accountId: actor.Account.id, type: 'account-playlists' as 'account-playlists' }
	129	await JobQueue.Instance.createJobWithPromise({ type: 'activitypub-http-fetcher', payload })
	130	}
	131
	132	return actorRefreshed
	133	}
	134
	135	function buildActorInstance (type: ActivityPubActorType, url: string, preferredUsername: string) {
	136	return new ActorModel({
	137	type,
	138	url,
	139	preferredUsername,
	140	publicKey: null,
	141	privateKey: null,
	142	followersCount: 0,
	143	followingCount: 0,
	144	inboxUrl: url + '/inbox',
	145	outboxUrl: url + '/outbox',
	146	sharedInboxUrl: WEBSERVER.URL + '/inbox',
	147	followersUrl: url + '/followers',
	148	followingUrl: url + '/following'
	149	}) as MActor
	150	}
	151
	152	async function updateActorInstance (actorInstance: ActorModel, attributes: ActivityPubActor) {
	153	const followersCount = await fetchActorTotalItems(attributes.followers)
	154	const followingCount = await fetchActorTotalItems(attributes.following)
	155
	156	actorInstance.type = attributes.type
	157	actorInstance.preferredUsername = attributes.preferredUsername
	158	actorInstance.url = attributes.id
	159	actorInstance.publicKey = attributes.publicKey.publicKeyPem
	160	actorInstance.followersCount = followersCount
	161	actorInstance.followingCount = followingCount
	162	actorInstance.inboxUrl = attributes.inbox
	163	actorInstance.outboxUrl = attributes.outbox
	164	actorInstance.followersUrl = attributes.followers
	165	actorInstance.followingUrl = attributes.following
	166
	167	if (attributes.published) actorInstance.remoteCreatedAt = new Date(attributes.published)
	168
	169	if (attributes.endpoints?.sharedInbox) {
	170	actorInstance.sharedInboxUrl = attributes.endpoints.sharedInbox
	171	}
	172	}
	173
	174	type ImageInfo = {
	175	name: string
	176	fileUrl: string
	177	height: number
	178	width: number
	179	onDisk?: boolean
	180	}
	181	async function updateActorImageInstance (actor: MActorImages, type: ActorImageType, imageInfo: ImageInfo \| null, t: Transaction) {
	182	const oldImageModel = type === ActorImageType.AVATAR
	183	? actor.Avatar
	184	: actor.Banner
	185
	186	if (oldImageModel) {
	187	// Don't update the avatar if the file URL did not change
	188	if (imageInfo?.fileUrl && oldImageModel.fileUrl === imageInfo.fileUrl) return actor
	189
	190	try {
	191	await oldImageModel.destroy({ transaction: t })
	192
	193	setActorImage(actor, type, null)
	194	} catch (err) {
	195	logger.error('Cannot remove old actor image of actor %s.', actor.url, { err })
	196	}
	197	}
	198
	199	if (imageInfo) {
	200	const imageModel = await ActorImageModel.create({
	201	filename: imageInfo.name,
	202	onDisk: imageInfo.onDisk ?? false,
	203	fileUrl: imageInfo.fileUrl,
	204	height: imageInfo.height,
	205	width: imageInfo.width,
	206	type
	207	}, { transaction: t })
	208
	209	setActorImage(actor, type, imageModel)
	210	}
	211
	212	return actor
	213	}
	214
	215	async function deleteActorImageInstance (actor: MActorImages, type: ActorImageType, t: Transaction) {
	216	try {
	217	if (type === ActorImageType.AVATAR) {
	218	await actor.Avatar.destroy({ transaction: t })
	219
	220	actor.avatarId = null
	221	actor.Avatar = null
	222	} else {
	223	await actor.Banner.destroy({ transaction: t })
	224
	225	actor.bannerId = null
	226	actor.Banner = null
	227	}
	228	} catch (err) {
	229	logger.error('Cannot remove old image of actor %s.', actor.url, { err })
	230	}
	231
	232	return actor
	233	}
	234
	235	async function fetchActorTotalItems (url: string) {
	236	try {
	237	const { body } = await doJSONRequest<ActivityPubOrderedCollection<unknown>>(url, { activityPub: true })
	238
	239	return body.totalItems \|\| 0
	240	} catch (err) {
	241	logger.warn('Cannot fetch remote actor count %s.', url, { err })
	242	return 0
	243	}
	244	}
	245
	246	function getImageInfoIfExists (actorJSON: ActivityPubActor, type: ActorImageType) {
	247	const mimetypes = MIMETYPES.IMAGE
	248	const icon = type === ActorImageType.AVATAR
	249	? actorJSON.icon
	250	: actorJSON.image
	251
	252	if (!icon \|\| icon.type !== 'Image' \|\| !isActivityPubUrlValid(icon.url)) return undefined
	253
	254	let extension: string
	255
	256	if (icon.mediaType) {
	257	extension = mimetypes.MIMETYPE_EXT[icon.mediaType]
	258	} else {
	259	const tmp = extname(icon.url)
	260
	261	if (mimetypes.EXT_MIMETYPE[tmp] !== undefined) extension = tmp
	262	}
	263
	264	if (!extension) return undefined
	265
	266	return {
	267	name: uuidv4() + extension,
	268	fileUrl: icon.url,
	269	height: icon.height,
	270	width: icon.width,
	271	type
	272	}
	273	}
	274
	275	async function addFetchOutboxJob (actor: Pick<ActorModel, 'id' \| 'outboxUrl'>) {
	276	// Don't fetch ourselves
	277	const serverActor = await getServerActor()
	278	if (serverActor.id === actor.id) {
	279	logger.error('Cannot fetch our own outbox!')
	280	return undefined
	281	}
	282
	283	const payload = {
	284	uri: actor.outboxUrl,
	285	type: 'activity' as 'activity'
	286	}
	287
	288	return JobQueue.Instance.createJob({ type: 'activitypub-http-fetcher', payload })
	289	}
	290
	291	async function refreshActorIfNeeded <T extends MActorFull \| MActorAccountChannelId> (
	292	actorArg: T,
	293	fetchedType: ActorFetchByUrlType
	294	): Promise<{ actor: T \| MActorFull, refreshed: boolean }> {
	295	if (!actorArg.isOutdated()) return { actor: actorArg, refreshed: false }
	296
	297	// We need more attributes
	298	const actor = fetchedType === 'all'
	299	? actorArg as MActorFull
	300	: await ActorModel.loadByUrlAndPopulateAccountAndChannel(actorArg.url)
	301
	302	try {
	303	let actorUrl: string
	304	try {
	305	actorUrl = await getUrlFromWebfinger(actor.preferredUsername + '@' + actor.getHost())
	306	} catch (err) {
	307	logger.warn('Cannot get actor URL from webfinger, keeping the old one.', err)
	308	actorUrl = actor.url
	309	}
	310
	311	const { result } = await fetchRemoteActor(actorUrl)
	312
	313	if (result === undefined) {
	314	logger.warn('Cannot fetch remote actor in refresh actor.')
	315	return { actor, refreshed: false }
	316	}
	317
	318	return sequelizeTypescript.transaction(async t => {
	319	updateInstanceWithAnother(actor, result.actor)
	320
	321	await updateActorImageInstance(actor, ActorImageType.AVATAR, result.avatar, t)
	322	await updateActorImageInstance(actor, ActorImageType.BANNER, result.banner, t)
	323
	324	// Force update
	325	actor.setDataValue('updatedAt', new Date())
	326	await actor.save({ transaction: t })
	327
	328	if (actor.Account) {
	329	actor.Account.name = result.name
	330	actor.Account.description = result.summary
	331
	332	await actor.Account.save({ transaction: t })
	333	} else if (actor.VideoChannel) {
	334	actor.VideoChannel.name = result.name
	335	actor.VideoChannel.description = result.summary
	336	actor.VideoChannel.support = result.support
	337
	338	await actor.VideoChannel.save({ transaction: t })
	339	}
	340
	341	return { refreshed: true, actor }
	342	})
	343	} catch (err) {
	344	if ((err as PeerTubeRequestError).statusCode === HttpStatusCode.NOT_FOUND_404) {
	345	logger.info('Deleting actor %s because there is a 404 in refresh actor.', actor.url)
	346	actor.Account
	347	? await actor.Account.destroy()
	348	: await actor.VideoChannel.destroy()
	349
	350	return { actor: undefined, refreshed: false }
	351	}
	352
	353	logger.warn('Cannot refresh actor %s.', actor.url, { err })
	354	return { actor, refreshed: false }
	355	}
	356	}
	357
	358	export {
	359	getOrCreateActorAndServerAndModel,
	360	buildActorInstance,
	361	generateAndSaveActorKeys,
	362	fetchActorTotalItems,
	363	getImageInfoIfExists,
	364	updateActorInstance,
	365	deleteActorImageInstance,
	366	refreshActorIfNeeded,
	367	updateActorImageInstance,
	368	addFetchOutboxJob
	369	}
	370
	371	// ---------------------------------------------------------------------------
	372
	373	function setActorImage (actorModel: MActorImages, type: ActorImageType, imageModel: MActorImage) {
	374	const id = imageModel
	375	? imageModel.id
	376	: null
	377
	378	if (type === ActorImageType.AVATAR) {
	379	actorModel.avatarId = id
	380	actorModel.Avatar = imageModel
	381	} else {
	382	actorModel.bannerId = id
	383	actorModel.Banner = imageModel
	384	}
	385
	386	return actorModel
	387	}
	388
	389	function saveActorAndServerAndModelIfNotExist (
	390	result: FetchRemoteActorResult,
	391	ownerActor?: MActorFullActor,
	392	t?: Transaction
	393	): Bluebird<MActorFullActor> \| Promise<MActorFullActor> {
	394	const actor = result.actor
	395
	396	if (t !== undefined) return save(t)
	397
	398	return sequelizeTypescript.transaction(t => save(t))
	399
	400	async function save (t: Transaction) {
	401	const actorHost = new URL(actor.url).host
	402
	403	const serverOptions = {
	404	where: {
	405	host: actorHost
	406	},
	407	defaults: {
	408	host: actorHost
	409	},
	410	transaction: t
	411	}
	412	const [ server ] = await ServerModel.findOrCreate(serverOptions)
	413
	414	// Save our new account in database
	415	actor.serverId = server.id
	416
	417	// Avatar?
	418	if (result.avatar) {
	419	const avatar = await ActorImageModel.create({
	420	filename: result.avatar.name,
	421	fileUrl: result.avatar.fileUrl,
	422	width: result.avatar.width,
	423	height: result.avatar.height,
	424	onDisk: false,
	425	type: ActorImageType.AVATAR
	426	}, { transaction: t })
	427
	428	actor.avatarId = avatar.id
	429	}
	430
	431	// Banner?
	432	if (result.banner) {
	433	const banner = await ActorImageModel.create({
	434	filename: result.banner.name,
	435	fileUrl: result.banner.fileUrl,
	436	width: result.banner.width,
	437	height: result.banner.height,
	438	onDisk: false,
	439	type: ActorImageType.BANNER
	440	}, { transaction: t })
	441
	442	actor.bannerId = banner.id
	443	}
	444
	445	// Force the actor creation, sometimes Sequelize skips the save() when it thinks the instance already exists
	446	// (which could be false in a retried query)
	447	const [ actorCreated, created ] = await ActorModel.findOrCreate<MActorFullActor>({
	448	defaults: actor.toJSON(),
	449	where: {
	450	[Op.or]: [
	451	{
	452	url: actor.url
	453	},
	454	{
	455	serverId: actor.serverId,
	456	preferredUsername: actor.preferredUsername
	457	}
	458	]
	459	},
	460	transaction: t
	461	})
	462
	463	// Try to fix non HTTPS accounts of remote instances that fixed their URL afterwards
	464	if (created !== true && actorCreated.url !== actor.url) {
	465	// Only fix http://example.com/account/djidane to https://example.com/account/djidane
	466	if (actorCreated.url.replace(/^http:\/\//, '') !== actor.url.replace(/^https:\/\//, '')) {
	467	throw new Error(`Actor from DB with URL ${actorCreated.url} does not correspond to actor ${actor.url}`)
	468	}
	469
	470	actorCreated.url = actor.url
	471	await actorCreated.save({ transaction: t })
	472	}
	473
	474	if (actorCreated.type === 'Person' \|\| actorCreated.type === 'Application') {
	475	actorCreated.Account = await saveAccount(actorCreated, result, t) as MAccountDefault
	476	actorCreated.Account.Actor = actorCreated
	477	} else if (actorCreated.type === 'Group') { // Video channel
	478	const channel = await saveVideoChannel(actorCreated, result, ownerActor, t)
	479	actorCreated.VideoChannel = Object.assign(channel, { Actor: actorCreated, Account: ownerActor.Account })
	480	}
	481
	482	actorCreated.Server = server
	483
	484	return actorCreated
	485	}
	486	}
	487
	488	type ImageResult = {
	489	name: string
	490	fileUrl: string
	491	height: number
	492	width: number
	493	}
	494
	495	type FetchRemoteActorResult = {
	496	actor: MActor
	497	name: string
	498	summary: string
	499	support?: string
	500	playlists?: string
	501	avatar?: ImageResult
	502	banner?: ImageResult
	503	attributedTo: ActivityPubAttributedTo[]
	504	}
	505	async function fetchRemoteActor (actorUrl: string): Promise<{ statusCode?: number, result: FetchRemoteActorResult }> {
	506	logger.info('Fetching remote actor %s.', actorUrl)
	507
	508	const requestResult = await doJSONRequest<ActivityPubActor>(actorUrl, { activityPub: true })
	509	const actorJSON = requestResult.body
	510
	511	if (sanitizeAndCheckActorObject(actorJSON) === false) {
	512	logger.debug('Remote actor JSON is not valid.', { actorJSON })
	513	return { result: undefined, statusCode: requestResult.statusCode }
	514	}
	515
	516	if (checkUrlsSameHost(actorJSON.id, actorUrl) !== true) {
	517	logger.warn('Actor url %s has not the same host than its AP id %s', actorUrl, actorJSON.id)
	518	return { result: undefined, statusCode: requestResult.statusCode }
	519	}
	520
	521	const followersCount = await fetchActorTotalItems(actorJSON.followers)
	522	const followingCount = await fetchActorTotalItems(actorJSON.following)
	523
	524	const actor = new ActorModel({
	525	type: actorJSON.type,
	526	preferredUsername: actorJSON.preferredUsername,
	527	url: actorJSON.id,
	528	publicKey: actorJSON.publicKey.publicKeyPem,
	529	privateKey: null,
	530	followersCount: followersCount,
	531	followingCount: followingCount,
	532	inboxUrl: actorJSON.inbox,
	533	outboxUrl: actorJSON.outbox,
	534	followersUrl: actorJSON.followers,
	535	followingUrl: actorJSON.following,
	536
	537	sharedInboxUrl: actorJSON.endpoints?.sharedInbox
	538	? actorJSON.endpoints.sharedInbox
	539	: null
	540	})
	541
	542	const avatarInfo = getImageInfoIfExists(actorJSON, ActorImageType.AVATAR)
	543	const bannerInfo = getImageInfoIfExists(actorJSON, ActorImageType.BANNER)
	544
	545	const name = actorJSON.name \|\| actorJSON.preferredUsername
	546	return {
	547	statusCode: requestResult.statusCode,
	548	result: {
	549	actor,
	550	name,
	551	avatar: avatarInfo,
	552	banner: bannerInfo,
	553	summary: actorJSON.summary,
	554	support: actorJSON.support,
	555	playlists: actorJSON.playlists,
	556	attributedTo: actorJSON.attributedTo
	557	}
	558	}
	559	}
	560
	561	async function saveAccount (actor: MActorId, result: FetchRemoteActorResult, t: Transaction) {
	562	const [ accountCreated ] = await AccountModel.findOrCreate({
	563	defaults: {
	564	name: result.name,
	565	description: result.summary,
	566	actorId: actor.id
	567	},
	568	where: {
	569	actorId: actor.id
	570	},
	571	transaction: t
	572	})
	573
	574	return accountCreated as MAccount
	575	}
	576
	577	async function saveVideoChannel (actor: MActorId, result: FetchRemoteActorResult, ownerActor: MActorAccountId, t: Transaction) {
	578	const [ videoChannelCreated ] = await VideoChannelModel.findOrCreate({
	579	defaults: {
	580	name: result.name,
	581	description: result.summary,
	582	support: result.support,
	583	actorId: actor.id,
	584	accountId: ownerActor.Account.id
	585	},
	586	where: {
	587	actorId: actor.id
	588	},
	589	transaction: t
	590	})
	591
	592	return videoChannelCreated as MChannel
	593	}