X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fcustom-validators%2Factivitypub%2Factivity.ts;h=e0d170d9d230d175ad01769f78e11b2c65d0887e;hb=418d092afa81e2c8fe8ac6838fc4b5eb0af6a782;hp=dd671c4cff6fcde1aefe767be4d42ee8b14cd41b;hpb=0d0e8dd0904b380b70e19ebcb4763d65601c4632;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts
index dd671c4cf..e0d170d9d 100644
--- a/server/helpers/custom-validators/activitypub/activity.ts
+++ b/server/helpers/custom-validators/activitypub/activity.ts
@@ -1,29 +1,52 @@
 import * as validator from 'validator'
-import {
-  isVideoChannelCreateActivityValid,
-  isVideoTorrentAddActivityValid,
-  isVideoTorrentUpdateActivityValid,
-  isVideoChannelUpdateActivityValid
-} from './videos'
+import { Activity, ActivityType } from '../../../../shared/models/activitypub'
+import { sanitizeAndCheckActorObject } from './actor'
+import { isActivityPubUrlValid, isBaseActivityValid, isObjectValid } from './misc'
+import { isDislikeActivityValid } from './rate'
+import { sanitizeAndCheckVideoCommentObject } from './video-comments'
+import { sanitizeAndCheckVideoTorrentObject } from './videos'
+import { isViewActivityValid } from './view'
+import { exists } from '../misc'
+import { isCacheFileObjectValid } from './cache-file'
+import { isFlagActivityValid } from './flag'
+import { isPlaylistObjectValid } from './playlist'
 
 function isRootActivityValid (activity: any) {
-  return Array.isArray(activity['@context']) &&
+  return Array.isArray(activity['@context']) && (
     (
       (activity.type === 'Collection' || activity.type === 'OrderedCollection') &&
       validator.isInt(activity.totalItems, { min: 0 }) &&
       Array.isArray(activity.items)
     ) ||
     (
-      validator.isURL(activity.id) &&
-      validator.isURL(activity.actor)
+      isActivityPubUrlValid(activity.id) &&
+      exists(activity.actor) &&
+      (isActivityPubUrlValid(activity.actor) || isActivityPubUrlValid(activity.actor.id))
     )
+  )
+}
+
+const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean } = {
+  Create: checkCreateActivity,
+  Update: checkUpdateActivity,
+  Delete: checkDeleteActivity,
+  Follow: checkFollowActivity,
+  Accept: checkAcceptActivity,
+  Reject: checkRejectActivity,
+  Announce: checkAnnounceActivity,
+  Undo: checkUndoActivity,
+  Like: checkLikeActivity,
+  View: checkViewActivity,
+  Flag: checkFlagActivity,
+  Dislike: checkDislikeActivity
 }
 
 function isActivityValid (activity: any) {
-  return isVideoTorrentAddActivityValid(activity) ||
-    isVideoChannelCreateActivityValid(activity) ||
-    isVideoTorrentUpdateActivityValid(activity) ||
-    isVideoChannelUpdateActivityValid(activity)
+  const checker = activityCheckers[activity.type]
+  // Unknown activity type
+  if (!checker) return false
+
+  return checker(activity)
 }
 
 // ---------------------------------------------------------------------------
@@ -32,3 +55,84 @@ export {
   isRootActivityValid,
   isActivityValid
 }
+
+// ---------------------------------------------------------------------------
+
+function checkViewActivity (activity: any) {
+  return isBaseActivityValid(activity, 'View') &&
+    isViewActivityValid(activity)
+}
+
+function checkFlagActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Flag') &&
+    isFlagActivityValid(activity)
+}
+
+function checkDislikeActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Dislike') &&
+    isDislikeActivityValid(activity)
+}
+
+function checkCreateActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Create') &&
+    (
+      isViewActivityValid(activity.object) ||
+      isDislikeActivityValid(activity.object) ||
+      isFlagActivityValid(activity.object) ||
+      isPlaylistObjectValid(activity.object) ||
+
+      isCacheFileObjectValid(activity.object) ||
+      sanitizeAndCheckVideoCommentObject(activity.object) ||
+      sanitizeAndCheckVideoTorrentObject(activity.object)
+    )
+}
+
+function checkUpdateActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Update') &&
+    (
+      isCacheFileObjectValid(activity.object) ||
+      isPlaylistObjectValid(activity.object) ||
+      sanitizeAndCheckVideoTorrentObject(activity.object) ||
+      sanitizeAndCheckActorObject(activity.object)
+    )
+}
+
+function checkDeleteActivity (activity: any) {
+  // We don't really check objects
+  return isBaseActivityValid(activity, 'Delete') &&
+    isObjectValid(activity.object)
+}
+
+function checkFollowActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Follow') &&
+    isObjectValid(activity.object)
+}
+
+function checkAcceptActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Accept')
+}
+
+function checkRejectActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Reject')
+}
+
+function checkAnnounceActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Announce') &&
+    isObjectValid(activity.object)
+}
+
+function checkUndoActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Undo') &&
+    (
+      checkFollowActivity(activity.object) ||
+      checkLikeActivity(activity.object) ||
+      checkDislikeActivity(activity.object) ||
+      checkAnnounceActivity(activity.object) ||
+      checkCreateActivity(activity.object)
+    )
+}
+
+function checkLikeActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Like') &&
+    isObjectValid(activity.object)
+}