diff options
6 files changed, 68 insertions, 109 deletions
diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts index da79b2782..46126da57 100644 --- a/server/helpers/custom-validators/activitypub/activity.ts +++ b/server/helpers/custom-validators/activitypub/activity.ts | |||
@@ -1,16 +1,13 @@ | |||
1 | import validator from 'validator' | 1 | import validator from 'validator' |
2 | import { Activity, ActivityType } from '../../../../shared/models/activitypub' | 2 | import { Activity, ActivityType } from '../../../../shared/models/activitypub' |
3 | import { isAbuseReasonValid } from '../abuses' | ||
3 | import { exists } from '../misc' | 4 | import { exists } from '../misc' |
4 | import { sanitizeAndCheckActorObject } from './actor' | 5 | import { sanitizeAndCheckActorObject } from './actor' |
5 | import { isCacheFileObjectValid } from './cache-file' | 6 | import { isCacheFileObjectValid } from './cache-file' |
6 | import { isFlagActivityValid } from './flag' | ||
7 | import { isActivityPubUrlValid, isBaseActivityValid, isObjectValid } from './misc' | 7 | import { isActivityPubUrlValid, isBaseActivityValid, isObjectValid } from './misc' |
8 | import { isPlaylistObjectValid } from './playlist' | 8 | import { isPlaylistObjectValid } from './playlist' |
9 | import { isDislikeActivityValid, isLikeActivityValid } from './rate' | ||
10 | import { isShareActivityValid } from './share' | ||
11 | import { sanitizeAndCheckVideoCommentObject } from './video-comments' | 9 | import { sanitizeAndCheckVideoCommentObject } from './video-comments' |
12 | import { sanitizeAndCheckVideoTorrentObject } from './videos' | 10 | import { sanitizeAndCheckVideoTorrentObject } from './videos' |
13 | import { isViewActivityValid } from './view' | ||
14 | 11 | ||
15 | function isRootActivityValid (activity: any) { | 12 | function isRootActivityValid (activity: any) { |
16 | return isCollection(activity) || isActivity(activity) | 13 | return isCollection(activity) || isActivity(activity) |
@@ -29,56 +26,56 @@ function isActivity (activity: any) { | |||
29 | } | 26 | } |
30 | 27 | ||
31 | const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean } = { | 28 | const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean } = { |
32 | Create: checkCreateActivity, | 29 | Create: isCreateActivityValid, |
33 | Update: checkUpdateActivity, | 30 | Update: isUpdateActivityValid, |
34 | Delete: checkDeleteActivity, | 31 | Delete: isDeleteActivityValid, |
35 | Follow: checkFollowActivity, | 32 | Follow: isFollowActivityValid, |
36 | Accept: checkAcceptActivity, | 33 | Accept: isAcceptActivityValid, |
37 | Reject: checkRejectActivity, | 34 | Reject: isRejectActivityValid, |
38 | Announce: checkAnnounceActivity, | 35 | Announce: isAnnounceActivityValid, |
39 | Undo: checkUndoActivity, | 36 | Undo: isUndoActivityValid, |
40 | Like: checkLikeActivity, | 37 | Like: isLikeActivityValid, |
41 | View: checkViewActivity, | 38 | View: isViewActivityValid, |
42 | Flag: checkFlagActivity, | 39 | Flag: isFlagActivityValid, |
43 | Dislike: checkDislikeActivity | 40 | Dislike: isDislikeActivityValid |
44 | } | 41 | } |
45 | 42 | ||
46 | function isActivityValid (activity: any) { | 43 | function isActivityValid (activity: any) { |
47 | const checker = activityCheckers[activity.type] | 44 | const checker = activityCheckers[activity.tswype] |
48 | // Unknown activity type | 45 | // Unknown activity type |
49 | if (!checker) return false | 46 | if (!checker) return false |
50 | 47 | ||
51 | return checker(activity) | 48 | return checker(activity) |
52 | } | 49 | } |
53 | 50 | ||
54 | // --------------------------------------------------------------------------- | 51 | function isFlagActivityValid (activity: any) { |
55 | 52 | return isBaseActivityValid(activity.type, 'Flag') && | |
56 | export { | 53 | isAbuseReasonValid(activity.content) && |
57 | isRootActivityValid, | 54 | isActivityPubUrlValid(activity.object) |
58 | isActivityValid | ||
59 | } | 55 | } |
60 | 56 | ||
61 | // --------------------------------------------------------------------------- | 57 | function isLikeActivityValid (activity: any) { |
62 | 58 | return isBaseActivityValid(activity, 'Like') && | |
63 | function checkViewActivity (activity: any) { | 59 | isObjectValid(activity.object) |
64 | return isBaseActivityValid(activity, 'View') && | ||
65 | isViewActivityValid(activity) | ||
66 | } | 60 | } |
67 | 61 | ||
68 | function checkFlagActivity (activity: any) { | 62 | function isDislikeActivityValid (activity: any) { |
69 | return isBaseActivityValid(activity, 'Flag') && | 63 | return isBaseActivityValid(activity, 'Dislike') && |
70 | isFlagActivityValid(activity) | 64 | isObjectValid(activity.object) |
71 | } | 65 | } |
72 | 66 | ||
73 | function checkDislikeActivity (activity: any) { | 67 | function isAnnounceActivityValid (activity: any) { |
74 | return isDislikeActivityValid(activity) | 68 | return isBaseActivityValid(activity, 'Announce') && |
69 | isObjectValid(activity.object) | ||
75 | } | 70 | } |
76 | 71 | ||
77 | function checkLikeActivity (activity: any) { | 72 | function isViewActivityValid (activity: any) { |
78 | return isLikeActivityValid(activity) | 73 | return isBaseActivityValid(activity, 'View') && |
74 | isActivityPubUrlValid(activity.actor) && | ||
75 | isActivityPubUrlValid(activity.object) | ||
79 | } | 76 | } |
80 | 77 | ||
81 | function checkCreateActivity (activity: any) { | 78 | function isCreateActivityValid (activity: any) { |
82 | return isBaseActivityValid(activity, 'Create') && | 79 | return isBaseActivityValid(activity, 'Create') && |
83 | ( | 80 | ( |
84 | isViewActivityValid(activity.object) || | 81 | isViewActivityValid(activity.object) || |
@@ -92,7 +89,7 @@ function checkCreateActivity (activity: any) { | |||
92 | ) | 89 | ) |
93 | } | 90 | } |
94 | 91 | ||
95 | function checkUpdateActivity (activity: any) { | 92 | function isUpdateActivityValid (activity: any) { |
96 | return isBaseActivityValid(activity, 'Update') && | 93 | return isBaseActivityValid(activity, 'Update') && |
97 | ( | 94 | ( |
98 | isCacheFileObjectValid(activity.object) || | 95 | isCacheFileObjectValid(activity.object) || |
@@ -102,36 +99,51 @@ function checkUpdateActivity (activity: any) { | |||
102 | ) | 99 | ) |
103 | } | 100 | } |
104 | 101 | ||
105 | function checkDeleteActivity (activity: any) { | 102 | function isDeleteActivityValid (activity: any) { |
106 | // We don't really check objects | 103 | // We don't really check objects |
107 | return isBaseActivityValid(activity, 'Delete') && | 104 | return isBaseActivityValid(activity, 'Delete') && |
108 | isObjectValid(activity.object) | 105 | isObjectValid(activity.object) |
109 | } | 106 | } |
110 | 107 | ||
111 | function checkFollowActivity (activity: any) { | 108 | function isFollowActivityValid (activity: any) { |
112 | return isBaseActivityValid(activity, 'Follow') && | 109 | return isBaseActivityValid(activity, 'Follow') && |
113 | isObjectValid(activity.object) | 110 | isObjectValid(activity.object) |
114 | } | 111 | } |
115 | 112 | ||
116 | function checkAcceptActivity (activity: any) { | 113 | function isAcceptActivityValid (activity: any) { |
117 | return isBaseActivityValid(activity, 'Accept') | 114 | return isBaseActivityValid(activity, 'Accept') |
118 | } | 115 | } |
119 | 116 | ||
120 | function checkRejectActivity (activity: any) { | 117 | function isRejectActivityValid (activity: any) { |
121 | return isBaseActivityValid(activity, 'Reject') | 118 | return isBaseActivityValid(activity, 'Reject') |
122 | } | 119 | } |
123 | 120 | ||
124 | function checkAnnounceActivity (activity: any) { | 121 | function isUndoActivityValid (activity: any) { |
125 | return isShareActivityValid(activity) | ||
126 | } | ||
127 | |||
128 | function checkUndoActivity (activity: any) { | ||
129 | return isBaseActivityValid(activity, 'Undo') && | 122 | return isBaseActivityValid(activity, 'Undo') && |
130 | ( | 123 | ( |
131 | checkFollowActivity(activity.object) || | 124 | isFollowActivityValid(activity.object) || |
132 | checkLikeActivity(activity.object) || | 125 | isLikeActivityValid(activity.object) || |
133 | checkDislikeActivity(activity.object) || | 126 | isDislikeActivityValid(activity.object) || |
134 | checkAnnounceActivity(activity.object) || | 127 | isAnnounceActivityValid(activity.object) || |
135 | checkCreateActivity(activity.object) | 128 | isCreateActivityValid(activity.object) |
136 | ) | 129 | ) |
137 | } | 130 | } |
131 | |||
132 | // --------------------------------------------------------------------------- | ||
133 | |||
134 | export { | ||
135 | isRootActivityValid, | ||
136 | isActivityValid, | ||
137 | isFlagActivityValid, | ||
138 | isLikeActivityValid, | ||
139 | isDislikeActivityValid, | ||
140 | isAnnounceActivityValid, | ||
141 | isViewActivityValid, | ||
142 | isCreateActivityValid, | ||
143 | isUpdateActivityValid, | ||
144 | isDeleteActivityValid, | ||
145 | isFollowActivityValid, | ||
146 | isAcceptActivityValid, | ||
147 | isRejectActivityValid, | ||
148 | isUndoActivityValid | ||
149 | } | ||
diff --git a/server/helpers/custom-validators/activitypub/flag.ts b/server/helpers/custom-validators/activitypub/flag.ts deleted file mode 100644 index dc90b3667..000000000 --- a/server/helpers/custom-validators/activitypub/flag.ts +++ /dev/null | |||
@@ -1,14 +0,0 @@ | |||
1 | import { isActivityPubUrlValid } from './misc' | ||
2 | import { isAbuseReasonValid } from '../abuses' | ||
3 | |||
4 | function isFlagActivityValid (activity: any) { | ||
5 | return activity.type === 'Flag' && | ||
6 | isAbuseReasonValid(activity.content) && | ||
7 | isActivityPubUrlValid(activity.object) | ||
8 | } | ||
9 | |||
10 | // --------------------------------------------------------------------------- | ||
11 | |||
12 | export { | ||
13 | isFlagActivityValid | ||
14 | } | ||
diff --git a/server/helpers/custom-validators/activitypub/rate.ts b/server/helpers/custom-validators/activitypub/rate.ts deleted file mode 100644 index aafdda443..000000000 --- a/server/helpers/custom-validators/activitypub/rate.ts +++ /dev/null | |||
@@ -1,18 +0,0 @@ | |||
1 | import { isBaseActivityValid, isObjectValid } from './misc' | ||
2 | |||
3 | function isLikeActivityValid (activity: any) { | ||
4 | return isBaseActivityValid(activity, 'Like') && | ||
5 | isObjectValid(activity.object) | ||
6 | } | ||
7 | |||
8 | function isDislikeActivityValid (activity: any) { | ||
9 | return isBaseActivityValid(activity, 'Dislike') && | ||
10 | isObjectValid(activity.object) | ||
11 | } | ||
12 | |||
13 | // --------------------------------------------------------------------------- | ||
14 | |||
15 | export { | ||
16 | isDislikeActivityValid, | ||
17 | isLikeActivityValid | ||
18 | } | ||
diff --git a/server/helpers/custom-validators/activitypub/share.ts b/server/helpers/custom-validators/activitypub/share.ts deleted file mode 100644 index fb5e4c05e..000000000 --- a/server/helpers/custom-validators/activitypub/share.ts +++ /dev/null | |||
@@ -1,11 +0,0 @@ | |||
1 | import { isBaseActivityValid, isObjectValid } from './misc' | ||
2 | |||
3 | function isShareActivityValid (activity: any) { | ||
4 | return isBaseActivityValid(activity, 'Announce') && | ||
5 | isObjectValid(activity.object) | ||
6 | } | ||
7 | // --------------------------------------------------------------------------- | ||
8 | |||
9 | export { | ||
10 | isShareActivityValid | ||
11 | } | ||
diff --git a/server/helpers/custom-validators/activitypub/view.ts b/server/helpers/custom-validators/activitypub/view.ts deleted file mode 100644 index 41d16469f..000000000 --- a/server/helpers/custom-validators/activitypub/view.ts +++ /dev/null | |||
@@ -1,13 +0,0 @@ | |||
1 | import { isActivityPubUrlValid } from './misc' | ||
2 | |||
3 | function isViewActivityValid (activity: any) { | ||
4 | return activity.type === 'View' && | ||
5 | isActivityPubUrlValid(activity.actor) && | ||
6 | isActivityPubUrlValid(activity.object) | ||
7 | } | ||
8 | |||
9 | // --------------------------------------------------------------------------- | ||
10 | |||
11 | export { | ||
12 | isViewActivityValid | ||
13 | } | ||
diff --git a/server/lib/job-queue/handlers/activitypub-cleaner.ts b/server/lib/job-queue/handlers/activitypub-cleaner.ts index b58bbc983..0e75b0a6e 100644 --- a/server/lib/job-queue/handlers/activitypub-cleaner.ts +++ b/server/lib/job-queue/handlers/activitypub-cleaner.ts | |||
@@ -1,8 +1,11 @@ | |||
1 | import * as Bluebird from 'bluebird' | 1 | import * as Bluebird from 'bluebird' |
2 | import * as Bull from 'bull' | 2 | import * as Bull from 'bull' |
3 | import { checkUrlsSameHost } from '@server/helpers/activitypub' | 3 | import { checkUrlsSameHost } from '@server/helpers/activitypub' |
4 | import { isDislikeActivityValid, isLikeActivityValid } from '@server/helpers/custom-validators/activitypub/rate' | 4 | import { |
5 | import { isShareActivityValid } from '@server/helpers/custom-validators/activitypub/share' | 5 | isAnnounceActivityValid, |
6 | isDislikeActivityValid, | ||
7 | isLikeActivityValid | ||
8 | } from '@server/helpers/custom-validators/activitypub/activity' | ||
6 | import { sanitizeAndCheckVideoCommentObject } from '@server/helpers/custom-validators/activitypub/video-comments' | 9 | import { sanitizeAndCheckVideoCommentObject } from '@server/helpers/custom-validators/activitypub/video-comments' |
7 | import { doRequest } from '@server/helpers/requests' | 10 | import { doRequest } from '@server/helpers/requests' |
8 | import { AP_CLEANER_CONCURRENCY } from '@server/initializers/constants' | 11 | import { AP_CLEANER_CONCURRENCY } from '@server/initializers/constants' |
@@ -149,7 +152,7 @@ function rateOptionsFactory () { | |||
149 | 152 | ||
150 | function shareOptionsFactory () { | 153 | function shareOptionsFactory () { |
151 | return { | 154 | return { |
152 | bodyValidator: (body: any) => isShareActivityValid(body), | 155 | bodyValidator: (body: any) => isAnnounceActivityValid(body), |
153 | 156 | ||
154 | updater: async (url: string, newUrl: string) => { | 157 | updater: async (url: string, newUrl: string) => { |
155 | const share = await VideoShareModel.loadByUrl(url, undefined) | 158 | const share = await VideoShareModel.loadByUrl(url, undefined) |