Enforce blocks on incoming likes, shares, replies and follows

This commit is contained in:
Daniel Supernault 2022-08-07 20:59:36 -06:00
parent 5a1bbb607d
commit 1545e37cdb
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
5 changed files with 45 additions and 0 deletions

View file

@ -1089,6 +1089,11 @@ class ApiV1Controller extends Controller
429 429
); );
$blocks = UserFilterService::blocks($spid);
if($blocks && in_array($user->profile_id, $blocks)) {
abort(422);
}
$like = Like::firstOrCreate([ $like = Like::firstOrCreate([
'profile_id' => $user->profile_id, 'profile_id' => $user->profile_id,
'status_id' => $status['id'] 'status_id' => $status['id']
@ -2494,6 +2499,8 @@ class ApiV1Controller extends Controller
if($in_reply_to_id) { if($in_reply_to_id) {
$parent = Status::findOrFail($in_reply_to_id); $parent = Status::findOrFail($in_reply_to_id);
$blocks = UserFilterService::blocks($parent->profile_id);
abort_if(in_array($profile->id, $blocks), 422, 'Cannot reply to this post at this time.');
$status = new Status; $status = new Status;
$status->caption = $content; $status->caption = $content;
@ -2625,6 +2632,11 @@ class ApiV1Controller extends Controller
} else { } else {
abort_if(!in_array($status->scope, ['public','unlisted']), 403); abort_if(!in_array($status->scope, ['public','unlisted']), 403);
} }
$blocks = UserFilterService::blocks($status->profile_id);
if($blocks && in_array($user->profile_id, $blocks)) {
abort(422);
}
} }
$share = Status::firstOrCreate([ $share = Status::firstOrCreate([

View file

@ -25,6 +25,9 @@ class LikeController extends Controller
'item' => 'required|integer|min:1', 'item' => 'required|integer|min:1',
]); ]);
// API deprecated
return;
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;
$status = Status::findOrFail($request->input('item')); $status = Status::findOrFail($request->input('item'));

View file

@ -18,6 +18,7 @@ use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable; use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels; use Illuminate\Queue\SerializesModels;
use App\Services\UserFilterService;
class StatusEntityLexer implements ShouldQueue class StatusEntityLexer implements ShouldQueue
{ {
@ -134,6 +135,10 @@ class StatusEntityLexer implements ShouldQueue
if (empty($mentioned) || !isset($mentioned->id)) { if (empty($mentioned) || !isset($mentioned->id)) {
continue; continue;
} }
$blocks = UserFilterService::blocks($mentioned->id);
if($blocks && in_array($status->profile_id, $blocks)) {
continue;
}
DB::transaction(function () use ($status, $mentioned) { DB::transaction(function () use ($status, $mentioned) {
$m = new Mention(); $m = new Mention();

View file

@ -40,6 +40,7 @@ use App\Models\Poll;
use Illuminate\Contracts\Cache\LockTimeoutException; use Illuminate\Contracts\Cache\LockTimeoutException;
use App\Jobs\ProfilePipeline\IncrementPostCount; use App\Jobs\ProfilePipeline\IncrementPostCount;
use App\Jobs\ProfilePipeline\DecrementPostCount; use App\Jobs\ProfilePipeline\DecrementPostCount;
use App\Services\UserFilterService;
class Helpers { class Helpers {
@ -398,6 +399,12 @@ class Helpers {
$profile = self::profileFirstOrNew($attributedTo); $profile = self::profileFirstOrNew($attributedTo);
if(isset($activity['object']['inReplyTo']) && !empty($activity['object']['inReplyTo']) || $replyTo == true) { if(isset($activity['object']['inReplyTo']) && !empty($activity['object']['inReplyTo']) || $replyTo == true) {
$reply_to = self::statusFirstOrFetch(self::pluckval($activity['object']['inReplyTo']), false); $reply_to = self::statusFirstOrFetch(self::pluckval($activity['object']['inReplyTo']), false);
if($reply_to) {
$blocks = UserFilterService::blocks($reply_to->profile_id);
if(in_array($profile->id, $blocks)) {
return;
}
}
$reply_to = optional($reply_to)->id; $reply_to = optional($reply_to)->id;
} else { } else {
$reply_to = null; $reply_to = null;

View file

@ -37,6 +37,7 @@ use App\Util\ActivityPub\Validator\UndoFollow as UndoFollowValidator;
use App\Services\PollService; use App\Services\PollService;
use App\Services\FollowerService; use App\Services\FollowerService;
use App\Services\StatusService; use App\Services\StatusService;
use App\Services\UserFilterService;
use App\Models\Conversation; use App\Models\Conversation;
use App\Jobs\ProfilePipeline\IncrementPostCount; use App\Jobs\ProfilePipeline\IncrementPostCount;
use App\Jobs\ProfilePipeline\DecrementPostCount; use App\Jobs\ProfilePipeline\DecrementPostCount;
@ -475,6 +476,12 @@ class Inbox
) { ) {
return; return;
} }
$blocks = UserFilterService::blocks($target->id);
if($blocks && in_array($actor->id, $blocks)) {
return;
}
if($target->is_private == true) { if($target->is_private == true) {
FollowRequest::updateOrCreate([ FollowRequest::updateOrCreate([
'follower_id' => $actor->id, 'follower_id' => $actor->id,
@ -532,6 +539,11 @@ class Inbox
return; return;
} }
$blocks = UserFilterService::blocks($parent->profile_id);
if($blocks && in_array($actor->id, $blocks)) {
return;
}
$status = Status::firstOrCreate([ $status = Status::firstOrCreate([
'profile_id' => $actor->id, 'profile_id' => $actor->id,
'reblog_of_id' => $parent->id, 'reblog_of_id' => $parent->id,
@ -693,6 +705,12 @@ class Inbox
if(!$status || !$profile) { if(!$status || !$profile) {
return; return;
} }
$blocks = UserFilterService::blocks($status->profile_id);
if($blocks && in_array($actor->id, $blocks)) {
return;
}
$like = Like::firstOrCreate([ $like = Like::firstOrCreate([
'profile_id' => $profile->id, 'profile_id' => $profile->id,
'status_id' => $status->id 'status_id' => $status->id