Merge pull request #2155 from pixelfed/staging

AP bugfixes
This commit is contained in:
daniel 2020-04-29 15:48:09 -06:00 committed by GitHub
commit cf7507ab84
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 10 deletions

View file

@ -7,6 +7,7 @@ use Illuminate\Database\Eloquent\Model;
class Activity extends Model class Activity extends Model
{ {
protected $dates = ['processed_at']; protected $dates = ['processed_at'];
protected $fillable = ['data', 'to_id', 'from_id', 'object_type'];
public function toProfile() public function toProfile()
{ {

View file

@ -181,9 +181,11 @@ class Helpers {
public static function zttpUserAgent() public static function zttpUserAgent()
{ {
$version = config('pixelfed.version');
$url = config('app.url');
return [ return [
'Accept' => 'application/activity+json', 'Accept' => 'application/activity+json',
'User-Agent' => 'PixelfedBot - https://pixelfed.org', 'User-Agent' => "(Pixelfed/{$version}; +{$url})",
]; ];
} }
@ -236,10 +238,6 @@ class Helpers {
$activity = ['object' => $res]; $activity = ['object' => $res];
} }
if(isset($activity['object']['content']) == false) {
abort(400, 'Invalid object');
}
$scope = 'private'; $scope = 'private';
$cw = isset($res['sensitive']) ? (bool) $res['sensitive'] : false; $cw = isset($res['sensitive']) ? (bool) $res['sensitive'] : false;
@ -287,10 +285,10 @@ class Helpers {
} }
} }
if(!self::validateUrl($res['id']) || if(!self::validateUrl($activity['object']['id']) ||
!self::validateUrl($activity['object']['attributedTo']) !self::validateUrl($activity['object']['attributedTo'])
) { ) {
abort(400, 'Invalid object url'); return;
} }
$idDomain = parse_url($res['id'], PHP_URL_HOST); $idDomain = parse_url($res['id'], PHP_URL_HOST);
@ -302,7 +300,7 @@ class Helpers {
$actorDomain !== $urlDomain || $actorDomain !== $urlDomain ||
$idDomain !== $actorDomain $idDomain !== $actorDomain
) { ) {
abort(400, 'Invalid object'); return;
} }
$profile = self::profileFirstOrNew($activity['object']['attributedTo']); $profile = self::profileFirstOrNew($activity['object']['attributedTo']);

View file

@ -40,6 +40,10 @@ class Inbox
public function handle() public function handle()
{ {
$this->handleVerb(); $this->handleVerb();
(new Activity())->create([
'data' => json_encode($this->payload)
]);
} }
public function handleVerb() public function handleVerb()
@ -307,6 +311,8 @@ class Inbox
$id = $this->payload['object']['id']; $id = $this->payload['object']['id'];
switch ($type) { switch ($type) {
case 'Person': case 'Person':
// todo: fix race condition
return;
$profile = Helpers::profileFetch($actor); $profile = Helpers::profileFetch($actor);
if(!$profile || $profile->private_key != null) { if(!$profile || $profile->private_key != null) {
return; return;
@ -323,8 +329,6 @@ class Inbox
break; break;
case 'Tombstone': case 'Tombstone':
// todo: fix race condition
return;
$profile = Helpers::profileFetch($actor); $profile = Helpers::profileFetch($actor);
$status = Status::whereProfileId($profile->id) $status = Status::whereProfileId($profile->id)
->whereUri($id) ->whereUri($id)