aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/web/activity_pub/activity_pub.ex16
-rw-r--r--lib/pleroma/web/activity_pub/mrf/simple_policy.ex38
-rw-r--r--lib/pleroma/web/activity_pub/mrf/user_allowlist.ex6
3 files changed, 53 insertions, 7 deletions
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index 3d9679ec0..aa0229db7 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -909,7 +909,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
end
end
- def user_data_from_user_object(data) do
+ defp object_to_user_data(data) do
avatar =
data["icon"]["url"] &&
%{
@@ -956,9 +956,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
{:ok, user_data}
end
+ def user_data_from_user_object(data) do
+ with {:ok, data} <- MRF.filter(data),
+ {:ok, data} <- object_to_user_data(data) do
+ {:ok, data}
+ else
+ e -> {:error, e}
+ end
+ end
+
def fetch_and_prepare_user_from_ap_id(ap_id) do
- with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id) do
- user_data_from_user_object(data)
+ with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id),
+ {:ok, data} <- user_data_from_user_object(data) do
+ {:ok, data}
else
e -> Logger.error("Could not decode user at fetch #{ap_id}, #{inspect(e)}")
end
diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
index 7190652d2..890d70a7a 100644
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -104,9 +104,29 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
defp check_report_removal(_actor_info, object), do: {:ok, object}
+ defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do
+ if actor_host in Pleroma.Config.get([:mrf_simple, :avatar_removal]) do
+ {:ok, Map.delete(object, "icon")}
+ else
+ {:ok, object}
+ end
+ end
+
+ defp check_avatar_removal(_actor_info, object), do: {:ok, object}
+
+ defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do
+ if actor_host in Pleroma.Config.get([:mrf_simple, :banner_removal]) do
+ {:ok, Map.delete(object, "image")}
+ else
+ {:ok, object}
+ end
+ end
+
+ defp check_banner_removal(_actor_info, object), do: {:ok, object}
+
@impl true
- def filter(object) do
- actor_info = URI.parse(object["actor"])
+ def filter(%{"actor" => actor} = object) do
+ actor_info = URI.parse(actor)
with {:ok, object} <- check_accept(actor_info, object),
{:ok, object} <- check_reject(actor_info, object),
@@ -119,4 +139,18 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
_e -> {:reject, nil}
end
end
+
+ def filter(%{"id" => actor, "type" => obj_type} = object)
+ when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do
+ actor_info = URI.parse(actor)
+
+ with {:ok, object} <- check_avatar_removal(actor_info, object),
+ {:ok, object} <- check_banner_removal(actor_info, object) do
+ {:ok, object}
+ else
+ _e -> {:reject, nil}
+ end
+ end
+
+ def filter(object), do: {:ok, object}
end
diff --git a/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex b/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex
index f5078d818..47663414a 100644
--- a/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex
+++ b/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex
@@ -19,10 +19,12 @@ defmodule Pleroma.Web.ActivityPub.MRF.UserAllowListPolicy do
end
@impl true
- def filter(object) do
- actor_info = URI.parse(object["actor"])
+ def filter(%{"actor" => actor} = object) do
+ actor_info = URI.parse(actor)
allow_list = Config.get([:mrf_user_allowlist, String.to_atom(actor_info.host)], [])
filter_by_list(object, allow_list)
end
+
+ def filter(object), do: {:ok, object}
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 09:47:41 +0000