closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13038 Commits
4 Branches
567 MiB
Tree: 1d0ad558ff
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1d0ad558ff'
${ noResults }
mastodon/app/services/suspend_account_service.rb

107 lines
3.7 KiB
Raw Normal View History

Adding suspend account service
7 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Fix possible race conditions when suspending/unsuspending accounts (#22363) * Fix possible race conditions when suspending/unsuspending accounts * Fix tests Tests were assuming SuspensionWorker and UnsuspensionWorker would do the suspending/unsuspending themselves, but this has changed.
1 year ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Fix possible race conditions when suspending/unsuspending accounts (#22363) * Fix possible race conditions when suspending/unsuspending accounts * Fix tests Tests were assuming SuspensionWorker and UnsuspensionWorker would do the suspending/unsuspending themselves, but this has changed.
1 year ago
Adding suspend account service
7 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Adding suspend account service
7 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (#24034)
1 year ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (#24034)
1 year ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Fix remote reporters not receiving suspend/unsuspend activities (#16050)
3 years ago
Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (#24034)
1 year ago
Fix remote reporters not receiving suspend/unsuspend activities (#16050)
3 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Fix suspension/unsuspension not working because of FeedManager change (#15099)
3 years ago
Add ability to disable login and mark accounts as memorial (#5615) Fix #5597
6 years ago
Account deletion (#3728) * Add form for account deletion * If avatar or header are gone from source, remove them * Add option to have SuspendAccountService remove user record, add tests * Exclude suspended accounts from search
7 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Change deletes to preserve soft-deleted statuses in unresolved reports (#11805) Change all account actions except "none" to resolve all unresolved reports Refactor `SuspendAccountService` to be more readable
4 years ago
Adding suspend account service
7 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Improve account suspension speed and completeness (#9290) - Some associations were missing from the clean-up - Some attributes were not reset on suspension - Skip federation and streaming deletes when purging a dead domain - Move account association definitions to concern
5 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Change deletes to preserve soft-deleted statuses in unresolved reports (#11805) Change all account actions except "none" to resolve all unresolved reports Refactor `SuspendAccountService` to be more readable
4 years ago
Fix trying to privatize empty media attachments (#15414)
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Fix suspension worker crashing on S3-compatible setups without ACL support (#22487)
1 year ago
Fix error when changing ACL on missing objects during suspension (#15420)
3 years ago
Fix suspension worker crashing on S3-compatible setups without ACL support (#22487)
1 year ago
Fix error when changing ACL on missing objects during suspension (#15420)
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Fix crashes in SuspendAccountService/UnsuspendAccountService (#15100) * Fix crashes in SuspendAccountService/UnsuspendAccountService * Catch filesystem errors
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Add cache buster feature for media files (#15155) Nginx can be configured to bypass proxy cache when a special header is in the request. If the response is cacheable, it will replace the cache for that request. Proxy caching of media files is desirable when using object storage as a way of minimizing bandwidth costs, but has the drawback of leaving deleted media files for a configured amount of cache time. A cache buster can make those media files immediately unavailable. This especially makes sense when suspending and unsuspending an account.
3 years ago
Change account suspensions to be reversible by default (#14726)
3 years ago
Improve account suspension speed and completeness (#9290) - Some associations were missing from the clean-up - Some attributes were not reset on suspension - Skip federation and streaming deletes when purging a dead domain - Move account association definitions to concern
5 years ago
Fix remote reporters not receiving suspend/unsuspend activities (#16050)
3 years ago
Adding suspend account service
7 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. class SuspendAccountService < BaseService
  4.   include Payloadable
  5. 

  6.   # Carry out the suspension of a recently-suspended account
  7.   # @param [Account] account Account to suspend
  8.   def call(account)
  9.     return unless account.suspended?
  10. 

  11.     @account = account
  12. 

  13.     reject_remote_follows!
  14.     distribute_update_actor!
  15.     unmerge_from_home_timelines!
  16.     unmerge_from_list_timelines!
  17.     privatize_media_attachments!
  18.   end
  19. 

  20.   private
  21. 

  22.   def reject_remote_follows!
  23.     return if @account.local? || !@account.activitypub?
  24. 

  25.     # When suspending a remote account, the account obviously doesn't
  26.     # actually become suspended on its origin server, i.e. unlike a
  27.     # locally suspended account it continues to have access to its home
  28.     # feed and other content. To prevent it from being able to continue
  29.     # to access toots it would receive because it follows local accounts,
  30.     # we have to force it to unfollow them. Unfortunately, there is no
  31.     # counterpart to this operation, i.e. you can't then force a remote
  32.     # account to re-follow you, so this part is not reversible.
  33. 

  34.     Follow.where(account: @account).find_in_batches do |follows|
  35.       ActivityPub::DeliveryWorker.push_bulk(follows) do |follow|
  36.         [Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)), follow.target_account_id, @account.inbox_url]
  37.       end
  38. 

  39.       follows.each(&:destroy)
  40.     end
  41.   end
  42. 

  43.   def distribute_update_actor!
  44.     return unless @account.local?
  45. 

  46.     account_reach_finder = AccountReachFinder.new(@account)
  47. 

  48.     ActivityPub::DeliveryWorker.push_bulk(account_reach_finder.inboxes, limit: 1_000) do |inbox_url|
  49.       [signed_activity_json, @account.id, inbox_url]
  50.     end
  51.   end
  52. 

  53.   def unmerge_from_home_timelines!
  54.     @account.followers_for_local_distribution.find_each do |follower|
  55.       FeedManager.instance.unmerge_from_home(@account, follower)
  56.     end
  57.   end
  58. 

  59.   def unmerge_from_list_timelines!
  60.     @account.lists_for_local_distribution.find_each do |list|
  61.       FeedManager.instance.unmerge_from_list(@account, list)
  62.     end
  63.   end
  64. 

  65.   def privatize_media_attachments!
  66.     attachment_names = MediaAttachment.attachment_definitions.keys
  67. 

  68.     @account.media_attachments.find_each do |media_attachment|
  69.       attachment_names.each do |attachment_name|
  70.         attachment = media_attachment.public_send(attachment_name)
  71.         styles     = [:original] | attachment.styles.keys
  72. 

  73.         next if attachment.blank?
  74. 

  75.         styles.each do |style|
  76.           case Paperclip::Attachment.default_options[:storage]
  77.           when :s3
  78.             # Prevent useless S3 calls if ACLs are disabled
  79.             next if ENV['S3_PERMISSION'] == ''
  80. 

  81.             begin
  82.               attachment.s3_object(style).acl.put(acl: 'private')
  83.             rescue Aws::S3::Errors::NoSuchKey
  84.               Rails.logger.warn "Tried to change acl on non-existent key #{attachment.s3_object(style).key}"
  85.             rescue Aws::S3::Errors::NotImplemented => e
  86.               Rails.logger.error "Error trying to change ACL on #{attachment.s3_object(style).key}: #{e.message}"
  87.             end
  88.           when :fog
  89.             # Not supported
  90.           when :filesystem
  91.             begin
  92.               FileUtils.chmod(0o600 & ~File.umask, attachment.path(style)) unless attachment.path(style).nil?
  93.             rescue Errno::ENOENT
  94.               Rails.logger.warn "Tried to change permission on non-existent file #{attachment.path(style)}"
  95.             end
  96.           end
  97. 

  98.           CacheBusterWorker.perform_async(attachment.path(style)) if Rails.configuration.x.cache_buster_enabled
  99.         end
  100.       end
  101.     end
  102.   end
  103. 

  104.   def signed_activity_json
  105.     @signed_activity_json ||= Oj.dump(serialize_payload(@account, ActivityPub::UpdateSerializer, signer: @account))
  106.   end
  107. end