You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

566 lines
16 KiB

Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
Fix Account model deprecation warnings (#3689) ``` DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:61) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:62) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:63) ``` Here's PR describing changes to Dirty API https://github.com/rails/rails/pull/25337
7 years ago
Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
8 years ago
  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: accounts
  5. #
  6. # id :bigint(8) not null, primary key
  7. # username :string default(""), not null
  8. # domain :string
  9. # secret :string default(""), not null
  10. # private_key :text
  11. # public_key :text default(""), not null
  12. # remote_url :string default(""), not null
  13. # salmon_url :string default(""), not null
  14. # hub_url :string default(""), not null
  15. # created_at :datetime not null
  16. # updated_at :datetime not null
  17. # note :text default(""), not null
  18. # display_name :string default(""), not null
  19. # uri :string default(""), not null
  20. # url :string
  21. # avatar_file_name :string
  22. # avatar_content_type :string
  23. # avatar_file_size :integer
  24. # avatar_updated_at :datetime
  25. # header_file_name :string
  26. # header_content_type :string
  27. # header_file_size :integer
  28. # header_updated_at :datetime
  29. # avatar_remote_url :string
  30. # subscription_expires_at :datetime
  31. # locked :boolean default(FALSE), not null
  32. # header_remote_url :string default(""), not null
  33. # last_webfingered_at :datetime
  34. # inbox_url :string default(""), not null
  35. # outbox_url :string default(""), not null
  36. # shared_inbox_url :string default(""), not null
  37. # followers_url :string default(""), not null
  38. # protocol :integer default("ostatus"), not null
  39. # memorial :boolean default(FALSE), not null
  40. # moved_to_account_id :bigint(8)
  41. # featured_collection_url :string
  42. # fields :jsonb
  43. # actor_type :string
  44. # discoverable :boolean
  45. # also_known_as :string is an Array
  46. # silenced_at :datetime
  47. # suspended_at :datetime
  48. # trust_level :integer
  49. # hide_collections :boolean
  50. #
  51. class Account < ApplicationRecord
  52. USERNAME_RE = /[a-z0-9_]+([a-z0-9_\.-]+[a-z0-9_]+)?/i
  53. MENTION_RE = /(?<=^|[^\/[:word:]])@((#{USERNAME_RE})(?:@[[:word:]\.\-]+[a-z0-9]+)?)/i
  54. include AccountAssociations
  55. include AccountAvatar
  56. include AccountFinderConcern
  57. include AccountHeader
  58. include AccountInteractions
  59. include Attachmentable
  60. include Paginable
  61. include AccountCounters
  62. include DomainNormalizable
  63. TRUST_LEVELS = {
  64. untrusted: 0,
  65. trusted: 1,
  66. }.freeze
  67. enum protocol: [:ostatus, :activitypub]
  68. validates :username, presence: true
  69. validates_with UniqueUsernameValidator, if: -> { will_save_change_to_username? }
  70. # Remote user validations
  71. validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, if: -> { !local? && will_save_change_to_username? }
  72. # Local user validations
  73. validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? && actor_type != 'Application' }
  74. validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? }
  75. validates :display_name, length: { maximum: 30 }, if: -> { local? && will_save_change_to_display_name? }
  76. validates :note, note_length: { maximum: 500 }, if: -> { local? && will_save_change_to_note? }
  77. validates :fields, length: { maximum: 4 }, if: -> { local? && will_save_change_to_fields? }
  78. scope :remote, -> { where.not(domain: nil) }
  79. scope :local, -> { where(domain: nil) }
  80. scope :expiring, ->(time) { remote.where.not(subscription_expires_at: nil).where('subscription_expires_at < ?', time) }
  81. scope :partitioned, -> { order(Arel.sql('row_number() over (partition by domain)')) }
  82. scope :silenced, -> { where.not(silenced_at: nil) }
  83. scope :suspended, -> { where.not(suspended_at: nil) }
  84. scope :without_suspended, -> { where(suspended_at: nil) }
  85. scope :without_silenced, -> { where(silenced_at: nil) }
  86. scope :recent, -> { reorder(id: :desc) }
  87. scope :bots, -> { where(actor_type: %w(Application Service)) }
  88. scope :groups, -> { where(actor_type: 'Group') }
  89. scope :alphabetic, -> { order(domain: :asc, username: :asc) }
  90. scope :by_domain_accounts, -> { group(:domain).select(:domain, 'COUNT(*) AS accounts_count').order('accounts_count desc') }
  91. scope :matches_username, ->(value) { where(arel_table[:username].matches("#{value}%")) }
  92. scope :matches_display_name, ->(value) { where(arel_table[:display_name].matches("#{value}%")) }
  93. scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
  94. scope :searchable, -> { without_suspended.where(moved_to_account_id: nil) }
  95. scope :discoverable, -> { searchable.without_silenced.where(discoverable: true).left_outer_joins(:account_stat) }
  96. scope :tagged_with, ->(tag) { joins(:accounts_tags).where(accounts_tags: { tag_id: tag }) }
  97. scope :by_recent_status, -> { order(Arel.sql('(case when account_stats.last_status_at is null then 1 else 0 end) asc, account_stats.last_status_at desc, accounts.id desc')) }
  98. scope :by_recent_sign_in, -> { order(Arel.sql('(case when users.current_sign_in_at is null then 1 else 0 end) asc, users.current_sign_in_at desc, accounts.id desc')) }
  99. scope :popular, -> { order('account_stats.followers_count desc') }
  100. scope :by_domain_and_subdomains, ->(domain) { where(domain: domain).or(where(arel_table[:domain].matches('%.' + domain))) }
  101. scope :not_excluded_by_account, ->(account) { where.not(id: account.excluded_from_timeline_account_ids) }
  102. scope :not_domain_blocked_by_account, ->(account) { where(arel_table[:domain].eq(nil).or(arel_table[:domain].not_in(account.excluded_from_timeline_domains))) }
  103. delegate :email,
  104. :unconfirmed_email,
  105. :current_sign_in_ip,
  106. :current_sign_in_at,
  107. :confirmed?,
  108. :approved?,
  109. :pending?,
  110. :disabled?,
  111. :unconfirmed_or_pending?,
  112. :role,
  113. :admin?,
  114. :moderator?,
  115. :staff?,
  116. :locale,
  117. :hides_network?,
  118. :shows_application?,
  119. to: :user,
  120. prefix: true,
  121. allow_nil: true
  122. delegate :chosen_languages, to: :user, prefix: false, allow_nil: true
  123. update_index('accounts#account', :self)
  124. def local?
  125. domain.nil?
  126. end
  127. def moved?
  128. moved_to_account_id.present?
  129. end
  130. def bot?
  131. %w(Application Service).include? actor_type
  132. end
  133. def instance_actor?
  134. id == -99
  135. end
  136. alias bot bot?
  137. def bot=(val)
  138. self.actor_type = ActiveModel::Type::Boolean.new.cast(val) ? 'Service' : 'Person'
  139. end
  140. def group?
  141. actor_type == 'Group'
  142. end
  143. alias group group?
  144. def acct
  145. local? ? username : "#{username}@#{domain}"
  146. end
  147. def pretty_acct
  148. local? ? username : "#{username}@#{Addressable::IDNA.to_unicode(domain)}"
  149. end
  150. def local_username_and_domain
  151. "#{username}@#{Rails.configuration.x.local_domain}"
  152. end
  153. def local_followers_count
  154. Follow.where(target_account_id: id).count
  155. end
  156. def to_webfinger_s
  157. "acct:#{local_username_and_domain}"
  158. end
  159. def subscribed?
  160. subscription_expires_at.present?
  161. end
  162. def searchable?
  163. !(suspended? || moved?)
  164. end
  165. def possibly_stale?
  166. last_webfingered_at.nil? || last_webfingered_at <= 1.day.ago
  167. end
  168. def trust_level
  169. self[:trust_level] || 0
  170. end
  171. def refresh!
  172. ResolveAccountService.new.call(acct) unless local?
  173. end
  174. def silenced?
  175. silenced_at.present?
  176. end
  177. def silence!(date = Time.now.utc)
  178. update!(silenced_at: date)
  179. end
  180. def unsilence!
  181. update!(silenced_at: nil)
  182. end
  183. def suspended?
  184. suspended_at.present?
  185. end
  186. def suspend!(date = Time.now.utc)
  187. transaction do
  188. user&.disable! if local?
  189. update!(suspended_at: date)
  190. end
  191. end
  192. def unsuspend!
  193. transaction do
  194. user&.enable! if local?
  195. update!(suspended_at: nil)
  196. end
  197. end
  198. def memorialize!
  199. transaction do
  200. user&.disable! if local?
  201. update!(memorial: true)
  202. end
  203. end
  204. def sign?
  205. true
  206. end
  207. def keypair
  208. @keypair ||= OpenSSL::PKey::RSA.new(private_key || public_key)
  209. end
  210. def tags_as_strings=(tag_names)
  211. hashtags_map = Tag.find_or_create_by_names(tag_names).each_with_object({}) { |tag, h| h[tag.name] = tag }
  212. # Remove hashtags that are to be deleted
  213. tags.each do |tag|
  214. if hashtags_map.key?(tag.name)
  215. hashtags_map.delete(tag.name)
  216. else
  217. transaction do
  218. tags.delete(tag)
  219. tag.decrement_count!(:accounts_count)
  220. end
  221. end
  222. end
  223. # Add hashtags that were so far missing
  224. hashtags_map.each_value do |tag|
  225. transaction do
  226. tags << tag
  227. tag.increment_count!(:accounts_count)
  228. end
  229. end
  230. end
  231. def also_known_as
  232. self[:also_known_as] || []
  233. end
  234. def fields
  235. (self[:fields] || []).map { |f| Field.new(self, f) }
  236. end
  237. def fields_attributes=(attributes)
  238. fields = []
  239. old_fields = self[:fields] || []
  240. old_fields = [] if old_fields.is_a?(Hash)
  241. if attributes.is_a?(Hash)
  242. attributes.each_value do |attr|
  243. next if attr[:name].blank?
  244. previous = old_fields.find { |item| item['value'] == attr[:value] }
  245. if previous && previous['verified_at'].present?
  246. attr[:verified_at] = previous['verified_at']
  247. end
  248. fields << attr
  249. end
  250. end
  251. self[:fields] = fields
  252. end
  253. DEFAULT_FIELDS_SIZE = 4
  254. def build_fields
  255. return if fields.size >= DEFAULT_FIELDS_SIZE
  256. tmp = self[:fields] || []
  257. tmp = [] if tmp.is_a?(Hash)
  258. (DEFAULT_FIELDS_SIZE - tmp.size).times do
  259. tmp << { name: '', value: '' }
  260. end
  261. self.fields = tmp
  262. end
  263. def save_with_optional_media!
  264. save!
  265. rescue ActiveRecord::RecordInvalid
  266. self.avatar = nil
  267. self.header = nil
  268. save!
  269. end
  270. def hides_followers?
  271. hide_collections? || user_hides_network?
  272. end
  273. def hides_following?
  274. hide_collections? || user_hides_network?
  275. end
  276. def object_type
  277. :person
  278. end
  279. def to_param
  280. username
  281. end
  282. def excluded_from_timeline_account_ids
  283. Rails.cache.fetch("exclude_account_ids_for:#{id}") { blocking.pluck(:target_account_id) + blocked_by.pluck(:account_id) + muting.pluck(:target_account_id) }
  284. end
  285. def excluded_from_timeline_domains
  286. Rails.cache.fetch("exclude_domains_for:#{id}") { domain_blocks.pluck(:domain) }
  287. end
  288. def preferred_inbox_url
  289. shared_inbox_url.presence || inbox_url
  290. end
  291. class Field < ActiveModelSerializers::Model
  292. attributes :name, :value, :verified_at, :account, :errors
  293. def initialize(account, attributes)
  294. @account = account
  295. @attributes = attributes
  296. @name = attributes['name'].strip[0, string_limit]
  297. @value = attributes['value'].strip[0, string_limit]
  298. @verified_at = attributes['verified_at']&.to_datetime
  299. @errors = {}
  300. end
  301. def verified?
  302. verified_at.present?
  303. end
  304. def value_for_verification
  305. @value_for_verification ||= begin
  306. if account.local?
  307. value
  308. else
  309. ActionController::Base.helpers.strip_tags(value)
  310. end
  311. end
  312. end
  313. def verifiable?
  314. value_for_verification.present? && value_for_verification.start_with?('http://', 'https://')
  315. end
  316. def mark_verified!
  317. @verified_at = Time.now.utc
  318. @attributes['verified_at'] = @verified_at
  319. end
  320. def to_h
  321. { name: @name, value: @value, verified_at: @verified_at }
  322. end
  323. private
  324. def string_limit
  325. if account.local?
  326. 255
  327. else
  328. 2047
  329. end
  330. end
  331. end
  332. class << self
  333. def readonly_attributes
  334. super - %w(statuses_count following_count followers_count)
  335. end
  336. def domains
  337. reorder(nil).pluck(Arel.sql('distinct accounts.domain'))
  338. end
  339. def inboxes
  340. urls = reorder(nil).where(protocol: :activitypub).pluck(Arel.sql("distinct coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url)"))
  341. DeliveryFailureTracker.filter(urls)
  342. end
  343. def search_for(terms, limit = 10, offset = 0)
  344. textsearch, query = generate_query_for_search(terms)
  345. sql = <<-SQL.squish
  346. SELECT
  347. accounts.*,
  348. ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  349. FROM accounts
  350. WHERE #{query} @@ #{textsearch}
  351. AND accounts.suspended_at IS NULL
  352. AND accounts.moved_to_account_id IS NULL
  353. ORDER BY rank DESC
  354. LIMIT ? OFFSET ?
  355. SQL
  356. records = find_by_sql([sql, limit, offset])
  357. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  358. records
  359. end
  360. def advanced_search_for(terms, account, limit = 10, following = false, offset = 0)
  361. textsearch, query = generate_query_for_search(terms)
  362. if following
  363. sql = <<-SQL.squish
  364. WITH first_degree AS (
  365. SELECT target_account_id
  366. FROM follows
  367. WHERE account_id = ?
  368. UNION ALL
  369. SELECT ?
  370. )
  371. SELECT
  372. accounts.*,
  373. (count(f.id) + 1) * ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  374. FROM accounts
  375. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = ?)
  376. WHERE accounts.id IN (SELECT * FROM first_degree)
  377. AND #{query} @@ #{textsearch}
  378. AND accounts.suspended_at IS NULL
  379. AND accounts.moved_to_account_id IS NULL
  380. GROUP BY accounts.id
  381. ORDER BY rank DESC
  382. LIMIT ? OFFSET ?
  383. SQL
  384. records = find_by_sql([sql, account.id, account.id, account.id, limit, offset])
  385. else
  386. sql = <<-SQL.squish
  387. SELECT
  388. accounts.*,
  389. (count(f.id) + 1) * ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  390. FROM accounts
  391. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = ?) OR (accounts.id = f.target_account_id AND f.account_id = ?)
  392. WHERE #{query} @@ #{textsearch}
  393. AND accounts.suspended_at IS NULL
  394. AND accounts.moved_to_account_id IS NULL
  395. GROUP BY accounts.id
  396. ORDER BY rank DESC
  397. LIMIT ? OFFSET ?
  398. SQL
  399. records = find_by_sql([sql, account.id, account.id, limit, offset])
  400. end
  401. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  402. records
  403. end
  404. def from_text(text)
  405. return [] if text.blank?
  406. text.scan(MENTION_RE).map { |match| match.first.split('@', 2) }.uniq.map do |(username, domain)|
  407. domain = begin
  408. if TagManager.instance.local_domain?(domain)
  409. nil
  410. else
  411. TagManager.instance.normalize_domain(domain)
  412. end
  413. end
  414. EntityCache.instance.mention(username, domain)
  415. end.compact
  416. end
  417. private
  418. def generate_query_for_search(terms)
  419. terms = Arel.sql(connection.quote(terms.gsub(/['?\\:]/, ' ')))
  420. textsearch = "(setweight(to_tsvector('simple', accounts.display_name), 'A') || setweight(to_tsvector('simple', accounts.username), 'B') || setweight(to_tsvector('simple', coalesce(accounts.domain, '')), 'C'))"
  421. query = "to_tsquery('simple', ''' ' || #{terms} || ' ''' || ':*')"
  422. [textsearch, query]
  423. end
  424. end
  425. def emojis
  426. @emojis ||= CustomEmoji.from_text(emojifiable_text, domain)
  427. end
  428. before_create :generate_keys
  429. before_validation :prepare_contents, if: :local?
  430. before_validation :prepare_username, on: :create
  431. before_destroy :clean_feed_manager
  432. private
  433. def prepare_contents
  434. display_name&.strip!
  435. note&.strip!
  436. end
  437. def prepare_username
  438. username&.squish!
  439. end
  440. def generate_keys
  441. return unless local? && private_key.blank? && public_key.blank?
  442. keypair = OpenSSL::PKey::RSA.new(2048)
  443. self.private_key = keypair.to_pem
  444. self.public_key = keypair.public_key.to_pem
  445. end
  446. def normalize_domain
  447. return if local?
  448. super
  449. end
  450. def emojifiable_text
  451. [note, display_name, fields.map(&:name), fields.map(&:value)].join(' ')
  452. end
  453. def clean_feed_manager
  454. reblog_key = FeedManager.instance.key(:home, id, 'reblogs')
  455. reblogged_id_set = Redis.current.zrange(reblog_key, 0, -1)
  456. Redis.current.pipelined do
  457. Redis.current.del(FeedManager.instance.key(:home, id))
  458. Redis.current.del(reblog_key)
  459. reblogged_id_set.each do |reblogged_id|
  460. reblog_set_key = FeedManager.instance.key(:home, id, "reblogs:#{reblogged_id}")
  461. Redis.current.del(reblog_set_key)
  462. end
  463. end
  464. end
  465. end