From 22a8801dbc77d2d01b326a7cb89d1a28b054e073 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sun, 9 Oct 2016 14:48:43 +0200
Subject: [PATCH] Adding domain blocks

---
 .../api/subscriptions_controller.rb           |  3 +-
 app/models/account.rb                         |  8 ++---
 app/models/domain_block.rb                    |  7 ++++
 app/services/block_domain_service.rb          | 13 ++++++++
 app/services/follow_remote_account_service.rb |  1 +
 app/services/process_interaction_service.rb   |  2 ++
 .../20161009120834_create_domain_blocks.rb    | 10 ++++++
 db/schema.rb                                  |  9 ++++-
 spec/fabricators/domain_block_fabricator.rb   |  3 ++
 .../media_attachment_fabricator.rb            |  4 ---
 spec/models/domain_block_spec.rb              |  5 +++
 spec/rails_helper.rb                          |  4 +++
 spec/services/block_domain_service_spec.rb    | 33 +++++++++++++++++++
 13 files changed, 92 insertions(+), 10 deletions(-)
 create mode 100644 app/models/domain_block.rb
 create mode 100644 app/services/block_domain_service.rb
 create mode 100644 db/migrate/20161009120834_create_domain_blocks.rb
 create mode 100644 spec/fabricators/domain_block_fabricator.rb
 create mode 100644 spec/models/domain_block_spec.rb
 create mode 100644 spec/services/block_domain_service_spec.rb

diff --git a/app/controllers/api/subscriptions_controller.rb b/app/controllers/api/subscriptions_controller.rb
index c5190b136..c3aeee94d 100644
--- a/app/controllers/api/subscriptions_controller.rb
+++ b/app/controllers/api/subscriptions_controller.rb
@@ -13,8 +13,9 @@ class Api::SubscriptionsController < ApiController
 
   def update
     body = request.body.read
+    subscription = @account.subscription(api_subscription_url(@account.id))
 
-    if @account.subscription(api_subscription_url(@account.id)).verify(body, request.headers['HTTP_X_HUB_SIGNATURE'])
+    if subscription.verify(body, request.headers['HTTP_X_HUB_SIGNATURE'])
       ProcessFeedService.new.call(body, @account)
       head 201
     else
diff --git a/app/models/account.rb b/app/models/account.rb
index 12e7be05d..e43d51b1c 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -24,10 +24,10 @@ class Account < ApplicationRecord
   validates :note, length: { maximum: 124 }, if: 'local?'
 
   # Timelines
-  has_many :stream_entries, inverse_of: :account
-  has_many :statuses, inverse_of: :account
-  has_many :favourites, inverse_of: :account
-  has_many :mentions, inverse_of: :account
+  has_many :stream_entries, inverse_of: :account, dependent: :destroy
+  has_many :statuses, inverse_of: :account, dependent: :destroy
+  has_many :favourites, inverse_of: :account, dependent: :destroy
+  has_many :mentions, inverse_of: :account, dependent: :destroy
 
   # Follow relations
   has_many :active_relationships,  class_name: 'Follow', foreign_key: 'account_id',        dependent: :destroy
diff --git a/app/models/domain_block.rb b/app/models/domain_block.rb
new file mode 100644
index 000000000..8f9eb1182
--- /dev/null
+++ b/app/models/domain_block.rb
@@ -0,0 +1,7 @@
+class DomainBlock < ApplicationRecord
+  validates :domain, presence: true, uniqueness: true
+
+  def self.blocked?(domain)
+    where(domain: domain).exists?
+  end
+end
diff --git a/app/services/block_domain_service.rb b/app/services/block_domain_service.rb
new file mode 100644
index 000000000..075460605
--- /dev/null
+++ b/app/services/block_domain_service.rb
@@ -0,0 +1,13 @@
+class BlockDomainService < BaseService
+  def call(domain)
+    block = DomainBlock.find_or_create_by!(domain: domain)
+
+    Account.where(domain: domain).find_each do |account|
+      if account.subscribed?
+        account.subscription('').unsubscribe
+      end
+
+      account.destroy!
+    end
+  end
+end
diff --git a/app/services/follow_remote_account_service.rb b/app/services/follow_remote_account_service.rb
index 3b305504c..43a598635 100644
--- a/app/services/follow_remote_account_service.rb
+++ b/app/services/follow_remote_account_service.rb
@@ -8,6 +8,7 @@ class FollowRemoteAccountService < BaseService
     username, domain = uri.split('@')
 
     return Account.find_local(username) if TagManager.instance.local_domain?(domain)
+    return nil if DomainBlock.blocked?(domain)
 
     account = Account.find_remote(username, domain)
 
diff --git a/app/services/process_interaction_service.rb b/app/services/process_interaction_service.rb
index 0768579ef..75051c5df 100644
--- a/app/services/process_interaction_service.rb
+++ b/app/services/process_interaction_service.rb
@@ -13,6 +13,8 @@ class ProcessInteractionService < BaseService
     domain   = Addressable::URI.parse(url).host
     account  = Account.find_by(username: username, domain: domain)
 
+    return if DomainBlock.blocked?(domain)
+
     if account.nil?
       account = follow_remote_account_service.call("#{username}@#{domain}")
     end
diff --git a/db/migrate/20161009120834_create_domain_blocks.rb b/db/migrate/20161009120834_create_domain_blocks.rb
new file mode 100644
index 000000000..dda1606d3
--- /dev/null
+++ b/db/migrate/20161009120834_create_domain_blocks.rb
@@ -0,0 +1,10 @@
+class CreateDomainBlocks < ActiveRecord::Migration[5.0]
+  def change
+    create_table :domain_blocks do |t|
+      t.string :domain, null: false, default: ''
+      t.timestamps
+    end
+
+    add_index :domain_blocks, :domain, unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 6c21013b2..773c6bf6a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20161006213403) do
+ActiveRecord::Schema.define(version: 20161009120834) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -51,6 +51,13 @@ ActiveRecord::Schema.define(version: 20161006213403) do
     t.index ["account_id", "target_account_id"], name: "index_blocks_on_account_id_and_target_account_id", unique: true, using: :btree
   end
 
+  create_table "domain_blocks", force: :cascade do |t|
+    t.string   "domain",     default: "", null: false
+    t.datetime "created_at",              null: false
+    t.datetime "updated_at",              null: false
+    t.index ["domain"], name: "index_domain_blocks_on_domain", unique: true, using: :btree
+  end
+
   create_table "favourites", force: :cascade do |t|
     t.integer  "account_id", null: false
     t.integer  "status_id",  null: false
diff --git a/spec/fabricators/domain_block_fabricator.rb b/spec/fabricators/domain_block_fabricator.rb
new file mode 100644
index 000000000..540ddcacd
--- /dev/null
+++ b/spec/fabricators/domain_block_fabricator.rb
@@ -0,0 +1,3 @@
+Fabricator(:domain_block) do
+  domain "MyString"
+end
diff --git a/spec/fabricators/media_attachment_fabricator.rb b/spec/fabricators/media_attachment_fabricator.rb
index 42aa5ab02..b1a0cd991 100644
--- a/spec/fabricators/media_attachment_fabricator.rb
+++ b/spec/fabricators/media_attachment_fabricator.rb
@@ -1,6 +1,2 @@
 Fabricator(:media_attachment) do
-  status_id  1
-  file       ""
-  remote_url "MyString"
-  account_id 1
 end
diff --git a/spec/models/domain_block_spec.rb b/spec/models/domain_block_spec.rb
new file mode 100644
index 000000000..57c519014
--- /dev/null
+++ b/spec/models/domain_block_spec.rb
@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe DomainBlock, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb
index 3c810eb9e..c83051d62 100644
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -30,3 +30,7 @@ end
 def request_fixture(name)
   File.read(File.join(Rails.root, 'spec', 'fixtures', 'requests', name))
 end
+
+def attachment_fixture(name)
+  File.open(File.join(Rails.root, 'spec', 'fixtures', 'files', name))
+end
diff --git a/spec/services/block_domain_service_spec.rb b/spec/services/block_domain_service_spec.rb
new file mode 100644
index 000000000..9933d016f
--- /dev/null
+++ b/spec/services/block_domain_service_spec.rb
@@ -0,0 +1,33 @@
+require 'rails_helper'
+
+RSpec.describe BlockDomainService do
+  let(:bad_account) { Fabricate(:account, username: 'badguy666', domain: 'evil.org') }
+  let(:bad_status1) { Fabricate(:status, account: bad_account, text: 'You suck') }
+  let(:bad_status2) { Fabricate(:status, account: bad_account, text: 'Hahaha') }
+  let(:bad_attachment) { Fabricate(:media_attachment, account: bad_account, status: bad_status2, file: attachment_fixture('attachment.jpg')) }
+
+  subject { BlockDomainService.new }
+
+  before do
+    bad_account
+    bad_status1
+    bad_status2
+    bad_attachment
+
+    subject.call('evil.org')
+  end
+
+  it 'creates a domain block' do
+    expect(DomainBlock.blocked?('evil.org')).to be true
+  end
+
+  it 'removes remote accounts from that domain' do
+    expect(Account.find_remote('badguy666', 'evil.org')).to be_nil
+  end
+
+  it 'removes the remote accounts\'s statuses and media attachments' do
+    expect { bad_status1.reload }.to raise_exception ActiveRecord::RecordNotFound
+    expect { bad_status2.reload }.to raise_exception ActiveRecord::RecordNotFound
+    expect { bad_attachment.reload }.to raise_exception ActiveRecord::RecordNotFound
+  end
+end