From 57b503d4ef0754e4651eae26b628cba60e1ab4e9 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 18 May 2018 11:33:56 +0200 Subject: [PATCH] Resolve unknown status from Add activity, skip Remove if unknown (#7526) Fix #7518 --- app/lib/activitypub/activity.rb | 9 ++++++++ app/lib/activitypub/activity/add.rb | 5 +++-- app/lib/activitypub/activity/announce.rb | 10 --------- app/lib/activitypub/activity/remove.rb | 2 +- spec/lib/activitypub/activity/add_spec.rb | 25 ++++++++++++++++++++--- 5 files changed, 35 insertions(+), 16 deletions(-) diff --git a/app/lib/activitypub/activity.rb b/app/lib/activitypub/activity.rb index 84d4b1752..03476920b 100644 --- a/app/lib/activitypub/activity.rb +++ b/app/lib/activitypub/activity.rb @@ -118,4 +118,13 @@ class ActivityPub::Activity def delete_later!(uri) redis.setex("delete_upon_arrival:#{@account.id}:#{uri}", 6.hours.seconds, uri) end + + def fetch_remote_original_status + if object_uri.start_with?('http') + return if ActivityPub::TagManager.instance.local_uri?(object_uri) + ActivityPub::FetchRemoteStatusService.new.call(object_uri, id: true, on_behalf_of: @account.followers.local.first) + elsif @object['url'].present? + ::FetchRemoteStatusService.new.call(@object['url']) + end + end end diff --git a/app/lib/activitypub/activity/add.rb b/app/lib/activitypub/activity/add.rb index ea94d2f98..688ab00b3 100644 --- a/app/lib/activitypub/activity/add.rb +++ b/app/lib/activitypub/activity/add.rb @@ -4,9 +4,10 @@ class ActivityPub::Activity::Add < ActivityPub::Activity def perform return unless @json['target'].present? && value_or_id(@json['target']) == @account.featured_collection_url - status = status_from_uri(object_uri) + status = status_from_uri(object_uri) + status ||= fetch_remote_original_status - return unless status.account_id == @account.id && !@account.pinned?(status) + return unless !status.nil? && status.account_id == @account.id && !@account.pinned?(status) StatusPin.create!(account: @account, status: status) end diff --git a/app/lib/activitypub/activity/announce.rb b/app/lib/activitypub/activity/announce.rb index f810c88a2..1147a4481 100644 --- a/app/lib/activitypub/activity/announce.rb +++ b/app/lib/activitypub/activity/announce.rb @@ -26,16 +26,6 @@ class ActivityPub::Activity::Announce < ActivityPub::Activity private - def fetch_remote_original_status - if object_uri.start_with?('http') - return if ActivityPub::TagManager.instance.local_uri?(object_uri) - - ActivityPub::FetchRemoteStatusService.new.call(object_uri, id: true, on_behalf_of: @account.followers.local.first) - elsif @object['url'].present? - ::FetchRemoteStatusService.new.call(@object['url']) - end - end - def announceable?(status) status.account_id == @account.id || status.public_visibility? || status.unlisted_visibility? end diff --git a/app/lib/activitypub/activity/remove.rb b/app/lib/activitypub/activity/remove.rb index 62a1e3196..f523ead9f 100644 --- a/app/lib/activitypub/activity/remove.rb +++ b/app/lib/activitypub/activity/remove.rb @@ -6,7 +6,7 @@ class ActivityPub::Activity::Remove < ActivityPub::Activity status = status_from_uri(object_uri) - return unless status.account_id == @account.id + return unless !status.nil? && status.account_id == @account.id pin = StatusPin.find_by(account: @account, status: status) pin&.destroy! diff --git a/spec/lib/activitypub/activity/add_spec.rb b/spec/lib/activitypub/activity/add_spec.rb index 3ebab4e37..16db71c88 100644 --- a/spec/lib/activitypub/activity/add_spec.rb +++ b/spec/lib/activitypub/activity/add_spec.rb @@ -18,12 +18,31 @@ RSpec.describe ActivityPub::Activity::Add do describe '#perform' do subject { described_class.new(json, sender) } - before do + it 'creates a pin' do subject.perform + expect(sender.pinned?(status)).to be true end - it 'creates a pin' do - expect(sender.pinned?(status)).to be true + context 'when status was not known before' do + let(:json) do + { + '@context': 'https://www.w3.org/ns/activitystreams', + id: 'foo', + type: 'Add', + actor: ActivityPub::TagManager.instance.uri_for(sender), + object: 'https://example.com/unknown', + target: sender.featured_collection_url, + }.with_indifferent_access + end + + before do + stub_request(:get, 'https://example.com/unknown').to_return(status: 410) + end + + it 'fetches the status' do + subject.perform + expect(a_request(:get, 'https://example.com/unknown')).to have_been_made.at_least_once + end end end end