闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

568 lines
17 KiB

Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
Fix Account model deprecation warnings (#3689) ``` DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:60) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:61) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:62) DEPRECATION WARNING: The behavior of `attribute_changed?` inside of after callbacks will be changing in the next version of Rails. The new return value will reflect the behavior of calling the method after `save` returned (e.g. the opposite of what it returns now). To maintain the current behavior, use `saved_change_to_attribute?` instead. (called from block in <class:Account> at /Users/rene/Workspace/personal/ruby/mastodon/app/models/account.rb:63) ``` Here's PR describing changes to Dirty API https://github.com/rails/rails/pull/25337
7 years ago
Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
7 years ago
8 years ago
  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: accounts
  5. #
  6. # id :bigint(8) not null, primary key
  7. # username :string default(""), not null
  8. # domain :string
  9. # secret :string default(""), not null
  10. # private_key :text
  11. # public_key :text default(""), not null
  12. # remote_url :string default(""), not null
  13. # salmon_url :string default(""), not null
  14. # hub_url :string default(""), not null
  15. # created_at :datetime not null
  16. # updated_at :datetime not null
  17. # note :text default(""), not null
  18. # display_name :string default(""), not null
  19. # uri :string default(""), not null
  20. # url :string
  21. # avatar_file_name :string
  22. # avatar_content_type :string
  23. # avatar_file_size :integer
  24. # avatar_updated_at :datetime
  25. # header_file_name :string
  26. # header_content_type :string
  27. # header_file_size :integer
  28. # header_updated_at :datetime
  29. # avatar_remote_url :string
  30. # subscription_expires_at :datetime
  31. # locked :boolean default(FALSE), not null
  32. # header_remote_url :string default(""), not null
  33. # last_webfingered_at :datetime
  34. # inbox_url :string default(""), not null
  35. # outbox_url :string default(""), not null
  36. # shared_inbox_url :string default(""), not null
  37. # followers_url :string default(""), not null
  38. # protocol :integer default("ostatus"), not null
  39. # memorial :boolean default(FALSE), not null
  40. # moved_to_account_id :bigint(8)
  41. # featured_collection_url :string
  42. # fields :jsonb
  43. # actor_type :string
  44. # discoverable :boolean
  45. # also_known_as :string is an Array
  46. # silenced_at :datetime
  47. # suspended_at :datetime
  48. # trust_level :integer
  49. # hide_collections :boolean
  50. # avatar_storage_schema_version :integer
  51. # header_storage_schema_version :integer
  52. #
  53. class Account < ApplicationRecord
  54. USERNAME_RE = /[a-z0-9_]+([a-z0-9_\.-]+[a-z0-9_]+)?/i
  55. MENTION_RE = /(?<=^|[^\/[:word:]])@((#{USERNAME_RE})(?:@[[:word:]\.\-]+[a-z0-9]+)?)/i
  56. include AccountAssociations
  57. include AccountAvatar
  58. include AccountFinderConcern
  59. include AccountHeader
  60. include AccountInteractions
  61. include Attachmentable
  62. include Paginable
  63. include AccountCounters
  64. include DomainNormalizable
  65. TRUST_LEVELS = {
  66. untrusted: 0,
  67. trusted: 1,
  68. }.freeze
  69. enum protocol: [:ostatus, :activitypub]
  70. validates :username, presence: true
  71. validates_with UniqueUsernameValidator, if: -> { will_save_change_to_username? }
  72. # Remote user validations
  73. validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, if: -> { !local? && will_save_change_to_username? }
  74. # Local user validations
  75. validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? && actor_type != 'Application' }
  76. validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? }
  77. validates :display_name, length: { maximum: 30 }, if: -> { local? && will_save_change_to_display_name? }
  78. validates :note, note_length: { maximum: 500 }, if: -> { local? && will_save_change_to_note? }
  79. validates :fields, length: { maximum: 4 }, if: -> { local? && will_save_change_to_fields? }
  80. scope :remote, -> { where.not(domain: nil) }
  81. scope :local, -> { where(domain: nil) }
  82. scope :expiring, ->(time) { remote.where.not(subscription_expires_at: nil).where('subscription_expires_at < ?', time) }
  83. scope :partitioned, -> { order(Arel.sql('row_number() over (partition by domain)')) }
  84. scope :silenced, -> { where.not(silenced_at: nil) }
  85. scope :suspended, -> { where.not(suspended_at: nil) }
  86. scope :without_suspended, -> { where(suspended_at: nil) }
  87. scope :without_silenced, -> { where(silenced_at: nil) }
  88. scope :recent, -> { reorder(id: :desc) }
  89. scope :bots, -> { where(actor_type: %w(Application Service)) }
  90. scope :groups, -> { where(actor_type: 'Group') }
  91. scope :alphabetic, -> { order(domain: :asc, username: :asc) }
  92. scope :by_domain_accounts, -> { group(:domain).select(:domain, 'COUNT(*) AS accounts_count').order('accounts_count desc') }
  93. scope :matches_username, ->(value) { where(arel_table[:username].matches("#{value}%")) }
  94. scope :matches_display_name, ->(value) { where(arel_table[:display_name].matches("#{value}%")) }
  95. scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
  96. scope :searchable, -> { without_suspended.where(moved_to_account_id: nil) }
  97. scope :discoverable, -> { searchable.without_silenced.where(discoverable: true).left_outer_joins(:account_stat) }
  98. scope :tagged_with, ->(tag) { joins(:accounts_tags).where(accounts_tags: { tag_id: tag }) }
  99. scope :by_recent_status, -> { order(Arel.sql('(case when account_stats.last_status_at is null then 1 else 0 end) asc, account_stats.last_status_at desc, accounts.id desc')) }
  100. scope :by_recent_sign_in, -> { order(Arel.sql('(case when users.current_sign_in_at is null then 1 else 0 end) asc, users.current_sign_in_at desc, accounts.id desc')) }
  101. scope :popular, -> { order('account_stats.followers_count desc') }
  102. scope :by_domain_and_subdomains, ->(domain) { where(domain: domain).or(where(arel_table[:domain].matches('%.' + domain))) }
  103. scope :not_excluded_by_account, ->(account) { where.not(id: account.excluded_from_timeline_account_ids) }
  104. scope :not_domain_blocked_by_account, ->(account) { where(arel_table[:domain].eq(nil).or(arel_table[:domain].not_in(account.excluded_from_timeline_domains))) }
  105. delegate :email,
  106. :unconfirmed_email,
  107. :current_sign_in_ip,
  108. :current_sign_in_at,
  109. :confirmed?,
  110. :approved?,
  111. :pending?,
  112. :disabled?,
  113. :unconfirmed_or_pending?,
  114. :role,
  115. :admin?,
  116. :moderator?,
  117. :staff?,
  118. :locale,
  119. :hides_network?,
  120. :shows_application?,
  121. to: :user,
  122. prefix: true,
  123. allow_nil: true
  124. delegate :chosen_languages, to: :user, prefix: false, allow_nil: true
  125. update_index('accounts#account', :self)
  126. def local?
  127. domain.nil?
  128. end
  129. def moved?
  130. moved_to_account_id.present?
  131. end
  132. def bot?
  133. %w(Application Service).include? actor_type
  134. end
  135. def instance_actor?
  136. id == -99
  137. end
  138. alias bot bot?
  139. def bot=(val)
  140. self.actor_type = ActiveModel::Type::Boolean.new.cast(val) ? 'Service' : 'Person'
  141. end
  142. def group?
  143. actor_type == 'Group'
  144. end
  145. alias group group?
  146. def acct
  147. local? ? username : "#{username}@#{domain}"
  148. end
  149. def pretty_acct
  150. local? ? username : "#{username}@#{Addressable::IDNA.to_unicode(domain)}"
  151. end
  152. def local_username_and_domain
  153. "#{username}@#{Rails.configuration.x.local_domain}"
  154. end
  155. def local_followers_count
  156. Follow.where(target_account_id: id).count
  157. end
  158. def to_webfinger_s
  159. "acct:#{local_username_and_domain}"
  160. end
  161. def subscribed?
  162. subscription_expires_at.present?
  163. end
  164. def searchable?
  165. !(suspended? || moved?)
  166. end
  167. def possibly_stale?
  168. last_webfingered_at.nil? || last_webfingered_at <= 1.day.ago
  169. end
  170. def trust_level
  171. self[:trust_level] || 0
  172. end
  173. def refresh!
  174. ResolveAccountService.new.call(acct) unless local?
  175. end
  176. def silenced?
  177. silenced_at.present?
  178. end
  179. def silence!(date = Time.now.utc)
  180. update!(silenced_at: date)
  181. end
  182. def unsilence!
  183. update!(silenced_at: nil)
  184. end
  185. def suspended?
  186. suspended_at.present?
  187. end
  188. def suspend!(date = Time.now.utc)
  189. transaction do
  190. user&.disable! if local?
  191. update!(suspended_at: date)
  192. end
  193. end
  194. def unsuspend!
  195. transaction do
  196. user&.enable! if local?
  197. update!(suspended_at: nil)
  198. end
  199. end
  200. def memorialize!
  201. transaction do
  202. user&.disable! if local?
  203. update!(memorial: true)
  204. end
  205. end
  206. def sign?
  207. true
  208. end
  209. def keypair
  210. @keypair ||= OpenSSL::PKey::RSA.new(private_key || public_key)
  211. end
  212. def tags_as_strings=(tag_names)
  213. hashtags_map = Tag.find_or_create_by_names(tag_names).each_with_object({}) { |tag, h| h[tag.name] = tag }
  214. # Remove hashtags that are to be deleted
  215. tags.each do |tag|
  216. if hashtags_map.key?(tag.name)
  217. hashtags_map.delete(tag.name)
  218. else
  219. transaction do
  220. tags.delete(tag)
  221. tag.decrement_count!(:accounts_count)
  222. end
  223. end
  224. end
  225. # Add hashtags that were so far missing
  226. hashtags_map.each_value do |tag|
  227. transaction do
  228. tags << tag
  229. tag.increment_count!(:accounts_count)
  230. end
  231. end
  232. end
  233. def also_known_as
  234. self[:also_known_as] || []
  235. end
  236. def fields
  237. (self[:fields] || []).map { |f| Field.new(self, f) }
  238. end
  239. def fields_attributes=(attributes)
  240. fields = []
  241. old_fields = self[:fields] || []
  242. old_fields = [] if old_fields.is_a?(Hash)
  243. if attributes.is_a?(Hash)
  244. attributes.each_value do |attr|
  245. next if attr[:name].blank?
  246. previous = old_fields.find { |item| item['value'] == attr[:value] }
  247. if previous && previous['verified_at'].present?
  248. attr[:verified_at] = previous['verified_at']
  249. end
  250. fields << attr
  251. end
  252. end
  253. self[:fields] = fields
  254. end
  255. DEFAULT_FIELDS_SIZE = 4
  256. def build_fields
  257. return if fields.size >= DEFAULT_FIELDS_SIZE
  258. tmp = self[:fields] || []
  259. tmp = [] if tmp.is_a?(Hash)
  260. (DEFAULT_FIELDS_SIZE - tmp.size).times do
  261. tmp << { name: '', value: '' }
  262. end
  263. self.fields = tmp
  264. end
  265. def save_with_optional_media!
  266. save!
  267. rescue ActiveRecord::RecordInvalid
  268. self.avatar = nil
  269. self.header = nil
  270. save!
  271. end
  272. def hides_followers?
  273. hide_collections? || user_hides_network?
  274. end
  275. def hides_following?
  276. hide_collections? || user_hides_network?
  277. end
  278. def object_type
  279. :person
  280. end
  281. def to_param
  282. username
  283. end
  284. def excluded_from_timeline_account_ids
  285. Rails.cache.fetch("exclude_account_ids_for:#{id}") { blocking.pluck(:target_account_id) + blocked_by.pluck(:account_id) + muting.pluck(:target_account_id) }
  286. end
  287. def excluded_from_timeline_domains
  288. Rails.cache.fetch("exclude_domains_for:#{id}") { domain_blocks.pluck(:domain) }
  289. end
  290. def preferred_inbox_url
  291. shared_inbox_url.presence || inbox_url
  292. end
  293. class Field < ActiveModelSerializers::Model
  294. attributes :name, :value, :verified_at, :account, :errors
  295. def initialize(account, attributes)
  296. @account = account
  297. @attributes = attributes
  298. @name = attributes['name'].strip[0, string_limit]
  299. @value = attributes['value'].strip[0, string_limit]
  300. @verified_at = attributes['verified_at']&.to_datetime
  301. @errors = {}
  302. end
  303. def verified?
  304. verified_at.present?
  305. end
  306. def value_for_verification
  307. @value_for_verification ||= begin
  308. if account.local?
  309. value
  310. else
  311. ActionController::Base.helpers.strip_tags(value)
  312. end
  313. end
  314. end
  315. def verifiable?
  316. value_for_verification.present? && value_for_verification.start_with?('http://', 'https://')
  317. end
  318. def mark_verified!
  319. @verified_at = Time.now.utc
  320. @attributes['verified_at'] = @verified_at
  321. end
  322. def to_h
  323. { name: @name, value: @value, verified_at: @verified_at }
  324. end
  325. private
  326. def string_limit
  327. if account.local?
  328. 255
  329. else
  330. 2047
  331. end
  332. end
  333. end
  334. class << self
  335. def readonly_attributes
  336. super - %w(statuses_count following_count followers_count)
  337. end
  338. def domains
  339. reorder(nil).pluck(Arel.sql('distinct accounts.domain'))
  340. end
  341. def inboxes
  342. urls = reorder(nil).where(protocol: :activitypub).pluck(Arel.sql("distinct coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url)"))
  343. DeliveryFailureTracker.without_unavailable(urls)
  344. end
  345. def search_for(terms, limit = 10, offset = 0)
  346. textsearch, query = generate_query_for_search(terms)
  347. sql = <<-SQL.squish
  348. SELECT
  349. accounts.*,
  350. ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  351. FROM accounts
  352. WHERE #{query} @@ #{textsearch}
  353. AND accounts.suspended_at IS NULL
  354. AND accounts.moved_to_account_id IS NULL
  355. ORDER BY rank DESC
  356. LIMIT ? OFFSET ?
  357. SQL
  358. records = find_by_sql([sql, limit, offset])
  359. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  360. records
  361. end
  362. def advanced_search_for(terms, account, limit = 10, following = false, offset = 0)
  363. textsearch, query = generate_query_for_search(terms)
  364. if following
  365. sql = <<-SQL.squish
  366. WITH first_degree AS (
  367. SELECT target_account_id
  368. FROM follows
  369. WHERE account_id = ?
  370. UNION ALL
  371. SELECT ?
  372. )
  373. SELECT
  374. accounts.*,
  375. (count(f.id) + 1) * ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  376. FROM accounts
  377. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = ?)
  378. WHERE accounts.id IN (SELECT * FROM first_degree)
  379. AND #{query} @@ #{textsearch}
  380. AND accounts.suspended_at IS NULL
  381. AND accounts.moved_to_account_id IS NULL
  382. GROUP BY accounts.id
  383. ORDER BY rank DESC
  384. LIMIT ? OFFSET ?
  385. SQL
  386. records = find_by_sql([sql, account.id, account.id, account.id, limit, offset])
  387. else
  388. sql = <<-SQL.squish
  389. SELECT
  390. accounts.*,
  391. (count(f.id) + 1) * ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
  392. FROM accounts
  393. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = ?) OR (accounts.id = f.target_account_id AND f.account_id = ?)
  394. WHERE #{query} @@ #{textsearch}
  395. AND accounts.suspended_at IS NULL
  396. AND accounts.moved_to_account_id IS NULL
  397. GROUP BY accounts.id
  398. ORDER BY rank DESC
  399. LIMIT ? OFFSET ?
  400. SQL
  401. records = find_by_sql([sql, account.id, account.id, limit, offset])
  402. end
  403. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  404. records
  405. end
  406. def from_text(text)
  407. return [] if text.blank?
  408. text.scan(MENTION_RE).map { |match| match.first.split('@', 2) }.uniq.map do |(username, domain)|
  409. domain = begin
  410. if TagManager.instance.local_domain?(domain)
  411. nil
  412. else
  413. TagManager.instance.normalize_domain(domain)
  414. end
  415. end
  416. EntityCache.instance.mention(username, domain)
  417. end.compact
  418. end
  419. private
  420. def generate_query_for_search(terms)
  421. terms = Arel.sql(connection.quote(terms.gsub(/['?\\:]/, ' ')))
  422. textsearch = "(setweight(to_tsvector('simple', accounts.display_name), 'A') || setweight(to_tsvector('simple', accounts.username), 'B') || setweight(to_tsvector('simple', coalesce(accounts.domain, '')), 'C'))"
  423. query = "to_tsquery('simple', ''' ' || #{terms} || ' ''' || ':*')"
  424. [textsearch, query]
  425. end
  426. end
  427. def emojis
  428. @emojis ||= CustomEmoji.from_text(emojifiable_text, domain)
  429. end
  430. before_create :generate_keys
  431. before_validation :prepare_contents, if: :local?
  432. before_validation :prepare_username, on: :create
  433. before_destroy :clean_feed_manager
  434. private
  435. def prepare_contents
  436. display_name&.strip!
  437. note&.strip!
  438. end
  439. def prepare_username
  440. username&.squish!
  441. end
  442. def generate_keys
  443. return unless local? && private_key.blank? && public_key.blank?
  444. keypair = OpenSSL::PKey::RSA.new(2048)
  445. self.private_key = keypair.to_pem
  446. self.public_key = keypair.public_key.to_pem
  447. end
  448. def normalize_domain
  449. return if local?
  450. super
  451. end
  452. def emojifiable_text
  453. [note, display_name, fields.map(&:name), fields.map(&:value)].join(' ')
  454. end
  455. def clean_feed_manager
  456. reblog_key = FeedManager.instance.key(:home, id, 'reblogs')
  457. reblogged_id_set = Redis.current.zrange(reblog_key, 0, -1)
  458. Redis.current.pipelined do
  459. Redis.current.del(FeedManager.instance.key(:home, id))
  460. Redis.current.del(reblog_key)
  461. reblogged_id_set.each do |reblogged_id|
  462. reblog_set_key = FeedManager.instance.key(:home, id, "reblogs:#{reblogged_id}")
  463. Redis.current.del(reblog_set_key)
  464. end
  465. end
  466. end
  467. end