Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-05-02 21:04:24 +02:00
Code Issues Projects Releases Packages Wiki Activity

The access to the profile and the list of followers/followings can now be restricted

Browse source
This commit is contained in:
Michael 2023-07-21 07:06:55 +00:00
parent d84866cf8c
commit 26aa38341f
3 changed files with 52 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

43
src/Protocol/ActivityPub.php
View file

@ -23,10 +23,13 @@ namespace Friendica\Protocol;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Core\System;
use Friendica\Model\APContact;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Util\HTTPSignature;
use Friendica\Util\JsonLD;
use Friendica\Util\Network;
/**
* ActivityPub Protocol class
@ -277,4 +280,44 @@ class ActivityPub
{
return !empty(APContact::getByURL($url, $update));
}
public static function isAcceptedRequester(int $uid = 0): bool
{
$called_by = System::callstack(1);
$signer = HTTPSignature::getSigner('', $_SERVER);
if (!$signer) {
Logger::debug('No signer', ['uid' => $uid, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'called_by' => $called_by]);
return false;
}
$apcontact = APContact::getByURL($signer);
if (empty($apcontact)) {
Logger::debug('APContact not found', ['uid' => $uid, 'handle' => $signer, 'called_by' => $called_by]);
return false;
}
if (empty($apcontact['gsid'] || empty($apcontact['baseurl']))) {
Logger::debug('No server found', ['uid' => $uid, 'signer' => $signer, 'called_by' => $called_by]);
return false;
}
// Check added as a precaution. It should not occur.
if (Network::isUrlBlocked($apcontact['baseurl'])) {
Logger::info('Requesting domain is blocked', ['uid' => $uid, 'id' => $apcontact['gsid'], 'url' => $apcontact['baseurl'], 'signer' => $signer, 'called_by' => $called_by]);
return false;
}
$contact = Contact::getByURL($signer, false, ['id', 'baseurl', 'gsid']);
if (!empty($contact) && Contact\User::isBlocked($contact['id'], $uid)) {
Logger::info('Requesting contact is blocked', ['uid' => $uid, 'id' => $contact['id'], 'signer' => $signer, 'baseurl' => $contact['baseurl'], 'called_by' => $called_by]);
return false;
}
// @todo Look for user blocked domains
Logger::debug('Server is an accepted requester', ['uid' => $uid, 'id' => $contact['gsid'], 'url' => $contact['baseurl'], 'signer' => $signer, 'called_by' => $called_by]);
return true;
}
}