mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 21:55:15 +00:00
if a collection is targeted, reject non-collection operations.
This commit is contained in:
parent
f7226e50cf
commit
6effa8de04
6 changed files with 9 additions and 37 deletions
|
@ -892,12 +892,6 @@ class Activity
|
|||
return [];
|
||||
}
|
||||
|
||||
$replyTo = unserialise($item['replyto']);
|
||||
if ($replyTo) {
|
||||
$activity['replyTo'] = $replyTo;
|
||||
$activity['audience'] = $replyTo;
|
||||
}
|
||||
|
||||
if (!isset($activity['url'])) {
|
||||
$urls = [];
|
||||
if (intval($item['item_wall'])) {
|
||||
|
@ -1288,12 +1282,6 @@ class Activity
|
|||
}
|
||||
}
|
||||
|
||||
$replyTo = unserialise($item['replyto']);
|
||||
if ($replyTo) {
|
||||
$activity['replyTo'] = $replyTo;
|
||||
$activity['audience'] = $replyTo;
|
||||
}
|
||||
|
||||
if (!isset($activity['url'])) {
|
||||
$urls = [];
|
||||
if (intval($item['item_wall'])) {
|
||||
|
@ -4935,7 +4923,6 @@ class Activity
|
|||
'directMessage' => 'nomad:directMessage',
|
||||
'Category' => 'nomad:Category',
|
||||
'copiedTo' => 'nomad:copiedTo',
|
||||
'replyTo' => 'nomad:replyTo',
|
||||
'searchContent' => 'nomad:searchContent',
|
||||
'searchTags' => 'nomad:searchTags',
|
||||
];
|
||||
|
|
|
@ -109,7 +109,7 @@ class ActivityStreams
|
|||
$this->tgt = $this->get_compound_property('target');
|
||||
$this->origin = $this->get_compound_property('origin');
|
||||
$this->recips = $this->collect_recips();
|
||||
$this->replyto = $this->get_property_obj('audience');
|
||||
$this->replyto = $this->get_property_obj('attributedTo',$this->tgt);
|
||||
if (!$this->replyto) {
|
||||
$this->replyto = $this->get_property_obj('replyTo');
|
||||
}
|
||||
|
|
|
@ -1408,7 +1408,7 @@ class Libzot
|
|||
|
||||
$relay = (($env['type'] === 'response') ? true : false);
|
||||
|
||||
$result = self::process_delivery($env['sender'], $AS, $arr, $deliveries, $relay, false, $message_request);
|
||||
$result = self::process_delivery($env['sender'], $AS, $arr, $deliveries, $relay, false, $message_request, $isCollectionOperation);
|
||||
}
|
||||
}
|
||||
elseif ($env['type'] === 'sync') {
|
||||
|
@ -1621,7 +1621,7 @@ class Libzot
|
|||
* @return array|false|void
|
||||
*/
|
||||
|
||||
public static function process_delivery($sender, $act, $msg_arr, $deliveries, $relay, $public = false, $request = false)
|
||||
public static function process_delivery($sender, $act, $msg_arr, $deliveries, $relay, $public = false, $request = false, $isCollectionOperation = false)
|
||||
{
|
||||
|
||||
$result = [];
|
||||
|
@ -1675,6 +1675,12 @@ class Libzot
|
|||
}
|
||||
|
||||
$DR->set_name($channel['channel_name'] . ' <' . Channel::get_webfinger($channel) . '>');
|
||||
|
||||
if (str_contains($arr['tgt_type'], 'Collection') && !$isCollectionOperation) {
|
||||
$DR->update('not a collection activity');
|
||||
$result[] = $DR->get();
|
||||
continue;
|
||||
}
|
||||
|
||||
if (Tombstone::check($arr['mid'], $channel['channel_id'])
|
||||
|| Tombstone::check($arr['parent_mid'], $channel['channel_id'])) {
|
||||
|
|
|
@ -25,9 +25,6 @@ class Security
|
|||
$use_hs2019 = ((x($_POST, 'use_hs2019')) ? intval($_POST['use_hs2019']) : 0);
|
||||
set_config('system', 'use_hs2019', $use_hs2019);
|
||||
|
||||
$use_fep5624 = ((x($_POST, 'use_fep5624')) ? intval($_POST['use_fep5624']) : 0);
|
||||
set_config('system', 'use_fep5624', $use_fep5624);
|
||||
|
||||
$require_authenticated_fetch = ((x($_POST, 'require_authenticated_fetch')) ? 1 : 0);
|
||||
set_config('system', 'require_authenticated_fetch', $require_authenticated_fetch);
|
||||
|
||||
|
@ -159,7 +156,6 @@ class Security
|
|||
'$cloud_noroot' => ['cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system', 'cloud_disable_siteroot', true)), t('The cloud root directory lists all channel names which provide public files. Otherwise only the names of connections are shown.')],
|
||||
'$cloud_disksize' => ['cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system', 'cloud_report_disksize')), ''],
|
||||
'$use_hs2019' => ['use_hs2019', t('Use hs2019 HTTP-Signature specification'), intval(get_config('system', 'use_hs2019', false)), t('This is not yet supported by many fediverse servers.')],
|
||||
'$use_fep5624' => ['use_fep5624', t('Require FEP-5624 comment approvals'), intval(get_config('system', 'use_fep5624', false)), t('This is not yet supported by many fediverse servers.')],
|
||||
'$thumbnail_security' => ['thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system', 'thumbnail_security', 0), t("WARNING: SVG images may contain malicious code.")],
|
||||
'$site_hidden' => ['site_hidden', t('Reduce public visiblity of this site'), intval(get_config('system', 'site_hidden', false)), ''],
|
||||
|
||||
|
|
|
@ -1263,24 +1263,12 @@ class Item extends Controller
|
|||
'term' => $ng['xchan_name'],
|
||||
'url' => $ng['xchan_url']
|
||||
];
|
||||
|
||||
$colls = get_xconfig($ng['xchan_hash'], 'activitypub', 'collections');
|
||||
if ($colls && is_array($colls) && isset($colls['wall'])) {
|
||||
$datarray['target'] = [
|
||||
'id' => $colls['wall'],
|
||||
'type' => 'Collection',
|
||||
'attributedTo' => ((in_array($ng['xchan_network'], ['zot6', 'nomad'])) ? $ng['xchan_url'] : $ng['xchan_hash'])
|
||||
];
|
||||
$datarray['tgt_type'] = 'Collection';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
if (strlen($categories)) {
|
||||
if (!isset($post_tags)) {
|
||||
$post_tags = [];
|
||||
|
@ -1356,9 +1344,6 @@ class Item extends Controller
|
|||
$item_blocked = ITEM_MODERATED;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
$notify_type = (($parent) ? 'comment-new' : 'wall-new');
|
||||
|
||||
if (!(isset($mid) && $mid)) {
|
||||
|
@ -1388,7 +1373,6 @@ class Item extends Controller
|
|||
$datarray['tgt_type'] = $parent_item['tgt_type'];
|
||||
}
|
||||
|
||||
|
||||
if ($is_poll) {
|
||||
$poll = [
|
||||
'question' => $body,
|
||||
|
|
|
@ -6,7 +6,6 @@
|
|||
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||
|
||||
{{include file="field_checkbox.tpl" field=$use_hs2019}}
|
||||
{{include file="field_checkbox.tpl" field=$use_fep5624}}
|
||||
{{include file="field_checkbox.tpl" field=$require_authenticated_fetch}}
|
||||
{{include file="field_checkbox.tpl" field=$accept_unsigned_relay}}
|
||||
{{include file="field_checkbox.tpl" field=$block_public_search}}
|
||||
|
|
Loading…
Reference in a new issue