Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-19 21:55:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

if a collection is targeted, reject non-collection operations.

Browse source
This commit is contained in:
Mike Macgirvin 2024-01-21 06:56:35 +11:00
parent f7226e50cf
commit 6effa8de04
6 changed files with 9 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
Code/Lib/Activity.php
View file

@ -892,12 +892,6 @@ class Activity
return [];
}
$replyTo = unserialise($item['replyto']);
if ($replyTo) {
$activity['replyTo'] = $replyTo;
$activity['audience'] = $replyTo;
}
if (!isset($activity['url'])) {
$urls = [];
if (intval($item['item_wall'])) {
@ -1288,12 +1282,6 @@ class Activity
}
}
$replyTo = unserialise($item['replyto']);
if ($replyTo) {
$activity['replyTo'] = $replyTo;
$activity['audience'] = $replyTo;
}
if (!isset($activity['url'])) {
$urls = [];
if (intval($item['item_wall'])) {
@ -4935,7 +4923,6 @@ class Activity
'directMessage' => 'nomad:directMessage',
'Category' => 'nomad:Category',
'copiedTo' => 'nomad:copiedTo',
'replyTo' => 'nomad:replyTo',
'searchContent' => 'nomad:searchContent',
'searchTags' => 'nomad:searchTags',
];

2
Code/Lib/ActivityStreams.php
View file

@ -109,7 +109,7 @@ class ActivityStreams
$this->tgt = $this->get_compound_property('target');
$this->origin = $this->get_compound_property('origin');
$this->recips = $this->collect_recips();
$this->replyto = $this->get_property_obj('audience');
$this->replyto = $this->get_property_obj('attributedTo',$this->tgt);
if (!$this->replyto) {
$this->replyto = $this->get_property_obj('replyTo');
}

10
Code/Lib/Libzot.php
View file

@ -1408,7 +1408,7 @@ class Libzot
$relay = (($env['type'] === 'response') ? true : false);
$result = self::process_delivery($env['sender'], $AS, $arr, $deliveries, $relay, false, $message_request);
$result = self::process_delivery($env['sender'], $AS, $arr, $deliveries, $relay, false, $message_request, $isCollectionOperation);
}
}
elseif ($env['type'] === 'sync') {
@ -1621,7 +1621,7 @@ class Libzot
* @return array|false|void
*/
public static function process_delivery($sender, $act, $msg_arr, $deliveries, $relay, $public = false, $request = false)
public static function process_delivery($sender, $act, $msg_arr, $deliveries, $relay, $public = false, $request = false, $isCollectionOperation = false)
{
$result = [];
@ -1675,6 +1675,12 @@ class Libzot
}
$DR->set_name($channel['channel_name'] . ' <' . Channel::get_webfinger($channel) . '>');
if (str_contains($arr['tgt_type'], 'Collection') && !$isCollectionOperation) {
$DR->update('not a collection activity');
$result[] = $DR->get();
continue;
}
if (Tombstone::check($arr['mid'], $channel['channel_id'])
|| Tombstone::check($arr['parent_mid'], $channel['channel_id'])) {

4
Code/Module/Admin/Security.php
View file

@ -25,9 +25,6 @@ class Security
$use_hs2019 = ((x($_POST, 'use_hs2019')) ? intval($_POST['use_hs2019']) : 0);
set_config('system', 'use_hs2019', $use_hs2019);
$use_fep5624 = ((x($_POST, 'use_fep5624')) ? intval($_POST['use_fep5624']) : 0);
set_config('system', 'use_fep5624', $use_fep5624);
$require_authenticated_fetch = ((x($_POST, 'require_authenticated_fetch')) ? 1 : 0);
set_config('system', 'require_authenticated_fetch', $require_authenticated_fetch);
@ -159,7 +156,6 @@ class Security
'$cloud_noroot' => ['cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system', 'cloud_disable_siteroot', true)), t('The cloud root directory lists all channel names which provide public files. Otherwise only the names of connections are shown.')],
'$cloud_disksize' => ['cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system', 'cloud_report_disksize')), ''],
'$use_hs2019' => ['use_hs2019', t('Use hs2019 HTTP-Signature specification'), intval(get_config('system', 'use_hs2019', false)), t('This is not yet supported by many fediverse servers.')],
'$use_fep5624' => ['use_fep5624', t('Require FEP-5624 comment approvals'), intval(get_config('system', 'use_fep5624', false)), t('This is not yet supported by many fediverse servers.')],
'$thumbnail_security' => ['thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system', 'thumbnail_security', 0), t("WARNING: SVG images may contain malicious code.")],
'$site_hidden' => ['site_hidden', t('Reduce public visiblity of this site'), intval(get_config('system', 'site_hidden', false)), ''],

16
Code/Module/Item.php
View file

@ -1263,24 +1263,12 @@ class Item extends Controller
'term' => $ng['xchan_name'],
'url' => $ng['xchan_url']
];
$colls = get_xconfig($ng['xchan_hash'], 'activitypub', 'collections');
if ($colls && is_array($colls) && isset($colls['wall'])) {
$datarray['target'] = [
'id' => $colls['wall'],
'type' => 'Collection',
'attributedTo' => ((in_array($ng['xchan_network'], ['zot6', 'nomad'])) ? $ng['xchan_url'] : $ng['xchan_hash'])
];
$datarray['tgt_type'] = 'Collection';
}
}
}
}
}
}
if (strlen($categories)) {
if (!isset($post_tags)) {
$post_tags = [];
@ -1356,9 +1344,6 @@ class Item extends Controller
$item_blocked = ITEM_MODERATED;
}
$notify_type = (($parent) ? 'comment-new' : 'wall-new');
if (!(isset($mid) && $mid)) {
@ -1388,7 +1373,6 @@ class Item extends Controller
$datarray['tgt_type'] = $parent_item['tgt_type'];
}
if ($is_poll) {
$poll = [
'question' => $body,

1
view/tpl/admin_security.tpl
View file

@ -6,7 +6,6 @@
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
{{include file="field_checkbox.tpl" field=$use_hs2019}}
{{include file="field_checkbox.tpl" field=$use_fep5624}}
{{include file="field_checkbox.tpl" field=$require_authenticated_fetch}}
{{include file="field_checkbox.tpl" field=$accept_unsigned_relay}}
{{include file="field_checkbox.tpl" field=$block_public_search}}