In activity table, remove user_id and add sensitive (#127)

Forgot to add migrations

Add `sensitive` column to activities table, so PMs arent served over HTTP

Remove user_id column from actvity table

Co-authored-by: Felix Ableitner <me@nutomic.com>
Reviewed-on: https://yerbamate.ml/LemmyNet/lemmy/pulls/127
This commit is contained in:
nutomic 2020-11-06 13:06:47 +00:00 committed by dessalines
parent b7d2dac9bf
commit 7c51a36012
12 changed files with 27 additions and 49 deletions

View file

@ -41,10 +41,6 @@ impl ActorType for Community {
self.private_key.to_owned()
}
fn user_id(&self) -> i32 {
self.creator_id
}
async fn send_follow(
&self,
_follow_actor_id: &Url,

View file

@ -32,10 +32,6 @@ impl ActorType for User_ {
self.private_key.to_owned()
}
fn user_id(&self) -> i32 {
self.id
}
/// As a given local user, send out a follow request to a remote community.
async fn send_follow(
&self,

View file

@ -57,6 +57,7 @@ where
vec![inbox],
context.pool(),
true,
true,
)
.await?;
}
@ -102,6 +103,7 @@ where
follower_inboxes,
context.pool(),
true,
false,
)
.await?;
@ -145,6 +147,7 @@ where
vec![inbox],
context.pool(),
true,
false,
)
.await?;
}
@ -185,6 +188,7 @@ where
mentions,
context.pool(),
false, // Don't create a new DB row
false,
)
.await?;
Ok(())
@ -202,6 +206,7 @@ async fn send_activity_internal<T, Kind>(
inboxes: Vec<Url>,
pool: &DbPool,
insert_into_db: bool,
sensitive: bool,
) -> Result<(), LemmyError>
where
T: AsObject<Kind> + Extends<Kind> + Debug,
@ -219,7 +224,7 @@ where
// might send the same ap_id
if insert_into_db {
let id = activity.id().context(location_info!())?;
insert_activity(id, actor.user_id(), activity.clone(), true, pool).await?;
insert_activity(id, activity.clone(), true, sensitive, pool).await?;
}
for i in inboxes {

View file

@ -54,5 +54,9 @@ pub async fn get_activity(
})
.await??;
Ok(create_apub_response(&activity.data))
if !activity.local || activity.sensitive {
Ok(HttpResponse::NotFound().finish())
} else {
Ok(create_apub_response(&activity.data))
}
}

View file

@ -88,20 +88,12 @@ pub async fn community_inbox(
let any_base = activity.clone().into_any_base()?;
let kind = activity.kind().context(location_info!())?;
let user_id = user.id;
let res = match kind {
ValidTypes::Follow => handle_follow(any_base, user, community, &context).await,
ValidTypes::Undo => handle_undo_follow(any_base, user, community, &context).await,
};
insert_activity(
&activity_id,
user_id,
activity.clone(),
false,
context.pool(),
)
.await?;
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
res
}

View file

@ -125,14 +125,7 @@ pub async fn shared_inbox(
ValidTypes::Undo => receive_undo(&context, any_base, actor_id, request_counter).await,
};
insert_activity(
&activity_id,
actor.user_id(),
activity.clone(),
false,
context.pool(),
)
.await?;
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
res
}

View file

@ -107,14 +107,7 @@ pub async fn user_inbox(
}
};
insert_activity(
&activity_id,
actor.user_id(),
activity.clone(),
false,
context.pool(),
)
.await?;
insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?;
res
}

View file

@ -169,9 +169,6 @@ pub trait ActorType {
fn public_key(&self) -> Option<String>;
fn private_key(&self) -> Option<String>;
/// numeric id in the database, used for insert_activity
fn user_id(&self) -> i32;
async fn send_follow(
&self,
follow_actor_id: &Url,
@ -252,9 +249,9 @@ pub trait ActorType {
/// persistent.
pub async fn insert_activity<T>(
ap_id: &Url,
user_id: i32,
activity: T,
local: bool,
sensitive: bool,
pool: &DbPool,
) -> Result<(), LemmyError>
where
@ -262,7 +259,7 @@ where
{
let ap_id = ap_id.to_string();
blocking(pool, move |conn| {
Activity::insert(conn, ap_id, user_id, &activity, local)
Activity::insert(conn, ap_id, &activity, local, sensitive)
})
.await??;
Ok(())

View file

@ -13,9 +13,9 @@ use std::{
pub struct Activity {
pub id: i32,
pub ap_id: String,
pub user_id: i32,
pub data: Value,
pub local: bool,
pub sensitive: bool,
pub published: chrono::NaiveDateTime,
pub updated: Option<chrono::NaiveDateTime>,
}
@ -24,9 +24,9 @@ pub struct Activity {
#[table_name = "activity"]
pub struct ActivityForm {
pub ap_id: String,
pub user_id: i32,
pub data: Value,
pub local: bool,
pub sensitive: bool,
pub updated: Option<chrono::NaiveDateTime>,
}
@ -59,20 +59,19 @@ impl Activity {
pub fn insert<T>(
conn: &PgConnection,
ap_id: String,
user_id: i32,
data: &T,
local: bool,
sensitive: bool,
) -> Result<Self, IoError>
where
T: Serialize + Debug,
{
debug!("inserting activity for user {}: ", user_id);
debug!("{}", serde_json::to_string_pretty(&data)?);
let activity_form = ActivityForm {
ap_id,
user_id,
data: serde_json::to_value(&data)?,
local,
sensitive,
updated: None,
};
let result = Activity::create(&conn, &activity_form);
@ -154,9 +153,9 @@ mod tests {
.unwrap();
let activity_form = ActivityForm {
ap_id: ap_id.to_string(),
user_id: inserted_creator.id,
data: test_json.to_owned(),
local: true,
sensitive: false,
updated: None,
};
@ -165,9 +164,9 @@ mod tests {
let expected_activity = Activity {
ap_id: ap_id.to_string(),
id: inserted_activity.id,
user_id: inserted_creator.id,
data: test_json,
local: true,
sensitive: false,
published: inserted_activity.published,
updated: None,
};

View file

@ -2,9 +2,9 @@ table! {
activity (id) {
id -> Int4,
ap_id -> Text,
user_id -> Int4,
data -> Jsonb,
local -> Bool,
sensitive -> Bool,
published -> Timestamp,
updated -> Nullable<Timestamp>,
}
@ -481,7 +481,6 @@ table! {
}
}
joinable!(activity -> user_ (user_id));
joinable!(comment -> post (post_id));
joinable!(comment -> user_ (creator_id));
joinable!(comment_like -> comment (comment_id));

View file

@ -0,0 +1,2 @@
ALTER TABLE activity ADD COLUMN user_id INTEGER;
ALTER TABLE activity DROP COLUMN sensitive;

View file

@ -0,0 +1,2 @@
ALTER TABLE activity DROP COLUMN user_id;
ALTER TABLE activity ADD COLUMN sensitive BOOLEAN DEFAULT TRUE;