forked from treehouse/mastodon
Allow to dereference Follow object for ActivityPub (#5772)
* Allow to dereference Follow object for ActivityPub * Accept IRI as object representation for Accept activitysignup-info-prompt
parent
53d99ebf4f
commit
161c72d66d
|
@ -0,0 +1,18 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
class ActivityPub::FollowsController < Api::BaseController
|
||||||
|
include SignatureVerification
|
||||||
|
|
||||||
|
def show
|
||||||
|
render(
|
||||||
|
json: FollowRequest.includes(:account).references(:account).find_by!(
|
||||||
|
id: params.require(:id),
|
||||||
|
accounts: { domain: nil, username: params.require(:account_username) },
|
||||||
|
target_account: signed_request_account
|
||||||
|
),
|
||||||
|
serializer: ActivityPub::FollowSerializer,
|
||||||
|
adapter: ActivityPub::Adapter,
|
||||||
|
content_type: 'application/activity+json'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
|
@ -2,16 +2,18 @@
|
||||||
|
|
||||||
class ActivityPub::Activity::Accept < ActivityPub::Activity
|
class ActivityPub::Activity::Accept < ActivityPub::Activity
|
||||||
def perform
|
def perform
|
||||||
case @object['type']
|
if @object.respond_to?(:[]) &&
|
||||||
when 'Follow'
|
@object['type'] == 'Follow' && @object['actor'].present?
|
||||||
accept_follow
|
accept_follow_from @object['actor']
|
||||||
|
else
|
||||||
|
accept_follow_object @object
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def accept_follow
|
def accept_follow_from(actor)
|
||||||
target_account = account_from_uri(target_uri)
|
target_account = account_from_uri(value_or_id(actor))
|
||||||
|
|
||||||
return if target_account.nil? || !target_account.local?
|
return if target_account.nil? || !target_account.local?
|
||||||
|
|
||||||
|
@ -19,7 +21,8 @@ class ActivityPub::Activity::Accept < ActivityPub::Activity
|
||||||
follow_request&.authorize!
|
follow_request&.authorize!
|
||||||
end
|
end
|
||||||
|
|
||||||
def target_uri
|
def accept_follow_object(object)
|
||||||
@target_uri ||= value_or_id(@object['actor'])
|
follow_request = ActivityPub::TagManager.instance.uri_to_resource(value_or_id(object), FollowRequest)
|
||||||
|
follow_request&.authorize!
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -28,6 +28,8 @@ class ActivityPub::TagManager
|
||||||
return target.uri if target.respond_to?(:local?) && !target.local?
|
return target.uri if target.respond_to?(:local?) && !target.local?
|
||||||
|
|
||||||
case target.object_type
|
case target.object_type
|
||||||
|
when :follow
|
||||||
|
account_follow_url(target.account.username, target)
|
||||||
when :person
|
when :person
|
||||||
account_url(target)
|
account_url(target)
|
||||||
when :note, :comment, :activity
|
when :note, :comment, :activity
|
||||||
|
@ -97,6 +99,12 @@ class ActivityPub::TagManager
|
||||||
case klass.name
|
case klass.name
|
||||||
when 'Account'
|
when 'Account'
|
||||||
klass.find_local(uri_to_local_id(uri, :username))
|
klass.find_local(uri_to_local_id(uri, :username))
|
||||||
|
when 'FollowRequest'
|
||||||
|
params = Rails.application.routes.recognize_path(uri)
|
||||||
|
klass.joins(:account).find_by!(
|
||||||
|
accounts: { domain: nil, username: params[:account_username] },
|
||||||
|
id: params[:id]
|
||||||
|
)
|
||||||
else
|
else
|
||||||
StatusFinder.new(uri).status
|
StatusFinder.new(uri).status
|
||||||
end
|
end
|
||||||
|
|
|
@ -21,6 +21,10 @@ class FollowRequest < ApplicationRecord
|
||||||
|
|
||||||
validates :account_id, uniqueness: { scope: :target_account_id }
|
validates :account_id, uniqueness: { scope: :target_account_id }
|
||||||
|
|
||||||
|
def object_type
|
||||||
|
:follow
|
||||||
|
end
|
||||||
|
|
||||||
def authorize!
|
def authorize!
|
||||||
account.follow!(target_account, reblogs: show_reblogs)
|
account.follow!(target_account, reblogs: show_reblogs)
|
||||||
MergeWorker.perform_async(target_account.id, account.id)
|
MergeWorker.perform_async(target_account.id, account.id)
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class ActivityPub::FollowSerializer < ActiveModel::Serializer
|
class ActivityPub::FollowSerializer < ActiveModel::Serializer
|
||||||
attributes :id, :type, :actor
|
attributes :type, :actor
|
||||||
|
attribute :id, if: :dereferencable?
|
||||||
attribute :virtual_object, key: :object
|
attribute :virtual_object, key: :object
|
||||||
|
|
||||||
def id
|
def id
|
||||||
[ActivityPub::TagManager.instance.uri_for(object.account), '#follows/', object.id].join
|
ActivityPub::TagManager.instance.uri_for(object)
|
||||||
end
|
end
|
||||||
|
|
||||||
def type
|
def type
|
||||||
|
@ -19,4 +20,8 @@ class ActivityPub::FollowSerializer < ActiveModel::Serializer
|
||||||
def virtual_object
|
def virtual_object
|
||||||
ActivityPub::TagManager.instance.uri_for(object.target_account)
|
ActivityPub::TagManager.instance.uri_for(object.target_account)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def dereferencable?
|
||||||
|
object.respond_to?(:object_type)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
= fa_icon 'user-times'
|
= fa_icon 'user-times'
|
||||||
= t('accounts.unfollow')
|
= t('accounts.unfollow')
|
||||||
- else
|
- else
|
||||||
= link_to account_follow_path(account), data: { method: :post }, class: 'icon-button' do
|
= link_to account_follows_path(account), data: { method: :post }, class: 'icon-button' do
|
||||||
= fa_icon 'user-plus'
|
= fa_icon 'user-plus'
|
||||||
= t('accounts.follow')
|
= t('accounts.follow')
|
||||||
- elsif !user_signed_in?
|
- elsif !user_signed_in?
|
||||||
|
|
|
@ -54,7 +54,8 @@ Rails.application.routes.draw do
|
||||||
|
|
||||||
resources :followers, only: [:index], controller: :follower_accounts
|
resources :followers, only: [:index], controller: :follower_accounts
|
||||||
resources :following, only: [:index], controller: :following_accounts
|
resources :following, only: [:index], controller: :following_accounts
|
||||||
resource :follow, only: [:create], controller: :account_follow
|
resources :follows, only: [:show], module: :activitypub
|
||||||
|
resource :follow, only: [:create], controller: :account_follow, as: :follows
|
||||||
resource :unfollow, only: [:create], controller: :account_unfollow
|
resource :unfollow, only: [:create], controller: :account_unfollow
|
||||||
resource :outbox, only: [:show], module: :activitypub
|
resource :outbox, only: [:show], module: :activitypub
|
||||||
resource :inbox, only: [:create], module: :activitypub
|
resource :inbox, only: [:create], module: :activitypub
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
describe ActivityPub::FollowsController, type: :controller do
|
||||||
|
let(:follow_request) { Fabricate(:follow_request, account: account) }
|
||||||
|
|
||||||
|
render_views
|
||||||
|
|
||||||
|
context 'with local account' do
|
||||||
|
let(:account) { Fabricate(:account, domain: nil) }
|
||||||
|
|
||||||
|
it 'returns follow request' do
|
||||||
|
signed_request = Request.new(:get, account_follow_url(account, follow_request))
|
||||||
|
signed_request.on_behalf_of(follow_request.target_account)
|
||||||
|
request.headers.merge! signed_request.headers
|
||||||
|
|
||||||
|
get :show, params: { id: follow_request, account_username: account.username }
|
||||||
|
|
||||||
|
expect(body_as_json[:id]).to eq ActivityPub::TagManager.instance.uri_for(follow_request)
|
||||||
|
expect(response).to have_http_status :success
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns http 404 without signature' do
|
||||||
|
get :show, params: { id: follow_request, account_username: account.username }
|
||||||
|
expect(response).to have_http_status 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with remote account' do
|
||||||
|
let(:account) { Fabricate(:account, domain: Faker::Internet.domain_name) }
|
||||||
|
|
||||||
|
it 'returns http 404' do
|
||||||
|
signed_request = Request.new(:get, account_follow_url(account, follow_request))
|
||||||
|
signed_request.on_behalf_of(follow_request.target_account)
|
||||||
|
request.headers.merge! signed_request.headers
|
||||||
|
|
||||||
|
get :show, params: { id: follow_request, account_username: account.username }
|
||||||
|
|
||||||
|
expect(response).to have_http_status 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -3,7 +3,16 @@ require 'rails_helper'
|
||||||
RSpec.describe ActivityPub::Activity::Accept do
|
RSpec.describe ActivityPub::Activity::Accept do
|
||||||
let(:sender) { Fabricate(:account) }
|
let(:sender) { Fabricate(:account) }
|
||||||
let(:recipient) { Fabricate(:account) }
|
let(:recipient) { Fabricate(:account) }
|
||||||
|
let!(:follow_request) { Fabricate(:follow_request, account: recipient, target_account: sender) }
|
||||||
|
|
||||||
|
describe '#perform' do
|
||||||
|
subject { described_class.new(json, sender) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
subject.perform
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with concerete object representation' do
|
||||||
let(:json) do
|
let(:json) do
|
||||||
{
|
{
|
||||||
'@context': 'https://www.w3.org/ns/activitystreams',
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
||||||
|
@ -11,7 +20,6 @@ RSpec.describe ActivityPub::Activity::Accept do
|
||||||
type: 'Accept',
|
type: 'Accept',
|
||||||
actor: ActivityPub::TagManager.instance.uri_for(sender),
|
actor: ActivityPub::TagManager.instance.uri_for(sender),
|
||||||
object: {
|
object: {
|
||||||
id: 'bar',
|
|
||||||
type: 'Follow',
|
type: 'Follow',
|
||||||
actor: ActivityPub::TagManager.instance.uri_for(recipient),
|
actor: ActivityPub::TagManager.instance.uri_for(recipient),
|
||||||
object: ActivityPub::TagManager.instance.uri_for(sender),
|
object: ActivityPub::TagManager.instance.uri_for(sender),
|
||||||
|
@ -19,20 +27,25 @@ RSpec.describe ActivityPub::Activity::Accept do
|
||||||
}.with_indifferent_access
|
}.with_indifferent_access
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#perform' do
|
it 'creates a follow relationship' do
|
||||||
subject { described_class.new(json, sender) }
|
expect(recipient.following?(sender)).to be true
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
before do
|
context 'with object represented by id' do
|
||||||
Fabricate(:follow_request, account: recipient, target_account: sender)
|
let(:json) do
|
||||||
subject.perform
|
{
|
||||||
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
||||||
|
id: 'foo',
|
||||||
|
type: 'Accept',
|
||||||
|
actor: ActivityPub::TagManager.instance.uri_for(sender),
|
||||||
|
object: ActivityPub::TagManager.instance.uri_for(follow_request),
|
||||||
|
}.with_indifferent_access
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'creates a follow relationship' do
|
it 'creates a follow relationship' do
|
||||||
expect(recipient.following?(sender)).to be true
|
expect(recipient.following?(sender)).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'removes the follow request' do
|
|
||||||
expect(recipient.requested?(sender)).to be false
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -27,4 +27,12 @@ RSpec.describe FollowRequest, type: :model do
|
||||||
expect(follow_request.account.muting_reblogs?(target)).to be true
|
expect(follow_request.account.muting_reblogs?(target)).to be true
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#object_type' do
|
||||||
|
let(:follow_request) { Fabricate(:follow_request) }
|
||||||
|
|
||||||
|
it 'equals to :follow' do
|
||||||
|
expect(follow_request.object_type).to eq :follow
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue