michael/pyfedi
1
0
Fork 0
mirror of https://codeberg.org/rimu/pyfedi synced 2025-01-24 03:43:42 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
pyfedi/app/activitypub/routes.py

2336 lines
140 KiB
Python
Raw Normal View History

random published date to avoid cake day associations
2024-08-20 08:55:05 +12:00
from datetime import timedelta
from random import randint
track recent activities using redis instead of db
2024-04-04 21:36:03 +13:00
alt user names
2024-08-20 07:03:08 +12:00
from flask import request, current_app, abort, jsonify, json, g, url_for, redirect, make_response
multiple bugfixes
2024-01-09 20:44:08 +13:00
from flask_login import current_user
alt user names
2024-08-20 07:03:08 +12:00
from sqlalchemy import desc, or_
import werkzeug.exceptions
big refactor of AP core code
2023-12-30 13:23:12 +13:00
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
from app import db, constants, cache, celery
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
from app.activitypub import bp
community list and beginning of viewing community
2023-08-29 22:01:06 +12:00
apf part 07: verify LD signature if HTTP signature fails
2024-11-18 18:44:28 +00:00
from app.activitypub.signature import HttpSignature, post_request, VerificationError, default_context, LDSignature
community list and beginning of viewing community
2023-08-29 22:01:06 +12:00
from app.community.routes import show_community
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
from app.community.util import send_to_remote_instance
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
from app.post.routes import continue_discussion, show_post
user profiles and settings
2023-10-07 21:32:19 +13:00
from app.user.routes import show_profile
apf part 02: reject bad JSONs
2024-11-18 16:53:32 +00:00
from app.constants import *
federate votes
2023-09-10 20:20:53 +12:00
from app.models import User, Community, CommunityJoinRequest, CommunityMember, CommunityBan, ActivityPubLog, Post, \
send private messages
2024-02-17 20:05:57 +13:00
PostReply, Instance, PostVote, PostReplyVote, File, AllowedInstances, BannedInstances, utcnow, Site, Notification, \
Process incoming poll votes
2024-05-31 22:06:34 +01:00
ChatMessage, Conversation, UserFollower, UserBlock, Poll, PollChoice
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
from app.activitypub.util import public_key, users_total, active_half_year, active_month, local_posts, local_comments, \
Move default_context() (avoid circular dependency for next commits)
2024-05-04 21:16:55 +01:00
post_to_activity, find_actor_or_create, instance_blocked, find_reply_parent, find_liked_object, \
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
lemmy_site_data, is_activitypub_request, delete_post_or_comment, community_members, \
big refactor of AP core code
2023-12-30 13:23:12 +13:00
user_removed_from_remote_server, create_post, create_post_reply, update_post_reply_from_activity, \
receive federated reports from remote instances #21
2024-04-06 16:29:47 +13:00
update_post_from_activity, undo_vote, undo_downvote, post_to_page, get_redis_connection, find_reported_object, \
Bugfix: function import
2024-05-31 22:12:49 +01:00
process_report, ensure_domains_match, can_edit, can_delete, remove_data_from_banned_user, resolve_remote_post, \
Process ActivityPub post locks and unlocks
2024-09-01 22:42:43 +00:00
inform_followers_of_post_update, comment_model_to_json, restore_post_or_comment, ban_local_user, unban_local_user, \
apf part 28: Announce / Block to ban users from communities
2024-11-24 21:01:34 +00:00
lock_post, log_incoming_ap, find_community_ap_id, site_ban_remove_data, community_ban_remove_data
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
from app.utils import gibberish, get_setting, render_template, \
community_membership, ap_datetime, ip_address, can_downvote, \
community owners can change settings and appoint moderators #21
2024-03-13 16:40:20 +13:00
can_upvote, can_create_post, awaken_dormant_instance, shorten_string, can_create_post_reply, sha256_digest, \
apf part 12: Create/Update requests
2024-11-18 22:05:25 +00:00
community_moderators, markdown_to_html, html_to_text
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
track recent activities using redis instead of db
2024-04-04 21:36:03 +13:00
@bp.route('/testredis')
def testredis_get():
redis_client = get_redis_connection()
redis_client.set("cowbell", "1", ex=600)
x = redis_client.get('cowbell')
track recent activities using redis instead of db
2024-04-04 21:38:26 +13:00
if x is not None:
track recent activities using redis instead of db
2024-04-04 21:36:03 +13:00
return "Redis: OK"
else:
return "Redis: FAIL"
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
@bp.route('/.well-known/webfinger')
def webfinger():
if request.args.get('resource'):
query = request.args.get('resource') # acct:alice@tada.club
if 'acct:' in query:
actor = query.split(':')[1].split('@')[0] # alice
elif 'https:' in query or 'http:' in query:
actor = query.split('/')[-1]
else:
return 'Webfinger regex failed to match'
Add instance actor
2024-05-04 21:26:39 +01:00
# special case: instance actor
if actor == current_app.config['SERVER_NAME']:
webfinger_data = {
"subject": f"acct:{actor}@{current_app.config['SERVER_NAME']}",
"aliases": [f"https://{current_app.config['SERVER_NAME']}/actor"],
"links": [
{
"rel": "http://webfinger.net/rel/profile-page",
"type": "text/html",
"href": f"https://{current_app.config['SERVER_NAME']}/about"
},
{
"rel": "self",
"type": "application/activity+json",
"href": f"https://{current_app.config['SERVER_NAME']}/actor",
}
]
}
resp = jsonify(webfinger_data)
resp.headers.add_header('Access-Control-Allow-Origin', '*')
return resp
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
seperator = 'u'
type = 'Person'
alt user names
2024-08-20 07:03:08 +12:00
user = User.query.filter(or_(User.user_name == actor.strip(), User.alt_user_name == actor.strip())).filter_by(deleted=False, banned=False, ap_id=None).first()
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
if user is None:
community = Community.query.filter_by(name=actor.strip(), ap_id=None).first()
if community is None:
return ''
seperator = 'c'
type = 'Group'
webfinger_data = {
"subject": f"acct:{actor}@{current_app.config['SERVER_NAME']}",
"aliases": [f"https://{current_app.config['SERVER_NAME']}/{seperator}/{actor}"],
"links": [
{
"rel": "http://webfinger.net/rel/profile-page",
"type": "text/html",
"href": f"https://{current_app.config['SERVER_NAME']}/{seperator}/{actor}"
},
{
"rel": "self",
"type": "application/activity+json",
"href": f"https://{current_app.config['SERVER_NAME']}/{seperator}/{actor}",
"properties": {
"https://www.w3.org/ns/activitystreams#type": type
}
}
]
}
resp = jsonify(webfinger_data)
resp.headers.add_header('Access-Control-Allow-Origin', '*')
return resp
else:
abort(404)
@bp.route('/.well-known/nodeinfo')
federating replies and lots of caching
2023-12-10 15:10:09 +13:00
@cache.cached(timeout=600)
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
def nodeinfo():
nodeinfo_data = {"links": [{"rel": "http://nodeinfo.diaspora.software/ns/schema/2.0",
Adding application endpoint pointer to nodeinfo response
2024-09-04 16:30:01 -04:00
"href": f"https://{current_app.config['SERVER_NAME']}/nodeinfo/2.0"},
{"rel": "https://www.w3.org/ns/activitystreams#Application",
post teaser redesign #148
2024-09-05 20:10:26 +12:00
"href": f"https://{current_app.config['SERVER_NAME']}"}]}
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
return jsonify(nodeinfo_data)
well-known/host-meta
2024-02-14 10:16:49 +13:00
@bp.route('/.well-known/host-meta')
@cache.cached(timeout=600)
def host_meta():
chat 2.0
2024-02-19 15:01:53 +13:00
resp = make_response('<?xml version="1.0" encoding="UTF-8"?>\n<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">\n<Link rel="lrdd" template="https://' + current_app.config["SERVER_NAME"] + '/.well-known/webfinger?resource={uri}"/>\n</XRD>')
well-known/host-meta
2024-02-14 10:16:49 +13:00
resp.content_type = 'application/xrd+xml; charset=utf-8'
return resp
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
@bp.route('/nodeinfo/2.0')
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
@bp.route('/nodeinfo/2.0.json')
federating replies and lots of caching
2023-12-10 15:10:09 +13:00
@cache.cached(timeout=600)
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
def nodeinfo2():
nodeinfo_data = {
"version": "2.0",
"software": {
federation: handle remote subscriptions and unsubscriptions
2023-11-16 22:31:14 +13:00
"name": "PieFed",
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
"version": "0.1"
},
"protocols": [
"activitypub"
],
"usage": {
"users": {
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"total": users_total(),
"activeHalfyear": active_half_year(),
"activeMonth": active_month()
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
},
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"localPosts": local_posts(),
"localComments": local_comments()
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
},
nodeinfo - open registrations
2024-10-23 16:08:24 +13:00
"openRegistrations": g.site.registration_mode != 'Closed'
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
}
return jsonify(nodeinfo_data)
api/v1/instance endpoint, for fedidb
2024-04-03 16:35:26 +13:00
@bp.route('/api/v1/instance')
@cache.cached(timeout=600)
def api_v1_instance():
retval = {
'title': g.site.name,
'uri': current_app.config['SERVER_NAME'],
'stats': {
"user_count": users_total(),
"status_count": local_posts() + local_comments(),
"domain_count": 1
},
'registrations': g.site.registration_mode != 'Closed',
'approval_required': g.site.registration_mode == 'RequireApplication'
}
return jsonify(retval)
api/v1/instance/domain_blocks endpoint
2024-02-25 16:24:50 +13:00
@bp.route('/api/v1/instance/domain_blocks')
@cache.cached(timeout=600)
def domain_blocks():
use_allowlist = get_setting('use_allowlist', False)
if use_allowlist:
return jsonify([])
else:
retval = []
for domain in BannedInstances.query.all():
retval.append({
'domain': domain.domain,
'digest': sha256_digest(domain.domain),
'severity': 'suspend',
'comment': domain.reason if domain.reason else ''
})
return jsonify(retval)
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
@bp.route('/api/v3/site')
refactor community subscription to use new subscription system #20
2024-04-22 20:53:03 +12:00
@cache.cached(timeout=600)
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
def lemmy_site():
return jsonify(lemmy_site_data())
@bp.route('/api/v3/federated_instances')
federating replies and lots of caching
2023-12-10 15:10:09 +13:00
@cache.cached(timeout=600)
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
def lemmy_federated_instances():
remote admins can delete remote posts (not just moderators)
2024-02-14 12:31:44 +13:00
instances = Instance.query.filter(Instance.id != 1).all()
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
linked = []
allowed = []
blocked = []
Exclude blocked instances from linked instances in federated_instances response
2024-10-29 10:33:59 +00:00
for instance in AllowedInstances.query.all():
allowed.append({"id": instance.id, "domain": instance.domain, "published": utcnow(), "updated": utcnow()})
for instance in BannedInstances.query.all():
blocked.append({"id": instance.id, "domain": instance.domain, "published": utcnow(), "updated": utcnow()})
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
for instance in instances:
instance_data = {"id": instance.id, "domain": instance.domain, "published": instance.created_at.isoformat(), "updated": instance.updated_at.isoformat()}
if instance.software:
instance_data['software'] = instance.software
if instance.version:
instance_data['version'] = instance.version
Exclude blocked instances from linked instances in federated_instances response
2024-10-29 10:33:59 +00:00
if not any(blocked_instance.get('domain') == instance.domain for blocked_instance in blocked):
linked.append(instance_data)
special lemmy api endpoints for instance discovery
2023-11-23 15:10:44 +13:00
return jsonify({
"federated_instances": {
"linked": linked,
"allowed": allowed,
"blocked": blocked
}
})
delete account, with federation
2023-12-29 17:32:35 +13:00
@bp.route('/u/<actor>', methods=['GET', 'HEAD'])
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
def user_profile(actor):
""" Requests to this endpoint can be for a JSON representation of the user, or a HTML rendering of their profile.
The two types of requests are differentiated by the header """
case of user names
2024-03-27 22:55:31 +13:00
actor = actor.strip()
fall back to ap_profile_id
2024-04-20 17:16:17 +12:00
# admins can view deleted accounts
multiple bugfixes
2024-01-09 20:44:08 +13:00
if current_user.is_authenticated and current_user.is_admin():
if '@' in actor:
make ap_id always lower case
2024-04-23 21:28:58 +12:00
user: User = User.query.filter_by(ap_id=actor.lower()).first()
multiple bugfixes
2024-01-09 20:44:08 +13:00
else:
alt user names
2024-08-20 07:03:08 +12:00
user: User = User.query.filter(or_(User.user_name == actor, User.alt_user_name == actor)).filter_by(ap_id=None).first()
fall back to ap_profile_id
2024-04-20 17:16:17 +12:00
if user is None:
oops missed one #170
2024-04-28 16:49:49 +12:00
user = User.query.filter_by(ap_profile_id=f'https://{current_app.config["SERVER_NAME"]}/u/{actor.lower()}', deleted=False, ap_id=None).first()
remote profiles
2023-11-24 20:22:58 +13:00
else:
multiple bugfixes
2024-01-09 20:44:08 +13:00
if '@' in actor:
make ap_id always lower case
2024-04-23 21:28:58 +12:00
user: User = User.query.filter_by(ap_id=actor.lower(), deleted=False, banned=False).first()
multiple bugfixes
2024-01-09 20:44:08 +13:00
else:
alt user names
2024-08-20 07:03:08 +12:00
user: User = User.query.filter(or_(User.user_name == actor, User.alt_user_name == actor)).filter_by(deleted=False, ap_id=None).first()
fall back to ap_profile_id
2024-04-20 17:16:17 +12:00
if user is None:
make ap_id always lower case
2024-04-23 21:28:58 +12:00
user = User.query.filter_by(ap_profile_id=f'https://{current_app.config["SERVER_NAME"]}/u/{actor.lower()}', deleted=False, ap_id=None).first()
remote profiles
2023-11-24 20:22:58 +13:00
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
if user is not None:
alt user names
2024-08-20 07:03:08 +12:00
main_user_name = True
if user.alt_user_name == actor:
main_user_name = False
delete account, with federation
2023-12-29 17:32:35 +13:00
if request.method == 'HEAD':
if is_activitypub_request():
resp = jsonify('')
resp.content_type = 'application/activity+json'
return resp
else:
return ''
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
if is_activitypub_request():
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
server = current_app.config['SERVER_NAME']
federate incoming posts and post replies
2023-09-16 19:09:04 +12:00
actor_data = { "@context": default_context(),
Recognise 'service' type as bots
2024-03-20 11:34:25 +00:00
"type": "Person" if not user.bot else "Service",
alt user names
2024-08-20 07:03:08 +12:00
"id": user.public_url(main_user_name),
Undo some lower() calls
2024-06-06 00:09:17 +01:00
"preferredUsername": actor,
admin users
2024-01-01 14:49:15 +13:00
"name": user.title if user.title else user.user_name,
alt user names
2024-08-20 07:03:08 +12:00
"inbox": f"{user.public_url(main_user_name)}/inbox",
"outbox": f"{user.public_url(main_user_name)}/outbox",
delete account, with federation
2023-12-29 17:32:35 +13:00
"discoverable": user.searchable,
"indexable": user.indexable,
Avoid returning 'null' for manuallyApprovesFollowers
2024-03-21 23:26:03 +00:00
"manuallyApprovesFollowers": False if not user.ap_manually_approves_followers else user.ap_manually_approves_followers,
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"publicKey": {
alt user names
2024-08-20 07:03:08 +12:00
"id": f"{user.public_url(main_user_name)}#main-key",
"owner": user.public_url(main_user_name),
"publicKeyPem": user.public_key
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
},
"endpoints": {
"sharedInbox": f"https://{server}/inbox"
},
upload images for community icon and banner
2023-12-08 17:13:38 +13:00
"published": ap_datetime(user.created),
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
}
alt user names
2024-08-20 07:03:08 +12:00
if not main_user_name:
actor_data['name'] = 'Anonymous'
random published date to avoid cake day associations
2024-08-20 09:08:45 +12:00
actor_data['published'] = ap_datetime(user.created + timedelta(minutes=randint(-2592000, 0)))
bio for anon voting alt
2024-09-10 10:34:31 +12:00
actor_data['summary'] = '<p>This is an anonymous alternative account of another account. It has been generated automatically for a Piefed user who chose to keep their interactions private. They cannot reply to your messages using this account, but only upvote (like) or downvote (dislike). For more information about Piefed and this feature see <a href="https://piefed.social/post/205362">https://piefed.social/post/205362</a>.</p>'
alt user names
2024-08-20 07:03:08 +12:00
if user.avatar_id is not None and main_user_name:
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
actor_data["icon"] = {
"type": "Image",
upload images for community icon and banner
2023-12-08 17:13:38 +13:00
"url": f"https://{current_app.config['SERVER_NAME']}{user.avatar_image()}"
}
alt user names
2024-08-20 07:03:08 +12:00
if user.cover_id is not None and main_user_name:
upload images for community icon and banner
2023-12-08 17:13:38 +13:00
actor_data["image"] = {
"type": "Image",
"url": f"https://{current_app.config['SERVER_NAME']}{user.cover_image()}"
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
}
alt user names
2024-08-20 07:03:08 +12:00
if user.about_html and main_user_name:
Deliver Actor 'summary' info as HTML (same as Mastodon and Lemmy)
2024-05-14 16:24:05 +01:00
actor_data['summary'] = user.about_html
Revert earlier decision to only send out HTML (pls see app/utils.py line 327)
2024-09-22 13:42:02 +00:00
actor_data['source'] = {'content': user.about, 'mediaType': 'text/markdown'}
alt user names
2024-08-20 07:03:08 +12:00
if user.matrix_user_id and main_user_name:
matrix user id on user profiles
2023-12-28 21:00:26 +13:00
actor_data['matrixUserId'] = user.matrix_user_id
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
resp = jsonify(actor_data)
resp.content_type = 'application/activity+json'
return resp
else:
alt user names
2024-08-20 07:03:08 +12:00
if main_user_name:
return show_profile(user)
else:
return render_template('errors/alt_profile.html')
user banning and purging
2023-10-21 15:49:01 +13:00
else:
abort(404)
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
log all outgoing actitivies
2023-12-22 15:34:45 +13:00
@bp.route('/u/<actor>/outbox', methods=['GET'])
def user_outbox(actor):
outbox = {
"@context": default_context(),
'type': 'OrderedCollection',
'id': f"https://{current_app.config['SERVER_NAME']}/u/{actor}/outbox",
'orderedItems': [],
'totalItems': 0
}
resp = jsonify(outbox)
resp.content_type = 'application/activity+json'
return resp
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
@bp.route('/c/<actor>', methods=['GET'])
def community_profile(actor):
""" Requests to this endpoint can be for a JSON representation of the community, or a HTML rendering of it.
The two types of requests are differentiated by the header """
actor = actor.strip()
community list and beginning of viewing community
2023-08-29 22:01:06 +12:00
if '@' in actor:
# don't provide activitypub info for remote communities
subscription and unsubscription to remote communities - lemmy bugs also local cache busting
2023-12-03 22:41:15 +13:00
if 'application/ld+json' in request.headers.get('Accept', '') or 'application/activity+json' in request.headers.get('Accept', ''):
rss feeds on communities
2023-12-12 18:28:49 +13:00
abort(400)
lowercase ap_id on communities
2024-04-30 21:11:57 +12:00
community: Community = Community.query.filter_by(ap_id=actor.lower(), banned=False).first()
community list and beginning of viewing community
2023-08-29 22:01:06 +12:00
else:
delete community
2024-01-01 11:38:24 +13:00
community: Community = Community.query.filter_by(name=actor, ap_id=None).first()
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
if community is not None:
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
if is_activitypub_request():
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
server = current_app.config['SERVER_NAME']
federate incoming posts and post replies
2023-09-16 19:09:04 +12:00
actor_data = {"@context": default_context(),
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"type": "Group",
"id": f"https://{server}/c/{actor}",
federation: handle remote subscriptions and unsubscriptions
2023-11-16 22:31:14 +13:00
"name": community.title,
"sensitive": True if community.nsfw or community.nsfl else False,
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"preferredUsername": actor,
"inbox": f"https://{server}/c/{actor}/inbox",
"outbox": f"https://{server}/c/{actor}/outbox",
"followers": f"https://{server}/c/{actor}/followers",
"moderators": f"https://{server}/c/{actor}/moderators",
"featured": f"https://{server}/c/{actor}/featured",
"attributedTo": f"https://{server}/c/{actor}/moderators",
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
"postingRestrictedToMods": community.restricted_to_mods or community.local_only,
"newModsWanted": community.new_mods_wanted,
"privateMods": community.private_mods,
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"url": f"https://{server}/c/{actor}",
"publicKey": {
"id": f"https://{server}/c/{actor}#main-key",
"owner": f"https://{server}/c/{actor}",
lemmy compatibility
2023-11-22 22:12:58 +13:00
"publicKeyPem": community.public_key
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
},
"endpoints": {
"sharedInbox": f"https://{server}/inbox"
},
upload images for community icon and banner
2023-12-08 17:13:38 +13:00
"published": ap_datetime(community.created_at),
"updated": ap_datetime(community.last_active),
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
}
Deliver Actor 'summary' info as HTML (same as Mastodon and Lemmy)
2024-05-14 16:24:05 +01:00
if community.description_html:
actor_data["summary"] = community.description_html
Revert earlier decision to only send out HTML (pls see app/utils.py line 327)
2024-09-22 13:42:02 +00:00
actor_data['source'] = {'content': community.description, 'mediaType': 'text/markdown'}
federation: handle remote subscriptions and unsubscriptions
2023-11-16 22:31:14 +13:00
if community.icon_id is not None:
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
actor_data["icon"] = {
"type": "Image",
upload images for community icon and banner
2023-12-08 17:13:38 +13:00
"url": f"https://{current_app.config['SERVER_NAME']}{community.icon_image()}"
}
if community.image_id is not None:
actor_data["image"] = {
"type": "Image",
"url": f"https://{current_app.config['SERVER_NAME']}{community.header_image()}"
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
}
resp = jsonify(actor_data)
resp.content_type = 'application/activity+json'
return resp
community list and beginning of viewing community
2023-08-29 22:01:06 +12:00
else: # browser request - return html
return show_community(community)
else:
abort(404)
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
apf part 02: reject bad JSONs
2024-11-18 16:53:32 +00:00
@bp.route('/inbox', methods=['POST'])
follow remote communities - activitypub
2023-09-08 20:04:01 +12:00
def shared_inbox():
apf part 02: reject bad JSONs
2024-11-18 16:53:32 +00:00
try:
request_json = request.get_json(force=True)
except werkzeug.exceptions.BadRequest as e:
log_incoming_ap('', APLOG_NOTYPE, APLOG_FAILURE, None, 'Unable to parse json body: ' + e.description)
return '', 400
g.site = Site.query.get(1) # g.site is not initialized by @app.before_request when request.path == '/inbox'
store_ap_json = g.site.log_activitypub_json
if not 'id' in request_json or not 'type' in request_json or not 'actor' in request_json or not 'object' in request_json:
log_incoming_ap('', APLOG_NOTYPE, APLOG_FAILURE, request_json if store_ap_json else None, 'Missing minimum expected fields in JSON')
return '', 400
id = request_json['id']
if request_json['type'] == 'Announce' and isinstance(request_json['object'], dict):
object = request_json['object']
if not 'id' in object or not 'type' in object or not 'actor' in object or not 'object' in object:
if 'type' in object and (object['type'] == 'Page' or object['type'] == 'Note'):
log_incoming_ap(request_json['id'], APLOG_ANNOUNCE, APLOG_IGNORED, request_json if store_ap_json else None, 'Intended for Mastodon')
else:
log_incoming_ap(request_json['id'], APLOG_ANNOUNCE, APLOG_FAILURE, request_json if store_ap_json else None, 'Missing minimum expected fields in JSON Announce object')
return '', 400
if object['actor'].startswith('https://' + current_app.config['SERVER_NAME']):
log_incoming_ap(object['id'], APLOG_DUPLICATE, APLOG_IGNORED, request_json if store_ap_json else None, 'Activity about local content which is already present')
return '', 400
apf part 03: reject unneccessary retries
2024-11-18 17:16:46 +00:00
redis_client = get_redis_connection()
if redis_client.exists(id): # Something is sending same activity multiple times, or Announcing as well as sending the same content
log_incoming_ap(id, APLOG_DUPLICATE, APLOG_IGNORED, request_json if store_ap_json else None, 'Unnecessary retry attempt')
return '', 400
redis_client.set(id, 1, ex=90) # Save the activity ID into redis, to avoid duplicate activities
apf part 04: ignore unutilised PeerTube activity
2024-11-18 17:18:09 +00:00
# Ignore unutilised PeerTube activity
if request_json['actor'].endswith('accounts/peertube'):
log_incoming_ap(request_json['id'], APLOG_PT_VIEW, APLOG_IGNORED, request_json if store_ap_json else None, 'PeerTube View or CacheFile activity')
return ''
apf part 05: ignore self-deletes from users that do not exist here
2024-11-18 17:28:41 +00:00
# Ignore delete requests from uses that do not already exist here
if request_json['type'] == 'Delete':
if (request_json['id'].endswith('#delete') or # Mastodon / PieFed
('object' in request_json and isinstance(request_json['object'], str) and request_json['actor'] == request_json['object'])): # Lemmy
actor = User.query.filter_by(ap_profile_id=request_json['actor'].lower()).first()
if not actor:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_IGNORED, request_json if store_ap_json else None, 'Does not exist here')
return '', 400
else:
actor.ap_fetched_at = utcnow() # use stored pubkey, don't try to re-fetch for next step (signature verification)
db.session.commit()
apf part 06: reject any ActivityPub activity from a local actor
2024-11-18 17:47:26 +00:00
actor = find_actor_or_create(request_json['actor'])
if not actor:
actor_name = request_json['actor']
log_incoming_ap(request_json['id'], APLOG_NOTYPE, APLOG_FAILURE, request_json if store_ap_json else None, f'Actor could not be found 1: {actor_name}')
return '', 400
if actor.is_local(): # should be impossible (can be Announced back, but not sent without access to privkey)
log_incoming_ap(request_json['id'], APLOG_NOTYPE, APLOG_FAILURE, request_json if store_ap_json else None, 'ActivityPub activity from a local actor')
return '', 400
else:
actor.instance.last_seen = utcnow()
actor.instance.dormant = False
actor.instance.gone_forever = False
actor.instance.failures = 0
actor.instance.ip_address = ip_address()
db.session.commit()
apf part 07: verify LD signature if HTTP signature fails
2024-11-18 18:44:28 +00:00
try:
HttpSignature.verify_request(request, actor.public_key, skip_date=True)
except VerificationError as e:
if not 'signature' in request_json:
log_incoming_ap(request_json['id'], APLOG_NOTYPE, APLOG_FAILURE, request_json if store_ap_json else None, 'Could not verify HTTP signature: ' + str(e))
return '', 400
# HTTP sig will fail if a.gup.pe or PeerTube have bounced a request, so check LD sig instead
try:
LDSignature.verify_signature(request_json, actor.public_key)
except VerificationError as e:
log_incoming_ap(request_json['id'], APLOG_NOTYPE, APLOG_FAILURE, request_json if store_ap_json else None, 'Could not verify LD signature: ' + str(e))
return '', 400
apf part 08: process requests from users who want to delete their own account
2024-11-18 19:28:37 +00:00
# When a user is deleted, the only way to be fairly sure they get deleted everywhere is to tell the whole fediverse.
# Earlier check means this is only for users that already exist, repeating it here means that http signature will have been verified
if request_json['type'] == 'Delete':
if (request_json['id'].endswith('#delete') or # Mastodon / PieFed
('object' in request_json and isinstance(request_json['object'], str) and request_json['actor'] == request_json['object'])): # Lemmy
if current_app.debug:
process_delete_request(request_json, store_ap_json)
else:
process_delete_request.delay(request_json, store_ap_json)
return ''
apf part 09: Follow requests
2024-11-18 21:10:12 +00:00
if current_app.debug:
process_inbox_request(request_json, store_ap_json)
else:
process_inbox_request.delay(request_json, store_ap_json)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
return ''
Pass requests to site_inbox on (used by remote admins to inform of site bans)
2024-05-22 17:04:05 +01:00
@bp.route('/site_inbox', methods=['GET', 'POST'])
def site_inbox():
return shared_inbox()
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
@celery.task
apf part 09: Follow requests
2024-11-18 21:10:12 +00:00
def process_inbox_request(request_json, store_ap_json):
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
with current_app.app_context():
site = Site.query.get(1) # can't use g.site because celery doesn't use Flask's g variable
apf part 09: Follow requests
2024-11-18 21:10:12 +00:00
# For an Announce, Accept, or Reject, we have the community, and need to find the user
# For everything else, we have the user, and need to find the community
# Benefits of always using request_json['actor']:
# It's the actor who signed the request, and whose signature has been verified
# Because of the earlier check, we know that they already exist, and so don't need to check again
# Using actors from inner objects has a vulnerability to spoofing attacks (e.g. if 'attributedTo' doesn't match the 'Create' actor)
if request_json['type'] == 'Announce' or request_json['type'] == 'Accept' or request_json['type'] == 'Reject':
community_ap_id = request_json['actor']
community = find_actor_or_create(community_ap_id, community_only=True, create_if_not_found=False)
if not community or not isinstance(community, Community):
log_incoming_ap(announce_id, APLOG_ANNOUNCE, APLOG_FAILURE, request_json, 'Actor was not a community')
return
user_ap_id = None # found in 'if request_json['type'] == 'Announce', or it's a local user (for 'Accept'/'Reject')
else:
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id, create_if_not_found=False)
if not user or not isinstance(user, User):
log_incoming_ap(announce_id, APLOG_NOTYPE, APLOG_FAILURE, request_json, 'Actor was not a user')
return
user.last_seen = site.last_active = utcnow()
db.session.commit()
community = None # found as needed
# Follow: remote user wants to join/follow one of our users or communities
if request_json['type'] == 'Follow':
target_ap_id = request_json['object']
follow_id = request_json['id']
target = find_actor_or_create(target_ap_id, create_if_not_found=False)
if not target:
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_FAILURE, request_json if store_ap_json else None, 'Could not find target of Follow')
return
if isinstance(target, Community):
community = target
reject_follow = False
if community.local_only:
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_FAILURE, request_json if store_ap_json else None, 'Local only cannot be followed by remote users')
reject_follow = True
else:
# check if user is banned from this community
user_banned = CommunityBan.query.filter_by(user_id=user.id, community_id=community.id).first()
if user_banned:
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_FAILURE, request_json if store_ap_json else None, 'Remote user has been banned')
reject_follow = True
if reject_follow:
# send reject message to deny the follow
reject = {"@context": default_context(), "actor": community.public_url(), "to": [user.public_url()],
"object": {"actor": user.public_url(), "to": None, "object": community.public_url(), "type": "Follow", "id": follow_id},
"type": "Reject", "id": f"https://{current_app.config['SERVER_NAME']}/activities/reject/" + gibberish(32)}
post_request(user.ap_inbox_url, reject, community.private_key, f"{community.public_url()}#main-key")
else:
if community_membership(user, community) != SUBSCRIPTION_MEMBER:
member = CommunityMember(user_id=user.id, community_id=community.id)
db.session.add(member)
db.session.commit()
cache.delete_memoized(community_membership, user, community)
# send accept message to acknowledge the follow
accept = {"@context": default_context(), "actor": community.public_url(), "to": [user.public_url()],
"object": {"actor": user.public_url(), "to": None, "object": community.public_url(), "type": "Follow", "id": follow_id},
"type": "Accept", "id": f"https://{current_app.config['SERVER_NAME']}/activities/accept/" + gibberish(32)}
post_request(user.ap_inbox_url, accept, community.private_key, f"{community.public_url()}#main-key")
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_SUCCESS, request_json if store_ap_json else None)
return
elif isinstance(target, User):
local_user = target
remote_user = user
if not local_user.is_local():
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_FAILURE, request_json if store_ap_json else None, 'Follow request for remote user received')
return
existing_follower = UserFollower.query.filter_by(local_user_id=local_user.id, remote_user_id=remote_user.id).first()
if not existing_follower:
auto_accept = not local_user.ap_manually_approves_followers
new_follower = UserFollower(local_user_id=local_user.id, remote_user_id=remote_user.id, is_accepted=auto_accept)
if not local_user.ap_followers_url:
local_user.ap_followers_url = local_user.public_url() + '/followers'
db.session.add(new_follower)
db.session.commit()
accept = {"@context": default_context(), "actor": local_user.public_url(), "to": [remote_user.public_url()],
"object": {"actor": remote_user.public_url(), "to": None, "object": local_user.public_url(), "type": "Follow", "id": follow_id},
"type": "Accept", "id": f"https://{current_app.config['SERVER_NAME']}/activities/accept/" + gibberish(32)}
post_request(remote_user.ap_inbox_url, accept, local_user.private_key, f"{local_user.public_url()}#main-key")
log_incoming_ap(request_json['id'], APLOG_FOLLOW, APLOG_SUCCESS, request_json if store_ap_json else None)
return
apf part 10: Accepts for follows
2024-11-18 21:19:42 +00:00
# Accept: remote server is accepting our previous follow request
if request_json['type'] == 'Accept':
user = None
if isinstance(request_json['object'], str): # a.gup.pe accepts using a string with the ID of the follow request
join_request_parts = request_json['object'].split('/')
join_request = CommunityJoinRequest.query.get(join_request_parts[-1])
if join_request:
user = User.query.get(join_request.user_id)
elif request_json['object']['type'] == 'Follow':
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id, create_if_not_found=False)
if not user:
log_incoming_ap(request_json['id'], APLOG_ACCEPT, APLOG_FAILURE, request_json if store_ap_json else None, 'Could not find recipient of Accept')
return
join_request = CommunityJoinRequest.query.filter_by(user_id=user.id, community_id=community.id).first()
if join_request:
existing_membership = CommunityMember.query.filter_by(user_id=join_request.user_id, community_id=join_request.community_id).first()
if not existing_membership:
member = CommunityMember(user_id=join_request.user_id, community_id=join_request.community_id)
db.session.add(member)
community.subscriptions_count += 1
db.session.commit()
cache.delete_memoized(community_membership, user, community)
log_incoming_ap(request_json['id'], APLOG_ACCEPT, APLOG_SUCCESS, request_json if store_ap_json else None)
return
apf part 11: Rejects for follows
2024-11-18 21:25:19 +00:00
# Reject: remote server is rejecting our previous follow request
if request_json['type'] == 'Reject':
if request_json['object']['type'] == 'Follow':
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id, create_if_not_found=False)
if not user:
log_incoming_ap(request_json['id'], APLOG_ACCEPT, APLOG_FAILURE, request_json if store_ap_json else None, 'Could not find recipient of Reject')
return
join_request = CommunityJoinRequest.query.filter_by(user_id=user.id, community_id=community.id).first()
if join_request:
db.session.delete(join_request)
existing_membership = CommunityMember.query.filter_by(user_id=user.id, community_id=community.id).first()
if existing_membership:
db.session.delete(existing_membership)
cache.delete_memoized(community_membership, user, community)
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_ACCEPT, APLOG_SUCCESS, request_json if store_ap_json else None)
return
apf part 09: Follow requests
2024-11-18 21:10:12 +00:00
apf part 12: Create/Update requests
2024-11-18 22:05:25 +00:00
# Create is new content. Update is often an edit, but Updates from Lemmy can also be new content
if request_json['type'] == 'Create' or request_json['type'] == 'Update':
if request_json['object']['type'] == 'ChatMessage':
sender = user
recipient_ap_id = request_json['object']['to'][0]
recipient = find_actor_or_create(recipient_ap_id, create_if_not_found=False)
if recipient and recipient.is_local():
if sender.created_recently() or sender.reputation <= -10:
log_incoming_ap(request_json['id'], APLOG_CHATMESSAGE, APLOG_FAILURE, request_json if store_ap_json else None, 'Sender not eligible to send')
return
elif recipient.has_blocked_user(sender.id) or recipient.has_blocked_instance(sender.instance_id):
log_incoming_ap(request_json['id'], APLOG_CHATMESSAGE, APLOG_FAILURE, request_json if store_ap_json else None, 'Sender blocked by recipient')
return
else:
# Find existing conversation to add to
existing_conversation = Conversation.find_existing_conversation(recipient=recipient, sender=sender)
if not existing_conversation:
existing_conversation = Conversation(user_id=sender.id)
existing_conversation.members.append(recipient)
existing_conversation.members.append(sender)
db.session.add(existing_conversation)
db.session.commit()
# Save ChatMessage to DB
encrypted = request_json['object']['encrypted'] if 'encrypted' in request_json['object'] else None
new_message = ChatMessage(sender_id=sender.id, recipient_id=recipient.id, conversation_id=existing_conversation.id,
body_html=request_json['object']['content'],
body=html_to_text(request_json['object']['content']),
encrypted=encrypted)
db.session.add(new_message)
existing_conversation.updated_at = utcnow()
db.session.commit()
# Notify recipient
notify = Notification(title=shorten_string('New message from ' + sender.display_name()),
url=f'/chat/{existing_conversation.id}#message_{new_message}', user_id=recipient.id,
author_id=sender.id)
db.session.add(notify)
recipient.unread_notifications += 1
existing_conversation.read = False
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_CHATMESSAGE, APLOG_SUCCESS, request_json if store_ap_json else None)
return
# inner object of Create is not a ChatMessage
else:
if (request_json['object']['type'] == 'Note' and 'name' in request_json['object'] and # Poll Votes
'inReplyTo' in request_json['object'] and 'attributedTo' in request_json['object']):
post_being_replied_to = Post.query.filter_by(ap_id=request_json['object']['inReplyTo']).first()
if post_being_replied_to:
poll_data = Poll.query.get(post_being_replied_to.id)
choice = PollChoice.query.filter_by(post_id=post_being_replied_to.id, choice_text=request_json['object']['name']).first()
if poll_data and choice:
poll_data.vote_for_choice(choice.id, user.id)
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_SUCCESS, request_json if store_ap_json else None)
if post_being_replied_to.author.is_local():
inform_followers_of_post_update(post_being_replied_to.id, user.instance_id)
return
community_ap_id = find_community_ap_id(request_json)
if not ensure_domains_match(request_json['object']):
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Domains do not match')
return
community = find_actor_or_create(community_ap_id, community_only=True, create_if_not_found=False) if community_ap_id else None
if community and community.local_only:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Remote Create in local_only community')
return
if not community:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Blocked or unfound community')
return
object_type = request_json['object']['type']
new_content_types = ['Page', 'Article', 'Link', 'Note', 'Question']
if object_type in new_content_types: # create or update a post
process_new_content(user, community, store_ap_json, request_json, announced=False)
return
elif object_type == 'Video': # PeerTube: editing a video (PT doesn't Announce these)
post = Post.query.filter_by(ap_id=request_json['object']['id']).first()
if post:
if user.id == post.user_id:
update_post_from_activity(post, request_json)
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_SUCCESS, request_json if store_ap_json else None)
return
else:
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Edit attempt denied')
return
else:
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_FAILURE, request_json if store_ap_json else None, 'PeerTube post not found')
return
else:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unacceptable type (create): ' + object_type)
return
apf part 13: Delete requests
2024-11-18 22:31:18 +00:00
if request_json['type'] == 'Delete':
if isinstance(request_json['object'], str):
ap_id = request_json['object'] # lemmy
else:
ap_id = request_json['object']['id'] # kbin
to_delete = find_liked_object(ap_id) # Just for Posts and Replies (User deletes go through process_delete_request())
if to_delete:
if to_delete.deleted:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_IGNORED, request_json if store_ap_json else None, 'Activity about local content which is already deleted')
else:
delete_post_or_comment(user, to_delete, store_ap_json, request_json)
announce_activity_to_followers(to_delete.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_FAILURE, request_json if store_ap_json else None, 'Delete: cannot find ' + ap_id)
return
apf part 14: Like / Dislike requests
2024-11-19 11:51:29 +00:00
if request_json['type'] == 'Like' or request_json['type'] == 'EmojiReact': # Upvote
process_upvote(user, store_ap_json, request_json, announced=False)
return
if request_json['type'] == 'Dislike': # Downvote
if site.enable_downvotes is False:
log_incoming_ap(request_json['id'], APLOG_DISLIKE, APLOG_IGNORED, request_json if store_ap_json else None, 'Dislike ignored because of allow_dislike setting')
return
process_downvote(user, store_ap_json, request_json, announced=False)
return
apf part 15: Flag requests
2024-11-19 12:02:15 +00:00
if request_json['type'] == 'Flag': # Reported content
reported = find_reported_object(request_json['object'])
if reported:
process_report(user, reported, request_json)
log_incoming_ap(request_json['id'], APLOG_REPORT, APLOG_SUCCESS, request_json if store_ap_json else None)
announce_activity_to_followers(reported.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_REPORT, APLOG_IGNORED, request_json if store_ap_json else None, 'Report ignored due to missing content')
return
apf part 16: Block requests
2024-11-20 19:48:38 +00:00
if request_json['type'] == 'Block': # remote site is banning one of their users
blocker = user
blocked_ap_id = request_json['object'].lower()
blocked = User.query.filter_by(ap_profile_id=blocked_ap_id).first()
if store_ap_json:
request_json['cc'] = [] # cut very long list of instances
if not blocked:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_IGNORED, request_json if store_ap_json else None, 'Does not exist here')
return
block_from_ap_id = request_json['target']
remove_data = request_json['removeData'] if 'removeData' in request_json else False
# Lemmy currently only sends userbans for admins banning local users
# Banning remote users is hacked by banning them from every community of which they are a part
# There's plans to change this in the future though.
if not blocker.is_instance_admin() and not blocked.instance_id == blocker.instance_id:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_FAILURE, request_json if store_ap_json else None, 'Does not have permission')
return
# request_json includes 'expires' and 'endTime' (same thing) but nowhere to record this and check in future for end in ban.
if remove_data == True:
site_ban_remove_data(blocker.id, blocked)
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
#blocked.banned = True # uncommented until there's a mechanism for processing ban expiry date
#db.session.commit()
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_IGNORED, request_json if store_ap_json else None, 'Banned, but content retained')
return
apf part 17: Undo / Follow requests
2024-11-22 02:07:22 +00:00
if request_json['type'] == 'Undo':
if request_json['object']['type'] == 'Follow': # Unsubscribe from a community or user
target_ap_id = request_json['object']['object']
target = find_actor_or_create(target_ap_id, create_if_not_found=False)
if isinstance(target, Community):
community = target
member = CommunityMember.query.filter_by(user_id=user.id, community_id=community.id).first()
join_request = CommunityJoinRequest.query.filter_by(user_id=user.id, community_id=community.id).first()
if member:
db.session.delete(member)
community.subscriptions_count -= 1
if join_request:
db.session.delete(join_request)
db.session.commit()
cache.delete_memoized(community_membership, user, community)
log_incoming_ap(request_json['id'], APLOG_UNDO_FOLLOW, APLOG_SUCCESS, request_json if store_ap_json else None)
return
if isinstance(target, User):
local_user = target
remote_user = user
follower = UserFollower.query.filter_by(local_user_id=local_user.id, remote_user_id=remote_user.id, is_accepted=True).first()
if follower:
db.session.delete(follower)
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_UNDO_FOLLOW, APLOG_SUCCESS, request_json if store_ap_json else None)
return
if not target:
log_incoming_ap(request_json['id'], APLOG_UNDO_FOLLOW, APLOG_FAILURE, request_json if store_ap_json else None, 'Unfound target')
return
apf part 18: Undo / Delete requests
2024-11-23 01:29:04 +00:00
if request_json['object']['type'] == 'Delete': # Restore something previously deleted
if isinstance(request_json['object']['object'], str):
ap_id = request_json['object']['object'] # lemmy
else:
ap_id = request_json['object']['object']['id'] # kbin
if user.ap_profile_id == ap_id.lower():
# a user is undoing a self-delete
# will never get here, because find_actor_or_create() in shared_inbox() will return None if user.deleted
return
restorer = user
to_restore = find_liked_object(ap_id) # a user or a mod/admin is undoing the delete of a post or reply
if to_restore:
if not to_restore.deleted:
log_incoming_ap(request_json['id'], APLOG_UNDO_DELETE, APLOG_IGNORED, request_json if store_ap_json else None, 'Activity about local content which is already restored')
else:
restore_post_or_comment(restorer, to_restore, store_ap_json, request_json)
announce_activity_to_followers(to_restore.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_UNDO_DELETE, APLOG_FAILURE, request_json if store_ap_json else None, 'Undo delete: cannot find ' + ap_id)
return
apf part 19: Undo / Like requests
2024-11-23 01:36:31 +00:00
if request_json['object']['type'] == 'Like' or request_json['object']['type'] == 'Dislike': # Undoing an upvote or downvote
post = comment = None
target_ap_id = request_json['object']['object']
post_or_comment = undo_vote(comment, post, target_ap_id, user)
if post_or_comment:
log_incoming_ap(request_json['id'], APLOG_UNDO_VOTE, APLOG_SUCCESS, request_json if store_ap_json else None)
announce_activity_to_followers(post_or_comment.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_UNDO_VOTE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unfound object ' + target_ap_id)
return
apf part 20: Undo / Block requests
2024-11-23 01:39:47 +00:00
if request_json['object']['type'] == 'Block': # remote site is unbanning one of their users
unblocker = user
unblocked_ap_id = request_json['object']['object'].lower()
unblocked = User.query.filter_by(ap_profile_id=unblocked_ap_id).first()
if store_ap_json:
request_json['cc'] = [] # cut very long list of instances
request_json['object']['cc'] = []
if not unblocked:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_IGNORED, request_json if store_ap_json else None, 'Does not exist here')
return
unblock_from_ap_id = request_json['object']['target']
if not unblocker.is_instance_admin() and not unblocked.instance_id == blocker.instance_id:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_FAILURE, request_json if store_ap_json else None, 'Does not have permission')
return
# (no removeData field in an undo/ban - cannot restore without knowing if deletion was part of ban, or different moderator action)
#unblocked.banned = False # uncommented until there's a mechanism for processing ban expiry date
#db.session.commit()
log_incoming_ap(request_json['id'], APLOG_UNDO_USERBAN, APLOG_SUCCESS, request_json if store_ap_json else None)
return
apf part 21: Announce / Create or Update
2024-11-23 19:26:25 +00:00
# Announce is new content and votes that happened on a remote server.
if request_json['type'] == 'Announce':
if isinstance(request_json['object'], str): # Mastodon, PeerTube, A.gup.pe
post = resolve_remote_post(request_json['object'], community.id, announce_actor=community.ap_profile_id, store_ap_json=store_ap_json)
if post:
log_incoming_ap(request_json['id'], APLOG_ANNOUNCE, APLOG_SUCCESS, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_ANNOUNCE, APLOG_FAILURE, request_json, 'Could not resolve post')
return
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id)
if not user or not isinstance(user, User):
log_incoming_ap(request_json['id'], APLOG_ANNOUNCE, APLOG_FAILURE, request_json, 'Blocked or unfound user for Announce object actor ' + user_ap_id)
return
user.last_seen = site.last_active = utcnow()
user.instance.last_seen = utcnow()
user.instance.dormant = False
user.instance.gone_forever = False
user.instance.failures = 0
db.session.commit()
if request_json['object']['type'] == 'Create' or request_json['object']['type'] == 'Update':
object_type = request_json['object']['object']['type']
new_content_types = ['Page', 'Article', 'Link', 'Note', 'Question']
if object_type in new_content_types: # create or update a post
process_new_content(user, community, store_ap_json, request_json)
elif request_json['object']['type'] == 'Update' and request_json['object']['object']['type'] == 'Group':
# force refresh next time community is heard from
community.ap_fetched_at = None
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unacceptable type (create): ' + object_type)
return
apf part 22: Announce / Delete
2024-11-23 19:41:09 +00:00
if request_json['object']['type'] == 'Delete': # Announced Delete
if isinstance(request_json['object']['object'], str):
ap_id = request_json['object']['object'] # lemmy
else:
ap_id = request_json['object']['object']['id'] # kbin
to_delete = find_liked_object(ap_id) # Just for Posts and Replies (User deletes aren't announced)
if to_delete:
if to_delete.deleted:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_IGNORED, request_json if store_ap_json else None, 'Activity about local content which is already deleted')
else:
delete_post_or_comment(user, to_delete, store_ap_json, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_FAILURE, request_json if store_ap_json else None, 'Delete: cannot find ' + ap_id)
return
apf part 23: Announce / Like or Dislike
2024-11-23 19:46:27 +00:00
if request_json['object']['type'] == 'Like' or request_json['object']['type'] == 'EmojiReact': # Announced Upvote
process_upvote(user, store_ap_json, request_json)
return
if request_json['object']['type'] == 'Dislike': # Announced Downvote
if site.enable_downvotes is False:
log_incoming_ap(request_json['id'], APLOG_DISLIKE, APLOG_IGNORED, request_json if store_ap_json else None, 'Dislike ignored because of allow_dislike setting')
return
process_downvote(user, store_ap_json, request_json)
return
apf part 24: Announce / Flag
2024-11-23 20:04:39 +00:00
if request_json['object']['type'] == 'Flag': # Announce of reported content
reported = find_reported_object(request_json['object']['object'])
if reported:
process_report(user, reported, request_json['object'])
log_incoming_ap(request_json['id'], APLOG_REPORT, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_REPORT, APLOG_IGNORED, request_json if store_ap_json else None, 'Report ignored due to missing content')
return
apf part 25: Announce / Lock
2024-11-24 16:06:33 +00:00
if request_json['object']['type'] == 'Lock': # Announce of post lock
mod = user
post_id = request_json['object']['object']
post = Post.query.filter_by(ap_id=post_id).first()
if post:
if post.community.is_moderator(mod) or post.community.is_instance_admin(mod):
post.comments_enabled = False
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_LOCK, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_LOCK, APLOG_FAILURE, request_json if store_ap_json else None, 'Lock: Does not have permission')
else:
log_incoming_ap(request_json['id'], APLOG_LOCK, APLOG_FAILURE, request_json if store_ap_json else None, 'Lock: post not found')
return
apf part 26: Announce / Add mods or sticky
2024-11-24 16:31:20 +00:00
if request_json['object']['type'] == 'Add': # Announce of adding mods or stickying a post
target = request_json['object']['target']
featured_url = community.ap_featured_url
moderators_url = community.ap_moderators_url
if target == featured_url:
post = Post.query.filter_by(ap_id=request_json['object']['object']).first()
if post:
post.sticky = True
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_ADD, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_ADD, APLOG_FAILURE, request_json if store_ap_json else None, 'Cannot find: ' + request_json['object']['object'])
return
if target == moderators_url:
user = find_actor_or_create(request_json['object']['object'])
if user:
existing_membership = CommunityMember.query.filter_by(community_id=community.id, user_id=user.id).first()
if existing_membership:
existing_membership.is_moderator = True
else:
new_membership = CommunityMember(community_id=community.id, user_id=user.id, is_moderator=True)
db.session.add(new_membership)
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_ADD, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_ADD, APLOG_FAILURE, request_json if store_ap_json else None, 'Cannot find: ' + request_json['object']['object'])
return
log_incoming_ap(request_json['id'], APLOG_ADD, APLOG_FAILURE, request_json if store_ap_json else None, 'Unknown target for Add')
return
apf part 27: Announce / Remove mods or sticky
2024-11-24 16:35:10 +00:00
if request_json['object']['type'] == 'Remove': # Announce of removing mods or unstickying a post
target = request_json['object']['target']
featured_url = community.ap_featured_url
moderators_url = community.ap_moderators_url
if target == featured_url:
post = Post.query.filter_by(ap_id=request_json['object']['object']).first()
if post:
post.sticky = False
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_REMOVE, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_REMOVE, APLOG_FAILURE, request_json if store_ap_json else None, 'Cannot find: ' + target)
return
if target == moderators_url:
user = find_actor_or_create(request_json['object']['object'], create_if_not_found=False)
if user:
existing_membership = CommunityMember.query.filter_by(community_id=community.id, user_id=user.id).first()
if existing_membership:
existing_membership.is_moderator = False
db.session.commit()
log_incoming_ap(request_json['id'], APLOG_REMOVE, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_REMOVE, APLOG_FAILURE, request_json if store_ap_json else None, 'Cannot find: ' + request_json['object']['object'])
return
log_incoming_ap(request_json['id'], APLOG_REMOVE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unknown target for Remove')
return
apf part 28: Announce / Block to ban users from communities
2024-11-24 21:01:34 +00:00
if request_json['object']['type'] == 'Block': # Announce of user ban. Mod is banning a user from a community,
blocker = user # or an admin is banning a user from all the site's communities as part of a site ban
blocked_ap_id = request_json['object']['object'].lower()
blocked = User.query.filter_by(ap_profile_id=blocked_ap_id).first()
if not blocked:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_IGNORED, request_json if store_ap_json else None, 'Does not exist here')
return
remove_data = request_json['object']['removeData'] if 'removeData' in request_json['object'] else False
if not community.is_moderator(blocker) and not community.is_instance_admin(blocker):
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_FAILURE, request_json if store_ap_json else None, 'Does not have permission')
return
if remove_data == True:
community_ban_remove_data(blocker.id, community.id, blocked)
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_USERBAN, APLOG_IGNORED, request_json if store_ap_json else None, 'Banned, but content retained')
if blocked.is_local():
ban_local_user(blocker, blocked, community, request_json)
return
apf part 29: Announce / Undo / Delete
2024-11-24 21:10:16 +00:00
if request_json['object']['type'] == 'Undo':
if request_json['object']['object']['type'] == 'Delete': # Announce of undo of Delete
if isinstance(request_json['object']['object']['object'], str):
ap_id = request_json['object']['object']['object'] # lemmy
else:
ap_id = request_json['object']['object']['object']['id'] # kbin
restorer = user
to_restore = find_liked_object(ap_id) # a user or a mod/admin is undoing the delete of a post or reply
if to_restore:
if not to_restore.deleted:
log_incoming_ap(request_json['id'], APLOG_UNDO_DELETE, APLOG_IGNORED, request_json if store_ap_json else None, 'Content was not deleted')
else:
restore_post_or_comment(restorer, to_restore, store_ap_json, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_UNDO_DELETE, APLOG_FAILURE, request_json if store_ap_json else None, 'Undo delete: cannot find ' + ap_id)
return
apf part 25: Announce / Lock
2024-11-24 16:06:33 +00:00
apf part 09: Follow requests
2024-11-18 21:10:12 +00:00
# -- below this point is code that will be incrementally replaced to use log_incoming_ap() instead --
# save all incoming data to aid in debugging and development. Set result to 'success' if things go well
activity_log = ActivityPubLog(direction='in', result='failure')
if 'id' in request_json:
activity_log.activity_id = request_json['id']
if site.log_activitypub_json:
activity_log.activity_json = json.dumps(request_json)
activity_log.result = 'processing'
db.session.add(activity_log)
db.session.commit()
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if 'type' in request_json:
activity_log.activity_type = request_json['type']
if not instance_blocked(request_json['id']):
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
# Create is new content. Update is often an edit, but Updates from Lemmy can also be new content
if request_json['type'] == 'Create' or request_json['type'] == 'Update':
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.activity_type = 'Create'
if there is no attributedTo, fall back to the actor on the parent object
2024-06-28 13:03:07 +08:00
user_ap_id = request_json['object']['attributedTo'] if 'attributedTo' in request_json['object'] and isinstance(request_json['object']['attributedTo'], str) else None
if user_ap_id is None: # if there is no attributedTo, fall back to the actor on the parent object
user_ap_id = request_json['actor'] if 'actor' in request_json and isinstance(request_json['actor'], str) else None
send private messages
2024-02-17 20:05:57 +13:00
if request_json['object']['type'] == 'ChatMessage':
activity_log.activity_type = 'Create ChatMessage'
sender = find_actor_or_create(user_ap_id)
recipient_ap_id = request_json['object']['to'][0]
recipient = find_actor_or_create(recipient_ap_id)
if sender and recipient and recipient.is_local():
chat - tidy up and nav improvements
2024-02-19 15:56:56 +13:00
if sender.created_recently() or sender.reputation <= -10:
chat 2.0
2024-02-19 15:01:53 +13:00
activity_log.exception_message = "Sender not eligible to send"
elif recipient.has_blocked_user(sender.id) or recipient.has_blocked_instance(sender.instance_id):
send private messages
2024-02-17 20:05:57 +13:00
activity_log.exception_message = "Sender blocked by recipient"
else:
chat - tidy up and nav improvements
2024-02-19 15:56:56 +13:00
# Find existing conversation to add to
existing_conversation = Conversation.find_existing_conversation(recipient=recipient, sender=sender)
if not existing_conversation:
existing_conversation = Conversation(user_id=sender.id)
existing_conversation.members.append(recipient)
existing_conversation.members.append(sender)
db.session.add(existing_conversation)
db.session.commit()
send private messages
2024-02-17 20:05:57 +13:00
# Save ChatMessage to DB
encrypted = request_json['object']['encrypted'] if 'encrypted' in request_json['object'] else None
chat - tidy up and nav improvements
2024-02-19 15:56:56 +13:00
new_message = ChatMessage(sender_id=sender.id, recipient_id=recipient.id, conversation_id=existing_conversation.id,
send private messages
2024-02-17 20:05:57 +13:00
body=request_json['object']['source']['content'],
Remove last remaining uses of lemmy_markdown_to_html Everything is now piped through allowlist (except spoiler MD as Lemmy doesn't convert the MD in the contents)
2024-09-21 20:05:34 +00:00
body_html=markdown_to_html(request_json['object']['source']['content']),
send private messages
2024-02-17 20:05:57 +13:00
encrypted=encrypted)
db.session.add(new_message)
record last activity in a conversation
2024-03-28 09:24:13 +13:00
existing_conversation.updated_at = utcnow()
send private messages
2024-02-17 20:05:57 +13:00
db.session.commit()
# Notify recipient
notify = Notification(title=shorten_string('New message from ' + sender.display_name()),
better chat notification link
2024-04-15 19:03:59 +12:00
url=f'/chat/{existing_conversation.id}#message_{new_message}', user_id=recipient.id,
send private messages
2024-02-17 20:05:57 +13:00
author_id=sender.id)
db.session.add(notify)
recipient.unread_notifications += 1
chat - tidy up and nav improvements
2024-02-19 15:56:56 +13:00
existing_conversation.read = False
send private messages
2024-02-17 20:05:57 +13:00
db.session.commit()
activity_log.result = 'success'
else:
try:
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
community_ap_id = ''
locations = ['audience', 'cc', 'to']
if 'object' in request_json:
MBin sends Create activities even for remote communities #290 Lemmy uses Announce -> Create for communities hosted on their instance and only uses Create when posting to a community on our instance. Mbin uses Create all the time.
2024-08-10 18:42:49 +12:00
rjs = [request_json, request_json['object']]
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
else:
MBin sends Create activities even for remote communities #290 Lemmy uses Announce -> Create for communities hosted on their instance and only uses Create when posting to a community on our instance. Mbin uses Create all the time.
2024-08-10 18:42:49 +12:00
rjs = [request_json]
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
followers_suffix = '/followers'
for rj in rjs:
MBin sends Create activities even for remote communities #290 Lemmy uses Announce -> Create for communities hosted on their instance and only uses Create when posting to a community on our instance. Mbin uses Create all the time.
2024-08-10 18:42:49 +12:00
for location in locations:
if location in rj:
potential_id = rj[location]
if isinstance(potential_id, str):
if not potential_id.startswith('https://www.w3.org') and not potential_id.endswith(followers_suffix):
community_ap_id = potential_id
if isinstance(potential_id, list):
for c in potential_id:
if not c.startswith('https://www.w3.org') and not c.endswith(followers_suffix):
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
community_ap_id = c
break
if community_ap_id:
break
if community_ap_id:
break
Possible fix for random posts from 'snac' users not being properly rejected and ending up in a community
2024-09-04 13:33:09 +00:00
if not community_ap_id and 'object' in request_json and \
'inReplyTo' in request_json['object'] and request_json['object']['inReplyTo'] is not None:
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
post_being_replied_to = Post.query.filter_by(ap_id=request_json['object']['inReplyTo']).first()
if post_being_replied_to:
community_ap_id = post_being_replied_to.community.ap_profile_id
else:
comment_being_replied_to = PostReply.query.filter_by(ap_id=request_json['object']['inReplyTo']).first()
if comment_being_replied_to:
community_ap_id = comment_being_replied_to.community.ap_profile_id
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if not community_ap_id and 'object' in request_json and request_json['object']['type'] == 'Video': # PeerTube
if 'attributedTo' in request_json['object'] and isinstance(request_json['object']['attributedTo'], list):
for a in request_json['object']['attributedTo']:
if a['type'] == 'Group':
community_ap_id = a['id']
if a['type'] == 'Person':
user_ap_id = a['id']
Rework finding community from Create JSON
2024-03-26 15:03:45 +00:00
if not community_ap_id:
activity_log.result = 'failure'
activity_log.exception_message = 'Unable to extract community'
db.session.commit()
return
send private messages
2024-02-17 20:05:57 +13:00
except:
activity_log.activity_type = 'exception'
db.session.commit()
return
Ensure domains of 'id' and 'actor'/'attributedTo' match
2024-04-24 13:44:25 +01:00
if 'object' in request_json:
if not ensure_domains_match(request_json['object']):
activity_log.result = 'failure'
activity_log.exception_message = 'Domains do not match'
db.session.commit()
return
sometimes we only want to find a community this will eliminate a whole raft of issues caused by trying to injest posts from microblogging services which don't have Group actors
2024-03-02 10:20:15 +13:00
community = find_actor_or_create(community_ap_id, community_only=True)
Ignore remote Creates to local_only communities
2024-04-20 13:03:39 +01:00
if community and community.local_only:
activity_log.exception_message = 'Remote Create in local_only community'
activity_log.result = 'ignored'
db.session.commit()
return
send private messages
2024-02-17 20:05:57 +13:00
user = find_actor_or_create(user_ap_id)
accept mastodon replies
2024-08-17 10:26:19 +12:00
if user and not user.is_local():
if community:
user.last_seen = community.last_active = site.last_active = utcnow()
else:
user.last_seen = site.last_active = utcnow()
send private messages
2024-02-17 20:05:57 +13:00
object_type = request_json['object']['type']
poll - federation #181
2024-05-18 21:06:57 +12:00
new_content_types = ['Page', 'Article', 'Link', 'Note', 'Question']
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if object_type in new_content_types: # create or update a post
send private messages
2024-02-17 20:05:57 +13:00
in_reply_to = request_json['object']['inReplyTo'] if 'inReplyTo' in request_json['object'] else None
accept mastodon replies
2024-08-17 10:26:19 +12:00
if not in_reply_to: # Creating a new post
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
post = Post.query.filter_by(ap_id=request_json['object']['id']).first()
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if post:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
if request_json['type'] == 'Create':
activity_log.result = 'ignored'
activity_log.exception_message = 'Create received for already known object'
db.session.commit()
return
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
activity_log.activity_type = 'Update'
if can_edit(request_json['actor'], post):
update_post_from_activity(post, request_json)
announce_activity_to_followers(post.community, post.author, request_json)
activity_log.result = 'success'
else:
activity_log.exception_message = 'Edit attempt denied'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else:
if can_create_post(user, community):
try:
post = create_post(activity_log, community, request_json, user)
if post:
announce_activity_to_followers(community, user, request_json)
post soft-deletion: add options to restore or purge deleted posts
2024-10-26 03:49:16 +00:00
activity_log.result = 'success'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
except TypeError as e:
activity_log.exception_message = 'TypeError. See log file.'
current_app.logger.error('TypeError: ' + str(request_json))
post = None
else:
post = None
accept mastodon replies
2024-08-17 10:26:19 +12:00
else: # Creating a reply / comment
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
reply = PostReply.query.filter_by(ap_id=request_json['object']['id']).first()
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if reply:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
if request_json['type'] == 'Create':
activity_log.result = 'ignored'
activity_log.exception_message = 'Create received for already known object'
db.session.commit()
return
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
activity_log.activity_type = 'Update'
if can_edit(request_json['actor'], reply):
update_post_reply_from_activity(reply, request_json)
announce_activity_to_followers(reply.community, reply.author, request_json)
activity_log.result = 'success'
else:
activity_log.exception_message = 'Edit attempt denied'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else:
accept mastodon replies
2024-08-17 10:26:19 +12:00
if community is None: # Mastodon: replies do not specify the community they're in. Attempt to find out the community by looking at the parent object
parent_post_id, parent_comment_id, _ = find_reply_parent(in_reply_to)
if parent_comment_id:
community = PostReply.query.get(parent_comment_id).community
bugfix
2024-08-17 11:08:09 +12:00
elif parent_post_id:
accept mastodon replies
2024-08-17 10:26:19 +12:00
community = Post.query.get(parent_post_id).community
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if can_create_post_reply(user, community):
try:
Mastodon - post_reply.post bug #21
2024-07-17 09:34:42 +08:00
post_reply = create_post_reply(activity_log, community, in_reply_to, request_json, user)
if post_reply:
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
announce_activity_to_followers(community, user, request_json)
except TypeError as e:
activity_log.exception_message = 'TypeError. See log file.'
current_app.logger.error('TypeError: ' + str(request_json))
post = None
else:
debug typeerror exceptions
2024-02-29 11:01:52 +13:00
post = None
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
elif object_type == 'Video': # PeerTube: editing a video (PT doesn't seem to Announce these)
post = Post.query.filter_by(ap_id=request_json['object']['id']).first()
activity_log.activity_type = 'Update'
if post:
if can_edit(request_json['actor'], post):
update_post_from_activity(post, request_json)
activity_log.result = 'success'
allow comments on posts in communities that are restricted to mods
2024-02-24 11:07:06 +13:00
else:
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
activity_log.exception_message = 'Edit attempt denied'
else:
activity_log.exception_message = 'Post not found'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
else:
send private messages
2024-02-17 20:05:57 +13:00
activity_log.exception_message = 'Unacceptable type (create): ' + object_type
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
else:
send private messages
2024-02-17 20:05:57 +13:00
if user is None or community is None:
activity_log.exception_message = 'Blocked or unfound user or community'
if user and user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
federation - editing posts and sending replies to subscribers
2023-12-26 21:39:52 +13:00
# Announce is new content and votes that happened on a remote server.
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if request_json['type'] == 'Announce':
accept Posts and Comments from a.gup.pe #31
2024-07-15 20:46:48 +08:00
if isinstance(request_json['object'], str): # Mastodon, PeerTube, A.gup.pe
various small bugfixes
2024-01-25 20:16:08 +13:00
activity_log.activity_json = json.dumps(request_json)
activity_log.exception_message = 'invalid json?'
PeerTube: New posts from incoming activity
2024-05-26 15:53:17 +01:00
if 'actor' in request_json:
community = find_actor_or_create(request_json['actor'], community_only=True, create_if_not_found=False)
if community:
accept Posts and Comments from a.gup.pe #31
2024-07-15 20:46:48 +08:00
post = resolve_remote_post(request_json['object'], community.id, request_json['actor'])
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
elif request_json['object']['type'] == 'Create' or request_json['object']['type'] == 'Update':
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.activity_type = request_json['object']['type']
Ensure domains of 'id' and 'actor'/'attributedTo' match
2024-04-24 13:44:25 +01:00
if 'object' in request_json and 'object' in request_json['object']:
if not ensure_domains_match(request_json['object']['object']):
activity_log.exception_message = 'Domains do not match'
activity_log.result = 'failure'
db.session.commit()
return
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
user_ap_id = request_json['object']['object']['attributedTo']
community ap id exception logging
2024-01-05 08:45:33 +13:00
try:
community_ap_id = request_json['object']['audience'] if 'audience' in request_json['object'] else request_json['actor']
except KeyError:
activity_log.activity_type = 'exception'
db.session.commit()
return
sometimes we only want to find a community this will eliminate a whole raft of issues caused by trying to injest posts from microblogging services which don't have Group actors
2024-03-02 10:20:15 +13:00
community = find_actor_or_create(community_ap_id, community_only=True)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
user = find_actor_or_create(user_ap_id)
if (user and not user.is_local()) and community:
user.last_seen = community.last_active = site.last_active = utcnow()
object_type = request_json['object']['object']['type']
new_content_types = ['Page', 'Article', 'Link', 'Note']
if object_type in new_content_types: # create a new post
in_reply_to = request_json['object']['object']['inReplyTo'] if 'inReplyTo' in \
request_json['object']['object'] else None
allow comments on posts in communities that are restricted to mods
2024-02-24 11:07:06 +13:00
if not in_reply_to:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
post = Post.query.filter_by(ap_id=request_json['object']['object']['id']).first()
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if post:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
if request_json['object']['type'] == 'Create':
activity_log.result = 'ignored'
activity_log.exception_message = 'Create received for already known object'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
db.session.commit()
return
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
else:
try:
update_post_from_activity(post, request_json['object'])
except KeyError:
activity_log.result = 'exception'
db.session.commit()
return
activity_log.result = 'success'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else: # activity was a Create, or an Update sent instead of a Create
if can_create_post(user, community):
post = create_post(activity_log, community, request_json['object'], user, announce_id=request_json['id'])
else:
post = None
allow comments on posts in communities that are restricted to mods
2024-02-24 11:07:06 +13:00
else:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
reply = PostReply.query.filter_by(ap_id=request_json['object']['object']['id']).first()
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
if reply:
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
if request_json['object']['type'] == 'Create':
activity_log.result = 'ignored'
activity_log.exception_message = 'Create received for already known object'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
db.session.commit()
return
Check if object already exists for Create activity too #216
2024-06-25 17:23:10 +01:00
else:
try:
update_post_reply_from_activity(reply, request_json['object'])
except KeyError:
activity_log.result = 'exception'
db.session.commit()
return
activity_log.result = 'success'
Lemmy can send Announce/Update without ever sending an Announce/Create #212 (non-breaking version)
2024-06-19 01:19:26 +01:00
else: # activity was a Create, or an Update sent instead of a Create
if can_create_post_reply(user, community):
post = create_post_reply(activity_log, community, in_reply_to, request_json['object'], user, announce_id=request_json['id'])
else:
post = None
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
else:
activity_log.exception_message = 'Unacceptable type: ' + object_type
move long-running tasks to separate background process (image processing)
2023-12-24 16:20:18 +13:00
else:
if user is None or community is None:
activity_log.exception_message = 'Blocked or unfound user or community'
if user and user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
treat EmojiReact activities as Likes
2024-08-08 18:25:22 +12:00
elif request_json['object']['type'] == 'Like' or request_json['object']['type'] == 'EmojiReact':
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.activity_type = request_json['object']['type']
user_ap_id = request_json['object']['actor']
liked_ap_id = request_json['object']['object']
user = find_actor_or_create(user_ap_id)
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
liked = find_liked_object(liked_ap_id)
if user is None:
activity_log.exception_message = 'Blocked or unfound user'
ignore unfound objects when voting
2024-01-04 16:56:37 +13:00
elif liked is None:
better logging of unfound objects when voting
2024-01-05 09:43:08 +13:00
activity_log.exception_message = 'Unfound object ' + liked_ap_id
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
elif user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
elif can_upvote(user, liked.community):
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
# insert into voted table
if liked is None:
activity_log.exception_message = 'Liked object not found'
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
elif liked is not None and isinstance(liked, (Post, PostReply)):
liked.vote(user, 'upvote')
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Could not detect type of like'
move long-running tasks to separate background process (image processing)
2023-12-24 16:20:18 +13:00
else:
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
activity_log.exception_message = 'Cannot upvote this'
activity_log.result = 'ignored'
move long-running tasks to separate background process (image processing)
2023-12-24 16:20:18 +13:00
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['object']['type'] == 'Dislike':
activity_log.activity_type = request_json['object']['type']
if site.enable_downvotes is False:
activity_log.exception_message = 'Dislike ignored because of allow_dislike setting'
else:
user_ap_id = request_json['object']['actor']
liked_ap_id = request_json['object']['object']
federate incoming posts and post replies
2023-09-16 19:09:04 +12:00
user = find_actor_or_create(user_ap_id)
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
disliked = find_liked_object(liked_ap_id)
if user is None:
activity_log.exception_message = 'Blocked or unfound user'
ignore unfound objects when voting
2024-01-04 16:56:37 +13:00
elif disliked is None:
better logging of unfound objects when voting
2024-01-05 09:43:08 +13:00
activity_log.exception_message = 'Unfound object ' + liked_ap_id
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
elif user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
elif can_downvote(user, disliked.community, site):
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
# insert into voted table
if disliked is None:
activity_log.exception_message = 'Liked object not found'
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
elif isinstance(disliked, (Post, PostReply)):
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
disliked.vote(user, 'downvote')
post replies - create, edit, delete
2023-11-22 20:48:27 +13:00
activity_log.result = 'success'
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
# todo: recalculate 'hotness' of liked post/reply
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
else:
activity_log.exception_message = 'Could not detect type of like'
move long-running tasks to separate background process (image processing)
2023-12-24 16:20:18 +13:00
else:
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
activity_log.exception_message = 'Cannot downvote this'
activity_log.result = 'ignored'
remote delete of posts and comments
2023-12-26 12:36:02 +13:00
elif request_json['object']['type'] == 'Delete':
activity_log.activity_type = request_json['object']['type']
user_ap_id = request_json['object']['actor']
to_be_deleted_ap_id = request_json['object']['object']
update post counts when deletion happens
2024-01-05 10:36:55 +13:00
if isinstance(to_be_deleted_ap_id, dict):
activity_log.result = 'failure'
activity_log.exception_message = 'dict instead of string ' + str(to_be_deleted_ap_id)
else:
Use community linked to_delete or to_restore instead of one mentioned in request JSON
2024-10-30 15:04:39 +00:00
delete_post_or_comment(user_ap_id, to_be_deleted_ap_id, activity_log.id)
Ignore Announces intended for Mastodon
2024-04-15 22:06:50 +01:00
elif request_json['object']['type'] == 'Page': # Sent for Mastodon's benefit
activity_log.result = 'ignored'
activity_log.exception_message = 'Intended for Mastodon'
elif request_json['object']['type'] == 'Note': # Never sent?
activity_log.result = 'ignored'
activity_log.exception_message = 'Intended for Mastodon'
announce undo vote
2024-01-05 09:39:20 +13:00
elif request_json['object']['type'] == 'Undo':
Add Undo of Post Vote to federation
2024-04-16 18:40:48 +01:00
if request_json['object']['object']['type'] == 'Like' or request_json['object']['object']['type'] == 'Dislike':
announce undo vote
2024-01-05 09:39:20 +13:00
activity_log.activity_type = request_json['object']['object']['type']
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id)
post = None
comment = None
target_ap_id = request_json['object']['object']['object'] # object object object!
post = undo_vote(activity_log, comment, post, target_ap_id, user)
Initial work for posts that have been removed and then restored #276
2024-08-16 15:04:54 +00:00
elif request_json['object']['object']['type'] == 'Delete':
if 'object' in request_json and 'object' in request_json['object']:
post-reply soft-deletion: activitypub restorations
2024-10-21 22:17:51 +00:00
restore_post_or_comment(request_json['object']['object'], activity_log.id)
ActivityPub - process ban reversals for local users from remote mods & admins
2024-08-23 14:05:42 +00:00
elif request_json['object']['object']['type'] == 'Block':
activity_log.activity_type = 'Undo User Ban'
deletor_ap_id = request_json['object']['object']['actor']
user_ap_id = request_json['object']['object']['object']
target = request_json['object']['object']['target']
if target == request_json['actor'] and user_ap_id.startswith('https://' + current_app.config['SERVER_NAME']):
unban_local_user(deletor_ap_id, user_ap_id, target)
activity_log.result = 'success'
Process ActivityPub post locks and unlocks
2024-09-01 22:42:43 +00:00
elif request_json['object']['object']['type'] == 'Lock' and 'object' in request_json['object']['object']:
activity_log.activity_type = 'Post Unlock'
mod_ap_id = request_json['object']['object']['actor']
post_id = request_json['object']['object']['object']
lock_post(mod_ap_id, post_id, True)
activity_log.result = 'success'
Add/Remove moderators (incoming AP)
2024-03-21 23:21:28 +00:00
elif request_json['object']['type'] == 'Add' and 'target' in request_json['object']:
Add/Remove activity for featured posts
2024-03-19 15:38:35 +00:00
activity_log.activity_type = request_json['object']['type']
Add/Remove moderators (incoming AP)
2024-03-21 23:21:28 +00:00
target = request_json['object']['target']
community = Community.query.filter_by(ap_public_url=request_json['actor']).first()
if community:
featured_url = community.ap_featured_url
moderators_url = community.ap_moderators_url
if target == featured_url:
post = Post.query.filter_by(ap_id=request_json['object']['object']).first()
Add/Remove activity for featured posts
2024-03-19 15:38:35 +00:00
if post:
post.sticky = True
activity_log.result = 'success'
Add/Remove moderators (incoming AP)
2024-03-21 23:21:28 +00:00
if target == moderators_url:
user = find_actor_or_create(request_json['object']['object'])
if user:
existing_membership = CommunityMember.query.filter_by(community_id=community.id, user_id=user.id).first()
if existing_membership:
existing_membership.is_moderator = True
else:
new_membership = CommunityMember(community_id=community.id, user_id=user.id, is_moderator=True)
db.session.add(new_membership)
db.session.commit()
activity_log.result = 'success'
elif request_json['object']['type'] == 'Remove' and 'target' in request_json['object']:
Add/Remove activity for featured posts
2024-03-19 15:38:35 +00:00
activity_log.activity_type = request_json['object']['type']
Add/Remove moderators (incoming AP)
2024-03-21 23:21:28 +00:00
target = request_json['object']['target']
community = Community.query.filter_by(ap_public_url=request_json['actor']).first()
if community:
featured_url = community.ap_featured_url
moderators_url = community.ap_moderators_url
if target == featured_url:
post = Post.query.filter_by(ap_id=request_json['object']['object']).first()
Add/Remove activity for featured posts
2024-03-19 15:38:35 +00:00
if post:
post.sticky = False
activity_log.result = 'success'
Add/Remove moderators (incoming AP)
2024-03-21 23:21:28 +00:00
if target == moderators_url:
user = find_actor_or_create(request_json['object']['object'], create_if_not_found=False)
if user:
existing_membership = CommunityMember.query.filter_by(community_id=community.id, user_id=user.id).first()
if existing_membership:
existing_membership.is_moderator = False
activity_log.result = 'success'
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
elif request_json['object']['type'] == 'Block' and 'target' in request_json['object']:
ActivityPub - Bans for local users from remote mods & admins (Also works if alt_user_name is provided)
2024-08-23 08:47:19 +00:00
activity_log.activity_type = 'User Ban'
deletor_ap_id = request_json['object']['actor']
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
user_ap_id = request_json['object']['object']
target = request_json['object']['target']
remove_data = request_json['object']['removeData']
ActivityPub - Bans for local users from remote mods & admins (Also works if alt_user_name is provided)
2024-08-23 08:47:19 +00:00
if target == request_json['actor']:
if remove_data == True:
remove_data_from_banned_user(deletor_ap_id, user_ap_id, target)
if user_ap_id.startswith('https://' + current_app.config['SERVER_NAME']):
ban_local_user(deletor_ap_id, user_ap_id, target, request_json['object'])
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
activity_log.result = 'success'
Process ActivityPub post locks and unlocks
2024-09-01 22:42:43 +00:00
elif request_json['object']['type'] == 'Lock' and 'object' in request_json['object']:
activity_log.activity_type = 'Post Lock'
mod_ap_id = request_json['object']['actor']
post_id = request_json['object']['object']
lock_post(mod_ap_id, post_id, False)
activity_log.result = 'success'
federation - editing posts and sending replies to subscribers
2023-12-26 21:39:52 +13:00
else:
activity_log.exception_message = 'Invalid type for Announce'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
remote delete of posts and comments
2023-12-26 12:36:02 +13:00
# Follow: remote user wants to join/follow one of our communities
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['type'] == 'Follow': # Follow is when someone wants to join a community
user_ap_id = request_json['actor']
community_ap_id = request_json['object']
follow_id = request_json['id']
user = find_actor_or_create(user_ap_id)
sometimes we only want to find a community this will eliminate a whole raft of issues caused by trying to injest posts from microblogging services which don't have Group actors
2024-03-02 10:20:15 +13:00
community = find_actor_or_create(community_ap_id, community_only=True)
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
if isinstance(community, Community):
if community and community.local_only and user:
activity_log.exception_message = 'Local only cannot be followed by remote users'
# send reject message to deny the follow
reject = {
"@context": default_context(),
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"actor": community.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"to": [
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
user.public_url()
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
],
"object": {
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"actor": user.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"to": None,
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"object": community.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"type": "Follow",
"id": follow_id
},
"type": "Reject",
"id": f"https://{current_app.config['SERVER_NAME']}/activities/reject/" + gibberish(32)
}
# Lemmy doesn't yet understand Reject/Follow, so send without worrying about response for now.
replies collection on outbox and /post/xxx #175
2024-06-05 20:33:00 +12:00
post_request(user.ap_inbox_url, reject, community.private_key, f"{community.public_url()}#main-key")
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
else:
if user is not None and community is not None:
# check if user is banned from this community
banned = CommunityBan.query.filter_by(user_id=user.id, community_id=community.id).first()
if banned is None:
user.last_seen = utcnow()
if community_membership(user, community) != SUBSCRIPTION_MEMBER:
member = CommunityMember(user_id=user.id, community_id=community.id)
db.session.add(member)
db.session.commit()
cache.delete_memoized(community_membership, user, community)
# send accept message to acknowledge the follow
accept = {
"@context": default_context(),
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"actor": community.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"to": [
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
user.public_url()
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
],
"object": {
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"actor": user.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"to": None,
public_url() in JSONs for Accept or Reject of community Follow request
2024-06-05 19:26:03 +01:00
"object": community.public_url(),
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
"type": "Follow",
"id": follow_id
},
"type": "Accept",
"id": f"https://{current_app.config['SERVER_NAME']}/activities/accept/" + gibberish(32)
}
better instance failure detection
2024-09-21 10:15:25 +12:00
if post_request(user.ap_inbox_url, accept, community.private_key, f"{community.public_url()}#main-key") is True:
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Error sending Accept'
local only communities - do not federate
2024-01-27 12:22:35 +13:00
else:
handle pixelfed follow requests
2024-05-17 21:03:38 +12:00
activity_log.exception_message = 'user is banned from this community'
elif isinstance(community, User): # Pixelfed sends follow requests to the shared inbox, not the user inbox...
if current_app.debug:
process_user_follow_request(request_json, activity_log.id, user.id)
else:
process_user_follow_request.delay(request_json, activity_log.id, user.id)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
# Accept: remote server is accepting our previous follow request
elif request_json['type'] == 'Accept':
accept Activity from a.gup.pe #31
2024-07-15 17:51:23 +08:00
if isinstance(request_json['object'], str): # a.gup.pe accepts using a string with the ID of the follow request
join_request_parts = request_json['object'].split('/')
join_request = CommunityJoinRequest.query.get(join_request_parts[-1])
existing_membership = CommunityMember.query.filter_by(user_id=join_request.user_id,
community_id=join_request.community_id).first()
if not existing_membership:
member = CommunityMember(user_id=join_request.user_id, community_id=join_request.community_id)
db.session.add(member)
community.subscriptions_count += 1
db.session.commit()
cache.delete_memoized(community_membership, User.query.get(join_request.user_id), Community.query.get(join_request.community_id))
activity_log.result = 'success'
elif request_json['object']['type'] == 'Follow':
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
community_ap_id = request_json['actor']
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id)
sometimes we only want to find a community this will eliminate a whole raft of issues caused by trying to injest posts from microblogging services which don't have Group actors
2024-03-02 10:20:15 +13:00
community = find_actor_or_create(community_ap_id, community_only=True)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if user and community:
join_request = CommunityJoinRequest.query.filter_by(user_id=user.id, community_id=community.id).first()
if join_request:
minor bugfixes
2024-03-08 21:40:47 +13:00
existing_membership = CommunityMember.query.filter_by(user_id=user.id, community_id=community.id).first()
if not existing_membership:
member = CommunityMember(user_id=user.id, community_id=community.id)
db.session.add(member)
community.subscriptions_count += 1
db.session.commit()
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.result = 'success'
oops
2024-01-04 17:07:02 +13:00
cache.delete_memoized(community_membership, user, community)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['type'] == 'Undo':
if request_json['object']['type'] == 'Follow': # Unsubscribe from a community
community_ap_id = request_json['object']['object']
user_ap_id = request_json['object']['actor']
user = find_actor_or_create(user_ap_id)
sometimes we only want to find a community this will eliminate a whole raft of issues caused by trying to injest posts from microblogging services which don't have Group actors
2024-03-02 10:20:15 +13:00
community = find_actor_or_create(community_ap_id, community_only=True)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if user and community:
user.last_seen = utcnow()
member = CommunityMember.query.filter_by(user_id=user.id, community_id=community.id).first()
join_request = CommunityJoinRequest.query.filter_by(user_id=user.id, community_id=community.id).first()
if member:
db.session.delete(member)
big refactor of AP core code
2023-12-30 13:23:12 +13:00
community.subscriptions_count -= 1
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if join_request:
db.session.delete(join_request)
federation - receive remote posts, including edits and deletions
2023-11-21 23:05:07 +13:00
db.session.commit()
oops
2024-01-04 17:07:02 +13:00
cache.delete_memoized(community_membership, user, community)
federation - receive remote posts, including edits and deletions
2023-11-21 23:05:07 +13:00
activity_log.result = 'success'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['object']['type'] == 'Like': # Undoing an upvote or downvote
activity_log.activity_type = request_json['object']['type']
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id)
post = None
comment = None
target_ap_id = request_json['object']['object']
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
post_or_comment = undo_vote(activity_log, comment, post, target_ap_id, user)
if post_or_comment:
announce_activity_to_followers(post_or_comment.community, user, request_json)
announce undo vote
2024-01-05 09:39:20 +13:00
activity_log.result = 'success'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['object']['type'] == 'Dislike': # Undoing a downvote - probably unused
activity_log.activity_type = request_json['object']['type']
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id)
post = None
comment = None
target_ap_id = request_json['object']['object']
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
post_or_comment = undo_downvote(activity_log, comment, post, target_ap_id, user)
if post_or_comment:
announce_activity_to_followers(post_or_comment.community, user, request_json)
announce undo vote
2024-01-05 09:39:20 +13:00
activity_log.result = 'success'
ActivityPub - process ban reversals for local users from remote mods & admins
2024-08-23 14:05:42 +00:00
elif request_json['object']['type'] == 'Block': # Undoing a ban
activity_log.activity_type = 'Undo User Ban'
deletor_ap_id = request_json['object']['actor']
user_ap_id = request_json['object']['object']
target = request_json['object']['target']
if user_ap_id.startswith('https://' + current_app.config['SERVER_NAME']):
unban_local_user(deletor_ap_id, user_ap_id, target)
activity_log.result = 'success'
post-reply soft-deletion: activitypub restorations
2024-10-21 22:17:51 +00:00
elif request_json['object']['type'] == 'Delete': # undoing a delete
activity_log.activity_type = 'Restore'
post soft-deletion: add options to restore or purge deleted posts
2024-10-26 03:49:16 +00:00
post = Post.query.filter_by(ap_id=request_json['object']['object']).first()
if post:
post-reply soft-deletion: activitypub restorations
2024-10-21 22:17:51 +00:00
deletor = find_actor_or_create(request_json['object']['actor'], create_if_not_found=False)
if deletor:
post soft-deletion: add options to restore or purge deleted posts
2024-10-26 03:49:16 +00:00
if post.author.id == deletor.id or post.community.is_moderator(deletor) or post.community.is_instance_admin(deletor):
post.deleted = False
post.deleted_by = None
post.author.post_count += 1
post.community.post_count += 1
announce_activity_to_followers(post.community, post.author, request_json)
post-reply soft-deletion: activitypub restorations
2024-10-21 22:17:51 +00:00
db.session.commit()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Restore attempt denied'
else:
activity_log.exception_message = 'Restorer did not already exist'
else:
post soft-deletion: add options to restore or purge deleted posts
2024-10-26 03:49:16 +00:00
reply = PostReply.query.filter_by(ap_id=request_json['object']['object']).first()
if reply:
deletor = find_actor_or_create(request_json['object']['actor'], create_if_not_found=False)
if deletor:
if reply.author.id == deletor.id or reply.community.is_moderator(deletor) or reply.community.is_instance_admin(deletor):
reply.deleted = False
reply.deleted_by = None
if not reply.author.bot:
reply.post.reply_count += 1
reply.author.post_reply_count += 1
announce_activity_to_followers(reply.community, reply.author, request_json)
db.session.commit()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Restore attempt denied'
else:
activity_log.exception_message = 'Restorer did not already exist'
else:
activity_log.exception_message = 'Object not found, or object was not a post or a reply'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['type'] == 'Delete':
if isinstance(request_json['object'], str):
ap_id = request_json['object'] # lemmy
else:
ap_id = request_json['object']['id'] # kbin
post = Post.query.filter_by(ap_id=ap_id).first()
federate user delete properly
2024-02-25 15:31:16 +13:00
# Delete post
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if post:
post soft-deletion: delay calling delete_dependencies until a post is purged, to allow for restoration
2024-10-25 06:17:10 +00:00
deletor = find_actor_or_create(request_json['actor'], create_if_not_found=False)
if deletor:
if post.author.id == deletor.id or post.community.is_moderator(deletor) or post.community.is_instance_admin(deletor):
post.deleted = True
post.delted_by = deletor.id
post.author.post_count -= 1
post.community.post_count -= 1
if post.url and post.cross_posts is not None:
old_cross_posts = Post.query.filter(Post.id.in_(post.cross_posts)).all()
post.cross_posts.clear()
for ocp in old_cross_posts:
if ocp.cross_posts is not None:
ocp.cross_posts.remove(post.id)
announce_activity_to_followers(post.community, post.author, request_json)
db.session.commit()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Delete attempt denied'
add language choices to UI #51
2024-05-09 17:54:30 +12:00
else:
post soft-deletion: delay calling delete_dependencies until a post is purged, to allow for restoration
2024-10-25 06:17:10 +00:00
activity_log.exception_message = 'Deletor did not already exist'
federate incoming posts and post replies
2023-09-16 19:09:04 +12:00
else:
federate user delete properly
2024-02-25 15:31:16 +13:00
# Delete PostReply
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
reply = PostReply.query.filter_by(ap_id=ap_id).first()
if reply:
post-reply soft-deletion: remote users in local communities
2024-10-21 17:54:20 +00:00
deletor = find_actor_or_create(request_json['actor'], create_if_not_found=False)
if deletor:
if reply.author.id == deletor.id or reply.community.is_moderator(deletor) or reply.community.is_instance_admin(deletor):
reply.deleted = True
reply.deleted_by = deletor.id
if not reply.author.bot:
reply.post.reply_count -= 1
reply.author.post_reply_count -= 1
announce_activity_to_followers(reply.community, reply.author, request_json)
db.session.commit()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Delete attempt denied'
add language choices to UI #51
2024-05-09 17:54:30 +12:00
else:
post-reply soft-deletion: remote users in local communities
2024-10-21 17:54:20 +00:00
activity_log.exception_message = 'Deletor did not already exist'
federate user delete properly
2024-02-25 15:31:16 +13:00
else:
# Delete User
user = find_actor_or_create(ap_id, create_if_not_found=False)
if user:
user.deleted = True
user.delete_dependencies()
db.session.commit()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Delete: cannot find ' + ap_id
treat EmojiReact activities as Likes
2024-08-08 18:25:22 +12:00
elif request_json['type'] == 'Like' or request_json['type'] == 'EmojiReact': # Upvote
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.activity_type = request_json['type']
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id)
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
liked = find_liked_object(request_json['object'])
if user is None:
activity_log.exception_message = 'Blocked or unfound user'
ignore unfound objects when voting
2024-01-04 16:56:37 +13:00
elif liked is None:
better logging of unfound objects when voting
2024-01-05 09:43:08 +13:00
activity_log.exception_message = 'Unfound object ' + request_json['object']
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
elif user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
elif can_upvote(user, liked.community):
# insert into voted table
if liked is None:
activity_log.exception_message = 'Liked object not found'
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
elif liked is not None and isinstance(liked, (Post, PostReply)):
liked.vote(user, 'upvote')
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Could not detect type of like'
if activity_log.result == 'success':
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
announce_activity_to_followers(liked.community, user, request_json)
communities that are local-only, w access control for posting and voting
2024-01-02 19:41:00 +13:00
else:
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
activity_log.exception_message = 'Cannot upvote this'
activity_log.result = 'ignored'
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
elif request_json['type'] == 'Dislike': # Downvote
if get_setting('allow_dislike', True) is False:
activity_log.exception_message = 'Dislike ignored because of allow_dislike setting'
else:
activity_log.activity_type = request_json['type']
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id)
target_ap_id = request_json['object']
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
disliked = find_liked_object(target_ap_id)
if user is None:
activity_log.exception_message = 'Blocked or unfound user'
ignore unfound objects when voting
2024-01-04 16:56:37 +13:00
elif disliked is None:
better logging of unfound objects when voting
2024-01-05 09:43:08 +13:00
activity_log.exception_message = 'Unfound object' + target_ap_id
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
elif user.is_local():
activity_log.exception_message = 'Activity about local content which is already present'
activity_log.result = 'ignored'
elif can_downvote(user, disliked.community, site):
# insert into voted table
if disliked is None:
activity_log.exception_message = 'Liked object not found'
elif isinstance(disliked, (Post, PostReply)):
refactor voting code to enable api development #13
2024-09-13 16:39:42 +12:00
disliked.vote(user, 'downvote')
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Could not detect type of like'
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
if activity_log.result == 'success':
announce_activity_to_followers(disliked.community, user, request_json)
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
else:
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
activity_log.exception_message = 'Cannot downvote this'
activity_log.result = 'ignored'
receive federated reports from remote instances #21
2024-04-06 16:29:47 +13:00
elif request_json['type'] == 'Flag': # Reported content
activity_log.activity_type = 'Report'
user_ap_id = request_json['actor']
user = find_actor_or_create(user_ap_id)
target_ap_id = request_json['object']
reported = find_reported_object(target_ap_id)
if user and reported:
process_report(user, reported, request_json, activity_log)
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
announce_activity_to_followers(reported.community, user, request_json)
receive federated reports from remote instances #21
2024-04-06 16:29:47 +13:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Report ignored due to missing user or content'
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
elif request_json['type'] == 'Block':
ActivityPub - Bans for local users from remote mods & admins (Also works if alt_user_name is provided)
2024-08-23 08:47:19 +00:00
activity_log.activity_type = 'User Ban'
deletor_ap_id = request_json['actor']
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
user_ap_id = request_json['object']
target = request_json['target']
remove_data = request_json['removeData']
if remove_data == True:
ActivityPub - Bans for local users from remote mods & admins (Also works if alt_user_name is provided)
2024-08-23 08:47:19 +00:00
remove_data_from_banned_user(deletor_ap_id, user_ap_id, target)
if user_ap_id.startswith('https://' + current_app.config['SERVER_NAME']):
ban_local_user(deletor_ap_id, user_ap_id, target, request_json)
Process Site and Community bans where removeData=True
2024-05-22 22:30:51 +01:00
activity_log.result = 'success'
receive federated reports from remote instances #21
2024-04-06 16:29:47 +13:00
# Flush the caches of any major object that was created. To be sure.
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
if 'user' in vars() and user is not None:
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
if user.instance_id and user.instance_id != 1:
fake news domain blocking and notifying
2023-12-30 11:36:24 +13:00
user.instance.last_seen = utcnow()
minor bugfixes
2024-01-04 22:08:32 +13:00
# user.instance.ip_address = ip_address
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
user.instance.dormant = False
stop instances from being flagged as 'gone forever' if they're still sending activities
2024-05-12 16:08:20 +12:00
user.instance.gone_forever = False
user.instance.failures = 0
accept and follow with activitypub message logging
2023-09-09 20:46:40 +12:00
else:
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
activity_log.exception_message = 'Instance blocked'
follow remote communities - activitypub
2023-09-08 20:04:01 +12:00
move long-running tasks to separate background process (image processing)
2023-12-24 16:20:18 +13:00
if activity_log.exception_message is not None and activity_log.result == 'processing':
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
activity_log.result = 'failure'
Don't log successful json - save space
2024-06-23 20:34:53 +08:00
# Don't log successful json - save space
accept Posts and Comments from a.gup.pe #31
2024-07-15 20:46:48 +08:00
if site.log_activitypub_json and activity_log.result == 'success' and not current_app.debug:
Don't log successful json - save space
2024-06-23 20:34:53 +08:00
activity_log.activity_json = ''
move long-running tasks to separate background process (celery + redis)
2023-12-24 13:28:41 +13:00
db.session.commit()
refactoring and bug fixes
2023-12-22 14:05:39 +13:00
delete account, with federation
2023-12-29 17:32:35 +13:00
@celery.task
apf part 08: process requests from users who want to delete their own account
2024-11-18 19:28:37 +00:00
def process_delete_request(request_json, store_ap_json):
delete account, with federation
2023-12-29 17:32:35 +13:00
with current_app.app_context():
apf part 08: process requests from users who want to delete their own account
2024-11-18 19:28:37 +00:00
# this function processes self-deletes (retain case here, as user_removed_from_remote_server() uses a JSON request)
user_ap_id = request_json['actor']
user = User.query.filter_by(ap_profile_id=user_ap_id.lower()).first()
if user:
# check that the user really has been deleted, to avoid spoofing attacks
if user_removed_from_remote_server(user_ap_id, is_piefed=user.instance.software == 'PieFed'):
# soft self-delete
user.deleted = True
user.deleted_by = user.id
add some debugging logging
2024-02-29 17:10:38 +13:00
db.session.commit()
apf part 08: process requests from users who want to delete their own account
2024-11-18 19:28:37 +00:00
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_SUCCESS, request_json if store_ap_json else None)
else:
log_incoming_ap(request_json['id'], APLOG_DELETE, APLOG_FAILURE, request_json if store_ap_json else None, 'User not actually deleted.')
# TODO: process self-undeletes from Lemmy
# TODO: acknowledge 'removeData' field from Lemmy
# TODO: hard-delete in 7 days (should purge avatar and cover images, but keep posts and replies unless already soft-deleted by removeData = True)
delete account, with federation
2023-12-29 17:32:35 +13:00
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
def announce_activity_to_followers(community, creator, activity):
Avoid announcing activity sent to local users unless it is also in a local community
2024-06-17 19:06:07 +01:00
# avoid announcing activity sent to local users unless it is also in a local community
if not community.is_local():
return
Remove @context from inner Announce object before sending out
2024-04-06 22:42:25 +01:00
# remove context from what will be inner object
del activity["@context"]
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
announce_activity = {
'@context': default_context(),
oh boy, this sucks #194
2024-06-05 13:21:41 +12:00
"actor": community.public_url(),
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"object": activity,
"cc": [
oh boy, this sucks #194
2024-06-05 13:21:41 +12:00
f"{community.public_url()}/followers"
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
],
"type": "Announce",
Announce actions by remote actors in local communities
2024-04-17 15:10:04 +01:00
"id": f"https://{current_app.config['SERVER_NAME']}/activities/announce/{gibberish(15)}"
announce incoming activites to all following instances plus a whole lot more, i don't even know
2024-01-03 16:29:58 +13:00
}
for instance in community.following_instances(include_dormant=True):
# awaken dormant instances if they've been sleeping for long enough to be worth trying again
awaken_dormant_instance(instance)
# All good? Send!
if instance and instance.online() and not instance_blocked(instance.inbox):
if creator.instance_id != instance.id: # don't send it to the instance that hosts the creator as presumably they already have the content
send_to_remote_instance(instance.id, community.id, announce_activity)
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
@bp.route('/c/<actor>/outbox', methods=['GET'])
def community_outbox(actor):
actor = actor.strip()
community = Community.query.filter_by(name=actor, banned=False, ap_id=None).first()
if community is not None:
Refine local community outbox response
2024-06-20 04:38:51 +01:00
sticky_posts = community.posts.filter(Post.sticky == True, Post.deleted == False).order_by(desc(Post.posted_at)).limit(50).all()
remaining_limit = 50 - len(sticky_posts)
remaining_posts = community.posts.filter(Post.sticky == False, Post.deleted == False).order_by(desc(Post.posted_at)).limit(remaining_limit).all()
posts = sticky_posts + remaining_posts
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
community_data = {
federate incoming posts and post replies
2023-09-16 19:09:04 +12:00
"@context": default_context(),
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
"type": "OrderedCollection",
"id": f"https://{current_app.config['SERVER_NAME']}/c/{actor}/outbox",
"totalItems": len(posts),
"orderedItems": []
}
for post in posts:
community_data['orderedItems'].append(post_to_activity(post, community))
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
activitypub - actors and their outboxes
2023-08-10 21:13:37 +12:00
return jsonify(community_data)
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
Return list of sticky posts for local community featured url
2024-03-24 22:10:41 +00:00
@bp.route('/c/<actor>/featured', methods=['GET'])
def community_featured(actor):
actor = actor.strip()
community = Community.query.filter_by(name=actor, banned=False, ap_id=None).first()
if community is not None:
soft deletes and deleted content admin area #193
2024-06-02 16:45:21 +12:00
posts = Post.query.filter_by(community_id=community.id, sticky=True, deleted=False).all()
Return list of sticky posts for local community featured url
2024-03-24 22:10:41 +00:00
community_data = {
"@context": default_context(),
"type": "OrderedCollection",
"id": f"https://{current_app.config['SERVER_NAME']}/c/{actor}/featured",
"totalItems": len(posts),
"orderedItems": []
}
for post in posts:
post_to_page: use post.community instead of also passing community
2024-05-31 03:45:51 +01:00
community_data['orderedItems'].append(post_to_page(post))
Return list of sticky posts for local community featured url
2024-03-24 22:10:41 +00:00
return jsonify(community_data)
moderators endpoint
2023-11-26 23:20:51 +13:00
@bp.route('/c/<actor>/moderators', methods=['GET'])
community owners can change settings and appoint moderators #21
2024-03-13 16:40:20 +13:00
def community_moderators_route(actor):
moderators endpoint
2023-11-26 23:20:51 +13:00
actor = actor.strip()
community = Community.query.filter_by(name=actor, banned=False, ap_id=None).first()
if community is not None:
community owners can change settings and appoint moderators #21
2024-03-13 16:40:20 +13:00
moderator_ids = community_moderators(community.id)
moderators endpoint
2023-11-26 23:20:51 +13:00
moderators = User.query.filter(User.id.in_([mod.user_id for mod in moderator_ids])).all()
community_data = {
"@context": default_context(),
"type": "OrderedCollection",
"id": f"https://{current_app.config['SERVER_NAME']}/c/{actor}/moderators",
"totalItems": len(moderators),
"orderedItems": []
}
for moderator in moderators:
community_data['orderedItems'].append(moderator.ap_profile_id)
return jsonify(community_data)
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
@bp.route('/u/<actor>/inbox', methods=['POST'])
basic mastodon interop
2023-12-27 14:38:41 +13:00
def user_inbox(actor):
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
site = Site.query.get(1)
activity_log = ActivityPubLog(direction='in', result='failure')
activity_log.result = 'processing'
db.session.add(activity_log)
db.session.commit()
try:
request_json = request.get_json(force=True)
except werkzeug.exceptions.BadRequest as e:
activity_log.exception_message = 'Unable to parse json body: ' + e.description
activity_log.result = 'failure'
db.session.commit()
return '', 400
if 'id' in request_json:
activity_log.activity_id = request_json['id']
if site.log_activitypub_json:
activity_log.activity_json = json.dumps(request_json)
Use signed Get request for remote actors trying to Follow local ones
2024-05-04 22:32:17 +01:00
actor = find_actor_or_create(request_json['actor'], signed_get=True) if 'actor' in request_json else None
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
if actor is not None:
Fix: don't check signature twice for Likes from User Follows
2024-05-04 23:22:47 +01:00
if (('type' in request_json and request_json['type'] == 'Like') or
('type' in request_json and request_json['type'] == 'Undo' and
'object' in request_json and request_json['object']['type'] == 'Like')):
PeerTube: 'Accept' sent to user inbox, not shared inbox
2024-05-25 19:40:49 +01:00
return shared_inbox()
if 'type' in request_json and request_json['type'] == 'Accept':
return shared_inbox()
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
try:
HttpSignature.verify_request(request, actor.public_key, skip_date=True)
Discourse follow community #111
2024-05-28 15:15:53 +12:00
if 'type' in request_json:
if request_json['type'] == 'Follow':
if current_app.debug:
process_user_follow_request(request_json, activity_log.id, actor.id)
else:
process_user_follow_request.delay(request_json, activity_log.id, actor.id)
elif request_json['type'] == 'Undo' and 'object' in request_json and request_json['object']['type'] == 'Follow':
local_user_ap_id = request_json['object']['object']
local_user = find_actor_or_create(local_user_ap_id, create_if_not_found=False)
remote_user = User.query.get(actor.id)
if local_user:
db.session.query(UserFollower).filter_by(local_user_id=local_user.id, remote_user_id=remote_user.id, is_accepted=True).delete()
activity_log.result = 'success'
else:
activity_log.exception_message = 'Could not find local user'
activity_log.result = 'failure'
db.session.commit()
Process incoming poll votes
2024-05-31 22:06:34 +01:00
elif ('type' in request_json and request_json['type'] == 'Create' and
'object' in request_json and request_json['object']['type'] == 'Note' and
'name' in request_json['object']): # poll votes
in_reply_to = request_json['object']['inReplyTo'] if 'inReplyTo' in request_json['object'] else None
if in_reply_to:
post_being_replied_to = Post.query.filter_by(ap_id=request_json['object']['inReplyTo']).first()
if post_being_replied_to:
community_ap_id = post_being_replied_to.community.ap_profile_id
community = find_actor_or_create(community_ap_id, community_only=True, create_if_not_found=False)
user_ap_id = request_json['object']['attributedTo']
user = find_actor_or_create(user_ap_id, create_if_not_found=False)
if can_create_post_reply(user, community):
poll_data = Poll.query.get(post_being_replied_to.id)
choice = PollChoice.query.filter_by(post_id=post_being_replied_to.id, choice_text=request_json['object']['name']).first()
if poll_data and choice:
poll_data.vote_for_choice(choice.id, user.id)
activity_log.activity_type = 'Poll Vote'
activity_log.result = 'success'
db.session.commit()
if post_being_replied_to.author.is_local():
only json serializable objects can be passed to celery tasks (not SQLAlchemy models) #181
2024-06-01 19:52:17 +12:00
inform_followers_of_post_update(post_being_replied_to.id, user.instance_id)
Discourse follow community #111
2024-05-28 15:15:53 +12:00
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
except VerificationError:
activity_log.result = 'failure'
activity_log.exception_message = 'Could not verify signature'
db.session.commit()
return '', 400
else:
actor_name = request_json['actor'] if 'actor' in request_json else ''
debugging tweaks
2024-09-30 15:46:50 +13:00
activity_log.exception_message = f'Actor could not be found 2: {actor_name}'
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
if activity_log.exception_message is not None:
activity_log.result = 'failure'
db.session.commit()
basic mastodon interop
2023-12-27 14:38:41 +13:00
resp = jsonify('ok')
resp.content_type = 'application/activity+json'
return resp
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
add celery decorator to task functions #172
2024-05-03 06:27:25 +12:00
@celery.task
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
def process_user_follow_request(request_json, activitypublog_id, remote_user_id):
activity_log = ActivityPubLog.query.get(activitypublog_id)
local_user_ap_id = request_json['object']
follow_id = request_json['id']
Process Undo/Follow requests from remote actors to local actors
2024-04-29 17:13:15 +01:00
local_user = find_actor_or_create(local_user_ap_id, create_if_not_found=False)
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
remote_user = User.query.get(remote_user_id)
if local_user and local_user.is_local() and not remote_user.is_local():
existing_follower = UserFollower.query.filter_by(local_user_id=local_user.id, remote_user_id=remote_user.id).first()
if not existing_follower:
auto_accept = not local_user.ap_manually_approves_followers
new_follower = UserFollower(local_user_id=local_user.id, remote_user_id=remote_user.id, is_accepted=auto_accept)
Fix: only write local user's follower URL once
2024-05-04 22:44:51 +01:00
if not local_user.ap_followers_url:
Also use public_url() for User Follower activity
2024-09-01 17:49:46 +01:00
local_user.ap_followers_url = local_user.public_url() + '/followers'
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
db.session.add(new_follower)
accept = {
"@context": default_context(),
Also use public_url() for User Follower activity
2024-09-01 17:49:46 +01:00
"actor": local_user.public_url(),
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
"to": [
Also use public_url() for User Follower activity
2024-09-01 17:49:46 +01:00
remote_user.public_url()
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
],
"object": {
Also use public_url() for User Follower activity
2024-09-01 17:49:46 +01:00
"actor": remote_user.public_url(),
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
"to": None,
Also use public_url() for User Follower activity
2024-09-01 17:49:46 +01:00
"object": local_user.public_url(),
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
"type": "Follow",
"id": follow_id
},
"type": "Accept",
"id": f"https://{current_app.config['SERVER_NAME']}/activities/accept/" + gibberish(32)
}
better instance failure detection
2024-09-21 10:15:25 +12:00
if post_request(remote_user.ap_inbox_url, accept, local_user.private_key, f"{local_user.public_url()}#main-key") is True:
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
activity_log.result = 'success'
else:
activity_log.exception_message = 'Error sending Accept'
Add msg to ap log if local user not found
2024-04-30 12:41:37 +01:00
else:
activity_log.exception_message = 'Could not find local user'
activity_log.result = 'failure'
Accept Follow requests from remote actors to local actors
2024-04-29 16:13:29 +01:00
db.session.commit()
Process Undo/Follow requests from remote actors to local actors
2024-04-29 17:13:15 +01:00
basic mastodon interop
2023-12-27 14:38:41 +13:00
@bp.route('/c/<actor>/inbox', methods=['GET', 'POST'])
def community_inbox(actor):
return shared_inbox()
webfinger and nodeinfo
2023-08-05 21:24:10 +12:00
basic mastodon interop
2023-12-27 14:38:41 +13:00
@bp.route('/c/<actor>/followers', methods=['GET'])
def community_followers(actor):
actor = actor.strip()
community = Community.query.filter_by(name=actor, banned=False, ap_id=None).first()
if community is not None:
result = {
"@context": default_context(),
Return list of sticky posts for local community featured url
2024-03-24 22:10:41 +00:00
"id": f'https://{current_app.config["SERVER_NAME"]}/c/{actor}/followers',
basic mastodon interop
2023-12-27 14:38:41 +13:00
"type": "Collection",
"totalItems": community_members(community.id),
"items": []
}
resp = jsonify(result)
resp.content_type = 'application/activity+json'
return resp
else:
abort(404)
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
Respond to /u/actor/followers URL
2024-04-29 19:47:06 +01:00
@bp.route('/u/<actor>/followers', methods=['GET'])
def user_followers(actor):
actor = actor.strip()
user = User.query.filter_by(user_name=actor, banned=False, ap_id=None).first()
if user is not None and user.ap_followers_url:
when someone is blocked, remove them from followers collection #172
2024-05-08 19:28:49 +12:00
# Get all followers, except those that are blocked by user by doing an outer join
followers = User.query.join(UserFollower, User.id == UserFollower.remote_user_id)\
.outerjoin(UserBlock, (User.id == UserBlock.blocker_id) & (UserFollower.local_user_id == UserBlock.blocked_id))\
.filter((UserFollower.local_user_id == user.id) & (UserBlock.id == None))\
.all()
Respond to /u/actor/followers URL
2024-04-29 19:47:06 +01:00
items = []
for f in followers:
items.append(f.ap_public_url)
result = {
"@context": default_context(),
"id": user.ap_followers_url,
"type": "Collection",
"totalItems": len(items),
"items": items
}
resp = jsonify(result)
resp.content_type = 'application/activity+json'
return resp
else:
abort(404)
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
@bp.route('/comment/<int:comment_id>', methods=['GET'])
def comment_ap(comment_id):
if is_activitypub_request():
reply = PostReply.query.get_or_404(comment_id)
replies collection on outbox and /post/xxx #175
2024-06-05 20:33:00 +12:00
reply_data = comment_model_to_json(reply)
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
resp = jsonify(reply_data)
resp.content_type = 'application/activity+json'
change headers to reduce network usage
2024-03-02 13:56:47 +13:00
resp.headers.set('Vary', 'Accept')
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
return resp
else:
debug issues found in production log
2024-02-23 20:23:59 +13:00
reply = PostReply.query.get_or_404(comment_id)
fake news domain blocking and notifying
2023-12-30 11:36:24 +13:00
return continue_discussion(reply.post.id, comment_id)
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
post url redirect
2024-01-12 20:21:41 +13:00
@bp.route('/post/<int:post_id>/', methods=['GET'])
def post_ap2(post_id):
return redirect(url_for('activitypub.post_ap', post_id=post_id))
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
@bp.route('/post/<int:post_id>', methods=['GET', 'POST'])
def post_ap(post_id):
if request.method == 'GET' and is_activitypub_request():
post = Post.query.get_or_404(post_id)
Share functionality between post_to_activity and post_to_page
2024-06-05 22:45:35 +01:00
post_data = post_to_page(post)
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
post_data['@context'] = default_context()
resp = jsonify(post_data)
resp.content_type = 'application/activity+json'
change headers to reduce network usage
2024-03-02 13:56:47 +13:00
resp.headers.set('Vary', 'Accept')
federation - post content and replies/comments to remote communities
2023-12-09 22:14:16 +13:00
return resp
else:
return show_post(post_id)
refactoring and bug fixes
2023-12-22 14:05:39 +13:00
@bp.route('/activities/<type>/<id>')
ignore mastodon delete spam and lemmy retry spam
2023-12-23 11:32:22 +13:00
@cache.cached(timeout=600)
refactoring and bug fixes
2023-12-22 14:05:39 +13:00
def activities_json(type, id):
activity = ActivityPubLog.query.filter_by(activity_id=f"https://{current_app.config['SERVER_NAME']}/activities/{type}/{id}").first()
if activity:
still return HTTP 200 even if activity was not logged. Hopefully friendca will cope #103
2024-03-17 02:02:32 +13:00
if activity.activity_json is not None:
activity_json = json.loads(activity.activity_json)
else:
activity_json = {}
log all outgoing actitivies
2023-12-22 15:34:45 +13:00
resp = jsonify(activity_json)
resp.content_type = 'application/activity+json'
return resp
refactoring and bug fixes
2023-12-22 14:05:39 +13:00
else:
abort(404)
a way for senders to see the result of their POST to our inbox for debugging
2024-04-20 20:46:51 +12:00
# Other instances can query the result of their POST to the inbox by using this endpoint. The ID of the activity they
# sent (minus the https:// on the front) is the id parameter. e.g. https://piefed.ngrok.app/activity_result/piefed.ngrok.app/activities/announce/EfjyZ3BE5SzQK0C
@bp.route('/activity_result/<path:id>')
def activity_result(id):
activity = ActivityPubLog.query.filter_by(activity_id=f'https://{id}').first()
if activity:
if activity.result == 'success':
return jsonify('Ok')
else:
return jsonify({'error': activity.result, 'message': activity.exception_message})
else:
abort(404)
apf part 12: Create/Update requests
2024-11-18 22:05:25 +00:00
def process_new_content(user, community, store_ap_json, request_json, announced=True):
if not announced:
in_reply_to = request_json['object']['inReplyTo'] if 'inReplyTo' in request_json['object'] else None
ap_id = request_json['object']['id']
announce_id = None
activity_json = request_json
else:
in_reply_to = request_json['object']['object']['inReplyTo'] if 'inReplyTo' in request_json['object']['object'] else None
ap_id = request_json['object']['object']['id']
announce_id = request_json['id']
activity_json = request_json['object']
if not in_reply_to: # Creating a new post
post = Post.query.filter_by(ap_id=ap_id).first()
if post:
if activity_json['type'] == 'Create':
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Create processed after Update')
return
if user.id == post.user_id:
update_post_from_activity(post, activity_json)
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(post.community, post.author, request_json)
return
else:
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Edit attempt denied')
return
else:
if can_create_post(user, community):
try:
post = create_post(store_ap_json, community, activity_json, user, announce_id=announce_id)
if post:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(community, user, request_json)
return
except TypeError as e:
current_app.logger.error('TypeError: ' + str(request_json))
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'TypeError. See log file.')
return
else:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'User cannot create post in Community')
return
else: # Creating a reply / comment
reply = PostReply.query.filter_by(ap_id=ap_id).first()
if reply:
if activity_json['type'] == 'Create':
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Create processed after Update')
return
if user.id == reply.user_id:
update_post_reply_from_activity(reply, activity_json)
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(reply.community, reply.author, request_json)
return
else:
log_incoming_ap(request_json['id'], APLOG_UPDATE, APLOG_FAILURE, request_json if store_ap_json else None, 'Edit attempt denied')
return
else:
if can_create_post_reply(user, community):
try:
reply = create_post_reply(store_ap_json, community, in_reply_to, activity_json, user, announce_id=announce_id)
if reply:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(community, user, request_json)
return
except TypeError as e:
current_app.logger.error('TypeError: ' + str(request_json))
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'TypeError. See log file.')
return
else:
log_incoming_ap(request_json['id'], APLOG_CREATE, APLOG_FAILURE, request_json if store_ap_json else None, 'User cannot create reply in Community')
return
apf part 14: Like / Dislike requests
2024-11-19 11:51:29 +00:00
def process_upvote(user, store_ap_json, request_json, announced=True):
ap_id = request_json['object'] if not announced else request_json['object']['object']
liked = find_liked_object(ap_id)
if liked is None:
log_incoming_ap(request_json['id'], APLOG_LIKE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unfound object ' + ap_id)
return
if can_upvote(user, liked.community):
if isinstance(liked, (Post, PostReply)):
liked.vote(user, 'upvote')
log_incoming_ap(request_json['id'], APLOG_LIKE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(liked.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_LIKE, APLOG_IGNORED, request_json if store_ap_json else None, 'Cannot upvote this')
def process_downvote(user, store_ap_json, request_json, announced=True):
ap_id = request_json['object'] if not announced else request_json['object']['object']
liked = find_liked_object(ap_id)
if liked is None:
log_incoming_ap(request_json['id'], APLOG_DISLIKE, APLOG_FAILURE, request_json if store_ap_json else None, 'Unfound object ' + ap_id)
return
if can_downvote(user, liked.community):
if isinstance(liked, (Post, PostReply)):
liked.vote(user, 'downvote')
log_incoming_ap(request_json['id'], APLOG_DISLIKE, APLOG_SUCCESS, request_json if store_ap_json else None)
if not announced:
announce_activity_to_followers(liked.community, user, request_json)
else:
log_incoming_ap(request_json['id'], APLOG_DISLIKE, APLOG_IGNORED, request_json if store_ap_json else None, 'Cannot downvote this')
Reference in a new issue Copy permalink