monorail
/
mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow to dereference Follow object for ActivityPub (#5772) 

* Allow to dereference Follow object for ActivityPub

* Accept IRI as object representation for Accept activity
This commit is contained in:
Akihiko Odaki 2018-01-04 02:08:57 +09:00 committed by Eugen Rochko
parent 53d99ebf4f
commit 161c72d66d
10 changed files with 134 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/controllers/activitypub/follows_controller.rb Normal file
View File

@ -0,0 +1,18 @@
# frozen_string_literal: true
class ActivityPub::FollowsController < Api::BaseController
include SignatureVerification
def show
render(
json: FollowRequest.includes(:account).references(:account).find_by!(
id: params.require(:id),
accounts: { domain: nil, username: params.require(:account_username) },
target_account: signed_request_account
),
serializer: ActivityPub::FollowSerializer,
adapter: ActivityPub::Adapter,
content_type: 'application/activity+json'
)
end
end

17
app/lib/activitypub/activity/accept.rb
View File

@ -2,16 +2,18 @@
class ActivityPub::Activity::Accept < ActivityPub::Activity class ActivityPub::Activity::Accept < ActivityPub::Activity
def perform def perform
case @object['type'] if @object.respond_to?(:[]) &&
when 'Follow' @object['type'] == 'Follow' && @object['actor'].present?
accept_follow accept_follow_from @object['actor']
else
accept_follow_object @object
end end
end end
private private
def accept_follow def accept_follow_from(actor)
target_account = account_from_uri(target_uri) target_account = account_from_uri(value_or_id(actor))
return if target_account.nil? || !target_account.local? return if target_account.nil? || !target_account.local?
@ -19,7 +21,8 @@ class ActivityPub::Activity::Accept < ActivityPub::Activity
follow_request&.authorize! follow_request&.authorize!
end end
def target_uri def accept_follow_object(object)
@target_uri ||= value_or_id(@object['actor']) follow_request = ActivityPub::TagManager.instance.uri_to_resource(value_or_id(object), FollowRequest)
follow_request&.authorize!
end end
end end

8
app/lib/activitypub/tag_manager.rb
View File

@ -28,6 +28,8 @@ class ActivityPub::TagManager
return target.uri if target.respond_to?(:local?) && !target.local? return target.uri if target.respond_to?(:local?) && !target.local?
case target.object_type case target.object_type
when :follow
account_follow_url(target.account.username, target)
when :person when :person
account_url(target) account_url(target)
when :note, :comment, :activity when :note, :comment, :activity
@ -97,6 +99,12 @@ class ActivityPub::TagManager
case klass.name case klass.name
when 'Account' when 'Account'
klass.find_local(uri_to_local_id(uri, :username)) klass.find_local(uri_to_local_id(uri, :username))
when 'FollowRequest'
params = Rails.application.routes.recognize_path(uri)
klass.joins(:account).find_by!(
accounts: { domain: nil, username: params[:account_username] },
id: params[:id]
)
else else
StatusFinder.new(uri).status StatusFinder.new(uri).status
end end

4
app/models/follow_request.rb
View File

@ -21,6 +21,10 @@ class FollowRequest < ApplicationRecord
validates :account_id, uniqueness: { scope: :target_account_id } validates :account_id, uniqueness: { scope: :target_account_id }
def object_type
:follow
end
def authorize! def authorize!
account.follow!(target_account, reblogs: show_reblogs) account.follow!(target_account, reblogs: show_reblogs)
MergeWorker.perform_async(target_account.id, account.id) MergeWorker.perform_async(target_account.id, account.id)

9
app/serializers/activitypub/follow_serializer.rb
View File

@ -1,11 +1,12 @@
# frozen_string_literal: true # frozen_string_literal: true
class ActivityPub::FollowSerializer < ActiveModel::Serializer class ActivityPub::FollowSerializer < ActiveModel::Serializer
attributes :id, :type, :actor attributes :type, :actor
attribute :id, if: :dereferencable?
attribute :virtual_object, key: :object attribute :virtual_object, key: :object
def id def id
[ActivityPub::TagManager.instance.uri_for(object.account), '#follows/', object.id].join ActivityPub::TagManager.instance.uri_for(object)
end end
def type def type
@ -19,4 +20,8 @@ class ActivityPub::FollowSerializer < ActiveModel::Serializer
def virtual_object def virtual_object
ActivityPub::TagManager.instance.uri_for(object.target_account) ActivityPub::TagManager.instance.uri_for(object.target_account)
end end
def dereferencable?
object.respond_to?(:object_type)
end
end end

2
app/views/accounts/_header.html.haml
View File

@ -8,7 +8,7 @@
= fa_icon 'user-times' = fa_icon 'user-times'
= t('accounts.unfollow') = t('accounts.unfollow')
- else - else
= link_to account_follow_path(account), data: { method: :post }, class: 'icon-button' do = link_to account_follows_path(account), data: { method: :post }, class: 'icon-button' do
= fa_icon 'user-plus' = fa_icon 'user-plus'
= t('accounts.follow') = t('accounts.follow')
- elsif !user_signed_in? - elsif !user_signed_in?

3
config/routes.rb
View File

@ -54,7 +54,8 @@ Rails.application.routes.draw do
resources :followers, only: [:index], controller: :follower_accounts resources :followers, only: [:index], controller: :follower_accounts
resources :following, only: [:index], controller: :following_accounts resources :following, only: [:index], controller: :following_accounts
resource :follow, only: [:create], controller: :account_follow resources :follows, only: [:show], module: :activitypub
resource :follow, only: [:create], controller: :account_follow, as: :follows
resource :unfollow, only: [:create], controller: :account_unfollow resource :unfollow, only: [:create], controller: :account_unfollow
resource :outbox, only: [:show], module: :activitypub resource :outbox, only: [:show], module: :activitypub
resource :inbox, only: [:create], module: :activitypub resource :inbox, only: [:create], module: :activitypub

43
spec/controllers/activitypub/follows_controller_spec.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
require 'rails_helper'
describe ActivityPub::FollowsController, type: :controller do
let(:follow_request) { Fabricate(:follow_request, account: account) }
render_views
context 'with local account' do
let(:account) { Fabricate(:account, domain: nil) }
it 'returns follow request' do
signed_request = Request.new(:get, account_follow_url(account, follow_request))
signed_request.on_behalf_of(follow_request.target_account)
request.headers.merge! signed_request.headers
get :show, params: { id: follow_request, account_username: account.username }
expect(body_as_json[:id]).to eq ActivityPub::TagManager.instance.uri_for(follow_request)
expect(response).to have_http_status :success
end
it 'returns http 404 without signature' do
get :show, params: { id: follow_request, account_username: account.username }
expect(response).to have_http_status 404
end
end
context 'with remote account' do
let(:account) { Fabricate(:account, domain: Faker::Internet.domain_name) }
it 'returns http 404' do
signed_request = Request.new(:get, account_follow_url(account, follow_request))
signed_request.on_behalf_of(follow_request.target_account)
request.headers.merge! signed_request.headers
get :show, params: { id: follow_request, account_username: account.username }
expect(response).to have_http_status 404
end
end
end

53
spec/lib/activitypub/activity/accept_spec.rb
View File

@ -3,36 +3,49 @@ require 'rails_helper'
RSpec.describe ActivityPub::Activity::Accept do RSpec.describe ActivityPub::Activity::Accept do
let(:sender) { Fabricate(:account) } let(:sender) { Fabricate(:account) }
let(:recipient) { Fabricate(:account) } let(:recipient) { Fabricate(:account) }
let!(:follow_request) { Fabricate(:follow_request, account: recipient, target_account: sender) }
let(:json) do
{
'@context': 'https://www.w3.org/ns/activitystreams',
id: 'foo',
type: 'Accept',
actor: ActivityPub::TagManager.instance.uri_for(sender),
object: {
id: 'bar',
type: 'Follow',
actor: ActivityPub::TagManager.instance.uri_for(recipient),
object: ActivityPub::TagManager.instance.uri_for(sender),
},
}.with_indifferent_access
end
describe '#perform' do describe '#perform' do
subject { described_class.new(json, sender) } subject { described_class.new(json, sender) }
before do before do
Fabricate(:follow_request, account: recipient, target_account: sender)
subject.perform subject.perform
end end
it 'creates a follow relationship' do context 'with concerete object representation' do
expect(recipient.following?(sender)).to be true let(:json) do
{
'@context': 'https://www.w3.org/ns/activitystreams',
id: 'foo',
type: 'Accept',
actor: ActivityPub::TagManager.instance.uri_for(sender),
object: {
type: 'Follow',
actor: ActivityPub::TagManager.instance.uri_for(recipient),
object: ActivityPub::TagManager.instance.uri_for(sender),
},
}.with_indifferent_access
end
it 'creates a follow relationship' do
expect(recipient.following?(sender)).to be true
end
end end
it 'removes the follow request' do context 'with object represented by id' do
expect(recipient.requested?(sender)).to be false let(:json) do
{
'@context': 'https://www.w3.org/ns/activitystreams',
id: 'foo',
type: 'Accept',
actor: ActivityPub::TagManager.instance.uri_for(sender),
object: ActivityPub::TagManager.instance.uri_for(follow_request),
}.with_indifferent_access
end
it 'creates a follow relationship' do
expect(recipient.following?(sender)).to be true
end
end end
end end
end end

8
spec/models/follow_request_spec.rb
View File

@ -27,4 +27,12 @@ RSpec.describe FollowRequest, type: :model do
expect(follow_request.account.muting_reblogs?(target)).to be true expect(follow_request.account.muting_reblogs?(target)).to be true
end end
end end
describe '#object_type' do
let(:follow_request) { Fabricate(:follow_request) }
it 'equals to :follow' do
expect(follow_request.object_type).to eq :follow
end
end
end end