pleroma

commit: a74ce2d77a53873b3edceeda7287b299c7922a8c
parent 4605efe272016a5ba8ba6e96a9bec9a6e40c1591
Author: Hélène <pleroma-dev@helene.moe>
Date:   Wed, 18 May 2022 21:25:10 +0200

StealEmojiPolicy: fix String rejected_shortcodes

* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.

Diffstat:
M
lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex
18
+++++++++++++++---
M
test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs
16
+++++++++++++++-

2 files changed, 30 insertions(+), 4 deletions(-)
diff --git a/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex b/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex
@@ -12,6 +12,14 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
 
   defp accept_host?(host), do: host in Config.get([:mrf_steal_emoji, :hosts], [])
 
+  defp shortcode_matches?(shortcode, pattern) when is_binary(pattern) do
+    shortcode == pattern
+  end
+
+  defp shortcode_matches?(shortcode, pattern) do
+    String.match?(shortcode, pattern)
+  end
+
   defp steal_emoji({shortcode, url}, emoji_dir_path) do
     url = Pleroma.Web.MediaProxy.url(url)
 
@@ -72,7 +80,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
           reject_emoji? =
             [:mrf_steal_emoji, :rejected_shortcodes]
             |> Config.get([])
-            |> Enum.find(false, fn regex -> String.match?(shortcode, regex) end)
+            |> Enum.find(false, fn pattern -> shortcode_matches?(shortcode, pattern) end)
 
           !reject_emoji?
         end)
@@ -122,8 +130,12 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
         %{
           key: :rejected_shortcodes,
           type: {:list, :string},
-          description: "Regex-list of shortcodes to reject",
-          suggestions: [""]
+          description: """
+            A list of patterns or matches to reject shortcodes with.
+
+            Each pattern can be a string or [Regex](https://hexdocs.pm/elixir/Regex.html) in the format of `~r/PATTERN/`.
+          """,
+          suggestions: ["foo", ~r/foo/]
         },
         %{
           key: :size_limit,
diff --git a/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs b/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs
@@ -60,7 +60,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
            |> File.exists?()
   end
 
-  test "reject shortcode", %{message: message} do
+  test "reject regex shortcode", %{message: message} do
     refute "firedfox" in installed()
 
     clear_config(:mrf_steal_emoji,
@@ -74,6 +74,20 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
     refute "firedfox" in installed()
   end
 
+  test "reject string shortcode", %{message: message} do
+    refute "firedfox" in installed()
+
+    clear_config(:mrf_steal_emoji,
+      hosts: ["example.org"],
+      size_limit: 284_468,
+      rejected_shortcodes: ["firedfox"]
+    )
+
+    assert {:ok, _message} = StealEmojiPolicy.filter(message)
+
+    refute "firedfox" in installed()
+  end
+
   test "reject if size is above the limit", %{message: message} do
     refute "firedfox" in installed()