Merge branch 'tusooa/3331-fix-incoming-block' into 'develop' - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: dd7f699d4a3580a59405fbfc51b96f90f5d84d7d
parent 3f3f8bc57a3433e14d0e562bfa319f177bc6dd6c
Author: feld <feld@feld.me>
Date:   Fri, 11 Oct 2024 20:22:21 +0000

Merge branch 'tusooa/3331-fix-incoming-block' into 'develop'

Fix incoming Blocks being rejected

Closes #3331

See merge request pleroma/pleroma!4282
Diffstat:
A changelog.d/incoming-blocks.fix 1 +
M lib/pleroma/constants.ex 5 +++++
M lib/pleroma/web/activity_pub/object_validator.ex 12 ++++++++++++
M test/pleroma/web/activity_pub/activity_pub_controller_test.exs 21 +++++++++++++++++++++

4 files changed, 39 insertions(+), 0 deletions(-)
diff --git a/changelog.d/incoming-blocks.fix b/changelog.d/incoming-blocks.fix
@@ -0,0 +1 @@
+Fix incoming Block activities being rejected
diff --git a/lib/pleroma/constants.ex b/lib/pleroma/constants.ex
@@ -87,6 +87,7 @@ defmodule Pleroma.Constants do
 
   const(activity_types,
     do: [
+      "Block",
       "Create",
       "Update",
       "Delete",
@@ -115,6 +116,10 @@ defmodule Pleroma.Constants do
     ]
   )
 
+  const(object_types,
+    do: ~w[Event Question Answer Audio Video Image Article Note Page ChatMessage]
+  )
+
   # basic regex, just there to weed out potential mistakes
   # https://datatracker.ietf.org/doc/html/rfc2045#section-5.1
   const(mime_regex,
diff --git a/lib/pleroma/web/activity_pub/object_validator.ex b/lib/pleroma/web/activity_pub/object_validator.ex
@@ -11,6 +11,8 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
 
   @behaviour Pleroma.Web.ActivityPub.ObjectValidator.Validating
 
+  import Pleroma.Constants, only: [activity_types: 0, object_types: 0]
+
   alias Pleroma.Activity
   alias Pleroma.EctoType.ActivityPub.ObjectValidators
   alias Pleroma.Object
@@ -38,6 +40,16 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidator do
   @impl true
   def validate(object, meta)
 
+  # This overload works together with the InboxGuardPlug
+  # and ensures that we are not accepting any activity type
+  # that cannot pass InboxGuardPlug.
+  # If we want to support any more activity types, make sure to
+  # add it in Pleroma.Constants's activity_types or object_types,
+  # and, if applicable, allowed_activity_types_from_strangers.
+  def validate(%{"type" => type}, _meta)
+      when type not in activity_types() and type not in object_types(),
+      do: {:error, :not_allowed_object_type}
+
   def validate(%{"type" => "Block"} = block_activity, meta) do
     with {:ok, block_activity} <-
            block_activity
diff --git a/test/pleroma/web/activity_pub/activity_pub_controller_test.exs b/test/pleroma/web/activity_pub/activity_pub_controller_test.exs
@@ -1320,6 +1320,27 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
         html_body: ~r/#{note.data["object"]}/i
       )
     end
+
+    test "it accepts an incoming Block", %{conn: conn, data: data} do
+      user = insert(:user)
+
+      data =
+        data
+        |> Map.put("type", "Block")
+        |> Map.put("to", [user.ap_id])
+        |> Map.put("cc", [])
+        |> Map.put("object", user.ap_id)
+
+      conn =
+        conn
+        |> assign(:valid_signature, true)
+        |> put_req_header("content-type", "application/activity+json")
+        |> post("/users/#{user.nickname}/inbox", data)
+
+      assert "ok" == json_response(conn, 200)
+      ObanHelpers.perform(all_enqueued(worker: ReceiverWorker))
+      assert Activity.get_by_ap_id(data["id"])
+    end
   end
 
   describe "GET /users/:nickname/outbox" do

A	changelog.d/incoming-blocks.fix	1	+
M	lib/pleroma/constants.ex	5	+++++
M	lib/pleroma/web/activity_pub/object_validator.ex	12	++++++++++++
M	test/pleroma/web/activity_pub/activity_pub_controller_test.exs	21	+++++++++++++++++++++