2019-05-16 18:11:17 -06:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-12 23:49:20 -07:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2019-05-16 18:11:17 -06:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|
|
|
|
use Pleroma.DataCase
|
|
|
|
import Pleroma.Factory
|
|
|
|
alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
|
2020-07-31 09:18:04 -06:00
|
|
|
alias Pleroma.Web.CommonAPI
|
2019-05-16 18:11:17 -06:00
|
|
|
|
2020-03-20 09:33:00 -06:00
|
|
|
setup do:
|
|
|
|
clear_config(:mrf_simple,
|
|
|
|
media_removal: [],
|
|
|
|
media_nsfw: [],
|
|
|
|
federated_timeline_removal: [],
|
|
|
|
report_removal: [],
|
|
|
|
reject: [],
|
2020-07-31 09:18:04 -06:00
|
|
|
followers_only: [],
|
2020-03-20 09:33:00 -06:00
|
|
|
accept: [],
|
|
|
|
avatar_removal: [],
|
2020-04-13 12:48:32 -06:00
|
|
|
banner_removal: [],
|
|
|
|
reject_deletes: []
|
2020-03-20 09:33:00 -06:00
|
|
|
)
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
describe "when :media_removal" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :media_removal], [])
|
2019-05-16 18:11:17 -06:00
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) == {:ok, media_message}
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) == {:ok, media_update_message}
|
2019-05-16 18:11:17 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}])
|
2019-05-16 18:11:17 -06:00
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) ==
|
|
|
|
{:ok,
|
|
|
|
media_message
|
|
|
|
|> Map.put("object", Map.delete(media_message["object"], "attachment"))}
|
|
|
|
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) ==
|
|
|
|
{:ok,
|
|
|
|
media_update_message
|
|
|
|
|> Map.put("object", Map.delete(media_update_message["object"], "attachment"))}
|
|
|
|
|
2019-05-16 18:11:17 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :media_removal], [{"*.remote.instance", "Whatever reason"}])
|
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) ==
|
|
|
|
{:ok,
|
|
|
|
media_message
|
|
|
|
|> Map.put("object", Map.delete(media_message["object"], "attachment"))}
|
|
|
|
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) ==
|
|
|
|
{:ok,
|
|
|
|
media_update_message
|
|
|
|
|> Map.put("object", Map.delete(media_update_message["object"], "attachment"))}
|
|
|
|
|
2019-07-22 08:33:58 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :media_nsfw" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :media_nsfw], [])
|
2019-05-16 18:11:17 -06:00
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) == {:ok, media_message}
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) == {:ok, media_update_message}
|
2019-05-16 18:11:17 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}])
|
2019-05-16 18:11:17 -06:00
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) ==
|
2020-12-28 15:21:53 -07:00
|
|
|
{:ok, put_in(media_message, ["object", "sensitive"], true)}
|
2019-05-16 18:11:17 -06:00
|
|
|
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) ==
|
|
|
|
{:ok, put_in(media_update_message, ["object", "sensitive"], true)}
|
|
|
|
|
2019-05-16 18:11:17 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :media_nsfw], [{"*.remote.instance", "yeah yeah"}])
|
|
|
|
media_message = build_media_message()
|
2022-12-08 15:12:27 -07:00
|
|
|
media_update_message = build_media_update_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(media_message) ==
|
2020-12-28 15:21:53 -07:00
|
|
|
{:ok, put_in(media_message, ["object", "sensitive"], true)}
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2022-12-08 15:12:27 -07:00
|
|
|
assert SimplePolicy.filter(media_update_message) ==
|
|
|
|
{:ok, put_in(media_update_message, ["object", "sensitive"], true)}
|
|
|
|
|
2019-07-22 08:33:58 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_media_message do
|
2019-05-16 18:11:17 -06:00
|
|
|
%{
|
2022-11-07 15:33:18 -07:00
|
|
|
"actor" => "https://remote.instance/users/bob",
|
2019-05-16 18:11:17 -06:00
|
|
|
"type" => "Create",
|
|
|
|
"object" => %{
|
|
|
|
"attachment" => [%{}],
|
2020-12-28 05:02:16 -07:00
|
|
|
"tag" => ["foo"],
|
2019-05-16 18:11:17 -06:00
|
|
|
"sensitive" => false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2022-12-08 15:12:27 -07:00
|
|
|
defp build_media_update_message do
|
|
|
|
%{
|
|
|
|
"actor" => "https://remote.instance/users/bob",
|
|
|
|
"type" => "Update",
|
|
|
|
"object" => %{
|
|
|
|
"attachment" => [%{}],
|
|
|
|
"tag" => ["foo"],
|
|
|
|
"sensitive" => false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2019-05-19 16:02:50 -06:00
|
|
|
describe "when :report_removal" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :report_removal], [])
|
2019-05-19 16:02:50 -06:00
|
|
|
report_message = build_report_message()
|
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(report_message) == {:ok, report_message}
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :report_removal], [{"remote.instance", "muh"}])
|
2019-05-19 16:02:50 -06:00
|
|
|
report_message = build_report_message()
|
|
|
|
local_message = build_local_message()
|
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(report_message)
|
2019-05-19 16:02:50 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :report_removal], [{"*.remote.instance", "suya"}])
|
|
|
|
report_message = build_report_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(report_message)
|
2019-07-22 08:33:58 -06:00
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-05-19 16:02:50 -06:00
|
|
|
end
|
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_report_message do
|
2019-05-19 16:02:50 -06:00
|
|
|
%{
|
2022-11-07 15:33:18 -07:00
|
|
|
"actor" => "https://remote.instance/users/bob",
|
2019-05-19 16:02:50 -06:00
|
|
|
"type" => "Flag"
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2019-05-16 18:11:17 -06:00
|
|
|
describe "when :federated_timeline_removal" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :federated_timeline_removal], [])
|
2022-11-07 15:33:18 -07:00
|
|
|
{_, ftl_message} = build_ftl_actor_and_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2022-11-07 15:33:18 -07:00
|
|
|
{actor, ftl_message} = build_ftl_actor_and_message()
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
ftl_message_actor_host =
|
|
|
|
ftl_message
|
|
|
|
|> Map.fetch!("actor")
|
|
|
|
|> URI.parse()
|
|
|
|
|> Map.fetch!(:host)
|
|
|
|
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :federated_timeline_removal], [{ftl_message_actor_host, "uwu"}])
|
2019-05-16 18:11:17 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
|
|
|
|
assert actor.follower_address in ftl_message["to"]
|
|
|
|
refute actor.follower_address in ftl_message["cc"]
|
|
|
|
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
|
|
|
|
assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
2019-05-25 19:57:22 -06:00
|
|
|
|
2019-07-22 08:33:58 -06:00
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
{actor, ftl_message} = build_ftl_actor_and_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
ftl_message_actor_host =
|
|
|
|
ftl_message
|
|
|
|
|> Map.fetch!("actor")
|
|
|
|
|> URI.parse()
|
|
|
|
|> Map.fetch!(:host)
|
|
|
|
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :federated_timeline_removal], [
|
2022-11-07 15:33:18 -07:00
|
|
|
{"*." <> ftl_message_actor_host, "owo"}
|
2020-09-24 13:01:33 -06:00
|
|
|
])
|
|
|
|
|
2019-07-22 08:33:58 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
|
|
|
|
assert actor.follower_address in ftl_message["to"]
|
|
|
|
refute actor.follower_address in ftl_message["cc"]
|
|
|
|
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
|
|
|
|
assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
2019-05-25 19:57:22 -06:00
|
|
|
test "has a matching host but only as:Public in to" do
|
2022-11-07 15:33:18 -07:00
|
|
|
{_actor, ftl_message} = build_ftl_actor_and_message()
|
2019-05-25 19:57:22 -06:00
|
|
|
|
|
|
|
ftl_message_actor_host =
|
|
|
|
ftl_message
|
|
|
|
|> Map.fetch!("actor")
|
|
|
|
|> URI.parse()
|
|
|
|
|> Map.fetch!(:host)
|
|
|
|
|
|
|
|
ftl_message = Map.put(ftl_message, "cc", [])
|
|
|
|
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :federated_timeline_removal], [
|
|
|
|
{ftl_message_actor_host, "spiderwaifu goes 88w88"}
|
|
|
|
])
|
2019-05-25 19:57:22 -06:00
|
|
|
|
|
|
|
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
|
|
|
|
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
|
|
|
|
assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"]
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
2022-08-27 04:57:57 -06:00
|
|
|
describe "describe/1" do
|
|
|
|
test "returns a description of the policy" do
|
|
|
|
clear_config([:mrf_simple, :reject], [
|
|
|
|
{"remote.instance", "did not give my catboy a burg"}
|
|
|
|
])
|
|
|
|
|
|
|
|
assert {:ok, %{mrf_simple: %{reject: ["remote.instance"]}}} = SimplePolicy.describe()
|
|
|
|
end
|
|
|
|
|
|
|
|
test "excludes domains listed in :transparency_exclusions" do
|
|
|
|
clear_config([:mrf, :transparency_exclusions], [{"remote.instance", ":("}])
|
|
|
|
|
|
|
|
clear_config([:mrf_simple, :reject], [
|
|
|
|
{"remote.instance", "did not give my catboy a burg"}
|
|
|
|
])
|
|
|
|
|
|
|
|
{:ok, description} = SimplePolicy.describe()
|
|
|
|
assert %{mrf_simple: %{reject: []}} = description
|
|
|
|
assert description[:mrf_simple_info][:reject] == nil
|
|
|
|
end
|
|
|
|
|
|
|
|
test "obfuscates domains listed in :transparency_obfuscate_domains" do
|
|
|
|
clear_config([:mrf, :transparency_obfuscate_domains], ["remote.instance", "a.b"])
|
|
|
|
|
|
|
|
clear_config([:mrf_simple, :reject], [
|
|
|
|
{"remote.instance", "did not give my catboy a burg"},
|
|
|
|
{"a.b", "spam-poked me on facebook in 2006"}
|
|
|
|
])
|
|
|
|
|
|
|
|
assert {:ok,
|
|
|
|
%{
|
|
|
|
mrf_simple: %{reject: ["rem***.*****nce", "a.b"]},
|
|
|
|
mrf_simple_info: %{reject: %{"rem***.*****nce" => %{}}}
|
|
|
|
}} = SimplePolicy.describe()
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_ftl_actor_and_message do
|
|
|
|
actor = insert(:user)
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
{actor,
|
|
|
|
%{
|
|
|
|
"actor" => actor.ap_id,
|
|
|
|
"to" => ["https://www.w3.org/ns/activitystreams#Public", "http://foo.bar/baz"],
|
|
|
|
"cc" => [actor.follower_address, "http://foo.bar/qux"]
|
|
|
|
}}
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :reject" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :reject], [])
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
remote_message = build_remote_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
|
|
|
|
end
|
|
|
|
|
2019-10-06 18:55:09 -06:00
|
|
|
test "activity has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
remote_message = build_remote_message()
|
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2019-10-06 18:55:09 -06:00
|
|
|
test "activity matches with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :reject], [{"*.remote.instance", ""}])
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
remote_message = build_remote_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
2019-07-22 08:33:58 -06:00
|
|
|
end
|
2019-10-06 18:55:09 -06:00
|
|
|
|
|
|
|
test "actor has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
|
2019-10-06 18:55:09 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_user)
|
2019-10-06 18:55:09 -06:00
|
|
|
end
|
2021-03-18 14:31:50 -06:00
|
|
|
|
|
|
|
test "reject Announce when object would be rejected" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
2021-03-18 14:31:50 -06:00
|
|
|
|
|
|
|
announce = %{
|
|
|
|
"type" => "Announce",
|
|
|
|
"actor" => "https://okay.tld/users/alice",
|
|
|
|
"object" => %{"type" => "Note", "actor" => "https://blocked.tld/users/bob"}
|
|
|
|
}
|
|
|
|
|
|
|
|
assert {:reject, _} = SimplePolicy.filter(announce)
|
|
|
|
end
|
2021-04-29 10:51:49 -06:00
|
|
|
|
|
|
|
test "reject by URI object" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
2021-04-29 10:51:49 -06:00
|
|
|
|
|
|
|
announce = %{
|
|
|
|
"type" => "Announce",
|
|
|
|
"actor" => "https://okay.tld/users/alice",
|
|
|
|
"object" => "https://blocked.tld/activities/1"
|
|
|
|
}
|
|
|
|
|
|
|
|
assert {:reject, _} = SimplePolicy.filter(announce)
|
|
|
|
end
|
2022-12-09 12:57:29 -07:00
|
|
|
|
|
|
|
test "accept by matching context URI if :handle_threads is disabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], false)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put("context", "https://blocked.tld/contexts/abc")
|
|
|
|
|
|
|
|
assert {:ok, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
|
|
|
|
|
|
|
test "accept by matching conversation field if :handle_threads is disabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], false)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put(
|
|
|
|
"conversation",
|
|
|
|
"tag:blocked.tld,1997-06-25:objectId=12345:objectType=Conversation"
|
|
|
|
)
|
|
|
|
|
|
|
|
assert {:ok, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
|
|
|
|
|
|
|
test "accept by matching reply ID if :handle_threads is disabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], false)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put("type", "Create")
|
|
|
|
|> Map.put("object", %{
|
|
|
|
"type" => "Note",
|
|
|
|
"inReplyTo" => "https://blocked.tld/objects/1"
|
|
|
|
})
|
|
|
|
|
|
|
|
assert {:ok, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
|
|
|
|
|
|
|
test "reject by matching context URI if :handle_threads is enabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], true)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put("context", "https://blocked.tld/contexts/abc")
|
|
|
|
|
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
|
|
|
|
|
|
|
test "reject by matching conversation field if :handle_threads is enabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], true)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put(
|
|
|
|
"conversation",
|
|
|
|
"tag:blocked.tld,1997-06-25:objectId=12345:objectType=Conversation"
|
|
|
|
)
|
|
|
|
|
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
|
|
|
|
|
|
|
test "reject by matching reply ID if :handle_threads is enabled" do
|
|
|
|
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
|
|
|
|
clear_config([:mrf_simple, :handle_threads], true)
|
|
|
|
|
|
|
|
remote_message =
|
|
|
|
build_remote_message()
|
|
|
|
|> Map.put("type", "Create")
|
|
|
|
|> Map.put("object", %{
|
|
|
|
"type" => "Note",
|
|
|
|
"inReplyTo" => "https://blocked.tld/objects/1"
|
|
|
|
})
|
|
|
|
|
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
2020-07-31 09:18:04 -06:00
|
|
|
describe "when :followers_only" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :followers_only], [])
|
2022-11-07 15:33:18 -07:00
|
|
|
{_, ftl_message} = build_ftl_actor_and_message()
|
2020-07-31 09:18:04 -06:00
|
|
|
local_message = build_local_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
|
|
|
actor = insert(:user)
|
|
|
|
following_user = insert(:user)
|
|
|
|
non_following_user = insert(:user)
|
|
|
|
|
|
|
|
{:ok, _, _, _} = CommonAPI.follow(following_user, actor)
|
|
|
|
|
|
|
|
activity = %{
|
|
|
|
"actor" => actor.ap_id,
|
|
|
|
"to" => [
|
|
|
|
"https://www.w3.org/ns/activitystreams#Public",
|
|
|
|
following_user.ap_id,
|
|
|
|
non_following_user.ap_id
|
|
|
|
],
|
|
|
|
"cc" => [actor.follower_address, "http://foo.bar/qux"]
|
|
|
|
}
|
|
|
|
|
|
|
|
dm_activity = %{
|
|
|
|
"actor" => actor.ap_id,
|
|
|
|
"to" => [
|
|
|
|
following_user.ap_id,
|
|
|
|
non_following_user.ap_id
|
|
|
|
],
|
|
|
|
"cc" => []
|
|
|
|
}
|
|
|
|
|
|
|
|
actor_domain =
|
|
|
|
activity
|
|
|
|
|> Map.fetch!("actor")
|
|
|
|
|> URI.parse()
|
|
|
|
|> Map.fetch!(:host)
|
|
|
|
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :followers_only], [{actor_domain, ""}])
|
2020-07-31 09:18:04 -06:00
|
|
|
|
|
|
|
assert {:ok, new_activity} = SimplePolicy.filter(activity)
|
|
|
|
assert actor.follower_address in new_activity["cc"]
|
|
|
|
assert following_user.ap_id in new_activity["to"]
|
|
|
|
refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["to"]
|
|
|
|
refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
|
|
|
|
refute non_following_user.ap_id in new_activity["to"]
|
|
|
|
refute non_following_user.ap_id in new_activity["cc"]
|
|
|
|
|
|
|
|
assert {:ok, new_dm_activity} = SimplePolicy.filter(dm_activity)
|
|
|
|
assert new_dm_activity["to"] == [following_user.ap_id]
|
|
|
|
assert new_dm_activity["cc"] == []
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-16 18:11:17 -06:00
|
|
|
describe "when :accept" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :accept], [])
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
local_message = build_local_message()
|
|
|
|
remote_message = build_remote_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
|
|
|
|
end
|
|
|
|
|
2019-10-06 18:55:09 -06:00
|
|
|
test "is not empty but activity doesn't have a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
local_message = build_local_message()
|
|
|
|
remote_message = build_remote_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(remote_message)
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
2019-10-06 18:55:09 -06:00
|
|
|
test "activity has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
|
2019-05-16 18:11:17 -06:00
|
|
|
|
|
|
|
local_message = build_local_message()
|
|
|
|
remote_message = build_remote_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2019-10-06 18:55:09 -06:00
|
|
|
test "activity matches with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :accept], [{"*.remote.instance", ""}])
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
local_message = build_local_message()
|
2022-11-07 15:33:18 -07:00
|
|
|
remote_message = build_remote_message()
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
assert SimplePolicy.filter(local_message) == {:ok, local_message}
|
|
|
|
assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
|
|
|
|
end
|
2019-10-06 18:55:09 -06:00
|
|
|
|
|
|
|
test "actor has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
|
2019-10-06 18:55:09 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
|
|
|
|
2019-05-21 23:08:37 -06:00
|
|
|
describe "when :avatar_removal" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :avatar_removal], [])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "is not empty but it doesn't have a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :avatar_removal], [{"non.matching.remote", ""}])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :avatar_removal], [{"remote.instance", ""}])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
{:ok, filtered} = SimplePolicy.filter(remote_user)
|
|
|
|
|
|
|
|
refute filtered["icon"]
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :avatar_removal], [{"*.remote.instance", ""}])
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
remote_user = build_remote_user()
|
2019-07-22 08:33:58 -06:00
|
|
|
{:ok, filtered} = SimplePolicy.filter(remote_user)
|
|
|
|
|
|
|
|
refute filtered["icon"]
|
|
|
|
end
|
2019-05-21 23:08:37 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :banner_removal" do
|
|
|
|
test "is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
clear_config([:mrf_simple, :banner_removal], [])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "is not empty but it doesn't have a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :banner_removal], [{"non.matching.remote", ""}])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :banner_removal], [{"remote.instance", ""}])
|
2019-05-21 23:08:37 -06:00
|
|
|
|
|
|
|
remote_user = build_remote_user()
|
|
|
|
{:ok, filtered} = SimplePolicy.filter(remote_user)
|
|
|
|
|
|
|
|
refute filtered["image"]
|
|
|
|
end
|
2019-07-22 08:33:58 -06:00
|
|
|
|
|
|
|
test "match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
clear_config([:mrf_simple, :banner_removal], [{"*.remote.instance", ""}])
|
2019-07-22 08:33:58 -06:00
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
remote_user = build_remote_user()
|
2019-07-22 08:33:58 -06:00
|
|
|
{:ok, filtered} = SimplePolicy.filter(remote_user)
|
|
|
|
|
|
|
|
refute filtered["image"]
|
|
|
|
end
|
2019-05-21 23:08:37 -06:00
|
|
|
end
|
|
|
|
|
2020-04-13 12:48:32 -06:00
|
|
|
describe "when :reject_deletes is empty" do
|
2021-01-26 10:58:43 -07:00
|
|
|
setup do: clear_config([:mrf_simple, :reject_deletes], [])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
test "it accepts deletions even from rejected servers" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
deletion_message = build_remote_deletion_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "it accepts deletions even from non-whitelisted servers" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
deletion_message = build_remote_deletion_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :reject_deletes is not empty but it doesn't have a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
setup do: clear_config([:mrf_simple, :reject_deletes], [{"non.matching.remote", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
test "it accepts deletions even from rejected servers" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
deletion_message = build_remote_deletion_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "it accepts deletions even from non-whitelisted servers" do
|
2020-09-24 13:01:33 -06:00
|
|
|
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
deletion_message = build_remote_deletion_message()
|
|
|
|
|
|
|
|
assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :reject_deletes has a matching host" do
|
2020-09-24 13:01:33 -06:00
|
|
|
setup do: clear_config([:mrf_simple, :reject_deletes], [{"remote.instance", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
test "it rejects the deletion" do
|
|
|
|
deletion_message = build_remote_deletion_message()
|
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(deletion_message)
|
2020-04-13 12:48:32 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "when :reject_deletes match with wildcard domain" do
|
2022-11-07 15:33:18 -07:00
|
|
|
setup do: clear_config([:mrf_simple, :reject_deletes], [{"*.remote.instance", ""}])
|
2020-04-13 12:48:32 -06:00
|
|
|
|
|
|
|
test "it rejects the deletion" do
|
2022-11-07 15:33:18 -07:00
|
|
|
deletion_message = build_remote_deletion_message()
|
2020-04-13 12:48:32 -06:00
|
|
|
|
2020-07-13 07:47:13 -06:00
|
|
|
assert {:reject, _} = SimplePolicy.filter(deletion_message)
|
2020-04-13 12:48:32 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-16 18:11:17 -06:00
|
|
|
defp build_local_message do
|
|
|
|
%{
|
2021-05-31 14:09:11 -06:00
|
|
|
"actor" => "#{Pleroma.Web.Endpoint.url()}/users/alice",
|
2019-05-16 18:11:17 -06:00
|
|
|
"to" => [],
|
|
|
|
"cc" => []
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_remote_message do
|
|
|
|
%{"actor" => "https://remote.instance/users/bob"}
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|
2019-05-21 23:08:37 -06:00
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_remote_user do
|
2019-05-21 23:08:37 -06:00
|
|
|
%{
|
2022-11-07 15:33:18 -07:00
|
|
|
"id" => "https://remote.instance/users/bob",
|
2019-05-21 23:08:37 -06:00
|
|
|
"icon" => %{
|
|
|
|
"url" => "http://example.com/image.jpg",
|
|
|
|
"type" => "Image"
|
|
|
|
},
|
|
|
|
"image" => %{
|
|
|
|
"url" => "http://example.com/image.jpg",
|
|
|
|
"type" => "Image"
|
|
|
|
},
|
|
|
|
"type" => "Person"
|
|
|
|
}
|
|
|
|
end
|
2020-04-12 19:26:35 -06:00
|
|
|
|
2022-11-07 15:33:18 -07:00
|
|
|
defp build_remote_deletion_message do
|
2020-04-12 19:26:35 -06:00
|
|
|
%{
|
|
|
|
"type" => "Delete",
|
2022-11-07 15:33:18 -07:00
|
|
|
"actor" => "https://remote.instance/users/bob"
|
2020-04-12 19:26:35 -06:00
|
|
|
}
|
|
|
|
end
|
2019-05-16 18:11:17 -06:00
|
|
|
end
|