delete statusses is now privileged by :status_delete

Instead of superusers, you now need a role with privilige :status_delete to delete other users statusses
I also cleaned up some other stuff I saw
This commit is contained in:
Ilja 2022-06-13 11:00:49 +02:00
parent 7adfc2e0f4
commit 7cf473c500
4 changed files with 24 additions and 33 deletions

View file

@ -144,7 +144,7 @@ defmodule Pleroma.Web.CommonAPI do
{:find_activity, Activity.get_by_id(activity_id)}, {:find_activity, Activity.get_by_id(activity_id)},
{_, %Object{} = object, _} <- {_, %Object{} = object, _} <-
{:find_object, Object.normalize(activity, fetch: false), activity}, {:find_object, Object.normalize(activity, fetch: false), activity},
true <- User.superuser?(user) || user.ap_id == object.data["actor"], true <- User.privileged?(user, :status_delete) || user.ap_id == object.data["actor"],
{:ok, delete_data, _} <- Builder.delete(user, object.data["id"]), {:ok, delete_data, _} <- Builder.delete(user, object.data["id"]),
{:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do {:ok, delete, _} <- Pipeline.common_pipeline(delete_data, local: true) do
{:ok, delete} {:ok, delete}

View file

@ -85,9 +85,8 @@ defmodule Pleroma.Web.AdminAPI.InstanceControllerTest do
clear_config([:instance, :admin_privileges], []) clear_config([:instance, :admin_privileges], [])
response = conn
conn |> delete("/api/pleroma/admin/instances/lain.com")
|> delete("/api/pleroma/admin/instances/lain.com") |> json_response(:forbidden)
|> json_response(:forbidden)
end end
end end

View file

@ -4,7 +4,7 @@
defmodule Pleroma.Web.CommonAPITest do defmodule Pleroma.Web.CommonAPITest do
use Oban.Testing, repo: Pleroma.Repo use Oban.Testing, repo: Pleroma.Repo
use Pleroma.DataCase use Pleroma.DataCase, async: false
alias Pleroma.Activity alias Pleroma.Activity
alias Pleroma.Chat alias Pleroma.Chat
@ -321,7 +321,7 @@ defmodule Pleroma.Web.CommonAPITest do
refute Activity.get_by_id(post.id) refute Activity.get_by_id(post.id)
end end
test "it does not allow a user to delete their posts" do test "it does not allow a user to delete posts from another user" do
user = insert(:user) user = insert(:user)
other_user = insert(:user) other_user = insert(:user)
@ -331,7 +331,8 @@ defmodule Pleroma.Web.CommonAPITest do
assert Activity.get_by_id(post.id) assert Activity.get_by_id(post.id)
end end
test "it allows moderators to delete other user's posts" do test "it allows privileged users to delete other user's posts" do
clear_config([:instance, :moderator_privileges], [:status_delete])
user = insert(:user) user = insert(:user)
moderator = insert(:user, is_moderator: true) moderator = insert(:user, is_moderator: true)
@ -343,19 +344,20 @@ defmodule Pleroma.Web.CommonAPITest do
refute Activity.get_by_id(post.id) refute Activity.get_by_id(post.id)
end end
test "it allows admins to delete other user's posts" do test "it doesn't allow unprivileged mods or admins to delete other user's posts" do
clear_config([:instance, :admin_privileges], [])
clear_config([:instance, :moderator_privileges], [])
user = insert(:user) user = insert(:user)
moderator = insert(:user, is_admin: true) moderator = insert(:user, is_moderator: true, is_admin: true)
{:ok, post} = CommonAPI.post(user, %{status: "namu amida butsu"}) {:ok, post} = CommonAPI.post(user, %{status: "namu amida butsu"})
assert {:ok, delete} = CommonAPI.delete(post.id, moderator) assert {:error, "Could not delete"} = CommonAPI.delete(post.id, moderator)
assert delete.local assert Activity.get_by_id(post.id)
refute Activity.get_by_id(post.id)
end end
test "superusers deleting non-local posts won't federate the delete" do test "privileged users deleting non-local posts won't federate the delete" do
clear_config([:instance, :admin_privileges], [:status_delete])
# This is the user of the ingested activity # This is the user of the ingested activity
_user = _user =
insert(:user, insert(:user,
@ -364,7 +366,7 @@ defmodule Pleroma.Web.CommonAPITest do
last_refreshed_at: NaiveDateTime.utc_now() last_refreshed_at: NaiveDateTime.utc_now()
) )
moderator = insert(:user, is_admin: true) admin = insert(:user, is_admin: true)
data = data =
File.read!("test/fixtures/mastodon-post-activity.json") File.read!("test/fixtures/mastodon-post-activity.json")
@ -374,7 +376,7 @@ defmodule Pleroma.Web.CommonAPITest do
with_mock Pleroma.Web.Federator, with_mock Pleroma.Web.Federator,
publish: fn _ -> nil end do publish: fn _ -> nil end do
assert {:ok, delete} = CommonAPI.delete(post.id, moderator) assert {:ok, delete} = CommonAPI.delete(post.id, admin)
assert delete.local assert delete.local
refute called(Pleroma.Web.Federator.publish(:_)) refute called(Pleroma.Web.Federator.publish(:_))
end end

View file

@ -3,7 +3,7 @@
# SPDX-License-Identifier: AGPL-3.0-only # SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
use Pleroma.Web.ConnCase use Pleroma.Web.ConnCase, async: false
use Oban.Testing, repo: Pleroma.Repo use Oban.Testing, repo: Pleroma.Repo
alias Pleroma.Activity alias Pleroma.Activity
@ -968,30 +968,20 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert Activity.get_by_id(activity.id) == activity assert Activity.get_by_id(activity.id) == activity
end end
test "when you're an admin or moderator", %{conn: conn} do test "when you're privileged to", %{conn: conn} do
activity1 = insert(:note_activity) clear_config([:instance, :moderator_privileges], [:status_delete])
activity2 = insert(:note_activity) activity = insert(:note_activity)
admin = insert(:user, is_admin: true)
moderator = insert(:user, is_moderator: true) moderator = insert(:user, is_moderator: true)
res_conn =
conn
|> assign(:user, admin)
|> assign(:token, insert(:oauth_token, user: admin, scopes: ["write:statuses"]))
|> delete("/api/v1/statuses/#{activity1.id}")
assert %{} = json_response_and_validate_schema(res_conn, 200)
res_conn = res_conn =
conn conn
|> assign(:user, moderator) |> assign(:user, moderator)
|> assign(:token, insert(:oauth_token, user: moderator, scopes: ["write:statuses"])) |> assign(:token, insert(:oauth_token, user: moderator, scopes: ["write:statuses"]))
|> delete("/api/v1/statuses/#{activity2.id}") |> delete("/api/v1/statuses/#{activity.id}")
assert %{} = json_response_and_validate_schema(res_conn, 200) assert %{} = json_response_and_validate_schema(res_conn, 200)
refute Activity.get_by_id(activity1.id) refute Activity.get_by_id(activity.id)
refute Activity.get_by_id(activity2.id)
end end
end end