gitea/nas
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Change: 時限投稿はフォロワー以外にはActivityを発行しない (#250)

Browse source 
* Change: 時限投稿はフォロワー以外にはActivityを発行しない

* Fix: ドメイン単位の認証になるように

* Add test and fix

* Fix lint

* Fix test

* Fix test

* Revert "Fix test"

This reverts commit 22f1114b7f.

* Revert "Fix lint"

This reverts commit a828efa9be.

* Revert "Revert "Fix lint""

This reverts commit 6a2d68f28a.

* Revert "Revert "Fix test""

This reverts commit a21c0b9d3e.
This commit is contained in:
KMY(雪あすか) 2023-12-21 11:21:33 +09:00 committed by GitHub
parent faf791c602
commit 789afccf9b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 66 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/statuses_controller.rb
View file

@ -29,7 +29,7 @@ class StatusesController < ApplicationController
end end
format.json do format.json do
expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software? expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software? && !@status.expires?
render_with_cache json: @status, content_type: 'application/activity+json', serializer: status_activity_serializer, adapter: ActivityPub::Adapter, cancel_cache: misskey_software? render_with_cache json: @status, content_type: 'application/activity+json', serializer: status_activity_serializer, adapter: ActivityPub::Adapter, cancel_cache: misskey_software?
end end
end end
@ -64,6 +64,8 @@ class StatusesController < ApplicationController
if request.authorization.present? && request.authorization.match(/^Bearer /i) if request.authorization.present? && request.authorization.match(/^Bearer /i)
raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, '')) raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, ''))
elsif request.format == :json && @status.expires?
raise Mastodon::NotPermittedError unless StatusPolicy.new(signed_request_account, @status).show_activity?
else else
authorize @status, :show? authorize @status, :show?
end end

9
app/models/concerns/account/interactions.rb
View file

@ -198,6 +198,15 @@ module Account::Interactions
other_account.following?(self) other_account.following?(self)
end end
def followed_by_domain?(other_domain, since = nil)
return true if other_domain.blank?
return false unless local?
scope = followers
scope = scope.where('follows.created_at < ?', since) if since.present?
scope.exists?(domain: other_domain)
end
def mutual?(other_account) def mutual?(other_account)
following?(other_account) && followed_by?(other_account) following?(other_account) && followed_by?(other_account)
end end

4
app/models/status.rb
View file

@ -253,6 +253,10 @@ class Status < ApplicationRecord
!quote_of_id.nil? && !quote.nil? !quote_of_id.nil? && !quote.nil?
end end
def expires?
scheduled_expiration_status.present?
end
def within_realtime_window? def within_realtime_window?
created_at >= REAL_TIME_WINDOW.ago created_at >= REAL_TIME_WINDOW.ago
end end

13
app/policies/status_policy.rb
View file

@ -28,6 +28,13 @@ class StatusPolicy < ApplicationPolicy
record.limited_visibility? ? owned_conversation? : owned? record.limited_visibility? ? owned_conversation? : owned?
end end
def show_activity?
return false unless show?
return true unless record.expires?
following_author_domain?
end
def reblog? def reblog?
!requires_mention? && (!private? || owned?) && show? && !blocking_author? !requires_mention? && (!private? || owned?) && show? && !blocking_author?
end end
@ -115,6 +122,12 @@ class StatusPolicy < ApplicationPolicy
@preloaded_relations[:following] ? @preloaded_relations[:following][author.id] : current_account.following?(author) @preloaded_relations[:following] ? @preloaded_relations[:following][author.id] : current_account.following?(author)
end end
def following_author_domain?
return false if current_account.nil?
author.followed_by_domain?(current_account.domain, record.created_at)
end
def author def author
record.account record.account
end end

37
spec/models/concerns/account/interactions_spec.rb
View file

@ -381,6 +381,43 @@ describe Account::Interactions do
end end
end end
describe '#followed_by_domain?' do
subject { account.followed_by_domain?('example.com') }
let(:target_account) { Fabricate(:account, domain: 'example.com', uri: 'https://example.com/actor') }
context 'when followed by target_account' do
it 'returns true' do
account.passive_relationships.create(account: target_account)
expect(subject).to be true
end
end
context 'when not followed by target_account' do
it 'returns false' do
expect(subject).to be false
end
end
context 'with status' do
subject { account.followed_by_domain?('example.com', '2022/12/24 10:00:00') }
context 'when followed by target_account since the time' do
it 'returns true' do
account.passive_relationships.create(account: target_account, created_at: '2022/12/22 10:00:00')
expect(subject).to be true
end
end
context 'when followed by target_account after the time' do
it 'returns false' do
account.passive_relationships.create(account: target_account, created_at: '2022/12/26 10:00:00')
expect(subject).to be false
end
end
end
end
describe '#blocking?' do describe '#blocking?' do
subject { account.blocking?(target_account) } subject { account.blocking?(target_account) }