Merge branch 'mrf/simple_policy/check_actor' into 'develop'

mrf/simple_policy: check actor against accept/reject See merge request pleroma/pleroma!1806
author: kaniini <ariadne@dereferenced.org> 2019-10-07 10:19:24 +0000
committer: kaniini <ariadne@dereferenced.org> 2019-10-07 10:19:24 +0000
commit: 93bdc55306895dce0554e7838ecf2ea7ddaea3a7 (patch)
tree: 4e585d38cf71a92b43b164f7e81bf5c3029b184f
parent: 15592f1abe117761b90846e02194a35982f3bebf (diff)
parent: 58aeabd020ae7355aea6b63a331b164e8b23a6c0 (diff)
3 files changed, 25 insertions, 6 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e2d6d6950..f480a3f72 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -24,6 +24,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Admin API: Return `total` when querying for reports
 - Mastodon API: Return `pleroma.direct_conversation_id` when creating a direct message (`POST /api/v1/statuses`)
 - Admin API: Return link alongside with token on password reset
+- MRF (Simple Policy): Also use `:accept`/`:reject` on the actors rather than only their activities
 
 ### Fixed
 - Mastodon API: Fix private and direct statuses not being filtered out from the public timeline for an authenticated user (`GET /api/v1/timelines/public`)
diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
index 8aa6852f0..8e53296e7 100644
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -168,7 +168,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
       when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do
     actor_info = URI.parse(actor)
 
-    with {:ok, object} <- check_avatar_removal(actor_info, object),
+    with {:ok, object} <- check_accept(actor_info, object),
+         {:ok, object} <- check_reject(actor_info, object),
+         {:ok, object} <- check_avatar_removal(actor_info, object),
          {:ok, object} <- check_banner_removal(actor_info, object) do
       {:ok, object}
     else
diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index 7203b27da..df0f223f8 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -236,7 +236,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
     end
 
-    test "has a matching host" do
+    test "activity has a matching host" do
       Config.put([:mrf_simple, :reject], ["remote.instance"])
 
       remote_message = build_remote_message()
@@ -244,13 +244,21 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(remote_message) == {:reject, nil}
     end
 
-    test "match with wildcard domain" do
+    test "activity matches with wildcard domain" do
       Config.put([:mrf_simple, :reject], ["*.remote.instance"])
 
       remote_message = build_remote_message()
 
       assert SimplePolicy.filter(remote_message) == {:reject, nil}
     end
+
+    test "actor has a matching host" do
+      Config.put([:mrf_simple, :reject], ["remote.instance"])
+
+      remote_user = build_remote_user()
+
+      assert SimplePolicy.filter(remote_user) == {:reject, nil}
+    end
   end
 
   describe "when :accept" do
@@ -264,7 +272,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
     end
 
-    test "is not empty but it doesn't have a matching host" do
+    test "is not empty but activity doesn't have a matching host" do
       Config.put([:mrf_simple, :accept], ["non.matching.remote"])
 
       local_message = build_local_message()
@@ -274,7 +282,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(remote_message) == {:reject, nil}
     end
 
-    test "has a matching host" do
+    test "activity has a matching host" do
       Config.put([:mrf_simple, :accept], ["remote.instance"])
 
       local_message = build_local_message()
@@ -284,7 +292,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
     end
 
-    test "match with wildcard domain" do
+    test "activity matches with wildcard domain" do
       Config.put([:mrf_simple, :accept], ["*.remote.instance"])
 
       local_message = build_local_message()
@@ -293,6 +301,14 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       assert SimplePolicy.filter(local_message) == {:ok, local_message}
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
     end
+
+    test "actor has a matching host" do
+      Config.put([:mrf_simple, :accept], ["remote.instance"])
+
+      remote_user = build_remote_user()
+
+      assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
+    end
   end
 
   describe "when :avatar_removal" do
author	kaniini <ariadne@dereferenced.org>	2019-10-07 10:19:24 +0000
committer	kaniini <ariadne@dereferenced.org>	2019-10-07 10:19:24 +0000
commit	93bdc55306895dce0554e7838ecf2ea7ddaea3a7 (patch)
tree	4e585d38cf71a92b43b164f7e81bf5c3029b184f
parent	15592f1abe117761b90846e02194a35982f3bebf (diff)
parent	58aeabd020ae7355aea6b63a331b164e8b23a6c0 (diff)