Directly delete an object if the actor is itself

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2022-04-20 11:33:54 +02:00
parent 00f4c0b02c
commit 0ebb797740
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773

View File

@ -622,11 +622,16 @@ defmodule Mobilizon.Federation.ActivityPub.Transmogrifier do
{:error, :unknown_actor} {:error, :unknown_actor}
{:ok, %Actor{} = actor} -> {:ok, %Actor{} = actor} ->
# If the actor itself is being deleted, no need to check anything other than the object being remote
if remote_actor_is_being_deleted(data) do
Actions.Delete.delete(actor, actor, false)
else
case is_group_object_gone(object_id) do case is_group_object_gone(object_id) do
{:ok, object} -> # The group object is no longer there, we can remove the element
{:ok, entity} ->
if Utils.origin_check_from_id?(actor_url, object_id) || if Utils.origin_check_from_id?(actor_url, object_id) ||
Permission.can_delete_group_object?(actor, object) do Permission.can_delete_group_object?(actor, entity) do
Actions.Delete.delete(object, actor, false) Actions.Delete.delete(entity, actor, false)
else else
Logger.warn("Object origin check failed") Logger.warn("Object origin check failed")
:error :error
@ -638,6 +643,7 @@ defmodule Mobilizon.Federation.ActivityPub.Transmogrifier do
end end
end end
end end
end
def handle_incoming( def handle_incoming(
%{"type" => "Move", "object" => %{"type" => type} = object, "actor" => _actor} = data %{"type" => "Move", "object" => %{"type" => type} = object, "actor" => _actor} = data
@ -1215,4 +1221,9 @@ defmodule Mobilizon.Federation.ActivityPub.Transmogrifier do
moderator.domain == group.domain moderator.domain == group.domain
end end
end end
defp remote_actor_is_being_deleted(%{"object" => object} = data) do
object_id = Utils.get_url(object)
Utils.get_actor(data) == object_id and not Utils.are_same_origin?(object_id, Endpoint.url())
end
end end