diff --git a/app/javascript/mastodon/components/compacted_status.jsx b/app/javascript/mastodon/components/compacted_status.jsx index b9c44f34c9af67..6986bcd34c4d56 100644 --- a/app/javascript/mastodon/components/compacted_status.jsx +++ b/app/javascript/mastodon/components/compacted_status.jsx @@ -544,8 +544,8 @@ class CompactedStatus extends ImmutablePureComponent { -
- +
+
diff --git a/app/javascript/styles/mastodon/components.scss b/app/javascript/styles/mastodon/components.scss index 0771e3cef27222..afcbc193b31321 100644 --- a/app/javascript/styles/mastodon/components.scss +++ b/app/javascript/styles/mastodon/components.scss @@ -2316,8 +2316,8 @@ a.account__display-name { height: 46px; &.status__avatar__compact { - width: 24px; - height: 24px; + width: 32px; + height: 32px; } } @@ -11549,4 +11549,8 @@ noscript { &--compacted-status::after { display: none; } + + &--compacted-status p { + margin-bottom: 22px; + } } diff --git a/app/lib/activitypub/parser/status_parser.rb b/app/lib/activitypub/parser/status_parser.rb index cc9788e964ca36..5867f07d868aa8 100644 --- a/app/lib/activitypub/parser/status_parser.rb +++ b/app/lib/activitypub/parser/status_parser.rb @@ -147,7 +147,7 @@ def audience_cc def audience_searchable_by return nil if @object['searchableBy'].nil? - @audience_searchable_by = as_array(@object['searchableBy']).map { |x| value_or_id(x) } + @audience_searchable_by = as_array(@object['searchableBy']).map { |x| value_or_id(x) }.compact_blank end def summary_language_map? @@ -204,17 +204,18 @@ def searchability_from_bio def searchability_from_audience return nil if audience_searchable_by.blank? + return :limited if audience_searchable_by.include?('kmyblue:Limited') || audience_searchable_by.include?('as:Limited') if audience_searchable_by.any? { |uri| ActivityPub::TagManager.instance.public_collection?(uri) } :public - elsif audience_searchable_by.include?('kmyblue:Limited') || audience_searchable_by.include?('as:Limited') - :limited elsif audience_searchable_by.include?('kmyblue:LocalPublic') && @friend :public_unlisted elsif audience_searchable_by.include?(@account.followers_url) :private elsif audience_searchable_by.include?(@account.uri) || audience_searchable_by.include?(@account.url) :direct + else + :limited end end end diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index da2b9db379d205..a7825594bda067 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -278,7 +278,7 @@ def url def audience_searchable_by return nil if @json['searchableBy'].nil? - @audience_searchable_by_processaccountservice = as_array(@json['searchableBy']).map { |x| value_or_id(x) } + @audience_searchable_by_processaccountservice = as_array(@json['searchableBy']).map { |x| value_or_id(x) }.compact_blank end def searchability_from_audience @@ -289,14 +289,16 @@ def searchability_from_audience return invalid_subscription_software? ? misskey_searchability_from_indexable : :direct end + return :limited if audience_searchable_by.include?('kmyblue:Limited') || audience_searchable_by.include?('as:Limited') + if audience_searchable_by.any? { |uri| ActivityPub::TagManager.instance.public_collection?(uri) } :public elsif audience_searchable_by.include?(@account.followers_url) :private - elsif audience_searchable_by.include?('kmyblue:Limited') || audience_searchable_by.include?('as:Limited') - :limited - else + elsif audience_searchable_by.include?(@account.uri) || audience_searchable_by.include?(@account.url) :direct + else + :limited end end diff --git a/app/views/settings/preferences/notifications/show.html.haml b/app/views/settings/preferences/notifications/show.html.haml index 7c5715b845175b..26111374f995fb 100644 --- a/app/views/settings/preferences/notifications/show.html.haml +++ b/app/views/settings/preferences/notifications/show.html.haml @@ -41,8 +41,3 @@ label_method: ->(setting) { I18n.t("simple_form.labels.notification_emails.software_updates.#{setting}") }, label: I18n.t('simple_form.labels.notification_emails.software_updates.label'), wrapper: :with_label - - - if Setting.enable_emoji_reaction - = f.simple_fields_for :settings, current_user.settings do |ff| - .fields-group - = ff.input :stop_emoji_reaction_streaming, as: :boolean, wrapper: :with_label, kmyblue: true, label: I18n.t('simple_form.labels.defaults.setting_stop_emoji_reaction_streaming'), hint: I18n.t('simple_form.hints.defaults.setting_stop_emoji_reaction_streaming') diff --git a/app/views/settings/preferences/other/show.html.haml b/app/views/settings/preferences/other/show.html.haml index 895c29788de8b4..e6a6db766fdca5 100644 --- a/app/views/settings/preferences/other/show.html.haml +++ b/app/views/settings/preferences/other/show.html.haml @@ -37,6 +37,10 @@ label: I18n.t('simple_form.labels.defaults.setting_default_sensitive'), wrapper: :with_label + - if Setting.enable_emoji_reaction + .fields-group + = ff.input :stop_emoji_reaction_streaming, as: :boolean, wrapper: :with_label, kmyblue: true, label: I18n.t('simple_form.labels.defaults.setting_stop_emoji_reaction_streaming'), hint: I18n.t('simple_form.hints.defaults.setting_stop_emoji_reaction_streaming') + - if @dtl_enabled %h4= t 'preferences.dtl' diff --git a/spec/lib/activitypub/activity/create_spec.rb b/spec/lib/activitypub/activity/create_spec.rb index f51d9ddb06ce74..fad45d3cb744c0 100644 --- a/spec/lib/activitypub/activity/create_spec.rb +++ b/spec/lib/activitypub/activity/create_spec.rb @@ -653,30 +653,30 @@ def activity_for_object(json) end end - context 'with direct when not specify' do - let(:searchable_by) { nil } + context 'with unintended value' do + let(:searchable_by) { 'ohagi' } it 'create status' do status = sender.statuses.first expect(status).to_not be_nil - expect(status.searchability).to be_nil + expect(status.searchability).to eq 'limited' end end - context 'with limited' do - let(:searchable_by) { 'kmyblue:Limited' } + context 'with direct when not specify' do + let(:searchable_by) { nil } it 'create status' do status = sender.statuses.first expect(status).to_not be_nil - expect(status.searchability).to eq 'limited' + expect(status.searchability).to be_nil end end - context 'with limited old spec' do - let(:searchable_by) { 'as:Limited' } + context 'with limited' do + let(:searchable_by) { 'kmyblue:Limited' } it 'create status' do status = sender.statuses.first diff --git a/spec/services/activitypub/process_account_service_spec.rb b/spec/services/activitypub/process_account_service_spec.rb new file mode 100644 index 00000000000000..21d6c15ac3c3b0 --- /dev/null +++ b/spec/services/activitypub/process_account_service_spec.rb @@ -0,0 +1,658 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe ActivityPub::ProcessAccountService do + subject { described_class.new } + + before do + stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(status: 404) + end + + describe 'about blocking new remote account' do + subject { described_class.new.call('alice', 'example.com', payload) } + + let(:hold_remote_new_accounts) { true } + let(:permit_domain) { nil } + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + actor_type: 'Person', + summary: 'new bio', + }.with_indifferent_access + end + + before do + Setting.hold_remote_new_accounts = hold_remote_new_accounts + Fabricate(:specified_domain, domain: permit_domain, table: 0) if permit_domain + end + + it 'creates pending account in a simple case' do + expect(subject).to_not be_nil + expect(subject.uri).to eq 'https://foo.test' + expect(subject.suspended?).to be true + expect(subject.remote_pending).to be true + end + + context 'when is blocked' do + let(:permit_domain) { 'foo.bar' } + + it 'creates pending account' do + expect(subject).to_not be_nil + expect(subject.suspended?).to be true + expect(subject.remote_pending).to be true + end + + context 'when the domain is not on list but hold_remote_new_accounts is disabled' do + let(:hold_remote_new_accounts) { false } + + it 'creates normal account' do + expect(subject).to_not be_nil + expect(subject.suspended?).to be false + expect(subject.remote_pending).to be false + end + end + + context 'with has existing account' do + before do + Fabricate(:account, uri: 'https://foo.test', domain: 'example.com', username: 'alice', note: 'old bio') + end + + it 'updated account' do + expect(subject).to_not be_nil + expect(subject.suspended?).to be false + expect(subject.remote_pending).to be false + expect(subject.note).to eq 'new bio' + end + end + + context 'with has existing suspended pending account' do + before do + Fabricate(:account, uri: 'https://foo.test', domain: 'example.com', username: 'alice', note: 'old bio', suspended_at: 1.day.ago, remote_pending: true, suspension_origin: :local) + end + + it 'updated account' do + expect(subject).to_not be_nil + expect(subject.suspended?).to be true + expect(subject.remote_pending).to be true + expect(subject.suspension_origin_local?).to be true + expect(subject.note).to eq 'new bio' + end + end + + context 'with has existing suspended account' do + before do + Fabricate(:account, uri: 'https://foo.test', domain: 'example.com', username: 'alice', note: 'old bio', suspended_at: 1.day.ago, suspension_origin: :local) + end + + it 'does not update account' do + expect(subject).to_not be_nil + expect(subject.suspended?).to be true + expect(subject.remote_pending).to be false + expect(subject.suspension_origin_local?).to be true + expect(subject.note).to eq 'old bio' + end + end + end + + context 'when is in whitelist' do + let(:permit_domain) { 'example.com' } + + it 'does not create account' do + expect(subject).to_not be_nil + expect(subject.uri).to eq 'https://foo.test' + expect(subject.suspended?).to be false + expect(subject.remote_pending).to be false + end + end + end + + context 'with searchability' do + subject { described_class.new.call('alice', 'example.com', payload) } + + let(:software) { 'mastodon' } + let(:searchable_by) { 'https://www.w3.org/ns/activitystreams#Public' } + let(:sender_bio) { '' } + let(:indexable) { nil } + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + followers: 'https://example.com/followers', + searchableBy: searchable_by, + indexable: indexable, + summary: sender_bio, + actor_type: 'Person', + }.with_indifferent_access + end + + before do + Fabricate(:instance_info, domain: 'example.com', software: software) + stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(body: '{}') + stub_request(:get, 'https://example.com/followers').to_return(body: '[]') + end + + context 'when public' do + it 'searchability is public' do + expect(subject.searchability).to eq 'public' + end + end + + context 'when private' do + let(:searchable_by) { 'https://example.com/followers' } + + it 'searchability is private' do + expect(subject.searchability).to eq 'private' + end + end + + context 'when direct' do + let(:searchable_by) { 'https://foo.test' } + + it 'searchability is direct' do + expect(subject.searchability).to eq 'direct' + end + end + + context 'when limited' do + let(:searchable_by) { 'kmyblue:Limited' } + + it 'searchability is limited' do + expect(subject.searchability).to eq 'limited' + end + end + + context 'when empty array' do + let(:searchable_by) { '' } + + it 'searchability is direct' do + expect(subject.searchability).to eq 'direct' + end + end + + context 'when unintended value' do + let(:searchable_by) { 'ohagi' } + + it 'searchability is direct' do + expect(subject.searchability).to eq 'limited' + end + end + + context 'when default value' do + let(:searchable_by) { nil } + + it 'searchability is direct' do + expect(subject.searchability).to eq 'direct' + end + end + + context 'when misskey user' do + let(:software) { 'misskey' } + let(:searchable_by) { nil } + + it 'searchability is public' do + expect(subject.searchability).to eq 'public' + end + + context 'with true indexable' do + let(:indexable) { true } + + it 'searchability is public' do + expect(subject.searchability).to eq 'public' + end + end + + context 'with false indexable' do + let(:indexable) { false } + + it 'searchability is limited' do + expect(subject.searchability).to eq 'limited' + end + end + + context 'with no-indexable key' do + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + followers: 'https://example.com/followers', + searchableBy: searchable_by, + summary: sender_bio, + }.with_indifferent_access + end + + it 'searchability is public' do + expect(subject.searchability).to eq 'public' + end + end + end + + context 'with bio' do + let(:searchable_by) { nil } + + context 'with public' do + let(:sender_bio) { '#searchable_by_all_users' } + + it 'searchability is public' do + expect(subject.searchability).to eq 'public' + end + end + + context 'with private' do + let(:sender_bio) { '#searchable_by_followers_only' } + + it 'searchability is private' do + expect(subject.searchability).to eq 'private' + end + end + + context 'with direct' do + let(:sender_bio) { '#searchable_by_reacted_users_only' } + + it 'searchability is direct' do + expect(subject.searchability).to eq 'direct' + end + end + + context 'with limited' do + let(:sender_bio) { '#searchable_by_nobody' } + + it 'searchability is limited' do + expect(subject.searchability).to eq 'limited' + end + end + end + end + + context 'with subscription policy' do + subject { described_class.new.call('alice', 'example.com', payload) } + + let(:subscribable_by) { 'https://www.w3.org/ns/activitystreams#Public' } + let(:sender_bio) { '' } + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + followers: 'https://example.com/followers', + subscribableBy: subscribable_by, + summary: sender_bio, + actor_type: 'Person', + }.with_indifferent_access + end + + before do + stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(body: '{}') + stub_request(:get, 'https://example.com/followers').to_return(body: '[]') + end + + context 'when public' do + it 'subscription policy is allow' do + expect(subject.subscription_policy.to_s).to eq 'allow' + end + end + + context 'when private' do + let(:subscribable_by) { 'https://example.com/followers' } + + it 'subscription policy is followers_only' do + expect(subject.subscription_policy.to_s).to eq 'followers_only' + end + end + + context 'when empty' do + let(:subscribable_by) { '' } + + it 'subscription policy is block' do + expect(subject.subscription_policy.to_s).to eq 'block' + end + end + + context 'when default value' do + let(:subscribable_by) { nil } + + it 'subscription policy is allow' do + expect(subject.subscription_policy.to_s).to eq 'allow' + end + end + + context 'with bio' do + let(:subscribable_by) { nil } + + context 'with no-subscribe' do + let(:sender_bio) { '[subscribable:no]' } + + it 'subscription policy is block' do + expect(subject.subscription_policy.to_s).to eq 'block' + end + end + end + end + + context 'with property values, an avatar, and a profile header' do + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + attachment: [ + { type: 'PropertyValue', name: 'Pronouns', value: 'They/them' }, + { type: 'PropertyValue', name: 'Occupation', value: 'Unit test' }, + { type: 'PropertyValue', name: 'non-string', value: %w(foo bar) }, + ], + image: { + type: 'Image', + mediaType: 'image/png', + url: 'https://foo.test/image.png', + }, + icon: { + type: 'Image', + url: [ + { + mediaType: 'image/png', + href: 'https://foo.test/icon.png', + }, + ], + }, + }.with_indifferent_access + end + + before do + stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(body: '{}') + stub_request(:get, 'https://foo.test/image.png').to_return(request_fixture('avatar.txt')) + stub_request(:get, 'https://foo.test/icon.png').to_return(request_fixture('avatar.txt')) + end + + it 'parses property values, avatar and profile header as expected' do + account = subject.call('alice', 'example.com', payload) + + expect(account.fields) + .to be_an(Array) + .and have_attributes(size: 2) + expect(account.fields.first) + .to be_an(Account::Field) + .and have_attributes( + name: eq('Pronouns'), + value: eq('They/them') + ) + expect(account.fields.last) + .to be_an(Account::Field) + .and have_attributes( + name: eq('Occupation'), + value: eq('Unit test') + ) + expect(account).to have_attributes( + avatar_remote_url: 'https://foo.test/icon.png', + header_remote_url: 'https://foo.test/image.png' + ) + end + end + + context 'with other settings' do + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + otherSetting: [ + { type: 'PropertyValue', name: 'Pronouns', value: 'They/them' }, + { type: 'PropertyValue', name: 'Occupation', value: 'Unit test' }, + ], + }.with_indifferent_access + end + + before do + stub_request(:get, 'https://example.com/.well-known/nodeinfo').to_return(body: '{}') + end + + it 'parses out of attachment' do + account = subject.call('alice', 'example.com', payload) + expect(account.settings).to be_a Hash + expect(account.settings.size).to eq 2 + expect(account.settings['Pronouns']).to eq 'They/them' + expect(account.settings['Occupation']).to eq 'Unit test' + end + end + + context 'when account is using note contains ng words' do + subject { described_class.new.call(account.username, account.domain, payload) } + + let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com') } + + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + name: 'Ohagi', + }.with_indifferent_access + end + + it 'creates account when ng word is not set' do + Fabricate(:ng_word, keyword: 'Amazon', stranger: false) + subject + expect(account.reload.display_name).to eq 'Ohagi' + + history = NgwordHistory.find_by(uri: payload[:id]) + expect(history).to be_nil + end + + it 'does not create account when ng word is set' do + Fabricate(:ng_word, keyword: 'Ohagi', stranger: false) + subject + expect(account.reload.display_name).to_not eq 'Ohagi' + + history = NgwordHistory.find_by(uri: payload[:id]) + expect(history).to_not be_nil + expect(history.account_name_blocked?).to be true + expect(history.within_ng_words?).to be true + expect(history.keyword).to eq 'Ohagi' + end + end + + context 'with attribution domains' do + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + attributionDomains: [ + 'example.com', + ], + }.with_indifferent_access + end + + it 'parses attribution domains' do + account = subject.call('alice', 'example.com', payload) + + expect(account.attribution_domains) + .to match_array(%w(example.com)) + end + end + + context 'when account is not suspended' do + subject { described_class.new.call(account.username, account.domain, payload) } + + let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com') } + + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + suspended: true, + }.with_indifferent_access + end + + before do + allow(Admin::SuspensionWorker).to receive(:perform_async) + end + + it 'suspends account remotely' do + expect(subject.suspended?).to be true + expect(subject.suspension_origin_remote?).to be true + end + + it 'queues suspension worker' do + subject + expect(Admin::SuspensionWorker).to have_received(:perform_async) + end + end + + context 'when account is suspended' do + subject { described_class.new.call('alice', 'example.com', payload) } + + let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com', display_name: '') } + + let(:payload) do + { + id: 'https://foo.test', + type: 'Actor', + inbox: 'https://foo.test/inbox', + suspended: false, + name: 'Hoge', + }.with_indifferent_access + end + + before do + allow(Admin::UnsuspensionWorker).to receive(:perform_async) + + account.suspend!(origin: suspension_origin) + end + + context 'when locally' do + let(:suspension_origin) { :local } + + it 'does not unsuspend it' do + expect(subject.suspended?).to be true + end + + it 'does not update any attributes' do + expect(subject.display_name).to_not eq 'Hoge' + end + end + + context 'when remotely' do + let(:suspension_origin) { :remote } + + it 'unsuspends it' do + expect(subject.suspended?).to be false + end + + it 'queues unsuspension worker' do + subject + expect(Admin::UnsuspensionWorker).to have_received(:perform_async) + end + + it 'updates attributes' do + expect(subject.display_name).to eq 'Hoge' + end + end + end + + context 'when discovering many subdomains in a short timeframe' do + subject do + 8.times do |i| + domain = "test#{i}.testdomain.com" + json = { + id: "https://#{domain}/users/1", + type: 'Actor', + inbox: "https://#{domain}/inbox", + }.with_indifferent_access + described_class.new.call('alice', domain, json) + end + end + + before do + stub_const 'ActivityPub::ProcessAccountService::SUBDOMAINS_RATELIMIT', 5 + 8.times do |i| + stub_request(:get, "https://test#{i}.testdomain.com/.well-known/nodeinfo").to_return(body: '{}') + end + end + + it 'creates accounts without exceeding rate limit' do + expect { subject } + .to create_some_remote_accounts + .and create_fewer_than_rate_limit_accounts + end + end + + context 'when Accounts referencing other accounts' do + let(:payload) do + { + '@context': ['https://www.w3.org/ns/activitystreams'], + id: 'https://foo.test/users/1', + type: 'Person', + inbox: 'https://foo.test/inbox', + featured: 'https://foo.test/users/1/featured', + preferredUsername: 'user1', + }.with_indifferent_access + end + + before do + stub_const 'ActivityPub::ProcessAccountService::DISCOVERIES_PER_REQUEST', 5 + + 8.times do |i| + actor_json = { + '@context': ['https://www.w3.org/ns/activitystreams'], + id: "https://foo.test/users/#{i}", + type: 'Person', + inbox: 'https://foo.test/inbox', + featured: "https://foo.test/users/#{i}/featured", + preferredUsername: "user#{i}", + }.with_indifferent_access + status_json = { + '@context': ['https://www.w3.org/ns/activitystreams'], + id: "https://foo.test/users/#{i}/status", + attributedTo: "https://foo.test/users/#{i}", + type: 'Note', + content: "@user#{i + 1} test", + tag: [ + { + type: 'Mention', + href: "https://foo.test/users/#{i + 1}", + name: "@user#{i + 1}", + }, + ], + to: ['as:Public', "https://foo.test/users/#{i + 1}"], + }.with_indifferent_access + featured_json = { + '@context': ['https://www.w3.org/ns/activitystreams'], + id: "https://foo.test/users/#{i}/featured", + type: 'OrderedCollection', + totalItems: 1, + orderedItems: [status_json], + }.with_indifferent_access + webfinger = { + subject: "acct:user#{i}@foo.test", + links: [{ rel: 'self', href: "https://foo.test/users/#{i}", type: 'application/activity+json' }], + }.with_indifferent_access + stub_request(:get, "https://foo.test/users/#{i}").to_return(status: 200, body: actor_json.to_json, headers: { 'Content-Type': 'application/activity+json' }) + stub_request(:get, "https://foo.test/users/#{i}/featured").to_return(status: 200, body: featured_json.to_json, headers: { 'Content-Type': 'application/activity+json' }) + stub_request(:get, "https://foo.test/users/#{i}/status").to_return(status: 200, body: status_json.to_json, headers: { 'Content-Type': 'application/activity+json' }) + stub_request(:get, "https://foo.test/.well-known/webfinger?resource=acct:user#{i}@foo.test").to_return(body: webfinger.to_json, headers: { 'Content-Type': 'application/jrd+json' }) + stub_request(:get, 'https://foo.test/.well-known/nodeinfo').to_return(body: '{}') + end + end + + it 'creates accounts without exceeding rate limit', :inline_jobs do + expect { subject.call('user1', 'foo.test', payload) } + .to create_some_remote_accounts + .and create_fewer_than_rate_limit_accounts + end + end + + private + + def create_some_remote_accounts + change(Account.remote, :count).by_at_least(2) + end + + def create_fewer_than_rate_limit_accounts + change(Account.remote, :count).by_at_most(5) + end +end