Skip to content

Commit

Permalink
Add logging for rejected ActivityPub payloads and add tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@Gargron
Gargron committed Feb 16, 2019
1 parent 041ff5f commit 76f2228
Show file tree
Hide file tree
Showing 5 changed files with 525 additions and 313 deletions.
5 changes: 5 additions & 0 deletions app/lib/activitypub/activity.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,4 +180,9 @@ def followed_by_local_accounts?
def requested_through_relay?
@options[:relayed_through_account] && Relay.find_by(inbox_url: @options[:relayed_through_account].inbox_url)&.enabled?
end

def reject_payload!
Rails.logger.info("Rejected #{@json['type']} activity #{@json['id']} from #{@account.uri}#{@options[:relayed_through_account] && "via #{@options[:relayed_through_account].uri}"}")
nil
end
end
4 changes: 3 additions & 1 deletion app/lib/activitypub/activity/announce.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@

class ActivityPub::Activity::Announce < ActivityPub::Activity
def perform
return reject_payload! if delete_arrived_first?(@json['id']) || !related_to_local_activity?

original_status = status_from_object

return if original_status.nil? || delete_arrived_first?(@json['id']) || !announceable?(original_status) || !related_to_local_activity?
return reject_payload! if original_status.nil? || !announceable?(original_status)

status = Status.find_by(account: @account, reblog: original_status)

Expand Down
2 changes: 1 addition & 1 deletion app/lib/activitypub/activity/create.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

class ActivityPub::Activity::Create < ActivityPub::Activity
def perform
return if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?
return reject_payload! if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?

RedisLock.acquire(lock_options) do |lock|
if lock.acquired?
Expand Down
117 changes: 99 additions & 18 deletions spec/lib/activitypub/activity/announce_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,63 @@
subject { described_class.new(json, sender) }

before do
Fabricate(:account).follow!(sender)
sender.update(uri: ActivityPub::TagManager.instance.uri_for(sender))
end

describe '#perform' do
before do
subject.perform
context 'when sender is followed by a local account' do
before do
Fabricate(:account).follow!(sender)
subject.perform
end

context 'a known status' do
let(:object_json) do
ActivityPub::TagManager.instance.uri_for(status)
end

it 'creates a reblog by sender of status' do
expect(sender.reblogged?(status)).to be true
end
end

context 'self-boost of a previously unknown status with missing attributedTo' do
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end

it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
end
end

context 'self-boost of a previously unknown status with correct attributedTo' do
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
to: 'http://example.com/followers',
}
end

it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
end
end
end

context 'a known status' do
context 'when the status belongs to a local user' do
before do
subject.perform
end

let(:object_json) do
ActivityPub::TagManager.instance.uri_for(status)
end
Expand All @@ -37,34 +84,68 @@
end
end

context 'self-boost of a previously unknown status with missing attributedTo' do
let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
context 'when the sender is relayed' do
let!(:relay_account) { Fabricate(:account, inbox_url: 'https://relay.example.com/inbox') }
let!(:relay) { Fabricate(:relay, inbox_url: 'https://relay.example.com/inbox') }

subject { described_class.new(json, sender, relayed_through_account: relay_account) }

context 'and the relay is enabled' do
before do
relay.update(state: :accepted)
subject.perform
end

let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end

it 'creates a reblog by sender of status' do
expect(sender.statuses.count).to eq 2
end
end

it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
context 'and the relay is disabled' do
before do
subject.perform
end

let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
to: 'http://example.com/followers',
}
end

it 'does not create anything' do
expect(sender.statuses.count).to eq 0
end
end
end

context 'self-boost of a previously unknown status with correct attributedTo' do
context 'when the sender has no relevance to local activity' do
before do
subject.perform
end

let(:object_json) do
{
id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
type: 'Note',
content: 'Lorem ipsum',
attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
to: 'http://example.com/followers',
}
end

it 'creates a reblog by sender of status' do
expect(sender.reblogged?(sender.statuses.first)).to be true
it 'does not create anything' do
expect(sender.statuses.count).to eq 0
end
end
end
Expand Down
Loading

0 comments on commit 76f2228

Please sign in to comment.