tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow inbox owner to view implicitly targeted ActivityPub payload (#9093)

Browse Source 
Fix #9091
This commit is contained in:
Eugen Rochko
2018-10-25 18:12:22 +02:00
committed by GitHub
parent b9d7021c1b
commit d4cf963749
3 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/activitypub/inboxes_controller.rb
View File

@@ -36,6 +36,6 @@ class ActivityPub::InboxesController < Api::BaseController
end
def process_payload
ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'))
ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id)
end
end

13
app/lib/activitypub/activity/create.rb
View File

@@ -81,11 +81,22 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
@mentions << Mention.new(account: account, silent: true)
# If there is at least one silent mention, then the status can be considered
# as a limited-audience status, and not strictly a direct message
# as a limited-audience status, and not strictly a direct message, but only
# if we considered a direct message in the first place
next unless @params[:visibility] == :direct
@params[:visibility] = :limited
end
# If the payload was delivered to a specific inbox, the inbox owner must have
# access to it, unless they already have access to it anyway
return if @options[:delivered_to_account_id].nil? || @mentions.any? { mention.account_id == @options[:delivered_to_account_id] }
@mentions << Mention.new(account_id: @options[:delivered_to_account_id], silent: true)
return unless @param[:visibility] == :direct
@params[:visibility] = :limited
end
def attach_tags(status)

4
app/workers/activitypub/processing_worker.rb
View File

@@ -5,7 +5,7 @@ class ActivityPub::ProcessingWorker
sidekiq_options backtrace: true
def perform(account_id, body)
ActivityPub::ProcessCollectionService.new.call(body, Account.find(account_id), override_timestamps: true)
def perform(account_id, body, delivered_to_account_id = nil)
ActivityPub::ProcessCollectionService.new.call(body, Account.find(account_id), override_timestamps: true, delivered_to_account_id: delivered_to_account_id)
end
end