Ignore some messages at inbox view time

This commit is contained in:
Andrew Godwin 2023-11-12 12:09:09 -07:00
parent d815aa53e1
commit 95089c0c61
2 changed files with 64 additions and 3 deletions

View File

@ -1,5 +1,7 @@
import pytest import pytest
from users.models import InboxMessage
@pytest.mark.django_db @pytest.mark.django_db
def test_webfinger_actor(client, identity): def test_webfinger_actor(client, identity):
@ -59,5 +61,54 @@ def test_delete_unknown_actor(client, identity):
resp = client.post( resp = client.post(
identity.inbox_uri, data=data, content_type="application/activity+json" identity.inbox_uri, data=data, content_type="application/activity+json"
) )
print(resp.content) assert resp.status_code == 202
@pytest.mark.django_db
def test_ignore_lemmy(client, identity):
"""
Tests that message types we know we cannot handle are ignored immediately
"""
data = {
"cc": "https://lemmy.ml/c/asklemmy/followers",
"id": "https://lemmy.ml/activities/announce/12345",
"to": "as:Public",
"type": "Announce",
"actor": "https://lemmy.ml/c/asklemmy",
"object": {
"id": "https://lemmy.world/activities/like/12345",
"type": "Like",
"actor": "https://lemmy.world/u/Nobody",
"object": "https://sopuli.xyz/comment/12345",
"audience": "https://lemmy.ml/c/asklemmy",
},
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1",
{
"pt": "https://joinpeertube.org/ns#",
"sc": "http://schema.org/",
"lemmy": "https://join-lemmy.org/ns#",
"expires": "as:endTime",
"litepub": "http://litepub.social/ns#",
"language": "sc:inLanguage",
"stickied": "lemmy:stickied",
"sensitive": "as:sensitive",
"identifier": "sc:identifier",
"moderators": {"@id": "lemmy:moderators", "@type": "@id"},
"removeData": "lemmy:removeData",
"ChatMessage": "litepub:ChatMessage",
"matrixUserId": "lemmy:matrixUserId",
"distinguished": "lemmy:distinguished",
"commentsEnabled": "pt:commentsEnabled",
"postingRestrictedToMods": "lemmy:postingRestrictedToMods",
},
"https://w3id.org/security/v1",
],
}
num_inbox_messages = InboxMessage.objects.count()
resp = client.post(
identity.inbox_uri, data=data, content_type="application/activity+json"
)
assert num_inbox_messages == InboxMessage.objects.count()
assert resp.status_code == 202 assert resp.status_code == 202

View File

@ -138,6 +138,11 @@ class Inbox(View):
return HttpResponseBadRequest("Payload size too large") return HttpResponseBadRequest("Payload size too large")
# Load the LD # Load the LD
document = canonicalise(json.loads(request.body), include_security=True) document = canonicalise(json.loads(request.body), include_security=True)
document_type = document["type"]
document_subtype = None
if isinstance(document.get("object"), dict):
document_subtype = document["object"].get("type")
# Find the Identity by the actor on the incoming item # Find the Identity by the actor on the incoming item
# This ensures that the signature used for the headers matches the actor # This ensures that the signature used for the headers matches the actor
# described in the payload. # described in the payload.
@ -147,7 +152,7 @@ class Inbox(View):
identity = Identity.by_actor_uri(document["actor"], create=True, transient=True) identity = Identity.by_actor_uri(document["actor"], create=True, transient=True)
if ( if (
document["type"] == "Delete" document_type == "Delete"
and document["actor"] == document["object"] and document["actor"] == document["object"]
and identity._state.adding and identity._state.adding
): ):
@ -169,6 +174,11 @@ class Inbox(View):
) )
return HttpResponse(status=202) return HttpResponse(status=202)
# See if it's a type of message we know we want to ignore right now
# (e.g. Lemmy likes/dislikes, which we can't process anyway)
if document_type == "Announce" and document_subtype in ["Like", "Dislike"]:
return HttpResponse(status=202)
# authenticate HTTP signature first, if one is present and the actor # authenticate HTTP signature first, if one is present and the actor
# is already known to us. An invalid signature is an error and message # is already known to us. An invalid signature is an error and message
# should be discarded. NOTE: for previously unknown actors, we # should be discarded. NOTE: for previously unknown actors, we
@ -182,7 +192,7 @@ class Inbox(View):
) )
logging.debug( logging.debug(
"Inbox: %s from %s has good HTTP signature", "Inbox: %s from %s has good HTTP signature",
document["type"], document_type,
identity, identity,
) )
else: else: