Add stricter protocol fields validation for accounts (#25937)

spec/lib/account_reach_finder_spec.rb

@@ -5,15 +5,15 @@ require 'rails_helper'
 RSpec.describe AccountReachFinder do
   let(:account) { Fabricate(:account) }
 
-  let(:ap_follower_example_com) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/inbox-1') }
-  let(:ap_follower_example_org) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.org/inbox-2') }
-  let(:ap_follower_with_shared) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://foo.bar/users/a/inbox', shared_inbox_url: 'https://foo.bar/inbox') }
+  let(:ap_follower_example_com) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/inbox-1', domain: 'example.com') }
+  let(:ap_follower_example_org) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.org/inbox-2', domain: 'example.org') }
+  let(:ap_follower_with_shared) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://foo.bar/users/a/inbox', domain: 'foo.bar', shared_inbox_url: 'https://foo.bar/inbox') }
 
-  let(:ap_mentioned_with_shared) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://foo.bar/users/b/inbox', shared_inbox_url: 'https://foo.bar/inbox') }
-  let(:ap_mentioned_example_com) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/inbox-3') }
-  let(:ap_mentioned_example_org) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.org/inbox-4') }
+  let(:ap_mentioned_with_shared) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://foo.bar/users/b/inbox', domain: 'foo.bar', shared_inbox_url: 'https://foo.bar/inbox') }
+  let(:ap_mentioned_example_com) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/inbox-3', domain: 'example.com') }
+  let(:ap_mentioned_example_org) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.org/inbox-4', domain: 'example.org') }
 
-  let(:unrelated_account) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/unrelated-inbox') }
+  let(:unrelated_account) { Fabricate(:account, protocol: :activitypub, inbox_url: 'https://example.com/unrelated-inbox', domain: 'example.com') }
 
   before do
     ap_follower_example_com.follow!(account)

spec/lib/activitypub/activity/announce_spec.rb

@@ -5,7 +5,7 @@ require 'rails_helper'
 RSpec.describe ActivityPub::Activity::Announce do
   subject { described_class.new(json, sender) }
 
-  let(:sender)    { Fabricate(:account, followers_url: 'http://example.com/followers', uri: 'https://example.com/actor') }
+  let(:sender)    { Fabricate(:account, followers_url: 'http://example.com/followers', uri: 'https://example.com/actor', domain: 'example.com') }
   let(:recipient) { Fabricate(:account) }
   let(:status)    { Fabricate(:status, account: recipient) }
 
@@ -114,7 +114,7 @@ RSpec.describe ActivityPub::Activity::Announce do
     context 'when the sender is relayed' do
       subject { described_class.new(json, sender, relayed_through_actor: relay_account) }
 
-      let!(:relay_account) { Fabricate(:account, inbox_url: 'https://relay.example.com/inbox') }
+      let!(:relay_account) { Fabricate(:account, inbox_url: 'https://relay.example.com/inbox', domain: 'relay.example.com') }
       let!(:relay) { Fabricate(:relay, inbox_url: 'https://relay.example.com/inbox') }
 
       let(:object_json) { 'https://example.com/actor/hello-world' }

spec/lib/activitypub/activity/update_spec.rb

@@ -5,22 +5,38 @@ require 'rails_helper'
 RSpec.describe ActivityPub::Activity::Update do
   subject { described_class.new(json, sender) }
 
-  let!(:sender) { Fabricate(:account) }
-
-  before do
-    sender.update!(uri: ActivityPub::TagManager.instance.uri_for(sender))
-  end
+  let!(:sender) { Fabricate(:account, domain: 'example.com', inbox_url: 'https://example.com/foo/inbox', outbox_url: 'https://example.com/foo/outbox') }
 
   describe '#perform' do
     context 'with an Actor object' do
-      let(:modified_sender) do
-        sender.tap do |modified_sender|
-          modified_sender.display_name = 'Totally modified now'
-        end
-      end
-
       let(:actor_json) do
-        ActiveModelSerializers::SerializableResource.new(modified_sender, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter).as_json
+        {
+          '@context': [
+            'https://www.w3.org/ns/activitystreams',
+            'https://w3id.org/security/v1',
+            {
+              manuallyApprovesFollowers: 'as:manuallyApprovesFollowers',
+              toot: 'http://joinmastodon.org/ns#',
+              featured: { '@id': 'toot:featured', '@type': '@id' },
+              featuredTags: { '@id': 'toot:featuredTags', '@type': '@id' },
+            },
+          ],
+          id: sender.uri,
+          type: 'Person',
+          following: 'https://example.com/users/dfsdf/following',
+          followers: 'https://example.com/users/dfsdf/followers',
+          inbox: sender.inbox_url,
+          outbox: sender.outbox_url,
+          featured: 'https://example.com/users/dfsdf/featured',
+          featuredTags: 'https://example.com/users/dfsdf/tags',
+          preferredUsername: sender.username,
+          name: 'Totally modified now',
+          publicKey: {
+            id: "#{sender.uri}#main-key",
+            owner: sender.uri,
+            publicKeyPem: sender.public_key,
+          },
+        }
       end
 
       let(:json) do
@@ -28,7 +44,7 @@ RSpec.describe ActivityPub::Activity::Update do
           '@context': 'https://www.w3.org/ns/activitystreams',
           id: 'foo',
           type: 'Update',
-          actor: ActivityPub::TagManager.instance.uri_for(sender),
+          actor: sender.uri,
           object: actor_json,
         }.with_indifferent_access
       end
@@ -38,6 +54,7 @@ RSpec.describe ActivityPub::Activity::Update do
         stub_request(:get, actor_json[:followers]).to_return(status: 404)
         stub_request(:get, actor_json[:following]).to_return(status: 404)
         stub_request(:get, actor_json[:featured]).to_return(status: 404)
+        stub_request(:get, actor_json[:featuredTags]).to_return(status: 404)
 
         subject.perform
       end
@@ -49,17 +66,17 @@ RSpec.describe ActivityPub::Activity::Update do
 
     context 'with a Question object' do
       let!(:at_time) { Time.now.utc }
-      let!(:status) { Fabricate(:status, account: sender, poll: Poll.new(account: sender, options: %w(Bar Baz), cached_tallies: [0, 0], expires_at: at_time + 5.days)) }
+      let!(:status) { Fabricate(:status, uri: 'https://example.com/statuses/poll', account: sender, poll: Poll.new(account: sender, options: %w(Bar Baz), cached_tallies: [0, 0], expires_at: at_time + 5.days)) }
 
       let(:json) do
         {
           '@context': 'https://www.w3.org/ns/activitystreams',
           id: 'foo',
           type: 'Update',
-          actor: ActivityPub::TagManager.instance.uri_for(sender),
+          actor: sender.uri,
           object: {
             type: 'Question',
-            id: ActivityPub::TagManager.instance.uri_for(status),
+            id: status.uri,
             content: 'Foo',
             endTime: (at_time + 5.days).iso8601,
             oneOf: [

spec/lib/activitypub/linked_data_signature_spec.rb

@@ -7,7 +7,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
 
   subject { described_class.new(json) }
 
-  let!(:sender) { Fabricate(:account, uri: 'http://example.com/alice') }
+  let!(:sender) { Fabricate(:account, uri: 'http://example.com/alice', domain: 'example.com') }
 
   let(:raw_json) do
     {

spec/lib/activitypub/tag_manager_spec.rb

@@ -139,7 +139,7 @@ RSpec.describe ActivityPub::TagManager do
     end
 
     it 'returns the remote account by matching URI without fragment part' do
-      account = Fabricate(:account, uri: 'https://example.com/123')
+      account = Fabricate(:account, uri: 'https://example.com/123', domain: 'example.com')
       expect(subject.uri_to_resource('https://example.com/123#456', Account)).to eq account
     end