spec(ActivityPub): 個別ユーザーのinboxに届いた限定公開のPostはそのユーザーに閲覧権限があると見なす (MisskeyIO#361)
This commit is contained in:
parent
fd0966bc8c
commit
83bf53c600
@ -715,6 +715,46 @@ export class NoteCreateService implements OnApplicationShutdown {
|
||||
this.index(note);
|
||||
}
|
||||
|
||||
@bindThis
|
||||
public async appendNoteVisibleUser(user: {
|
||||
id: MiUser['id'];
|
||||
username: MiUser['username'];
|
||||
host: MiUser['host'];
|
||||
isBot: MiUser['isBot'];
|
||||
isCat: MiUser['isCat'];
|
||||
}, note: MiNote, additionalUserId: MiLocalUser['id']) {
|
||||
if (note.visibility !== 'specified') return;
|
||||
if (note.visibleUserIds.includes(additionalUserId)) return;
|
||||
|
||||
const additionalUser = await this.usersRepository.findOneByOrFail({ id: additionalUserId, host: IsNull() });
|
||||
|
||||
// ノートのvisibleUserIdsを更新
|
||||
await this.notesRepository.update(note.id, {
|
||||
visibleUserIds: () => `array_append("visibleUserIds", '${additionalUser.id}')`,
|
||||
});
|
||||
|
||||
// 新しい対象ユーザーにだけ処理が行われるようにする
|
||||
note.visibleUserIds = [additionalUser.id];
|
||||
|
||||
// FanoutTimelineに追加
|
||||
this.pushToTl(note, user);
|
||||
|
||||
// 未読として追加
|
||||
this.noteReadService.insertNoteUnread(additionalUser.id, note, {
|
||||
isSpecified: true,
|
||||
isMentioned: false,
|
||||
});
|
||||
|
||||
// ストリームに流す
|
||||
const noteObj = await this.noteEntityService.pack(note, null, { skipHide: true, withReactionAndUserPairCache: true });
|
||||
this.globalEventService.publishNotesStream(noteObj);
|
||||
|
||||
// 通知を作成
|
||||
const nm = new NotificationManager(this.mutingsRepository, this.notificationService, user, note);
|
||||
await this.createMentionedEvents([additionalUser], note, nm);
|
||||
nm.notify();
|
||||
}
|
||||
|
||||
@bindThis
|
||||
private isQuote(note: Option): note is Option & { renote: MiNote } {
|
||||
// sync with misc/is-quote.ts
|
||||
|
@ -97,7 +97,7 @@ export class PollService {
|
||||
if (note.localOnly) return;
|
||||
|
||||
const user = await this.usersRepository.findOneBy({ id: note.userId });
|
||||
if (user == null) throw new Error('note not found');
|
||||
if (user == null) throw new Error('user not found');
|
||||
|
||||
if (this.userEntityService.isLocalUser(user)) {
|
||||
const content = this.apRendererService.addContext(this.apRendererService.renderUpdate(await this.apRendererService.renderNote(note, false), user));
|
||||
|
@ -137,8 +137,9 @@ export class QueueService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
public inbox(activity: IActivity, signature: httpSignature.IParsedSignature) {
|
||||
public inbox(user: ThinUser | null, activity: IActivity, signature: httpSignature.IParsedSignature) {
|
||||
const data = {
|
||||
user: user ?? undefined,
|
||||
activity: activity,
|
||||
signature,
|
||||
};
|
||||
|
@ -26,7 +26,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||
import { QueueService } from '@/core/QueueService.js';
|
||||
import type { UsersRepository, NotesRepository, FollowingsRepository, AbuseUserReportsRepository, FollowRequestsRepository } from '@/models/_.js';
|
||||
import { bindThis } from '@/decorators.js';
|
||||
import type { MiRemoteUser } from '@/models/User.js';
|
||||
import type { MiLocalUser, MiRemoteUser } from '@/models/User.js';
|
||||
import { getApHrefNullable, getApId, getApIds, getApType, isAccept, isActor, isAdd, isAnnounce, isBlock, isCollection, isCollectionOrOrderedCollection, isCreate, isDelete, isFlag, isFollow, isLike, isMove, isPost, isReject, isRemove, isTombstone, isUndo, isUpdate, validActor, validPost } from './type.js';
|
||||
import { ApNoteService } from './models/ApNoteService.js';
|
||||
import { ApLoggerService } from './ApLoggerService.js';
|
||||
@ -87,13 +87,13 @@ export class ApInboxService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
public async performActivity(actor: MiRemoteUser, activity: IObject): Promise<void> {
|
||||
public async performActivity(actor: MiRemoteUser, activity: IObject, additionalTo?: MiLocalUser['id']): Promise<void> {
|
||||
if (isCollectionOrOrderedCollection(activity)) {
|
||||
const resolver = this.apResolverService.createResolver();
|
||||
for (const item of toArray(isCollection(activity) ? activity.items : activity.orderedItems)) {
|
||||
const act = await resolver.resolve(item);
|
||||
try {
|
||||
await this.performOneActivity(actor, act);
|
||||
await this.performOneActivity(actor, act, additionalTo);
|
||||
} catch (err) {
|
||||
if (err instanceof Error || typeof err === 'string') {
|
||||
this.logger.error(err);
|
||||
@ -103,7 +103,7 @@ export class ApInboxService {
|
||||
}
|
||||
}
|
||||
} else {
|
||||
await this.performOneActivity(actor, activity);
|
||||
await this.performOneActivity(actor, activity, additionalTo);
|
||||
}
|
||||
|
||||
// ついでにリモートユーザーの情報が古かったら更新しておく
|
||||
@ -117,15 +117,15 @@ export class ApInboxService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
public async performOneActivity(actor: MiRemoteUser, activity: IObject): Promise<void> {
|
||||
public async performOneActivity(actor: MiRemoteUser, activity: IObject, additionalTo?: MiLocalUser['id']): Promise<void> {
|
||||
if (actor.isSuspended) return;
|
||||
|
||||
if (isCreate(activity)) {
|
||||
await this.create(actor, activity);
|
||||
await this.create(actor, activity, additionalTo);
|
||||
} else if (isDelete(activity)) {
|
||||
await this.delete(actor, activity);
|
||||
} else if (isUpdate(activity)) {
|
||||
await this.update(actor, activity);
|
||||
await this.update(actor, activity, additionalTo);
|
||||
} else if (isFollow(activity)) {
|
||||
await this.follow(actor, activity);
|
||||
} else if (isAccept(activity)) {
|
||||
@ -346,7 +346,7 @@ export class ApInboxService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
private async create(actor: MiRemoteUser, activity: ICreate): Promise<void> {
|
||||
private async create(actor: MiRemoteUser, activity: ICreate, additionalTo?: MiLocalUser['id']): Promise<void> {
|
||||
const uri = getApId(activity);
|
||||
|
||||
this.logger.info(`Create: ${uri}`);
|
||||
@ -375,14 +375,14 @@ export class ApInboxService {
|
||||
});
|
||||
|
||||
if (isPost(object)) {
|
||||
await this.createNote(resolver, actor, object, false, activity);
|
||||
await this.createNote(resolver, actor, object, false, activity, additionalTo);
|
||||
} else {
|
||||
this.logger.warn(`Unknown type: ${getApType(object)}`);
|
||||
}
|
||||
}
|
||||
|
||||
@bindThis
|
||||
private async createNote(resolver: Resolver, actor: MiRemoteUser, note: IObject, silent = false, activity?: ICreate): Promise<string> {
|
||||
private async createNote(resolver: Resolver, actor: MiRemoteUser, note: IObject, silent = false, activity?: ICreate, additionalTo?: MiLocalUser['id']): Promise<string> {
|
||||
const uri = getApId(note);
|
||||
|
||||
if (typeof note === 'object') {
|
||||
@ -401,9 +401,14 @@ export class ApInboxService {
|
||||
|
||||
try {
|
||||
const exist = await this.apNoteService.fetchNote(note);
|
||||
if (exist) return 'skip: note exists';
|
||||
if (additionalTo && exist && !await this.noteEntityService.isVisibleForMe(exist, additionalTo)) {
|
||||
await this.noteCreateService.appendNoteVisibleUser(actor, exist, additionalTo);
|
||||
return 'ok: note visible user appended';
|
||||
} else if (exist) {
|
||||
return 'skip: note exists';
|
||||
}
|
||||
|
||||
await this.apNoteService.createNote(note, resolver, silent);
|
||||
await this.apNoteService.createNote(note, resolver, silent, additionalTo);
|
||||
return 'ok';
|
||||
} catch (err) {
|
||||
if (err instanceof StatusError && !err.isRetryable) {
|
||||
@ -731,7 +736,7 @@ export class ApInboxService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
private async update(actor: MiRemoteUser, activity: IUpdate): Promise<string> {
|
||||
private async update(actor: MiRemoteUser, activity: IUpdate, additionalTo?: MiLocalUser['id']): Promise<string> {
|
||||
if (actor.uri !== activity.actor) {
|
||||
return 'skip: invalid actor';
|
||||
}
|
||||
@ -751,6 +756,27 @@ export class ApInboxService {
|
||||
} else if (getApType(object) === 'Question') {
|
||||
await this.apQuestionService.updateQuestion(object, resolver).catch(err => this.logger.error(`err: failed to update question: ${err}`, { error: err }));
|
||||
return 'ok: Question updated';
|
||||
} else if (additionalTo && isPost(object)) {
|
||||
const uri = getApId(object);
|
||||
const unlock = await this.appLockService.getApLock(uri);
|
||||
|
||||
try {
|
||||
const exist = await this.apNoteService.fetchNote(object);
|
||||
if (exist && !await this.noteEntityService.isVisibleForMe(exist, additionalTo)) {
|
||||
await this.noteCreateService.appendNoteVisibleUser(actor, exist, additionalTo);
|
||||
return 'ok: note visible user appended';
|
||||
} else {
|
||||
return 'skip: nothing to do';
|
||||
}
|
||||
} catch (err) {
|
||||
if (err instanceof StatusError && !err.isRetryable) {
|
||||
return `skip ${err.statusCode}`;
|
||||
} else {
|
||||
throw err;
|
||||
}
|
||||
} finally {
|
||||
unlock();
|
||||
}
|
||||
} else {
|
||||
return `skip: Unknown type: ${getApType(object)}`;
|
||||
}
|
||||
|
@ -5,11 +5,11 @@
|
||||
|
||||
import { forwardRef, Inject, Injectable } from '@nestjs/common';
|
||||
import promiseLimit from 'promise-limit';
|
||||
import { In } from 'typeorm';
|
||||
import { In, IsNull } from 'typeorm';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import type { PollsRepository, EmojisRepository } from '@/models/_.js';
|
||||
import type { UsersRepository, PollsRepository, EmojisRepository } from '@/models/_.js';
|
||||
import type { Config } from '@/config.js';
|
||||
import type { MiRemoteUser } from '@/models/User.js';
|
||||
import type { MiLocalUser, MiRemoteUser } from '@/models/User.js';
|
||||
import type { MiNote } from '@/models/Note.js';
|
||||
import { toArray, toSingle, unique } from '@/misc/prelude/array.js';
|
||||
import type { MiEmoji } from '@/models/Emoji.js';
|
||||
@ -46,6 +46,9 @@ export class ApNoteService {
|
||||
@Inject(DI.config)
|
||||
private config: Config,
|
||||
|
||||
@Inject(DI.usersRepository)
|
||||
private usersRepository: UsersRepository,
|
||||
|
||||
@Inject(DI.pollsRepository)
|
||||
private pollsRepository: PollsRepository,
|
||||
|
||||
@ -113,7 +116,7 @@ export class ApNoteService {
|
||||
* Noteを作成します。
|
||||
*/
|
||||
@bindThis
|
||||
public async createNote(value: string | IObject, resolver?: Resolver, silent = false): Promise<MiNote | null> {
|
||||
public async createNote(value: string | IObject, resolver?: Resolver, silent = false, additionalTo?: MiLocalUser['id']): Promise<MiNote | null> {
|
||||
// eslint-disable-next-line no-param-reassign
|
||||
if (resolver == null) resolver = this.apResolverService.createResolver();
|
||||
|
||||
@ -163,6 +166,13 @@ export class ApNoteService {
|
||||
let visibility = noteAudience.visibility;
|
||||
const visibleUsers = noteAudience.visibleUsers;
|
||||
|
||||
if (additionalTo) {
|
||||
const additionalUser = await this.usersRepository.findOneBy({ id: additionalTo, host: IsNull() });
|
||||
if (additionalUser && !visibleUsers.some(x => x.id === additionalUser.id)) {
|
||||
visibleUsers.push(additionalUser);
|
||||
}
|
||||
}
|
||||
|
||||
// Audience (to, cc) が指定されてなかった場合
|
||||
if (visibility === 'specified' && visibleUsers.length === 0) {
|
||||
if (typeof value === 'string') { // 入力がstringならばresolverでGETが発生している
|
||||
|
@ -180,7 +180,7 @@ export class InboxProcessorService {
|
||||
});
|
||||
|
||||
// アクティビティを処理
|
||||
await this.apInboxService.performActivity(authUser.user, activity);
|
||||
await this.apInboxService.performActivity(authUser.user, activity, job.data.user?.id);
|
||||
return 'ok';
|
||||
}
|
||||
}
|
||||
|
@ -26,6 +26,7 @@ export type DeliverJobData = {
|
||||
};
|
||||
|
||||
export type InboxJobData = {
|
||||
user?: ThinUser;
|
||||
activity: IActivity;
|
||||
signature: httpSignature.IParsedSignature;
|
||||
};
|
||||
|
@ -100,7 +100,8 @@ export class ActivityPubServerService {
|
||||
}
|
||||
|
||||
@bindThis
|
||||
private inbox(request: FastifyRequest, reply: FastifyReply) {
|
||||
private async inbox(request: FastifyRequest, reply: FastifyReply) {
|
||||
const userId = (request.params as { user: string; } | undefined)?.user;
|
||||
let signature;
|
||||
|
||||
try {
|
||||
@ -162,14 +163,23 @@ export class ActivityPubServerService {
|
||||
}
|
||||
}
|
||||
|
||||
const user = userId ? await this.usersRepository.findOneBy({
|
||||
id: userId,
|
||||
host: IsNull(),
|
||||
}) : null;
|
||||
|
||||
if (userId && user == null) {
|
||||
reply.code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
const activity = request.body as IActivity;
|
||||
if (!activity.type || !signature.keyId) {
|
||||
reply.code(400);
|
||||
return;
|
||||
}
|
||||
|
||||
this.queueService.inbox(activity, signature);
|
||||
|
||||
await this.queueService.inbox(user, activity, signature);
|
||||
reply.code(202);
|
||||
}
|
||||
|
||||
@ -553,7 +563,7 @@ export class ActivityPubServerService {
|
||||
//#region Routing
|
||||
// inbox (limit: 64kb)
|
||||
fastify.post('/inbox', { config: { rawBody: true }, bodyLimit: 1024 * 64 }, async (request, reply) => await this.inbox(request, reply));
|
||||
fastify.post('/users/:user/inbox', { config: { rawBody: true }, bodyLimit: 1024 * 64 }, async (request, reply) => await this.inbox(request, reply));
|
||||
fastify.post<{ Params: { user: string; }; }>('/users/:user/inbox', { config: { rawBody: true }, bodyLimit: 1024 * 64 }, async (request, reply) => await this.inbox(request, reply));
|
||||
|
||||
// note
|
||||
fastify.get<{ Params: { note: string; } }>('/notes/:note', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {
|
||||
|
Loading…
Reference in New Issue
Block a user