From 7c51a36012b02796fc23eae803cb034142ddc442 Mon Sep 17 00:00:00 2001 From: nutomic Date: Fri, 6 Nov 2020 13:06:47 +0000 Subject: [PATCH] In activity table, remove `user_id` and add `sensitive` (#127) Forgot to add migrations Add `sensitive` column to activities table, so PMs arent served over HTTP Remove user_id column from actvity table Co-authored-by: Felix Ableitner Reviewed-on: https://yerbamate.ml/LemmyNet/lemmy/pulls/127 --- lemmy_apub/src/activities/send/community.rs | 4 ---- lemmy_apub/src/activities/send/user.rs | 4 ---- lemmy_apub/src/activity_queue.rs | 7 ++++++- lemmy_apub/src/http/mod.rs | 6 +++++- lemmy_apub/src/inbox/community_inbox.rs | 10 +--------- lemmy_apub/src/inbox/shared_inbox.rs | 9 +-------- lemmy_apub/src/inbox/user_inbox.rs | 9 +-------- lemmy_apub/src/lib.rs | 7 ++----- lemmy_db/src/activity.rs | 13 ++++++------- lemmy_db/src/schema.rs | 3 +-- .../down.sql | 2 ++ .../up.sql | 2 ++ 12 files changed, 27 insertions(+), 49 deletions(-) create mode 100644 migrations/2020-11-05-152724_activity_remove_user_id/down.sql create mode 100644 migrations/2020-11-05-152724_activity_remove_user_id/up.sql diff --git a/lemmy_apub/src/activities/send/community.rs b/lemmy_apub/src/activities/send/community.rs index cdcc96707..2373596f3 100644 --- a/lemmy_apub/src/activities/send/community.rs +++ b/lemmy_apub/src/activities/send/community.rs @@ -41,10 +41,6 @@ impl ActorType for Community { self.private_key.to_owned() } - fn user_id(&self) -> i32 { - self.creator_id - } - async fn send_follow( &self, _follow_actor_id: &Url, diff --git a/lemmy_apub/src/activities/send/user.rs b/lemmy_apub/src/activities/send/user.rs index bd791e5e3..39b10ef5f 100644 --- a/lemmy_apub/src/activities/send/user.rs +++ b/lemmy_apub/src/activities/send/user.rs @@ -32,10 +32,6 @@ impl ActorType for User_ { self.private_key.to_owned() } - fn user_id(&self) -> i32 { - self.id - } - /// As a given local user, send out a follow request to a remote community. async fn send_follow( &self, diff --git a/lemmy_apub/src/activity_queue.rs b/lemmy_apub/src/activity_queue.rs index c8c8af37e..5e4f113b5 100644 --- a/lemmy_apub/src/activity_queue.rs +++ b/lemmy_apub/src/activity_queue.rs @@ -57,6 +57,7 @@ where vec![inbox], context.pool(), true, + true, ) .await?; } @@ -102,6 +103,7 @@ where follower_inboxes, context.pool(), true, + false, ) .await?; @@ -145,6 +147,7 @@ where vec![inbox], context.pool(), true, + false, ) .await?; } @@ -185,6 +188,7 @@ where mentions, context.pool(), false, // Don't create a new DB row + false, ) .await?; Ok(()) @@ -202,6 +206,7 @@ async fn send_activity_internal( inboxes: Vec, pool: &DbPool, insert_into_db: bool, + sensitive: bool, ) -> Result<(), LemmyError> where T: AsObject + Extends + Debug, @@ -219,7 +224,7 @@ where // might send the same ap_id if insert_into_db { let id = activity.id().context(location_info!())?; - insert_activity(id, actor.user_id(), activity.clone(), true, pool).await?; + insert_activity(id, activity.clone(), true, sensitive, pool).await?; } for i in inboxes { diff --git a/lemmy_apub/src/http/mod.rs b/lemmy_apub/src/http/mod.rs index 9f6c766c2..91af36b2d 100644 --- a/lemmy_apub/src/http/mod.rs +++ b/lemmy_apub/src/http/mod.rs @@ -54,5 +54,9 @@ pub async fn get_activity( }) .await??; - Ok(create_apub_response(&activity.data)) + if !activity.local || activity.sensitive { + Ok(HttpResponse::NotFound().finish()) + } else { + Ok(create_apub_response(&activity.data)) + } } diff --git a/lemmy_apub/src/inbox/community_inbox.rs b/lemmy_apub/src/inbox/community_inbox.rs index ffc5f6d71..b80d739a7 100644 --- a/lemmy_apub/src/inbox/community_inbox.rs +++ b/lemmy_apub/src/inbox/community_inbox.rs @@ -88,20 +88,12 @@ pub async fn community_inbox( let any_base = activity.clone().into_any_base()?; let kind = activity.kind().context(location_info!())?; - let user_id = user.id; let res = match kind { ValidTypes::Follow => handle_follow(any_base, user, community, &context).await, ValidTypes::Undo => handle_undo_follow(any_base, user, community, &context).await, }; - insert_activity( - &activity_id, - user_id, - activity.clone(), - false, - context.pool(), - ) - .await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/inbox/shared_inbox.rs b/lemmy_apub/src/inbox/shared_inbox.rs index 4457a1a6d..3b07400d6 100644 --- a/lemmy_apub/src/inbox/shared_inbox.rs +++ b/lemmy_apub/src/inbox/shared_inbox.rs @@ -125,14 +125,7 @@ pub async fn shared_inbox( ValidTypes::Undo => receive_undo(&context, any_base, actor_id, request_counter).await, }; - insert_activity( - &activity_id, - actor.user_id(), - activity.clone(), - false, - context.pool(), - ) - .await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/inbox/user_inbox.rs b/lemmy_apub/src/inbox/user_inbox.rs index 653a447c5..45fa5ee73 100644 --- a/lemmy_apub/src/inbox/user_inbox.rs +++ b/lemmy_apub/src/inbox/user_inbox.rs @@ -107,14 +107,7 @@ pub async fn user_inbox( } }; - insert_activity( - &activity_id, - actor.user_id(), - activity.clone(), - false, - context.pool(), - ) - .await?; + insert_activity(&activity_id, activity.clone(), false, true, context.pool()).await?; res } diff --git a/lemmy_apub/src/lib.rs b/lemmy_apub/src/lib.rs index e7410ee25..4894b036f 100644 --- a/lemmy_apub/src/lib.rs +++ b/lemmy_apub/src/lib.rs @@ -169,9 +169,6 @@ pub trait ActorType { fn public_key(&self) -> Option; fn private_key(&self) -> Option; - /// numeric id in the database, used for insert_activity - fn user_id(&self) -> i32; - async fn send_follow( &self, follow_actor_id: &Url, @@ -252,9 +249,9 @@ pub trait ActorType { /// persistent. pub async fn insert_activity( ap_id: &Url, - user_id: i32, activity: T, local: bool, + sensitive: bool, pool: &DbPool, ) -> Result<(), LemmyError> where @@ -262,7 +259,7 @@ where { let ap_id = ap_id.to_string(); blocking(pool, move |conn| { - Activity::insert(conn, ap_id, user_id, &activity, local) + Activity::insert(conn, ap_id, &activity, local, sensitive) }) .await??; Ok(()) diff --git a/lemmy_db/src/activity.rs b/lemmy_db/src/activity.rs index 539820fc2..b0ec1df69 100644 --- a/lemmy_db/src/activity.rs +++ b/lemmy_db/src/activity.rs @@ -13,9 +13,9 @@ use std::{ pub struct Activity { pub id: i32, pub ap_id: String, - pub user_id: i32, pub data: Value, pub local: bool, + pub sensitive: bool, pub published: chrono::NaiveDateTime, pub updated: Option, } @@ -24,9 +24,9 @@ pub struct Activity { #[table_name = "activity"] pub struct ActivityForm { pub ap_id: String, - pub user_id: i32, pub data: Value, pub local: bool, + pub sensitive: bool, pub updated: Option, } @@ -59,20 +59,19 @@ impl Activity { pub fn insert( conn: &PgConnection, ap_id: String, - user_id: i32, data: &T, local: bool, + sensitive: bool, ) -> Result where T: Serialize + Debug, { - debug!("inserting activity for user {}: ", user_id); debug!("{}", serde_json::to_string_pretty(&data)?); let activity_form = ActivityForm { ap_id, - user_id, data: serde_json::to_value(&data)?, local, + sensitive, updated: None, }; let result = Activity::create(&conn, &activity_form); @@ -154,9 +153,9 @@ mod tests { .unwrap(); let activity_form = ActivityForm { ap_id: ap_id.to_string(), - user_id: inserted_creator.id, data: test_json.to_owned(), local: true, + sensitive: false, updated: None, }; @@ -165,9 +164,9 @@ mod tests { let expected_activity = Activity { ap_id: ap_id.to_string(), id: inserted_activity.id, - user_id: inserted_creator.id, data: test_json, local: true, + sensitive: false, published: inserted_activity.published, updated: None, }; diff --git a/lemmy_db/src/schema.rs b/lemmy_db/src/schema.rs index c755009b1..ec1e25995 100644 --- a/lemmy_db/src/schema.rs +++ b/lemmy_db/src/schema.rs @@ -2,9 +2,9 @@ table! { activity (id) { id -> Int4, ap_id -> Text, - user_id -> Int4, data -> Jsonb, local -> Bool, + sensitive -> Bool, published -> Timestamp, updated -> Nullable, } @@ -481,7 +481,6 @@ table! { } } -joinable!(activity -> user_ (user_id)); joinable!(comment -> post (post_id)); joinable!(comment -> user_ (creator_id)); joinable!(comment_like -> comment (comment_id)); diff --git a/migrations/2020-11-05-152724_activity_remove_user_id/down.sql b/migrations/2020-11-05-152724_activity_remove_user_id/down.sql new file mode 100644 index 000000000..bb093f1bb --- /dev/null +++ b/migrations/2020-11-05-152724_activity_remove_user_id/down.sql @@ -0,0 +1,2 @@ +ALTER TABLE activity ADD COLUMN user_id INTEGER; +ALTER TABLE activity DROP COLUMN sensitive; \ No newline at end of file diff --git a/migrations/2020-11-05-152724_activity_remove_user_id/up.sql b/migrations/2020-11-05-152724_activity_remove_user_id/up.sql new file mode 100644 index 000000000..22a1a2fae --- /dev/null +++ b/migrations/2020-11-05-152724_activity_remove_user_id/up.sql @@ -0,0 +1,2 @@ +ALTER TABLE activity DROP COLUMN user_id; +ALTER TABLE activity ADD COLUMN sensitive BOOLEAN DEFAULT TRUE; \ No newline at end of file