account.rb 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621
  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: accounts
  5. #
  6. # id :bigint(8) not null, primary key
  7. # username :string default(""), not null
  8. # domain :string
  9. # private_key :text
  10. # public_key :text default(""), not null
  11. # created_at :datetime not null
  12. # updated_at :datetime not null
  13. # note :text default(""), not null
  14. # display_name :string default(""), not null
  15. # uri :string default(""), not null
  16. # url :string
  17. # avatar_file_name :string
  18. # avatar_content_type :string
  19. # avatar_file_size :integer
  20. # avatar_updated_at :datetime
  21. # header_file_name :string
  22. # header_content_type :string
  23. # header_file_size :integer
  24. # header_updated_at :datetime
  25. # avatar_remote_url :string
  26. # locked :boolean default(FALSE), not null
  27. # header_remote_url :string default(""), not null
  28. # last_webfingered_at :datetime
  29. # inbox_url :string default(""), not null
  30. # outbox_url :string default(""), not null
  31. # shared_inbox_url :string default(""), not null
  32. # followers_url :string default(""), not null
  33. # protocol :integer default("ostatus"), not null
  34. # memorial :boolean default(FALSE), not null
  35. # moved_to_account_id :bigint(8)
  36. # featured_collection_url :string
  37. # fields :jsonb
  38. # actor_type :string
  39. # discoverable :boolean
  40. # also_known_as :string is an Array
  41. # silenced_at :datetime
  42. # suspended_at :datetime
  43. # hide_collections :boolean
  44. # avatar_storage_schema_version :integer
  45. # header_storage_schema_version :integer
  46. # devices_url :string
  47. # suspension_origin :integer
  48. # sensitized_at :datetime
  49. # trendable :boolean
  50. # reviewed_at :datetime
  51. # requested_review_at :datetime
  52. #
  53. class Account < ApplicationRecord
  54. self.ignored_columns = %w(
  55. subscription_expires_at
  56. secret
  57. remote_url
  58. salmon_url
  59. hub_url
  60. trust_level
  61. )
  62. USERNAME_RE = /[a-z0-9_]+([a-z0-9_.-]+[a-z0-9_]+)?/i
  63. MENTION_RE = %r{(?<![=/[:word:]])@((#{USERNAME_RE})(?:@[[:word:].-]+[[:word:]]+)?)}i
  64. URL_PREFIX_RE = %r{\Ahttp(s?)://[^/]+}
  65. include Attachmentable
  66. include AccountAssociations
  67. include AccountAvatar
  68. include AccountFinderConcern
  69. include AccountHeader
  70. include AccountInteractions
  71. include Paginable
  72. include AccountCounters
  73. include DomainNormalizable
  74. include DomainMaterializable
  75. include AccountMerging
  76. enum protocol: [:ostatus, :activitypub]
  77. enum suspension_origin: [:local, :remote], _prefix: true
  78. validates :username, presence: true
  79. validates_with UniqueUsernameValidator, if: -> { will_save_change_to_username? }
  80. # Remote user validations
  81. validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, if: -> { !local? && will_save_change_to_username? }
  82. # Local user validations
  83. validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? && actor_type != 'Application' }
  84. validates_with UnreservedUsernameValidator, if: -> { local? && will_save_change_to_username? }
  85. validates :display_name, length: { maximum: 30 }, if: -> { local? && will_save_change_to_display_name? }
  86. validates :note, note_length: { maximum: 500 }, if: -> { local? && will_save_change_to_note? }
  87. validates :fields, length: { maximum: 4 }, if: -> { local? && will_save_change_to_fields? }
  88. scope :remote, -> { where.not(domain: nil) }
  89. scope :local, -> { where(domain: nil) }
  90. scope :partitioned, -> { order(Arel.sql('row_number() over (partition by domain)')) }
  91. scope :silenced, -> { where.not(silenced_at: nil) }
  92. scope :suspended, -> { where.not(suspended_at: nil) }
  93. scope :sensitized, -> { where.not(sensitized_at: nil) }
  94. scope :without_suspended, -> { where(suspended_at: nil) }
  95. scope :without_silenced, -> { where(silenced_at: nil) }
  96. scope :without_instance_actor, -> { where.not(id: -99) }
  97. scope :recent, -> { reorder(id: :desc) }
  98. scope :bots, -> { where(actor_type: %w(Application Service)) }
  99. scope :groups, -> { where(actor_type: 'Group') }
  100. scope :alphabetic, -> { order(domain: :asc, username: :asc) }
  101. scope :matches_username, ->(value) { where('lower((username)::text) LIKE lower(?)', "#{value}%") }
  102. scope :matches_display_name, ->(value) { where(arel_table[:display_name].matches("#{value}%")) }
  103. scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
  104. scope :without_unapproved, -> { left_outer_joins(:user).remote.or(left_outer_joins(:user).merge(User.approved.confirmed)) }
  105. scope :searchable, -> { without_unapproved.without_suspended.where(moved_to_account_id: nil) }
  106. scope :discoverable, -> { searchable.without_silenced.where(discoverable: true).left_outer_joins(:account_stat) }
  107. scope :followable_by, ->(account) { joins(arel_table.join(Follow.arel_table, Arel::Nodes::OuterJoin).on(arel_table[:id].eq(Follow.arel_table[:target_account_id]).and(Follow.arel_table[:account_id].eq(account.id))).join_sources).where(Follow.arel_table[:id].eq(nil)).joins(arel_table.join(FollowRequest.arel_table, Arel::Nodes::OuterJoin).on(arel_table[:id].eq(FollowRequest.arel_table[:target_account_id]).and(FollowRequest.arel_table[:account_id].eq(account.id))).join_sources).where(FollowRequest.arel_table[:id].eq(nil)) }
  108. scope :by_recent_status, -> { includes(:account_stat).merge(AccountStat.order('last_status_at DESC NULLS LAST')).references(:account_stat) }
  109. scope :by_recent_sign_in, -> { order(Arel.sql('users.current_sign_in_at DESC NULLS LAST')) }
  110. scope :popular, -> { order('account_stats.followers_count desc') }
  111. scope :by_domain_and_subdomains, ->(domain) { where(domain: domain).or(where(arel_table[:domain].matches('%.' + domain))) }
  112. scope :not_excluded_by_account, ->(account) { where.not(id: account.excluded_from_timeline_account_ids) }
  113. scope :not_domain_blocked_by_account, ->(account) { where(arel_table[:domain].eq(nil).or(arel_table[:domain].not_in(account.excluded_from_timeline_domains))) }
  114. delegate :email,
  115. :unconfirmed_email,
  116. :current_sign_in_at,
  117. :created_at,
  118. :sign_up_ip,
  119. :confirmed?,
  120. :approved?,
  121. :pending?,
  122. :disabled?,
  123. :unconfirmed?,
  124. :unconfirmed_or_pending?,
  125. :role,
  126. :admin?,
  127. :moderator?,
  128. :staff?,
  129. :locale,
  130. :shows_application?,
  131. to: :user,
  132. prefix: true,
  133. allow_nil: true
  134. delegate :chosen_languages, to: :user, prefix: false, allow_nil: true
  135. update_index('accounts', :self)
  136. def local?
  137. domain.nil?
  138. end
  139. def moved?
  140. moved_to_account_id.present?
  141. end
  142. def bot?
  143. %w(Application Service).include? actor_type
  144. end
  145. def instance_actor?
  146. id == -99
  147. end
  148. alias bot bot?
  149. def bot=(val)
  150. self.actor_type = ActiveModel::Type::Boolean.new.cast(val) ? 'Service' : 'Person'
  151. end
  152. def group?
  153. actor_type == 'Group'
  154. end
  155. alias group group?
  156. def acct
  157. local? ? username : "#{username}@#{domain}"
  158. end
  159. def pretty_acct
  160. local? ? username : "#{username}@#{Addressable::IDNA.to_unicode(domain)}"
  161. end
  162. def local_username_and_domain
  163. "#{username}@#{Rails.configuration.x.local_domain}"
  164. end
  165. def local_followers_count
  166. Follow.where(target_account_id: id).count
  167. end
  168. def to_webfinger_s
  169. "acct:#{local_username_and_domain}"
  170. end
  171. def searchable?
  172. !(suspended? || moved?) && (!local? || (approved? && confirmed?))
  173. end
  174. def possibly_stale?
  175. last_webfingered_at.nil? || last_webfingered_at <= 1.day.ago
  176. end
  177. def refresh!
  178. ResolveAccountService.new.call(acct) unless local?
  179. end
  180. def silenced?
  181. silenced_at.present?
  182. end
  183. def silence!(date = Time.now.utc)
  184. update!(silenced_at: date)
  185. end
  186. def unsilence!
  187. update!(silenced_at: nil)
  188. end
  189. def suspended?
  190. suspended_at.present? && !instance_actor?
  191. end
  192. def suspended_permanently?
  193. suspended? && deletion_request.nil?
  194. end
  195. def suspended_temporarily?
  196. suspended? && deletion_request.present?
  197. end
  198. def suspend!(date: Time.now.utc, origin: :local, block_email: true)
  199. transaction do
  200. create_deletion_request!
  201. update!(suspended_at: date, suspension_origin: origin)
  202. create_canonical_email_block! if block_email
  203. end
  204. end
  205. def unsuspend!
  206. transaction do
  207. deletion_request&.destroy!
  208. update!(suspended_at: nil, suspension_origin: nil)
  209. destroy_canonical_email_block!
  210. end
  211. end
  212. def sensitized?
  213. sensitized_at.present?
  214. end
  215. def sensitize!(date = Time.now.utc)
  216. update!(sensitized_at: date)
  217. end
  218. def unsensitize!
  219. update!(sensitized_at: nil)
  220. end
  221. def memorialize!
  222. update!(memorial: true)
  223. end
  224. def sign?
  225. true
  226. end
  227. def previous_strikes_count
  228. strikes.where(overruled_at: nil).count
  229. end
  230. def keypair
  231. @keypair ||= OpenSSL::PKey::RSA.new(private_key || public_key)
  232. end
  233. def tags_as_strings=(tag_names)
  234. hashtags_map = Tag.find_or_create_by_names(tag_names).index_by(&:name)
  235. # Remove hashtags that are to be deleted
  236. tags.each do |tag|
  237. if hashtags_map.key?(tag.name)
  238. hashtags_map.delete(tag.name)
  239. else
  240. tags.delete(tag)
  241. end
  242. end
  243. # Add hashtags that were so far missing
  244. hashtags_map.each_value do |tag|
  245. tags << tag
  246. end
  247. end
  248. def also_known_as
  249. self[:also_known_as] || []
  250. end
  251. def fields
  252. (self[:fields] || []).map do |f|
  253. Field.new(self, f)
  254. rescue
  255. nil
  256. end.compact
  257. end
  258. def fields_attributes=(attributes)
  259. fields = []
  260. old_fields = self[:fields] || []
  261. old_fields = [] if old_fields.is_a?(Hash)
  262. if attributes.is_a?(Hash)
  263. attributes.each_value do |attr|
  264. next if attr[:name].blank?
  265. previous = old_fields.find { |item| item['value'] == attr[:value] }
  266. if previous && previous['verified_at'].present?
  267. attr[:verified_at] = previous['verified_at']
  268. end
  269. fields << attr
  270. end
  271. end
  272. self[:fields] = fields
  273. end
  274. DEFAULT_FIELDS_SIZE = 4
  275. def build_fields
  276. return if fields.size >= DEFAULT_FIELDS_SIZE
  277. tmp = self[:fields] || []
  278. tmp = [] if tmp.is_a?(Hash)
  279. (DEFAULT_FIELDS_SIZE - tmp.size).times do
  280. tmp << { name: '', value: '' }
  281. end
  282. self.fields = tmp
  283. end
  284. def save_with_optional_media!
  285. save!
  286. rescue ActiveRecord::RecordInvalid
  287. self.avatar = nil
  288. self.header = nil
  289. save!
  290. end
  291. def hides_followers?
  292. hide_collections?
  293. end
  294. def hides_following?
  295. hide_collections?
  296. end
  297. def object_type
  298. :person
  299. end
  300. def to_param
  301. username
  302. end
  303. def excluded_from_timeline_account_ids
  304. Rails.cache.fetch("exclude_account_ids_for:#{id}") { block_relationships.pluck(:target_account_id) + blocked_by_relationships.pluck(:account_id) + mute_relationships.pluck(:target_account_id) }
  305. end
  306. def excluded_from_timeline_domains
  307. Rails.cache.fetch("exclude_domains_for:#{id}") { domain_blocks.pluck(:domain) }
  308. end
  309. def preferred_inbox_url
  310. shared_inbox_url.presence || inbox_url
  311. end
  312. def synchronization_uri_prefix
  313. return 'local' if local?
  314. @synchronization_uri_prefix ||= "#{uri[URL_PREFIX_RE]}/"
  315. end
  316. def requires_review?
  317. reviewed_at.nil?
  318. end
  319. def reviewed?
  320. reviewed_at.present?
  321. end
  322. def requested_review?
  323. requested_review_at.present?
  324. end
  325. def requires_review_notification?
  326. requires_review? && !requested_review?
  327. end
  328. class Field < ActiveModelSerializers::Model
  329. attributes :name, :value, :verified_at, :account
  330. def initialize(account, attributes)
  331. @original_field = attributes
  332. string_limit = account.local? ? 255 : 2047
  333. super(
  334. account: account,
  335. name: attributes['name'].strip[0, string_limit],
  336. value: attributes['value'].strip[0, string_limit],
  337. verified_at: attributes['verified_at']&.to_datetime,
  338. )
  339. end
  340. def verified?
  341. verified_at.present?
  342. end
  343. def value_for_verification
  344. @value_for_verification ||= begin
  345. if account.local?
  346. value
  347. else
  348. ActionController::Base.helpers.strip_tags(value)
  349. end
  350. end
  351. end
  352. def verifiable?
  353. value_for_verification.present? && value_for_verification.start_with?('http://', 'https://')
  354. end
  355. def mark_verified!
  356. self.verified_at = Time.now.utc
  357. @original_field['verified_at'] = verified_at
  358. end
  359. def to_h
  360. { name: name, value: value, verified_at: verified_at }
  361. end
  362. end
  363. class << self
  364. DISALLOWED_TSQUERY_CHARACTERS = /['?\\:‘’]/.freeze
  365. TEXTSEARCH = "(setweight(to_tsvector('simple', accounts.display_name), 'A') || setweight(to_tsvector('simple', accounts.username), 'B') || setweight(to_tsvector('simple', coalesce(accounts.domain, '')), 'C'))"
  366. def readonly_attributes
  367. super - %w(statuses_count following_count followers_count)
  368. end
  369. def inboxes
  370. urls = reorder(nil).where(protocol: :activitypub).group(:preferred_inbox_url).pluck(Arel.sql("coalesce(nullif(accounts.shared_inbox_url, ''), accounts.inbox_url) AS preferred_inbox_url"))
  371. DeliveryFailureTracker.without_unavailable(urls)
  372. end
  373. def search_for(terms, limit = 10, offset = 0)
  374. tsquery = generate_query_for_search(terms)
  375. sql = <<-SQL.squish
  376. SELECT
  377. accounts.*,
  378. ts_rank_cd(#{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
  379. FROM accounts
  380. LEFT JOIN users ON accounts.id = users.account_id
  381. WHERE to_tsquery('simple', :tsquery) @@ #{TEXTSEARCH}
  382. AND accounts.suspended_at IS NULL
  383. AND accounts.moved_to_account_id IS NULL
  384. AND (accounts.domain IS NOT NULL OR (users.approved = TRUE AND users.confirmed_at IS NOT NULL))
  385. ORDER BY rank DESC
  386. LIMIT :limit OFFSET :offset
  387. SQL
  388. records = find_by_sql([sql, limit: limit, offset: offset, tsquery: tsquery])
  389. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  390. records
  391. end
  392. def advanced_search_for(terms, account, limit = 10, following = false, offset = 0)
  393. tsquery = generate_query_for_search(terms)
  394. sql = advanced_search_for_sql_template(following)
  395. records = find_by_sql([sql, id: account.id, limit: limit, offset: offset, tsquery: tsquery])
  396. ActiveRecord::Associations::Preloader.new.preload(records, :account_stat)
  397. records
  398. end
  399. def from_text(text)
  400. return [] if text.blank?
  401. text.scan(MENTION_RE).map { |match| match.first.split('@', 2) }.uniq.filter_map do |(username, domain)|
  402. domain = begin
  403. if TagManager.instance.local_domain?(domain)
  404. nil
  405. else
  406. TagManager.instance.normalize_domain(domain)
  407. end
  408. end
  409. EntityCache.instance.mention(username, domain)
  410. end
  411. end
  412. private
  413. def generate_query_for_search(unsanitized_terms)
  414. terms = unsanitized_terms.gsub(DISALLOWED_TSQUERY_CHARACTERS, ' ')
  415. # The final ":*" is for prefix search.
  416. # The trailing space does not seem to fit any purpose, but `to_tsquery`
  417. # behaves differently with and without a leading space if the terms start
  418. # with `./`, `../`, or `.. `. I don't understand why, so, in doubt, keep
  419. # the same query.
  420. "' #{terms} ':*"
  421. end
  422. def advanced_search_for_sql_template(following)
  423. if following
  424. <<-SQL.squish
  425. WITH first_degree AS (
  426. SELECT target_account_id
  427. FROM follows
  428. WHERE account_id = :id
  429. UNION ALL
  430. SELECT :id
  431. )
  432. SELECT
  433. accounts.*,
  434. (count(f.id) + 1) * ts_rank_cd(#{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
  435. FROM accounts
  436. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = :id)
  437. WHERE accounts.id IN (SELECT * FROM first_degree)
  438. AND to_tsquery('simple', :tsquery) @@ #{TEXTSEARCH}
  439. AND accounts.suspended_at IS NULL
  440. AND accounts.moved_to_account_id IS NULL
  441. GROUP BY accounts.id
  442. ORDER BY rank DESC
  443. LIMIT :limit OFFSET :offset
  444. SQL
  445. else
  446. <<-SQL.squish
  447. SELECT
  448. accounts.*,
  449. (count(f.id) + 1) * ts_rank_cd(#{TEXTSEARCH}, to_tsquery('simple', :tsquery), 32) AS rank
  450. FROM accounts
  451. LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = :id) OR (accounts.id = f.target_account_id AND f.account_id = :id)
  452. LEFT JOIN users ON accounts.id = users.account_id
  453. WHERE to_tsquery('simple', :tsquery) @@ #{TEXTSEARCH}
  454. AND accounts.suspended_at IS NULL
  455. AND accounts.moved_to_account_id IS NULL
  456. AND (accounts.domain IS NOT NULL OR (users.approved = TRUE AND users.confirmed_at IS NOT NULL))
  457. GROUP BY accounts.id
  458. ORDER BY rank DESC
  459. LIMIT :limit OFFSET :offset
  460. SQL
  461. end
  462. end
  463. end
  464. def emojis
  465. @emojis ||= CustomEmoji.from_text(emojifiable_text, domain)
  466. end
  467. before_create :generate_keys
  468. before_validation :prepare_contents, if: :local?
  469. before_validation :prepare_username, on: :create
  470. before_destroy :clean_feed_manager
  471. def ensure_keys!
  472. return unless local? && private_key.blank? && public_key.blank?
  473. generate_keys
  474. save!
  475. end
  476. private
  477. def prepare_contents
  478. display_name&.strip!
  479. note&.strip!
  480. end
  481. def prepare_username
  482. username&.squish!
  483. end
  484. def generate_keys
  485. return unless local? && private_key.blank? && public_key.blank?
  486. keypair = OpenSSL::PKey::RSA.new(2048)
  487. self.private_key = keypair.to_pem
  488. self.public_key = keypair.public_key.to_pem
  489. end
  490. def normalize_domain
  491. return if local?
  492. super
  493. end
  494. def emojifiable_text
  495. [note, display_name, fields.map(&:name), fields.map(&:value)].join(' ')
  496. end
  497. def clean_feed_manager
  498. FeedManager.instance.clean_feeds!(:home, [id])
  499. end
  500. def create_canonical_email_block!
  501. return unless local? && user_email.present?
  502. begin
  503. CanonicalEmailBlock.create(reference_account: self, email: user_email)
  504. rescue ActiveRecord::RecordNotUnique
  505. # A canonical e-mail block may already exist for the same e-mail
  506. end
  507. end
  508. def destroy_canonical_email_block!
  509. return unless local?
  510. CanonicalEmailBlock.where(reference_account: self).delete_all
  511. end
  512. end