create.rb 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506
  1. # frozen_string_literal: true
  2. class ActivityPub::Activity::Create < ActivityPub::Activity
  3. def perform
  4. case @object['type']
  5. when 'EncryptedMessage'
  6. create_encrypted_message
  7. else
  8. create_status
  9. end
  10. end
  11. private
  12. def create_encrypted_message
  13. return reject_payload! if invalid_origin?(@object['id']) || @options[:delivered_to_account_id].blank?
  14. target_account = Account.find(@options[:delivered_to_account_id])
  15. target_device = target_account.devices.find_by(device_id: @object.dig('to', 'deviceId'))
  16. return if target_device.nil?
  17. target_device.encrypted_messages.create!(
  18. from_account: @account,
  19. from_device_id: @object.dig('attributedTo', 'deviceId'),
  20. type: @object['messageType'],
  21. body: @object['cipherText'],
  22. digest: @object.dig('digest', 'digestValue'),
  23. message_franking: message_franking.to_token
  24. )
  25. end
  26. def message_franking
  27. MessageFranking.new(
  28. hmac: @object.dig('digest', 'digestValue'),
  29. original_franking: @object['messageFranking'],
  30. source_account_id: @account.id,
  31. target_account_id: @options[:delivered_to_account_id],
  32. timestamp: Time.now.utc
  33. )
  34. end
  35. def create_status
  36. return reject_payload! if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?
  37. RedisLock.acquire(lock_options) do |lock|
  38. if lock.acquired?
  39. return if delete_arrived_first?(object_uri) || poll_vote?
  40. @status = find_existing_status
  41. if @status.nil?
  42. process_status
  43. elsif @options[:delivered_to_account_id].present?
  44. postprocess_audience_and_deliver
  45. end
  46. else
  47. raise Mastodon::RaceConditionError
  48. end
  49. end
  50. @status
  51. end
  52. def audience_to
  53. @object['to'] || @json['to']
  54. end
  55. def audience_cc
  56. @object['cc'] || @json['cc']
  57. end
  58. def process_status
  59. @tags = []
  60. @mentions = []
  61. @params = {}
  62. process_status_params
  63. process_tags
  64. process_audience
  65. ApplicationRecord.transaction do
  66. @status = Status.create!(@params)
  67. attach_tags(@status)
  68. end
  69. resolve_thread(@status)
  70. fetch_replies(@status)
  71. check_for_spam
  72. distribute(@status)
  73. forward_for_reply if @status.distributable?
  74. end
  75. def find_existing_status
  76. status = status_from_uri(object_uri)
  77. status ||= Status.find_by(uri: @object['atomUri']) if @object['atomUri'].present?
  78. status
  79. end
  80. def process_status_params
  81. @params = begin
  82. {
  83. uri: @object['id'],
  84. url: object_url || @object['id'],
  85. account: @account,
  86. text: text_from_content || '',
  87. language: detected_language,
  88. spoiler_text: converted_object_type? ? '' : (text_from_summary || ''),
  89. created_at: @object['published'],
  90. override_timestamps: @options[:override_timestamps],
  91. reply: @object['inReplyTo'].present?,
  92. sensitive: @object['sensitive'] || false,
  93. visibility: visibility_from_audience,
  94. thread: replied_to_status,
  95. conversation: conversation_from_uri(@object['conversation']),
  96. media_attachment_ids: process_attachments.take(4).map(&:id),
  97. poll: process_poll,
  98. }
  99. end
  100. end
  101. def process_audience
  102. (as_array(audience_to) + as_array(audience_cc)).uniq.each do |audience|
  103. next if audience == ActivityPub::TagManager::COLLECTIONS[:public]
  104. # Unlike with tags, there is no point in resolving accounts we don't already
  105. # know here, because silent mentions would only be used for local access
  106. # control anyway
  107. account = account_from_uri(audience)
  108. next if account.nil? || @mentions.any? { |mention| mention.account_id == account.id }
  109. @mentions << Mention.new(account: account, silent: true)
  110. # If there is at least one silent mention, then the status can be considered
  111. # as a limited-audience status, and not strictly a direct message, but only
  112. # if we considered a direct message in the first place
  113. next unless @params[:visibility] == :direct
  114. @params[:visibility] = :limited
  115. end
  116. # If the payload was delivered to a specific inbox, the inbox owner must have
  117. # access to it, unless they already have access to it anyway
  118. return if @options[:delivered_to_account_id].nil? || @mentions.any? { |mention| mention.account_id == @options[:delivered_to_account_id] }
  119. @mentions << Mention.new(account_id: @options[:delivered_to_account_id], silent: true)
  120. return unless @params[:visibility] == :direct
  121. @params[:visibility] = :limited
  122. end
  123. def postprocess_audience_and_deliver
  124. return if @status.mentions.find_by(account_id: @options[:delivered_to_account_id])
  125. delivered_to_account = Account.find(@options[:delivered_to_account_id])
  126. @status.mentions.create(account: delivered_to_account, silent: true)
  127. @status.update(visibility: :limited) if @status.direct_visibility?
  128. return unless delivered_to_account.following?(@account)
  129. FeedInsertWorker.perform_async(@status.id, delivered_to_account.id, :home)
  130. end
  131. def attach_tags(status)
  132. @tags.each do |tag|
  133. status.tags << tag
  134. TrendingTags.record_use!(tag, status.account, status.created_at) if status.public_visibility?
  135. end
  136. @mentions.each do |mention|
  137. mention.status = status
  138. mention.save
  139. end
  140. end
  141. def process_tags
  142. return if @object['tag'].nil?
  143. as_array(@object['tag']).each do |tag|
  144. if equals_or_includes?(tag['type'], 'Hashtag')
  145. process_hashtag tag
  146. elsif equals_or_includes?(tag['type'], 'Mention')
  147. process_mention tag
  148. elsif equals_or_includes?(tag['type'], 'Emoji')
  149. process_emoji tag
  150. end
  151. end
  152. end
  153. def process_hashtag(tag)
  154. return if tag['name'].blank?
  155. Tag.find_or_create_by_names(tag['name']) do |hashtag|
  156. @tags << hashtag unless @tags.include?(hashtag) || !hashtag.valid?
  157. end
  158. rescue ActiveRecord::RecordInvalid
  159. nil
  160. end
  161. def process_mention(tag)
  162. return if tag['href'].blank?
  163. account = account_from_uri(tag['href'])
  164. account = ActivityPub::FetchRemoteAccountService.new.call(tag['href']) if account.nil?
  165. return if account.nil?
  166. @mentions << Mention.new(account: account, silent: false)
  167. end
  168. def process_emoji(tag)
  169. return if skip_download?
  170. return if tag['name'].blank? || tag['icon'].blank? || tag['icon']['url'].blank?
  171. shortcode = tag['name'].delete(':')
  172. image_url = tag['icon']['url']
  173. uri = tag['id']
  174. updated = tag['updated']
  175. emoji = CustomEmoji.find_by(shortcode: shortcode, domain: @account.domain)
  176. return unless emoji.nil? || image_url != emoji.image_remote_url || (updated && updated >= emoji.updated_at)
  177. emoji ||= CustomEmoji.new(domain: @account.domain, shortcode: shortcode, uri: uri)
  178. emoji.image_remote_url = image_url
  179. emoji.save
  180. end
  181. def process_attachments
  182. return [] if @object['attachment'].nil?
  183. media_attachments = []
  184. as_array(@object['attachment']).each do |attachment|
  185. next if attachment['url'].blank? || media_attachments.size >= 4
  186. begin
  187. href = Addressable::URI.parse(attachment['url']).normalize.to_s
  188. media_attachment = MediaAttachment.create(account: @account, remote_url: href, description: attachment['summary'].presence || attachment['name'].presence, focus: attachment['focalPoint'], blurhash: supported_blurhash?(attachment['blurhash']) ? attachment['blurhash'] : nil)
  189. media_attachments << media_attachment
  190. next if unsupported_media_type?(attachment['mediaType']) || skip_download?
  191. media_attachment.file_remote_url = href
  192. media_attachment.save
  193. rescue Mastodon::UnexpectedResponseError, HTTP::TimeoutError, HTTP::ConnectionError, OpenSSL::SSL::SSLError
  194. RedownloadMediaWorker.perform_in(rand(30..600).seconds, media_attachment.id)
  195. end
  196. end
  197. media_attachments
  198. rescue Addressable::URI::InvalidURIError => e
  199. Rails.logger.debug "Invalid URL in attachment: #{e}"
  200. media_attachments
  201. end
  202. def process_poll
  203. return unless @object['type'] == 'Question' && (@object['anyOf'].is_a?(Array) || @object['oneOf'].is_a?(Array))
  204. expires_at = begin
  205. if @object['closed'].is_a?(String)
  206. @object['closed']
  207. elsif !@object['closed'].nil? && !@object['closed'].is_a?(FalseClass)
  208. Time.now.utc
  209. else
  210. @object['endTime']
  211. end
  212. end
  213. if @object['anyOf'].is_a?(Array)
  214. multiple = true
  215. items = @object['anyOf']
  216. else
  217. multiple = false
  218. items = @object['oneOf']
  219. end
  220. voters_count = @object['votersCount']
  221. @account.polls.new(
  222. multiple: multiple,
  223. expires_at: expires_at,
  224. options: items.map { |item| item['name'].presence || item['content'] }.compact,
  225. cached_tallies: items.map { |item| item.dig('replies', 'totalItems') || 0 },
  226. voters_count: voters_count
  227. )
  228. end
  229. def poll_vote?
  230. return false if replied_to_status.nil? || replied_to_status.preloadable_poll.nil? || !replied_to_status.local? || !replied_to_status.preloadable_poll.options.include?(@object['name'])
  231. poll_vote! unless replied_to_status.preloadable_poll.expired?
  232. true
  233. end
  234. def poll_vote!
  235. poll = replied_to_status.preloadable_poll
  236. already_voted = true
  237. RedisLock.acquire(poll_lock_options) do |lock|
  238. if lock.acquired?
  239. already_voted = poll.votes.where(account: @account).exists?
  240. poll.votes.create!(account: @account, choice: poll.options.index(@object['name']), uri: @object['id'])
  241. else
  242. raise Mastodon::RaceConditionError
  243. end
  244. end
  245. increment_voters_count! unless already_voted
  246. ActivityPub::DistributePollUpdateWorker.perform_in(3.minutes, replied_to_status.id) unless replied_to_status.preloadable_poll.hide_totals?
  247. end
  248. def resolve_thread(status)
  249. return unless status.reply? && status.thread.nil? && Request.valid_url?(in_reply_to_uri)
  250. ThreadResolveWorker.perform_async(status.id, in_reply_to_uri)
  251. end
  252. def fetch_replies(status)
  253. collection = @object['replies']
  254. return if collection.nil?
  255. replies = ActivityPub::FetchRepliesService.new.call(status, collection, false)
  256. return unless replies.nil?
  257. uri = value_or_id(collection)
  258. ActivityPub::FetchRepliesWorker.perform_async(status.id, uri) unless uri.nil?
  259. end
  260. def conversation_from_uri(uri)
  261. return nil if uri.nil?
  262. return Conversation.find_by(id: OStatus::TagManager.instance.unique_tag_to_local_id(uri, 'Conversation')) if OStatus::TagManager.instance.local_id?(uri)
  263. begin
  264. Conversation.find_or_create_by!(uri: uri)
  265. rescue ActiveRecord::RecordInvalid, ActiveRecord::RecordNotUnique
  266. retry
  267. end
  268. end
  269. def visibility_from_audience
  270. if equals_or_includes?(audience_to, ActivityPub::TagManager::COLLECTIONS[:public])
  271. :public
  272. elsif equals_or_includes?(audience_cc, ActivityPub::TagManager::COLLECTIONS[:public])
  273. :unlisted
  274. elsif equals_or_includes?(audience_to, @account.followers_url)
  275. :private
  276. else
  277. :direct
  278. end
  279. end
  280. def audience_includes?(account)
  281. uri = ActivityPub::TagManager.instance.uri_for(account)
  282. equals_or_includes?(audience_to, uri) || equals_or_includes?(audience_cc, uri)
  283. end
  284. def replied_to_status
  285. return @replied_to_status if defined?(@replied_to_status)
  286. if in_reply_to_uri.blank?
  287. @replied_to_status = nil
  288. else
  289. @replied_to_status = status_from_uri(in_reply_to_uri)
  290. @replied_to_status ||= status_from_uri(@object['inReplyToAtomUri']) if @object['inReplyToAtomUri'].present?
  291. @replied_to_status
  292. end
  293. end
  294. def in_reply_to_uri
  295. value_or_id(@object['inReplyTo'])
  296. end
  297. def text_from_content
  298. return Formatter.instance.linkify([[text_from_name, text_from_summary.presence].compact.join("\n\n"), object_url || @object['id']].join(' ')) if converted_object_type?
  299. if @object['content'].present?
  300. @object['content']
  301. elsif content_language_map?
  302. @object['contentMap'].values.first
  303. end
  304. end
  305. def text_from_summary
  306. if @object['summary'].present?
  307. @object['summary']
  308. elsif summary_language_map?
  309. @object['summaryMap'].values.first
  310. end
  311. end
  312. def text_from_name
  313. if @object['name'].present?
  314. @object['name']
  315. elsif name_language_map?
  316. @object['nameMap'].values.first
  317. end
  318. end
  319. def detected_language
  320. if content_language_map?
  321. @object['contentMap'].keys.first
  322. elsif name_language_map?
  323. @object['nameMap'].keys.first
  324. elsif summary_language_map?
  325. @object['summaryMap'].keys.first
  326. elsif supported_object_type?
  327. LanguageDetector.instance.detect(text_from_content, @account)
  328. end
  329. end
  330. def object_url
  331. return if @object['url'].blank?
  332. url_candidate = url_to_href(@object['url'], 'text/html')
  333. if invalid_origin?(url_candidate)
  334. nil
  335. else
  336. url_candidate
  337. end
  338. end
  339. def summary_language_map?
  340. @object['summaryMap'].is_a?(Hash) && !@object['summaryMap'].empty?
  341. end
  342. def content_language_map?
  343. @object['contentMap'].is_a?(Hash) && !@object['contentMap'].empty?
  344. end
  345. def name_language_map?
  346. @object['nameMap'].is_a?(Hash) && !@object['nameMap'].empty?
  347. end
  348. def unsupported_media_type?(mime_type)
  349. mime_type.present? && !MediaAttachment.supported_mime_types.include?(mime_type)
  350. end
  351. def supported_blurhash?(blurhash)
  352. components = blurhash.blank? ? nil : Blurhash.components(blurhash)
  353. components.present? && components.none? { |comp| comp > 5 }
  354. end
  355. def skip_download?
  356. return @skip_download if defined?(@skip_download)
  357. @skip_download ||= DomainBlock.reject_media?(@account.domain)
  358. end
  359. def reply_to_local?
  360. !replied_to_status.nil? && replied_to_status.account.local?
  361. end
  362. def related_to_local_activity?
  363. fetch? || followed_by_local_accounts? || requested_through_relay? ||
  364. responds_to_followed_account? || addresses_local_accounts?
  365. end
  366. def responds_to_followed_account?
  367. !replied_to_status.nil? && (replied_to_status.account.local? || replied_to_status.account.passive_relationships.exists?)
  368. end
  369. def addresses_local_accounts?
  370. return true if @options[:delivered_to_account_id]
  371. local_usernames = (as_array(audience_to) + as_array(audience_cc)).uniq.select { |uri| ActivityPub::TagManager.instance.local_uri?(uri) }.map { |uri| ActivityPub::TagManager.instance.uri_to_local_id(uri, :username) }
  372. return false if local_usernames.empty?
  373. Account.local.where(username: local_usernames).exists?
  374. end
  375. def check_for_spam
  376. SpamCheck.perform(@status)
  377. end
  378. def forward_for_reply
  379. return unless @json['signature'].present? && reply_to_local?
  380. ActivityPub::RawDistributionWorker.perform_async(Oj.dump(@json), replied_to_status.account_id, [@account.preferred_inbox_url])
  381. end
  382. def increment_voters_count!
  383. poll = replied_to_status.preloadable_poll
  384. unless poll.voters_count.nil?
  385. poll.voters_count = poll.voters_count + 1
  386. poll.save
  387. end
  388. rescue ActiveRecord::StaleObjectError
  389. poll.reload
  390. retry
  391. end
  392. def lock_options
  393. { redis: Redis.current, key: "create:#{@object['id']}" }
  394. end
  395. def poll_lock_options
  396. { redis: Redis.current, key: "vote:#{replied_to_status.poll_id}:#{@account.id}" }
  397. end
  398. end