Add support for blocking actors
parent
7782a39638
commit
cc086f3264
|
@ -0,0 +1,32 @@
|
|||
"""Add is_blocked attribute on actors
|
||||
|
||||
Revision ID: 50d26a370a65
|
||||
Revises: f5717d82b3ff
|
||||
Create Date: 2022-07-31 08:15:27.226340+00:00
|
||||
|
||||
"""
|
||||
import sqlalchemy as sa
|
||||
|
||||
from alembic import op
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = '50d26a370a65'
|
||||
down_revision = 'f5717d82b3ff'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade() -> None:
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
with op.batch_alter_table('actor', schema=None) as batch_op:
|
||||
batch_op.add_column(sa.Column('is_blocked', sa.Boolean(), server_default='0', nullable=False))
|
||||
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade() -> None:
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
with op.batch_alter_table('actor', schema=None) as batch_op:
|
||||
batch_op.drop_column('is_blocked')
|
||||
|
||||
# ### end Alembic commands ###
|
32
app/admin.py
32
app/admin.py
|
@ -563,11 +563,41 @@ async def admin_actions_follow(
|
|||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db_session: AsyncSession = Depends(get_db_session),
|
||||
) -> RedirectResponse:
|
||||
print(f"Following {ap_actor_id}")
|
||||
logger.info(f"Following {ap_actor_id}")
|
||||
await send_follow(db_session, ap_actor_id)
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/block")
|
||||
async def admin_actions_block(
|
||||
request: Request,
|
||||
ap_actor_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db_session: AsyncSession = Depends(get_db_session),
|
||||
) -> RedirectResponse:
|
||||
logger.info(f"Blocking {ap_actor_id}")
|
||||
actor = await fetch_actor(db_session, ap_actor_id)
|
||||
actor.is_blocked = True
|
||||
await db_session.commit()
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/unblock")
|
||||
async def admin_actions_unblock(
|
||||
request: Request,
|
||||
ap_actor_id: str = Form(),
|
||||
redirect_url: str = Form(),
|
||||
csrf_check: None = Depends(verify_csrf_token),
|
||||
db_session: AsyncSession = Depends(get_db_session),
|
||||
) -> RedirectResponse:
|
||||
logger.info(f"Unblocking {ap_actor_id}")
|
||||
actor = await fetch_actor(db_session, ap_actor_id)
|
||||
actor.is_blocked = False
|
||||
await db_session.commit()
|
||||
return RedirectResponse(redirect_url, status_code=302)
|
||||
|
||||
|
||||
@router.post("/actions/delete")
|
||||
async def admin_actions_delete(
|
||||
request: Request,
|
||||
|
|
|
@ -1271,6 +1271,10 @@ async def save_to_inbox(
|
|||
await _process_transient_object(db_session, raw_object, actor)
|
||||
return None
|
||||
|
||||
if actor.is_blocked:
|
||||
logger.warning("Actor {actor.ap_id} is blocked, ignoring object")
|
||||
return None
|
||||
|
||||
raw_object_id = ap.get_id(raw_object)
|
||||
forwarded_by_actor = None
|
||||
|
||||
|
|
|
@ -51,6 +51,8 @@ class Actor(Base, BaseActor):
|
|||
|
||||
handle = Column(String, nullable=True, index=True)
|
||||
|
||||
is_blocked = Column(Boolean, nullable=False, default=False, server_default="0")
|
||||
|
||||
@property
|
||||
def is_from_db(self) -> bool:
|
||||
return True
|
||||
|
|
|
@ -6,6 +6,24 @@
|
|||
<input type="hidden" name="redirect_url" value="{{ request.url }}{% if permalink_id %}#{{ permalink_id }}{% endif %}">
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_block_button(actor) %}
|
||||
<form action="{{ request.url_for("admin_actions_block") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
|
||||
<input type="submit" value="block">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_unblock_button(actor) %}
|
||||
<form action="{{ request.url_for("admin_actions_unblock") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
{{ embed_redirect_url() }}
|
||||
<input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
|
||||
<input type="submit" value="unblock">
|
||||
</form>
|
||||
{% endmacro %}
|
||||
|
||||
{% macro admin_follow_button(actor) %}
|
||||
<form action="{{ request.url_for("admin_actions_follow") }}" method="POST">
|
||||
{{ embed_csrf_token() }}
|
||||
|
@ -217,6 +235,14 @@
|
|||
{% endif %}
|
||||
</li>
|
||||
{% endif %}
|
||||
{% if actor.is_from_db %}
|
||||
{% if actor.is_blocked %}
|
||||
<li>blocked</li>
|
||||
<li>{{ admin_unblock_button(actor) }}</li>
|
||||
{% else %}
|
||||
<li>{{ admin_block_button(actor) }}</li>
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
</ul>
|
||||
</nav>
|
||||
</div>
|
||||
|
|
|
@ -3,6 +3,7 @@ from uuid import uuid4
|
|||
import httpx
|
||||
import respx
|
||||
from fastapi.testclient import TestClient
|
||||
from sqlalchemy import func
|
||||
from sqlalchemy import select
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
|
@ -248,3 +249,52 @@ def test_inbox__create_already_deleted_object(
|
|||
).scalar_one_or_none()
|
||||
is None
|
||||
)
|
||||
|
||||
|
||||
def test_inbox__actor_is_blocked(
|
||||
db: Session,
|
||||
client: TestClient,
|
||||
respx_mock: respx.MockRouter,
|
||||
) -> None:
|
||||
# Given a remote actor
|
||||
ra = setup_remote_actor(respx_mock)
|
||||
|
||||
# Who is also a follower
|
||||
follower = setup_remote_actor_as_follower(ra)
|
||||
follower.actor.is_blocked = True
|
||||
db.commit()
|
||||
|
||||
create_activity = factories.build_create_activity(
|
||||
factories.build_note_object(
|
||||
from_remote_actor=ra,
|
||||
outbox_public_id=str(uuid4()),
|
||||
content="Hello",
|
||||
to=[LOCAL_ACTOR.ap_id],
|
||||
)
|
||||
)
|
||||
|
||||
# When receiving a Create activity
|
||||
ro = RemoteObject(create_activity, ra)
|
||||
|
||||
with mock_httpsig_checker(ra):
|
||||
response = client.post(
|
||||
"/inbox",
|
||||
headers={"Content-Type": ap.AS_CTX},
|
||||
json=ro.ap_object,
|
||||
)
|
||||
|
||||
# Then the server returns a 204
|
||||
assert response.status_code == 202
|
||||
|
||||
# And when processing the incoming activity from a blocked actor
|
||||
run_async(process_next_incoming_activity)
|
||||
|
||||
# Then the Create activity was discarded
|
||||
assert (
|
||||
db.scalar(
|
||||
select(func.count(models.InboxObject.id)).where(
|
||||
models.InboxObject.ap_type != "Follow"
|
||||
)
|
||||
)
|
||||
== 0
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue