Add support for blocking actors

main
Thomas Sileo 2022-07-31 10:35:11 +02:00
parent 7782a39638
commit cc086f3264
6 changed files with 148 additions and 4 deletions

View File

@ -0,0 +1,32 @@
"""Add is_blocked attribute on actors
Revision ID: 50d26a370a65
Revises: f5717d82b3ff
Create Date: 2022-07-31 08:15:27.226340+00:00
"""
import sqlalchemy as sa
from alembic import op
# revision identifiers, used by Alembic.
revision = '50d26a370a65'
down_revision = 'f5717d82b3ff'
branch_labels = None
depends_on = None
def upgrade() -> None:
# ### commands auto generated by Alembic - please adjust! ###
with op.batch_alter_table('actor', schema=None) as batch_op:
batch_op.add_column(sa.Column('is_blocked', sa.Boolean(), server_default='0', nullable=False))
# ### end Alembic commands ###
def downgrade() -> None:
# ### commands auto generated by Alembic - please adjust! ###
with op.batch_alter_table('actor', schema=None) as batch_op:
batch_op.drop_column('is_blocked')
# ### end Alembic commands ###

View File

@ -563,11 +563,41 @@ async def admin_actions_follow(
csrf_check: None = Depends(verify_csrf_token),
db_session: AsyncSession = Depends(get_db_session),
) -> RedirectResponse:
print(f"Following {ap_actor_id}")
logger.info(f"Following {ap_actor_id}")
await send_follow(db_session, ap_actor_id)
return RedirectResponse(redirect_url, status_code=302)
@router.post("/actions/block")
async def admin_actions_block(
request: Request,
ap_actor_id: str = Form(),
redirect_url: str = Form(),
csrf_check: None = Depends(verify_csrf_token),
db_session: AsyncSession = Depends(get_db_session),
) -> RedirectResponse:
logger.info(f"Blocking {ap_actor_id}")
actor = await fetch_actor(db_session, ap_actor_id)
actor.is_blocked = True
await db_session.commit()
return RedirectResponse(redirect_url, status_code=302)
@router.post("/actions/unblock")
async def admin_actions_unblock(
request: Request,
ap_actor_id: str = Form(),
redirect_url: str = Form(),
csrf_check: None = Depends(verify_csrf_token),
db_session: AsyncSession = Depends(get_db_session),
) -> RedirectResponse:
logger.info(f"Unblocking {ap_actor_id}")
actor = await fetch_actor(db_session, ap_actor_id)
actor.is_blocked = False
await db_session.commit()
return RedirectResponse(redirect_url, status_code=302)
@router.post("/actions/delete")
async def admin_actions_delete(
request: Request,

View File

@ -1271,6 +1271,10 @@ async def save_to_inbox(
await _process_transient_object(db_session, raw_object, actor)
return None
if actor.is_blocked:
logger.warning("Actor {actor.ap_id} is blocked, ignoring object")
return None
raw_object_id = ap.get_id(raw_object)
forwarded_by_actor = None

View File

@ -51,6 +51,8 @@ class Actor(Base, BaseActor):
handle = Column(String, nullable=True, index=True)
is_blocked = Column(Boolean, nullable=False, default=False, server_default="0")
@property
def is_from_db(self) -> bool:
return True

View File

@ -6,6 +6,24 @@
<input type="hidden" name="redirect_url" value="{{ request.url }}{% if permalink_id %}#{{ permalink_id }}{% endif %}">
{% endmacro %}
{% macro admin_block_button(actor) %}
<form action="{{ request.url_for("admin_actions_block") }}" method="POST">
{{ embed_csrf_token() }}
{{ embed_redirect_url() }}
<input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
<input type="submit" value="block">
</form>
{% endmacro %}
{% macro admin_unblock_button(actor) %}
<form action="{{ request.url_for("admin_actions_unblock") }}" method="POST">
{{ embed_csrf_token() }}
{{ embed_redirect_url() }}
<input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
<input type="submit" value="unblock">
</form>
{% endmacro %}
{% macro admin_follow_button(actor) %}
<form action="{{ request.url_for("admin_actions_follow") }}" method="POST">
{{ embed_csrf_token() }}
@ -217,6 +235,14 @@
{% endif %}
</li>
{% endif %}
{% if actor.is_from_db %}
{% if actor.is_blocked %}
<li>blocked</li>
<li>{{ admin_unblock_button(actor) }}</li>
{% else %}
<li>{{ admin_block_button(actor) }}</li>
{% endif %}
{% endif %}
</ul>
</nav>
</div>

View File

@ -3,6 +3,7 @@ from uuid import uuid4
import httpx
import respx
from fastapi.testclient import TestClient
from sqlalchemy import func
from sqlalchemy import select
from sqlalchemy.orm import Session
@ -248,3 +249,52 @@ def test_inbox__create_already_deleted_object(
).scalar_one_or_none()
is None
)
def test_inbox__actor_is_blocked(
db: Session,
client: TestClient,
respx_mock: respx.MockRouter,
) -> None:
# Given a remote actor
ra = setup_remote_actor(respx_mock)
# Who is also a follower
follower = setup_remote_actor_as_follower(ra)
follower.actor.is_blocked = True
db.commit()
create_activity = factories.build_create_activity(
factories.build_note_object(
from_remote_actor=ra,
outbox_public_id=str(uuid4()),
content="Hello",
to=[LOCAL_ACTOR.ap_id],
)
)
# When receiving a Create activity
ro = RemoteObject(create_activity, ra)
with mock_httpsig_checker(ra):
response = client.post(
"/inbox",
headers={"Content-Type": ap.AS_CTX},
json=ro.ap_object,
)
# Then the server returns a 204
assert response.status_code == 202
# And when processing the incoming activity from a blocked actor
run_async(process_next_incoming_activity)
# Then the Create activity was discarded
assert (
db.scalar(
select(func.count(models.InboxObject.id)).where(
models.InboxObject.ap_type != "Follow"
)
)
== 0
)