Add support for blocking actors

2022-07-31 10:35:11 +02:00 · 2022-07-31 10:35:11 +02:00 · cc086f3264
parent 7782a39638
commit cc086f3264
6 changed files with 148 additions and 4 deletions
--- a/alembic/versions/2022_07_31_0815-50d26a370a65_add_is_blocked_attribute_on_actors.py
+++ b/alembic/versions/2022_07_31_0815-50d26a370a65_add_is_blocked_attribute_on_actors.py
@ -0,0 +1,32 @@
+"""Add is_blocked attribute on actors
+
+Revision ID: 50d26a370a65
+Revises: f5717d82b3ff
+Create Date: 2022-07-31 08:15:27.226340+00:00
+
+"""
+import sqlalchemy as sa
+
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision = '50d26a370a65'
+down_revision = 'f5717d82b3ff'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('actor', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('is_blocked', sa.Boolean(), server_default='0', nullable=False))
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('actor', schema=None) as batch_op:
+        batch_op.drop_column('is_blocked')
+
+    # ### end Alembic commands ###
--- a/app/admin.py
+++ b/app/admin.py
@ -563,11 +563,41 @@ async def admin_actions_follow(
    csrf_check: None = Depends(verify_csrf_token),
    db_session: AsyncSession = Depends(get_db_session),
 ) -> RedirectResponse:
-    print(f"Following {ap_actor_id}")
+    logger.info(f"Following {ap_actor_id}")
    await send_follow(db_session, ap_actor_id)
    return RedirectResponse(redirect_url, status_code=302)


+@router.post("/actions/block")
+async def admin_actions_block(
+    request: Request,
+    ap_actor_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db_session: AsyncSession = Depends(get_db_session),
+) -> RedirectResponse:
+    logger.info(f"Blocking {ap_actor_id}")
+    actor = await fetch_actor(db_session, ap_actor_id)
+    actor.is_blocked = True
+    await db_session.commit()
+    return RedirectResponse(redirect_url, status_code=302)
+
+
+@router.post("/actions/unblock")
+async def admin_actions_unblock(
+    request: Request,
+    ap_actor_id: str = Form(),
+    redirect_url: str = Form(),
+    csrf_check: None = Depends(verify_csrf_token),
+    db_session: AsyncSession = Depends(get_db_session),
+) -> RedirectResponse:
+    logger.info(f"Unblocking {ap_actor_id}")
+    actor = await fetch_actor(db_session, ap_actor_id)
+    actor.is_blocked = False
+    await db_session.commit()
+    return RedirectResponse(redirect_url, status_code=302)
+
+
@router.post("/actions/delete")
 async def admin_actions_delete(
    request: Request,
--- a/app/boxes.py
+++ b/app/boxes.py
@ -1271,6 +1271,10 @@ async def save_to_inbox(
        await _process_transient_object(db_session, raw_object, actor)
        return None

+    if actor.is_blocked:
+        logger.warning("Actor {actor.ap_id} is blocked, ignoring object")
+        return None
+
    raw_object_id = ap.get_id(raw_object)
    forwarded_by_actor = None

--- a/app/models.py
+++ b/app/models.py
@ -51,6 +51,8 @@ class Actor(Base, BaseActor):

    handle = Column(String, nullable=True, index=True)

+    is_blocked = Column(Boolean, nullable=False, default=False, server_default="0")
+
    @property
    def is_from_db(self) -> bool:
        return True
--- a/app/templates/utils.html
+++ b/app/templates/utils.html
@ -6,6 +6,24 @@
 <input type="hidden" name="redirect_url" value="{{ request.url }}{% if permalink_id %}#{{ permalink_id }}{% endif %}">
 {% endmacro %}

+{% macro admin_block_button(actor) %}
+<form action="{{ request.url_for("admin_actions_block") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
+    <input type="submit" value="block">
+</form>
+{% endmacro %}
+
+{% macro admin_unblock_button(actor) %}
+<form action="{{ request.url_for("admin_actions_unblock") }}" method="POST">
+    {{ embed_csrf_token() }}
+    {{ embed_redirect_url() }}
+    <input type="hidden" name="ap_actor_id" value="{{ actor.ap_id }}">
+    <input type="submit" value="unblock">
+</form>
+{% endmacro %}
+
 {% macro admin_follow_button(actor) %}
 <form action="{{ request.url_for("admin_actions_follow") }}" method="POST">
    {{ embed_csrf_token() }}
@ -217,6 +235,14 @@
                {% endif %}
                </li>
            {% endif %}
+            {% if actor.is_from_db %}
+                {% if actor.is_blocked %}
+                    <li>blocked</li>
+                    <li>{{ admin_unblock_button(actor) }}</li>
+                {% else %}
+                    <li>{{ admin_block_button(actor) }}</li>
+                {% endif %}
+            {% endif %}
        </ul>
    </nav>
 </div>
@ -255,11 +281,11 @@
 <div class="activity-og-meta" style="display:flex;column-gap: 20px;margin:20px 0;">
    {% if og_meta.image %}
    <div>
-    <img src="{{ og_meta.image | media_proxy_url }}" style="max-width:200px;max-height:100px;">
+        <img src="{{ og_meta.image | media_proxy_url }}" style="max-width:200px;max-height:100px;">
    </div>
    <div>
-    <a href="{{ og_meta.url }}">{{ og_meta.title }}</a>
-    <small style="display:block;">{{ og_meta.site_name }}</small>
+        <a href="{{ og_meta.url }}">{{ og_meta.title }}</a>
+        <small style="display:block;">{{ og_meta.site_name }}</small>
    </div>
    {% endif %}
 </div>
--- a/tests/test_inbox.py
+++ b/tests/test_inbox.py
@ -3,6 +3,7 @@ from uuid import uuid4
 import httpx
 import respx
 from fastapi.testclient import TestClient
+from sqlalchemy import func
 from sqlalchemy import select
 from sqlalchemy.orm import Session

@ -248,3 +249,52 @@ def test_inbox__create_already_deleted_object(
        ).scalar_one_or_none()
        is None
    )
+
+
+def test_inbox__actor_is_blocked(
+    db: Session,
+    client: TestClient,
+    respx_mock: respx.MockRouter,
+) -> None:
+    # Given a remote actor
+    ra = setup_remote_actor(respx_mock)
+
+    # Who is also a follower
+    follower = setup_remote_actor_as_follower(ra)
+    follower.actor.is_blocked = True
+    db.commit()
+
+    create_activity = factories.build_create_activity(
+        factories.build_note_object(
+            from_remote_actor=ra,
+            outbox_public_id=str(uuid4()),
+            content="Hello",
+            to=[LOCAL_ACTOR.ap_id],
+        )
+    )
+
+    # When receiving a Create activity
+    ro = RemoteObject(create_activity, ra)
+
+    with mock_httpsig_checker(ra):
+        response = client.post(
+            "/inbox",
+            headers={"Content-Type": ap.AS_CTX},
+            json=ro.ap_object,
+        )
+
+    # Then the server returns a 204
+    assert response.status_code == 202
+
+    # And when processing the incoming activity from a blocked actor
+    run_async(process_next_incoming_activity)
+
+    # Then the Create activity was discarded
+    assert (
+        db.scalar(
+            select(func.count(models.InboxObject.id)).where(
+                models.InboxObject.ap_type != "Follow"
+            )
+        )
+        == 0
+    )