-
Notifications
You must be signed in to change notification settings - Fork 85
Expand file tree
/
Copy pathclass-moderation.php
More file actions
426 lines (365 loc) · 12.6 KB
/
class-moderation.php
File metadata and controls
426 lines (365 loc) · 12.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
<?php
/**
* Moderation class file.
*
* @package Activitypub
*/
namespace Activitypub;
use Activitypub\Activity\Activity;
use Activitypub\Activity\Actor;
use Activitypub\Collection\Actors;
use Activitypub\Collection\Blocked_Actors;
/**
* ActivityPub Moderation class.
*
* Handles user-specific blocking and site-wide moderation.
*/
class Moderation {
/**
* Block type constants.
*/
const TYPE_ACTOR = 'actor';
const TYPE_DOMAIN = 'domain';
const TYPE_KEYWORD = 'keyword';
/**
* Post meta key for blocked actors.
*/
const BLOCKED_ACTORS_META_KEY = '_activitypub_blocked_by';
/**
* User meta key for blocked keywords.
*/
const USER_META_KEYS = array(
self::TYPE_DOMAIN => 'activitypub_blocked_domains',
self::TYPE_KEYWORD => 'activitypub_blocked_keywords',
);
/**
* Option key for site-wide blocked keywords.
*/
const OPTION_KEYS = array(
self::TYPE_DOMAIN => 'activitypub_site_blocked_domains',
self::TYPE_KEYWORD => 'activitypub_site_blocked_keywords',
);
/**
* Check if an activity should be blocked for a specific user.
*
* @param Activity $activity The activity.
* @param int|null $user_id The user ID to check blocks for.
* @return bool True if blocked, false otherwise.
*/
public static function activity_is_blocked( $activity, $user_id = null ) {
if ( ! $activity instanceof Activity ) {
return false;
}
// First check site-wide blocks (admin moderation).
if ( self::activity_is_blocked_site_wide( $activity ) ) {
return true;
}
// Then check user-specific blocks.
if ( $user_id && self::activity_is_blocked_for_user( $activity, $user_id ) ) {
return true;
}
$remote_addr = \sanitize_text_field( \wp_unslash( $_SERVER['REMOTE_ADDR'] ?? '' ) );
$user_agent = \sanitize_text_field( \wp_unslash( $_SERVER['HTTP_USER_AGENT'] ?? '' ) );
// Fall back to WordPress comment disallowed list.
return \wp_check_comment_disallowed_list( $activity->to_json( false ), '', '', $activity->get_content(), $remote_addr, $user_agent );
}
/**
* Check if an activity is blocked site-wide.
*
* @param Activity $activity The activity.
* @return bool True if blocked, false otherwise.
*/
public static function activity_is_blocked_site_wide( $activity ) {
$blocks = self::get_site_blocks();
return self::check_activity_against_blocks( $activity, $blocks['actors'], $blocks['domains'], $blocks['keywords'] );
}
/**
* Check if an activity is blocked for a specific user.
*
* @param Activity $activity The activity.
* @param int $user_id The user ID.
* @return bool True if blocked, false otherwise.
*/
public static function activity_is_blocked_for_user( $activity, $user_id ) {
$blocks = self::get_user_blocks( $user_id );
return self::check_activity_against_blocks( $activity, $blocks['actors'], $blocks['domains'], $blocks['keywords'] );
}
/**
* Add a block for a user.
*
* @param int $user_id The user ID.
* @param string $type The block type (actor, domain, keyword).
* @param string $value The value to block.
* @return bool True on success, false on failure.
*/
public static function add_user_block( $user_id, $type, $value ) {
switch ( $type ) {
case self::TYPE_ACTOR:
return Blocked_Actors::add( $user_id, $value );
case self::TYPE_DOMAIN:
case self::TYPE_KEYWORD:
$blocks = \get_user_meta( $user_id, self::USER_META_KEYS[ $type ], true ) ?: array();
if ( ! \in_array( $value, $blocks, true ) ) {
/**
* Fired when a domain or keyword is blocked.
*
* @param string $value The blocked domain or keyword.
* @param string $type The block type (actor, domain, keyword).
* @param int $user_id The user ID.
*/
\do_action( 'activitypub_add_user_block', $value, $type, $user_id );
$blocks[] = $value;
return (bool) \update_user_meta( $user_id, self::USER_META_KEYS[ $type ], $blocks );
}
break;
}
return true; // Already blocked.
}
/**
* Remove a block for a user.
*
* @param int $user_id The user ID.
* @param string $type The block type (actor, domain, keyword).
* @param string $value The value to unblock.
* @return bool True on success, false on failure.
*/
public static function remove_user_block( $user_id, $type, $value ) {
switch ( $type ) {
case self::TYPE_ACTOR:
return Blocked_Actors::remove( $user_id, $value );
case self::TYPE_DOMAIN:
case self::TYPE_KEYWORD:
$blocks = \get_user_meta( $user_id, self::USER_META_KEYS[ $type ], true ) ?: array();
$key = \array_search( $value, $blocks, true );
if ( false !== $key ) {
/**
* Fired when a domain or keyword is unblocked.
*
* @param string $value The unblocked domain or keyword.
* @param string $type The block type (actor, domain, keyword).
* @param int $user_id The user ID.
*/
\do_action( 'activitypub_remove_user_block', $value, $type, $user_id );
unset( $blocks[ $key ] );
return \update_user_meta( $user_id, self::USER_META_KEYS[ $type ], \array_values( $blocks ) );
}
break;
}
return true; // Not blocked anyway.
}
/**
* Get all blocks for a user.
*
* @param int $user_id The user ID.
* @return array Array of blocks organized by type.
*/
public static function get_user_blocks( $user_id ) {
return array(
'actors' => \wp_list_pluck( Blocked_Actors::get_many( $user_id ), 'guid' ),
'domains' => \get_user_meta( $user_id, self::USER_META_KEYS[ self::TYPE_DOMAIN ], true ) ?: array(),
'keywords' => \get_user_meta( $user_id, self::USER_META_KEYS[ self::TYPE_KEYWORD ], true ) ?: array(),
);
}
/**
* Add a site-wide block.
*
* @param string $type The block type (actor, domain, keyword).
* @param string $value The value to block.
* @return bool True on success, false on failure.
*/
public static function add_site_block( $type, $value ) {
switch ( $type ) {
case self::TYPE_ACTOR:
// Site-wide actor blocking uses the BLOG_USER_ID.
return self::add_user_block( Actors::BLOG_USER_ID, self::TYPE_ACTOR, $value );
case self::TYPE_DOMAIN:
case self::TYPE_KEYWORD:
$blocks = \get_option( self::OPTION_KEYS[ $type ], array() );
if ( ! \in_array( $value, $blocks, true ) ) {
/**
* Fired when a domain or keyword is blocked site-wide.
*
* @param string $value The blocked domain or keyword.
* @param string $type The block type (actor, domain, keyword).
*/
\do_action( 'activitypub_add_site_block', $value, $type );
$blocks[] = $value;
return \update_option( self::OPTION_KEYS[ $type ], $blocks );
}
break;
}
return true; // Already blocked.
}
/**
* Add multiple site-wide blocks at once.
*
* More efficient than calling add_site_block() in a loop as it
* performs a single database update.
*
* @param string $type The block type (domain or keyword only).
* @param array $values Array of values to block.
*/
public static function add_site_blocks( $type, $values ) {
if ( ! in_array( $type, array( self::TYPE_DOMAIN, self::TYPE_KEYWORD ), true ) ) {
return;
}
if ( empty( $values ) ) {
return;
}
foreach ( $values as $value ) {
/**
* Fired when a domain or keyword is blocked site-wide.
*
* @param string $value The blocked domain or keyword.
* @param string $type The block type (actor, domain, keyword).
*/
\do_action( 'activitypub_add_site_block', $value, $type );
}
$existing = \get_option( self::OPTION_KEYS[ $type ], array() );
\update_option( self::OPTION_KEYS[ $type ], array_unique( array_merge( $existing, $values ) ) );
}
/**
* Remove a site-wide block.
*
* @param string $type The block type (actor, domain, keyword).
* @param string $value The value to unblock.
* @return bool True on success, false on failure.
*/
public static function remove_site_block( $type, $value ) {
switch ( $type ) {
case self::TYPE_ACTOR:
// Site-wide actor unblocking uses the BLOG_USER_ID.
return self::remove_user_block( Actors::BLOG_USER_ID, self::TYPE_ACTOR, $value );
case self::TYPE_DOMAIN:
case self::TYPE_KEYWORD:
$blocks = \get_option( self::OPTION_KEYS[ $type ], array() );
$key = \array_search( $value, $blocks, true );
if ( false !== $key ) {
/**
* Fired when a domain or keyword is unblocked site-wide.
*
* @param string $value The unblocked domain or keyword.
* @param string $type The block type (actor, domain, keyword).
*/
\do_action( 'activitypub_remove_site_block', $value, $type );
unset( $blocks[ $key ] );
return \update_option( self::OPTION_KEYS[ $type ], \array_values( $blocks ) );
}
break;
}
return true; // Not blocked anyway.
}
/**
* Get all site-wide blocks.
*
* @return array Array of blocks organized by type.
*/
public static function get_site_blocks() {
return array(
'actors' => \wp_list_pluck( Blocked_Actors::get_many( Actors::BLOG_USER_ID ), 'guid' ),
'domains' => \get_option( self::OPTION_KEYS[ self::TYPE_DOMAIN ], array() ),
'keywords' => \get_option( self::OPTION_KEYS[ self::TYPE_KEYWORD ], array() ),
);
}
/**
* Check if an actor is blocked by user or site-wide.
*
* @param string $actor_uri Actor URI to check.
* @param int $user_id Optional. User ID to check user blocks for. Defaults to 0 (site-wide only).
* @return bool True if blocked, false otherwise.
*/
public static function is_actor_blocked( $actor_uri, $user_id = 0 ) {
if ( ! $actor_uri ) {
return false;
}
// Check site-wide blocks.
$site_blocks = self::get_site_blocks();
if ( \in_array( $actor_uri, $site_blocks['actors'], true ) ) {
return true;
}
// Check site-wide domain blocks.
$actor_domain = \wp_parse_url( $actor_uri, PHP_URL_HOST );
if ( $actor_domain && \in_array( $actor_domain, $site_blocks['domains'], true ) ) {
return true;
}
// Check user-specific blocks if user_id is provided.
if ( $user_id > 0 ) {
$user_blocks = self::get_user_blocks( $user_id );
if ( \in_array( $actor_uri, $user_blocks['actors'], true ) ) {
return true;
}
// Check user-specific domain blocks.
if ( $actor_domain && \in_array( $actor_domain, $user_blocks['domains'], true ) ) {
return true;
}
}
return false;
}
/**
* Check activity against blocklists.
*
* @param Activity $activity The activity.
* @param array $blocked_actors List of blocked actors.
* @param array $blocked_domains List of blocked domains.
* @param array $blocked_keywords List of blocked keywords.
* @return bool True if blocked, false otherwise.
*/
private static function check_activity_against_blocks( $activity, $blocked_actors, $blocked_domains, $blocked_keywords ) {
$has_object = \is_object( $activity->get_object() );
// Extract actor information.
$actor_id = object_to_uri( $activity->get_actor() );
// Check blocked actors.
if ( $actor_id ) {
// If actor_id is not a URL, resolve it via webfinger.
if ( ! \str_starts_with( $actor_id, 'http' ) ) {
$resolved_url = Webfinger::resolve( $actor_id );
if ( ! \is_wp_error( $resolved_url ) ) {
$actor_id = $resolved_url;
}
}
if ( \in_array( $actor_id, $blocked_actors, true ) ) {
return true;
}
}
// Check blocked domains.
$urls = array(
\wp_parse_url( $actor_id, PHP_URL_HOST ),
\wp_parse_url( $activity->get_id(), PHP_URL_HOST ),
\wp_parse_url( object_to_uri( $activity->get_object() ) ?? '', PHP_URL_HOST ),
);
foreach ( $blocked_domains as $domain ) {
if ( \in_array( $domain, $urls, true ) ) {
return true;
}
}
// Check blocked keywords in activity content.
if ( $has_object ) {
$object = $activity->get_object();
$content_map = array();
$content_map[] = $object->get_content();
$content_map[] = $object->get_summary();
$content_map[] = $object->get_name();
if ( is_actor( $object ) ) {
/* @var Actor $object Actor object */
$content_map[] = $object->get_preferred_username();
}
if ( \is_array( $object->get_content_map() ) ) {
$content_map = \array_merge( $content_map, \array_values( $object->get_content_map() ) );
}
if ( \is_array( $object->get_summary_map() ) ) {
$content_map = \array_merge( $content_map, \array_values( $object->get_summary_map() ) );
}
if ( \is_array( $object->get_name_map() ) ) {
$content_map = \array_merge( $content_map, \array_values( $object->get_name_map() ) );
}
$content_map = \array_filter( $content_map );
$content = \implode( ' ', $content_map );
foreach ( $blocked_keywords as $keyword ) {
if ( \stripos( $content, $keyword ) !== false ) {
return true;
}
}
}
return false;
}
}