Skip to content

Fix for Peertube federation #6217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Nutomic wants to merge 6 commits into
base: main
Choose a base branch
from
+191 −189
Draft

Fix for Peertube federation #6217

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
d9b1a32
Fix for Peertube federation
Nutomic Dec 5, 2025
631ef19
Merge branch 'main' into fix-peertube-federation2
Nutomic Dec 5, 2025
aa99d60
add comments
Nutomic Dec 5, 2025
0c82182
clippy
Nutomic Dec 5, 2025
71e4f7a
clippy
Nutomic Dec 5, 2025
58c91bf
Merge branch 'main' into fix-peertube-federation2
Nutomic Dec 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion crates/apub/activities/src/block/block_user.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,6 @@ impl Activity for BlockUser {
}
SiteOrCommunity::Right(community) => {
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
verify_mod_action(&self.actor, &community, context).await?;
}
}
Expand Down Expand Up @@ -159,6 +158,7 @@ impl Activity for BlockUser {
notify_mod_action(action.clone(), context);
}
SiteOrCommunity::Right(community) => {
verify_person_in_community(&mod_person, &community, context).await?;
let community_user_ban_form = CommunityPersonBanForm {
ban_expires_at: Some(expires_at),
..CommunityPersonBanForm::new(community.id, blocked_person.id)
Expand Down
8 changes: 5 additions & 3 deletions crates/apub/activities/src/community/announce.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,13 @@ use crate::{
};
use activitypub_federation::{
config::Data,
fetch::object_id::ObjectId,
kinds::activity::AnnounceType,
traits::{Activity, Object},
};
use lemmy_api_utils::context::LemmyContext;
use lemmy_apub_objects::{
objects::community::ApubCommunity,
objects::{community::ApubCommunity, person::ApubPerson},
utils::{
functions::{generate_to, verify_person_in_community, verify_visibility},
protocol::{Id, InCommunity},
Expand Down Expand Up @@ -57,14 +58,15 @@ impl Activity for RawAnnouncableActivities {

// verify and receive activity
activity.verify(context).await?;
let ap_id = activity.actor().clone().into();
let actor_id: ObjectId<ApubPerson> = activity.actor().clone().into();
activity.receive(context).await?;

// if community is local, send activity to followers
if let Some(community) = community
&& community.local
{
verify_person_in_community(&ap_id, &community, context).await?;
let actor = actor_id.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
AnnounceActivity::send(self, &community, context).await?;
}

Expand Down
3 changes: 2 additions & 1 deletion crates/apub/activities/src/community/collection_add.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,8 @@ impl Activity for CollectionAdd {
async fn verify(&self, context: &Data<Self::DataType>) -> LemmyResult<()> {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
verify_mod_action(&self.actor, &community, context).await?;
Ok(())
}
Expand Down
3 changes: 2 additions & 1 deletion crates/apub/activities/src/community/collection_remove.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,8 @@ impl Activity for CollectionRemove {
async fn verify(&self, context: &Data<Self::DataType>) -> LemmyResult<()> {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
verify_mod_action(&self.actor, &community, context).await?;
Ok(())
}
Expand Down
6 changes: 4 additions & 2 deletions crates/apub/activities/src/community/lock.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,8 @@ impl Activity for LockPageOrNote {
async fn verify(&self, context: &Data<Self::DataType>) -> Result<(), Self::Error> {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
check_community_deleted_or_removed(&community)?;
verify_mod_action(&self.actor, &community, context).await?;
Ok(())
Expand Down Expand Up @@ -101,7 +102,8 @@ impl Activity for UndoLockPageOrNote {
async fn verify(&self, context: &Data<Self::DataType>) -> Result<(), Self::Error> {
let community = self.object.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
check_community_deleted_or_removed(&community)?;
verify_mod_action(&self.actor, &community, context).await?;
Ok(())
Expand Down
3 changes: 2 additions & 1 deletion crates/apub/activities/src/community/update.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,8 @@ impl Activity for Update {
Either::Left(c) => {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
verify_mod_action(&self.actor, &community, context).await?;
ApubCommunity::verify(c, &community.ap_id.clone().into(), context).await?;
}
Expand Down
6 changes: 4 additions & 2 deletions crates/apub/activities/src/create_or_update/comment.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,6 @@ impl Activity for CreateOrUpdateNote {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;

verify_person_in_community(&self.actor, &community, context).await?;
verify_domains_match(self.actor.inner(), self.object.id.inner())?;
check_community_deleted_or_removed(&community)?;
check_post_deleted_or_removed(&post)?;
Expand All @@ -142,6 +141,10 @@ impl Activity for CreateOrUpdateNote {
check_is_mod_or_admin(&mut context.pool(), creator.id, post.community_id).await?;
}

let actor = self.actor.dereference(context).await?;
let community = self.community(context).await?;
verify_person_in_community(&actor, &community, context).await?;

let comment = ApubComment::from_json(self.object, context).await?;

// author likes their own comment by default
Expand All @@ -153,7 +156,6 @@ impl Activity for CreateOrUpdateNote {

let do_send_email =
self.kind == CreateOrUpdateType::Create && !site_view.local_site.disable_email_notifications;
let actor = self.actor.dereference(context).await?;

// Note:
// Although mentions could be gotten from the post tags (they are included there), or the ccs,
Expand Down
9 changes: 6 additions & 3 deletions crates/apub/activities/src/create_or_update/post.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,15 +102,19 @@ impl Activity for CreateOrUpdatePage {
async fn verify(&self, context: &Data<LemmyContext>) -> LemmyResult<()> {
let community = self.community(context).await?;
verify_visibility(&self.to, &self.cc, &community)?;
verify_person_in_community(&self.actor, &community, context).await?;
check_community_deleted_or_removed(&community)?;
verify_domains_match(self.actor.inner(), self.object.id.inner())?;
ApubPost::verify(&self.object, self.actor.inner(), context).await?;
Ok(())
}

async fn receive(self, context: &Data<LemmyContext>) -> LemmyResult<()> {
if verify_urls_match(self.actor.inner(), self.object.creator()?.inner()).is_err()
let community = self.community(context).await?;
let object_actor = self.object.creator(context).await?;
verify_urls_match(self.actor.inner(), object_actor.ap_id.inner())?;
verify_person_in_community(&object_actor, &community, context).await?;

if verify_urls_match(self.actor.inner(), object_actor.ap_id.inner()).is_err()
&& verify_is_remote_object(&self.object.id, context).is_err()
{
if let Ok(post) = self.object.id.dereference_local(context).await {
Expand Down Expand Up @@ -140,7 +144,6 @@ impl Activity for CreateOrUpdatePage {
return Ok(());
}

verify_urls_match(self.actor.inner(), self.object.creator()?.inner())?;
let site_view = SiteView::read_local(&mut context.pool()).await?;

let post = ApubPost::from_json(self.object, context).await?;
Expand Down
13 changes: 7 additions & 6 deletions crates/apub/activities/src/deletion/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -182,13 +182,14 @@ pub(crate) async fn verify_delete_activity(
context: &Data<LemmyContext>,
) -> LemmyResult<()> {
let object = DeletableObjects::read_from_db(activity.object.id(), context).await?;
let actor = activity.actor.dereference(context).await?;
match object {
DeletableObjects::Community(community) => {
verify_visibility(&activity.to, &[], &community)?;
if community.local {
// can only do this check for local community, in remote case it would try to fetch the
// deleted community (which fails)
verify_person_in_community(&activity.actor, &community, context).await?;
verify_person_in_community(&actor, &community, context).await?;
}
// community deletion is always a mod (or admin) action
verify_mod_action(&activity.actor, &community, context).await?;
Expand All @@ -202,7 +203,7 @@ pub(crate) async fn verify_delete_activity(
let community = activity.community(context).await?;
verify_visibility(&activity.to, &[], &community)?;
verify_delete_post_or_comment(
&activity.actor,
&actor,
&p.ap_id.clone().into(),
&community,
is_mod_action,
Expand All @@ -214,7 +215,7 @@ pub(crate) async fn verify_delete_activity(
let community = activity.community(context).await?;
verify_visibility(&activity.to, &[], &community)?;
verify_delete_post_or_comment(
&activity.actor,
&actor,
&c.ap_id.clone().into(),
&community,
is_mod_action,
Expand All @@ -231,18 +232,18 @@ pub(crate) async fn verify_delete_activity(
}

async fn verify_delete_post_or_comment(
actor: &ObjectId<ApubPerson>,
actor: &ApubPerson,
object_id: &Url,
community: &ApubCommunity,
is_mod_action: bool,
context: &Data<LemmyContext>,
) -> LemmyResult<()> {
verify_person_in_community(actor, community, context).await?;
if is_mod_action {
verify_mod_action(actor, community, context).await?;
verify_mod_action(&actor.ap_id.clone().into(), community, context).await?;
} else {
// domain of post ap_id and post.creator ap_id are identical, so we just check the former
verify_domains_match(actor.inner(), object_id)?;
verify_domains_match(actor.ap_id.inner(), object_id)?;
}
Ok(())
}
Expand Down
3 changes: 1 addition & 2 deletions crates/apub/activities/src/deletion/undo_delete.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use crate::{
deletion::{DeletableObjects, receive_delete_action, verify_delete_activity},
deletion::{DeletableObjects, receive_delete_action},
generate_activity_id,
protocol::deletion::{delete::Delete, undo_delete::UndoDelete},
};
Expand Down Expand Up @@ -32,7 +32,6 @@ impl Activity for UndoDelete {

async fn verify(&self, data: &Data<Self::DataType>) -> Result<(), Self::Error> {
self.object.verify(data).await?;
verify_delete_activity(&self.object, self.object.summary.is_some(), data).await?;
Ok(())
}

Expand Down
4 changes: 2 additions & 2 deletions crates/apub/activities/src/voting/undo_vote.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,15 @@ impl Activity for UndoVote {
}

async fn verify(&self, context: &Data<LemmyContext>) -> LemmyResult<()> {
let community = self.object.community(context).await?;
verify_person_in_community(&self.actor, &community, context).await?;
verify_urls_match(self.actor.inner(), self.object.actor.inner())?;
self.object.verify(context).await?;
Ok(())
}

async fn receive(self, context: &Data<LemmyContext>) -> LemmyResult<()> {
let community = self.object.community(context).await?;
let actor = self.actor.dereference(context).await?;
verify_person_in_community(&actor, &community, context).await?;
let object = self.object.object.dereference(context).await?;
match object {
PostOrComment::Left(p) => undo_vote_post(actor, &p, context).await,
Expand Down
7 changes: 4 additions & 3 deletions crates/apub/activities/src/voting/vote.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,15 +49,16 @@ impl Activity for Vote {
self.actor.inner()
}

async fn verify(&self, context: &Data<LemmyContext>) -> LemmyResult<()> {
let community = self.community(context).await?;
verify_person_in_community(&self.actor, &community, context).await?;
async fn verify(&self, _context: &Data<LemmyContext>) -> LemmyResult<()> {
Ok(())
}

async fn receive(self, context: &Data<LemmyContext>) -> LemmyResult<()> {
let actor = self.actor.dereference(context).await?;
let object = self.object.dereference(context).await?;
let community = self.community(context).await?;

verify_person_in_community(&actor, &community, context).await?;

check_bot_account(&actor.0)?;

Expand Down
Loading