Merge branch 'fix-receving-tombstones' into 'master'

Fix checking origin from a tombstone

See merge request framasoft/mobilizon!1021

lib/federation/activity_pub/audience.ex

@@ -37,6 +37,11 @@ defmodule Mobilizon.Federation.ActivityPub.Audience do
     %{"to" => maybe_add_group_members([], actor), "cc" => []}
   end
 
+  # Deleted comments are just like tombstones
+  def get_audience(%Comment{deleted_at: deleted_at}) when not is_nil(deleted_at) do
+    %{"to" => [@ap_public], "cc" => []}
+  end
+
   def get_audience(%Comment{discussion: %Discussion{} = discussion}) do
     get_audience(discussion)
   end

lib/federation/activity_pub/fetcher.ex

@@ -142,7 +142,7 @@ defmodule Mobilizon.Federation.ActivityPub.Fetcher do
       true
     else
       Sentry.capture_message("Object origin check failed", extra: %{url: url, data: data})
-      Logger.debug("Object origin check failed")
+      Logger.debug("Object origin check failed between #{inspect(url)} and #{inspect(data)}")
       false
     end
   end

lib/federation/activity_pub/transmogrifier.ex

@@ -1110,6 +1110,10 @@ defmodule Mobilizon.Federation.ActivityPub.Transmogrifier do
       {:error, error_message, object} when error_message in ["Gone", "Not found"] ->
         {:ok, object}
 
+      # comments are just emptied
+      {:ok, %Comment{deleted_at: deleted_at} = object} when not is_nil(deleted_at) ->
+        {:ok, object}
+
       {:ok, %{url: url} = object} ->
         if Utils.are_same_origin?(url, Endpoint.url()),
           do: {:ok, object},

lib/federation/activity_pub/utils.ex

@@ -239,6 +239,8 @@ defmodule Mobilizon.Federation.ActivityPub.Utils do
 
   Takes the actor or attributedTo attributes (considers only the first elem if they're an array)
   """
+  def origin_check?(id, %{"type" => "Tombstone", "id" => tombstone_id}), do: id == tombstone_id
+
   def origin_check?(id, %{"actor" => actor, "attributedTo" => _attributed_to} = params)
       when not is_nil(actor) and actor != "" do
     params = Map.delete(params, "attributedTo")

test/federation/activity_pub/utils_test.exs

@@ -5,6 +5,7 @@ defmodule Mobilizon.Federation.ActivityPub.UtilsTest do
 
   import Mobilizon.Factory
 
+  alias Mobilizon.Federation.ActivityPub.Utils
   alias Mobilizon.Federation.ActivityStream.Converter
 
   alias Mobilizon.Web.Endpoint
@@ -51,4 +52,13 @@ defmodule Mobilizon.Federation.ActivityPub.UtilsTest do
       assert comment_data["inReplyTo"] == comment.url
     end
   end
+
+  describe "origin_check?" do
+    test "origin_check? with a tombstone" do
+      assert Utils.origin_check?("http://an_uri", %{
+               "type" => "Tombstone",
+               "id" => "http://an_uri"
+             })
+    end
+  end
 end