2024-03-25 21:48:58 +01:00
|
|
|
use axum::{extract::{Path, Query, State}, http::StatusCode, Json};
|
2024-03-27 04:00:27 +01:00
|
|
|
use sea_orm::{sea_query::Expr, ColumnTrait, Condition, EntityTrait, IntoActiveModel, Order, QueryFilter, QueryOrder, QuerySelect, Set};
|
2024-03-23 04:31:48 +01:00
|
|
|
|
2024-03-28 04:47:49 +01:00
|
|
|
use crate::{activitypub::{activity::ap_activity, jsonld::LD, JsonLD, Pagination, PUBLIC_TARGET}, activitystream::{object::{activity::{Activity, ActivityType}, collection::{page::CollectionPageMut, CollectionMut, CollectionType}, Addressed, Object, ObjectType}, Base, BaseMut, BaseType, Node}, auth::{AuthIdentity, Identity}, errors::{LoggableError, UpubError}, model, server::Context, url};
|
2024-03-25 21:48:58 +01:00
|
|
|
|
|
|
|
pub async fn get(
|
|
|
|
State(ctx): State<Context>,
|
|
|
|
Path(id): Path<String>,
|
|
|
|
AuthIdentity(auth): AuthIdentity,
|
|
|
|
) -> Result<JsonLD<serde_json::Value>, StatusCode> {
|
|
|
|
match auth {
|
|
|
|
Identity::Anonymous => Err(StatusCode::FORBIDDEN),
|
|
|
|
Identity::Remote(_) => Err(StatusCode::FORBIDDEN),
|
|
|
|
Identity::Local(user) => if ctx.uid(id.clone()) == user {
|
2024-03-28 04:52:17 +01:00
|
|
|
Ok(JsonLD(ctx.ap_collection(&url!(ctx, "/users/{id}/inbox"), None).ld_context()))
|
2024-03-25 21:48:58 +01:00
|
|
|
} else {
|
|
|
|
Err(StatusCode::FORBIDDEN)
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
pub async fn page(
|
|
|
|
State(ctx): State<Context>,
|
|
|
|
Path(id): Path<String>,
|
|
|
|
AuthIdentity(auth): AuthIdentity,
|
|
|
|
Query(page): Query<Pagination>,
|
2024-03-28 04:52:17 +01:00
|
|
|
) -> crate::Result<JsonLD<serde_json::Value>> {
|
2024-03-25 21:48:58 +01:00
|
|
|
let uid = ctx.uid(id.clone());
|
|
|
|
match auth {
|
2024-03-28 04:52:17 +01:00
|
|
|
Identity::Anonymous => Err(StatusCode::FORBIDDEN.into()),
|
|
|
|
Identity::Remote(_) => Err(StatusCode::FORBIDDEN.into()),
|
2024-03-25 21:48:58 +01:00
|
|
|
Identity::Local(user) => if uid == user {
|
|
|
|
let limit = page.batch.unwrap_or(20).min(50);
|
|
|
|
let offset = page.offset.unwrap_or(0);
|
|
|
|
match model::addressing::Entity::find()
|
2024-03-28 04:52:17 +01:00
|
|
|
.filter(Condition::all().add(model::addressing::Column::Actor.eq(uid)))
|
2024-03-25 21:48:58 +01:00
|
|
|
.order_by(model::addressing::Column::Published, Order::Asc)
|
|
|
|
.find_also_related(model::activity::Entity)
|
|
|
|
.limit(limit)
|
|
|
|
.offset(offset)
|
|
|
|
.all(ctx.db())
|
|
|
|
.await
|
|
|
|
{
|
|
|
|
Ok(activities) => {
|
2024-03-28 04:52:17 +01:00
|
|
|
Ok(JsonLD(
|
|
|
|
ctx.ap_collection_page(
|
|
|
|
&url!(ctx, "/users/{id}/inbox/page"),
|
|
|
|
offset, limit,
|
2024-03-25 21:48:58 +01:00
|
|
|
activities
|
|
|
|
.into_iter()
|
2024-03-28 04:52:17 +01:00
|
|
|
.filter_map(|(_, a)| Some(Node::object(ap_activity(a?))))
|
|
|
|
.collect::<Vec<Node<serde_json::Value>>>()
|
|
|
|
).ld_context()
|
2024-03-25 21:48:58 +01:00
|
|
|
))
|
|
|
|
},
|
|
|
|
Err(e) => {
|
|
|
|
tracing::error!("failed paginating user inbox for {id}: {e}");
|
2024-03-28 04:52:17 +01:00
|
|
|
Err(StatusCode::INTERNAL_SERVER_ERROR.into())
|
2024-03-25 21:48:58 +01:00
|
|
|
},
|
|
|
|
}
|
|
|
|
} else {
|
2024-03-28 04:52:17 +01:00
|
|
|
Err(StatusCode::FORBIDDEN.into())
|
2024-03-25 21:48:58 +01:00
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
2024-03-23 04:31:48 +01:00
|
|
|
|
2024-03-25 02:00:57 +01:00
|
|
|
pub async fn post(
|
2024-03-23 04:31:48 +01:00
|
|
|
State(ctx): State<Context>,
|
|
|
|
Path(_id): Path<String>,
|
|
|
|
Json(object): Json<serde_json::Value>
|
2024-03-27 04:00:27 +01:00
|
|
|
) -> Result<(), UpubError> {
|
2024-03-23 04:31:48 +01:00
|
|
|
match object.base_type() {
|
2024-03-27 04:00:27 +01:00
|
|
|
None => { Err(StatusCode::BAD_REQUEST.into()) },
|
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Link(_x)) => {
|
|
|
|
tracing::warn!("skipping remote activity: {}", serde_json::to_string_pretty(&object).unwrap());
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // we could but not yet
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Activity))) => {
|
|
|
|
tracing::warn!("skipping unprocessable base activity: {}", serde_json::to_string_pretty(&object).unwrap());
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Delete))) => {
|
|
|
|
// TODO verify the signature before just deleting lmao
|
|
|
|
let oid = object.object().id().ok_or(StatusCode::BAD_REQUEST)?.to_string();
|
|
|
|
// TODO maybe we should keep the tombstone?
|
|
|
|
model::user::Entity::delete_by_id(&oid).exec(ctx.db()).await.info_failed("failed deleting from users");
|
|
|
|
model::activity::Entity::delete_by_id(&oid).exec(ctx.db()).await.info_failed("failed deleting from activities");
|
|
|
|
model::object::Entity::delete_by_id(&oid).exec(ctx.db()).await.info_failed("failed deleting from objects");
|
2024-03-27 04:00:27 +01:00
|
|
|
Ok(())
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Follow))) => {
|
2024-03-27 04:00:27 +01:00
|
|
|
let activity_targets = object.addressed();
|
|
|
|
let activity_entity = model::activity::Model::new(&object)?;
|
|
|
|
let aid = activity_entity.id.clone();
|
2024-03-23 04:31:48 +01:00
|
|
|
tracing::info!("{} wants to follow {}", activity_entity.actor, activity_entity.object.as_deref().unwrap_or("<no-one???>"));
|
2024-03-27 04:00:27 +01:00
|
|
|
model::activity::Entity::insert(activity_entity.into_active_model())
|
|
|
|
.exec(ctx.db()).await?;
|
|
|
|
ctx.address_to(&aid, None, &activity_targets).await?;
|
|
|
|
Ok(())
|
|
|
|
},
|
|
|
|
|
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Accept(_)))) => {
|
|
|
|
// TODO what about TentativeAccept
|
|
|
|
let activity_model = model::activity::Model::new(&object)?;
|
|
|
|
let Some(follow_request_id) = activity_model.object else {
|
|
|
|
return Err(StatusCode::BAD_REQUEST.into());
|
|
|
|
};
|
|
|
|
let Some(follow_activity) = model::activity::Entity::find_by_id(follow_request_id)
|
|
|
|
.one(ctx.db()).await?
|
|
|
|
else {
|
|
|
|
return Err(StatusCode::NOT_FOUND.into());
|
|
|
|
};
|
|
|
|
if follow_activity.object.unwrap_or("".into()) != activity_model.actor {
|
|
|
|
return Err(StatusCode::FORBIDDEN.into());
|
|
|
|
}
|
|
|
|
|
2024-03-27 04:40:50 +01:00
|
|
|
tracing::info!("{} accepted follow request by {}", activity_model.actor, follow_activity.actor);
|
|
|
|
|
2024-03-27 04:00:27 +01:00
|
|
|
model::relation::Entity::insert(
|
|
|
|
model::relation::ActiveModel {
|
|
|
|
follower: Set(follow_activity.actor),
|
|
|
|
following: Set(activity_model.actor),
|
|
|
|
..Default::default()
|
|
|
|
}
|
|
|
|
).exec(ctx.db()).await?;
|
|
|
|
|
|
|
|
ctx.address_to(&activity_model.id, None, &object.addressed()).await?;
|
|
|
|
Ok(())
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Reject(_)))) => {
|
|
|
|
// TODO what about TentativeReject?
|
|
|
|
let activity_model = model::activity::Model::new(&object)?;
|
|
|
|
let Some(follow_request_id) = activity_model.object else {
|
|
|
|
return Err(StatusCode::BAD_REQUEST.into());
|
|
|
|
};
|
|
|
|
let Some(follow_activity) = model::activity::Entity::find_by_id(follow_request_id)
|
|
|
|
.one(ctx.db()).await?
|
|
|
|
else {
|
|
|
|
return Err(StatusCode::NOT_FOUND.into());
|
|
|
|
};
|
|
|
|
if follow_activity.object.unwrap_or("".into()) != activity_model.actor {
|
|
|
|
return Err(StatusCode::FORBIDDEN.into());
|
|
|
|
}
|
2024-03-27 04:40:50 +01:00
|
|
|
tracing::info!("{} rejected follow request by {}", activity_model.actor, follow_activity.actor);
|
2024-03-27 04:00:27 +01:00
|
|
|
ctx.address_to(&activity_model.id, None, &object.addressed()).await?;
|
|
|
|
Ok(())
|
|
|
|
},
|
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Like))) => {
|
|
|
|
let aid = object.actor().id().ok_or(StatusCode::BAD_REQUEST)?.to_string();
|
|
|
|
let oid = object.object().id().ok_or(StatusCode::BAD_REQUEST)?.to_string();
|
|
|
|
let like = model::like::ActiveModel {
|
|
|
|
id: sea_orm::ActiveValue::NotSet,
|
|
|
|
actor: sea_orm::Set(aid.clone()),
|
|
|
|
likes: sea_orm::Set(oid.clone()),
|
|
|
|
date: sea_orm::Set(chrono::Utc::now()),
|
|
|
|
};
|
|
|
|
match model::like::Entity::insert(like).exec(ctx.db()).await {
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(sea_orm::DbErr::RecordNotInserted) => Err(StatusCode::NOT_MODIFIED.into()),
|
|
|
|
Err(sea_orm::DbErr::Exec(_)) => Err(StatusCode::NOT_MODIFIED.into()), // bad fix for sqlite
|
2024-03-23 04:31:48 +01:00
|
|
|
Err(e) => {
|
|
|
|
tracing::error!("unexpected error procesing like from {aid} to {oid}: {e}");
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(StatusCode::INTERNAL_SERVER_ERROR.into())
|
2024-03-23 04:31:48 +01:00
|
|
|
}
|
|
|
|
Ok(_) => {
|
2024-03-27 04:00:27 +01:00
|
|
|
model::object::Entity::update_many()
|
2024-03-23 04:31:48 +01:00
|
|
|
.col_expr(model::object::Column::Likes, Expr::col(model::object::Column::Likes).add(1))
|
|
|
|
.filter(model::object::Column::Id.eq(oid.clone()))
|
|
|
|
.exec(ctx.db())
|
2024-03-27 04:00:27 +01:00
|
|
|
.await?;
|
|
|
|
tracing::info!("{} liked {}", aid, oid);
|
|
|
|
Ok(())
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
|
|
|
}
|
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Create))) => {
|
2024-03-27 04:00:27 +01:00
|
|
|
let activity_model = model::activity::Model::new(&object)?;
|
|
|
|
let activity_targets = object.addressed();
|
|
|
|
let Some(object_node) = object.object().get() else {
|
2024-03-23 04:31:48 +01:00
|
|
|
// TODO we could process non-embedded activities or arrays but im lazy rn
|
|
|
|
tracing::error!("refusing to process activity without embedded object: {}", serde_json::to_string_pretty(&object).unwrap());
|
2024-03-27 04:00:27 +01:00
|
|
|
return Err(StatusCode::UNPROCESSABLE_ENTITY.into());
|
2024-03-23 04:31:48 +01:00
|
|
|
};
|
2024-03-27 04:00:27 +01:00
|
|
|
let object_model = model::object::Model::new(&object_node)?;
|
|
|
|
let aid = activity_model.id.clone();
|
|
|
|
let oid = object_model.id.clone();
|
|
|
|
model::object::Entity::insert(object_model.into_active_model()).exec(ctx.db()).await?;
|
|
|
|
model::activity::Entity::insert(activity_model.into_active_model()).exec(ctx.db()).await?;
|
|
|
|
ctx.address_to(&aid, Some(&oid), &activity_targets).await?;
|
|
|
|
tracing::info!("{} posted {}", aid, oid);
|
|
|
|
Ok(())
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-28 04:47:49 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(ActivityType::Update))) => {
|
|
|
|
let activity_model = model::activity::Model::new(&object)?;
|
|
|
|
let activity_targets = object.addressed();
|
|
|
|
let Some(object_node) = object.object().get() else {
|
|
|
|
// TODO we could process non-embedded activities or arrays but im lazy rn
|
|
|
|
tracing::error!("refusing to process activity without embedded object: {}", serde_json::to_string_pretty(&object).unwrap());
|
|
|
|
return Err(StatusCode::UNPROCESSABLE_ENTITY.into());
|
|
|
|
};
|
|
|
|
let aid = activity_model.id.clone();
|
|
|
|
let Some(oid) = object_node.id().map(|x| x.to_string()) else {
|
|
|
|
return Err(StatusCode::BAD_REQUEST.into());
|
|
|
|
};
|
|
|
|
model::activity::Entity::insert(activity_model.into_active_model()).exec(ctx.db()).await?;
|
|
|
|
match object_node.object_type() {
|
|
|
|
Some(ObjectType::Actor(_)) => {
|
|
|
|
// TODO oof here is an example of the weakness of this model, we have to go all the way
|
|
|
|
// back up to serde_json::Value because impl Object != impl Actor
|
|
|
|
let actor_model = model::user::Model::new(&object_node.underlying_json_object())?;
|
|
|
|
model::user::Entity::update(actor_model.into_active_model())
|
|
|
|
.exec(ctx.db()).await?;
|
|
|
|
},
|
|
|
|
Some(ObjectType::Note) => {
|
|
|
|
let object_model = model::object::Model::new(&object_node)?;
|
|
|
|
model::object::Entity::update(object_model.into_active_model())
|
|
|
|
.exec(ctx.db()).await?;
|
|
|
|
},
|
|
|
|
Some(t) => tracing::warn!("no side effects implemented for update type {t:?}"),
|
|
|
|
None => tracing::warn!("empty type on embedded updated object"),
|
|
|
|
}
|
|
|
|
ctx.address_to(&aid, Some(&oid), &activity_targets).await?;
|
|
|
|
tracing::info!("{} updated {}", aid, oid);
|
|
|
|
Ok(())
|
|
|
|
},
|
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(BaseType::Object(ObjectType::Activity(_x))) => {
|
|
|
|
tracing::info!("received unimplemented activity on inbox: {}", serde_json::to_string_pretty(&object).unwrap());
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(StatusCode::NOT_IMPLEMENTED.into())
|
2024-03-23 04:31:48 +01:00
|
|
|
},
|
2024-03-27 04:00:27 +01:00
|
|
|
|
2024-03-23 04:31:48 +01:00
|
|
|
Some(_x) => {
|
|
|
|
tracing::warn!("ignoring non-activity object in inbox: {}", serde_json::to_string_pretty(&object).unwrap());
|
2024-03-27 04:00:27 +01:00
|
|
|
Err(StatusCode::UNPROCESSABLE_ENTITY.into())
|
2024-03-23 04:31:48 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|