From e600fbed0f59d76248ba6fbf41051c705ac0d6f0 Mon Sep 17 00:00:00 2001 From: alemi Date: Sun, 29 Dec 2024 03:31:59 +0100 Subject: [PATCH] feat: more federation policies also allow to prevent access via http signatures or straight out reject all fetches. note that this last option is rather ineffective as remotes can just fetch public objects anonimously --- upub/core/src/config.rs | 6 ++++++ upub/routes/src/auth.rs | 14 ++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/upub/core/src/config.rs b/upub/core/src/config.rs index c51477b..7a38f98 100644 --- a/upub/core/src/config.rs +++ b/upub/core/src/config.rs @@ -136,6 +136,12 @@ pub struct RejectConfig { #[serde(default)] pub delivery: Vec, + + #[serde(default)] + pub fetch: Vec, + + #[serde(default)] + pub access: Vec, } impl Config { diff --git a/upub/routes/src/auth.rs b/upub/routes/src/auth.rs index fbff387..1136cad 100644 --- a/upub/routes/src/auth.rs +++ b/upub/routes/src/auth.rs @@ -150,10 +150,16 @@ where return Err(ApiError::unauthorized()); } - let internal = upub::model::instance::Entity::domain_to_internal(&user.domain, ctx.db()) - .await? - .ok_or_else(ApiError::internal_server_error)?; // user but not their domain??? - identity = Identity::Remote { user: user.id, domain: user.domain, internal }; + if ctx.cfg().reject.fetch.contains(&user.domain) { + return Err(ApiError::Status(axum::http::StatusCode::UNAVAILABLE_FOR_LEGAL_REASONS)); + } + + if !ctx.cfg().reject.access.contains(&user.domain) { + let internal = upub::model::instance::Entity::domain_to_internal(&user.domain, ctx.db()) + .await? + .ok_or_else(ApiError::internal_server_error)?; // user but not their domain??? + identity = Identity::Remote { user: user.id, domain: user.domain, internal }; + } }, }