alemi/upub
alemi/upub
1
0
Fork 1
Code Issues 4 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: alemi:781619a899f6b8082cbb1cfbefa95bca1d83894e
Branches Tags
alemi:dev
alemi:betterdb
alemi:newdb
alemi:tci
alemi:v0.2.0
alemi:v0.1.0
..
compare: alemi:a4df9f2fc0b1bfbcc530bb8aaae7b80091312c76
Branches Tags
alemi:dev
alemi:betterdb
alemi:newdb
alemi:tci
alemi:v0.2.0
alemi:v0.1.0

No commits in common. "781619a899f6b8082cbb1cfbefa95bca1d83894e" and "a4df9f2fc0b1bfbcc530bb8aaae7b80091312c76" have entirely different histories.
781619a899 ... a4df9f2fc0

5 changed files with 22 additions and 14 deletions
Show stats Expand all files Collapse all files

2
upub/routes/src/activitypub/activity.rs
View file

@ -25,7 +25,7 @@ pub async fn view(
let row = upub::Query::feed(auth.my_id())
.filter(model::activity::Column::Id.eq(&aid))
.filter(auth.filter())
.filter(auth.filter_activities())
.into_model::<RichActivity>()
.one(ctx.db())
.await?

16
upub/routes/src/activitypub/actor/outbox.rs
View file

@ -19,18 +19,14 @@ pub async fn page(
AuthIdentity(auth): AuthIdentity,
) -> crate::ApiResult<JsonLD<serde_json::Value>> {
let uid = ctx.uid(&id);
let mut filter = Condition::all()
.add(
Condition::any()
.add(model::activity::Column::Actor.eq(&uid))
.add(model::object::Column::AttributedTo.eq(&uid))
);
if !auth.is(&uid) {
filter = filter.add(auth.filter());
}
crate::builders::paginate_feed(
upub::url!(ctx, "/actors/{id}/outbox/page"),
filter,
Condition::all()
.add(auth.filter_activities())
.add(Condition::any()
.add(model::activity::Column::Actor.eq(&uid))
.add(model::object::Column::AttributedTo.eq(&uid))
),
ctx.db(),
page,
auth.my_id(),

2
upub/routes/src/activitypub/inbox.rs
View file

@ -21,7 +21,7 @@ pub async fn page(
) -> crate::ApiResult<JsonLD<serde_json::Value>> {
crate::builders::paginate_feed(
upub::url!(ctx, "/inbox/page"),
auth.filter(),
auth.filter_activities(),
ctx.db(),
page,
auth.my_id(),

2
upub/routes/src/activitypub/outbox.rs
View file

@ -16,7 +16,7 @@ pub async fn page(
crate::builders::paginate_feed(
upub::url!(ctx, "/outbox/page"),
Condition::all()
.add(auth.filter())
.add(auth.filter_activities())
.add(upub::model::actor::Column::Domain.eq(ctx.domain().to_string())),
ctx.db(),
page,

14
upub/routes/src/auth.rs
View file

@ -20,7 +20,7 @@ pub enum Identity {
}
impl Identity {
pub fn filter(&self) -> Condition {
pub fn filter_activities(&self) -> Condition {
let base_cond = Condition::any().add(upub::model::addressing::Column::Actor.is_null());
match self {
Identity::Anonymous => base_cond,
@ -29,6 +29,18 @@ impl Identity {
}
}
pub fn filter_objects(&self) -> Condition {
let base_cond = Condition::any().add(upub::model::addressing::Column::Actor.is_null());
match self {
Identity::Anonymous => base_cond,
Identity::Remote { internal, .. } => base_cond.add(upub::model::addressing::Column::Instance.eq(*internal)),
// TODO should we allow all users on same server to see? or just specific user??
Identity::Local { id, internal } => base_cond
.add(upub::model::addressing::Column::Actor.eq(*internal))
.add(upub::model::object::Column::AttributedTo.eq(id)),
}
}
pub fn my_id(&self) -> Option<i64> {
match self {
Identity::Local { internal, .. } => Some(*internal),