diff --git a/CHANGELOG.md b/CHANGELOG.md index ca519a668a..6aaadca42d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Added - `activeMonth` and `activeHalfyear` fields in NodeInfo usage.users object - Experimental support for Finch. Put `config :tesla, :adapter, {Tesla.Adapter.Finch, name: MyFinch}` in your secrets file to use it. Reverse Proxy will still use Hackney. +- `ForceMentionsInPostContent` MRF policy - AdminAPI: allow moderators to manage reports, users, invites, and custom emojis - AdminAPI: restrict moderators to access sensitive data: change user credentials, get password reset token, read private statuses and chats, etc - PleromaAPI: Add remote follow API endpoint at `POST /api/v1/pleroma/remote_interaction` diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 5b2410c16f..4dacdc68c8 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -126,6 +126,7 @@ To add configuration to your config file, you can copy it from the base config. * `Pleroma.Web.ActivityPub.MRF.ForceBotUnlistedPolicy`: Makes all bot posts to disappear from public timelines. * `Pleroma.Web.ActivityPub.MRF.FollowBotPolicy`: Automatically follows newly discovered users from the specified bot account. Local accounts, locked accounts, and users with "#nobot" in their bio are respected and excluded from being followed. * `Pleroma.Web.ActivityPub.MRF.KeywordPolicy`: Rejects or removes from the federated timeline or replaces keywords. (See [`:mrf_keyword`](#mrf_keyword)). + * `Pleroma.Web.ActivityPub.MRF.ForceMentionsInContent`: Forces every mentioned user to be reflected in the post content. * `transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo). * `transparency_exclusions`: Exclude specific instance names from MRF transparency. The use of the exclusions feature will be disclosed in nodeinfo as a boolean value. diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index ae37946ab7..1158353784 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -34,32 +34,34 @@ def escape_mention_handler("@" <> nickname = mention, buffer, _, _) do def mention_handler("@" <> nickname, buffer, opts, acc) do case User.get_cached_by_nickname(nickname) do - %User{id: id} = user -> - user_url = user.uri || user.ap_id - nickname_text = get_nickname_text(nickname, opts) - - link = - Phoenix.HTML.Tag.content_tag( - :span, - Phoenix.HTML.Tag.content_tag( - :a, - ["@", Phoenix.HTML.Tag.content_tag(:span, nickname_text)], - "data-user": id, - class: "u-url mention", - href: user_url, - rel: "ugc" - ), - class: "h-card" - ) - |> Phoenix.HTML.safe_to_string() - - {link, %{acc | mentions: MapSet.put(acc.mentions, {"@" <> nickname, user})}} + %User{} = user -> + {mention_from_user(user, opts), + %{acc | mentions: MapSet.put(acc.mentions, {"@" <> nickname, user})}} _ -> {buffer, acc} end end + def mention_from_user(%User{id: id} = user, opts \\ %{mentions_format: :full}) do + user_url = user.uri || user.ap_id + nickname_text = get_nickname_text(user.nickname, opts) + + Phoenix.HTML.Tag.content_tag( + :span, + Phoenix.HTML.Tag.content_tag( + :a, + ["@", Phoenix.HTML.Tag.content_tag(:span, nickname_text)], + "data-user": id, + class: "u-url mention", + href: user_url, + rel: "ugc" + ), + class: "h-card" + ) + |> Phoenix.HTML.safe_to_string() + end + def hashtag_handler("#" <> tag = tag_text, _buffer, _opts, acc) do tag = String.downcase(tag) url = "#{Pleroma.Web.Endpoint.url()}/tag/#{tag}" diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 0a5dfccc95..bf5b6508b5 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1055,6 +1055,10 @@ def get_by_ap_id(ap_id) do Repo.get_by(User, ap_id: ap_id) end + def get_by_uri(uri) do + Repo.get_by(User, uri: uri) + end + def get_all_by_ap_id(ap_ids) do from(u in __MODULE__, where: u.ap_id in ^ap_ids diff --git a/lib/pleroma/web/activity_pub/mrf/force_mentions_in_content.ex b/lib/pleroma/web/activity_pub/mrf/force_mentions_in_content.ex new file mode 100644 index 0000000000..522ae2f600 --- /dev/null +++ b/lib/pleroma/web/activity_pub/mrf/force_mentions_in_content.ex @@ -0,0 +1,80 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2022 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.ForceMentionsInContent do + alias Pleroma.Formatter + alias Pleroma.User + + @behaviour Pleroma.Web.ActivityPub.MRF.Policy + + defp do_extract({:a, attrs, _}, acc) do + if Enum.find(attrs, fn {name, value} -> + name == "class" && value in ["mention", "u-url mention", "mention u-url"] + end) do + href = Enum.find(attrs, fn {name, _} -> name == "href" end) |> elem(1) + acc ++ [href] + else + acc + end + end + + defp do_extract({_, _, children}, acc) do + do_extract(children, acc) + end + + defp do_extract(nodes, acc) when is_list(nodes) do + Enum.reduce(nodes, acc, fn node, acc -> do_extract(node, acc) end) + end + + defp do_extract(_, acc), do: acc + + defp extract_mention_uris_from_content(content) do + {:ok, tree} = :fast_html.decode(content, format: [:html_atoms]) + do_extract(tree, []) + end + + @impl true + def filter(%{"type" => "Create", "object" => %{"type" => "Note", "tag" => tag}} = object) do + # image-only posts from pleroma apparently reach this MRF without the content field + content = object["object"]["content"] || "" + + mention_users = + tag + |> Enum.filter(fn tag -> tag["type"] == "Mention" end) + |> Enum.map(& &1["href"]) + |> Enum.reject(&is_nil/1) + |> Enum.map(fn ap_id_or_uri -> + case User.get_or_fetch_by_ap_id(ap_id_or_uri) do + {:ok, user} -> {ap_id_or_uri, user} + _ -> {ap_id_or_uri, User.get_by_uri(ap_id_or_uri)} + end + end) + |> Enum.reject(fn {_, user} -> user == nil end) + |> Enum.into(%{}) + + explicitly_mentioned_uris = extract_mention_uris_from_content(content) + + added_mentions = + Enum.reduce(mention_users, "", fn {uri, user}, acc -> + unless uri in explicitly_mentioned_uris do + acc <> Formatter.mention_from_user(user) + else + acc + end + end) + + content = + if added_mentions != "", + do: added_mentions <> " " <> content, + else: content + + {:ok, put_in(object["object"]["content"], content)} + end + + @impl true + def filter(object), do: {:ok, object} + + @impl true + def describe, do: {:ok, %{}} +end diff --git a/test/fixtures/soapbox_no_mentions_in_content.json b/test/fixtures/soapbox_no_mentions_in_content.json new file mode 100644 index 0000000000..03b4b8ee44 --- /dev/null +++ b/test/fixtures/soapbox_no_mentions_in_content.json @@ -0,0 +1,79 @@ +{ + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://gleasonator.com/schemas/litepub-0.1.jsonld", + { + "@language": "und" + } + ], + "actor": "https://gleasonator.com/users/alex", + "attachment": [ + { + "blurhash": "b15#-6_3~l%eDkNraAM#HYMf", + "height": 2147, + "mediaType": "image/png", + "name": "", + "type": "Document", + "url": "https://media.gleasonator.com/2df1c9cc26c35028db65848143971da0c5a6e04dbd423b194bb018b6c601db9b.png", + "width": 966 + }, + { + "blurhash": "b168EX~q~W-;DiM{VtIUD%Io", + "height": 2147, + "mediaType": "image/png", + "name": "", + "type": "Document", + "url": "https://media.gleasonator.com/22b42b4cddc1aecc7e2d3dc20bcdd66d5c4e44c2bef119de948e95a587e36b66.png", + "width": 966 + } + ], + "attributedTo": "https://gleasonator.com/users/alex", + "cc": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "content": "

Haha yeah, you can control who you reply to.

", + "context": "https://gleasonator.com/contexts/ba6c8bd9-ac4d-479e-9bd9-5bf570068ae7", + "conversation": "https://gleasonator.com/contexts/ba6c8bd9-ac4d-479e-9bd9-5bf570068ae7", + "id": "https://gleasonator.com/objects/02af65fe-04f8-46bc-9b1e-31dfe76eaffd", + "inReplyTo": "https://shitposter.club/objects/c686d811-4368-48e1-ba11-82c129f93165", + "published": "2022-01-19T03:37:35.976545Z", + "sensitive": false, + "source": "Haha yeah, you can control who you reply to.", + "summary": "", + "tag": [ + { + "href": "https://lain.com/users/lain", + "name": "@lain@lain.com", + "type": "Mention" + }, + { + "href": "https://shitposter.club/users/coolboymew", + "name": "@coolboymew@shitposter.club", + "type": "Mention" + }, + { + "href": "https://shitposter.club/users/dielan", + "name": "@dielan@shitposter.club", + "type": "Mention" + }, + { + "href": "https://tuusin.misono-ya.info/users/hakui", + "name": "@hakui@tuusin.misono-ya.info", + "type": "Mention" + }, + { + "href": "https://xyzzy.link/users/fence", + "name": "@fence@xyzzy.link", + "type": "Mention" + } + ], + "to": [ + "https://shitposter.club/users/dielan", + "https://gleasonator.com/users/alex/followers", + "https://shitposter.club/users/coolboymew", + "https://xyzzy.link/users/fence", + "https://tuusin.misono-ya.info/users/hakui", + "https://lain.com/users/lain" + ], + "type": "Note" +} diff --git a/test/pleroma/web/activity_pub/mrf/force_mentions_in_content_test.exs b/test/pleroma/web/activity_pub/mrf/force_mentions_in_content_test.exs new file mode 100644 index 0000000000..090bdc35ed --- /dev/null +++ b/test/pleroma/web/activity_pub/mrf/force_mentions_in_content_test.exs @@ -0,0 +1,34 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2021 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.ForceMentionsInContentTest do + alias Pleroma.Web.ActivityPub.MRF.ForceMentionsInContent + import Pleroma.Factory + use Pleroma.DataCase + + test "adds mentions to post content" do + users = %{ + "lain@lain.com" => "https://lain.com/users/lain", + "coolboymew@shitposter.club" => "https://shitposter.club/users/coolboymew", + "dielan@shitposter.club" => "https://shitposter.club/users/dielan", + "hakui@tuusin.misono-ya.info" => "https://tuusin.misono-ya.info/users/hakui", + "fence@xyzzy.link" => "https://xyzzy.link/users/fence" + } + + Enum.each(users, fn {nickname, ap_id} -> + insert(:user, ap_id: ap_id, nickname: nickname, local: false) + end) + + object = File.read!("test/fixtures/soapbox_no_mentions_in_content.json") |> Jason.decode!() + + activity = %{ + "type" => "Create", + "actor" => "https://gleasonator.com/users/alex", + "object" => object + } + + {:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity) + Enum.each(users, fn {nickname, _} -> assert filtered =~ nickname end) + end +end