Merge tag 'v2.6.5' into instance_only_statuses

2018-12-07 15:27:23 +01:00
parent b9f0f794db 887f9de6dc
commit f5f9fc366d
298 changed files with 2754 additions and 1673 deletions
--- a/app/lib/activitypub/activity.rb
+++ b/app/lib/activitypub/activity.rb
@ -129,4 +129,10 @@ class ActivityPub::Activity
      ::FetchRemoteStatusService.new.call(@object['url'])
    end
  end
+
+  def lock_or_return(key, expire_after = 7.days.seconds)
+    yield if redis.set(key, true, nx: true, ex: expire_after)
+  ensure
+    redis.del(key)
+  end
 end
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@ -2,7 +2,7 @@

 class ActivityPub::Activity::Create < ActivityPub::Activity
  SUPPORTED_TYPES = %w(Note).freeze
-  CONVERTED_TYPES = %w(Image Video Article).freeze
+  CONVERTED_TYPES = %w(Image Video Article Page).freeze

  def perform
    return if delete_arrived_first?(object_uri) || unsupported_object_type? || invalid_origin?(@object['id'])
@ -10,7 +10,12 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
    RedisLock.acquire(lock_options) do |lock|
      if lock.acquired?
        @status = find_existing_status
-        process_status if @status.nil?
+
+        if @status.nil?
+          process_status
+        elsif @options[:delivered_to_account_id].present?
+          postprocess_audience_and_deliver
+        end
      else
        raise Mastodon::RaceConditionError
      end
@ -81,11 +86,35 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
      @mentions << Mention.new(account: account, silent: true)

      # If there is at least one silent mention, then the status can be considered
-      # as a limited-audience status, and not strictly a direct message
+      # as a limited-audience status, and not strictly a direct message, but only
+      # if we considered a direct message in the first place
      next unless @params[:visibility] == :direct

      @params[:visibility] = :limited
    end
+
+    # If the payload was delivered to a specific inbox, the inbox owner must have
+    # access to it, unless they already have access to it anyway
+    return if @options[:delivered_to_account_id].nil? || @mentions.any? { |mention| mention.account_id == @options[:delivered_to_account_id] }
+
+    @mentions << Mention.new(account_id: @options[:delivered_to_account_id], silent: true)
+
+    return unless @params[:visibility] == :direct
+
+    @params[:visibility] = :limited
+  end
+
+  def postprocess_audience_and_deliver
+    return if @status.mentions.find_by(account_id: @options[:delivered_to_account_id])
+
+    delivered_to_account = Account.find(@options[:delivered_to_account_id])
+
+    @status.mentions.create(account: delivered_to_account, silent: true)
+    @status.update(visibility: :limited) if @status.direct_visibility?
+
+    return unless delivered_to_account.following?(@account)
+
+    FeedInsertWorker.perform_async(@status.id, delivered_to_account.id, :home)
  end

  def attach_tags(status)
@ -118,7 +147,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
    return if tag['name'].blank?

    hashtag = tag['name'].gsub(/\A#/, '').mb_chars.downcase
-    hashtag = Tag.where(name: hashtag).first_or_create(name: hashtag)
+    hashtag = Tag.where(name: hashtag).first_or_create!(name: hashtag)

    return if @tags.include?(hashtag)

@ -148,7 +177,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
    updated   = tag['updated']
    emoji     = CustomEmoji.find_by(shortcode: shortcode, domain: @account.domain)

-    return unless emoji.nil? || image_url != emoji.image_remote_url || (updated && emoji.updated_at >= updated)
+    return unless emoji.nil? || image_url != emoji.image_remote_url || (updated && updated >= emoji.updated_at)

    emoji ||= CustomEmoji.new(domain: @account.domain, shortcode: shortcode, uri: uri)
    emoji.image_remote_url = image_url
--- a/app/lib/activitypub/activity/delete.rb
+++ b/app/lib/activitypub/activity/delete.rb
@ -12,8 +12,10 @@ class ActivityPub::Activity::Delete < ActivityPub::Activity
  private

  def delete_person
-    SuspendAccountService.new.call(@account)
-    @account.destroy!
+    lock_or_return("delete_in_progress:#{@account.id}") do
+      SuspendAccountService.new.call(@account)
+      @account.destroy!
+    end
  end

  def delete_note
--- a/app/lib/entity_cache.rb
+++ b/app/lib/entity_cache.rb
@ -21,7 +21,7 @@ class EntityCache
    end

    unless uncached_ids.empty?
-      uncached = CustomEmoji.where(shortcode: shortcodes, domain: domain, disabled: false).map { |item| [item.shortcode, item] }.to_h
+      uncached = CustomEmoji.where(shortcode: shortcodes, domain: domain, disabled: false).each_with_object({}) { |item, h| h[item.shortcode] = item }
      uncached.each_value { |item| Rails.cache.write(to_key(:emoji, item.shortcode, domain), item, expires_in: MAX_EXPIRATION) }
    end

--- a/app/lib/feed_manager.rb
+++ b/app/lib/feed_manager.rb
@ -40,7 +40,11 @@ class FeedManager
  end

  def push_to_list(list, status)
-    return false if status.reply? && status.in_reply_to_account_id != status.account_id
+    if status.reply? && status.in_reply_to_account_id != status.account_id
+      should_filter = status.in_reply_to_account_id != list.account_id
+      should_filter &&= !ListAccount.where(list_id: list.id, account_id: status.in_reply_to_account_id).exists?
+      return false if should_filter
+    end
    return false unless add_to_feed(:list, list.id, status)
    trim(:list, list.id)
    PushUpdateWorker.perform_async(list.account_id, status.id, "timeline:list:#{list.id}") if push_update_required?("timeline:list:#{list.id}")
--- a/app/lib/formatter.rb
+++ b/app/lib/formatter.rb
@ -128,9 +128,9 @@ class Formatter
    return html if emojis.empty?

    emoji_map = if animate
-                  emojis.map { |e| [e.shortcode, full_asset_url(e.image.url)] }.to_h
+                  emojis.each_with_object({}) { |e, h| h[e.shortcode] = full_asset_url(e.image.url) }
                else
-                  emojis.map { |e| [e.shortcode, full_asset_url(e.image.url(:static))] }.to_h
+                  emojis.each_with_object({}) { |e, h| h[e.shortcode] = full_asset_url(e.image.url(:static)) }
                end

    i                     = -1
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@ -2,6 +2,17 @@

 require 'ipaddr'
 require 'socket'
+require 'resolv'
+
+# Monkey-patch the HTTP.rb timeout class to avoid using a timeout block
+# around the Socket#open method, since we use our own timeout blocks inside
+# that method
+class HTTP::Timeout::PerOperation
+  def connect(socket_class, host, port, nodelay = false)
+    @socket = socket_class.open(host, port)
+    @socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) if nodelay
+  end
+end

 class Request
  REQUEST_TARGET = '(request-target)'
@ -45,7 +56,7 @@ class Request
    end

    begin
-      yield response.extend(ClientLimit)
+      yield response.extend(ClientLimit) if block_given?
    ensure
      http_client.close
    end
@ -94,7 +105,11 @@ class Request
  end

  def timeout
-    { write: 10, connect: 10, read: 10 }
+    # We enforce a 1s timeout on DNS resolving, 10s timeout on socket opening
+    # and 5s timeout on the TLS handshake, meaning the worst case should take
+    # about 16s in total
+
+    { connect: 5, read: 10, write: 10 }
  end

  def http_client
@ -139,17 +154,34 @@ class Request
  class Socket < TCPSocket
    class << self
      def open(host, *args)
-        return super host, *args if thru_hidden_service? host
+        return super(host, *args) if thru_hidden_service?(host)
+
        outer_e = nil
-        Addrinfo.foreach(host, nil, nil, :SOCK_STREAM) do |address|
-          begin
-            raise Mastodon::HostValidationError if PrivateAddressCheck.private_address? IPAddr.new(address.ip_address)
-            return super address.ip_address, *args
-          rescue => e
-            outer_e = e
+
+        Resolv::DNS.open do |dns|
+          dns.timeouts = 1
+
+          addresses = dns.getaddresses(host).take(2)
+          time_slot = 10.0 / addresses.size
+
+          addresses.each do |address|
+            begin
+              raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(IPAddr.new(address.to_s))
+
+              ::Timeout.timeout(time_slot, HTTP::TimeoutError) do
+                return super(address.to_s, *args)
+              end
+            rescue => e
+              outer_e = e
+            end
          end
        end
-        raise outer_e if outer_e
+
+        if outer_e
+          raise outer_e
+        else
+          raise SocketError, "No address for #{host}"
+        end
      end

      alias new open
--- a/app/lib/settings/scoped_settings.rb
+++ b/app/lib/settings/scoped_settings.rb
@ -31,7 +31,7 @@ module Settings

    def all_as_records
      vars = thing_scoped
-      records = vars.map { |r| [r.var, r] }.to_h
+      records = vars.each_with_object({}) { |r, h| h[r.var] = r }

      Setting.default_settings.each do |key, default_value|
        next if records.key?(key) || default_value.is_a?(Hash)
@ -65,7 +65,7 @@ module Settings

    class << self
      def default_settings
-        defaulting = DEFAULTING_TO_UNSCOPED.map { |k| [k, Setting[k]] }.to_h
+        defaulting = DEFAULTING_TO_UNSCOPED.each_with_object({}) { |k, h| h[k] = Setting[k] }
        Setting.default_settings.merge!(defaulting)
      end
    end