Federate community reports, and send report create/update/resolve activities to report creator's instance #5496
Conversation
…e or community, and add SiteOrCommunity::local_community
dullbananas
requested review from
Nutomic,
dessalines,
phiresky and
SleeplessOne1917
as code owners
crates/apub/src/fetcher/report.rs
Outdated
| } | ||
| }) | ||
| } | ||
| } |
There was a problem hiding this comment.
You can directly use Either via get dependency in Cargo.toml:
activitypub_federation = {
git = "https://github.com/LemmyNet/activitypub-federation-rust.git",
branch = "object-either",
default-features = false,
features = [
"actix-web",
] }
| @@ -107,13 +107,57 @@ impl Object for SiteOrCommunity { | |||
| } | |||
| } | |||
|
|
|||
| impl Actor for SiteOrCommunity { | |||
There was a problem hiding this comment.
I also implemented Either for Actor.
There was a problem hiding this comment.
Does that mean this should come after LemmyNet/activitypub-federation-rust#139, or that its just something to keep in mind.
There was a problem hiding this comment.
I published those changes as 0.6.4 now.
https://github.com/LemmyNet/activitypub-federation-rust/releases/tag/0.6.4
| @@ -107,13 +107,57 @@ impl Object for SiteOrCommunity { | |||
| } | |||
| } | |||
|
|
|||
| impl Actor for SiteOrCommunity { | |||
There was a problem hiding this comment.
Does that mean this should come after LemmyNet/activitypub-federation-rust#139, or that its just something to keep in mind.
crates/apub/src/activities/mod.rs
Outdated
| ) -> LemmyResult<()> { | ||
| // admin action comes from the correct instance, so it was presumably done | ||
| // by an instance admin. | ||
| // TODO: federate instance admin status and check it here |
There was a problem hiding this comment.
So this would need to be skipped until we federate admins?
There was a problem hiding this comment.
We currently assume that any user who is on the same instance as a user or community can perform admin actions on them. This is also in the existing code. It works fine because the remote Lemmy instance performs its own permission checks, and admin actions only federate for users/communities from the same instance.
|
Just needs above comments addressed, and conflicts, then we can merge. |
| ) -> LemmyResult<Either<ApubSite, ApubCommunity>> { | ||
| let receiver = self.to[0].dereference(context).await?; | ||
| Ok(receiver) | ||
| } |
There was a problem hiding this comment.
Doesnt need a separate function.
| @@ -91,7 +91,7 @@ impl InCommunity for AnnouncableActivities { | |||
| LockPost(a) => a.community(context).await, | |||
| UndoLockPost(a) => a.community(context).await, | |||
| Report(a) => a.community(context).await, | |||
| ResolveReport(a) => a.community(context).await, | |||
| ResolveReport(a) => a.object.community(context).await, | |||
There was a problem hiding this comment.
Good idea, we can probably remove InCommunity impls for all the Undo activities in this way too.
There was a problem hiding this comment.
Might wanna make an issue for that so you don't forget.
| let admin = admin_id.dereference(context).await?; | ||
| let local_user_view = LocalUserView::read_person(&mut context.pool(), admin.id).await?; | ||
| is_admin(&local_user_view) | ||
| } |
There was a problem hiding this comment.
This function is only called once inside of verify_mod_or_admin_action so you can move the logic directly there.
crates/apub/src/activities/mod.rs
Outdated
| @@ -98,6 +102,17 @@ pub(crate) async fn verify_mod_action( | |||
| .await | |||
| } | |||
|
|
|||
| pub(crate) async fn verify_mod_or_admin_action( | |||
There was a problem hiding this comment.
| pub(crate) async fn verify_mod_or_admin_action( | |
| async fn verify_mod_or_admin_action( |
There was a problem hiding this comment.
Can also be moved down one level into community/mod.rs
| inboxes.add_inbox(report_creator_site.inbox_url.into()); | ||
|
|
||
| Ok(inboxes) | ||
| } |
There was a problem hiding this comment.
Dont see why this needs a new function, you can add the logic into report_inboxes
| ))! as CommunityReportView | ||
| ).community_report; | ||
| expect(resolvedReport).toBeDefined(); | ||
| expect(resolvedReport.resolved).toBe(true); |
There was a problem hiding this comment.
If the community was not removed then the report should stay unresolved, right?
There was a problem hiding this comment.
For admins on the report creator's instance, that's close enough to what happens, because it stays in the unresolved reports list. But the updated resolved and resolver fields from the remote instance are preserved, so local admins can still see it.
There was a problem hiding this comment.
So the report is still shown despite being resolved? How can admins hide it then without removing the community?
There was a problem hiding this comment.
Resolving it again will remove it from the list, since the filter checks if the resolver is local.
There was a problem hiding this comment.
That seems unintuitive. Besides the same reasoning could be applied to local reports for remote posts or comments. Its better to keep them all consistent, and make a separate issue/pull request to handle this case.
| // if a local user reported a remote community, and the remote admin chose to not remove it, | ||
| // then maybe a local admin wants to do something about it (for example, remove the community | ||
| // locally, or block the instance) | ||
| resolver_is_local.or(community::removed), |
There was a problem hiding this comment.
I think this is the logic referred to above. We should probably remove this check, and not make special cases for community removals.
Either way this should be handled at the apub receiving the resolve report, and if its not sent, then its up to each site to resolve it on their own.
There was a problem hiding this comment.
I changed it so reports to remote communities are never listed. Resolve from remote admin is still received, so a future PR can either use or overwrite the stored resolved status.
Opened issue #5697 also.
| // Hide reports of remote communities | ||
| query = query.filter( | ||
| report_combined::community_report_id | ||
| .is_null() | ||
| .or(community::local), |
There was a problem hiding this comment.
We aren't doing this for remote posts or comments, so I don't see why this should be a special case either.
If a federated community gets reported, and resolved, that should get sent out and received, then your below filter should work.
If it doesn't get resolved, then its up to each instance to decide what to do with it, just like comments and posts.
There was a problem hiding this comment.
I got rid of this filter, so it should now be consistent with posts and comments.
|
If I understand the code correctly, the current behavior for resolve federation is to only send the resolve to the reporter's instance if the community of the reported post or comment has a moderator on the reporter's instance, and this has an effect on what admins see. That seems like a bug. In this PR, I changed the |
This is really complicated to think about... The only possible attack I see here, is if a community adds a lot of federated mods to a troll instance, and admins there then just resolve every report no matter what. That could be an issue if its really bad content. Isn't the main thing that we just need to be doing a |
|
Resolve actions are only accepted if they are sent by a mod or admin of the corresponding community/instance. This seems to be checked properly in verify. The change in report_inboxes to send resolve actions to the original reporter also makes sense. In my opinion we can merge this, and if necessary make adjustments in separate PRs. |
…ivities to report creator's instance (#5496) * add calls to submit_activity and use SiteOrCommunity * add send_activity imports * use separate CreateReportToSite and SendResolveReportToSite variants * fix api compile errors * allow apub Report struct to represent community report * change argument types of Report::new, Report::send, and report_inboxes * impl Object for ReportableObjects * impl Actor for SiteOrCommunity * change return types of ReportObject::dereference and ReportObject::object_id * Add verify_person_in_site_or_community * replace Report::community with Report::recipient to return either site or community, and add SiteOrCommunity::local_community * fix Report::receive * fix ResolveReport::send * fix ResolveReport * fix match_outgoing_activities * replace recipient with receiver * lint * update cargo.toml files * start removing new custom enums * Revert "start removing new custom enums" This reverts commit 8208c8a. * remove new trait impls on enums * change reportableobjects to type alias that uses either * fix fetcher::report * find and replace reportableobjects variant names * delete crates/utils/translations * remove uses of custom siteorcommunity enum * clippy * dont use separate module for reportableobjects * remove ResolveReport::reciever * replace match in activity_lists with Report::community * combine variants for community and site in SendActivityData enum * add reportCommunity function to shared.ts * fix rust errors * lint * change the condition for community reports when listing unresolved reports * update lemmy-js-client * fix pnpm-lock.yaml * api test * use same null check that's used elsewhere * federate report activities to report creator's instance * Apply suggestions from code review Co-authored-by: Nutomic <[email protected]> * remove report_remote_inboxes * remove Report::receiver * remove verify_admin_action * move verify_mod_or_admin_action * always hide reports of remote communities * refactor local_community * remove unconditional hiding of reports of remote communities --------- Co-authored-by: Nutomic <[email protected]>
Closes #4897