Refactor all ActivityPub deliveries to be serialized and signed through one concern (#10966)

2019-06-04 23:11:18 +02:00 · 2019-06-04 23:11:18 +02:00 · fbf08920a0
parent 82bd234c3c
commit fbf08920a0
24 changed files with 84 additions and 152 deletions
--- a/app/lib/activitypub/activity/follow.rb
+++ b/app/lib/activitypub/activity/follow.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class ActivityPub::Activity::Follow < ActivityPub::Activity
+  include Payloadable
+
  def perform
    return if autoreject?
    target_account = account_from_uri(object_uri)
@ -29,7 +31,7 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
  end

  def reject_follow_request!(target_account)
-    json = ActiveModelSerializers::SerializableResource.new(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), serializer: ActivityPub::RejectFollowSerializer, adapter: ActivityPub::Adapter).to_json
+    json = Oj.dump(serialize_payload(FollowRequest.new(account: @account, target_account: target_account, uri: @json['id']), ActivityPub::RejectFollowSerializer))
    ActivityPub::DeliveryWorker.perform_async(json, target_account.id, @account.inbox_url)
  end
 end
--- a/app/models/account.rb
+++ b/app/models/account.rb
@ -307,6 +307,10 @@ class Account < ApplicationRecord
    end
  end

+  def sign?
+    true
+  end
+
  def keypair
    @keypair ||= OpenSSL::PKey::RSA.new(private_key || public_key)
  end
--- a/app/models/form/account_batch.rb
+++ b/app/models/form/account_batch.rb
@ -3,6 +3,7 @@
 class Form::AccountBatch
  include ActiveModel::Model
  include Authorization
+  include Payloadable

  attr_accessor :account_ids, :action, :current_account

@ -52,13 +53,9 @@ class Form::AccountBatch
  def reject_follow!(follow)
    follow.destroy

-    json = ActiveModelSerializers::SerializableResource.new(
-      follow,
-      serializer: ActivityPub::RejectFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    return unless follow.account.activitypub?

-    ActivityPub::DeliveryWorker.perform_async(json, current_account.id, follow.account.inbox_url)
+    ActivityPub::DeliveryWorker.perform_async(Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)), current_account.id, follow.account.inbox_url)
  end

  def approve!
--- a/app/models/status.rb
+++ b/app/models/status.rb
@ -254,6 +254,8 @@ class Status < ApplicationRecord
    public_visibility? || unlisted_visibility? || local_visibility?
  end

+  alias sign? distributable?
+
  def with_media?
    media_attachments.any?
  end
--- a/app/services/after_block_domain_from_account_service.rb
+++ b/app/services/after_block_domain_from_account_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class AfterBlockDomainFromAccountService < BaseService
+  include Payloadable
+
  # This service does not create an AccountDomainBlock record,
  # it's meant to be called after such a record has been created
  # synchronously, to "clean up"
@ -29,12 +31,8 @@ class AfterBlockDomainFromAccountService < BaseService
  def reject_follow!(follow)
    follow.destroy

-    json = ActiveModelSerializers::SerializableResource.new(
-      follow,
-      serializer: ActivityPub::RejectFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    return unless follow.account.activitypub?

-    ActivityPub::DeliveryWorker.perform_async(json, @account.id, follow.account.inbox_url)
+    ActivityPub::DeliveryWorker.perform_async(Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer)), @account.id, follow.account.inbox_url)
  end
 end
--- a/app/services/authorize_follow_service.rb
+++ b/app/services/authorize_follow_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class AuthorizeFollowService < BaseService
+  include Payloadable
+
  def call(source_account, target_account, **options)
    if options[:skip_follow_request]
      follow_request = FollowRequest.new(account: source_account, target_account: target_account, uri: options[:follow_request_uri])
@ -20,10 +22,6 @@ class AuthorizeFollowService < BaseService
  end

  def build_json(follow_request)
-    ActiveModelSerializers::SerializableResource.new(
-      follow_request,
-      serializer: ActivityPub::AcceptFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow_request, ActivityPub::AcceptFollowSerializer))
  end
 end
--- a/app/services/block_service.rb
+++ b/app/services/block_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class BlockService < BaseService
+  include Payloadable
+
  def call(account, target_account)
    return if account.id == target_account.id

@ -22,10 +24,6 @@ class BlockService < BaseService
  end

  def build_json(block)
-    ActiveModelSerializers::SerializableResource.new(
-      block,
-      serializer: ActivityPub::BlockSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(block, ActivityPub::BlockSerializer))
  end
 end
--- a/app/services/concerns/payloadable.rb
+++ b/app/services/concerns/payloadable.rb
@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Payloadable
+  def serialize_payload(record, serializer, options = {})
+    signer    = options.delete(:signer)
+    sign_with = options.delete(:sign_with)
+    payload   = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
+
+    if (record.respond_to?(:sign?) && record.sign?) && signer && signing_enabled?
+      ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with)
+    else
+      payload
+    end
+  end
+
+  def signing_enabled?
+    true
+  end
+end
--- a/app/services/favourite_service.rb
+++ b/app/services/favourite_service.rb
@ -2,6 +2,7 @@

 class FavouriteService < BaseService
  include Authorization
+  include Payloadable

  # Favourite a status and notify remote user
  # @param [Account] account
@ -44,11 +45,7 @@ class FavouriteService < BaseService
  end

  def build_json(favourite)
-    Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new(
-      favourite,
-      serializer: ActivityPub::LikeSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json).sign!(favourite.account))
+    Oj.dump(serialize_payload(favourite, ActivityPub::LikeSerializer))
  end

  def curate_status(status)
--- a/app/services/follow_service.rb
+++ b/app/services/follow_service.rb
@ -2,6 +2,7 @@

 class FollowService < BaseService
  include Redisable
+  include Payloadable

  # Follow a remote user, notify remote user about the follow
  # @param [Account] source_account From which to follow
@ -55,10 +56,6 @@ class FollowService < BaseService
  end

  def build_json(follow_request)
-    ActiveModelSerializers::SerializableResource.new(
-      follow_request,
-      serializer: ActivityPub::FollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow_request, ActivityPub::FollowSerializer))
  end
 end
--- a/app/services/process_mentions_service.rb
+++ b/app/services/process_mentions_service.rb
@ -1,8 +1,11 @@
 # frozen_string_literal: true

 class ProcessMentionsService < BaseService
+  include Payloadable
+
  # Scan status for mentions and fetch remote mentioned users, create
-  # local mention pointers
+  # local mention pointers, send Salmon notifications to mentioned
+  # remote users
  # @param [Status] status
  def call(status, skip_notify: false)
    return unless status.local? && !status.draft?
@ -55,12 +58,7 @@ class ProcessMentionsService < BaseService

  def activitypub_json
    return @activitypub_json if defined?(@activitypub_json)
-    payload = ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::ActivitySerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-    @activitypub_json = Oj.dump(@status.distributable? ? ActivityPub::LinkedDataSignature.new(payload).sign!(@status.account) : payload)
+    @activitypub_json = Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @status.account))
  end

  def resolve_account_service
--- a/app/services/reblog_service.rb
+++ b/app/services/reblog_service.rb
@ -2,6 +2,7 @@

 class ReblogService < BaseService
  include Authorization
+  include Payloadable

  # Reblog a status and notify its remote author
  # @param [Account] account Account to reblog from
@ -63,11 +64,7 @@ class ReblogService < BaseService
  end

  def build_json(reblog)
-    Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new(
-      reblog,
-      serializer: ActivityPub::ActivitySerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json).sign!(reblog.account))
+    Oj.dump(serialize_payload(reblog, ActivityPub::ActivitySerializer, signer: reblog.account))
  end

  def curate_status(status)
--- a/app/services/reject_follow_service.rb
+++ b/app/services/reject_follow_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class RejectFollowService < BaseService
+  include Payloadable
+
  def call(source_account, target_account)
    follow_request = FollowRequest.find_by!(account: source_account, target_account: target_account)
    follow_request.reject!
@ -15,10 +17,6 @@ class RejectFollowService < BaseService
  end

  def build_json(follow_request)
-    ActiveModelSerializers::SerializableResource.new(
-      follow_request,
-      serializer: ActivityPub::RejectFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow_request, ActivityPub::RejectFollowSerializer))
  end
 end
--- a/app/services/remove_status_service.rb
+++ b/app/services/remove_status_service.rb
@ -2,6 +2,7 @@

 class RemoveStatusService < BaseService
  include Redisable
+  include Payloadable

  MIN_SCHEDULE_OFFSET = 60.seconds.freeze

@ -109,15 +110,7 @@ class RemoveStatusService < BaseService
  end

  def signed_activity_json
-    @signed_activity_json ||= Oj.dump(ActivityPub::LinkedDataSignature.new(activity_json).sign!(@account))
-  end
-
-  def activity_json
-    @activity_json ||= ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
+    @signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account))
  end

  def remove_reblogs
--- a/app/services/report_service.rb
+++ b/app/services/report_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class ReportService < BaseService
+  include Payloadable
+
  def call(source_account, target_account, options = {})
    @source_account = source_account
    @target_account = target_account
@ -44,12 +46,7 @@ class ReportService < BaseService
  end

  def payload
-    Oj.dump(ActiveModelSerializers::SerializableResource.new(
-      @report,
-      serializer: ActivityPub::FlagSerializer,
-      adapter: ActivityPub::Adapter,
-      account: some_local_account
-    ).as_json)
+    Oj.dump(serialize_payload(@report, ActivityPub::FlagSerializer, account: some_local_account))
  end

  def some_local_account
--- a/app/services/suspend_account_service.rb
+++ b/app/services/suspend_account_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class SuspendAccountService < BaseService
+  include Payloadable
+
  ASSOCIATIONS_ON_SUSPEND = %w(
    account_pins
    active_relationships
@ -117,23 +119,11 @@ class SuspendAccountService < BaseService
  end

  def delete_actor_json
-    return @delete_actor_json if defined?(@delete_actor_json)
-
-    payload = ActiveModelSerializers::SerializableResource.new(
-      @account,
-      serializer: ActivityPub::DeleteActorSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-
-    @delete_actor_json = Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account))
+    @delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account))
  end

  def build_reject_json(follow)
-    ActiveModelSerializers::SerializableResource.new(
-      follow,
-      serializer: ActivityPub::RejectFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer))
  end

  def delivery_inboxes
--- a/app/services/unblock_service.rb
+++ b/app/services/unblock_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class UnblockService < BaseService
+  include Payloadable
+
  def call(account, target_account)
    return unless account.blocking?(target_account)

@ -16,10 +18,6 @@ class UnblockService < BaseService
  end

  def build_json(unblock)
-    ActiveModelSerializers::SerializableResource.new(
-      unblock,
-      serializer: ActivityPub::UndoBlockSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(unblock, ActivityPub::UndoBlockSerializer))
  end
 end
--- a/app/services/unfavourite_service.rb
+++ b/app/services/unfavourite_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class UnfavouriteService < BaseService
+  include Payloadable
+
  def call(account, status)
    favourite = Favourite.find_by!(account: account, status: status)
    favourite.destroy!
@ -16,10 +18,6 @@ class UnfavouriteService < BaseService
  end

  def build_json(favourite)
-    Oj.dump(ActivityPub::LinkedDataSignature.new(ActiveModelSerializers::SerializableResource.new(
-      favourite,
-      serializer: ActivityPub::UndoLikeSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json).sign!(favourite.account))
+    Oj.dump(serialize_payload(favourite, ActivityPub::UndoLikeSerializer))
  end
 end
--- a/app/services/unfollow_service.rb
+++ b/app/services/unfollow_service.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class UnfollowService < BaseService
+  include Payloadable
+
  # Unfollow and notify the remote user
  # @param [Account] source_account Where to unfollow from
  # @param [Account] target_account Which to unfollow
@ -45,18 +47,10 @@ class UnfollowService < BaseService
  end

  def build_json(follow)
-    ActiveModelSerializers::SerializableResource.new(
-      follow,
-      serializer: ActivityPub::UndoFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow, ActivityPub::UndoFollowSerializer))
  end

  def build_reject_json(follow)
-    ActiveModelSerializers::SerializableResource.new(
-      follow,
-      serializer: ActivityPub::RejectFollowSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer))
  end
 end
--- a/app/services/vote_service.rb
+++ b/app/services/vote_service.rb
@ -2,6 +2,7 @@

 class VoteService < BaseService
  include Authorization
+  include Payloadable

  def call(account, poll, choices)
    authorize_with account, poll, :vote?
@ -50,10 +51,6 @@ class VoteService < BaseService
  end

  def build_json(vote)
-    ActiveModelSerializers::SerializableResource.new(
-      vote,
-      serializer: ActivityPub::VoteSerializer,
-      adapter: ActivityPub::Adapter
-    ).to_json
+    Oj.dump(serialize_payload(vote, ActivityPub::VoteSerializer))
  end
 end
--- a/app/workers/activitypub/distribute_poll_update_worker.rb
+++ b/app/workers/activitypub/distribute_poll_update_worker.rb
@ -2,6 +2,7 @@

 class ActivityPub::DistributePollUpdateWorker
  include Sidekiq::Worker
+  include Payloadable

  sidekiq_options queue: 'push', unique: :until_executed, retry: 0

@ -41,20 +42,8 @@ class ActivityPub::DistributePollUpdateWorker
    @inboxes
  end

-  def signed_payload
-    Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@account))
-  end
-
-  def unsigned_payload
-    ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::UpdatePollSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-  end
-
  def payload
-    @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload)
+    @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::UpdatePollSerializer, signer: @account))
  end

  def relay!
--- a/app/workers/activitypub/distribution_worker.rb
+++ b/app/workers/activitypub/distribution_worker.rb
@ -2,6 +2,7 @@

 class ActivityPub::DistributionWorker
  include Sidekiq::Worker
+  include Payloadable

  sidekiq_options queue: 'push'

@ -41,20 +42,8 @@ class ActivityPub::DistributionWorker
                 end
  end

-  def signed_payload
-    Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@account))
-  end
-
-  def unsigned_payload
-    ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::ActivitySerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-  end
-
  def payload
-    @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload)
+    @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @account))
  end

  def relay!
--- a/app/workers/activitypub/reply_distribution_worker.rb
+++ b/app/workers/activitypub/reply_distribution_worker.rb
@ -5,6 +5,7 @@

 class ActivityPub::ReplyDistributionWorker
  include Sidekiq::Worker
+  include Payloadable

  sidekiq_options queue: 'push'

@ -27,19 +28,7 @@ class ActivityPub::ReplyDistributionWorker
    @inboxes ||= @account.followers.inboxes
  end

-  def signed_payload
-    Oj.dump(ActivityPub::LinkedDataSignature.new(unsigned_payload).sign!(@status.account))
-  end
-
-  def unsigned_payload
-    ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::ActivitySerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-  end
-
  def payload
-    @payload ||= @status.distributable? ? signed_payload : Oj.dump(unsigned_payload)
+    @payload ||= Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @status.account))
  end
 end
--- a/app/workers/activitypub/update_distribution_worker.rb
+++ b/app/workers/activitypub/update_distribution_worker.rb
@ -2,6 +2,7 @@

 class ActivityPub::UpdateDistributionWorker
  include Sidekiq::Worker
+  include Payloadable

  sidekiq_options queue: 'push'

@ -27,14 +28,6 @@ class ActivityPub::UpdateDistributionWorker
  end

  def signed_payload
-    @signed_payload ||= Oj.dump(ActivityPub::LinkedDataSignature.new(payload).sign!(@account, sign_with: @options[:sign_with]))
-  end
-
-  def payload
-    @payload ||= ActiveModelSerializers::SerializableResource.new(
-      @account,
-      serializer: ActivityPub::UpdateSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
+    @signed_payload ||= Oj.dump(serialize_payload(@account, ActivityPub::UpdateSerializer, signer: @account, sign_with: @options[:sign_with]))
  end
 end