Enable authorized fetch for individual users who block remote domains

This commit is contained in:
Claire 2023-12-21 14:08:26 +01:00
parent c7c727994a
commit 1c2b8e3500
2 changed files with 8 additions and 4 deletions

View File

@ -54,4 +54,8 @@ module AccountOwnedConcern
expires_in(3.minutes, public: true) expires_in(3.minutes, public: true)
forbidden forbidden
end end
def authorized_fetch_mode?
super || @account.domain_blocks.exists?
end
end end

View File

@ -11,20 +11,20 @@ module Payloadable
# @option options [Boolean] :always_sign # @option options [Boolean] :always_sign
# @return [Hash] # @return [Hash]
def serialize_payload(record, serializer, options = {}) def serialize_payload(record, serializer, options = {})
signer = options.delete(:signer) @signer = options.delete(:signer)
sign_with = options.delete(:sign_with) sign_with = options.delete(:sign_with)
always_sign = options.delete(:always_sign) always_sign = options.delete(:always_sign)
payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
object = record.respond_to?(:virtual_object) ? record.virtual_object : record object = record.respond_to?(:virtual_object) ? record.virtual_object : record
if (object.respond_to?(:sign?) && object.sign?) && signer && (always_sign || signing_enabled?) if (object.respond_to?(:sign?) && object.sign?) && @signer && (always_sign || signing_enabled?)
ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with) ActivityPub::LinkedDataSignature.new(payload).sign!(@signer, sign_with: sign_with)
else else
payload payload
end end
end end
def signing_enabled? def signing_enabled?
!authorized_fetch_mode? !authorized_fetch_mode? && !@signer.domain_blocks.exists?
end end
end end