Refactor transmogrifier Delete to avoid spoofed Delete being accepted

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2021-11-14 16:26:51 +01:00
parent 2e869c1ade
commit df2c184bc0
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
2 changed files with 20 additions and 33 deletions

View file

@ -101,7 +101,8 @@ defmodule Mobilizon.Federation.ActivityPub.Permission do
false
end
else
true
# Object is not owned by a group
false
end
end

View file

@ -602,42 +602,28 @@ defmodule Mobilizon.Federation.ActivityPub.Transmogrifier do
) do
Logger.info("Handle incoming to delete an object")
with actor_url <- Utils.get_actor(data),
{:actor, {:ok, %Actor{} = actor}} <-
{:actor, ActivityPubActor.get_or_fetch_actor_by_url(actor_url)},
object_id <- Utils.get_url(object),
{:ok, object} <- is_group_object_gone(object_id),
{:origin_check, true} <-
{:origin_check,
Utils.origin_check_from_id?(actor_url, object_id) ||
Permission.can_delete_group_object?(actor, object)},
{:ok, activity, object} <- Actions.Delete.delete(object, actor, false) do
{:ok, activity, object}
else
{:origin_check, false} ->
Logger.warn("Object origin check failed")
:error
actor_url = Utils.get_actor(data)
object_id = Utils.get_url(object)
{:actor, {:error, _err}} ->
case ActivityPubActor.get_or_fetch_actor_by_url(actor_url) do
{:error, _err} ->
{:error, :unknown_actor}
{:error, e} ->
Logger.debug(inspect(e))
# Sentry.capture_message("Error while handling a Delete activity",
# extra: %{data: data}
# )
{:ok, %Actor{} = actor} ->
case is_group_object_gone(object_id) do
{:ok, object} ->
if Utils.origin_check_from_id?(actor_url, object_id) ||
Permission.can_delete_group_object?(actor, object) do
Actions.Delete.delete(object, actor, false)
else
Logger.warn("Object origin check failed")
:error
end
e ->
Logger.error(inspect(e))
# Sentry.capture_message("Error while handling a Delete activity",
# extra: %{data: data}
# )
:error
{:error, err} ->
Logger.debug(inspect(err))
{:error, err}
end
end
end