[feature] Federate interaction policies + Accepts; enforce policies (#3138)

* [feature] Federate interaction policies + Accepts; enforce policies * use Acceptable type * fix index * remove appendIRIStrs * add GetAccept federatingdb function * lock on object IRI
2025-06-05 21:59:39 +02:00 · 2024-07-26 12:04:28 +02:00
parent f8d399cf6a
commit 8ab2b19a94
42 changed files with 3541 additions and 254 deletions
--- a/internal/ap/extract.go
+++ b/internal/ap/extract.go
@ -1057,6 +1057,137 @@ func ExtractVisibility(addressable Addressable, actorFollowersURI string) (gtsmo
 	return visibility, nil
 }

+// ExtractInteractionPolicy extracts a *gtsmodel.InteractionPolicy
+// from the given Statusable created by by the given *gtsmodel.Account.
+//
+// Will be nil (default policy) for Statusables that have no policy
+// set on them, or have a null policy. In such a case, the caller
+// should assume the default policy for the status's visibility level.
+func ExtractInteractionPolicy(
+	statusable Statusable,
+	owner *gtsmodel.Account,
+) *gtsmodel.InteractionPolicy {
+	policyProp := statusable.GetGoToSocialInteractionPolicy()
+	if policyProp == nil || policyProp.Len() != 1 {
+		return nil
+	}
+
+	policyPropIter := policyProp.At(0)
+	if !policyPropIter.IsGoToSocialInteractionPolicy() {
+		return nil
+	}
+
+	policy := policyPropIter.Get()
+	if policy == nil {
+		return nil
+	}
+
+	return &gtsmodel.InteractionPolicy{
+		CanLike:     extractCanLike(policy.GetGoToSocialCanLike(), owner),
+		CanReply:    extractCanReply(policy.GetGoToSocialCanReply(), owner),
+		CanAnnounce: extractCanAnnounce(policy.GetGoToSocialCanAnnounce(), owner),
+	}
+}
+
+func extractCanLike(
+	prop vocab.GoToSocialCanLikeProperty,
+	owner *gtsmodel.Account,
+) gtsmodel.PolicyRules {
+	if prop == nil || prop.Len() != 1 {
+		return gtsmodel.PolicyRules{}
+	}
+
+	propIter := prop.At(0)
+	if !propIter.IsGoToSocialCanLike() {
+		return gtsmodel.PolicyRules{}
+	}
+
+	withRules := propIter.Get()
+	if withRules == nil {
+		return gtsmodel.PolicyRules{}
+	}
+
+	return gtsmodel.PolicyRules{
+		Always:       extractPolicyValues(withRules.GetGoToSocialAlways(), owner),
+		WithApproval: extractPolicyValues(withRules.GetGoToSocialApprovalRequired(), owner),
+	}
+}
+
+func extractCanReply(
+	prop vocab.GoToSocialCanReplyProperty,
+	owner *gtsmodel.Account,
+) gtsmodel.PolicyRules {
+	if prop == nil || prop.Len() != 1 {
+		return gtsmodel.PolicyRules{}
+	}
+
+	propIter := prop.At(0)
+	if !propIter.IsGoToSocialCanReply() {
+		return gtsmodel.PolicyRules{}
+	}
+
+	withRules := propIter.Get()
+	if withRules == nil {
+		return gtsmodel.PolicyRules{}
+	}
+
+	return gtsmodel.PolicyRules{
+		Always:       extractPolicyValues(withRules.GetGoToSocialAlways(), owner),
+		WithApproval: extractPolicyValues(withRules.GetGoToSocialApprovalRequired(), owner),
+	}
+}
+
+func extractCanAnnounce(
+	prop vocab.GoToSocialCanAnnounceProperty,
+	owner *gtsmodel.Account,
+) gtsmodel.PolicyRules {
+	if prop == nil || prop.Len() != 1 {
+		return gtsmodel.PolicyRules{}
+	}
+
+	propIter := prop.At(0)
+	if !propIter.IsGoToSocialCanAnnounce() {
+		return gtsmodel.PolicyRules{}
+	}
+
+	withRules := propIter.Get()
+	if withRules == nil {
+		return gtsmodel.PolicyRules{}
+	}
+
+	return gtsmodel.PolicyRules{
+		Always:       extractPolicyValues(withRules.GetGoToSocialAlways(), owner),
+		WithApproval: extractPolicyValues(withRules.GetGoToSocialApprovalRequired(), owner),
+	}
+}
+
+func extractPolicyValues[T WithIRI](
+	prop Property[T],
+	owner *gtsmodel.Account,
+) gtsmodel.PolicyValues {
+	iris := getIRIs(prop)
+	PolicyValues := make(gtsmodel.PolicyValues, 0, len(iris))
+
+	for _, iri := range iris {
+		switch iriStr := iri.String(); iriStr {
+		case pub.PublicActivityPubIRI:
+			PolicyValues = append(PolicyValues, gtsmodel.PolicyValuePublic)
+		case owner.FollowersURI:
+			PolicyValues = append(PolicyValues, gtsmodel.PolicyValueFollowers)
+		case owner.FollowingURI:
+			PolicyValues = append(PolicyValues, gtsmodel.PolicyValueFollowers)
+		case owner.URI:
+			PolicyValues = append(PolicyValues, gtsmodel.PolicyValueAuthor)
+		default:
+			if iri.Scheme == "http" || iri.Scheme == "https" {
+				PolicyValues = append(PolicyValues, gtsmodel.PolicyValue(iriStr))
+			}
+		}
+	}
+
+	return PolicyValues
+}
+
 // ExtractSensitive extracts whether or not an item should
 // be marked as sensitive according to its ActivityStreams
 // sensitive property.