[fedi] instances moderation

2019-10-30 15:01:15 +01:00
parent 0876f9baee
commit ec92ce84bb
13 changed files with 193 additions and 88 deletions
--- a/components/admin/Federation.vue
+++ b/components/admin/Federation.vue
@@ -1,21 +1,60 @@
 <template lang="pug">
  div
-    el-form(inline label-width='400px')
+    el-form(inline label-width='200px')
      el-form-item(:label="$t('admin.enable_federation')")
        el-switch(v-model='enable_federation')
      el-form-item(:label="$t('admin.enable_comments')")
        el-switch(v-model='enable_comments')
      el-form-item(:label="$t('admin.disable_gamification')")
        el-switch(v-model='disable_gamification')
+
+      el-divider {{$t('common.instances')}}
+      el-table(:data='paginatedInstances' small)
+        el-table-column(label='Domain' width='250')
+          template(slot-scope='data')
+            span(slot='reference') <img class='instance_thumb' :src="data.row.data.thumbnail"/> {{data.row.domain}}
+        el-table-column(label='Name' width='150')
+          template(slot-scope='data')
+            span(slot='reference') {{data.row.name}}
+        el-table-column(label='Users' width='150')
+          template(slot-scope='data')
+            span(slot='reference') {{data.row.users}}
+        el-table-column(:label="$t('common.actions')" width='300')
+          template(slot-scope='data')
+            el-button-group
+              el-button(size='mini'
+                :type='data.row.blocked?"danger":"warning"'
+                @click='toggleBlock(data.row)') {{data.row.blocked?$t('admin.unblock_instance'):$t('admin.block_instance')}}
+
+      client-only
+        el-pagination(:page-size='perPage' :currentPage.sync='instancePage' :total='instances.length')
+
 </template>
 <script>
 import { mapState, mapActions } from 'vuex'

 export default {
  name: 'Federation',
-  methods: mapActions(['setSetting']),
+  props: ['instances'],
+  data () {
+    return {
+      perPage: 10,
+      instancePage: 1
+    }
+  },
+  methods: {
+    ...mapActions(['setSetting']),
+    async toggleBlock (instance) {
+      await this.$axios.post('/instances/toggle_block', { instance: instance.domain, blocked: !instance.blocked })
+      instance.blocked = !instance.blocked
+    }
+  },
  computed: {
    ...mapState(['settings']),
+    paginatedInstances () {
+      return this.instances.slice((this.instancePage - 1) * this.perPage,
+        this.instancePage * this.perPage)
+    },
    enable_federation: {
      get () { return this.settings.enable_federation },
      set (value) { this.setSetting({ key: 'enable_federation', value }) }
@@ -31,3 +70,8 @@ export default {
  }
 }
 </script>
+<style lang="less">
+.instance_thumb {
+  height: 20px;
+}
+</style>
--- a/components/admin/Settings.vue
+++ b/components/admin/Settings.vue
@@ -3,11 +3,11 @@
    el-form(inline label-width="400px")
      //- select timezone
      client-only
-      el-form-item(:label="$t('admin.select_instance_timezone')")
-        el-select(v-model='instance_timezone' filterable)
-          el-option(v-for='timezone in timezones' :key='timezone.value' :value='timezone.value')
-            span.float-left {{timezone.value}}
-            small.float-right.text-danger {{timezone.offset}}
+        el-form-item(:label="$t('admin.select_instance_timezone')")
+          el-select(v-model='instance_timezone' filterable)
+            el-option(v-for='timezone in timezones' :key='timezone.value' :value='timezone.value')
+              span.float-left {{timezone.value}}
+              small.float-right.text-danger {{timezone.offset}}

      //- allow open registration
      el-form-item(:label="$t('admin.allow_registration_description')")
--- a/pages/add/_edit.vue
+++ b/pages/add/_edit.vue
@@ -194,9 +194,7 @@ export default {
      data.event.description = event.description.replace(/(<([^>]+)>)/ig, '')
      data.event.id = event.id
      data.event.recurrent = {}
-      if (event.tags) {
-        data.event.tags = event.tags.map(t => t.tag)
-      }
+      data.event.tags = event.tags
      return data
    }
    return {}
--- a/pages/admin.vue
+++ b/pages/admin.vue
@@ -48,7 +48,7 @@
        template(slot='label')
          v-icon(name='network-wired')
          span.ml-1 {{$t('common.federation')}}
-        Federation
+        Federation(:instances='instances')

 </template>
 <script>
@@ -65,6 +65,7 @@ export default {
  middleware: ['auth'],
  data () {
    return {
+      instances: [],
      perPage: 10,
      eventPage: 1,
      description: '',
@@ -81,7 +82,8 @@ export default {
    try {
      const users = await $axios.$get('/users')
      const events = await $axios.$get('/event/unconfirmed')
-      return { users, events, mastodon_instance: store.state.settings.mastodon_instance }
+      const instances = await $axios.$get('/instances')
+      return { users, events, instances, mastodon_instance: store.state.settings.mastodon_instance }
    } catch (e) {
      console.error(e)
    }
--- a/server/api/controller/event.js
+++ b/server/api/controller/event.js
@@ -73,15 +73,6 @@ const eventController = {
    return ret
  },

-  async updateTag (req, res) {
-    const tag = await Tag.findByPk(req.body.tag)
-    if (tag) {
-      res.json(await tag.update(req.body))
-    } else {
-      res.sendStatus(404)
-    }
-  },
-
  async updatePlace (req, res) {
    const place = await Place.findByPk(req.body.id)
    await place.update(req.body)
--- a/server/api/controller/export.js
+++ b/server/api/controller/export.js
@@ -29,7 +29,7 @@ const exportController = {
        start_datetime: { [Op.gte]: yesterday },
        ...where
      },
-      include: [ { model: Tag, ...where_tags }, { model: Place, attributes: ['name', 'id', 'address'] }]
+      include: [{ model: Tag, ...where_tags }, { model: Place, attributes: ['name', 'id', 'address'] }]
    })

    switch (type) {
--- a/server/api/controller/instances.js
+++ b/server/api/controller/instances.js
@@ -0,0 +1,23 @@
+const Sequelize = require('sequelize')
+const { fed_users: FedUsers, instances: Instances } = require('../models')
+
+const instancesController = {
+  async getAll (req, res) {
+    const instances = await Instances.findAll({
+      attributes: {
+        include: [[Sequelize.fn('count', Sequelize.col('domain')), 'users']]
+      },
+      group: ['domain'],
+      include: [{ model: FedUsers, attributes: [] }]
+    })
+    return res.json(instances)
+  },
+  async toggleBlock (req, res) {
+    const instance = await Instances.findByPk(req.body.instance)
+    if (!instance) { return res.status(404).send('Not found') }
+    await instance.update({ blocked: req.body.blocked })
+    return res.json(instance)
+  }
+}
+
+module.exports = instancesController
--- a/server/api/index.js
+++ b/server/api/index.js
@@ -2,14 +2,13 @@ const express = require('express')
 const multer = require('multer')
 const cookieParser = require('cookie-parser')
 const bodyParser = require('body-parser')
-const expressJwt = require('express-jwt')
-const config = require('config')

 const { isAuth, isAdmin } = require('./auth')
 const eventController = require('./controller/event')
 const exportController = require('./controller/export')
 const userController = require('./controller/user')
 const settingsController = require('./controller/settings')
+const instancesController = require('./controller/instances')

 const storage = require('./storage')
 const upload = multer({ storage })
@@ -84,6 +83,9 @@ api.get('/export/:type', exportController.export)
 // get events in this range
 api.get('/event/:month/:year', eventController.getAll)

+api.get('/instances', isAdmin, instancesController.getAll)
+api.post('/instances/toggle_block', isAdmin, instancesController.toggleBlock)
+
 // Handle 404
 api.use((req, res) => {
  debug('404 Page not found: %s', req.path)
--- a/server/api/models/instances.js
+++ b/server/api/models/instances.js
@@ -1,7 +1,11 @@
 'use strict'
 module.exports = (sequelize, DataTypes) => {
  const instances = sequelize.define('instances', {
-    domain: DataTypes.STRING,
+    domain: {
+      primaryKey: true,
+      allowNull: false,
+      type: DataTypes.STRING
+    },
    name: DataTypes.STRING,
    blocked: DataTypes.BOOLEAN,
    data: DataTypes.JSON
--- a/server/api/models/user.js
+++ b/server/api/models/user.js
@@ -15,7 +15,10 @@ module.exports = (sequelize, DataTypes) => {
      allowNull: false
    },
    display_name: DataTypes.STRING,
-    settings: DataTypes.JSON,
+    settings: {
+      type: DataTypes.JSON,
+      defaultValue: '{}'
+    },
    email: {
      type: DataTypes.STRING,
      unique: { msg: 'error.email_taken' },
--- a/server/federation/helpers.js
+++ b/server/federation/helpers.js
@@ -4,7 +4,7 @@ const crypto = require('crypto')
 const config = require('config')
 const httpSignature = require('http-signature')
 const debug = require('debug')('federation:helpers')
-const { user: User, fed_users: FedUsers } = require('../api/models')
+const { user: User, fed_users: FedUsers, instances: Instances } = require('../api/models')
 const url = require('url')
 const settingsController = require('../api/controller/settings')

@@ -26,7 +26,7 @@ const Helpers = {

  async signAndSend (message, user, inbox) {
    // get the URI of the actor object and append 'inbox' to it
-    const inboxUrl = url.parse(inbox)
+    const inboxUrl = new url.URL(inbox)
    // const toPath = toOrigin.path + '/inbox'
    // get the private key
    const privkey = user.rsa.privateKey
@@ -66,7 +66,7 @@ const Helpers = {
      return
    }

-    let recipients = {}
+    const recipients = {}
    instanceAdmin.followers.forEach(follower => {
      const sharedInbox = follower.object.endpoints.sharedInbox
      if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
@@ -92,75 +92,118 @@ const Helpers = {
      Helpers.signAndSend(body, instanceAdmin, sharedInbox)
    }

-    return 
    // TODO
    // in case the event is published by the Admin itself do not add user
-    if (instanceAdmin.id === user.id) {
-      debug('Event published by instance Admin')
-      return
-    } 
-    if (!user.settings.enable_federation || !user.username) {
-      debug('Federation disabled for user %d (%s)', user.id, user.username)
-      return
-    }
+    // if (instanceAdmin.id === user.id) {
+    //   debug('Event published by instance Admin')
+    //   return
+    // }
+    // if (!user.settings.enable_federation || !user.username) {
+    //   debug('Federation disabled for user %d (%s)', user.id, user.username)
+    //   return
+    // }

-    debug('Sending to user followers => ', user.username)
-    user = await User.findByPk( user.id, { include: { model: FedUsers, as: 'followers' }})
-    debug('Sending to user followers => ', user.followers.length)
-    recipients = {}
-    user.followers.forEach(follower => {
-      const sharedInbox = follower.object.endpoints.sharedInbox
-      if (!recipients[sharedInbox]) recipients[sharedInbox] = []
-      recipients[sharedInbox].push(follower.ap_id)
-    })
-
-    for(const sharedInbox in recipients) {
-      debug('Notify %s with event %s (from user %s) cc => %d', sharedInbox, event.title, user.username, recipients[sharedInbox].length)
-      const body = {
-        id: `${config.baseurl}/federation/m/${event.id}#create`,
-        type: 'Create',
-        to: ['https://www.w3.org/ns/activitystreams#Public'],
-        cc: [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]],
-        //cc: recipients[sharedInbox],
-        actor: `${config.baseurl}/federation/u/${user.username}`,
-        // object: event.toAP(user.username, [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]])
-        object: event.toAP(user.username, recipients[sharedInbox])
-      }
-      body['@context'] = 'https://www.w3.org/ns/activitystreams'
-      Helpers.signAndSend(body, user, sharedInbox)
-    }
+    // debug('Sending to user followers => ', user.username)
+    // user = await User.findByPk(user.id, { include: { model: FedUsers, as: 'followers' } })
+    // debug('Sending to user followers => ', user.followers.length)
+    // recipients = {}
+    // user.followers.forEach(follower => {
+    //   const sharedInbox = follower.object.endpoints.sharedInbox
+    //   if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
+    //   recipients[sharedInbox].push(follower.ap_id)
+    // })

+    // for (const sharedInbox in recipients) {
+    //   debug('Notify %s with event %s (from user %s) cc => %d', sharedInbox, event.title, user.username, recipients[sharedInbox].length)
+    //   const body = {
+    //     id: `${config.baseurl}/federation/m/${event.id}#create`,
+    //     type: 'Create',
+    //     to: ['https://www.w3.org/ns/activitystreams#Public'],
+    //     cc: [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]],
+    //     // cc: recipients[sharedInbox],
+    //     actor: `${config.baseurl}/federation/u/${user.username}`,
+    //     // object: event.toAP(user.username, [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]])
+    //     object: event.toAP(user.username, recipients[sharedInbox])
+    //   }
+    //   body['@context'] = 'https://www.w3.org/ns/activitystreams'
+    //   Helpers.signAndSend(body, user, sharedInbox)
+    // }
  },

-  async getActor (url, force = false) {
+  async getActor (URL, instance, force = false) {
    let fedi_user
-    
-    // try with cache first
-    if (!force) fedi_user = await FedUsers.findByPk(url)

-    if (fedi_user) return fedi_user.object
-    fedi_user = await fetch(url, { headers: { 'Accept': 'application/jrd+json, application/json' } })
+    // try with cache first
+    if (!force) {
+      fedi_user = await FedUsers.findByPk(URL, { include: Instances })
+      if (fedi_user) {
+        debug(fedi_user)
+        if (!fedi_user.instances) {
+          debug(fedi_user.instances)
+          debug(instance.name)
+          fedi_user.setInstance(instance)
+        }
+        return fedi_user.object
+      }
+    }
+
+    fedi_user = await fetch(URL, { headers: { 'Accept': 'application/jrd+json, application/json' } })
      .then(res => {
        if (!res.ok) {
-          debug('[ERR] Actor %s => %s', url, res.statusText)
+          debug('[ERR] Actor %s => %s', URL, res.statusText)
          return false
        }
        return res.json()
      })
+
    if (fedi_user) {
-      await FedUsers.create({ap_id: url, object: fedi_user})
+      await FedUsers.create({ ap_id: URL, object: fedi_user })
    }
    return fedi_user
  },

+  async getInstance (actor_url, force = false) {
+    actor_url = new url.URL(actor_url)
+    const domain = actor_url.host
+    const instance_url = `${actor_url.protocol}//${actor_url.host}`
+    debug('getInstance %s', domain)
+    let instance
+    if (!force) {
+      instance = await Instances.findByPk(domain)
+      if (instance) { return instance }
+    }
+
+    instance = await fetch(`${instance_url}/api/v1/instance`, { headers: { 'Accept': 'application/json' } })
+      .then(res => res.json())
+      .then(instance => {
+        const data = {
+          stats: instance.stats,
+          thumbnail: instance.thumbnail
+        }
+        return Instances.create({ name: instance.title, domain, data, blocked: false })
+      })
+      .catch(e => {
+        debug(e)
+        return false
+      })
+    return instance
+  },
+
  // ref: https://blog.joinmastodon.org/2018/07/how-to-make-friends-and-verify-requests/
  async verifySignature (req, res, next) {
-    let user = await Helpers.getActor(req.body.actor)
+    const instance = await Helpers.getInstance(req.body.actor)
+    if (!instance) { return res.status(401).send('Instance not found') }
+    if (instance.blocked) {
+      debug('Instance %s blocked', instance.domain)
+      return res.status(401).send('Instance blocked')
+    }
+
+    let user = await Helpers.getActor(req.body.actor, instance)
    if (!user) { return res.status(401).send('Actor not found') }
-    
+
    // little hack -> https://github.com/joyent/node-http-signature/pull/83
    req.headers.authorization = 'Signature ' + req.headers.signature
-    
+
    req.fedi_user = user

    // another little hack :/
@@ -168,16 +211,15 @@ const Helpers = {
    req.url = '/federation' + req.url
    const parsed = httpSignature.parseRequest(req)
    if (httpSignature.verifySignature(parsed, user.publicKey.publicKeyPem)) { return next() }
-    
+
    // signature not valid, try without cache
-    user = await Helpers.getActor(req.body.actor, true)
+    user = await Helpers.getActor(req.body.actor, instance, true)
    if (!user) { return res.status(401).send('Actor not found') }
    if (httpSignature.verifySignature(parsed, user.publicKey.publicKeyPem)) { return next() }
-    
+
    // still not valid
    debug('Invalid signature from user %s', req.body.actor)
    res.send('Request signature could not be verified', 401)
-
  }
 }

--- a/server/migrations/20191027130750-create-instances.js
+++ b/server/migrations/20191027130750-create-instances.js
@@ -2,13 +2,9 @@
 module.exports = {
  up: (queryInterface, Sequelize) => {
    return queryInterface.createTable('instances', {
-      id: {
-        allowNull: false,
-        autoIncrement: true,
-        primaryKey: true,
-        type: Sequelize.INTEGER
-      },
      domain: {
+        allowNull: false,
+        primaryKey: true,
        type: Sequelize.STRING
      },
      name: {
--- a/server/migrations/20191027132035-fed_users_instances.js
+++ b/server/migrations/20191027132035-fed_users_instances.js
@@ -2,11 +2,11 @@

 module.exports = {
  up: (queryInterface, Sequelize) => {
-    return queryInterface.addColumn('fed_users', 'instanceId', {
-      type: Sequelize.INTEGER,
+    return queryInterface.addColumn('fed_users', 'instanceDomain', {
+      type: Sequelize.STRING,
      references: {
        model: 'instances',
-        key: 'id'
+        key: 'domain'
      },
      onUpdate: 'CASCADE',
      onDelete: 'CASCADE'
@@ -14,6 +14,6 @@ module.exports = {
  },

  down: (queryInterface, Sequelize) => {
-    return queryInterface.dropColumn('fed_users', 'instanceId')
+    return queryInterface.removeColumn('fed_users', 'instanceDomain')
  }
 }