diff options
Diffstat (limited to 'outboxPost.go')
| -rw-r--r-- | outboxPost.go | 400 |
1 files changed, 0 insertions, 400 deletions
diff --git a/outboxPost.go b/outboxPost.go index d0aa84f..677fa79 100644 --- a/outboxPost.go +++ b/outboxPost.go @@ -4,401 +4,17 @@ import ( "encoding/json" "fmt" "io/ioutil" - "mime/multipart" "net/http" - "os" - "os/exec" - "regexp" - "strings" "github.com/FChannel0/FChannel-Server/activitypub" "github.com/FChannel0/FChannel-Server/config" "github.com/FChannel0/FChannel-Server/db" - "github.com/FChannel0/FChannel-Server/post" "github.com/FChannel0/FChannel-Server/util" "github.com/FChannel0/FChannel-Server/webfinger" "github.com/gofiber/fiber/v2" _ "github.com/lib/pq" ) -func ParseOutboxRequest(ctx *fiber.Ctx) error { - //var activity activitypub.Activity - - actor, err := webfinger.GetActorFromPath(ctx.Path(), "/") - if err != nil { - return err - } - - contentType := GetContentType(ctx.Get("content-type")) - - if contentType == "multipart/form-data" || contentType == "application/x-www-form-urlencoded" { - - hasCaptcha, err := db.BoardHasAuthType(actor.Name, "captcha") - if err != nil { - return err - } - - valid, err := CheckCaptcha(ctx.FormValue("captcha")) - if err == nil && hasCaptcha && valid { - header, _ := ctx.FormFile("file") - - if header != nil { - f, _ := header.Open() - defer f.Close() - if header.Size > (7 << 20) { - return ctx.Render("403", fiber.Map{ - "message": "7MB max file size", - }) - } else if res, err := IsMediaBanned(f); err == nil && res { - //Todo add logging - fmt.Println("media banned") - return ctx.Redirect("/", 301) - } else if err != nil { - return err - } - - contentType, _ := post.GetFileContentType(f) - - if !SupportedMIMEType(contentType) { - return ctx.Render("403", fiber.Map{ - "message": "file type not supported", - }) - } - } - - var nObj = activitypub.CreateObject("Note") - nObj, err := ObjectFromForm(ctx, nObj) - if err != nil { - return err - } - - nObj.Actor = config.Domain + "/" + actor.Name - - nObj, err = activitypub.WriteObjectToDB(nObj) - if err != nil { - return err - } - - if len(nObj.To) == 0 { - if err := db.ArchivePosts(actor); err != nil { - return err - } - } - - activity, err := CreateActivity("Create", nObj) - if err != nil { - return err - } - - activity, err = AddFollowersToActivity(activity) - if err != nil { - return err - } - - go db.MakeActivityRequest(activity) - - var id string - op := len(nObj.InReplyTo) - 1 - if op >= 0 { - if nObj.InReplyTo[op].Id == "" { - id = nObj.Id - } else { - id = nObj.InReplyTo[0].Id + "|" + nObj.Id - } - } - - ctx.Response().Header.Add("status", "200") - _, err = ctx.Write([]byte(id)) - return err - } - - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("captcha could not auth")) - return err - } else { - activity, err := activitypub.GetActivityFromJson(ctx) - if err != nil { - return err - } - - if res, err := activitypub.IsActivityLocal(activity); err == nil && res { - if res := db.VerifyHeaderSignature(ctx, *activity.Actor); err == nil && !res { - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - return err - } - - switch activity.Type { - case "Create": - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - break - - case "Follow": - var validActor bool - var validLocalActor bool - - validActor = (activity.Object.Actor != "") - validLocalActor = (activity.Actor.Id == actor.Id) - - var rActivity activitypub.Activity - if validActor && validLocalActor { - rActivity = db.AcceptFollow(activity) - rActivity, err = db.SetActorFollowingDB(rActivity) - if err != nil { - return err - } - if err := db.MakeActivityRequest(activity); err != nil { - return err - } - } - - webfinger.FollowingBoards, err = activitypub.GetActorFollowingDB(config.Domain) - if err != nil { - return err - } - - webfinger.Boards, err = webfinger.GetBoardCollection() - if err != nil { - return err - } - break - - case "Delete": - fmt.Println("This is a delete") - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - break - - case "Note": - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - break - - case "New": - name := activity.Object.Alias - prefname := activity.Object.Name - summary := activity.Object.Summary - restricted := activity.Object.Sensitive - - actor, err := db.CreateNewBoardDB(*activitypub.CreateNewActor(name, prefname, summary, authReq, restricted)) - if err != nil { - return err - } - - if actor.Id != "" { - var board []activitypub.ObjectBase - var item activitypub.ObjectBase - var removed bool = false - - item.Id = actor.Id - for _, e := range webfinger.FollowingBoards { - if e.Id != item.Id { - board = append(board, e) - } else { - removed = true - } - } - - if !removed { - board = append(board, item) - } - - webfinger.FollowingBoards = board - webfinger.Boards, err = webfinger.GetBoardCollection() - return err - } - - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - break - - default: - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - } - } else if err != nil { - return err - } else { - fmt.Println("is NOT activity") - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - return err - } - } - - return nil -} - -func ObjectFromForm(ctx *fiber.Ctx, obj activitypub.ObjectBase) (activitypub.ObjectBase, error) { - header, _ := ctx.FormFile("file") - file, _ := header.Open() - var err error - - if file != nil { - defer file.Close() - - var tempFile = new(os.File) - obj.Attachment, tempFile, err = activitypub.CreateAttachmentObject(file, header) - if err != nil { - return obj, err - } - - defer tempFile.Close() - - fileBytes, _ := ioutil.ReadAll(file) - - tempFile.Write(fileBytes) - - re := regexp.MustCompile(`image/(jpe?g|png|webp)`) - if re.MatchString(obj.Attachment[0].MediaType) { - fileLoc := strings.ReplaceAll(obj.Attachment[0].Href, config.Domain, "") - - cmd := exec.Command("exiv2", "rm", "."+fileLoc) - - if err := cmd.Run(); err != nil { - return obj, err - } - } - - obj.Preview = activitypub.CreatePreviewObject(obj.Attachment[0]) - } - - obj.AttributedTo = util.EscapeString(ctx.FormValue("name")) - obj.TripCode = util.EscapeString(ctx.FormValue("tripcode")) - obj.Name = util.EscapeString(ctx.FormValue("subject")) - obj.Content = util.EscapeString(ctx.FormValue("comment")) - obj.Sensitive = (ctx.FormValue("sensitive") != "") - - obj = ParseOptions(ctx, obj) - - var originalPost activitypub.ObjectBase - originalPost.Id = util.EscapeString(ctx.FormValue("inReplyTo")) - - obj.InReplyTo = append(obj.InReplyTo, originalPost) - - var activity activitypub.Activity - - if !util.IsInStringArray(activity.To, originalPost.Id) { - activity.To = append(activity.To, originalPost.Id) - } - - if originalPost.Id != "" { - if res, err := activitypub.IsActivityLocal(activity); err == nil && !res { - actor, err := webfinger.FingerActor(originalPost.Id) - if err != nil { - return obj, err - } - - if !util.IsInStringArray(obj.To, actor.Id) { - obj.To = append(obj.To, actor.Id) - } - } else if err != nil { - return obj, err - } - } - - replyingTo, err := ParseCommentForReplies(ctx.FormValue("comment"), originalPost.Id) - if err != nil { - return obj, err - } - - for _, e := range replyingTo { - has := false - - for _, f := range obj.InReplyTo { - if e.Id == f.Id { - has = true - break - } - } - - if !has { - obj.InReplyTo = append(obj.InReplyTo, e) - - var activity activitypub.Activity - - activity.To = append(activity.To, e.Id) - - if res, err := activitypub.IsActivityLocal(activity); err == nil && !res { - actor, err := webfinger.FingerActor(e.Id) - if err != nil { - return obj, err - } - - if !util.IsInStringArray(obj.To, actor.Id) { - obj.To = append(obj.To, actor.Id) - } - } else if err != nil { - return obj, err - } - } - } - - return obj, nil -} - -func ParseOptions(ctx *fiber.Ctx, obj activitypub.ObjectBase) activitypub.ObjectBase { - options := util.EscapeString(ctx.FormValue("options")) - if options != "" { - option := strings.Split(options, ";") - email := regexp.MustCompile(".+@.+\\..+") - wallet := regexp.MustCompile("wallet:.+") - delete := regexp.MustCompile("delete:.+") - for _, e := range option { - if e == "noko" { - obj.Option = append(obj.Option, "noko") - } else if e == "sage" { - obj.Option = append(obj.Option, "sage") - } else if e == "nokosage" { - obj.Option = append(obj.Option, "nokosage") - } else if email.MatchString(e) { - obj.Option = append(obj.Option, "email:"+e) - } else if wallet.MatchString(e) { - obj.Option = append(obj.Option, "wallet") - var wallet activitypub.CryptoCur - value := strings.Split(e, ":") - wallet.Type = value[0] - wallet.Address = value[1] - obj.Wallet = append(obj.Wallet, wallet) - } else if delete.MatchString(e) { - obj.Option = append(obj.Option, e) - } - } - } - - return obj -} - -func CheckCaptcha(captcha string) (bool, error) { - parts := strings.Split(captcha, ":") - - if strings.Trim(parts[0], " ") == "" || strings.Trim(parts[1], " ") == "" { - return false, nil - } - - path := "public/" + parts[0] + ".png" - code, err := db.GetCaptchaCodeDB(path) - if err != nil { - return false, err - } - - if code != "" { - err = db.DeleteCaptchaCodeDB(path) - if err != nil { - return false, err - } - - err = db.CreateNewCaptcha() - if err != nil { - return false, err - } - - } - - return code == strings.ToUpper(parts[1]), nil -} - func ParseInboxRequest(ctx *fiber.Ctx) error { activity, err := activitypub.GetActivityFromJson(ctx) if err != nil { @@ -596,22 +212,6 @@ func MakeActivityFollowingReq(w http.ResponseWriter, r *http.Request, activity a return respActivity.Type == "Accept", err } -func IsMediaBanned(f multipart.File) (bool, error) { - f.Seek(0, 0) - - fileBytes := make([]byte, 2048) - - _, err := f.Read(fileBytes) - if err != nil { - return true, err - } - - hash := util.HashBytes(fileBytes) - - // f.Seek(0, 0) - return db.IsHashBanned(hash) -} - func SendToFollowers(actor string, activity activitypub.Activity) error { nActor, err := activitypub.GetActorFromDB(actor) if err != nil { |