From 503a6637b8294aeb8e5e5546f8acbd2b3d6c4744 Mon Sep 17 00:00:00 2001 From: FChannel <> Date: Sat, 30 Apr 2022 22:17:32 -0700 Subject: first steps in posting connected. can make reply with no quote or quote OP do not recommend working on this branch for the time being since things are being moved around a lot --- outboxPost.go | 400 ---------------------------------------------------------- 1 file changed, 400 deletions(-) (limited to 'outboxPost.go') diff --git a/outboxPost.go b/outboxPost.go index d0aa84f..677fa79 100644 --- a/outboxPost.go +++ b/outboxPost.go @@ -4,401 +4,17 @@ import ( "encoding/json" "fmt" "io/ioutil" - "mime/multipart" "net/http" - "os" - "os/exec" - "regexp" - "strings" "github.com/FChannel0/FChannel-Server/activitypub" "github.com/FChannel0/FChannel-Server/config" "github.com/FChannel0/FChannel-Server/db" - "github.com/FChannel0/FChannel-Server/post" "github.com/FChannel0/FChannel-Server/util" "github.com/FChannel0/FChannel-Server/webfinger" "github.com/gofiber/fiber/v2" _ "github.com/lib/pq" ) -func ParseOutboxRequest(ctx *fiber.Ctx) error { - //var activity activitypub.Activity - - actor, err := webfinger.GetActorFromPath(ctx.Path(), "/") - if err != nil { - return err - } - - contentType := GetContentType(ctx.Get("content-type")) - - if contentType == "multipart/form-data" || contentType == "application/x-www-form-urlencoded" { - - hasCaptcha, err := db.BoardHasAuthType(actor.Name, "captcha") - if err != nil { - return err - } - - valid, err := CheckCaptcha(ctx.FormValue("captcha")) - if err == nil && hasCaptcha && valid { - header, _ := ctx.FormFile("file") - - if header != nil { - f, _ := header.Open() - defer f.Close() - if header.Size > (7 << 20) { - return ctx.Render("403", fiber.Map{ - "message": "7MB max file size", - }) - } else if res, err := IsMediaBanned(f); err == nil && res { - //Todo add logging - fmt.Println("media banned") - return ctx.Redirect("/", 301) - } else if err != nil { - return err - } - - contentType, _ := post.GetFileContentType(f) - - if !SupportedMIMEType(contentType) { - return ctx.Render("403", fiber.Map{ - "message": "file type not supported", - }) - } - } - - var nObj = activitypub.CreateObject("Note") - nObj, err := ObjectFromForm(ctx, nObj) - if err != nil { - return err - } - - nObj.Actor = config.Domain + "/" + actor.Name - - nObj, err = activitypub.WriteObjectToDB(nObj) - if err != nil { - return err - } - - if len(nObj.To) == 0 { - if err := db.ArchivePosts(actor); err != nil { - return err - } - } - - activity, err := CreateActivity("Create", nObj) - if err != nil { - return err - } - - activity, err = AddFollowersToActivity(activity) - if err != nil { - return err - } - - go db.MakeActivityRequest(activity) - - var id string - op := len(nObj.InReplyTo) - 1 - if op >= 0 { - if nObj.InReplyTo[op].Id == "" { - id = nObj.Id - } else { - id = nObj.InReplyTo[0].Id + "|" + nObj.Id - } - } - - ctx.Response().Header.Add("status", "200") - _, err = ctx.Write([]byte(id)) - return err - } - - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("captcha could not auth")) - return err - } else { - activity, err := activitypub.GetActivityFromJson(ctx) - if err != nil { - return err - } - - if res, err := activitypub.IsActivityLocal(activity); err == nil && res { - if res := db.VerifyHeaderSignature(ctx, *activity.Actor); err == nil && !res { - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - return err - } - - switch activity.Type { - case "Create": - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - break - - case "Follow": - var validActor bool - var validLocalActor bool - - validActor = (activity.Object.Actor != "") - validLocalActor = (activity.Actor.Id == actor.Id) - - var rActivity activitypub.Activity - if validActor && validLocalActor { - rActivity = db.AcceptFollow(activity) - rActivity, err = db.SetActorFollowingDB(rActivity) - if err != nil { - return err - } - if err := db.MakeActivityRequest(activity); err != nil { - return err - } - } - - webfinger.FollowingBoards, err = activitypub.GetActorFollowingDB(config.Domain) - if err != nil { - return err - } - - webfinger.Boards, err = webfinger.GetBoardCollection() - if err != nil { - return err - } - break - - case "Delete": - fmt.Println("This is a delete") - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - break - - case "Note": - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - break - - case "New": - name := activity.Object.Alias - prefname := activity.Object.Name - summary := activity.Object.Summary - restricted := activity.Object.Sensitive - - actor, err := db.CreateNewBoardDB(*activitypub.CreateNewActor(name, prefname, summary, authReq, restricted)) - if err != nil { - return err - } - - if actor.Id != "" { - var board []activitypub.ObjectBase - var item activitypub.ObjectBase - var removed bool = false - - item.Id = actor.Id - for _, e := range webfinger.FollowingBoards { - if e.Id != item.Id { - board = append(board, e) - } else { - removed = true - } - } - - if !removed { - board = append(board, item) - } - - webfinger.FollowingBoards = board - webfinger.Boards, err = webfinger.GetBoardCollection() - return err - } - - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("")) - break - - default: - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - } - } else if err != nil { - return err - } else { - fmt.Println("is NOT activity") - ctx.Response().Header.Add("status", "403") - _, err = ctx.Write([]byte("could not process activity")) - return err - } - } - - return nil -} - -func ObjectFromForm(ctx *fiber.Ctx, obj activitypub.ObjectBase) (activitypub.ObjectBase, error) { - header, _ := ctx.FormFile("file") - file, _ := header.Open() - var err error - - if file != nil { - defer file.Close() - - var tempFile = new(os.File) - obj.Attachment, tempFile, err = activitypub.CreateAttachmentObject(file, header) - if err != nil { - return obj, err - } - - defer tempFile.Close() - - fileBytes, _ := ioutil.ReadAll(file) - - tempFile.Write(fileBytes) - - re := regexp.MustCompile(`image/(jpe?g|png|webp)`) - if re.MatchString(obj.Attachment[0].MediaType) { - fileLoc := strings.ReplaceAll(obj.Attachment[0].Href, config.Domain, "") - - cmd := exec.Command("exiv2", "rm", "."+fileLoc) - - if err := cmd.Run(); err != nil { - return obj, err - } - } - - obj.Preview = activitypub.CreatePreviewObject(obj.Attachment[0]) - } - - obj.AttributedTo = util.EscapeString(ctx.FormValue("name")) - obj.TripCode = util.EscapeString(ctx.FormValue("tripcode")) - obj.Name = util.EscapeString(ctx.FormValue("subject")) - obj.Content = util.EscapeString(ctx.FormValue("comment")) - obj.Sensitive = (ctx.FormValue("sensitive") != "") - - obj = ParseOptions(ctx, obj) - - var originalPost activitypub.ObjectBase - originalPost.Id = util.EscapeString(ctx.FormValue("inReplyTo")) - - obj.InReplyTo = append(obj.InReplyTo, originalPost) - - var activity activitypub.Activity - - if !util.IsInStringArray(activity.To, originalPost.Id) { - activity.To = append(activity.To, originalPost.Id) - } - - if originalPost.Id != "" { - if res, err := activitypub.IsActivityLocal(activity); err == nil && !res { - actor, err := webfinger.FingerActor(originalPost.Id) - if err != nil { - return obj, err - } - - if !util.IsInStringArray(obj.To, actor.Id) { - obj.To = append(obj.To, actor.Id) - } - } else if err != nil { - return obj, err - } - } - - replyingTo, err := ParseCommentForReplies(ctx.FormValue("comment"), originalPost.Id) - if err != nil { - return obj, err - } - - for _, e := range replyingTo { - has := false - - for _, f := range obj.InReplyTo { - if e.Id == f.Id { - has = true - break - } - } - - if !has { - obj.InReplyTo = append(obj.InReplyTo, e) - - var activity activitypub.Activity - - activity.To = append(activity.To, e.Id) - - if res, err := activitypub.IsActivityLocal(activity); err == nil && !res { - actor, err := webfinger.FingerActor(e.Id) - if err != nil { - return obj, err - } - - if !util.IsInStringArray(obj.To, actor.Id) { - obj.To = append(obj.To, actor.Id) - } - } else if err != nil { - return obj, err - } - } - } - - return obj, nil -} - -func ParseOptions(ctx *fiber.Ctx, obj activitypub.ObjectBase) activitypub.ObjectBase { - options := util.EscapeString(ctx.FormValue("options")) - if options != "" { - option := strings.Split(options, ";") - email := regexp.MustCompile(".+@.+\\..+") - wallet := regexp.MustCompile("wallet:.+") - delete := regexp.MustCompile("delete:.+") - for _, e := range option { - if e == "noko" { - obj.Option = append(obj.Option, "noko") - } else if e == "sage" { - obj.Option = append(obj.Option, "sage") - } else if e == "nokosage" { - obj.Option = append(obj.Option, "nokosage") - } else if email.MatchString(e) { - obj.Option = append(obj.Option, "email:"+e) - } else if wallet.MatchString(e) { - obj.Option = append(obj.Option, "wallet") - var wallet activitypub.CryptoCur - value := strings.Split(e, ":") - wallet.Type = value[0] - wallet.Address = value[1] - obj.Wallet = append(obj.Wallet, wallet) - } else if delete.MatchString(e) { - obj.Option = append(obj.Option, e) - } - } - } - - return obj -} - -func CheckCaptcha(captcha string) (bool, error) { - parts := strings.Split(captcha, ":") - - if strings.Trim(parts[0], " ") == "" || strings.Trim(parts[1], " ") == "" { - return false, nil - } - - path := "public/" + parts[0] + ".png" - code, err := db.GetCaptchaCodeDB(path) - if err != nil { - return false, err - } - - if code != "" { - err = db.DeleteCaptchaCodeDB(path) - if err != nil { - return false, err - } - - err = db.CreateNewCaptcha() - if err != nil { - return false, err - } - - } - - return code == strings.ToUpper(parts[1]), nil -} - func ParseInboxRequest(ctx *fiber.Ctx) error { activity, err := activitypub.GetActivityFromJson(ctx) if err != nil { @@ -596,22 +212,6 @@ func MakeActivityFollowingReq(w http.ResponseWriter, r *http.Request, activity a return respActivity.Type == "Accept", err } -func IsMediaBanned(f multipart.File) (bool, error) { - f.Seek(0, 0) - - fileBytes := make([]byte, 2048) - - _, err := f.Read(fileBytes) - if err != nil { - return true, err - } - - hash := util.HashBytes(fileBytes) - - // f.Seek(0, 0) - return db.IsHashBanned(hash) -} - func SendToFollowers(actor string, activity activitypub.Activity) error { nActor, err := activitypub.GetActorFromDB(actor) if err != nil { -- cgit v1.2.3