Fix deletes not being signed in authorized fetch mode (#17484)
Fix #17483
This commit is contained in:
parent
d4e6774a0c
commit
c9a52833b6
3 changed files with 15 additions and 7 deletions
|
@ -1,13 +1,21 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
module Payloadable
|
module Payloadable
|
||||||
|
# @param [ActiveModelSerializers::Model] record
|
||||||
|
# @param [ActiveModelSerializers::Serializer] serializer
|
||||||
|
# @param [Hash] options
|
||||||
|
# @option options [Account] :signer
|
||||||
|
# @option options [String] :sign_with
|
||||||
|
# @option options [Boolean] :always_sign
|
||||||
|
# @return [Hash]
|
||||||
def serialize_payload(record, serializer, options = {})
|
def serialize_payload(record, serializer, options = {})
|
||||||
signer = options.delete(:signer)
|
signer = options.delete(:signer)
|
||||||
sign_with = options.delete(:sign_with)
|
sign_with = options.delete(:sign_with)
|
||||||
|
always_sign = options.delete(:always_sign)
|
||||||
payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
|
payload = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
|
||||||
object = record.respond_to?(:virtual_object) ? record.virtual_object : record
|
object = record.respond_to?(:virtual_object) ? record.virtual_object : record
|
||||||
|
|
||||||
if (object.respond_to?(:sign?) && object.sign?) && signer && signing_enabled?
|
if (object.respond_to?(:sign?) && object.sign?) && signer && (always_sign || signing_enabled?)
|
||||||
ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with)
|
ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with)
|
||||||
else
|
else
|
||||||
payload
|
payload
|
||||||
|
|
|
@ -265,7 +265,7 @@ class DeleteAccountService < BaseService
|
||||||
end
|
end
|
||||||
|
|
||||||
def delete_actor_json
|
def delete_actor_json
|
||||||
@delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account))
|
@delete_actor_json ||= Oj.dump(serialize_payload(@account, ActivityPub::DeleteActorSerializer, signer: @account, always_sign: true))
|
||||||
end
|
end
|
||||||
|
|
||||||
def delivery_inboxes
|
def delivery_inboxes
|
||||||
|
|
|
@ -95,7 +95,7 @@ class RemoveStatusService < BaseService
|
||||||
end
|
end
|
||||||
|
|
||||||
def signed_activity_json
|
def signed_activity_json
|
||||||
@signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account))
|
@signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account, always_sign: true))
|
||||||
end
|
end
|
||||||
|
|
||||||
def remove_reblogs
|
def remove_reblogs
|
||||||
|
|
Loading…
Reference in a new issue