c373148b3d
* Allow import/export of instance-level domain blocks/allows (#1754) * Allow import/export of instance-level domain blocks/allows. Fixes #15095 * Pacify circleci * Address simple code review feedback * Add headers to exported CSV * Extract common import/export functionality to AdminExportControllerConcern * Add additional fields to instance-blocked domain export * Address review feedback * Split instance domain block/allow import/export into separate pages/controllers * Address code review feedback * Pacify DeepSource * Work around Paperclip::HasAttachmentFile for Rails 6 * Fix deprecated API warning in export tests * Remove after_commit workaround (cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a) * Add confirmation page when importing blocked domains (#1773) * Move glitch-soc-specific strings to glitch-soc-specific locale files * Add confirmation page when importing blocked domains (cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e) * Fix authorization check in domain blocks controller (cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38) * Fix error strings for domain blocks and email-domain blocks Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's" * Ran i18n-tasks normalize to address test failure * Removed unused admin.export_domain_blocks.not_permitted string Removing unused string as indicated by Check i18n * Fix tests (cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431) * Fix domain block export not exporting blocks with only media rejection (cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960) * Fix various issues with domain block import - stop using Paperclip for processing domain allow/block imports - stop leaving temporary files - better error handling - assume CSV files are UTF-8-encoded (cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902) Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
110 lines
3.1 KiB
Ruby
110 lines
3.1 KiB
Ruby
# frozen_string_literal: true
|
|
# == Schema Information
|
|
#
|
|
# Table name: domain_blocks
|
|
#
|
|
# id :bigint(8) not null, primary key
|
|
# domain :string default(""), not null
|
|
# created_at :datetime not null
|
|
# updated_at :datetime not null
|
|
# severity :integer default("silence")
|
|
# reject_media :boolean default(FALSE), not null
|
|
# reject_reports :boolean default(FALSE), not null
|
|
# private_comment :text
|
|
# public_comment :text
|
|
# obfuscate :boolean default(FALSE), not null
|
|
#
|
|
|
|
class DomainBlock < ApplicationRecord
|
|
include Paginable
|
|
include DomainNormalizable
|
|
include DomainMaterializable
|
|
|
|
enum severity: [:silence, :suspend, :noop]
|
|
|
|
validates :domain, presence: true, uniqueness: true, domain: true
|
|
|
|
has_many :accounts, foreign_key: :domain, primary_key: :domain
|
|
delegate :count, to: :accounts, prefix: true
|
|
|
|
scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
|
|
scope :with_user_facing_limitations, -> { where(severity: [:silence, :suspend]) }
|
|
scope :with_limitations, -> { where(severity: [:silence, :suspend]).or(where(reject_media: true)) }
|
|
scope :by_severity, -> { order(Arel.sql('(CASE severity WHEN 0 THEN 1 WHEN 1 THEN 2 WHEN 2 THEN 0 END), domain')) }
|
|
|
|
def to_log_human_identifier
|
|
domain
|
|
end
|
|
|
|
def policies
|
|
if suspend?
|
|
[:suspend]
|
|
else
|
|
[severity.to_sym, reject_media? ? :reject_media : nil, reject_reports? ? :reject_reports : nil].reject { |policy| policy == :noop || policy.nil? }
|
|
end
|
|
end
|
|
|
|
class << self
|
|
def suspend?(domain)
|
|
!!rule_for(domain)&.suspend?
|
|
end
|
|
|
|
def silence?(domain)
|
|
!!rule_for(domain)&.silence?
|
|
end
|
|
|
|
def reject_media?(domain)
|
|
!!rule_for(domain)&.reject_media?
|
|
end
|
|
|
|
def reject_reports?(domain)
|
|
!!rule_for(domain)&.reject_reports?
|
|
end
|
|
|
|
alias blocked? suspend?
|
|
|
|
def rule_for(domain)
|
|
return if domain.blank?
|
|
|
|
uri = Addressable::URI.new.tap { |u| u.host = domain.strip.gsub(/[\/]/, '') }
|
|
segments = uri.normalized_host.split('.')
|
|
variants = segments.map.with_index { |_, i| segments[i..-1].join('.') }
|
|
|
|
where(domain: variants).order(Arel.sql('char_length(domain) desc')).first
|
|
rescue Addressable::URI::InvalidURIError, IDN::Idna::IdnaError
|
|
nil
|
|
end
|
|
end
|
|
|
|
def stricter_than?(other_block)
|
|
return true if suspend?
|
|
return false if other_block.suspend? && (silence? || noop?)
|
|
return false if other_block.silence? && noop?
|
|
|
|
(reject_media || !other_block.reject_media) && (reject_reports || !other_block.reject_reports)
|
|
end
|
|
|
|
def affected_accounts_count
|
|
scope = suspend? ? accounts.where(suspended_at: created_at) : accounts.where(silenced_at: created_at)
|
|
scope.count
|
|
end
|
|
|
|
def public_domain
|
|
return domain unless obfuscate?
|
|
|
|
length = domain.size
|
|
visible_ratio = length / 4
|
|
|
|
domain.chars.map.with_index do |chr, i|
|
|
if i > visible_ratio && i < length - visible_ratio && chr != '.'
|
|
'*'
|
|
else
|
|
chr
|
|
end
|
|
end.join
|
|
end
|
|
|
|
def domain_digest
|
|
Digest::SHA256.hexdigest(domain)
|
|
end
|
|
end
|