interesting
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Do not host remote AP objects

This commit is contained in:
Chocobozzz 2018-11-16 11:18:13 +01:00
parent 7373507fa8
commit 8d1fa36ad2
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
4 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/controllers/activitypub/client.ts
View File

@ -39,6 +39,7 @@ import {
import { VideoCaptionModel } from '../../models/video/video-caption' import { VideoCaptionModel } from '../../models/video/video-caption'
import { videoRedundancyGetValidator } from '../../middlewares/validators/redundancy' import { videoRedundancyGetValidator } from '../../middlewares/validators/redundancy'
import { getServerActor } from '../../helpers/utils' import { getServerActor } from '../../helpers/utils'
import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy'
const activityPubClientRouter = express.Router() const activityPubClientRouter = express.Router()
@ -164,6 +165,8 @@ function getAccountVideoRate (rateType: VideoRateType) {
async function videoController (req: express.Request, res: express.Response, next: express.NextFunction) { async function videoController (req: express.Request, res: express.Response, next: express.NextFunction) {
const video: VideoModel = res.locals.video const video: VideoModel = res.locals.video
if (video.isOwned() === false) return res.redirect(video.url)
// We need captions to render AP object // We need captions to render AP object
video.VideoCaptions = await VideoCaptionModel.listVideoCaptions(video.id) video.VideoCaptions = await VideoCaptionModel.listVideoCaptions(video.id)
@ -180,6 +183,9 @@ async function videoController (req: express.Request, res: express.Response, nex
async function videoAnnounceController (req: express.Request, res: express.Response, next: express.NextFunction) { async function videoAnnounceController (req: express.Request, res: express.Response, next: express.NextFunction) {
const share = res.locals.videoShare as VideoShareModel const share = res.locals.videoShare as VideoShareModel
if (share.Actor.isOwned() === false) return res.redirect(share.url)
const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.video, undefined) const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.video, undefined)
return activityPubResponse(activityPubContextify(activity), res) return activityPubResponse(activityPubContextify(activity), res)
@ -252,6 +258,8 @@ async function videoChannelFollowingController (req: express.Request, res: expre
async function videoCommentController (req: express.Request, res: express.Response, next: express.NextFunction) { async function videoCommentController (req: express.Request, res: express.Response, next: express.NextFunction) {
const videoComment: VideoCommentModel = res.locals.videoComment const videoComment: VideoCommentModel = res.locals.videoComment
if (videoComment.isOwned() === false) return res.redirect(videoComment.url)
const threadParentComments = await VideoCommentModel.listThreadParentComments(videoComment, undefined) const threadParentComments = await VideoCommentModel.listThreadParentComments(videoComment, undefined)
const isPublic = true // Comments are always public const isPublic = true // Comments are always public
const audience = getAudience(videoComment.Account.Actor, isPublic) const audience = getAudience(videoComment.Account.Actor, isPublic)
@ -267,7 +275,9 @@ async function videoCommentController (req: express.Request, res: express.Respon
} }
async function videoRedundancyController (req: express.Request, res: express.Response) { async function videoRedundancyController (req: express.Request, res: express.Response) {
const videoRedundancy = res.locals.videoRedundancy const videoRedundancy: VideoRedundancyModel = res.locals.videoRedundancy
if (videoRedundancy.isOwned() === false) return res.redirect(videoRedundancy.url)
const serverActor = await getServerActor() const serverActor = await getServerActor()
const audience = getAudience(serverActor) const audience = getAudience(serverActor)

7
server/middlewares/cache.ts
View File

@ -19,6 +19,7 @@ function cacheRoute (lifetimeArg: string | number) {
logger.debug('No cached results for route %s.', req.originalUrl) logger.debug('No cached results for route %s.', req.originalUrl)
const sendSave = res.send.bind(res) const sendSave = res.send.bind(res)
const redirectSave = res.redirect.bind(res)
res.send = (body) => { res.send = (body) => {
if (res.statusCode >= 200 && res.statusCode < 400) { if (res.statusCode >= 200 && res.statusCode < 400) {
@ -38,6 +39,12 @@ function cacheRoute (lifetimeArg: string | number) {
return sendSave(body) return sendSave(body)
} }
res.redirect = url => {
done()
return redirectSave(url)
}
return next() return next()
} }

7
server/models/redundancy/video-redundancy.ts
View File

@ -117,8 +117,7 @@ export class VideoRedundancyModel extends Model<VideoRedundancyModel> {
@BeforeDestroy @BeforeDestroy
static async removeFile (instance: VideoRedundancyModel) { static async removeFile (instance: VideoRedundancyModel) {
// Not us if (!instance.isOwned()) return
if (!instance.strategy) return
const videoFile = await VideoFileModel.loadWithVideo(instance.videoFileId) const videoFile = await VideoFileModel.loadWithVideo(instance.videoFileId)
@ -404,6 +403,10 @@ export class VideoRedundancyModel extends Model<VideoRedundancyModel> {
})) }))
} }
isOwned () {
return !!this.strategy
}
toActivityPubObject (): CacheFileObject { toActivityPubObject (): CacheFileObject {
return { return {
id: this.url, id: this.url,

5
server/tests/api/check-params/user-subscriptions.ts
View File

@ -15,6 +15,7 @@ import {
userLogin userLogin
} from '../../utils' } from '../../utils'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
import { waitJobs } from '../../utils/server/jobs'
describe('Test user subscriptions API validators', function () { describe('Test user subscriptions API validators', function () {
const path = '/api/v1/users/me/subscriptions' const path = '/api/v1/users/me/subscriptions'
@ -141,6 +142,8 @@ describe('Test user subscriptions API validators', function () {
}) })
it('Should succeed with the correct parameters', async function () { it('Should succeed with the correct parameters', async function () {
this.timeout(20000)
await makePostBodyRequest({ await makePostBodyRequest({
url: server.url, url: server.url,
path, path,
@ -148,6 +151,8 @@ describe('Test user subscriptions API validators', function () {
fields: { uri: 'user1_channel@localhost:9001' }, fields: { uri: 'user1_channel@localhost:9001' },
statusCodeExpected: 204 statusCodeExpected: 204
}) })
await waitJobs([ server ])
}) })
}) })