mirror of
https://codeberg.org/yeentown/barkey.git
synced 2025-10-26 03:04:52 +00:00
3a6c2aa835
* Fix type error in security fixes (cherry picked from commitfa3cf6c299) * Fix error in test function calls (cherry picked from commit1758f29364) * Fix style error (cherry picked from commit23c4aa2571) * Fix another style error (cherry picked from commit36af07abe2) * Fix `.punyHost` misuse (cherry picked from commit6027b516e1) * attempt to fix test: make yaml valid --------- Co-authored-by: Julia Johannesen <julia@insertdomain.name>
480 lines
15 KiB
TypeScript
480 lines
15 KiB
TypeScript
/*
|
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
process.env.NODE_ENV = 'test';
|
|
|
|
import * as assert from 'assert';
|
|
import { Test } from '@nestjs/testing';
|
|
import { jest } from '@jest/globals';
|
|
|
|
import { ApImageService } from '@/core/activitypub/models/ApImageService.js';
|
|
import { ApNoteService } from '@/core/activitypub/models/ApNoteService.js';
|
|
import { ApPersonService } from '@/core/activitypub/models/ApPersonService.js';
|
|
import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
|
|
import { JsonLdService } from '@/core/activitypub/JsonLdService.js';
|
|
import { CONTEXT } from '@/core/activitypub/misc/contexts.js';
|
|
import { GlobalModule } from '@/GlobalModule.js';
|
|
import { CoreModule } from '@/core/CoreModule.js';
|
|
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
|
import { LoggerService } from '@/core/LoggerService.js';
|
|
import type { IActor, IApDocument, ICollection, IObject, IPost } from '@/core/activitypub/type.js';
|
|
import { MiMeta, MiNote, UserProfilesRepository } from '@/models/_.js';
|
|
import { DI } from '@/di-symbols.js';
|
|
import { secureRndstr } from '@/misc/secure-rndstr.js';
|
|
import { DownloadService } from '@/core/DownloadService.js';
|
|
import type { MiRemoteUser } from '@/models/User.js';
|
|
import { genAidx } from '@/misc/id/aidx.js';
|
|
import { MockResolver } from '../misc/mock-resolver.js';
|
|
|
|
const host = 'https://host1.test';
|
|
|
|
type NonTransientIActor = IActor & { id: string };
|
|
type NonTransientIPost = IPost & { id: string };
|
|
|
|
function createRandomActor({ actorHost = host } = {}): NonTransientIActor {
|
|
const preferredUsername = secureRndstr(8);
|
|
const actorId = `${actorHost}/users/${preferredUsername.toLowerCase()}`;
|
|
|
|
return {
|
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
|
id: actorId,
|
|
type: 'Person',
|
|
preferredUsername,
|
|
inbox: `${actorId}/inbox`,
|
|
outbox: `${actorId}/outbox`,
|
|
};
|
|
}
|
|
|
|
function createRandomNote(actor: NonTransientIActor): NonTransientIPost {
|
|
const id = secureRndstr(8);
|
|
const noteId = `${new URL(actor.id).origin}/notes/${id}`;
|
|
|
|
return {
|
|
id: noteId,
|
|
type: 'Note',
|
|
attributedTo: actor.id,
|
|
content: 'test test foo',
|
|
};
|
|
}
|
|
|
|
function createRandomNotes(actor: NonTransientIActor, length: number): NonTransientIPost[] {
|
|
return new Array(length).fill(null).map(() => createRandomNote(actor));
|
|
}
|
|
|
|
function createRandomFeaturedCollection(actor: NonTransientIActor, length: number): ICollection {
|
|
const items = createRandomNotes(actor, length);
|
|
|
|
return {
|
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
|
type: 'Collection',
|
|
id: actor.outbox as string,
|
|
totalItems: items.length,
|
|
items,
|
|
};
|
|
}
|
|
|
|
async function createRandomRemoteUser(
|
|
resolver: MockResolver,
|
|
personService: ApPersonService,
|
|
): Promise<MiRemoteUser> {
|
|
const actor = createRandomActor();
|
|
resolver.register(actor.id, actor);
|
|
|
|
return await personService.createPerson(actor.id, resolver);
|
|
}
|
|
|
|
describe('ActivityPub', () => {
|
|
let userProfilesRepository: UserProfilesRepository;
|
|
let imageService: ApImageService;
|
|
let noteService: ApNoteService;
|
|
let personService: ApPersonService;
|
|
let rendererService: ApRendererService;
|
|
let jsonLdService: JsonLdService;
|
|
let resolver: MockResolver;
|
|
|
|
const metaInitial = {
|
|
cacheRemoteFiles: true,
|
|
cacheRemoteSensitiveFiles: true,
|
|
enableFanoutTimeline: true,
|
|
enableFanoutTimelineDbFallback: true,
|
|
perUserHomeTimelineCacheMax: 100,
|
|
perLocalUserUserTimelineCacheMax: 100,
|
|
perRemoteUserUserTimelineCacheMax: 100,
|
|
blockedHosts: [] as string[],
|
|
sensitiveWords: [] as string[],
|
|
prohibitedWords: [] as string[],
|
|
} as MiMeta;
|
|
const meta = { ...metaInitial };
|
|
|
|
function updateMeta(newMeta: Partial<MiMeta>): void {
|
|
for (const key in meta) {
|
|
delete (meta as any)[key];
|
|
}
|
|
Object.assign(meta, newMeta);
|
|
}
|
|
|
|
beforeAll(async () => {
|
|
const app = await Test.createTestingModule({
|
|
imports: [GlobalModule, CoreModule],
|
|
})
|
|
.overrideProvider(DownloadService).useValue({
|
|
async downloadUrl(): Promise<{ filename: string }> {
|
|
return {
|
|
filename: 'dummy.tmp',
|
|
};
|
|
},
|
|
})
|
|
.overrideProvider(DI.meta).useFactory({ factory: () => meta })
|
|
.compile();
|
|
|
|
await app.init();
|
|
app.enableShutdownHooks();
|
|
|
|
userProfilesRepository = app.get(DI.userProfilesRepository);
|
|
|
|
noteService = app.get<ApNoteService>(ApNoteService);
|
|
personService = app.get<ApPersonService>(ApPersonService);
|
|
rendererService = app.get<ApRendererService>(ApRendererService);
|
|
imageService = app.get<ApImageService>(ApImageService);
|
|
jsonLdService = app.get<JsonLdService>(JsonLdService);
|
|
resolver = new MockResolver(await app.resolve<LoggerService>(LoggerService));
|
|
|
|
// Prevent ApPersonService from fetching instance, as it causes Jest import-after-test error
|
|
const federatedInstanceService = app.get<FederatedInstanceService>(FederatedInstanceService);
|
|
jest.spyOn(federatedInstanceService, 'fetch').mockImplementation(() => new Promise(() => { }));
|
|
});
|
|
|
|
beforeEach(() => {
|
|
resolver.clear();
|
|
});
|
|
|
|
describe('Parse minimum object', () => {
|
|
const actor = createRandomActor();
|
|
|
|
const post = {
|
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
|
id: `${host}/users/${secureRndstr(8)}`,
|
|
type: 'Note',
|
|
attributedTo: actor.id,
|
|
to: 'https://www.w3.org/ns/activitystreams#Public',
|
|
content: 'あ',
|
|
};
|
|
|
|
test('Minimum Actor', async () => {
|
|
resolver.register(actor.id, actor);
|
|
|
|
const user = await personService.createPerson(actor.id, resolver);
|
|
|
|
assert.deepStrictEqual(user.uri, actor.id);
|
|
assert.deepStrictEqual(user.username, actor.preferredUsername);
|
|
assert.deepStrictEqual(user.inbox, actor.inbox);
|
|
});
|
|
|
|
test('Minimum Note', async () => {
|
|
resolver.register(actor.id, actor);
|
|
resolver.register(post.id, post);
|
|
|
|
const note = await noteService.createNote(post.id, undefined, resolver, true);
|
|
|
|
assert.deepStrictEqual(note?.uri, post.id);
|
|
assert.deepStrictEqual(note.visibility, 'public');
|
|
assert.deepStrictEqual(note.text, post.content);
|
|
});
|
|
});
|
|
|
|
describe('Name field', () => {
|
|
test('Truncate long name', async () => {
|
|
const actor = {
|
|
...createRandomActor(),
|
|
name: secureRndstr(129),
|
|
};
|
|
|
|
resolver.register(actor.id, actor);
|
|
|
|
const user = await personService.createPerson(actor.id, resolver);
|
|
|
|
assert.deepStrictEqual(user.name, actor.name.slice(0, 128));
|
|
});
|
|
|
|
test('Normalize empty name', async () => {
|
|
const actor = {
|
|
...createRandomActor(),
|
|
name: '',
|
|
};
|
|
|
|
resolver.register(actor.id, actor);
|
|
|
|
const user = await personService.createPerson(actor.id, resolver);
|
|
|
|
assert.strictEqual(user.name, null);
|
|
});
|
|
});
|
|
|
|
describe('Collection visibility', () => {
|
|
test('Public following/followers', async () => {
|
|
const actor = createRandomActor();
|
|
actor.following = {
|
|
id: `${actor.id}/following`,
|
|
type: 'OrderedCollection',
|
|
totalItems: 0,
|
|
first: `${actor.id}/following?page=1`,
|
|
};
|
|
actor.followers = `${actor.id}/followers`;
|
|
|
|
resolver.register(actor.id, actor);
|
|
resolver.register(actor.followers, {
|
|
id: actor.followers,
|
|
type: 'OrderedCollection',
|
|
totalItems: 0,
|
|
first: `${actor.followers}?page=1`,
|
|
});
|
|
|
|
const user = await personService.createPerson(actor.id, resolver);
|
|
const userProfile = await userProfilesRepository.findOneByOrFail({ userId: user.id });
|
|
|
|
assert.deepStrictEqual(userProfile.followingVisibility, 'public');
|
|
assert.deepStrictEqual(userProfile.followersVisibility, 'public');
|
|
});
|
|
|
|
test('Private following/followers', async () => {
|
|
const actor = createRandomActor();
|
|
actor.following = {
|
|
id: `${actor.id}/following`,
|
|
type: 'OrderedCollection',
|
|
totalItems: 0,
|
|
// first: …
|
|
};
|
|
actor.followers = `${actor.id}/followers`;
|
|
|
|
resolver.register(actor.id, actor);
|
|
//resolver.register(actor.followers, { … });
|
|
|
|
const user = await personService.createPerson(actor.id, resolver);
|
|
const userProfile = await userProfilesRepository.findOneByOrFail({ userId: user.id });
|
|
|
|
assert.deepStrictEqual(userProfile.followingVisibility, 'private');
|
|
assert.deepStrictEqual(userProfile.followersVisibility, 'private');
|
|
});
|
|
});
|
|
|
|
describe('Renderer', () => {
|
|
test('Render an announce with visibility: followers', () => {
|
|
rendererService.renderAnnounce('https://example.com/notes/00example', {
|
|
id: genAidx(Date.now()),
|
|
visibility: 'followers',
|
|
} as MiNote);
|
|
});
|
|
});
|
|
|
|
describe('Featured', () => {
|
|
test('Fetch featured notes from IActor', async () => {
|
|
const actor = createRandomActor();
|
|
actor.featured = `${actor.id}/collections/featured`;
|
|
|
|
const featured = createRandomFeaturedCollection(actor, 5);
|
|
|
|
resolver.register(actor.id, actor);
|
|
resolver.register(actor.featured, featured);
|
|
|
|
await personService.createPerson(actor.id, resolver);
|
|
|
|
// All notes in `featured` are same-origin, no need to fetch notes again
|
|
assert.deepStrictEqual(resolver.remoteGetTrials(), [actor.id, actor.featured]);
|
|
|
|
// Created notes without resolving anything
|
|
for (const item of featured.items as IPost[]) {
|
|
const note = await noteService.fetchNote(item);
|
|
assert.ok(note);
|
|
assert.strictEqual(note.text, 'test test foo');
|
|
assert.strictEqual(note.uri, item.id);
|
|
}
|
|
});
|
|
|
|
test('Fetch featured notes from IActor pointing to another remote server', async () => {
|
|
const actor1 = createRandomActor();
|
|
actor1.featured = `${actor1.id}/collections/featured`;
|
|
const actor2 = createRandomActor({ actorHost: 'https://host2.test' });
|
|
|
|
const actor2Note = createRandomNote(actor2);
|
|
const featured = createRandomFeaturedCollection(actor1, 0);
|
|
(featured.items as IPost[]).push({
|
|
...actor2Note,
|
|
content: 'test test bar', // fraud!
|
|
});
|
|
|
|
resolver.register(actor1.id, actor1);
|
|
resolver.register(actor1.featured, featured);
|
|
resolver.register(actor2.id, actor2);
|
|
resolver.register(actor2Note.id, actor2Note);
|
|
|
|
await personService.createPerson(actor1.id, resolver);
|
|
|
|
// actor2Note is from a different server and needs to be fetched again
|
|
assert.deepStrictEqual(
|
|
resolver.remoteGetTrials(),
|
|
[actor1.id, actor1.featured, actor2Note.id, actor2.id],
|
|
);
|
|
|
|
const note = await noteService.fetchNote(actor2Note.id);
|
|
assert.ok(note);
|
|
|
|
// Reflects the original content instead of the fraud
|
|
assert.strictEqual(note.text, 'test test foo');
|
|
assert.strictEqual(note.uri, actor2Note.id);
|
|
});
|
|
|
|
test('Fetch a note that is a featured note of the attributed actor', async () => {
|
|
const actor = createRandomActor();
|
|
actor.featured = `${actor.id}/collections/featured`;
|
|
|
|
const featured = createRandomFeaturedCollection(actor, 5);
|
|
const firstNote = (featured.items as NonTransientIPost[])[0];
|
|
|
|
resolver.register(actor.id, actor);
|
|
resolver.register(actor.featured, featured);
|
|
resolver.register(firstNote.id, firstNote);
|
|
|
|
const note = await noteService.createNote(firstNote.id as string, undefined, resolver);
|
|
assert.strictEqual(note?.uri, firstNote.id);
|
|
});
|
|
});
|
|
|
|
describe('Images', () => {
|
|
test('Create images', async () => {
|
|
const imageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/foo.png',
|
|
name: '',
|
|
};
|
|
const driveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
imageObject,
|
|
);
|
|
assert.ok(driveFile && !driveFile.isLink);
|
|
|
|
const sensitiveImageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/bar.png',
|
|
name: '',
|
|
sensitive: true,
|
|
};
|
|
const sensitiveDriveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
sensitiveImageObject,
|
|
);
|
|
assert.ok(sensitiveDriveFile && !sensitiveDriveFile.isLink);
|
|
});
|
|
|
|
test('cacheRemoteFiles=false disables caching', async () => {
|
|
updateMeta({ ...metaInitial, cacheRemoteFiles: false });
|
|
|
|
const imageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/foo.png',
|
|
name: '',
|
|
};
|
|
const driveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
imageObject,
|
|
);
|
|
assert.ok(driveFile && driveFile.isLink);
|
|
|
|
const sensitiveImageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/bar.png',
|
|
name: '',
|
|
sensitive: true,
|
|
};
|
|
const sensitiveDriveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
sensitiveImageObject,
|
|
);
|
|
assert.ok(sensitiveDriveFile && sensitiveDriveFile.isLink);
|
|
});
|
|
|
|
test('cacheRemoteSensitiveFiles=false only affects sensitive files', async () => {
|
|
updateMeta({ ...metaInitial, cacheRemoteSensitiveFiles: false });
|
|
|
|
const imageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/foo.png',
|
|
name: '',
|
|
};
|
|
const driveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
imageObject,
|
|
);
|
|
assert.ok(driveFile && !driveFile.isLink);
|
|
|
|
const sensitiveImageObject: IApDocument = {
|
|
type: 'Document',
|
|
mediaType: 'image/png',
|
|
url: 'http://host1.test/bar.png',
|
|
name: '',
|
|
sensitive: true,
|
|
};
|
|
const sensitiveDriveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
sensitiveImageObject,
|
|
);
|
|
assert.ok(sensitiveDriveFile && sensitiveDriveFile.isLink);
|
|
});
|
|
|
|
test('Link is not an attachment files', async () => {
|
|
const linkObject: IObject = {
|
|
type: 'Link',
|
|
href: 'https://example.com/',
|
|
};
|
|
const driveFile = await imageService.createImage(
|
|
await createRandomRemoteUser(resolver, personService),
|
|
linkObject,
|
|
);
|
|
assert.strictEqual(driveFile, null);
|
|
});
|
|
});
|
|
|
|
describe('JSON-LD', () =>{
|
|
test('Compaction', async () => {
|
|
const jsonLd = jsonLdService.use();
|
|
|
|
const object = {
|
|
'@context': [
|
|
'https://www.w3.org/ns/activitystreams',
|
|
{
|
|
_misskey_quote: 'https://misskey-hub.net/ns#_misskey_quote',
|
|
unknown: 'https://example.org/ns#unknown',
|
|
undefined: null,
|
|
},
|
|
],
|
|
id: 'https://example.com/notes/42',
|
|
type: 'Note',
|
|
attributedTo: 'https://example.com/users/1',
|
|
to: ['https://www.w3.org/ns/activitystreams#Public'],
|
|
content: 'test test foo',
|
|
_misskey_quote: 'https://example.com/notes/1',
|
|
unknown: 'test test bar',
|
|
undefined: 'test test baz',
|
|
};
|
|
const compacted = await jsonLd.compact(object);
|
|
|
|
assert.deepStrictEqual(compacted, {
|
|
'@context': CONTEXT,
|
|
id: 'https://example.com/notes/42',
|
|
type: 'Note',
|
|
attributedTo: 'https://example.com/users/1',
|
|
to: 'as:Public',
|
|
content: 'test test foo',
|
|
_misskey_quote: 'https://example.com/notes/1',
|
|
'https://example.org/ns#unknown': 'test test bar',
|
|
// undefined: 'test test baz',
|
|
});
|
|
});
|
|
});
|
|
});
|