Inbox.php 41 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388
  1. <?php
  2. namespace App\Util\ActivityPub;
  3. use App\DirectMessage;
  4. use App\Follower;
  5. use App\FollowRequest;
  6. use App\Instance;
  7. use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
  8. use App\Jobs\FollowPipeline\FollowPipeline;
  9. use App\Jobs\HomeFeedPipeline\FeedRemoveRemotePipeline;
  10. use App\Jobs\LikePipeline\LikePipeline;
  11. use App\Jobs\MovePipeline\CleanupLegacyAccountMovePipeline;
  12. use App\Jobs\MovePipeline\MoveMigrateFollowersPipeline;
  13. use App\Jobs\MovePipeline\ProcessMovePipeline;
  14. use App\Jobs\MovePipeline\UnfollowLegacyAccountMovePipeline;
  15. use App\Jobs\ProfilePipeline\HandleUpdateActivity;
  16. use App\Jobs\StatusPipeline\RemoteStatusDelete;
  17. use App\Jobs\StatusPipeline\StatusRemoteUpdatePipeline;
  18. use App\Jobs\StoryPipeline\StoryExpire;
  19. use App\Jobs\StoryPipeline\StoryFetch;
  20. use App\Like;
  21. use App\Media;
  22. use App\Models\Conversation;
  23. use App\Models\RemoteReport;
  24. use App\Notification;
  25. use App\Profile;
  26. use App\Services\AccountService;
  27. use App\Services\FollowerService;
  28. use App\Services\PollService;
  29. use App\Services\ReblogService;
  30. use App\Services\UserFilterService;
  31. use App\Status;
  32. use App\Story;
  33. use App\StoryView;
  34. use App\UserFilter;
  35. use App\Util\ActivityPub\Validator\Accept as AcceptValidator;
  36. use App\Util\ActivityPub\Validator\Announce as AnnounceValidator;
  37. use App\Util\ActivityPub\Validator\Follow as FollowValidator;
  38. use App\Util\ActivityPub\Validator\Like as LikeValidator;
  39. use App\Util\ActivityPub\Validator\MoveValidator;
  40. use App\Util\ActivityPub\Validator\UpdatePersonValidator;
  41. use Cache;
  42. use Illuminate\Support\Facades\Bus;
  43. use Illuminate\Support\Facades\Log;
  44. use Illuminate\Support\Str;
  45. use Purify;
  46. use Storage;
  47. use Throwable;
  48. class Inbox
  49. {
  50. protected $headers;
  51. protected $profile;
  52. protected $payload;
  53. protected $logger;
  54. public function __construct($headers, $profile, $payload)
  55. {
  56. $this->headers = $headers;
  57. $this->profile = $profile;
  58. $this->payload = $payload;
  59. }
  60. public function handle()
  61. {
  62. $this->handleVerb();
  63. }
  64. public function handleVerb()
  65. {
  66. $verb = (string) $this->payload['type'];
  67. switch ($verb) {
  68. case 'Add':
  69. $this->handleAddActivity();
  70. break;
  71. case 'Create':
  72. $this->handleCreateActivity();
  73. break;
  74. case 'Follow':
  75. if (FollowValidator::validate($this->payload) == false) {
  76. return;
  77. }
  78. $this->handleFollowActivity();
  79. break;
  80. case 'Announce':
  81. if (AnnounceValidator::validate($this->payload) == false) {
  82. return;
  83. }
  84. $this->handleAnnounceActivity();
  85. break;
  86. case 'Accept':
  87. if (AcceptValidator::validate($this->payload) == false) {
  88. return;
  89. }
  90. $this->handleAcceptActivity();
  91. break;
  92. case 'Delete':
  93. $this->handleDeleteActivity();
  94. break;
  95. case 'Like':
  96. if (LikeValidator::validate($this->payload) == false) {
  97. return;
  98. }
  99. $this->handleLikeActivity();
  100. break;
  101. case 'Reject':
  102. $this->handleRejectActivity();
  103. break;
  104. case 'Undo':
  105. $this->handleUndoActivity();
  106. break;
  107. case 'View':
  108. $this->handleViewActivity();
  109. break;
  110. case 'Story:Reaction':
  111. $this->handleStoryReactionActivity();
  112. break;
  113. case 'Story:Reply':
  114. $this->handleStoryReplyActivity();
  115. break;
  116. case 'Flag':
  117. $this->handleFlagActivity();
  118. break;
  119. case 'Update':
  120. $this->handleUpdateActivity();
  121. break;
  122. case 'Move':
  123. if (MoveValidator::validate($this->payload) == false) {
  124. Log::info('[AP][INBOX][MOVE] VALIDATE_FAILURE '.json_encode($this->payload));
  125. return;
  126. }
  127. $this->handleMoveActivity();
  128. break;
  129. default:
  130. // TODO: decide how to handle invalid verbs.
  131. break;
  132. }
  133. }
  134. public function verifyNoteAttachment()
  135. {
  136. $activity = $this->payload['object'];
  137. if (isset($activity['inReplyTo']) &&
  138. ! empty($activity['inReplyTo']) &&
  139. Helpers::validateUrl($activity['inReplyTo'])
  140. ) {
  141. // reply detected, skip attachment check
  142. return true;
  143. }
  144. $valid = Helpers::verifyAttachments($activity);
  145. return $valid;
  146. }
  147. public function actorFirstOrCreate($actorUrl)
  148. {
  149. return Helpers::profileFetch($actorUrl);
  150. }
  151. public function handleAddActivity()
  152. {
  153. // stories ;)
  154. if (! isset(
  155. $this->payload['actor'],
  156. $this->payload['object']
  157. )) {
  158. return;
  159. }
  160. $actor = $this->payload['actor'];
  161. $obj = $this->payload['object'];
  162. if (! Helpers::validateUrl($actor)) {
  163. return;
  164. }
  165. if (! isset($obj['type'])) {
  166. return;
  167. }
  168. switch ($obj['type']) {
  169. case 'Story':
  170. StoryFetch::dispatch($this->payload);
  171. break;
  172. }
  173. }
  174. public function handleCreateActivity()
  175. {
  176. $activity = $this->payload['object'];
  177. if (config('autospam.live_filters.enabled')) {
  178. $filters = config('autospam.live_filters.filters');
  179. if (! empty($filters) && isset($activity['content']) && ! empty($activity['content']) && strlen($filters) > 3) {
  180. $filters = array_map('trim', explode(',', $filters));
  181. $content = $activity['content'];
  182. foreach ($filters as $filter) {
  183. $filter = trim(strtolower($filter));
  184. if (! $filter || ! strlen($filter)) {
  185. continue;
  186. }
  187. if (str_contains(strtolower($content), $filter)) {
  188. return;
  189. }
  190. }
  191. }
  192. }
  193. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  194. if (! $actor || $actor->domain == null) {
  195. return;
  196. }
  197. if (! isset($activity['to'])) {
  198. return;
  199. }
  200. $to = isset($activity['to']) ? $activity['to'] : [];
  201. $cc = isset($activity['cc']) ? $activity['cc'] : [];
  202. if ($activity['type'] == 'Question') {
  203. $this->handlePollCreate();
  204. return;
  205. }
  206. if (is_array($to) &&
  207. is_array($cc) &&
  208. count($to) == 1 &&
  209. count($cc) == 0 &&
  210. parse_url($to[0], PHP_URL_HOST) == config('pixelfed.domain.app')
  211. ) {
  212. $this->handleDirectMessage();
  213. return;
  214. }
  215. if ($activity['type'] == 'Note' && ! empty($activity['inReplyTo'])) {
  216. $this->handleNoteReply();
  217. } elseif ($activity['type'] == 'Note' && ! empty($activity['attachment'])) {
  218. if (! $this->verifyNoteAttachment()) {
  219. return;
  220. }
  221. $this->handleNoteCreate();
  222. }
  223. }
  224. public function handleNoteReply()
  225. {
  226. $activity = $this->payload['object'];
  227. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  228. if (! $actor || $actor->domain == null) {
  229. return;
  230. }
  231. $inReplyTo = $activity['inReplyTo'];
  232. $url = isset($activity['url']) ? $activity['url'] : $activity['id'];
  233. Helpers::statusFirstOrFetch($url, true);
  234. }
  235. public function handlePollCreate()
  236. {
  237. $activity = $this->payload['object'];
  238. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  239. if (! $actor || $actor->domain == null) {
  240. return;
  241. }
  242. $url = isset($activity['url']) ? $activity['url'] : $activity['id'];
  243. Helpers::statusFirstOrFetch($url);
  244. }
  245. public function handleNoteCreate()
  246. {
  247. $activity = $this->payload['object'];
  248. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  249. if (! $actor || $actor->domain == null) {
  250. return;
  251. }
  252. if (isset($activity['inReplyTo']) &&
  253. isset($activity['name']) &&
  254. ! isset($activity['content']) &&
  255. ! isset($activity['attachment']) &&
  256. Helpers::validateLocalUrl($activity['inReplyTo'])
  257. ) {
  258. $this->handlePollVote();
  259. return;
  260. }
  261. if ($actor->followers_count == 0) {
  262. if (config('federation.activitypub.ingest.store_notes_without_followers')) {
  263. } elseif (FollowerService::followerCount($actor->id, true) == 0) {
  264. return;
  265. }
  266. }
  267. $hasUrl = isset($activity['url']);
  268. $url = isset($activity['url']) ? $activity['url'] : $activity['id'];
  269. if ($hasUrl) {
  270. if (Status::whereUri($url)->exists()) {
  271. return;
  272. }
  273. } else {
  274. if (Status::whereObjectUrl($url)->exists()) {
  275. return;
  276. }
  277. }
  278. Helpers::storeStatus(
  279. $url,
  280. $actor,
  281. $activity
  282. );
  283. }
  284. public function handlePollVote()
  285. {
  286. $activity = $this->payload['object'];
  287. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  288. if (! $actor) {
  289. return;
  290. }
  291. $status = Helpers::statusFetch($activity['inReplyTo']);
  292. if (! $status) {
  293. return;
  294. }
  295. $poll = $status->poll;
  296. if (! $poll) {
  297. return;
  298. }
  299. if (now()->gt($poll->expires_at)) {
  300. return;
  301. }
  302. $choices = $poll->poll_options;
  303. $choice = array_search($activity['name'], $choices);
  304. if ($choice === false) {
  305. return;
  306. }
  307. if (PollVote::whereStatusId($status->id)->whereProfileId($actor->id)->exists()) {
  308. return;
  309. }
  310. $vote = new PollVote;
  311. $vote->status_id = $status->id;
  312. $vote->profile_id = $actor->id;
  313. $vote->poll_id = $poll->id;
  314. $vote->choice = $choice;
  315. $vote->uri = isset($activity['id']) ? $activity['id'] : null;
  316. $vote->save();
  317. $tallies = $poll->cached_tallies;
  318. $tallies[$choice] = $tallies[$choice] + 1;
  319. $poll->cached_tallies = $tallies;
  320. $poll->votes_count = array_sum($tallies);
  321. $poll->save();
  322. PollService::del($status->id);
  323. }
  324. public function handleDirectMessage()
  325. {
  326. $activity = $this->payload['object'];
  327. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  328. $profile = Profile::whereNull('domain')
  329. ->whereUsername(array_last(explode('/', $activity['to'][0])))
  330. ->firstOrFail();
  331. if (! $actor || in_array($actor->id, $profile->blockedIds()->toArray())) {
  332. return;
  333. }
  334. if (AccountService::blocksDomain($profile->id, $actor->domain) == true) {
  335. return;
  336. }
  337. $msg = $activity['content'];
  338. $msgText = strip_tags($activity['content']);
  339. if (Str::startsWith($msgText, '@'.$profile->username)) {
  340. $len = strlen('@'.$profile->username);
  341. $msgText = substr($msgText, $len + 1);
  342. }
  343. if ($profile->user->settings->public_dm == false || $profile->is_private) {
  344. if ($profile->follows($actor) == true) {
  345. $hidden = false;
  346. } else {
  347. $hidden = true;
  348. }
  349. } else {
  350. $hidden = false;
  351. }
  352. $status = new Status;
  353. $status->profile_id = $actor->id;
  354. $status->caption = $msgText;
  355. $status->rendered = $msg;
  356. $status->visibility = 'direct';
  357. $status->scope = 'direct';
  358. $status->url = $activity['id'];
  359. $status->uri = $activity['id'];
  360. $status->object_url = $activity['id'];
  361. $status->in_reply_to_profile_id = $profile->id;
  362. $status->save();
  363. $dm = new DirectMessage;
  364. $dm->to_id = $profile->id;
  365. $dm->from_id = $actor->id;
  366. $dm->status_id = $status->id;
  367. $dm->is_hidden = $hidden;
  368. $dm->type = 'text';
  369. $dm->save();
  370. Conversation::updateOrInsert(
  371. [
  372. 'to_id' => $profile->id,
  373. 'from_id' => $actor->id,
  374. ],
  375. [
  376. 'type' => 'text',
  377. 'status_id' => $status->id,
  378. 'dm_id' => $dm->id,
  379. 'is_hidden' => $hidden,
  380. ]
  381. );
  382. if (count($activity['attachment'])) {
  383. $photos = 0;
  384. $videos = 0;
  385. $allowed = explode(',', config_cache('pixelfed.media_types'));
  386. $activity['attachment'] = array_slice($activity['attachment'], 0, config_cache('pixelfed.max_album_length'));
  387. foreach ($activity['attachment'] as $a) {
  388. $type = $a['mediaType'];
  389. $url = $a['url'];
  390. $valid = Helpers::validateUrl($url);
  391. if (in_array($type, $allowed) == false || $valid == false) {
  392. continue;
  393. }
  394. $media = new Media;
  395. $media->remote_media = true;
  396. $media->status_id = $status->id;
  397. $media->profile_id = $status->profile_id;
  398. $media->user_id = null;
  399. $media->media_path = $url;
  400. $media->remote_url = $url;
  401. $media->mime = $type;
  402. $media->save();
  403. if (explode('/', $type)[0] == 'image') {
  404. $photos = $photos + 1;
  405. }
  406. if (explode('/', $type)[0] == 'video') {
  407. $videos = $videos + 1;
  408. }
  409. }
  410. if ($photos && $videos == 0) {
  411. $dm->type = $photos == 1 ? 'photo' : 'photos';
  412. $dm->save();
  413. }
  414. if ($videos && $photos == 0) {
  415. $dm->type = $videos == 1 ? 'video' : 'videos';
  416. $dm->save();
  417. }
  418. }
  419. if (filter_var($msgText, FILTER_VALIDATE_URL)) {
  420. if (Helpers::validateUrl($msgText)) {
  421. $dm->type = 'link';
  422. $dm->meta = [
  423. 'domain' => parse_url($msgText, PHP_URL_HOST),
  424. 'local' => parse_url($msgText, PHP_URL_HOST) ==
  425. parse_url(config('app.url'), PHP_URL_HOST),
  426. ];
  427. $dm->save();
  428. }
  429. }
  430. $nf = UserFilter::whereUserId($profile->id)
  431. ->whereFilterableId($actor->id)
  432. ->whereFilterableType('App\Profile')
  433. ->whereFilterType('dm.mute')
  434. ->exists();
  435. if ($profile->domain == null && $hidden == false && ! $nf) {
  436. $notification = new Notification;
  437. $notification->profile_id = $profile->id;
  438. $notification->actor_id = $actor->id;
  439. $notification->action = 'dm';
  440. $notification->item_id = $dm->id;
  441. $notification->item_type = "App\DirectMessage";
  442. $notification->save();
  443. }
  444. }
  445. public function handleFollowActivity()
  446. {
  447. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  448. $target = $this->actorFirstOrCreate($this->payload['object']);
  449. if (! $actor || ! $target) {
  450. return;
  451. }
  452. if ($actor->domain == null || $target->domain !== null) {
  453. return;
  454. }
  455. if (AccountService::blocksDomain($target->id, $actor->domain) == true) {
  456. return;
  457. }
  458. if (
  459. Follower::whereProfileId($actor->id)
  460. ->whereFollowingId($target->id)
  461. ->exists() ||
  462. FollowRequest::whereFollowerId($actor->id)
  463. ->whereFollowingId($target->id)
  464. ->exists()
  465. ) {
  466. return;
  467. }
  468. $blocks = UserFilterService::blocks($target->id);
  469. if ($blocks && in_array($actor->id, $blocks)) {
  470. return;
  471. }
  472. if ($target->is_private == true) {
  473. FollowRequest::updateOrCreate([
  474. 'follower_id' => $actor->id,
  475. 'following_id' => $target->id,
  476. ], [
  477. 'activity' => collect($this->payload)->only(['id', 'actor', 'object', 'type'])->toArray(),
  478. ]);
  479. } else {
  480. $follower = new Follower;
  481. $follower->profile_id = $actor->id;
  482. $follower->following_id = $target->id;
  483. $follower->local_profile = empty($actor->domain);
  484. $follower->save();
  485. FollowPipeline::dispatch($follower);
  486. FollowerService::add($actor->id, $target->id);
  487. // send Accept to remote profile
  488. $accept = [
  489. '@context' => 'https://www.w3.org/ns/activitystreams',
  490. 'id' => $target->permalink().'#accepts/follows/'.$follower->id,
  491. 'type' => 'Accept',
  492. 'actor' => $target->permalink(),
  493. 'object' => [
  494. 'id' => $this->payload['id'],
  495. 'actor' => $actor->permalink(),
  496. 'type' => 'Follow',
  497. 'object' => $target->permalink(),
  498. ],
  499. ];
  500. Helpers::sendSignedObject($target, $actor->inbox_url, $accept);
  501. Cache::forget('profile:follower_count:'.$target->id);
  502. Cache::forget('profile:follower_count:'.$actor->id);
  503. Cache::forget('profile:following_count:'.$target->id);
  504. Cache::forget('profile:following_count:'.$actor->id);
  505. }
  506. }
  507. public function handleAnnounceActivity()
  508. {
  509. $actor = $this->actorFirstOrCreate($this->payload['actor']);
  510. $activity = $this->payload['object'];
  511. if (! $actor || $actor->domain == null) {
  512. return;
  513. }
  514. $parent = Helpers::statusFetch($activity);
  515. if (! $parent || empty($parent)) {
  516. return;
  517. }
  518. if (AccountService::blocksDomain($parent->profile_id, $actor->domain) == true) {
  519. return;
  520. }
  521. $blocks = UserFilterService::blocks($parent->profile_id);
  522. if ($blocks && in_array($actor->id, $blocks)) {
  523. return;
  524. }
  525. $status = Status::firstOrCreate([
  526. 'profile_id' => $actor->id,
  527. 'reblog_of_id' => $parent->id,
  528. 'type' => 'share',
  529. ]);
  530. Notification::firstOrCreate(
  531. [
  532. 'profile_id' => $parent->profile_id,
  533. 'actor_id' => $actor->id,
  534. 'action' => 'share',
  535. 'item_id' => $parent->id,
  536. 'item_type' => 'App\Status',
  537. ]
  538. );
  539. $parent->reblogs_count = $parent->reblogs_count + 1;
  540. $parent->save();
  541. ReblogService::addPostReblog($parent->profile_id, $status->id);
  542. }
  543. public function handleAcceptActivity()
  544. {
  545. $actor = $this->payload['object']['actor'];
  546. $obj = $this->payload['object']['object'];
  547. $type = $this->payload['object']['type'];
  548. if ($type !== 'Follow') {
  549. return;
  550. }
  551. $actor = Helpers::validateLocalUrl($actor);
  552. $target = Helpers::validateUrl($obj);
  553. if (! $actor || ! $target) {
  554. return;
  555. }
  556. $actor = Helpers::profileFetch($actor);
  557. $target = Helpers::profileFetch($target);
  558. if (! $actor || ! $target) {
  559. return;
  560. }
  561. if (AccountService::blocksDomain($target->id, $actor->domain) == true) {
  562. return;
  563. }
  564. $request = FollowRequest::whereFollowerId($actor->id)
  565. ->whereFollowingId($target->id)
  566. ->whereIsRejected(false)
  567. ->first();
  568. if (! $request) {
  569. return;
  570. }
  571. $follower = Follower::firstOrCreate([
  572. 'profile_id' => $actor->id,
  573. 'following_id' => $target->id,
  574. ]);
  575. FollowPipeline::dispatch($follower);
  576. $request->delete();
  577. }
  578. public function handleDeleteActivity()
  579. {
  580. if (! isset(
  581. $this->payload['actor'],
  582. $this->payload['object']
  583. )) {
  584. return;
  585. }
  586. $actor = $this->payload['actor'];
  587. $obj = $this->payload['object'];
  588. if (is_string($obj) == true && $actor == $obj && Helpers::validateUrl($obj)) {
  589. $profile = Profile::whereRemoteUrl($obj)->first();
  590. if (! $profile || $profile->private_key != null) {
  591. return;
  592. }
  593. DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('inbox');
  594. return;
  595. } else {
  596. if (! isset(
  597. $obj['id'],
  598. $this->payload['object'],
  599. $this->payload['object']['id'],
  600. $this->payload['object']['type']
  601. )) {
  602. return;
  603. }
  604. $type = $this->payload['object']['type'];
  605. $typeCheck = in_array($type, ['Person', 'Tombstone', 'Story']);
  606. if (! Helpers::validateUrl($actor) || ! Helpers::validateUrl($obj['id']) || ! $typeCheck) {
  607. return;
  608. }
  609. if (parse_url($obj['id'], PHP_URL_HOST) !== parse_url($actor, PHP_URL_HOST)) {
  610. return;
  611. }
  612. $id = $this->payload['object']['id'];
  613. switch ($type) {
  614. case 'Person':
  615. $profile = Profile::whereRemoteUrl($actor)->first();
  616. if (! $profile || $profile->private_key != null) {
  617. return;
  618. }
  619. DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('inbox');
  620. return;
  621. break;
  622. case 'Tombstone':
  623. $profile = Profile::whereRemoteUrl($actor)->first();
  624. if (! $profile || $profile->private_key != null) {
  625. return;
  626. }
  627. $status = Status::where('object_url', $id)->first();
  628. if (! $status) {
  629. $status = Status::where('url', $id)->first();
  630. if (! $status) {
  631. return;
  632. }
  633. }
  634. if ($status->profile_id != $profile->id) {
  635. return;
  636. }
  637. if ($status->scope && in_array($status->scope, ['public', 'unlisted', 'private'])) {
  638. if ($status->type && ! in_array($status->type, ['story:reaction', 'story:reply', 'reply'])) {
  639. FeedRemoveRemotePipeline::dispatch($status->id, $status->profile_id)->onQueue('feed');
  640. }
  641. }
  642. RemoteStatusDelete::dispatch($status)->onQueue('high');
  643. return;
  644. break;
  645. case 'Story':
  646. $story = Story::whereObjectId($id)
  647. ->first();
  648. if ($story) {
  649. StoryExpire::dispatch($story)->onQueue('story');
  650. }
  651. return;
  652. break;
  653. default:
  654. return;
  655. break;
  656. }
  657. }
  658. }
  659. public function handleLikeActivity()
  660. {
  661. $actor = $this->payload['actor'];
  662. if (! Helpers::validateUrl($actor)) {
  663. return;
  664. }
  665. $profile = self::actorFirstOrCreate($actor);
  666. $obj = $this->payload['object'];
  667. if (! Helpers::validateUrl($obj)) {
  668. return;
  669. }
  670. $status = Helpers::statusFirstOrFetch($obj);
  671. if (! $status || ! $profile) {
  672. return;
  673. }
  674. if (AccountService::blocksDomain($status->profile_id, $profile->domain) == true) {
  675. return;
  676. }
  677. $blocks = UserFilterService::blocks($status->profile_id);
  678. if ($blocks && in_array($profile->id, $blocks)) {
  679. return;
  680. }
  681. $like = Like::firstOrCreate([
  682. 'profile_id' => $profile->id,
  683. 'status_id' => $status->id,
  684. ]);
  685. if ($like->wasRecentlyCreated == true) {
  686. $status->likes_count = $status->likes_count + 1;
  687. $status->save();
  688. LikePipeline::dispatch($like);
  689. }
  690. }
  691. public function handleRejectActivity() {}
  692. public function handleUndoActivity()
  693. {
  694. $actor = $this->payload['actor'];
  695. $profile = self::actorFirstOrCreate($actor);
  696. $obj = $this->payload['object'];
  697. if (! $profile) {
  698. return;
  699. }
  700. // TODO: Some implementations do not inline the object, skip for now
  701. if (! $obj || ! is_array($obj) || ! isset($obj['type'])) {
  702. return;
  703. }
  704. switch ($obj['type']) {
  705. case 'Accept':
  706. break;
  707. case 'Announce':
  708. if (is_array($obj) && isset($obj['object'])) {
  709. $obj = $obj['object'];
  710. }
  711. if (! is_string($obj)) {
  712. return;
  713. }
  714. if (Helpers::validateLocalUrl($obj)) {
  715. $parsedId = last(explode('/', $obj));
  716. $status = Status::find($parsedId);
  717. } else {
  718. $status = Status::whereUri($obj)->first();
  719. }
  720. if (! $status) {
  721. return;
  722. }
  723. if (AccountService::blocksDomain($status->profile_id, $profile->domain) == true) {
  724. return;
  725. }
  726. FeedRemoveRemotePipeline::dispatch($status->id, $status->profile_id)->onQueue('feed');
  727. Status::whereProfileId($profile->id)
  728. ->whereReblogOfId($status->id)
  729. ->delete();
  730. ReblogService::removePostReblog($profile->id, $status->id);
  731. Notification::whereProfileId($status->profile_id)
  732. ->whereActorId($profile->id)
  733. ->whereAction('share')
  734. ->whereItemId($status->reblog_of_id)
  735. ->whereItemType('App\Status')
  736. ->forceDelete();
  737. break;
  738. case 'Block':
  739. break;
  740. case 'Follow':
  741. $following = self::actorFirstOrCreate($obj['object']);
  742. if (! $following) {
  743. return;
  744. }
  745. if (AccountService::blocksDomain($following->id, $profile->domain) == true) {
  746. return;
  747. }
  748. Follower::whereProfileId($profile->id)
  749. ->whereFollowingId($following->id)
  750. ->delete();
  751. Notification::whereProfileId($following->id)
  752. ->whereActorId($profile->id)
  753. ->whereAction('follow')
  754. ->whereItemId($following->id)
  755. ->whereItemType('App\Profile')
  756. ->forceDelete();
  757. FollowerService::remove($profile->id, $following->id);
  758. break;
  759. case 'Like':
  760. $objectUri = $obj['object'];
  761. if (! is_string($objectUri)) {
  762. if (is_array($objectUri) && isset($objectUri['id']) && is_string($objectUri['id'])) {
  763. $objectUri = $objectUri['id'];
  764. } else {
  765. return;
  766. }
  767. }
  768. $status = Helpers::statusFirstOrFetch($objectUri);
  769. if (! $status) {
  770. return;
  771. }
  772. if (AccountService::blocksDomain($status->profile_id, $profile->domain) == true) {
  773. return;
  774. }
  775. Like::whereProfileId($profile->id)
  776. ->whereStatusId($status->id)
  777. ->forceDelete();
  778. Notification::whereProfileId($status->profile_id)
  779. ->whereActorId($profile->id)
  780. ->whereAction('like')
  781. ->whereItemId($status->id)
  782. ->whereItemType('App\Status')
  783. ->forceDelete();
  784. break;
  785. }
  786. }
  787. public function handleViewActivity()
  788. {
  789. if (! isset(
  790. $this->payload['actor'],
  791. $this->payload['object']
  792. )) {
  793. return;
  794. }
  795. $actor = $this->payload['actor'];
  796. $obj = $this->payload['object'];
  797. if (! Helpers::validateUrl($actor)) {
  798. return;
  799. }
  800. if (! $obj || ! is_array($obj)) {
  801. return;
  802. }
  803. if (! isset($obj['type']) || ! isset($obj['object']) || $obj['type'] != 'Story') {
  804. return;
  805. }
  806. if (! Helpers::validateLocalUrl($obj['object'])) {
  807. return;
  808. }
  809. $profile = Helpers::profileFetch($actor);
  810. $storyId = Str::of($obj['object'])->explode('/')->last();
  811. $story = Story::whereActive(true)
  812. ->whereLocal(true)
  813. ->find($storyId);
  814. if (! $story) {
  815. return;
  816. }
  817. if (AccountService::blocksDomain($story->profile_id, $profile->domain) == true) {
  818. return;
  819. }
  820. if (! FollowerService::follows($profile->id, $story->profile_id)) {
  821. return;
  822. }
  823. $view = StoryView::firstOrCreate([
  824. 'story_id' => $story->id,
  825. 'profile_id' => $profile->id,
  826. ]);
  827. if ($view->wasRecentlyCreated == true) {
  828. $story->view_count++;
  829. $story->save();
  830. }
  831. }
  832. public function handleStoryReactionActivity()
  833. {
  834. if (! isset(
  835. $this->payload['actor'],
  836. $this->payload['id'],
  837. $this->payload['inReplyTo'],
  838. $this->payload['content']
  839. )) {
  840. return;
  841. }
  842. $id = $this->payload['id'];
  843. $actor = $this->payload['actor'];
  844. $storyUrl = $this->payload['inReplyTo'];
  845. $to = $this->payload['to'];
  846. $text = Purify::clean($this->payload['content']);
  847. if (parse_url($id, PHP_URL_HOST) !== parse_url($actor, PHP_URL_HOST)) {
  848. return;
  849. }
  850. if (! Helpers::validateUrl($id) || ! Helpers::validateUrl($actor)) {
  851. return;
  852. }
  853. if (! Helpers::validateLocalUrl($storyUrl)) {
  854. return;
  855. }
  856. if (! Helpers::validateLocalUrl($to)) {
  857. return;
  858. }
  859. if (Status::whereObjectUrl($id)->exists()) {
  860. return;
  861. }
  862. $storyId = Str::of($storyUrl)->explode('/')->last();
  863. $targetProfile = Helpers::profileFetch($to);
  864. $story = Story::whereProfileId($targetProfile->id)
  865. ->find($storyId);
  866. if (! $story) {
  867. return;
  868. }
  869. if ($story->can_react == false) {
  870. return;
  871. }
  872. $actorProfile = Helpers::profileFetch($actor);
  873. if (AccountService::blocksDomain($targetProfile->id, $actorProfile->domain) == true) {
  874. return;
  875. }
  876. if (! FollowerService::follows($actorProfile->id, $targetProfile->id)) {
  877. return;
  878. }
  879. $url = $id;
  880. if (str_ends_with($url, '/activity')) {
  881. $url = substr($url, 0, -9);
  882. }
  883. $status = new Status;
  884. $status->profile_id = $actorProfile->id;
  885. $status->type = 'story:reaction';
  886. $status->url = $url;
  887. $status->uri = $url;
  888. $status->object_url = $url;
  889. $status->caption = $text;
  890. $status->rendered = $text;
  891. $status->scope = 'direct';
  892. $status->visibility = 'direct';
  893. $status->in_reply_to_profile_id = $story->profile_id;
  894. $status->entities = json_encode([
  895. 'story_id' => $story->id,
  896. 'reaction' => $text,
  897. ]);
  898. $status->save();
  899. $dm = new DirectMessage;
  900. $dm->to_id = $story->profile_id;
  901. $dm->from_id = $actorProfile->id;
  902. $dm->type = 'story:react';
  903. $dm->status_id = $status->id;
  904. $dm->meta = json_encode([
  905. 'story_username' => $targetProfile->username,
  906. 'story_actor_username' => $actorProfile->username,
  907. 'story_id' => $story->id,
  908. 'story_media_url' => url(Storage::url($story->path)),
  909. 'reaction' => $text,
  910. ]);
  911. $dm->save();
  912. Conversation::updateOrInsert(
  913. [
  914. 'to_id' => $story->profile_id,
  915. 'from_id' => $actorProfile->id,
  916. ],
  917. [
  918. 'type' => 'story:react',
  919. 'status_id' => $status->id,
  920. 'dm_id' => $dm->id,
  921. 'is_hidden' => false,
  922. ]
  923. );
  924. $n = new Notification;
  925. $n->profile_id = $dm->to_id;
  926. $n->actor_id = $dm->from_id;
  927. $n->item_id = $dm->id;
  928. $n->item_type = 'App\DirectMessage';
  929. $n->action = 'story:react';
  930. $n->save();
  931. }
  932. public function handleStoryReplyActivity()
  933. {
  934. if (! isset(
  935. $this->payload['actor'],
  936. $this->payload['id'],
  937. $this->payload['inReplyTo'],
  938. $this->payload['content']
  939. )) {
  940. return;
  941. }
  942. $id = $this->payload['id'];
  943. $actor = $this->payload['actor'];
  944. $storyUrl = $this->payload['inReplyTo'];
  945. $to = $this->payload['to'];
  946. $text = Purify::clean($this->payload['content']);
  947. if (parse_url($id, PHP_URL_HOST) !== parse_url($actor, PHP_URL_HOST)) {
  948. return;
  949. }
  950. if (! Helpers::validateUrl($id) || ! Helpers::validateUrl($actor)) {
  951. return;
  952. }
  953. if (! Helpers::validateLocalUrl($storyUrl)) {
  954. return;
  955. }
  956. if (! Helpers::validateLocalUrl($to)) {
  957. return;
  958. }
  959. if (Status::whereObjectUrl($id)->exists()) {
  960. return;
  961. }
  962. $storyId = Str::of($storyUrl)->explode('/')->last();
  963. $targetProfile = Helpers::profileFetch($to);
  964. $story = Story::whereProfileId($targetProfile->id)
  965. ->find($storyId);
  966. if (! $story) {
  967. return;
  968. }
  969. if ($story->can_react == false) {
  970. return;
  971. }
  972. $actorProfile = Helpers::profileFetch($actor);
  973. if (AccountService::blocksDomain($targetProfile->id, $actorProfile->domain) == true) {
  974. return;
  975. }
  976. if (! FollowerService::follows($actorProfile->id, $targetProfile->id)) {
  977. return;
  978. }
  979. $url = $id;
  980. if (str_ends_with($url, '/activity')) {
  981. $url = substr($url, 0, -9);
  982. }
  983. $status = new Status;
  984. $status->profile_id = $actorProfile->id;
  985. $status->type = 'story:reply';
  986. $status->caption = $text;
  987. $status->rendered = $text;
  988. $status->url = $url;
  989. $status->uri = $url;
  990. $status->object_url = $url;
  991. $status->scope = 'direct';
  992. $status->visibility = 'direct';
  993. $status->in_reply_to_profile_id = $story->profile_id;
  994. $status->entities = json_encode([
  995. 'story_id' => $story->id,
  996. 'caption' => $text,
  997. ]);
  998. $status->save();
  999. $dm = new DirectMessage;
  1000. $dm->to_id = $story->profile_id;
  1001. $dm->from_id = $actorProfile->id;
  1002. $dm->type = 'story:comment';
  1003. $dm->status_id = $status->id;
  1004. $dm->meta = json_encode([
  1005. 'story_username' => $targetProfile->username,
  1006. 'story_actor_username' => $actorProfile->username,
  1007. 'story_id' => $story->id,
  1008. 'story_media_url' => url(Storage::url($story->path)),
  1009. 'caption' => $text,
  1010. ]);
  1011. $dm->save();
  1012. Conversation::updateOrInsert(
  1013. [
  1014. 'to_id' => $story->profile_id,
  1015. 'from_id' => $actorProfile->id,
  1016. ],
  1017. [
  1018. 'type' => 'story:comment',
  1019. 'status_id' => $status->id,
  1020. 'dm_id' => $dm->id,
  1021. 'is_hidden' => false,
  1022. ]
  1023. );
  1024. $n = new Notification;
  1025. $n->profile_id = $dm->to_id;
  1026. $n->actor_id = $dm->from_id;
  1027. $n->item_id = $dm->id;
  1028. $n->item_type = 'App\DirectMessage';
  1029. $n->action = 'story:comment';
  1030. $n->save();
  1031. }
  1032. public function handleFlagActivity()
  1033. {
  1034. if (! isset(
  1035. $this->payload['id'],
  1036. $this->payload['type'],
  1037. $this->payload['actor'],
  1038. $this->payload['object']
  1039. )) {
  1040. return;
  1041. }
  1042. $id = $this->payload['id'];
  1043. $actor = $this->payload['actor'];
  1044. if (Helpers::validateLocalUrl($id) || parse_url($id, PHP_URL_HOST) !== parse_url($actor, PHP_URL_HOST)) {
  1045. return;
  1046. }
  1047. $content = null;
  1048. if (isset($this->payload['content'])) {
  1049. if (strlen($this->payload['content']) > 5000) {
  1050. $content = Purify::clean(substr($this->payload['content'], 0, 5000).' ... (truncated message due to exceeding max length)');
  1051. } else {
  1052. $content = Purify::clean($this->payload['content']);
  1053. }
  1054. }
  1055. $object = $this->payload['object'];
  1056. if (empty($object) || (! is_array($object) && ! is_string($object))) {
  1057. return;
  1058. }
  1059. if (is_array($object) && count($object) > 100) {
  1060. return;
  1061. }
  1062. $objects = collect([]);
  1063. $accountId = null;
  1064. foreach ($object as $objectUrl) {
  1065. if (! Helpers::validateLocalUrl($objectUrl)) {
  1066. return;
  1067. }
  1068. if (str_contains($objectUrl, '/users/')) {
  1069. $username = last(explode('/', $objectUrl));
  1070. $profileId = Profile::whereUsername($username)->first();
  1071. if ($profileId) {
  1072. $accountId = $profileId->id;
  1073. }
  1074. } elseif (str_contains($objectUrl, '/p/')) {
  1075. $postId = last(explode('/', $objectUrl));
  1076. $objects->push($postId);
  1077. } else {
  1078. continue;
  1079. }
  1080. }
  1081. if (! $accountId && ! $objects->count()) {
  1082. return;
  1083. }
  1084. if ($objects->count()) {
  1085. $obc = $objects->count();
  1086. if ($obc > 25) {
  1087. if ($obc > 30) {
  1088. return;
  1089. } else {
  1090. $objLimit = $objects->take(20);
  1091. $objects = collect($objLimit->all());
  1092. $obc = $objects->count();
  1093. }
  1094. }
  1095. $count = Status::whereProfileId($accountId)->find($objects)->count();
  1096. if ($obc !== $count) {
  1097. return;
  1098. }
  1099. }
  1100. $instanceHost = parse_url($id, PHP_URL_HOST);
  1101. $instance = Instance::updateOrCreate([
  1102. 'domain' => $instanceHost,
  1103. ]);
  1104. $report = new RemoteReport;
  1105. $report->status_ids = $objects->toArray();
  1106. $report->comment = $content;
  1107. $report->account_id = $accountId;
  1108. $report->uri = $id;
  1109. $report->instance_id = $instance->id;
  1110. $report->report_meta = [
  1111. 'actor' => $actor,
  1112. 'object' => $object,
  1113. ];
  1114. $report->save();
  1115. }
  1116. public function handleUpdateActivity()
  1117. {
  1118. $activity = $this->payload['object'];
  1119. if (! isset($activity['type'], $activity['id'])) {
  1120. return;
  1121. }
  1122. if (! Helpers::validateUrl($activity['id'])) {
  1123. return;
  1124. }
  1125. if ($activity['type'] === 'Note') {
  1126. if (Status::whereObjectUrl($activity['id'])->exists()) {
  1127. StatusRemoteUpdatePipeline::dispatch($activity);
  1128. }
  1129. } elseif ($activity['type'] === 'Person') {
  1130. if (UpdatePersonValidator::validate($this->payload)) {
  1131. HandleUpdateActivity::dispatch($this->payload)->onQueue('low');
  1132. }
  1133. }
  1134. }
  1135. public function handleMoveActivity()
  1136. {
  1137. $actor = $this->payload['actor'];
  1138. $activity = $this->payload['object'];
  1139. $target = $this->payload['target'];
  1140. if (
  1141. ! Helpers::validateUrl($actor) ||
  1142. ! Helpers::validateUrl($activity) ||
  1143. ! Helpers::validateUrl($target)
  1144. ) {
  1145. return;
  1146. }
  1147. Bus::chain([
  1148. new ProcessMovePipeline($target, $activity),
  1149. new MoveMigrateFollowersPipeline($target, $activity),
  1150. new UnfollowLegacyAccountMovePipeline($target, $activity),
  1151. new CleanupLegacyAccountMovePipeline($target, $activity),
  1152. ])
  1153. ->catch(function (Throwable $e) {
  1154. Log::error($e);
  1155. })
  1156. ->onQueue('move')
  1157. ->delay(now()->addMinutes(random_int(1, 3)))
  1158. ->dispatch();
  1159. }
  1160. }