From f0ec3015cdbb8343e6119e51b63fc078dfabf616 Mon Sep 17 00:00:00 2001 From: Nutomic Date: Tue, 10 May 2022 17:08:13 +0000 Subject: [PATCH] Remove check that avatars/banners are locally hosted (fixes #2254) (#2255) --- crates/api/src/local_user/save_settings.rs | 10 +--------- crates/api_common/src/utils.rs | 13 +------------ crates/api_crud/src/community/create.rs | 4 +--- crates/api_crud/src/community/update.rs | 4 +--- crates/api_crud/src/site/create.rs | 10 +--------- crates/api_crud/src/site/update.rs | 10 +--------- crates/apub/src/objects/instance.rs | 4 +--- crates/apub/src/objects/mod.rs | 15 ++------------- crates/apub/src/objects/person.rs | 8 +------- crates/apub/src/protocol/objects/group.rs | 8 +------- 10 files changed, 11 insertions(+), 75 deletions(-) diff --git a/crates/api/src/local_user/save_settings.rs b/crates/api/src/local_user/save_settings.rs index cd34d6ddd0..5e37470a90 100644 --- a/crates/api/src/local_user/save_settings.rs +++ b/crates/api/src/local_user/save_settings.rs @@ -2,12 +2,7 @@ use crate::Perform; use actix_web::web::Data; use lemmy_api_common::{ person::{LoginResponse, SaveUserSettings}, - utils::{ - blocking, - check_image_has_local_domain, - get_local_user_view_from_jwt, - send_verification_email, - }, + utils::{blocking, get_local_user_view_from_jwt, send_verification_email}, }; use lemmy_db_schema::{ source::{ @@ -49,9 +44,6 @@ impl Perform for SaveUserSettings { let email_deref = data.email.as_deref().map(|e| e.to_owned()); let email = diesel_option_overwrite(&email_deref); - check_image_has_local_domain(avatar.as_ref().unwrap_or(&None))?; - check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?; - if let Some(Some(email)) = &email { let previous_email = local_user_view.local_user.email.clone().unwrap_or_default(); // Only send the verification email if there was an email change diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index 38ea9a865e..d3c8a1f43d 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -1,6 +1,6 @@ use crate::{sensitive::Sensitive, site::FederatedInstances}; use lemmy_db_schema::{ - newtypes::{CommunityId, DbUrl, LocalUserId, PersonId, PostId}, + newtypes::{CommunityId, LocalUserId, PersonId, PostId}, source::{ comment::Comment, community::Community, @@ -592,14 +592,3 @@ pub async fn delete_user_account(person_id: PersonId, pool: &DbPool) -> Result<( Ok(()) } - -pub fn check_image_has_local_domain(url: &Option) -> Result<(), LemmyError> { - if let Some(url) = url { - let settings = Settings::get(); - let domain = url.domain().expect("url has domain"); - if domain != settings.hostname { - return Err(LemmyError::from_message("image_not_local")); - } - } - Ok(()) -} diff --git a/crates/api_crud/src/community/create.rs b/crates/api_crud/src/community/create.rs index 6838216ffa..a7582d2ec5 100644 --- a/crates/api_crud/src/community/create.rs +++ b/crates/api_crud/src/community/create.rs @@ -2,7 +2,7 @@ use crate::PerformCrud; use actix_web::web::Data; use lemmy_api_common::{ community::{CommunityResponse, CreateCommunity}, - utils::{blocking, check_image_has_local_domain, get_local_user_view_from_jwt, is_admin}, + utils::{blocking, get_local_user_view_from_jwt, is_admin}, }; use lemmy_apub::{ generate_followers_url, @@ -65,8 +65,6 @@ impl PerformCrud for CreateCommunity { check_slurs(&data.name, &context.settings().slur_regex())?; check_slurs(&data.title, &context.settings().slur_regex())?; check_slurs_opt(&data.description, &context.settings().slur_regex())?; - check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?; - check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?; if !is_valid_actor_name(&data.name, context.settings().actor_name_max_length) { return Err(LemmyError::from_message("invalid_community_name")); diff --git a/crates/api_crud/src/community/update.rs b/crates/api_crud/src/community/update.rs index 4c7fa8ce60..d933c9d886 100644 --- a/crates/api_crud/src/community/update.rs +++ b/crates/api_crud/src/community/update.rs @@ -2,7 +2,7 @@ use crate::PerformCrud; use actix_web::web::Data; use lemmy_api_common::{ community::{CommunityResponse, EditCommunity}, - utils::{blocking, check_image_has_local_domain, get_local_user_view_from_jwt}, + utils::{blocking, get_local_user_view_from_jwt}, }; use lemmy_apub::protocol::activities::community::update::UpdateCommunity; use lemmy_db_schema::{ @@ -34,8 +34,6 @@ impl PerformCrud for EditCommunity { check_slurs_opt(&data.title, &context.settings().slur_regex())?; check_slurs_opt(&data.description, &context.settings().slur_regex())?; - check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?; - check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?; // Verify its a mod (only mods can edit it) let community_id = data.community_id; diff --git a/crates/api_crud/src/site/create.rs b/crates/api_crud/src/site/create.rs index b9b3b60137..49550d6682 100644 --- a/crates/api_crud/src/site/create.rs +++ b/crates/api_crud/src/site/create.rs @@ -2,13 +2,7 @@ use crate::PerformCrud; use actix_web::web::Data; use lemmy_api_common::{ site::{CreateSite, SiteResponse}, - utils::{ - blocking, - check_image_has_local_domain, - get_local_user_view_from_jwt, - is_admin, - site_description_length_check, - }, + utils::{blocking, get_local_user_view_from_jwt, is_admin, site_description_length_check}, }; use lemmy_apub::generate_site_inbox_url; use lemmy_db_schema::{ @@ -55,8 +49,6 @@ impl PerformCrud for CreateSite { check_slurs(&data.name, &context.settings().slur_regex())?; check_slurs_opt(&data.description, &context.settings().slur_regex())?; - check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?; - check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?; // Make sure user is an admin is_admin(&local_user_view)?; diff --git a/crates/api_crud/src/site/update.rs b/crates/api_crud/src/site/update.rs index d0c37bea9c..0251bddbde 100644 --- a/crates/api_crud/src/site/update.rs +++ b/crates/api_crud/src/site/update.rs @@ -2,13 +2,7 @@ use crate::PerformCrud; use actix_web::web::Data; use lemmy_api_common::{ site::{EditSite, SiteResponse}, - utils::{ - blocking, - check_image_has_local_domain, - get_local_user_view_from_jwt, - is_admin, - site_description_length_check, - }, + utils::{blocking, get_local_user_view_from_jwt, is_admin, site_description_length_check}, }; use lemmy_db_schema::{ source::{ @@ -51,8 +45,6 @@ impl PerformCrud for EditSite { check_slurs_opt(&data.name, &context.settings().slur_regex())?; check_slurs_opt(&data.description, &context.settings().slur_regex())?; - check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?; - check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?; if let Some(Some(desc)) = &description { site_description_length_check(desc)?; diff --git a/crates/apub/src/objects/instance.rs b/crates/apub/src/objects/instance.rs index 57e115f610..09b34fc533 100644 --- a/crates/apub/src/objects/instance.rs +++ b/crates/apub/src/objects/instance.rs @@ -1,6 +1,6 @@ use crate::{ check_is_apub_id_valid, - objects::{read_from_string_or_source_opt, verify_image_domain_matches}, + objects::read_from_string_or_source_opt, protocol::{ objects::instance::{Instance, InstanceType}, ImageObject, @@ -107,8 +107,6 @@ impl ApubObject for ApubSite { ) -> Result<(), LemmyError> { check_is_apub_id_valid(apub.id.inner(), true, &data.settings())?; verify_domains_match(expected_domain, apub.id.inner())?; - verify_image_domain_matches(expected_domain, &apub.icon)?; - verify_image_domain_matches(expected_domain, &apub.image)?; let slur_regex = &data.settings().slur_regex(); check_slurs(&apub.name, slur_regex)?; diff --git a/crates/apub/src/objects/mod.rs b/crates/apub/src/objects/mod.rs index 7d5fd26edb..b3aa80b548 100644 --- a/crates/apub/src/objects/mod.rs +++ b/crates/apub/src/objects/mod.rs @@ -1,7 +1,7 @@ -use crate::protocol::{ImageObject, Source}; +use crate::protocol::Source; use anyhow::anyhow; use html2md::parse_html; -use lemmy_apub_lib::{values::MediaTypeMarkdownOrHtml, verify::verify_domains_match}; +use lemmy_apub_lib::values::MediaTypeMarkdownOrHtml; use lemmy_utils::{settings::structs::Settings, LemmyError}; use url::Url; @@ -39,17 +39,6 @@ pub(crate) fn read_from_string_or_source_opt( .map(|content| read_from_string_or_source(content, media_type, source)) } -pub(crate) fn verify_image_domain_matches( - a: &Url, - b: &Option, -) -> Result<(), LemmyError> { - if let Some(b) = b { - verify_domains_match(a, &b.url) - } else { - Ok(()) - } -} - /// When for example a Post is made in a remote community, the community will send it back, /// wrapped in Announce. If we simply receive this like any other federated object, overwrite the /// existing, local Post. In particular, it will set the field local = false, so that the object diff --git a/crates/apub/src/objects/person.rs b/crates/apub/src/objects/person.rs index 8304322c6c..bf2cb3cb60 100644 --- a/crates/apub/src/objects/person.rs +++ b/crates/apub/src/objects/person.rs @@ -1,11 +1,7 @@ use crate::{ check_is_apub_id_valid, generate_outbox_url, - objects::{ - instance::fetch_instance_actor_for_object, - read_from_string_or_source_opt, - verify_image_domain_matches, - }, + objects::{instance::fetch_instance_actor_for_object, read_from_string_or_source_opt}, protocol::{ objects::{ person::{Person, UserTypes}, @@ -128,8 +124,6 @@ impl ApubObject for ApubPerson { ) -> Result<(), LemmyError> { verify_domains_match(person.id.inner(), expected_domain)?; check_is_apub_id_valid(person.id.inner(), false, &context.settings())?; - verify_image_domain_matches(expected_domain, &person.icon)?; - verify_image_domain_matches(expected_domain, &person.image)?; let slur_regex = &context.settings().slur_regex(); check_slurs(&person.preferred_username, slur_regex)?; diff --git a/crates/apub/src/protocol/objects/group.rs b/crates/apub/src/protocol/objects/group.rs index 5f03814a9b..8f161c2da7 100644 --- a/crates/apub/src/protocol/objects/group.rs +++ b/crates/apub/src/protocol/objects/group.rs @@ -4,11 +4,7 @@ use crate::{ community_moderators::ApubCommunityModerators, community_outbox::ApubCommunityOutbox, }, - objects::{ - community::ApubCommunity, - read_from_string_or_source_opt, - verify_image_domain_matches, - }, + objects::{community::ApubCommunity, read_from_string_or_source_opt}, protocol::{objects::Endpoints, ImageObject, Source}, }; use activitystreams_kinds::actor::GroupType; @@ -65,8 +61,6 @@ impl Group { ) -> Result<(), LemmyError> { check_is_apub_id_valid(self.id.inner(), true, &context.settings())?; verify_domains_match(expected_domain, self.id.inner())?; - verify_image_domain_matches(expected_domain, &self.icon)?; - verify_image_domain_matches(expected_domain, &self.image)?; let slur_regex = &context.settings().slur_regex(); check_slurs(&self.preferred_username, slur_regex)?;