Add reject pattern to Admin setting (Ported to Glitch Soc)

# Conflicts:
#	app/views/admin/settings/shared/_links.html.haml
#	config/routes/admin.rb
This commit is contained in:
noellabo 2024-02-16 16:14:23 +09:00 committed by Essem
parent ac25c657e1
commit 45279418c5
No known key found for this signature in database
GPG key ID: 7D497397CC3A2A8C
5 changed files with 29 additions and 1 deletions

View file

@ -46,8 +46,12 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
)
end
def reject_pattern?
Setting.reject_pattern.present? && @object['content']&.match?(Setting.reject_pattern)
end
def create_status
return reject_payload! if unsupported_object_type? || non_matching_uri_hosts?(@account.uri, object_uri) || tombstone_exists? || !related_to_local_activity?
return reject_payload! if unsupported_object_type? || non_matching_uri_hosts?(@account.uri, object_uri) || tombstone_exists? || !related_to_local_activity? || reject_pattern?
with_redis_lock("create:#{object_uri}") do
return if delete_arrived_first?(object_uri) || poll_vote?

View file

@ -45,6 +45,7 @@ class Form::AdminSettings
status_page_url
captcha_enabled
authorized_fetch
reject_pattern
).freeze
INTEGER_KEYS = %i(
@ -95,6 +96,7 @@ class Form::AdminSettings
validates :show_domain_blocks_rationale, inclusion: { in: %w(disabled users all) }, if: -> { defined?(@show_domain_blocks_rationale) }
validates :media_cache_retention_period, :content_cache_retention_period, :backups_retention_period, numericality: { only_integer: true }, allow_blank: true, if: -> { defined?(@media_cache_retention_period) || defined?(@content_cache_retention_period) || defined?(@backups_retention_period) }
validates :site_short_description, length: { maximum: 200 }, if: -> { defined?(@site_short_description) }
validates :reject_pattern, regexp_syntax: true, if: -> { defined?(@reject_pattern) }
validates :status_page_url, url: true, allow_blank: true
validate :validate_site_uploads

View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
class RegexpSyntaxValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
return if value.blank?
begin
Regexp.compile(value)
rescue RegexpError => e
record.errors.add(attribute, I18n.t('applications.invalid_regexp', message: e.message))
end
end
end

View file

@ -766,6 +766,10 @@ en:
all: To everyone
disabled: To no one
users: To logged-in local users
others:
activitypub: ActivityPub
preamble: Other settings, including customizing behavior
title: Other settings
registrations:
preamble: Control who can create an account on your server.
title: Registrations
@ -774,6 +778,9 @@ en:
approved: Approval required for sign up
none: Nobody can sign up
open: Anyone can sign up
reject_pattern:
desc_html: Set a regular expression pattern to inspect Create Activity content, and refuse Activity if you match
title: Reject Pattern
security:
authorized_fetch: Require authentication from federated servers
authorized_fetch_hint: Requiring authentication from federated servers enables stricter enforcement of both user-level and server-level blocks. However, this comes at the cost of a performance penalty, reduces the reach of your replies, and may introduce compatibility issues with some federated services. In addition, this will not prevent dedicated actors from fetching your public posts and accounts.
@ -1029,6 +1036,7 @@ en:
applications:
created: Application successfully created
destroyed: Application successfully deleted
invalid_regexp: "The provided Regexp is invalid: %{message}"
logout: Logout
regenerate_token: Regenerate access token
token_regenerated: Access token successfully regenerated

View file

@ -46,6 +46,7 @@ defaults: &defaults
require_invite_text: false
backups_retention_period: 7
captcha_enabled: false
reject_pattern: ''
development:
<<: *defaults