add protocol.LIMITED_DOMAINS

2024-05-11 17:39:04 -07:00 · 2024-05-11 17:39:04 -07:00 · 59b9e9c904
commit 59b9e9c904
--- a/.gitignore
+++ b/.gitignore
@ -7,6 +7,7 @@ datastore.dat*
 flask_secret_key
 /l
 /local*
+limited_domains
 make_password
 private_notes
 service_account_creds.json
--- a/protocol.py
+++ b/protocol.py
@ -54,6 +54,10 @@ SUPPORTED_TYPES = (

 OBJECT_REFRESH_AGE = timedelta(days=30)

+# require a follow for users on these domains before we deliver anything from
+# them other than their profile
+LIMITED_DOMAINS = util.read('limited_domains')
+
 # activity ids that we've already handled and can now ignore.
 # used in Protocol.receive
 seen_ids = LRUCache(100000)
@ -1260,10 +1264,17 @@ class Protocol:
            # })

            if 'atproto' in from_user.enabled_protocols:
-                from atproto import ATProto
-                targets.setdefault(Target(protocol=ATProto.LABEL, uri=ATProto.PDS_URL),
-                                   None)
-                logger.info(f'user has ATProto enabled, added target {ATProto.PDS_URL}')
+                if (not followers and
+                    (util.domain_or_parent_in(
+                        util.domain_from_link(from_user.key.id()), LIMITED_DOMAINS)
+                     or util.domain_or_parent_in(
+                         util.domain_from_link(obj.key.id()), LIMITED_DOMAINS))):
+                    logger.info(f'skipping ATProto, {from_user.key.id()} is on a limited domain and has no followers')
+                else:
+                    from atproto import ATProto
+                    targets.setdefault(
+                        Target(protocol=ATProto.LABEL, uri=ATProto.PDS_URL), None)
+                    logger.info(f'user has ATProto enabled, adding {ATProto.PDS_URL}')

        # de-dupe targets, discard same-domain
        # maps string target URL to (Target, Object) tuple
--- a/tests/test_protocol.py
+++ b/tests/test_protocol.py
@ -29,7 +29,7 @@ from protocol import Protocol
 from ui import UIProtocol
 from web import Web

-from .test_activitypub import ACTOR
+from .test_activitypub import ACTOR, NOTE
 from .test_atproto import DID_DOC
 from .test_web import ACTOR_HTML_RESP, ACTOR_AS1_UNWRAPPED_URLS, ACTOR_MF2_REL_URLS

@ -2020,6 +2020,46 @@ class ProtocolReceiveTest(TestCase):
        self.assertEqual([], Fake.created_for)
        self.assertFalse(user.is_enabled(Fake))

+    @patch('protocol.LIMITED_DOMAINS', ['lim.it'])
+    @patch('requests.get')
+    def test_limited_domain_update_profile_without_follow(self, mock_get):
+        actor = {
+            **ACTOR,
+            'id': 'https://lim.it/alice',
+        }
+        mock_get.side_effect = [
+            self.as2_resp(actor),
+        ]
+
+        with self.assertRaises(NoContent):
+            got = ActivityPub.receive(Object(our_as1={
+                'id': 'https://lim.it/alice#update',
+                'objectType': 'activity',
+                'verb': 'update',
+                'actor': 'https://lim.it/alice',
+                'object': actor,
+            }))
+
+        self.assert_object('https://lim.it/alice',
+                           source_protocol='activitypub',
+                           our_as1=actor)
+
+    @patch('protocol.LIMITED_DOMAINS', ['lim.it'])
+    @patch.object(ATProto, 'send')
+    @patch('requests.get')
+    def test_inbox_limited_domain_create_without_follow_no_atproto(
+            self, mock_get, mock_send):
+        actor = 'https://lim.it/alice'
+        user = self.make_user(id=actor, cls=ActivityPub, enabled_protocols=['atproto'])
+
+        got = self.post('/user.com/inbox', json={
+            **NOTE,
+            'id': 'https://lim.it/note',
+            'actor': actor,
+        })
+        self.assertEqual(204, got.status_code)
+        mock_send.assert_not_called()
+
    def test_receive_task_handler(self):
        note = {
            'id': 'fake:post',