move not-public check from activitypub.inbox to Protocol.receive

activitypub.py

@@ -1057,19 +1057,6 @@ def inbox(protocol=None, id=None):
             logger.info(f'Already seen this activity {id}')
             return '', 204
 
-    # check that this activity is public. only do this for creates, not likes,
-    # follows, or other activity types, since Mastodon doesn't currently mark
-    # those as explicitly public. Use as2's is_public instead of as1's because
-    # as1's interprets unlisted as true.
-    # TODO: move this to Protocol
-    to_cc = set(as1.get_ids(object, 'to') + as1.get_ids(activity, 'cc') +
-                as1.get_ids(object, 'to') + as1.get_ids(object, 'cc'))
-    if (type == 'Create' and not as2.is_public(activity, unlisted=False)
-            # DM to one of our protocol bot users
-            and not (len(to_cc) == 1 and to_cc.pop() in BOT_ACTOR_AP_IDS)):
-        logger.info('Dropping non-public activity')
-        return 'OK'
-
     # check actor, signature, auth
     actor = as1.get_object(activity, 'actor')
     actor_id = actor.get('id')

protocol.py

@@ -791,6 +791,14 @@ class Protocol:
             error('No id provided')
         elif from_cls.is_blocklisted(id, allow_internal=internal):
             error(f'Activity {id} is blocklisted')
+        # check that this activity is public. only do this for some activities,
+        # not eg likes or follows, since Mastodon doesn't currently mark those
+        # as explicitly public.
+        elif (obj.type in set(('post', 'update')) | as1.POST_TYPES | as1.ACTOR_TYPES
+                  and not as1.is_public(obj.as1, unlisted=False)
+                  and not as1.is_dm(obj.as1)):
+              logger.info('Dropping non-public activity')
+              return ('OK', 200)
 
         # lease this object, atomically
         memcache_key = activity_id_memcache_key(id)

tests/test_activitypub.py

@@ -927,7 +927,7 @@ class ActivityPubTest(TestCase):
                            )
 
     def test_inbox_private(self, *mocks):
-        self._test_inbox_with_to_ignored([], *mocks)
+        self._test_inbox_with_to_ignored(['https://mas.to/author/followers'], *mocks)
 
     def test_inbox_unlisted(self, *mocks):
         self._test_inbox_with_to_ignored(['@unlisted'], *mocks)
@@ -946,7 +946,10 @@ class ActivityPubTest(TestCase):
 
         got = self.post('/user.com/inbox', json=not_public)
         self.assertEqual(200, got.status_code, got.get_data(as_text=True))
-        self.assertIsNone(Object.get_by_id(not_public['id']))
+
+        activity = Object.get_by_id(not_public['id'])
+        self.assertIsNone(activity.status)
+        self.assertEqual([], activity.delivered)
         self.assertIsNone(Object.get_by_id(not_public['object']['id']))
 
     def test_follow_bot_user_enables_protocol(self, _, mock_get, __):

tests/test_protocol.py

@@ -959,6 +959,24 @@ class ProtocolReceiveTest(TestCase):
         self.assertEqual('fake:post#bridgy-fed-create', obj.key.id())
         self.assertEqual(ATProto.PDS_URL, url)
 
+    def test_post_not_public_ignored(self):
+        self.assertEqual(('OK', 200), Fake.receive_as1({
+            'id': 'fake:post',
+            'objectType': 'note',
+            'author': 'fake:user',
+            'to': ['fake:user/followers'],
+        }))
+        self.assertIsNone(Object.get_by_id('fake:post'))
+
+    def test_post_unlisted_ignored(self):
+        self.assertEqual(('OK', 200), Fake.receive_as1({
+            'id': 'fake:post',
+            'objectType': 'note',
+            'author': 'fake:user',
+            'to': ['@unlisted'],
+        }))
+        self.assertIsNone(Object.get_by_id('fake:post'))
+
     @patch.object(ATProto, 'send')
     def test_reply_to_not_bridged_account_skips_atproto(self, mock_send):
         user = self.make_user('eefake:user', cls=ExplicitEnableFake,