Add additional checks for banned instances

MbinOrg · Nov 28, 2024 · 0868a7f · 0868a7f
1 parent 8f7b0ba
commit 0868a7f
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 4 deletions.
diff --git a/src/Service/ActivityPub/ApHttpClient.php b/src/Service/ActivityPub/ApHttpClient.php
@@ -205,6 +205,11 @@ private function getActorCacheKey(string $apProfileId): string
         return 'ap_'.hash('sha256', $apProfileId);
     }
 
+    private function getCollectinCacheKey(string $apAddress): string
+    {
+        return 'ap_collection'.hash('sha256', $apAddress);
+    }
+
     /**
      * Retrieve AP actor object (could be a user or magazine).
      *
@@ -280,22 +285,37 @@ private function getActorObjectImpl(string $apProfileId): ?string
         return $response->getContent(false);
     }
 
+    /**
+     * Remove actor object from cache.
+     *
+     * @param string $apProfileId AP profile ID to remove from cache
+     */
     public function invalidateActorObjectCache(string $apProfileId): void
     {
         $this->cache->delete($this->getActorCacheKey($apProfileId));
     }
 
+    /**
+     * Remove collection object from cache.
+     *
+     * @param string $apAddress AP address to remove from cache
+     */
     public function invalidateCollectionObjectCache(string $apAddress): void
     {
-        $this->cache->delete('ap_collection'.hash('sha256', $apAddress));
+        $this->cache->delete($this->getCollectinCacheKey($apAddress));
     }
 
     /**
+     * Retrieve AP collection object. First look in cache, then try to retrieve from AP server.
+     * And finally, save the response to cache.
+     *
+     * @return Response body
+     *
      * @throws InvalidArgumentException
      */
     public function getCollectionObject(string $apAddress): ?array
     {
-        $key = 'ap_collection'.hash('sha256', $apAddress);
+        $key = $this->getCollectinCacheKey($apAddress);
         if ($this->cache->hasItem($key)) {
             /** @var CacheItem $item */
             $item = $this->cache->getItem($key);

diff --git a/src/Service/ActivityPubManager.php b/src/Service/ActivityPubManager.php
@@ -126,7 +126,6 @@ public function createCcFromBody(string $body): array
      *
      * @return User|Magazine|null or Magazine or null on error
      *
-     * @throws InstanceBannedException
      * @throws InvalidApPostException
      * @throws InvalidArgumentException
      * @throws InvalidWebfingerException
@@ -161,6 +160,11 @@ public function findActorOrCreate(?string $actorUrlOrHandle): User|Magazine|null
             $actorUrl = $this->webfinger($actorUrl)->getProfileId();
         }
 
+        // Check if the instance is banned
+        if ($this->settingsManager->isBannedInstance($actorUrl)) {
+            return null;
+        }
+
         if (\in_array(
             parse_url($actorUrl, PHP_URL_HOST),
             [$this->settingsManager->get('KBIN_DOMAIN'), 'localhost', '127.0.0.1']
@@ -279,7 +283,7 @@ public function webfinger(string $id): WebFinger
         return $this->webFingerFactory->get($handle);
     }
 
-    public function buildHandle(string $id): string
+    private function buildHandle(string $id): string
     {
         $port = !\is_null(parse_url($id, PHP_URL_PORT))
             ? ':'.parse_url($id, PHP_URL_PORT)
@@ -337,6 +341,10 @@ public function updateUser(string $actorUrl): ?User
             return $user;
         }
 
+        if ($this->settingsManager->isBannedInstance($actorUrl)) {
+            return null;
+        }
+
         $actor = $this->apHttpClient->getActorObject($actorUrl);
         if (!$actor || !\is_array($actor)) {
             return null;
@@ -511,6 +519,10 @@ public function updateMagazine(string $actorUrl): ?Magazine
             return $magazine;
         }
 
+        if ($this->settingsManager->isBannedInstance($actorUrl)) {
+            return null;
+        }
+
         $actor = $this->apHttpClient->getActorObject($actorUrl);
         // Check if actor isn't empty (not set/null/empty array/etc.)
 
@@ -868,6 +880,10 @@ public function handleExternalVideos(array $attachment): ?array
      */
     public function updateActor(string $actorUrl): Magazine|User|null
     {
+        if ($this->settingsManager->isBannedInstance($actorUrl)) {
+            return null;
+        }
+
         if ($this->userRepository->findOneBy(['apProfileId' => $actorUrl])) {
             return $this->updateUser($actorUrl);
         } elseif ($this->magazineRepository->findOneBy(['apProfileId' => $actorUrl])) {