Remove capabilities

acceptreject.py

@@ -27,7 +27,7 @@ def createAcceptReject(baseDir: str, federationList: [],
     if not objectJson.get('actor'):
         return None
 
-    if not urlPermitted(objectJson['actor'], federationList, "inbox:write"):
+    if not urlPermitted(objectJson['actor'], federationList):
         return None
 
     if port:
@@ -52,8 +52,7 @@ def createAcceptReject(baseDir: str, federationList: [],
 def createAccept(baseDir: str, federationList: [],
                  nickname: str, domain: str, port: int,
                  toUrl: str, ccUrl: str, httpPrefix: str,
-                 objectJson: {},
-                 acceptedCaps=["inbox:write", "objects:read"]) -> {}:
+                 objectJson: {}) -> {}:
     return createAcceptReject(baseDir, federationList,
                               nickname, domain, port,
                               toUrl, ccUrl, httpPrefix,

announce.py

@@ -108,7 +108,7 @@ def createAnnounce(session, baseDir: str, federationList: [],
     followers url objectUrl is typically the url of the message,
     corresponding to url or atomUri in createPostBase
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     if ':' in domain:
@@ -231,7 +231,7 @@ def undoAnnounce(session, baseDir: str, federationList: [],
     objectUrl is typically the url of the message which was repeated,
     corresponding to url or atomUri in createPostBase
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     if ':' in domain:
@@ -391,12 +391,12 @@ def sendAnnounceViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey, fromPersonId,
-     sharedInbox, capabilityAcquisition,
-     avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
-                                            personCache,
-                                            projectVersion, httpPrefix,
-                                            fromNickname, fromDomain,
-                                            postToBox)
+     sharedInbox, avatarUrl,
+     displayName) = getPersonBox(baseDir, session, wfRequest,
+                                 personCache,
+                                 projectVersion, httpPrefix,
+                                 fromNickname, fromDomain,
+                                 postToBox)
 
     if not inboxUrl:
         if debug:
@@ -414,8 +414,7 @@ def sendAnnounceViaServer(baseDir: str, session,
         'Content-type': 'application/json',
         'Authorization': authHeader
     }
-    postResult = postJson(session, newAnnounceJson, [], inboxUrl,
-                          headers, "inbox:write")
+    postResult = postJson(session, newAnnounceJson, [], inboxUrl, headers)
     if not postResult:
         print('WARN: Announce not posted')
 

availability.py

@@ -123,7 +123,6 @@ def sendAvailabilityViaServer(baseDir: str, session,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache, projectVersion,
                                             httpPrefix, nickname,
@@ -146,7 +145,7 @@ def sendAvailabilityViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = postJson(session, newAvailabilityJson, [],
-                          inboxUrl, headers, "inbox:write")
+                          inboxUrl, headers)
     if not postResult:
         print('WARN: failed to post availability')
 

bookmarks.py

@@ -234,7 +234,7 @@ def bookmark(recentPostsCache: {},
     'to' might be a specific person (actor) whose post was bookmarked
     object is typically the url of the message which was bookmarked
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     fullDomain = domain
@@ -330,7 +330,7 @@ def undoBookmark(recentPostsCache: {},
     'to' might be a specific person (actor) whose post was bookmarked
     object is typically the url of the message which was bookmarked
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     fullDomain = domain
@@ -457,8 +457,7 @@ def sendBookmarkViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
                                  projectVersion, httpPrefix, fromNickname,
                                  fromDomain, postToBox)
@@ -480,7 +479,7 @@ def sendBookmarkViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = postJson(session, newBookmarkJson, [],
-                          inboxUrl, headers, "inbox:write")
+                          inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)
@@ -539,8 +538,7 @@ def sendUndoBookmarkViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
                                  projectVersion, httpPrefix, fromNickname,
                                  fromDomain, postToBox)
@@ -562,7 +560,7 @@ def sendUndoBookmarkViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = postJson(session, newUndoBookmarkJson, [],
-                          inboxUrl, headers, "inbox:write")
+                          inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)

daemon.py

@@ -444,7 +444,7 @@ class PubServer(BaseHTTPRequestHandler):
                       'failed to obtain keyId from signature')
             return False
         # is the keyId (actor) valid?
-        if not urlPermitted(keyId, self.server.federationList, "inbox:read"):
+        if not urlPermitted(keyId, self.server.federationList):
             if self.server.debug:
                 print('Authorized fetch failed: ' + keyId +
                       ' is not permitted')
@@ -4364,7 +4364,6 @@ class PubServer(BaseHTTPRequestHandler):
                                        self.server.postLog,
                                        self.server.cachedWebfingers,
                                        self.server.personCache,
-                                       self.server.acceptedCaps,
                                        debug,
                                        self.server.projectVersion)
         originPathStrAbsolute = \
@@ -5233,7 +5232,6 @@ class PubServer(BaseHTTPRequestHandler):
                                     self.server.translate,
                                     self.server.projectVersion,
                                     baseDir, httpPrefix, True,
-                                    self.server.ocapAlways,
                                     getPerson, 'roles',
                                     self.server.session,
                                     cachedWebfingers,
@@ -5304,7 +5302,6 @@ class PubServer(BaseHTTPRequestHandler):
                                                 self.server.translate,
                                                 self.server.projectVersion,
                                                 baseDir, httpPrefix, True,
-                                                self.server.ocapAlways,
                                                 getPerson, 'skills',
                                                 self.server.session,
                                                 cachedWebfingers,
@@ -5571,7 +5568,6 @@ class PubServer(BaseHTTPRequestHandler):
                    proxyType: str, cookie: str,
                    debug: str,
                    recentPostsCache: {}, session,
-                   ocapAlways: bool,
                    defaultTimeline: str,
                    maxRecentPosts: int,
                    translate: {},
@@ -5593,8 +5589,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'inbox',
-                                  authorized,
-                                  ocapAlways)
+                                  authorized)
                 if inboxFeed:
                     self._benchmarkGETtimings(GETstartTime, GETtimings,
                                               'show status done',
@@ -5621,8 +5616,7 @@ class PubServer(BaseHTTPRequestHandler):
                                               path + '?page=1',
                                               httpPrefix,
                                               maxPostsInFeed, 'inbox',
-                                              authorized,
-                                              ocapAlways)
+                                              authorized)
                             self._benchmarkGETtimings(GETstartTime,
                                                       GETtimings,
                                                       'show status done',
@@ -5702,8 +5696,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'dm',
-                                  authorized,
-                                  self.server.ocapAlways)
+                                  authorized)
                 if inboxDMFeed:
                     if self._requestHTTP():
                         nickname = path.replace('/users/', '')
@@ -5727,8 +5720,7 @@ class PubServer(BaseHTTPRequestHandler):
                                               path + '?page=1',
                                               httpPrefix,
                                               maxPostsInFeed, 'dm',
-                                              authorized,
-                                              self.server.ocapAlways)
+                                              authorized)
                         msg = \
                             htmlInboxDMs(self.server.defaultTimeline,
                                          self.server.recentPostsCache,
@@ -5803,7 +5795,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'tlreplies',
-                                  True, self.server.ocapAlways)
+                                  True)
                 if not inboxRepliesFeed:
                     inboxRepliesFeed = []
                 if self._requestHTTP():
@@ -5828,7 +5820,7 @@ class PubServer(BaseHTTPRequestHandler):
                                           path + '?page=1',
                                           httpPrefix,
                                           maxPostsInFeed, 'tlreplies',
-                                          True, self.server.ocapAlways)
+                                          True)
                     msg = \
                         htmlInboxReplies(self.server.defaultTimeline,
                                          self.server.recentPostsCache,
@@ -5903,7 +5895,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInMediaFeed, 'tlmedia',
-                                  True, self.server.ocapAlways)
+                                  True)
                 if not inboxMediaFeed:
                     inboxMediaFeed = []
                 if self._requestHTTP():
@@ -5928,7 +5920,7 @@ class PubServer(BaseHTTPRequestHandler):
                                           path + '?page=1',
                                           httpPrefix,
                                           maxPostsInMediaFeed, 'tlmedia',
-                                          True, self.server.ocapAlways)
+                                          True)
                     msg = \
                         htmlInboxMedia(self.server.defaultTimeline,
                                        self.server.recentPostsCache,
@@ -6003,7 +5995,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInBlogsFeed, 'tlblogs',
-                                  True, self.server.ocapAlways)
+                                  True)
                 if not inboxBlogsFeed:
                     inboxBlogsFeed = []
                 if self._requestHTTP():
@@ -6028,7 +6020,7 @@ class PubServer(BaseHTTPRequestHandler):
                                           path + '?page=1',
                                           httpPrefix,
                                           maxPostsInBlogsFeed, 'tlblogs',
-                                          True, self.server.ocapAlways)
+                                          True)
                     msg = \
                         htmlInboxBlogs(self.server.defaultTimeline,
                                        self.server.recentPostsCache,
@@ -6161,7 +6153,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'tlbookmarks',
-                                  authorized, self.server.ocapAlways)
+                                  authorized)
                 if bookmarksFeed:
                     if self._requestHTTP():
                         nickname = path.replace('/users/', '')
@@ -6187,8 +6179,7 @@ class PubServer(BaseHTTPRequestHandler):
                                               httpPrefix,
                                               maxPostsInFeed,
                                               'tlbookmarks',
-                                              authorized,
-                                              self.server.ocapAlways)
+                                              authorized)
                         msg = \
                             htmlBookmarks(self.server.defaultTimeline,
                                           self.server.recentPostsCache,
@@ -6265,7 +6256,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'tlevents',
-                                  authorized, self.server.ocapAlways)
+                                  authorized)
                 print('eventsFeed: ' + str(eventsFeed))
                 if eventsFeed:
                     if self._requestHTTP():
@@ -6291,8 +6282,7 @@ class PubServer(BaseHTTPRequestHandler):
                                               httpPrefix,
                                               maxPostsInFeed,
                                               'tlevents',
-                                              authorized,
-                                              self.server.ocapAlways)
+                                              authorized)
                         msg = \
                             htmlEvents(self.server.defaultTimeline,
                                        self.server.recentPostsCache,
@@ -6361,8 +6351,7 @@ class PubServer(BaseHTTPRequestHandler):
                           port, path,
                           httpPrefix,
                           maxPostsInFeed, 'outbox',
-                          authorized,
-                          self.server.ocapAlways)
+                          authorized)
         if outboxFeed:
             if self._requestHTTP():
                 nickname = \
@@ -6386,8 +6375,7 @@ class PubServer(BaseHTTPRequestHandler):
                                       path + '?page=1',
                                       httpPrefix,
                                       maxPostsInFeed, 'outbox',
-                                      authorized,
-                                      self.server.ocapAlways)
+                                      authorized)
                 msg = \
                     htmlOutbox(self.server.defaultTimeline,
                                self.server.recentPostsCache,
@@ -6449,7 +6437,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   path,
                                   httpPrefix,
                                   maxPostsInFeed, 'moderation',
-                                  True, self.server.ocapAlways)
+                                  True)
                 if moderationFeed:
                     if self._requestHTTP():
                         nickname = path.replace('/users/', '')
@@ -6473,7 +6461,7 @@ class PubServer(BaseHTTPRequestHandler):
                                               path + '?page=1',
                                               httpPrefix,
                                               maxPostsInFeed, 'moderation',
-                                              True, self.server.ocapAlways)
+                                              True)
                         msg = \
                             htmlModeration(self.server.defaultTimeline,
                                            self.server.recentPostsCache,
@@ -6576,7 +6564,6 @@ class PubServer(BaseHTTPRequestHandler):
                                     self.server.projectVersion,
                                     baseDir, httpPrefix,
                                     authorized,
-                                    self.server.ocapAlways,
                                     getPerson, 'shares',
                                     self.server.session,
                                     self.server.cachedWebfingers,
@@ -6663,7 +6650,6 @@ class PubServer(BaseHTTPRequestHandler):
                                     self.server.projectVersion,
                                     baseDir, httpPrefix,
                                     authorized,
-                                    self.server.ocapAlways,
                                     getPerson, 'following',
                                     self.server.session,
                                     self.server.cachedWebfingers,
@@ -6750,7 +6736,6 @@ class PubServer(BaseHTTPRequestHandler):
                                     baseDir,
                                     httpPrefix,
                                     authorized,
-                                    self.server.ocapAlways,
                                     getPerson, 'followers',
                                     self.server.session,
                                     self.server.cachedWebfingers,
@@ -6812,7 +6797,6 @@ class PubServer(BaseHTTPRequestHandler):
                                 baseDir,
                                 httpPrefix,
                                 authorized,
-                                self.server.ocapAlways,
                                 getPerson, 'posts',
                                 self.server.session,
                                 self.server.cachedWebfingers,
@@ -8740,7 +8724,6 @@ class PubServer(BaseHTTPRequestHandler):
                                cookie, self.server.debug,
                                self.server.recentPostsCache,
                                self.server.session,
-                               self.server.ocapAlways,
                                self.server.defaultTimeline,
                                self.server.maxRecentPosts,
                                self.server.translate,
@@ -10621,7 +10604,7 @@ def runDaemon(blogsInstance: bool, mediaInstance: bool,
               fedList=[], maxMentions=10, maxEmoji=10,
               authenticatedFetch=False,
               noreply=False, nolike=False, nopics=False,
-              noannounce=False, cw=False, ocapAlways=False,
+              noannounce=False, cw=False,
               proxyType=None, maxReplies=64,
               domainMaxPostsPerDay=8640, accountMaxPostsPerDay=864,
               allowDeletion=False, debug=False, unitTest=False,
@@ -10753,7 +10736,6 @@ def runDaemon(blogsInstance: bool, mediaInstance: bool,
     httpd.sendThreads = sendThreads
     httpd.postLog = []
     httpd.maxQueueLength = 64
-    httpd.ocapAlways = ocapAlways
     httpd.allowDeletion = allowDeletion
     httpd.lastLoginTime = 0
     httpd.maxReplies = maxReplies
@@ -10761,19 +10743,8 @@ def runDaemon(blogsInstance: bool, mediaInstance: bool,
     httpd.tokensLookup = {}
     loadTokens(baseDir, httpd.tokens, httpd.tokensLookup)
     httpd.instanceOnlySkillsSearch = instanceOnlySkillsSearch
-    httpd.acceptedCaps = ["inbox:write", "objects:read"]
     # contains threads used to send posts to followers
     httpd.followersThreads = []
-    if noreply:
-        httpd.acceptedCaps.append('inbox:noreply')
-    if nolike:
-        httpd.acceptedCaps.append('inbox:nolike')
-    if nopics:
-        httpd.acceptedCaps.append('inbox:nopics')
-    if noannounce:
-        httpd.acceptedCaps.append('inbox:noannounce')
-    if cw:
-        httpd.acceptedCaps.append('inbox:cw')
 
     if not os.path.isdir(baseDir + '/accounts/inbox@' + domain):
         print('Creating shared inbox: inbox@' + domain)
@@ -10844,12 +10815,11 @@ def runDaemon(blogsInstance: bool, mediaInstance: bool,
                               httpd.personCache, httpd.inboxQueue,
                               domain, onionDomain, i2pDomain, port, proxyType,
                               httpd.federationList,
-                              httpd.ocapAlways, maxReplies,
+                              maxReplies,
                               domainMaxPostsPerDay, accountMaxPostsPerDay,
                               allowDeletion, debug, maxMentions, maxEmoji,
                               httpd.translate, unitTest,
-                              httpd.YTReplacementDomain,
-                              httpd.acceptedCaps), daemon=True)
+                              httpd.YTReplacementDomain), daemon=True)
     print('Creating scheduled post thread')
     httpd.thrPostSchedule = \
         threadWithTrace(target=runPostSchedule,

delete.py

@@ -34,7 +34,7 @@ def createDelete(session, baseDir: str, federationList: [],
     objectUrl is typically the url of the message, corresponding to url
     or atomUri in createPostBase
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     if ':' in domain:
@@ -137,8 +137,7 @@ def sendDeleteViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
                                  projectVersion, httpPrefix, fromNickname,
                                  fromDomain, postToBox)
@@ -160,7 +159,7 @@ def sendDeleteViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, newDeleteJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, newDeleteJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)

epicyon.py

@@ -788,7 +788,6 @@ if args.approve:
     postLog = []
     cachedWebfingers = {}
     personCache = {}
-    acceptedCaps = []
     manualApproveFollowRequest(session, baseDir,
                                httpPrefix,
                                args.nickname, domain, port,
@@ -796,7 +795,6 @@ if args.approve:
                                federationList,
                                sendThreads, postLog,
                                cachedWebfingers, personCache,
-                               acceptedCaps,
                                debug, __version__)
     sys.exit()
 
@@ -1181,9 +1179,6 @@ if args.port:
 if args.proxyPort:
     proxyPort = args.proxyPort
     setConfigParam(baseDir, 'proxyPort', proxyPort)
-ocapAlways = False
-if args.ocap:
-    ocapAlways = args.ocap
 if args.gnunet:
     httpPrefix = 'gnunet'
 if args.dat:
@@ -1901,7 +1896,7 @@ if __name__ == "__main__":
               federationList, args.maxMentions,
               args.maxEmoji, args.authenticatedFetch,
               False, False, False,
-              False, False, ocapAlways,
+              False, False,
               proxyType, args.maxReplies,
               args.domainMaxPostsPerDay,
               args.accountMaxPostsPerDay,

follow.py

@@ -513,8 +513,7 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str,
                          port: int, sendThreads: [], postLog: [],
                          cachedWebfingers: {}, personCache: {},
                          messageJson: {}, federationList: [],
-                         debug: bool, projectVersion: str,
-                         acceptedCaps=["inbox:write", "objects:read"]) -> bool:
+                         debug: bool, projectVersion: str) -> bool:
     """Receives a follow request within the POST section of HTTPServer
     """
     if not messageJson['type'].startswith('Follow'):
@@ -655,8 +654,7 @@ def receiveFollowRequest(session, baseDir: str, httpPrefix: str,
                                   nicknameToFollow, domainToFollow, port,
                                   nickname, domain, fromPort,
                                   messageJson['actor'], federationList,
-                                  messageJson, acceptedCaps,
-                                  sendThreads, postLog,
+                                  messageJson, sendThreads, postLog,
                                   cachedWebfingers, personCache,
                                   debug, projectVersion, True)
 
@@ -666,8 +664,7 @@ def followedAccountAccepts(session, baseDir: str, httpPrefix: str,
                            port: int,
                            nickname: str, domain: str, fromPort: int,
                            personUrl: str, federationList: [],
-                           followJson: {}, acceptedCaps: [],
-                           sendThreads: [], postLog: [],
+                           followJson: {}, sendThreads: [], postLog: [],
                            cachedWebfingers: {}, personCache: {},
                            debug: bool, projectVersion: str,
                            removeFollowActivity: bool):
@@ -685,7 +682,7 @@ def followedAccountAccepts(session, baseDir: str, httpPrefix: str,
     acceptJson = createAccept(baseDir, federationList,
                               nicknameToFollow, domainToFollow, port,
                               personUrl, '', httpPrefix,
-                              followJson, acceptedCaps)
+                              followJson)
     if debug:
         pprint(acceptJson)
         print('DEBUG: sending follow Accept from ' +
@@ -908,8 +905,7 @@ def sendFollowRequestViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
                                  projectVersion, httpPrefix, fromNickname,
                                  fromDomain, postToBox)
@@ -931,7 +927,7 @@ def sendFollowRequestViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, newFollowJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, newFollowJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)
@@ -1007,10 +1003,11 @@ def sendUnfollowRequestViaServer(baseDir: str, session,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
-     displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
-                                 projectVersion, httpPrefix, fromNickname,
-                                 fromDomain, postToBox)
+     avatarUrl, displayName) = getPersonBox(baseDir, session,
+                                            wfRequest, personCache,
+                                            projectVersion, httpPrefix,
+                                            fromNickname,
+                                            fromDomain, postToBox)
 
     if not inboxUrl:
         if debug:
@@ -1029,7 +1026,7 @@ def sendUnfollowRequestViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, unfollowJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, unfollowJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)

inbox.py

@@ -265,7 +265,7 @@ def inboxPermittedMessage(domain: str, messageJson: {},
     if domain in actor:
         return True
 
-    if not urlPermitted(actor, federationList, "inbox:write"):
+    if not urlPermitted(actor, federationList):
         return False
 
     alwaysAllowedTypes = ('Follow', 'Like', 'Delete', 'Announce')
@@ -278,7 +278,7 @@ def inboxPermittedMessage(domain: str, messageJson: {},
             inReplyTo = messageJson['object']['inReplyTo']
             if not isinstance(inReplyTo, str):
                 return False
-            if not urlPermitted(inReplyTo, federationList, "inbox:write"):
+            if not urlPermitted(inReplyTo, federationList):
                 return False
 
     return True
@@ -652,8 +652,7 @@ def receiveUndo(session, baseDir: str, httpPrefix: str,
                 port: int, sendThreads: [], postLog: [],
                 cachedWebfingers: {}, personCache: {},
                 messageJson: {}, federationList: [],
-                debug: bool,
-                acceptedCaps=["inbox:write", "objects:read"]) -> bool:
+                debug: bool) -> bool:
     """Receives an undo request within the POST section of HTTPServer
     """
     if not messageJson['type'].startswith('Undo'):
@@ -2024,8 +2023,7 @@ def inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int,
                       queue: [], domain: str,
                       onionDomain: str, i2pDomain: str,
                       port: int, proxyType: str,
-                      federationList: [], ocapAlways: bool, debug: bool,
-                      acceptedCaps: [],
+                      federationList: [], debug: bool,
                       queueFilename: str, destinationFilename: str,
                       maxReplies: int, allowDeletion: bool,
                       maxMentions: int, maxEmoji: int, translate: {},
@@ -2419,13 +2417,11 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
                   cachedWebfingers: {}, personCache: {}, queue: [],
                   domain: str,
                   onionDomain: str, i2pDomain: str, port: int, proxyType: str,
-                  federationList: [],
-                  ocapAlways: bool, maxReplies: int,
+                  federationList: [], maxReplies: int,
                   domainMaxPostsPerDay: int, accountMaxPostsPerDay: int,
                   allowDeletion: bool, debug: bool, maxMentions: int,
                   maxEmoji: int, translate: {}, unitTest: bool,
-                  YTReplacementDomain: str,
-                  acceptedCaps=["inbox:write", "objects:read"]) -> None:
+                  YTReplacementDomain: str) -> None:
     """Processes received items and moves them to the appropriate
     directories
     """
@@ -2694,8 +2690,7 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
                        personCache,
                        queueJson['post'],
                        federationList,
-                       debug,
-                       acceptedCaps=["inbox:write", "objects:read"]):
+                       debug):
             print('Queue: Undo accepted from ' + keyId)
             if os.path.isfile(queueFilename):
                 os.remove(queueFilename)
@@ -2712,9 +2707,7 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
                                 personCache,
                                 queueJson['post'],
                                 federationList,
-                                debug, projectVersion,
-                                acceptedCaps=["inbox:write",
-                                              "objects:read"]):
+                                debug, projectVersion):
             if os.path.isfile(queueFilename):
                 os.remove(queueFilename)
             if len(queue) > 0:
@@ -2810,15 +2803,6 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
             pprint(recipientsDictFollowers)
             print('*************************************')
 
-        if queueJson['post'].get('capability'):
-            if not isinstance(queueJson['post']['capability'], list):
-                print('Queue: capability on post should be a list')
-                if os.path.isfile(queueFilename):
-                    os.remove(queueFilename)
-                if len(queue) > 0:
-                    queue.pop(0)
-                continue
-
         # Copy any posts addressed to followers into the shared inbox
         # this avoid copying file multiple times to potentially many
         # individual inboxes
@@ -2843,8 +2827,8 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
                               domain,
                               onionDomain, i2pDomain,
                               port, proxyType,
-                              federationList, ocapAlways,
-                              debug, acceptedCaps,
+                              federationList,
+                              debug,
                               queueFilename, destination,
                               maxReplies, allowDeletion,
                               maxMentions, maxEmoji,

like.py

@@ -63,7 +63,7 @@ def like(recentPostsCache: {},
     'to' might be a specific person (actor) whose post was liked
     object is typically the url of the message which was liked
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     fullDomain = domain
@@ -162,7 +162,7 @@ def undolike(recentPostsCache: {},
     'to' might be a specific person (actor) whose post was liked
     object is typically the url of the message which was liked
     """
-    if not urlPermitted(objectUrl, federationList, "inbox:write"):
+    if not urlPermitted(objectUrl, federationList):
         return None
 
     fullDomain = domain
@@ -267,8 +267,7 @@ def sendLikeViaServer(baseDir: str, session,
     postToBox = 'outbox'
 
     # get the actor inbox for the To handle
-    (inboxUrl, pubKeyId, pubKey, fromPersonId,
-     sharedInbox, capabilityAcquisition,
+    (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache,
                                             projectVersion, httpPrefix,
@@ -291,8 +290,7 @@ def sendLikeViaServer(baseDir: str, session,
         'Content-type': 'application/json',
         'Authorization': authHeader
     }
-    postResult = postJson(session, newLikeJson, [], inboxUrl,
-                          headers, "inbox:write")
+    postResult = postJson(session, newLikeJson, [], inboxUrl, headers)
     if not postResult:
         print('WARN: POST announce failed for c2s to ' + inboxUrl)
         return 5
@@ -352,8 +350,7 @@ def sendUndoLikeViaServer(baseDir: str, session,
     postToBox = 'outbox'
 
     # get the actor inbox for the To handle
-    (inboxUrl, pubKeyId, pubKey, fromPersonId,
-     sharedInbox, capabilityAcquisition,
+    (inboxUrl, pubKeyId, pubKey, fromPersonId, sharedInbox,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache, projectVersion,
                                             httpPrefix, fromNickname,
@@ -375,8 +372,7 @@ def sendUndoLikeViaServer(baseDir: str, session,
         'Content-type': 'application/json',
         'Authorization': authHeader
     }
-    postResult = postJson(session, newUndoLikeJson, [], inboxUrl,
-                          headers, "inbox:write")
+    postResult = postJson(session, newUndoLikeJson, [], inboxUrl, headers)
     if not postResult:
         print('WARN: POST announce failed for c2s to ' + inboxUrl)
         return 5

manualapprove.py

@@ -85,7 +85,6 @@ def manualApproveFollowRequest(session, baseDir: str,
                                federationList: [],
                                sendThreads: [], postLog: [],
                                cachedWebfingers: {}, personCache: {},
-                               acceptedCaps: [],
                                debug: bool,
                                projectVersion: str) -> None:
     """Manually approve a follow request
@@ -142,7 +141,7 @@ def manualApproveFollowRequest(session, baseDir: str,
                                                approvePort,
                                                followJson['actor'],
                                                federationList,
-                                               followJson, acceptedCaps,
+                                               followJson,
                                                sendThreads, postLog,
                                                cachedWebfingers, personCache,
                                                debug, projectVersion, False)

person.py

@@ -326,8 +326,6 @@ def createPersonBase(baseDir: str, nickname: str, domain: str, port: int,
         if not os.path.isdir(baseDir + peopleSubdir + '/' +
                              handle + '/outbox'):
             os.mkdir(baseDir + peopleSubdir + '/' + handle + '/outbox')
-        if not os.path.isdir(baseDir + peopleSubdir + '/' + handle + '/ocap'):
-            os.mkdir(baseDir + peopleSubdir + '/' + handle + '/ocap')
         if not os.path.isdir(baseDir + peopleSubdir + '/' + handle + '/queue'):
             os.mkdir(baseDir + peopleSubdir + '/' + handle + '/queue')
         filename = baseDir + peopleSubdir + '/' + handle + '.json'
@@ -588,7 +586,7 @@ def personLookup(domain: str, path: str, baseDir: str) -> {}:
 def personBoxJson(recentPostsCache: {},
                   session, baseDir: str, domain: str, port: int, path: str,
                   httpPrefix: str, noOfItems: int, boxname: str,
-                  authorized: bool, ocapAlways: bool) -> {}:
+                  authorized: bool) -> {}:
     """Obtain the inbox/outbox/moderation feed for the given person
     """
     if boxname != 'inbox' and boxname != 'dm' and \
@@ -634,38 +632,36 @@ def personBoxJson(recentPostsCache: {},
         return createInbox(recentPostsCache,
                            session, baseDir, nickname, domain, port,
                            httpPrefix,
-                           noOfItems, headerOnly, ocapAlways, pageNumber)
+                           noOfItems, headerOnly, pageNumber)
     elif boxname == 'dm':
         return createDMTimeline(recentPostsCache,
                                 session, baseDir, nickname, domain, port,
                                 httpPrefix,
-                                noOfItems, headerOnly, ocapAlways, pageNumber)
+                                noOfItems, headerOnly, pageNumber)
     elif boxname == 'tlbookmarks' or boxname == 'bookmarks':
         return createBookmarksTimeline(session, baseDir, nickname, domain,
                                        port, httpPrefix,
-                                       noOfItems, headerOnly, ocapAlways,
+                                       noOfItems, headerOnly,
                                        pageNumber)
     elif boxname == 'tlevents':
         return createEventsTimeline(recentPostsCache,
                                     session, baseDir, nickname, domain,
                                     port, httpPrefix,
-                                    noOfItems, headerOnly, ocapAlways,
+                                    noOfItems, headerOnly,
                                     pageNumber)
     elif boxname == 'tlreplies':
         return createRepliesTimeline(recentPostsCache,
                                      session, baseDir, nickname, domain,
                                      port, httpPrefix,
-                                     noOfItems, headerOnly, ocapAlways,
+                                     noOfItems, headerOnly,
                                      pageNumber)
     elif boxname == 'tlmedia':
         return createMediaTimeline(session, baseDir, nickname, domain, port,
-                                   httpPrefix,
-                                   noOfItems, headerOnly, ocapAlways,
+                                   httpPrefix, noOfItems, headerOnly,
                                    pageNumber)
     elif boxname == 'tlblogs':
         return createBlogsTimeline(session, baseDir, nickname, domain, port,
-                                   httpPrefix,
-                                   noOfItems, headerOnly, ocapAlways,
+                                   httpPrefix, noOfItems, headerOnly,
                                    pageNumber)
     elif boxname == 'outbox':
         return createOutbox(session, baseDir, nickname, domain, port,
@@ -682,7 +678,7 @@ def personBoxJson(recentPostsCache: {},
 
 def personInboxJson(recentPostsCache: {},
                     baseDir: str, domain: str, port: int, path: str,
-                    httpPrefix: str, noOfItems: int, ocapAlways: bool) -> []:
+                    httpPrefix: str, noOfItems: int) -> []:
     """Obtain the inbox feed for the given person
     Authentication is expected to have already happened
     """
@@ -719,7 +715,7 @@ def personInboxJson(recentPostsCache: {},
         return None
     return createInbox(recentPostsCache, baseDir, nickname,
                        domain, port, httpPrefix,
-                       noOfItems, headerOnly, ocapAlways, pageNumber)
+                       noOfItems, headerOnly, pageNumber)
 
 
 def setDisplayNickname(baseDir: str, nickname: str, domain: str,

posts.py

@@ -208,7 +208,7 @@ def getPersonBox(baseDir: str, session, wfRequest: {},
         else:
             personUrl = httpPrefix + '://' + domain + '/users/' + nickname
     if not personUrl:
-        return None, None, None, None, None, None, None, None
+        return None, None, None, None, None, None, None
     personJson = \
         getPersonFromCache(baseDir, personUrl, personCache, True)
     if not personJson:
@@ -226,7 +226,7 @@ def getPersonBox(baseDir: str, session, wfRequest: {},
                                  projectVersion, httpPrefix, domain)
             if not personJson:
                 print('Unable to get actor')
-                return None, None, None, None, None, None, None, None
+                return None, None, None, None, None, None, None
     boxJson = None
     if not personJson.get(boxName):
         if personJson.get('endpoints'):
@@ -236,7 +236,7 @@ def getPersonBox(baseDir: str, session, wfRequest: {},
         boxJson = personJson[boxName]
 
     if not boxJson:
-        return None, None, None, None, None, None, None, None
+        return None, None, None, None, None, None, None
 
     personId = None
     if personJson.get('id'):
@@ -255,9 +255,6 @@ def getPersonBox(baseDir: str, session, wfRequest: {},
         if personJson.get('endpoints'):
             if personJson['endpoints'].get('sharedInbox'):
                 sharedInbox = personJson['endpoints']['sharedInbox']
-    capabilityAcquisition = None
-    if personJson.get('capabilityAcquisitionEndpoint'):
-        capabilityAcquisition = personJson['capabilityAcquisitionEndpoint']
     avatarUrl = None
     if personJson.get('icon'):
         if personJson['icon'].get('url'):
@@ -269,7 +266,7 @@ def getPersonBox(baseDir: str, session, wfRequest: {},
     storePersonInCache(baseDir, personUrl, personJson, personCache, True)
 
     return boxJson, pubKeyId, pubKey, personId, sharedInbox, \
-        capabilityAcquisition, avatarUrl, displayName
+        avatarUrl, displayName
 
 
 def getPosts(session, outboxUrl: str, maxPosts: int,
@@ -1061,11 +1058,9 @@ def outboxMessageCreateWrap(httpPrefix: str,
     cc = []
     if messageJson.get('cc'):
         cc = messageJson['cc']
-    capabilityUrl = []
     newPost = {
         "@context": "https://www.w3.org/ns/activitystreams",
         'id': newPostId + '/activity',
-        'capability': capabilityUrl,
         'type': 'Create',
         'actor': httpPrefix + '://' + domain + '/users/' + nickname,
         'published': published,
@@ -1569,7 +1564,7 @@ def threadSendPost(session, postJsonStr: str, federationList: [],
             postResult, unauthorized = \
                 postJsonString(session, postJsonStr, federationList,
                                inboxUrl, signatureHeaderJson,
-                               "inbox:write", debug)
+                               debug)
         except Exception as e:
             print('ERROR: postJsonString failed ' + str(e))
         if unauthorized:
@@ -1654,7 +1649,6 @@ def sendPost(projectVersion: str,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      toPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache,
                                             projectVersion, httpPrefix,
@@ -1772,7 +1766,6 @@ def sendPostViaServer(projectVersion: str,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache,
                                             projectVersion, httpPrefix,
@@ -1838,7 +1831,7 @@ def sendPostViaServer(projectVersion: str,
         }
         postResult = \
             postImage(session, attachImageFilename, [],
-                      inboxUrl, headers, "inbox:write")
+                      inboxUrl, headers)
         if not postResult:
             if debug:
                 print('DEBUG: Failed to upload image')
@@ -1851,7 +1844,7 @@ def sendPostViaServer(projectVersion: str,
     }
     postResult = \
         postJsonString(session, json.dumps(postJsonObject), [],
-                       inboxUrl, headers, "inbox:write", debug)
+                       inboxUrl, headers, debug)
     if not postResult:
         if debug:
             print('DEBUG: POST failed for c2s to '+inboxUrl)
@@ -1983,8 +1976,7 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str,
         postToBox = 'outbox'
 
     # get the actor inbox/outbox for the To handle
-    (inboxUrl, pubKeyId, pubKey, toPersonId, sharedInboxUrl,
-     capabilityAcquisition, avatarUrl,
+    (inboxUrl, pubKeyId, pubKey, toPersonId, sharedInboxUrl, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest,
                                  personCache,
                                  projectVersion, httpPrefix,
@@ -2447,75 +2439,69 @@ def sendToFollowersThread(session, baseDir: str,
 def createInbox(recentPostsCache: {},
                 session, baseDir: str, nickname: str, domain: str, port: int,
                 httpPrefix: str, itemsPerPage: int, headerOnly: bool,
-                ocapAlways: bool, pageNumber=None) -> {}:
+                pageNumber=None) -> {}:
     return createBoxIndexed(recentPostsCache,
                             session, baseDir, 'inbox',
                             nickname, domain, port, httpPrefix,
                             itemsPerPage, headerOnly, True,
-                            ocapAlways, pageNumber)
+                            pageNumber)
 
 
 def createBookmarksTimeline(session, baseDir: str, nickname: str, domain: str,
                             port: int, httpPrefix: str, itemsPerPage: int,
-                            headerOnly: bool, ocapAlways: bool,
-                            pageNumber=None) -> {}:
+                            headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed({}, session, baseDir, 'tlbookmarks',
                             nickname, domain,
                             port, httpPrefix, itemsPerPage, headerOnly,
-                            True, ocapAlways, pageNumber)
+                            True, pageNumber)
 
 
 def createEventsTimeline(recentPostsCache: {},
                          session, baseDir: str, nickname: str, domain: str,
                          port: int, httpPrefix: str, itemsPerPage: int,
-                         headerOnly: bool, ocapAlways: bool,
-                         pageNumber=None) -> {}:
+                         headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed(recentPostsCache, session, baseDir, 'tlevents',
                             nickname, domain,
                             port, httpPrefix, itemsPerPage, headerOnly,
-                            True, ocapAlways, pageNumber)
+                            True, pageNumber)
 
 
 def createDMTimeline(recentPostsCache: {},
                      session, baseDir: str, nickname: str, domain: str,
                      port: int, httpPrefix: str, itemsPerPage: int,
-                     headerOnly: bool, ocapAlways: bool,
-                     pageNumber=None) -> {}:
+                     headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed(recentPostsCache,
                             session, baseDir, 'dm', nickname,
                             domain, port, httpPrefix, itemsPerPage,
-                            headerOnly, True, ocapAlways, pageNumber)
+                            headerOnly, True, pageNumber)
 
 
 def createRepliesTimeline(recentPostsCache: {},
                           session, baseDir: str, nickname: str, domain: str,
                           port: int, httpPrefix: str, itemsPerPage: int,
-                          headerOnly: bool, ocapAlways: bool,
-                          pageNumber=None) -> {}:
+                          headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed(recentPostsCache, session, baseDir, 'tlreplies',
                             nickname, domain, port, httpPrefix,
                             itemsPerPage, headerOnly, True,
-                            ocapAlways, pageNumber)
+                            pageNumber)
 
 
 def createBlogsTimeline(session, baseDir: str, nickname: str, domain: str,
                         port: int, httpPrefix: str, itemsPerPage: int,
-                        headerOnly: bool, ocapAlways: bool,
-                        pageNumber=None) -> {}:
+                        headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed({}, session, baseDir, 'tlblogs', nickname,
                             domain, port, httpPrefix,
                             itemsPerPage, headerOnly, True,
-                            ocapAlways, pageNumber)
+                            pageNumber)
 
 
 def createMediaTimeline(session, baseDir: str, nickname: str, domain: str,
                         port: int, httpPrefix: str, itemsPerPage: int,
-                        headerOnly: bool, ocapAlways: bool,
-                        pageNumber=None) -> {}:
+                        headerOnly: bool, pageNumber=None) -> {}:
     return createBoxIndexed({}, session, baseDir, 'tlmedia', nickname,
                             domain, port, httpPrefix,
                             itemsPerPage, headerOnly, True,
-                            ocapAlways, pageNumber)
+                            pageNumber)
 
 
 def createOutbox(session, baseDir: str, nickname: str, domain: str,
@@ -2530,7 +2516,7 @@ def createOutbox(session, baseDir: str, nickname: str, domain: str,
 
 def createModeration(baseDir: str, nickname: str, domain: str, port: int,
                      httpPrefix: str, itemsPerPage: int, headerOnly: bool,
-                     ocapAlways: bool, pageNumber=None) -> {}:
+                     pageNumber=None) -> {}:
     boxDir = createPersonDir(nickname, domain, baseDir, 'inbox')
     boxname = 'moderation'
 
@@ -2728,8 +2714,7 @@ def createBoxIndex(boxDir: str, postsInBoxDict: {}) -> int:
 
 def createSharedInboxIndex(baseDir: str, sharedBoxDir: str,
                            postsInBoxDict: {}, postsCtr: int,
-                           nickname: str, domain: str,
-                           ocapAlways: bool) -> int:
+                           nickname: str, domain: str) -> int:
     """ Creates an index for the given shared inbox
     """
     handle = nickname + '@' + domain
@@ -2819,7 +2804,7 @@ def createBoxIndexed(recentPostsCache: {},
                      session, baseDir: str, boxname: str,
                      nickname: str, domain: str, port: int, httpPrefix: str,
                      itemsPerPage: int, headerOnly: bool, authorized: bool,
-                     ocapAlways: bool, pageNumber=None) -> {}:
+                     pageNumber=None) -> {}:
     """Constructs the box feed for a person with the given nickname
     """
     if not authorized or not pageNumber:
@@ -2958,10 +2943,6 @@ def createBoxIndexed(recentPostsCache: {},
         except BaseException:
             continue
 
-        # remove any capability so that it's not displayed
-        if p.get('capability'):
-            del p['capability']
-
         # Don't show likes, replies or shares (announces) to
         # unauthorized viewers
         if not authorized:
@@ -3179,7 +3160,6 @@ def getPublicPostsOfPerson(baseDir: str, nickname: str, domain: str,
 
     (personUrl, pubKeyId, pubKey,
      personId, shaedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache,
                                             projectVersion, httpPrefix,
@@ -3225,7 +3205,6 @@ def getPublicPostDomains(session, baseDir: str, nickname: str, domain: str,
 
     (personUrl, pubKeyId, pubKey,
      personId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache,
                                             projectVersion, httpPrefix,
@@ -3728,8 +3707,7 @@ def sendBlockViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest,
                                  personCache,
                                  projectVersion, httpPrefix, fromNickname,
@@ -3751,8 +3729,7 @@ def sendBlockViaServer(baseDir: str, session,
         'Content-type': 'application/json',
         'Authorization': authHeader
     }
-    postResult = postJson(session, newBlockJson, [], inboxUrl,
-                          headers, "inbox:write")
+    postResult = postJson(session, newBlockJson, [], inboxUrl, headers)
     if not postResult:
         print('WARN: Unable to post block')
 
@@ -3817,8 +3794,7 @@ def sendUndoBlockViaServer(baseDir: str, session,
 
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
-     fromPersonId, sharedInbox,
-     capabilityAcquisition, avatarUrl,
+     fromPersonId, sharedInbox, avatarUrl,
      displayName) = getPersonBox(baseDir, session, wfRequest, personCache,
                                  projectVersion, httpPrefix, fromNickname,
                                  fromDomain, postToBox)
@@ -3839,8 +3815,7 @@ def sendUndoBlockViaServer(baseDir: str, session,
         'Content-type': 'application/json',
         'Authorization': authHeader
     }
-    postResult = postJson(session, newBlockJson, [], inboxUrl,
-                          headers, "inbox:write")
+    postResult = postJson(session, newBlockJson, [], inboxUrl, headers)
     if not postResult:
         print('WARN: Unable to post block')
 

roles.py

@@ -291,7 +291,6 @@ def sendRoleViaServer(baseDir: str, session,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session,
                                             wfRequest, personCache,
                                             projectVersion, httpPrefix,
@@ -315,7 +314,7 @@ def sendRoleViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, newRoleJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, newRoleJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to '+inboxUrl)

session.py

@@ -93,16 +93,13 @@ def getJson(session, url: str, headers: {}, params: {},
 
 
 def postJson(session, postJsonObject: {}, federationList: [],
-             inboxUrl: str, headers: {}, capability: str) -> str:
+             inboxUrl: str, headers: {}) -> str:
     """Post a json message to the inbox of another person
-    Supplying a capability, such as "inbox:write"
     """
-    # always allow capability requests
-    if not capability.startswith('cap'):
-        # check that we are posting to a permitted domain
-        if not urlPermitted(inboxUrl, federationList, capability):
-            print('postJson: ' + inboxUrl + ' not permitted')
-            return None
+    # check that we are posting to a permitted domain
+    if not urlPermitted(inboxUrl, federationList):
+        print('postJson: ' + inboxUrl + ' not permitted')
+        return None
 
     try:
         postResult = \
@@ -132,10 +129,8 @@ def postJsonString(session, postJsonStr: str,
                    federationList: [],
                    inboxUrl: str,
                    headers: {},
-                   capability: str,
                    debug: bool) -> (bool, bool):
     """Post a json message string to the inbox of another person
-    Supplying a capability, such as "inbox:write"
     The second boolean returned is true if the send is unauthorized
     NOTE: Here we post a string rather than the original json so that
     conversions between string and json format don't invalidate
@@ -174,16 +169,13 @@ def postJsonString(session, postJsonStr: str,
 
 
 def postImage(session, attachImageFilename: str, federationList: [],
-              inboxUrl: str, headers: {}, capability: str) -> str:
+              inboxUrl: str, headers: {}) -> str:
     """Post an image to the inbox of another person or outbox via c2s
-    Supplying a capability, such as "inbox:write"
     """
-    # always allow capability requests
-    if not capability.startswith('cap'):
-        # check that we are posting to a permitted domain
-        if not urlPermitted(inboxUrl, federationList, capability):
-            print('postJson: ' + inboxUrl + ' not permitted')
-            return None
+    # check that we are posting to a permitted domain
+    if not urlPermitted(inboxUrl, federationList):
+        print('postJson: ' + inboxUrl + ' not permitted')
+        return None
 
     if not (attachImageFilename.endswith('.jpg') or
             attachImageFilename.endswith('.jpeg') or

shares.py

@@ -380,7 +380,6 @@ def sendShareViaServer(baseDir, session,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache, projectVersion,
                                             httpPrefix, fromNickname,
@@ -405,7 +404,7 @@ def sendShareViaServer(baseDir, session,
         postResult = \
             postImage(session, imageFilename, [],
                       inboxUrl.replace('/' + postToBox, '/shares'),
-                      headers, "inbox:write")
+                      headers)
 
     headers = {
         'host': fromDomain,
@@ -413,7 +412,7 @@ def sendShareViaServer(baseDir, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, newShareJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, newShareJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)
@@ -483,7 +482,6 @@ def sendUndoShareViaServer(baseDir: str, session,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache, projectVersion,
                                             httpPrefix, fromNickname,
@@ -506,7 +504,7 @@ def sendUndoShareViaServer(baseDir: str, session,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, undoShareJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, undoShareJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)

skills.py

@@ -152,7 +152,6 @@ def sendSkillViaServer(baseDir: str, session, nickname: str, password: str,
     # get the actor inbox for the To handle
     (inboxUrl, pubKeyId, pubKey,
      fromPersonId, sharedInbox,
-     capabilityAcquisition,
      avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                             personCache, projectVersion,
                                             httpPrefix, nickname, domain,
@@ -175,7 +174,7 @@ def sendSkillViaServer(baseDir: str, session, nickname: str, password: str,
         'Authorization': authHeader
     }
     postResult = \
-        postJson(session, newSkillJson, [], inboxUrl, headers, "inbox:write")
+        postJson(session, newSkillJson, [], inboxUrl, headers)
     if not postResult:
         if debug:
             print('DEBUG: POST announce failed for c2s to ' + inboxUrl)

socnet.py

@@ -65,7 +65,6 @@ def instancesGraph(baseDir: str, handles: str,
 
         (personUrl, pubKeyId, pubKey,
          personId, shaedInbox,
-         capabilityAcquisition,
          avatarUrl, displayName) = getPersonBox(baseDir, session, wfRequest,
                                                 personCache,
                                                 projectVersion, httpPrefix,

tests.py

@@ -239,7 +239,7 @@ def testThreads():
 def createServerAlice(path: str, domain: str, port: int,
                       bobAddress: str, federationList: [],
                       hasFollows: bool, hasPosts: bool,
-                      ocapAlways: bool, sendThreads: []):
+                      sendThreads: []):
     print('Creating test server: Alice on port ' + str(port))
     if os.path.isdir(path):
         shutil.rmtree(path)
@@ -296,7 +296,7 @@ def createServerAlice(path: str, domain: str, port: int,
               "instanceId", False, path, domain,
               onionDomain, i2pDomain, None, port, port,
               httpPrefix, federationList, maxMentions, maxEmoji, False,
-              noreply, nolike, nopics, noannounce, cw, ocapAlways,
+              noreply, nolike, nopics, noannounce, cw,
               proxyType, maxReplies,
               domainMaxPostsPerDay, accountMaxPostsPerDay,
               allowDeletion, True, True, False, sendThreads, False,
@@ -306,7 +306,7 @@ def createServerAlice(path: str, domain: str, port: int,
 def createServerBob(path: str, domain: str, port: int,
                     aliceAddress: str, federationList: [],
                     hasFollows: bool, hasPosts: bool,
-                    ocapAlways: bool, sendThreads: []):
+                    sendThreads: []):
     print('Creating test server: Bob on port ' + str(port))
     if os.path.isdir(path):
         shutil.rmtree(path)
@@ -364,7 +364,7 @@ def createServerBob(path: str, domain: str, port: int,
               "instanceId", False, path, domain,
               onionDomain, i2pDomain, None, port, port,
               httpPrefix, federationList, maxMentions, maxEmoji, False,
-              noreply, nolike, nopics, noannounce, cw, ocapAlways,
+              noreply, nolike, nopics, noannounce, cw,
               proxyType, maxReplies,
               domainMaxPostsPerDay, accountMaxPostsPerDay,
               allowDeletion, True, True, False, sendThreads, False,
@@ -373,7 +373,7 @@ def createServerBob(path: str, domain: str, port: int,
 
 def createServerEve(path: str, domain: str, port: int, federationList: [],
                     hasFollows: bool, hasPosts: bool,
-                    ocapAlways: bool, sendThreads: []):
+                    sendThreads: []):
     print('Creating test server: Eve on port ' + str(port))
     if os.path.isdir(path):
         shutil.rmtree(path)
@@ -406,7 +406,7 @@ def createServerEve(path: str, domain: str, port: int, federationList: [],
               "instanceId", False, path, domain,
               onionDomain, i2pDomain, None, port, port,
               httpPrefix, federationList, maxMentions, maxEmoji, False,
-              noreply, nolike, nopics, noannounce, cw, ocapAlways,
+              noreply, nolike, nopics, noannounce, cw,
               proxyType, maxReplies, allowDeletion, True, True, False,
               sendThreads, False, False)
 
@@ -427,8 +427,6 @@ def testPostMessageBetweenServers():
         shutil.rmtree(baseDir + '/.tests')
     os.mkdir(baseDir + '/.tests')
 
-    ocapAlways = False
-
     # create the servers
     aliceDir = baseDir + '/.tests/alice'
     aliceDomain = '127.0.0.50'
@@ -454,7 +452,7 @@ def testPostMessageBetweenServers():
         threadWithTrace(target=createServerAlice,
                         args=(aliceDir, aliceDomain, alicePort, bobAddress,
                               federationList, False, False,
-                              ocapAlways, aliceSendThreads),
+                              aliceSendThreads),
                         daemon=True)
 
     global thrBob
@@ -468,7 +466,7 @@ def testPostMessageBetweenServers():
         threadWithTrace(target=createServerBob,
                         args=(bobDir, bobDomain, bobPort, aliceAddress,
                               federationList, False, False,
-                              ocapAlways, bobSendThreads),
+                              bobSendThreads),
                         daemon=True)
 
     thrAlice.start()
@@ -687,8 +685,6 @@ def testFollowBetweenServers():
         shutil.rmtree(baseDir + '/.tests')
     os.mkdir(baseDir + '/.tests')
 
-    ocapAlways = False
-
     # create the servers
     aliceDir = baseDir + '/.tests/alice'
     aliceDomain = '127.0.0.47'
@@ -713,7 +709,7 @@ def testFollowBetweenServers():
         threadWithTrace(target=createServerAlice,
                         args=(aliceDir, aliceDomain, alicePort, bobAddress,
                               federationList, False, False,
-                              ocapAlways, aliceSendThreads),
+                              aliceSendThreads),
                         daemon=True)
 
     global thrBob
@@ -727,7 +723,7 @@ def testFollowBetweenServers():
         threadWithTrace(target=createServerBob,
                         args=(bobDir, bobDomain, bobPort, aliceAddress,
                               federationList, False, False,
-                              ocapAlways, bobSendThreads),
+                              bobSendThreads),
                         daemon=True)
 
     thrAlice.start()
@@ -1246,8 +1242,6 @@ def testClientToServer():
         shutil.rmtree(baseDir + '/.tests')
     os.mkdir(baseDir + '/.tests')
 
-    ocapAlways = False
-
     # create the servers
     aliceDir = baseDir + '/.tests/alice'
     aliceDomain = '127.0.0.42'
@@ -1272,7 +1266,7 @@ def testClientToServer():
         threadWithTrace(target=createServerAlice,
                         args=(aliceDir, aliceDomain, alicePort, bobAddress,
                               federationList, False, False,
-                              ocapAlways, aliceSendThreads),
+                              aliceSendThreads),
                         daemon=True)
 
     global thrBob
@@ -1286,7 +1280,7 @@ def testClientToServer():
         threadWithTrace(target=createServerBob,
                         args=(bobDir, bobDomain, bobPort, aliceAddress,
                               federationList, False, False,
-                              ocapAlways, bobSendThreads),
+                              bobSendThreads),
                         daemon=True)
 
     thrAlice.start()

utils.py

@@ -242,7 +242,7 @@ def domainPermitted(domain: str, federationList: []):
     return False
 
 
-def urlPermitted(url: str, federationList: [], capability: str):
+def urlPermitted(url: str, federationList: []):
     if isEvil(url):
         return False
     if not federationList:

webinterface.py

@@ -2650,7 +2650,7 @@ def htmlFooter() -> str:
 def htmlProfilePosts(recentPostsCache: {}, maxRecentPosts: int,
                      translate: {},
                      baseDir: str, httpPrefix: str,
-                     authorized: bool, ocapAlways: bool,
+                     authorized: bool,
                      nickname: str, domain: str, port: int,
                      session, wfRequest: {}, personCache: {},
                      projectVersion: str,
@@ -2671,8 +2671,7 @@ def htmlProfilePosts(recentPostsCache: {}, maxRecentPosts: int,
                           str(currPage),
                           httpPrefix,
                           10, 'outbox',
-                          authorized,
-                          ocapAlways)
+                          authorized)
         if not outboxFeed:
             break
         if len(outboxFeed['orderedItems']) == 0:
@@ -2700,7 +2699,7 @@ def htmlProfilePosts(recentPostsCache: {}, maxRecentPosts: int,
 
 
 def htmlProfileFollowing(translate: {}, baseDir: str, httpPrefix: str,
-                         authorized: bool, ocapAlways: bool,
+                         authorized: bool,
                          nickname: str, domain: str, port: int,
                          session, wfRequest: {}, personCache: {},
                          followingJson: {}, projectVersion: str,
@@ -2930,7 +2929,7 @@ def htmlProfile(defaultTimeline: str,
                 recentPostsCache: {}, maxRecentPosts: int,
                 translate: {}, projectVersion: str,
                 baseDir: str, httpPrefix: str, authorized: bool,
-                ocapAlways: bool, profileJson: {}, selected: str,
+                profileJson: {}, selected: str,
                 session, wfRequest: {}, personCache: {},
                 YTReplacementDomain: str,
                 extraJson=None,
@@ -3190,14 +3189,14 @@ def htmlProfile(defaultTimeline: str,
                 htmlProfilePosts(recentPostsCache, maxRecentPosts,
                                  translate,
                                  baseDir, httpPrefix, authorized,
-                                 ocapAlways, nickname, domain, port,
+                                 nickname, domain, port,
                                  session, wfRequest, personCache,
                                  projectVersion,
                                  YTReplacementDomain) + licenseStr
         if selected == 'following':
             profileStr += \
                 htmlProfileFollowing(translate, baseDir, httpPrefix,
-                                     authorized, ocapAlways, nickname,
+                                     authorized, nickname,
                                      domain, port, session,
                                      wfRequest, personCache, extraJson,
                                      projectVersion, ["unfollow"], selected,
@@ -3205,7 +3204,7 @@ def htmlProfile(defaultTimeline: str,
         if selected == 'followers':
             profileStr += \
                 htmlProfileFollowing(translate, baseDir, httpPrefix,
-                                     authorized, ocapAlways, nickname,
+                                     authorized, nickname,
                                      domain, port, session,
                                      wfRequest, personCache, extraJson,
                                      projectVersion, ["block"],
@@ -3247,7 +3246,6 @@ def individualFollowAsHtml(translate: {},
     if domain not in followUrl:
         (inboxUrl, pubKeyId, pubKey,
          fromPersonId, sharedInbox,
-         capabilityAcquisition,
          avatarUrl2, displayName) = getPersonBox(baseDir, session, wfRequest,
                                                  personCache, projectVersion,
                                                  httpPrefix, nickname,
@@ -4101,7 +4099,6 @@ def individualPostAsHtml(allowDownloads: bool,
     if fullDomain not in postActor:
         (inboxUrl, pubKeyId, pubKey,
          fromPersonId, sharedInbox,
-         capabilityAcquisition,
          avatarUrl2, displayName) = getPersonBox(baseDir, session, wfRequest,
                                                  personCache,
                                                  projectVersion, httpPrefix,