Instance allow list for receiving DMs

main
Bob Mottram 2021-04-22 10:27:20 +01:00
parent dcb5e4d2dd
commit 702fa3167f
2 changed files with 46 additions and 22 deletions

View File

@ -11,6 +11,7 @@ import os
import datetime
import time
from linked_data_sig import verifyJsonSignature
from utils import dmAllowedFromDomain
from utils import isRecentPost
from utils import getConfigParam
from utils import hasUsersPath
@ -2466,28 +2467,32 @@ def _inboxAfterInitial(recentPostsCache: {}, maxRecentPosts: int,
if not isFollowingActor(baseDir,
nickname, domain,
sendH):
# send back a bounce DM
if postJsonObject.get('id') and \
postJsonObject.get('object'):
# don't send bounces back to
# replies to bounce messages
obj = postJsonObject['object']
if isinstance(obj, dict):
if not obj.get('inReplyTo'):
senderPostId = \
postJsonObject['id']
_bounceDM(senderPostId,
session, httpPrefix,
baseDir,
nickname, domain,
port, sendH,
federationList,
sendThreads, postLog,
cachedWebfingers,
personCache,
translate, debug,
lastBounceMessage)
return False
# DMs may always be allowed from some domains
if not dmAllowedFromDomain(baseDir,
nickname, domain,
sendingActorDomain):
# send back a bounce DM
if postJsonObject.get('id') and \
postJsonObject.get('object'):
# don't send bounces back to
# replies to bounce messages
obj = postJsonObject['object']
if isinstance(obj, dict):
if not obj.get('inReplyTo'):
senderPostId = \
postJsonObject['id']
_bounceDM(senderPostId,
session, httpPrefix,
baseDir,
nickname, domain,
port, sendH,
federationList,
sendThreads, postLog,
cachedWebfingers,
personCache,
translate, debug,
lastBounceMessage)
return False
# dm index will be updated
updateIndexList.append('dm')

View File

@ -2203,3 +2203,22 @@ def loadTranslationsFromFile(baseDir: str, language: str) -> ({}, str):
translationsFile = baseDir + '/translations/' + \
systemLanguage + '.json'
return loadJson(translationsFile), systemLanguage
def dmAllowedFromDomain(baseDir: str,
nickname: str, domain: str,
sendingActorDomain: str):
"""When a DM is received and the .followDMs flag file exists
Then optionally some domains can be specified as allowed,
regardless of individual follows.
i.e. Mostly you only want DMs from followers, but there are
a few particular instances that you trust
"""
dmAllowedDomainsFilename = \
baseDir + '/accounts/' + \
nickname + '@' + domain + '/dmAllowedDomains.txt'
if not os.path.isfile(dmAllowedDomainsFilename):
return False
if sendingActorDomain + '\n' in open(dmAllowedDomainsFilename).read():
return True
return False