From 3f97137e3f540b776b615c966d6016238322d965 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sun, 7 Jul 2019 23:06:46 +0100
Subject: [PATCH] Add some capabilities

---
 capabilities.py | 44 ++++++++++++++++++++++++++++++++++++++++++++
 inbox.py        |  3 ++-
 2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/capabilities.py b/capabilities.py
index d1f4c3ae..38efc70a 100644
--- a/capabilities.py
+++ b/capabilities.py
@@ -34,6 +34,50 @@ def getOcapFilename(baseDir :str,nickname: str,domain: str,actor :str,subdir: st
         
     return baseDir+'/accounts/'+nickname+'@'+domain+'/ocap/'+subdir+'/'+actor.replace('/','#')+'.json'
 
+def CapablePost(postJson: {}, capabilityList: [], debug :bool) -> bool:
+    """Determines whether a post arriving in the inbox
+    should be accepted accoring to the list of capabilities
+    """
+    if postJson.get('type'):
+        # No announces/repeats
+        if postJson['type']=='Announce':
+            if 'inbox:noannounce' in capabilityList:
+                if debug:
+                    print('DEBUG: inbox post rejected because inbox:noannounce')
+                return False
+        # No likes
+        if postJson['type']=='Like':
+            if 'inbox:nolike' in capabilityList:
+                if debug:
+                    print('DEBUG: inbox post rejected because inbox:nolike')
+                return False
+        if postJson['type']=='Create':
+            if postJson.get('object'):
+                # Does this have a reply?
+                if postJson['object'].get('inReplyTo'):
+                    if postJson['object']['inReplyTo']:
+                        if 'inbox:noreply' in capabilityList:
+                            if debug:
+                                print('DEBUG: inbox post rejected because inbox:noreply')
+                            return False
+                # are content warnings enforced?
+                if postJson['object'].get('sensitive'):
+                    if not postJson['object']['sensitive']:
+                        if 'inbox:cw' in capabilityList:
+                            if debug:
+                                print('DEBUG: inbox post rejected because inbox:cw')
+                            return False
+                # content warning must have non-zero summary
+                if postJson['object'].get('summary'):
+                    if len(postJson['object']['summary'])<2:
+                        if 'inbox:cw' in capabilityList:
+                            if debug:
+                                print('DEBUG: inbox post rejected because inbox:cw, summary missing')
+                            return False                        
+    if 'inbox:write' in capabilityList:
+        return True
+    return True
+
 def capabilitiesRequest(baseDir: str,httpPrefix: str,domain: str, \
                         requestedActor: str, \
                         requestedCaps=["inbox:write","objects:read"]) -> {}:
diff --git a/inbox.py b/inbox.py
index 253b7ee7..eb965064 100644
--- a/inbox.py
+++ b/inbox.py
@@ -25,6 +25,7 @@ from cache import getPersonFromCache
 from cache import storePersonInCache
 from acceptreject import receiveAcceptReject
 from capabilities import getOcapFilename
+from capabilities import CapablePost
 
 def getPersonPubKey(session,personUrl: str,personCache: {},debug: bool) -> str:
     if not personUrl:
@@ -217,7 +218,7 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [],cache
                         os.remove(queueFilename)
                         queue.pop(0)
                         continue
-                    if 'inbox:write' not in oc['capability']:
+                    if not CapablePost(queueJson['post'],oc['capability'],debug):
                         if debug:
                             print('DEBUG: insufficient capabilities to write to inbox from '+ \
                                   queueJson['post']['actor'])