mj-saunders
/
epicyon
forked from indymedia/epicyon
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't allow federated deletes by default

master
Bob Mottram 2019-07-17 19:13:45 +01:00
parent 787b15f227
commit 58c213256c
5 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -387,10 +387,10 @@ python3 epicyon.py --nickname [yournick] --domain [name] \
## Delete posts
To delete a post you must first know its url. It is usually something like:
To delete a post which you wrote you must first know its url. It is usually something like:
``` text
https://domain/users/name/statuses/number
https://yourDomain/users/yourNickname/statuses/number
```
Once you know that they you can use the command:
@ -402,9 +402,9 @@ python3 epicyon.py --nickname [yournick] --domain [name] \
Deletion of posts in a federated system is not always reliable. Some instances may not implement deletion, and this may be because of the possibility of spurious deletes being sent by an adversary to cause trouble.
To disallow deletion requests by unauthenticated people on your server set the **--nodeletion** option.
By default federated deletions are not permitted because of the potential for misuse. If you wish to enable it then set the option **--allowdeletion**.
Another complication is that the followers collection may change between the time when a post was created and the time it was deleted, leaving some stranded copies.
Another complication of federated deletion is that the followers collection may change between the time when a post was created and the time it was deleted, leaving some stranded copies.
## Announcements/repeats/boosts

6
daemon.py
View File

@ -814,7 +814,7 @@ def runDaemon(clientToServer: bool,baseDir: str,domain: str, \
noannounce=False,cw=False,ocapAlways=False, \
useTor=False,maxReplies=64, \
domainMaxPostsPerDay=8640,accountMaxPostsPerDay=8640, \
nodeletion=False,debug=False) -> None:
allowDeletion=False,debug=False) -> None:
if len(domain)==0:
domain='localhost'
if '.' not in domain:
@ -847,7 +847,7 @@ def runDaemon(clientToServer: bool,baseDir: str,domain: str, \
httpd.ocapAlways=ocapAlways
httpd.maxMessageLength=5000
httpd.maxImageSize=10*1024*1024
httpd.nodeletion=nodeletion
httpd.allowDeletion=nodeletion
httpd.acceptedCaps=["inbox:write","objects:read"]
if noreply:
httpd.acceptedCaps.append('inbox:noreply')
@ -872,7 +872,7 @@ def runDaemon(clientToServer: bool,baseDir: str,domain: str, \
domain,port,useTor,httpd.federationList, \
httpd.ocapAlways,maxReplies, \
domainMaxPostsPerDay,accountMaxPostsPerDay, \
nodeletion,debug,httpd.acceptedCaps),daemon=True)
allowDeletion,debug,httpd.acceptedCaps),daemon=True)
httpd.thrInboxQueue.start()
if clientToServer:
print('Running ActivityPub client on ' + domain + ' port ' + str(port))

4
epicyon.py
View File

@ -164,7 +164,7 @@ parser.add_argument('--message', dest='message', type=str,default=None, \
help='Message content')
parser.add_argument('--delete', dest='delete', type=str,default=None, \
help='Delete a specified post')
parser.add_argument("--nodeletion", type=str2bool, nargs='?', \
parser.add_argument("--allowdeletion", type=str2bool, nargs='?', \
const=True, default=False, \
help="Do not allow deletions")
parser.add_argument('--repeat','--announce', dest='announce', type=str,default=None, \
@ -779,4 +779,4 @@ runDaemon(args.client,baseDir,domain,port,httpPrefix, \
args.noannounce,args.cw,ocapAlways, \
useTor,args.maxReplies, \
args.domainMaxPostsPerDay,args.accountMaxPostsPerDay, \
args.nodeletion,debug)
args.allowDeletion,debug)

10
inbox.py
View File

@ -823,7 +823,7 @@ def inboxAfterCapabilities(session,keyId: str,handle: str,messageJson: {}, \
federationList: [],ocapAlways: bool,debug: bool, \
acceptedCaps: [],
queueFilename :str,destinationFilename :str,
maxReplies: int,nodeletion: bool) -> bool:
maxReplies: int,allowDeletion: bool) -> bool:
""" Anything which needs to be done after capabilities checks have passed
"""
if receiveLike(session,handle, \
@ -877,7 +877,7 @@ def inboxAfterCapabilities(session,keyId: str,handle: str,messageJson: {}, \
print('DEBUG: Undo announce accepted from '+keyId)
return False
if not nodeletion:
if allowDeletion:
if receiveDelete(session,handle, \
baseDir,httpPrefix, \
domain,port, \
@ -916,7 +916,7 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \
domain: str,port: int,useTor: bool,federationList: [], \
ocapAlways: bool,maxReplies: int, \
domainMaxPostsPerDay: int,accountMaxPostsPerDay: int, \
nodeletion: bool,debug: bool, \
allowDeletion: bool,debug: bool, \
acceptedCaps=["inbox:write","objects:read"]) -> None:
"""Processes received items and moves them to
the appropriate directories
@ -1179,7 +1179,7 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \
federationList,ocapAlways, \
debug,acceptedCaps, \
queueFilename,destination, \
maxReplies,nodeletion)
maxReplies,allowDeletion)
else:
if debug:
print('DEBUG: object capabilities check failed')
@ -1196,7 +1196,7 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \
federationList,ocapAlways, \
debug,acceptedCaps, \
queueFilename,destination, \
maxReplies,nodeletion)
maxReplies,allowDeletion)
if debug:
print('DEBUG: object capabilities check failed')

12
tests.py
View File

@ -151,7 +151,7 @@ def createServerAlice(path: str,domain: str,port: int,federationList: [], \
maxReplies=64
domainMaxPostsPerDay=1000
accountMaxPostsPerDay=1000
nodeletion=False
allowDeletion=True
privateKeyPem,publicKeyPem,person,wfEndpoint= \
createPerson(path,nickname,domain,port,httpPrefix,True,password)
deleteAllPosts(path,nickname,domain,'inbox')
@ -180,7 +180,7 @@ def createServerAlice(path: str,domain: str,port: int,federationList: [], \
noreply,nolike,nopics,noannounce,cw,ocapAlways, \
useTor,maxReplies, \
domainMaxPostsPerDay,accountMaxPostsPerDay, \
nodeletion,True)
allowDeletion,True)
def createServerBob(path: str,domain: str,port: int,federationList: [], \
hasFollows: bool,hasPosts :bool,ocapAlways :bool):
@ -203,7 +203,7 @@ def createServerBob(path: str,domain: str,port: int,federationList: [], \
maxReplies=64
domainMaxPostsPerDay=1000
accountMaxPostsPerDay=1000
nodeletion=False
allowDeletion=False
privateKeyPem,publicKeyPem,person,wfEndpoint= \
createPerson(path,nickname,domain,port,httpPrefix,True,password)
deleteAllPosts(path,nickname,domain,'inbox')
@ -232,7 +232,7 @@ def createServerBob(path: str,domain: str,port: int,federationList: [], \
noreply,nolike,nopics,noannounce,cw,ocapAlways, \
useTor,maxReplies, \
domainMaxPostsPerDay,accountMaxPostsPerDay, \
nodeletion,True)
allowDeletion,True)
def createServerEve(path: str,domain: str,port: int,federationList: [], \
hasFollows: bool,hasPosts :bool,ocapAlways :bool):
@ -252,7 +252,7 @@ def createServerEve(path: str,domain: str,port: int,federationList: [], \
noannounce=False
cw=False
maxReplies=64
nodeletion=False
allowDeletion=True
privateKeyPem,publicKeyPem,person,wfEndpoint= \
createPerson(path,nickname,domain,port,httpPrefix,True,password)
deleteAllPosts(path,nickname,domain,'inbox')
@ -262,7 +262,7 @@ def createServerEve(path: str,domain: str,port: int,federationList: [], \
print('Server running: Eve')
runDaemon(False,path,domain,port,httpPrefix,federationList, \
noreply,nolike,nopics,noannounce,cw,ocapAlways, \
useTor,maxReplies,nodeletion,True)
useTor,maxReplies,allowDeletion,True)
def testPostMessageBetweenServers():
print('Testing sending message from one server to the inbox of another')