activitypub 0.4.3 → 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e07c19938d44be1b64a307808cce4aa7d75034fc3df547c2554164692ba423a8
4
- data.tar.gz: 96671de06f1cb30a6b37529b985a4a8f82bb49136018f29919ed5e61df89021c
3
+ metadata.gz: 259eb9ee62ae1fdd8155792569764c2ed1725755463cdf97ad3ec1807bdcf88a
4
+ data.tar.gz: b8758711d3bdd3eafe0747c7f16f279634f87ee67ad4c6ce3e18fada660a2648
5
5
  SHA512:
6
- metadata.gz: '07290f328de7cf87742c570d345d790b0aefed8eac1b1de5d294b5f00c04fcc9f2f3865ea838aa7347fab0d1a23413cf4adf5dcfba697c463d710513d0b579bb'
7
- data.tar.gz: 9077e1a93d5e442547b7ddb38e108d84a9d6141ffd0dc798babfa3b061b82885fbb37bfc10a1c7d02cd08d5ec0982da87252cfb5796cc2f1f3c5967de50883fb
6
+ metadata.gz: d38fe32f27c42f7ff652cbafdb7a97506d963bed70c94d49782da0a44396232b2236e0965bb08547928f73c7fcb9b232461cef384f051d51dd4000f1f22f6fd1
7
+ data.tar.gz: 0a3c78633eae0eaf5a7f74c5cb424de24e4f0148c10209de6da8e2f956c3ed1e563cedda71c79c7a14bb19284b6081526d6a1d244f42a37069b435439b6fa586
@@ -6,11 +6,11 @@ module ActivityPub
6
6
  class Error < StandardError; end
7
7
 
8
8
 
9
- def self.from_json(json)
10
- from_hash(JSON.parse(json))
9
+ def self.from_json(json, resolver: nil)
10
+ from_hash(JSON.parse(json), resolver:)
11
11
  end
12
12
 
13
- def self.from_hash(h)
13
+ def self.from_hash(h, resolver: nil)
14
14
  type = h&.dig("type")
15
15
 
16
16
  raise Error, "'type' attribute is required" if !type
@@ -21,6 +21,7 @@ module ActivityPub
21
21
  klass = ActivityPub.const_get(type)
22
22
 
23
23
  ob = klass ? klass.new : nil
24
+ ob._resolver = resolver
24
25
 
25
26
  # FIXME: Useful for debug. Add flag to allow enabling.
26
27
  # ob.instance_variable_set("@_raw",h)
@@ -42,6 +43,7 @@ module ActivityPub
42
43
 
43
44
  if t = klass.ap_types[attr]
44
45
  v = t.new(v) if v && !v.kind_of?(ActivityPub::Base)
46
+ v._resolver = ob._resolver if v
45
47
  end
46
48
  ob.instance_variable_set("@#{attr}", v) if !v.nil?
47
49
  end
@@ -57,6 +59,8 @@ module ActivityPub
57
59
  def _context = @_context || "https://www.w3.org/ns/activitystreams"
58
60
  def _type = self.class.name.split("::").last
59
61
 
62
+ attr_accessor :_resolver
63
+
60
64
 
61
65
  # FIXME: Allow specifying a type (e.g. URI)
62
66
  def self.ap_attr(name, type=nil)
@@ -0,0 +1,47 @@
1
+
2
+ require 'uri'
3
+ require 'faraday'
4
+
5
+ # Classes to resolve URI's into objects.
6
+
7
+
8
+ module ActivityPub
9
+
10
+ class WebResolver
11
+ def self.call(path)
12
+ response = Faraday.get(path, {}, {"Accept": "application/activity+json"})
13
+ if response.status == 200
14
+ ActivityPub.from_json(response.body)
15
+ else
16
+ response
17
+ end
18
+ end
19
+ end
20
+
21
+ #
22
+ # UnsafeResolver supports filesystem references. It's named as it is to make
23
+ # you stop and think. If you load remote objects and allow the use of UnsafeResolver,
24
+ # it *will* try to load things from your filesystem. If you subsequently
25
+ # allow access to that data in ways that are not strictly controlled, you run
26
+ # the risk of a security hole.
27
+ #
28
+ # A future version will likely allow containing this to specific paths,
29
+ # but currently it makes *NO ATTEMPTS* to sanitise paths, so paths including
30
+ # ".." etc. will allow filesystem traversal.
31
+ #
32
+ class UnsafeResolver
33
+ def initialize(base)
34
+ @base = File.expand_path(base)
35
+ end
36
+
37
+ def call(path)
38
+ path = File.expand_path(path,@base)
39
+ raise "Illegal path" if path[0...@base.length] != @base
40
+ if File.exist?(path)
41
+ data = File.read(path)
42
+ return ActivityPub.from_json(data)
43
+ end
44
+ WebResolver.call(path)
45
+ end
46
+ end
47
+ end
@@ -238,8 +238,8 @@ module ActivityPub
238
238
 
239
239
  # Mastodon extension per
240
240
  # https://docs-p.joinmastodon.org/spec/activitypub/#extensions
241
- ap_attr :likes
242
- ap_attr :bookmarks
241
+ ap_attr :likes, URI
242
+ ap_attr :bookmarks, URI
243
243
  ap_attr :manuallyApprovesFollowers
244
244
  end
245
245
 
@@ -1,23 +1,20 @@
1
1
 
2
- require 'uri'
3
- require 'faraday'
2
+ require_relative 'resolvers'
4
3
 
5
4
  module ActivityPub
6
5
  class URI
7
- def initialize(href)
6
+ attr_accessor :_resolver
7
+
8
+ def initialize(href, resolver: nil)
8
9
  @href = href
10
+ @_resolver = resolver || WebResolver
9
11
  end
10
12
 
11
13
  def to_s = @href
12
14
  def to_json(...) = @href
13
15
 
14
16
  def get
15
- response = Faraday.get(self.to_s, {}, {"Accept": "application/activity+json"})
16
- if response.status == 200
17
- ActivityPub.from_json(response.body)
18
- else
19
- response
20
- end
17
+ @_resolver&.call(self.to_s)
21
18
  end
22
19
  end
23
20
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ActivityPub
4
- VERSION = "0.4.3"
4
+ VERSION = "0.5.1"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activitypub
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Vidar Hokstad
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-07-17 00:00:00.000000000 Z
11
+ date: 2024-07-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: webfinger
@@ -40,6 +40,7 @@ files:
40
40
  - examples/get_actor.rb
41
41
  - lib/activitypub.rb
42
42
  - lib/activitypub/base.rb
43
+ - lib/activitypub/resolvers.rb
43
44
  - lib/activitypub/types.rb
44
45
  - lib/activitypub/uri.rb
45
46
  - lib/activitypub/version.rb