Dereference objects wherever possible

2018-09-27 20:45:03 -04:00 · 2018-09-27 20:45:03 -04:00 · 185070df16
commit 185070df16
parent 263ab187ab
6 changed files with 68 additions and 30 deletions
--- a/includes/server/deliver.php
+++ b/includes/server/deliver.php
@ -18,6 +18,7 @@ function deliver_activity( $activity ) {
    }
    $recipients = array_unique( $recipients );
    if ( array_key_exists( 'actor', $activity ) ) {
+        $actor = \util\dereference_object( $activity['actor'] );
        $recipients = remove_actor_inbox_from_recipients( $activity['actor'], $recipients );
    }
    $activity = \activities\strip_private_fields( $activity );
--- a/includes/server/followers.php
+++ b/includes/server/followers.php
@ -3,6 +3,7 @@ namespace followers;

 require_once plugin_dir_path( __FILE__ ) . 'actors.php';
 require_once plugin_dir_path( __FILE__ ) . 'objects.php';
+require_once plugin_dir_path( __FILE__ ) . '../util.php';

 function add_follower( $actor_slug, $follower ) {
    global $wpdb;
@ -14,6 +15,7 @@ function add_follower( $actor_slug, $follower ) {
            array( 'status' => 404 )
        );
    }
+    $follower = \util\dereference_object( $follower );
    if ( !array_key_exists( 'id', $follower ) ) {
        return new \WP_Error(
            'invalid_object',
@ -45,6 +47,7 @@ function remove_follower( $actor_slug, $follower ) {
            array( 'status' => 404 )
        );
    }
+    $follower = \util\dereference_object( $follower );
    if ( !array_key_exists( 'id', $follower ) ) {
        return new \WP_Error(
            'invalid_object',
--- a/includes/server/inbox.php
+++ b/includes/server/inbox.php
@ -20,8 +20,10 @@ require_once plugin_dir_path( __FILE__ ) . 'activities/accept.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/reject.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/announce.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/undo.php';
+require_once plugin_dir_path( __FILE__ ) . '../util.php';

 function handle_activity( $actor_slug, $activity ) {
+    $activity = \util\dereference_object( $activity );
    if ( !array_key_exists( 'type', $activity ) ) {
        return new \WP_Error(
            'invalid_activity',
--- a/includes/server/objects.php
+++ b/includes/server/objects.php
@ -1,11 +1,17 @@
 <?php
 namespace objects;

+require_once plugin_dir_path( __FILE__ ) . '../util.php';
+
 // TODO for 'post' objects, store a post id instead of the full post text,
 // then hydrate the text on read

 function create_local_object( $object ) {
    global $wpdb;
+    $object = \util\dereference_object( $object );
+    if ( is_wp_error( $object ) ) {
+        return $object;
+    }
    if ( !array_key_exists( 'type', $object) ) {
        return new \WP_Error(
            'invalid_object',
@ -51,6 +57,10 @@ function create_local_object( $object ) {

 function upsert_object( $object ) {
    global $wpdb;
+    $object = \util\dereference_object( $object );
+    if ( is_wp_error( $object ) ) {
+        return $object;
+    }
    if ( !array_key_exists( 'id', $object ) ) {
        return new \WP_Error(
            'invalid_object',
@ -116,6 +126,10 @@ function upsert_object( $object ) {

 function update_object( $object ) {
    global $wpdb;
+    $object = \util\dereference_object( $object );
+    if ( is_wp_error( $object ) ) {
+        return $object;
+    }
    if ( !array_key_exists( 'id', $object ) ) {
        return new \WP_Error(
            'invalid_object',
@ -185,6 +199,10 @@ function get_object_id( $activitypub_id ) {

 function delete_object( $object ) {
    global $wpdb;
+    $object = \util\dereference_object( $object );
+    if ( is_wp_error( $object ) ) {
+        return $object;
+    }
    if ( !array_key_exists( 'id', $object ) ) {
        return new \WP_Error(
            'invalid_object',
@ -240,22 +258,14 @@ function make_tombstone( $object ) {
 }

 function is_local_object( $object ) {
-    if ( is_array( $object ) ) {
-        if ( array_key_exists( 'id', $object ) ) {
-            $parsed = parse_url( $object['id'] );
-            if ( $parsed ) {
-                $site_host = parse_url( get_site_url() )['host'];
-                return $parsed['host'] === $site_host;
-            }
-        } else {
-            return false;
-        }
-    } else {
-        $parsed = parse_url( $object );
-        if ( $parsed ) {
-            $site_host = parse_url( get_site_url() )['host'];
-            return $parsed['host'] === $site_host;
-        }
+    $url = \util\get_id( $object );
+    if ( !$url ) {
+        return false;
+    }
+    $parsed = parse_url( $url );
+    if ( $parsed ) {
+        $site_host = parse_url( get_site_url() )['host'];
+        return $parsed['host'] === $site_host;
    }
    return false;
 }
--- a/includes/server/outbox.php
+++ b/includes/server/outbox.php
@ -22,9 +22,14 @@ require_once plugin_dir_path( __FILE__ ) . 'activities/like.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/follow.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/block.php';
 require_once plugin_dir_path( __FILE__ ) . 'activities/undo.php';
+require_once plugin_dir_path( __FILE__ ) . '../util.php';

 function handle_activity( $actor_slug, $activity ) {
    // TODO handle authentication/authorization
+    $activity = \util\dereference_object( $activity );
+    if ( is_wp_error( $activity ) ) {
+        return $activity;
+    }
    if ( !array_key_exists( 'type', $activity ) ) {
        return new \WP_Error(
            'invalid_activity',
--- a/includes/util.php
+++ b/includes/util.php
@ -5,23 +5,23 @@ namespace util;
 // (this is anywhere I access a field on an object, basically)

 function dereference_object( $object ) {
+    return dereference_object_helper( $object, 0 );
+}
+
+function dereference_object_helper( $object, $depth ) {
+    if ( $depth === 30 ) {
+        return $object;
+    }
    if ( is_array( $object ) ) {
+        if ( array_key_exists( 'type', $object ) &&
+             $object['type'] === 'Link' &&
+             array_key_exists( 'href', $object ) &&
+             filter_var( $object['href'], FILTER_VALIDATE_URL ) ) {
+            return get_object_from_url( $object['href'], $depth );
+        }
        return $object;
    } else if ( filter_var( $object, FILTER_VALIDATE_URL ) ) {
-        $response = wp_remote_get( $object );
-        if ( is_wp_error( $response ) ) {
-            return $response;
-        }
-        $body = wp_remote_retrieve_body( $response );
-        if ( empty( $body ) ) {
-            return new \WP_Error(
-                'not_found',
-                __( 'The object did not dereference to a valid object', 'pterotype' ),
-                array( 'status' => 404 )
-            );
-        }
-        $body_array = json_decode( $body, true );
-        return $body_array;
+        return get_object_from_url( $object, $depth );
    } else {
        return new \WP_Error(
            'invalid_object',
@ -31,6 +31,23 @@ function dereference_object( $object ) {
    }
 }

+function get_object_from_url( $url, $depth ) {
+    $response = wp_remote_get( $url );
+    if ( is_wp_error( $response ) ) {
+        return $response;
+    }
+    $body = wp_remote_retrieve_body( $response );
+    if ( empty( $body ) ) {
+        return new \WP_Error(
+            'not_found',
+            __( 'The object did not dereference to a valid object', 'pterotype' ),
+            array( 'status' => 404 )
+        );
+    }
+    $body_array = json_decode( $body, true );
+    return dereference_object_helper( $body_array, $depth + 1 );
+}
+
 function is_same_object( $object1, $object2 ) {
    return get_id( $object1 ) === get_id( $object2 );
 }