Add logging for rejected ActivityPub payloads and add tests (mastodon#10062)

Author: Gargron

app/lib/activitypub/activity.rb

@@ -180,4 +180,9 @@ def followed_by_local_accounts?
   def requested_through_relay?
     @options[:relayed_through_account] && Relay.find_by(inbox_url: @options[:relayed_through_account].inbox_url)&.enabled?
   end
+
+  def reject_payload!
+    Rails.logger.info("Rejected #{@json['type']} activity #{@json['id']} from #{@account.uri}#{@options[:relayed_through_account] && "via #{@options[:relayed_through_account].uri}"}")
+    nil
+  end
 end

app/lib/activitypub/activity/announce.rb

@@ -2,9 +2,11 @@
 
 class ActivityPub::Activity::Announce < ActivityPub::Activity
   def perform
+    return reject_payload! if delete_arrived_first?(@json['id']) || !related_to_local_activity?
+
     original_status = status_from_object
 
-    return if original_status.nil? || delete_arrived_first?(@json['id']) || !announceable?(original_status) || !related_to_local_activity?
+    return reject_payload! if original_status.nil? || !announceable?(original_status)
 
     status = Status.find_by(account: @account, reblog: original_status)
 

app/lib/activitypub/activity/create.rb

@@ -2,7 +2,7 @@
 
 class ActivityPub::Activity::Create < ActivityPub::Activity
   def perform
-    return if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?
+    return reject_payload! if unsupported_object_type? || invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?
 
     RedisLock.acquire(lock_options) do |lock|
       if lock.acquired?

spec/lib/activitypub/activity/announce_spec.rb

@@ -18,16 +18,63 @@
   subject { described_class.new(json, sender) }
 
   before do
-    Fabricate(:account).follow!(sender)
     sender.update(uri: ActivityPub::TagManager.instance.uri_for(sender))
   end
 
   describe '#perform' do
-    before do
-      subject.perform
+    context 'when sender is followed by a local account' do
+      before do
+        Fabricate(:account).follow!(sender)
+        subject.perform
+      end
+
+      context 'a known status' do
+        let(:object_json) do
+          ActivityPub::TagManager.instance.uri_for(status)
+        end
+
+        it 'creates a reblog by sender of status' do
+          expect(sender.reblogged?(status)).to be true
+        end
+      end
+
+      context 'self-boost of a previously unknown status with missing attributedTo' do
+        let(:object_json) do
+          {
+            id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
+            type: 'Note',
+            content: 'Lorem ipsum',
+            to: 'http://example.com/followers',
+          }
+        end
+
+        it 'creates a reblog by sender of status' do
+          expect(sender.reblogged?(sender.statuses.first)).to be true
+        end
+      end
+
+      context 'self-boost of a previously unknown status with correct attributedTo' do
+        let(:object_json) do
+          {
+            id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
+            type: 'Note',
+            content: 'Lorem ipsum',
+            attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
+            to: 'http://example.com/followers',
+          }
+        end
+
+        it 'creates a reblog by sender of status' do
+          expect(sender.reblogged?(sender.statuses.first)).to be true
+        end
+      end
     end
 
-    context 'a known status' do
+    context 'when the status belongs to a local user' do
+      before do
+        subject.perform
+      end
+
       let(:object_json) do
         ActivityPub::TagManager.instance.uri_for(status)
       end
@@ -37,34 +84,68 @@
       end
     end
 
-    context 'self-boost of a previously unknown status with missing attributedTo' do
-      let(:object_json) do
-        {
-          id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
-          type: 'Note',
-          content: 'Lorem ipsum',
-          to: 'http://example.com/followers',
-        }
+    context 'when the sender is relayed' do
+      let!(:relay_account) { Fabricate(:account, inbox_url: 'https://relay.example.com/inbox') }
+      let!(:relay) { Fabricate(:relay, inbox_url: 'https://relay.example.com/inbox') }
+
+      subject { described_class.new(json, sender, relayed_through_account: relay_account) }
+
+      context 'and the relay is enabled' do
+        before do
+          relay.update(state: :accepted)
+          subject.perform
+        end
+
+        let(:object_json) do
+          {
+            id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
+            type: 'Note',
+            content: 'Lorem ipsum',
+            to: 'http://example.com/followers',
+          }
+        end
+
+        it 'creates a reblog by sender of status' do
+          expect(sender.statuses.count).to eq 2
+        end
       end
 
-      it 'creates a reblog by sender of status' do
-        expect(sender.reblogged?(sender.statuses.first)).to be true
+      context 'and the relay is disabled' do
+        before do
+          subject.perform
+        end
+
+        let(:object_json) do
+          {
+            id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
+            type: 'Note',
+            content: 'Lorem ipsum',
+            to: 'http://example.com/followers',
+          }
+        end
+
+        it 'does not create anything' do
+          expect(sender.statuses.count).to eq 0
+        end
       end
     end
 
-    context 'self-boost of a previously unknown status with correct attributedTo' do
+    context 'when the sender has no relevance to local activity' do
+      before do
+        subject.perform
+      end
+
       let(:object_json) do
         {
           id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
           type: 'Note',
           content: 'Lorem ipsum',
-          attributedTo: ActivityPub::TagManager.instance.uri_for(sender),
           to: 'http://example.com/followers',
         }
       end
 
-      it 'creates a reblog by sender of status' do
-        expect(sender.reblogged?(sender.statuses.first)).to be true
+      it 'does not create anything' do
+        expect(sender.statuses.count).to eq 0
       end
     end
   end