feat: handle Update(Note) when object has limited visibility, #12834

src/activitypub/inbox.js

@@ -10,6 +10,7 @@ const posts = require('../posts');
 const topics = require('../topics');
 const categories = require('../categories');
 const notifications = require('../notifications');
+const messaging = require('../messaging');
 const flags = require('../flags');
 const api = require('../api');
 const activitypub = require('.');
@@ -63,7 +64,8 @@ inbox.create = async (req) => {
 	const { object } = req.body;
 
 	// Alternative logic for non-public objects
-	if (![...object.to, ...object.cc].includes(activitypub._constants.publicAddress)) {
+	const isPublic = [...object.to, ...object.cc].includes(activitypub._constants.publicAddress);
+	if (!isPublic) {
 		return await activitypub.notes.assertPrivate(object);
 	}
 
@@ -76,11 +78,7 @@ inbox.create = async (req) => {
 
 inbox.update = async (req) => {
 	const { actor, object } = req.body;
-
-	// Temporary, reject non-public notes.
-	if (![...object.to, ...object.cc].includes(activitypub._constants.publicAddress)) {
-		throw new Error('[[error:activitypub.not-implemented]]');
-	}
+	const isPublic = [...object.to, ...object.cc].includes(activitypub._constants.publicAddress);
 
 	// Origin checking
 	const actorHostname = new URL(actor).hostname;
@@ -91,19 +89,39 @@ inbox.update = async (req) => {
 
 	switch (object.type) {
 		case 'Note': {
-			const exists = await posts.exists(object.id);
+			const [isNote, isMessage] = await Promise.all([
+				posts.exists(object.id),
+				messaging.messageExists(object.id),
+			]);
+
 			try {
-				if (exists) {
-					const postData = await activitypub.mocks.post(object);
-					await posts.edit(postData);
-					const isDeleted = await posts.getPostField(object.id, 'deleted');
-					if (isDeleted) {
-						await api.posts.restore({ uid: actor }, { pid: object.id });
+				switch (true) {
+					case isNote: {
+						const postData = await activitypub.mocks.post(object);
+						await posts.edit(postData);
+						const isDeleted = await posts.getPostField(object.id, 'deleted');
+						if (isDeleted) {
+							await api.posts.restore({ uid: actor }, { pid: object.id });
+						}
+						break;
 					}
-				} else {
-					const asserted = await activitypub.notes.assert(0, object.id);
-					if (asserted) {
-						announce(object.id, req.body);
+
+					case isMessage: {
+						const roomId = await messaging.getMessageField(object.id, 'roomId');
+						await messaging.editMessage(actor, object.id, roomId, object.content);
+						break;
+					}
+
+					default: {
+						if (!isPublic) {
+							return await activitypub.notes.assertPrivate(object);
+						}
+
+						const asserted = await activitypub.notes.assert(0, object.id);
+						if (asserted) {
+							announce(object.id, req.body);
+						}
+						break;
 					}
 				}
 			} catch (e) {

src/api/activitypub.js

@@ -301,7 +301,7 @@ activitypubApi.update.privateNote = enabledCheck(async (caller, { messageObj })
 		object,
 	};
 
-	await activitypub.send('uid', messageObj.fromuid, targets, payload);
+	await activitypub.send('uid', caller.uid, targets, payload);
 });
 
 activitypubApi.delete = {};

src/messaging/edit.js

@@ -6,6 +6,7 @@ const user = require('../user');
 const plugins = require('../plugins');
 const api = require('../api');
 const privileges = require('../privileges');
+const utils = require('../utils');
 
 const sockets = require('../socket.io');
 
@@ -37,7 +38,7 @@ module.exports = function (Messaging) {
 				messages: messages,
 			});
 
-			if (!isPublic) {
+			if (!isPublic && utils.isNumber(messages[0].fromuid)) {
 				api.activitypub.update.privateNote({ uid: messages[0].fromuid }, { messageObj: messages[0] });
 			}
 		}

src/messaging/notifications.js

@@ -82,7 +82,8 @@ module.exports = function (Messaging) {
 		try {
 			await Promise.all([
 				sendNotification(fromUid, roomId, messageObj),
-				!isPublic ? api.activitypub.create.privateNote({ uid: fromUid }, { messageObj }) : null,
+				!isPublic && utils.isNumber(fromUid) ?
+					api.activitypub.create.privateNote({ uid: fromUid }, { messageObj }) : null,
 			]);
 		} catch (err) {
 			winston.error(`[messaging/notifications] Unabled to send notification\n${err.stack}`);