mirror of
https://github.com/stoatchat/stoatchat.git
synced 2026-07-14 05:26:59 +00:00
feat: block mentions from low trust users (account created < 12 hours)
This commit is contained in:
@@ -212,6 +212,7 @@ impl Message {
|
||||
author: MessageAuthor<'_>,
|
||||
mut idempotency: IdempotencyKey,
|
||||
generate_embeds: bool,
|
||||
allow_mentions: bool,
|
||||
) -> Result<Message> {
|
||||
let config = config().await;
|
||||
|
||||
@@ -272,10 +273,12 @@ impl Message {
|
||||
|
||||
// Parse mentions in message.
|
||||
let mut mentions = HashSet::new();
|
||||
if let Some(content) = &data.content {
|
||||
for capture in RE_MENTION.captures_iter(content) {
|
||||
if let Some(mention) = capture.get(1) {
|
||||
mentions.insert(mention.as_str().to_string());
|
||||
if allow_mentions {
|
||||
if let Some(content) = &data.content {
|
||||
for capture in RE_MENTION.captures_iter(content) {
|
||||
if let Some(mention) = capture.get(1) {
|
||||
mentions.insert(mention.as_str().to_string());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -292,7 +295,7 @@ impl Message {
|
||||
for ReplyIntent { id, mention } in entries {
|
||||
let message = db.fetch_message(&id).await?;
|
||||
|
||||
if mention {
|
||||
if mention && allow_mentions {
|
||||
mentions.insert(message.author.to_owned());
|
||||
}
|
||||
|
||||
|
||||
@@ -444,6 +444,26 @@ impl<'a> DatabasePermissionQuery<'a> {
|
||||
..self
|
||||
}
|
||||
}
|
||||
|
||||
/// Access the underlying user
|
||||
pub fn user_ref(&self) -> &Option<Cow<User>> {
|
||||
&self.user
|
||||
}
|
||||
|
||||
/// Access the underlying server
|
||||
pub fn channel_ref(&self) -> &Option<Cow<Channel>> {
|
||||
&self.channel
|
||||
}
|
||||
|
||||
/// Access the underlying server
|
||||
pub fn server_ref(&self) -> &Option<Cow<Server>> {
|
||||
&self.server
|
||||
}
|
||||
|
||||
/// Access the underlying member
|
||||
pub fn member_ref(&self) -> &Option<Cow<Member>> {
|
||||
&self.member
|
||||
}
|
||||
}
|
||||
|
||||
/// Short-hand for creating a permission calculator
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
use chrono::{Duration, Utc};
|
||||
use revolt_database::util::permissions::DatabasePermissionQuery;
|
||||
use revolt_database::{
|
||||
util::idempotency::IdempotencyKey, util::reference::Reference, Database, User,
|
||||
@@ -61,6 +62,23 @@ pub async fn message_send(
|
||||
interactions.validate(db, &permissions).await?;
|
||||
}
|
||||
|
||||
// Disallow mentions for new users (TRUST-0: <12 hours age) in public servers
|
||||
let allow_mentions = if let Some(server) = query.server_ref() {
|
||||
if server.discoverable {
|
||||
if (Utc::now() - ulid::Ulid::from_string(&user.id).unwrap().datetime())
|
||||
< Duration::hours(12)
|
||||
{
|
||||
false
|
||||
} else {
|
||||
true
|
||||
}
|
||||
} else {
|
||||
true
|
||||
}
|
||||
} else {
|
||||
true
|
||||
};
|
||||
|
||||
// Create the message
|
||||
let author: v0::User = user.clone().into(db, Some(&user)).await;
|
||||
Ok(Json(
|
||||
@@ -71,6 +89,7 @@ pub async fn message_send(
|
||||
v0::MessageAuthor::User(&author),
|
||||
idempotency,
|
||||
permissions.has_channel_permission(ChannelPermission::SendEmbeds),
|
||||
allow_mentions,
|
||||
)
|
||||
.await?
|
||||
.into(),
|
||||
|
||||
@@ -60,6 +60,7 @@ pub async fn webhook_execute(
|
||||
v0::MessageAuthor::Webhook(&webhook.into()),
|
||||
idempotency,
|
||||
true,
|
||||
true,
|
||||
)
|
||||
.await?
|
||||
.into(),
|
||||
|
||||
Reference in New Issue
Block a user