From 7ad5f8d3c0a02d4b2e93d605403ac6d8558244ec Mon Sep 17 00:00:00 2001
From: Oneric <oneric@oneric.stub>
Date: Wed, 18 Dec 2024 01:07:31 +0100
Subject: [PATCH] object_validators: only query relevant table for object

Most of them actually only accept either activities or a
non-activity object later; querying both is then a waste
of resources and may create false positives.
---
 .../activity_pub/object_validators/common_validations.ex    | 6 +++++-
 .../web/activity_pub/object_validators/delete_validator.ex  | 5 ++++-
 .../activity_pub/object_validators/emoji_react_validator.ex | 2 +-
 .../web/activity_pub/object_validators/like_validator.ex    | 2 +-
 .../web/activity_pub/object_validators/undo_validator.ex    | 2 +-
 5 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
index be5074348..f28cdca92 100644
--- a/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/common_validations.ex
@@ -54,10 +54,14 @@ def validate_actor_presence(cng, options \\ []) do
   def validate_object_presence(cng, options \\ []) do
     field_name = Keyword.get(options, :field_name, :object)
     allowed_types = Keyword.get(options, :allowed_types, false)
+    allowed_categories = Keyword.get(options, :allowed_object_categores, [:object, :activity])
 
     cng
     |> validate_change(field_name, fn field_name, object_id ->
-      object = Object.get_cached_by_ap_id(object_id) || Activity.get_by_ap_id(object_id)
+      object =
+        (:object in allowed_categories && Object.get_cached_by_ap_id(object_id)) ||
+          (:activity in allowed_categories && Activity.get_by_ap_id(object_id)) ||
+          nil
 
       cond do
         !object ->
diff --git a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
index a08e8ebe0..2dcb9a5d6 100644
--- a/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/delete_validator.ex
@@ -61,7 +61,10 @@ defp validate_data(cng) do
     |> validate_inclusion(:type, ["Delete"])
     |> validate_delete_actor(:actor)
     |> validate_modification_rights()
-    |> validate_object_or_user_presence(allowed_types: @deletable_types)
+    |> validate_object_or_user_presence(
+      allowed_types: @deletable_types,
+      allowed_object_categories: [:object]
+    )
     |> add_deleted_activity_id()
   end
 
diff --git a/lib/pleroma/web/activity_pub/object_validators/emoji_react_validator.ex b/lib/pleroma/web/activity_pub/object_validators/emoji_react_validator.ex
index bda67feee..9cafeeb14 100644
--- a/lib/pleroma/web/activity_pub/object_validators/emoji_react_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/emoji_react_validator.ex
@@ -129,7 +129,7 @@ defp validate_data(data_cng) do
     |> validate_inclusion(:type, ["EmojiReact"])
     |> validate_required([:id, :type, :object, :actor, :context, :to, :cc, :content])
     |> validate_actor_presence()
-    |> validate_object_presence()
+    |> validate_object_presence(allowed_object_categories: [:object])
     |> validate_emoji()
     |> maybe_validate_tag_presence()
   end
diff --git a/lib/pleroma/web/activity_pub/object_validators/like_validator.ex b/lib/pleroma/web/activity_pub/object_validators/like_validator.ex
index 35e000d72..44bb0c238 100644
--- a/lib/pleroma/web/activity_pub/object_validators/like_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/like_validator.ex
@@ -66,7 +66,7 @@ defp validate_data(data_cng) do
     |> validate_inclusion(:type, ["Like"])
     |> validate_required([:id, :type, :object, :actor, :context, :to, :cc])
     |> validate_actor_presence()
-    |> validate_object_presence()
+    |> validate_object_presence(allowed_object_categories: [:object])
     |> validate_existing_like()
   end
 
diff --git a/lib/pleroma/web/activity_pub/object_validators/undo_validator.ex b/lib/pleroma/web/activity_pub/object_validators/undo_validator.ex
index 703643e3f..06516f6c7 100644
--- a/lib/pleroma/web/activity_pub/object_validators/undo_validator.ex
+++ b/lib/pleroma/web/activity_pub/object_validators/undo_validator.ex
@@ -44,7 +44,7 @@ defp validate_data(data_cng) do
     |> validate_inclusion(:type, ["Undo"])
     |> validate_required([:id, :type, :object, :actor, :to, :cc])
     |> validate_undo_actor(:actor)
-    |> validate_object_presence()
+    |> validate_object_presence(allowed_object_categories: [:activity])
     |> validate_undo_rights()
   end