Topic removal from a category/community
Technical Discussion
29
Posts
5
Posters
126
Views
-
Hey rimu@piefed.social question to you about post removal...
If a remote user posts to a local community, and the local mod deletes it (let's say it's spam of off topic), does the local community federate a delete out?
Technically you're not deleting the content, just removing it from the community.
Is there a different action Piefed takes?
Yes, a Delete activity is sent to all instances with actors that follow the category/community. Those instances then delete their local copy. In Lemmy/PieFed there is no distinction between deletion and removal.
The deletes are soft so it is possible to un-delete by sending an Undo activity. PieFed keeps soft-deleted posts (topics, in NodeBB language) for a few days then after a week deletes the content from the database.
All of these activities are enclosed in an
Announceand the http POST is signed using the community key. So in a way the content 'belongs' to the community, not to the original author. With that model of ownership the idea of removal redundant - a post without a community is not a post.Tangentially - it would be good to come up with a way to move a topic to another category and federate that so the move can happen on other instances, too. We could go off-piste and create a
Moveactivity, or useRemove(from old topic/comm) followed byAdd(to new topic/comm) to do the same thing. I feel more inclined to go withMoveas it's a single atomic operation that either succeeds or fails, despite it not being in the spec.The AP spec is so badly stretched by various implementation-specific differences that I don't think it's worth being ideological about adherence to it it anymore.
-
Yes, a Delete activity is sent to all instances with actors that follow the category/community. Those instances then delete their local copy. In Lemmy/PieFed there is no distinction between deletion and removal.
The deletes are soft so it is possible to un-delete by sending an Undo activity. PieFed keeps soft-deleted posts (topics, in NodeBB language) for a few days then after a week deletes the content from the database.
All of these activities are enclosed in an
Announceand the http POST is signed using the community key. So in a way the content 'belongs' to the community, not to the original author. With that model of ownership the idea of removal redundant - a post without a community is not a post.Tangentially - it would be good to come up with a way to move a topic to another category and federate that so the move can happen on other instances, too. We could go off-piste and create a
Moveactivity, or useRemove(from old topic/comm) followed byAdd(to new topic/comm) to do the same thing. I feel more inclined to go withMoveas it's a single atomic operation that either succeeds or fails, despite it not being in the spec.The AP spec is so badly stretched by various implementation-specific differences that I don't think it's worth being ideological about adherence to it it anymore.
There are lots of other uses for
Move. A community whole could move instances, a user could move instances, etc. -
There are lots of other uses for
Move. A community whole could move instances, a user could move instances, etc.Yeah you're right,
Movehas some prior art for account migrations so it's worth some thinking through.I'd like to work together on this though. I'm working through context ownership and inheritance first, but once that FEP is drafted I can move on to this.
-
Yes, a Delete activity is sent to all instances with actors that follow the category/community. Those instances then delete their local copy. In Lemmy/PieFed there is no distinction between deletion and removal.
The deletes are soft so it is possible to un-delete by sending an Undo activity. PieFed keeps soft-deleted posts (topics, in NodeBB language) for a few days then after a week deletes the content from the database.
All of these activities are enclosed in an
Announceand the http POST is signed using the community key. So in a way the content 'belongs' to the community, not to the original author. With that model of ownership the idea of removal redundant - a post without a community is not a post.Tangentially - it would be good to come up with a way to move a topic to another category and federate that so the move can happen on other instances, too. We could go off-piste and create a
Moveactivity, or useRemove(from old topic/comm) followed byAdd(to new topic/comm) to do the same thing. I feel more inclined to go withMoveas it's a single atomic operation that either succeeds or fails, despite it not being in the spec.The AP spec is so badly stretched by various implementation-specific differences that I don't think it's worth being ideological about adherence to it it anymore.
rimu@piefed.social said in Topic removal from a category/community:
> All of these activities are enclosed in an Announce and the http POST is signed using the community key. So in a way the content 'belongs' to the community, not to the original author.Oh that's right! That makes sense. Having the community sign the activity (and the
Announcewrapper) would effectively differentiate it from a simple author-initiated content deletion.The impetus for this question was that occasionally I will move topics out of a category for being off topic. Federated copies don't see this change reflected, so both Move and Delete are things I want to federate out in lockstep with Piefed and Lemmy.
-
Yes, a Delete activity is sent to all instances with actors that follow the category/community. Those instances then delete their local copy. In Lemmy/PieFed there is no distinction between deletion and removal.
The deletes are soft so it is possible to un-delete by sending an Undo activity. PieFed keeps soft-deleted posts (topics, in NodeBB language) for a few days then after a week deletes the content from the database.
All of these activities are enclosed in an
Announceand the http POST is signed using the community key. So in a way the content 'belongs' to the community, not to the original author. With that model of ownership the idea of removal redundant - a post without a community is not a post.Tangentially - it would be good to come up with a way to move a topic to another category and federate that so the move can happen on other instances, too. We could go off-piste and create a
Moveactivity, or useRemove(from old topic/comm) followed byAdd(to new topic/comm) to do the same thing. I feel more inclined to go withMoveas it's a single atomic operation that either succeeds or fails, despite it not being in the spec.The AP spec is so badly stretched by various implementation-specific differences that I don't think it's worth being ideological about adherence to it it anymore.
@rimu Still, I think it would be nice to deprecate
Deleteand slowly migrate toRemove(target: context), since both PieFed and Lemmy implement the context collection now.My server rejects
Deleteif its actor is different from object's owner, and I have to treatAnnounce(Delete)as a special case where the normal processing logic doesn't apply. -
@rimu Still, I think it would be nice to deprecate
Deleteand slowly migrate toRemove(target: context), since both PieFed and Lemmy implement the context collection now.My server rejects
Deleteif its actor is different from object's owner, and I have to treatAnnounce(Delete)as a special case where the normal processing logic doesn't apply.Possibly although the differences of federation between the threadiverse and the rest of the fediverse go way beyond deletes. FEP 1b12 is a whole thing, chipping away at it piece by piece would be slow going.
-
Possibly although the differences of federation between the threadiverse and the rest of the fediverse go way beyond deletes. FEP 1b12 is a whole thing, chipping away at it piece by piece would be slow going.
Personally I think 1b12 doesn't need to be changed or hacked around. It doesn't specifically call for federating out deletes so I'd think any solution we come up with together would work with that FEP, not go against it.
cc silverpill@mitra.social (if your app notifies you of new replies without a direct mention I'll stop tagging you too)
-
Personally I think 1b12 doesn't need to be changed or hacked around. It doesn't specifically call for federating out deletes so I'd think any solution we come up with together would work with that FEP, not go against it.
cc silverpill@mitra.social (if your app notifies you of new replies without a direct mention I'll stop tagging you too)
I also think that backfill will have a side effect of connecting the threadiverse and the rest of the fediverse.
Exposing context collections will mean consumers will be able to see both *verses. Once Mastodon starts consuming them I predict you will start seeing much more engagement from the microblogs.
The same would apply if Piefed or Lemmy begin consuming them as well.
That is an angle I had not even considered until now!
-
Personally I think 1b12 doesn't need to be changed or hacked around. It doesn't specifically call for federating out deletes so I'd think any solution we come up with together would work with that FEP, not go against it.
cc silverpill@mitra.social (if your app notifies you of new replies without a direct mention I'll stop tagging you too)
if your app notifies you of new replies without a direct mention I'll stop tagging you too
Inclusion in
toorccis enough to generate a notification. -
Possibly although the differences of federation between the threadiverse and the rest of the fediverse go way beyond deletes. FEP 1b12 is a whole thing, chipping away at it piece by piece would be slow going.
rimu@piefed.social silverpill@mitra.social I gave this a bit more thought and I am coming around to the idea that
Removecould work.I am assuming that when Piefed sends
Announce(Delete(Object))this is only understood by Piefed? Not Lemmy (and certainly not NodeBB, yet)...In that case, a move to a simpler
Remove(target: context)signed and acted on by the community actor, would send a more explicit message that the object was removed from the community.The "1b12-speaking" portion of it would be an
Undo(Announce(Create)), although once again I am not even sure if that action is understood by Piefed/Lemmy. -
only understood by Piefed? Not Lemmy
No, that's a Lemmy thing too.
-
only understood by Piefed? Not Lemmy
No, that's a Lemmy thing too.
Oh okay. I wasn't sure about that since I don't think it's documented in the FEP, though it's been awhile since I've given it a read through.
-
only understood by Piefed? Not Lemmy
No, that's a Lemmy thing too.
rimu@piefed.social Do you send the
Undo(Announce(Create))as well for microblog compatibility? -
Looks like for Mastodon we just do a bare
Delete. -
Looks like for Mastodon we just do a bare
Delete.rimu@piefed.social got it, thanks. How do you reconcile the Delete coming from outside your domain? I would figure Mastodon would drop those Deletes.
Edit: that was confusing wording... I mean — how do you sign a Delete for an object that doesn't belong to your instance?
-
We only federate the deletion if it is in one of our local communities.
The activity is signed by the person who did it, so if Mastodon detects that the person deleting is not the author and doesn't know how to find out if someone is a moderator or not, that's their problem.
Mastodon has been dropping the ball on groups support for years so I didn't even bother to find out if they handle it well - I bet they don't.
-
We only federate the deletion if it is in one of our local communities.
The activity is signed by the person who did it, so if Mastodon detects that the person deleting is not the author and doesn't know how to find out if someone is a moderator or not, that's their problem.
Mastodon has been dropping the ball on groups support for years so I didn't even bother to find out if they handle it well - I bet they don't.
so if Mastodon detects that the person deleting is not the author and doesn’t know how to find out if someone is a moderator or not, that’s their problem.
It is not their problem. If your actor
Deletes an object that is owned by a different server, then your implementation of ActivityPub standard is incorrect:https://www.w3.org/TR/activitypub/#delete-activity-inbox
The side effect of receiving this is that (assuming the
objectis owned by the sending actor / server) the server receiving the delete activity SHOULD remove its representation of the object with the sameid -
so if Mastodon detects that the person deleting is not the author and doesn’t know how to find out if someone is a moderator or not, that’s their problem.
It is not their problem. If your actor
Deletes an object that is owned by a different server, then your implementation of ActivityPub standard is incorrect:https://www.w3.org/TR/activitypub/#delete-activity-inbox
The side effect of receiving this is that (assuming the
objectis owned by the sending actor / server) the server receiving the delete activity SHOULD remove its representation of the object with the sameidI think
Announce(Delete(Object))skirts around that, though. Maybe not if you're being technical about it, but the shape of the activity is different enough to mean something else in 1b12-land:- A community/group-actor announced a
Delete - The object may or may not belong to the same domain as the community/group-actor or
Deleteactor - Verify that the community/group-actor and
Deleteactor are same-origin (might not need this if cross-instance moderation is a thing) - Verify that the
Deleteactor is a moderator of the community/group-actor as per 1b12
- A community/group-actor announced a
-
@julian @rimu No, when one object is embedded in another, it doesn't change its behavior. A
Deleteactivity wrapped inAnnouncedoesn't mean something else, it exists as an independent object that can be fetched by itsid.The invalid
Deleteactivity worked for Lemmy only because they didn't care about federation with non-forum software. But it can't work in the multi-app network without ugly hacks like checking remote server's NodeInfo. -
@julian @rimu No, when one object is embedded in another, it doesn't change its behavior. A
Deleteactivity wrapped inAnnouncedoesn't mean something else, it exists as an independent object that can be fetched by itsid.The invalid
Deleteactivity worked for Lemmy only because they didn't care about federation with non-forum software. But it can't work in the multi-app network without ugly hacks like checking remote server's NodeInfo.Perhaps resolvable contexts can be a solution for this then.
I have been implementing topic deletion logic in NodeBB, and while I can send out
Announce(Delete(Object))whereObjectis the root-level post, it occasionally would send outDeletes where the sender is not the owner of the object. This is the 1b12-speaking logic.In 7888-speaking logic,
Objectwould be the local context collection. A receiver would be able to resolve the context URL to the appropriate local representation and delete it as needed. This would also satisfy the "sender needs to own the object" constraint.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Yes, I think I like the idea of clients being able to store data on the server however they like. It reminds me of this description of ATProto that I found recently: https://overreacted.io/a-social-filesystem/
I guess my question is: once I store my custom stuff in custom places on my server, how do I publish this so other people can find?
And, object IDs are usually defined by the server. So how would it work to say "create a collection named XYZ and add this object to it"?
-
@benpate @silverpill in a client managed followers collection i would Add you to my followers just like fedi instances currently do silently. "but how can you prove--" yes exactly, how can current fedi prove anyone is a follower either? you need the Follow+Accept pair to both be live without an Undo on either, right? and that's what leads to the "follow state machine" on fedi that drifts out of sync and leads to private posts being leaked to removed followers (which you can't officially do!)
-
@benpate @silverpill @mariusor none of the IDs should have any semantics; from the outside, there is no distinction between a client managed or server managed collection. likes/shares/etc could be managed by a "client" like mastodon, or even a "default" one. it's not any more complex unless you want to vary the collection responses based on the request headers. for that you need a minimal dynamic layer with an access control policy of some sort. (WAC is the simplest, but ACP is more powerful)
-
I e*love* this idea- especially in principle. I say that because I’m having a hard time wrapping my head around this and how it would be used in practice.
Do you think you could post an example workflow (or three) to demonstrate how this would work?
I get that objects could be added to client-defined collections (very cool) but if object/collection IDs don’t have predefined semantics, how will I know where to look to get the data I need?
-
> The thanks was for your input with regards to collection management.
@silverpill of course, sorry for the misunderstanding. Doubly so, for forgetting Mitra is Rust, I remembered it to be Python. :D
And yes, the difficulty is indeed in massaging JSON-LD documents into strongly typed data that are meaningful for library consumers. However I've not despaired yet... there's light at the end of that boring tunnel. :P
-
@julian It looks simple on the surface, but in reality it is much more complicated than a non-generic server. In addition to activity transfer, generic server needs to maintain collections. First of all, a followers collection, which is often used as a delivery target. Then likes, shares etc. It needs to enforce permissions, to prevent actors on the same server from deleting each other posts.
This is doable if you only care about activities defined in ActivityPub. But then you want to introduce context collection. And then 50 other extensions. How to do that without special-casing every one of them?
This is where duck typing (FEP-2277) and unified security model (FEP-fe34) become really handy. No matter what the client sends, you can figure out what it is (an object, an actor, or a collection), and enforce permissions.
-
@silverpill@mitra.social I find it curious that this needs to be spelled out in an FEP.
Isn't a generic AP server one that ingests anything and shoves it into the outbox... like a mail transfer agent?
... then delivers it dutifully?
I mean, sure, you can do stuff in between, like spam detection, blocklists, etc etc etc...
My quick read through of the FEP (and it was quick, because it was a short FEP :stuck_out_tongue:) seems to confirm this.
-
@silverpill lol, based on the "claims" at the begining, why do I feel like the "thanks" at the end should be in quotations?
Also I take umbrage with calling what I've been doing for the past 8 years as "being not difficult to build nor an interesting concept". I feel like you, and other developers having the benefit of dynamically typed programming languages, underestimate how that can be worked into robust APIs when you're limited by less versatile stacks.
