From e496fd473fd71f2deda0b3a8265e6e03a4e6b4c7 Mon Sep 17 00:00:00 2001
From: multiple creatures <dev@multiple-creature.party>
Date: Thu, 8 Aug 2019 10:50:36 -0500
Subject: [PATCH] default to reject unknown policy for new servers

---
 app/services/activitypub/process_account_service.rb | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb
index 7579579f3..dd19db485 100644
--- a/app/services/activitypub/process_account_service.rb
+++ b/app/services/activitypub/process_account_service.rb
@@ -2,6 +2,7 @@
 
 class ActivityPub::ProcessAccountService < BaseService
   include JsonLdHelper
+  include LogHelper
 
   # Should be called with confirmed valid JSON
   # and WebFinger-resolved username and domain
@@ -21,7 +22,10 @@ class ActivityPub::ProcessAccountService < BaseService
         @old_public_key = @account&.public_key
 
         is_new_account = @account.nil?
-        create_account if is_new_account
+        if is_new_account
+          set_reject_unknown_policy
+          create_account
+        end
         update_account
         update_account_domain_blocks if is_new_account
         process_tags
@@ -98,6 +102,13 @@ class ActivityPub::ProcessAccountService < BaseService
     @account.moved_to_account  = @json['movedTo'].present? ? moved_account : nil
   end
 
+  def set_reject_unknown_policy
+    unless Account.where(domain: @domain).exists? || DomainBlock.where(domain: @domain).exists?
+      policy = DomainBlock.create!(domain: @domain, severity: :noop, reject_unknown: true)
+      user_friendly_action_log(nil, :mark_unknown, @domain)
+    end
+  end
+
   def after_key_change!
     RefollowWorker.perform_async(@account.id)
   end