[feature] Set, receive, and enforce interaction policies for likes, replies, and boosts of statuses

[tsmethurst]

Description

If this is a code change, please include a summary of what you've coded, and link to the issue(s) it closes/implements.

If this is a documentation change, please briefly describe what you've changed and why.

This pull request implements per-status interaction policy settings, as well as per-visibility default policies for accounts, using the gtsmodels merged in #3075 and the changes to our activity library in #3074.

Work-in-progress documentation for how the policies work on a protocol level can be viewed here: https://github.com/superseriousbusiness/gotosocial/blob/interaction_policy/docs/federation/posts.md#interaction-policy

Sub-tasks:

AP API

• serialize interaction policies on outgoing statuses
• deserialize interaction policies on incoming statuses
• serialize approvedBy on outgoing interactions
• deserialize and validate approvedBy on incoming interactions
• process incoming Approve messages and update interactions accordingly
• enforce policies by dropping unpermitted activities, and marking approval required activities appropriately
• send outgoing pending-approval interactions only to the inbox of the Actor they target
• when receiving a valid Approve, redistribute pending activity it approves
• serve "Accept"s via GET requests to the fedi API so remotes can validate our Accepts

Client API

• serialize interaction policies per status
• view default policies
• set default policies
• allow users to view pending interactions created by them
• allow users to view pending interactions targeting them
• allow users to approve pending replies "implicitly" by interacting with them
• allow users to explicitly approve or deny pending interactions targeting them

Processing / other

• store interactions as pending approval when created via the fromclientAPI processor
• do not timeline new items pending approval
• Update visibility model to not show interactions pending approval except to interacter and interactee
• Add permissions filter in filter package and use it to check permissions

Settings panel

• Section to view and set default policies.
• Section to view pending interactions created by user
• Section to view pending interactions targeting user
• Deny / approve interactions

Documentation

• Document protocol additions
• Document interaction settings in user manual

Closes #3057

Checklist

Please put an x inside each checkbox to indicate that you've read and followed it: [ ] -> [x]

If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want).

• I/we have read the GoToSocial contribution guidelines.
• I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
• I/we have not leveraged AI to create the proposed changes.
• I/we have performed a self-review of added code.
• I/we have written code that is legible and maintainable by others.
• I/we have commented the added code, particularly in hard-to-understand areas.
• I/we have made any necessary changes to documentation.
• I/we have added tests that cover new code.
• I/we have run tests and they pass locally with the changes.
• I/we have run go fmt ./... and golangci-lint run.

[tsmethurst]

Changed this from a noop worker because it's useful on the testrig to have side-effects be processed.

[tsmethurst]

This is just a silly fix for something I noticed while I was in this package. I can move it to another PR if desired.

[NyaaaWhatsUpDoc]

is it possible to separate this into maybe a few more parts? e.g. separating out the frontend API routes, the filter parts etc?

[tsmethurst]

Yes probably! I'll have a crack at splitting it into smaller chunks.

[tsmethurst]

Gonna open this as a series of smaller PRs, hang tight.