[chore] Refactor AP authentication, other small bits of tidying up (#1874)

2025-06-05 21:59:39 +02:00 · 2023-06-13 16:47:56 +02:00
parent 433b56d2f9
commit 24fbdf2b0a
38 changed files with 1280 additions and 996 deletions
--- a/internal/api/activitypub/users/inboxpost_test.go
+++ b/internal/api/activitypub/users/inboxpost_test.go
@ -517,6 +517,31 @@ func (suite *InboxPostTestSuite) TestPostFromBlockedAccount() {
 	)
 }

+func (suite *InboxPostTestSuite) TestPostFromBlockedAccountToOtherAccount() {
+	var (
+		requestingAccount = suite.testAccounts["remote_account_1"]
+		targetAccount     = suite.testAccounts["local_account_1"]
+		activity          = suite.testActivities["reply_to_turtle_for_turtle"]
+		statusURI         = "http://fossbros-anonymous.io/users/foss_satan/statuses/2f1195a6-5cb0-4475-adf5-92ab9a0147fe"
+	)
+
+	// Post an reply to turtle to ZORK from remote account.
+	// Turtle blocks the remote account but is only tangentially
+	// related to this POST request. The response will indicate
+	// accepted but the post won't actually be processed.
+	suite.inboxPost(
+		activity.Activity,
+		requestingAccount,
+		targetAccount,
+		http.StatusAccepted,
+		`{"status":"Accepted"}`,
+		suite.signatureCheck,
+	)
+
+	_, err := suite.state.DB.GetStatusByURI(context.Background(), statusURI)
+	suite.ErrorIs(err, db.ErrNoEntries)
+}
+
 func (suite *InboxPostTestSuite) TestPostUnauthorized() {
 	var (
 		requestingAccount = suite.testAccounts["remote_account_1"]