handle remote account deletion more systematically (#254)

This commit is contained in:
tobi 2021-09-30 10:56:02 +02:00 committed by GitHub
parent 9a53b1a8d1
commit 36a09dd0df
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 212 additions and 13 deletions

View File

@ -322,7 +322,6 @@ func (suite *InboxPostTestSuite) TestPostUpdate() {
suite.EqualValues(updatedAccount.HeaderMediaAttachmentID, dbUpdatedAccount.HeaderMediaAttachmentID) suite.EqualValues(updatedAccount.HeaderMediaAttachmentID, dbUpdatedAccount.HeaderMediaAttachmentID)
suite.EqualValues(updatedAccount.HeaderMediaAttachment, dbUpdatedAccount.HeaderMediaAttachment) suite.EqualValues(updatedAccount.HeaderMediaAttachment, dbUpdatedAccount.HeaderMediaAttachment)
suite.EqualValues(updatedAccount.HeaderRemoteURL, dbUpdatedAccount.HeaderRemoteURL) suite.EqualValues(updatedAccount.HeaderRemoteURL, dbUpdatedAccount.HeaderRemoteURL)
// suite.EqualValues(updatedAccount.Fields, dbUpdatedAccount.Fields)
suite.EqualValues(updatedAccount.Note, dbUpdatedAccount.Note) suite.EqualValues(updatedAccount.Note, dbUpdatedAccount.Note)
suite.EqualValues(updatedAccount.Memorial, dbUpdatedAccount.Memorial) suite.EqualValues(updatedAccount.Memorial, dbUpdatedAccount.Memorial)
suite.EqualValues(updatedAccount.AlsoKnownAs, dbUpdatedAccount.AlsoKnownAs) suite.EqualValues(updatedAccount.AlsoKnownAs, dbUpdatedAccount.AlsoKnownAs)
@ -343,7 +342,6 @@ func (suite *InboxPostTestSuite) TestPostUpdate() {
suite.EqualValues(updatedAccount.FollowersURI, dbUpdatedAccount.FollowersURI) suite.EqualValues(updatedAccount.FollowersURI, dbUpdatedAccount.FollowersURI)
suite.EqualValues(updatedAccount.FeaturedCollectionURI, dbUpdatedAccount.FeaturedCollectionURI) suite.EqualValues(updatedAccount.FeaturedCollectionURI, dbUpdatedAccount.FeaturedCollectionURI)
suite.EqualValues(updatedAccount.ActorType, dbUpdatedAccount.ActorType) suite.EqualValues(updatedAccount.ActorType, dbUpdatedAccount.ActorType)
// suite.EqualValues(updatedAccount.PrivateKey, dbUpdatedAccount.PrivateKey)
suite.EqualValues(updatedAccount.PublicKey, dbUpdatedAccount.PublicKey) suite.EqualValues(updatedAccount.PublicKey, dbUpdatedAccount.PublicKey)
suite.EqualValues(updatedAccount.PublicKeyURI, dbUpdatedAccount.PublicKeyURI) suite.EqualValues(updatedAccount.PublicKeyURI, dbUpdatedAccount.PublicKeyURI)
suite.EqualValues(updatedAccount.SensitizedAt, dbUpdatedAccount.SensitizedAt) suite.EqualValues(updatedAccount.SensitizedAt, dbUpdatedAccount.SensitizedAt)
@ -353,6 +351,111 @@ func (suite *InboxPostTestSuite) TestPostUpdate() {
suite.EqualValues(updatedAccount.SuspensionOrigin, dbUpdatedAccount.SuspensionOrigin) suite.EqualValues(updatedAccount.SuspensionOrigin, dbUpdatedAccount.SuspensionOrigin)
} }
func (suite *InboxPostTestSuite) TestPostDelete() {
deletedAccount := *suite.testAccounts["remote_account_1"]
receivingAccount := suite.testAccounts["local_account_1"]
// create a delete
delete := streams.NewActivityStreamsDelete()
// set the appropriate actor on it
deleteActor := streams.NewActivityStreamsActorProperty()
deleteActor.AppendIRI(testrig.URLMustParse(deletedAccount.URI))
delete.SetActivityStreamsActor(deleteActor)
// Set the account iri as the 'object' property.
deleteObject := streams.NewActivityStreamsObjectProperty()
deleteObject.AppendIRI(testrig.URLMustParse(deletedAccount.URI))
delete.SetActivityStreamsObject(deleteObject)
// Set the To of the delete as public
deleteTo := streams.NewActivityStreamsToProperty()
deleteTo.AppendIRI(testrig.URLMustParse("https://www.w3.org/ns/activitystreams#Public"))
delete.SetActivityStreamsTo(deleteTo)
// set some random-ass ID for the activity
deleteID := streams.NewJSONLDIdProperty()
deleteID.SetIRI(testrig.URLMustParse("http://fossbros-anonymous.io/d360613a-dc8d-4563-8f0b-b6161caf0f2b"))
delete.SetJSONLDId(deleteID)
targetURI := testrig.URLMustParse(receivingAccount.InboxURI)
signature, digestHeader, dateHeader := testrig.GetSignatureForActivity(delete, deletedAccount.PublicKeyURI, deletedAccount.PrivateKey, targetURI)
bodyI, err := streams.Serialize(delete)
suite.NoError(err)
bodyJson, err := json.Marshal(bodyI)
suite.NoError(err)
body := bytes.NewReader(bodyJson)
tc := testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil), suite.db)
federator := testrig.NewTestFederator(suite.db, tc, suite.storage)
processor := testrig.NewTestProcessor(suite.db, suite.storage, federator)
err = processor.Start(context.Background())
suite.NoError(err)
userModule := user.New(suite.config, processor, suite.log).(*user.Module)
// setup request
recorder := httptest.NewRecorder()
ctx, _ := gin.CreateTestContext(recorder)
ctx.Request = httptest.NewRequest(http.MethodPost, targetURI.String(), body) // the endpoint we're hitting
ctx.Request.Header.Set("Signature", signature)
ctx.Request.Header.Set("Date", dateHeader)
ctx.Request.Header.Set("Digest", digestHeader)
ctx.Request.Header.Set("Content-Type", "application/activity+json")
// we need to pass the context through signature check first to set appropriate values on it
suite.securityModule.SignatureCheck(ctx)
// normally the router would populate these params from the path values,
// but because we're calling the function directly, we need to set them manually.
ctx.Params = gin.Params{
gin.Param{
Key: user.UsernameKey,
Value: receivingAccount.Username,
},
}
// trigger the function being tested
userModule.InboxPOSTHandler(ctx)
result := recorder.Result()
defer result.Body.Close()
b, err := ioutil.ReadAll(result.Body)
suite.NoError(err)
suite.Empty(b)
suite.Equal(http.StatusOK, result.StatusCode)
// sleep for a sec so side effects can process in the background
time.Sleep(2 * time.Second)
// local account 2 blocked foss_satan, that block should be gone now
testBlock := suite.testBlocks["local_account_2_block_remote_account_1"]
dbBlock := &gtsmodel.Block{}
err = suite.db.GetByID(ctx, testBlock.ID, dbBlock)
suite.ErrorIs(err, db.ErrNoEntries)
// no statuses from foss satan should be left in the database
dbStatuses, err := suite.db.GetAccountStatuses(ctx, deletedAccount.ID, 0, false, "", false, false)
suite.ErrorIs(err, db.ErrNoEntries)
suite.Empty(dbStatuses)
dbAccount, err := suite.db.GetAccountByID(ctx, deletedAccount.ID)
suite.NoError(err)
suite.Empty(dbAccount.Note)
suite.Empty(dbAccount.DisplayName)
suite.Empty(dbAccount.AvatarMediaAttachmentID)
suite.Empty(dbAccount.AvatarRemoteURL)
suite.Empty(dbAccount.HeaderMediaAttachmentID)
suite.Empty(dbAccount.HeaderRemoteURL)
suite.Empty(dbAccount.Reason)
suite.Empty(dbAccount.Fields)
suite.True(dbAccount.HideCollections)
suite.False(dbAccount.Discoverable)
suite.WithinDuration(time.Now(), dbAccount.SuspendedAt, 30*time.Second)
suite.Equal(dbAccount.ID, dbAccount.SuspensionOrigin)
}
func TestInboxPostTestSuite(t *testing.T) { func TestInboxPostTestSuite(t *testing.T) {
suite.Run(t, &InboxPostTestSuite{}) suite.Run(t, &InboxPostTestSuite{})
} }

View File

@ -53,6 +53,7 @@ type UserStandardTestSuite struct {
testAccounts map[string]*gtsmodel.Account testAccounts map[string]*gtsmodel.Account
testAttachments map[string]*gtsmodel.MediaAttachment testAttachments map[string]*gtsmodel.MediaAttachment
testStatuses map[string]*gtsmodel.Status testStatuses map[string]*gtsmodel.Status
testBlocks map[string]*gtsmodel.Block
// module being tested // module being tested
userModule *user.Module userModule *user.Module
@ -66,6 +67,7 @@ func (suite *UserStandardTestSuite) SetupSuite() {
suite.testAccounts = testrig.NewTestAccounts() suite.testAccounts = testrig.NewTestAccounts()
suite.testAttachments = testrig.NewTestAttachments() suite.testAttachments = testrig.NewTestAttachments()
suite.testStatuses = testrig.NewTestStatuses() suite.testStatuses = testrig.NewTestStatuses()
suite.testBlocks = testrig.NewTestBlocks()
} }
func (suite *UserStandardTestSuite) SetupTest() { func (suite *UserStandardTestSuite) SetupTest() {

View File

@ -89,10 +89,7 @@ func (f *federatingDB) Delete(ctx context.Context, id *url.URL) error {
a, err := f.db.GetAccountByURI(ctx, id.String()) a, err := f.db.GetAccountByURI(ctx, id.String())
if err == nil { if err == nil {
// it's an account // it's an account
l.Debugf("uri is for an account with id: %s", a.ID) l.Debugf("uri is for an account with id %s, passing delete message to the processor", a.ID)
if err := f.db.DeleteByID(ctx, a.ID, &gtsmodel.Account{}); err != nil {
return fmt.Errorf("DELETE: err deleting account: %s", err)
}
fromFederatorChan <- messages.FromFederator{ fromFederatorChan <- messages.FromFederator{
APObjectType: ap.ObjectProfile, APObjectType: ap.ObjectProfile,
APActivityType: ap.ActivityDelete, APActivityType: ap.ActivityDelete,

View File

@ -31,7 +31,7 @@ import (
// Delete handles the complete deletion of an account. // Delete handles the complete deletion of an account.
// //
// TODO in this function: // To be done in this function:
// 1. Delete account's application(s), clients, and oauth tokens // 1. Delete account's application(s), clients, and oauth tokens
// 2. Delete account's blocks // 2. Delete account's blocks
// 3. Delete account's emoji // 3. Delete account's emoji
@ -51,12 +51,16 @@ import (
// 17. Delete account's timeline // 17. Delete account's timeline
// 18. Delete account itself // 18. Delete account itself
func (p *processor) Delete(ctx context.Context, account *gtsmodel.Account, origin string) error { func (p *processor) Delete(ctx context.Context, account *gtsmodel.Account, origin string) error {
l := p.log.WithFields(logrus.Fields{ fields := logrus.Fields{
"func": "Delete", "func": "Delete",
"username": account.Username, "username": account.Username,
}) }
if account.Domain != "" {
fields["domain"] = account.Domain
}
l := p.log.WithFields(fields)
l.Debugf("beginning account delete process for username %s", account.Username) l.Debug("beginning account delete process")
// 1. Delete account's application(s), clients, and oauth tokens // 1. Delete account's application(s), clients, and oauth tokens
// we only need to do this step for local account since remote ones won't have any tokens or applications on our server // we only need to do this step for local account since remote ones won't have any tokens or applications on our server
@ -214,10 +218,16 @@ selectStatusesLoop:
// 10. Delete account's notifications // 10. Delete account's notifications
l.Debug("deleting account notifications") l.Debug("deleting account notifications")
// first notifications created by account
if err := p.db.DeleteWhere(ctx, []db.Where{{Key: "origin_account_id", Value: account.ID}}, &[]*gtsmodel.Notification{}); err != nil { if err := p.db.DeleteWhere(ctx, []db.Where{{Key: "origin_account_id", Value: account.ID}}, &[]*gtsmodel.Notification{}); err != nil {
l.Errorf("error deleting notifications created by account: %s", err) l.Errorf("error deleting notifications created by account: %s", err)
} }
// now notifications targeting account
if err := p.db.DeleteWhere(ctx, []db.Where{{Key: "target_account_id", Value: account.ID}}, &[]*gtsmodel.Notification{}); err != nil {
l.Errorf("error deleting notifications targeting account: %s", err)
}
// 11. Delete account's bookmarks // 11. Delete account's bookmarks
l.Debug("deleting account bookmarks") l.Debug("deleting account bookmarks")
if err := p.db.DeleteWhere(ctx, []db.Where{{Key: "account_id", Value: account.ID}}, &[]*gtsmodel.StatusBookmark{}); err != nil { if err := p.db.DeleteWhere(ctx, []db.Where{{Key: "account_id", Value: account.ID}}, &[]*gtsmodel.StatusBookmark{}); err != nil {
@ -267,8 +277,6 @@ selectStatusesLoop:
account.HideCollections = true account.HideCollections = true
account.Discoverable = false account.Discoverable = false
account.UpdatedAt = time.Now()
account.SuspendedAt = time.Now() account.SuspendedAt = time.Now()
account.SuspensionOrigin = origin account.SuspensionOrigin = origin

View File

@ -181,7 +181,13 @@ func (p *processor) ProcessFromFederator(ctx context.Context, federatorMsg messa
return p.deleteStatusFromTimelines(ctx, statusToDelete) return p.deleteStatusFromTimelines(ctx, statusToDelete)
case ap.ObjectProfile: case ap.ObjectProfile:
// DELETE A PROFILE/ACCOUNT // DELETE A PROFILE/ACCOUNT
// TODO: handle side effects of account deletion here: delete all objects, statuses, media etc associated with account // handle side effects of account deletion here: delete all objects, statuses, media etc associated with account
account, ok := federatorMsg.GTSModel.(*gtsmodel.Account)
if !ok {
return errors.New("account delete was not parseable as *gtsmodel.Account")
}
return p.accountProcessor.Delete(ctx, account, account.ID)
} }
case ap.ActivityAccept: case ap.ActivityAccept:
// ACCEPT // ACCEPT

View File

@ -20,6 +20,7 @@ package processing_test
import ( import (
"context" "context"
"fmt"
"testing" "testing"
"time" "time"
@ -276,6 +277,86 @@ func (suite *FromFederatorTestSuite) TestProcessFaveWithDifferentReceivingAccoun
suite.Empty(stream.Messages) suite.Empty(stream.Messages)
} }
func (suite *FromFederatorTestSuite) TestProcessAccountDelete() {
ctx := context.Background()
deletedAccount := suite.testAccounts["remote_account_1"]
receivingAccount := suite.testAccounts["local_account_1"]
// before doing the delete....
// make local_account_1 and remote_account_1 into mufos
zorkFollowSatan := &gtsmodel.Follow{
ID: "01FGRY72ASHBSET64353DPHK9T",
CreatedAt: time.Now().Add(-1 * time.Hour),
UpdatedAt: time.Now().Add(-1 * time.Hour),
AccountID: deletedAccount.ID,
TargetAccountID: receivingAccount.ID,
ShowReblogs: true,
URI: fmt.Sprintf("%s/follows/01FGRY72ASHBSET64353DPHK9T", deletedAccount.URI),
Notify: false,
}
err := suite.db.Put(ctx, zorkFollowSatan)
suite.NoError(err)
satanFollowZork := &gtsmodel.Follow{
ID: "01FGRYAVAWWPP926J175QGM0WV",
CreatedAt: time.Now().Add(-1 * time.Hour),
UpdatedAt: time.Now().Add(-1 * time.Hour),
AccountID: receivingAccount.ID,
TargetAccountID: deletedAccount.ID,
ShowReblogs: true,
URI: fmt.Sprintf("%s/follows/01FGRYAVAWWPP926J175QGM0WV", receivingAccount.URI),
Notify: false,
}
err = suite.db.Put(ctx, satanFollowZork)
suite.NoError(err)
// now they are mufos!
err = suite.processor.ProcessFromFederator(ctx, messages.FromFederator{
APObjectType: ap.ObjectProfile,
APActivityType: ap.ActivityDelete,
GTSModel: deletedAccount,
ReceivingAccount: receivingAccount,
})
suite.NoError(err)
// local account 2 blocked foss_satan, that block should be gone now
testBlock := suite.testBlocks["local_account_2_block_remote_account_1"]
dbBlock := &gtsmodel.Block{}
err = suite.db.GetByID(ctx, testBlock.ID, dbBlock)
suite.ErrorIs(err, db.ErrNoEntries)
// the mufos should be gone now too
satanFollowsZork, err := suite.db.IsFollowing(ctx, deletedAccount, receivingAccount)
suite.NoError(err)
suite.False(satanFollowsZork)
zorkFollowsSatan, err := suite.db.IsFollowing(ctx, receivingAccount, deletedAccount)
suite.NoError(err)
suite.False(zorkFollowsSatan)
// no statuses from foss satan should be left in the database
dbStatuses, err := suite.db.GetAccountStatuses(ctx, deletedAccount.ID, 0, false, "", false, false)
suite.ErrorIs(err, db.ErrNoEntries)
suite.Empty(dbStatuses)
dbAccount, err := suite.db.GetAccountByID(ctx, deletedAccount.ID)
suite.NoError(err)
suite.Empty(dbAccount.Note)
suite.Empty(dbAccount.DisplayName)
suite.Empty(dbAccount.AvatarMediaAttachmentID)
suite.Empty(dbAccount.AvatarRemoteURL)
suite.Empty(dbAccount.HeaderMediaAttachmentID)
suite.Empty(dbAccount.HeaderRemoteURL)
suite.Empty(dbAccount.Reason)
suite.Empty(dbAccount.Fields)
suite.True(dbAccount.HideCollections)
suite.False(dbAccount.Discoverable)
suite.WithinDuration(time.Now(), dbAccount.SuspendedAt, 30*time.Second)
suite.Equal(dbAccount.ID, dbAccount.SuspensionOrigin)
}
func TestFromFederatorTestSuite(t *testing.T) { func TestFromFederatorTestSuite(t *testing.T) {
suite.Run(t, &FromFederatorTestSuite{}) suite.Run(t, &FromFederatorTestSuite{})
} }

View File

@ -62,6 +62,7 @@ type ProcessingStandardTestSuite struct {
testTags map[string]*gtsmodel.Tag testTags map[string]*gtsmodel.Tag
testMentions map[string]*gtsmodel.Mention testMentions map[string]*gtsmodel.Mention
testAutheds map[string]*oauth.Auth testAutheds map[string]*oauth.Auth
testBlocks map[string]*gtsmodel.Block
processor processing.Processor processor processing.Processor
} }
@ -83,6 +84,7 @@ func (suite *ProcessingStandardTestSuite) SetupSuite() {
Account: suite.testAccounts["local_account_1"], Account: suite.testAccounts["local_account_1"],
}, },
} }
suite.testBlocks = testrig.NewTestBlocks()
} }
func (suite *ProcessingStandardTestSuite) SetupTest() { func (suite *ProcessingStandardTestSuite) SetupTest() {