[feature] Fetch + create domain permissions from subscriptions nightly (#3635)

* peepeepoopoo * test domain perm subs * swagger * envparsing * dries your wets * start on docs * finish up docs * copy paste errors * rename actions package * rename force -> skipCache * move obfuscate parse nearer to where err is checked * make higherPrios a simple slice * don't use receiver for permsFrom funcs * add more context to error logs * defer finished log * use switch for permType instead of if/else * thanks linter, love you <3 * validate csv headers before full read * use bufio scanner
2025-06-05 21:59:39 +02:00 · 2025-01-08 11:29:40 +01:00
parent c013892ca2
commit 451803b230
95 changed files with 3320 additions and 626 deletions
--- a/internal/processing/admin/domainpermissionsubscription.go
+++ b/internal/processing/admin/domainpermissionsubscription.go
@@ -22,6 +22,7 @@ import (
 	"errors"
 	"fmt"
 	"net/url"
+	"slices"

 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
@@ -283,3 +284,89 @@ func (p *Processor) DomainPermissionSubscriptionRemove(

 	return p.apiDomainPermSub(ctx, permSub)
 }
+
+func (p *Processor) DomainPermissionSubscriptionTest(
+	ctx context.Context,
+	acct *gtsmodel.Account,
+	id string,
+) (any, gtserror.WithCode) {
+	permSub, err := p.state.DB.GetDomainPermissionSubscriptionByID(ctx, id)
+	if err != nil && !errors.Is(err, db.ErrNoEntries) {
+		err := gtserror.Newf("db error getting domain permission subscription %s: %w", id, err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	if permSub == nil {
+		err := fmt.Errorf("domain permission subscription %s not found", id)
+		return nil, gtserror.NewErrorNotFound(err, err.Error())
+	}
+
+	// To process the test/dry-run correctly, we need to get
+	// all domain perm subs of this type with a *higher* priority,
+	// to know whether we ought to create permissions or not.
+	permSubs, err := p.state.DB.GetDomainPermissionSubscriptionsByPriority(
+		ctx,
+		permSub.PermissionType,
+	)
+	if err != nil && !errors.Is(err, db.ErrNoEntries) {
+		err := gtserror.Newf("db error: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	// Find the index of the targeted
+	// subscription in the slice.
+	index := slices.IndexFunc(
+		permSubs,
+		func(ps *gtsmodel.DomainPermissionSubscription) bool {
+			return ps.ID == permSub.ID
+		},
+	)
+
+	// Get a transport for calling permSub.URI.
+	tsport, err := p.transport.NewTransportForUsername(ctx, acct.Username)
+	if err != nil {
+		err := gtserror.Newf("error getting transport: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	// Everything *before* the targeted
+	// subscription has a higher priority.
+	higherPrios := permSubs[:index]
+
+	// Call the permSub.URI and parse a list of perms from it.
+	// Any error returned here is a "real" one, not an error
+	// from fetching / parsing the list.
+	createdPerms, err := p.subscriptions.ProcessDomainPermissionSubscription(
+		ctx,
+		permSub,
+		tsport,
+		higherPrios,
+		true, // Dry run.
+	)
+	if err != nil {
+		err := gtserror.Newf("error doing dry-run: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	// If permSub has an error set on it now,
+	// we should return it to the caller.
+	if permSub.Error != "" {
+		return map[string]string{
+			"error": permSub.Error,
+		}, nil
+	}
+
+	// No error, so return the list of
+	// perms that would have been created.
+	apiPerms := make([]*apimodel.DomainPermission, 0, len(createdPerms))
+	for _, perm := range createdPerms {
+		apiPerm, errWithCode := p.apiDomainPerm(ctx, perm, false)
+		if errWithCode != nil {
+			return nil, errWithCode
+		}
+
+		apiPerms = append(apiPerms, apiPerm)
+	}
+
+	return apiPerms, nil
+}