SuperSeriousBusiness/GoToSocial
1
1
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial synced 2025-06-05 21:59:39 +02:00
Code Issues Projects Releases Wiki Activity

[bugfix] check remote status permissibility (#2703)

Browse Source 
* add more stringent checks for remote status permissibility

* add check for inreplyto of a remote status being a boost

* do not permit inReplyTo boost wrapper statuses

* change comment wording

* fix calls to NewFederator()

* add code comments for NotPermitted() and SetNotPermitted()

* improve comment

* check that existing != nil before attempting delete

* ensure replying account isn't suspended

* use a debug log instead of info. check for boost using ID

* shorten log string length. make info level

* add note that replying to boost wrapper status shouldn't be able to happen anyways

* update to use onFail() function
This commit is contained in:
kim
2024-03-04 12:30:12 +00:00
committed by GitHub
parent f487fc5d4b
commit d85727e184
9 changed files with 154 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
internal/gtserror/error.go
View File

@@ -39,13 +39,13 @@ const (
malformedKey
notRelevantKey
spamKey
notPermittedKey
)
// IsUnretrievable indicates that a call to retrieve a resource
// (account, status, attachment, etc) could not be fulfilled,
// either because it was not found locally, or because some
// prerequisite remote resource call failed, making it impossible
// to return the item.
// (account, status, attachment, etc) could not be fulfilled, either
// because it was not found locally, or because some prerequisite
// remote resource call failed, making it impossible to return it.
func IsUnretrievable(err error) bool {
_, ok := errors.Value(err, unrtrvableKey).(struct{})
return ok
@@ -57,6 +57,21 @@ func SetUnretrievable(err error) error {
return errors.WithValue(err, unrtrvableKey, struct{}{})
}
// NotPermitted indicates that some call failed due to failed permission
// or acceptibility checks. For example an attempt to dereference remote
// status in which the status author does not have permission to reply
// to the status it is intended to be replying to.
func NotPermitted(err error) bool {
_, ok := errors.Value(err, notPermittedKey).(struct{})
return ok
}
// SetNotPermitted will wrap the given error to store a "not permitted"
// flag, returning wrapped error. See NotPermitted() for example use-cases.
func SetNotPermitted(err error) error {
return errors.WithValue(err, notPermittedKey, struct{}{})
}
// IsWrongType checks error for a stored "wrong type" flag.
// Wrong type indicates that an ActivityPub URI returned a
// type we weren't expecting. For example: