[bugfix] check remote status permissibility (#2703)

* add more stringent checks for remote status permissibility * add check for inreplyto of a remote status being a boost * do not permit inReplyTo boost wrapper statuses * change comment wording * fix calls to NewFederator() * add code comments for NotPermitted() and SetNotPermitted() * improve comment * check that existing != nil before attempting delete * ensure replying account isn't suspended * use a debug log instead of info. check for boost using ID * shorten log string length. make info level * add note that replying to boost wrapper status shouldn't be able to happen anyways * update to use onFail() function
2025-06-05 21:59:39 +02:00 · 2024-03-04 12:30:12 +00:00
parent f487fc5d4b
commit d85727e184
9 changed files with 154 additions and 16 deletions
--- a/internal/processing/workers/fromfediapi_test.go
+++ b/internal/processing/workers/fromfediapi_test.go
@ -90,9 +90,17 @@ func (suite *FromFediAPITestSuite) TestProcessReplyMention() {
 	replyingAccount := suite.testAccounts["remote_account_1"]

 	// Set the replyingAccount's last fetched_at
-	// date to something recent so no refresh is attempted.
+	// date to something recent so no refresh is attempted,
+	// and ensure it isn't a suspended account.
 	replyingAccount.FetchedAt = time.Now()
-	err := suite.state.DB.UpdateAccount(context.Background(), replyingAccount, "fetched_at")
+	replyingAccount.SuspendedAt = time.Time{}
+	replyingAccount.SuspensionOrigin = ""
+	err := suite.state.DB.UpdateAccount(context.Background(),
+		replyingAccount,
+		"fetched_at",
+		"suspended_at",
+		"suspension_origin",
+	)
 	suite.NoError(err)

 	// Get replying statusable to use from remote test statuses.