[bugfix] return 400 Bad Request on more cases of malformed AS data (#2399)

2025-06-05 21:59:39 +02:00 · 2023-11-30 16:22:34 +00:00
parent 5fd2e427bb
commit eb170003b8
47 changed files with 1493 additions and 1013 deletions
--- a/internal/typeutils/astointernal.go
+++ b/internal/typeutils/astointernal.go
--- a/internal/typeutils/astointernal_test.go
+++ b/internal/typeutils/astointernal_test.go
@@ -363,7 +363,7 @@ func (suite *ASToInternalTestSuite) TestParseFlag3() {

 	report, err := suite.typeconverter.ASFlagToReport(context.Background(), asFlag)
 	suite.Nil(report)
-	suite.EqualError(err, "ASFlagToReport: account with uri http://localhost:8080/users/mr_e_man could not be found in the db")
+	suite.EqualError(err, "ASFlagToReport: error getting target account http://localhost:8080/users/mr_e_man from database: sql: no rows in result set")
 }

 func (suite *ASToInternalTestSuite) TestParseFlag4() {
@@ -388,7 +388,7 @@ func (suite *ASToInternalTestSuite) TestParseFlag4() {

 	report, err := suite.typeconverter.ASFlagToReport(context.Background(), asFlag)
 	suite.Nil(report)
-	suite.EqualError(err, "ASFlagToReport: flaggable objects contained no recognizable target account uri")
+	suite.EqualError(err, "ASFlagToReport: missing target account uri for http://fossbros-anonymous.io/db22128d-884e-4358-9935-6a7c3940535d")
 }

 func (suite *ASToInternalTestSuite) TestParseFlag5() {
--- a/internal/typeutils/internaltoas.go
+++ b/internal/typeutils/internaltoas.go
@@ -1713,7 +1713,7 @@ func (c *Converter) PollVoteToASCreate(
 	ap.MustSet(ap.SetJSONLDIdStr, ap.WithJSONLDId(create), id)

 	// Set Create actor appropriately.
-	ap.AppendActor(create, authorIRI)
+	ap.AppendActorIRIs(create, authorIRI)

 	// Set publish time for activity.
 	ap.SetPublished(create, vote.CreatedAt)
--- a/internal/typeutils/util.go
+++ b/internal/typeutils/util.go
@@ -19,7 +19,6 @@ package typeutils

 import (
 	"context"
-	"errors"
 	"fmt"
 	"net/url"
 	"path"
@@ -27,7 +26,6 @@ import (
 	"strconv"
 	"strings"

-	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
@@ -94,22 +92,6 @@ func misskeyReportInlineURLs(content string) []*url.URL {
 	return urls
 }

-// getURI is a shortcut/util function for extracting
-// the JSONLDId URI of an Activity or Object.
-func getURI(withID ap.WithJSONLDId) (*url.URL, string, error) {
-	idProp := withID.GetJSONLDId()
-	if idProp == nil {
-		return nil, "", errors.New("id prop was nil")
-	}
-
-	if !idProp.IsIRI() {
-		return nil, "", errors.New("id prop was not an IRI")
-	}
-
-	id := idProp.Get()
-	return id, id.String(), nil
-}
-
 // placeholdUnknownAttachments separates any attachments with type `unknown`
 // out of the given slice, and returns an `<aside>` tag containing links to
 // those attachments, as well as the slice of remaining "known" attachments.
--- a/internal/typeutils/wrap.go
+++ b/internal/typeutils/wrap.go
@@ -103,7 +103,7 @@ func wrapStatusableInActivity(activity ap.Activityable, status ap.Statusable, ir
 	appendStatusableToActivity(activity, status, iriOnly)
 	ap.AppendTo(activity, ap.GetTo(status)...)
 	ap.AppendCc(activity, ap.GetCc(status)...)
-	ap.AppendActor(activity, ap.GetAttributedTo(status)...)
+	ap.AppendActorIRIs(activity, ap.GetAttributedTo(status)...)
 	ap.SetPublished(activity, ap.GetPublished(status))
 }