/* GoToSocial Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ package processing import ( "context" "errors" "fmt" "net/url" "strings" "codeberg.org/gruf/go-kv" apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/federation/dereferencing" "github.com/superseriousbusiness/gotosocial/internal/gtserror" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" "github.com/superseriousbusiness/gotosocial/internal/log" "github.com/superseriousbusiness/gotosocial/internal/oauth" "github.com/superseriousbusiness/gotosocial/internal/transport" "github.com/superseriousbusiness/gotosocial/internal/util" ) // Implementation note: in this function, we tend to log errors // at debug level rather than return them. This is because the // search has a sort of fallthrough logic: if we can't get a result // with x search, we should try with y search rather than returning. // // If we get to the end and still haven't found anything, even then // we shouldn't return an error, just return an empty search result. // // The only exception to this is when we get a malformed query, in // which case we return a bad request error so the user knows they // did something funky. func (p *processor) SearchGet(ctx context.Context, authed *oauth.Auth, search *apimodel.SearchQuery) (*apimodel.SearchResult, gtserror.WithCode) { // tidy up the query and make sure it wasn't just spaces query := strings.TrimSpace(search.Query) if query == "" { err := errors.New("search query was empty string after trimming space") return nil, gtserror.NewErrorBadRequest(err, err.Error()) } l := log.WithFields(kv.Fields{{"query", query}}...) searchResult := &apimodel.SearchResult{ Accounts: []apimodel.Account{}, Statuses: []apimodel.Status{}, Hashtags: []apimodel.Tag{}, } // currently the search will only ever return one result, // so return nothing if the offset is greater than 0 if search.Offset > 0 { return searchResult, nil } foundAccounts := []*gtsmodel.Account{} foundStatuses := []*gtsmodel.Status{} var foundOne bool /* SEARCH BY MENTION check if the query is something like @whatever_username@example.org -- this means it's likely a remote account */ maybeNamestring := query if maybeNamestring[0] != '@' { maybeNamestring = "@" + maybeNamestring } if username, domain, err := util.ExtractNamestringParts(maybeNamestring); err == nil { l.Trace("search term is a mention, looking it up...") foundAccount, err := p.searchAccountByUsernameDomain(ctx, authed, username, domain, search.Resolve) if err != nil { var errNotRetrievable *dereferencing.ErrNotRetrievable if !errors.As(err, &errNotRetrievable) { // return a proper error only if it wasn't just not retrievable return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up account: %w", err)) } return searchResult, nil } foundAccounts = append(foundAccounts, foundAccount) foundOne = true l.Trace("got an account by searching by mention") } /* SEARCH BY URI check if the query is a URI with a recognizable scheme and dereference it */ if !foundOne { if uri, err := url.Parse(query); err == nil { if uri.Scheme == "https" || uri.Scheme == "http" { l.Trace("search term is a uri, looking it up...") // check if it's a status... foundStatus, err := p.searchStatusByURI(ctx, authed, uri) if err != nil { var ( errNotRetrievable *dereferencing.ErrNotRetrievable errWrongType *dereferencing.ErrWrongType ) if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) { return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up status: %w", err)) } } else { foundStatuses = append(foundStatuses, foundStatus) foundOne = true l.Trace("got a status by searching by URI") } // ... or an account if !foundOne { foundAccount, err := p.searchAccountByURI(ctx, authed, uri, search.Resolve) if err != nil { var ( errNotRetrievable *dereferencing.ErrNotRetrievable errWrongType *dereferencing.ErrWrongType ) if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) { return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up account: %w", err)) } } else { foundAccounts = append(foundAccounts, foundAccount) foundOne = true l.Trace("got an account by searching by URI") } } } } } if !foundOne { // we got nothing, we can return early l.Trace("found nothing, returning") return searchResult, nil } /* FROM HERE ON we have our search results, it's just a matter of filtering them according to what this user is allowed to see, and then converting them into our frontend format. */ for _, foundAccount := range foundAccounts { // make sure there's no block in either direction between the account and the requester blocked, err := p.db.IsBlocked(ctx, authed.Account.ID, foundAccount.ID, true) if err != nil { err = fmt.Errorf("SearchGet: error checking block between %s and %s: %s", authed.Account.ID, foundAccount.ID, err) return nil, gtserror.NewErrorInternalError(err) } if blocked { l.Tracef("block exists between %s and %s, skipping this result", authed.Account.ID, foundAccount.ID) continue } apiAcct, err := p.tc.AccountToAPIAccountPublic(ctx, foundAccount) if err != nil { err = fmt.Errorf("SearchGet: error converting account %s to api account: %s", foundAccount.ID, err) return nil, gtserror.NewErrorInternalError(err) } searchResult.Accounts = append(searchResult.Accounts, *apiAcct) } for _, foundStatus := range foundStatuses { // make sure each found status is visible to the requester visible, err := p.filter.StatusVisible(ctx, foundStatus, authed.Account) if err != nil { err = fmt.Errorf("SearchGet: error checking visibility of status %s for account %s: %s", foundStatus.ID, authed.Account.ID, err) return nil, gtserror.NewErrorInternalError(err) } if !visible { l.Tracef("status %s is not visible to account %s, skipping this result", foundStatus.ID, authed.Account.ID) continue } apiStatus, err := p.tc.StatusToAPIStatus(ctx, foundStatus, authed.Account) if err != nil { err = fmt.Errorf("SearchGet: error converting status %s to api status: %s", foundStatus.ID, err) return nil, gtserror.NewErrorInternalError(err) } searchResult.Statuses = append(searchResult.Statuses, *apiStatus) } return searchResult, nil } func (p *processor) searchStatusByURI(ctx context.Context, authed *oauth.Auth, uri *url.URL) (*gtsmodel.Status, error) { status, statusable, err := p.federator.GetStatus(transport.WithFastfail(ctx), authed.Account.Username, uri, true, true) if err != nil { return nil, err } if !*status.Local && statusable != nil { // Attempt to dereference the status thread while we are here p.federator.DereferenceThread(transport.WithFastfail(ctx), authed.Account.Username, uri, status, statusable) } return status, nil } func (p *processor) searchAccountByURI(ctx context.Context, authed *oauth.Auth, uri *url.URL, resolve bool) (*gtsmodel.Account, error) { if !resolve { var ( account *gtsmodel.Account err error uriStr = uri.String() ) // Search the database for existing account with ID URI. account, err = p.db.GetAccountByURI(ctx, uriStr) if err != nil && !errors.Is(err, db.ErrNoEntries) { return nil, fmt.Errorf("searchAccountByURI: error checking database for account %s: %w", uriStr, err) } if account == nil { // Else, search the database for existing by ID URL. account, err = p.db.GetAccountByURL(ctx, uriStr) if err != nil { if !errors.Is(err, db.ErrNoEntries) { return nil, fmt.Errorf("searchAccountByURI: error checking database for account %s: %w", uriStr, err) } return nil, dereferencing.NewErrNotRetrievable(err) } } return account, nil } return p.federator.GetAccountByURI( transport.WithFastfail(ctx), authed.Account.Username, uri, false, ) } func (p *processor) searchAccountByUsernameDomain(ctx context.Context, authed *oauth.Auth, username string, domain string, resolve bool) (*gtsmodel.Account, error) { if !resolve { if domain == config.GetHost() || domain == config.GetAccountDomain() { // We do local lookups using an empty domain, // else it will fail the db search below. domain = "" } // Search the database for existing account with USERNAME@DOMAIN account, err := p.db.GetAccountByUsernameDomain(ctx, username, domain) if err != nil { if !errors.Is(err, db.ErrNoEntries) { return nil, fmt.Errorf("searchAccountByUsernameDomain: error checking database for account %s@%s: %w", username, domain, err) } return nil, dereferencing.NewErrNotRetrievable(err) } return account, nil } return p.federator.GetAccountByUsernameDomain( transport.WithFastfail(ctx), authed.Account.Username, username, domain, false, ) }