diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2022-08-20 22:47:19 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2022-08-20 21:47:19 +0100 |
| commit | 570fa7c3598118ded6df7ced0a5326f54e7a43e2 (patch) | |
| tree | 9575a6f3016c73b7109c88f68a2a512981cf19e4 /internal/federation/dereferencing/account_test.go | |
| parent | [docs] Textual updates on markdown files (#756) (diff) | |
| download | gotosocial-570fa7c3598118ded6df7ced0a5326f54e7a43e2.tar.xz | |
[bugfix] Fix potential dereference of accounts on own instance (#757)
* add GetAccountByUsernameDomain
* simplify search
* add escape to not deref accounts on own domain
* check if local + we have account by ap uri
Diffstat (limited to 'internal/federation/dereferencing/account_test.go')
| -rw-r--r-- | internal/federation/dereferencing/account_test.go | 102 |
1 files changed, 100 insertions, 2 deletions
diff --git a/internal/federation/dereferencing/account_test.go b/internal/federation/dereferencing/account_test.go index 72092951b..77ebb7cac 100644 --- a/internal/federation/dereferencing/account_test.go +++ b/internal/federation/dereferencing/account_test.go @@ -21,9 +21,11 @@ package dereferencing_test import ( "context" "testing" + "time" "github.com/stretchr/testify/suite" "github.com/superseriousbusiness/gotosocial/internal/ap" + "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/federation/dereferencing" "github.com/superseriousbusiness/gotosocial/testrig" ) @@ -42,11 +44,11 @@ func (suite *AccountTestSuite) TestDereferenceGroup() { }) suite.NoError(err) suite.NotNil(group) - suite.NotNil(group) // group values should be set suite.Equal("https://unknown-instance.com/groups/some_group", group.URI) suite.Equal("https://unknown-instance.com/@some_group", group.URL) + suite.WithinDuration(time.Now(), group.LastWebfingeredAt, 5*time.Second) // group should be in the database dbGroup, err := suite.db.GetAccountByURI(context.Background(), group.URI) @@ -65,11 +67,11 @@ func (suite *AccountTestSuite) TestDereferenceService() { }) suite.NoError(err) suite.NotNil(service) - suite.NotNil(service) // service values should be set suite.Equal("https://owncast.example.org/federation/user/rgh", service.URI) suite.Equal("https://owncast.example.org/federation/user/rgh", service.URL) + suite.WithinDuration(time.Now(), service.LastWebfingeredAt, 5*time.Second) // service should be in the database dbService, err := suite.db.GetAccountByURI(context.Background(), service.URI) @@ -79,6 +81,102 @@ func (suite *AccountTestSuite) TestDereferenceService() { suite.Equal("example.org", dbService.Domain) } +/* + We shouldn't try webfingering or making http calls to dereference local accounts + that might be passed into GetRemoteAccount for whatever reason, so these tests are + here to make sure that such cases are (basically) short-circuit evaluated and given + back as-is without trying to make any calls to one's own instance. +*/ + +func (suite *AccountTestSuite) TestDereferenceLocalAccountAsRemoteURL() { + fetchingAccount := suite.testAccounts["local_account_1"] + targetAccount := suite.testAccounts["local_account_2"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountID: testrig.URLMustParse(targetAccount.URI), + }) + suite.NoError(err) + suite.NotNil(fetchedAccount) + suite.Empty(fetchedAccount.Domain) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountAsUsername() { + fetchingAccount := suite.testAccounts["local_account_1"] + targetAccount := suite.testAccounts["local_account_2"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountUsername: targetAccount.Username, + }) + suite.NoError(err) + suite.NotNil(fetchedAccount) + suite.Empty(fetchedAccount.Domain) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountAsUsernameDomain() { + fetchingAccount := suite.testAccounts["local_account_1"] + targetAccount := suite.testAccounts["local_account_2"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountUsername: targetAccount.Username, + RemoteAccountHost: config.GetHost(), + }) + suite.NoError(err) + suite.NotNil(fetchedAccount) + suite.Empty(fetchedAccount.Domain) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountAsUsernameDomainAndURL() { + fetchingAccount := suite.testAccounts["local_account_1"] + targetAccount := suite.testAccounts["local_account_2"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountID: testrig.URLMustParse(targetAccount.URI), + RemoteAccountUsername: targetAccount.Username, + RemoteAccountHost: config.GetHost(), + }) + suite.NoError(err) + suite.NotNil(fetchedAccount) + suite.Empty(fetchedAccount.Domain) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountWithUnknownUsername() { + fetchingAccount := suite.testAccounts["local_account_1"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountUsername: "thisaccountdoesnotexist", + }) + suite.EqualError(err, "GetRemoteAccount: couldn't retrieve account locally and won't try to resolve it") + suite.Nil(fetchedAccount) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountWithUnknownUsernameDomain() { + fetchingAccount := suite.testAccounts["local_account_1"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountUsername: "thisaccountdoesnotexist", + RemoteAccountHost: "localhost:8080", + }) + suite.EqualError(err, "GetRemoteAccount: couldn't retrieve account locally and won't try to resolve it") + suite.Nil(fetchedAccount) +} + +func (suite *AccountTestSuite) TestDereferenceLocalAccountWithUnknownUserURI() { + fetchingAccount := suite.testAccounts["local_account_1"] + + fetchedAccount, err := suite.dereferencer.GetRemoteAccount(context.Background(), dereferencing.GetRemoteAccountParams{ + RequestingUsername: fetchingAccount.Username, + RemoteAccountID: testrig.URLMustParse("http://localhost:8080/users/thisaccountdoesnotexist"), + }) + suite.EqualError(err, "GetRemoteAccount: couldn't retrieve account locally and won't try to resolve it") + suite.Nil(fetchedAccount) +} + func TestAccountTestSuite(t *testing.T) { suite.Run(t, new(AccountTestSuite)) } |