[chore] Rationalize HTTP return codes for fedi endpoints, other tidying up (#4503)

# Description

> If this is a code change, please include a summary of what you've coded, and link to the issue(s) it closes/implements.
>
> If this is a documentation change, please briefly describe what you've changed and why.

This pull request does some refactoring of the fedi API endpoints and processing functions, and the authenticate + pub key deref functions, to try to return fewer silly HTTP codes like 410 Gone (when a *remote* account is gone, not a local one), and 500 errors where something isn't really an error.

Also does some general tidying up and renaming for consistency.

## Checklist

Please put an x inside each checkbox to indicate that you've read and followed it: `[ ]` -> `[x]`

If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want).

- [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md).
- [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
- [x] I/we have not leveraged AI to create the proposed changes.
- [x] I/we have performed a self-review of added code.
- [x] I/we have written code that is legible and maintainable by others.
- [x] I/we have commented the added code, particularly in hard-to-understand areas.
- [ ] I/we have made any necessary changes to documentation.
- [ ] I/we have added tests that cover new code.
- [x] I/we have run tests and they pass locally with the changes.
- [x] I/we have run `go fmt ./...` and `golangci-lint run`.

Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4503
Co-authored-by: tobi <tobi.smethurst@protonmail.com>
Co-committed-by: tobi <tobi.smethurst@protonmail.com>

1 files changed, 26 insertions, 0 deletions

diff --git a/internal/federation/federatingactor.go b/internal/federation/federatingactor.go
index 2a68865aa..316835036 100644
--- a/internal/federation/federatingactor.go
+++ b/internal/federation/federatingactor.go
@@ -31,6 +31,7 @@ import (
 	apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
 	"code.superseriousbusiness.org/gotosocial/internal/config"
 	"code.superseriousbusiness.org/gotosocial/internal/db"
+	"code.superseriousbusiness.org/gotosocial/internal/gtscontext"
 	"code.superseriousbusiness.org/gotosocial/internal/gtserror"
 	"code.superseriousbusiness.org/gotosocial/internal/log"
 	"code.superseriousbusiness.org/gotosocial/internal/uris"
@@ -162,6 +163,31 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
 		return false, gtserror.NewErrorUnauthorized(errors.New(text), text)
 	}
 
+	// Ensure requester is not suspended.
+	requester := gtscontext.RequestingAccount(ctx)
+	switch {
+	case !requester.IsSuspended():
+		// Account in good standing.
+		// Allow request to continue.
+
+	case requester.DeletedSelf():
+		// Looks like pub key owner deleted their own account.
+		// Likely their instance is still sending out deletes,
+		// but we'll have already deleted everything of theirs.
+		// Don't do any further processing of the request.
+		log.Debugf(ctx,
+			"requesting account %s self deleted, ignoring inbox post",
+			requester.UsernameDomain(),
+		)
+		return true, nil
+
+	default:
+		// Likely suspended by an admin or
+		// defed action on *this* instance.
+		const text = "requesting account suspended"
+		return false, gtserror.NewErrorForbidden(errors.New(text), text)
+	}
+
 	/*
 		Begin processing the request, but note that we
 		have not yet applied authorization (ie., blocks).