summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorLibravatar tobi <31960611+tsmethurst@users.noreply.github.com>2023-03-01 18:52:44 +0100
committerLibravatar GitHub <noreply@github.com>2023-03-01 17:52:44 +0000
commit24cec4e7aab33b6c44ba6d1ecf16895f254351b8 (patch)
treecf0107a34e0fa00ab1b68aed4b52afe502147393 /internal
parent[chore/performance] simplify storage driver to use storage.Storage directly (... (diff)
downloadgotosocial-24cec4e7aab33b6c44ba6d1ecf16895f254351b8.tar.xz
[feature] Federate pinned posts (aka `featuredCollection`) in and out (#1560)
* start fiddling * the ol' fiddle + update * start working on fetching statuses * poopy doopy doo where r u uwu * further adventures in featuring statuses * finishing up * fmt * simply status unpin loop * move empty featured check back to caller function * remove unnecessary log.WithContext calls * remove unnecessary IsIRI() checks * add explanatory comment about status URIs * change log level to error * better test names
Diffstat (limited to 'internal')
-rw-r--r--internal/ap/activitystreams.go29
-rw-r--r--internal/api/activitypub/emoji/emojiget.go2
-rw-r--r--internal/api/activitypub/users/common.go30
-rw-r--r--internal/api/activitypub/users/featured.go97
-rw-r--r--internal/api/activitypub/users/followers.go5
-rw-r--r--internal/api/activitypub/users/following.go5
-rw-r--r--internal/api/activitypub/users/outboxget.go5
-rw-r--r--internal/api/activitypub/users/repliesget.go2
-rw-r--r--internal/api/activitypub/users/statusget.go2
-rw-r--r--internal/api/activitypub/users/user.go3
-rw-r--r--internal/api/client/statuses/statuspin_test.go2
-rw-r--r--internal/db/bundb/admin.go4
-rw-r--r--internal/db/bundb/status.go9
-rw-r--r--internal/db/status.go4
-rw-r--r--internal/federation/dereferencing/account.go160
-rw-r--r--internal/federation/dereferencing/status.go17
-rw-r--r--internal/processing/fedi/collections.go198
-rw-r--r--internal/processing/fedi/common.go60
-rw-r--r--internal/processing/fedi/emoji.go3
-rw-r--r--internal/processing/fedi/status.go98
-rw-r--r--internal/processing/status/pin.go4
-rw-r--r--internal/typeutils/astointernal.go11
-rw-r--r--internal/typeutils/converter.go3
-rw-r--r--internal/typeutils/internaltoas.go28
-rw-r--r--internal/typeutils/internaltoas_test.go92
-rw-r--r--internal/uris/uri.go20
-rw-r--r--internal/web/thread.go2
27 files changed, 639 insertions, 256 deletions
diff --git a/internal/ap/activitystreams.go b/internal/ap/activitystreams.go
index d46690f4f..294a56fef 100644
--- a/internal/ap/activitystreams.go
+++ b/internal/ap/activitystreams.go
@@ -55,18 +55,19 @@ const (
ActorPerson = "Person" // ActivityStreamsPerson https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person
ActorService = "Service" // ActivityStreamsService https://www.w3.org/TR/activitystreams-vocabulary/#dfn-service
- ObjectArticle = "Article" // ActivityStreamsArticle https://www.w3.org/TR/activitystreams-vocabulary/#dfn-article
- ObjectAudio = "Audio" // ActivityStreamsAudio https://www.w3.org/TR/activitystreams-vocabulary/#dfn-audio
- ObjectDocument = "Document" // ActivityStreamsDocument https://www.w3.org/TR/activitystreams-vocabulary/#dfn-document
- ObjectEvent = "Event" // ActivityStreamsEvent https://www.w3.org/TR/activitystreams-vocabulary/#dfn-event
- ObjectImage = "Image" // ActivityStreamsImage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-image
- ObjectNote = "Note" // ActivityStreamsNote https://www.w3.org/TR/activitystreams-vocabulary/#dfn-note
- ObjectPage = "Page" // ActivityStreamsPage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-page
- ObjectPlace = "Place" // ActivityStreamsPlace https://www.w3.org/TR/activitystreams-vocabulary/#dfn-place
- ObjectProfile = "Profile" // ActivityStreamsProfile https://www.w3.org/TR/activitystreams-vocabulary/#dfn-profile
- ObjectRelationship = "Relationship" // ActivityStreamsRelationship https://www.w3.org/TR/activitystreams-vocabulary/#dfn-relationship
- ObjectTombstone = "Tombstone" // ActivityStreamsTombstone https://www.w3.org/TR/activitystreams-vocabulary/#dfn-tombstone
- ObjectVideo = "Video" // ActivityStreamsVideo https://www.w3.org/TR/activitystreams-vocabulary/#dfn-video
- ObjectCollection = "Collection" // ActivityStreamsCollection https://www.w3.org/TR/activitystreams-vocabulary/#dfn-collection
- ObjectCollectionPage = "CollectionPage" // ActivityStreamsCollectionPage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-collectionpage
+ ObjectArticle = "Article" // ActivityStreamsArticle https://www.w3.org/TR/activitystreams-vocabulary/#dfn-article
+ ObjectAudio = "Audio" // ActivityStreamsAudio https://www.w3.org/TR/activitystreams-vocabulary/#dfn-audio
+ ObjectDocument = "Document" // ActivityStreamsDocument https://www.w3.org/TR/activitystreams-vocabulary/#dfn-document
+ ObjectEvent = "Event" // ActivityStreamsEvent https://www.w3.org/TR/activitystreams-vocabulary/#dfn-event
+ ObjectImage = "Image" // ActivityStreamsImage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-image
+ ObjectNote = "Note" // ActivityStreamsNote https://www.w3.org/TR/activitystreams-vocabulary/#dfn-note
+ ObjectPage = "Page" // ActivityStreamsPage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-page
+ ObjectPlace = "Place" // ActivityStreamsPlace https://www.w3.org/TR/activitystreams-vocabulary/#dfn-place
+ ObjectProfile = "Profile" // ActivityStreamsProfile https://www.w3.org/TR/activitystreams-vocabulary/#dfn-profile
+ ObjectRelationship = "Relationship" // ActivityStreamsRelationship https://www.w3.org/TR/activitystreams-vocabulary/#dfn-relationship
+ ObjectTombstone = "Tombstone" // ActivityStreamsTombstone https://www.w3.org/TR/activitystreams-vocabulary/#dfn-tombstone
+ ObjectVideo = "Video" // ActivityStreamsVideo https://www.w3.org/TR/activitystreams-vocabulary/#dfn-video
+ ObjectCollection = "Collection" // ActivityStreamsCollection https://www.w3.org/TR/activitystreams-vocabulary/#dfn-collection
+ ObjectCollectionPage = "CollectionPage" // ActivityStreamsCollectionPage https://www.w3.org/TR/activitystreams-vocabulary/#dfn-collectionpage
+ ObjectOrderedCollection = "OrderedCollection" // ActivityStreamsOrderedCollection https://www.w3.org/TR/activitystreams-vocabulary/#dfn-orderedcollection
)
diff --git a/internal/api/activitypub/emoji/emojiget.go b/internal/api/activitypub/emoji/emojiget.go
index e66a854c7..6f9bd6c82 100644
--- a/internal/api/activitypub/emoji/emojiget.go
+++ b/internal/api/activitypub/emoji/emojiget.go
@@ -43,7 +43,7 @@ func (m *Module) EmojiGetHandler(c *gin.Context) {
return
}
- resp, errWithCode := m.processor.Fedi().EmojiGet(apiutil.TransferSignatureContext(c), requestedEmojiID, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().EmojiGet(apiutil.TransferSignatureContext(c), requestedEmojiID)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/common.go b/internal/api/activitypub/users/common.go
index f0e4891d5..93d9ba776 100644
--- a/internal/api/activitypub/users/common.go
+++ b/internal/api/activitypub/users/common.go
@@ -18,12 +18,14 @@
package users
-// SwaggerCollection represents an activitypub collection.
+// SwaggerCollection represents an ActivityPub Collection.
// swagger:model swaggerCollection
type SwaggerCollection struct {
- // ActivityStreams context.
+ // ActivityStreams JSON-LD context.
+ // A string or an array of strings, or more
+ // complex nested items.
// example: https://www.w3.org/ns/activitystreams
- Context string `json:"@context"`
+ Context interface{} `json:"@context"`
// ActivityStreams ID.
// example: https://example.org/users/some_user/statuses/106717595988259568/replies
ID string `json:"id"`
@@ -55,3 +57,25 @@ type SwaggerCollectionPage struct {
// example: ["https://example.org/users/some_other_user/statuses/086417595981111564", "https://another.example.com/users/another_user/statuses/01FCN8XDV3YG7B4R42QA6YQZ9R"]
Items []string `json:"items"`
}
+
+// SwaggerFeaturedCollection represents an ActivityPub OrderedCollection.
+// swagger:model swaggerFeaturedCollection
+type SwaggerFeaturedCollection struct {
+ // ActivityStreams JSON-LD context.
+ // A string or an array of strings, or more
+ // complex nested items.
+ // example: https://www.w3.org/ns/activitystreams
+ Context interface{} `json:"@context"`
+ // ActivityStreams ID.
+ // example: https://example.org/users/some_user/collections/featured
+ ID string `json:"id"`
+ // ActivityStreams type.
+ // example: OrderedCollection
+ Type string `json:"type"`
+ // List of status URIs.
+ // example: ['https://example.org/users/some_user/statuses/01GSZ0F7Q8SJKNRF777GJD271R', 'https://example.org/users/some_user/statuses/01GSZ0G012CBQ7TEKX689S3QRE']
+ Items []string `json:"items"`
+ // Number of items in this collection.
+ // example: 2
+ TotalItems int
+}
diff --git a/internal/api/activitypub/users/featured.go b/internal/api/activitypub/users/featured.go
new file mode 100644
index 000000000..89a33a6ad
--- /dev/null
+++ b/internal/api/activitypub/users/featured.go
@@ -0,0 +1,97 @@
+/*
+ GoToSocial
+ Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package users
+
+import (
+ "encoding/json"
+ "errors"
+ "net/http"
+ "strings"
+
+ "github.com/gin-gonic/gin"
+ apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
+ "github.com/superseriousbusiness/gotosocial/internal/gtserror"
+)
+
+// FeaturedCollectionGETHandler swagger:operation GET /users/{username}/collections/featured s2sFeaturedCollectionGet
+//
+// Get the featured collection (pinned posts) for a user.
+//
+// The response will contain an ordered collection of Note URIs in the `items` property.
+//
+// It is up to the caller to dereference the provided Note URIs (or not, if they already have them cached).
+//
+// HTTP signature is required on the request.
+//
+// ---
+// tags:
+// - s2s/federation
+//
+// produces:
+// - application/activity+json
+//
+// responses:
+// '200':
+// in: body
+// schema:
+// "$ref": "#/definitions/swaggerFeaturedCollection"
+// '400':
+// description: bad request
+// '401':
+// description: unauthorized
+// '403':
+// description: forbidden
+// '404':
+// description: not found
+func (m *Module) FeaturedCollectionGETHandler(c *gin.Context) {
+ // usernames on our instance are always lowercase
+ requestedUsername := strings.ToLower(c.Param(UsernameKey))
+ if requestedUsername == "" {
+ err := errors.New("no username specified in request")
+ apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
+ return
+ }
+
+ format, err := apiutil.NegotiateAccept(c, apiutil.HTMLOrActivityPubHeaders...)
+ if err != nil {
+ apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
+ return
+ }
+
+ if format == string(apiutil.TextHTML) {
+ // This isn't an ActivityPub request;
+ // redirect to the user's profile.
+ c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
+ return
+ }
+
+ resp, errWithCode := m.processor.Fedi().FeaturedCollectionGet(apiutil.TransferSignatureContext(c), requestedUsername)
+ if errWithCode != nil {
+ apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
+ return
+ }
+
+ b, err := json.Marshal(resp)
+ if err != nil {
+ apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
+ return
+ }
+
+ c.Data(http.StatusOK, format, b)
+}
diff --git a/internal/api/activitypub/users/followers.go b/internal/api/activitypub/users/followers.go
index 649e20e45..4eec8abc1 100644
--- a/internal/api/activitypub/users/followers.go
+++ b/internal/api/activitypub/users/followers.go
@@ -46,12 +46,13 @@ func (m *Module) FollowersGETHandler(c *gin.Context) {
}
if format == string(apiutil.TextHTML) {
- // redirect to the user's profile
+ // This isn't an ActivityPub request;
+ // redirect to the user's profile.
c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
return
}
- resp, errWithCode := m.processor.Fedi().FollowersGet(apiutil.TransferSignatureContext(c), requestedUsername, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().FollowersGet(apiutil.TransferSignatureContext(c), requestedUsername)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/following.go b/internal/api/activitypub/users/following.go
index 1a6e99a53..b26226c8f 100644
--- a/internal/api/activitypub/users/following.go
+++ b/internal/api/activitypub/users/following.go
@@ -46,12 +46,13 @@ func (m *Module) FollowingGETHandler(c *gin.Context) {
}
if format == string(apiutil.TextHTML) {
- // redirect to the user's profile
+ // This isn't an ActivityPub request;
+ // redirect to the user's profile.
c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
return
}
- resp, errWithCode := m.processor.Fedi().FollowingGet(apiutil.TransferSignatureContext(c), requestedUsername, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().FollowingGet(apiutil.TransferSignatureContext(c), requestedUsername)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/outboxget.go b/internal/api/activitypub/users/outboxget.go
index c081e4f92..fa03cde62 100644
--- a/internal/api/activitypub/users/outboxget.go
+++ b/internal/api/activitypub/users/outboxget.go
@@ -101,7 +101,8 @@ func (m *Module) OutboxGETHandler(c *gin.Context) {
}
if format == string(apiutil.TextHTML) {
- // redirect to the user's profile
+ // This isn't an ActivityPub request;
+ // redirect to the user's profile.
c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
return
}
@@ -129,7 +130,7 @@ func (m *Module) OutboxGETHandler(c *gin.Context) {
maxID = maxIDString
}
- resp, errWithCode := m.processor.Fedi().OutboxGet(apiutil.TransferSignatureContext(c), requestedUsername, page, maxID, minID, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().OutboxGet(apiutil.TransferSignatureContext(c), requestedUsername, page, maxID, minID)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/repliesget.go b/internal/api/activitypub/users/repliesget.go
index 2c17a99d1..644bc0dee 100644
--- a/internal/api/activitypub/users/repliesget.go
+++ b/internal/api/activitypub/users/repliesget.go
@@ -150,7 +150,7 @@ func (m *Module) StatusRepliesGETHandler(c *gin.Context) {
minID = minIDString
}
- resp, errWithCode := m.processor.Fedi().StatusRepliesGet(apiutil.TransferSignatureContext(c), requestedUsername, requestedStatusID, page, onlyOtherAccounts, minID, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().StatusRepliesGet(apiutil.TransferSignatureContext(c), requestedUsername, requestedStatusID, page, onlyOtherAccounts, c.Query("only_other_accounts") != "", minID)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/statusget.go b/internal/api/activitypub/users/statusget.go
index 69d873efa..a57b50d00 100644
--- a/internal/api/activitypub/users/statusget.go
+++ b/internal/api/activitypub/users/statusget.go
@@ -59,7 +59,7 @@ func (m *Module) StatusGETHandler(c *gin.Context) {
return
}
- resp, errWithCode := m.processor.Fedi().StatusGet(apiutil.TransferSignatureContext(c), requestedUsername, requestedStatusID, c.Request.URL)
+ resp, errWithCode := m.processor.Fedi().StatusGet(apiutil.TransferSignatureContext(c), requestedUsername, requestedStatusID)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
diff --git a/internal/api/activitypub/users/user.go b/internal/api/activitypub/users/user.go
index b31017866..c614435be 100644
--- a/internal/api/activitypub/users/user.go
+++ b/internal/api/activitypub/users/user.go
@@ -50,6 +50,8 @@ const (
FollowersPath = BasePath + "/" + uris.FollowersPath
// FollowingPath is for serving GET request's to a user's following list, with the given username key.
FollowingPath = BasePath + "/" + uris.FollowingPath
+ // FeaturedCollectionPath is for serving GET requests to a user's list of featured (pinned) statuses.
+ FeaturedCollectionPath = BasePath + "/" + uris.CollectionsPath + "/" + uris.FeaturedPath
// StatusPath is for serving GET requests to a particular status by a user, with the given username key and status ID
StatusPath = BasePath + "/" + uris.StatusesPath + "/:" + StatusIDKey
// StatusRepliesPath is for serving the replies collection of a status.
@@ -71,6 +73,7 @@ func (m *Module) Route(attachHandler func(method string, path string, f ...gin.H
attachHandler(http.MethodPost, InboxPath, m.InboxPOSTHandler)
attachHandler(http.MethodGet, FollowersPath, m.FollowersGETHandler)
attachHandler(http.MethodGet, FollowingPath, m.FollowingGETHandler)
+ attachHandler(http.MethodGet, FeaturedCollectionPath, m.FeaturedCollectionGETHandler)
attachHandler(http.MethodGet, StatusPath, m.StatusGETHandler)
attachHandler(http.MethodGet, StatusRepliesPath, m.StatusRepliesGETHandler)
attachHandler(http.MethodGet, OutboxPath, m.OutboxGETHandler)
diff --git a/internal/api/client/statuses/statuspin_test.go b/internal/api/client/statuses/statuspin_test.go
index 69cf34eff..6c0087705 100644
--- a/internal/api/client/statuses/statuspin_test.go
+++ b/internal/api/client/statuses/statuspin_test.go
@@ -129,7 +129,7 @@ func (suite *StatusPinTestSuite) TestPinStatusTwiceError() {
*targetStatus = *suite.testStatuses["local_account_1_status_5"]
targetStatus.PinnedAt = time.Now()
- if err := suite.db.UpdateStatus(context.Background(), targetStatus); err != nil {
+ if err := suite.db.UpdateStatus(context.Background(), targetStatus, "pinned_at"); err != nil {
suite.FailNow(err.Error())
}
diff --git a/internal/db/bundb/admin.go b/internal/db/bundb/admin.go
index a4bc46a73..6b738261e 100644
--- a/internal/db/bundb/admin.go
+++ b/internal/db/bundb/admin.go
@@ -135,7 +135,7 @@ func (a *adminDB) NewSignup(ctx context.Context, username string, reason string,
OutboxURI: accountURIs.OutboxURI,
FollowersURI: accountURIs.FollowersURI,
FollowingURI: accountURIs.FollowingURI,
- FeaturedCollectionURI: accountURIs.CollectionURI,
+ FeaturedCollectionURI: accountURIs.FeaturedCollectionURI,
}
// insert the new account!
@@ -237,7 +237,7 @@ func (a *adminDB) CreateInstanceAccount(ctx context.Context) db.Error {
OutboxURI: newAccountURIs.OutboxURI,
FollowersURI: newAccountURIs.FollowersURI,
FollowingURI: newAccountURIs.FollowingURI,
- FeaturedCollectionURI: newAccountURIs.CollectionURI,
+ FeaturedCollectionURI: newAccountURIs.FeaturedCollectionURI,
}
// insert the new account!
diff --git a/internal/db/bundb/status.go b/internal/db/bundb/status.go
index 2bec07759..8f1df2886 100644
--- a/internal/db/bundb/status.go
+++ b/internal/db/bundb/status.go
@@ -246,7 +246,13 @@ func (s *statusDB) PutStatus(ctx context.Context, status *gtsmodel.Status) db.Er
})
}
-func (s *statusDB) UpdateStatus(ctx context.Context, status *gtsmodel.Status) db.Error {
+func (s *statusDB) UpdateStatus(ctx context.Context, status *gtsmodel.Status, columns ...string) db.Error {
+ status.UpdatedAt = time.Now()
+ if len(columns) > 0 {
+ // If we're updating by column, ensure "updated_at" is included.
+ columns = append(columns, "updated_at")
+ }
+
if err := s.conn.RunInTx(ctx, func(tx bun.Tx) error {
// create links between this status and any emojis it uses
for _, i := range status.EmojiIDs {
@@ -298,6 +304,7 @@ func (s *statusDB) UpdateStatus(ctx context.Context, status *gtsmodel.Status) db
_, err := tx.
NewUpdate().
Model(status).
+ Column(columns...).
Where("? = ?", bun.Ident("status.id"), status.ID).
Exec(ctx)
return err
diff --git a/internal/db/status.go b/internal/db/status.go
index 15d1362f5..94f6ff0ee 100644
--- a/internal/db/status.go
+++ b/internal/db/status.go
@@ -41,8 +41,8 @@ type Status interface {
// PutStatus stores one status in the database.
PutStatus(ctx context.Context, status *gtsmodel.Status) Error
- // UpdateStatus updates one status in the database and returns it to the caller.
- UpdateStatus(ctx context.Context, status *gtsmodel.Status) Error
+ // UpdateStatus updates one status in the database.
+ UpdateStatus(ctx context.Context, status *gtsmodel.Status, columns ...string) Error
// DeleteStatusByID deletes one status from the database.
DeleteStatusByID(ctx context.Context, id string) Error
diff --git a/internal/federation/dereferencing/account.go b/internal/federation/dereferencing/account.go
index 93e0e3549..041f34a2c 100644
--- a/internal/federation/dereferencing/account.go
+++ b/internal/federation/dereferencing/account.go
@@ -281,8 +281,7 @@ func (d *deref) enrichAccount(ctx context.Context, requestUser string, uri *url.
}
// Fetch the latest remote account emoji IDs used in account display name/bio.
- _, err = d.fetchRemoteAccountEmojis(ctx, latestAcc, requestUser)
- if err != nil {
+ if _, err = d.fetchRemoteAccountEmojis(ctx, latestAcc, requestUser); err != nil {
log.Errorf(ctx, "error fetching remote emojis for account %s: %v", uri, err)
}
@@ -312,6 +311,18 @@ func (d *deref) enrichAccount(ctx context.Context, requestUser string, uri *url.
}
}
+ if latestAcc.FeaturedCollectionURI != "" {
+ // Fetch this account's pinned statuses, now that the account is in the database.
+ //
+ // The order is important here: if we tried to fetch the pinned statuses before
+ // storing the account, the process might end up calling enrichAccount again,
+ // causing us to get stuck in a loop. By calling it now, we make sure this doesn't
+ // happen!
+ if err := d.fetchRemoteAccountFeatured(ctx, requestUser, latestAcc.FeaturedCollectionURI, latestAcc.ID); err != nil {
+ log.Errorf(ctx, "error fetching featured collection for account %s: %v", uri, err)
+ }
+ }
+
return latestAcc, nil
}
@@ -569,3 +580,148 @@ func (d *deref) fetchRemoteAccountEmojis(ctx context.Context, targetAccount *gts
return changed, nil
}
+
+// fetchRemoteAccountFeatured dereferences an account's featuredCollectionURI (if not empty).
+// For each discovered status, this status will be dereferenced (if necessary) and marked as
+// pinned (if necessary). Then, old pins will be removed if they're not included in new pins.
+func (d *deref) fetchRemoteAccountFeatured(ctx context.Context, requestingUsername string, featuredCollectionURI string, accountID string) error {
+ uri, err := url.Parse(featuredCollectionURI)
+ if err != nil {
+ return err
+ }
+
+ tsport, err := d.transportController.NewTransportForUsername(ctx, requestingUsername)
+ if err != nil {
+ return err
+ }
+
+ b, err := tsport.Dereference(ctx, uri)
+ if err != nil {
+ return err
+ }
+
+ m := make(map[string]interface{})
+ if err := json.Unmarshal(b, &m); err != nil {
+ return fmt.Errorf("error unmarshalling bytes into json: %w", err)
+ }
+
+ t, err := streams.ToType(ctx, m)
+ if err != nil {
+ return fmt.Errorf("error resolving json into ap vocab type: %w", err)
+ }
+
+ if t.GetTypeName() != ap.ObjectOrderedCollection {
+ return fmt.Errorf("%s was not an OrderedCollection", featuredCollectionURI)
+ }
+
+ collection, ok := t.(vocab.ActivityStreamsOrderedCollection)
+ if !ok {
+ return errors.New("couldn't coerce OrderedCollection")
+ }
+
+ items := collection.GetActivityStreamsOrderedItems()
+ if items == nil {
+ return errors.New("nil orderedItems")
+ }
+
+ // Get previous pinned statuses (we'll need these later).
+ wasPinned, err := d.db.GetAccountPinnedStatuses(ctx, accountID)
+ if err != nil && !errors.Is(err, db.ErrNoEntries) {
+ return fmt.Errorf("error getting account pinned statuses: %w", err)
+ }
+
+ statusURIs := make([]*url.URL, 0, items.Len())
+ for iter := items.Begin(); iter != items.End(); iter = iter.Next() {
+ var statusURI *url.URL
+
+ switch {
+ case iter.IsActivityStreamsNote():
+ // We got a whole Note. Extract the URI.
+ if note := iter.GetActivityStreamsNote(); note != nil {
+ if id := note.GetJSONLDId(); id != nil {
+ statusURI = id.GetIRI()
+ }
+ }
+ case iter.IsActivityStreamsArticle():
+ // We got a whole Article. Extract the URI.
+ if article := iter.GetActivityStreamsArticle(); article != nil {
+ if id := article.GetJSONLDId(); id != nil {
+ statusURI = id.GetIRI()
+ }
+ }
+ default:
+ // Try to get just the URI.
+ statusURI = iter.GetIRI()
+ }
+
+ if statusURI == nil {
+ continue
+ }
+
+ if statusURI.Host != uri.Host {
+ // If this status doesn't share a host with its featured
+ // collection URI, we shouldn't trust it. Just move on.
+ continue
+ }
+
+ // Already append this status URI to our slice.
+ // We do this here so that even if we can't get
+ // the status in the next part for some reason,
+ // we still know it was *meant* to be pinned.
+ statusURIs = append(statusURIs, statusURI)
+
+ status, _, err := d.GetStatus(ctx, requestingUsername, statusURI, false, false)
+ if err != nil {
+ // We couldn't get the status, bummer.
+ // Just log + move on, we can try later.
+ log.Errorf(ctx, "error getting status from featured collection %s: %s", featuredCollectionURI, err)
+ continue
+ }
+
+ // If the status was already pinned, we don't need to do anything.
+ if !status.PinnedAt.IsZero() {
+ continue
+ }
+
+ if status.AccountID != accountID {
+ // Someone's pinned a status that doesn't
+ // belong to them, this doesn't work for us.
+ continue
+ }
+
+ if status.BoostOfID != "" {
+ // Someone's pinned a boost. This also
+ // doesn't work for us.
+ continue
+ }
+
+ // All conditions are met for this status to
+ // be pinned, so we can finally update it.
+ status.PinnedAt = time.Now()
+ if err := d.db.UpdateStatus(ctx, status, "pinned_at"); err != nil {
+ log.Errorf(ctx, "error updating status in featured collection %s: %s", featuredCollectionURI, err)
+ }
+ }
+
+ // Now that we know which statuses are pinned, we should
+ // *unpin* previous pinned statuses that aren't included.
+outerLoop:
+ for _, status := range wasPinned {
+ for _, statusURI := range statusURIs {
+ if status.URI == statusURI.String() {
+ // This status is included in most recent
+ // pinned uris. No need to keep checking.
+ continue outerLoop
+ }
+ }
+
+ // Status was pinned before, but is not included
+ // in most recent pinned uris, so unpin it now.
+ status.PinnedAt = time.Time{}
+ if err := d.db.UpdateStatus(ctx, status, "pinned_at"); err != nil {
+ return fmt.Errorf("error unpinning status: %w", err)
+ }
+ }
+
+ return nil
+}
diff --git a/internal/federation/dereferencing/status.go b/internal/federation/dereferencing/status.go
index 56545c5e0..9242f8db2 100644
--- a/internal/federation/dereferencing/status.go
+++ b/internal/federation/dereferencing/status.go
@@ -35,6 +35,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/id"
"github.com/superseriousbusiness/gotosocial/internal/log"
"github.com/superseriousbusiness/gotosocial/internal/media"
+ "github.com/superseriousbusiness/gotosocial/internal/transport"
)
// EnrichRemoteStatus takes a remote status that's already been inserted into the database in a minimal form,
@@ -105,7 +106,12 @@ func (d *deref) GetStatus(ctx context.Context, username string, statusURI *url.U
// if we got here, either we didn't have the status
// in the db, or we had it but need to refetch it
- statusable, derefErr := d.dereferenceStatusable(ctx, username, statusURI)
+ tsport, err := d.transportController.NewTransportForUsername(ctx, username)
+ if err != nil {
+ return nil, nil, newErrTransportError(fmt.Errorf("GetRemoteStatus: error creating transport for %s: %w", username, err))
+ }
+
+ statusable, derefErr := d.dereferenceStatusable(ctx, tsport, statusURI)
if derefErr != nil {
return nil, nil, wrapDerefError(derefErr, "GetRemoteStatus: error dereferencing statusable")
}
@@ -149,17 +155,12 @@ func (d *deref) GetStatus(ctx context.Context, username string, statusURI *url.U
return status, statusable, nil
}
-func (d *deref) dereferenceStatusable(ctx context.Context, username string, remoteStatusID *url.URL) (ap.Statusable, error) {
+func (d *deref) dereferenceStatusable(ctx context.Context, tsport transport.Transport, remoteStatusID *url.URL) (ap.Statusable, error) {
if blocked, err := d.db.IsDomainBlocked(ctx, remoteStatusID.Host); blocked || err != nil {
return nil, fmt.Errorf("DereferenceStatusable: domain %s is blocked", remoteStatusID.Host)
}
- transport, err := d.transportController.NewTransportForUsername(ctx, username)
- if err != nil {
- return nil, fmt.Errorf("DereferenceStatusable: transport err: %s", err)
- }
-
- b, err := transport.Dereference(ctx, remoteStatusID)
+ b, err := tsport.Dereference(ctx, remoteStatusID)
if err != nil {
return nil, fmt.Errorf("DereferenceStatusable: error deferencing %s: %s", remoteStatusID.String(), err)
}
diff --git a/internal/processing/fedi/collections.go b/internal/processing/fedi/collections.go
index 33d1b64e9..78a65bebe 100644
--- a/internal/processing/fedi/collections.go
+++ b/internal/processing/fedi/collections.go
@@ -20,6 +20,7 @@ package fedi
import (
"context"
+ "errors"
"fmt"
"net/http"
"net/url"
@@ -27,38 +28,85 @@ import (
"github.com/superseriousbusiness/activity/streams"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
- "github.com/superseriousbusiness/gotosocial/internal/transport"
)
-// FollowersGet handles the getting of a fedi/activitypub representation of a user/account's followers, performing appropriate
-// authentication before returning a JSON serializable interface to the caller.
-func (p *Processor) FollowersGet(ctx context.Context, requestedUsername string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
- // get the account the request is referring to
- requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
- }
+// InboxPost handles POST requests to a user's inbox for new activitypub messages.
+//
+// InboxPost returns true if the request was handled as an ActivityPub POST to an actor's inbox.
+// If false, the request was not an ActivityPub request and may still be handled by the caller in another way, such as serving a web page.
+//
+// If the error is nil, then the ResponseWriter's headers and response has already been written. If a non-nil error is returned, then no response has been written.
+//
+// If the Actor was constructed with the Federated Protocol enabled, side effects will occur.
+//
+// If the Federated Protocol is not enabled, writes the http.StatusMethodNotAllowed status code in the response. No side effects occur.
+func (p *Processor) InboxPost(ctx context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
+ return p.federator.FederatingActor().PostInbox(ctx, w, r)
+}
- // authenticate the request
- requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+// OutboxGet returns the activitypub representation of a local user's outbox.
+// This contains links to PUBLIC posts made by this user.
+func (p *Processor) OutboxGet(ctx context.Context, requestedUsername string, page bool, maxID string, minID string) (interface{}, gtserror.WithCode) {
+ requestedAccount, _, errWithCode := p.authenticate(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
- requestingAccount, err := p.federator.GetAccountByURI(
- transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false,
- )
- if err != nil {
- return nil, gtserror.NewErrorUnauthorized(err)
+ var data map[string]interface{}
+ // There are two scenarios:
+ // 1. we're asked for the whole collection and not a page -- we can just return the collection, with no items, but a link to 'first' page.
+ // 2. we're asked for a specific page; this can be either the first page or any other page
+
+ if !page {
+ /*
+ scenario 1: return the collection with no items
+ we want something that looks like this:
+ {
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": "https://example.org/users/whatever/outbox",
+ "type": "OrderedCollection",
+ "first": "https://example.org/users/whatever/outbox?page=true",
+ "last": "https://example.org/users/whatever/outbox?min_id=0&page=true"
+ }
+ */
+ collection, err := p.tc.OutboxToASCollection(ctx, requestedAccount.OutboxURI)
+ if err != nil {
+ return nil, gtserror.NewErrorInternalError(err)
+ }
+
+ data, err = streams.Serialize(collection)
+ if err != nil {
+ return nil, gtserror.NewErrorInternalError(err)
+ }
+
+ return data, nil
}
- blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
+ // scenario 2 -- get the requested page
+ // limit pages to 30 entries per page
+ publicStatuses, err := p.db.GetAccountStatuses(ctx, requestedAccount.ID, 30, true, true, maxID, minID, false, true)
+ if err != nil && err != db.ErrNoEntries {
+ return nil, gtserror.NewErrorInternalError(err)
+ }
+
+ outboxPage, err := p.tc.StatusesToASOutboxPage(ctx, requestedAccount.OutboxURI, maxID, minID, publicStatuses)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
+ data, err = streams.Serialize(outboxPage)
+ if err != nil {
+ return nil, gtserror.NewErrorInternalError(err)
+ }
+
+ return data, nil
+}
- if blocked {
- return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
+// FollowersGet handles the getting of a fedi/activitypub representation of a user/account's followers, performing appropriate
+// authentication before returning a JSON serializable interface to the caller.
+func (p *Processor) FollowersGet(ctx context.Context, requestedUsername string) (interface{}, gtserror.WithCode) {
+ requestedAccount, _, errWithCode := p.authenticate(ctx, requestedUsername)
+ if errWithCode != nil {
+ return nil, errWithCode
}
requestedAccountURI, err := url.Parse(requestedAccount.URI)
@@ -81,35 +129,12 @@ func (p *Processor) FollowersGet(ctx context.Context, requestedUsername string,
// FollowingGet handles the getting of a fedi/activitypub representation of a user/account's following, performing appropriate
// authentication before returning a JSON serializable interface to the caller.
-func (p *Processor) FollowingGet(ctx context.Context, requestedUsername string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
- // get the account the request is referring to
- requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
- }
-
- // authenticate the request
- requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+func (p *Processor) FollowingGet(ctx context.Context, requestedUsername string) (interface{}, gtserror.WithCode) {
+ requestedAccount, _, errWithCode := p.authenticate(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
- requestingAccount, err := p.federator.GetAccountByURI(
- transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false,
- )
- if err != nil {
- return nil, gtserror.NewErrorUnauthorized(err)
- }
-
- blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
- if err != nil {
- return nil, gtserror.NewErrorInternalError(err)
- }
-
- if blocked {
- return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
- }
-
requestedAccountURI, err := url.Parse(requestedAccount.URI)
if err != nil {
return nil, gtserror.NewErrorInternalError(fmt.Errorf("error parsing url %s: %s", requestedAccount.URI, err))
@@ -128,97 +153,30 @@ func (p *Processor) FollowingGet(ctx context.Context, requestedUsername string,
return data, nil
}
-// OutboxGet returns the activitypub representation of a local user's outbox.
-// This contains links to PUBLIC posts made by this user.
-func (p *Processor) OutboxGet(ctx context.Context, requestedUsername string, page bool, maxID string, minID string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
- // get the account the request is referring to
- requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
- }
-
- // authenticate the request
- requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+// FeaturedCollectionGet returns an ordered collection of the requested username's Pinned posts.
+// The returned collection have an `items` property which contains an ordered list of status URIs.
+func (p *Processor) FeaturedCollectionGet(ctx context.Context, requestedUsername string) (interface{}, gtserror.WithCode) {
+ requestedAccount, _, errWithCode := p.authenticate(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
- requestingAccount, err := p.federator.GetAccountByURI(
- transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false,
- )
+ statuses, err := p.db.GetAccountPinnedStatuses(ctx, requestedAccount.ID)
if err != nil {
- return nil, gtserror.NewErrorUnauthorized(err)
- }
-
- // authorize the request:
- // 1. check if a block exists between the requester and the requestee
- blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
- if err != nil {
- return nil, gtserror.NewErrorInternalError(err)
- }
- if blocked {
- return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
- }
-
- var data map[string]interface{}
- // now there are two scenarios:
- // 1. we're asked for the whole collection and not a page -- we can just return the collection, with no items, but a link to 'first' page.
- // 2. we're asked for a specific page; this can be either the first page or any other page
-
- if !page {
- /*
- scenario 1: return the collection with no items
- we want something that looks like this:
- {
- "@context": "https://www.w3.org/ns/activitystreams",
- "id": "https://example.org/users/whatever/outbox",
- "type": "OrderedCollection",
- "first": "https://example.org/users/whatever/outbox?page=true",
- "last": "https://example.org/users/whatever/outbox?min_id=0&page=true"
- }
- */
- collection, err := p.tc.OutboxToASCollection(ctx, requestedAccount.OutboxURI)
- if err != nil {
+ if !errors.Is(err, db.ErrNoEntries) {
return nil, gtserror.NewErrorInternalError(err)
}
-
- data, err = streams.Serialize(collection)
- if err != nil {
- return nil, gtserror.NewErrorInternalError(err)
- }
-
- return data, nil
- }
-
- // scenario 2 -- get the requested page
- // limit pages to 30 entries per page
- publicStatuses, err := p.db.GetAccountStatuses(ctx, requestedAccount.ID, 30, true, true, maxID, minID, false, true)
- if err != nil && err != db.ErrNoEntries {
- return nil, gtserror.NewErrorInternalError(err)
}
- outboxPage, err := p.tc.StatusesToASOutboxPage(ctx, requestedAccount.OutboxURI, maxID, minID, publicStatuses)
+ collection, err := p.tc.StatusesToASFeaturedCollection(ctx, requestedAccount.FeaturedCollectionURI, statuses)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
- data, err = streams.Serialize(outboxPage)
+
+ data, err := streams.Serialize(collection)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
return data, nil
}
-
-// InboxPost handles POST requests to a user's inbox for new activitypub messages.
-//
-// InboxPost returns true if the request was handled as an ActivityPub POST to an actor's inbox.
-// If false, the request was not an ActivityPub request and may still be handled by the caller in another way, such as serving a web page.
-//
-// If the error is nil, then the ResponseWriter's headers and response has already been written. If a non-nil error is returned, then no response has been written.
-//
-// If the Actor was constructed with the Federated Protocol enabled, side effects will occur.
-//
-// If the Federated Protocol is not enabled, writes the http.StatusMethodNotAllowed status code in the response. No side effects occur.
-func (p *Processor) InboxPost(ctx context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
- return p.federator.FederatingActor().PostInbox(ctx, w, r)
-}
diff --git a/internal/processing/fedi/common.go b/internal/processing/fedi/common.go
new file mode 100644
index 000000000..37c604ded
--- /dev/null
+++ b/internal/processing/fedi/common.go
@@ -0,0 +1,60 @@
+/*
+ GoToSocial
+ Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package fedi
+
+import (
+ "context"
+ "fmt"
+ "net/url"
+
+ "github.com/superseriousbusiness/gotosocial/internal/gtserror"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "github.com/superseriousbusiness/gotosocial/internal/transport"
+)
+
+func (p *Processor) authenticate(ctx context.Context, requestedUsername string) (requestedAccount, requestingAccount *gtsmodel.Account, errWithCode gtserror.WithCode) {
+ requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
+ if err != nil {
+ errWithCode = gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
+ return
+ }
+
+ var requestingAccountURI *url.URL
+ requestingAccountURI, errWithCode = p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+ if errWithCode != nil {
+ return
+ }
+
+ if requestingAccount, err = p.federator.GetAccountByURI(transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false); err != nil {
+ errWithCode = gtserror.NewErrorUnauthorized(err)
+ return
+ }
+
+ blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
+ if err != nil {
+ errWithCode = gtserror.NewErrorInternalError(err)
+ return
+ }
+
+ if blocked {
+ errWithCode = gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
+ }
+
+ return
+}
diff --git a/internal/processing/fedi/emoji.go b/internal/processing/fedi/emoji.go
index a2eb2688f..0b1dd3440 100644
--- a/internal/processing/fedi/emoji.go
+++ b/internal/processing/fedi/emoji.go
@@ -21,14 +21,13 @@ package fedi
import (
"context"
"fmt"
- "net/url"
"github.com/superseriousbusiness/activity/streams"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// EmojiGet handles the GET for a federated emoji originating from this instance.
-func (p *Processor) EmojiGet(ctx context.Context, requestedEmojiID string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
+func (p *Processor) EmojiGet(ctx context.Context, requestedEmojiID string) (interface{}, gtserror.WithCode) {
if _, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, ""); errWithCode != nil {
return nil, errWithCode
}
diff --git a/internal/processing/fedi/status.go b/internal/processing/fedi/status.go
index 0e4c99b60..fbadcb290 100644
--- a/internal/processing/fedi/status.go
+++ b/internal/processing/fedi/status.go
@@ -24,65 +24,36 @@ import (
"net/url"
"github.com/superseriousbusiness/activity/streams"
- "github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
- "github.com/superseriousbusiness/gotosocial/internal/transport"
)
// StatusGet handles the getting of a fedi/activitypub representation of a particular status, performing appropriate
// authentication before returning a JSON serializable interface to the caller.
-func (p *Processor) StatusGet(ctx context.Context, requestedUsername string, requestedStatusID string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
- // get the account the request is referring to
- requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
- }
-
- // authenticate the request
- requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+func (p *Processor) StatusGet(ctx context.Context, requestedUsername string, requestedStatusID string) (interface{}, gtserror.WithCode) {
+ requestedAccount, requestingAccount, errWithCode := p.authenticate(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
- requestingAccount, err := p.federator.GetAccountByURI(
- transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false,
- )
+ status, err := p.db.GetStatusByID(ctx, requestedStatusID)
if err != nil {
- return nil, gtserror.NewErrorUnauthorized(err)
+ return nil, gtserror.NewErrorNotFound(err)
}
- // authorize the request:
- // 1. check if a block exists between the requester and the requestee
- blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
- if err != nil {
- return nil, gtserror.NewErrorInternalError(err)
+ if status.AccountID != requestedAccount.ID {
+ return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s does not belong to account with id %s", status.ID, requestedAccount.ID))
}
- if blocked {
- return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
- }
-
- // get the status out of the database here
- s, err := p.db.GetStatusByID(ctx, requestedStatusID)
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting status with id %s and account id %s: %s", requestedStatusID, requestedAccount.ID, err))
- }
-
- if s.AccountID != requestedAccount.ID {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s does not belong to account with id %s", s.ID, requestedAccount.ID))
- }
-
- visible, err := p.filter.StatusVisible(ctx, s, requestingAccount)
+ visible, err := p.filter.StatusVisible(ctx, status, requestingAccount)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
if !visible {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s not visible to user with id %s", s.ID, requestingAccount.ID))
+ return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s not visible to user with id %s", status.ID, requestingAccount.ID))
}
- // requester is authorized to view the status, so convert it to AP representation and serialize it
- asStatus, err := p.tc.StatusToAS(ctx, s)
+ asStatus, err := p.tc.StatusToAS(ctx, status)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
@@ -97,52 +68,27 @@ func (p *Processor) StatusGet(ctx context.Context, requestedUsername string, req
// GetStatus handles the getting of a fedi/activitypub representation of replies to a status, performing appropriate
// authentication before returning a JSON serializable interface to the caller.
-func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername string, requestedStatusID string, page bool, onlyOtherAccounts bool, minID string, requestURL *url.URL) (interface{}, gtserror.WithCode) {
- // get the account the request is referring to
- requestedAccount, err := p.db.GetAccountByUsernameDomain(ctx, requestedUsername, "")
- if err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err))
- }
-
- // authenticate the request
- requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername string, requestedStatusID string, page bool, onlyOtherAccounts bool, onlyOtherAccountsSet bool, minID string) (interface{}, gtserror.WithCode) {
+ requestedAccount, requestingAccount, errWithCode := p.authenticate(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
- requestingAccount, err := p.federator.GetAccountByURI(
- transport.WithFastfail(ctx), requestedUsername, requestingAccountURI, false,
- )
- if err != nil {
- return nil, gtserror.NewErrorUnauthorized(err)
- }
-
- // authorize the request:
- // 1. check if a block exists between the requester and the requestee
- blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true)
+ status, err := p.db.GetStatusByID(ctx, requestedStatusID)
if err != nil {
- return nil, gtserror.NewErrorInternalError(err)
- }
-
- if blocked {
- return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID))
+ return nil, gtserror.NewErrorNotFound(err)
}
- // get the status out of the database here
- s := &gtsmodel.Status{}
- if err := p.db.GetWhere(ctx, []db.Where{
- {Key: "id", Value: requestedStatusID},
- {Key: "account_id", Value: requestedAccount.ID},
- }, s); err != nil {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting status with id %s and account id %s: %s", requestedStatusID, requestedAccount.ID, err))
+ if status.AccountID != requestedAccount.ID {
+ return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s does not belong to account with id %s", status.ID, requestedAccount.ID))
}
- visible, err := p.filter.StatusVisible(ctx, s, requestingAccount)
+ visible, err := p.filter.StatusVisible(ctx, status, requestingAccount)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
if !visible {
- return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s not visible to user with id %s", s.ID, requestingAccount.ID))
+ return nil, gtserror.NewErrorNotFound(fmt.Errorf("status with id %s not visible to user with id %s", status.ID, requestingAccount.ID))
}
var data map[string]interface{}
@@ -155,7 +101,7 @@ func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername stri
case !page:
// scenario 1
// get the collection
- collection, err := p.tc.StatusToASRepliesCollection(ctx, s, onlyOtherAccounts)
+ collection, err := p.tc.StatusToASRepliesCollection(ctx, status, onlyOtherAccounts)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
@@ -164,10 +110,10 @@ func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername stri
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
- case page && requestURL.Query().Get("only_other_accounts") == "":
+ case page && !onlyOtherAccountsSet:
// scenario 2
// get the collection
- collection, err := p.tc.StatusToASRepliesCollection(ctx, s, onlyOtherAccounts)
+ collection, err := p.tc.StatusToASRepliesCollection(ctx, status, onlyOtherAccounts)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
@@ -179,7 +125,7 @@ func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername stri
default:
// scenario 3
// get immediate children
- replies, err := p.db.GetStatusChildren(ctx, s, true, minID)
+ replies, err := p.db.GetStatusChildren(ctx, status, true, minID)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
@@ -217,7 +163,7 @@ func (p *Processor) StatusRepliesGet(ctx context.Context, requestedUsername stri
replyURIs[r.ID] = rURI
}
- repliesPage, err := p.tc.StatusURIsToASRepliesPage(ctx, s, onlyOtherAccounts, minID, replyURIs)
+ repliesPage, err := p.tc.StatusURIsToASRepliesPage(ctx, status, onlyOtherAccounts, minID, replyURIs)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
diff --git a/internal/processing/status/pin.go b/internal/processing/status/pin.go
index addd2515b..3e50b0c73 100644
--- a/internal/processing/status/pin.go
+++ b/internal/processing/status/pin.go
@@ -95,7 +95,7 @@ func (p *Processor) PinCreate(ctx context.Context, requestingAccount *gtsmodel.A
}
targetStatus.PinnedAt = time.Now()
- if err := p.db.UpdateStatus(ctx, targetStatus); err != nil {
+ if err := p.db.UpdateStatus(ctx, targetStatus, "pinned_at"); err != nil {
return nil, gtserror.NewErrorInternalError(fmt.Errorf("db error pinning status: %w", err))
}
@@ -126,7 +126,7 @@ func (p *Processor) PinRemove(ctx context.Context, requestingAccount *gtsmodel.A
if targetStatus.PinnedAt.IsZero() {
targetStatus.PinnedAt = time.Time{}
- if err := p.db.UpdateStatus(ctx, targetStatus); err != nil {
+ if err := p.db.UpdateStatus(ctx, targetStatus, "pinned_at"); err != nil {
return nil, gtserror.NewErrorInternalError(fmt.Errorf("db error unpinning status: %w", err))
}
}
diff --git a/internal/typeutils/astointernal.go b/internal/typeutils/astointernal.go
index 11633ad4e..4e1b59613 100644
--- a/internal/typeutils/astointernal.go
+++ b/internal/typeutils/astointernal.go
@@ -181,9 +181,14 @@ func (c *converter) ASRepresentationToAccount(ctx context.Context, accountable a
acct.FollowersURI = accountable.GetActivityStreamsFollowers().GetIRI().String()
}
- // FeaturedURI
- if accountable.GetTootFeatured() != nil && accountable.GetTootFeatured().GetIRI() != nil {
- acct.FeaturedCollectionURI = accountable.GetTootFeatured().GetIRI().String()
+ // FeaturedURI aka pinned collection:
+ // Only trust featured URI if it has at least two domains,
+ // from the right, in common with the domain of the account
+ if featured := accountable.GetTootFeatured(); featured != nil && featured.IsIRI() {
+ if featuredURI := featured.GetIRI(); // nocollapse
+ featuredURI != nil && dns.CompareDomainName(acct.Domain, featuredURI.Host) >= 2 {
+ acct.FeaturedCollectionURI = featuredURI.String()
+ }
}
// TODO: FeaturedTagsURI
diff --git a/internal/typeutils/converter.go b/internal/typeutils/converter.go
index c63bd8d8c..ec0c1bb8c 100644
--- a/internal/typeutils/converter.go
+++ b/internal/typeutils/converter.go
@@ -178,6 +178,9 @@ type TypeConverter interface {
//
// Appropriate 'next' and 'prev' fields will be created based on the highest and lowest IDs present in the statuses slice.
StatusesToASOutboxPage(ctx context.Context, outboxID string, maxID string, minID string, statuses []*gtsmodel.Status) (vocab.ActivityStreamsOrderedCollectionPage, error)
+ // StatusesToASFeaturedCollection converts a slice of statuses into an ordered collection
+ // of URIs, suitable for serializing and serving via the activitypub API.
+ StatusesToASFeaturedCollection(ctx context.Context, featuredCollectionID string, statuses []*gtsmodel.Status) (vocab.ActivityStreamsOrderedCollection, error)
// ReportToASFlag converts a gts model report into an activitystreams FLAG, suitable for federation.
ReportToASFlag(ctx context.Context, r *gtsmodel.Report) (vocab.ActivityStreamsFlag, error)
diff --git a/internal/typeutils/internaltoas.go b/internal/typeutils/internaltoas.go
index 06b49c18f..bbcf6c84b 100644
--- a/internal/typeutils/internaltoas.go
+++ b/internal/typeutils/internaltoas.go
@@ -1296,6 +1296,34 @@ func (c *converter) OutboxToASCollection(ctx context.Context, outboxID string) (
return collection, nil
}
+func (c *converter) StatusesToASFeaturedCollection(ctx context.Context, featuredCollectionID string, statuses []*gtsmodel.Status) (vocab.ActivityStreamsOrderedCollection, error) {
+ collection := streams.NewActivityStreamsOrderedCollection()
+
+ collectionIDProp := streams.NewJSONLDIdProperty()
+ featuredCollectionIDURI, err := url.Parse(featuredCollectionID)
+ if err != nil {
+ return nil, fmt.Errorf("error parsing url %s", featuredCollectionID)
+ }
+ collectionIDProp.SetIRI(featuredCollectionIDURI)
+ collection.SetJSONLDId(collectionIDProp)
+
+ itemsProp := streams.NewActivityStreamsOrderedItemsProperty()
+ for _, s := range statuses {
+ uri, err := url.Parse(s.URI)
+ if err != nil {
+ return nil, fmt.Errorf("error parsing url %s", s.URI)
+ }
+ itemsProp.AppendIRI(uri)
+ }
+ collection.SetActivityStreamsOrderedItems(itemsProp)
+
+ totalItemsProp := streams.NewActivityStreamsTotalItemsProperty()
+ totalItemsProp.Set(len(statuses))
+ collection.SetActivityStreamsTotalItems(totalItemsProp)
+
+ return collection, nil
+}
+
func (c *converter) ReportToASFlag(ctx context.Context, r *gtsmodel.Report) (vocab.ActivityStreamsFlag, error) {
flag := streams.NewActivityStreamsFlag()
diff --git a/internal/typeutils/internaltoas_test.go b/internal/typeutils/internaltoas_test.go
index 2ea393db3..887d78884 100644
--- a/internal/typeutils/internaltoas_test.go
+++ b/internal/typeutils/internaltoas_test.go
@@ -21,11 +21,13 @@ package typeutils_test
import (
"context"
"encoding/json"
+ "errors"
"strings"
"testing"
"github.com/stretchr/testify/suite"
"github.com/superseriousbusiness/activity/streams"
+ "github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/testrig"
)
@@ -544,6 +546,96 @@ func (suite *InternalToASTestSuite) TestReportToAS() {
}`, string(bytes))
}
+func (suite *InternalToASTestSuite) TestPinnedStatusesToASSomeItems() {
+ ctx := context.Background()
+
+ testAccount := suite.testAccounts["admin_account"]
+ statuses, err := suite.db.GetAccountPinnedStatuses(ctx, testAccount.ID)
+ if err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ collection, err := suite.typeconverter.StatusesToASFeaturedCollection(ctx, testAccount.FeaturedCollectionURI, statuses)
+ if err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ ser, err := streams.Serialize(collection)
+ suite.NoError(err)
+
+ bytes, err := json.MarshalIndent(ser, "", " ")
+ suite.NoError(err)
+
+ suite.Equal(`{
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": "http://localhost:8080/users/admin/collections/featured",
+ "orderedItems": [
+ "http://localhost:8080/users/admin/statuses/01F8MHAAY43M6RJ473VQFCVH37",
+ "http://localhost:8080/users/admin/statuses/01F8MH75CBF9JFX4ZAD54N0W0R"
+ ],
+ "totalItems": 2,
+ "type": "OrderedCollection"
+}`, string(bytes))
+}
+
+func (suite *InternalToASTestSuite) TestPinnedStatusesToASNoItems() {
+ ctx := context.Background()
+
+ testAccount := suite.testAccounts["local_account_1"]
+ statuses, err := suite.db.GetAccountPinnedStatuses(ctx, testAccount.ID)
+ if err != nil && !errors.Is(err, db.ErrNoEntries) {
+ suite.FailNow(err.Error())
+ }
+
+ collection, err := suite.typeconverter.StatusesToASFeaturedCollection(ctx, testAccount.FeaturedCollectionURI, statuses)
+ if err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ ser, err := streams.Serialize(collection)
+ suite.NoError(err)
+
+ bytes, err := json.MarshalIndent(ser, "", " ")
+ suite.NoError(err)
+
+ suite.Equal(`{
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": "http://localhost:8080/users/the_mighty_zork/collections/featured",
+ "orderedItems": [],
+ "totalItems": 0,
+ "type": "OrderedCollection"
+}`, string(bytes))
+}
+
+func (suite *InternalToASTestSuite) TestPinnedStatusesToASOneItem() {
+ ctx := context.Background()
+
+ testAccount := suite.testAccounts["local_account_2"]
+ statuses, err := suite.db.GetAccountPinnedStatuses(ctx, testAccount.ID)
+ if err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ collection, err := suite.typeconverter.StatusesToASFeaturedCollection(ctx, testAccount.FeaturedCollectionURI, statuses)
+ if err != nil {
+ suite.FailNow(err.Error())
+ }
+
+ ser, err := streams.Serialize(collection)
+ suite.NoError(err)
+
+ bytes, err := json.MarshalIndent(ser, "", " ")
+ suite.NoError(err)
+
+ suite.Equal(`{
+ "@context": "https://www.w3.org/ns/activitystreams",
+ "id": "http://localhost:8080/users/1happyturtle/collections/featured",
+ "orderedItems": "http://localhost:8080/users/1happyturtle/statuses/01G20ZM733MGN8J344T4ZDDFY1",
+ "totalItems": 1,
+ "type": "OrderedCollection"
+}`, string(bytes))
+}
+
func TestInternalToASTestSuite(t *testing.T) {
suite.Run(t, new(InternalToASTestSuite))
}
diff --git a/internal/uris/uri.go b/internal/uris/uri.go
index f6e06ca25..8d0189cad 100644
--- a/internal/uris/uri.go
+++ b/internal/uris/uri.go
@@ -70,7 +70,7 @@ type UserURIs struct {
// The activitypub URI for this user's liked posts eg., https://example.org/users/example_user/liked
LikedURI string
// The activitypub URI for this user's featured collections, eg., https://example.org/users/example_user/collections/featured
- CollectionURI string
+ FeaturedCollectionURI string
// The URI for this user's public key, eg., https://example.org/users/example_user/publickey
PublicKeyURI string
}
@@ -152,15 +152,15 @@ func GenerateURIsForAccount(username string) *UserURIs {
UserURL: userURL,
StatusesURL: statusesURL,
- UserURI: userURI,
- StatusesURI: statusesURI,
- InboxURI: inboxURI,
- OutboxURI: outboxURI,
- FollowersURI: followersURI,
- FollowingURI: followingURI,
- LikedURI: likedURI,
- CollectionURI: collectionURI,
- PublicKeyURI: publicKeyURI,
+ UserURI: userURI,
+ StatusesURI: statusesURI,
+ InboxURI: inboxURI,
+ OutboxURI: outboxURI,
+ FollowersURI: followersURI,
+ FollowingURI: followingURI,
+ LikedURI: likedURI,
+ FeaturedCollectionURI: collectionURI,
+ PublicKeyURI: publicKeyURI,
}
}
diff --git a/internal/web/thread.go b/internal/web/thread.go
index e657aa91b..bd2f11dcb 100644
--- a/internal/web/thread.go
+++ b/internal/web/thread.go
@@ -132,7 +132,7 @@ func (m *Module) returnAPStatus(ctx context.Context, c *gin.Context, username st
ctx = context.WithValue(ctx, ap.ContextRequestingPublicKeySignature, signature)
}
- status, errWithCode := m.processor.Fedi().StatusGet(ctx, username, statusID, c.Request.URL)
+ status, errWithCode := m.processor.Fedi().StatusGet(ctx, username, statusID)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1) //nolint:contextcheck
return