summaryrefslogtreecommitdiff
path: root/internal/federation/federatingdb/announce.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/federation/federatingdb/announce.go')
-rw-r--r--internal/federation/federatingdb/announce.go18
1 files changed, 17 insertions, 1 deletions
diff --git a/internal/federation/federatingdb/announce.go b/internal/federation/federatingdb/announce.go
index 5a5b80bc1..b1bd51659 100644
--- a/internal/federation/federatingdb/announce.go
+++ b/internal/federation/federatingdb/announce.go
@@ -19,6 +19,8 @@ package federatingdb
import (
"context"
+ "net/url"
+ "slices"
"codeberg.org/gruf/go-logger/v2/level"
"github.com/superseriousbusiness/activity/streams/vocab"
@@ -39,11 +41,25 @@ func (f *federatingDB) Announce(ctx context.Context, announce vocab.ActivityStre
l.Debug("entering Announce")
}
- receivingAccount, _, internal := extractFromCtx(ctx)
+ receivingAccount, requestingAccount, internal := extractFromCtx(ctx)
if internal {
return nil // Already processed.
}
+ // Ensure requestingAccount is among
+ // the Actors doing the Announce.
+ //
+ // We don't support Announce forwards.
+ actorIRIs := ap.GetActorIRIs(announce)
+ if !slices.ContainsFunc(actorIRIs, func(actorIRI *url.URL) bool {
+ return actorIRI.String() == requestingAccount.URI
+ }) {
+ return gtserror.Newf(
+ "requestingAccount %s was not among Announce Actors",
+ requestingAccount.URI,
+ )
+ }
+
boost, isNew, err := f.converter.ASAnnounceToStatus(ctx, announce)
if err != nil {
return gtserror.Newf("error converting announce to boost: %w", err)
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 05:38:36 +0000