summaryrefslogtreecommitdiff
path: root/internal/processing/federation
diff options
context:
space:
mode:
Diffstat (limited to 'internal/processing/federation')
-rw-r--r--internal/processing/federation/getoutbox.go2
-rw-r--r--internal/processing/federation/getuser.go15
2 files changed, 9 insertions, 8 deletions
diff --git a/internal/processing/federation/getoutbox.go b/internal/processing/federation/getoutbox.go
index 944c0b571..2c7511e45 100644
--- a/internal/processing/federation/getoutbox.go
+++ b/internal/processing/federation/getoutbox.go
@@ -89,7 +89,7 @@ func (p *processor) GetOutbox(ctx context.Context, requestedUsername string, pag
// scenario 2 -- get the requested page
// limit pages to 30 entries per page
- publicStatuses, err := p.db.GetAccountStatuses(ctx, requestedAccount.ID, 30, true, maxID, minID, false, false, true)
+ publicStatuses, err := p.db.GetAccountStatuses(ctx, requestedAccount.ID, 30, true, true, maxID, minID, false, false, true)
if err != nil && err != db.ErrNoEntries {
return nil, gtserror.NewErrorInternalError(err)
}
diff --git a/internal/processing/federation/getuser.go b/internal/processing/federation/getuser.go
index 6d5b8463f..b201bea4b 100644
--- a/internal/processing/federation/getuser.go
+++ b/internal/processing/federation/getuser.go
@@ -38,17 +38,20 @@ func (p *processor) GetUser(ctx context.Context, requestedUsername string, reque
}
var requestedPerson vocab.ActivityStreamsPerson
- switch {
- case uris.IsPublicKeyPath(requestURL):
+ if uris.IsPublicKeyPath(requestURL) {
// if it's a public key path, we don't need to authenticate but we'll only serve the bare minimum user profile needed for the public key
requestedPerson, err = p.tc.AccountToASMinimal(ctx, requestedAccount)
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
- case uris.IsUserPath(requestURL):
- // if it's a user path, we want to fully authenticate the request before we serve any data, and then we can serve a more complete profile
+ } else {
+ // if it's any other path, we want to fully authenticate the request before we serve any data, and then we can serve a more complete profile
requestingAccountURI, authenticated, err := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
- if err != nil || !authenticated {
+ if err != nil {
+ return nil, gtserror.NewErrorNotAuthorized(err, "not authorized")
+ }
+
+ if !authenticated {
return nil, gtserror.NewErrorNotAuthorized(errors.New("not authorized"), "not authorized")
}
@@ -73,8 +76,6 @@ func (p *processor) GetUser(ctx context.Context, requestedUsername string, reque
if err != nil {
return nil, gtserror.NewErrorInternalError(err)
}
- default:
- return nil, gtserror.NewErrorBadRequest(fmt.Errorf("path was not public key path or user path"))
}
data, err := streams.Serialize(requestedPerson)
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 06:09:00 +0000