From 37d310f981f3e26bc643aeabac134b591c84455a Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Tue, 29 Mar 2022 11:54:56 +0200
Subject: [feature] Dereference remote mentions when the account is not already
 known (#442)

* remove mention util function from db

* add ParseMentionFunc to gtsmodel

* add parseMentionFunc to processor

* refactor search to simplify it a bit

* add parseMentionFunc to account

* add parseMentionFunc to status

* some renaming for clarity

* test dereference of unknown mentioned account
---
 internal/api/client/status/status_test.go       |  98 ++++++++++++++++-
 internal/api/client/status/statuscreate_test.go | 134 ++++++++++++++++--------
 2 files changed, 185 insertions(+), 47 deletions(-)

(limited to 'internal/api')

diff --git a/internal/api/client/status/status_test.go b/internal/api/client/status/status_test.go
index c6e5b354f..fd44a6a7c 100644
--- a/internal/api/client/status/status_test.go
+++ b/internal/api/client/status/status_test.go
@@ -19,8 +19,18 @@
 package status_test
 
 import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+
 	"codeberg.org/gruf/go-store/kv"
 	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/activity/pub"
+	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/gotosocial/internal/api/client/status"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/email"
@@ -73,7 +83,7 @@ func (suite *StatusStandardTestSuite) SetupTest() {
 	suite.tc = testrig.NewTestTypeConverter(suite.db)
 	suite.storage = testrig.NewTestStorage()
 	suite.mediaManager = testrig.NewTestMediaManager(suite.db, suite.storage)
-	suite.federator = testrig.NewTestFederator(suite.db, testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil), suite.db), suite.storage, suite.mediaManager)
+	suite.federator = testrig.NewTestFederator(suite.db, testrig.NewTestTransportController(suite.testHttpClient(), suite.db), suite.storage, suite.mediaManager)
 	suite.emailSender = testrig.NewEmailSender("../../../../web/template/", nil)
 	suite.processor = testrig.NewTestProcessor(suite.db, suite.storage, suite.federator, suite.emailSender, suite.mediaManager)
 	suite.statusModule = status.New(suite.processor).(*status.Module)
@@ -85,3 +95,89 @@ func (suite *StatusStandardTestSuite) TearDownTest() {
 	testrig.StandardDBTeardown(suite.db)
 	testrig.StandardStorageTeardown(suite.storage)
 }
+
+func (suite *StatusStandardTestSuite) testHttpClient() pub.HttpClient {
+	remoteAccount := suite.testAccounts["remote_account_1"]
+	remoteAccountNamestring := fmt.Sprintf("acct:%s@%s", remoteAccount.Username, remoteAccount.Domain)
+	remoteAccountWebfingerURI := fmt.Sprintf("https://%s/.well-known/webfinger?resource=%s", remoteAccount.Domain, remoteAccountNamestring)
+
+	fmt.Println(remoteAccountWebfingerURI)
+
+	httpClient := testrig.NewMockHTTPClient(func(req *http.Request) (*http.Response, error) {
+
+		// respond correctly to a webfinger lookup
+		if req.URL.String() == remoteAccountWebfingerURI {
+			responseJson := fmt.Sprintf(`
+			{
+				"subject": "%s",
+				"aliases": [
+				  "%s",
+				  "%s"
+				],
+				"links": [
+				  {
+					"rel": "http://webfinger.net/rel/profile-page",
+					"type": "text/html",
+					"href": "%s"
+				  },
+				  {
+					"rel": "self",
+					"type": "application/activity+json",
+					"href": "%s"
+				  }
+				]
+			}`, remoteAccountNamestring, remoteAccount.URI, remoteAccount.URL, remoteAccount.URL, remoteAccount.URI)
+			responseType := "application/json"
+
+			reader := bytes.NewReader([]byte(responseJson))
+			readCloser := io.NopCloser(reader)
+			response := &http.Response{
+				StatusCode:    200,
+				Body:          readCloser,
+				ContentLength: int64(len(responseJson)),
+				Header: http.Header{
+					"content-type": {responseType},
+				},
+			}
+			return response, nil
+		}
+
+		// respond correctly to an account dereference
+		if req.URL.String() == remoteAccount.URI {
+			satanAS, err := suite.tc.AccountToAS(context.Background(), remoteAccount)
+			if err != nil {
+				panic(err)
+			}
+
+			satanI, err := streams.Serialize(satanAS)
+			if err != nil {
+				panic(err)
+			}
+			satanJson, err := json.Marshal(satanI)
+			if err != nil {
+				panic(err)
+			}
+			responseType := "application/activity+json"
+
+			reader := bytes.NewReader(satanJson)
+			readCloser := io.NopCloser(reader)
+			response := &http.Response{
+				StatusCode:    200,
+				Body:          readCloser,
+				ContentLength: int64(len(satanJson)),
+				Header: http.Header{
+					"content-type": {responseType},
+				},
+			}
+			return response, nil
+		}
+
+		r := ioutil.NopCloser(bytes.NewReader([]byte{}))
+		return &http.Response{
+			StatusCode: 200,
+			Body:       r,
+		}, nil
+	})
+
+	return httpClient
+}
diff --git a/internal/api/client/status/statuscreate_test.go b/internal/api/client/status/statuscreate_test.go
index cfacc2a93..a1df25547 100644
--- a/internal/api/client/status/statuscreate_test.go
+++ b/internal/api/client/status/statuscreate_test.go
@@ -29,7 +29,6 @@ import (
 	"testing"
 
 	"github.com/gin-gonic/gin"
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
 	"github.com/superseriousbusiness/gotosocial/internal/api/client/status"
 	"github.com/superseriousbusiness/gotosocial/internal/api/model"
@@ -85,26 +84,69 @@ func (suite *StatusCreateTestSuite) TestPostNewStatus() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	statusReply := &model.Status{}
 	err = json.Unmarshal(b, statusReply)
-	assert.NoError(suite.T(), err)
-
-	assert.Equal(suite.T(), "hello hello", statusReply.SpoilerText)
-	assert.Equal(suite.T(), "<p>this is a brand new status! <a href=\"http://localhost:8080/tags/helloworld\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>helloworld</span></a></p>", statusReply.Content)
-	assert.True(suite.T(), statusReply.Sensitive)
-	assert.Equal(suite.T(), model.VisibilityPrivate, statusReply.Visibility) // even though we set this status to mutuals only, it should serialize to private, because the mastodon api has no idea about mutuals_only
-	assert.Len(suite.T(), statusReply.Tags, 1)
-	assert.Equal(suite.T(), model.Tag{
+	suite.NoError(err)
+
+	suite.Equal("hello hello", statusReply.SpoilerText)
+	suite.Equal("<p>this is a brand new status! <a href=\"http://localhost:8080/tags/helloworld\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>helloworld</span></a></p>", statusReply.Content)
+	suite.True(statusReply.Sensitive)
+	suite.Equal(model.VisibilityPrivate, statusReply.Visibility) // even though we set this status to mutuals only, it should serialize to private, because the mastodon api has no idea about mutuals_only
+	suite.Len(statusReply.Tags, 1)
+	suite.Equal(model.Tag{
 		Name: "helloworld",
 		URL:  "http://localhost:8080/tags/helloworld",
 	}, statusReply.Tags[0])
 
 	gtsTag := &gtsmodel.Tag{}
 	err = suite.db.GetWhere(context.Background(), []db.Where{{Key: "name", Value: "helloworld"}}, gtsTag)
-	assert.NoError(suite.T(), err)
-	assert.Equal(suite.T(), statusReply.Account.ID, gtsTag.FirstSeenFromAccountID)
+	suite.NoError(err)
+	suite.Equal(statusReply.Account.ID, gtsTag.FirstSeenFromAccountID)
+}
+
+// mention an account that is not yet known to the instance -- it should be looked up and put in the db
+func (suite *StatusCreateTestSuite) TestMentionUnknownAccount() {
+
+	// first remove remote account 1 from the database so it gets looked up again
+	remoteAccount := suite.testAccounts["remote_account_1"]
+	if err := suite.db.DeleteByID(context.Background(), remoteAccount.ID, &gtsmodel.Account{}); err != nil {
+		panic(err)
+	}
+
+	t := suite.testTokens["local_account_1"]
+	oauthToken := oauth.DBTokenToToken(t)
+
+	// setup
+	recorder := httptest.NewRecorder()
+	ctx, _ := gin.CreateTestContext(recorder)
+	ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
+	ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
+	ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
+	ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
+	ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080/%s", status.BasePath), nil) // the endpoint we're hitting
+	ctx.Request.Header.Set("accept", "application/json")
+	ctx.Request.Form = url.Values{
+		"status":     {"hello @foss_satan@fossbros-anonymous.io"},
+		"visibility": {string(model.VisibilityPublic)},
+	}
+	suite.statusModule.StatusCreatePOSTHandler(ctx)
+
+	suite.EqualValues(http.StatusOK, recorder.Code)
+
+	result := recorder.Result()
+	defer result.Body.Close()
+	b, err := ioutil.ReadAll(result.Body)
+	suite.NoError(err)
+
+	statusReply := &model.Status{}
+	err = json.Unmarshal(b, statusReply)
+	suite.NoError(err)
+
+	// if the status is properly formatted, that means the account has been put in the db
+	suite.Equal("<p>hello <span class=\"h-card\"><a href=\"http://fossbros-anonymous.io/@foss_satan\" class=\"u-url mention\" rel=\"nofollow noreferrer noopener\" target=\"_blank\">@<span>foss_satan</span></a></span></p>", statusReply.Content)
+	suite.Equal(model.VisibilityPublic, statusReply.Visibility)
 }
 
 func (suite *StatusCreateTestSuite) TestPostAnotherNewStatus() {
@@ -134,13 +176,13 @@ func (suite *StatusCreateTestSuite) TestPostAnotherNewStatus() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	statusReply := &model.Status{}
 	err = json.Unmarshal(b, statusReply)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
-	assert.Equal(suite.T(), "<p><a href=\"http://localhost:8080/tags/test\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>test</span></a> alright, should be able to post <a href=\"http://localhost:8080/tags/links\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>links</span></a> with fragments in them now, let's see........<br><br><a href=\"https://docs.gotosocial.org/en/latest/user_guide/posts/#links\" rel=\"noopener nofollow noreferrer\" target=\"_blank\">docs.gotosocial.org/en/latest/user_guide/posts/#links</a><br><br><a href=\"http://localhost:8080/tags/gotosocial\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>gotosocial</span></a><br><br>(tobi remember to pull the docker image challenge)</p>", statusReply.Content)
+	suite.Equal("<p><a href=\"http://localhost:8080/tags/test\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>test</span></a> alright, should be able to post <a href=\"http://localhost:8080/tags/links\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>links</span></a> with fragments in them now, let's see........<br><br><a href=\"https://docs.gotosocial.org/en/latest/user_guide/posts/#links\" rel=\"noopener nofollow noreferrer\" target=\"_blank\">docs.gotosocial.org/en/latest/user_guide/posts/#links</a><br><br><a href=\"http://localhost:8080/tags/gotosocial\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\">#<span>gotosocial</span></a><br><br>(tobi remember to pull the docker image challenge)</p>", statusReply.Content)
 }
 
 func (suite *StatusCreateTestSuite) TestPostNewStatusWithEmoji() {
@@ -167,22 +209,22 @@ func (suite *StatusCreateTestSuite) TestPostNewStatusWithEmoji() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	statusReply := &model.Status{}
 	err = json.Unmarshal(b, statusReply)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
-	assert.Equal(suite.T(), "", statusReply.SpoilerText)
-	assert.Equal(suite.T(), "<p>here is a rainbow emoji a few times! :rainbow: :rainbow: :rainbow:<br>here's an emoji that isn't in the db: :test_emoji:</p>", statusReply.Content)
+	suite.Equal("", statusReply.SpoilerText)
+	suite.Equal("<p>here is a rainbow emoji a few times! :rainbow: :rainbow: :rainbow:<br>here's an emoji that isn't in the db: :test_emoji:</p>", statusReply.Content)
 
-	assert.Len(suite.T(), statusReply.Emojis, 1)
+	suite.Len(statusReply.Emojis, 1)
 	apiEmoji := statusReply.Emojis[0]
 	gtsEmoji := testrig.NewTestEmojis()["rainbow"]
 
-	assert.Equal(suite.T(), gtsEmoji.Shortcode, apiEmoji.Shortcode)
-	assert.Equal(suite.T(), gtsEmoji.ImageURL, apiEmoji.URL)
-	assert.Equal(suite.T(), gtsEmoji.ImageStaticURL, apiEmoji.StaticURL)
+	suite.Equal(gtsEmoji.Shortcode, apiEmoji.Shortcode)
+	suite.Equal(gtsEmoji.ImageURL, apiEmoji.URL)
+	suite.Equal(gtsEmoji.ImageStaticURL, apiEmoji.StaticURL)
 }
 
 // Try to reply to a status that doesn't exist
@@ -213,8 +255,8 @@ func (suite *StatusCreateTestSuite) TestReplyToNonexistentStatus() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
-	assert.Equal(suite.T(), `{"error":"bad request"}`, string(b))
+	suite.NoError(err)
+	suite.Equal(`{"error":"bad request"}`, string(b))
 }
 
 // Post a reply to the status of a local user that allows replies.
@@ -243,19 +285,19 @@ func (suite *StatusCreateTestSuite) TestReplyToLocalStatus() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	statusReply := &model.Status{}
 	err = json.Unmarshal(b, statusReply)
-	assert.NoError(suite.T(), err)
-
-	assert.Equal(suite.T(), "", statusReply.SpoilerText)
-	assert.Equal(suite.T(), fmt.Sprintf("<p>hello <span class=\"h-card\"><a href=\"http://localhost:8080/@%s\" class=\"u-url mention\" rel=\"nofollow noreferrer noopener\" target=\"_blank\">@<span>%s</span></a></span> this reply should work!</p>", testrig.NewTestAccounts()["local_account_2"].Username, testrig.NewTestAccounts()["local_account_2"].Username), statusReply.Content)
-	assert.False(suite.T(), statusReply.Sensitive)
-	assert.Equal(suite.T(), model.VisibilityPublic, statusReply.Visibility)
-	assert.Equal(suite.T(), testrig.NewTestStatuses()["local_account_2_status_1"].ID, statusReply.InReplyToID)
-	assert.Equal(suite.T(), testrig.NewTestAccounts()["local_account_2"].ID, statusReply.InReplyToAccountID)
-	assert.Len(suite.T(), statusReply.Mentions, 1)
+	suite.NoError(err)
+
+	suite.Equal("", statusReply.SpoilerText)
+	suite.Equal(fmt.Sprintf("<p>hello <span class=\"h-card\"><a href=\"http://localhost:8080/@%s\" class=\"u-url mention\" rel=\"nofollow noreferrer noopener\" target=\"_blank\">@<span>%s</span></a></span> this reply should work!</p>", testrig.NewTestAccounts()["local_account_2"].Username, testrig.NewTestAccounts()["local_account_2"].Username), statusReply.Content)
+	suite.False(statusReply.Sensitive)
+	suite.Equal(model.VisibilityPublic, statusReply.Visibility)
+	suite.Equal(testrig.NewTestStatuses()["local_account_2_status_1"].ID, statusReply.InReplyToID)
+	suite.Equal(testrig.NewTestAccounts()["local_account_2"].ID, statusReply.InReplyToAccountID)
+	suite.Len(statusReply.Mentions, 1)
 }
 
 // Take a media file which is currently not associated with a status, and attach it to a new status.
@@ -286,33 +328,33 @@ func (suite *StatusCreateTestSuite) TestAttachNewMediaSuccess() {
 	result := recorder.Result()
 	defer result.Body.Close()
 	b, err := ioutil.ReadAll(result.Body)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	statusResponse := &model.Status{}
 	err = json.Unmarshal(b, statusResponse)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
-	assert.Equal(suite.T(), "", statusResponse.SpoilerText)
-	assert.Equal(suite.T(), "<p>here's an image attachment</p>", statusResponse.Content)
-	assert.False(suite.T(), statusResponse.Sensitive)
-	assert.Equal(suite.T(), model.VisibilityPublic, statusResponse.Visibility)
+	suite.Equal("", statusResponse.SpoilerText)
+	suite.Equal("<p>here's an image attachment</p>", statusResponse.Content)
+	suite.False(statusResponse.Sensitive)
+	suite.Equal(model.VisibilityPublic, statusResponse.Visibility)
 
 	// there should be one media attachment
-	assert.Len(suite.T(), statusResponse.MediaAttachments, 1)
+	suite.Len(statusResponse.MediaAttachments, 1)
 
 	// get the updated media attachment from the database
 	gtsAttachment, err := suite.db.GetAttachmentByID(context.Background(), statusResponse.MediaAttachments[0].ID)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	// convert it to a api attachment
 	gtsAttachmentAsapi, err := suite.tc.AttachmentToAPIAttachment(context.Background(), gtsAttachment)
-	assert.NoError(suite.T(), err)
+	suite.NoError(err)
 
 	// compare it with what we have now
-	assert.EqualValues(suite.T(), statusResponse.MediaAttachments[0], gtsAttachmentAsapi)
+	suite.EqualValues(statusResponse.MediaAttachments[0], gtsAttachmentAsapi)
 
 	// the status id of the attachment should now be set to the id of the status we just created
-	assert.Equal(suite.T(), statusResponse.ID, gtsAttachment.StatusID)
+	suite.Equal(statusResponse.ID, gtsAttachment.StatusID)
 }
 
 func TestStatusCreateTestSuite(t *testing.T) {
-- 
cgit v1.2.3