From 183eaa5b298235acb8f25ba8f18b98e31471d965 Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Thu, 21 Sep 2023 12:12:04 +0200
Subject: [feature] Implement explicit domain allows + allowlist federation
mode (#2200)
* love like winter! wohoah, wohoah
* domain allow side effects
* tests! logging! unallow!
* document federation modes
* linty linterson
* test
* further adventures in documentation
* finish up domain block documentation (i think)
* change wording a wee little bit
* docs, example
* consolidate shared domainPermission code
* call mode once
* fetch federation mode within domain blocked func
* read domain perm import in streaming manner
* don't use pointer to slice for domain perms
* don't bother copying blocks + allows before deleting
* admonish!
* change wording just a scooch
* update docs
---
internal/gtsmodel/adminaction.go | 2 +-
internal/gtsmodel/domainallow.go | 78 +++++++++++++++++++++++++++++++++++
internal/gtsmodel/domainblock.go | 44 ++++++++++++++++++++
internal/gtsmodel/domainpermission.go | 67 ++++++++++++++++++++++++++++++
4 files changed, 190 insertions(+), 1 deletion(-)
create mode 100644 internal/gtsmodel/domainallow.go
create mode 100644 internal/gtsmodel/domainpermission.go
(limited to 'internal/gtsmodel')
diff --git a/internal/gtsmodel/adminaction.go b/internal/gtsmodel/adminaction.go
index 1e55a33f9..e8b82e495 100644
--- a/internal/gtsmodel/adminaction.go
+++ b/internal/gtsmodel/adminaction.go
@@ -42,7 +42,7 @@ func (c AdminActionCategory) String() string {
case AdminActionCategoryDomain:
return "domain"
default:
- return "unknown"
+ return "unknown" //nolint:goconst
}
}
diff --git a/internal/gtsmodel/domainallow.go b/internal/gtsmodel/domainallow.go
new file mode 100644
index 000000000..2a3e53e79
--- /dev/null
+++ b/internal/gtsmodel/domainallow.go
@@ -0,0 +1,78 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+
+package gtsmodel
+
+import "time"
+
+// DomainAllow represents a federation allow towards a particular domain.
+type DomainAllow struct {
+ ID string `bun:"type:CHAR(26),pk,nullzero,notnull,unique"` // id of this item in the database
+ CreatedAt time.Time `bun:"type:timestamptz,nullzero,notnull,default:current_timestamp"` // when was item created
+ UpdatedAt time.Time `bun:"type:timestamptz,nullzero,notnull,default:current_timestamp"` // when was item last updated
+ Domain string `bun:",nullzero,notnull"` // domain to allow. Eg. 'whatever.com'
+ CreatedByAccountID string `bun:"type:CHAR(26),nullzero,notnull"` // Account ID of the creator of this allow
+ CreatedByAccount *Account `bun:"rel:belongs-to"` // Account corresponding to createdByAccountID
+ PrivateComment string `bun:""` // Private comment on this allow, viewable to admins
+ PublicComment string `bun:""` // Public comment on this allow, viewable (optionally) by everyone
+ Obfuscate *bool `bun:",nullzero,notnull,default:false"` // whether the domain name should appear obfuscated when displaying it publicly
+ SubscriptionID string `bun:"type:CHAR(26),nullzero"` // if this allow was created through a subscription, what's the subscription ID?
+}
+
+func (d *DomainAllow) GetID() string {
+ return d.ID
+}
+
+func (d *DomainAllow) GetCreatedAt() time.Time {
+ return d.CreatedAt
+}
+
+func (d *DomainAllow) GetUpdatedAt() time.Time {
+ return d.UpdatedAt
+}
+
+func (d *DomainAllow) GetDomain() string {
+ return d.Domain
+}
+
+func (d *DomainAllow) GetCreatedByAccountID() string {
+ return d.CreatedByAccountID
+}
+
+func (d *DomainAllow) GetCreatedByAccount() *Account {
+ return d.CreatedByAccount
+}
+
+func (d *DomainAllow) GetPrivateComment() string {
+ return d.PrivateComment
+}
+
+func (d *DomainAllow) GetPublicComment() string {
+ return d.PublicComment
+}
+
+func (d *DomainAllow) GetObfuscate() *bool {
+ return d.Obfuscate
+}
+
+func (d *DomainAllow) GetSubscriptionID() string {
+ return d.SubscriptionID
+}
+
+func (d *DomainAllow) GetType() DomainPermissionType {
+ return DomainPermissionAllow
+}
diff --git a/internal/gtsmodel/domainblock.go b/internal/gtsmodel/domainblock.go
index dfe642ef5..4e0b3ca65 100644
--- a/internal/gtsmodel/domainblock.go
+++ b/internal/gtsmodel/domainblock.go
@@ -32,3 +32,47 @@ type DomainBlock struct {
Obfuscate *bool `bun:",nullzero,notnull,default:false"` // whether the domain name should appear obfuscated when displaying it publicly
SubscriptionID string `bun:"type:CHAR(26),nullzero"` // if this block was created through a subscription, what's the subscription ID?
}
+
+func (d *DomainBlock) GetID() string {
+ return d.ID
+}
+
+func (d *DomainBlock) GetCreatedAt() time.Time {
+ return d.CreatedAt
+}
+
+func (d *DomainBlock) GetUpdatedAt() time.Time {
+ return d.UpdatedAt
+}
+
+func (d *DomainBlock) GetDomain() string {
+ return d.Domain
+}
+
+func (d *DomainBlock) GetCreatedByAccountID() string {
+ return d.CreatedByAccountID
+}
+
+func (d *DomainBlock) GetCreatedByAccount() *Account {
+ return d.CreatedByAccount
+}
+
+func (d *DomainBlock) GetPrivateComment() string {
+ return d.PrivateComment
+}
+
+func (d *DomainBlock) GetPublicComment() string {
+ return d.PublicComment
+}
+
+func (d *DomainBlock) GetObfuscate() *bool {
+ return d.Obfuscate
+}
+
+func (d *DomainBlock) GetSubscriptionID() string {
+ return d.SubscriptionID
+}
+
+func (d *DomainBlock) GetType() DomainPermissionType {
+ return DomainPermissionBlock
+}
diff --git a/internal/gtsmodel/domainpermission.go b/internal/gtsmodel/domainpermission.go
new file mode 100644
index 000000000..01e8fdaaa
--- /dev/null
+++ b/internal/gtsmodel/domainpermission.go
@@ -0,0 +1,67 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+
+package gtsmodel
+
+import "time"
+
+// DomainPermission models a domain
+// permission entry (block/allow).
+type DomainPermission interface {
+ GetID() string
+ GetCreatedAt() time.Time
+ GetUpdatedAt() time.Time
+ GetDomain() string
+ GetCreatedByAccountID() string
+ GetCreatedByAccount() *Account
+ GetPrivateComment() string
+ GetPublicComment() string
+ GetObfuscate() *bool
+ GetSubscriptionID() string
+ GetType() DomainPermissionType
+}
+
+// Domain permission type.
+type DomainPermissionType uint8
+
+const (
+ DomainPermissionUnknown DomainPermissionType = iota
+ DomainPermissionBlock // Explicitly block a domain.
+ DomainPermissionAllow // Explicitly allow a domain.
+)
+
+func (p DomainPermissionType) String() string {
+ switch p {
+ case DomainPermissionBlock:
+ return "block"
+ case DomainPermissionAllow:
+ return "allow"
+ default:
+ return "unknown"
+ }
+}
+
+func NewDomainPermissionType(in string) DomainPermissionType {
+ switch in {
+ case "block":
+ return DomainPermissionBlock
+ case "allow":
+ return DomainPermissionAllow
+ default:
+ return DomainPermissionUnknown
+ }
+}
--
cgit v1.2.3