From 469da93678b3f738f65372d13dcd1ea7de390063 Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Mon, 23 May 2022 11:46:50 +0200 Subject: [security] Check all involved IRIs during block checking (#593) * tidy up context keys, add otherInvolvedIRIs * add ReplyToable interface * skip block check if we own the requesting domain * add block check for other involved IRIs * use cacheable status fetch * remove unused ContextActivity * remove unused ContextActivity * add helper for unique URIs * check through CCs and clean slice * add GetAccountIDForStatusURI * add GetAccountIDForAccountURI * check blocks on involved account * add statuses to tests * add some blocked tests * go fmt * extract Tos as well as CCs * test PostInboxRequestBodyHook * add some more testActivities * deduplicate involvedAccountIDs * go fmt * use cacheable db functions, remove new functions --- internal/typeutils/internaltoas.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'internal/typeutils/internaltoas.go') diff --git a/internal/typeutils/internaltoas.go b/internal/typeutils/internaltoas.go index f154398ce..d939ecc1c 100644 --- a/internal/typeutils/internaltoas.go +++ b/internal/typeutils/internaltoas.go @@ -393,9 +393,9 @@ func (c *converter) StatusToAS(ctx context.Context, s *gtsmodel.Status) (vocab.A if s.InReplyToID != "" { // fetch the replied status if we don't have it on hand already if s.InReplyTo == nil { - rs := >smodel.Status{} - if err := c.db.GetByID(ctx, s.InReplyToID, rs); err != nil { - return nil, fmt.Errorf("StatusToAS: error retrieving replied-to status from db: %s", err) + rs, err := c.db.GetStatusByID(ctx, s.InReplyToID) + if err != nil { + return nil, fmt.Errorf("StatusToAS: error getting replied to status %s: %s", s.InReplyToID, err) } s.InReplyTo = rs } -- cgit v1.2.3