mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-29 13:32:25 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[bugfix] Ensure activities sender always = activities actor (#2608)

Browse source
This commit is contained in:
tobi 2024-02-06 12:59:37 +01:00 committed by GitHub
commit b6fe8e7a5b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 147 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

18
internal/federation/federatingdb/announce.go
View file

@ -19,6 +19,8 @@ package federatingdb
import (
"context"
"net/url"
"slices"
"codeberg.org/gruf/go-logger/v2/level"
"github.com/superseriousbusiness/activity/streams/vocab"
@ -39,11 +41,25 @@ func (f *federatingDB) Announce(ctx context.Context, announce vocab.ActivityStre
l.Debug("entering Announce")
}
receivingAccount, _, internal := extractFromCtx(ctx)
receivingAccount, requestingAccount, internal := extractFromCtx(ctx)
if internal {
return nil // Already processed.
}
// Ensure requestingAccount is among
// the Actors doing the Announce.
//
// We don't support Announce forwards.
actorIRIs := ap.GetActorIRIs(announce)
if !slices.ContainsFunc(actorIRIs, func(actorIRI *url.URL) bool {
return actorIRI.String() == requestingAccount.URI
}) {
return gtserror.Newf(
"requestingAccount %s was not among Announce Actors",
requestingAccount.URI,
)
}
boost, isNew, err := f.converter.ASAnnounceToStatus(ctx, announce)
if err != nil {
return gtserror.Newf("error converting announce to boost: %w", err)