mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-29 02:12:25 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[feature] Application creation + management via API + settings panel (#3906)

Browse source 
* [feature] Application creation + management via API + settings panel

* fix docs links

* add errnorows test

* use known application as shorter

* add comment about side effects
This commit is contained in:
tobi 2025-03-17 15:06:17 +01:00 committed by GitHub
commit d5847e2d2b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
61 changed files with 3036 additions and 252 deletions
Download patch file Download diff file Expand all files Collapse all files

73
internal/api/client/apps/appcreate.go
View file

@ -18,8 +18,11 @@
package apps
import (
"errors"
"fmt"
"net/http"
"slices"
"strings"
"github.com/gin-gonic/gin"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
@ -40,8 +43,10 @@ const (
// The registered application can be used to obtain an application token.
// This can then be used to register a new account, or (through user auth) obtain an access token.
//
// The parameters can also be given in the body of the request, as JSON, if the content-type is set to 'application/json'.
// The parameters can also be given in the body of the request, as XML, if the content-type is set to 'application/xml'.
// If the application was registered with a Bearer token passed in the Authorization header, the created application will be managed by the authenticated user (must have scope write:applications).
//
// Parameters can also be given in the body of the request, as JSON, if the content-type is set to 'application/json'.
// Parameters can also be given in the body of the request, as XML, if the content-type is set to 'application/xml'.
//
// ---
// tags:
@ -81,42 +86,66 @@ func (m *Module) AppsPOSTHandler(c *gin.Context) {
return
}
if authed.Token != nil {
// If a token has been passed, user
// needs write perm on applications.
if !slices.ContainsFunc(
strings.Split(authed.Token.GetScope(), " "),
func(hasScope string) bool {
return apiutil.Scope(hasScope).Permits(apiutil.ScopeWriteApplications)
},
) {
const errText = "token has insufficient scope permission"
errWithCode := gtserror.NewErrorForbidden(errors.New(errText), errText)
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
}
if authed.Account != nil && authed.Account.IsMoving() {
apiutil.ForbiddenAfterMove(c)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
errWithCode := gtserror.NewErrorNotAcceptable(err, err.Error())
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
form := &apimodel.ApplicationCreateRequest{}
if err := c.ShouldBind(form); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
errWithCode := gtserror.NewErrorBadRequest(err, err.Error())
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
if len([]rune(form.ClientName)) > formFieldLen {
err := fmt.Errorf("client_name must be less than %d characters", formFieldLen)
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
if l := len([]rune(form.ClientName)); l > formFieldLen {
m.fieldTooLong(c, "client_name", formFieldLen, l)
return
}
if len([]rune(form.RedirectURIs)) > formRedirectLen {
err := fmt.Errorf("redirect_uris must be less than %d characters", formRedirectLen)
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
if l := len([]rune(form.RedirectURIs)); l > formRedirectLen {
m.fieldTooLong(c, "redirect_uris", formRedirectLen, l)
return
}
if len([]rune(form.Scopes)) > formFieldLen {
err := fmt.Errorf("scopes must be less than %d characters", formFieldLen)
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
if l := len([]rune(form.Scopes)); l > formFieldLen {
m.fieldTooLong(c, "scopes", formFieldLen, l)
return
}
if len([]rune(form.Website)) > formFieldLen {
err := fmt.Errorf("website must be less than %d characters", formFieldLen)
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
if l := len([]rune(form.Website)); l > formFieldLen {
m.fieldTooLong(c, "website", formFieldLen, l)
return
}
apiApp, errWithCode := m.processor.AppCreate(c.Request.Context(), authed, form)
var managedByUserID string
if authed.User != nil {
managedByUserID = authed.User.ID
}
apiApp, errWithCode := m.processor.Application().Create(c.Request.Context(), managedByUserID, form)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
@ -124,3 +153,13 @@ func (m *Module) AppsPOSTHandler(c *gin.Context) {
apiutil.JSON(c, http.StatusOK, apiApp)
}
func (m *Module) fieldTooLong(c *gin.Context, fieldName string, max int, actual int) {
errText := fmt.Sprintf(
"%s must be less than %d characters, provided %s was %d characters",
fieldName, max, fieldName, actual,
)
errWithCode := gtserror.NewErrorBadRequest(errors.New(errText), errText)
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
}

98
internal/api/client/apps/appdelete.go Normal file
View file

@ -0,0 +1,98 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package apps
import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// AppDELETEHandler swagger:operation DELETE /api/v1/apps/{id} appDelete
//
// Delete a single application managed by the requester.
//
// ---
// tags:
// - apps
//
// produces:
// - application/json
//
// parameters:
// -
// name: id
// type: string
// description: The id of the application to delete.
// in: path
// required: true
//
// security:
// - OAuth2 Bearer:
// - write:applications
//
// responses:
// '200':
// description: The deleted application.
// schema:
// "$ref": "#/definitions/application"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '404':
// description: not found
// '406':
// description: not acceptable
// '500':
// description: internal server error
func (m *Module) AppDELETEHandler(c *gin.Context) {
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeWriteApplications,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
return
}
appID, errWithCode := apiutil.ParseID(c.Param(apiutil.IDKey))
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
app, errWithCode := m.processor.Application().Delete(
c.Request.Context(),
authed.User.ID,
appID,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.JSON(c, http.StatusOK, app)
}

98
internal/api/client/apps/appget.go Normal file
View file

@ -0,0 +1,98 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package apps
import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// AppGETHandler swagger:operation GET /api/v1/apps/{id} appGet
//
// Get a single application managed by the requester.
//
// ---
// tags:
// - apps
//
// produces:
// - application/json
//
// parameters:
// -
// name: id
// type: string
// description: The id of the requested application.
// in: path
// required: true
//
// security:
// - OAuth2 Bearer:
// - read:applications
//
// responses:
// '200':
// description: The requested application.
// schema:
// "$ref": "#/definitions/application"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '404':
// description: not found
// '406':
// description: not acceptable
// '500':
// description: internal server error
func (m *Module) AppGETHandler(c *gin.Context) {
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadApplications,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
return
}
appID, errWithCode := apiutil.ParseID(c.Param(apiutil.IDKey))
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
app, errWithCode := m.processor.Application().Get(
c.Request.Context(),
authed.User.ID,
appID,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.JSON(c, http.StatusOK, app)
}

10
internal/api/client/apps/apps.go
View file

@ -21,11 +21,14 @@ import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/processing"
)
// BasePath is the base path for this api module, excluding the api prefix
const BasePath = "/v1/apps"
const (
BasePath = "/v1/apps"
BasePathWithID = BasePath + "/:" + apiutil.IDKey
)
type Module struct {
processor *processing.Processor
@ -39,4 +42,7 @@ func New(processor *processing.Processor) *Module {
func (m *Module) Route(attachHandler func(method string, path string, f ...gin.HandlerFunc) gin.IRoutes) {
attachHandler(http.MethodPost, BasePath, m.AppsPOSTHandler)
attachHandler(http.MethodGet, BasePath, m.AppsGETHandler)
attachHandler(http.MethodGet, BasePathWithID, m.AppGETHandler)
attachHandler(http.MethodDelete, BasePathWithID, m.AppDELETEHandler)
}

146
internal/api/client/apps/appsget.go Normal file
View file

@ -0,0 +1,146 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package apps
import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
// AppsGETHandler swagger:operation GET /api/v1/apps appsGet
//
// Get an array of applications that are managed by the requester.
//
// The next and previous queries can be parsed from the returned Link header.
//
// Example:
//
// ```
// <https://example.org/api/v1/apps?limit=80&max_id=01FC0SKA48HNSVR6YKZCQGS2V8>; rel="next", <https://example.org/api/v1/apps?limit=80&min_id=01FC0SKW5JK2Q4EVAV2B462YY0>; rel="prev"
// ````
//
// ---
// tags:
// - apps
//
// produces:
// - application/json
//
// parameters:
// -
// name: max_id
// type: string
// description: >-
// Return only items *OLDER* than the given max item ID.
// The item with the specified ID will not be included in the response.
// in: query
// required: false
// -
// name: since_id
// type: string
// description: >-
// Return only items *newer* than the given since item ID.
// The item with the specified ID will not be included in the response.
// in: query
// -
// name: min_id
// type: string
// description: >-
// Return only items *immediately newer* than the given since item ID.
// The item with the specified ID will not be included in the response.
// in: query
// required: false
// -
// name: limit
// type: integer
// description: Number of items to return.
// default: 20
// in: query
// required: false
// max: 80
// min: 0
//
// security:
// - OAuth2 Bearer:
// - read:applications
//
// responses:
// '200':
// headers:
// Link:
// type: string
// description: Links to the next and previous queries.
// schema:
// type: array
// items:
// "$ref": "#/definitions/application"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '404':
// description: not found
// '406':
// description: not acceptable
// '500':
// description: internal server error
func (m *Module) AppsGETHandler(c *gin.Context) {
authed, errWithCode := apiutil.TokenAuth(c,
true, true, true, true,
apiutil.ScopeReadApplications,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
return
}
page, errWithCode := paging.ParseIDPage(c,
0, // min limit
80, // max limit
20, // default limit
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
resp, errWithCode := m.processor.Application().GetPage(
c.Request.Context(),
authed.User.ID,
page,
)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
if resp.LinkHeader != "" {
c.Header("Link", resp.LinkHeader)
}
apiutil.JSON(c, http.StatusOK, resp.Items)
}

6
internal/api/client/tokens/tokensget.go
View file

@ -52,7 +52,7 @@ import (
// name: max_id
// type: string
// description: >-
// Return only items *OLDER* than the given max status ID.
// Return only items *OLDER* than the given max item ID.
// The item with the specified ID will not be included in the response.
// in: query
// required: false
@ -60,14 +60,14 @@ import (
// name: since_id
// type: string
// description: >-
// Return only items *newer* than the given since status ID.
// Return only items *newer* than the given since item ID.
// The item with the specified ID will not be included in the response.
// in: query
// -
// name: min_id
// type: string
// description: >-
// Return only items *immediately newer* than the given since status ID.
// Return only items *immediately newer* than the given since item ID.
// The item with the specified ID will not be included in the response.
// in: query
// required: false

3
internal/api/model/application.go
View file

@ -24,6 +24,9 @@ type Application struct {
// The ID of the application.
// example: 01FBVD42CQ3ZEEVMW180SBX03B
ID string `json:"id,omitempty"`
// When the application was created. (ISO 8601 Datetime)
// example: 2021-07-30T09:20:25+00:00
CreatedAt string `json:"created_at,omitempty"`
// The name of the application.
// example: Tusky
Name string `json:"name"`

3
internal/api/util/scopes.go
View file

@ -27,6 +27,7 @@ const (
/* Sub-scopes / scope components */
scopeAccounts = "accounts"
scopeApplications = "applications"
scopeBlocks = "blocks"
scopeBookmarks = "bookmarks"
scopeConversations = "conversations"
@ -57,6 +58,8 @@ const (
ScopeReadAccounts Scope = ScopeRead + ":" + scopeAccounts
ScopeWriteAccounts Scope = ScopeWrite + ":" + scopeAccounts
ScopeReadApplications Scope = ScopeRead + ":" + scopeApplications
ScopeWriteApplications Scope = ScopeWrite + ":" + scopeApplications
ScopeReadBlocks Scope = ScopeRead + ":" + scopeBlocks
ScopeWriteBlocks Scope = ScopeWrite + ":" + scopeBlocks
ScopeReadBookmarks Scope = ScopeRead + ":" + scopeBookmarks

11
internal/db/application.go
View file

@ -31,11 +31,14 @@ type Application interface {
// GetApplicationByClientID fetches the application from the database with corresponding client_id value.
GetApplicationByClientID(ctx context.Context, clientID string) (*gtsmodel.Application, error)
// GetApplicationsManagedByUserID fetches a page of applications managed by the given userID.
GetApplicationsManagedByUserID(ctx context.Context, userID string, page *paging.Page) ([]*gtsmodel.Application, error)
// PutApplication places the new application in the database, erroring on non-unique ID or client_id.
PutApplication(ctx context.Context, app *gtsmodel.Application) error
// DeleteApplicationByClientID deletes the application with corresponding client_id value from the database.
DeleteApplicationByClientID(ctx context.Context, clientID string) error
// DeleteApplicationByID deletes the application with corresponding id from the database.
DeleteApplicationByID(ctx context.Context, id string) error
// GetAllTokens fetches all client oauth tokens from database.
GetAllTokens(ctx context.Context) ([]*gtsmodel.Token, error)
@ -72,4 +75,8 @@ type Application interface {
// DeleteTokenByRefresh deletes client oauth token from database with refresh code.
DeleteTokenByRefresh(ctx context.Context, refresh string) error
// DeleteTokensByClientID deletes all tokens
// with the given clientID from the database.
DeleteTokensByClientID(ctx context.Context, clientID string) error
}

11
internal/db/bundb/admin.go
View file

@ -194,6 +194,17 @@ func (a *adminDB) NewSignup(ctx context.Context, newSignup gtsmodel.NewSignup) (
return nil, err
}
// If no app ID was set,
// use the instance app ID.
if newSignup.AppID == "" {
instanceApp, err := a.state.DB.GetInstanceApplication(ctx)
if err != nil {
err := gtserror.Newf("db error getting instance app: %w", err)
return nil, err
}
newSignup.AppID = instanceApp.ID
}
user = &gtsmodel.User{
ID: newUserID,
AccountID: account.ID,

154
internal/db/bundb/application.go
View file

@ -56,6 +56,73 @@ func (a *applicationDB) GetApplicationByClientID(ctx context.Context, clientID s
)
}
func (a *applicationDB) GetApplicationsManagedByUserID(
ctx context.Context,
userID string,
page *paging.Page,
) ([]*gtsmodel.Application, error) {
var (
// Get paging params.
minID = page.GetMin()
maxID = page.GetMax()
limit = page.GetLimit()
order = page.GetOrder()
// Make educated guess for slice size.
appIDs = make([]string, 0, limit)
)
// Ensure user ID.
if userID == "" {
return nil, gtserror.New("userID not set")
}
q := a.db.
NewSelect().
TableExpr("? AS ?", bun.Ident("applications"), bun.Ident("application")).
Column("application.id").
Where("? = ?", bun.Ident("application.managed_by_user_id"), userID)
if maxID != "" {
// Return only apps LOWER (ie., older) than maxID.
q = q.Where("? < ?", bun.Ident("application.id"), maxID)
}
if minID != "" {
// Return only apps HIGHER (ie., newer) than minID.
q = q.Where("? > ?", bun.Ident("application.id"), minID)
}
if limit > 0 {
q = q.Limit(limit)
}
if order == paging.OrderAscending {
// Page up.
q = q.Order("application.id ASC")
} else {
// Page down.
q = q.Order("application.id DESC")
}
if err := q.Scan(ctx, &appIDs); err != nil {
return nil, err
}
if len(appIDs) == 0 {
return nil, nil
}
// If we're paging up, we still want apps
// to be sorted by ID desc (ie., newest to
// oldest), so reverse ids slice.
if order == paging.OrderAscending {
slices.Reverse(appIDs)
}
return a.getApplicationsByIDs(ctx, appIDs)
}
func (a *applicationDB) getApplication(ctx context.Context, lookup string, dbQuery func(*gtsmodel.Application) error, keyParts ...any) (*gtsmodel.Application, error) {
return a.state.Caches.DB.Application.LoadOne(lookup, func() (*gtsmodel.Application, error) {
var app gtsmodel.Application
@ -69,6 +136,37 @@ func (a *applicationDB) getApplication(ctx context.Context, lookup string, dbQue
}, keyParts...)
}
func (a *applicationDB) getApplicationsByIDs(ctx context.Context, ids []string) ([]*gtsmodel.Application, error) {
apps, err := a.state.Caches.DB.Application.LoadIDs("ID",
ids,
func(uncached []string) ([]*gtsmodel.Application, error) {
// Preallocate expected length of uncached apps.
apps := make([]*gtsmodel.Application, 0, len(uncached))
// Perform database query scanning
// the remaining (uncached) app IDs.
if err := a.db.NewSelect().
Model(&apps).
Where("? IN (?)", bun.Ident("id"), bun.In(uncached)).
Scan(ctx); err != nil {
return nil, err
}
return apps, nil
},
)
if err != nil {
return nil, err
}
// Reorder the apps by their
// IDs to ensure in correct order.
getID := func(t *gtsmodel.Application) string { return t.ID }
xslices.OrderBy(apps, ids, getID)
return apps, nil
}
func (a *applicationDB) PutApplication(ctx context.Context, app *gtsmodel.Application) error {
return a.state.Caches.DB.Application.Store(app, func() error {
_, err := a.db.NewInsert().Model(app).Exec(ctx)
@ -76,27 +174,25 @@ func (a *applicationDB) PutApplication(ctx context.Context, app *gtsmodel.Applic
})
}
func (a *applicationDB) DeleteApplicationByClientID(ctx context.Context, clientID string) error {
// Attempt to delete application.
if _, err := a.db.NewDelete().
// DeleteApplicationByID deletes application with the given ID.
//
// The function does not delete tokens owned by the application
// or update statuses/accounts that used the application, since
// the latter can be extremely expensive given the size of the
// statuses table.
//
// Callers to this function should ensure that they do side
// effects themselves (if required) before or after calling.
func (a *applicationDB) DeleteApplicationByID(ctx context.Context, id string) error {
_, err := a.db.NewDelete().
Table("applications").
Where("? = ?", bun.Ident("client_id"), clientID).
Exec(ctx); err != nil {
Where("? = ?", bun.Ident("id"), id).
Exec(ctx)
if err != nil {
return err
}
// NOTE about further side effects:
//
// We don't need to handle updating any statuses or users
// (both of which may contain refs to applications), as
// DeleteApplication__() is only ever called during an
// account deletion, which handles deletion of the user
// and all their statuses already.
//
// Clear application from the cache.
a.state.Caches.DB.Application.Invalidate("ClientID", clientID)
a.state.Caches.DB.Application.Invalidate("ID", id)
return nil
}
@ -363,3 +459,27 @@ func (a *applicationDB) DeleteTokenByRefresh(ctx context.Context, refresh string
a.state.Caches.DB.Token.Invalidate("Refresh", refresh)
return nil
}
func (a *applicationDB) DeleteTokensByClientID(ctx context.Context, clientID string) error {
// Delete tokens owned by
// clientID and gather token IDs.
var tokenIDs []string
if _, err := a.db.
NewDelete().
Table("tokens").
Where("? = ?", bun.Ident("client_id"), clientID).
Returning("id").
Exec(ctx, &tokenIDs); err != nil {
return err
}
if len(tokenIDs) == 0 {
// Nothing was deleted,
// nothing to invalidate.
return nil
}
// Invalidate all deleted tokens.
a.state.Caches.DB.Token.InvalidateIDs("ID", tokenIDs)
return nil
}

32
internal/db/bundb/application_test.go
View file

@ -92,7 +92,7 @@ func (suite *ApplicationTestSuite) TestDeleteApplicationBy() {
for _, app := range suite.testApplications {
for lookup, dbfunc := range map[string]func() error{
"client_id": func() error {
return suite.db.DeleteApplicationByClientID(ctx, app.ClientID)
return suite.db.DeleteApplicationByID(ctx, app.ID)
},
} {
// Clear database caches.
@ -124,6 +124,36 @@ func (suite *ApplicationTestSuite) TestGetAllTokens() {
suite.NotEmpty(tokens)
}
func (suite *ApplicationTestSuite) TestDeleteTokensByClientID() {
ctx := context.Background()
// Delete tokens by each app.
for _, app := range suite.testApplications {
if err := suite.state.DB.DeleteTokensByClientID(ctx, app.ClientID); err != nil {
suite.FailNow(err.Error())
}
}
// Ensure all tokens deleted.
for _, token := range suite.testTokens {
_, err := suite.db.GetTokenByID(ctx, token.ID)
if !errors.Is(err, db.ErrNoEntries) {
suite.FailNow("", "token %s not deleted", token.ID)
}
}
}
func (suite *ApplicationTestSuite) TestDeleteTokensByUnknownClientID() {
// Should not return ErrNoRows even though
// the client with given ID doesn't exist.
if err := suite.state.DB.DeleteTokensByClientID(
context.Background(),
"01JPJ4NCGH6GHY7ZVYBHNP55XS",
); err != nil {
suite.FailNow(err.Error())
}
}
func TestApplicationTestSuite(t *testing.T) {
suite.Run(t, new(ApplicationTestSuite))
}

105
internal/db/bundb/migrations/20250310144102_application_management.go Normal file
View file

@ -0,0 +1,105 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package migrations
import (
"context"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/uptrace/bun"
)
func init() {
up := func(ctx context.Context, db *bun.DB) error {
return db.RunInTx(ctx, nil, func(ctx context.Context, tx bun.Tx) error {
// Add client_id index to token table,
// needed for invalidation if/when the
// token's app is deleted.
if _, err := tx.
NewCreateIndex().
Table("tokens").
Index("tokens_client_id_idx").
Column("client_id").
IfNotExists().
Exec(ctx); err != nil {
return err
}
// Update users to set all "created_by_application_id"
// values to the instance application, to correct some
// past issues where this wasn't set. Skip this if there's
// no users though, as in that case we probably don't even
// have an instance application yet.
usersLen, err := tx.
NewSelect().
Table("users").
Count(ctx)
if err != nil {
return err
}
if usersLen == 0 {
// Nothing to do.
return nil
}
// Get Instance account ID.
var instanceAcctID string
if err := tx.
NewSelect().
Table("accounts").
Column("id").
Where("? = ?", bun.Ident("username"), config.GetHost()).
Where("? IS NULL", bun.Ident("domain")).
Scan(ctx, &instanceAcctID); err != nil {
return err
}
// Get the instance app ID.
var instanceAppID string
if err := tx.
NewSelect().
Table("applications").
Column("id").
Where("? = ?", bun.Ident("client_id"), instanceAcctID).
Scan(ctx, &instanceAppID); err != nil {
return err
}
// Set instance app
// ID on all users.
if _, err := tx.
NewUpdate().
Table("users").
Set("? = ?", bun.Ident("created_by_application_id"), instanceAppID).
Exec(ctx); err != nil {
return err
}
return nil
})
}
down := func(ctx context.Context, db *bun.DB) error {
return nil
}
if err := Migrations.Register(up, down); err != nil {
panic(err)
}
}

3
internal/db/bundb/status.go
View file

@ -299,11 +299,12 @@ func (s *statusDB) PopulateStatus(ctx context.Context, status *gtsmodel.Status)
if status.CreatedWithApplicationID != "" && status.CreatedWithApplication == nil {
// Populate the status' expected CreatedWithApplication (not always set).
// Don't error on ErrNoEntries, as the application may have been cleaned up.
status.CreatedWithApplication, err = s.state.DB.GetApplicationByID(
gtscontext.SetBarebones(ctx),
status.CreatedWithApplicationID,
)
if err != nil {
if err != nil && !errors.Is(err, db.ErrNoEntries) {
errs.Appendf("error populating status application: %w", err)
}
}

2
internal/gtsmodel/token.go
View file

@ -27,7 +27,7 @@ type Token struct {
ClientID string `bun:"type:CHAR(26),nullzero,notnull"` // ID of the client who owns this token
UserID string `bun:"type:CHAR(26),nullzero"` // ID of the user who owns this token
RedirectURI string `bun:",nullzero,notnull"` // Oauth redirect URI for this token
Scope string `bun:",nullzero,notnull,default:'read'"` // Oauth scope // Oauth scope
Scope string `bun:",nullzero,notnull,default:'read'"` // Oauth scope
Code string `bun:",pk,nullzero,notnull,default:''"` // Code, if present
CodeChallenge string `bun:",nullzero"` // Code challenge, if code present
CodeChallengeMethod string `bun:",nullzero"` // Code challenge method, if code present

32
internal/processing/account/delete.go
View file

@ -107,19 +107,33 @@ func (p *Processor) deleteUserAndTokensForAccount(ctx context.Context, account *
return gtserror.Newf("db error getting user: %w", err)
}
tokens := []*gtsmodel.Token{}
if err := p.state.DB.GetWhere(ctx, []db.Where{{Key: "user_id", Value: user.ID}}, &tokens); err != nil {
// Get all applications owned by user.
apps, err := p.state.DB.GetApplicationsManagedByUserID(ctx, user.ID, nil)
if err != nil {
return gtserror.Newf("db error getting apps: %w", err)
}
// Delete each app and any tokens it had created
// (not necessarily owned by deleted account).
for _, a := range apps {
if err := p.state.DB.DeleteApplicationByID(ctx, a.ID); err != nil {
return gtserror.Newf("db error deleting app: %w", err)
}
if err := p.state.DB.DeleteTokensByClientID(ctx, a.ClientID); err != nil {
return gtserror.Newf("db error deleting tokens for app: %w", err)
}
}
// Get any remaining access tokens owned by user.
tokens, err := p.state.DB.GetAccessTokens(ctx, user.ID, nil)
if err != nil {
return gtserror.Newf("db error getting tokens: %w", err)
}
// Delete each token.
for _, t := range tokens {
// Delete any OAuth applications associated with this token.
if err := p.state.DB.DeleteApplicationByClientID(ctx, t.ClientID); err != nil {
return gtserror.Newf("db error deleting application: %w", err)
}
// Delete the token itself.
if err := p.state.DB.DeleteByID(ctx, t.ID, t); err != nil {
if err := p.state.DB.DeleteTokenByID(ctx, t.ID); err != nil {
return gtserror.Newf("db error deleting token: %w", err)
}
}

38
internal/processing/application/application.go Normal file
View file

@ -0,0 +1,38 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package application
import (
"github.com/superseriousbusiness/gotosocial/internal/state"
"github.com/superseriousbusiness/gotosocial/internal/typeutils"
)
type Processor struct {
state *state.State
converter *typeutils.Converter
}
func New(
state *state.State,
converter *typeutils.Converter,
) Processor {
return Processor{
state: state,
converter: converter,
}
}

48
internal/processing/app.go → internal/processing/application/create.go
View file

@ -15,24 +15,28 @@
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package processing
package application
import (
"context"
"errors"
"fmt"
"net/url"
"strings"
"github.com/google/uuid"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/id"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
func (p *Processor) AppCreate(ctx context.Context, authed *apiutil.Auth, form *apimodel.ApplicationCreateRequest) (*apimodel.Application, gtserror.WithCode) {
func (p *Processor) Create(
ctx context.Context,
managedByUserID string,
form *apimodel.ApplicationCreateRequest,
) (*apimodel.Application, gtserror.WithCode) {
// Set default 'read' for
// scopes if it's not set.
var scopes string
@ -49,13 +53,32 @@ func (p *Processor) AppCreate(ctx context.Context, authed *apiutil.Auth, form *a
// Redirect URIs can be just one value, or can be passed
// as a newline-separated list of strings. Ensure each URI
// is parseable + normalize it by reconstructing from *url.URL.
for _, redirectStr := range strings.Split(form.RedirectURIs, "\n") {
// Also ensure we don't add multiple copies of the same URI.
redirectStrs := strings.Split(form.RedirectURIs, "\n")
added := make(map[string]struct{}, len(redirectStrs))
for _, redirectStr := range redirectStrs {
redirectStr = strings.TrimSpace(redirectStr)
if redirectStr == "" {
continue
}
redirectURI, err := url.Parse(redirectStr)
if err != nil {
errText := fmt.Sprintf("error parsing redirect URI: %v", err)
return nil, gtserror.NewErrorBadRequest(err, errText)
}
redirectURIs = append(redirectURIs, redirectURI.String())
redirectURIStr := redirectURI.String()
if _, alreadyAdded := added[redirectURIStr]; !alreadyAdded {
redirectURIs = append(redirectURIs, redirectURIStr)
added[redirectURIStr] = struct{}{}
}
}
if len(redirectURIs) == 0 {
errText := "no redirect URIs left after trimming space"
return nil, gtserror.NewErrorBadRequest(errors.New(errText), errText)
}
} else {
// No redirect URI(s) provided, just set default oob.
@ -71,13 +94,14 @@ func (p *Processor) AppCreate(ctx context.Context, authed *apiutil.Auth, form *a
// Generate + store app
// to put in the database.
app := &gtsmodel.Application{
ID: id.NewULID(),
Name: form.ClientName,
Website: form.Website,
RedirectURIs: redirectURIs,
ClientID: clientID,
ClientSecret: uuid.NewString(),
Scopes: scopes,
ID: id.NewULID(),
Name: form.ClientName,
Website: form.Website,
RedirectURIs: redirectURIs,
ClientID: clientID,
ClientSecret: uuid.NewString(),
Scopes: scopes,
ManagedByUserID: managedByUserID,
}
if err := p.state.DB.PutApplication(ctx, app); err != nil {
return nil, gtserror.NewErrorInternalError(err)

70
internal/processing/application/delete.go Normal file
View file

@ -0,0 +1,70 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package application
import (
"context"
"errors"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
func (p *Processor) Delete(
ctx context.Context,
userID string,
appID string,
) (*apimodel.Application, gtserror.WithCode) {
app, err := p.state.DB.GetApplicationByID(ctx, appID)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
err := gtserror.Newf("db error getting app %s: %w", appID, err)
return nil, gtserror.NewErrorInternalError(err)
}
if app == nil {
err := gtserror.Newf("app %s not found in the db", appID)
return nil, gtserror.NewErrorNotFound(err)
}
if app.ManagedByUserID != userID {
err := gtserror.Newf("app %s not managed by user %s", appID, userID)
return nil, gtserror.NewErrorNotFound(err)
}
// Convert app before deletion.
apiApp, err := p.converter.AppToAPIAppSensitive(ctx, app)
if err != nil {
err := gtserror.Newf("error converting app to api app: %w", err)
return nil, gtserror.NewErrorInternalError(err)
}
// Delete app itself.
if err := p.state.DB.DeleteApplicationByID(ctx, appID); err != nil {
err := gtserror.Newf("db error deleting app %s: %w", appID, err)
return nil, gtserror.NewErrorInternalError(err)
}
// Delete all tokens owned by app.
if err := p.state.DB.DeleteTokensByClientID(ctx, app.ClientID); err != nil {
err := gtserror.Newf("db error deleting tokens for app %s: %w", appID, err)
return nil, gtserror.NewErrorInternalError(err)
}
return apiApp, nil
}

104
internal/processing/application/get.go Normal file
View file

@ -0,0 +1,104 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package application
import (
"context"
"errors"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/log"
"github.com/superseriousbusiness/gotosocial/internal/paging"
)
func (p *Processor) Get(
ctx context.Context,
userID string,
appID string,
) (*apimodel.Application, gtserror.WithCode) {
app, err := p.state.DB.GetApplicationByID(ctx, appID)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
err := gtserror.Newf("db error getting app %s: %w", appID, err)
return nil, gtserror.NewErrorInternalError(err)
}
if app == nil {
err := gtserror.Newf("app %s not found in the db", appID)
return nil, gtserror.NewErrorNotFound(err)
}
if app.ManagedByUserID != userID {
err := gtserror.Newf("app %s not managed by user %s", appID, userID)
return nil, gtserror.NewErrorNotFound(err)
}
apiApp, err := p.converter.AppToAPIAppSensitive(ctx, app)
if err != nil {
err := gtserror.Newf("error converting app to api app: %w", err)
return nil, gtserror.NewErrorInternalError(err)
}
return apiApp, nil
}
func (p *Processor) GetPage(
ctx context.Context,
userID string,
page *paging.Page,
) (*apimodel.PageableResponse, gtserror.WithCode) {
apps, err := p.state.DB.GetApplicationsManagedByUserID(ctx, userID, page)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
err := gtserror.Newf("db error getting apps: %w", err)
return nil, gtserror.NewErrorInternalError(err)
}
count := len(apps)
if count == 0 {
return paging.EmptyResponse(), nil
}
var (
// Get the lowest and highest
// ID values, used for paging.
lo = apps[count-1].ID
hi = apps[0].ID
// Best-guess items length.
items = make([]interface{}, 0, count)
)
for _, app := range apps {
apiApp, err := p.converter.AppToAPIAppSensitive(ctx, app)
if err != nil {
log.Errorf(ctx, "error converting app to api app: %v", err)
continue
}
// Append req to return items.
items = append(items, apiApp)
}
return paging.PackageResponse(paging.ResponseParams{
Items: items,
Path: "/api/v1/apps",
Next: page.Next(lo, hi),
Prev: page.Prev(lo, hi),
}), nil
}

7
internal/processing/processor.go
View file

@ -29,6 +29,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/processing/account"
"github.com/superseriousbusiness/gotosocial/internal/processing/admin"
"github.com/superseriousbusiness/gotosocial/internal/processing/advancedmigrations"
"github.com/superseriousbusiness/gotosocial/internal/processing/application"
"github.com/superseriousbusiness/gotosocial/internal/processing/common"
"github.com/superseriousbusiness/gotosocial/internal/processing/conversations"
"github.com/superseriousbusiness/gotosocial/internal/processing/fedi"
@ -81,6 +82,7 @@ type Processor struct {
account account.Processor
admin admin.Processor
advancedmigrations advancedmigrations.Processor
application application.Processor
conversations conversations.Processor
fedi fedi.Processor
filtersv1 filtersv1.Processor
@ -113,6 +115,10 @@ func (p *Processor) AdvancedMigrations() *advancedmigrations.Processor {
return &p.advancedmigrations
}
func (p *Processor) Application() *application.Processor {
return &p.application
}
func (p *Processor) Conversations() *conversations.Processor {
return &p.conversations
}
@ -221,6 +227,7 @@ func NewProcessor(
// processors + pin them to this struct.
processor.account = account.New(&common, state, converter, mediaManager, federator, visFilter, parseMentionFunc)
processor.admin = admin.New(&common, state, cleaner, subscriptions, federator, converter, mediaManager, federator.TransportController(), emailSender)
processor.application = application.New(state, converter)
processor.conversations = conversations.New(state, converter, visFilter)
processor.fedi = fedi.New(state, &common, converter, federator, visFilter)
processor.filtersv1 = filtersv1.New(state, converter, &processor.stream)

24
internal/typeutils/internaltofrontend.go
View file

@ -623,8 +623,14 @@ func (c *Converter) AppToAPIAppSensitive(ctx context.Context, a *gtsmodel.Applic
return nil, gtserror.Newf("error getting VAPID public key: %w", err)
}
createdAt, err := id.TimeFromULID(a.ID)
if err != nil {
return nil, gtserror.Newf("error converting id to time: %w", err)
}
return &apimodel.Application{
ID: a.ID,
CreatedAt: util.FormatISO8601(createdAt),
Name: a.Name,
Website: a.Website,
RedirectURI: strings.Join(a.RedirectURIs, "\n"),
@ -1412,14 +1418,28 @@ func (c *Converter) baseStatusToFrontend(
apiStatus.InReplyToAccountID = util.PtrIf(s.InReplyToAccountID)
apiStatus.Language = util.PtrIf(s.Language)
if app := s.CreatedWithApplication; app != nil {
apiStatus.Application, err = c.AppToAPIAppPublic(ctx, app)
switch {
case s.CreatedWithApplication != nil:
// App exists for this status and is set.
apiStatus.Application, err = c.AppToAPIAppPublic(ctx, s.CreatedWithApplication)
if err != nil {
return nil, gtserror.Newf(
"error converting application %s: %w",
s.CreatedWithApplicationID, err,
)
}
case s.CreatedWithApplicationID != "":
// App existed for this status but not
// anymore, it's probably been cleaned up.
// Set a dummy application.
apiStatus.Application = &apimodel.Application{
Name: "unknown application",
}
default:
// No app stored for this (probably remote)
// status, so nothing to do (app is optional).
}
if s.Poll != nil {

150
internal/typeutils/internaltofrontend_test.go
View file

@ -753,6 +753,156 @@ func (suite *InternalToFrontendTestSuite) TestStatusToFrontendHTMLContentWarning
}`, string(b))
}
func (suite *InternalToFrontendTestSuite) TestStatusToFrontendApplicationDeleted() {
ctx := context.Background()
testStatus := suite.testStatuses["admin_account_status_1"]
// Delete the application this status was created with.
if err := suite.state.DB.DeleteApplicationByID(ctx, testStatus.CreatedWithApplicationID); err != nil {
suite.FailNow(err.Error())
}
requestingAccount := suite.testAccounts["local_account_1"]
apiStatus, err := suite.typeconverter.StatusToAPIStatus(ctx, testStatus, requestingAccount, statusfilter.FilterContextNone, nil, nil)
suite.NoError(err)
b, err := json.MarshalIndent(apiStatus, "", " ")
suite.NoError(err)
suite.Equal(`{
"id": "01F8MH75CBF9JFX4ZAD54N0W0R",
"created_at": "2021-10-20T11:36:45.000Z",
"edited_at": null,
"in_reply_to_id": null,
"in_reply_to_account_id": null,
"sensitive": false,
"spoiler_text": "",
"visibility": "public",
"language": "en",
"uri": "http://localhost:8080/users/admin/statuses/01F8MH75CBF9JFX4ZAD54N0W0R",
"url": "http://localhost:8080/@admin/statuses/01F8MH75CBF9JFX4ZAD54N0W0R",
"replies_count": 1,
"reblogs_count": 0,
"favourites_count": 1,
"favourited": true,
"reblogged": false,
"muted": false,
"bookmarked": true,
"pinned": false,
"content": "\u003cp\u003ehello world! \u003ca href=\"http://localhost:8080/tags/welcome\" class=\"mention hashtag\" rel=\"tag nofollow noreferrer noopener\" target=\"_blank\"\u003e#\u003cspan\u003ewelcome\u003c/span\u003e\u003c/a\u003e ! first post on the instance :rainbow: !\u003c/p\u003e",
"reblog": null,
"application": {
"name": "unknown application"
},
"account": {
"id": "01F8MH17FWEB39HZJ76B6VXSKF",
"username": "admin",
"acct": "admin",
"display_name": "",
"locked": false,
"discoverable": true,
"bot": false,
"created_at": "2022-05-17T13:10:59.000Z",
"note": "",
"url": "http://localhost:8080/@admin",
"avatar": "",
"avatar_static": "",
"header": "http://localhost:8080/assets/default_header.webp",
"header_static": "http://localhost:8080/assets/default_header.webp",
"header_description": "Flat gray background (default header).",
"followers_count": 1,
"following_count": 1,
"statuses_count": 4,
"last_status_at": "2021-10-20",
"emojis": [],
"fields": [],
"enable_rss": true,
"roles": [
{
"id": "admin",
"name": "admin",
"color": ""
}
],
"group": false
},
"media_attachments": [
{
"id": "01F8MH6NEM8D7527KZAECTCR76",
"type": "image",
"url": "http://localhost:8080/fileserver/01F8MH17FWEB39HZJ76B6VXSKF/attachment/original/01F8MH6NEM8D7527KZAECTCR76.jpg",
"text_url": "http://localhost:8080/fileserver/01F8MH17FWEB39HZJ76B6VXSKF/attachment/original/01F8MH6NEM8D7527KZAECTCR76.jpg",
"preview_url": "http://localhost:8080/fileserver/01F8MH17FWEB39HZJ76B6VXSKF/attachment/small/01F8MH6NEM8D7527KZAECTCR76.webp",
"remote_url": null,
"preview_remote_url": null,
"meta": {
"original": {
"width": 1200,
"height": 630,
"size": "1200x630",
"aspect": 1.9047619
},
"small": {
"width": 512,
"height": 268,
"size": "512x268",
"aspect": 1.9104477
},
"focus": {
"x": 0,
"y": 0
}
},
"description": "Black and white image of some 50's style text saying: Welcome On Board",
"blurhash": "LIIE|gRj00WB-;j[t7j[4nWBj[Rj"
}
],
"mentions": [],
"tags": [
{
"name": "welcome",
"url": "http://localhost:8080/tags/welcome"
}
],
"emojis": [
{
"shortcode": "rainbow",
"url": "http://localhost:8080/fileserver/01AY6P665V14JJR0AFVRT7311Y/emoji/original/01F8MH9H8E4VG3KDYJR9EGPXCQ.png",
"static_url": "http://localhost:8080/fileserver/01AY6P665V14JJR0AFVRT7311Y/emoji/static/01F8MH9H8E4VG3KDYJR9EGPXCQ.png",
"visible_in_picker": true,
"category": "reactions"
}
],
"card": null,
"poll": null,
"text": "hello world! #welcome ! first post on the instance :rainbow: !",
"content_type": "text/plain",
"interaction_policy": {
"can_favourite": {
"always": [
"public",
"me"
],
"with_approval": []
},
"can_reply": {
"always": [
"public",
"me"
],
"with_approval": []
},
"can_reblog": {
"always": [
"public",
"me"
],
"with_approval": []
}
}
}`, string(b))
}
// Modify a fixture status into a status that should be filtered,
// and then filter it, returning the API status or any error from converting it.
func (suite *InternalToFrontendTestSuite) filteredStatusToFrontend(action gtsmodel.FilterAction, boost bool) (*apimodel.Status, error) {