mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-11-03 22:12:26 -06:00
c9b6220fef* [chore] Add interaction filter to complement existing visibility filter
* pass in ptr to visibility and interaction filters to Processor{} to ensure shared
* use int constants for for match type, cache db calls in filterctx
* function name typo 😇
---------
Co-authored-by: kim <grufwub@gmail.com>
267 lines
7.8 KiB
Go
267 lines
7.8 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package common
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
|
|
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
|
|
"github.com/superseriousbusiness/gotosocial/internal/db"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
|
"github.com/superseriousbusiness/gotosocial/internal/log"
|
|
)
|
|
|
|
// GetTargetAccountBy fetches the target account with db load function, given the authorized (or, nil) requester's
|
|
// account. This returns an approprate gtserror.WithCode accounting (ha) for not found and visibility to requester.
|
|
func (p *Processor) GetTargetAccountBy(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
getTargetFromDB func() (*gtsmodel.Account, error),
|
|
) (
|
|
account *gtsmodel.Account,
|
|
visible bool,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
// Fetch the target account from db.
|
|
target, err := getTargetFromDB()
|
|
if err != nil && !errors.Is(err, db.ErrNoEntries) {
|
|
return nil, false, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if target == nil {
|
|
// DB loader could not find account in database.
|
|
const text = "target account not found"
|
|
return nil, false, gtserror.NewErrorNotFound(
|
|
errors.New(text),
|
|
text,
|
|
)
|
|
}
|
|
|
|
// Check whether target account is visible to requesting account.
|
|
visible, err = p.visFilter.AccountVisible(ctx, requester, target)
|
|
if err != nil {
|
|
return nil, false, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
if requester != nil && visible {
|
|
// Only refresh account if visible to requester,
|
|
// and there is *authorized* requester to prevent
|
|
// a possible DOS vector for unauthorized clients.
|
|
latest, _, err := p.federator.RefreshAccount(ctx,
|
|
requester.Username,
|
|
target,
|
|
nil,
|
|
nil,
|
|
)
|
|
if err != nil {
|
|
log.Errorf(ctx, "error refreshing target %s: %v", target.URI, err)
|
|
return target, visible, nil
|
|
}
|
|
|
|
// Set latest.
|
|
target = latest
|
|
}
|
|
|
|
return target, visible, nil
|
|
}
|
|
|
|
// GetTargetAccountByID is a call-through to GetTargetAccountBy() using the db GetAccountByID() function.
|
|
func (p *Processor) GetTargetAccountByID(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
targetID string,
|
|
) (
|
|
account *gtsmodel.Account,
|
|
visible bool,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
return p.GetTargetAccountBy(ctx, requester, func() (*gtsmodel.Account, error) {
|
|
return p.state.DB.GetAccountByID(ctx, targetID)
|
|
})
|
|
}
|
|
|
|
// GetVisibleTargetAccount calls GetTargetAccountByID(),
|
|
// but converts a non-visible result to not-found error.
|
|
func (p *Processor) GetVisibleTargetAccount(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
targetID string,
|
|
) (
|
|
account *gtsmodel.Account,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
// Fetch the target account by ID from the database.
|
|
target, visible, errWithCode := p.GetTargetAccountByID(ctx,
|
|
requester,
|
|
targetID,
|
|
)
|
|
if errWithCode != nil {
|
|
return nil, errWithCode
|
|
}
|
|
|
|
if !visible {
|
|
// Pretend account doesn't exist if not visible.
|
|
const text = "target account not found"
|
|
return nil, gtserror.NewErrorNotFound(
|
|
errors.New(text),
|
|
text,
|
|
)
|
|
}
|
|
|
|
return target, nil
|
|
}
|
|
|
|
// GetAPIAccount fetches the appropriate API account model depending on whether requester = target.
|
|
func (p *Processor) GetAPIAccount(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
target *gtsmodel.Account,
|
|
) (
|
|
apiAcc *apimodel.Account,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
var err error
|
|
|
|
if requester != nil && requester.ID == target.ID {
|
|
// Only return sensitive account model _if_ requester = target.
|
|
apiAcc, err = p.converter.AccountToAPIAccountSensitive(ctx, target)
|
|
} else {
|
|
// Else, fall back to returning the public account model.
|
|
apiAcc, err = p.converter.AccountToAPIAccountPublic(ctx, target)
|
|
}
|
|
|
|
if err != nil {
|
|
err := gtserror.Newf("error converting account: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
|
|
return apiAcc, nil
|
|
}
|
|
|
|
// GetAPIAccountBlocked fetches the limited "blocked" account model for given target.
|
|
func (p *Processor) GetAPIAccountBlocked(
|
|
ctx context.Context,
|
|
targetAcc *gtsmodel.Account,
|
|
) (
|
|
apiAcc *apimodel.Account,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
apiAccount, err := p.converter.AccountToAPIAccountBlocked(ctx, targetAcc)
|
|
if err != nil {
|
|
err = gtserror.Newf("error converting account: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
return apiAccount, nil
|
|
}
|
|
|
|
// GetAPIAccountSensitive fetches the "sensitive" account model for the given target.
|
|
// *BE CAREFUL!* Only return a sensitive account if targetAcc == account making the request.
|
|
func (p *Processor) GetAPIAccountSensitive(
|
|
ctx context.Context,
|
|
targetAcc *gtsmodel.Account,
|
|
) (
|
|
apiAcc *apimodel.Account,
|
|
errWithCode gtserror.WithCode,
|
|
) {
|
|
apiAccount, err := p.converter.AccountToAPIAccountSensitive(ctx, targetAcc)
|
|
if err != nil {
|
|
err = gtserror.Newf("error converting account: %w", err)
|
|
return nil, gtserror.NewErrorInternalError(err)
|
|
}
|
|
return apiAccount, nil
|
|
}
|
|
|
|
// GetVisibleAPIAccounts converts an array of gtsmodel.Accounts (inputted by next function) into
|
|
// public API model accounts, checking first for visibility. Please note that all errors will be
|
|
// logged at ERROR level, but will not be returned. Callers are likely to run into show-stopping
|
|
// errors in the lead-up to this function, whereas calling this should not be a show-stopper.
|
|
func (p *Processor) GetVisibleAPIAccounts(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
next func(int) *gtsmodel.Account,
|
|
length int,
|
|
) []*apimodel.Account {
|
|
return p.getVisibleAPIAccounts(ctx, 3, requester, next, length)
|
|
}
|
|
|
|
// GetVisibleAPIAccountsPaged is functionally equivalent to GetVisibleAPIAccounts(),
|
|
// except the accounts are returned as a converted slice of accounts as interface{}.
|
|
func (p *Processor) GetVisibleAPIAccountsPaged(
|
|
ctx context.Context,
|
|
requester *gtsmodel.Account,
|
|
next func(int) *gtsmodel.Account,
|
|
length int,
|
|
) []interface{} {
|
|
accounts := p.getVisibleAPIAccounts(ctx, 3, requester, next, length)
|
|
items := make([]interface{}, len(accounts))
|
|
for i, account := range accounts {
|
|
items[i] = account
|
|
}
|
|
return items
|
|
}
|
|
|
|
func (p *Processor) getVisibleAPIAccounts(
|
|
ctx context.Context,
|
|
calldepth int, // used to skip wrapping func above these's names
|
|
requester *gtsmodel.Account,
|
|
next func(int) *gtsmodel.Account,
|
|
length int,
|
|
) []*apimodel.Account {
|
|
// Start new log entry with
|
|
// the above calling func's name.
|
|
l := log.
|
|
WithContext(ctx).
|
|
WithField("caller", log.Caller(calldepth+1))
|
|
|
|
// Preallocate slice according to expected length.
|
|
accounts := make([]*apimodel.Account, 0, length)
|
|
|
|
for i := 0; i < length; i++ {
|
|
// Get next account.
|
|
account := next(i)
|
|
if account == nil {
|
|
continue
|
|
}
|
|
|
|
// Check whether this account is visible to requesting account.
|
|
visible, err := p.visFilter.AccountVisible(ctx, requester, account)
|
|
if err != nil {
|
|
l.Errorf("error checking account visibility: %v", err)
|
|
continue
|
|
}
|
|
|
|
if !visible {
|
|
// Not visible to requester.
|
|
continue
|
|
}
|
|
|
|
// Convert the account to a public API model representation.
|
|
apiAcc, err := p.converter.AccountToAPIAccountPublic(ctx, account)
|
|
if err != nil {
|
|
l.Errorf("error converting account: %v", err)
|
|
continue
|
|
}
|
|
|
|
// Append API model to return slice.
|
|
accounts = append(accounts, apiAcc)
|
|
}
|
|
|
|
return accounts
|
|
}
|