From 2c2ff90913b88d7d4d5010cc9ac84ab53b4e08b9 Mon Sep 17 00:00:00 2001
From: tobi <tobi.smethurst@protonmail.com>
Date: Thu, 21 Nov 2024 13:29:00 +0100
Subject: [PATCH] test own domain excluded

---
 internal/db/bundb/domainpermissionexclude.go  | 15 ++--
 .../db/bundb/domainpermissionexclude_test.go  | 80 +++++++++++++++++++
 internal/db/domain.go                         |  3 +
 3 files changed, 88 insertions(+), 10 deletions(-)

diff --git a/internal/db/bundb/domainpermissionexclude.go b/internal/db/bundb/domainpermissionexclude.go
index d4d6a2ce8..005c21400 100644
--- a/internal/db/bundb/domainpermissionexclude.go
+++ b/internal/db/bundb/domainpermissionexclude.go
@@ -22,7 +22,6 @@
 	"errors"
 	"slices"
 
-	"github.com/miekg/dns"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/gtscontext"
@@ -65,14 +64,6 @@ func (d *domainDB) IsDomainPermissionExcluded(ctx context.Context, domain string
 		return false, err
 	}
 
-	// Check if our host and given domain are equal
-	// or part of the same second-level domain; we
-	// always exclude such perms as creating blocks
-	// or allows in such cases may break things.
-	if dns.CompareDomainName(domain, config.GetHost()) >= 2 {
-		return true, nil
-	}
-
 	// Func to scan list of all
 	// excluded domain perms from DB.
 	loadF := func() ([]string, error) {
@@ -80,12 +71,16 @@ func (d *domainDB) IsDomainPermissionExcluded(ctx context.Context, domain string
 
 		if err := d.db.
 			NewSelect().
-			Table("domain_excludes").
+			Table("domain_permission_excludes").
 			Column("domain").
 			Scan(ctx, &domains); err != nil {
 			return nil, err
 		}
 
+		// Exclude our own domain as creating blocks
+		// or allows for self will likely break things.
+		domains = append(domains, config.GetHost())
+
 		return domains, nil
 	}
 
diff --git a/internal/db/bundb/domainpermissionexclude_test.go b/internal/db/bundb/domainpermissionexclude_test.go
index 09ef737c3..47af710f9 100644
--- a/internal/db/bundb/domainpermissionexclude_test.go
+++ b/internal/db/bundb/domainpermissionexclude_test.go
@@ -23,6 +23,7 @@
 	"testing"
 
 	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 )
@@ -100,6 +101,85 @@ func (suite *DomainPermissionExcludeTestSuite) TestPermExcludeCreateGetDelete()
 	}
 }
 
+func (suite *DomainPermissionExcludeTestSuite) TestExcluded() {
+	var (
+		ctx                = context.Background()
+		createdByAccountID = suite.testAccounts["admin_account"].ID
+	)
+
+	// Insert some excludes into the db.
+	for _, exclude := range []*gtsmodel.DomainPermissionExclude{
+		{
+			ID:                 "01JD7AFFBBZSPY8R2M0JCGQGPW",
+			Domain:             "example.org",
+			CreatedByAccountID: createdByAccountID,
+		},
+		{
+			ID:                 "01JD7AMK98E2QX78KXEZJ1RF5Z",
+			Domain:             "boobs.com",
+			CreatedByAccountID: createdByAccountID,
+		},
+		{
+			ID:                 "01JD7AMXW3R3W98E91R62ACDA0",
+			Domain:             "rad.boobs.com",
+			CreatedByAccountID: createdByAccountID,
+		},
+		{
+			ID:                 "01JD7AYYN5TXQVASB30PT08CE1",
+			Domain:             "honkers.org",
+			CreatedByAccountID: createdByAccountID,
+		},
+	} {
+		if err := suite.state.DB.PutDomainPermissionExclude(ctx, exclude); err != nil {
+			suite.FailNow(err.Error())
+		}
+	}
+
+	type testCase struct {
+		domain   string
+		excluded bool
+	}
+
+	for i, testCase := range []testCase{
+		{
+			domain:   config.GetHost(),
+			excluded: true,
+		},
+		{
+			domain:   "test.example.org",
+			excluded: true,
+		},
+		{
+			domain:   "example.org",
+			excluded: true,
+		},
+		{
+			domain:   "boobs.com",
+			excluded: true,
+		},
+		{
+			domain:   "rad.boobs.com",
+			excluded: true,
+		},
+		{
+			domain:   "sir.not.appearing.in.this.list",
+			excluded: false,
+		},
+	} {
+		excluded, err := suite.state.DB.IsDomainPermissionExcluded(ctx, testCase.domain)
+		if err != nil {
+			suite.FailNow(err.Error())
+		}
+
+		if excluded != testCase.excluded {
+			suite.Failf("",
+				"test %d: %s excluded should be %t",
+				i, testCase.domain, testCase.excluded,
+			)
+		}
+	}
+}
+
 func TestDomainPermissionExcludeTestSuite(t *testing.T) {
 	suite.Run(t, new(DomainPermissionExcludeTestSuite))
 }
diff --git a/internal/db/domain.go b/internal/db/domain.go
index 8e285fba3..f4d05ad1d 100644
--- a/internal/db/domain.go
+++ b/internal/db/domain.go
@@ -129,4 +129,7 @@ type Domain interface {
 
 	// DeleteDomainPermissionExclude deletes one DomainPermissionExclude with the given id.
 	DeleteDomainPermissionExclude(ctx context.Context, id string) error
+
+	// IsDomainPermissionExcluded returns true if the given domain matches in the list of excluded domains.
+	IsDomainPermissionExcluded(ctx context.Context, domain string) (bool, error)
 }