Compare commits

...

3 commits

3 changed files with 67 additions and 29 deletions

View file

@ -235,7 +235,7 @@ func (d *Dereferencer) isPermittedReply(
// Status doesn't claim to be approved. // Status doesn't claim to be approved.
// Check interaction policy of inReplyTo // Check interaction policy of inReplyTo
// to see if it doesn't require approval. // to see what we need to do with it.
replyable, err := d.intFilter.StatusReplyable(ctx, replyable, err := d.intFilter.StatusReplyable(ctx,
reply.Account, reply.Account,
inReplyTo, inReplyTo,
@ -260,35 +260,52 @@ func (d *Dereferencer) isPermittedReply(
) )
} }
// Reply is permitted according to the interaction if replyable.Permitted() &&
// policy set on the replied-to status (if any). !replyable.MatchedOnCollection() {
// Reply is permitted and match was *not* made
if !replyable.MatchedOnCollection() { // based on inclusion in a followers/following
// If we didn't match on a collection, // collection. Just permit the reply full stop
// then we don't require an acceptIRI, // as no approval / accept URI is necessary.
// and we don't need to send an Accept;
// just permit the reply full stop.
return true, nil return true, nil
} }
// Reply is permitted, but match was made based // Reply is either permitted based on inclusion in a
// on inclusion in a followers/following collection. // followers/following collection, *or* is permitted
// pending approval, though we know at this point
// that the status did not include an approvedBy URI.
if !inReplyTo.IsLocal() {
// If the replied-to status is remote, we should just
// drop this reply at this point, as we can't verify
// that the remote replied-to account approves it, and
// we can't verify the presence of a remote account
// in one of another remote account's collections.
// //
// If the status is ours, mark it as PreApproved // It's possible we'll get an Accept from the replied-
// so the processor knows to create and send out // to account later, and we can store this reply then.
// an Accept for it immediately. return false, nil
if inReplyTo.IsLocal() { }
// Replied-to status is ours, so the
// replied-to account is ours as well.
if replyable.MatchedOnCollection() {
// If permission was granted based on inclusion in
// a followers/following collection, pre-approve the
// reply, as we ourselves can validate presence of the
// replier in the appropriate collection. Pre-approval
// lets the processor know it should send out an Accept
// straight away on behalf of the replied-to account.
reply.PendingApproval = util.Ptr(true) reply.PendingApproval = util.Ptr(true)
reply.PreApproved = true reply.PreApproved = true
return true, nil return true, nil
} }
// For replies to remote statuses, which matched // Reply just requires approval from the local account
// on a followers/following collection, but did not // it replies to. Set PendingApproval so the processor
// include an acceptIRI, we should just drop it. // knows to create a pending interaction request.
// It's possible we'll get an Accept for it later reply.PendingApproval = util.Ptr(true)
// and we can check everything again. return true, nil
return false, nil
} }
// unpermittedByParent marks the given reply as rejected // unpermittedByParent marks the given reply as rejected

View file

@ -19,6 +19,7 @@
import ( import (
"context" "context"
"errors"
"slices" "slices"
"strings" "strings"
@ -402,6 +403,10 @@ func (p *Processor) WebContextGet(
// We should mark the next **VISIBLE** // We should mark the next **VISIBLE**
// reply as the first reply. // reply as the first reply.
markNextVisibleAsFirstReply bool markNextVisibleAsFirstReply bool
// Map of statuses that didn't pass visi
// checks and won't be shown via the web.
hiddenStatuses = make(map[string]struct{})
) )
for idx, status := range wholeThread { for idx, status := range wholeThread {
@ -427,11 +432,16 @@ func (p *Processor) WebContextGet(
} }
} }
// Ensure status is actually // Ensure status is actually visible to just
// visible to just anyone, and // anyone, and hide / don't include it if not.
// hide / don't include it if not. //
// Include a check to see if the parent status
// is hidden; if so, we shouldn't show the child
// as it leads to weird-looking threading where
// a status seems to reply to nothing.
_, parentHidden := hiddenStatuses[status.InReplyToID]
v, err := p.visFilter.StatusVisible(ctx, nil, status) v, err := p.visFilter.StatusVisible(ctx, nil, status)
if err != nil || !v { if err != nil || !v || parentHidden {
if !inReplies { if !inReplies {
// Main thread entry hidden. // Main thread entry hidden.
wCtx.ThreadHidden++ wCtx.ThreadHidden++
@ -439,12 +449,15 @@ func (p *Processor) WebContextGet(
// Reply hidden. // Reply hidden.
wCtx.ThreadRepliesHidden++ wCtx.ThreadRepliesHidden++
} }
hiddenStatuses[status.ID] = struct{}{}
continue continue
} }
// Prepare visible status to add to thread context. // Prepare visible status to add to thread context.
webStatus, err := p.converter.StatusToWebStatus(ctx, status) webStatus, err := p.converter.StatusToWebStatus(ctx, status)
if err != nil { if err != nil {
hiddenStatuses[status.ID] = struct{}{}
continue continue
} }
@ -512,9 +525,17 @@ func (p *Processor) WebContextGet(
wCtx.ThreadLength = threadLength wCtx.ThreadLength = threadLength
} }
// Jot down number of hidden posts so template doesn't have to do it. // Jot down number of "main" thread entries shown.
wCtx.ThreadShown = wCtx.ThreadLength - wCtx.ThreadHidden wCtx.ThreadShown = wCtx.ThreadLength - wCtx.ThreadHidden
// If there's no posts visible in the
// "main" thread we shouldn't show replies
// via the web as that's just weird.
if wCtx.ThreadShown < 1 {
const text = "no statuses visible in main thread"
return nil, gtserror.NewErrorNotFound(errors.New(text))
}
// Mark the last "main" visible status. // Mark the last "main" visible status.
wCtx.Statuses[wCtx.ThreadShown-1].ThreadLastMain = true wCtx.Statuses[wCtx.ThreadShown-1].ThreadLastMain = true
@ -523,7 +544,7 @@ func (p *Processor) WebContextGet(
// part of the "main" thread. // part of the "main" thread.
wCtx.ThreadReplies = threadLength - wCtx.ThreadLength wCtx.ThreadReplies = threadLength - wCtx.ThreadLength
// Jot down number of hidden replies so template doesn't have to do it. // Jot down number of "replies" shown.
wCtx.ThreadRepliesShown = wCtx.ThreadReplies - wCtx.ThreadRepliesHidden wCtx.ThreadRepliesShown = wCtx.ThreadReplies - wCtx.ThreadRepliesHidden
// Return the finished context. // Return the finished context.

View file

@ -91,7 +91,7 @@ Polls can have up to
<li><a href="#contact">Contact</a></li> <li><a href="#contact">Contact</a></li>
<li><a href="#features">Features</a></li> <li><a href="#features">Features</a></li>
<li><a href="#languages">Languages</a></li> <li><a href="#languages">Languages</a></li>
<li><a href="#signup">Register an Account on {{ .instance.Title -}}</li> <li><a href="#signup">Register an Account on {{ .instance.Title -}}</a></li>
<li><a href="#rules">Rules</a></li> <li><a href="#rules">Rules</a></li>
<li><a href="#terms">Terms and Conditions</a></li> <li><a href="#terms">Terms and Conditions</a></li>
<li><a href="#moderated-servers">Moderated Servers</a></li> <li><a href="#moderated-servers">Moderated Servers</a></li>