[bugfix] Only allow boosting post from non-interaction-policy-aware instance if public or unlisted (#3396)

Check for malformed errors embedded inside error *first*, then check for gtserror.WithCode.

README.md

@@ -177,6 +177,10 @@ It's also easy for admins to [add their own custom themes](https://docs.gotosoci
   <img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-midnight-trip.png"/>
   <figcaption>Midnight trip</figcaption>
 </figure>
+<figure>
+  <img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-moonlight-hunt.png"/>
+  <figcaption>Moonlight hunt</figcaption>
+</figure>
 <hr/>
 <figure>
   <img src="https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/docs/assets/theme-rainforest.png"/>

docs/api/swagger.yaml

@@ -8947,7 +8947,7 @@ paths:
                     Providing this parameter will cause ScheduledStatus to be returned instead of Status.
                     Must be at least 5 minutes in the future.
 
-                    This feature isn't implemented yet.
+                    This feature isn't implemented yet; attemping to set it will return 501 Not Implemented.
                   in: formData
                   name: scheduled_at
                   type: string
@@ -9008,6 +9008,8 @@ paths:
                     description: not acceptable
                 "500":
                     description: internal server error
+                "501":
+                    description: scheduled_at was set, but this feature is not yet implemented
             security:
                 - OAuth2 Bearer:
                     - write:statuses

internal/api/client/statuses/statuscreate.go

@@ -181,7 +181,7 @@
 //			Providing this parameter will cause ScheduledStatus to be returned instead of Status.
 //			Must be at least 5 minutes in the future.
 //
-//			This feature isn't implemented yet.
+//			This feature isn't implemented yet; attemping to set it will return 501 Not Implemented.
 //		type: string
 //		in: formData
 //	-
@@ -254,6 +254,8 @@
 //			description: not acceptable
 //		'500':
 //			description: internal server error
+//		'501':
+//			description: scheduled_at was set, but this feature is not yet implemented
 func (m *Module) StatusCreatePOSTHandler(c *gin.Context) {
 	authed, err := oauth.Authed(c, true, true, true, true)
 	if err != nil {
@@ -286,8 +288,8 @@ func (m *Module) StatusCreatePOSTHandler(c *gin.Context) {
 	// }
 	// form.Status += "\n\nsent from " + user + "'s iphone\n"
 
-	if err := validateNormalizeCreateStatus(form); err != nil {
+	if errWithCode := validateStatusCreateForm(form); errWithCode != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
+		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
 		return
 	}
 
@@ -374,46 +376,61 @@ func parseStatusCreateForm(c *gin.Context) (*apimodel.StatusCreateRequest, error
 	return form, nil
 }
 
-// validateNormalizeCreateStatus checks the form
+// validateStatusCreateForm checks the form for disallowed
-// for disallowed combinations of attachments and
+// combinations of attachments, overlength inputs, etc.
-// overlength inputs.
 //
 // Side effect: normalizes the post's language tag.
-func validateNormalizeCreateStatus(form *apimodel.StatusCreateRequest) error {
+func validateStatusCreateForm(form *apimodel.StatusCreateRequest) gtserror.WithCode {
-	hasStatus := form.Status != ""
+	var (
-	hasMedia := len(form.MediaIDs) != 0
+		chars         = len([]rune(form.Status)) + len([]rune(form.SpoilerText))
-	hasPoll := form.Poll != nil
+		maxChars      = config.GetStatusesMaxChars()
+		mediaFiles    = len(form.MediaIDs)
+		maxMediaFiles = config.GetStatusesMediaMaxFiles()
+		hasMedia      = mediaFiles != 0
+		hasPoll       = form.Poll != nil
+	)
 
-	if !hasStatus && !hasMedia && !hasPoll {
+	if chars == 0 && !hasMedia && !hasPoll {
-		return errors.New("no status, media, or poll provided")
+		// Status must contain *some* kind of content.
+		const text = "no status content, content warning, media, or poll provided"
+		return gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
 
-	if hasMedia && hasPoll {
+	if chars > maxChars {
-		return errors.New("can't post media + poll in same status")
+		text := fmt.Sprintf(
+			"status too long, %d characters provided (including content warning) but limit is %d",
+			chars, maxChars,
+		)
+		return gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
 
-	maxChars := config.GetStatusesMaxChars()
+	if mediaFiles > maxMediaFiles {
-	if length := len([]rune(form.Status)) + len([]rune(form.SpoilerText)); length > maxChars {
+		text := fmt.Sprintf(
-		return fmt.Errorf("status too long, %d characters provided (including spoiler/content warning) but limit is %d", length, maxChars)
+			"too many media files attached to status, %d attached but limit is %d",
-	}
+			mediaFiles, maxMediaFiles,
-
+		)
-	maxMediaFiles := config.GetStatusesMediaMaxFiles()
+		return gtserror.NewErrorBadRequest(errors.New(text), text)
-	if len(form.MediaIDs) > maxMediaFiles {
-		return fmt.Errorf("too many media files attached to status, %d attached but limit is %d", len(form.MediaIDs), maxMediaFiles)
 	}
 
 	if form.Poll != nil {
-		if err := validateNormalizeCreatePoll(form); err != nil {
+		if errWithCode := validateStatusPoll(form); errWithCode != nil {
-			return err
+			return errWithCode
 		}
 	}
 
-	if form.Language != "" {
+	if form.ScheduledAt != "" {
-		language, err := validate.Language(form.Language)
+		const text = "scheduled_at is not yet implemented"
-		if err != nil {
+		return gtserror.NewErrorNotImplemented(errors.New(text), text)
-			return err
 	}
-		form.Language = language
+
+	// Validate + normalize
+	// language tag if provided.
+	if form.Language != "" {
+		lang, err := validate.Language(form.Language)
+		if err != nil {
+			return gtserror.NewErrorBadRequest(err, err.Error())
+		}
+		form.Language = lang
 	}
 
 	// Check if the deprecated "federated" field was
@@ -425,9 +442,36 @@ func validateNormalizeCreateStatus(form *apimodel.StatusCreateRequest) error {
 	return nil
 }
 
-func validateNormalizeCreatePoll(form *apimodel.StatusCreateRequest) error {
+func validateStatusPoll(form *apimodel.StatusCreateRequest) gtserror.WithCode {
-	maxPollOptions := config.GetStatusesPollMaxOptions()
+	var (
-	maxPollChars := config.GetStatusesPollOptionMaxChars()
+		maxPollOptions     = config.GetStatusesPollMaxOptions()
+		pollOptions        = len(form.Poll.Options)
+		maxPollOptionChars = config.GetStatusesPollOptionMaxChars()
+	)
+
+	if pollOptions == 0 {
+		const text = "poll with no options"
+		return gtserror.NewErrorBadRequest(errors.New(text), text)
+	}
+
+	if pollOptions > maxPollOptions {
+		text := fmt.Sprintf(
+			"too many poll options provided, %d provided but limit is %d",
+			pollOptions, maxPollOptions,
+		)
+		return gtserror.NewErrorBadRequest(errors.New(text), text)
+	}
+
+	for _, option := range form.Poll.Options {
+		optionChars := len([]rune(option))
+		if optionChars > maxPollOptionChars {
+			text := fmt.Sprintf(
+				"poll option too long, %d characters provided but limit is %d",
+				optionChars, maxPollOptionChars,
+			)
+			return gtserror.NewErrorBadRequest(errors.New(text), text)
+		}
+	}
 
 	// Normalize poll expiry if necessary.
 	// If we parsed this as JSON, expires_in
@@ -440,27 +484,15 @@ func validateNormalizeCreatePoll(form *apimodel.StatusCreateRequest) error {
 		case string:
 			expiresIn, err := strconv.Atoi(e)
 			if err != nil {
-				return fmt.Errorf("could not parse expires_in value %s as integer: %w", e, err)
+				text := fmt.Sprintf("could not parse expires_in value %s as integer: %v", e, err)
+				return gtserror.NewErrorBadRequest(errors.New(text), text)
 			}
 
 			form.Poll.ExpiresIn = expiresIn
 
 		default:
-			return fmt.Errorf("could not parse expires_in type %T as integer", ei)
+			text := fmt.Sprintf("could not parse expires_in type %T as integer", ei)
-		}
+			return gtserror.NewErrorBadRequest(errors.New(text), text)
-	}
-
-	if len(form.Poll.Options) == 0 {
-		return errors.New("poll with no options")
-	}
-
-	if len(form.Poll.Options) > maxPollOptions {
-		return fmt.Errorf("too many poll options provided, %d provided but limit is %d", len(form.Poll.Options), maxPollOptions)
-	}
-
-	for _, p := range form.Poll.Options {
-		if length := len([]rune(p)); length > maxPollChars {
-			return fmt.Errorf("poll option too long, %d characters provided but limit is %d", length, maxPollChars)
 		}
 	}
 

internal/api/client/statuses/statuscreate_test.go

@@ -365,6 +365,25 @@ func (suite *StatusCreateTestSuite) TestPostNewStatusMessedUpIntPolicy() {
 }`, out)
 }
 
+func (suite *StatusCreateTestSuite) TestPostNewScheduledStatus() {
+	out, recorder := suite.postStatus(map[string][]string{
+		"status":       {"this is a brand new status! #helloworld"},
+		"spoiler_text": {"hello hello"},
+		"sensitive":    {"true"},
+		"visibility":   {string(apimodel.VisibilityMutualsOnly)},
+		"scheduled_at": {"2080-10-04T15:32:02.018Z"},
+	}, "")
+
+	// We should have 501 from
+	// our call to the function.
+	suite.Equal(http.StatusNotImplemented, recorder.Code)
+
+	// We should have a helpful error message.
+	suite.Equal(`{
+  "error": "Not Implemented: scheduled_at is not yet implemented"
+}`, out)
+}
+
 func (suite *StatusCreateTestSuite) TestPostNewStatusMarkdown() {
 	out, recorder := suite.postStatus(map[string][]string{
 		"status":       {statusMarkdown},

internal/federation/federatingactor.go

@@ -170,12 +170,6 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
 	//
 	// Post the activity to the Actor's inbox and trigger side effects.
 	if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil {
-		// Check if a function in the federatingDB
-		// has returned an explicit errWithCode for us.
-		if errWithCode, ok := err.(gtserror.WithCode); ok {
-			return false, errWithCode
-		}
-
 		// Check if it's a bad request because the
 		// object or target props weren't populated,
 		// or we failed parsing activity details.
@@ -193,6 +187,12 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
 			return false, gtserror.NewErrorBadRequest(errors.New(text), text)
 		}
 
+		// Check if a function in the federatingDB
+		// has returned an explicit errWithCode for us.
+		if errWithCode, ok := err.(gtserror.WithCode); ok {
+			return false, errWithCode
+		}
+
 		// Default: there's been some real error.
 		err := gtserror.Newf("error calling sideEffectActor.PostInbox: %w", err)
 		return false, gtserror.NewErrorInternalError(err)

internal/filter/interaction/interactable.go

@@ -306,7 +306,7 @@ func (f *Filter) StatusBoostable(
 			status.InteractionPolicy.CanAnnounce,
 		)
 
-	// If status is local and has no policy set,
+	// If status has no policy set but it's local,
 	// check against the default policy for this
 	// visibility, as we're interaction-policy aware.
 	case *status.Local:
@@ -318,13 +318,21 @@ func (f *Filter) StatusBoostable(
 			policy.CanAnnounce,
 		)
 
-	// Otherwise, assume the status is from an
+	// Status is from an instance that does not use
-	// instance that does not use / does not care
+	// or does not care about interaction policies.
-	// about interaction policies, and just return OK.
+	// We can boost it if it's unlisted or public.
-	default:
+	case status.Visibility == gtsmodel.VisibilityPublic ||
+		status.Visibility == gtsmodel.VisibilityUnlocked:
 		return &gtsmodel.PolicyCheckResult{
 			Permission: gtsmodel.PolicyPermissionPermitted,
 		}, nil
+
+	// Not permitted by any of the
+	// above checks, so it's forbidden.
+	default:
+		return &gtsmodel.PolicyCheckResult{
+			Permission: gtsmodel.PolicyPermissionForbidden,
+		}, nil
 	}
 }
 

internal/gtserror/withcode.go

@@ -191,6 +191,19 @@ func NewErrorGone(original error, helpText ...string) WithCode {
 	}
 }
 
+// NewErrorNotImplemented returns an ErrorWithCode 501 with the given original error and optional help text.
+func NewErrorNotImplemented(original error, helpText ...string) WithCode {
+	safe := http.StatusText(http.StatusNotImplemented)
+	if helpText != nil {
+		safe = safe + ": " + strings.Join(helpText, ": ")
+	}
+	return withCode{
+		original: original,
+		safe:     errors.New(safe),
+		code:     http.StatusNotImplemented,
+	}
+}
+
 // NewErrorClientClosedRequest returns an ErrorWithCode 499 with the given original error.
 // This error type should only be used when an http caller has already hung up their request.
 // See: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#nginx

web/assets/themes/moonlight-hunt.css

@@ -0,0 +1,166 @@
+/*
+  theme-title: Moonlight Hunt
+  theme-description: Ominous dark blue / black with a tinge of blood red. You may think it all a mere bad dream.
+*/
+
+:root {
+  /* Define our palette */
+  --bleached-bone: #f3e3d4;
+  --void-blue: #0e131f;
+  --outer-space: #06080e;
+  --ghastly-blue: #88bebe;
+  --blood-red: #6c1619;
+  --bright-red: #f61a1ae6;
+  --feral-orange: #f78d17;
+
+  /* Restyle basic colors */
+  --white1: var(--void-blue);
+  --white2: var(--void-blue);
+  --orange2: var(--bright-red);
+  --blue1: var(--ghastly-blue);
+  --blue2: var(--ghastly-blue);
+  --blue3: var(--ghastly-blue);
+
+  /* Basic page styling (background + foreground) */
+  --bg: var(--void-blue);
+  --bg-accent: var(--void-blue);
+  --fg: var(--bleached-bone);
+  --fg-reduced: var(--bleached-bone);
+  --profile-bg: var(--void-blue); 
+
+  /* Buttons */
+  --bloodshot: linear-gradient(
+    var(--blood-red) 0%,
+    var(--feral-orange) 2%,
+    var(--bright-red) 5%,
+    var(--blood-red) 40%,
+    var(--blood-red) 60%,
+    var(--bright-red) 95%,
+    var(--feral-orange) 98%,
+    var(--blood-red) 100%
+  );
+  --button-bg: var(--bloodshot);
+  --button-fg: var(--bleached-bone);
+
+  /* Statuses */
+  --status-bg: var(--void-blue);
+  --status-focus-bg: var(--void-blue);
+
+  /* Used around statuses + other items */
+  --ghastly-border: 0.1rem solid var(--ghastly-blue);
+  --boxshadow-border: var(--ghastly-border);
+}
+
+/* Main page background */
+body {
+  background: linear-gradient(
+    90deg,
+    var(--blood-red),
+    black 20%,
+    black 80%,
+    var(--blood-red)
+  );
+}
+
+/* Scroll bar */
+html, body {
+  scrollbar-color: var(--bright-red) var(--outer-space);
+  text-shadow: 1px 1px var(--blood-red);
+}
+
+/* Instance title color */
+.page-header a h1 {
+  color: var(--bleached-bone);
+}
+
+.profile .profile-header {
+  border: var(--ghastly-border);
+}
+
+.col-header {
+  border: var(--ghastly-border);
+  background: var(--outer-space);
+}
+
+.profile .about-user .col-header {
+  background: var(--void-blue);
+  border-bottom: none;
+  margin-bottom: 0;
+}
+
+/* Fiddle around with borders on about sections */
+.profile .about-user .fields,
+.profile .about-user .bio,
+.profile .about-user .accountstats {
+  border-left: var(--ghastly-border);
+  border-right: var(--ghastly-border);
+}
+.profile .about-user .accountstats {
+  border-bottom: var(--ghastly-border);
+  background: var(--outer-space);
+}
+
+/* Role and bot badge backgrounds */
+.profile .profile-header .basic-info .namerole .role,
+.profile .profile-header .basic-info .namerole .bot-username-wrapper .bot-legend-wrapper {
+  background: var(--outer-space);
+}
+
+/* Status media */
+.status .media .media-wrapper {
+  border: var(--ghastly-border);
+}
+.status .media .media-wrapper details .unknown-attachment .placeholder {
+  color: var(--bleached-bone);
+}
+.status .media .media-wrapper details video.plyr-video {
+  background: var(--outer-space);
+}
+
+/* Status polls */
+.status .text .poll {
+  background-color: var(--outer-space);
+  border: var(--ghastly-border);
+}
+.status .text .poll .poll-info {
+  background-color: var(--void-blue);
+}
+
+/* Code snippets */
+pre, pre[class*="language-"],
+code, code[class*="language-"] {
+  background-color: var(--outer-space);
+  color: var(--bleached-bone);
+}
+
+/* Block quotes */
+blockquote {
+  background-color: var(--outer-space);
+  color: var(--bleached-bone);
+}
+
+/* Status info bars */
+.status .status-info,
+.status.expanded .status-info {
+  color: var(--ghastly-blue);
+  border-top: 0.1rem dotted var(--ghastly-blue);
+  background: var(--outer-space);
+}
+
+/* Make show more/less buttons more legible */
+.status .button {
+  border: 1px solid var(--feral-orange);
+}
+.status .button:hover {
+  border: 1px solid var(--bleached-bone);
+  background: var(--bloodshot);
+}
+
+/* Back + next links */
+.profile .statuses .backnextlinks a {
+  color: var(--bleached-bone);
+}
+
+.page-footer nav ul li a {
+  color: var(--bleached-bone);
+}