mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-12-23 10:42:12 +00:00
de6e3e5f2a
* refactor visibility checking, add caching for visibility * invalidate visibility cache items on account / status deletes * fix requester ID passed to visibility cache nil ptr * de-interface caches, fix home / public timeline caching + visibility * finish adding code comments for visibility filter * fix angry goconst linter warnings * actually finish adding filter visibility code comments for timeline functions * move home timeline status author check to after visibility * remove now-unused code * add more code comments * add TODO code comment, update printed cache start names * update printed cache names on stop * start adding separate follow(request) delete db functions, add specific visibility cache tests * add relationship type caching * fix getting local account follows / followed-bys, other small codebase improvements * simplify invalidation using cache hooks, add more GetAccountBy___() functions * fix boosting to return 404 if not boostable but no error (to not leak status ID) * remove dead code * improved placement of cache invalidation * update license headers * add example follow, follow-request config entries * add example visibility cache configuration to config file * use specific PutFollowRequest() instead of just Put() * add tests for all GetAccountBy() * add GetBlockBy() tests * update block to check primitive fields * update and finish adding Get{Account,Block,Follow,FollowRequest}By() tests * fix copy-pasted code * update envparsing test * whitespace * fix bun struct tag * add license header to gtscontext * fix old license header * improved error creation to not use fmt.Errorf() when not needed * fix various rebase conflicts, fix account test * remove commented-out code, fix-up mention caching * fix mention select bun statement * ensure mention target account populated, pass in context to customrenderer logging * remove more uncommented code, fix typeutil test * add statusfave database model caching * add status fave cache configuration * add status fave cache example config * woops, catch missed error. nice catch linter! * add back testrig panic on nil db * update example configuration to match defaults, slight tweak to cache configuration defaults * update envparsing test with new defaults * fetch followingget to use the follow target account * use accounnt.IsLocal() instead of empty domain check * use constants for the cache visibility type check * use bun.In() for notification type restriction in db query * include replies when fetching PublicTimeline() (to account for single-author threads in Visibility{}.StatusPublicTimelineable()) * use bun query building for nested select statements to ensure working with postgres * update public timeline future status checks to match visibility filter * same as previous, for home timeline * update public timeline tests to dynamically check for appropriate statuses * migrate accounts to allow unique constraint on public_key * provide minimal account with publicKey --------- Signed-off-by: kim <grufwub@gmail.com> Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
152 lines
4.7 KiB
Go
152 lines
4.7 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package visibility
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/superseriousbusiness/gotosocial/internal/cache"
|
|
"github.com/superseriousbusiness/gotosocial/internal/config"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
|
"github.com/superseriousbusiness/gotosocial/internal/log"
|
|
)
|
|
|
|
// AccountVisible will check if given account is visible to requester, accounting for requester with no auth (i.e is nil), suspensions, disabled local users and account blocks.
|
|
func (f *Filter) AccountVisible(ctx context.Context, requester *gtsmodel.Account, account *gtsmodel.Account) (bool, error) {
|
|
// By default we assume no auth.
|
|
requesterID := noauth
|
|
|
|
if requester != nil {
|
|
// Use provided account ID.
|
|
requesterID = requester.ID
|
|
}
|
|
|
|
visibility, err := f.state.Caches.Visibility.Load("Type.RequesterID.ItemID", func() (*cache.CachedVisibility, error) {
|
|
// Visibility not yet cached, perform visibility lookup.
|
|
visible, err := f.isAccountVisibleTo(ctx, requester, account)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Return visibility value.
|
|
return &cache.CachedVisibility{
|
|
ItemID: account.ID,
|
|
RequesterID: requesterID,
|
|
Type: cache.VisibilityTypeAccount,
|
|
Value: visible,
|
|
}, nil
|
|
}, "account", requesterID, account.ID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
return visibility.Value, nil
|
|
}
|
|
|
|
// isAccountVisibleTo will check if account is visible to requester. It is the "meat" of the logic to Filter{}.AccountVisible() which is called within cache loader callback.
|
|
func (f *Filter) isAccountVisibleTo(ctx context.Context, requester *gtsmodel.Account, account *gtsmodel.Account) (bool, error) {
|
|
// Check whether target account is visible to anyone.
|
|
visible, err := f.isAccountVisible(ctx, account)
|
|
if err != nil {
|
|
return false, fmt.Errorf("isAccountVisibleTo: error checking account %s visibility: %w", account.ID, err)
|
|
}
|
|
|
|
if !visible {
|
|
log.Trace(ctx, "target account is not visible to anyone")
|
|
return false, nil
|
|
}
|
|
|
|
if requester == nil {
|
|
// It seems stupid, but when un-authed all accounts are
|
|
// visible to allow for federation to work correctly.
|
|
return true, nil
|
|
}
|
|
|
|
// If requester is not visible, they cannot *see* either.
|
|
visible, err = f.isAccountVisible(ctx, requester)
|
|
if err != nil {
|
|
return false, fmt.Errorf("isAccountVisibleTo: error checking account %s visibility: %w", account.ID, err)
|
|
}
|
|
|
|
if !visible {
|
|
log.Trace(ctx, "requesting account cannot see other accounts")
|
|
return false, nil
|
|
}
|
|
|
|
// Check whether either blocks the other.
|
|
blocked, err := f.state.DB.IsEitherBlocked(ctx,
|
|
requester.ID,
|
|
account.ID,
|
|
)
|
|
if err != nil {
|
|
return false, fmt.Errorf("isAccountVisibleTo: error checking account blocks: %w", err)
|
|
}
|
|
|
|
if blocked {
|
|
log.Trace(ctx, "block exists between accounts")
|
|
return false, nil
|
|
}
|
|
|
|
return true, nil
|
|
}
|
|
|
|
// isAccountVisible will check if given account should be visible at all, e.g. it may not be if suspended or disabled.
|
|
func (f *Filter) isAccountVisible(ctx context.Context, account *gtsmodel.Account) (bool, error) {
|
|
if account.IsLocal() {
|
|
// This is a local account.
|
|
|
|
if account.Username == config.GetHost() {
|
|
// This is the instance actor account.
|
|
return true, nil
|
|
}
|
|
|
|
// Fetch the local user model for this account.
|
|
user, err := f.state.DB.GetUserByAccountID(ctx, account.ID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
// Make sure that user is active (i.e. not disabled, not approved etc).
|
|
if *user.Disabled || !*user.Approved || user.ConfirmedAt.IsZero() {
|
|
log.Trace(ctx, "local account not active")
|
|
return false, nil
|
|
}
|
|
} else {
|
|
// This is a remote account.
|
|
|
|
// Check whether remote account's domain is blocked.
|
|
blocked, err := f.state.DB.IsDomainBlocked(ctx, account.Domain)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if blocked {
|
|
log.Trace(ctx, "remote account domain blocked")
|
|
return false, nil
|
|
}
|
|
}
|
|
|
|
if !account.SuspendedAt.IsZero() {
|
|
log.Trace(ctx, "account suspended")
|
|
return false, nil
|
|
}
|
|
|
|
return true, nil
|
|
}
|