mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-01-12 01:20:13 +00:00
69dd5fed2c
* for domain block lookups, lookup along subdomain parts Signed-off-by: kim <grufwub@gmail.com> * only lookup up to a max of 5 domain parts to prevent DOS, limit inserted domains to max of 5 subdomains Signed-off-by: kim <grufwub@gmail.com> * add test for domain block wildcarding Signed-off-by: kim <grufwub@gmail.com> * check cached status first, increase cached domain time Signed-off-by: kim <grufwub@gmail.com> * fix domain wildcard part building logic Signed-off-by: kim <grufwub@gmail.com> * create separate domain.BlockCache{} type to hold all domain blocks in memory Signed-off-by: kim <grufwub@gmail.com> * remove unused variable Signed-off-by: kim <grufwub@gmail.com> * add docs and test to domain block cache, check for domain == host in domain block getter funcs Signed-off-by: kim <grufwub@gmail.com> * add license text Signed-off-by: kim <grufwub@gmail.com> * check order in which we check primary cache Signed-off-by: kim <grufwub@gmail.com> * add better documentation of how domain block checking is performed Signed-off-by: kim <grufwub@gmail.com> * change Signed-off-by: kim <grufwub@gmail.com> Signed-off-by: kim <grufwub@gmail.com>
166 lines
4.7 KiB
Go
166 lines
4.7 KiB
Go
/*
|
|
GoToSocial
|
|
Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package bundb_test
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
|
)
|
|
|
|
type DomainTestSuite struct {
|
|
BunDBStandardTestSuite
|
|
}
|
|
|
|
func (suite *DomainTestSuite) TestIsDomainBlocked() {
|
|
ctx := context.Background()
|
|
|
|
domainBlock := >smodel.DomainBlock{
|
|
ID: "01G204214Y9TNJEBX39C7G88SW",
|
|
Domain: "some.bad.apples",
|
|
CreatedByAccountID: suite.testAccounts["admin_account"].ID,
|
|
CreatedByAccount: suite.testAccounts["admin_account"],
|
|
}
|
|
|
|
// no domain block exists for the given domain yet
|
|
blocked, err := suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
err = suite.db.CreateDomainBlock(ctx, domainBlock)
|
|
suite.NoError(err)
|
|
|
|
// domain block now exists
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
suite.WithinDuration(time.Now(), domainBlock.CreatedAt, 10*time.Second)
|
|
}
|
|
|
|
func (suite *DomainTestSuite) TestIsDomainBlockedWildcard() {
|
|
ctx := context.Background()
|
|
|
|
domainBlock := >smodel.DomainBlock{
|
|
ID: "01G204214Y9TNJEBX39C7G88SW",
|
|
Domain: "bad.apples",
|
|
CreatedByAccountID: suite.testAccounts["admin_account"].ID,
|
|
CreatedByAccount: suite.testAccounts["admin_account"],
|
|
}
|
|
|
|
// no domain block exists for the given domain yet
|
|
blocked, err := suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
err = suite.db.CreateDomainBlock(ctx, domainBlock)
|
|
suite.NoError(err)
|
|
|
|
// Start with the base block domain
|
|
domain := domainBlock.Domain
|
|
|
|
for _, part := range []string{"extra", "domain", "parts"} {
|
|
// Prepend the next domain part
|
|
domain = part + "." + domain
|
|
|
|
// Check that domain block is wildcarded for this subdomain
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
}
|
|
}
|
|
|
|
func (suite *DomainTestSuite) TestIsDomainBlockedNonASCII() {
|
|
ctx := context.Background()
|
|
|
|
now := time.Now()
|
|
|
|
domainBlock := >smodel.DomainBlock{
|
|
ID: "01G204214Y9TNJEBX39C7G88SW",
|
|
Domain: "xn--80aaa1bbb1h.com",
|
|
CreatedAt: now,
|
|
UpdatedAt: now,
|
|
CreatedByAccountID: suite.testAccounts["admin_account"].ID,
|
|
CreatedByAccount: suite.testAccounts["admin_account"],
|
|
}
|
|
|
|
// no domain block exists for the given domain yet
|
|
blocked, err := suite.db.IsDomainBlocked(ctx, "какашка.com")
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "xn--80aaa1bbb1h.com")
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
err = suite.db.CreateDomainBlock(ctx, domainBlock)
|
|
suite.NoError(err)
|
|
|
|
// domain block now exists
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "какашка.com")
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "xn--80aaa1bbb1h.com")
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
}
|
|
|
|
func (suite *DomainTestSuite) TestIsDomainBlockedNonASCII2() {
|
|
ctx := context.Background()
|
|
|
|
now := time.Now()
|
|
|
|
domainBlock := >smodel.DomainBlock{
|
|
ID: "01G204214Y9TNJEBX39C7G88SW",
|
|
Domain: "какашка.com",
|
|
CreatedAt: now,
|
|
UpdatedAt: now,
|
|
CreatedByAccountID: suite.testAccounts["admin_account"].ID,
|
|
CreatedByAccount: suite.testAccounts["admin_account"],
|
|
}
|
|
|
|
// no domain block exists for the given domain yet
|
|
blocked, err := suite.db.IsDomainBlocked(ctx, "какашка.com")
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "xn--80aaa1bbb1h.com")
|
|
suite.NoError(err)
|
|
suite.False(blocked)
|
|
|
|
err = suite.db.CreateDomainBlock(ctx, domainBlock)
|
|
suite.NoError(err)
|
|
|
|
// domain block now exists
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "какашка.com")
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
|
|
blocked, err = suite.db.IsDomainBlocked(ctx, "xn--80aaa1bbb1h.com")
|
|
suite.NoError(err)
|
|
suite.True(blocked)
|
|
}
|
|
|
|
func TestDomainTestSuite(t *testing.T) {
|
|
suite.Run(t, new(DomainTestSuite))
|
|
}
|