2023-02-22 15:05:26 +00:00
/ *
GoToSocial
Copyright ( C ) 2021 - 2023 GoToSocial Authors admin @ gotosocial . org
This program is free software : you can redistribute it and / or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation , either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU Affero General Public License for more details .
You should have received a copy of the GNU Affero General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
* /
package fedi
import (
"context"
"fmt"
"net/http"
"net/url"
"github.com/superseriousbusiness/activity/streams"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/transport"
)
// FollowersGet handles the getting of a fedi/activitypub representation of a user/account's followers, performing appropriate
// authentication before returning a JSON serializable interface to the caller.
func ( p * Processor ) FollowersGet ( ctx context . Context , requestedUsername string , requestURL * url . URL ) ( interface { } , gtserror . WithCode ) {
// get the account the request is referring to
requestedAccount , err := p . db . GetAccountByUsernameDomain ( ctx , requestedUsername , "" )
if err != nil {
return nil , gtserror . NewErrorNotFound ( fmt . Errorf ( "database error getting account with username %s: %s" , requestedUsername , err ) )
}
// authenticate the request
requestingAccountURI , errWithCode := p . federator . AuthenticateFederatedRequest ( ctx , requestedUsername )
if errWithCode != nil {
return nil , errWithCode
}
requestingAccount , err := p . federator . GetAccountByURI (
transport . WithFastfail ( ctx ) , requestedUsername , requestingAccountURI , false ,
)
if err != nil {
return nil , gtserror . NewErrorUnauthorized ( err )
}
blocked , err := p . db . IsBlocked ( ctx , requestedAccount . ID , requestingAccount . ID , true )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
if blocked {
return nil , gtserror . NewErrorUnauthorized ( fmt . Errorf ( "block exists between accounts %s and %s" , requestedAccount . ID , requestingAccount . ID ) )
}
requestedAccountURI , err := url . Parse ( requestedAccount . URI )
if err != nil {
return nil , gtserror . NewErrorInternalError ( fmt . Errorf ( "error parsing url %s: %s" , requestedAccount . URI , err ) )
}
requestedFollowers , err := p . federator . FederatingDB ( ) . Followers ( ctx , requestedAccountURI )
if err != nil {
return nil , gtserror . NewErrorInternalError ( fmt . Errorf ( "error fetching followers for uri %s: %s" , requestedAccountURI . String ( ) , err ) )
}
data , err := streams . Serialize ( requestedFollowers )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
return data , nil
}
// FollowingGet handles the getting of a fedi/activitypub representation of a user/account's following, performing appropriate
// authentication before returning a JSON serializable interface to the caller.
func ( p * Processor ) FollowingGet ( ctx context . Context , requestedUsername string , requestURL * url . URL ) ( interface { } , gtserror . WithCode ) {
// get the account the request is referring to
requestedAccount , err := p . db . GetAccountByUsernameDomain ( ctx , requestedUsername , "" )
if err != nil {
return nil , gtserror . NewErrorNotFound ( fmt . Errorf ( "database error getting account with username %s: %s" , requestedUsername , err ) )
}
// authenticate the request
requestingAccountURI , errWithCode := p . federator . AuthenticateFederatedRequest ( ctx , requestedUsername )
if errWithCode != nil {
return nil , errWithCode
}
requestingAccount , err := p . federator . GetAccountByURI (
transport . WithFastfail ( ctx ) , requestedUsername , requestingAccountURI , false ,
)
if err != nil {
return nil , gtserror . NewErrorUnauthorized ( err )
}
blocked , err := p . db . IsBlocked ( ctx , requestedAccount . ID , requestingAccount . ID , true )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
if blocked {
return nil , gtserror . NewErrorUnauthorized ( fmt . Errorf ( "block exists between accounts %s and %s" , requestedAccount . ID , requestingAccount . ID ) )
}
requestedAccountURI , err := url . Parse ( requestedAccount . URI )
if err != nil {
return nil , gtserror . NewErrorInternalError ( fmt . Errorf ( "error parsing url %s: %s" , requestedAccount . URI , err ) )
}
requestedFollowing , err := p . federator . FederatingDB ( ) . Following ( ctx , requestedAccountURI )
if err != nil {
return nil , gtserror . NewErrorInternalError ( fmt . Errorf ( "error fetching following for uri %s: %s" , requestedAccountURI . String ( ) , err ) )
}
data , err := streams . Serialize ( requestedFollowing )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
return data , nil
}
// OutboxGet returns the activitypub representation of a local user's outbox.
// This contains links to PUBLIC posts made by this user.
func ( p * Processor ) OutboxGet ( ctx context . Context , requestedUsername string , page bool , maxID string , minID string , requestURL * url . URL ) ( interface { } , gtserror . WithCode ) {
// get the account the request is referring to
requestedAccount , err := p . db . GetAccountByUsernameDomain ( ctx , requestedUsername , "" )
if err != nil {
return nil , gtserror . NewErrorNotFound ( fmt . Errorf ( "database error getting account with username %s: %s" , requestedUsername , err ) )
}
// authenticate the request
requestingAccountURI , errWithCode := p . federator . AuthenticateFederatedRequest ( ctx , requestedUsername )
if errWithCode != nil {
return nil , errWithCode
}
requestingAccount , err := p . federator . GetAccountByURI (
transport . WithFastfail ( ctx ) , requestedUsername , requestingAccountURI , false ,
)
if err != nil {
return nil , gtserror . NewErrorUnauthorized ( err )
}
// authorize the request:
// 1. check if a block exists between the requester and the requestee
blocked , err := p . db . IsBlocked ( ctx , requestedAccount . ID , requestingAccount . ID , true )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
if blocked {
return nil , gtserror . NewErrorUnauthorized ( fmt . Errorf ( "block exists between accounts %s and %s" , requestedAccount . ID , requestingAccount . ID ) )
}
var data map [ string ] interface { }
// now there are two scenarios:
// 1. we're asked for the whole collection and not a page -- we can just return the collection, with no items, but a link to 'first' page.
// 2. we're asked for a specific page; this can be either the first page or any other page
if ! page {
/ *
scenario 1 : return the collection with no items
we want something that looks like this :
{
"@context" : "https://www.w3.org/ns/activitystreams" ,
"id" : "https://example.org/users/whatever/outbox" ,
"type" : "OrderedCollection" ,
"first" : "https://example.org/users/whatever/outbox?page=true" ,
"last" : "https://example.org/users/whatever/outbox?min_id=0&page=true"
}
* /
collection , err := p . tc . OutboxToASCollection ( ctx , requestedAccount . OutboxURI )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
data , err = streams . Serialize ( collection )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
return data , nil
}
// scenario 2 -- get the requested page
// limit pages to 30 entries per page
2023-02-25 12:16:30 +00:00
publicStatuses , err := p . db . GetAccountStatuses ( ctx , requestedAccount . ID , 30 , true , true , maxID , minID , false , true )
2023-02-22 15:05:26 +00:00
if err != nil && err != db . ErrNoEntries {
return nil , gtserror . NewErrorInternalError ( err )
}
outboxPage , err := p . tc . StatusesToASOutboxPage ( ctx , requestedAccount . OutboxURI , maxID , minID , publicStatuses )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
data , err = streams . Serialize ( outboxPage )
if err != nil {
return nil , gtserror . NewErrorInternalError ( err )
}
return data , nil
}
// InboxPost handles POST requests to a user's inbox for new activitypub messages.
//
// InboxPost returns true if the request was handled as an ActivityPub POST to an actor's inbox.
// If false, the request was not an ActivityPub request and may still be handled by the caller in another way, such as serving a web page.
//
// If the error is nil, then the ResponseWriter's headers and response has already been written. If a non-nil error is returned, then no response has been written.
//
// If the Actor was constructed with the Federated Protocol enabled, side effects will occur.
//
// If the Federated Protocol is not enabled, writes the http.StatusMethodNotAllowed status code in the response. No side effects occur.
func ( p * Processor ) InboxPost ( ctx context . Context , w http . ResponseWriter , r * http . Request ) ( bool , error ) {
return p . federator . FederatingActor ( ) . PostInbox ( ctx , w , r )
}
