/* GoToSocial Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ package federation import ( "context" "fmt" "net/url" "github.com/superseriousbusiness/activity/streams" "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/federation/dereferencing" "github.com/superseriousbusiness/gotosocial/internal/gtserror" ) func (p *processor) GetOutbox(ctx context.Context, requestedUsername string, page bool, maxID string, minID string, requestURL *url.URL) (interface{}, gtserror.WithCode) { // get the account the request is referring to requestedAccount, err := p.db.GetLocalAccountByUsername(ctx, requestedUsername) if err != nil { return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err)) } // authenticate the request requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername) if errWithCode != nil { return nil, errWithCode } requestingAccount, err := p.federator.GetRemoteAccount(ctx, dereferencing.GetRemoteAccountParams{ RequestingUsername: requestedUsername, RemoteAccountID: requestingAccountURI, }) if err != nil { return nil, gtserror.NewErrorNotAuthorized(err) } // authorize the request: // 1. check if a block exists between the requester and the requestee blocked, err := p.db.IsBlocked(ctx, requestedAccount.ID, requestingAccount.ID, true) if err != nil { return nil, gtserror.NewErrorInternalError(err) } if blocked { return nil, gtserror.NewErrorNotAuthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID)) } var data map[string]interface{} // now there are two scenarios: // 1. we're asked for the whole collection and not a page -- we can just return the collection, with no items, but a link to 'first' page. // 2. we're asked for a specific page; this can be either the first page or any other page if !page { /* scenario 1: return the collection with no items we want something that looks like this: { "@context": "https://www.w3.org/ns/activitystreams", "id": "https://example.org/users/whatever/outbox", "type": "OrderedCollection", "first": "https://example.org/users/whatever/outbox?page=true", "last": "https://example.org/users/whatever/outbox?min_id=0&page=true" } */ collection, err := p.tc.OutboxToASCollection(ctx, requestedAccount.OutboxURI) if err != nil { return nil, gtserror.NewErrorInternalError(err) } data, err = streams.Serialize(collection) if err != nil { return nil, gtserror.NewErrorInternalError(err) } return data, nil } // scenario 2 -- get the requested page // limit pages to 30 entries per page publicStatuses, err := p.db.GetAccountStatuses(ctx, requestedAccount.ID, 30, true, true, maxID, minID, false, false, true) if err != nil && err != db.ErrNoEntries { return nil, gtserror.NewErrorInternalError(err) } outboxPage, err := p.tc.StatusesToASOutboxPage(ctx, requestedAccount.OutboxURI, maxID, minID, publicStatuses) if err != nil { return nil, gtserror.NewErrorInternalError(err) } data, err = streams.Serialize(outboxPage) if err != nil { return nil, gtserror.NewErrorInternalError(err) } return data, nil }