fix: track deletions and rejected activities

This commit is contained in:
əlemi 2024-04-18 14:01:55 +02:00
parent a4c555d0c5
commit fc6aedbca1
2 changed files with 15 additions and 6 deletions

View file

@ -40,6 +40,11 @@ pub async fn page(
))
}
macro_rules! pretty_json {
($json:ident) => {
serde_json::to_string_pretty(&$json).expect("failed serializing to string serde_json::Value")
}
}
pub async fn post(
@ -47,16 +52,19 @@ pub async fn post(
AuthIdentity(auth): AuthIdentity,
Json(activity): Json<serde_json::Value>
) -> crate::Result<()> {
match auth {
Identity::Remote(_server) => {},
Identity::Local(_user) => return Err(UpubError::forbidden()),
Identity::Anonymous => return Err(UpubError::unauthorized()),
if !matches!(auth, Identity::Remote(_)) {
tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity));
match auth {
Identity::Local(_user) => return Err(UpubError::forbidden()),
Identity::Anonymous => return Err(UpubError::unauthorized()),
_ => {},
}
}
// TODO we could process Links and bare Objects maybe, but probably out of AP spec?
match activity.activity_type().ok_or_else(UpubError::bad_request)? {
ActivityType::Activity => {
tracing::warn!("skipping unprocessable base activity: {}", serde_json::to_string_pretty(&activity).unwrap());
tracing::warn!("skipping unprocessable base activity: {}", pretty_json!(activity));
Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff
},
@ -71,7 +79,7 @@ pub async fn post(
// ActivityType::Announce => Ok(ctx.announce(activity).await?),
_x => {
tracing::info!("received unimplemented activity on inbox: {}", serde_json::to_string_pretty(&activity).unwrap());
tracing::info!("received unimplemented activity on inbox: {}", pretty_json!(activity));
Err(StatusCode::NOT_IMPLEMENTED.into())
},
}

View file

@ -149,6 +149,7 @@ impl apb::server::Inbox for Context {
async fn delete(&self, activity: serde_json::Value) -> crate::Result<()> {
// TODO verify the signature before just deleting lmao
let oid = activity.object().id().ok_or(UpubError::bad_request())?;
tracing::info!("deleting '{oid}'");
// TODO maybe we should keep the tombstone?
model::user::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from users");
model::activity::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from activities");