fix: track deletions and rejected activities

This commit is contained in:
əlemi 2024-04-18 14:01:55 +02:00
parent a4c555d0c5
commit fc6aedbca1
2 changed files with 15 additions and 6 deletions

View file

@ -40,6 +40,11 @@ pub async fn page(
)) ))
} }
macro_rules! pretty_json {
($json:ident) => {
serde_json::to_string_pretty(&$json).expect("failed serializing to string serde_json::Value")
}
}
pub async fn post( pub async fn post(
@ -47,16 +52,19 @@ pub async fn post(
AuthIdentity(auth): AuthIdentity, AuthIdentity(auth): AuthIdentity,
Json(activity): Json<serde_json::Value> Json(activity): Json<serde_json::Value>
) -> crate::Result<()> { ) -> crate::Result<()> {
match auth { if !matches!(auth, Identity::Remote(_)) {
Identity::Remote(_server) => {}, tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity));
Identity::Local(_user) => return Err(UpubError::forbidden()), match auth {
Identity::Anonymous => return Err(UpubError::unauthorized()), Identity::Local(_user) => return Err(UpubError::forbidden()),
Identity::Anonymous => return Err(UpubError::unauthorized()),
_ => {},
}
} }
// TODO we could process Links and bare Objects maybe, but probably out of AP spec? // TODO we could process Links and bare Objects maybe, but probably out of AP spec?
match activity.activity_type().ok_or_else(UpubError::bad_request)? { match activity.activity_type().ok_or_else(UpubError::bad_request)? {
ActivityType::Activity => { ActivityType::Activity => {
tracing::warn!("skipping unprocessable base activity: {}", serde_json::to_string_pretty(&activity).unwrap()); tracing::warn!("skipping unprocessable base activity: {}", pretty_json!(activity));
Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff
}, },
@ -71,7 +79,7 @@ pub async fn post(
// ActivityType::Announce => Ok(ctx.announce(activity).await?), // ActivityType::Announce => Ok(ctx.announce(activity).await?),
_x => { _x => {
tracing::info!("received unimplemented activity on inbox: {}", serde_json::to_string_pretty(&activity).unwrap()); tracing::info!("received unimplemented activity on inbox: {}", pretty_json!(activity));
Err(StatusCode::NOT_IMPLEMENTED.into()) Err(StatusCode::NOT_IMPLEMENTED.into())
}, },
} }

View file

@ -149,6 +149,7 @@ impl apb::server::Inbox for Context {
async fn delete(&self, activity: serde_json::Value) -> crate::Result<()> { async fn delete(&self, activity: serde_json::Value) -> crate::Result<()> {
// TODO verify the signature before just deleting lmao // TODO verify the signature before just deleting lmao
let oid = activity.object().id().ok_or(UpubError::bad_request())?; let oid = activity.object().id().ok_or(UpubError::bad_request())?;
tracing::info!("deleting '{oid}'");
// TODO maybe we should keep the tombstone? // TODO maybe we should keep the tombstone?
model::user::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from users"); model::user::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from users");
model::activity::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from activities"); model::activity::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from activities");