diff --git a/src/routes/activitypub/inbox.rs b/src/routes/activitypub/inbox.rs index 23362a33..038cf6c3 100644 --- a/src/routes/activitypub/inbox.rs +++ b/src/routes/activitypub/inbox.rs @@ -53,7 +53,9 @@ pub async fn post( Json(activity): Json ) -> crate::Result<()> { if !matches!(auth, Identity::Remote(_)) { - tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity)); + if activity.activity_type() != Some(ActivityType::Delete) { // this is spammy af, ignore them! + tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity)); + } match auth { Identity::Local(_user) => return Err(UpubError::forbidden()), Identity::Anonymous => return Err(UpubError::unauthorized()), diff --git a/src/server/inbox.rs b/src/server/inbox.rs index cecd0021..6eeb6358 100644 --- a/src/server/inbox.rs +++ b/src/server/inbox.rs @@ -158,7 +158,7 @@ impl apb::server::Inbox for Context { async fn delete(&self, activity: serde_json::Value) -> crate::Result<()> { // TODO verify the signature before just deleting lmao let oid = activity.object().id().ok_or(UpubError::bad_request())?; - tracing::info!("deleting '{oid}'"); + tracing::debug!("deleting '{oid}'"); // this is so spammy wtf! // TODO maybe we should keep the tombstone? model::user::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from users"); model::activity::Entity::delete_by_id(&oid).exec(self.db()).await.info_failed("failed deleting from activities");