You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

144 lines
4.3 KiB

Change IDs to strings rather than numbers in API JSON output (#5019) * Fix JavaScript interface with long IDs Somewhat predictably, the JS interface handled IDs as numbers, which in JS are IEEE double-precision floats. This loses some precision when working with numbers as large as those generated by the new ID scheme, so we instead handle them here as strings. This is relatively simple, and doesn't appear to have caused any problems, but should definitely be tested more thoroughly than the built-in tests. Several days of use appear to support this working properly. BREAKING CHANGE: The major(!) change here is that IDs are now returned as strings by the REST endpoints, rather than as integers. In practice, relatively few changes were required to make the existing JS UI work with this change, but it will likely hit API clients pretty hard: it's an entirely different type to consume. (The one API client I tested, Tusky, handles this with no problems, however.) Twitter ran into this issue when introducing Snowflake IDs, and decided to instead introduce an `id_str` field in JSON responses. I have opted to *not* do that, and instead force all IDs to 64-bit integers represented by strings in one go. (I believe Twitter exacerbated their problem by rolling out the changes three times: once for statuses, once for DMs, and once for user IDs, as well as by leaving an integer ID value in JSON. As they said, "If you’re using the `id` field with JSON in a Javascript-related language, there is a very high likelihood that the integers will be silently munged by Javascript interpreters. In most cases, this will result in behavior such as being unable to load or delete a specific direct message, because the ID you're sending to the API is different than the actual identifier associated with the message." [1]) However, given that this is a significant change for API users, alternatives or a transition time may be appropriate. 1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html * Additional fixes for stringified IDs in JSON These should be the last two. These were identified using eslint to try to identify any plain casts to JavaScript numbers. (Some such casts are legitimate, but these were not.) Adding the following to .eslintrc.yml will identify casts to numbers: ~~~ no-restricted-syntax: - warn - selector: UnaryExpression[operator='+'] > :not(Literal) message: Avoid the use of unary + - selector: CallExpression[callee.name='Number'] message: Casting with Number() may coerce string IDs to numbers ~~~ The remaining three casts appear legitimate: two casts to array indices, one in a server to turn an environment variable into a number. * Back out RelationshipsController Change This was made to make a test a bit less flakey, but has nothing to do with this branch. * Change internal streaming payloads to stringified IDs as well Per https://github.com/tootsuite/mastodon/pull/5019#issuecomment-330736452 we need these changes to send deleted status IDs as strings, not integers.
7 years ago
  1. # frozen_string_literal: true
  2. class RemoveStatusService < BaseService
  3. include StreamEntryRenderer
  4. def call(status, **options)
  5. @payload = Oj.dump(event: :delete, payload: status.id.to_s)
  6. @status = status
  7. @account = status.account
  8. @tags = status.tags.pluck(:name).to_a
  9. @mentions = status.mentions.includes(:account).to_a
  10. @reblogs = status.reblogs.to_a
  11. @stream_entry = status.stream_entry
  12. @options = options
  13. remove_from_self if status.account.local?
  14. remove_from_followers
  15. remove_from_lists
  16. remove_from_affected
  17. remove_reblogs
  18. remove_from_hashtags
  19. remove_from_public
  20. remove_from_direct if status.direct_visibility?
  21. @status.destroy!
  22. # There is no reason to send out Undo activities when the
  23. # cause is that the original object has been removed, since
  24. # original object being removed implicitly removes reblogs
  25. # of it. The Delete activity of the original is forwarded
  26. # separately.
  27. return if !@account.local? || @options[:original_removed]
  28. remove_from_remote_followers
  29. remove_from_remote_affected
  30. end
  31. private
  32. def remove_from_self
  33. FeedManager.instance.unpush_from_home(@account, @status)
  34. end
  35. def remove_from_followers
  36. @account.followers.local.find_each do |follower|
  37. FeedManager.instance.unpush_from_home(follower, @status)
  38. end
  39. end
  40. def remove_from_lists
  41. @account.lists.select(:id, :account_id).find_each do |list|
  42. FeedManager.instance.unpush_from_list(list, @status)
  43. end
  44. end
  45. def remove_from_affected
  46. @mentions.map(&:account).select(&:local?).each do |account|
  47. Redis.current.publish("timeline:#{account.id}", @payload)
  48. end
  49. end
  50. def remove_from_remote_affected
  51. # People who got mentioned in the status, or who
  52. # reblogged it from someone else might not follow
  53. # the author and wouldn't normally receive the
  54. # delete notification - so here, we explicitly
  55. # send it to them
  56. target_accounts = (@mentions.map(&:account).reject(&:local?) + @reblogs.map(&:account).reject(&:local?)).uniq(&:id)
  57. # Ostatus
  58. NotificationWorker.push_bulk(target_accounts.select(&:ostatus?).uniq(&:domain)) do |target_account|
  59. [salmon_xml, @account.id, target_account.id]
  60. end
  61. # ActivityPub
  62. ActivityPub::DeliveryWorker.push_bulk(target_accounts.select(&:activitypub?).uniq(&:inbox_url)) do |target_account|
  63. [signed_activity_json, @account.id, target_account.inbox_url]
  64. end
  65. end
  66. def remove_from_remote_followers
  67. # OStatus
  68. Pubsubhubbub::RawDistributionWorker.perform_async(salmon_xml, @account.id)
  69. # ActivityPub
  70. ActivityPub::DeliveryWorker.push_bulk(@account.followers.inboxes) do |inbox_url|
  71. [signed_activity_json, @account.id, inbox_url]
  72. end
  73. end
  74. def salmon_xml
  75. @salmon_xml ||= stream_entry_to_xml(@stream_entry)
  76. end
  77. def signed_activity_json
  78. @signed_activity_json ||= Oj.dump(ActivityPub::LinkedDataSignature.new(activity_json).sign!(@account))
  79. end
  80. def activity_json
  81. @activity_json ||= ActiveModelSerializers::SerializableResource.new(
  82. @status,
  83. serializer: @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer,
  84. adapter: ActivityPub::Adapter
  85. ).as_json
  86. end
  87. def remove_reblogs
  88. # We delete reblogs of the status before the original status,
  89. # because once original status is gone, reblogs will disappear
  90. # without us being able to do all the fancy stuff
  91. @reblogs.each do |reblog|
  92. RemoveStatusService.new.call(reblog, original_removed: true)
  93. end
  94. end
  95. def remove_from_hashtags
  96. return unless @status.public_visibility?
  97. @tags.each do |hashtag|
  98. Redis.current.publish("timeline:hashtag:#{hashtag}", @payload)
  99. Redis.current.publish("timeline:hashtag:#{hashtag}:local", @payload) if @status.local?
  100. end
  101. end
  102. def remove_from_public
  103. return unless @status.public_visibility?
  104. Redis.current.publish('timeline:public', @payload)
  105. Redis.current.publish('timeline:public:local', @payload) if @status.local?
  106. end
  107. def remove_from_direct
  108. @mentions.each do |mention|
  109. Redis.current.publish("timeline:direct:#{mention.account.id}", @payload) if mention.account.local?
  110. end
  111. Redis.current.publish("timeline:direct:#{@account.id}", @payload) if @account.local?
  112. end
  113. def redis
  114. Redis.current
  115. end
  116. end