closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10514 Commits
4 Branches
567 MiB
Tree: be8079f637
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'be8079f637'
${ noResults }
mastodon/spec/services/resolve_account_service_spe...

233 lines
9.4 KiB
Raw Normal View History

Adding a Mention model, test stubs
8 years ago
Slightly reduce RAM usage (#7301) * No need to re-require sidekiq plugins, they are required via Gemfile * Add derailed_benchmarks tool, no need to require TTY gems in Gemfile * Replace ruby-oembed with FetchOEmbedService Reduce startup by 45382 allocated objects * Remove preloaded JSON-LD in favour of caching HTTP responses Reduce boot RAM by about 6 MiB * Fix tests * Fix test suite by stubbing out JSON-LD contexts
6 years ago
ActivityPub delivery (#4566) * Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments
6 years ago
Fixing some bugs, adding pending test examples
8 years ago
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService
7 years ago
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
4 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService
7 years ago
Change ResolveAccountService's handling of skip_webfinger (#15750) * Change ResolveAccountService's handling of skip_webfinger Change it so it never makes any webfinger query, as the name would imply. * Add tests * Change FollowService to not take an URI for target_account * Restore domain-block check in FollowService * Fix tests
3 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService
7 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService
7 years ago
Add support for reversible suspensions through ActivityPub (#14989)
3 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364) * Fix ResolveAccountService accepting mismatching acct: URI * Set attributes that should be updated regardless of suspension * Fix key fetching * Automatically merge remote accounts with duplicate `uri` * Add tests * Add "tootctl accounts fix-duplicates" Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and merge them under the canonical `acct:` URI. Co-authored-by: Claire <claire.github-309c@sitedethib.com>
3 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364) * Fix ResolveAccountService accepting mismatching acct: URI * Set attributes that should be updated regardless of suspension * Fix key fetching * Automatically merge remote accounts with duplicate `uri` * Add tests * Add "tootctl accounts fix-duplicates" Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and merge them under the canonical `acct:` URI. Co-authored-by: Claire <claire.github-309c@sitedethib.com>
3 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364) * Fix ResolveAccountService accepting mismatching acct: URI * Set attributes that should be updated regardless of suspension * Fix key fetching * Automatically merge remote accounts with duplicate `uri` * Add tests * Add "tootctl accounts fix-duplicates" Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and merge them under the canonical `acct:` URI. Co-authored-by: Claire <claire.github-309c@sitedethib.com>
3 years ago
Fix webfinger redirect handling in ResolveAccountService (#15187) * Fix webfinger redirect handling in ResolveAccountService ResolveAccountService#process_webfinger! handled a one-step webfinger redirection, but only accepting the result if it matched the exact URI passed as input, defeating the point of a redirection check. Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`, updating the resulting `acct:` URI with the result of the first webfinger query. * Add tests
3 years ago
ActivityPub delivery (#4566) * Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments
6 years ago
Fix an error when actor json couldn't be fetched in ResolveRemoteAccountService (#4979) * Fix an error when actor json couldn't be fetched in ResolveRemoteAccountService * Add specs
6 years ago
Support Actors/Statuses with multiple types (#7305) * Add equals_or_includes_any? helper in JsonLdHelper * Support arrays in JSON-LD type fields for actors/tags/objects. * Spec for resolving accounts with extension types * Style tweaks for codeclimate
6 years ago
Take the first recognized actor_type. (#7410)
6 years ago
Support Actors/Statuses with multiple types (#7305) * Add equals_or_includes_any? helper in JsonLdHelper * Support arrays in JSON-LD type fields for actors/tags/objects. * Spec for resolving accounts with extension types * Style tweaks for codeclimate
6 years ago
Additional specs for URI handling (#2759)
7 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364) * Fix ResolveAccountService accepting mismatching acct: URI * Set attributes that should be updated regardless of suspension * Fix key fetching * Automatically merge remote accounts with duplicate `uri` * Add tests * Add "tootctl accounts fix-duplicates" Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and merge them under the canonical `acct:` URI. Co-authored-by: Claire <claire.github-309c@sitedethib.com>
3 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
4 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Refactor domain block checks (#11268)
4 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
4 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
4 years ago
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
6 years ago
Adding a Mention model, test stubs
8 years ago
 
  1. require 'rails_helper'
  2. 

  3. RSpec.describe ResolveAccountService, type: :service do
  4.   subject { described_class.new }
  5. 

  6.   before do
  7.     stub_request(:get, "https://example.com/.well-known/host-meta").to_return(status: 404)
  8.     stub_request(:get, "https://quitter.no/avatar/7477-300-20160211190340.png").to_return(request_fixture('avatar.txt'))
  9.     stub_request(:get, "https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com").to_return(request_fixture('activitypub-webfinger.txt'))
  10.     stub_request(:get, "https://ap.example.com/users/foo").to_return(request_fixture('activitypub-actor.txt'))
  11.     stub_request(:get, "https://ap.example.com/users/foo.atom").to_return(request_fixture('activitypub-feed.txt'))
  12.     stub_request(:get, %r{https://ap.example.com/users/foo/\w+}).to_return(status: 404)
  13.     stub_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:hoge@example.com').to_return(status: 410)
  14.   end
  15. 

  16.   context 'using skip_webfinger' do
  17.     context 'when account is known' do
  18.       let!(:remote_account) { Fabricate(:account, username: 'foo', domain: 'ap.example.com', protocol: 'activitypub') }
  19. 

  20.       context 'when domain is banned' do
  21.         let!(:domain_block) { Fabricate(:domain_block, domain: 'ap.example.com', severity: :suspend) }
  22. 

  23.         it 'does not return an account' do
  24.           expect(subject.call('foo@ap.example.com', skip_webfinger: true)).to be_nil
  25.         end
  26. 

  27.         it 'does not make a webfinger query' do
  28.           subject.call('foo@ap.example.com', skip_webfinger: true)
  29.           expect(a_request(:get, 'https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com')).to_not have_been_made
  30.         end
  31.       end
  32. 

  33.       context 'when domain is not banned' do
  34.         it 'returns the expected account' do
  35.           expect(subject.call('foo@ap.example.com', skip_webfinger: true)).to eq remote_account
  36.         end
  37. 

  38.         it 'does not make a webfinger query' do
  39.           subject.call('foo@ap.example.com', skip_webfinger: true)
  40.           expect(a_request(:get, 'https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com')).to_not have_been_made
  41.         end
  42.       end
  43.     end
  44. 

  45.     context 'when account is not known' do
  46.       it 'does not return an account' do
  47.         expect(subject.call('foo@ap.example.com', skip_webfinger: true)).to be_nil
  48.       end
  49. 

  50.       it 'does not make a webfinger query' do
  51.         subject.call('foo@ap.example.com', skip_webfinger: true)
  52.         expect(a_request(:get, 'https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com')).to_not have_been_made
  53.       end
  54.     end
  55.   end
  56. 

  57.   context 'when there is an LRDD endpoint but no resolvable account' do
  58.     before do
  59.       stub_request(:get, "https://quitter.no/.well-known/host-meta").to_return(request_fixture('.host-meta.txt'))
  60.       stub_request(:get, "https://quitter.no/.well-known/webfinger?resource=acct:catsrgr8@quitter.no").to_return(status: 404)
  61.     end
  62. 

  63.     it 'returns nil' do
  64.       expect(subject.call('catsrgr8@quitter.no')).to be_nil
  65.     end
  66.   end
  67. 

  68.   context 'when there is no LRDD endpoint nor resolvable account' do
  69.     before do
  70.       stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:catsrgr8@example.com").to_return(status: 404)
  71.     end
  72. 

  73.     it 'returns nil' do
  74.       expect(subject.call('catsrgr8@example.com')).to be_nil
  75.     end
  76.   end
  77. 

  78.   context 'when webfinger returns http gone' do
  79.     context 'for a previously known account' do
  80.       before do
  81.         Fabricate(:account, username: 'hoge', domain: 'example.com', last_webfingered_at: nil)
  82.         allow(AccountDeletionWorker).to receive(:perform_async)
  83.       end
  84. 

  85.       it 'returns nil' do
  86.         expect(subject.call('hoge@example.com')).to be_nil
  87.       end
  88. 

  89.       it 'queues account deletion worker' do
  90.         subject.call('hoge@example.com')
  91.         expect(AccountDeletionWorker).to have_received(:perform_async)
  92.       end
  93.     end
  94. 

  95.     context 'for a previously unknown account' do
  96.       it 'returns nil' do
  97.         expect(subject.call('hoge@example.com')).to be_nil
  98.       end
  99.     end
  100.   end
  101. 

  102.   context 'with a legitimate webfinger redirection' do
  103.     before do
  104.       webfinger = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
  105.       stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
  106.     end
  107. 

  108.     it 'returns new remote account' do
  109.       account = subject.call('Foo@redirected.example.com')
  110. 

  111.       expect(account.activitypub?).to eq true
  112.       expect(account.acct).to eq 'foo@ap.example.com'
  113.       expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  114.     end
  115.   end
  116. 

  117.   context 'with a misconfigured redirection' do
  118.     before do
  119.       webfinger = { subject: 'acct:Foo@redirected.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
  120.       stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
  121.     end
  122. 

  123.     it 'returns new remote account' do
  124.       account = subject.call('Foo@redirected.example.com')
  125. 

  126.       expect(account.activitypub?).to eq true
  127.       expect(account.acct).to eq 'foo@ap.example.com'
  128.       expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  129.     end
  130.   end
  131. 

  132.   context 'with too many webfinger redirections' do
  133.     before do
  134.       webfinger = { subject: 'acct:foo@evil.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
  135.       stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
  136.       webfinger2 = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
  137.       stub_request(:get, 'https://evil.example.com/.well-known/webfinger?resource=acct:foo@evil.example.com').to_return(body: Oj.dump(webfinger2), headers: { 'Content-Type': 'application/jrd+json' })
  138.     end
  139. 

  140.     it 'returns new remote account' do
  141.       expect { subject.call('Foo@redirected.example.com') }.to raise_error Webfinger::RedirectError
  142.     end
  143.   end
  144. 

  145.   context 'with an ActivityPub account' do
  146.     it 'returns new remote account' do
  147.       account = subject.call('foo@ap.example.com')
  148. 

  149.       expect(account.activitypub?).to eq true
  150.       expect(account.domain).to eq 'ap.example.com'
  151.       expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  152.     end
  153. 

  154.     context 'with multiple types' do
  155.       before do
  156.         stub_request(:get, "https://ap.example.com/users/foo").to_return(request_fixture('activitypub-actor-individual.txt'))
  157.       end
  158. 

  159.       it 'returns new remote account' do
  160.         account = subject.call('foo@ap.example.com')
  161. 

  162.         expect(account.activitypub?).to eq true
  163.         expect(account.domain).to eq 'ap.example.com'
  164.         expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  165.         expect(account.actor_type).to eq 'Person'
  166.       end
  167.     end
  168.   end
  169. 

  170.   context 'with an already-known actor changing acct: URI' do
  171.     let!(:duplicate) { Fabricate(:account, username: 'foo', domain: 'old.example.com', uri: 'https://ap.example.com/users/foo') }
  172.     let!(:status)    { Fabricate(:status, account: duplicate, text: 'foo') }
  173. 

  174.     it 'returns new remote account' do
  175.       account = subject.call('foo@ap.example.com')
  176. 

  177.       expect(account.activitypub?).to eq true
  178.       expect(account.domain).to eq 'ap.example.com'
  179.       expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  180.       expect(account.uri).to eq 'https://ap.example.com/users/foo'
  181.     end
  182. 

  183.     it 'merges accounts' do
  184.       account = subject.call('foo@ap.example.com')
  185. 

  186.       expect(status.reload.account_id).to eq account.id
  187.       expect(Account.where(uri: account.uri).count).to eq 1

  188.     end
  189.   end
  190. 

  191.   context 'with an already-known acct: URI changing ActivityPub id' do
  192.     let!(:old_account) { Fabricate(:account, username: 'foo', domain: 'ap.example.com', uri: 'https://old.example.com/users/foo', last_webfingered_at: nil) }
  193.     let!(:status)    { Fabricate(:status, account: old_account, text: 'foo') }
  194. 

  195.     it 'returns new remote account' do
  196.       account = subject.call('foo@ap.example.com')
  197. 

  198.       expect(account.activitypub?).to eq true
  199.       expect(account.domain).to eq 'ap.example.com'
  200.       expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
  201.       expect(account.uri).to eq 'https://ap.example.com/users/foo'
  202.     end
  203.   end
  204. 

  205.   it 'processes one remote account at a time using locks' do
  206.     wait_for_start = true
  207.     fail_occurred  = false
  208.     return_values  = Concurrent::Array.new
  209. 

  210.     # Preload classes that throw circular dependency errors in threads
  211.     Account
  212.     TagManager
  213.     DomainBlock
  214. 

  215.     threads = Array.new(5) do
  216.       Thread.new do
  217.         true while wait_for_start
  218. 

  219.         begin
  220.           return_values << described_class.new.call('foo@ap.example.com')
  221.         rescue ActiveRecord::RecordNotUnique
  222.           fail_occurred = true
  223.         end
  224.       end
  225.     end
  226. 

  227.     wait_for_start = false
  228.     threads.each(&:join)
  229. 

  230.     expect(fail_occurred).to be false
  231.     expect(return_values).to_not include(nil)
  232.   end
  233. end