[bugfix] Fix replies not being stored pending approval (#3409)

This commit is contained in:
tobi 2024-10-09 11:02:10 +02:00 committed by GitHub
parent 2c3f1f4ddb
commit e8fd40f3ca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -235,7 +235,7 @@ func (d *Dereferencer) isPermittedReply(
// Status doesn't claim to be approved. // Status doesn't claim to be approved.
// Check interaction policy of inReplyTo // Check interaction policy of inReplyTo
// to see if it doesn't require approval. // to see what we need to do with it.
replyable, err := d.intFilter.StatusReplyable(ctx, replyable, err := d.intFilter.StatusReplyable(ctx,
reply.Account, reply.Account,
inReplyTo, inReplyTo,
@ -260,35 +260,52 @@ func (d *Dereferencer) isPermittedReply(
) )
} }
// Reply is permitted according to the interaction if replyable.Permitted() &&
// policy set on the replied-to status (if any). !replyable.MatchedOnCollection() {
// Reply is permitted and match was *not* made
if !replyable.MatchedOnCollection() { // based on inclusion in a followers/following
// If we didn't match on a collection, // collection. Just permit the reply full stop
// then we don't require an acceptIRI, // as no approval / accept URI is necessary.
// and we don't need to send an Accept;
// just permit the reply full stop.
return true, nil return true, nil
} }
// Reply is permitted, but match was made based // Reply is either permitted based on inclusion in a
// on inclusion in a followers/following collection. // followers/following collection, *or* is permitted
// pending approval, though we know at this point
// that the status did not include an approvedBy URI.
if !inReplyTo.IsLocal() {
// If the replied-to status is remote, we should just
// drop this reply at this point, as we can't verify
// that the remote replied-to account approves it, and
// we can't verify the presence of a remote account
// in one of another remote account's collections.
// //
// If the status is ours, mark it as PreApproved // It's possible we'll get an Accept from the replied-
// so the processor knows to create and send out // to account later, and we can store this reply then.
// an Accept for it immediately. return false, nil
if inReplyTo.IsLocal() { }
// Replied-to status is ours, so the
// replied-to account is ours as well.
if replyable.MatchedOnCollection() {
// If permission was granted based on inclusion in
// a followers/following collection, pre-approve the
// reply, as we ourselves can validate presence of the
// replier in the appropriate collection. Pre-approval
// lets the processor know it should send out an Accept
// straight away on behalf of the replied-to account.
reply.PendingApproval = util.Ptr(true) reply.PendingApproval = util.Ptr(true)
reply.PreApproved = true reply.PreApproved = true
return true, nil return true, nil
} }
// For replies to remote statuses, which matched // Reply just requires approval from the local account
// on a followers/following collection, but did not // it replies to. Set PendingApproval so the processor
// include an acceptIRI, we should just drop it. // knows to create a pending interaction request.
// It's possible we'll get an Accept for it later reply.PendingApproval = util.Ptr(true)
// and we can check everything again. return true, nil
return false, nil
} }
// unpermittedByParent marks the given reply as rejected // unpermittedByParent marks the given reply as rejected