forked from AkkomaGang/akkoma
object containment: handle all cases where ID is invalid (missing, nil, non-string)
This commit is contained in:
parent
4c5055bac9
commit
6e65da782e
2 changed files with 17 additions and 3 deletions
|
@ -51,9 +51,7 @@ def contain_origin(id, %{"actor" => _actor} = params) do
|
||||||
def contain_origin(id, %{"attributedTo" => actor} = params),
|
def contain_origin(id, %{"attributedTo" => actor} = params),
|
||||||
do: contain_origin(id, Map.put(params, "actor", actor))
|
do: contain_origin(id, Map.put(params, "actor", actor))
|
||||||
|
|
||||||
def contain_origin_from_id(_id, %{"id" => nil}), do: :error
|
def contain_origin_from_id(id, %{"id" => other_id} = _params) when is_binary(other_id) do
|
||||||
|
|
||||||
def contain_origin_from_id(id, %{"id" => other_id} = _params) do
|
|
||||||
id_uri = URI.parse(id)
|
id_uri = URI.parse(id)
|
||||||
other_uri = URI.parse(other_id)
|
other_uri = URI.parse(other_id)
|
||||||
|
|
||||||
|
@ -64,6 +62,8 @@ def contain_origin_from_id(id, %{"id" => other_id} = _params) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def contain_origin_from_id(_id, _data), do: :error
|
||||||
|
|
||||||
def contain_child(%{"object" => %{"id" => id, "attributedTo" => _} = object}),
|
def contain_child(%{"object" => %{"id" => id, "attributedTo" => _} = object}),
|
||||||
do: contain_origin(id, object)
|
do: contain_origin(id, object)
|
||||||
|
|
||||||
|
|
|
@ -67,6 +67,20 @@ test "users cannot be collided through fake direction spoofing attempts" do
|
||||||
end) =~
|
end) =~
|
||||||
"[error] Could not decode user at fetch https://n1u.moe/users/rye, {:error, :error}"
|
"[error] Could not decode user at fetch https://n1u.moe/users/rye, {:error, :error}"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "contain_origin_from_id() gracefully handles cases where no ID is present" do
|
||||||
|
data = %{
|
||||||
|
"type" => "Create",
|
||||||
|
"object" => %{
|
||||||
|
"id" => "http://example.net/~alyssa/activities/1234",
|
||||||
|
"attributedTo" => "http://example.org/~alyssa"
|
||||||
|
},
|
||||||
|
"actor" => "http://example.com/~bob"
|
||||||
|
}
|
||||||
|
|
||||||
|
:error =
|
||||||
|
Containment.contain_origin_from_id("http://example.net/~alyssa/activities/1234", data)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "containment of children" do
|
describe "containment of children" do
|
||||||
|
|
Loading…
Reference in a new issue