Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bugfix] Don't try to update suspended accounts #2348

Merged
merged 2 commits into from
Nov 10, 2023
Merged

[bugfix] Don't try to update suspended accounts #2348

merged 2 commits into from
Nov 10, 2023

Conversation

tsmethurst
Copy link
Contributor

Description

If this is a code change, please include a summary of what you've coded, and link to the issue(s) it closes/implements.

If this is a documentation change, please briefly describe what you've changed and why.

This pull request fixes a bug where accounts that were suspended via the admin panel could become marked as unsuspended again on refresh of the account.

Bug only affected specifically-targeted accounts, not accounts that were blocked by a domain block action. All the account's relationships and posts and media and stuff were still deleted just fine by the side effects.

For good measure, add some early checks to bail fedi requests if a remote account was marked as suspended locally.

Checklist

Please put an x inside each checkbox to indicate that you've read and followed it: [ ] -> [x]

If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want).

  • I/we have read the GoToSocial contribution guidelines.
  • I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
  • I/we have performed a self-review of added code.
  • I/we have written code that is legible and maintainable by others.
  • I/we have commented the added code, particularly in hard-to-understand areas.
  • I/we have made any necessary changes to documentation.
  • I/we have added tests that cover new code.
  • I/we have run tests and they pass locally with the changes.
  • I/we have run go fmt ./... and golangci-lint run.

NyaaaWhatsUpDoc
NyaaaWhatsUpDoc reviewed Nov 10, 2023
View reviewed changes
internal/federation/dereferencing/account.go
@@ -331,6 +336,11 @@ func (d *Dereferencer) enrichAccountSafely(
account *gtsmodel.Account,
apubAcc ap.Accountable,
) (*gtsmodel.Account, ap.Accountable, error) {
// Noop if account has been suspended.
if !account.SuspendedAt.IsZero() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you don't need to check this here as accountIsUpToDate() is always called before entering enrichSafely() :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought about that, but the accountUpToDate call can still be overridden if refresh is true, so this makes extra sure. Checking IsZero is very cheap.

NyaaaWhatsUpDoc
NyaaaWhatsUpDoc reviewed Nov 10, 2023
View reviewed changes
internal/federation/federatingprotocol.go
@@ -288,6 +288,13 @@ func (f *Federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr
return nil, false, err
}

if !requestingAccount.SuspendedAt.IsZero() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i was going to say we should probably move this to AuthenticateFederatedRequest() to make sure we do this check in all applicable locations, but then saw that function doesn't guarantee to always have the account model by that point ... what if we updated AuthenticateFederatedRequest() to handle the instance model creation if necessary, and fetching updated account model? that way we can just move this check in there, and it won't need to be added anywhere else.

just this current way of doing it makes me worry we're going to miss out locations where it's needed as it needs to add them in all the locations.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will do a refactor of that in a subsequent PR 👍

@tsmethurst tsmethurst merged commit 7ce3a1e into main Nov 10, 2023
@tsmethurst tsmethurst deleted the account_suspend_fix branch November 10, 2023 16:16
tsmethurst added a commit that referenced this pull request Nov 10, 2023
@tsmethurst
[bugfix] Don't try to update suspended accounts (#2348)
096c517 
* [bugfix] Don't try to update suspended accounts

* bail early if requesting account suspended
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NyaaaWhatsUpDoc NyaaaWhatsUpDoc NyaaaWhatsUpDoc left review comments

@daenney daenney daenney approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tsmethurst @daenney @NyaaaWhatsUpDoc