From be3b9f81518196f73f2b9636137732659df8cc5b Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Thu, 11 Feb 2021 01:53:44 +0100
Subject: [PATCH] Fix URI of repeat follow requests not being recorded (#15662)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Fix URI of repeat follow requests not being recorded
In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.
In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.
In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.
* Add tests
---
app/lib/activitypub/activity/follow.rb | 13 +-
spec/lib/activitypub/activity/follow_spec.rb | 177 +++++++++++++++----
2 files changed, 154 insertions(+), 36 deletions(-)
diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb
index 0beec68ab3..4efb84b8c9 100644
--- a/app/lib/activitypub/activity/follow.rb
+++ b/app/lib/activitypub/activity/follow.rb
@@ -6,7 +6,14 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
def perform
target_account = account_from_uri(object_uri)
- return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account)
+ return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id'])
+
+ # Update id of already-existing follow requests
+ existing_follow_request = ::FollowRequest.find_by(account: @account, target_account: target_account)
+ unless existing_follow_request.nil?
+ existing_follow_request.update!(uri: @json['id'])
+ return
+ end
if target_account.blocking?(@account) || target_account.domain_blocking?(@account.domain) || target_account.moved? || target_account.instance_actor?
reject_follow_request!(target_account)
@@ -14,7 +21,9 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity
end
# Fast-forward repeat follow requests
- if @account.following?(target_account)
+ existing_follow = ::Follow.find_by(account: @account, target_account: target_account)
+ unless existing_follow.nil?
+ existing_follow.update!(uri: @json['id'])
AuthorizeFollowService.new.call(@account, target_account, skip_follow_request: true, follow_request_uri: @json['id'])
return
end
diff --git a/spec/lib/activitypub/activity/follow_spec.rb b/spec/lib/activitypub/activity/follow_spec.rb
index 05112cc184..fd4ede82b7 100644
--- a/spec/lib/activitypub/activity/follow_spec.rb
+++ b/spec/lib/activitypub/activity/follow_spec.rb
@@ -17,62 +17,171 @@ RSpec.describe ActivityPub::Activity::Follow do
describe '#perform' do
subject { described_class.new(json, sender) }
- context 'unlocked account' do
- before do
- subject.perform
+ context 'with no prior follow' do
+ context 'unlocked account' do
+ before do
+ subject.perform
+ end
+
+ it 'creates a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be true
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
end
- it 'creates a follow from sender to recipient' do
- expect(sender.following?(recipient)).to be true
+ context 'silenced account following an unlocked account' do
+ before do
+ sender.touch(:silenced_at)
+ subject.perform
+ end
+
+ it 'does not create a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be false
+ end
+
+ it 'creates a follow request' do
+ expect(sender.requested?(recipient)).to be true
+ expect(sender.follow_requests.find_by(target_account: recipient).uri).to eq 'foo'
+ end
end
- it 'does not create a follow request' do
- expect(sender.requested?(recipient)).to be false
+ context 'unlocked account muting the sender' do
+ before do
+ recipient.mute!(sender)
+ subject.perform
+ end
+
+ it 'creates a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be true
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
+ end
+
+ context 'locked account' do
+ before do
+ recipient.update(locked: true)
+ subject.perform
+ end
+
+ it 'does not create a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be false
+ end
+
+ it 'creates a follow request' do
+ expect(sender.requested?(recipient)).to be true
+ expect(sender.follow_requests.find_by(target_account: recipient).uri).to eq 'foo'
+ end
end
end
- context 'silenced account following an unlocked account' do
+ context 'when a follow relationship already exists' do
before do
- sender.touch(:silenced_at)
- subject.perform
+ sender.active_relationships.create!(target_account: recipient, uri: 'bar')
end
- it 'does not create a follow from sender to recipient' do
- expect(sender.following?(recipient)).to be false
+ context 'unlocked account' do
+ before do
+ subject.perform
+ end
+
+ it 'correctly sets the new URI' do
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
end
- it 'creates a follow request' do
- expect(sender.requested?(recipient)).to be true
+ context 'silenced account following an unlocked account' do
+ before do
+ sender.touch(:silenced_at)
+ subject.perform
+ end
+
+ it 'correctly sets the new URI' do
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
+ end
+
+ context 'unlocked account muting the sender' do
+ before do
+ recipient.mute!(sender)
+ subject.perform
+ end
+
+ it 'correctly sets the new URI' do
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
+ end
+
+ context 'locked account' do
+ before do
+ recipient.update(locked: true)
+ subject.perform
+ end
+
+ it 'correctly sets the new URI' do
+ expect(sender.active_relationships.find_by(target_account: recipient).uri).to eq 'foo'
+ end
+
+ it 'does not create a follow request' do
+ expect(sender.requested?(recipient)).to be false
+ end
end
end
- context 'unlocked account muting the sender' do
+ context 'when a follow request already exists' do
before do
- recipient.mute!(sender)
- subject.perform
+ sender.follow_requests.create!(target_account: recipient, uri: 'bar')
end
- it 'creates a follow from sender to recipient' do
- expect(sender.following?(recipient)).to be true
+ context 'silenced account following an unlocked account' do
+ before do
+ sender.touch(:silenced_at)
+ subject.perform
+ end
+
+ it 'does not create a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be false
+ end
+
+ it 'correctly sets the new URI' do
+ expect(sender.requested?(recipient)).to be true
+ expect(sender.follow_requests.find_by(target_account: recipient).uri).to eq 'foo'
+ end
end
- it 'does not create a follow request' do
- expect(sender.requested?(recipient)).to be false
- end
- end
+ context 'locked account' do
+ before do
+ recipient.update(locked: true)
+ subject.perform
+ end
- context 'locked account' do
- before do
- recipient.update(locked: true)
- subject.perform
- end
+ it 'does not create a follow from sender to recipient' do
+ expect(sender.following?(recipient)).to be false
+ end
- it 'does not create a follow from sender to recipient' do
- expect(sender.following?(recipient)).to be false
- end
-
- it 'creates a follow request' do
- expect(sender.requested?(recipient)).to be true
+ it 'correctly sets the new URI' do
+ expect(sender.requested?(recipient)).to be true
+ expect(sender.follow_requests.find_by(target_account: recipient).uri).to eq 'foo'
+ end
end
end
end