Ignore incoming activities which have been received before, add `/activities` endpoint #118

Merged
dessalines merged 2 commits from activity-checks into main 1 year ago
nutomic commented 1 year ago
Owner

The first commit should be pretty clear. This is required by the Activitypub standard, and also helps to simplify our code a bit.

The /activities endpoint is also straightforward, but there is one problem: it will return activities related to private messages or Follow/Accept. We need to add some way to exclude those, maybe a column sensitive on the activity table?

Also this change does not prevent periodically clearing out the activity table. The changes here are only important for new activities, so if those over 1 month old or so are deleted, everything will still work fine. The inbox would throw an error instead of http 200 if somehow an old activity were delivered, and the http endpoint would not find old activities. But those are very minor problems.

The first commit should be pretty clear. This is required by the Activitypub standard, and also helps to simplify our code a bit. The `/activities` endpoint is also straightforward, but there is one problem: it will return activities related to private messages or `Follow`/`Accept`. We need to add some way to exclude those, maybe a column `sensitive` on the activity table? Also this change does not prevent periodically clearing out the activity table. The changes here are only important for new activities, so if those over 1 month old or so are deleted, everything will still work fine. The inbox would throw an error instead of http 200 if somehow an old activity were delivered, and the http endpoint would not find old activities. But those are very minor problems.
Owner

For some reason this failed in travis, I restarted the job just to make sure.

For some reason this failed in travis, I restarted the job just to make sure.
Poster
Owner

Forgot to add the migration, fixed now.

Forgot to add the migration, fixed now.
dessalines reviewed 1 year ago
.await?;
match existing {
Ok(_) => Ok(true),
Err(_) => Ok(false),
Poster
Owner

This works, but seems like it'd be easier to just return existing.

This works, but seems like it'd be easier to just return existing.
Owner

Looks good to me, and tests passed so I'll merge.

Looks good to me, and tests passed so I'll merge.
dessalines merged commit 3bf885329d into main 1 year ago
Poster
Owner

We still need to fix the problem that private message and follow activities are available over HTTP without authentification.

We still need to fix the problem that private message and follow activities are available over HTTP without authentification.
The pull request has been merged as 3bf885329d.
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date

No due date set.

Dependencies

This pull request currently doesn't have any dependencies.

Loading…
There is no content yet.