0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-01-10 16:40:22 -05:00

ad validation for like activity

This commit is contained in:
Michael Jerger 2024-01-03 18:52:41 +01:00
parent 3ab2d9a449
commit 0505baab2b
3 changed files with 45 additions and 1 deletions
models/forgefed
routers/api/v1/activitypub

View file

@ -26,9 +26,13 @@ func (s *ForgeLike) UnmarshalJSON(data []byte) error {
func (s ForgeLike) Validate() []string { func (s ForgeLike) Validate() []string {
var result []string var result []string
result = append(result, validation.ValidateNotEmpty(string(s.Type), "type")...) result = append(result, validation.ValidateNotEmpty(string(s.Type), "type")...)
result = append(result, validation.ValidateOneOf(string(s.Type), []any{"Like"})...)
result = append(result, validation.ValidateNotEmpty(s.Actor.GetID().String(), "actor")...) result = append(result, validation.ValidateNotEmpty(s.Actor.GetID().String(), "actor")...)
result = append(result, validation.ValidateNotEmpty(s.Object.GetID().String(), "object")...) result = append(result, validation.ValidateNotEmpty(s.Object.GetID().String(), "object")...)
result = append(result, validation.ValidateNotEmpty(s.StartTime.String(), "startTime")...) result = append(result, validation.ValidateNotEmpty(s.StartTime.String(), "startTime")...)
if s.StartTime.IsZero() {
result = append(result, "StartTime was invalid.")
}
return result return result
} }

View file

@ -7,6 +7,7 @@ import (
"reflect" "reflect"
"testing" "testing"
"code.gitea.io/gitea/modules/validation"
ap "github.com/go-ap/activitypub" ap "github.com/go-ap/activitypub"
) )
@ -82,3 +83,37 @@ func Test_StarUnmarshalJSON(t *testing.T) {
}) })
} }
} }
func TestAcivityValidation(t *testing.T) {
sut := new(ForgeLike)
sut.UnmarshalJSON([]byte(`{"type":"Like",
"actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1",
"object":"https://codeberg.org/api/activitypub/repository-id/1",
"startTime": "2014-12-31T23:00:00-08:00"}`))
if res, _ := validation.IsValid(sut); !res {
t.Errorf("sut expected to be valid: %v\n", sut.Validate())
}
sut.UnmarshalJSON([]byte(`{"actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1",
"object":"https://codeberg.org/api/activitypub/repository-id/1",
"startTime": "2014-12-31T23:00:00-08:00"}`))
if sut.Validate()[0] != "Field type may not be empty" {
t.Errorf("validation error expected but was: %v\n", sut.Validate())
}
sut.UnmarshalJSON([]byte(`{"type":"bad-type",
"actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1",
"object":"https://codeberg.org/api/activitypub/repository-id/1",
"startTime": "2014-12-31T23:00:00-08:00"}`))
if sut.Validate()[0] != "Value bad-type is not contained in allowed values [[Like]]" {
t.Errorf("validation error expected but was: %v\n", sut.Validate())
}
sut.UnmarshalJSON([]byte(`{"type":"Like",
"actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1",
"object":"https://codeberg.org/api/activitypub/repository-id/1",
"startTime": "not a date"}`))
if sut.Validate()[0] != "StartTime was invalid." {
t.Errorf("validation error expected but was: %v\n", sut.Validate())
}
}

View file

@ -21,6 +21,7 @@ import (
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/validation"
"code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/modules/web"
"github.com/google/uuid" "github.com/google/uuid"
@ -85,7 +86,11 @@ func RepositoryInbox(ctx *context.APIContext) {
log.Info("RepositoryInbox: repo: %v", repository) log.Info("RepositoryInbox: repo: %v", repository)
activity := web.GetForm(ctx).(*forgefed.ForgeLike) activity := web.GetForm(ctx).(*forgefed.ForgeLike)
log.Info("RepositoryInbox: activity:%v", activity) if res, err := validation.IsValid(activity); !res {
ctx.ServerError("Validate activity", err)
return
}
log.Info("RepositoryInbox: activity validated:%v", activity)
// parse actorID (person) // parse actorID (person)
actorUri := activity.Actor.GetID().String() actorUri := activity.Actor.GetID().String()