nocebo/diaspora_federation
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make Participation entity non-relayable

Browse source 
Fixes #35
This commit is contained in:
Benjamin Neff 2017-04-26 02:08:38 +02:00
parent b7167b9fde
commit 41ebe13126
No known key found for this signature in database
GPG key ID: 971464C3F1A90194
4 changed files with 41 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
lib/diaspora_federation/entities/participation.rb
View file

@ -4,11 +4,22 @@ module DiasporaFederation
# #
# @see Validators::Participation # @see Validators::Participation
class Participation < Entity class Participation < Entity
# Old signature order # @!attribute [r] author
# @deprecated # The diaspora* ID of the author
LEGACY_SIGNATURE_ORDER = %i(guid parent_type parent_guid author).freeze # @see Person#author
# @return [String] diaspora* ID
property :author, :string, xml_name: :diaspora_handle
include Relayable # @!attribute [r] guid
# A random string of at least 16 chars
# @see Validation::Rule::Guid
# @return [String] guid
property :guid, :string
# @!attribute [r] parent_guid
# @see StatusMessage#guid
# @return [String] parent guid
property :parent_guid, :string
# @!attribute [r] parent_type # @!attribute [r] parent_type
# A string describing a type of the target to subscribe on # A string describing a type of the target to subscribe on
@ -16,18 +27,9 @@ module DiasporaFederation
# @return [String] parent type # @return [String] parent type
property :parent_type, :string, xml_name: :target_type property :parent_type, :string, xml_name: :target_type
# It is only valid to receive a {Participation} from the author themself. # @return [String] string representation of this object
# @deprecated remove after {Participation} doesn't include {Relayable} anymore def to_s
def sender_valid?(sender) "#{super}:#{parent_type}:#{parent_guid}"
sender == author
end
# hackaround hacky from_hash override
# @deprecated remove after {Participation} doesn't include {Relayable} anymore
def enriched_properties
super.tap {|hash|
hash.delete(:parent) if hash[:parent].nil?
}
end end
# Validates that the parent exists and the parent author is local # Validates that the parent exists and the parent author is local
@ -36,22 +38,12 @@ module DiasporaFederation
raise ParentNotLocal, "obj=#{self}" unless parent && parent.local raise ParentNotLocal, "obj=#{self}" unless parent && parent.local
end end
# Don't verify signatures for a {Participation}. Validate that the parent is local. # Validate that the parent is local.
# @see Entity.from_hash # @see Entity.from_hash
# @param [Hash] hash entity initialization hash # @param [Hash] hash entity initialization hash
# @return [Entity] instance # @return [Entity] instance
def self.from_hash(hash) def self.from_hash(hash)
new(hash.merge(parent: nil)).tap(&:validate_parent) super.tap(&:validate_parent)
end
# @deprecated remove after {Participation} doesn't include {Relayable} anymore
private_class_method def self.xml_parser_class
DiasporaFederation::Parsers::XmlParser
end
# @deprecated remove after {Participation} doesn't include {Relayable} anymore
private_class_method def self.json_parser_class
DiasporaFederation::Parsers::JsonParser
end end
# Raised, if the parent is not owned by the receiving pod. # Raised, if the parent is not owned by the receiving pod.

8
lib/diaspora_federation/schemas/federation_entities.json
View file

@ -110,9 +110,6 @@
}, },
"participation": { "participation": {
"allOf": [
{"$ref": "#/definitions/relayable"},
{
"type": "object", "type": "object",
"properties": { "properties": {
"entity_type": { "entity_type": {
@ -122,12 +119,13 @@
"entity_data": { "entity_data": {
"type": "object", "type": "object",
"properties": { "properties": {
"author": { "type": "string" },
"guid": { "$ref": "#/definitions/guid" },
"parent_guid": { "$ref": "#/definitions/guid" },
"parent_type": {"enum": ["Post"]} "parent_type": {"enum": ["Post"]}
} }
} }
} }
}
]
}, },
"poll_participation": { "poll_participation": {

4
lib/diaspora_federation/test/factories.rb
View file

@ -93,10 +93,10 @@ module DiasporaFederation
parent { Fabricate(:related_entity) } parent { Fabricate(:related_entity) }
end end
Fabricator(:participation_entity, Fabricator(:participation_entity, class_name: DiasporaFederation::Entities::Participation) do
class_name: DiasporaFederation::Entities::Participation, from: :relayable_entity) do
author { Fabricate.sequence(:diaspora_id) } author { Fabricate.sequence(:diaspora_id) }
guid { Fabricate.sequence(:guid) } guid { Fabricate.sequence(:guid) }
parent_guid { Fabricate.sequence(:guid) }
parent_type "Post" parent_type "Post"
end end

51
spec/lib/diaspora_federation/entities/participation_spec.rb
View file

@ -1,25 +1,21 @@
module DiasporaFederation module DiasporaFederation
describe Entities::Participation do describe Entities::Participation do
let(:parent) { Fabricate(:post, author: bob) } let(:parent) { Fabricate(:post, author: bob) }
let(:parent_entity) { Fabricate(:related_entity, author: bob.diaspora_id) }
let(:data) { let(:data) {
Fabricate.attributes_for( Fabricate.attributes_for(
:participation_entity, :participation_entity,
author: alice.diaspora_id, author: alice.diaspora_id,
parent_guid: parent.guid, parent_guid: parent.guid,
parent_type: parent.entity_type, parent_type: parent.entity_type
parent: parent_entity )
).tap {|hash| add_signatures(hash) }
} }
let(:xml) { <<-XML } let(:xml) { <<-XML }
<participation> <participation>
<guid>#{data[:guid]}</guid>
<target_type>#{parent.entity_type}</target_type>
<parent_guid>#{parent.guid}</parent_guid>
<diaspora_handle>#{data[:author]}</diaspora_handle> <diaspora_handle>#{data[:author]}</diaspora_handle>
<author_signature>#{data[:author_signature]}</author_signature> <guid>#{data[:guid]}</guid>
<parent_author_signature>#{data[:parent_author_signature]}</parent_author_signature> <parent_guid>#{parent.guid}</parent_guid>
<target_type>#{parent.entity_type}</target_type>
</participation> </participation>
XML XML
@ -30,16 +26,8 @@ XML
"author": "#{data[:author]}", "author": "#{data[:author]}",
"guid": "#{data[:guid]}", "guid": "#{data[:guid]}",
"parent_guid": "#{parent.guid}", "parent_guid": "#{parent.guid}",
"author_signature": "#{data[:author_signature]}",
"parent_author_signature": "#{data[:parent_author_signature]}",
"parent_type": "#{parent.entity_type}" "parent_type": "#{parent.entity_type}"
}, }
"property_order": [
"guid",
"parent_type",
"parent_guid",
"author"
]
} }
JSON JSON
@ -47,36 +35,11 @@ JSON
it_behaves_like "an Entity subclass" it_behaves_like "an Entity subclass"
it_behaves_like "an XML Entity", [:parent] it_behaves_like "an XML Entity"
it_behaves_like "a JSON Entity" it_behaves_like "a JSON Entity"
it_behaves_like "a relayable Entity"
it_behaves_like "a relayable JSON entity"
describe "#sender_valid?" do
let(:entity) { Entities::Participation.new(data) }
it "allows the author" do
expect(entity.sender_valid?(alice.diaspora_id)).to be_truthy
end
it "does not allow the parent author" do
expect(entity.sender_valid?(bob.diaspora_id)).to be_falsey
end
end
context "parse xml" do context "parse xml" do
it "does not verify the signature" do
data.merge!(author_signature: "aa", parent_author_signature: "bb")
xml = Entities::Participation.new(data).to_xml
expect {
Entities::Participation.from_xml(xml)
}.not_to raise_error
end
describe "#validate_parent" do describe "#validate_parent" do
let(:participation) { let(:participation) {
allow(DiasporaFederation.callbacks).to receive(:trigger).and_call_original allow(DiasporaFederation.callbacks).to receive(:trigger).and_call_original