From 142a39cf5586807a6794e02e85b3325cad69a59b Mon Sep 17 00:00:00 2001 From: Mouse Reeve Date: Fri, 4 Dec 2020 16:26:07 -0800 Subject: [PATCH] Updates remote user when refreshing key --- bookwyrm/activitypub/base_activity.py | 11 ++++++----- bookwyrm/incoming.py | 2 +- bookwyrm/tests/test_signing.py | 19 ++++++------------- 3 files changed, 13 insertions(+), 19 deletions(-) diff --git a/bookwyrm/activitypub/base_activity.py b/bookwyrm/activitypub/base_activity.py index ebc026b99..0a34d067f 100644 --- a/bookwyrm/activitypub/base_activity.py +++ b/bookwyrm/activitypub/base_activity.py @@ -106,7 +106,7 @@ class ActivityObject: if isinstance(formatted_value, dict) and \ formatted_value.get('id'): # if the AP field is a serialized object (as in Add) - # or PublicKey + # or KeyPair (even though it's OneToOne) related_model = field.related_model related_activity = related_model.activity_serializer mapped_fields[field.name] = related_activity( @@ -131,6 +131,7 @@ class ActivityObject: formatted_value = None mapped_fields[field.name] = formatted_value + if instance: # updating an existing model instance for k, v in mapped_fields.items(): @@ -178,13 +179,13 @@ class ActivityObject: if values == MISSING: continue model_field = getattr(instance, model_key) - model = model_field.model + related_model = model_field.model for item in values: if isinstance(item, str): - item = resolve_remote_id(model, item) + item = resolve_remote_id(related_model, item) else: - item = model.activity_serializer(**item) - item = item.to_model(model) + item = related_model.activity_serializer(**item) + item = item.to_model(related_model) field_name = instance.__class__.__name__.lower() setattr(item, field_name, instance) item.save() diff --git a/bookwyrm/incoming.py b/bookwyrm/incoming.py index 29c0be984..bbbebf0fe 100644 --- a/bookwyrm/incoming.py +++ b/bookwyrm/incoming.py @@ -103,7 +103,7 @@ def has_valid_signature(request, activity): signature.verify(remote_user.key_pair.public_key, request) except ValueError: old_key = remote_user.key_pair.public_key - activitypub.resolve_remote_id( + remote_user = activitypub.resolve_remote_id( models.User, remote_user.remote_id, refresh=True ) if remote_user.key_pair.public_key == old_key: diff --git a/bookwyrm/tests/test_signing.py b/bookwyrm/tests/test_signing.py index f2997ff97..bf2527647 100644 --- a/bookwyrm/tests/test_signing.py +++ b/bookwyrm/tests/test_signing.py @@ -111,7 +111,7 @@ class Signature(TestCase): status=200 ) - with patch('bookwyrm.models.user.get_remote_reviews.delay') as _: + with patch('bookwyrm.models.user.get_remote_reviews.delay'): response = self.send_test_request(sender=self.fake_remote) self.assertEqual(response.status_code, 200) @@ -131,17 +131,10 @@ class Signature(TestCase): responses.GET, 'https://localhost/.well-known/nodeinfo', status=404) - responses.add( - responses.GET, - 'https://example.com/user/mouse/outbox?page=true', - json={'orderedItems': []}, - status=200 - ) # Second and subsequent fetches get a different key: key_pair = KeyPair(*create_key_pair()) - new_sender = Sender( - self.fake_remote.remote_id, key_pair) + new_sender = Sender(self.fake_remote.remote_id, key_pair) data['publicKey']['publicKeyPem'] = key_pair.public_key responses.add( responses.GET, @@ -149,7 +142,7 @@ class Signature(TestCase): json=data, status=200) - with patch('bookwyrm.models.user.get_remote_reviews.delay') as _: + with patch('bookwyrm.models.user.get_remote_reviews.delay'): # Key correct: response = self.send_test_request(sender=self.fake_remote) self.assertEqual(response.status_code, 200) @@ -181,7 +174,7 @@ class Signature(TestCase): @pytest.mark.integration def test_changed_data(self): '''Message data must match the digest header.''' - with patch('bookwyrm.activitypub.resolve_remote_id') as _: + with patch('bookwyrm.activitypub.resolve_remote_id'): response = self.send_test_request( self.mouse, send_data=get_follow_data(self.mouse, self.cat)) @@ -189,7 +182,7 @@ class Signature(TestCase): @pytest.mark.integration def test_invalid_digest(self): - with patch('bookwyrm.activitypub.resolve_remote_id') as _: + with patch('bookwyrm.activitypub.resolve_remote_id'): response = self.send_test_request( self.mouse, digest='SHA-256=AAAAAAAAAAAAAAAAAA') @@ -198,7 +191,7 @@ class Signature(TestCase): @pytest.mark.integration def test_old_message(self): '''Old messages should be rejected to prevent replay attacks.''' - with patch('bookwyrm.activitypub.resolve_remote_id') as _: + with patch('bookwyrm.activitypub.resolve_remote_id'): response = self.send_test_request( self.mouse, date=http_date(time.time() - 301)