gotosocial/internal/processing/admin/accountreject.go
tobi ebec95a522
[bugfix] Lock when checking/creating notifs to avoid race (#2890)
* [bugfix] Lock when checking/creating notifs to avoid race

* test notif spam
2024-05-02 13:43:00 +01:00

113 lines
3.7 KiB
Go

// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package admin
import (
"context"
"errors"
"fmt"
"github.com/superseriousbusiness/gotosocial/internal/ap"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/messages"
)
func (p *Processor) AccountReject(
ctx context.Context,
adminAcct *gtsmodel.Account,
accountID string,
privateComment string,
sendEmail bool,
message string,
) (*apimodel.AdminAccountInfo, gtserror.WithCode) {
user, err := p.state.DB.GetUserByAccountID(ctx, accountID)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
err := gtserror.Newf("db error getting user for account id %s: %w", accountID, err)
return nil, gtserror.NewErrorInternalError(err)
}
if user == nil {
err := fmt.Errorf("user for account %s not found", accountID)
return nil, gtserror.NewErrorNotFound(err, err.Error())
}
// Get a lock on the account URI,
// since we're going to be deleting
// it and its associated user.
unlock := p.state.ProcessingLocks.Lock(user.Account.URI)
defer unlock()
// Can't reject an account with a
// user that's already been approved.
if *user.Approved {
err := fmt.Errorf("account %s has already been approved", accountID)
return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
}
// Convert to API account *before* doing the
// rejection, since the rejection will cause
// the user and account to be removed.
apiAccount, err := p.converter.AccountToAdminAPIAccount(ctx, user.Account)
if err != nil {
err := gtserror.Newf("error converting account %s to admin api model: %w", accountID, err)
return nil, gtserror.NewErrorInternalError(err)
}
// Set approved to false on the API model, to
// reflect the changes that will occur
// asynchronously in the processor.
apiAccount.Approved = false
// Ensure we an email address.
var email string
if user.Email != "" {
email = user.Email
} else {
email = user.UnconfirmedEmail
}
// Create a denied user entry for
// the worker to process + store.
deniedUser := &gtsmodel.DeniedUser{
ID: user.ID,
Email: email,
Username: user.Account.Username,
SignUpIP: user.SignUpIP,
InviteID: user.InviteID,
Locale: user.Locale,
CreatedByApplicationID: user.CreatedByApplicationID,
SignUpReason: user.Reason,
PrivateComment: privateComment,
SendEmail: &sendEmail,
Message: message,
}
// Process rejection side effects asynschronously.
p.state.Workers.Client.Queue.Push(&messages.FromClientAPI{
APObjectType: ap.ActorPerson,
APActivityType: ap.ActivityReject,
GTSModel: deniedUser,
Origin: adminAcct,
Target: user.Account,
})
return apiAccount, nil
}