From aa1a6b97c5671bfc98db6d5e997db2bdf66351b9 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 9 Nov 2021 18:59:36 +0000 Subject: [PATCH] Private pinned posts are not really feasible with the existing authorized get requests --- daemon.py | 71 ++----------------------------------------- posts.py | 36 ---------------------- webapp_create_post.py | 3 +- webapp_profile.py | 6 ++-- 4 files changed, 5 insertions(+), 111 deletions(-) diff --git a/daemon.py b/daemon.py index 868258061..c52c1303a 100644 --- a/daemon.py +++ b/daemon.py @@ -73,7 +73,6 @@ from person import removeAccount from person import canRemovePost from person import personSnooze from person import personUnsnooze -from posts import hasPrivatePinnedPost from posts import getOriginalPostFromAnnounceUrl from posts import savePostToBox from posts import getInstanceActorKey @@ -101,7 +100,6 @@ from inbox import runInboxQueue from inbox import runInboxQueueWatchdog from inbox import savePostToInboxQueue from inbox import populateReplies -from follow import isFollowerOfPerson from follow import followerApprovalActive from follow import isFollowingActor from follow import getFollowingFeed @@ -656,7 +654,7 @@ class PubServer(BaseHTTPRequestHandler): return False return True - def _secureModeActor(self) -> str: + def _signedGETkeyId(self) -> str: """Returns the actor from the signed GET keyId """ signature = None @@ -691,7 +689,7 @@ class PubServer(BaseHTTPRequestHandler): if not self.server.secureMode and not force: return True - keyId = self._secureModeActor() + keyId = self._signedGETkeyId() if not keyId: if self.server.debug: print('AUTH: secure mode, ' + @@ -12987,52 +12985,6 @@ class PubServer(BaseHTTPRequestHandler): nickname = self.path.split('/users/')[1] if '/' in nickname: nickname = nickname.split('/')[0] - showPinned = True - # is the pinned post for followers only? - if hasPrivatePinnedPost(self.server.baseDir, - self.server.httpPrefix, - nickname, self.server.domain, - self.server.domainFull, - self.server.systemLanguage): - followerActor = self._secureModeActor() - if not followerActor: - showPinned = False - else: - followerNickname = getNicknameFromActor(followerActor) - followerDomain, followerPort = \ - getDomainFromActor(followerActor) - followerDomainFull = \ - getFullDomain(followerDomain, followerPort) - if not isFollowerOfPerson(self.server.baseDir, - nickname, self.server.domain, - followerNickname, - followerDomainFull): - showPinned = False - else: - # does their GET signature verify? - if not self._secureMode(True): - # GET request signature failed - showPinned = False - if not showPinned: - # follower check failed, so just return an empty collection - postContext = getIndividualPostContext() - actor = \ - self.server.httpPrefix + '://' + \ - self.server.domainFull + '/users/' + nickname - emptyCollectionJson = { - '@context': postContext, - 'id': actor + '/collections/featured', - 'orderedItems': [], - 'totalItems': 0, - 'type': 'OrderedCollection' - } - msg = json.dumps(emptyCollectionJson, - ensure_ascii=False).encode('utf-8') - msglen = len(msg) - self._set_headers('application/json', - msglen, None, callingDomain, False) - self._write(msg) - return # return the featured posts collection self._getFeaturedCollection(callingDomain, self.server.baseDir, @@ -15795,16 +15747,6 @@ class PubServer(BaseHTTPRequestHandler): else: return -1 elif postType == 'newfollowers': - if not fields.get('pinToProfile'): - pinToProfile = False - else: - pinToProfile = True - # is the post message empty? - if not fields['message']: - # remove the pinned content from profile screen - undoPinnedPost(self.server.baseDir, - nickname, self.server.domain) - return 1 city = getSpoofedCity(self.server.city, self.server.baseDir, nickname, @@ -15844,15 +15786,6 @@ class PubServer(BaseHTTPRequestHandler): if messageJson: if fields['schedulePost']: return 1 - if pinToProfile: - contentStr = \ - getBaseContentFromPost(messageJson, - self.server.systemLanguage) - followersOnly = True - pinPost(self.server.baseDir, - nickname, self.server.domain, contentStr, - followersOnly) - return 1 if self._postToOutbox(messageJson, self.server.projectVersion, nickname): diff --git a/posts.py b/posts.py index e3acde056..763acdd69 100644 --- a/posts.py +++ b/posts.py @@ -1570,18 +1570,6 @@ def pinPost(baseDir: str, nickname: str, domain: str, with open(pinnedFilename, 'w+') as pinFile: pinFile.write(pinnedContent) - privatePinnedFilename = accountDir + '/pinToProfile.private' - if followersOnly: - with open(privatePinnedFilename, 'w+') as pinFile: - pinFile.write('\n') - else: - if os.path.isfile(privatePinnedFilename): - try: - os.remove(privatePinnedFilename) - except BaseException: - print('EX: pinPost unable to delete private ' + - privatePinnedFilename) - def undoPinnedPost(baseDir: str, nickname: str, domain: str) -> None: """Removes pinned content for then given account @@ -1594,14 +1582,6 @@ def undoPinnedPost(baseDir: str, nickname: str, domain: str) -> None: except BaseException: print('EX: undoPinnedPost unable to delete ' + pinnedFilename) - privatePinnedFilename = accountDir + '/pinToProfile.private' - if os.path.isfile(privatePinnedFilename): - try: - os.remove(privatePinnedFilename) - except BaseException: - print('EX: undoPinnedPost unable to delete private ' + - privatePinnedFilename) - def getPinnedPostAsJson(baseDir: str, httpPrefix: str, nickname: str, domain: str, @@ -1667,22 +1647,6 @@ def jsonPinPost(baseDir: str, httpPrefix: str, } -def hasPrivatePinnedPost(baseDir: str, httpPrefix: str, - nickname: str, domain: str, - domainFull: str, systemLanguage: str) -> bool: - """Whether the given account has a private pinned post - """ - pinnedPostJson = \ - getPinnedPostAsJson(baseDir, httpPrefix, - nickname, domain, - domainFull, systemLanguage) - if not pinnedPostJson: - return False - if not isPublicPost(pinnedPostJson): - return True - return False - - def regenerateIndexForBox(baseDir: str, nickname: str, domain: str, boxName: str) -> None: """Generates an index for the given box if it doesn't exist diff --git a/webapp_create_post.py b/webapp_create_post.py index 0176e1005..34205d83d 100644 --- a/webapp_create_post.py +++ b/webapp_create_post.py @@ -575,8 +575,7 @@ def htmlNewPost(cssCache: {}, mediaInstance: bool, translate: {}, '\n' - if endpoint == 'newpost' or \ - endpoint == 'newfollowers': + if endpoint == 'newpost': dateAndLocation += \ '