From 985e66f0dfdef9d8240286ab790bc0bf69c59800 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 18 Jul 2019 10:26:47 +0100 Subject: [PATCH] Check that posts entering the inbox are valid --- epicyon.py | 4 ++-- inbox.py | 29 ++++++++++++++++++++++++++--- tests.py | 35 ++++++++++++++++++++++++++++++----- 3 files changed, 58 insertions(+), 10 deletions(-) diff --git a/epicyon.py b/epicyon.py index 9c6f41c9..ce2580cf 100644 --- a/epicyon.py +++ b/epicyon.py @@ -232,8 +232,8 @@ if args.tests: if args.testsnetwork: print('Network Tests') - testPostMessageBetweenServers() - testFollowBetweenServers() + #testPostMessageBetweenServers() + #testFollowBetweenServers() testClientToServer() sys.exit() diff --git a/inbox.py b/inbox.py index d9d67729..dc9d116d 100644 --- a/inbox.py +++ b/inbox.py @@ -40,6 +40,23 @@ from like import undoLikesCollectionEntry from blocking import isBlocked from filters import isFiltered +def validInbox(baseDir: str,nickname: str,domain: str) -> bool: + if ':' in domain: + domain=domain.split(':')[0] + inboxDir=baseDir+'/accounts/'+nickname+'@'+domain+'/inbox' + if not os.path.isdir(inboxDir): + return True + for subdir, dirs, files in os.walk(inboxDir): + for f in files: + filename = os.path.join(subdir, f) + if not os.path.isfile(filename): + print('filename: '+filename) + return False + if 'postNickname' in open(filename).read(): + print(filename) + return False + return True + def getPersonPubKey(session,personUrl: str,personCache: {},debug: bool) -> str: if not personUrl: return None @@ -896,7 +913,13 @@ def inboxAfterCapabilities(session,keyId: str,handle: str,messageJson: {}, \ if debug: print('DEBUG: object capabilities passed') print('copy from '+queueFilename+' to '+destinationFilename) - copyfile(queueFilename,destinationFilename) + + if messageJson.get('postNickname'): + with open(destinationFilename, 'w') as fp: + commentjson.dump(messageJson['post'], fp, indent=4, sort_keys=False) + else: + with open(destinationFilename, 'w') as fp: + commentjson.dump(messageJson, fp, indent=4, sort_keys=False) return True def restoreQueueItems(baseDir: str,queue: []) -> None: @@ -1155,8 +1178,8 @@ def runInboxQueue(baseDir: str,httpPrefix: str,sendThreads: [],postLog: [], \ # GET happens on individual accounts. # See posts.py/createBoxBase if len(recipientsDictFollowers)>0: - copyfile(queueFilename, \ - queueJson['destination'].replace(inboxHandle,inboxHandle)) + with open(queueJson['destination'].replace(inboxHandle,inboxHandle), 'w') as fp: + commentjson.dump(queueJson['post'], fp, indent=4, sort_keys=False) # for posts addressed to specific accounts for handle,capsId in recipientsDict.items(): diff --git a/tests.py b/tests.py index 7b808a84..c408e768 100644 --- a/tests.py +++ b/tests.py @@ -49,10 +49,12 @@ from auth import createBasicAuthHeader from auth import authorizeBasic from auth import storeBasicCredentials from like import likePost +from like import sendLikeViaServer from announce import announcePublic from announce import sendAnnounceViaServer from media import getMediaPath from delete import sendDeleteViaServer +from inbox import validInbox testServerAliceRunning = False testServerBobRunning = False @@ -1074,7 +1076,7 @@ def testClientToServer(): outboxPostId=postJsonObject['id'].replace('/activity','') assert outboxPostId print('message id obtained: '+outboxPostId) - + assert validInbox(bobDir,'bob',bobDomain) print('\n\nAlice follows Bob') sendFollowRequestViaServer(sessionAlice,'alice',password, \ @@ -1095,6 +1097,7 @@ def testClientToServer(): assert os.path.isfile(aliceDir+'/accounts/alice@'+aliceDomain+'/following.txt') assert 'alice@'+aliceDomain+':'+str(alicePort) in open(bobDir+'/accounts/bob@'+bobDomain+'/followers.txt').read() assert 'bob@'+bobDomain+':'+str(bobPort) in open(aliceDir+'/accounts/alice@'+aliceDomain+'/following.txt').read() + assert validInbox(bobDir,'bob',bobDomain) print('\n\nBob follows Alice') sendFollowRequestViaServer(sessionAlice,'bob','bobpass', \ @@ -1116,8 +1119,8 @@ def testClientToServer(): assert 'bob@'+bobDomain+':'+str(bobPort) in open(aliceDir+'/accounts/alice@'+aliceDomain+'/followers.txt').read() assert 'alice@'+aliceDomain+':'+str(alicePort) in open(bobDir+'/accounts/bob@'+bobDomain+'/following.txt').read() - - print('\n\nBob repeats the post') + + print('\n\nBob likes the post') sessionBob = createSession(bobDomain,bobPort,useTor) password='bobpass' outboxPath=bobDir+'/accounts/bob@'+bobDomain+'/outbox' @@ -1126,6 +1129,26 @@ def testClientToServer(): assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==1 print(str(len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))]))) assert len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==1 + sendLikeViaServer(sessionBob,'bob','bobpass', \ + bobDomain,bobPort, \ + httpPrefix,outboxPostId, \ + cachedWebfingers,personCache, \ + True) + for i in range(20): + if os.path.isdir(outboxPath) and os.path.isdir(inboxPath): + if len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==2: + if len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==1: + break + time.sleep(1) + assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==2 + assert len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==1 + print('Post liked') + + print('\n\nBob repeats the post') + print(str(len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))]))) + assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==2 + print(str(len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))]))) + assert len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==1 sendAnnounceViaServer(sessionBob,'bob',password, \ bobDomain,bobPort, \ httpPrefix,outboxPostId, \ @@ -1133,12 +1156,12 @@ def testClientToServer(): personCache,True) for i in range(20): if os.path.isdir(outboxPath) and os.path.isdir(inboxPath): - if len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==2: + if len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==3: if len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==2: break time.sleep(1) - assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==2 + assert len([name for name in os.listdir(outboxPath) if os.path.isfile(os.path.join(outboxPath, name))])==3 assert len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==2 print('Post repeated') @@ -1161,6 +1184,7 @@ def testClientToServer(): assert len([name for name in os.listdir(inboxPath) if os.path.isfile(os.path.join(inboxPath, name))])==postsBefore-1 print(">>> post deleted from Alice's outbox and Bob's inbox") + assert validInbox(bobDir,'bob',bobDomain) print('\n\nAlice unfollows Bob') @@ -1181,6 +1205,7 @@ def testClientToServer(): assert os.path.isfile(aliceDir+'/accounts/alice@'+aliceDomain+'/following.txt') assert 'alice@'+aliceDomain+':'+str(alicePort) not in open(bobDir+'/accounts/bob@'+bobDomain+'/followers.txt').read() assert 'bob@'+bobDomain+':'+str(bobPort) not in open(aliceDir+'/accounts/alice@'+aliceDomain+'/following.txt').read() + assert validInbox(bobDir,'bob',bobDomain) # stop the servers thrAlice.kill()