diff options
| -rw-r--r-- | Database.go | 2 | ||||
| -rw-r--r-- | OutboxPost.go | 7 | ||||
| -rw-r--r-- | main.go | 11 |
3 files changed, 16 insertions, 4 deletions
diff --git a/Database.go b/Database.go index 06e8769..9b8ecda 100644 --- a/Database.go +++ b/Database.go @@ -448,7 +448,7 @@ func GetObjectByIDFromDB(db *sql.DB, postID string) Collection { var nColl Collection var result []ObjectBase - query := `select id, name, content, type, published, updated, attributedto, attachment, preview, actor from activitystream where id=$1 and id in (select id from replies where inreplyto='') and type='Note' order by updated asc` + query := `select id, name, content, type, published, updated, attributedto, attachment, preview, actor from activitystream where id=$1 and type='Note' order by updated asc` rows, err := db.Query(query, postID) diff --git a/OutboxPost.go b/OutboxPost.go index 95a7714..0280573 100644 --- a/OutboxPost.go +++ b/OutboxPost.go @@ -86,6 +86,7 @@ func ParseOutboxRequest(w http.ResponseWriter, r *http.Request, db *sql.DB) { } case "Follow": + var validActor bool var validLocalActor bool @@ -104,13 +105,13 @@ func ParseOutboxRequest(w http.ResponseWriter, r *http.Request, db *sql.DB) { var verify Verify verify.Identifier = "admin" - verify.Board = activity.Object.Actor.Id - + verify.Board = activity.Actor.Id + verify = GetVerificationCode(db, verify) code := verify.Code code = CreateTripCode(code) - code = CreateTripCode(code) + code = CreateTripCode(code) var rActivity Activity if validActor && validLocalActor && code == auth[1] || verify.Board == Domain { @@ -401,20 +401,28 @@ func main() { if follow || adminFollow { r.ParseForm() + var followActivity Activity followActivity.AtContext.Context = "https://www.w3.org/ns/activitystreams" followActivity.Type = "Follow" + var nactor Actor var obj ObjectBase followActivity.Actor = &nactor followActivity.Object = &obj followActivity.Actor.Id = r.FormValue("actor") + var mactor Actor followActivity.Object.Actor = &mactor followActivity.Object.Actor.Id = r.FormValue("follow") followActivity.To = append(followActivity.To, r.FormValue("follow")) + if followActivity.Actor.Id == Domain && !IsActorLocal(db, followActivity.Object.Actor.Id) { + w.Write([]byte("main board can only follow local boards. Create a new board and then follow outside boards from it.")) + return + } + enc, _ := json.Marshal(followActivity) req, err := http.NewRequest("POST", actor.Outbox, bytes.NewBuffer(enc)) @@ -423,6 +431,9 @@ func main() { _, pass := GetPasswordFromSession(r) + pass = CreateTripCode(pass) + pass = CreateTripCode(pass) + req.Header.Set("Authorization", "Basic " + pass) req.Header.Set("Content-Type", activitystreams) |