mirror/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-10 04:05:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Add review todos

Browse source
This commit is contained in:
erik 2023-12-08 11:54:07 +01:00 committed by Michael Jerger
parent 22d71e6b30
commit 3c515c2614
4 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
models/activitypub/actor.go
View file

@ -123,7 +123,7 @@ func removeEmptyStrings(ls []string) []string {
return rs return rs
} }
func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) { func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) { // ToDo: Validate that it is not the same host as ours.
err := validate_is_not_empty(unvalidatedIRI) // url.Parse seems to accept empty strings? err := validate_is_not_empty(unvalidatedIRI) // url.Parse seems to accept empty strings?
if err != nil { if err != nil {
return url.URL{}, err return url.URL{}, err
@ -142,7 +142,7 @@ func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) {
} }
// TODO: This parsing is very Person-Specific. We should adjust the name & move to a better location (maybe forgefed package?) // TODO: This parsing is very Person-Specific. We should adjust the name & move to a better location (maybe forgefed package?)
func ParseActorID(validatedURL url.URL, source string) ActorID { func ParseActorID(validatedURL url.URL, source string) ActorID { // ToDo: Turn this into a factory function and do not split parsing and validation rigurously
pathWithUserID := strings.Split(validatedURL.Path, "/") pathWithUserID := strings.Split(validatedURL.Path, "/")

2
modules/activitypub/client.go
View file

@ -125,7 +125,7 @@ func (c *Client) Post(b []byte, to string) (resp *http.Response, err error) {
} }
// Create an http GET request with forgejo/gitea specific headers // Create an http GET request with forgejo/gitea specific headers
func (c *Client) Get(b []byte, to string) (resp *http.Response, err error) { func (c *Client) Get(b []byte, to string) (resp *http.Response, err error) { // ToDo: we might not need the b parameter
var req *http.Request var req *http.Request
if req, err = c.NewRequest(http.MethodGet, b, to); err != nil { if req, err = c.NewRequest(http.MethodGet, b, to); err != nil {
return nil, err return nil, err

4
routers/api/v1/activitypub/repository.go
View file

@ -93,7 +93,7 @@ func searchUsersByPerson(actorId string) ([]*user_model.User, error) {
} }
func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]byte, error) { func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]byte, error) { // ToDo: We could split this: move body reading to unmarshall
// TODO: The star receiver signs the http get request will maybe not work. // TODO: The star receiver signs the http get request will maybe not work.
// The remote repo has probably diferent keys as the local one. // The remote repo has probably diferent keys as the local one.
@ -101,7 +101,7 @@ func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]b
// Why should we use a signed request here at all? // Why should we use a signed request here at all?
// > To provide an extra layer of security against in flight tampering: https://github.com/go-fed/httpsig/blob/55836744818e/httpsig.go#L116 // > To provide an extra layer of security against in flight tampering: https://github.com/go-fed/httpsig/blob/55836744818e/httpsig.go#L116
client, err := api.NewClient(ctx, actionsUser, starReceiver) client, err := api.NewClient(ctx, actionsUser, starReceiver) // ToDo: Do we get a publicKeyId of owner or repo?
if err != nil { if err != nil {
return []byte{0}, err return []byte{0}, err
} }

3
routers/api/v1/activitypub/repository_test.go Normal file
View file

@ -0,0 +1,3 @@
package activitypub
// ToDo: maybe some unit tests for the functions written in repository.go