Add review todos

This commit is contained in:
erik 2023-12-08 11:54:07 +01:00 committed by Michael Jerger
parent 22d71e6b30
commit 3c515c2614
4 changed files with 8 additions and 5 deletions

View file

@ -123,7 +123,7 @@ func removeEmptyStrings(ls []string) []string {
return rs
}
func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) {
func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) { // ToDo: Validate that it is not the same host as ours.
err := validate_is_not_empty(unvalidatedIRI) // url.Parse seems to accept empty strings?
if err != nil {
return url.URL{}, err
@ -142,7 +142,7 @@ func ValidateAndParseIRI(unvalidatedIRI string) (url.URL, error) {
}
// TODO: This parsing is very Person-Specific. We should adjust the name & move to a better location (maybe forgefed package?)
func ParseActorID(validatedURL url.URL, source string) ActorID {
func ParseActorID(validatedURL url.URL, source string) ActorID { // ToDo: Turn this into a factory function and do not split parsing and validation rigurously
pathWithUserID := strings.Split(validatedURL.Path, "/")

View file

@ -125,7 +125,7 @@ func (c *Client) Post(b []byte, to string) (resp *http.Response, err error) {
}
// Create an http GET request with forgejo/gitea specific headers
func (c *Client) Get(b []byte, to string) (resp *http.Response, err error) {
func (c *Client) Get(b []byte, to string) (resp *http.Response, err error) { // ToDo: we might not need the b parameter
var req *http.Request
if req, err = c.NewRequest(http.MethodGet, b, to); err != nil {
return nil, err

View file

@ -93,7 +93,7 @@ func searchUsersByPerson(actorId string) ([]*user_model.User, error) {
}
func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]byte, error) {
func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]byte, error) { // ToDo: We could split this: move body reading to unmarshall
// TODO: The star receiver signs the http get request will maybe not work.
// The remote repo has probably diferent keys as the local one.
@ -101,7 +101,7 @@ func getBody(remoteStargazer, starReceiver string, ctx *context.APIContext) ([]b
// Why should we use a signed request here at all?
// > To provide an extra layer of security against in flight tampering: https://github.com/go-fed/httpsig/blob/55836744818e/httpsig.go#L116
client, err := api.NewClient(ctx, actionsUser, starReceiver)
client, err := api.NewClient(ctx, actionsUser, starReceiver) // ToDo: Do we get a publicKeyId of owner or repo?
if err != nil {
return []byte{0}, err
}

View file

@ -0,0 +1,3 @@
package activitypub
// ToDo: maybe some unit tests for the functions written in repository.go