feat(consumer): don't index pinned posts where the post isn't by the pinning did

Parakeet is a Rust-based Bluesky AppServer aiming to implement most of the functionality required to support the Bluesky client

appview atproto bluesky rust appserver

fork atom

mia.omg.lol 5 months ago e8510d71 e6b707d7

verified

+19 -7

2 changed files

expand all

unified split

consumer

src

indexer

mod.rs

utils.rs

+13 -7

consumer/src/indexer/mod.rs

··· 7 use crate::indexer::types::{ 8 AggregateDeltaStore, BackfillItem, BackfillItemInner, CollectionType, RecordTypes, 9 }; 10 use deadpool_postgres::{Object, Pool, Transaction}; 11 use did_resolver::Resolver; 12 use foldhash::quality::RandomState; ··· 551 rkey: &str, 552 ) -> eyre::Result<()> { 553 match record { 554 - RecordTypes::AppBskyActorProfile(record) => { 555 if rkey == "self" { 556 let labels = record.labels.clone(); 557 db::profile_upsert(conn, repo, cid, record).await?; 558 559 if let Some(labels) = labels { ··· 629 } 630 } 631 RecordTypes::AppBskyFeedPostgate(record) => { 632 - let split_aturi = record.post.rsplitn(4, '/').collect::<Vec<_>>(); 633 - if repo != split_aturi[2] { 634 tracing::warn!("tried to create a postgate on a post we don't control!"); 635 return Ok(()); 636 } ··· 660 db::repost_insert(conn, rkey, repo, record).await?; 661 } 662 RecordTypes::AppBskyFeedThreadgate(record) => { 663 - let split_aturi = record.post.rsplitn(4, '/').collect::<Vec<_>>(); 664 - if repo != split_aturi[2] { 665 tracing::warn!("tried to create a threadgate on a post we don't control!"); 666 return Ok(()); 667 } ··· 701 db::list_block_insert(conn, at_uri, repo, record).await?; 702 } 703 RecordTypes::AppBskyGraphListItem(record) => { 704 - let split_aturi = record.list.rsplitn(4, '/').collect::<Vec<_>>(); 705 - if repo != split_aturi[2] { 706 // it's also probably a bad idea to log *all* the attempts to do this... 707 tracing::warn!("tried to create a listitem on a list we don't control!"); 708 return Ok(());

··· 7 use crate::indexer::types::{ 8 AggregateDeltaStore, BackfillItem, BackfillItemInner, CollectionType, RecordTypes, 9 }; 10 + use crate::utils::at_uri_is_by; 11 use deadpool_postgres::{Object, Pool, Transaction}; 12 use did_resolver::Resolver; 13 use foldhash::quality::RandomState; ··· 552 rkey: &str, 553 ) -> eyre::Result<()> { 554 match record { 555 + RecordTypes::AppBskyActorProfile(mut record) => { 556 if rkey == "self" { 557 let labels = record.labels.clone(); 558 + 559 + // don't allow pinned posts that aren't by us. 560 + if let Some(pinned) = &record.pinned_post { 561 + if !at_uri_is_by(&pinned.uri, repo) { 562 + record.pinned_post = None; 563 + } 564 + } 565 + 566 db::profile_upsert(conn, repo, cid, record).await?; 567 568 if let Some(labels) = labels { ··· 638 } 639 } 640 RecordTypes::AppBskyFeedPostgate(record) => { 641 + if !at_uri_is_by(&record.post, repo) { 642 tracing::warn!("tried to create a postgate on a post we don't control!"); 643 return Ok(()); 644 } ··· 668 db::repost_insert(conn, rkey, repo, record).await?; 669 } 670 RecordTypes::AppBskyFeedThreadgate(record) => { 671 + if !at_uri_is_by(&record.post, repo) { 672 tracing::warn!("tried to create a threadgate on a post we don't control!"); 673 return Ok(()); 674 } ··· 708 db::list_block_insert(conn, at_uri, repo, record).await?; 709 } 710 RecordTypes::AppBskyGraphListItem(record) => { 711 + if !at_uri_is_by(&record.list, repo) { 712 // it's also probably a bad idea to log *all* the attempts to do this... 713 tracing::warn!("tried to create a listitem on a list we don't control!"); 714 return Ok(());

consumer/src/utils.rs

··· 35 None 36 } 37 }

··· 35 None 36 } 37 } 38 + 39 + pub fn at_uri_is_by(uri: &str, did: &str) -> bool { 40 + let split_aturi = uri.rsplitn(4, '/').collect::<Vec<_>>(); 41 + 42 + did == split_aturi[2] 43 + }