allow resigned content from trusted honkers.
but keep a log of their deceptions.
This commit is contained in:
Ted Unangst
parent
cf9a144a6c
commit
86764b327f
19
fun.go
19
fun.go
|
|
@ -328,6 +328,21 @@ func thoudostbitethythumb(userid int64, who string) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func keymatch(keyname string, actor string) bool {
|
func keymatch(keyname string, actor string, userid int64) bool {
|
||||||
return strings.HasPrefix(keyname, actor)
|
hash := strings.IndexByte(keyname, '#')
|
||||||
|
if hash == -1 {
|
||||||
|
hash = len(keyname)
|
||||||
|
}
|
||||||
|
owner := keyname[0:hash]
|
||||||
|
if owner == actor {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
row := stmtHasHonker.QueryRow(owner, userid)
|
||||||
|
var id int64
|
||||||
|
err := row.Scan(&id)
|
||||||
|
if err == nil {
|
||||||
|
log.Printf("allowing resigned content by %s", keyname)
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
return false
|
||||||
}
|
}
|
||||||
|
|
|
||||||
5
honk.go
5
honk.go
|
|
@ -320,7 +320,7 @@ func inbox(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
who, _ := jsongetstring(j, "actor")
|
who, _ := jsongetstring(j, "actor")
|
||||||
if !keymatch(keyname, who) {
|
if !keymatch(keyname, who, user.ID) {
|
||||||
log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
|
log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -1158,7 +1158,7 @@ var stmtHonksForUser, stmtHonksForMe, stmtDeleteHonk, stmtSaveDub *sql.Stmt
|
||||||
var stmtHonksByHonker, stmtSaveHonk, stmtFileData, stmtWhatAbout *sql.Stmt
|
var stmtHonksByHonker, stmtSaveHonk, stmtFileData, stmtWhatAbout *sql.Stmt
|
||||||
var stmtFindXonk, stmtSaveDonk, stmtFindFile, stmtSaveFile *sql.Stmt
|
var stmtFindXonk, stmtSaveDonk, stmtFindFile, stmtSaveFile *sql.Stmt
|
||||||
var stmtAddDoover, stmtGetDoovers, stmtLoadDoover, stmtZapDoover *sql.Stmt
|
var stmtAddDoover, stmtGetDoovers, stmtLoadDoover, stmtZapDoover *sql.Stmt
|
||||||
var stmtThumbBiter, stmtZonkIt *sql.Stmt
|
var stmtHasHonker, stmtThumbBiter, stmtZonkIt *sql.Stmt
|
||||||
|
|
||||||
func preparetodie(db *sql.DB, s string) *sql.Stmt {
|
func preparetodie(db *sql.DB, s string) *sql.Stmt {
|
||||||
stmt, err := db.Prepare(s)
|
stmt, err := db.Prepare(s)
|
||||||
|
|
@ -1172,6 +1172,7 @@ func prepareStatements(db *sql.DB) {
|
||||||
stmtHonkers = preparetodie(db, "select honkerid, userid, name, xid, flavor, combos from honkers where userid = ? and flavor = 'sub' or flavor = 'peep'")
|
stmtHonkers = preparetodie(db, "select honkerid, userid, name, xid, flavor, combos from honkers where userid = ? and flavor = 'sub' or flavor = 'peep'")
|
||||||
stmtSaveHonker = preparetodie(db, "insert into honkers (userid, name, xid, flavor, combos) values (?, ?, ?, ?, ?)")
|
stmtSaveHonker = preparetodie(db, "insert into honkers (userid, name, xid, flavor, combos) values (?, ?, ?, ?, ?)")
|
||||||
stmtUpdateHonker = preparetodie(db, "update honkers set combos = ? where honkerid = ? and userid = ?")
|
stmtUpdateHonker = preparetodie(db, "update honkers set combos = ? where honkerid = ? and userid = ?")
|
||||||
|
stmtHasHonker = preparetodie(db, "select honkerid from honkers where xid = ? and userid = ?")
|
||||||
stmtDubbers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'dub'")
|
stmtDubbers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'dub'")
|
||||||
stmtOneXonk = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where xid = ?")
|
stmtOneXonk = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where xid = ?")
|
||||||
stmtHonks = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where honker = '' order by honkid desc limit 50")
|
stmtHonks = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where honker = '' order by honkid desc limit 50")
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue