Reject unconfirmed FASPs (#37926)

3 days ago · b89d6e256b
parent 7de301922b
commit b89d6e256b
11 changed files with 106 additions and 70 deletions
--- a/app/controllers/api/fasp/base_controller.rb
+++ b/app/controllers/api/fasp/base_controller.rb
@ -47,7 +47,7 @@ class Api::Fasp::BaseController < ApplicationController
    provider = nil

    Linzer.verify!(request.rack_request, no_older_than: 5.minutes) do |keyid|
-      provider = Fasp::Provider.find(keyid)
+      provider = Fasp::Provider.confirmed.find(keyid)
      Linzer.new_ed25519_public_key(provider.provider_public_key_pem, keyid)
    end

--- a/app/models/fasp/provider.rb
+++ b/app/models/fasp/provider.rb
@ -34,6 +34,7 @@ class Fasp::Provider < ApplicationRecord
  before_create :create_keypair
  after_commit :update_remote_capabilities

+  scope :confirmed, -> { where(confirmed: true) }
  scope :with_capability, lambda { |capability_name|
    where('fasp_providers.capabilities @> ?::jsonb', "[{\"id\": \"#{capability_name}\", \"enabled\": true}]")
  }
--- a/spec/requests/api/fasp/data_sharing/v0/backfill_requests_spec.rb
+++ b/spec/requests/api/fasp/data_sharing/v0/backfill_requests_spec.rb
@ -6,34 +6,33 @@ RSpec.describe 'Api::Fasp::DataSharing::V0::BackfillRequests', feature: :fasp do
  include ProviderRequestHelper

  describe 'POST /api/fasp/data_sharing/v0/backfill_requests' do
-    let(:provider) { Fabricate(:fasp_provider) }
+    subject do
+      post api_fasp_data_sharing_v0_backfill_requests_path, headers:, params:, as: :json
+    end
+
+    let(:provider) { Fabricate(:confirmed_fasp) }
+    let(:params) { { category: 'content', maxCount: 10 } }
+    let(:headers) do
+      request_authentication_headers(provider,
+                                     url: api_fasp_data_sharing_v0_backfill_requests_url,
+                                     method: :post,
+                                     body: params)
+    end
+
+    it_behaves_like 'forbidden for unconfirmed provider'

    context 'with valid parameters' do
      it 'creates a new backfill request' do
-        params = { category: 'content', maxCount: 10 }
-        headers = request_authentication_headers(provider,
-                                                 url: api_fasp_data_sharing_v0_backfill_requests_url,
-                                                 method: :post,
-                                                 body: params)
-
-        expect do
-          post api_fasp_data_sharing_v0_backfill_requests_path, headers:, params:, as: :json
-        end.to change(Fasp::BackfillRequest, :count).by(1)
+        expect { subject }.to change(Fasp::BackfillRequest, :count).by(1)
        expect(response).to have_http_status(201)
      end
    end

    context 'with invalid parameters' do
+      let(:params) { { category: 'unknown', maxCount: 10 } }
+
      it 'does not create a backfill request' do
-        params = { category: 'unknown', maxCount: 10 }
-        headers = request_authentication_headers(provider,
-                                                 url: api_fasp_data_sharing_v0_backfill_requests_url,
-                                                 method: :post,
-                                                 body: params)
-
-        expect do
-          post api_fasp_data_sharing_v0_backfill_requests_path, headers:, params:, as: :json
-        end.to_not change(Fasp::BackfillRequest, :count)
+        expect { subject }.to_not change(Fasp::BackfillRequest, :count)
        expect(response).to have_http_status(422)
      end
    end
--- a/spec/requests/api/fasp/data_sharing/v0/continuations_spec.rb
+++ b/spec/requests/api/fasp/data_sharing/v0/continuations_spec.rb
@ -6,15 +6,22 @@ RSpec.describe 'Api::Fasp::DataSharing::V0::Continuations', feature: :fasp do
  include ProviderRequestHelper

  describe 'POST /api/fasp/data_sharing/v0/backfill_requests/:id/continuations' do
-    let(:backfill_request) { Fabricate(:fasp_backfill_request) }
-    let(:provider) { backfill_request.fasp_provider }
+    subject do
+      post api_fasp_data_sharing_v0_backfill_request_continuation_path(backfill_request), headers:, as: :json
+    end

-    it 'queues a job to continue the given backfill request' do
-      headers = request_authentication_headers(provider,
-                                               url: api_fasp_data_sharing_v0_backfill_request_continuation_url(backfill_request),
-                                               method: :post)
+    let(:provider) { Fabricate(:confirmed_fasp) }
+    let(:backfill_request) { Fabricate(:fasp_backfill_request, fasp_provider: provider) }
+    let(:headers) do
+      request_authentication_headers(provider,
+                                     url: api_fasp_data_sharing_v0_backfill_request_continuation_url(backfill_request),
+                                     method: :post)
+    end

-      post api_fasp_data_sharing_v0_backfill_request_continuation_path(backfill_request), headers:, as: :json
+    it_behaves_like 'forbidden for unconfirmed provider'
+
+    it 'queues a job to continue the given backfill request' do
+      subject
      expect(response).to have_http_status(204)
      expect(Fasp::BackfillWorker).to have_enqueued_sidekiq_job(backfill_request.id)
    end
--- a/spec/requests/api/fasp/data_sharing/v0/event_subscriptions_spec.rb
+++ b/spec/requests/api/fasp/data_sharing/v0/event_subscriptions_spec.rb
@ -6,51 +6,57 @@ RSpec.describe 'Api::Fasp::DataSharing::V0::EventSubscriptions', feature: :fasp
  include ProviderRequestHelper

  describe 'POST /api/fasp/data_sharing/v0/event_subscriptions' do
-    let(:provider) { Fabricate(:fasp_provider) }
+    subject do
+      post api_fasp_data_sharing_v0_event_subscriptions_path, headers:, params:, as: :json
+    end
+
+    let(:provider) { Fabricate(:confirmed_fasp) }
+    let(:params) { { category: 'content', subscriptionType: 'lifecycle', maxBatchSize: 10 } }
+    let(:headers) do
+      request_authentication_headers(provider,
+                                     url: api_fasp_data_sharing_v0_event_subscriptions_url,
+                                     method: :post,
+                                     body: params)
+    end
+
+    it_behaves_like 'forbidden for unconfirmed provider'

    context 'with valid parameters' do
      it 'creates a new subscription' do
-        params = { category: 'content', subscriptionType: 'lifecycle', maxBatchSize: 10 }
-        headers = request_authentication_headers(provider,
-                                                 url: api_fasp_data_sharing_v0_event_subscriptions_url,
-                                                 method: :post,
-                                                 body: params)
-
        expect do
-          post api_fasp_data_sharing_v0_event_subscriptions_path, headers:, params:, as: :json
+          subject
        end.to change(Fasp::Subscription, :count).by(1)
        expect(response).to have_http_status(201)
      end
    end

    context 'with invalid parameters' do
-      it 'does not create a subscription' do
-        params = { category: 'unknown' }
-        headers = request_authentication_headers(provider,
-                                                 url: api_fasp_data_sharing_v0_event_subscriptions_url,
-                                                 method: :post,
-                                                 body: params)
+      let(:params) { { category: 'unknown' } }

-        expect do
-          post api_fasp_data_sharing_v0_event_subscriptions_path, headers:, params:, as: :json
-        end.to_not change(Fasp::Subscription, :count)
+      it 'does not create a subscription' do
+        expect { subject }.to_not change(Fasp::Subscription, :count)
        expect(response).to have_http_status(422)
      end
    end
  end

  describe 'DELETE /api/fasp/data_sharing/v0/event_subscriptions/:id' do
-    let(:subscription) { Fabricate(:fasp_subscription) }
-    let(:provider) { subscription.fasp_provider }
+    subject do
+      delete api_fasp_data_sharing_v0_event_subscription_path(subscription), headers:, as: :json
+    end

-    it 'deletes the subscription' do
-      headers = request_authentication_headers(provider,
-                                               url: api_fasp_data_sharing_v0_event_subscription_url(subscription),
-                                               method: :delete)
+    let(:provider) { Fabricate(:confirmed_fasp) }
+    let!(:subscription) { Fabricate(:fasp_subscription, fasp_provider: provider) }
+    let(:headers) do
+      request_authentication_headers(provider,
+                                     url: api_fasp_data_sharing_v0_event_subscription_url(subscription),
+                                     method: :delete)
+    end
+
+    it_behaves_like 'forbidden for unconfirmed provider'

-      expect do
-        delete api_fasp_data_sharing_v0_event_subscription_path(subscription), headers:, as: :json
-      end.to change(Fasp::Subscription, :count).by(-1)
+    it 'deletes the subscription' do
+      expect { subject }.to change(Fasp::Subscription, :count).by(-1)
      expect(response).to have_http_status(204)
    end
  end
--- a/spec/requests/api/fasp/debug/v0/callback/responses_spec.rb
+++ b/spec/requests/api/fasp/debug/v0/callback/responses_spec.rb
@ -6,18 +6,23 @@ RSpec.describe 'Api::Fasp::Debug::V0::Callback::Responses', feature: :fasp do
  include ProviderRequestHelper

  describe 'POST /api/fasp/debug/v0/callback/responses' do
-    let(:provider) { Fabricate(:debug_fasp) }
+    subject do
+      post api_fasp_debug_v0_callback_responses_path, headers:, params: payload, as: :json
+    end

-    it 'create a record of the callback' do
-      payload = { test: 'call' }
-      headers = request_authentication_headers(provider,
-                                               url: api_fasp_debug_v0_callback_responses_url,
-                                               method: :post,
-                                               body: payload)
+    let(:provider) { Fabricate(:confirmed_fasp) }
+    let(:payload) { { test: 'call' } }
+    let(:headers) do
+      request_authentication_headers(provider,
+                                     url: api_fasp_debug_v0_callback_responses_url,
+                                     method: :post,
+                                     body: payload)
+    end

-      expect do
-        post api_fasp_debug_v0_callback_responses_path, headers:, params: payload, as: :json
-      end.to change(Fasp::DebugCallback, :count).by(1)
+    it_behaves_like 'forbidden for unconfirmed provider'
+
+    it 'create a record of the callback' do
+      expect { subject }.to change(Fasp::DebugCallback, :count).by(1)
      expect(response).to have_http_status(201)

      debug_callback = Fasp::DebugCallback.last
--- a/spec/support/examples/fasp/api.rb
+++ b/spec/support/examples/fasp/api.rb
@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+RSpec.shared_examples 'forbidden for unconfirmed provider' do
+  context 'when the requesting provider is unconfirmed' do
+    let(:provider) { Fabricate(:fasp_provider) }
+
+    it 'returns http unauthorized' do
+      subject
+
+      expect(response).to have_http_status(401)
+    end
+  end
+end
--- a/spec/workers/fasp/announce_account_lifecycle_event_worker_spec.rb
+++ b/spec/workers/fasp/announce_account_lifecycle_event_worker_spec.rb
@ -6,10 +6,11 @@ RSpec.describe Fasp::AnnounceAccountLifecycleEventWorker do
  include ProviderRequestHelper

  let(:account_uri) { 'https://masto.example.com/accounts/1' }
+  let(:provider) { Fabricate(:confirmed_fasp) }
  let(:subscription) do
-    Fabricate(:fasp_subscription, category: 'account')
+    Fabricate(:fasp_subscription, fasp_provider: provider, category: 'account')
  end
-  let(:provider) { subscription.fasp_provider }
+
  let!(:stubbed_request) do
    stub_provider_request(provider,
                          method: :post,
--- a/spec/workers/fasp/announce_content_lifecycle_event_worker_spec.rb
+++ b/spec/workers/fasp/announce_content_lifecycle_event_worker_spec.rb
@ -6,10 +6,11 @@ RSpec.describe Fasp::AnnounceContentLifecycleEventWorker do
  include ProviderRequestHelper

  let(:status_uri) { 'https://masto.example.com/status/1' }
+  let(:provider) { Fabricate(:confirmed_fasp) }
  let(:subscription) do
-    Fabricate(:fasp_subscription)
+    Fabricate(:fasp_subscription, fasp_provider: provider)
  end
-  let(:provider) { subscription.fasp_provider }
+
  let!(:stubbed_request) do
    stub_provider_request(provider,
                          method: :post,
--- a/spec/workers/fasp/announce_trend_worker_spec.rb
+++ b/spec/workers/fasp/announce_trend_worker_spec.rb
@ -6,14 +6,15 @@ RSpec.describe Fasp::AnnounceTrendWorker do
  include ProviderRequestHelper

  let(:status) { Fabricate(:status) }
+  let(:provider) { Fabricate(:confirmed_fasp) }
  let(:subscription) do
    Fabricate(:fasp_subscription,
+              fasp_provider: provider,
              category: 'content',
              subscription_type: 'trends',
              threshold_timeframe: 15,
              threshold_likes: 2)
  end
-  let(:provider) { subscription.fasp_provider }
  let!(:stubbed_request) do
    stub_provider_request(provider,
                          method: :post,
--- a/spec/workers/fasp/backfill_worker_spec.rb
+++ b/spec/workers/fasp/backfill_worker_spec.rb
@ -5,8 +5,10 @@ require 'rails_helper'
 RSpec.describe Fasp::BackfillWorker do
  include ProviderRequestHelper

-  let(:backfill_request) { Fabricate(:fasp_backfill_request) }
-  let(:provider) { backfill_request.fasp_provider }
+  subject { described_class.new.perform(backfill_request.id) }
+
+  let(:provider) { Fabricate(:confirmed_fasp) }
+  let(:backfill_request) { Fabricate(:fasp_backfill_request, fasp_provider: provider) }
  let(:status) { Fabricate(:status) }
  let!(:stubbed_request) do
    stub_provider_request(provider,