[backend] Use authenticated resolver for poll updates

2024-11-23 14:46:07 +09:00 · 2024-11-04 19:52:25 -08:00 · 2024-11-04 19:52:25 -08:00 · 3adb155ed4
commit 3adb155ed4
parent 25ac7812ef
2 changed files with 6 additions and 9 deletions
--- a/packages/backend/src/remote/activitypub/models/question.ts
+++ b/packages/backend/src/remote/activitypub/models/question.ts
@ -8,10 +8,8 @@ import type { IPoll } from "@/models/entities/poll.js";

 export async function extractPollFromQuestion(
 	source: string | IObject,
-	resolver?: Resolver,
+	resolver: Resolver,
 ): Promise<IPoll> {
-	if (resolver == null) resolver = new Resolver();
-
 	const question = await resolver.resolve(source);

 	if (!isQuestion(question)) {
@ -52,7 +50,7 @@ export async function extractPollFromQuestion(
 */
 export async function updateQuestion(
 	value: string | IQuestion,
-	resolver?: Resolver,
+	resolver: Resolver,
 ): Promise<boolean> {
 	const uri = typeof value === "string" ? value : getApId(value);

@ -68,8 +66,7 @@ export async function updateQuestion(
 	//#endregion

 	// resolve new Question object
-	const _resolver = resolver ?? new Resolver();
-	const question = (await _resolver.resolve(value)) as IQuestion;
+	const question = (await resolver.resolve(value)) as IQuestion;
 	apLogger.debug(`fetched question: ${JSON.stringify(question, null, 2)}`);

 	if (question.type !== "Question") throw new Error("object is not a Question");
--- a/packages/backend/src/server/api/endpoints/ap/show.ts
+++ b/packages/backend/src/server/api/endpoints/ap/show.ts
@ -104,6 +104,8 @@ async function fetchAny(
 	if (await shouldBlockInstance(extractDbHost(uri))) return null;

 	const dbResolver = new DbResolver();
+	const resolver = new Resolver();
+	resolver.setUser(me);

 	const [user, note] = await Promise.all([
 		dbResolver.getUserFromApId(uri),
@ -115,7 +117,7 @@ async function fetchAny(
 			// Update questions if the stored (remote) note contains the poll
 			const key = `pollFetched:${note.uri}`;
 			if ((await redisClient.exists(key)) === 0) {
-				if (await updateQuestion(note.uri)) {
+				if (await updateQuestion(note.uri, resolver)) {
 					local.object.poll = await populatePoll(note, me?.id ?? null);
 				}
 				// Allow fetching the poll again after 1 minute
@ -126,8 +128,6 @@ async function fetchAny(
 	}

 	// fetching Object once from remote
-	const resolver = new Resolver();
-	resolver.setUser(me);
 	const object = await resolver.resolve(uri);

 	// /@user If a URI other than the id is specified,