gsathecat
/
fediseer
mirror of https://github.com/Fediseer/fediseer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: gsathecat:aca3d807baebf5680f5538f16ba0cc5dd369163f
Branches Tags
gsathecat:main
...
compare: gsathecat:364deba6b7941b1744d48de4229a30f193880e2e
Branches Tags
gsathecat:main

2 Commits
aca3d807ba ... 364deba6b7

Author SHA1 Message Date
Divided by Zer0 364deba6b7
Merge pull request #56 from interru/firefish_admin_check 
feat: Add admin check using the provided username for firefish
 2023-11-04 23:55:41 +01:00
interru 0395da0285
Add admin check using the provided username for firefish 2023-11-04 21:54:01 +01:00
2 changed files with 18 additions and 2 deletions
Show Stats Expand all files Collapse all files

4
fediseer/apis/v1/whitelist.py
View File

@ -98,11 +98,13 @@ class WhitelistDomain(Resource):
guarantor_instance = database.find_instance_by_domain(self.args.guarantor) guarantor_instance = database.find_instance_by_domain(self.args.guarantor)
if not guarantor_instance: if not guarantor_instance:
raise e.BadRequest(f"Requested guarantor domain {self.args.guarantor} is not registered with the Fediseer yet!") raise e.BadRequest(f"Requested guarantor domain {self.args.guarantor} is not registered with the Fediseer yet!")
if self.args.admin not in instance_info.admin_usernames:
if not instance_info.is_admin(self.args.admin):
if len(instance_info.admin_usernames) == 0: if len(instance_info.admin_usernames) == 0:
raise e.Unauthorized(f"We could not discover any admins for this instance software. Please Ensure your software exposes this info. If it's exposed in a novel manner, consider sending us a PR to be able to retrieve this infomation.") raise e.Unauthorized(f"We could not discover any admins for this instance software. Please Ensure your software exposes this info. If it's exposed in a novel manner, consider sending us a PR to be able to retrieve this infomation.")
else: else:
raise e.Forbidden(f"Only admins of that {instance.software} are allowed to claim it.") raise e.Forbidden(f"Only admins of that {instance.software} are allowed to claim it.")
existing_claim = database.find_claim(f"@{self.args.admin}@{domain}") existing_claim = database.find_claim(f"@{self.args.admin}@{domain}")
if existing_claim: if existing_claim:
raise e.Forbidden(f"You have already claimed this instance as this admin. Please use the PATCH method to reset your API key.") raise e.Forbidden(f"You have already claimed this instance as this admin. Please use the PATCH method to reset your API key.")

16
fediseer/fediverse.py
View File

@ -275,6 +275,20 @@ class InstanceInfo():
else: else:
software_map[self.software]() software_map[self.software]()
def is_admin(self, user):
admin = user in self.admin_usernames
if not admin and self.software == "firefish":
payload = {
"username": user
}
user_info = requests.post(f"https://{self.domain}/api/users/show", timeout=self._req_timeout, json=payload).json()
admin = user_info.get('isAdmin', False)
if admin:
self.admin_usernames.add(user)
return admin
@staticmethod @staticmethod
def get_nodeinfo(domain, req_timeout=3): def get_nodeinfo(domain, req_timeout=3):
headers = { headers = {
@ -323,4 +337,4 @@ class InstanceInfo():
# else: # else:
# logger.error("Domain does not exist") # logger.error("Domain does not exist")
# import sys # import sys
# sys.exit() # sys.exit()