Merge remote-tracking branch 'origin/main' into signer-middleware

This commit is contained in:
Alex Gleason 2024-05-14 14:48:47 -05:00
commit efa1c92044
No known key found for this signature in database
GPG Key ID: 7211D1F99744FBB7
7 changed files with 62 additions and 37 deletions

View File

@ -20,7 +20,7 @@
"@db/sqlite": "jsr:@db/sqlite@^0.11.1", "@db/sqlite": "jsr:@db/sqlite@^0.11.1",
"@isaacs/ttlcache": "npm:@isaacs/ttlcache@^1.4.1", "@isaacs/ttlcache": "npm:@isaacs/ttlcache@^1.4.1",
"@noble/secp256k1": "npm:@noble/secp256k1@^2.0.0", "@noble/secp256k1": "npm:@noble/secp256k1@^2.0.0",
"@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.17.1", "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.19.0",
"@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs", "@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs",
"@soapbox/kysely-deno-sqlite": "jsr:@soapbox/kysely-deno-sqlite@^2.1.0", "@soapbox/kysely-deno-sqlite": "jsr:@soapbox/kysely-deno-sqlite@^2.1.0",
"@soapbox/stickynotes": "jsr:@soapbox/stickynotes@^0.4.0", "@soapbox/stickynotes": "jsr:@soapbox/stickynotes@^0.4.0",

24
src/RelayError.ts Normal file
View File

@ -0,0 +1,24 @@
import { NostrRelayOK } from '@nostrify/nostrify';
export type RelayErrorPrefix = 'duplicate' | 'pow' | 'blocked' | 'rate-limited' | 'invalid' | 'error';
/** NIP-01 command line result. */
export class RelayError extends Error {
constructor(prefix: RelayErrorPrefix, message: string) {
super(`${prefix}: ${message}`);
}
/** Construct a RelayError from the reason message. */
static fromReason(reason: string): RelayError {
const [prefix, ...rest] = reason.split(': ');
return new RelayError(prefix as RelayErrorPrefix, rest.join(': '));
}
/** Throw a new RelayError if the OK message is false. */
static assert(msg: NostrRelayOK): void {
const [_, _eventId, ok, reason] = msg;
if (!ok) {
throw RelayError.fromReason(reason);
}
}
}

View File

@ -10,6 +10,7 @@ import {
} from '@nostrify/nostrify'; } from '@nostrify/nostrify';
import { relayInfoController } from '@/controllers/nostr/relay-info.ts'; import { relayInfoController } from '@/controllers/nostr/relay-info.ts';
import * as pipeline from '@/pipeline.ts'; import * as pipeline from '@/pipeline.ts';
import { RelayError } from '@/RelayError.ts';
import { Storages } from '@/storages.ts'; import { Storages } from '@/storages.ts';
import type { AppController } from '@/app.ts'; import type { AppController } from '@/app.ts';
@ -95,7 +96,7 @@ function connectStream(socket: WebSocket) {
await pipeline.handleEvent(event, AbortSignal.timeout(1000)); await pipeline.handleEvent(event, AbortSignal.timeout(1000));
send(['OK', event.id, true, '']); send(['OK', event.id, true, '']);
} catch (e) { } catch (e) {
if (e instanceof pipeline.RelayError) { if (e instanceof RelayError) {
send(['OK', event.id, false, e.message]); send(['OK', event.id, false, e.message]);
} else { } else {
send(['OK', event.id, false, 'error: something went wrong']); send(['OK', event.id, false, 'error: something went wrong']);

View File

@ -1,5 +1,6 @@
import { NostrEvent, NSchema as n } from '@nostrify/nostrify'; import { NostrEvent, NPolicy, NSchema as n } from '@nostrify/nostrify';
import { LNURL } from '@nostrify/nostrify/ln'; import { LNURL } from '@nostrify/nostrify/ln';
import { PipePolicy } from '@nostrify/nostrify/policies';
import Debug from '@soapbox/stickynotes/debug'; import Debug from '@soapbox/stickynotes/debug';
import { sql } from 'kysely'; import { sql } from 'kysely';
@ -9,6 +10,7 @@ import { deleteAttachedMedia } from '@/db/unattached-media.ts';
import { DittoEvent } from '@/interfaces/DittoEvent.ts'; import { DittoEvent } from '@/interfaces/DittoEvent.ts';
import { isEphemeralKind } from '@/kinds.ts'; import { isEphemeralKind } from '@/kinds.ts';
import { DVM } from '@/pipeline/DVM.ts'; import { DVM } from '@/pipeline/DVM.ts';
import { RelayError } from '@/RelayError.ts';
import { updateStats } from '@/stats.ts'; import { updateStats } from '@/stats.ts';
import { hydrateEvents, purifyEvent } from '@/storages/hydrate.ts'; import { hydrateEvents, purifyEvent } from '@/storages/hydrate.ts';
import { Storages } from '@/storages.ts'; import { Storages } from '@/storages.ts';
@ -21,18 +23,10 @@ import { AdminSigner } from '@/signers/AdminSigner.ts';
import { lnurlCache } from '@/utils/lnurl.ts'; import { lnurlCache } from '@/utils/lnurl.ts';
import { nip05Cache } from '@/utils/nip05.ts'; import { nip05Cache } from '@/utils/nip05.ts';
import { MuteListPolicy } from '@/policies/MuteListPolicy.ts';
const debug = Debug('ditto:pipeline'); const debug = Debug('ditto:pipeline');
let UserPolicy: any;
try {
UserPolicy = (await import('../data/policy.ts')).default;
debug('policy loaded from data/policy.ts');
} catch (_e) {
// do nothing
debug('policy not found');
}
/** /**
* Common pipeline function to process (and maybe store) events. * Common pipeline function to process (and maybe store) events.
* It is idempotent, so it can be called multiple times for the same event. * It is idempotent, so it can be called multiple times for the same event.
@ -41,18 +35,13 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
if (!(await verifyEventWorker(event))) return; if (!(await verifyEventWorker(event))) return;
if (await encounterEvent(event, signal)) return; if (await encounterEvent(event, signal)) return;
debug(`NostrEvent<${event.kind}> ${event.id}`); debug(`NostrEvent<${event.kind}> ${event.id}`);
await hydrateEvent(event, signal);
if (UserPolicy) { if (event.kind !== 24133) {
const result = await new UserPolicy().call(event, signal); await policyFilter(event);
debug(JSON.stringify(result));
const [_, _eventId, ok, reason] = result;
if (!ok) {
const [prefix, ...rest] = reason.split(': ');
throw new RelayError(prefix, rest.join(': '));
}
} }
await hydrateEvent(event, signal);
await Promise.all([ await Promise.all([
storeEvent(event, signal), storeEvent(event, signal),
parseMetadata(event, signal), parseMetadata(event, signal),
@ -66,6 +55,25 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
]); ]);
} }
async function policyFilter(event: NostrEvent): Promise<void> {
const policies: NPolicy[] = [
new MuteListPolicy(Conf.pubkey, Storages.admin),
];
try {
const CustomPolicy = (await import('../data/policy.ts')).default;
policies.push(new CustomPolicy());
} catch (_e) {
debug('policy not found - https://docs.soapbox.pub/ditto/policies/');
}
const policy = new PipePolicy(policies.reverse());
const result = await policy.call(event);
debug(JSON.stringify(result));
RelayError.assert(result);
}
/** Encounter the event, and return whether it has already been encountered. */ /** Encounter the event, and return whether it has already been encountered. */
async function encounterEvent(event: NostrEvent, signal: AbortSignal): Promise<boolean> { async function encounterEvent(event: NostrEvent, signal: AbortSignal): Promise<boolean> {
const [existing] = await Storages.cache.query([{ ids: [event.id], limit: 1 }]); const [existing] = await Storages.cache.query([{ ids: [event.id], limit: 1 }]);
@ -270,11 +278,4 @@ async function streamOut(event: NostrEvent): Promise<void> {
} }
} }
/** NIP-20 command line result. */ export { handleEvent };
class RelayError extends Error {
constructor(prefix: 'duplicate' | 'pow' | 'blocked' | 'rate-limited' | 'invalid' | 'error', message: string) {
super(`${prefix}: ${message}`);
}
}
export { handleEvent, RelayError };

View File

@ -27,7 +27,7 @@ Deno.test('block event: muted user cannot post', async () => {
const ok = await policy.call(event1authorUserMeCopy); const ok = await policy.call(event1authorUserMeCopy);
assertEquals(ok, ['OK', event1authorUserMeCopy.id, false, 'You are banned in this server.']); assertEquals(ok, ['OK', event1authorUserMeCopy.id, false, 'blocked: Your account has been deactivated.']);
}); });
Deno.test('allow event: user is NOT muted because there is no muted event', async () => { Deno.test('allow event: user is NOT muted because there is no muted event', async () => {

View File

@ -10,7 +10,7 @@ export class MuteListPolicy implements NPolicy {
const pubkeys = getTagSet(muteList?.tags ?? [], 'p'); const pubkeys = getTagSet(muteList?.tags ?? [], 'p');
if (pubkeys.has(event.pubkey)) { if (pubkeys.has(event.pubkey)) {
return ['OK', event.id, false, 'You are banned in this server.']; return ['OK', event.id, false, 'blocked: Your account has been deactivated.'];
} }
return ['OK', event.id, true, '']; return ['OK', event.id, true, ''];

View File

@ -9,6 +9,7 @@ import { z } from 'zod';
import { type AppContext } from '@/app.ts'; import { type AppContext } from '@/app.ts';
import { Conf } from '@/config.ts'; import { Conf } from '@/config.ts';
import * as pipeline from '@/pipeline.ts'; import * as pipeline from '@/pipeline.ts';
import { RelayError } from '@/RelayError.ts';
import { AdminSigner } from '@/signers/AdminSigner.ts'; import { AdminSigner } from '@/signers/AdminSigner.ts';
import { Storages } from '@/storages.ts'; import { Storages } from '@/storages.ts';
import { nostrNow } from '@/utils.ts'; import { nostrNow } from '@/utils.ts';
@ -108,12 +109,10 @@ async function updateAdminEvent<E extends EventStub>(
async function publishEvent(event: NostrEvent, c: AppContext): Promise<NostrEvent> { async function publishEvent(event: NostrEvent, c: AppContext): Promise<NostrEvent> {
debug('EVENT', event); debug('EVENT', event);
try { try {
await Promise.all([ await pipeline.handleEvent(event, c.req.raw.signal);
pipeline.handleEvent(event, c.req.raw.signal), await Storages.client.event(event);
Storages.client.event(event),
]);
} catch (e) { } catch (e) {
if (e instanceof pipeline.RelayError) { if (e instanceof RelayError) {
throw new HTTPException(422, { throw new HTTPException(422, {
res: c.json({ error: e.message }, 422), res: c.json({ error: e.message }, 422),
}); });