mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-10-18 08:08:31 +00:00
fix: make sure to use unaltered fields when saving a shadow copy for updated profiles or comments (#8533)
Follow-up of !6977 ### Manual testing - User **S** creates an organization **O** and posts a comment **C** (on a random issue); - User **R** report as abuse the comment **C**, the organization **O** as well as the user **S**; - User **S** changes the content of comment **C** and the description of organization **O** as well as the description of their own profile; - Check (within DB) that shadow copies are being created (and linked to corresponding abuse reports) for comment **C**, organization **O** and user **S** and the content is the one from the moment when the reports were submitted (therefore before the updates made by **S**). Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8533 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: floss4good <floss4good@disroot.org> Co-committed-by: floss4good <floss4good@disroot.org>
This commit is contained in:
floss4good
Otto
parent
b83a554921
commit
95e8bbd5f0
11 changed files with 173 additions and 11 deletions
|
|
@ -73,16 +73,20 @@ var userDataColumnNames = sync.OnceValue(func() []string {
|
|||
// and if found a shadow copy of relevant user fields will be stored into DB and linked to the above report(s).
|
||||
// This function should be called before a user is deleted or updated.
|
||||
//
|
||||
// In case the User object was already altered before calling this method, just provide the userID and
|
||||
// nil for unalteredUser; when it is decided that a shadow copy should be created and unalteredUser is nil,
|
||||
// the user will be retrieved from DB based on the provided userID.
|
||||
//
|
||||
// For deletions alteredCols argument must be omitted.
|
||||
//
|
||||
// In case of updates it will first checks whether any of the columns being updated (alteredCols argument)
|
||||
// is relevant for moderation purposes (i.e. included in the UserData struct).
|
||||
func IfNeededCreateShadowCopyForUser(ctx context.Context, user *User, alteredCols ...string) error {
|
||||
func IfNeededCreateShadowCopyForUser(ctx context.Context, userID int64, unalteredUser *User, alteredCols ...string) error {
|
||||
// TODO: this can be triggered quite often (e.g. by routers/web/repo/middlewares.go SetDiffViewStyle())
|
||||
|
||||
shouldCheckIfNeeded := len(alteredCols) == 0 // no columns being updated, therefore a deletion
|
||||
if !shouldCheckIfNeeded {
|
||||
// for updates we need to go further only if certain column are being changed
|
||||
// for updates we need to go further only if certain columns are being changed
|
||||
for _, colName := range userDataColumnNames() {
|
||||
if shouldCheckIfNeeded = slices.Contains(alteredCols, colName); shouldCheckIfNeeded {
|
||||
break
|
||||
|
|
@ -94,18 +98,23 @@ func IfNeededCreateShadowCopyForUser(ctx context.Context, user *User, alteredCol
|
|||
return nil
|
||||
}
|
||||
|
||||
shadowCopyNeeded, err := moderation.IsShadowCopyNeeded(ctx, moderation.ReportedContentTypeUser, user.ID)
|
||||
shadowCopyNeeded, err := moderation.IsShadowCopyNeeded(ctx, moderation.ReportedContentTypeUser, userID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if shadowCopyNeeded {
|
||||
userData := newUserData(user)
|
||||
if unalteredUser == nil {
|
||||
if unalteredUser, err = GetUserByID(ctx, userID); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
userData := newUserData(unalteredUser)
|
||||
content, err := json.Marshal(userData)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return moderation.CreateShadowCopyForUser(ctx, user.ID, string(content))
|
||||
return moderation.CreateShadowCopyForUser(ctx, userID, string(content))
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue