LBRYCommunity/comment-server
1
0
Fork 0
Code Issues 18 Pull requests 1 Projects Releases Packages Wiki Activity

Requires credential input for comment creation

Browse source
This commit is contained in:
Oleg Silkin 2020-02-18 14:36:38 -05:00
parent 6329ef1011
commit ac69cd6966
2 changed files with 17 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/database/writes.py
View file

@ -18,8 +18,7 @@ logger = logging.getLogger(__name__)
def create_comment_or_error(conn, comment, claim_id=None, channel_id=None, channel_name=None, def create_comment_or_error(conn, comment, claim_id=None, channel_id=None, channel_name=None,
signature=None, signing_ts=None, parent_id=None) -> dict: signature=None, signing_ts=None, parent_id=None) -> dict:
if channel_id and channel_name: insert_channel_or_error(conn, channel_name, channel_id)
insert_channel_or_error(conn, channel_name, channel_id)
fn = db.insert_comment if parent_id is None else db.insert_reply fn = db.insert_comment if parent_id is None else db.insert_reply
comment_id = fn( comment_id = fn(
conn=conn, conn=conn,
@ -65,7 +64,7 @@ async def _abandon_comment(app, comment_id): # DELETE
async def create_comment(app, params): async def create_comment(app, params):
if is_valid_base_comment(**params) and is_valid_credential_input(**params): if is_valid_base_comment(**params):
job = await app['comment_scheduler'].spawn(_create_comment(app, params)) job = await app['comment_scheduler'].spawn(_create_comment(app, params))
comment = await job.wait() comment = await job.wait()
if comment: if comment:

28
src/server/validation.py
View file

@ -51,23 +51,25 @@ def claim_id_is_valid(claim_id: str) -> bool:
def is_valid_base_comment(comment: str, claim_id: str, parent_id: str = None, **kwargs) -> bool: def is_valid_base_comment(comment: str, claim_id: str, parent_id: str = None, **kwargs) -> bool:
return comment is not None and body_is_valid(comment) and \ return comment and body_is_valid(comment) and \
((claim_id is not None and claim_id_is_valid(claim_id)) or ((claim_id and claim_id_is_valid(claim_id)) or # parentid is used in place of claimid in replies
(parent_id is not None and comment_id_is_valid(parent_id))) (parent_id and comment_id_is_valid(parent_id))) \
and is_valid_credential_input(**kwargs)
def is_valid_credential_input(channel_id: str = None, channel_name: str = None, def is_valid_credential_input(channel_id: str = None, channel_name: str = None,
signature: str = None, signing_ts: str = None, **kwargs) -> bool: signature: str = None, signing_ts: str = None, **kwargs) -> bool:
if channel_id or channel_name or signature or signing_ts: try:
try: assert channel_id and channel_name and signature and signing_ts
assert channel_id and channel_name and signature and signing_ts assert is_valid_channel(channel_id, channel_name)
assert is_valid_channel(channel_id, channel_name) assert len(signature) == 128
assert len(signature) == 128 assert signing_ts.isalnum()
assert signing_ts.isalnum() except Exception as e:
logger.exception(f'Failed to validate channel: lbry://{channel_name}#{channel_id}, '
except Exception: f'signature: {signature} signing_ts: {signing_ts}')
return False return False
return True finally:
return True
def validate_signature_from_claim(claim: dict, signature: typing.Union[str, bytes], def validate_signature_from_claim(claim: dict, signature: typing.Union[str, bytes],