src/database/queries.py

@@ -118,12 +118,13 @@ def insert_comment(conn: sqlite3.Connection, claim_id: str, comment: str, parent
     with conn:
         conn.execute(
             """
-            INSERT INTO COMMENT(CommentId, LbryClaimId, ChannelId, Body, ParentId, Timestamp, Signature, SigningTs) 
+            INSERT INTO COMMENT(CommentId, LbryClaimId, ChannelId, Body, ParentId, 
+                                    Timestamp, Signature, SigningTs) 
             VALUES (?, ?, ?, ?, ?, ?, ?, ?) 
             """,
             (comment_id, claim_id, channel_id, comment, parent_id, timestamp, signature, signing_ts)
         )
-    logger.info('Inserted Comment into DB, `comment_id`: %s', comment_id)
+    logging.info('Inserted Comment into DB, `comment_id`: %s', comment_id)
     return comment_id
 
 

src/database/writes.py

@@ -3,6 +3,7 @@ import sqlite3
 
 from asyncio import coroutine
 
+from server.misc import get_claim_from_id
 from src.database.queries import hide_comments_by_id
 from src.database.queries import delete_comment_by_id
 from src.database.queries import get_comment_or_none
@@ -10,7 +11,6 @@ from src.database.queries import insert_comment
 from src.database.queries import insert_channel
 from src.database.queries import get_claim_ids_from_comment_ids
 from src.server.misc import is_authentic_delete_signal
-from src.server.misc import request_lbrynet
 from src.server.misc import validate_signature_from_claim
 from src.server.misc import channel_matches_pattern_or_error
 
@@ -41,9 +41,9 @@ async def abandon_comment(app, comment_id):
     return await coroutine(delete_comment_by_id)(app['writer'], comment_id)
 
 
-async def abandon_comment_if_authorized(app, comment_id, **kwargs):
-    authorized = await is_authentic_delete_signal(app, comment_id, **kwargs)
-    if not authorized:
+async def abandon_comment_if_authorized(app, comment_id, channel_id, signature, signing_ts, **kwargs):
+    claim = await get_claim_from_id(app, channel_id)
+    if not validate_signature_from_claim(claim, signature, signing_ts, comment_id):
         return False
 
     job = await app['comment_scheduler'].spawn(abandon_comment(app, comment_id))
@@ -58,10 +58,6 @@ async def hide_comments(app, comment_ids):
     return await coroutine(hide_comments_by_id)(app['writer'], comment_ids)
 
 
-async def claim_search(app, **kwargs):
-    return (await request_lbrynet(app, 'claim_search', **kwargs))['items'][0]
-
-
 async def hide_comments_where_authorized(app, pieces: list):
     comment_cids = get_claim_ids_from_comment_ids(
         conn=app['reader'],
@@ -73,7 +69,7 @@ async def hide_comments_where_authorized(app, pieces: list):
     for p in pieces:
         claim_id = comment_cids[p['comment_id']]
         if claim_id not in claims:
-            claims[claim_id] = await claim_search(app, claim_id=claim_id, no_totals=True)
+            claims[claim_id] = await get_claim_from_id(app, claim_id, no_totals=True)
         channel = claims[claim_id].get('signing_channel')
         if validate_signature_from_claim(channel, p['signature'], p['signing_ts'], p['comment_id']):
             comments_to_hide.append(p['comment_id'])

src/server/misc.py

@@ -59,6 +59,10 @@ async def request_lbrynet(app, method, **params):
         raise Exception("Server cannot verify delete signature")
 
 
+async def get_claim_from_id(app, claim_id, **kwargs):
+    return (await request_lbrynet(app, 'claim_search', no_totals=True, claim_id=claim_id, **kwargs))['items'][0]
+
+
 def get_encoded_signature(signature):
     signature = signature.encode() if type(signature) is str else signature
     r = int(signature[:int(len(signature) / 2)], 16)
@@ -110,8 +114,7 @@ def is_valid_credential_input(channel_id=None, channel_name=None, signature=None
 
 
 async def is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature, signing_ts):
-    lbry_url = f'lbry://{channel_name}#{channel_id}'
-    claim = await request_lbrynet(app, 'resolve', urls=[lbry_url])
+    claim = await get_claim_from_id(app, claim_id=channel_id)
     if claim:
         public_key = claim['value']['public_key']
         claim_hash = binascii.unhexlify(claim['claim_id'].encode())[::-1]