/convert/: when checking that author is bridged, handle cross-protocol reposts

for #1248, https://console.cloud.google.com/errors/detail/CJmhz9SqmcO6vQE;time=P7D;locations=global?project=bridgy-federated

Author: snarfed

convert.py

@@ -74,15 +74,14 @@ def convert(to, _, from_=None):
                 if type == 'share':
                     # TODO: should this be Source.base_object? That's broad
                     # though, includes inReplyTo
-                    check_bridged_to(obj_obj, from_proto=from_proto,
-                                     to_proto=to_proto)
+                    check_bridged_to(obj_obj, to_proto=to_proto)
                 elif (type in as1.CRUD_VERBS
                       and obj_obj.as1
                       and obj_obj.as1.keys() - set(['id', 'url', 'objectType'])):
                     logger.info(f'{type} activity, redirecting to Object {obj_id}')
                     return redirect(f'/{path_prefix}{obj_id}', code=301)
 
-    check_bridged_to(obj, from_proto=from_proto, to_proto=to_proto)
+    check_bridged_to(obj, to_proto=to_proto)
 
     # convert and serve
     return to_proto.convert(obj), {
@@ -91,12 +90,11 @@ def convert(to, _, from_=None):
     }
 
 
-def check_bridged_to(obj, from_proto, to_proto):
+def check_bridged_to(obj, to_proto):
     """If ``object`` or its owner isn't bridged to ``to_proto``, raises :class:`werkzeug.exceptions.HTTPException`.
 
     Args:
       obj (models.Object)
-      from_proto (subclass of protocol.Protocol)
       to_proto (subclass of protocol.Protocol)
     """
     # don't serve deletes or deleted objects
@@ -109,9 +107,10 @@ def check_bridged_to(obj, from_proto, to_proto):
 
     # check that owner has this protocol enabled
     if owner := as1.get_owner(obj.as1):
-        user = from_proto.get_or_create(owner)
-        if not user or not user.is_enabled(to_proto):
-            error(f"{from_proto.LABEL} user {owner} isn't bridged to {to_proto.LABEL}", status=404)
+        if from_proto := Protocol.for_id(owner):
+            user = from_proto.get_or_create(owner)
+            if not user or not user.is_enabled(to_proto):
+                error(f"{from_proto.LABEL} user {owner} isn't bridged to {to_proto.LABEL}", status=404)
 
 
 @app.get('/render')

tests/test_convert.py

@@ -127,7 +127,7 @@ def test_fake_to_other_no_copy(self):
         self.assertEqual(404, resp.status_code)
 
     @patch.object(Fake, 'HAS_COPIES', new=False)
-    def test_fake_to_other_user_not_enabled(self):
+    def test_eefake_to_other_user_not_enabled(self):
         """https://github.com/snarfed/bridgy-fed/issues/1248"""
         self.make_user('eefake:user', cls=ExplicitEnableFake, enabled_protocols=[])
         self.store_object(id='eefake:post', our_as1={'author': 'eefake:user'},
@@ -137,7 +137,7 @@ def test_fake_to_other_user_not_enabled(self):
                                base_url='https://eefake.brid.gy/')
         self.assertEqual(404, resp.status_code)
 
-    def test_fake_to_other_repost_original_post_no_copy(self):
+    def test_eefake_to_other_repost_original_post_no_copy(self):
         """https://github.com/snarfed/bridgy-fed/issues/1248"""
         self.make_user('eefake:user', cls=ExplicitEnableFake,
                        enabled_protocols=['other'])
@@ -153,12 +153,12 @@ def test_fake_to_other_repost_original_post_no_copy(self):
             'actor': 'eefake:user',
         })
 
-        resp = self.client.get(f'/convert/other/fake:repost',
-                               base_url='https://fa.brid.gy/')
+        resp = self.client.get(f'/convert/other/eefake:repost',
+                               base_url='https://eefake.brid.gy/')
         self.assertEqual(404, resp.status_code)
 
     @patch.object(Fake, 'HAS_COPIES', new=False)
-    def test_fake_to_other_repost_original_author_not_enabled(self):
+    def test_eefake_to_other_repost_original_author_not_enabled(self):
         """https://github.com/snarfed/bridgy-fed/issues/1248"""
         self.make_user('eefake:user', cls=ExplicitEnableFake,
                        enabled_protocols=['other'])
@@ -173,6 +173,24 @@ def test_fake_to_other_repost_original_author_not_enabled(self):
             'actor': 'eefake:user',
         })
 
+        resp = self.client.get(f'/convert/other/eefake:repost',
+                               base_url='https://eefake.brid.gy/')
+        self.assertEqual(404, resp.status_code)
+
+    @patch.object(Fake, 'HAS_COPIES', new=False)
+    def test_fake_to_other_repost_of_eefake_original_author_not_enabled(self):
+        self.make_user('fake:user', cls=Fake, enabled_protocols=['other'])
+        self.make_user('eefake:orig-user', cls=ExplicitEnableFake,
+                       enabled_protocols=['fake'])  # not other
+
+        self.store_object(id='eefake:post', our_as1={'author': 'eefake:orig-user'})
+        self.store_object(id='fake:repost', our_as1={
+            'objectType': 'activity',
+            'verb': 'share',
+            'object': 'eefake:post',
+            'actor': 'fake:user',
+        })
+
         resp = self.client.get(f'/convert/other/fake:repost',
                                base_url='https://fa.brid.gy/')
         self.assertEqual(404, resp.status_code)
@@ -385,6 +403,7 @@ def test_web_to_activitypub_no_user(self, mock_get):
             hcard,
             hcard,
             hcard,
+            requests_response(status=404),       # webfinger for protocol inference
             requests_response('<html></html>'),  # user for is_enabled protocol check
         ]