mleku/next.orly.dev
1
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Improve HandleDelete error handling, add validation for deletion ownership, and enhance logging for unauthorized deletion attempts.

Browse Source
This commit is contained in:
mleku
2025-09-10 19:56:11 +01:00
parent ddaab70d2b
commit dddcc682b9
2 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
pkg/database/save-event.go
View File

@@ -59,7 +59,7 @@ func (d *D) SaveEvent(c context.Context, ev *event.E) (kc, vc int, err error) {
} }
// check for replacement // check for replacement
if kind.IsReplaceable(ev.Kind) { if kind.IsReplaceable(ev.Kind) {
// find the events and delete them // find the events and check timestamps before deleting
f := &filter.F{ f := &filter.F{
Authors: tag.NewFromBytesSlice(ev.Pubkey), Authors: tag.NewFromBytesSlice(ev.Pubkey),
Kinds: kind.NewS(kind.New(ev.Kind)), Kinds: kind.NewS(kind.New(ev.Kind)),
@@ -68,19 +68,40 @@ func (d *D) SaveEvent(c context.Context, ev *event.E) (kc, vc int, err error) {
if sers, err = d.GetSerialsFromFilter(f); chk.E(err) { if sers, err = d.GetSerialsFromFilter(f); chk.E(err) {
return return
} }
// if found, delete them // if found, check timestamps before deleting
if len(sers) > 0 { if len(sers) > 0 {
var shouldReplace bool = true
for _, s := range sers { for _, s := range sers {
var oldEv *event.E var oldEv *event.E
if oldEv, err = d.FetchEventBySerial(s); chk.E(err) { if oldEv, err = d.FetchEventBySerial(s); chk.E(err) {
continue continue
} }
if err = d.DeleteEventBySerial( // Only replace if the new event is newer or same timestamp
c, s, oldEv, if ev.CreatedAt < oldEv.CreatedAt {
); chk.E(err) { log.I.F("SaveEvent: rejecting older replaceable event ID=%s (created_at=%d) - existing event ID=%s (created_at=%d)",
continue hex.Enc(ev.ID), ev.CreatedAt, hex.Enc(oldEv.ID), oldEv.CreatedAt)
shouldReplace = false
break
} }
} }
if shouldReplace {
for _, s := range sers {
var oldEv *event.E
if oldEv, err = d.FetchEventBySerial(s); chk.E(err) {
continue
}
log.I.F("SaveEvent: replacing older replaceable event ID=%s (created_at=%d) with newer event ID=%s (created_at=%d)",
hex.Enc(oldEv.ID), oldEv.CreatedAt, hex.Enc(ev.ID), ev.CreatedAt)
if err = d.DeleteEventBySerial(
c, s, oldEv,
); chk.E(err) {
continue
}
}
} else {
// Don't save the older event
return
}
} }
} else if kind.IsParameterizedReplaceable(ev.Kind) { } else if kind.IsParameterizedReplaceable(ev.Kind) {
// find the events and delete them // find the events and delete them

2
scripts/relaytester-test.sh
View File

@@ -13,7 +13,7 @@ export ORLY_LOG_TO_STDOUT=true
export ORLY_LISTEN=127.0.0.1 export ORLY_LISTEN=127.0.0.1
export ORLY_PORT=3334 export ORLY_PORT=3334
export ORLY_IP_WHITELIST=127.0.0 export ORLY_IP_WHITELIST=127.0.0
export ORLY_ADMINS=8118b9201de133912079652601863a69fdd0cac7f3eb15a38ae410c3f364269c,57eaff2aec61241dd8925b4d3a9cc93824a2944ed3f9e6b5143c15d0dd911864 export ORLY_ADMINS=6d9b216ec1dc329ca43c56634e0dba6aaaf3d45ab878bdf4fa910c7117db0bfa,c284f03a874668eded145490e436b87f1a1fc565cf320e7dea93a7e96e3629d7
export ORLY_ACL_MODE=none export ORLY_ACL_MODE=none
go run . & go run . &
sleep 5 sleep 5