misty.cafe/mistykey
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

merge: Optionally log remote ActivityPub objects to database (!833)

Browse source 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/833

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
This commit is contained in:
Hazelnoot 2025-02-18 19:51:13 +00:00
commit c28b27b57f
28 changed files with 900 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

207
packages/backend/src/core/ApLogService.ts Normal file
View file

@ -0,0 +1,207 @@
/*
* SPDX-FileCopyrightText: hazelnoot and other Sharkey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { createHash } from 'crypto';
import { Inject, Injectable } from '@nestjs/common';
import { In, LessThan } from 'typeorm';
import { DI } from '@/di-symbols.js';
import { SkApFetchLog, SkApInboxLog, SkApContext } from '@/models/_.js';
import type { ApContextsRepository, ApFetchLogsRepository, ApInboxLogsRepository } from '@/models/_.js';
import type { Config } from '@/config.js';
import { JsonValue } from '@/misc/json-value.js';
import { UtilityService } from '@/core/UtilityService.js';
import { IdService } from '@/core/IdService.js';
import { IActivity, IObject } from './activitypub/type.js';
@Injectable()
export class ApLogService {
constructor(
@Inject(DI.config)
private readonly config: Config,
@Inject(DI.apContextsRepository)
private apContextsRepository: ApContextsRepository,
@Inject(DI.apInboxLogsRepository)
private readonly apInboxLogsRepository: ApInboxLogsRepository,
@Inject(DI.apFetchLogsRepository)
private readonly apFetchLogsRepository: ApFetchLogsRepository,
private readonly utilityService: UtilityService,
private readonly idService: IdService,
) {}
/**
* Creates an inbox log from an activity, and saves it if pre-save is enabled.
*/
public async createInboxLog(data: Partial<SkApInboxLog> & {
activity: IActivity,
keyId: string,
}): Promise<SkApInboxLog> {
const { object: activity, context, contextHash } = extractObjectContext(data.activity);
const host = this.utilityService.extractDbHost(data.keyId);
const log = new SkApInboxLog({
id: this.idService.gen(),
at: new Date(),
verified: false,
accepted: false,
host,
...data,
activity,
context,
contextHash,
});
if (this.config.activityLogging.preSave) {
await this.saveInboxLog(log);
}
return log;
}
/**
* Saves or finalizes an inbox log.
*/
public async saveInboxLog(log: SkApInboxLog): Promise<SkApInboxLog> {
if (log.context) {
await this.saveContext(log.context);
}
// Will be UPDATE with preSave, and INSERT without.
await this.apInboxLogsRepository.upsert(log, ['id']);
return log;
}
/**
* Creates a fetch log from an activity, and saves it if pre-save is enabled.
*/
public async createFetchLog(data: Partial<SkApFetchLog> & {
requestUri: string
host: string,
}): Promise<SkApFetchLog> {
const log = new SkApFetchLog({
id: this.idService.gen(),
at: new Date(),
accepted: false,
...data,
});
if (this.config.activityLogging.preSave) {
await this.saveFetchLog(log);
}
return log;
}
/**
* Saves or finalizes a fetch log.
*/
public async saveFetchLog(log: SkApFetchLog): Promise<SkApFetchLog> {
if (log.context) {
await this.saveContext(log.context);
}
// Will be UPDATE with preSave, and INSERT without.
await this.apFetchLogsRepository.upsert(log, ['id']);
return log;
}
private async saveContext(context: SkApContext): Promise<void> {
// https://stackoverflow.com/a/47064558
await this.apContextsRepository
.createQueryBuilder('activity_context')
.insert()
.into(SkApContext)
.values(context)
.orIgnore('md5')
.execute();
}
/**
* Deletes all logged copies of an object or objects
* @param objectUris URIs / AP IDs of the objects to delete
*/
public async deleteObjectLogs(objectUris: string | string[]): Promise<number> {
if (Array.isArray(objectUris)) {
const logsDeleted = await this.apFetchLogsRepository.delete({
objectUri: In(objectUris),
});
return logsDeleted.affected ?? 0;
} else {
const logsDeleted = await this.apFetchLogsRepository.delete({
objectUri: objectUris,
});
return logsDeleted.affected ?? 0;
}
}
/**
* Deletes all expired AP logs and garbage-collects the AP context cache.
* Returns the total number of deleted rows.
*/
public async deleteExpiredLogs(): Promise<number> {
// This is the date in UTC of the oldest log to KEEP
const oldestAllowed = new Date(Date.now() - this.config.activityLogging.maxAge);
// Delete all logs older than the threshold.
const inboxDeleted = await this.deleteExpiredInboxLogs(oldestAllowed);
const fetchDeleted = await this.deleteExpiredFetchLogs(oldestAllowed);
return inboxDeleted + fetchDeleted;
}
private async deleteExpiredInboxLogs(oldestAllowed: Date): Promise<number> {
const { affected } = await this.apInboxLogsRepository.delete({
at: LessThan(oldestAllowed),
});
return affected ?? 0;
}
private async deleteExpiredFetchLogs(oldestAllowed: Date): Promise<number> {
const { affected } = await this.apFetchLogsRepository.delete({
at: LessThan(oldestAllowed),
});
return affected ?? 0;
}
}
export function extractObjectContext<T extends IObject>(input: T) {
const object = Object.assign({}, input, { '@context': undefined }) as Omit<T, '@context'>;
const { context, contextHash } = parseContext(input['@context']);
return { object, context, contextHash };
}
export function parseContext(input: JsonValue | undefined): { contextHash: string | null, context: SkApContext | null } {
// Empty contexts are excluded for easier querying
if (input == null) {
return {
contextHash: null,
context: null,
};
}
const contextHash = createHash('md5').update(JSON.stringify(input)).digest('base64');
const context = new SkApContext({
md5: contextHash,
json: input,
});
return { contextHash, context };
}
export function calculateDurationSince(startTime: bigint): number {
// Calculate the processing time with correct rounding and decimals.
// 1. Truncate nanoseconds to microseconds
// 2. Scale to 1/10 millisecond ticks.
// 3. Round to nearest tick.
// 4. Sale to milliseconds
// Example: 123,456,789 ns -> 123,456 us -> 12,345.6 ticks -> 12,346 ticks -> 123.46 ms
const endTime = process.hrtime.bigint();
return Math.round(Number((endTime - startTime) / 1000n) / 10) / 100;
}

6
packages/backend/src/core/CoreModule.ts
View file

@ -157,6 +157,7 @@ import { QueueService } from './QueueService.js';
import { LoggerService } from './LoggerService.js';
import { SponsorsService } from './SponsorsService.js';
import type { Provider } from '@nestjs/common';
import { ApLogService } from '@/core/ApLogService.js';
//#region 文字列ベースでのinjection用(循環参照対応のため)
const $LoggerService: Provider = { provide: 'LoggerService', useExisting: LoggerService };
@ -166,6 +167,7 @@ const $AccountMoveService: Provider = { provide: 'AccountMoveService', useExisti
const $AccountUpdateService: Provider = { provide: 'AccountUpdateService', useExisting: AccountUpdateService };
const $AnnouncementService: Provider = { provide: 'AnnouncementService', useExisting: AnnouncementService };
const $AntennaService: Provider = { provide: 'AntennaService', useExisting: AntennaService };
const $ApLogService: Provider = { provide: 'ApLogService', useExisting: ApLogService };
const $AppLockService: Provider = { provide: 'AppLockService', useExisting: AppLockService };
const $AchievementService: Provider = { provide: 'AchievementService', useExisting: AchievementService };
const $AvatarDecorationService: Provider = { provide: 'AvatarDecorationService', useExisting: AvatarDecorationService };
@ -322,6 +324,7 @@ const $SponsorsService: Provider = { provide: 'SponsorsService', useExisting: Sp
AccountUpdateService,
AnnouncementService,
AntennaService,
ApLogService,
AppLockService,
AchievementService,
AvatarDecorationService,
@ -474,6 +477,7 @@ const $SponsorsService: Provider = { provide: 'SponsorsService', useExisting: Sp
$AccountUpdateService,
$AnnouncementService,
$AntennaService,
$ApLogService,
$AppLockService,
$AchievementService,
$AvatarDecorationService,
@ -627,6 +631,7 @@ const $SponsorsService: Provider = { provide: 'SponsorsService', useExisting: Sp
AccountUpdateService,
AnnouncementService,
AntennaService,
ApLogService,
AppLockService,
AchievementService,
AvatarDecorationService,
@ -778,6 +783,7 @@ const $SponsorsService: Provider = { provide: 'SponsorsService', useExisting: Sp
$AccountUpdateService,
$AnnouncementService,
$AntennaService,
$ApLogService,
$AppLockService,
$AchievementService,
$AvatarDecorationService,

16
packages/backend/src/core/NoteDeleteService.ts
View file

@ -24,9 +24,14 @@ import { SearchService } from '@/core/SearchService.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
import { isQuote, isRenote } from '@/misc/is-renote.js';
import { LatestNoteService } from '@/core/LatestNoteService.js';
import { ApLogService } from '@/core/ApLogService.js';
import Logger from '@/logger.js';
import { LoggerService } from './LoggerService.js';
@Injectable()
export class NoteDeleteService {
private readonly logger: Logger;
constructor(
@Inject(DI.config)
private config: Config,
@ -55,7 +60,11 @@ export class NoteDeleteService {
private perUserNotesChart: PerUserNotesChart,
private instanceChart: InstanceChart,
private latestNoteService: LatestNoteService,
) {}
private readonly apLogService: ApLogService,
loggerService: LoggerService,
) {
this.logger = loggerService.getLogger('note-delete-service');
}
/**
* 稿
@ -156,6 +165,11 @@ export class NoteDeleteService {
note: note,
});
}
if (note.uri) {
this.apLogService.deleteObjectLogs(note.uri)
.catch(err => this.logger.error(err, `Failed to delete AP logs for note '${note.uri}'`));
}
}
@bindThis

61
packages/backend/src/core/activitypub/ApResolverService.ts
View file

@ -7,7 +7,7 @@ import { Inject, Injectable } from '@nestjs/common';
import { IsNull, Not } from 'typeorm';
import type { MiLocalUser, MiRemoteUser } from '@/models/User.js';
import { InstanceActorService } from '@/core/InstanceActorService.js';
import type { NotesRepository, PollsRepository, NoteReactionsRepository, UsersRepository, FollowRequestsRepository, MiMeta } from '@/models/_.js';
import type { NotesRepository, PollsRepository, NoteReactionsRepository, UsersRepository, FollowRequestsRepository, MiMeta, SkApFetchLog } from '@/models/_.js';
import type { Config } from '@/config.js';
import { HttpRequestService } from '@/core/HttpRequestService.js';
import { DI } from '@/di-symbols.js';
@ -17,7 +17,8 @@ import { LoggerService } from '@/core/LoggerService.js';
import type Logger from '@/logger.js';
import { fromTuple } from '@/misc/from-tuple.js';
import { IdentifiableError } from '@/misc/identifiable-error.js';
import { isCollectionOrOrderedCollection } from './type.js';
import { ApLogService, calculateDurationSince, extractObjectContext } from '@/core/ApLogService.js';
import { getNullableApId, isCollectionOrOrderedCollection } from './type.js';
import { ApDbResolverService } from './ApDbResolverService.js';
import { ApRendererService } from './ApRendererService.js';
import { ApRequestService } from './ApRequestService.js';
@ -43,6 +44,7 @@ export class Resolver {
private apRendererService: ApRendererService,
private apDbResolverService: ApDbResolverService,
private loggerService: LoggerService,
private readonly apLogService: ApLogService,
private recursionLimit = 256,
) {
this.history = new Set();
@ -81,6 +83,44 @@ export class Resolver {
return value;
}
const host = this.utilityService.extractDbHost(value);
if (this.config.activityLogging.enabled && !this.utilityService.isSelfHost(host)) {
return await this._resolveLogged(value, host);
} else {
return await this._resolve(value, host);
}
}
private async _resolveLogged(requestUri: string, host: string): Promise<IObject> {
const startTime = process.hrtime.bigint();
const log = await this.apLogService.createFetchLog({
host: host,
requestUri,
});
try {
const result = await this._resolve(requestUri, host, log);
log.accepted = true;
log.result = 'ok';
return result;
} catch (err) {
log.accepted = false;
log.result = String(err);
throw err;
} finally {
log.duration = calculateDurationSince(startTime);
// Save or finalize asynchronously
this.apLogService.saveFetchLog(log)
.catch(err => this.logger.error('Failed to record AP object fetch:', err));
}
}
private async _resolve(value: string, host: string, log?: SkApFetchLog): Promise<IObject> {
if (value.includes('#')) {
// URLs with fragment parts cannot be resolved correctly because
// the fragment part does not get transmitted over HTTP(S).
@ -98,7 +138,6 @@ export class Resolver {
this.history.add(value);
const host = this.utilityService.extractDbHost(value);
if (this.utilityService.isSelfHost(host)) {
return await this.resolveLocal(value);
}
@ -115,6 +154,20 @@ export class Resolver {
? await this.apRequestService.signedGet(value, this.user) as IObject
: await this.httpRequestService.getActivityJson(value)) as IObject;
if (log) {
const { object: objectOnly, context, contextHash } = extractObjectContext(object);
const objectUri = getNullableApId(object);
if (objectUri) {
log.objectUri = objectUri;
log.host = this.utilityService.extractDbHost(objectUri);
}
log.object = objectOnly;
log.context = context;
log.contextHash = contextHash;
}
if (
Array.isArray(object['@context']) ?
!(object['@context'] as unknown[]).includes('https://www.w3.org/ns/activitystreams') :
@ -232,6 +285,7 @@ export class ApResolverService {
private apRendererService: ApRendererService,
private apDbResolverService: ApDbResolverService,
private loggerService: LoggerService,
private readonly apLogService: ApLogService,
) {
}
@ -252,6 +306,7 @@ export class ApResolverService {
this.apRendererService,
this.apDbResolverService,
this.loggerService,
this.apLogService,
);
}
}