GKaszewski/movies-diary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

federation refinement

Browse Source
This commit is contained in:
Gabriel Kaszewski
2026-05-09 13:53:45 +02:00
parent df71748897
commit 470b29c9e1
56 changed files with 1513 additions and 544 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
crates/adapters/sqlite/migrations/0004_username.sql Normal file
View File

@@ -0,0 +1,33 @@
-- Recreate users table with username column
CREATE TABLE users_new (
id TEXT PRIMARY KEY,
email TEXT NOT NULL UNIQUE,
username TEXT NOT NULL UNIQUE,
password_hash TEXT NOT NULL,
created_at TEXT NOT NULL
);
-- Derive username from email local part, sanitising common invalid chars.
-- REPLACE chains handle the most common email chars. The NOT NULL UNIQUE
-- constraint will surface any remaining collision (rare for personal instances).
INSERT INTO users_new (id, email, username, password_hash, created_at)
SELECT
id,
email,
CASE
WHEN LENGTH(REPLACE(REPLACE(REPLACE(REPLACE(
LOWER(SUBSTR(email, 1, INSTR(email, '@') - 1)),
'.', '_'), '+', '_'), '-', '-'), ' ', '_')) < 2
THEN REPLACE(REPLACE(REPLACE(REPLACE(
LOWER(SUBSTR(email, 1, INSTR(email, '@') - 1)),
'.', '_'), '+', '_'), '-', '-'), ' ', '_') || '_x'
ELSE REPLACE(REPLACE(REPLACE(REPLACE(
LOWER(SUBSTR(email, 1, INSTR(email, '@') - 1)),
'.', '_'), '+', '_'), '-', '-'), ' ', '_')
END,
password_hash,
created_at
FROM users;
DROP TABLE users;
ALTER TABLE users_new RENAME TO users;

11
crates/adapters/sqlite/migrations/0005_activitypub_v2.sql Normal file
View File

@@ -0,0 +1,11 @@
-- Store the original Follow activity URL so Undo/Reject can reference it correctly
ALTER TABLE ap_following ADD COLUMN follow_activity_id TEXT;
-- Track whether our outbound follow was accepted by the remote server
ALTER TABLE ap_following ADD COLUMN status TEXT NOT NULL DEFAULT 'pending';
-- Store the AP object URL on reviews so DeleteActivity can target by ID
ALTER TABLE reviews ADD COLUMN ap_id TEXT;
-- Partial unique index: ap_id is only set on remote reviews; local reviews have NULL
CREATE UNIQUE INDEX IF NOT EXISTS idx_reviews_ap_id ON reviews (ap_id) WHERE ap_id IS NOT NULL;

146
crates/adapters/sqlite/src/federation.rs
View File

@@ -3,7 +3,7 @@ use async_trait::async_trait;
use chrono::Utc;
use sqlx::{Row, SqlitePool};
use activitypub::repository::{FederationRepository, Follower, FollowerStatus, RemoteActor};
use activitypub::repository::{FederationRepository, Follower, FollowerStatus, FollowingStatus, RemoteActor};
use domain::models::{Review, ReviewSource};
use domain::value_objects::UserId;
@@ -146,7 +146,7 @@ impl FederationRepository for SqliteFederationRepository {
Ok(())
}
async fn add_following(&self, local_user_id: UserId, actor: RemoteActor) -> Result<()> {
async fn add_following(&self, local_user_id: UserId, actor: RemoteActor, follow_activity_id: &str) -> Result<()> {
let uid = local_user_id.value().to_string();
let now = Utc::now().naive_utc();
let created_at = datetime_to_str(&now);
@@ -154,11 +154,12 @@ impl FederationRepository for SqliteFederationRepository {
self.upsert_remote_actor(actor.clone()).await?;
sqlx::query(
"INSERT OR IGNORE INTO ap_following (local_user_id, remote_actor_url, created_at)
VALUES (?, ?, ?)",
"INSERT OR IGNORE INTO ap_following (local_user_id, remote_actor_url, follow_activity_id, created_at)
VALUES (?, ?, ?, ?)",
)
.bind(&uid)
.bind(&actor.url)
.bind(follow_activity_id)
.bind(&created_at)
.execute(&self.pool)
.await?;
@@ -166,6 +167,18 @@ impl FederationRepository for SqliteFederationRepository {
Ok(())
}
async fn get_follow_activity_id(&self, local_user_id: UserId, remote_actor_url: &str) -> Result<Option<String>> {
let uid = local_user_id.value().to_string();
let row: Option<Option<String>> = sqlx::query_scalar(
"SELECT follow_activity_id FROM ap_following WHERE local_user_id = ? AND remote_actor_url = ?",
)
.bind(&uid)
.bind(remote_actor_url)
.fetch_optional(&self.pool)
.await?;
Ok(row.flatten())
}
async fn remove_following(&self, local_user_id: UserId, actor_url: &str) -> Result<()> {
let uid = local_user_id.value().to_string();
@@ -187,7 +200,7 @@ impl FederationRepository for SqliteFederationRepository {
"SELECT a.url, a.handle, a.inbox_url, a.shared_inbox_url, a.display_name
FROM ap_following f
INNER JOIN ap_remote_actors a ON a.url = f.remote_actor_url
WHERE f.local_user_id = ?",
WHERE f.local_user_id = ? AND f.status = 'accepted'",
)
.bind(&uid)
.fetch_all(&self.pool)
@@ -210,7 +223,7 @@ impl FederationRepository for SqliteFederationRepository {
async fn count_following(&self, local_user_id: UserId) -> Result<usize> {
let uid = local_user_id.value().to_string();
let count: i64 = sqlx::query_scalar(
"SELECT COUNT(*) FROM ap_following WHERE local_user_id = ?",
"SELECT COUNT(*) FROM ap_following WHERE local_user_id = ? AND status = 'accepted'",
)
.bind(&uid)
.fetch_one(&self.pool)
@@ -296,7 +309,7 @@ impl FederationRepository for SqliteFederationRepository {
Ok(())
}
async fn save_remote_review(&self, review: &Review) -> Result<()> {
async fn save_remote_review(&self, review: &Review, ap_id: &str, movie_title: &str, release_year: u16, poster_url: Option<&str>) -> Result<()> {
let actor_url = match review.source() {
ReviewSource::Remote { actor_url } => actor_url.clone(),
ReviewSource::Local => {
@@ -304,8 +317,25 @@ impl FederationRepository for SqliteFederationRepository {
}
};
let id = review.id().value().to_string();
let movie_id = review.movie_id().value().to_string();
// Stub movie so the feed INNER JOIN on movies always resolves.
// release_year 0 means unknown — clamp to 1888 (valid ReleaseYear range: 1888-2200).
// ON CONFLICT updates poster_path if a newer review carries one.
let _ = sqlx::query(
"INSERT INTO movies (id, external_metadata_id, title, release_year, director, poster_path)
VALUES (?, NULL, ?, ?, NULL, ?)
ON CONFLICT(id) DO UPDATE SET
poster_path = COALESCE(excluded.poster_path, movies.poster_path)",
)
.bind(&movie_id)
.bind(movie_title)
.bind(release_year.max(1888) as i64) // ReleaseYear requires >= 1888
.bind(poster_url)
.execute(&self.pool)
.await?;
let id = review.id().value().to_string();
let user_id = review.user_id().value().to_string();
let rating = review.rating().value() as i64;
let comment = review.comment().map(|c| c.value().to_string());
@@ -313,8 +343,8 @@ impl FederationRepository for SqliteFederationRepository {
let created_at = datetime_to_str(review.created_at());
sqlx::query(
"INSERT OR IGNORE INTO reviews (id, movie_id, user_id, rating, comment, watched_at, created_at, remote_actor_url)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
"INSERT OR IGNORE INTO reviews (id, movie_id, user_id, rating, comment, watched_at, created_at, remote_actor_url, ap_id)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
)
.bind(&id)
.bind(&movie_id)
@@ -324,9 +354,105 @@ impl FederationRepository for SqliteFederationRepository {
.bind(&watched_at)
.bind(&created_at)
.bind(&actor_url)
.bind(ap_id)
.execute(&self.pool)
.await?;
Ok(())
}
async fn delete_remote_review_by_ap_id(&self, ap_id: &str, actor_url: &str) -> Result<()> {
sqlx::query("DELETE FROM reviews WHERE ap_id = ? AND remote_actor_url = ?")
.bind(ap_id)
.bind(actor_url)
.execute(&self.pool)
.await?;
Ok(())
}
async fn update_remote_review(
&self,
ap_id: &str,
actor_url: &str,
rating: u8,
comment: Option<&str>,
watched_at: chrono::NaiveDateTime,
) -> Result<()> {
let watched_at_str = datetime_to_str(&watched_at);
sqlx::query(
"UPDATE reviews SET rating = ?, comment = ?, watched_at = ?
WHERE ap_id = ? AND remote_actor_url = ?",
)
.bind(rating as i64)
.bind(comment)
.bind(&watched_at_str)
.bind(ap_id)
.bind(actor_url)
.execute(&self.pool)
.await?;
Ok(())
}
async fn delete_remote_reviews_by_actor(&self, actor_url: &str) -> Result<()> {
sqlx::query("DELETE FROM reviews WHERE remote_actor_url = ?")
.bind(actor_url)
.execute(&self.pool)
.await?;
Ok(())
}
async fn update_following_status(
&self,
local_user_id: UserId,
remote_actor_url: &str,
status: FollowingStatus,
) -> Result<()> {
let uid = local_user_id.value().to_string();
let status_str = match status {
FollowingStatus::Pending => "pending",
FollowingStatus::Accepted => "accepted",
};
let result = sqlx::query(
"UPDATE ap_following SET status = ? WHERE local_user_id = ? AND remote_actor_url = ?",
)
.bind(status_str)
.bind(&uid)
.bind(remote_actor_url)
.execute(&self.pool)
.await?;
if result.rows_affected() == 0 {
tracing::warn!(
local_user_id = %local_user_id.value(),
remote_actor_url = remote_actor_url,
"update_following_status: no row found"
);
}
Ok(())
}
async fn get_pending_followers(&self, local_user_id: UserId) -> Result<Vec<RemoteActor>> {
let uid = local_user_id.value().to_string();
let rows = sqlx::query(
"SELECT f.remote_actor_url,
a.handle, a.inbox_url, a.shared_inbox_url, a.display_name
FROM ap_followers f
LEFT JOIN ap_remote_actors a ON a.url = f.remote_actor_url
WHERE f.local_user_id = ? AND f.status = 'pending'",
)
.bind(&uid)
.fetch_all(&self.pool)
.await?;
Ok(rows.into_iter().map(|row| RemoteActor {
url: row.get("remote_actor_url"),
handle: row.try_get("handle").unwrap_or_default(),
inbox_url: row.try_get("inbox_url").unwrap_or_default(),
shared_inbox_url: row.try_get("shared_inbox_url").ok().flatten(),
display_name: row.try_get("display_name").ok().flatten(),
}).collect())
}
}

8
crates/adapters/sqlite/src/lib.rs
View File

@@ -224,14 +224,14 @@ impl SqliteMovieRepository {
) -> Result<Vec<FeedRow>, DomainError> {
sqlx::query_as!(
FeedRow,
"SELECT m.id, m.external_metadata_id, m.title, m.release_year, m.director, m.poster_path,
r#"SELECT m.id, m.external_metadata_id, m.title, m.release_year, m.director, m.poster_path,
r.id AS review_id, r.movie_id, r.user_id, r.rating, r.comment, r.watched_at, r.created_at, r.remote_actor_url,
u.email AS user_email
COALESCE(u.email, r.remote_actor_url) AS "user_email!: String"
FROM reviews r
INNER JOIN movies m ON m.id = r.movie_id
INNER JOIN users u ON u.id = r.user_id
LEFT JOIN users u ON u.id = r.user_id
ORDER BY r.watched_at DESC
LIMIT ? OFFSET ?",
LIMIT ? OFFSET ?"#,
limit, offset
)
.fetch_all(&self.pool)

14
crates/adapters/sqlite/src/models.rs
View File

@@ -3,7 +3,7 @@ use domain::{
errors::DomainError,
models::{DiaryEntry, FeedEntry, Movie, Review, ReviewSource, UserSummary},
value_objects::{
Comment, ExternalMetadataId, MovieId, MovieTitle, PosterPath, Rating, ReleaseYear,
Comment, Email, ExternalMetadataId, MovieId, MovieTitle, PosterPath, Rating, ReleaseYear,
ReviewId, UserId,
},
};
@@ -171,12 +171,12 @@ pub(crate) struct UserSummaryRow {
impl UserSummaryRow {
pub fn to_domain(self) -> Result<UserSummary, DomainError> {
Ok(UserSummary {
user_id: UserId::from_uuid(parse_uuid(&self.id)?),
email: self.email,
total_movies: self.total_movies,
avg_rating: self.avg_rating,
})
Ok(UserSummary::new(
UserId::from_uuid(parse_uuid(&self.id)?),
Email::new(self.email)?,
self.total_movies,
self.avg_rating,
))
}
}

103
crates/adapters/sqlite/src/users.rs
View File

@@ -6,7 +6,7 @@ use domain::{
errors::DomainError,
models::User,
ports::UserRepository,
value_objects::{Email, PasswordHash, UserId},
value_objects::{Email, PasswordHash, UserId, Username},
};
use super::models::UserSummaryRow;
@@ -15,14 +15,29 @@ pub struct SqliteUserRepository {
}
impl SqliteUserRepository {
pub fn new(pool: SqlitePool) -> Self {
Self { pool }
}
pub fn new(pool: SqlitePool) -> Self { Self { pool } }
fn map_err(e: sqlx::Error) -> DomainError {
tracing::error!("Database error: {:?}", e);
DomainError::InfrastructureError("Database operation failed".into())
}
fn row_to_user(
id_str: String,
email_str: String,
username_str: String,
hash_str: String,
) -> Result<User, DomainError> {
let id = uuid::Uuid::parse_str(&id_str)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let email = Email::new(email_str)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let username = Username::new(username_str)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let hash = PasswordHash::new(hash_str)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
Ok(User::from_persistence(UserId::from_uuid(id), email, username, hash))
}
}
#[async_trait]
@@ -30,84 +45,81 @@ impl UserRepository for SqliteUserRepository {
async fn find_by_email(&self, email: &Email) -> Result<Option<User>, DomainError> {
let email_str = email.value();
let row = sqlx::query!(
"SELECT id, email, password_hash FROM users WHERE email = ?",
"SELECT id, email, username, password_hash FROM users WHERE email = ?",
email_str
)
.fetch_optional(&self.pool)
.await
.map_err(Self::map_err)?;
match row {
None => Ok(None),
Some(r) => {
let id = uuid::Uuid::parse_str(&r.id)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let email = Email::new(r.email)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let hash = PasswordHash::new(r.password_hash)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
Ok(Some(User::from_persistence(UserId::from_uuid(id), email, hash)))
}
}
row.map(|r| Self::row_to_user(r.id.unwrap_or_default(), r.email, r.username, r.password_hash))
.transpose()
}
async fn find_by_username(&self, username: &Username) -> Result<Option<User>, DomainError> {
let username_str = username.value();
let row = sqlx::query!(
"SELECT id, email, username, password_hash FROM users WHERE username = ?",
username_str
)
.fetch_optional(&self.pool)
.await
.map_err(Self::map_err)?;
row.map(|r| Self::row_to_user(r.id.unwrap_or_default(), r.email, r.username, r.password_hash))
.transpose()
}
async fn save(&self, user: &User) -> Result<(), DomainError> {
// Check email uniqueness first (clearer error than INSERT OR IGNORE)
if self.find_by_email(user.email()).await?.is_some() {
return Err(DomainError::ValidationError("Email already registered".into()));
}
// Check username uniqueness
if self.find_by_username(user.username()).await?.is_some() {
return Err(DomainError::ValidationError("Username already taken".into()));
}
let id = user.id().value().to_string();
let email = user.email().value();
let username = user.username().value();
let hash = user.password_hash().value();
let created_at = Utc::now().to_rfc3339();
let result = sqlx::query!(
"INSERT OR IGNORE INTO users (id, email, password_hash, created_at) VALUES (?, ?, ?, ?)",
id,
email,
hash,
created_at
sqlx::query!(
"INSERT INTO users (id, email, username, password_hash, created_at) VALUES (?, ?, ?, ?, ?)",
id, email, username, hash, created_at
)
.execute(&self.pool)
.await
.map_err(Self::map_err)?;
if result.rows_affected() == 0 {
return Err(DomainError::ValidationError("Email already registered".into()));
}
Ok(())
}
async fn find_by_id(&self, id: &UserId) -> Result<Option<User>, DomainError> {
let id_str = id.value().to_string();
let row = sqlx::query!(
"SELECT id, email, password_hash FROM users WHERE id = ?",
"SELECT id, email, username, password_hash FROM users WHERE id = ?",
id_str
)
.fetch_optional(&self.pool)
.await
.map_err(Self::map_err)?;
match row {
None => Ok(None),
Some(r) => {
let uuid = uuid::Uuid::parse_str(&r.id)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let email = Email::new(r.email)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
let hash = PasswordHash::new(r.password_hash)
.map_err(|e| DomainError::InfrastructureError(e.to_string()))?;
Ok(Some(User::from_persistence(UserId::from_uuid(uuid), email, hash)))
}
}
row.map(|r| Self::row_to_user(r.id.unwrap_or_default(), r.email, r.username, r.password_hash))
.transpose()
}
async fn list_with_stats(&self) -> Result<Vec<domain::models::UserSummary>, DomainError> {
sqlx::query_as!(
UserSummaryRow,
r#"SELECT u.id,
u.email,
r#"SELECT u.id AS "id!: String",
u.email AS "email!: String",
COUNT(DISTINCT r.movie_id) AS "total_movies!: i64",
AVG(CAST(r.rating AS REAL)) AS avg_rating
FROM users u
LEFT JOIN reviews r ON r.user_id = u.id
LEFT JOIN reviews r ON r.user_id = u.id AND r.remote_actor_url IS NULL
GROUP BY u.id, u.email
ORDER BY u.email ASC"#
)
@@ -128,7 +140,7 @@ mod tests {
async fn setup() -> (SqlitePool, SqliteUserRepository) {
let pool = SqlitePool::connect(":memory:").await.unwrap();
sqlx::query(
"CREATE TABLE users (id TEXT PRIMARY KEY, email TEXT NOT NULL UNIQUE, password_hash TEXT NOT NULL, created_at TEXT NOT NULL)"
"CREATE TABLE users (id TEXT PRIMARY KEY, email TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE, password_hash TEXT NOT NULL, created_at TEXT NOT NULL)"
)
.execute(&pool)
.await
@@ -152,10 +164,11 @@ mod tests {
let (pool, repo) = setup().await;
let id = uuid::Uuid::new_v4();
sqlx::query(
"INSERT INTO users (id, email, password_hash, created_at) VALUES (?, ?, ?, ?)"
"INSERT INTO users (id, email, username, password_hash, created_at) VALUES (?, ?, ?, ?, ?)"
)
.bind(id.to_string())
.bind("test@example.com")
.bind("test")
.bind("$argon2id$v=19$m=65536,t=2,p=1$fakesalt$fakehash")
.bind("2026-01-01T00:00:00Z")
.execute(&pool)