allow unsigned fetch for all system users

2025-07-06 03:56:56 +00:00 · 2025-03-16 10:49:16 -04:00 · 2025-03-16 10:49:16 -04:00 · bb3d710927
commit bb3d710927
parent 97da78b46c
3 changed files with 11 additions and 13 deletions
--- a/packages/backend/migration/1740162088574-add_unsignedFetch.js
+++ b/packages/backend/migration/1740162088574-add_unsignedFetch.js
@ -12,8 +12,8 @@ export class AddUnsignedFetch1740162088574 {
 		await queryRunner.query(`CREATE TYPE "public"."user_allowunsignedfetch_enum" AS ENUM('never', 'always', 'essential', 'staff')`);
 		await queryRunner.query(`ALTER TABLE "user" ADD "allowUnsignedFetch" "public"."user_allowunsignedfetch_enum" NOT NULL DEFAULT 'staff'`);

-		// Special one-time migration: allow unauthorized fetch for instance actor
-		await queryRunner.query(`UPDATE "user" SET "allowUnsignedFetch" = 'always' WHERE "username" = 'instance.actor' AND "host" IS null`);
+		// Special one-time migration: allow unauthorized fetch for system accounts
+		await queryRunner.query(`UPDATE "user" SET "allowUnsignedFetch" = 'always' WHERE "username" LIKE '%.%' AND "host" IS null`);

 		// Special one-time migration: convert legacy config "" to meta setting ""
 		const config = await loadConfig();
--- a/packages/backend/src/core/CreateSystemUserService.ts
+++ b/packages/backend/src/core/CreateSystemUserService.ts
@ -29,7 +29,7 @@ export class CreateSystemUserService {
 	}

 	@bindThis
-	public async createSystemUser(username: string, data?: Partial<MiUser>): Promise<MiUser> {
+	public async createSystemUser(username: string): Promise<MiUser> {
 		const password = randomUUID();

 		// Generate hash of password
@ -63,7 +63,13 @@ export class CreateSystemUserService {
 				isExplorable: false,
 				approved: true,
 				isBot: true,
-				...(data ?? {}),
+				/* we always allow requests about our instance actor, because when
+				 a remote instance needs to check our signature on a request we
+				 sent, it will need to fetch information about the user that
+				 signed it (which is our instance actor), and if we try to check
+				 their signature on *that* request, we'll fetch *their* instance
+				 actor... leading to an infinite recursion */
+				allowUnsignedFetch: 'always',
 			}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));

 			await transactionalEntityManager.insert(MiUserKeypair, {
--- a/packages/backend/src/core/InstanceActorService.ts
+++ b/packages/backend/src/core/InstanceActorService.ts
@ -49,15 +49,7 @@ export class InstanceActorService {
 			this.cache.set(user);
 			return user;
 		} else {
-			const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME, {
-				/* we always allow requests about our instance actor, because when
-				 a remote instance needs to check our signature on a request we
-				 sent, it will need to fetch information about the user that
-				 signed it (which is our instance actor), and if we try to check
-				 their signature on *that* request, we'll fetch *their* instance
-				 actor... leading to an infinite recursion */
-				allowUnsignedFetch: 'always',
-			}) as MiLocalUser;
+			const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME) as MiLocalUser;
 			this.cache.set(created);
 			return created;
 		}