Fix duplicate accounts being created when fetching an account for its key only (#13147)
Fixes #13136 When a user's canonical acct domain is different from its id's domain (WEB_DOMAIN ≠ LOCAL_DOMAIN), two webfinger queries are required to find the canonical domain from the URI. However, we skip webfinger queries when updating only the key of a remote user, which led to the creation of a duplicate account, using the URI's domain instead of the canonical acct: one.gh/stable
parent
5158dbeb25
commit
3704402dcc
|
@ -18,7 +18,8 @@ class ActivityPub::ProcessAccountService < BaseService
|
||||||
|
|
||||||
RedisLock.acquire(lock_options) do |lock|
|
RedisLock.acquire(lock_options) do |lock|
|
||||||
if lock.acquired?
|
if lock.acquired?
|
||||||
@account = Account.find_remote(@username, @domain)
|
@account = Account.remote.find_by(uri: @uri) if @options[:only_key]
|
||||||
|
@account ||= Account.find_remote(@username, @domain)
|
||||||
@old_public_key = @account&.public_key
|
@old_public_key = @account&.public_key
|
||||||
@old_protocol = @account&.protocol
|
@old_protocol = @account&.protocol
|
||||||
|
|
||||||
|
|
Reference in New Issue