-
-
Notifications
You must be signed in to change notification settings - Fork 7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix follow limit preventing re-following of a moved account #14207
Conversation
Seems sensible to me, the tests just need to be updated, as they assume rate limiting is enabled, while it's off by default (but on in all codepath that matter) |
3411896
to
07b982c
Compare
Actually, I missed that the |
Right, I don’t think imports were ever rate limited, I’m not sure if there is a user-friendly way to do it. Like it would suck to only import 200 follows per day (or whatever) and force the user to re-submit the same file every day. We could maybe schedule individual follows into the future to align with the rate limit? |
I think right now they are, since this PR changes it? I'm not sure we should enforce this limit, but if we don't enforce it on list import, I don't know why we should have this limit at all. |
I realized you are mixing up rate limits and follow limits here. Imports were never rate limited, but they were (unintentionally) follow limited. This PR changes the latter, but not the former. The change in the spec is only due to the fact that the spec tests follow limits. |
07b982c
to
fd9bfa1
Compare
Alright, I did indeed mix the total follow limit and the rate limiting (but the two being tied together in this PR doesn't help). Rate limiting indeed never applied to imports, it wasn't applied before this PR, and isn't after this PR either. However, with this PR, the total follow limit can be bypassed by using the follow import functionality, as the service will refuse importing more than the total number of accounts the person is allowed to follow at once, but calling it repeatedly would just work. |
fd9bfa1
to
c68c449
Compare
Fixed that |
Technically susceptible to race conditions, I think. |
There are other issues with this I did not think about:
|
c68c449
to
43a9f95
Compare
43a9f95
to
4a273bf
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a bit uncomfortable with tying the total follow count limit and the rate limiting together in the Follow
model validation, as well as with duplicating followers count logic, but the former is nitpicking and the latter is justified by the new Import
validation, which is a clear improvement.
There's still the issue of possible race conditions that can be exploited to import more than the limit, but this can be addressed in a follow-up PR.
ImportService
already enforces follow limit.