Skip to content

Optimize and align validate_object methods across handlers #2278

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Oct 6, 2025
Merged

Optimize and align validate_object methods across handlers #2278

merged 13 commits into from
Oct 6, 2025

Conversation

obenland
Copy link
Member

@obenland obenland commented Oct 2, 2025
edited
Loading

Also fixes a potential fatal error for Undo activities from brid.gy.

Proposed changes:

  • Optimize validate_object methods in Accept, Create, Reject, Undo, and Quote_Request handlers for better performance
  • Replace expensive array_diff() + array_keys() operations with direct isset() checks
  • Simplify object validation logic from empty() || !is_array() to !isset() || !is_array()
  • Remove unnecessary is_wp_error() checks (request parameter is always WP_REST_Request in actual usage)
  • Rename $json_params to $activity for improved code readability
  • Align validation patterns across all handlers for consistency

Other information:

  • Have you written new tests for your changes, if applicable?

All existing tests pass. Removed one obsolete test that was checking for an impossible scenario (WP_Error as request object).

Testing instructions:

  • Run npm run env-test to verify all PHP tests pass
  • Verify that inbox validation still works correctly by sending various ActivityPub activities to the inbox

Changelog entry

@obenland
Optimize and align validate_object methods across handlers
aaa4f5d 
Performance improvements:
- Replace array_diff() + array_keys() with isset() checks (faster, no temporary arrays)
- Simplify object validation from empty() || !is_array() to !isset() || !is_array()
- Remove unnecessary is_wp_error() checks (request is always WP_REST_Request)

Code quality improvements:
- Rename $json_params to $activity for better readability
- Align validation patterns across all handlers for consistency
- Improve docblock formatting in REST controllers

All existing tests pass.
@Copilot Copilot AI review requested due to automatic review settings October 2, 2025 21:22
@obenland obenland self-assigned this Oct 2, 2025
@obenland obenland requested a review from pfefferle October 2, 2025 21:22
Copilot
Copilot AI reviewed Oct 2, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR optimizes and standardizes the validate_object methods across ActivityPub handlers to improve performance and code consistency.

  • Replaces inefficient array_diff() + array_keys() operations with direct isset() checks for better performance
  • Removes unnecessary is_wp_error() checks since the request parameter is always WP_REST_Request in practice
  • Renames $json_params to $activity for improved readability and consistency across handlers

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.

Show a summary per file
File Description
includes/handler/class-accept.php Optimizes validation logic with isset() checks and removes WP_Error handling
includes/handler/class-create.php Streamlines object validation and removes unnecessary WP_Error check
includes/handler/class-quote-request.php Simplifies required field validation and removes WP_Error handling
includes/handler/class-reject.php Optimizes validation with direct isset() checks
includes/handler/class-undo.php Replaces array operations with isset() and adds object type validation
includes/rest/class-inbox-controller.php Updates PHPDoc to correctly specify WP_REST_Request type
includes/rest/class-actors-inbox-controller.php Updates PHPDoc to correctly specify WP_REST_Request type
tests/includes/handler/class-test-quote-request.php Removes obsolete test for WP_Error scenario that can no longer occur

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@obenland obenland added the Skip Changelog Disables the "Changelog Updated" action for PRs where changelog entries are not necessary. label Oct 2, 2025
pfefferle
pfefferle reviewed Oct 3, 2025
View reviewed changes
includes/handler/class-undo.php
'actor',
'object',
);
if ( ! \is_array( $activity['object'] ) ) {
Copy link
Member

@pfefferle pfefferle Oct 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we first merge #2284 and then have your changes afterwards? My PR adds support for URI-Objects at least for Likes and Announces.

pfefferle
pfefferle reviewed Oct 3, 2025
View reviewed changes
@pfefferle
Copy link
Member

pfefferle commented Oct 3, 2025
edited
Loading

Remove unnecessary is_wp_error() checks (request parameter is always WP_REST_Request in actual usage)

The signature verification returns a WP_Error

wordpress-activitypub/includes/rest/class-server.php

Line 74 in 41efe96

return new \WP_Error(
does that have no impact on the validate_object verification?

@pfefferle
Copy link
Member

Ok, $request is always a WP_REST_Request. Is the signature verification called afterwards? Is there a way to run the signature verification earlier? We would save some time/resources then, because we wouldn't have to trigger the validate_object at all.

@obenland
Copy link
Member Author

obenland commented Oct 3, 2025

We could move it to rest_pre_dispatch but at that point the request has not been matched with a handler yet, so would run for every REST API request. Currently every endpoint that needs signature verification specifies it for itself, which we would lose, too.

FWIW, I don't think it's a big deal, eventually a request has to pass all of these tests anyway.

@pfefferle
Copy link
Member

Then let's keep it as is!

@pfefferle pfefferle mentioned this pull request Oct 6, 2025
Merged
11 tasks
@pfefferle
Copy link
Member

I think it is fine to merge (when the conflicts are resolved), I will update the validation callback through #2295 then.

@github-actions github-actions bot added [Block] Post settings [Focus] Compatibility Ensuring the plugin plays well with other plugins [Focus] Editor Changes to the ActivityPub experience in the block editor [Tests] Includes Tests Actions labels Oct 6, 2025
@github-actions github-actions bot added the Docs label Oct 6, 2025
pfefferle
pfefferle previously approved these changes Oct 6, 2025
View reviewed changes
@pfefferle
Remove test for validate_object with WP_Error
924275e 
Deleted the test_validate_object_with_wp_error method from the quote request test class, possibly because the scenario is no longer relevant or covered elsewhere.
@obenland obenland merged commit 7796e3c into trunk Oct 6, 2025
13 checks passed
@obenland obenland deleted the optimize-validate-object-functions branch October 6, 2025 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@pfefferle pfefferle pfefferle approved these changes

Assignees

@obenland obenland

Labels
Actions [Block] Post settings Docs [Feature] REST API [Focus] Compatibility Ensuring the plugin plays well with other plugins [Focus] Editor Changes to the ActivityPub experience in the block editor Skip Changelog Disables the "Changelog Updated" action for PRs where changelog entries are not necessary. [Tests] Includes Tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@obenland @pfefferle @Jiwoon-Kim