From edc506770093fb5745ab7db3c17379f1b8d5596a Mon Sep 17 00:00:00 2001
From: The Fox in the Shell <KellerFuchs@hashbang.sh>
Date: Sat, 15 Apr 2017 04:09:28 +0000
Subject: Avoid unrestricted access to the Mastodon DB (#5)

* Use a limited, read-only view of public toots

This is less scary than unrestricted access to the production database...

* README: Update install process

* README: Update SQL query

* README: Update paragraph on direct DB access
---
 index.js | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'index.js')

diff --git a/index.js b/index.js
index 62f0ed9..8657372 100644
--- a/index.js
+++ b/index.js
@@ -2,20 +2,18 @@ var mastodon = require('mastodon');
 var pg = require('pg');
 
 var query = `SELECT id 
-FROM statuses 
+FROM public_toots
 WHERE favourites_count > (
   SELECT avg(favourites_count) 
-  FROM statuses 
+  FROM public_toots
   WHERE 
     favourites_count > 1
     AND created_at > NOW() - INTERVAL '30 days'
-    AND visibility = 0
 )
-AND created_at > NOW() - INTERVAL '5 days'
-AND visibility = 0;`
+AND created_at > NOW() - INTERVAL '5 days';`
 
 var config = {
-  user: process.env.DB_USER || 'mastodon',
+  user: process.env.DB_USER || 'ambassador',
   database: process.env.DB_NAME || 'mastodon_production',
   password: process.env.DB_PASSWORD || '',
   host: process.env.DB_HOST || '/var/run/postgresql',
-- 
cgit