From aef3a3ca46afb98a93e1893162fb012ce433c368 Mon Sep 17 00:00:00 2001 From: Ekaterina Vaartis Date: Thu, 18 Apr 2019 22:04:37 +0300 Subject: Fix tests that used finmoji --- test/web/twitter_api/views/activity_view_test.exs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/web/twitter_api/views') diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index b5440c612..d84ab7420 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -91,16 +91,16 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do test "a create activity with a summary containing emoji" do {:ok, activity} = CommonAPI.post(insert(:user), %{ - "spoiler_text" => ":woollysocks: meow", + "spoiler_text" => ":firefox: meow", "status" => "." }) result = ActivityView.render("activity.json", activity: activity) - expected = ":woollysocks: meow" + expected = ":firefox: meow" expected_html = - "\"woollysocks\" meow" + "\"firefox\" meow" assert result["summary"] == expected assert result["summary_html"] == expected_html -- cgit v1.2.3 From b9cdf6d3b9940fded7d6be9f8771fd9c211afdd4 Mon Sep 17 00:00:00 2001 From: Egor Date: Mon, 22 Apr 2019 07:20:43 +0000 Subject: Use `User.get_cached*` everywhere --- test/web/twitter_api/views/user_view_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/web/twitter_api/views') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 0feaf4b64..36b461992 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -292,7 +292,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do } } - blocker = User.get_by_id(blocker.id) + blocker = User.get_cached_by_id(blocker.id) assert represented == UserView.render("show.json", %{user: user, for: blocker}) end -- cgit v1.2.3 From 4baea6e6d9efa619402a031a84f74787653df2b5 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 24 Apr 2019 20:01:42 +0300 Subject: Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API This patch: - Fixes `rights` in twitterapi ignoring `show_role` - Fixes exposing default scope of the user to anyone in Mastodon API - Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674) Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs --- test/web/twitter_api/views/user_view_test.exs | 33 ++++++++------------------- 1 file changed, 9 insertions(+), 24 deletions(-) (limited to 'test/web/twitter_api/views') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 36b461992..2f9b2af01 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -89,17 +89,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => false, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -112,6 +106,15 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do assert represented == UserView.render("show.json", %{user: user}) end + test "User exposes settings for themselves and only for themselves", %{user: user} do + as_user = UserView.render("show.json", %{user: user, for: user}) + assert as_user["default_scope"] == user.info.default_scope + assert as_user["no_rich_text"] == user.info.no_rich_text + as_stranger = UserView.render("show.json", %{user: user}) + refute as_stranger["default_scope"] + refute as_stranger["no_rich_text"] + end + test "A user for a given other follower", %{user: user} do follower = insert(:user, %{following: [User.ap_followers(user)]}) {:ok, user} = User.update_follower_count(user) @@ -137,17 +140,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => true, "follows_you" => false, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -186,17 +183,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => true, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => follower.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -272,17 +263,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => false, "statusnet_blocking" => true, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], -- cgit v1.2.3 From 61ca2f7a4ed1bfa5b5ae4da5b28ca3c546b1e141 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sun, 28 Apr 2019 19:42:43 +0300 Subject: Fix `rights` in TwitterAPI's user entity being present only for Admins/Moderators In !1093 I reused `maybe_with_role` for `rights` object, however I missed that `maybe_with_role` is called only for admins/moderators. --- test/web/twitter_api/views/user_view_test.exs | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'test/web/twitter_api/views') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 2f9b2af01..c99dbddeb 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -100,7 +100,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: user}) @@ -151,7 +153,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: user, for: follower}) @@ -194,7 +198,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: follower, for: user}) @@ -274,7 +280,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } blocker = User.get_cached_by_id(blocker.id) -- cgit v1.2.3