From 963d5774af7efb57fa306b3ac164049f8958a72c Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Wed, 24 Apr 2019 07:06:17 +0545 Subject: fix the status notification with special char --- test/web/twitter_api/views/activity_view_test.exs | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'test/web/twitter_api') diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index d84ab7420..85815ba7e 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -371,4 +371,14 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do assert length(result["attachments"]) == 1 assert result["summary"] == "Friday Night" end + + test "special characters are not escaped in text field for status created" do + text = "<3 is on the way" + + {:ok, activity} = CommonAPI.post(insert(:user), %{"status" => text}) + + result = ActivityView.render("activity.json", activity: activity) + + assert result["text"] == text + end end -- cgit v1.2.3 From 4baea6e6d9efa619402a031a84f74787653df2b5 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 24 Apr 2019 20:01:42 +0300 Subject: Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API This patch: - Fixes `rights` in twitterapi ignoring `show_role` - Fixes exposing default scope of the user to anyone in Mastodon API - Extends Mastodon API to be able to show and set `no_rich_text`, `default_scope`, `hide_follows`, `hide_followers`, `hide_favorites` (requested by the FE in #674) Sorry in advance for 500 line one commit diff, I should have split it up to separate MRs --- test/web/twitter_api/views/user_view_test.exs | 33 ++++++++------------------- 1 file changed, 9 insertions(+), 24 deletions(-) (limited to 'test/web/twitter_api') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 36b461992..2f9b2af01 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -89,17 +89,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => false, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -112,6 +106,15 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do assert represented == UserView.render("show.json", %{user: user}) end + test "User exposes settings for themselves and only for themselves", %{user: user} do + as_user = UserView.render("show.json", %{user: user, for: user}) + assert as_user["default_scope"] == user.info.default_scope + assert as_user["no_rich_text"] == user.info.no_rich_text + as_stranger = UserView.render("show.json", %{user: user}) + refute as_stranger["default_scope"] + refute as_stranger["no_rich_text"] + end + test "A user for a given other follower", %{user: user} do follower = insert(:user, %{following: [User.ap_followers(user)]}) {:ok, user} = User.update_follower_count(user) @@ -137,17 +140,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => true, "follows_you" => false, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -186,17 +183,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => true, "statusnet_blocking" => false, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => follower.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], @@ -272,17 +263,11 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "following" => false, "follows_you" => false, "statusnet_blocking" => true, - "rights" => %{ - "delete_others_notice" => false, - "admin" => false - }, "statusnet_profile_url" => user.ap_id, "cover_photo" => banner, "background_image" => nil, "is_local" => true, "locked" => false, - "default_scope" => "public", - "no_rich_text" => false, "hide_follows" => false, "hide_followers" => false, "fields" => [], -- cgit v1.2.3 From 61ca2f7a4ed1bfa5b5ae4da5b28ca3c546b1e141 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sun, 28 Apr 2019 19:42:43 +0300 Subject: Fix `rights` in TwitterAPI's user entity being present only for Admins/Moderators In !1093 I reused `maybe_with_role` for `rights` object, however I missed that `maybe_with_role` is called only for admins/moderators. --- test/web/twitter_api/views/user_view_test.exs | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'test/web/twitter_api') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 2f9b2af01..c99dbddeb 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -100,7 +100,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: user}) @@ -151,7 +153,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: user, for: follower}) @@ -194,7 +198,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } assert represented == UserView.render("show.json", %{user: follower, for: user}) @@ -274,7 +280,9 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "pleroma" => %{ "confirmation_pending" => false, "tags" => [] - } + }, + "rights" => %{"admin" => false, "delete_others_notice" => false}, + "role" => "member" } blocker = User.get_cached_by_id(blocker.id) -- cgit v1.2.3 From 85b5c60694e07d3bfb1f885d5fda14be6b7bade9 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 7 Feb 2019 16:41:20 +0100 Subject: Pleroma.Formatter: width/height to class=emoji --- test/web/twitter_api/views/activity_view_test.exs | 2 +- test/web/twitter_api/views/user_view_test.exs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'test/web/twitter_api') diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index 85815ba7e..1aa533b48 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -100,7 +100,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do expected = ":firefox: meow" expected_html = - "\"firefox\" meow" + "\"firefox\" meow" assert result["summary"] == expected assert result["summary_html"] == expected_html diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index c99dbddeb..74526673c 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -32,7 +32,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do test "A user with emoji in username" do expected = - "\"karjalanpiirakka\" man" + "\"karjalanpiirakka\" man" user = insert(:user, %{ -- cgit v1.2.3 From 2f76a40d028c45e99425b061298a1b05e4b59923 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Tue, 12 Feb 2019 14:59:34 +0100 Subject: formatter.ex: Add get_emoji_map/1 --- .../twitter_api/twitter_api_controller_test.exs | 28 ++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'test/web/twitter_api') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 43ad71a16..90718cfb4 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1611,6 +1611,34 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) end + + # Broken before the change to class="emoji" and non- in the DB + @tag :skip + test "it formats emojos", %{conn: conn} do + user = insert(:user) + + conn = + conn + |> assign(:user, user) + |> post("/api/account/update_profile.json", %{ + "bio" => "I love our :moominmamma:​" + }) + + assert response = json_response(conn, 200) + + assert %{ + "description" => "I love our :moominmamma:", + "description_html" => + ~s{I love our