Merge branch 'fix/public-timeline-auth' into 'develop'
Fix Twitter timelines for private instances See merge request pleroma/pleroma!602
This commit is contained in:
commit
1cd825519c
2 changed files with 61 additions and 1 deletions
|
@ -662,7 +662,7 @@ defp forbidden_json_reply(conn, error_message) do
|
||||||
json_reply(conn, 403, json)
|
json_reply(conn, 403, json)
|
||||||
end
|
end
|
||||||
|
|
||||||
def only_if_public_instance(conn = %{conn: %{assigns: %{user: _user}}}, _), do: conn
|
def only_if_public_instance(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
||||||
|
|
||||||
def only_if_public_instance(conn, _) do
|
def only_if_public_instance(conn, _) do
|
||||||
if Keyword.get(Application.get_env(:pleroma, :instance), :public) do
|
if Keyword.get(Application.get_env(:pleroma, :instance), :public) do
|
||||||
|
|
|
@ -112,6 +112,8 @@ test "with credentials", %{conn: conn, user: user} do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /statuses/public_timeline.json" do
|
describe "GET /statuses/public_timeline.json" do
|
||||||
|
setup [:valid_user]
|
||||||
|
|
||||||
test "returns statuses", %{conn: conn} do
|
test "returns statuses", %{conn: conn} do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
|
activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
|
||||||
|
@ -145,14 +147,44 @@ test "returns 403 to unauthenticated request when the instance is not public", %
|
||||||
Application.put_env(:pleroma, :instance, instance)
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "returns 200 to authenticated request when the instance is not public",
|
||||||
|
%{conn: conn, user: user} do
|
||||||
|
instance =
|
||||||
|
Application.get_env(:pleroma, :instance)
|
||||||
|
|> Keyword.put(:public, false)
|
||||||
|
|
||||||
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
|
|
||||||
|
conn
|
||||||
|
|> with_credentials(user.nickname, "test")
|
||||||
|
|> get("/api/statuses/public_timeline.json")
|
||||||
|
|> json_response(200)
|
||||||
|
|
||||||
|
instance =
|
||||||
|
Application.get_env(:pleroma, :instance)
|
||||||
|
|> Keyword.put(:public, true)
|
||||||
|
|
||||||
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
|
end
|
||||||
|
|
||||||
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
|
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
|
||||||
conn
|
conn
|
||||||
|> get("/api/statuses/public_timeline.json")
|
|> get("/api/statuses/public_timeline.json")
|
||||||
|> json_response(200)
|
|> json_response(200)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "returns 200 to authenticated request when the instance is public",
|
||||||
|
%{conn: conn, user: user} do
|
||||||
|
conn
|
||||||
|
|> with_credentials(user.nickname, "test")
|
||||||
|
|> get("/api/statuses/public_timeline.json")
|
||||||
|
|> json_response(200)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /statuses/public_and_external_timeline.json" do
|
describe "GET /statuses/public_and_external_timeline.json" do
|
||||||
|
setup [:valid_user]
|
||||||
|
|
||||||
test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do
|
test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do
|
||||||
instance =
|
instance =
|
||||||
Application.get_env(:pleroma, :instance)
|
Application.get_env(:pleroma, :instance)
|
||||||
|
@ -171,11 +203,39 @@ test "returns 403 to unauthenticated request when the instance is not public", %
|
||||||
Application.put_env(:pleroma, :instance, instance)
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "returns 200 to authenticated request when the instance is not public",
|
||||||
|
%{conn: conn, user: user} do
|
||||||
|
instance =
|
||||||
|
Application.get_env(:pleroma, :instance)
|
||||||
|
|> Keyword.put(:public, false)
|
||||||
|
|
||||||
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
|
|
||||||
|
conn
|
||||||
|
|> with_credentials(user.nickname, "test")
|
||||||
|
|> get("/api/statuses/public_and_external_timeline.json")
|
||||||
|
|> json_response(200)
|
||||||
|
|
||||||
|
instance =
|
||||||
|
Application.get_env(:pleroma, :instance)
|
||||||
|
|> Keyword.put(:public, true)
|
||||||
|
|
||||||
|
Application.put_env(:pleroma, :instance, instance)
|
||||||
|
end
|
||||||
|
|
||||||
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
|
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
|
||||||
conn
|
conn
|
||||||
|> get("/api/statuses/public_and_external_timeline.json")
|
|> get("/api/statuses/public_and_external_timeline.json")
|
||||||
|> json_response(200)
|
|> json_response(200)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "returns 200 to authenticated request when the instance is public",
|
||||||
|
%{conn: conn, user: user} do
|
||||||
|
conn
|
||||||
|
|> with_credentials(user.nickname, "test")
|
||||||
|
|> get("/api/statuses/public_and_external_timeline.json")
|
||||||
|
|> json_response(200)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /statuses/show/:id.json" do
|
describe "GET /statuses/show/:id.json" do
|
||||||
|
|
Loading…
Reference in a new issue