From 8a4437d2bee6ae5f07935a8a6471e8c8dac7f3b1 Mon Sep 17 00:00:00 2001
From: FloatingGhost <hannah@coffee-and-dreams.uk>
Date: Thu, 9 Mar 2023 19:13:14 +0000
Subject: [PATCH] Allow expires_at in filter requests

Fixes #492
---
 .../api_spec/operations/filter_operation.ex   |  6 ++++
 lib/pleroma/web/plugs/http_security_plug.ex   |  2 ++
 .../masto_fe/fedibird.index.html.eex          |  1 +
 .../controllers/filter_controller_test.exs    | 34 +++++++++++++++++++
 .../web/o_auth/o_auth_controller_test.exs     |  2 +-
 5 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/lib/pleroma/web/api_spec/operations/filter_operation.ex b/lib/pleroma/web/api_spec/operations/filter_operation.ex
index 5102921bc..ac0444aef 100644
--- a/lib/pleroma/web/api_spec/operations/filter_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/filter_operation.ex
@@ -225,6 +225,12 @@ defmodule Pleroma.Web.ApiSpec.FilterOperation do
           type: :integer,
           description:
             "Number of seconds from now the filter should expire. Otherwise, null for a filter that doesn't expire."
+        },
+        expires_at: %Schema{
+          nullable: true,
+          type: :string,
+          description:
+            "When the filter should no longer be applied. String (ISO 8601 Datetime), or null if the filter does not expire."
         }
       },
       required: [:phrase, :context],
diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
index b1f1ada94..6841b13aa 100644
--- a/lib/pleroma/web/plugs/http_security_plug.ex
+++ b/lib/pleroma/web/plugs/http_security_plug.ex
@@ -116,6 +116,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
 
     script_src = "script-src 'self' '#{nonce_tag}'"
 
+    script_src = if Mix.env() == :dev, do: [script_src, " 'unsafe-eval'"], else: script_src
+
     report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
     insecure = if scheme == "https", do: "upgrade-insecure-requests"
 
diff --git a/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex b/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex
index 02c421831..6730c0ecc 100644
--- a/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex
+++ b/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex
@@ -19,6 +19,7 @@
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/getting_started.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/compose.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/home_timeline.js'>
+<link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/public_timeline.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/notifications.js'>
 <script crossorigin='anonymous' src="/packs/js/application.js"></script>
 
diff --git a/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs
index 99f037483..1d8a67e6b 100644
--- a/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs
+++ b/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs
@@ -85,6 +85,40 @@ defmodule Pleroma.Web.MastodonAPI.FilterControllerTest do
 
       assert Repo.aggregate(Filter, :count, :id) == 0
     end
+
+    test "a filter with expires_at", %{conn: conn, user: user} do
+      response =
+        with_mock NaiveDateTime, [:passthrough], utc_now: fn -> ~N[2017-03-17 17:09:58] end do
+          conn
+          |> put_req_header("content-type", "application/json")
+          |> post("/api/v1/filters", %{
+            "phrase" => "bad memes",
+            context: ["home"],
+            expires_at: "2017-03-17T17:19:58.000Z"
+          })
+          |> json_response_and_validate_schema(200)
+        end
+
+      assert response["irreversible"] == false
+
+      assert response["expires_at"] == "2017-03-17T17:19:58.000Z"
+
+      filter = Filter.get(response["id"], user)
+
+      id = filter.id
+
+      assert_enqueued(
+        worker: PurgeExpiredFilter,
+        args: %{filter_id: filter.id}
+      )
+
+      assert {:ok, %{id: ^id}} =
+               perform_job(PurgeExpiredFilter, %{
+                 filter_id: filter.id
+               })
+
+      assert Repo.aggregate(Filter, :count, :id) == 0
+    end
   end
 
   test "fetching a list of filters" do
diff --git a/test/pleroma/web/o_auth/o_auth_controller_test.exs b/test/pleroma/web/o_auth/o_auth_controller_test.exs
index 9924023fe..c996a403c 100644
--- a/test/pleroma/web/o_auth/o_auth_controller_test.exs
+++ b/test/pleroma/web/o_auth/o_auth_controller_test.exs
@@ -729,7 +729,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
     end
 
     test "redirects with oauth authorization, " <>
-         "granting requested app-supported scopes to moderators" do
+           "granting requested app-supported scopes to moderators" do
       app_scopes = ["read", "write", "admin", "secret_scope"]
       app = insert(:oauth_app, scopes: app_scopes)
       redirect_uri = OAuthController.default_redirect_uri(app)