From f723b2369160ee08f7155e299aa44410b26b7e51 Mon Sep 17 00:00:00 2001 From: dtluna Date: Mon, 24 Apr 2017 01:11:38 +0300 Subject: [PATCH 1/3] Add error response to self-repeats --- .../web/twitter_api/twitter_api_controller.ex | 13 +++++++++---- .../twitter_api_controller_test.exs | 18 ++++++++++++++---- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 19de0665c..3f27ad1ac 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -163,11 +163,16 @@ def unfavorite(%{assigns: %{user: user}} = conn, %{"id" => id}) do def retweet(%{assigns: %{user: user}} = conn, %{"id" => id}) do activity = Repo.get(Activity, id) - {:ok, status} = TwitterAPI.retweet(user, activity) - response = Poison.encode!(status) + if activity.data["actor"] == user.ap_id do + bad_request_reply(conn, "You cannot repeat your own notice.") + else + {:ok, status} = TwitterAPI.retweet(user, activity) + response = Poison.encode!(status) - conn - |> json_reply(200, response) + conn + + |> json_reply(200, response) + end end def register(conn, params) do diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 0bd27c8c7..a5551fa82 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -328,11 +328,21 @@ test "without valid credentials", %{conn: conn} do test "with credentials", %{conn: conn, user: current_user} do note_activity = insert(:note_activity) - conn = conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/statuses/retweet/#{note_activity.id}.json") + request_path = "/api/statuses/retweet/#{note_activity.id}.json" - assert json_response(conn, 200) + user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + response = conn + |> with_credentials(user.nickname, "test") + |> post(request_path) + assert json_response(response, 400) == %{"error" => "You cannot repeat your own notice.", + "request" => request_path} + + response = conn + |> with_credentials(current_user.nickname, "test") + |> post(request_path) + activity = Repo.get(Activity, note_activity.id) + current_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: current_user}) end end From c3655d1c479aa69b35820f96da3f891f6af9fcdb Mon Sep 17 00:00:00 2001 From: dtluna Date: Tue, 25 Apr 2017 19:47:16 +0300 Subject: [PATCH 2/3] Remove unnecessary status_update definition --- lib/pleroma/web/twitter_api/twitter_api_controller.ex | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index f55db37b3..b5b829ca0 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -12,10 +12,6 @@ def verify_credentials(%{assigns: %{user: user}} = conn, _params) do |> json_reply(200, response) end - def status_update(conn, %{"status" => ""} = _status_data) do - empty_status_reply(conn) - end - def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do if status_text |> String.trim |> String.length != 0 do media_ids = extract_media_ids(status_data) From 22e936372e12879e97beac5d886566b1c6c4d55e Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Wed, 26 Apr 2017 08:55:00 +0200 Subject: [PATCH 3/3] Fix retweet spec. --- test/web/twitter_api/twitter_api_controller_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index eb952a230..6c249be7d 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -344,8 +344,8 @@ test "with credentials", %{conn: conn, user: current_user} do |> with_credentials(current_user.nickname, "test") |> post(request_path) activity = Repo.get(Activity, note_activity.id) - current_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) - assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: current_user}) + activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user}) end end