forked from AkkomaGang/akkoma
Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into develop
This commit is contained in:
commit
0590d16089
2 changed files with 61 additions and 57 deletions
|
@ -16,6 +16,7 @@ defmodule Pleroma.User do
|
|||
alias Pleroma.Conversation.Participation
|
||||
alias Pleroma.Delivery
|
||||
alias Pleroma.FollowingRelationship
|
||||
alias Pleroma.Formatter
|
||||
alias Pleroma.HTML
|
||||
alias Pleroma.Keys
|
||||
alias Pleroma.Notification
|
||||
|
@ -452,7 +453,7 @@ defp put_fields(changeset) do
|
|||
|
||||
fields =
|
||||
raw_fields
|
||||
|> Enum.map(fn f -> Map.update!(f, "value", &AutoLinker.link(&1)) end)
|
||||
|> Enum.map(fn f -> Map.update!(f, "value", &parse_fields(&1)) end)
|
||||
|
||||
changeset
|
||||
|> put_change(:raw_fields, raw_fields)
|
||||
|
@ -462,6 +463,12 @@ defp put_fields(changeset) do
|
|||
end
|
||||
end
|
||||
|
||||
defp parse_fields(value) do
|
||||
value
|
||||
|> Formatter.linkify(mentions_format: :full)
|
||||
|> elem(0)
|
||||
end
|
||||
|
||||
defp put_change_if_present(changeset, map_field, value_function) do
|
||||
if value = get_change(changeset, map_field) do
|
||||
with {:ok, new_value} <- value_function.(value) do
|
||||
|
@ -1979,17 +1986,6 @@ def fields(%{fields: nil}), do: []
|
|||
|
||||
def fields(%{fields: fields}), do: fields
|
||||
|
||||
def sanitized_fields(%User{} = user) do
|
||||
user
|
||||
|> User.fields()
|
||||
|> Enum.map(fn %{"name" => name, "value" => value} ->
|
||||
%{
|
||||
"name" => name,
|
||||
"value" => Pleroma.HTML.filter_tags(value, Pleroma.HTML.Scrubber.LinksOnly)
|
||||
}
|
||||
end)
|
||||
end
|
||||
|
||||
def validate_fields(changeset, remote? \\ false) do
|
||||
limit_name = if remote?, do: :max_remote_account_fields, else: :max_account_fields
|
||||
limit = Pleroma.Config.get([:instance, limit_name], 0)
|
||||
|
|
|
@ -273,7 +273,7 @@ test "updates profile emojos", %{user: user, conn: conn} do
|
|||
test "update fields", %{conn: conn} do
|
||||
fields = [
|
||||
%{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
|
||||
%{"name" => "link", "value" => "cofe.io"}
|
||||
%{"name" => "link.io", "value" => "cofe.io"}
|
||||
]
|
||||
|
||||
account_data =
|
||||
|
@ -283,7 +283,10 @@ test "update fields", %{conn: conn} do
|
|||
|
||||
assert account_data["fields"] == [
|
||||
%{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "bar"},
|
||||
%{"name" => "link", "value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)}
|
||||
%{
|
||||
"name" => "link.io",
|
||||
"value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)
|
||||
}
|
||||
]
|
||||
|
||||
assert account_data["source"]["fields"] == [
|
||||
|
@ -291,14 +294,16 @@ test "update fields", %{conn: conn} do
|
|||
"name" => "<a href=\"http://google.com\">foo</a>",
|
||||
"value" => "<script>bar</script>"
|
||||
},
|
||||
%{"name" => "link", "value" => "cofe.io"}
|
||||
%{"name" => "link.io", "value" => "cofe.io"}
|
||||
]
|
||||
end
|
||||
|
||||
test "update fields via x-www-form-urlencoded", %{conn: conn} do
|
||||
fields =
|
||||
[
|
||||
"fields_attributes[1][name]=link",
|
||||
"fields_attributes[1][value]=cofe.io",
|
||||
"fields_attributes[0][name]=<a href=\"http://google.com\">foo</a>",
|
||||
"fields_attributes[1][value]=http://cofe.io",
|
||||
"fields_attributes[0][name]=foo",
|
||||
"fields_attributes[0][value]=bar"
|
||||
]
|
||||
|> Enum.join("&")
|
||||
|
@ -310,51 +315,20 @@ test "update fields", %{conn: conn} do
|
|||
|> json_response(200)
|
||||
|
||||
assert account["fields"] == [
|
||||
%{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "bar"},
|
||||
%{"name" => "link", "value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)}
|
||||
%{"name" => "foo", "value" => "bar"},
|
||||
%{
|
||||
"name" => "link",
|
||||
"value" => ~S(<a href="http://cofe.io" rel="ugc">http://cofe.io</a>)
|
||||
}
|
||||
]
|
||||
|
||||
assert account["source"]["fields"] == [
|
||||
%{
|
||||
"name" => "<a href=\"http://google.com\">foo</a>",
|
||||
"value" => "bar"
|
||||
},
|
||||
%{"name" => "link", "value" => "cofe.io"}
|
||||
%{"name" => "foo", "value" => "bar"},
|
||||
%{"name" => "link", "value" => "http://cofe.io"}
|
||||
]
|
||||
end
|
||||
|
||||
name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
|
||||
value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
|
||||
|
||||
long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
|
||||
|
||||
fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
|
||||
long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
|
||||
|
||||
fields = [%{"name" => long_name, "value" => "bar"}]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
|
||||
Pleroma.Config.put([:instance, :max_account_fields], 1)
|
||||
|
||||
fields = [
|
||||
%{"name" => "<b>foo<b>", "value" => "<i>bar</i>"},
|
||||
%{"name" => "link", "value" => "cofe.io"}
|
||||
]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
|
||||
test "update fields with empty name", %{conn: conn} do
|
||||
fields = [
|
||||
%{"name" => "foo", "value" => ""},
|
||||
%{"name" => "", "value" => "bar"}
|
||||
|
@ -369,5 +343,39 @@ test "update fields", %{conn: conn} do
|
|||
%{"name" => "foo", "value" => ""}
|
||||
]
|
||||
end
|
||||
|
||||
test "update fields when invalid request", %{conn: conn} do
|
||||
name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
|
||||
value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
|
||||
|
||||
long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
|
||||
long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
|
||||
|
||||
fields = [%{"name" => "foo", "value" => long_value}]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
|
||||
fields = [%{"name" => long_name, "value" => "bar"}]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
|
||||
Pleroma.Config.put([:instance, :max_account_fields], 1)
|
||||
|
||||
fields = [
|
||||
%{"name" => "foo", "value" => "bar"},
|
||||
%{"name" => "link", "value" => "cofe.io"}
|
||||
]
|
||||
|
||||
assert %{"error" => "Invalid request"} ==
|
||||
conn
|
||||
|> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
|
||||
|> json_response(403)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue