excluded invisible actors from gets /api/v1/accounts/:id

This commit is contained in:
Maksim Pechnikov 2019-11-04 20:44:24 +03:00
parent fee1276963
commit 4b7c11e3f9
6 changed files with 82 additions and 16 deletions

View file

@ -131,6 +131,8 @@ def auth_active?(%User{}), do: true
def visible_for?(user, for_user \\ nil)
def visible_for?(%User{invisible: true}, _), do: false
def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true
def visible_for?(%User{} = user, for_user) do
@ -1314,22 +1316,23 @@ def get_or_fetch_by_ap_id(ap_id) do
end
end
@doc "Creates an internal service actor by URI if missing. Optionally takes nickname for addressing."
@doc """
Creates an internal service actor by URI if missing.
Optionally takes nickname for addressing.
"""
def get_or_create_service_actor_by_ap_id(uri, nickname \\ nil) do
with %User{} = user <- get_cached_by_ap_id(uri) do
user
else
_ ->
{:ok, user} =
%User{}
|> cast(%{}, [:ap_id, :nickname, :local])
|> put_change(:ap_id, uri)
|> put_change(:nickname, nickname)
|> put_change(:local, true)
|> put_change(:follower_address, uri <> "/followers")
|> Repo.insert()
with user when is_nil(user) <- get_cached_by_ap_id(uri) do
{:ok, user} =
%User{
invisible: true,
local: true,
ap_id: uri,
nickname: nickname,
follower_address: uri <> "/followers"
}
|> Repo.insert()
user
user
end
end

View file

@ -14,7 +14,6 @@ def get_actor do
relay_ap_id()
|> User.get_or_create_service_actor_by_ap_id()
{:ok, actor} = User.set_invisible(actor, true)
actor
end

View file

@ -238,7 +238,7 @@ def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, [])
@doc "GET /api/v1/accounts/:id"
def show(%{assigns: %{user: for_user}} = conn, %{"id" => nickname_or_id}) do
with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user),
true <- User.auth_active?(user) || user.id == for_user.id || User.superuser?(for_user) do
true <- User.visible_for?(user, for_user) do
render(conn, "show.json", user: user, for: for_user)
else
_e -> render_error(conn, :not_found, "Can't find user")

View file

@ -0,0 +1,22 @@
defmodule Pleroma.Repo.Migrations.SetVisibleServiceActors do
use Ecto.Migration
import Ecto.Query
alias Pleroma.Repo
def up do
user_nicknames = ["relay", "internal.fetch"]
from(
u in "users",
where: u.nickname in ^user_nicknames,
update: [
set: [invisible: true]
]
)
|> Repo.update_all([])
end
def down do
:ok
end
end

View file

@ -25,6 +25,25 @@ defmodule Pleroma.UserTest do
clear_config([:instance, :account_activation_required])
describe "service actors" do
test "returns invisible actor" do
uri = "#{Pleroma.Web.Endpoint.url()}/internal/fetch-test"
followers_uri = "#{uri}/followers"
user = User.get_or_create_service_actor_by_ap_id(uri, "internal.fetch-test")
assert %User{
nickname: "internal.fetch-test",
invisible: true,
local: true,
ap_id: ^uri,
follower_address: ^followers_uri
} = user
user2 = User.get_or_create_service_actor_by_ap_id(uri, "internal.fetch-test")
assert user.id == user2.id
end
end
describe "when tags are nil" do
test "tagging a user" do
user = insert(:user, %{tags: nil})

View file

@ -8,6 +8,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
alias Pleroma.Repo
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.InternalFetchActor
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.OAuth.Token
@ -118,6 +119,28 @@ test "accounts fetches correct account for nicknames beginning with numbers", %{
refute acc_one == acc_two
assert acc_two == acc_three
end
test "returns 404 when user is invisible", %{conn: conn} do
user = insert(:user, %{invisible: true})
resp =
conn
|> get("/api/v1/accounts/#{user.nickname}")
|> json_response(404)
assert %{"error" => "Can't find user"} = resp
end
test "returns 404 for internal.fetch actor", %{conn: conn} do
%User{nickname: "internal.fetch"} = InternalFetchActor.get_actor()
resp =
conn
|> get("/api/v1/accounts/internal.fetch")
|> json_response(404)
assert %{"error" => "Can't find user"} = resp
end
end
describe "user timelines" do