Merge branch 'fix/double-rt-or-fav' into 'develop'

Prevent accidental double RTs or favorites

See merge request pleroma/pleroma!542
This commit is contained in:
lambda 2018-12-14 08:26:08 +00:00
commit 262cc6d44b
2 changed files with 44 additions and 2 deletions

View file

@ -1,6 +1,7 @@
defmodule Pleroma.Web.CommonAPI do defmodule Pleroma.Web.CommonAPI do
alias Pleroma.{User, Repo, Activity, Object} alias Pleroma.{User, Repo, Activity, Object}
alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Formatter alias Pleroma.Formatter
import Pleroma.Web.CommonAPI.Utils import Pleroma.Web.CommonAPI.Utils
@ -16,7 +17,8 @@ defmodule Pleroma.Web.CommonAPI do
def repeat(id_or_ap_id, user) do def repeat(id_or_ap_id, user) do
with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id), with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
object <- Object.normalize(activity.data["object"]["id"]) do object <- Object.normalize(activity.data["object"]["id"]),
nil <- Utils.get_existing_announce(user.ap_id, object) do
ActivityPub.announce(user, object) ActivityPub.announce(user, object)
else else
_ -> _ ->
@ -36,7 +38,8 @@ defmodule Pleroma.Web.CommonAPI do
def favorite(id_or_ap_id, user) do def favorite(id_or_ap_id, user) do
with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id), with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
object <- Object.normalize(activity.data["object"]["id"]) do object <- Object.normalize(activity.data["object"]["id"]),
nil <- Utils.get_existing_like(user.ap_id, object) do
ActivityPub.like(user, object) ActivityPub.like(user, object)
else else
_ -> _ ->

View file

@ -2,6 +2,7 @@ defmodule Pleroma.Web.CommonAPI.Test do
use Pleroma.DataCase use Pleroma.DataCase
alias Pleroma.Web.CommonAPI alias Pleroma.Web.CommonAPI
alias Pleroma.User alias Pleroma.User
alias Pleroma.Activity
import Pleroma.Factory import Pleroma.Factory
@ -53,4 +54,42 @@ defmodule Pleroma.Web.CommonAPI.Test do
assert content == "<p><b>2hu</b></p>alert('xss')" assert content == "<p><b>2hu</b></p>alert('xss')"
end end
end end
describe "reactions" do
test "repeating a status" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
{:ok, %Activity{}, _} = CommonAPI.repeat(activity.id, user)
end
test "favoriting a status" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
{:ok, %Activity{}, _} = CommonAPI.favorite(activity.id, user)
end
test "retweeting a status twice returns an error" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
{:ok, %Activity{}, _object} = CommonAPI.repeat(activity.id, user)
{:error, _} = CommonAPI.repeat(activity.id, user)
end
test "favoriting a status twice returns an error" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
{:ok, %Activity{}, _object} = CommonAPI.favorite(activity.id, user)
{:error, _} = CommonAPI.favorite(activity.id, user)
end
end
end end