Restrict thread statuses that contain user's irreversible filters

This commit is contained in:
Sergey Suprunenko 2019-11-25 16:59:55 +01:00 committed by Alexander Strizhakov
parent 5af1bf443d
commit 8277b29790
No known key found for this signature in database
GPG key ID: 022896A53AEF1381
4 changed files with 35 additions and 4 deletions

View file

@ -20,6 +20,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Streaming: Repeats of a user's posts will no longer be pushed to the user's stream.
- Mastodon API: Added `pleroma.metadata.fields_limits` to /api/v1/instance
- Mastodon API: On deletion, returns the original post text.
- Mastodon API: Add `pleroma.unread_count` to the Marker entity.
</details>
<details>
@ -58,8 +59,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: Extended `/api/v1/instance`.
- Mastodon API: Support for `include_types` in `/api/v1/notifications`.
- Mastodon API: Added `/api/v1/notifications/:id/dismiss` endpoint.
- Mastodon API: Add support for filtering replies in public and home timelines
- Mastodon API: Support for `bot` field in `/api/v1/accounts/update_credentials`
- Mastodon API: Add support for filtering replies in public and home timelines.
- Mastodon API: Support for `bot` field in `/api/v1/accounts/update_credentials`.
- Mastodon API: Support irreversible property for filters.
- Admin API: endpoints for create/update/delete OAuth Apps.
- Admin API: endpoint for status view.
- OTP: Add command to reload emoji packs
@ -214,7 +216,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Mastodon API: `pleroma.thread_muted` to the Status entity
- Mastodon API: Mark the direct conversation as read for the author when they send a new direct message
- Mastodon API, streaming: Add `pleroma.direct_conversation_id` to the `conversation` stream event payload.
- Mastodon API: Add `pleroma.unread_count` to the Marker entity
- Admin API: Render whole status in grouped reports
- Mastodon API: User timelines will now respect blocks, unless you are getting the user timeline of somebody you blocked (which would be empty otherwise).
- Mastodon API: Favoriting / Repeating a post multiple times will now return the identical response every time. Before, executing that action twice would return an error ("already favorited") on the second try.

View file

@ -447,6 +447,7 @@ def fetch_activities_for_context_query(context, opts) do
|> maybe_set_thread_muted_field(opts)
|> restrict_blocked(opts)
|> restrict_recipients(recipients, opts[:user])
|> restrict_filtered(opts)
|> where(
[activity],
fragment(
@ -1112,6 +1113,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do
|> restrict_favorited_by(opts)
|> restrict_blocked(restrict_blocked_opts)
|> restrict_muted(restrict_muted_opts)
|> restrict_filtered(opts)
|> restrict_media(opts)
|> restrict_visibility(opts)
|> restrict_thread_visibility(opts, config)

View file

@ -1147,7 +1147,7 @@ test "it returns notifications about mentiones with not hidden filtered word", %
insert(:filter, user: user, phrase: "test", hide: false)
another_user = insert(:user)
{:ok, _activity} = CommonAPI.post(another_user, %{"status" => "@#{user.nickname} test"})
{:ok, _} = CommonAPI.post(another_user, %{"status" => "@#{user.nickname} test"})
assert length(Notification.for_user(user)) == 1
end

View file

@ -507,6 +507,34 @@ test "retrieves activities that have a given context" do
activities = ActivityPub.fetch_activities_for_context("2hu", %{blocking_user: user})
assert activities == [activity_two, activity]
end
test "doesn't return activities with filtered words" do
user = insert(:user)
user_two = insert(:user)
insert(:filter, user: user, phrase: "test", hide: true)
{:ok, %{id: id1, data: %{"context" => context}}} = CommonAPI.post(user, %{"status" => "1"})
{:ok, %{id: id2}} =
CommonAPI.post(user_two, %{"status" => "2", "in_reply_to_status_id" => id1})
{:ok, %{id: id3} = user_activity} =
CommonAPI.post(user, %{"status" => "3 test?", "in_reply_to_status_id" => id2})
{:ok, %{id: id4} = filtered_activity} =
CommonAPI.post(user_two, %{"status" => "4 test!", "in_reply_to_status_id" => id3})
{:ok, _} = CommonAPI.post(user, %{"status" => "5", "in_reply_to_status_id" => id4})
activities =
context
|> ActivityPub.fetch_activities_for_context(%{"user" => user})
|> Enum.map(& &1.id)
assert length(activities) == 4
assert user_activity.id in activities
refute filtered_activity.id in activities
end
end
test "doesn't return blocked activities" do