From 9ea51a6de516b37341a9566d11d0110c2d87c1b6 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Thu, 23 Jul 2020 15:08:30 +0300 Subject: [PATCH] [#2791] AccountView: renamed `:force` option to `:skip_visibility_check`. --- lib/pleroma/web/activity_pub/utils.ex | 2 +- .../web/admin_api/views/account_view.ex | 2 +- lib/pleroma/web/chat_channel.ex | 2 +- .../web/mastodon_api/views/account_view.ex | 8 +++-- .../web/pleroma_api/views/chat_view.ex | 2 +- test/web/activity_pub/activity_pub_test.exs | 3 +- test/web/activity_pub/transmogrifier_test.exs | 2 +- test/web/activity_pub/utils_test.exs | 3 +- test/web/admin_api/views/report_view_test.exs | 14 ++++++--- .../mastodon_api/views/account_view_test.exs | 30 +++++++++++-------- .../mastodon_api/views/status_view_test.exs | 2 +- test/web/pleroma_api/views/chat_view_test.exs | 3 +- 12 files changed, 44 insertions(+), 29 deletions(-) diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index 11c64cffd..713b0ca1f 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -729,7 +729,7 @@ defp build_flag_object(act) when is_map(act) or is_binary(act) do "actor" => AccountView.render( "show.json", - %{user: activity_actor, force: true} + %{user: activity_actor, skip_visibility_check: true} ) } diff --git a/lib/pleroma/web/admin_api/views/account_view.ex b/lib/pleroma/web/admin_api/views/account_view.ex index 4ae030b84..88fbb5315 100644 --- a/lib/pleroma/web/admin_api/views/account_view.ex +++ b/lib/pleroma/web/admin_api/views/account_view.ex @@ -105,7 +105,7 @@ def render("create-error.json", %{changeset: %Ecto.Changeset{changes: changes, e end def merge_account_views(%User{} = user) do - MastodonAPI.AccountView.render("show.json", %{user: user, force: true}) + MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}) |> Map.merge(AdminAPI.AccountView.render("show.json", %{user: user})) end diff --git a/lib/pleroma/web/chat_channel.ex b/lib/pleroma/web/chat_channel.ex index 08d0e80f9..3b1469c19 100644 --- a/lib/pleroma/web/chat_channel.ex +++ b/lib/pleroma/web/chat_channel.ex @@ -24,7 +24,7 @@ def handle_in("new_msg", %{"text" => text}, %{assigns: %{user_name: user_name}} if String.length(text) in 1..Pleroma.Config.get([:instance, :chat_limit]) do author = User.get_cached_by_nickname(user_name) - author_json = AccountView.render("show.json", user: author, force: true) + author_json = AccountView.render("show.json", user: author, skip_visibility_check: true) message = ChatChannelState.add_message(%{text: text, author: author_json}) diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index b929d5a03..864c0417f 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -39,11 +39,12 @@ def render("index.json", %{users: users} = opts) do @doc """ Renders specified user account. - :force option skips visibility check and renders any user (local or remote) + :skip_visibility_check option skips visibility check and renders any user (local or remote) regardless of [:pleroma, :restrict_unauthenticated] setting. :for option specifies the requester and can be a User record or nil. + Only use `user: user, for: user` when `user` is the actual requester of own profile. """ - def render("show.json", %{user: _user, force: true} = opts) do + def render("show.json", %{user: _user, skip_visibility_check: true} = opts) do do_render("show.json", opts) end @@ -56,7 +57,8 @@ def render("show.json", %{user: user, for: for_user_or_nil} = opts) do end def render("show.json", _) do - raise "In order to prevent account accessibility issues, :force or :for option is required." + raise "In order to prevent account accessibility issues, " <> + ":skip_visibility_check or :for option is required." end def render("mention.json", %{user: user}) do diff --git a/lib/pleroma/web/pleroma_api/views/chat_view.ex b/lib/pleroma/web/pleroma_api/views/chat_view.ex index 2ae7c8122..04dc20d51 100644 --- a/lib/pleroma/web/pleroma_api/views/chat_view.ex +++ b/lib/pleroma/web/pleroma_api/views/chat_view.ex @@ -38,7 +38,7 @@ defp account_view_opts(opts, recipient) do if Map.has_key?(account_view_opts, :for) do account_view_opts else - Map.put(account_view_opts, :force, true) + Map.put(account_view_opts, :skip_visibility_check, true) end end end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 34905a928..d6eab7337 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -1179,7 +1179,8 @@ test "it can create a Flag activity", "id" => activity_ap_id, "content" => content, "published" => activity_with_object.object.data["published"], - "actor" => AccountView.render("show.json", %{user: target_account, force: true}) + "actor" => + AccountView.render("show.json", %{user: target_account, skip_visibility_check: true}) } assert %Activity{ diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 01e18eace..2d089b19b 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -710,7 +710,7 @@ test "it accepts Flag activities" do "id" => activity.data["id"], "content" => "test post", "published" => object.data["published"], - "actor" => AccountView.render("show.json", %{user: user, force: true}) + "actor" => AccountView.render("show.json", %{user: user, skip_visibility_check: true}) } message = %{ diff --git a/test/web/activity_pub/utils_test.exs b/test/web/activity_pub/utils_test.exs index ab984d486..d50213545 100644 --- a/test/web/activity_pub/utils_test.exs +++ b/test/web/activity_pub/utils_test.exs @@ -482,7 +482,8 @@ test "returns map with Flag object" do "id" => activity_ap_id, "content" => content, "published" => activity.object.data["published"], - "actor" => AccountView.render("show.json", %{user: target_account, force: true}) + "actor" => + AccountView.render("show.json", %{user: target_account, skip_visibility_check: true}) } assert %{ diff --git a/test/web/admin_api/views/report_view_test.exs b/test/web/admin_api/views/report_view_test.exs index e171509e5..5a02292be 100644 --- a/test/web/admin_api/views/report_view_test.exs +++ b/test/web/admin_api/views/report_view_test.exs @@ -24,12 +24,15 @@ test "renders a report" do content: nil, actor: Map.merge( - MastodonAPI.AccountView.render("show.json", %{user: user, force: true}), + MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}), AdminAPI.AccountView.render("show.json", %{user: user}) ), account: Map.merge( - MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}), + MastodonAPI.AccountView.render("show.json", %{ + user: other_user, + skip_visibility_check: true + }), AdminAPI.AccountView.render("show.json", %{user: other_user}) ), statuses: [], @@ -59,12 +62,15 @@ test "includes reported statuses" do content: nil, actor: Map.merge( - MastodonAPI.AccountView.render("show.json", %{user: user, force: true}), + MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}), AdminAPI.AccountView.render("show.json", %{user: user}) ), account: Map.merge( - MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}), + MastodonAPI.AccountView.render("show.json", %{ + user: other_user, + skip_visibility_check: true + }), AdminAPI.AccountView.render("show.json", %{user: other_user}) ), statuses: [StatusView.render("show.json", %{activity: activity})], diff --git a/test/web/mastodon_api/views/account_view_test.exs b/test/web/mastodon_api/views/account_view_test.exs index 2b18c2e43..8f37efa3c 100644 --- a/test/web/mastodon_api/views/account_view_test.exs +++ b/test/web/mastodon_api/views/account_view_test.exs @@ -95,7 +95,7 @@ test "Represent a user account" do } } - assert expected == AccountView.render("show.json", %{user: user, force: true}) + assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true}) end test "Favicon is nil when :instances_favicons is disabled" do @@ -108,12 +108,12 @@ test "Favicon is nil when :instances_favicons is disabled" do favicon: "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png" } - } = AccountView.render("show.json", %{user: user, force: true}) + } = AccountView.render("show.json", %{user: user, skip_visibility_check: true}) Config.put([:instances_favicons, :enabled], false) assert %{pleroma: %{favicon: nil}} = - AccountView.render("show.json", %{user: user, force: true}) + AccountView.render("show.json", %{user: user, skip_visibility_check: true}) end test "Represent the user account for the account owner" do @@ -190,7 +190,7 @@ test "Represent a Service(bot) account" do } } - assert expected == AccountView.render("show.json", %{user: user, force: true}) + assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true}) end test "Represent a Funkwhale channel" do @@ -199,7 +199,9 @@ test "Represent a Funkwhale channel" do "https://channels.tests.funkwhale.audio/federation/actors/compositions" ) - assert represented = AccountView.render("show.json", %{user: user, force: true}) + assert represented = + AccountView.render("show.json", %{user: user, skip_visibility_check: true}) + assert represented.acct == "compositions@channels.tests.funkwhale.audio" assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions" end @@ -224,7 +226,7 @@ test "Represent a smaller mention" do assert expected == AccountView.render("mention.json", %{user: user}) end - test "demands :for or :force option for account rendering" do + test "demands :for or :skip_visibility_check option for account rendering" do clear_config([:restrict_unauthenticated, :profiles, :local], false) user = insert(:user) @@ -232,9 +234,11 @@ test "demands :for or :force option for account rendering" do assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil}) assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user}) - assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, force: true}) - assert_raise RuntimeError, ~r/:force or :for option is required/, fn -> + assert %{id: ^user_id} = + AccountView.render("show.json", %{user: user, skip_visibility_check: true}) + + assert_raise RuntimeError, ~r/:skip_visibility_check or :for option is required/, fn -> AccountView.render("show.json", %{user: user}) end end @@ -361,13 +365,13 @@ test "returns the settings store if the requesting user is the represented user test "doesn't sanitize display names" do user = insert(:user, name: " username ") - result = AccountView.render("show.json", %{user: user, force: true}) + result = AccountView.render("show.json", %{user: user, skip_visibility_check: true}) assert result.display_name == " username " end test "never display nil user follow counts" do user = insert(:user, following_count: 0, follower_count: 0) - result = AccountView.render("show.json", %{user: user, force: true}) + result = AccountView.render("show.json", %{user: user, skip_visibility_check: true}) assert result.following_count == 0 assert result.followers_count == 0 @@ -391,7 +395,7 @@ test "shows when follows/followers stats are hidden and sets follow/follower cou followers_count: 0, following_count: 0, pleroma: %{hide_follows_count: true, hide_followers_count: true} - } = AccountView.render("show.json", %{user: user, force: true}) + } = AccountView.render("show.json", %{user: user, skip_visibility_check: true}) end test "shows when follows/followers are hidden" do @@ -404,7 +408,7 @@ test "shows when follows/followers are hidden" do followers_count: 1, following_count: 1, pleroma: %{hide_follows: true, hide_followers: true} - } = AccountView.render("show.json", %{user: user, force: true}) + } = AccountView.render("show.json", %{user: user, skip_visibility_check: true}) end test "shows actual follower/following count to the account owner" do @@ -547,7 +551,7 @@ test "uses mediaproxy urls when it's enabled" do emoji: %{"joker_smile" => "https://evil.website/society.png"} ) - AccountView.render("show.json", %{user: user, force: true}) + AccountView.render("show.json", %{user: user, skip_visibility_check: true}) |> Enum.all?(fn {key, url} when key in [:avatar, :avatar_static, :header, :header_static] -> String.starts_with?(url, Pleroma.Web.base_url()) diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs index d44e3f6e6..d97d818bb 100644 --- a/test/web/mastodon_api/views/status_view_test.exs +++ b/test/web/mastodon_api/views/status_view_test.exs @@ -177,7 +177,7 @@ test "a note activity" do id: to_string(note.id), uri: object_data["id"], url: Pleroma.Web.Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :notice, note), - account: AccountView.render("show.json", %{user: user, force: true}), + account: AccountView.render("show.json", %{user: user, skip_visibility_check: true}), in_reply_to_id: nil, in_reply_to_account_id: nil, card: nil, diff --git a/test/web/pleroma_api/views/chat_view_test.exs b/test/web/pleroma_api/views/chat_view_test.exs index 46d47cd4f..02484b705 100644 --- a/test/web/pleroma_api/views/chat_view_test.exs +++ b/test/web/pleroma_api/views/chat_view_test.exs @@ -26,7 +26,8 @@ test "it represents a chat" do assert represented_chat == %{ id: "#{chat.id}", - account: AccountView.render("show.json", user: recipient, force: true), + account: + AccountView.render("show.json", user: recipient, skip_visibility_check: true), unread: 0, last_message: nil, updated_at: Utils.to_masto_date(chat.updated_at)