mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2024-12-23 08:36:29 +00:00
Tests to validate client disclosure obeys user setting
This commit is contained in:
parent
83301fe61a
commit
63739c5a58
2 changed files with 27 additions and 5 deletions
|
@ -420,9 +420,13 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do
|
defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do
|
||||||
|
if user.disclose_client do
|
||||||
%{client_name: client_name, website: website} = Repo.preload(token, :app).app
|
%{client_name: client_name, website: website} = Repo.preload(token, :app).app
|
||||||
Map.put(params, :application, %{name: client_name, website: website})
|
Map.put(params, :application, %{name: client_name, website: website})
|
||||||
|
else
|
||||||
|
Map.put(params, :application, nil)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp put_application(params, _), do: Map.put(params, :application, nil)
|
defp put_application(params, _), do: Map.put(params, :application, nil)
|
||||||
|
|
|
@ -358,8 +358,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
|
||||||
assert activity.data["cc"] == []
|
assert activity.data["cc"] == []
|
||||||
end
|
end
|
||||||
|
|
||||||
test "preserves client application metadata" do
|
test "discloses application metadata when enabled" do
|
||||||
%{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"])
|
user = insert(:user, disclose_client: true)
|
||||||
|
%{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
|
||||||
|
|
||||||
%Pleroma.Web.OAuth.Token{
|
%Pleroma.Web.OAuth.Token{
|
||||||
app: %Pleroma.Web.OAuth.App{
|
app: %Pleroma.Web.OAuth.App{
|
||||||
|
@ -383,6 +384,23 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
|
||||||
}
|
}
|
||||||
} = json_response_and_validate_schema(result, 200)
|
} = json_response_and_validate_schema(result, 200)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "hides application metadata when disabled" do
|
||||||
|
user = insert(:user, disclose_client: false)
|
||||||
|
%{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
|
||||||
|
|
||||||
|
result =
|
||||||
|
conn
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> post("/api/v1/statuses", %{
|
||||||
|
"status" => "club mate is my wingman"
|
||||||
|
})
|
||||||
|
|
||||||
|
assert %{
|
||||||
|
"content" => "club mate is my wingman",
|
||||||
|
"application" => nil
|
||||||
|
} = json_response_and_validate_schema(result, 200)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "posting scheduled statuses" do
|
describe "posting scheduled statuses" do
|
||||||
|
|
Loading…
Reference in a new issue