1
0
Fork 0
forked from mirrors/akkoma

Tests to validate client disclosure obeys user setting

This commit is contained in:
Mark Felder 2021-02-18 17:23:17 -06:00
parent 83301fe61a
commit 63739c5a58
2 changed files with 27 additions and 5 deletions

View file

@ -420,9 +420,13 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
) )
end end
defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do
%{client_name: client_name, website: website} = Repo.preload(token, :app).app if user.disclose_client do
Map.put(params, :application, %{name: client_name, website: website}) %{client_name: client_name, website: website} = Repo.preload(token, :app).app
Map.put(params, :application, %{name: client_name, website: website})
else
Map.put(params, :application, nil)
end
end end
defp put_application(params, _), do: Map.put(params, :application, nil) defp put_application(params, _), do: Map.put(params, :application, nil)

View file

@ -358,8 +358,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert activity.data["cc"] == [] assert activity.data["cc"] == []
end end
test "preserves client application metadata" do test "discloses application metadata when enabled" do
%{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"]) user = insert(:user, disclose_client: true)
%{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
%Pleroma.Web.OAuth.Token{ %Pleroma.Web.OAuth.Token{
app: %Pleroma.Web.OAuth.App{ app: %Pleroma.Web.OAuth.App{
@ -383,6 +384,23 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
} }
} = json_response_and_validate_schema(result, 200) } = json_response_and_validate_schema(result, 200)
end end
test "hides application metadata when disabled" do
user = insert(:user, disclose_client: false)
%{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
result =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/statuses", %{
"status" => "club mate is my wingman"
})
assert %{
"content" => "club mate is my wingman",
"application" => nil
} = json_response_and_validate_schema(result, 200)
end
end end
describe "posting scheduled statuses" do describe "posting scheduled statuses" do