Merge branch 'bugfix/deny-empty-posts' of ssh.gitgud.io:dtluna/pleroma into bugfix...

diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index 4d21ce9d36334d2c2f2a08e34a5272b1344efdeb..19de0665c5eb56a3730cc0e81beb5d2dae59a69a 100644 (file)
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -12,13 +12,25 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     |> json_reply(200, response)
   end
 
-  def status_update(%{assigns: %{user: user}} = conn, status_data) do
+  def status_update(conn, %{"status" => ""} = _status_data) do
+    empty_status_reply(conn)
+  end
+
+  def status_update(%{assigns: %{user: user}} = conn, %{"status" => _status_text} = status_data) do
     media_ids = extract_media_ids(status_data)
     {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids",  media_ids ))
     conn
     |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user}))
   end
 
+  def status_update(conn, _status_data) do
+    empty_status_reply(conn)
+  end
+
+  defp empty_status_reply(conn) do
+    bad_request_reply(conn, "Client must provide a 'status' parameter with a value.")
+  end
+
   defp extract_media_ids(status_data) do
     with media_ids when not is_nil(media_ids) <- status_data["media_ids"],
          split_ids <- String.split(media_ids, ","),
@@ -182,7 +194,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   end
 
   defp bad_request_reply(conn, error_message) do
-    json = Poison.encode!(%{"error" => error_message})
+    json = error_json(conn, error_message)
     json_reply(conn, 400, json)
   end
 
@@ -193,9 +205,11 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   end
 
   defp forbidden_json_reply(conn, error_message) do
-    json = %{"error" => error_message, "request" => conn.request_path}
-    |> Poison.encode!
-
+    json = error_json(conn, error_message)
     json_reply(conn, 403, json)
   end
+
+  defp error_json(conn, error_message) do
+    %{"error" => error_message, "request" => conn.request_path} |> Poison.encode!
+  end
 end

diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index 0761d05669b15a50c38b6f21b812b271a8ac7efc..0bd27c8c706e696d9f668bc9b331f7a2891ae2ff 100644 (file)
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -31,10 +31,18 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     end
 
     test "with credentials", %{conn: conn, user: user} do
-      conn = conn
-        |> with_credentials(user.nickname, "test")
-        |> post("/api/statuses/update.json", %{ status: "Nice meme." })
+      conn_with_creds = conn |> with_credentials(user.nickname, "test")
+      request_path = "/api/statuses/update.json"
+
+      error_response = %{"request" => request_path,
+                         "error" => "Client must provide a 'status' parameter with a value."}
+      conn = conn_with_creds |> post(request_path)
+      assert json_response(conn, 400) == error_response
+
+      conn = conn_with_creds |> post(request_path, %{ status: "" })
+      assert json_response(conn, 400) == error_response
 
+      conn =  conn_with_creds |> post(request_path, %{ status: "Nice meme." })
       assert json_response(conn, 200) == ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
     end
   end
@@ -139,7 +147,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     setup [:valid_user]
     test "without any params", %{conn: conn} do
       conn = get(conn, "/api/statuses/user_timeline.json")
-      assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id"}
+      assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id", "request" => "/api/statuses/user_timeline.json"}
     end
 
     test "with user_id", %{conn: conn} do