Allow expires_at in filter requests
authorFloatingGhost <hannah@coffee-and-dreams.uk>
Thu, 9 Mar 2023 19:13:14 +0000 (19:13 +0000)
committerFloatingGhost <hannah@coffee-and-dreams.uk>
Thu, 9 Mar 2023 19:13:14 +0000 (19:13 +0000)
Fixes #492

lib/pleroma/web/api_spec/operations/filter_operation.ex
lib/pleroma/web/plugs/http_security_plug.ex
lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex
test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs
test/pleroma/web/o_auth/o_auth_controller_test.exs

index 5102921bc35eae7607554c2052ca45eea09190e3..ac0444aef46d1d305873e0a0ebca74774836574d 100644 (file)
@@ -225,6 +225,12 @@ defmodule Pleroma.Web.ApiSpec.FilterOperation do
           type: :integer,
           description:
             "Number of seconds from now the filter should expire. Otherwise, null for a filter that doesn't expire."
+        },
+        expires_at: %Schema{
+          nullable: true,
+          type: :string,
+          description:
+            "When the filter should no longer be applied. String (ISO 8601 Datetime), or null if the filter does not expire."
         }
       },
       required: [:phrase, :context],
index b1f1ada94c98553a49393bd69e790638d5372c48..6841b13aa35caeee7bbff998bd27832ba1836a20 100644 (file)
@@ -116,6 +116,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
 
     script_src = "script-src 'self' '#{nonce_tag}'"
 
+    script_src = if Mix.env() == :dev, do: [script_src, " 'unsafe-eval'"], else: script_src
+
     report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
     insecure = if scheme == "https", do: "upgrade-insecure-requests"
 
index 02c421831fa2620c6e2645450542bd9fdd55917f..6730c0ecc832b6f241165824592c3d2ee1c2938a 100644 (file)
@@ -19,6 +19,7 @@
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/getting_started.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/compose.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/home_timeline.js'>
+<link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/public_timeline.js'>
 <link rel='preload' as='script' crossorigin='anonymous' href='/packs/js/features/notifications.js'>
 <script crossorigin='anonymous' src="/packs/js/application.js"></script>
 
index 99f0374838a48d58cae3a4d585e5058ad4424d87..1d8a67e6b68c9444e5a689f00670d704b6afdf5e 100644 (file)
@@ -85,6 +85,40 @@ defmodule Pleroma.Web.MastodonAPI.FilterControllerTest do
 
       assert Repo.aggregate(Filter, :count, :id) == 0
     end
+
+    test "a filter with expires_at", %{conn: conn, user: user} do
+      response =
+        with_mock NaiveDateTime, [:passthrough], utc_now: fn -> ~N[2017-03-17 17:09:58] end do
+          conn
+          |> put_req_header("content-type", "application/json")
+          |> post("/api/v1/filters", %{
+            "phrase" => "bad memes",
+            context: ["home"],
+            expires_at: "2017-03-17T17:19:58.000Z"
+          })
+          |> json_response_and_validate_schema(200)
+        end
+
+      assert response["irreversible"] == false
+
+      assert response["expires_at"] == "2017-03-17T17:19:58.000Z"
+
+      filter = Filter.get(response["id"], user)
+
+      id = filter.id
+
+      assert_enqueued(
+        worker: PurgeExpiredFilter,
+        args: %{filter_id: filter.id}
+      )
+
+      assert {:ok, %{id: ^id}} =
+               perform_job(PurgeExpiredFilter, %{
+                 filter_id: filter.id
+               })
+
+      assert Repo.aggregate(Filter, :count, :id) == 0
+    end
   end
 
   test "fetching a list of filters" do
index 9924023fe8b9112470aadec83a4efc48f16285c1..c996a403ce30560af0fa4fc9f5f93bfdea4af4fc 100644 (file)
@@ -729,7 +729,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
     end
 
     test "redirects with oauth authorization, " <>
-         "granting requested app-supported scopes to moderators" do
+           "granting requested app-supported scopes to moderators" do
       app_scopes = ["read", "write", "admin", "secret_scope"]
       app = insert(:oauth_app, scopes: app_scopes)
       redirect_uri = OAuthController.default_redirect_uri(app)