|> select([r, u], u.follower_address)
|> Repo.all()
- if not user.local or user.nickname in [nil, "internal.fetch"] do
+ if not user.local or user.invisible do
following
else
[user.follower_address | following]
def visible_for?(user, for_user \\ nil)
+ def visible_for?(%User{invisible: true}, _), do: false
+
def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true
def visible_for?(%User{} = user, for_user) do
end
end
- @doc "Creates an internal service actor by URI if missing. Optionally takes nickname for addressing."
+ @doc """
+ Creates an internal service actor by URI if missing.
+ Optionally takes nickname for addressing.
+ """
def get_or_create_service_actor_by_ap_id(uri, nickname \\ nil) do
- with %User{} = user <- get_cached_by_ap_id(uri) do
- user
- else
- _ ->
- {:ok, user} =
- %User{}
- |> cast(%{}, [:ap_id, :nickname, :local])
- |> put_change(:ap_id, uri)
- |> put_change(:nickname, nickname)
- |> put_change(:local, true)
- |> put_change(:follower_address, uri <> "/followers")
- |> Repo.insert()
+ with user when is_nil(user) <- get_cached_by_ap_id(uri) do
+ {:ok, user} =
+ %User{
+ invisible: true,
+ local: true,
+ ap_id: uri,
+ nickname: nickname,
+ follower_address: uri <> "/followers"
+ }
+ |> Repo.insert()
- user
+ user
end
end
for_user
|> base_query(following)
|> filter_blocked_user(for_user)
+ |> filter_invisible_users()
|> filter_blocked_domains(for_user)
|> fts_search(query_string)
|> trigram_rank(query_string)
defp base_query(_user, false), do: User
defp base_query(user, true), do: User.get_followers_query(user)
+ defp filter_invisible_users(query) do
+ from(q in query, where: q.invisible == false)
+ end
+
defp filter_blocked_user(query, %User{blocks: blocks})
when length(blocks) > 0 do
from(q in query, where: not (q.ap_id in ^blocks))
relay_ap_id()
|> User.get_or_create_service_actor_by_ap_id()
- {:ok, actor} = User.set_invisible(actor, true)
actor
end
@doc "GET /api/v1/accounts/:id"
def show(%{assigns: %{user: for_user}} = conn, %{"id" => nickname_or_id}) do
with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user),
- true <- User.auth_active?(user) || user.id == for_user.id || User.superuser?(for_user) do
+ true <- User.visible_for?(user, for_user) do
render(conn, "show.json", user: user, for: for_user)
else
_e -> render_error(conn, :not_found, "Can't find user")
--- /dev/null
+defmodule Pleroma.Repo.Migrations.SetVisibleServiceActors do
+ use Ecto.Migration
+ import Ecto.Query
+ alias Pleroma.Repo
+
+ def up do
+ user_nicknames = ["relay", "internal.fetch"]
+
+ from(
+ u in "users",
+ where: u.nickname in ^user_nicknames,
+ update: [
+ set: [invisible: true]
+ ]
+ )
+ |> Repo.update_all([])
+ end
+
+ def down do
+ :ok
+ end
+end
--- /dev/null
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.FollowingRelationshipTest do
+ use Pleroma.DataCase
+
+ alias Pleroma.FollowingRelationship
+ alias Pleroma.Web.ActivityPub.InternalFetchActor
+ alias Pleroma.Web.ActivityPub.Relay
+
+ import Pleroma.Factory
+
+ describe "following/1" do
+ test "returns following addresses without internal.fetch" do
+ user = insert(:user)
+ fetch_actor = InternalFetchActor.get_actor()
+ FollowingRelationship.follow(fetch_actor, user, "accept")
+ assert FollowingRelationship.following(fetch_actor) == [user.follower_address]
+ end
+
+ test "returns following addresses without relay" do
+ user = insert(:user)
+ relay_actor = Relay.get_actor()
+ FollowingRelationship.follow(relay_actor, user, "accept")
+ assert FollowingRelationship.following(relay_actor) == [user.follower_address]
+ end
+
+ test "returns following addresses without remote user" do
+ user = insert(:user)
+ actor = insert(:user, local: false)
+ FollowingRelationship.follow(actor, user, "accept")
+ assert FollowingRelationship.following(actor) == [user.follower_address]
+ end
+
+ test "returns following addresses with local user" do
+ user = insert(:user)
+ actor = insert(:user, local: true)
+ FollowingRelationship.follow(actor, user, "accept")
+
+ assert FollowingRelationship.following(actor) == [
+ actor.follower_address,
+ user.follower_address
+ ]
+ end
+ end
+end
end
describe "User.search" do
+ test "excluded invisible users from results" do
+ user = insert(:user, %{nickname: "john t1000"})
+ insert(:user, %{invisible: true, nickname: "john t800"})
+
+ [found_user] = User.search("john")
+ assert found_user.id == user.id
+ end
+
test "accepts limit parameter" do
Enum.each(0..4, &insert(:user, %{nickname: "john#{&1}"}))
assert length(User.search("john", limit: 3)) == 3
clear_config([:instance, :account_activation_required])
+ describe "service actors" do
+ test "returns invisible actor" do
+ uri = "#{Pleroma.Web.Endpoint.url()}/internal/fetch-test"
+ followers_uri = "#{uri}/followers"
+ user = User.get_or_create_service_actor_by_ap_id(uri, "internal.fetch-test")
+
+ assert %User{
+ nickname: "internal.fetch-test",
+ invisible: true,
+ local: true,
+ ap_id: ^uri,
+ follower_address: ^followers_uri
+ } = user
+
+ user2 = User.get_or_create_service_actor_by_ap_id(uri, "internal.fetch-test")
+ assert user.id == user2.id
+ end
+ end
+
describe "when tags are nil" do
test "tagging a user" do
user = insert(:user, %{tags: nil})
alias Pleroma.Repo
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.InternalFetchActor
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.OAuth.Token
refute acc_one == acc_two
assert acc_two == acc_three
end
+
+ test "returns 404 when user is invisible", %{conn: conn} do
+ user = insert(:user, %{invisible: true})
+
+ resp =
+ conn
+ |> get("/api/v1/accounts/#{user.nickname}")
+ |> json_response(404)
+
+ assert %{"error" => "Can't find user"} = resp
+ end
+
+ test "returns 404 for internal.fetch actor", %{conn: conn} do
+ %User{nickname: "internal.fetch"} = InternalFetchActor.get_actor()
+
+ resp =
+ conn
+ |> get("/api/v1/accounts/internal.fetch")
+ |> json_response(404)
+
+ assert %{"error" => "Can't find user"} = resp
+ end
end
describe "user timelines" do
projects / akkoma / commitdiff