From 86e4b48a5e053f7fc949c682c1d5c0c820b0dd58 Mon Sep 17 00:00:00 2001
From: eugenijm <eugenijm@protonmail.com>
Date: Mon, 4 Mar 2019 02:59:54 +0300
Subject: [PATCH] Fix DM visibility for blocking users
---
.../mastodon_api/mastodon_api_controller.ex | 15 +++++----
.../web/twitter_api/twitter_api_controller.ex | 15 +++++----
.../mastodon_api_controller_test.exs | 27 ++++++++++++++++
.../twitter_api_controller_test.exs | 31 ++++++++++++++++---
4 files changed, 72 insertions(+), 16 deletions(-)
diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
index 056be49b0..66d450251 100644
--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
@@ -292,13 +292,16 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
end
def dm_timeline(%{assigns: %{user: user}} = conn, params) do
- query =
- ActivityPub.fetch_activities_query(
- [user.ap_id],
- Map.merge(params, %{"type" => "Create", visibility: "direct"})
- )
+ params =
+ params
+ |> Map.put("type", "Create")
+ |> Map.put("blocking_user", user)
+ |> Map.put("user", user)
+ |> Map.put(:visibility, "direct")
- activities = Repo.all(query)
+ activities =
+ ActivityPub.fetch_activities_query([user.ap_id], params)
+ |> Repo.all()
conn
|> add_link_headers(:dm_timeline, activities)
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index de7b9f24c..5e4ebb8e8 100644
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -177,13 +177,16 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
end
def dm_timeline(%{assigns: %{user: user}} = conn, params) do
- query =
- ActivityPub.fetch_activities_query(
- [user.ap_id],
- Map.merge(params, %{"type" => "Create", "user" => user, visibility: "direct"})
- )
+ params =
+ params
+ |> Map.put("type", "Create")
+ |> Map.put("blocking_user", user)
+ |> Map.put("user", user)
+ |> Map.put(:visibility, "direct")
- activities = Repo.all(query)
+ activities =
+ ActivityPub.fetch_activities_query([user.ap_id], params)
+ |> Repo.all()
conn
|> put_view(ActivityView)
diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs
index f7f10662a..ec6869db9 100644
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@@ -248,6 +248,33 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
assert status["url"] != direct.data["id"]
end
+ test "doesn't include DMs from blocked users", %{conn: conn} do
+ blocker = insert(:user)
+ blocked = insert(:user)
+ user = insert(:user)
+ {:ok, blocker} = User.block(blocker, blocked)
+
+ {:ok, _blocked_direct} =
+ CommonAPI.post(blocked, %{
+ "status" => "Hi @#{blocker.nickname}!",
+ "visibility" => "direct"
+ })
+
+ {:ok, direct} =
+ CommonAPI.post(user, %{
+ "status" => "Hi @#{blocker.nickname}!",
+ "visibility" => "direct"
+ })
+
+ res_conn =
+ conn
+ |> assign(:user, user)
+ |> get("api/v1/timelines/direct")
+
+ [status] = json_response(res_conn, 200)
+ assert status["id"] == direct.id
+ end
+
test "replying to a status", %{conn: conn} do
user = insert(:user)
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index d18b65876..ce0812308 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -415,6 +415,33 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
assert status["id"] == direct_two.id
assert status_two["id"] == direct.id
end
+
+ test "doesn't include DMs from blocked users", %{conn: conn} do
+ blocker = insert(:user)
+ blocked = insert(:user)
+ user = insert(:user)
+ {:ok, blocker} = User.block(blocker, blocked)
+
+ {:ok, _blocked_direct} =
+ CommonAPI.post(blocked, %{
+ "status" => "Hi @#{blocker.nickname}!",
+ "visibility" => "direct"
+ })
+
+ {:ok, direct} =
+ CommonAPI.post(user, %{
+ "status" => "Hi @#{blocker.nickname}!",
+ "visibility" => "direct"
+ })
+
+ res_conn =
+ conn
+ |> assign(:user, blocker)
+ |> get("/api/statuses/dm_timeline.json")
+
+ [status] = json_response(res_conn, 200)
+ assert status["id"] == direct.id
+ end
end
describe "GET /statuses/mentions.json" do
@@ -1762,8 +1789,6 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
|> assign(:user, user)
|> post("/api/pleroma/friendships/approve", %{"user_id" => other_user.id})
- user = Repo.get(User, user.id)
-
assert relationship = json_response(conn, 200)
assert other_user.id == relationship["id"]
assert relationship["follows_you"] == true
@@ -1787,8 +1812,6 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
|> assign(:user, user)
|> post("/api/pleroma/friendships/deny", %{"user_id" => other_user.id})
- user = Repo.get(User, user.id)
-
assert relationship = json_response(conn, 200)
assert other_user.id == relationship["id"]
assert relationship["follows_you"] == false
--
2.49.0