Merge branch 'develop' of ssh.gitgud.io:lambadalambda/pleroma into develop

c8447998 · lain · 7424310e · 5a3be8ad · c8447998 · c8447998
Commit c8447998 authored Apr 26, 2017 by lain
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -63,6 +63,7 @@ def register_changeset(struct, params \\ %{}) do
    |> validate_confirmation(:password)
    |> unique_constraint(:email)
    |> unique_constraint(:nickname)
+    |> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/)

    if changeset.valid? do
      hashed = Comeonin.Pbkdf2.hashpwsalt(changeset.changes[:password])

--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -115,9 +115,9 @@ def fetch_status(user, id) do
    end
  end

-  def follow(%User{} = follower, followed_id) do
-    with %User{} = followed <- Repo.get(User, followed_id),
-    { :ok, follower } <- User.follow(follower, followed),
+  def follow(%User{} = follower, params) do
+    with { :ok, %User{} = followed } <- get_user(params),
+         { :ok, follower } <- User.follow(follower, followed),
         { :ok, activity } <- ActivityPub.insert(%{
           "type" => "Follow",
           "actor" => follower.ap_id,
@@ -131,11 +131,11 @@ def follow(%User{} = follower, followed_id) do
    end
  end

-  def unfollow(%User{} = follower, followed_id) do
-    with %User{} = followed <- Repo.get(User, followed_id),
-         { :ok, follower } <- User.unfollow(follower, followed)
+  def unfollow(%User{} = follower, params) do
+    with { :ok, %User{} = unfollowed } <- get_user(params),
+         { :ok, follower } <- User.unfollow(follower, unfollowed)
    do
-      { :ok, follower, followed }
+      { :ok, follower, unfollowed}
    else
      err -> err
    end
@@ -266,7 +266,7 @@ def register_user(params) do
    end
  end

-  def get_user(user, params) do
+  def get_user(user \\ nil, params) do
    case params do
      %{ "user_id" => user_id } ->
        case target = Repo.get(User, user_id) do

--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -12,11 +12,23 @@ def verify_credentials(%{assigns: %{user: user}} = conn, _params) do
    |> json_reply(200, response)
  end

-  def status_update(%{assigns: %{user: user}} = conn, status_data) do
-    media_ids = extract_media_ids(status_data)
-    {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids",  media_ids ))
-    conn
-    |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user}))
+  def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do
+    if status_text |> String.trim |> String.length != 0 do
+      media_ids = extract_media_ids(status_data)
+      {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids",  media_ids ))
+      conn
+      |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user}))
+    else
+      empty_status_reply(conn)
+    end
+  end
+
+  def status_update(conn, _status_data) do
+    empty_status_reply(conn)
+  end
+
+  defp empty_status_reply(conn) do
+    bad_request_reply(conn, "Client must provide a 'status' parameter with a value.")
  end

  defp extract_media_ids(status_data) do
@@ -65,8 +77,8 @@ def mentions_timeline(%{assigns: %{user: user}} = conn, params) do
    |> json_reply(200, json)
  end

-  def follow(%{assigns: %{user: user}} = conn, %{ "user_id" => followed_id }) do
-    case TwitterAPI.follow(user, followed_id) do
+  def follow(%{assigns: %{user: user}} = conn, params) do
+    case TwitterAPI.follow(user, params) do
      { :ok, user, followed, _activity } ->
        response = followed |> UserRepresenter.to_json(%{for: user})
        conn
@@ -75,11 +87,10 @@ def follow(%{assigns: %{user: user}} = conn, %{ "user_id" => followed_id }) do
    end
  end

-  def unfollow(%{assigns: %{user: user}} = conn, %{ "user_id" => followed_id }) do
-    case TwitterAPI.unfollow(user, followed_id) do
-      { :ok, user, followed } ->
-        response = followed |> UserRepresenter.to_json(%{for: user})
-
+  def unfollow(%{assigns: %{user: user}} = conn, params) do
+    case TwitterAPI.unfollow(user, params) do
+      { :ok, user, unfollowed, } ->
+        response = unfollowed |> UserRepresenter.to_json(%{for: user})
        conn
        |> json_reply(200, response)
      { :error, msg } -> forbidden_json_reply(conn, msg)
@@ -183,7 +194,7 @@ def update_avatar(%{assigns: %{user: user}} = conn, params) do
  end

  defp bad_request_reply(conn, error_message) do
-    json = Poison.encode!(%{"error" => error_message})
+    json = error_json(conn, error_message)
    json_reply(conn, 400, json)
  end

@@ -194,9 +205,11 @@ defp json_reply(conn, status, json) do
  end

  defp forbidden_json_reply(conn, error_message) do
-    json = %{"error" => error_message, "request" => conn.request_path}
-    |> Poison.encode!
-
+    json = error_json(conn, error_message)
    json_reply(conn, 403, json)
  end
+
+  defp error_json(conn, error_message) do
+    %{"error" => error_message, "request" => conn.request_path} |> Poison.encode!
+  end
 end
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -31,10 +31,21 @@ test "without valid credentials", %{conn: conn} do
    end

    test "with credentials", %{conn: conn, user: user} do
-      conn = conn
-        |> with_credentials(user.nickname, "test")
-        |> post("/api/statuses/update.json", %{ status: "Nice meme." })
+      conn_with_creds = conn |> with_credentials(user.nickname, "test")
+      request_path = "/api/statuses/update.json"
+
+      error_response = %{"request" => request_path,
+                         "error" => "Client must provide a 'status' parameter with a value."}
+      conn = conn_with_creds |> post(request_path)
+      assert json_response(conn, 400) == error_response
+
+      conn = conn_with_creds |> post(request_path, %{ status: "" })
+      assert json_response(conn, 400) == error_response
+
+      conn = conn_with_creds |> post(request_path, %{ status: " " })
+      assert json_response(conn, 400) == error_response

+      conn =  conn_with_creds |> post(request_path, %{ status: "Nice meme." })
      assert json_response(conn, 200) == ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
    end
  end
@@ -139,7 +150,7 @@ test "with credentials", %{conn: conn, user: current_user} do
    setup [:valid_user]
    test "without any params", %{conn: conn} do
      conn = get(conn, "/api/statuses/user_timeline.json")
-      assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id"}
+      assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id", "request" => "/api/statuses/user_timeline.json"}
    end

    test "with user_id", %{conn: conn} do

--- a/test/web/twitter_api/twitter_api_test.exs
+++ b/test/web/twitter_api/twitter_api_test.exs
@@ -155,32 +155,47 @@ test "fetch a single status" do
    assert status == ActivityRepresenter.to_map(activity, %{for: user, user: actor})
  end

-  test "Follow another user" do
+  test "Follow another user using user_id" do
    user = insert(:user)
    followed = insert(:user)

-    { :ok, user, followed, activity } = TwitterAPI.follow(user, followed.id)
+    {:ok, user, followed, _activity } = TwitterAPI.follow(user, %{"user_id" => followed.id})
+    assert user.following == [User.ap_followers(followed)]
+
+    { :error, msg } = TwitterAPI.follow(user, %{"user_id" => followed.id})
+    assert msg == "Could not follow user: #{followed.nickname} is already on your list."
+  end

-    user = Repo.get(User, user.id)
-    follow = Repo.get(Activity, activity.id)
+  test "Follow another user using screen_name" do
+    user = insert(:user)
+    followed = insert(:user)

+    {:ok, user, followed, _activity } = TwitterAPI.follow(user, %{"screen_name" => followed.nickname})
    assert user.following == [User.ap_followers(followed)]
-    assert follow == activity

-    { :error, msg } = TwitterAPI.follow(user, followed.id)
+    { :error, msg } = TwitterAPI.follow(user, %{"screen_name" => followed.nickname})
    assert msg == "Could not follow user: #{followed.nickname} is already on your list."
  end

-  test "Unfollow another user" do
-    followed = insert(:user)
-    user = insert(:user, %{following: [User.ap_followers(followed)]})
+  test "Unfollow another user using user_id" do
+    unfollowed = insert(:user)
+    user = insert(:user, %{following: [User.ap_followers(unfollowed)]})
+
+    {:ok, user, unfollowed } = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id})
+    assert user.following == []

-    { :ok, user, _followed } = TwitterAPI.unfollow(user, followed.id)
+    { :error, msg } = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id})
+    assert msg == "Not subscribed!"
+  end

-    user = Repo.get(User, user.id)
+  test "Unfollow another user using screen_name" do
+    unfollowed = insert(:user)
+    user = insert(:user, %{following: [User.ap_followers(unfollowed)]})

+    {:ok, user, unfollowed } = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname})
    assert user.following == []
-    { :error, msg } = TwitterAPI.unfollow(user, followed.id)
+
+    { :error, msg } = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname})
    assert msg == "Not subscribed!"
  end