Commit f8556632 authored by eal's avatar eal
Browse files

Allow profile fetching for authenticated users only.

parent ed1eb5de
Pipeline #35 passed with stage
in 1 minute and 54 seconds
......@@ -138,7 +138,6 @@ def user_fetcher(username) do
get "/search", TwitterAPI.Controller, :search
get "/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline
get "/externalprofile/show", TwitterAPI.Controller, :external_profile
end
scope "/api", Pleroma.Web do
......@@ -176,6 +175,8 @@ def user_fetcher(username) do
get "/statuses/followers", TwitterAPI.Controller, :followers
get "/statuses/friends", TwitterAPI.Controller, :friends
get "/externalprofile/show", TwitterAPI.Controller, :external_profile
end
pipeline :ostatus do
......
......@@ -405,11 +405,13 @@ test "it returns errors on a problem", %{conn: conn} do
describe "GET /api/externalprofile/show" do
test "it returns the user", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
conn = conn
|> get("/api/externalprofile/show", %{profileurl: user.ap_id})
|> assign(:user, user)
|> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
assert json_response(conn, 200) == UserView.render("show.json", %{user: user})
assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
end
end
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment