erik/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00
Code Issues Projects Releases Wiki Activity

Add more checks and tests

Browse source
This commit is contained in:
Angus McLeod 2024-06-12 13:17:53 +02:00
parent 26499e5096
commit ceb9c8ff84
2 changed files with 71 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/lib/activitypub/activity/update.rb
View file

@ -52,7 +52,12 @@ class ActivityPub::Activity::Update < ActivityPub::Activity
end end
def updated_username_confirmed? def updated_username_confirmed?
webfinger = Webfinger.new("acct:#{@object['preferredUsername']}@#{@account.domain}").perform begin
webfinger = Webfinger.new("acct:#{@object['preferredUsername']}@#{@account.domain}").perform
rescue Webfinger::Error
return false
end
confirmed_username, confirmed_domain = webfinger.subject.delete_prefix('acct:').split('@') confirmed_username, confirmed_domain = webfinger.subject.delete_prefix('acct:').split('@')
confirmed_username == @object['preferredUsername'] && confirmed_domain == @account.domain confirmed_username == @object['preferredUsername'] && confirmed_domain == @account.domain
end end

103
spec/lib/activitypub/activity/update_spec.rb
View file

@ -77,38 +77,41 @@ RSpec.describe ActivityPub::Activity::Update do
object: updated_username_json, object: updated_username_json,
}.with_indifferent_access }.with_indifferent_access
end end
let(:webfinger_response) do
{
subject: "acct:#{updated_handle}",
links: [
{
rel: 'self',
type: 'application/activity+json',
href: sender.uri,
},
],
}
end
before do before do
stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:#{updated_handle}") stub_request(:get, 'https://example.com/.well-known/host-meta').to_return(status: 404)
.to_return(
body: webfinger_response.to_json,
headers: {
'Content-Type' => 'application/json',
},
status: 200
)
end end
it 'updates profile' do context 'when updated username is unique and confirmed' do
subject.perform before do
expect(sender.reload.display_name).to eq 'Totally modified now' stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:#{updated_handle}")
end .to_return(
body: {
subject: "acct:#{updated_handle}",
links: [
{
rel: 'self',
type: 'application/activity+json',
href: sender.uri,
},
],
}.to_json,
headers: {
'Content-Type' => 'application/json',
},
status: 200
)
end
it 'updates username' do it 'updates profile' do
subject.perform subject.perform
expect(sender.reload.username).to eq updated_username expect(sender.reload.display_name).to eq 'Totally modified now'
end
it 'updates username' do
subject.perform
expect(sender.reload.username).to eq updated_username
end
end end
context 'when updated username is not unique for domain' do context 'when updated username is not unique for domain' do
@ -131,18 +134,42 @@ RSpec.describe ActivityPub::Activity::Update do
end end
end end
context 'when updated username is not confirmed via webfinger' do context 'when webfinger of updated username does not contain updated username' do
let(:webfinger_response) do before do
{ stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:#{updated_handle}")
subject: "acct:#{original_handle}", .to_return(
links: [ body: {
{ subject: "acct:#{original_handle}",
rel: 'self', links: [
type: 'application/activity+json', {
href: sender.uri, rel: 'self',
type: 'application/activity+json',
href: sender.uri,
},
],
}.to_json,
headers: {
'Content-Type' => 'application/json',
}, },
], status: 200
} )
end
it 'updates profile' do
subject.perform
expect(sender.reload.display_name).to eq 'Totally modified now'
end
it 'does not update username' do
subject.perform
expect(sender.reload.username).to eq original_username
end
end
context 'when webfinger request of updated username fails' do
before do
stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:#{updated_handle}")
.to_return(status: 404)
end end
it 'updates profile' do it 'updates profile' do