mirror of
https://github.com/mastodon/mastodon.git
synced 2024-08-20 21:08:15 -07:00
50487db122
* Add database table for status-specific filters * Add REST endpoints, entities and attributes * Show status filters in /filters interface * Perform server-side filtering for individual posts filters * Fix filtering on context mismatch * Refactor `toServerSideType` by moving it to its own module * Move loupe and delete icons to their own module * Add ability to filter individual posts from WebUI * Replace keyword list by warnings (expired, context mismatch) * Refactor server-side filtering code * Add tests
252 lines
7.6 KiB
Ruby
252 lines
7.6 KiB
Ruby
require 'rails_helper'
|
|
|
|
RSpec.describe Api::V1::StatusesController, type: :controller do
|
|
render_views
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
let(:app) { Fabricate(:application, name: 'Test app', website: 'http://testapp.com') }
|
|
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: app, scopes: scopes) }
|
|
|
|
context 'with an oauth token' do
|
|
before do
|
|
allow(controller).to receive(:doorkeeper_token) { token }
|
|
end
|
|
|
|
describe 'GET #show' do
|
|
let(:scopes) { 'read:statuses' }
|
|
let(:status) { Fabricate(:status, account: user.account) }
|
|
|
|
it 'returns http success' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
context 'when post includes filtered terms' do
|
|
let(:status) { Fabricate(:status, text: 'this toot is about that banned word') }
|
|
|
|
before do
|
|
user.account.custom_filters.create!(phrase: 'filter1', context: %w(home), action: :hide, keywords_attributes: [{ keyword: 'banned' }, { keyword: 'irrelevant' }])
|
|
end
|
|
|
|
it 'returns http success' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'returns filter information' do
|
|
get :show, params: { id: status.id }
|
|
json = body_as_json
|
|
expect(json[:filtered][0]).to include({
|
|
filter: a_hash_including({
|
|
id: user.account.custom_filters.first.id.to_s,
|
|
title: 'filter1',
|
|
filter_action: 'hide',
|
|
}),
|
|
keyword_matches: ['banned'],
|
|
})
|
|
end
|
|
end
|
|
|
|
context 'when post is explicitly filtered' do
|
|
let(:status) { Fabricate(:status, text: 'hello world') }
|
|
|
|
before do
|
|
filter = user.account.custom_filters.create!(phrase: 'filter1', context: %w(home), action: :hide)
|
|
filter.statuses.create!(status_id: status.id)
|
|
end
|
|
|
|
it 'returns http success' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'returns filter information' do
|
|
get :show, params: { id: status.id }
|
|
json = body_as_json
|
|
expect(json[:filtered][0]).to include({
|
|
filter: a_hash_including({
|
|
id: user.account.custom_filters.first.id.to_s,
|
|
title: 'filter1',
|
|
filter_action: 'hide',
|
|
}),
|
|
status_matches: [status.id.to_s],
|
|
})
|
|
end
|
|
end
|
|
|
|
context 'when reblog includes filtered terms' do
|
|
let(:status) { Fabricate(:status, reblog: Fabricate(:status, text: 'this toot is about that banned word')) }
|
|
|
|
before do
|
|
user.account.custom_filters.create!(phrase: 'filter1', context: %w(home), action: :hide, keywords_attributes: [{ keyword: 'banned' }, { keyword: 'irrelevant' }])
|
|
end
|
|
|
|
it 'returns http success' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'returns filter information' do
|
|
get :show, params: { id: status.id }
|
|
json = body_as_json
|
|
expect(json[:reblog][:filtered][0]).to include({
|
|
filter: a_hash_including({
|
|
id: user.account.custom_filters.first.id.to_s,
|
|
title: 'filter1',
|
|
filter_action: 'hide',
|
|
}),
|
|
keyword_matches: ['banned'],
|
|
})
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'GET #context' do
|
|
let(:scopes) { 'read:statuses' }
|
|
let(:status) { Fabricate(:status, account: user.account) }
|
|
|
|
before do
|
|
Fabricate(:status, account: user.account, thread: status)
|
|
end
|
|
|
|
it 'returns http success' do
|
|
get :context, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
end
|
|
|
|
describe 'POST #create' do
|
|
let(:scopes) { 'write:statuses' }
|
|
|
|
context do
|
|
before do
|
|
post :create, params: { status: 'Hello world' }
|
|
end
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'returns rate limit headers' do
|
|
expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s
|
|
expect(response.headers['X-RateLimit-Remaining']).to eq (RateLimiter::FAMILIES[:statuses][:limit] - 1).to_s
|
|
end
|
|
end
|
|
|
|
context 'with missing parameters' do
|
|
before do
|
|
post :create, params: {}
|
|
end
|
|
|
|
it 'returns http unprocessable entity' do
|
|
expect(response).to have_http_status(422)
|
|
end
|
|
|
|
it 'returns rate limit headers' do
|
|
expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s
|
|
end
|
|
end
|
|
|
|
context 'when exceeding rate limit' do
|
|
before do
|
|
rate_limiter = RateLimiter.new(user.account, family: :statuses)
|
|
300.times { rate_limiter.record! }
|
|
post :create, params: { status: 'Hello world' }
|
|
end
|
|
|
|
it 'returns http too many requests' do
|
|
expect(response).to have_http_status(429)
|
|
end
|
|
|
|
it 'returns rate limit headers' do
|
|
expect(response.headers['X-RateLimit-Limit']).to eq RateLimiter::FAMILIES[:statuses][:limit].to_s
|
|
expect(response.headers['X-RateLimit-Remaining']).to eq '0'
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'DELETE #destroy' do
|
|
let(:scopes) { 'write:statuses' }
|
|
let(:status) { Fabricate(:status, account: user.account) }
|
|
|
|
before do
|
|
post :destroy, params: { id: status.id }
|
|
end
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'removes the status' do
|
|
expect(Status.find_by(id: status.id)).to be nil
|
|
end
|
|
end
|
|
|
|
describe 'PUT #update' do
|
|
let(:scopes) { 'write:statuses' }
|
|
let(:status) { Fabricate(:status, account: user.account) }
|
|
|
|
before do
|
|
put :update, params: { id: status.id, status: 'I am updated' }
|
|
end
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'updates the status' do
|
|
expect(status.reload.text).to eq 'I am updated'
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'without an oauth token' do
|
|
before do
|
|
allow(controller).to receive(:doorkeeper_token) { nil }
|
|
end
|
|
|
|
context 'with a private status' do
|
|
let(:status) { Fabricate(:status, account: user.account, visibility: :private) }
|
|
|
|
describe 'GET #show' do
|
|
it 'returns http unauthorized' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(404)
|
|
end
|
|
end
|
|
|
|
describe 'GET #context' do
|
|
before do
|
|
Fabricate(:status, account: user.account, thread: status)
|
|
end
|
|
|
|
it 'returns http unauthorized' do
|
|
get :context, params: { id: status.id }
|
|
expect(response).to have_http_status(404)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'with a public status' do
|
|
let(:status) { Fabricate(:status, account: user.account, visibility: :public) }
|
|
|
|
describe 'GET #show' do
|
|
it 'returns http success' do
|
|
get :show, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
end
|
|
|
|
describe 'GET #context' do
|
|
before do
|
|
Fabricate(:status, account: user.account, thread: status)
|
|
end
|
|
|
|
it 'returns http success' do
|
|
get :context, params: { id: status.id }
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|