Add API parameter to safeguard unexpect mentions in new posts (#18350)

author: Claire <claire.github-309c@sitedethib.com> 2023-02-13 16:36:29 +0100
committer: GitHub <noreply@github.com> 2023-02-13 16:36:29 +0100
commit: d6930b3847405dc9f8c1a54fb74d488a3c9a775e (patch)
tree: feb3e7aa1713113cd8792c739cdd8ad8456560ed /spec/controllers
parent: c84f38abc4b82d77c5d832399d5746fe51de3c67 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/spec/controllers/api/v1/statuses_controller_spec.rb b/spec/controllers/api/v1/statuses_controller_spec.rb
index 24810a5d2..bd8b8013a 100644
--- a/spec/controllers/api/v1/statuses_controller_spec.rb
+++ b/spec/controllers/api/v1/statuses_controller_spec.rb
@@ -133,6 +133,23 @@ RSpec.describe Api::V1::StatusesController, type: :controller do
         end
       end
 
+      context 'with a safeguard' do
+        let!(:alice) { Fabricate(:account, username: 'alice') }
+        let!(:bob)   { Fabricate(:account, username: 'bob') }
+
+        before do
+          post :create, params: { status: '@alice hm, @bob is really annoying lately', allowed_mentions: [alice.id] }
+        end
+
+        it 'returns http unprocessable entity' do
+          expect(response).to have_http_status(422)
+        end
+
+        it 'returns serialized extra accounts in body' do
+          expect(body_as_json[:unexpected_accounts].map { |a| a.slice(:id, :acct) }).to eq [{ id: bob.id.to_s, acct: bob.acct }]
+        end
+      end
+
       context 'with missing parameters' do
         before do
           post :create, params: {}
author	Claire <claire.github-309c@sitedethib.com>	2023-02-13 16:36:29 +0100
committer	GitHub <noreply@github.com>	2023-02-13 16:36:29 +0100
commit	d6930b3847405dc9f8c1a54fb74d488a3c9a775e (patch)
tree	feb3e7aa1713113cd8792c739cdd8ad8456560ed /spec/controllers
parent	c84f38abc4b82d77c5d832399d5746fe51de3c67 (diff)