diff options
-rw-r--r-- | app/controllers/xrd_controller.rb | 11 | ||||
-rw-r--r-- | app/views/api/v1/accounts/show.rabl | 2 | ||||
-rw-r--r-- | spec/controllers/xrd_controller_spec.rb | 2 |
3 files changed, 9 insertions, 6 deletions
diff --git a/app/controllers/xrd_controller.rb b/app/controllers/xrd_controller.rb index 9e0277860..6db87cefc 100644 --- a/app/controllers/xrd_controller.rb +++ b/app/controllers/xrd_controller.rb @@ -36,11 +36,14 @@ class XrdController < ApplicationController end def username_from_resource - if resource_param.start_with?('acct:') || resource_param.include?('@') - resource_param.split('@').first.gsub('acct:', '') + if resource_param =~ /\Ahttps?:\/\// + path_params = Rails.application.routes.recognize_path(resource_param) + raise ActiveRecord::RecordNotFound unless path_params[:controller] == 'users' && path_params[:action] == 'show' + path_params[:username] else - url = Addressable::URI.parse(resource_param) - url.path.gsub('/users/', '') + username, domain = resource_param.gsub(/\Aacct:/, '').split('@') + raise ActiveRecord::RecordNotFound unless TagManager.instance.local_domain?(domain) + username end end diff --git a/app/views/api/v1/accounts/show.rabl b/app/views/api/v1/accounts/show.rabl index 151a5080d..e21fe7941 100644 --- a/app/views/api/v1/accounts/show.rabl +++ b/app/views/api/v1/accounts/show.rabl @@ -1,6 +1,6 @@ object @account -attributes :id, :username, :acct, :display_name, :locked +attributes :id, :username, :acct, :display_name, :locked, :created_at node(:note) { |account| Formatter.instance.simplified_format(account) } node(:url) { |account| TagManager.instance.url_for(account) } diff --git a/spec/controllers/xrd_controller_spec.rb b/spec/controllers/xrd_controller_spec.rb index eeaaaa786..e687cf9e0 100644 --- a/spec/controllers/xrd_controller_spec.rb +++ b/spec/controllers/xrd_controller_spec.rb @@ -14,7 +14,7 @@ RSpec.describe XrdController, type: :controller do let(:alice) { Fabricate(:account, username: 'alice') } it 'returns http success when account can be found' do - get :webfinger, params: { resource: "acct:#{alice.username}@anything.com" } + get :webfinger, params: { resource: "acct:#{alice.username}@#{Rails.configuration.x.local_domain}" } expect(response).to have_http_status(:success) end |