From 02b8d63fcef2d30e2514111ec89308a9435dd2ed Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 2 Mar 2022 18:57:08 +0100 Subject: Fix report category not being saved in REST API (#17682) --- app/controllers/api/v1/reports_controller.rb | 12 +---- app/services/report_service.rb | 14 ++++-- spec/controllers/api/v1/reports_controller_spec.rb | 54 +++++++++++++++++++--- spec/fabricators/rule_fabricator.rb | 8 ++-- 4 files changed, 62 insertions(+), 26 deletions(-) diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb index 052d70cc8..8ff6c8fe5 100644 --- a/app/controllers/api/v1/reports_controller.rb +++ b/app/controllers/api/v1/reports_controller.rb @@ -10,9 +10,7 @@ class Api::V1::ReportsController < Api::BaseController @report = ReportService.new.call( current_account, reported_account, - status_ids: reported_status_ids, - comment: report_params[:comment], - forward: report_params[:forward] + report_params ) render json: @report, serializer: REST::ReportSerializer @@ -20,14 +18,6 @@ class Api::V1::ReportsController < Api::BaseController private - def reported_status_ids - reported_account.statuses.with_discarded.find(status_ids).pluck(:id) - end - - def status_ids - Array(report_params[:status_ids]) - end - def reported_account Account.find(report_params[:account_id]) end diff --git a/app/services/report_service.rb b/app/services/report_service.rb index caf99ab6e..9d784c341 100644 --- a/app/services/report_service.rb +++ b/app/services/report_service.rb @@ -6,10 +6,10 @@ class ReportService < BaseService def call(source_account, target_account, options = {}) @source_account = source_account @target_account = target_account - @status_ids = options.delete(:status_ids) || [] - @comment = options.delete(:comment) || '' - @category = options.delete(:category) || 'other' - @rule_ids = options.delete(:rule_ids) + @status_ids = options.delete(:status_ids).presence || [] + @comment = options.delete(:comment).presence || '' + @category = options.delete(:category).presence || 'other' + @rule_ids = options.delete(:rule_ids).presence @options = options raise ActiveRecord::RecordNotFound if @target_account.suspended? @@ -26,7 +26,7 @@ class ReportService < BaseService def create_report! @report = @source_account.reports.create!( target_account: @target_account, - status_ids: @status_ids, + status_ids: reported_status_ids, comment: @comment, uri: @options[:uri], forwarded: forward?, @@ -56,6 +56,10 @@ class ReportService < BaseService !@target_account.local? && ActiveModel::Type::Boolean.new.cast(@options[:forward]) end + def reported_status_ids + @target_account.statuses.with_discarded.find(Array(@status_ids)).pluck(:id) + end + def payload Oj.dump(serialize_payload(@report, ActivityPub::FlagSerializer, account: some_local_account)) end diff --git a/spec/controllers/api/v1/reports_controller_spec.rb b/spec/controllers/api/v1/reports_controller_spec.rb index a13de1370..b5baf60e1 100644 --- a/spec/controllers/api/v1/reports_controller_spec.rb +++ b/spec/controllers/api/v1/reports_controller_spec.rb @@ -13,22 +13,64 @@ RSpec.describe Api::V1::ReportsController, type: :controller do end describe 'POST #create' do - let(:scopes) { 'write:reports' } - let!(:status) { Fabricate(:status) } - let!(:admin) { Fabricate(:user, admin: true) } + let!(:admin) { Fabricate(:user, admin: true) } + + let(:scopes) { 'write:reports' } + let(:status) { Fabricate(:status) } + let(:target_account) { status.account } + let(:category) { nil } + let(:forward) { nil } + let(:rule_ids){ nil } before do allow(AdminMailer).to receive(:new_report).and_return(double('email', deliver_later: nil)) - post :create, params: { status_ids: [status.id], account_id: status.account.id, comment: 'reasons' } + post :create, params: { status_ids: [status.id], account_id: target_account.id, comment: 'reasons', category: category, rule_ids: rule_ids, forward: forward } end - it 'creates a report' do - expect(status.reload.account.targeted_reports).not_to be_empty + it 'returns http success' do expect(response).to have_http_status(200) end + it 'creates a report' do + expect(target_account.targeted_reports).to_not be_empty + end + + it 'saves comment' do + expect(target_account.targeted_reports.first.comment).to eq 'reasons' + end + it 'sends e-mails to admins' do expect(AdminMailer).to have_received(:new_report).with(admin.account, Report) end + + context 'when a status does not belong to the reported account' do + let(:target_account) { Fabricate(:account) } + + it 'returns http not found' do + expect(response).to have_http_status(404) + end + end + + context 'when a category is chosen' do + let(:category) { 'spam' } + + it 'saves category' do + expect(target_account.targeted_reports.first.spam?).to be true + end + end + + context 'when violated rules are chosen' do + let(:rule) { Fabricate(:rule) } + let(:category) { 'violation' } + let(:rule_ids) { [rule.id] } + + it 'saves category' do + expect(target_account.targeted_reports.first.violation?).to be true + end + + it 'saves rule_ids' do + expect(target_account.targeted_reports.first.rule_ids).to match_array([rule.id]) + end + end end end diff --git a/spec/fabricators/rule_fabricator.rb b/spec/fabricators/rule_fabricator.rb index 4bdfd05e0..bc29bc48e 100644 --- a/spec/fabricators/rule_fabricator.rb +++ b/spec/fabricators/rule_fabricator.rb @@ -1,5 +1,5 @@ Fabricator(:rule) do - priority "" - deleted_at "2021-02-21 05:51:09" - text "MyText" -end \ No newline at end of file + priority 0 + deleted_at nil + text { Faker::Lorem.paragraph } +end -- cgit From e24b14cc74034585b29ca92bbb9623df32328bf3 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 2 Mar 2022 18:57:26 +0100 Subject: Fix leak of existence of otherwise inaccessible statuses in REST API (#17684) --- app/controllers/api/v1/statuses_controller.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 2d82a7a99..f48aeb945 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -92,8 +92,9 @@ class Api::V1::StatusesController < Api::BaseController end def set_thread - @thread = status_params[:in_reply_to_id].blank? ? nil : Status.find(status_params[:in_reply_to_id]) - rescue ActiveRecord::RecordNotFound + @thread = Status.find(status_params[:in_reply_to_id]) if status_params[:in_reply_to_id].present? + authorize(@thread, :show?) if @thread.present? + rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError render json: { error: I18n.t('statuses.errors.in_reply_not_found') }, status: 404 end -- cgit From 9b58fb1ea4036daca945cb524e674446adb9ac42 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 2 Mar 2022 18:57:44 +0100 Subject: Add descriptions to trending features in admin UI (#17677) --- app/views/admin/trends/links/index.html.haml | 4 ++++ app/views/admin/trends/links/preview_card_providers/index.html.haml | 5 ++++- app/views/admin/trends/statuses/_status.html.haml | 3 +++ app/views/admin/trends/statuses/index.html.haml | 4 ++++ app/views/admin/trends/tags/index.html.haml | 4 ++++ config/locales/en.yml | 5 +++++ 6 files changed, 24 insertions(+), 1 deletion(-) diff --git a/app/views/admin/trends/links/index.html.haml b/app/views/admin/trends/links/index.html.haml index 79f3513d3..49a53d979 100644 --- a/app/views/admin/trends/links/index.html.haml +++ b/app/views/admin/trends/links/index.html.haml @@ -4,6 +4,10 @@ - content_for :header_tags do = javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous' +%p= t('admin.trends.links.description_html') + +%hr.spacer/ + = form_tag admin_trends_links_path, method: 'GET', class: 'simple_form' do - Trends::PreviewCardFilter::KEYS.each do |key| = hidden_field_tag key, params[key] if params[key].present? diff --git a/app/views/admin/trends/links/preview_card_providers/index.html.haml b/app/views/admin/trends/links/preview_card_providers/index.html.haml index b79349947..c3648c35e 100644 --- a/app/views/admin/trends/links/preview_card_providers/index.html.haml +++ b/app/views/admin/trends/links/preview_card_providers/index.html.haml @@ -4,6 +4,10 @@ - content_for :header_tags do = javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous' +%p= t('admin.trends.preview_card_providers.description_html') + +%hr.spacer/ + .filters .filter-subset %strong= t('admin.tags.review') @@ -17,7 +21,6 @@ = fa_icon 'chevron-left fw' = t('admin.trends.links.title') - %hr.spacer/ = form_for(@form, url: batch_admin_trends_links_preview_card_providers_path) do |f| diff --git a/app/views/admin/trends/statuses/_status.html.haml b/app/views/admin/trends/statuses/_status.html.haml index c99ee5d60..edb27b9ff 100644 --- a/app/views/admin/trends/statuses/_status.html.haml +++ b/app/views/admin/trends/statuses/_status.html.haml @@ -22,6 +22,9 @@ - if status.language.present? • = standard_locale_name(status.language) + - if status.trendable? && !status.account.discoverable? + • + = t('admin.trends.statuses.not_discoverable') - if status.trendable? && (rank = Trends.statuses.rank(status.id)) • %abbr{ title: t('admin.trends.tags.current_score', score: Trends.statuses.score(status.id)) }= t('admin.trends.tags.trending_rank', rank: rank + 1) diff --git a/app/views/admin/trends/statuses/index.html.haml b/app/views/admin/trends/statuses/index.html.haml index 347688262..b0059b20d 100644 --- a/app/views/admin/trends/statuses/index.html.haml +++ b/app/views/admin/trends/statuses/index.html.haml @@ -4,6 +4,10 @@ - content_for :header_tags do = javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous' +%p= t('admin.trends.statuses.description_html') + +%hr.spacer/ + = form_tag admin_trends_statuses_path, method: 'GET', class: 'simple_form' do - Trends::StatusFilter::KEYS.each do |key| = hidden_field_tag key, params[key] if params[key].present? diff --git a/app/views/admin/trends/tags/index.html.haml b/app/views/admin/trends/tags/index.html.haml index 8a2f785bc..bde32a295 100644 --- a/app/views/admin/trends/tags/index.html.haml +++ b/app/views/admin/trends/tags/index.html.haml @@ -4,6 +4,10 @@ - content_for :header_tags do = javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous' +%p= t('admin.trends.tags.description_html') + +%hr.spacer/ + .filters .filter-subset %strong= t('admin.tags.review') diff --git a/config/locales/en.yml b/config/locales/en.yml index 5ce43be1a..6a5594185 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -777,6 +777,7 @@ en: links: allow: Allow link allow_provider: Allow publisher + description_html: These are links that are currently being shared a lot by accounts that your server sees posts from. It can help your users find out what's going on in the world. No links are displayed publicly until you approve the publisher. You can also allow or reject individual links. disallow: Disallow link disallow_provider: Disallow publisher shared_by_over_week: @@ -788,14 +789,17 @@ en: pending_review: Pending review preview_card_providers: allowed: Links from this publisher can trend + description_html: These are domains from which links are often shared on your server. Links will not trend publicly unless the domain of the link is approved. Your approval (or rejection) extends to subdomains. rejected: Links from this publisher won't trend title: Publishers rejected: Rejected statuses: allow: Allow post allow_account: Allow author + description_html: These are posts that your server knows about that are currently being shared and favourited a lot at the moment. It can help your new and returning users to find more people to follow. No posts are displayed publicly until you approve the author, and the author allows their account to be suggested to others. You can also allow or reject individual posts. disallow: Disallow post disallow_account: Disallow author + not_discoverable: Author has not opted-in to being discoverable shared_by: one: Shared or favourited one time other: Shared and favourited %{friendly_count} times @@ -808,6 +812,7 @@ en: tag_servers_dimension: Top servers tag_servers_measure: different servers tag_uses_measure: total uses + description_html: These are hashtags that are currently appearing in a lot of posts that your server sees. It can help your users find out what people are talking the most about at the moment. No hashtags are displayed publicly until you approve them. listable: Can be suggested not_listable: Won't be suggested not_trendable: Won't appear under trends -- cgit From c0c4b5718d8827fc59d5564c227e848547a2cb69 Mon Sep 17 00:00:00 2001 From: Claire Date: Wed, 2 Mar 2022 20:28:25 +0100 Subject: Change visual separation of applications in authorized apps list (#17686) --- app/javascript/styles/mastodon/admin.scss | 8 ++++++++ app/javascript/styles/mastodon/forms.scss | 1 + app/views/oauth/authorized_applications/index.html.haml | 4 ++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/app/javascript/styles/mastodon/admin.scss b/app/javascript/styles/mastodon/admin.scss index 52bc2086a..06ec4d37b 100644 --- a/app/javascript/styles/mastodon/admin.scss +++ b/app/javascript/styles/mastodon/admin.scss @@ -888,6 +888,14 @@ a.name-tag, text-align: center; } +.applications-list__item { + padding: 15px 0; + background: $ui-base-color; + border: 1px solid lighten($ui-base-color, 4%); + border-radius: 4px; + margin-top: 15px; +} + .announcements-list { border: 1px solid lighten($ui-base-color, 4%); border-radius: 4px; diff --git a/app/javascript/styles/mastodon/forms.scss b/app/javascript/styles/mastodon/forms.scss index 6e02e2332..90d56b075 100644 --- a/app/javascript/styles/mastodon/forms.scss +++ b/app/javascript/styles/mastodon/forms.scss @@ -1069,6 +1069,7 @@ code { &:last-child { border-bottom: 0; + padding-bottom: 0; } } } diff --git a/app/views/oauth/authorized_applications/index.html.haml b/app/views/oauth/authorized_applications/index.html.haml index fead56f4a..0280d8aef 100644 --- a/app/views/oauth/authorized_applications/index.html.haml +++ b/app/views/oauth/authorized_applications/index.html.haml @@ -5,9 +5,9 @@ %hr.spacer/ -.announcements-list +.applications-list - @applications.each do |application| - .announcements-list__item + .applications-list__item - if application.website.present? = link_to application.name, application.website, target: '_blank', rel: 'noopener noreferrer', class: 'announcements-list__item__title' - else -- cgit