From 6d2301988fdc0118c5583f48ba6da4a3b8247ba4 Mon Sep 17 00:00:00 2001 From: Rakib Hasan Date: Wed, 1 Feb 2017 21:07:38 -0500 Subject: Fix for issue #462 Modified uploadCompose action to send media ids of attached media when sending a request. Modified create method in MediaController to check if when posting a video, there are no other media attached to the status by looking at the media ids sent from the uploadCompose action. --- app/controllers/api/v1/media_controller.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'app/controllers/api/v1') diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb index f8139ade7..582d04daf 100644 --- a/app/controllers/api/v1/media_controller.rb +++ b/app/controllers/api/v1/media_controller.rb @@ -11,6 +11,10 @@ class Api::V1::MediaController < ApiController def create @media = MediaAttachment.create!(account: current_user.account, file: params[:file]) + if @media.video? and params[:media_ids] != "List []" + @media.destroy + render json: {error: 'Cannot attach a video to a toot that already contains images'}, status: 422 + end rescue Paperclip::Errors::NotIdentifiedByImageMagickError render json: { error: 'File type of uploaded media could not be verified' }, status: 422 rescue Paperclip::Error -- cgit From 6f9ecd899e9e7cb335940465c23dd53acc37269c Mon Sep 17 00:00:00 2001 From: Rakib Hasan Date: Thu, 2 Feb 2017 23:10:17 -0500 Subject: revisted fix for #462 Moved validation to services/post_status_service.rb --- app/assets/javascripts/components/actions/compose.jsx | 5 +---- app/controllers/api/v1/media_controller.rb | 4 ---- app/controllers/api/v1/statuses_controller.rb | 16 ++++++++++------ app/services/post_status_service.rb | 8 +++++++- 4 files changed, 18 insertions(+), 15 deletions(-) (limited to 'app/controllers/api/v1') diff --git a/app/assets/javascripts/components/actions/compose.jsx b/app/assets/javascripts/components/actions/compose.jsx index 84fbc7fc5..03aae885e 100644 --- a/app/assets/javascripts/components/actions/compose.jsx +++ b/app/assets/javascripts/components/actions/compose.jsx @@ -119,10 +119,7 @@ export function uploadCompose(files) { let data = new FormData(); data.append('file', files[0]); - data.append('media_ids', getState().getIn( - ['compose', 'media_attachments'] - ).map(item => item.get('id'))); - + api(getState).post('/api/v1/media', data, { onUploadProgress: function (e) { dispatch(uploadComposeProgress(e.loaded, e.total)); diff --git a/app/controllers/api/v1/media_controller.rb b/app/controllers/api/v1/media_controller.rb index 582d04daf..f8139ade7 100644 --- a/app/controllers/api/v1/media_controller.rb +++ b/app/controllers/api/v1/media_controller.rb @@ -11,10 +11,6 @@ class Api::V1::MediaController < ApiController def create @media = MediaAttachment.create!(account: current_user.account, file: params[:file]) - if @media.video? and params[:media_ids] != "List []" - @media.destroy - render json: {error: 'Cannot attach a video to a toot that already contains images'}, status: 422 - end rescue Paperclip::Errors::NotIdentifiedByImageMagickError render json: { error: 'File type of uploaded media could not be verified' }, status: 422 rescue Paperclip::Error diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 69cbdce5d..036383d1e 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -62,12 +62,16 @@ class Api::V1::StatusesController < ApiController end def create - @status = PostStatusService.new.call(current_user.account, params[:status], params[:in_reply_to_id].blank? ? nil : Status.find(params[:in_reply_to_id]), media_ids: params[:media_ids], - sensitive: params[:sensitive], - spoiler_text: params[:spoiler_text], - visibility: params[:visibility], - application: doorkeeper_token.application) - + begin + @status = PostStatusService.new.call(current_user.account, params[:status], params[:in_reply_to_id].blank? ? nil : Status.find(params[:in_reply_to_id]), media_ids: params[:media_ids], + sensitive: params[:sensitive], + spoiler_text: params[:spoiler_text], + visibility: params[:visibility], + application: doorkeeper_token.application) + rescue Mastodon::NotPermitted => e + render json: {error: e.message}, status: 422 + return + end render action: :show end diff --git a/app/services/post_status_service.rb b/app/services/post_status_service.rb index 979941c84..d70103547 100644 --- a/app/services/post_status_service.rb +++ b/app/services/post_status_service.rb @@ -35,8 +35,14 @@ class PostStatusService < BaseService def attach_media(status, media_ids) return if media_ids.nil? || !media_ids.is_a?(Enumerable) - media = MediaAttachment.where(status_id: nil).where(id: media_ids.take(4).map(&:to_i)) + if media.length > 1 + media.each do |m| + if m.video? + raise Mastodon::NotPermitted, 'Cannot attach a video to a toot that already contains images' + end + end + end media.update(status_id: status.id) end -- cgit From 9433d03705d3aa86a059d82ffc549c699092912d Mon Sep 17 00:00:00 2001 From: Rakib Hasan Date: Fri, 17 Feb 2017 02:58:16 +0000 Subject: Removed try clause from create action in status controller Using catch statement in api_controller.rb to catch NotPermitted Exception, and render error message --- app/controllers/api/v1/statuses_controller.rb | 5 ----- 1 file changed, 5 deletions(-) (limited to 'app/controllers/api/v1') diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index 036383d1e..2ffd4a018 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -62,16 +62,11 @@ class Api::V1::StatusesController < ApiController end def create - begin @status = PostStatusService.new.call(current_user.account, params[:status], params[:in_reply_to_id].blank? ? nil : Status.find(params[:in_reply_to_id]), media_ids: params[:media_ids], sensitive: params[:sensitive], spoiler_text: params[:spoiler_text], visibility: params[:visibility], application: doorkeeper_token.application) - rescue Mastodon::NotPermitted => e - render json: {error: e.message}, status: 422 - return - end render action: :show end -- cgit