From 6cb3514d64ec24b164484f4eb84363b96746d5d6 Mon Sep 17 00:00:00 2001 From: Jakub Mendyk Date: Thu, 23 Aug 2018 14:17:35 +0200 Subject: Add ability to change an instance default theme from the administration panel (#7092) (#8381) * Add default_settings class method to ScopedSettings ScopedSettings was extended to use value of unscoped setting instead of only using defaults set in config/settings.yml for selected settings. This adds possibility for admins to set default values of users' settings, for example default theme (as requested in #7092). * Add ability to change an instance default theme Closes #7092 --- app/controllers/admin/settings_controller.rb | 1 + app/controllers/application_controller.rb | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index 3234b194f..23e0444d0 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -16,6 +16,7 @@ module Admin timeline_preview show_staff_badge bootstrap_timeline_accounts + theme thumbnail hero min_invite_role diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index eafe27047..7ddd26ec0 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -95,7 +95,7 @@ class ApplicationController < ActionController::Base end def current_theme - return Setting.default_settings['theme'] unless Themes.instance.names.include? current_user&.setting_theme + return Setting.theme unless Themes.instance.names.include? current_user&.setting_theme current_user.setting_theme end -- cgit From 9d58daac6c860b599f8c266b8bb10c6170220dd3 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 23 Aug 2018 21:51:56 +0200 Subject: Fix regression when suspending not from report (#8400) Regression from #8353 --- app/controllers/admin/suspensions_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/suspensions_controller.rb b/app/controllers/admin/suspensions_controller.rb index 0c7bdad9e..f9bbf36fb 100644 --- a/app/controllers/admin/suspensions_controller.rb +++ b/app/controllers/admin/suspensions_controller.rb @@ -14,7 +14,7 @@ module Admin @suspension = Form::AdminSuspensionConfirmation.new(suspension_params) if suspension_params[:acct] == @account.acct - resolve_report! if suspension_params[:report_id] + resolve_report! if suspension_params[:report_id].present? perform_suspend! mark_reports_resolved! redirect_to admin_accounts_path -- cgit From 2f34b747b3f765a37d7b23e70de42005c0b62f58 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 23 Aug 2018 23:26:29 +0200 Subject: Allow mods to disable login, improve message when login disabled (#8329) * Allow moderators to disable/enable login * Instead of rejecting login, show forbidden error when login disabled Avoid confusion because when login is rejected, the message is that the account is not activated, which is wrong. * Fix tests --- app/controllers/api/base_controller.rb | 2 ++ app/controllers/application_controller.rb | 6 +++--- app/controllers/auth/sessions_controller.rb | 2 +- app/models/user.rb | 4 ---- app/policies/user_policy.rb | 4 ++-- spec/models/user_spec.rb | 2 +- 6 files changed, 9 insertions(+), 11 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 770a69921..0b3735087 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -7,6 +7,8 @@ class Api::BaseController < ApplicationController include RateLimitHeaders skip_before_action :store_current_location + skip_before_action :check_user_permissions + protect_from_forgery with: :null_session rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e| diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 7ddd26ec0..d266fa1bd 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base rescue_from Mastodon::NotPermittedError, with: :forbidden before_action :store_current_location, except: :raise_not_found, unless: :devise_controller? - before_action :check_suspension, if: :user_signed_in? + before_action :check_user_permissions, if: :user_signed_in? def raise_not_found raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}" @@ -48,8 +48,8 @@ class ApplicationController < ActionController::Base forbidden unless current_user&.staff? end - def check_suspension - forbidden if current_user.account.suspended? + def check_user_permissions + forbidden if current_user.disabled? || current_user.account.suspended? end def after_sign_out_path_for(_resource_or_scope) diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 2e721160b..62b4a6377 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -6,7 +6,7 @@ class Auth::SessionsController < Devise::SessionsController layout 'auth' skip_before_action :require_no_authentication, only: [:create] - skip_before_action :check_suspension, only: [:destroy] + skip_before_action :check_user_permissions, only: [:destroy] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] before_action :set_instance_presenter, only: [:new] before_action :set_body_classes diff --git a/app/models/user.rb b/app/models/user.rb index a2cf2565f..75b7e9e7c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -216,10 +216,6 @@ class User < ApplicationRecord save! end - def active_for_authentication? - super && !disabled? - end - def setting_default_privacy settings.default_privacy || (account.locked? ? 'private' : 'public') end diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb index dabdf707a..57af5c61c 100644 --- a/app/policies/user_policy.rb +++ b/app/policies/user_policy.rb @@ -18,11 +18,11 @@ class UserPolicy < ApplicationPolicy end def enable? - admin? + staff? end def disable? - admin? && !record.admin? + staff? && !record.admin? end def promote? diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 93a6c26fb..015e90edc 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -512,7 +512,7 @@ RSpec.describe User, type: :model do context 'when user is confirmed' do let(:confirmed_at) { Time.zone.now } - it { is_expected.to be false } + it { is_expected.to be true } end context 'when user is not confirmed' do -- cgit From a2cabf3f4af9271d8bfdb13c1ae2b7a8b4e6fb88 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 24 Aug 2018 04:33:27 +0200 Subject: Add admin custom CSS setting (#8399) Fix #3894 --- app/controllers/admin/settings_controller.rb | 1 + app/controllers/custom_css_controller.rb | 10 ++++++++++ app/javascript/styles/mastodon/forms.scss | 11 +++++++++++ app/models/form/admin_settings.rb | 2 ++ app/presenters/instance_presenter.rb | 2 +- app/views/admin/settings/edit.html.haml | 2 +- app/views/layouts/application.html.haml | 3 +++ config/routes.rb | 1 + 8 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 app/controllers/custom_css_controller.rb (limited to 'app/controllers') diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index 23e0444d0..7d38f76ae 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -24,6 +24,7 @@ module Admin peers_api_enabled show_known_fediverse_at_about_page preview_sensitive_media + custom_css ).freeze BOOLEAN_SETTINGS = %w( diff --git a/app/controllers/custom_css_controller.rb b/app/controllers/custom_css_controller.rb new file mode 100644 index 000000000..31e501609 --- /dev/null +++ b/app/controllers/custom_css_controller.rb @@ -0,0 +1,10 @@ +# frozen_string_literal: true + +class CustomCssController < ApplicationController + before_action :set_cache_headers + + def show + skip_session! + render plain: Setting.custom_css || '', content_type: 'text/css' + end +end diff --git a/app/javascript/styles/mastodon/forms.scss b/app/javascript/styles/mastodon/forms.scss index 020be5ad2..144b4a519 100644 --- a/app/javascript/styles/mastodon/forms.scss +++ b/app/javascript/styles/mastodon/forms.scss @@ -621,3 +621,14 @@ code { .scope-danger { color: $warning-red; } + +.form_admin_settings_site_short_description, +.form_admin_settings_site_description, +.form_admin_settings_site_extended_description, +.form_admin_settings_site_terms, +.form_admin_settings_custom_css, +.form_admin_settings_closed_registrations_message { + textarea { + font-family: 'mastodon-font-monospace', monospace; + } +} diff --git a/app/models/form/admin_settings.rb b/app/models/form/admin_settings.rb index db46cda7b..9fef7da97 100644 --- a/app/models/form/admin_settings.rb +++ b/app/models/form/admin_settings.rb @@ -42,6 +42,8 @@ class Form::AdminSettings :show_known_fediverse_at_about_page=, :preview_sensitive_media, :preview_sensitive_media=, + :custom_css, + :custom_css=, to: Setting ) end diff --git a/app/presenters/instance_presenter.rb b/app/presenters/instance_presenter.rb index 31365b646..a4e4af889 100644 --- a/app/presenters/instance_presenter.rb +++ b/app/presenters/instance_presenter.rb @@ -14,7 +14,7 @@ class InstancePresenter ) def contact_account - Account.find_local(Setting.site_contact_username) + Account.find_local(Setting.site_contact_username.gsub(/\A@/, '')) end def user_count diff --git a/app/views/admin/settings/edit.html.haml b/app/views/admin/settings/edit.html.haml index b5aa176a2..f40edc35a 100644 --- a/app/views/admin/settings/edit.html.haml +++ b/app/views/admin/settings/edit.html.haml @@ -49,7 +49,7 @@ .fields-group = f.input :site_extended_description, wrapper: :with_block_label, as: :text, label: t('admin.settings.site_description_extended.title'), hint: t('admin.settings.site_description_extended.desc_html'), input_html: { rows: 8 } = f.input :site_terms, wrapper: :with_block_label, as: :text, label: t('admin.settings.site_terms.title'), hint: t('admin.settings.site_terms.desc_html'), input_html: { rows: 8 } - + = f.input :custom_css, wrapper: :with_block_label, as: :text, input_html: { rows: 8 }, label: t('admin.settings.custom_css.title'), hint: t('admin.settings.custom_css.desc_html') %hr/ .fields-group diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index df898d5a2..68a903197 100755 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -19,6 +19,9 @@ = javascript_pack_tag "locale_#{I18n.locale}", integrity: true, crossorigin: 'anonymous' = csrf_meta_tags + - if Setting.custom_css.present? + = stylesheet_link_tag custom_css_path, media: 'all' + = yield :header_tags - body_classes ||= @body_classes || '' diff --git a/config/routes.rb b/config/routes.rb index 80a8b7b4c..0e54157dc 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -23,6 +23,7 @@ Rails.application.routes.draw do get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger get 'manifest', to: 'manifests#show', defaults: { format: 'json' } get 'intent', to: 'intents#show' + get 'custom.css', to: 'custom_css#show', as: :custom_css devise_scope :user do get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite -- cgit From da13fa50215c5153ee199eb8e70e7fa030523a00 Mon Sep 17 00:00:00 2001 From: Quint Guvernator Date: Sun, 26 Aug 2018 13:22:46 -0400 Subject: Fix low-hanging rubocop gripes (#8458) * rubocop: quit being so picky * rubocop: miscellany * rubocop: prefer present to blank --- .rubocop.yml | 6 +++++ .../api/v1/lists/accounts_controller.rb | 2 +- app/controllers/api/v1/lists_controller.rb | 2 +- app/lib/feed_manager.rb | 2 +- app/mailers/user_mailer.rb | 2 +- app/models/concerns/expireable.rb | 2 +- app/models/user.rb | 4 ++-- lib/tasks/db.rake | 2 +- lib/tasks/mastodon.rake | 28 ++++++++++------------ 9 files changed, 26 insertions(+), 24 deletions(-) (limited to 'app/controllers') diff --git a/.rubocop.yml b/.rubocop.yml index 4f9e09b43..4ba5903bd 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -62,6 +62,9 @@ Metrics/ParameterLists: Metrics/PerceivedComplexity: Max: 20 +Naming/MemoizedInstanceVariableName: + Enabled: false + Rails: Enabled: true @@ -71,6 +74,9 @@ Rails/HasAndBelongsToMany: Rails/SkipsModelValidations: Enabled: false +Rails/HttpStatus: + Enabled: false + Style/ClassAndModuleChildren: Enabled: false diff --git a/app/controllers/api/v1/lists/accounts_controller.rb b/app/controllers/api/v1/lists/accounts_controller.rb index 19de56732..ec4477034 100644 --- a/app/controllers/api/v1/lists/accounts_controller.rb +++ b/app/controllers/api/v1/lists/accounts_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Api::V1::Lists::AccountsController < Api::BaseController - before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:show] + before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:show] before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:show] before_action :require_user! diff --git a/app/controllers/api/v1/lists_controller.rb b/app/controllers/api/v1/lists_controller.rb index b42b8b971..054172bee 100644 --- a/app/controllers/api/v1/lists_controller.rb +++ b/app/controllers/api/v1/lists_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Api::V1::ListsController < Api::BaseController - before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:index, :show] + before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:index, :show] before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:index, :show] before_action :require_user! diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb index 14cba70dc..b59a9f1cd 100644 --- a/app/lib/feed_manager.rb +++ b/app/lib/feed_manager.rb @@ -288,7 +288,7 @@ class FeedManager # remains in the set. We could pick a random element, but this # set should generally be small, and it seems ideal to show the # oldest potential such reblog. - other_reblog = redis.smembers(reblog_set_key).map(&:to_i).sort.first + other_reblog = redis.smembers(reblog_set_key).map(&:to_i).min redis.zadd(timeline_key, other_reblog, other_reblog) if other_reblog diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb index 9848c34a2..aa76b4dfe 100644 --- a/app/mailers/user_mailer.rb +++ b/app/mailers/user_mailer.rb @@ -16,7 +16,7 @@ class UserMailer < Devise::Mailer return if @resource.disabled? I18n.with_locale(@resource.locale || I18n.default_locale) do - mail to: @resource.unconfirmed_email.blank? ? @resource.email : @resource.unconfirmed_email, + mail to: @resource.unconfirmed_email.presence || @resource.email, subject: I18n.t(@resource.pending_reconfirmation? ? 'devise.mailer.reconfirmation_instructions.subject' : 'devise.mailer.confirmation_instructions.subject', instance: @instance), template_name: @resource.pending_reconfirmation? ? 'reconfirmation_instructions' : 'confirmation_instructions' end diff --git a/app/models/concerns/expireable.rb b/app/models/concerns/expireable.rb index 444ccdfdb..2c0631476 100644 --- a/app/models/concerns/expireable.rb +++ b/app/models/concerns/expireable.rb @@ -9,7 +9,7 @@ module Expireable attr_reader :expires_in def expires_in=(interval) - self.expires_at = interval.to_i.seconds.from_now unless interval.blank? + self.expires_at = interval.to_i.seconds.from_now if interval.present? @expires_in = interval end diff --git a/app/models/user.rb b/app/models/user.rb index 75b7e9e7c..25f77ed14 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -98,7 +98,7 @@ class User < ApplicationRecord :reduce_motion, :system_font_ui, :noindex, :theme, :display_sensitive_media, :hide_network, :default_language, to: :settings, prefix: :setting, allow_nil: false - attr_accessor :invite_code + attr_reader :invite_code def pam_conflict(_) # block pam login tries on traditional account @@ -258,7 +258,7 @@ class User < ApplicationRecord end def invite_code=(code) - self.invite = Invite.find_by(code: code) unless code.blank? + self.invite = Invite.find_by(code: code) if code.present? @invite_code = code end diff --git a/lib/tasks/db.rake b/lib/tasks/db.rake index 32039c31d..b76e90131 100644 --- a/lib/tasks/db.rake +++ b/lib/tasks/db.rake @@ -18,7 +18,7 @@ def each_schema_load_environment # needing to do the same, and we can't even use the same method # to do it. - if Rails.env == 'development' + if Rails.env.development? test_conf = ActiveRecord::Base.configurations['test'] if test_conf['database']&.present? diff --git a/lib/tasks/mastodon.rake b/lib/tasks/mastodon.rake index 7455478b6..649a22a0b 100644 --- a/lib/tasks/mastodon.rake +++ b/lib/tasks/mastodon.rake @@ -280,14 +280,14 @@ namespace :mastodon do begin ActionMailer::Base.smtp_settings = { - :port => env['SMTP_PORT'], - :address => env['SMTP_SERVER'], - :user_name => env['SMTP_LOGIN'].presence, - :password => env['SMTP_PASSWORD'].presence, - :domain => env['LOCAL_DOMAIN'], - :authentication => env['SMTP_AUTH_METHOD'] == 'none' ? nil : env['SMTP_AUTH_METHOD'] || :plain, - :openssl_verify_mode => env['SMTP_OPENSSL_VERIFY_MODE'], - :enable_starttls_auto => true, + port: env['SMTP_PORT'], + address: env['SMTP_SERVER'], + user_name: env['SMTP_LOGIN'].presence, + password: env['SMTP_PASSWORD'].presence, + domain: env['LOCAL_DOMAIN'], + authentication: env['SMTP_AUTH_METHOD'] == 'none' ? nil : env['SMTP_AUTH_METHOD'] || :plain, + openssl_verify_mode: env['SMTP_OPENSSL_VERIFY_MODE'], + enable_starttls_auto: true, } ActionMailer::Base.default_options = { @@ -326,13 +326,11 @@ namespace :mastodon do if prompt.yes?('Prepare the database now?') prompt.say 'Running `RAILS_ENV=production rails db:setup` ...' - prompt.say "\n" + prompt.say "\n\n" if cmd.run!({ RAILS_ENV: 'production', SAFETY_ASSURED: 1 }, :rails, 'db:setup').failure? - prompt.say "\n" prompt.error 'That failed! Perhaps your configuration is not right' else - prompt.say "\n" prompt.ok 'Done!' end end @@ -343,13 +341,11 @@ namespace :mastodon do if prompt.yes?('Compile the assets now?') prompt.say 'Running `RAILS_ENV=production rails assets:precompile` ...' - prompt.say "\n" + prompt.say "\n\n" if cmd.run!({ RAILS_ENV: 'production' }, :rails, 'assets:precompile').failure? - prompt.say "\n" prompt.error 'That failed! Maybe you need swap space?' else - prompt.say "\n" prompt.say 'Done!' end end @@ -715,10 +711,10 @@ namespace :mastodon do pastel = Pastel.new duplicate_masters.each do |account| - puts pastel.yellow("First of their name: ") + pastel.bold(account.username) + " (#{admin_account_url(account.id)})" + puts pastel.yellow('First of their name: ') + pastel.bold(account.username) + " (#{admin_account_url(account.id)})" Account.where('lower(username) = ?', account.username.downcase).where.not(id: account.id).each do |duplicate| - puts " " + pastel.red("Duplicate: ") + admin_account_url(duplicate.id) + puts ' ' + pastel.red('Duplicate: ') + admin_account_url(duplicate.id) end end end -- cgit From f3a12ddfd0b5b9379c7cfe4229697765851f4738 Mon Sep 17 00:00:00 2001 From: Jakub Mendyk Date: Sun, 26 Aug 2018 21:30:17 +0200 Subject: Make Api::V1::MutesController paginate properly (#8472) Fixes #8463 --- app/controllers/api/v1/mutes_controller.rb | 26 +++++------ spec/controllers/api/v1/mutes_controller_spec.rb | 56 +++++++++++++++++++++--- 2 files changed, 61 insertions(+), 21 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/api/v1/mutes_controller.rb b/app/controllers/api/v1/mutes_controller.rb index faa7d16cd..df6c8e86c 100644 --- a/app/controllers/api/v1/mutes_controller.rb +++ b/app/controllers/api/v1/mutes_controller.rb @@ -15,19 +15,17 @@ class Api::V1::MutesController < Api::BaseController private def load_accounts - default_accounts.merge(paginated_mutes).to_a - end - - def default_accounts - Account.includes(:muted_by).references(:muted_by) + paginated_mutes.map(&:target_account) end def paginated_mutes - Mute.where(account: current_account).paginate_by_max_id( - limit_param(DEFAULT_ACCOUNTS_LIMIT), - params[:max_id], - params[:since_id] - ) + @paginated_mutes ||= Mute.eager_load(:target_account) + .where(account: current_account) + .paginate_by_max_id( + limit_param(DEFAULT_ACCOUNTS_LIMIT), + params[:max_id], + params[:since_id] + ) end def insert_pagination_headers @@ -41,21 +39,21 @@ class Api::V1::MutesController < Api::BaseController end def prev_path - unless @accounts.empty? + unless paginated_mutes.empty? api_v1_mutes_url pagination_params(since_id: pagination_since_id) end end def pagination_max_id - @accounts.last.muted_by_ids.last + paginated_mutes.last.id end def pagination_since_id - @accounts.first.muted_by_ids.first + paginated_mutes.first.id end def records_continue? - @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) + paginated_mutes.size == limit_param(DEFAULT_ACCOUNTS_LIMIT) end def pagination_params(core_params) diff --git a/spec/controllers/api/v1/mutes_controller_spec.rb b/spec/controllers/api/v1/mutes_controller_spec.rb index f9603b7ff..a2b814a69 100644 --- a/spec/controllers/api/v1/mutes_controller_spec.rb +++ b/spec/controllers/api/v1/mutes_controller_spec.rb @@ -3,19 +3,61 @@ require 'rails_helper' RSpec.describe Api::V1::MutesController, type: :controller do render_views - let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } - let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:mutes') } + let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) } + let(:scopes) { 'read:mutes' } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) } - before do - Fabricate(:mute, account: user.account, hide_notifications: false) - allow(controller).to receive(:doorkeeper_token) { token } - end + before { allow(controller).to receive(:doorkeeper_token) { token } } describe 'GET #index' do - it 'returns http success' do + it 'limits according to limit parameter' do + 2.times.map { Fabricate(:mute, account: user.account) } get :index, params: { limit: 1 } + expect(body_as_json.size).to eq 1 + end + + it 'queries mutes in range according to max_id' do + mutes = 2.times.map { Fabricate(:mute, account: user.account) } + + get :index, params: { max_id: mutes[1] } + expect(body_as_json.size).to eq 1 + expect(body_as_json[0][:id]).to eq mutes[0].target_account_id.to_s + end + + it 'queries mutes in range according to since_id' do + mutes = 2.times.map { Fabricate(:mute, account: user.account) } + + get :index, params: { since_id: mutes[0] } + + expect(body_as_json.size).to eq 1 + expect(body_as_json[0][:id]).to eq mutes[1].target_account_id.to_s + end + + it 'sets pagination header for next path' do + mutes = 2.times.map { Fabricate(:mute, account: user.account) } + get :index, params: { limit: 1, since_id: mutes[0] } + expect(response.headers['Link'].find_link(['rel', 'next']).href).to eq api_v1_mutes_url(limit: 1, max_id: mutes[1]) + end + + it 'sets pagination header for previous path' do + mute = Fabricate(:mute, account: user.account) + get :index + expect(response.headers['Link'].find_link(['rel', 'prev']).href).to eq api_v1_mutes_url(since_id: mute) + end + + it 'returns http success' do + get :index expect(response).to have_http_status(200) end + + context 'with wrong scopes' do + let(:scopes) { 'write:mutes' } + + it 'returns http forbidden' do + get :index + expect(response).to have_http_status(403) + end + end end end -- cgit