From 62a45ae26e475f0c5b70feaf566e72b024ad0b22 Mon Sep 17 00:00:00 2001 From: ThibG Date: Wed, 19 Aug 2020 19:00:47 +0200 Subject: Fix client-side form validation not accepting handles with uppercase letters (#14599) --- app/views/about/_registration.html.haml | 2 +- app/views/auth/registrations/new.html.haml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/views/about/_registration.html.haml b/app/views/about/_registration.html.haml index 336acad6a..5d159e9e6 100644 --- a/app/views/about/_registration.html.haml +++ b/app/views/about/_registration.html.haml @@ -4,7 +4,7 @@ .fields-group = f.simple_fields_for :account do |account_fields| - = account_fields.input :username, wrapper: :with_label, label: false, required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', placeholder: t('simple_form.labels.defaults.username'), pattern: '[a-z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: false, disabled: closed_registrations? + = account_fields.input :username, wrapper: :with_label, label: false, required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', placeholder: t('simple_form.labels.defaults.username'), pattern: '[a-zA-Z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: false, disabled: closed_registrations? = f.input :email, placeholder: t('simple_form.labels.defaults.email'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.email'), :autocomplete => 'off' }, hint: false, disabled: closed_registrations? = f.input :password, placeholder: t('simple_form.labels.defaults.password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.password'), :autocomplete => 'off', :minlength => User.password_length.first, :maxlength => User.password_length.last }, hint: false, disabled: closed_registrations? diff --git a/app/views/auth/registrations/new.html.haml b/app/views/auth/registrations/new.html.haml index d5698b426..cc72b87ce 100644 --- a/app/views/auth/registrations/new.html.haml +++ b/app/views/auth/registrations/new.html.haml @@ -14,7 +14,7 @@ = f.simple_fields_for :account do |ff| .fields-group - = ff.input :username, wrapper: :with_label, autofocus: true, label: t('simple_form.labels.defaults.username'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', pattern: '[a-z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: t('simple_form.hints.defaults.username', domain: site_hostname) + = ff.input :username, wrapper: :with_label, autofocus: true, label: t('simple_form.labels.defaults.username'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', pattern: '[a-zA-Z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: t('simple_form.hints.defaults.username', domain: site_hostname) .fields-group = f.input :email, wrapper: :with_label, label: t('simple_form.labels.defaults.email'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.email'), :autocomplete => 'off' } -- cgit From f6a82cb2cd7d82bc571866de0dcf90f7fdc29ca2 Mon Sep 17 00:00:00 2001 From: ThibG Date: Wed, 19 Aug 2020 19:02:06 +0200 Subject: Fix not being able to unbookmark toots when blocked by their author (#14604) * Fix not being able to unbookmark toots when blocked by their author * Add tests --- .../api/v1/statuses/bookmarks_controller.rb | 14 ++++++++++-- .../api/v1/statuses/bookmarks_controller_spec.rb | 25 ++++++++++++++++++++++ 2 files changed, 37 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/controllers/api/v1/statuses/bookmarks_controller.rb b/app/controllers/api/v1/statuses/bookmarks_controller.rb index 3954af3c9..19963c002 100644 --- a/app/controllers/api/v1/statuses/bookmarks_controller.rb +++ b/app/controllers/api/v1/statuses/bookmarks_controller.rb @@ -5,7 +5,7 @@ class Api::V1::Statuses::BookmarksController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' } before_action :require_user! - before_action :set_status + before_action :set_status, only: [:create] def create current_account.bookmarks.find_or_create_by!(account: current_account, status: @status) @@ -13,10 +13,20 @@ class Api::V1::Statuses::BookmarksController < Api::BaseController end def destroy - bookmark = current_account.bookmarks.find_by(status: @status) + bookmark = current_account.bookmarks.find_by(status_id: params[:status_id]) + + if bookmark + @status = bookmark.status + else + @status = Status.find(params[:status_id]) + authorize @status, :show? + end + bookmark&.destroy! render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, bookmarks_map: { @status.id => false }) + rescue Mastodon::NotPermittedError + not_found end private diff --git a/spec/controllers/api/v1/statuses/bookmarks_controller_spec.rb b/spec/controllers/api/v1/statuses/bookmarks_controller_spec.rb index aa5ca433f..7c75a4f73 100644 --- a/spec/controllers/api/v1/statuses/bookmarks_controller_spec.rb +++ b/spec/controllers/api/v1/statuses/bookmarks_controller_spec.rb @@ -72,6 +72,31 @@ describe Api::V1::Statuses::BookmarksController do end end + context 'with public status when blocked by its author' do + let(:status) { Fabricate(:status) } + + before do + Bookmark.find_or_create_by!(account: user.account, status: status) + status.account.block!(user.account) + post :destroy, params: { status_id: status.id } + end + + it 'returns http success' do + expect(response).to have_http_status(200) + end + + it 'updates the bookmarked attribute' do + expect(user.account.bookmarked?(status)).to be false + end + + it 'returns json with updated attributes' do + hash_body = body_as_json + + expect(hash_body[:id]).to eq status.id.to_s + expect(hash_body[:bookmarked]).to be false + end + end + context 'with private status that was not bookmarked' do let(:status) { Fabricate(:status, visibility: :private) } -- cgit