From 0ef9d45d0581dddf2f325033c43721f42fcfca9e Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Mon, 11 Sep 2017 23:50:37 +0200
Subject: Fix error when following locked accounts (#4896)

---
 .../controllers/api/v1/accounts_controller_spec.rb | 43 +++++++++++++++++-----
 1 file changed, 33 insertions(+), 10 deletions(-)

(limited to 'spec/controllers')

diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb
index 05df2f844..c770649ec 100644
--- a/spec/controllers/api/v1/accounts_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts_controller_spec.rb
@@ -18,25 +18,48 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
   end
 
   describe 'POST #follow' do
-    let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
+    let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob', locked: locked)).account }
 
     before do
       post :follow, params: { id: other_account.id }
     end
 
-    it 'returns http success' do
-      expect(response).to have_http_status(:success)
-    end
+    context 'with unlocked account' do
+      let(:locked) { false }
+
+      it 'returns http success' do
+        expect(response).to have_http_status(:success)
+      end
+
+      it 'returns JSON with following=true and requested=false' do
+        json = body_as_json
 
-    it 'returns JSON with following=true and requested=false' do
-      json = body_as_json
+        expect(json[:following]).to be true
+        expect(json[:requested]).to be false
+      end
 
-      expect(json[:following]).to be true
-      expect(json[:requested]).to be false
+      it 'creates a following relation between user and target user' do
+        expect(user.account.following?(other_account)).to be true
+      end
     end
 
-    it 'creates a following relation between user and target user' do
-      expect(user.account.following?(other_account)).to be true
+    context 'with locked account' do
+      let(:locked) { true }
+
+      it 'returns http success' do
+        expect(response).to have_http_status(:success)
+      end
+
+      it 'returns JSON with following=false and requested=true' do
+        json = body_as_json
+
+        expect(json[:following]).to be false
+        expect(json[:requested]).to be true
+      end
+
+      it 'creates a follow request relation between user and target user' do
+        expect(user.account.requested?(other_account)).to be true
+      end
     end
   end
 
-- 
cgit 


From 472df245799949631646f90d894486e4dbeaaaf9 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Fri, 15 Sep 2017 00:57:08 +0200
Subject: When web UI URL used while logged out, redirect to static page
 (#4954)

---
 app/controllers/home_controller.rb       | 35 +++++++++++++++++++++++++++++++-
 spec/controllers/home_controller_spec.rb |  2 ++
 2 files changed, 36 insertions(+), 1 deletion(-)

(limited to 'spec/controllers')

diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
index 1585bc810..21dde20ce 100644
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -11,7 +11,30 @@ class HomeController < ApplicationController
   private
 
   def authenticate_user!
-    redirect_to(single_user_mode? ? account_path(Account.first) : about_path) unless user_signed_in?
+    return if user_signed_in?
+
+    matches = request.path.match(/\A\/web\/(statuses|accounts)\/([\d]+)\z/)
+
+    if matches
+      case matches[1]
+      when 'statuses'
+        status = Status.find_by(id: matches[2])
+
+        if status && (status.public_visibility? || status.unlisted_visibility?)
+          redirect_to(ActivityPub::TagManager.instance.url_for(status))
+          return
+        end
+      when 'accounts'
+        account = Account.find_by(id: matches[2])
+
+        if account
+          redirect_to(ActivityPub::TagManager.instance.url_for(account))
+          return
+        end
+      end
+    end
+
+    redirect_to(default_redirect_path)
   end
 
   def set_initial_state_json
@@ -28,4 +51,14 @@ class HomeController < ApplicationController
       admin: Account.find_local(Setting.site_contact_username),
     }
   end
+
+  def default_redirect_path
+    if request.path.start_with?('/web')
+      new_user_session_path
+    elsif single_user_mode?
+      short_account_path(Account.first)
+    else
+      about_path
+    end
+  end
 end
diff --git a/spec/controllers/home_controller_spec.rb b/spec/controllers/home_controller_spec.rb
index d44d720b1..1077a7288 100644
--- a/spec/controllers/home_controller_spec.rb
+++ b/spec/controllers/home_controller_spec.rb
@@ -6,6 +6,7 @@ RSpec.describe HomeController, type: :controller do
   describe 'GET #index' do
     context 'when not signed in' do
       it 'redirects to about page' do
+        @request.path = '/'
         get :index
         expect(response).to redirect_to(about_path)
       end
@@ -13,6 +14,7 @@ RSpec.describe HomeController, type: :controller do
 
     context 'when signed in' do
       let(:user) { Fabricate(:user) }
+
       subject do
         sign_in(user)
         get :index
-- 
cgit