From 71fce71c94b1e94ae3a7af17bfc141709b61c428 Mon Sep 17 00:00:00 2001 From: ThibG Date: Thu, 14 May 2020 23:28:06 +0200 Subject: Fix webfinger returning wrong status code on malformed or missing param (#13759) Fixes #13757 --- spec/controllers/well_known/webfinger_controller_spec.rb | 10 ++++++++++ spec/lib/webfinger_resource_spec.rb | 12 +++++++++++- 2 files changed, 21 insertions(+), 1 deletion(-) (limited to 'spec') diff --git a/spec/controllers/well_known/webfinger_controller_spec.rb b/spec/controllers/well_known/webfinger_controller_spec.rb index 20275aa63..46f63185b 100644 --- a/spec/controllers/well_known/webfinger_controller_spec.rb +++ b/spec/controllers/well_known/webfinger_controller_spec.rb @@ -84,5 +84,15 @@ PEM expect(response).to have_http_status(:not_found) end + + it 'returns http bad request when not given a resource parameter' do + get :show, params: { }, format: :json + expect(response).to have_http_status(:bad_request) + end + + it 'returns http bad request when given a nonsense parameter' do + get :show, params: { resource: 'df/:dfkj' } + expect(response).to have_http_status(:bad_request) + end end end diff --git a/spec/lib/webfinger_resource_spec.rb b/spec/lib/webfinger_resource_spec.rb index 287537a26..236e9f3e2 100644 --- a/spec/lib/webfinger_resource_spec.rb +++ b/spec/lib/webfinger_resource_spec.rb @@ -39,7 +39,7 @@ describe WebfingerResource do expect { WebfingerResource.new(resource).username - }.to raise_error(ActiveRecord::RecordNotFound) + }.to raise_error(WebfingerResource::InvalidRequest) end it 'finds the username in a valid https route' do @@ -123,5 +123,15 @@ describe WebfingerResource do expect(result).to eq 'alice' end end + + describe 'with a nonsense resource' do + it 'raises InvalidRequest' do + resource = 'df/:dfkj' + + expect { + WebfingerResource.new(resource).username + }.to raise_error(WebfingerResource::InvalidRequest) + end + end end end -- cgit From 27ea7c13a554d41c4bd83a2712b711d2ef55629c Mon Sep 17 00:00:00 2001 From: ThibG Date: Thu, 14 May 2020 23:37:37 +0200 Subject: Fix hashtag search performing account search as well (#13758) --- app/services/search_service.rb | 2 +- spec/services/search_service_spec.rb | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'spec') diff --git a/app/services/search_service.rb b/app/services/search_service.rb index 830de4de3..19500a8d4 100644 --- a/app/services/search_service.rb +++ b/app/services/search_service.rb @@ -94,7 +94,7 @@ class SearchService < BaseService end def account_searchable? - account_search? && !(@query.include?('@') && @query.include?(' ')) + account_search? && !(@query.start_with?('#') || (@query.include?('@') && @query.include?(' '))) end def hashtag_searchable? diff --git a/spec/services/search_service_spec.rb b/spec/services/search_service_spec.rb index 739bb9cf5..5b52662ba 100644 --- a/spec/services/search_service_spec.rb +++ b/spec/services/search_service_spec.rb @@ -91,6 +91,14 @@ describe SearchService, type: :service do expect(Tag).not_to have_received(:search_for) expect(results).to eq empty_results end + it 'does not include account when starts with # character' do + query = '#tag' + allow(AccountSearchService).to receive(:new) + + results = subject.call(query, nil, 10) + expect(AccountSearchService).to_not have_received(:new) + expect(results).to eq empty_results + end end end end -- cgit From a319c1e60f5ef125474122da6deb3b3251f7f0ef Mon Sep 17 00:00:00 2001 From: ThibG Date: Fri, 15 May 2020 17:08:59 +0200 Subject: Add support for `summary` field for media description (#13763) --- app/lib/activitypub/activity/create.rb | 2 +- spec/lib/activitypub/activity/create_spec.rb | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) (limited to 'spec') diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index c55cfe08e..572b8087e 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -201,7 +201,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity begin href = Addressable::URI.parse(attachment['url']).normalize.to_s - media_attachment = MediaAttachment.create(account: @account, remote_url: href, description: attachment['name'].presence, focus: attachment['focalPoint'], blurhash: supported_blurhash?(attachment['blurhash']) ? attachment['blurhash'] : nil) + media_attachment = MediaAttachment.create(account: @account, remote_url: href, description: attachment['summary'].presence || attachment['name'].presence, focus: attachment['focalPoint'], blurhash: supported_blurhash?(attachment['blurhash']) ? attachment['blurhash'] : nil) media_attachments << media_attachment next if unsupported_media_type?(attachment['mediaType']) || skip_download? diff --git a/spec/lib/activitypub/activity/create_spec.rb b/spec/lib/activitypub/activity/create_spec.rb index c4efb5cc9..5220deabb 100644 --- a/spec/lib/activitypub/activity/create_spec.rb +++ b/spec/lib/activitypub/activity/create_spec.rb @@ -287,6 +287,31 @@ RSpec.describe ActivityPub::Activity::Create do end end + context 'with media attachments with long description as summary' do + let(:object_json) do + { + id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join, + type: 'Note', + content: 'Lorem ipsum', + attachment: [ + { + type: 'Document', + mediaType: 'image/png', + url: 'http://example.com/attachment.png', + summary: '*' * 1500, + }, + ], + } + end + + it 'creates status' do + status = sender.statuses.first + + expect(status).to_not be_nil + expect(status.media_attachments.map(&:description)).to include('*' * 1500) + end + end + context 'with media attachments with focal points' do let(:object_json) do { -- cgit