squeegily
/
pleroma
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 42 Wiki Activity
Browse Source

Mastodon-based auth error messages. Defaulted User#auth_active?/1 to `true`.

tags/v1.1.4
Ivan Tashkinov 5 years ago
parent
15aa94f40f
commit
263ca3dea2
3 changed files with 9 additions and 10 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -5
      lib/pleroma/user.ex
  2. +6
    -3
      lib/pleroma/web/oauth/oauth_controller.ex
  3. +2
    -2
      test/web/oauth/oauth_controller_test.exs

+ 1
- 5
lib/pleroma/user.ex View File

@@ -60,14 +60,10 @@ defmodule Pleroma.User do
timestamps()
end

def auth_active?(%User{local: false}), do: true

def auth_active?(%User{info: %User.Info{confirmation_pending: false}}), do: true

def auth_active?(%User{info: %User.Info{confirmation_pending: true}}),
do: !Pleroma.Config.get([:instance, :account_activation_required])

def auth_active?(_), do: false
def auth_active?(%User{}), do: true

def visible_for?(user, for_user \\ nil)



+ 6
- 3
lib/pleroma/web/oauth/oauth_controller.ex View File

@@ -83,14 +83,16 @@ defmodule Pleroma.Web.OAuth.OAuthController do
end
else
{scopes_issue, _} when scopes_issue in [:unsupported_scopes, :missing_scopes] ->
# Per https://github.com/tootsuite/mastodon/blob/51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L39
conn
|> put_flash(:error, "Permissions not specified.")
|> put_flash(:error, "This action is outside the authorized scopes")
|> put_status(:unauthorized)
|> authorize(auth_params)

{:auth_active, false} ->
# Per https://github.com/tootsuite/mastodon/blob/51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L76
conn
|> put_flash(:error, "Account confirmation pending.")
|> put_flash(:error, "Your login is missing a confirmed e-mail address")
|> put_status(:forbidden)
|> authorize(auth_params)

@@ -149,9 +151,10 @@ defmodule Pleroma.Web.OAuth.OAuthController do
json(conn, response)
else
{:auth_active, false} ->
# Per https://github.com/tootsuite/mastodon/blob/51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L76
conn
|> put_status(:forbidden)
|> json(%{error: "Account confirmation pending"})
|> json(%{error: "Your login is missing a confirmed e-mail address"})

_error ->
put_status(conn, 400)


+ 2
- 2
test/web/oauth/oauth_controller_test.exs View File

@@ -87,7 +87,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
assert result =~ app.redirect_uris

# Error message
assert result =~ "Permissions not specified"
assert result =~ "This action is outside the authorized scopes"
end

test "returns 401 for scopes beyond app scopes", %{conn: conn} do
@@ -113,7 +113,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
assert result =~ app.redirect_uris

# Error message
assert result =~ "Permissions not specified"
assert result =~ "This action is outside the authorized scopes"
end

test "issues a token for an all-body request" do


Write Preview
Loading…
Cancel
Save