Selaa lähdekoodia
[#1732] Made AP C2S :followers and :following endpoints serve on no auth
(as for related :api pipeline endpoints).features/attachment_validator
Ivan Tashkinov
4 vuotta sitten
3 muutettua tiedostoa jossa 7 lisäystä ja 5 poistoa
Yhdistetty näkymä
Diff Options
-
+2 -1lib/pleroma/web/activity_pub/activity_pub_controller.ex
-
+1 -0lib/pleroma/web/router.ex
-
+4 -4test/web/activity_pub/activity_pub_controller_test.exs
+ 2
- 1
lib/pleroma/web/activity_pub/activity_pub_controller.ex
Näytä tiedosto
| @@ -37,9 +37,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do | |||||
| [unless_func: &FederatingPlug.federating?/0] when action not in @federating_only_actions | [unless_func: &FederatingPlug.federating?/0] when action not in @federating_only_actions | ||||
| ) | ) | ||||
| # Note: :following and :followers must be served even without authentication (as via :api) | |||||
| plug( | plug( | ||||
| EnsureAuthenticatedPlug | EnsureAuthenticatedPlug | ||||
| when action in [:read_inbox, :update_outbox, :whoami, :upload_media, :following, :followers] | |||||
| when action in [:read_inbox, :update_outbox, :whoami, :upload_media] | |||||
| ) | ) | ||||
| plug( | plug( | ||||
+ 1
- 0
lib/pleroma/web/router.ex
Näytä tiedosto
| @@ -585,6 +585,7 @@ defmodule Pleroma.Web.Router do | |||||
| post("/users/:nickname/outbox", ActivityPubController, :update_outbox) | post("/users/:nickname/outbox", ActivityPubController, :update_outbox) | ||||
| post("/api/ap/upload_media", ActivityPubController, :upload_media) | post("/api/ap/upload_media", ActivityPubController, :upload_media) | ||||
| # The following two are S2S as well, see `ActivityPub.fetch_follow_information_for_user/1`: | |||||
| get("/users/:nickname/followers", ActivityPubController, :followers) | get("/users/:nickname/followers", ActivityPubController, :followers) | ||||
| get("/users/:nickname/following", ActivityPubController, :following) | get("/users/:nickname/following", ActivityPubController, :following) | ||||
| end | end | ||||
+ 4
- 4
test/web/activity_pub/activity_pub_controller_test.exs
Näytä tiedosto
| @@ -1055,12 +1055,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do | |||||
| assert result["totalItems"] == 15 | assert result["totalItems"] == 15 | ||||
| end | end | ||||
| test "returns 403 if requester is not logged in", %{conn: conn} do | |||||
| test "does not require authentication", %{conn: conn} do | |||||
| user = insert(:user) | user = insert(:user) | ||||
| conn | conn | ||||
| |> get("/users/#{user.nickname}/followers") | |> get("/users/#{user.nickname}/followers") | ||||
| |> json_response(403) | |||||
| |> json_response(200) | |||||
| end | end | ||||
| end | end | ||||
| @@ -1152,12 +1152,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do | |||||
| assert result["totalItems"] == 15 | assert result["totalItems"] == 15 | ||||
| end | end | ||||
| test "returns 403 if requester is not logged in", %{conn: conn} do | |||||
| test "does not require authentication", %{conn: conn} do | |||||
| user = insert(:user) | user = insert(:user) | ||||
| conn | conn | ||||
| |> get("/users/#{user.nickname}/following") | |> get("/users/#{user.nickname}/following") | ||||
| |> json_response(403) | |||||
| |> json_response(200) | |||||
| end | end | ||||
| end | end | ||||