Merge branch 'scarlett/pleroma-search-visibility-check' into 'develop'
Scarlett/pleroma search visibility check See merge request pleroma/pleroma!635
This commit is contained in:
commit
b640cf0ce0
@ -725,11 +725,14 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||||||
json(conn, %{})
|
json(conn, %{})
|
||||||
end
|
end
|
||||||
|
|
||||||
def status_search(query) do
|
def status_search(user, query) do
|
||||||
fetched =
|
fetched =
|
||||||
if Regex.match?(~r/https?:/, query) do
|
if Regex.match?(~r/https?:/, query) do
|
||||||
with {:ok, object} <- ActivityPub.fetch_object_from_id(query) do
|
with {:ok, object} <- ActivityPub.fetch_object_from_id(query),
|
||||||
[Activity.get_create_activity_by_object_ap_id(object.data["id"])]
|
%Activity{} = activity <-
|
||||||
|
Activity.get_create_activity_by_object_ap_id(object.data["id"]),
|
||||||
|
true <- ActivityPub.visible_for_user?(activity, user) do
|
||||||
|
[activity]
|
||||||
else
|
else
|
||||||
_e -> []
|
_e -> []
|
||||||
end
|
end
|
||||||
@ -756,7 +759,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||||||
def search2(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
|
def search2(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
|
||||||
accounts = User.search(query, params["resolve"] == "true")
|
accounts = User.search(query, params["resolve"] == "true")
|
||||||
|
|
||||||
statuses = status_search(query)
|
statuses = status_search(user, query)
|
||||||
|
|
||||||
tags_path = Web.base_url() <> "/tag/"
|
tags_path = Web.base_url() <> "/tag/"
|
||||||
|
|
||||||
@ -780,7 +783,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||||||
def search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
|
def search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
|
||||||
accounts = User.search(query, params["resolve"] == "true")
|
accounts = User.search(query, params["resolve"] == "true")
|
||||||
|
|
||||||
statuses = status_search(query)
|
statuses = status_search(user, query)
|
||||||
|
|
||||||
tags =
|
tags =
|
||||||
String.split(query)
|
String.split(query)
|
||||||
|
@ -1312,6 +1312,24 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
|
|||||||
end)
|
end)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "search doesn't show statuses that it shouldn't", %{conn: conn} do
|
||||||
|
{:ok, activity} =
|
||||||
|
CommonAPI.post(insert(:user), %{
|
||||||
|
"status" => "This is about 2hu, but private",
|
||||||
|
"visibility" => "private"
|
||||||
|
})
|
||||||
|
|
||||||
|
capture_log(fn ->
|
||||||
|
conn =
|
||||||
|
conn
|
||||||
|
|> get("/api/v1/search", %{"q" => activity.data["object"]["id"]})
|
||||||
|
|
||||||
|
assert results = json_response(conn, 200)
|
||||||
|
|
||||||
|
[] = results["statuses"]
|
||||||
|
end)
|
||||||
|
end
|
||||||
|
|
||||||
test "search fetches remote accounts", %{conn: conn} do
|
test "search fetches remote accounts", %{conn: conn} do
|
||||||
conn =
|
conn =
|
||||||
conn
|
conn
|
||||||
|
Loading…
Reference in New Issue
Block a user