AccountController: Use code 400 for self-follow.

This commit is contained in:
lain 2020-04-22 15:04:26 +02:00
parent 69ecc39038
commit 5b39526198
2 changed files with 14 additions and 13 deletions

View File

@ -293,7 +293,7 @@ def lists(%{assigns: %{user: user, account: account}} = conn, _params) do
@doc "POST /api/v1/accounts/:id/follow" @doc "POST /api/v1/accounts/:id/follow"
def follow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do def follow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do
{:error, :not_found} {:error, "Can not follow yourself"}
end end
def follow(%{assigns: %{user: follower, account: followed}} = conn, _params) do def follow(%{assigns: %{user: follower, account: followed}} = conn, _params) do
@ -306,7 +306,7 @@ def follow(%{assigns: %{user: follower, account: followed}} = conn, _params) do
@doc "POST /api/v1/accounts/:id/unfollow" @doc "POST /api/v1/accounts/:id/unfollow"
def unfollow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do def unfollow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do
{:error, :not_found} {:error, "Can not unfollow yourself"}
end end
def unfollow(%{assigns: %{user: follower, account: followed}} = conn, _params) do def unfollow(%{assigns: %{user: follower, account: followed}} = conn, _params) do
@ -356,14 +356,15 @@ def unblock(%{assigns: %{user: blocker, account: blocked}} = conn, _params) do
end end
@doc "POST /api/v1/follows" @doc "POST /api/v1/follows"
def follows(%{assigns: %{user: follower}} = conn, %{"uri" => uri}) do def follows(conn, %{"uri" => uri}) do
with {_, %User{} = followed} <- {:followed, User.get_cached_by_nickname(uri)}, case User.get_cached_by_nickname(uri) do
{_, true} <- {:followed, follower.id != followed.id}, %User{} = user ->
{:ok, follower, followed, _} <- CommonAPI.follow(follower, followed) do conn
render(conn, "show.json", user: followed, for: follower) |> assign(:account, user)
else |> follow(%{})
{:followed, _} -> {:error, :not_found}
{:error, message} -> json_response(conn, :forbidden, %{error: message}) nil ->
{:error, :not_found}
end end
end end

View File

@ -681,17 +681,17 @@ test "following without reblogs" do
test "following / unfollowing errors", %{user: user, conn: conn} do test "following / unfollowing errors", %{user: user, conn: conn} do
# self follow # self follow
conn_res = post(conn, "/api/v1/accounts/#{user.id}/follow") conn_res = post(conn, "/api/v1/accounts/#{user.id}/follow")
assert %{"error" => "Record not found"} = json_response(conn_res, 404) assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400)
# self unfollow # self unfollow
user = User.get_cached_by_id(user.id) user = User.get_cached_by_id(user.id)
conn_res = post(conn, "/api/v1/accounts/#{user.id}/unfollow") conn_res = post(conn, "/api/v1/accounts/#{user.id}/unfollow")
assert %{"error" => "Record not found"} = json_response(conn_res, 404) assert %{"error" => "Can not unfollow yourself"} = json_response(conn_res, 400)
# self follow via uri # self follow via uri
user = User.get_cached_by_id(user.id) user = User.get_cached_by_id(user.id)
conn_res = post(conn, "/api/v1/follows", %{"uri" => user.nickname}) conn_res = post(conn, "/api/v1/follows", %{"uri" => user.nickname})
assert %{"error" => "Record not found"} = json_response(conn_res, 404) assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400)
# follow non existing user # follow non existing user
conn_res = post(conn, "/api/v1/accounts/doesntexist/follow") conn_res = post(conn, "/api/v1/accounts/doesntexist/follow")