Merge branch 'hotfix/media-proxy-uri' into 'develop'

user: fix local vs remote determination in remote_or_auth_active?/1

See merge request pleroma/pleroma!640
This commit is contained in:
kaniini 2019-01-09 07:09:39 +00:00
commit 5c5c8508c2
3 changed files with 98 additions and 13 deletions

View File

@ -44,20 +44,28 @@ defmodule Pleroma.User do
timestamps() timestamps()
end end
def auth_active?(%User{} = user) do def auth_active?(%User{local: false}), do: true
(user.info && !user.info.confirmation_pending) ||
!Pleroma.Config.get([:instance, :account_activation_required]) def auth_active?(%User{info: %User.Info{confirmation_pending: false}}), do: true
def auth_active?(%User{info: %User.Info{confirmation_pending: true}}),
do: !Pleroma.Config.get([:instance, :account_activation_required])
def auth_active?(_), do: false
def visible_for?(user, for_user \\ nil)
def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true
def visible_for?(%User{} = user, for_user) do
auth_active?(user) || superuser?(for_user)
end end
def remote_or_auth_active?(%User{} = user), do: !user.local || auth_active?(user) def visible_for?(_, _), do: false
def visible_for?(%User{} = user, for_user \\ nil) do def superuser?(%User{local: true, info: %User.Info{is_admin: true}}), do: true
User.remote_or_auth_active?(user) || (for_user && for_user.id == user.id) || def superuser?(%User{local: true, info: %User.Info{is_moderator: true}}), do: true
User.superuser?(for_user) def superuser?(_), do: false
end
def superuser?(nil), do: false
def superuser?(%User{} = user), do: user.info && User.Info.superuser?(user.info)
def avatar_url(user) do def avatar_url(user) do
case user.avatar do case user.avatar do

View File

@ -41,8 +41,6 @@ defmodule Pleroma.User.Info do
# subject _> Where is this used? # subject _> Where is this used?
end end
def superuser?(info), do: info.is_admin || info.is_moderator
def set_activation_status(info, deactivated) do def set_activation_status(info, deactivated) do
params = %{deactivated: deactivated} params = %{deactivated: deactivated}

View File

@ -784,4 +784,83 @@ test "finds a user whose name is nil" do
|> Map.put(:search_distance, nil) |> Map.put(:search_distance, nil)
end end
end end
test "auth_active?/1 works correctly" do
Pleroma.Config.put([:instance, :account_activation_required], true)
local_user = insert(:user, local: true, info: %{confirmation_pending: true})
confirmed_user = insert(:user, local: true, info: %{confirmation_pending: false})
remote_user = insert(:user, local: false)
refute User.auth_active?(local_user)
assert User.auth_active?(confirmed_user)
assert User.auth_active?(remote_user)
Pleroma.Config.put([:instance, :account_activation_required], false)
end
describe "superuser?/1" do
test "returns false for unprivileged users" do
user = insert(:user, local: true)
refute User.superuser?(user)
end
test "returns false for remote users" do
user = insert(:user, local: false)
remote_admin_user = insert(:user, local: false, info: %{is_admin: true})
refute User.superuser?(user)
refute User.superuser?(remote_admin_user)
end
test "returns true for local moderators" do
user = insert(:user, local: true, info: %{is_moderator: true})
assert User.superuser?(user)
end
test "returns true for local admins" do
user = insert(:user, local: true, info: %{is_admin: true})
assert User.superuser?(user)
end
end
describe "visible_for?/2" do
test "returns true when the account is itself" do
user = insert(:user, local: true)
assert User.visible_for?(user, user)
end
test "returns false when the account is unauthenticated and auth is required" do
Pleroma.Config.put([:instance, :account_activation_required], true)
user = insert(:user, local: true, info: %{confirmation_pending: true})
other_user = insert(:user, local: true)
refute User.visible_for?(user, other_user)
Pleroma.Config.put([:instance, :account_activation_required], false)
end
test "returns true when the account is unauthenticated and auth is not required" do
user = insert(:user, local: true, info: %{confirmation_pending: true})
other_user = insert(:user, local: true)
assert User.visible_for?(user, other_user)
end
test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do
Pleroma.Config.put([:instance, :account_activation_required], true)
user = insert(:user, local: true, info: %{confirmation_pending: true})
other_user = insert(:user, local: true, info: %{is_admin: true})
assert User.visible_for?(user, other_user)
Pleroma.Config.put([:instance, :account_activation_required], false)
end
end
end end