Merge branch 'fix/apc2s-limits' into 'develop'
AP C2S: Restrict character limit on Note Closes #2 See merge request pleroma/secteam/pleroma!9
This commit is contained in:
parent
73dd5bdb7d
commit
718c7cc847
@ -399,10 +399,18 @@ def read_inbox(%{assigns: %{user: %User{nickname: as_nickname}}} = conn, %{
|
||||
|
||||
defp handle_user_activity(
|
||||
%User{} = user,
|
||||
%{"type" => "Create", "object" => %{"type" => "Note"}} = params
|
||||
%{"type" => "Create", "object" => %{"type" => "Note"} = object} = params
|
||||
) do
|
||||
content = if is_binary(object["content"]), do: object["content"], else: ""
|
||||
name = if is_binary(object["name"]), do: object["name"], else: ""
|
||||
summary = if is_binary(object["summary"]), do: object["summary"], else: ""
|
||||
length = String.length(content <> name <> summary)
|
||||
|
||||
if length > Pleroma.Config.get([:instance, :limit]) do
|
||||
{:error, dgettext("errors", "Note is over the character limit")}
|
||||
else
|
||||
object =
|
||||
params["object"]
|
||||
object
|
||||
|> Map.merge(Map.take(params, ["to", "cc"]))
|
||||
|> Map.put("attributedTo", user.ap_id())
|
||||
|> Transmogrifier.fix_object()
|
||||
@ -415,6 +423,7 @@ defp handle_user_activity(
|
||||
additional: Map.take(params, ["cc"])
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
|
||||
with %Object{} = object <- Object.normalize(params["object"]),
|
||||
|
@ -905,6 +905,8 @@ test "it requires authentication if instance is NOT federating", %{
|
||||
end
|
||||
|
||||
describe "POST /users/:nickname/outbox (C2S)" do
|
||||
setup do: clear_config([:instance, :limit])
|
||||
|
||||
setup do
|
||||
[
|
||||
activity: %{
|
||||
@ -1121,6 +1123,20 @@ test "it doesn't spreads faulty attributedTo or actor fields", %{
|
||||
assert cirno_object.data["actor"] == cirno.ap_id
|
||||
assert cirno_object.data["attributedTo"] == cirno.ap_id
|
||||
end
|
||||
|
||||
test "Character limitation", %{conn: conn, activity: activity} do
|
||||
Pleroma.Config.put([:instance, :limit], 5)
|
||||
user = insert(:user)
|
||||
|
||||
result =
|
||||
conn
|
||||
|> assign(:user, user)
|
||||
|> put_req_header("content-type", "application/activity+json")
|
||||
|> post("/users/#{user.nickname}/outbox", activity)
|
||||
|> json_response(400)
|
||||
|
||||
assert result == "Note is over the character limit"
|
||||
end
|
||||
end
|
||||
|
||||
describe "/relay/followers" do
|
||||
|
Loading…
Reference in New Issue
Block a user