summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark Felder <feld@feld.me>2021-02-18 17:23:17 -0600
committerMark Felder <feld@feld.me>2021-02-18 17:23:17 -0600
commit63739c5a58ccb65dd4a63019b270429d5a462e71 (patch)
tree3b8165f14cd533ac4e10445e6704fa195e4276c5
parent83301fe61aa3d453b7c12ee1f5465d9802d07370 (diff)
Tests to validate client disclosure obeys user setting
-rw-r--r--lib/pleroma/web/mastodon_api/controllers/status_controller.ex10
-rw-r--r--test/pleroma/web/mastodon_api/controllers/status_controller_test.exs22
2 files changed, 27 insertions, 5 deletions
diff --git a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
index 2e63c8869..2655d6b6e 100644
--- a/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/status_controller.ex
@@ -420,9 +420,13 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
)
end
- defp put_application(params, %{assigns: %{token: %Token{} = token}} = _conn) do
- %{client_name: client_name, website: website} = Repo.preload(token, :app).app
- Map.put(params, :application, %{name: client_name, website: website})
+ defp put_application(params, %{assigns: %{token: %Token{user: %User{} = user} = token}} = _conn) do
+ if user.disclose_client do
+ %{client_name: client_name, website: website} = Repo.preload(token, :app).app
+ Map.put(params, :application, %{name: client_name, website: website})
+ else
+ Map.put(params, :application, nil)
+ end
end
defp put_application(params, _), do: Map.put(params, :application, nil)
diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
index 1ca829544..bae2ad4bf 100644
--- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs
@@ -358,8 +358,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert activity.data["cc"] == []
end
- test "preserves client application metadata" do
- %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"])
+ test "discloses application metadata when enabled" do
+ user = insert(:user, disclose_client: true)
+ %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
%Pleroma.Web.OAuth.Token{
app: %Pleroma.Web.OAuth.App{
@@ -383,6 +384,23 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
}
} = json_response_and_validate_schema(result, 200)
end
+
+ test "hides application metadata when disabled" do
+ user = insert(:user, disclose_client: false)
+ %{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
+
+ result =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "club mate is my wingman"
+ })
+
+ assert %{
+ "content" => "club mate is my wingman",
+ "application" => nil
+ } = json_response_and_validate_schema(result, 200)
+ end
end
describe "posting scheduled statuses" do