Merge branch 'rmhasan-fix_462'

This commit is contained in:
Eugen Rochko 2017-02-26 23:23:47 +01:00
commit a0df694c24
8 changed files with 21 additions and 10 deletions

View file

@ -67,7 +67,6 @@ class Api::V1::StatusesController < ApiController
spoiler_text: params[:spoiler_text], spoiler_text: params[:spoiler_text],
visibility: params[:visibility], visibility: params[:visibility],
application: doorkeeper_token.application) application: doorkeeper_token.application)
render action: :show render action: :show
end end

View file

@ -10,7 +10,7 @@ class ApiController < ApplicationController
before_action :set_rate_limit_headers before_action :set_rate_limit_headers
rescue_from ActiveRecord::RecordInvalid do |e| rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
render json: { error: e.to_s }, status: 422 render json: { error: e.to_s }, status: 422
end end
@ -30,7 +30,7 @@ class ApiController < ApplicationController
render json: { error: 'Remote SSL certificate could not be verified' }, status: 503 render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
end end
rescue_from Mastodon::NotPermitted do rescue_from Mastodon::NotPermittedError do
render json: { error: 'This action is not allowed' }, status: 403 render json: { error: 'This action is not allowed' }, status: 403
end end

View file

@ -25,7 +25,7 @@ class AuthorizeFollowController < ApplicationController
else else
redirect_to web_url("accounts/#{@account.id}") redirect_to web_url("accounts/#{@account.id}")
end end
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
render :error render :error
end end

View file

@ -2,5 +2,6 @@
module Mastodon module Mastodon
class Error < StandardError; end class Error < StandardError; end
class NotPermitted < Error; end class NotPermittedError < Error; end
class ValidationError < Error; end
end end

View file

@ -6,7 +6,7 @@ class FavouriteService < BaseService
# @param [Status] status # @param [Status] status
# @return [Favourite] # @return [Favourite]
def call(account, status) def call(account, status)
raise Mastodon::NotPermitted unless status.permitted?(account) raise Mastodon::NotPermittedError unless status.permitted?(account)
favourite = Favourite.create!(account: account, status: status) favourite = Favourite.create!(account: account, status: status)

View file

@ -10,7 +10,7 @@ class FollowService < BaseService
target_account = FollowRemoteAccountService.new.call(uri) target_account = FollowRemoteAccountService.new.call(uri)
raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended? raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
raise Mastodon::NotPermitted if target_account.blocking?(source_account) || source_account.blocking?(target_account) raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account)
if target_account.locked? if target_account.locked?
request_follow(source_account, target_account) request_follow(source_account, target_account)

View file

@ -13,6 +13,7 @@ class PostStatusService < BaseService
# @option [Doorkeeper::Application] :application # @option [Doorkeeper::Application] :application
# @return [Status] # @return [Status]
def call(account, text, in_reply_to = nil, options = {}) def call(account, text, in_reply_to = nil, options = {})
media = validate_media!(options[:media_ids])
status = account.statuses.create!(text: text, status = account.statuses.create!(text: text,
thread: in_reply_to, thread: in_reply_to,
sensitive: options[:sensitive], sensitive: options[:sensitive],
@ -20,7 +21,7 @@ class PostStatusService < BaseService
visibility: options[:visibility], visibility: options[:visibility],
application: options[:application]) application: options[:application])
attach_media(status, options[:media_ids]) attach_media(status, media)
process_mentions_service.call(status) process_mentions_service.call(status)
process_hashtags_service.call(status) process_hashtags_service.call(status)
@ -33,10 +34,20 @@ class PostStatusService < BaseService
private private
def attach_media(status, media_ids) def validate_media!(media_ids)
return if media_ids.nil? || !media_ids.is_a?(Enumerable) return if media_ids.nil? || !media_ids.is_a?(Enumerable)
raise Mastodon::ValidationError, 'Cannot attach more than 4 files' if media_ids.size > 4
media = MediaAttachment.where(status_id: nil).where(id: media_ids.take(4).map(&:to_i)) media = MediaAttachment.where(status_id: nil).where(id: media_ids.take(4).map(&:to_i))
raise Mastodon::ValidationError, 'Cannot attach a video to a toot that already contains images' if media.size > 1 && media.find(&:video?)
media
end
def attach_media(status, media)
return if media.nil?
media.update(status_id: status.id) media.update(status_id: status.id)
end end

View file

@ -10,7 +10,7 @@ class ReblogService < BaseService
def call(account, reblogged_status) def call(account, reblogged_status)
reblogged_status = reblogged_status.reblog if reblogged_status.reblog? reblogged_status = reblogged_status.reblog if reblogged_status.reblog?
raise Mastodon::NotPermitted if reblogged_status.private_visibility? || !reblogged_status.permitted?(account) raise Mastodon::NotPermittedError if reblogged_status.private_visibility? || !reblogged_status.permitted?(account)
reblog = account.statuses.create!(reblog: reblogged_status, text: '') reblog = account.statuses.create!(reblog: reblogged_status, text: '')