From 8a4437d2bee6ae5f07935a8a6471e8c8dac7f3b1 Mon Sep 17 00:00:00 2001 From: FloatingGhost Date: Thu, 9 Mar 2023 19:13:14 +0000 Subject: [PATCH] Allow expires_at in filter requests Fixes #492 --- .../api_spec/operations/filter_operation.ex | 6 ++++ lib/pleroma/web/plugs/http_security_plug.ex | 2 ++ .../masto_fe/fedibird.index.html.eex | 1 + .../controllers/filter_controller_test.exs | 34 +++++++++++++++++++ .../web/o_auth/o_auth_controller_test.exs | 2 +- 5 files changed, 44 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/api_spec/operations/filter_operation.ex b/lib/pleroma/web/api_spec/operations/filter_operation.ex index 5102921bc..ac0444aef 100644 --- a/lib/pleroma/web/api_spec/operations/filter_operation.ex +++ b/lib/pleroma/web/api_spec/operations/filter_operation.ex @@ -225,6 +225,12 @@ defmodule Pleroma.Web.ApiSpec.FilterOperation do type: :integer, description: "Number of seconds from now the filter should expire. Otherwise, null for a filter that doesn't expire." + }, + expires_at: %Schema{ + nullable: true, + type: :string, + description: + "When the filter should no longer be applied. String (ISO 8601 Datetime), or null if the filter does not expire." } }, required: [:phrase, :context], diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index b1f1ada94..6841b13aa 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -116,6 +116,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do script_src = "script-src 'self' '#{nonce_tag}'" + script_src = if Mix.env() == :dev, do: [script_src, " 'unsafe-eval'"], else: script_src + report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"] insecure = if scheme == "https", do: "upgrade-insecure-requests" diff --git a/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex b/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex index 02c421831..6730c0ecc 100644 --- a/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex +++ b/lib/pleroma/web/templates/masto_fe/fedibird.index.html.eex @@ -19,6 +19,7 @@ + diff --git a/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs index 99f037483..1d8a67e6b 100644 --- a/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/filter_controller_test.exs @@ -85,6 +85,40 @@ defmodule Pleroma.Web.MastodonAPI.FilterControllerTest do assert Repo.aggregate(Filter, :count, :id) == 0 end + + test "a filter with expires_at", %{conn: conn, user: user} do + response = + with_mock NaiveDateTime, [:passthrough], utc_now: fn -> ~N[2017-03-17 17:09:58] end do + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/filters", %{ + "phrase" => "bad memes", + context: ["home"], + expires_at: "2017-03-17T17:19:58.000Z" + }) + |> json_response_and_validate_schema(200) + end + + assert response["irreversible"] == false + + assert response["expires_at"] == "2017-03-17T17:19:58.000Z" + + filter = Filter.get(response["id"], user) + + id = filter.id + + assert_enqueued( + worker: PurgeExpiredFilter, + args: %{filter_id: filter.id} + ) + + assert {:ok, %{id: ^id}} = + perform_job(PurgeExpiredFilter, %{ + filter_id: filter.id + }) + + assert Repo.aggregate(Filter, :count, :id) == 0 + end end test "fetching a list of filters" do diff --git a/test/pleroma/web/o_auth/o_auth_controller_test.exs b/test/pleroma/web/o_auth/o_auth_controller_test.exs index 9924023fe..c996a403c 100644 --- a/test/pleroma/web/o_auth/o_auth_controller_test.exs +++ b/test/pleroma/web/o_auth/o_auth_controller_test.exs @@ -729,7 +729,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do end test "redirects with oauth authorization, " <> - "granting requested app-supported scopes to moderators" do + "granting requested app-supported scopes to moderators" do app_scopes = ["read", "write", "admin", "secret_scope"] app = insert(:oauth_app, scopes: app_scopes) redirect_uri = OAuthController.default_redirect_uri(app)