Show local-only statuses in public timeline for authenticated users

Ref: fix-local-public
This commit is contained in:
Tusooa Zhu 2022-05-04 22:51:40 -04:00
parent 214ef7ff73
commit c48be59f58
No known key found for this signature in database
GPG key ID: 7B467EDE43A08224
4 changed files with 96 additions and 14 deletions

View file

@ -501,9 +501,18 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
@spec fetch_public_or_unlisted_activities(map(), Pagination.type()) :: [Activity.t()] @spec fetch_public_or_unlisted_activities(map(), Pagination.type()) :: [Activity.t()]
def fetch_public_or_unlisted_activities(opts \\ %{}, pagination \\ :keyset) do def fetch_public_or_unlisted_activities(opts \\ %{}, pagination \\ :keyset) do
includes_local_public = Map.get(opts, :includes_local_public, false)
opts = Map.delete(opts, :user) opts = Map.delete(opts, :user)
intended_recipients =
if includes_local_public do
[Constants.as_public(), as_local_public()]
else
[Constants.as_public()] [Constants.as_public()]
end
intended_recipients
|> fetch_activities_query(opts) |> fetch_activities_query(opts)
|> restrict_unlisted(opts) |> restrict_unlisted(opts)
|> fetch_paginated_optimized(opts, pagination) |> fetch_paginated_optimized(opts, pagination)

View file

@ -112,6 +112,8 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
|> Map.put(:muting_user, user) |> Map.put(:muting_user, user)
|> Map.put(:reply_filtering_user, user) |> Map.put(:reply_filtering_user, user)
|> Map.put(:instance, params[:instance]) |> Map.put(:instance, params[:instance])
# Restricts unfederated content to authenticated users
|> Map.put(:includes_local_public, not is_nil(user))
|> ActivityPub.fetch_public_activities() |> ActivityPub.fetch_public_activities()
conn conn

View file

@ -1901,6 +1901,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
|> json_response_and_validate_schema(:ok) |> json_response_and_validate_schema(:ok)
end end
describe "local-only statuses" do
test "posting a local only status" do test "posting a local only status" do
%{user: _user, conn: conn} = oauth_access(["write:statuses"]) %{user: _user, conn: conn} = oauth_access(["write:statuses"])
@ -1920,6 +1921,35 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id) assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id)
end end
test "other users can read local-only posts" do
user = insert(:user)
%{user: reader, conn: conn} = oauth_access(["read:statuses"])
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
received =
conn
|> get("/api/v1/statuses/#{activity.id}")
|> json_response_and_validate_schema(:ok)
assert received["id"] == activity.id
end
test "other users can see local-only posts" do
user = insert(:user)
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
received =
conn
|> get("/api/v1/statuses/#{activity.id}")
|> json_response_and_validate_schema(:ok)
assert received["id"] == activity.id
end
end
describe "muted reactions" do describe "muted reactions" do
test "index" do test "index" do
%{conn: conn, user: user} = oauth_access(["read:statuses"]) %{conn: conn, user: user} = oauth_access(["read:statuses"])

View file

@ -367,6 +367,47 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
} }
] = result ] = result
end end
test "should return local-only posts for authenticated users" do
user = insert(:user)
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
{:ok, %{id: id}} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
result =
conn
|> get("/api/v1/timelines/public")
|> json_response_and_validate_schema(200)
assert [%{"id" => ^id}] = result
end
test "should not return local-only posts for users without read:statuses" do
user = insert(:user)
%{user: _reader, conn: conn} = oauth_access([])
{:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
result =
conn
|> get("/api/v1/timelines/public")
|> json_response_and_validate_schema(200)
assert [] = result
end
test "should not return local-only posts for anonymous users" do
user = insert(:user)
{:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
result =
build_conn()
|> get("/api/v1/timelines/public")
|> json_response_and_validate_schema(200)
assert [] = result
end
end end
defp local_and_remote_activities do defp local_and_remote_activities do