Make move_account endpoint process non-existent users properly

Ref: emit-move
This commit is contained in:
Tusooa Zhu 2021-09-22 16:26:22 -04:00
parent a677c621e8
commit eb383ef8d3
No known key found for this signature in database
GPG key ID: 7B467EDE43A08224
4 changed files with 50 additions and 4 deletions

View file

@ -228,7 +228,8 @@ defmodule Pleroma.Web.ApiSpec.TwitterUtilOperation do
properties: %{status: %Schema{type: :string, example: "success"}} properties: %{status: %Schema{type: :string, example: "success"}}
}), }),
400 => Operation.response("Error", "application/json", ApiError), 400 => Operation.response("Error", "application/json", ApiError),
403 => Operation.response("Error", "application/json", ApiError) 403 => Operation.response("Error", "application/json", ApiError),
404 => Operation.response("Error", "application/json", ApiError)
} }
} }
end end

View file

@ -173,12 +173,14 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
def move_account(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do def move_account(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do
case CommonAPI.Utils.confirm_current_password(user, body_params.password) do case CommonAPI.Utils.confirm_current_password(user, body_params.password) do
{:ok, user} -> {:ok, user} ->
with {:ok, target_user} <- find_user_by_nickname(body_params.target_account), with {:ok, target_user} <- find_or_fetch_user_by_nickname(body_params.target_account),
{:ok, _user} <- ActivityPub.move(user, target_user) do {:ok, _user} <- ActivityPub.move(user, target_user) do
json(conn, %{status: "success"}) json(conn, %{status: "success"})
else else
{:not_found} -> {:not_found, _} ->
json(conn, %{error: "Target account not found."}) conn
|> put_status(404)
|> json(%{error: "Target account not found."})
{:error, error} -> {:error, error} ->
json(conn, %{error: error}) json(conn, %{error: error})
@ -233,6 +235,21 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
end end
end end
defp find_or_fetch_user_by_nickname(nickname) do
user = User.get_by_nickname(nickname)
if user != nil and user.local do
{:ok, user}
else
with {:ok, user} <- User.fetch_by_nickname(nickname) do
{:ok, user}
else
_ ->
{:not_found, nil}
end
end
end
def captcha(conn, _params) do def captcha(conn, _params) do
json(conn, Pleroma.Captcha.new()) json(conn, Pleroma.Captcha.new())
end end

View file

@ -573,6 +573,25 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
} }
end end
test "with proper permissions, valid password and target account does not exist",
%{
conn: conn
} do
target_nick = "not_found@mastodon.social"
conn =
conn
|> put_req_header("content-type", "multipart/form-data")
|> post("/api/pleroma/move_account", %{
"password" => "test",
"target_account" => target_nick
})
assert json_response_and_validate_schema(conn, 404) == %{
"error" => "Target account not found."
}
end
test "with proper permissions, valid password and target account aliases this", %{ test "with proper permissions, valid password and target account aliases this", %{
conn: conn, conn: conn,
user: user user: user

View file

@ -725,6 +725,15 @@ defmodule HttpRequestMock do
}} }}
end end
def get(
"https://mastodon.social/.well-known/webfinger?resource=acct:not_found@mastodon.social",
_,
_,
[{"accept", "application/xrd+xml,application/jrd+json"}]
) do
{:ok, %Tesla.Env{status: 404}}
end
def get("http://gs.example.org/.well-known/host-meta", _, _, _) do def get("http://gs.example.org/.well-known/host-meta", _, _, _) do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{