Limit search for unauthenticated users to local users only

2019-06-05 16:34:14 +07:00 · 2019-06-05 16:34:14 +07:00 · 5b04f07a1e
commit 5b04f07a1e
parent 17004a0f1a
4 changed files with 178 additions and 117 deletions
--- a/test/user_test.exs
+++ b/test/user_test.exs
@ -1055,7 +1055,7 @@ defmodule Pleroma.UserTest do
      u3 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social"})
      u4 = insert(:user, %{nickname: "lain@pleroma.soykaf.com"})

-      assert [u4.id, u3.id, u1.id] == Enum.map(User.search("lain@ple"), & &1.id)
+      assert [u4.id, u3.id, u1.id] == Enum.map(User.search("lain@ple", for_user: u1), & &1.id)
    end

    test "finds users, handling misspelled requests" do
@ -1077,6 +1077,28 @@ defmodule Pleroma.UserTest do
               Enum.map(User.search("doe", resolve: false, for_user: u1), & &1.id) == []
    end

+    test "find local and remote statuses for authenticated users" do
+      u1 = insert(:user, %{name: "lain"})
+      u2 = insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
+      u3 = insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
+
+      results =
+        "lain"
+        |> User.search(for_user: u1)
+        |> Enum.map(& &1.id)
+        |> Enum.sort()
+
+      assert [u1.id, u2.id, u3.id] == results
+    end
+
+    test "find only local statuses for unauthenticated users" do
+      %{id: id} = insert(:user, %{name: "lain"})
+      insert(:user, %{name: "ebn", nickname: "lain@mastodon.social", local: false})
+      insert(:user, %{nickname: "lain@pleroma.soykaf.com", local: false})
+
+      assert [%{id: ^id}] = User.search("lain")
+    end
+
    test "finds a user whose name is nil" do
      _user = insert(:user, %{name: "notamatch", nickname: "testuser@pleroma.amplifie.red"})
      user_two = insert(:user, %{name: nil, nickname: "lain@pleroma.soykaf.com"})
@ -1097,7 +1119,11 @@ defmodule Pleroma.UserTest do
    end

    test "works with URIs" do
-      results = User.search("http://mastodon.example.org/users/admin", resolve: true)
+      user = insert(:user)
+
+      results =
+        User.search("http://mastodon.example.org/users/admin", resolve: true, for_user: user)
+
      result = results |> List.first()

      user = User.get_cached_by_ap_id("http://mastodon.example.org/users/admin")
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@ -2173,8 +2173,11 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
  end

  test "search fetches remote accounts", %{conn: conn} do
+    user = insert(:user)
+
    conn =
      conn
+      |> assign(:user, user)
      |> get("/api/v1/search", %{"q" => "shp@social.heldscal.la", "resolve" => "true"})

    assert results = json_response(conn, 200)