From 59cf78e41236a527b21befaadd329e882a62b40a Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 7 Jul 2020 16:20:50 +0200
Subject: [PATCH 1/4] AccountController: Allow removal / reset of user images.
---
lib/pleroma/user.ex | 13 +++----
.../controllers/account_controller.ex | 13 +++++--
.../update_credentials_test.exs | 38 +++++++++++++++----
3 files changed, 46 insertions(+), 18 deletions(-)
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 8a54546d6..e98332744 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -89,7 +89,7 @@ defmodule Pleroma.User do
field(:keys, :string)
field(:public_key, :string)
field(:ap_id, :string)
- field(:avatar, :map)
+ field(:avatar, :map, default: %{})
field(:local, :boolean, default: true)
field(:follower_address, :string)
field(:following_address, :string)
@@ -539,14 +539,11 @@ defmodule Pleroma.User do
end
defp put_change_if_present(changeset, map_field, value_function) do
- if value = get_change(changeset, map_field) do
- with {:ok, new_value} <- value_function.(value) do
- put_change(changeset, map_field, new_value)
- else
- _ -> changeset
- end
+ with {:ok, value} <- fetch_change(changeset, map_field),
+ {:ok, new_value} <- value_function.(value) do
+ put_change(changeset, map_field, new_value)
else
- changeset
+ _ -> changeset
end
end
diff --git a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
index b5008d69b..d4532258c 100644
--- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
@@ -148,6 +148,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
|> Enum.filter(fn {_, value} -> not is_nil(value) end)
|> Enum.into(%{})
+ # We use an empty string as a special value to reset
+ # avatars, banners, backgrounds
+ user_image_value = fn
+ "" -> {:ok, nil}
+ value -> {:ok, value}
+ end
+
user_params =
[
:no_rich_text,
@@ -168,9 +175,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
|> Maps.put_if_present(:name, params[:display_name])
|> Maps.put_if_present(:bio, params[:note])
|> Maps.put_if_present(:raw_bio, params[:note])
- |> Maps.put_if_present(:avatar, params[:avatar])
- |> Maps.put_if_present(:banner, params[:header])
- |> Maps.put_if_present(:background, params[:pleroma_background_image])
+ |> Maps.put_if_present(:avatar, params[:avatar], user_image_value)
+ |> Maps.put_if_present(:banner, params[:header], user_image_value)
+ |> Maps.put_if_present(:background, params[:pleroma_background_image], user_image_value)
|> Maps.put_if_present(
:raw_fields,
params[:fields_attributes],
diff --git a/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs b/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
index f67d294ba..b55bb76a7 100644
--- a/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
@@ -216,10 +216,21 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
filename: "an_image.jpg"
}
- conn = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
+ assert user.avatar == %{}
- assert user_response = json_response_and_validate_schema(conn, 200)
+ res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
+
+ assert user_response = json_response_and_validate_schema(res, 200)
assert user_response["avatar"] != User.avatar_url(user)
+
+ user = User.get_by_id(user.id)
+ refute user.avatar == %{}
+
+ # Also resets it
+ _res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => ""})
+
+ user = User.get_by_id(user.id)
+ assert user.avatar == nil
end
test "updates the user's banner", %{user: user, conn: conn} do
@@ -229,26 +240,39 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
filename: "an_image.jpg"
}
- conn = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header})
+ res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header})
- assert user_response = json_response_and_validate_schema(conn, 200)
+ assert user_response = json_response_and_validate_schema(res, 200)
assert user_response["header"] != User.banner_url(user)
+
+ # Also resets it
+ _res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => ""})
+
+ user = User.get_by_id(user.id)
+ assert user.banner == nil
end
- test "updates the user's background", %{conn: conn} do
+ test "updates the user's background", %{conn: conn, user: user} do
new_header = %Plug.Upload{
content_type: "image/jpg",
path: Path.absname("test/fixtures/image.jpg"),
filename: "an_image.jpg"
}
- conn =
+ res =
patch(conn, "/api/v1/accounts/update_credentials", %{
"pleroma_background_image" => new_header
})
- assert user_response = json_response_and_validate_schema(conn, 200)
+ assert user_response = json_response_and_validate_schema(res, 200)
assert user_response["pleroma"]["background_image"]
+ #
+ # Also resets it
+ _res =
+ patch(conn, "/api/v1/accounts/update_credentials", %{"pleroma_background_image" => ""})
+
+ user = User.get_by_id(user.id)
+ assert user.background == nil
end
test "requires 'write:accounts' permission" do
From 1adda637d3898e0313f3d2108052b4ffd9e88a3a Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 7 Jul 2020 16:26:57 +0200
Subject: [PATCH 2/4] Docs: Document resetting of images
---
docs/API/differences_in_mastoapi_responses.md | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/docs/API/differences_in_mastoapi_responses.md b/docs/API/differences_in_mastoapi_responses.md
index d2455d5d7..29141ed0c 100644
--- a/docs/API/differences_in_mastoapi_responses.md
+++ b/docs/API/differences_in_mastoapi_responses.md
@@ -182,10 +182,12 @@ Additional parameters can be added to the JSON body/Form data:
- `pleroma_settings_store` - Opaque user settings to be saved on the backend.
- `skip_thread_containment` - if true, skip filtering out broken threads
- `allow_following_move` - if true, allows automatically follow moved following accounts
-- `pleroma_background_image` - sets the background image of the user.
+- `pleroma_background_image` - sets the background image of the user. Can be set to "" (an empty string) to reset.
- `discoverable` - if true, discovery of this account in search results and other services is allowed.
- `actor_type` - the type of this account.
+All images (avatar, banner and background) can be reset to the default by sending an empty string ("") instead of a file.
+
### Pleroma Settings Store
Pleroma has mechanism that allows frontends to save blobs of json for each user on the backend. This can be used to save frontend-specific settings for a user that the backend does not need to know about.
From c8dd973af5241547beb8c2207a0c13b933745cf6 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 7 Jul 2020 16:48:47 +0200
Subject: [PATCH 3/4] AccountController: Remove unused `update_?` routes.
These were not documented and are also not used anymore.
---
.../operations/pleroma_account_operation.ex | 91 -----------------
.../controllers/account_controller.ex | 62 ------------
lib/pleroma/web/router.ex | 4 -
.../controllers/account_controller_test.exs | 99 -------------------
4 files changed, 256 deletions(-)
diff --git a/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex b/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
index 90922c064..97836b2eb 100644
--- a/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
@@ -4,7 +4,6 @@
defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
alias OpenApiSpex.Operation
- alias OpenApiSpex.Schema
alias Pleroma.Web.ApiSpec.Schemas.AccountRelationship
alias Pleroma.Web.ApiSpec.Schemas.ApiError
alias Pleroma.Web.ApiSpec.Schemas.FlakeID
@@ -40,48 +39,6 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
}
end
- def update_avatar_operation do
- %Operation{
- tags: ["Accounts"],
- summary: "Set/clear user avatar image",
- operationId: "PleromaAPI.AccountController.update_avatar",
- requestBody:
- request_body("Parameters", update_avatar_or_background_request(), required: true),
- security: [%{"oAuth" => ["write:accounts"]}],
- responses: %{
- 200 => update_response(),
- 403 => Operation.response("Forbidden", "application/json", ApiError)
- }
- }
- end
-
- def update_banner_operation do
- %Operation{
- tags: ["Accounts"],
- summary: "Set/clear user banner image",
- operationId: "PleromaAPI.AccountController.update_banner",
- requestBody: request_body("Parameters", update_banner_request(), required: true),
- security: [%{"oAuth" => ["write:accounts"]}],
- responses: %{
- 200 => update_response()
- }
- }
- end
-
- def update_background_operation do
- %Operation{
- tags: ["Accounts"],
- summary: "Set/clear user background image",
- operationId: "PleromaAPI.AccountController.update_background",
- security: [%{"oAuth" => ["write:accounts"]}],
- requestBody:
- request_body("Parameters", update_avatar_or_background_request(), required: true),
- responses: %{
- 200 => update_response()
- }
- }
- end
-
def favourites_operation do
%Operation{
tags: ["Accounts"],
@@ -136,52 +93,4 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
required: true
)
end
-
- defp update_avatar_or_background_request do
- %Schema{
- title: "PleromaAccountUpdateAvatarOrBackgroundRequest",
- type: :object,
- properties: %{
- img: %Schema{
- nullable: true,
- type: :string,
- format: :binary,
- description: "Image encoded using `multipart/form-data` or an empty string to clear"
- }
- }
- }
- end
-
- defp update_banner_request do
- %Schema{
- title: "PleromaAccountUpdateBannerRequest",
- type: :object,
- properties: %{
- banner: %Schema{
- type: :string,
- nullable: true,
- format: :binary,
- description: "Image encoded using `multipart/form-data` or an empty string to clear"
- }
- }
- }
- end
-
- defp update_response do
- Operation.response("PleromaAccountUpdateResponse", "application/json", %Schema{
- type: :object,
- properties: %{
- url: %Schema{
- type: :string,
- format: :uri,
- nullable: true,
- description: "Image URL"
- }
- },
- example: %{
- "url" =>
- "https://cofe.party/media/9d0add56-bcb6-4c0f-8225-cbbd0b6dd773/13eadb6972c9ccd3f4ffa3b8196f0e0d38b4d2f27594457c52e52946c054cd9a.gif"
- }
- })
- end
end
diff --git a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
index f3554d919..563edded7 100644
--- a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@ -8,7 +8,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
import Pleroma.Web.ControllerHelper,
only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
- alias Ecto.Changeset
alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Plugs.OAuthScopesPlug
alias Pleroma.Plugs.RateLimiter
@@ -35,17 +34,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
%{scopes: ["follow", "write:follows"]} when action in [:subscribe, :unsubscribe]
)
- plug(
- OAuthScopesPlug,
- %{scopes: ["write:accounts"]}
- # Note: the following actions are not permission-secured in Mastodon:
- when action in [
- :update_avatar,
- :update_banner,
- :update_background
- ]
- )
-
plug(
OAuthScopesPlug,
%{scopes: ["read:favourites"], fallback: :proceed_unauthenticated} when action == :favourites
@@ -68,56 +56,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
end
end
- @doc "PATCH /api/v1/pleroma/accounts/update_avatar"
- def update_avatar(%{assigns: %{user: user}, body_params: %{img: ""}} = conn, _) do
- {:ok, _user} =
- user
- |> Changeset.change(%{avatar: nil})
- |> User.update_and_set_cache()
-
- json(conn, %{url: nil})
- end
-
- def update_avatar(%{assigns: %{user: user}, body_params: params} = conn, _params) do
- {:ok, %{data: data}} = ActivityPub.upload(params, type: :avatar)
- {:ok, _user} = user |> Changeset.change(%{avatar: data}) |> User.update_and_set_cache()
- %{"url" => [%{"href" => href} | _]} = data
-
- json(conn, %{url: href})
- end
-
- @doc "PATCH /api/v1/pleroma/accounts/update_banner"
- def update_banner(%{assigns: %{user: user}, body_params: %{banner: ""}} = conn, _) do
- with {:ok, _user} <- User.update_banner(user, %{}) do
- json(conn, %{url: nil})
- end
- end
-
- def update_banner(%{assigns: %{user: user}, body_params: params} = conn, _) do
- with {:ok, object} <- ActivityPub.upload(%{img: params[:banner]}, type: :banner),
- {:ok, _user} <- User.update_banner(user, object.data) do
- %{"url" => [%{"href" => href} | _]} = object.data
-
- json(conn, %{url: href})
- end
- end
-
- @doc "PATCH /api/v1/pleroma/accounts/update_background"
- def update_background(%{assigns: %{user: user}, body_params: %{img: ""}} = conn, _) do
- with {:ok, _user} <- User.update_background(user, %{}) do
- json(conn, %{url: nil})
- end
- end
-
- def update_background(%{assigns: %{user: user}, body_params: params} = conn, _) do
- with {:ok, object} <- ActivityPub.upload(params, type: :background),
- {:ok, _user} <- User.update_background(user, object.data) do
- %{"url" => [%{"href" => href} | _]} = object.data
-
- json(conn, %{url: href})
- end
- end
-
@doc "GET /api/v1/pleroma/accounts/:id/favourites"
def favourites(%{assigns: %{account: %{hide_favorites: true}}} = conn, _params) do
render_error(conn, :forbidden, "Can't get favorites")
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 9e457848e..74e940f8e 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -328,10 +328,6 @@ defmodule Pleroma.Web.Router do
delete("/statuses/:id/reactions/:emoji", EmojiReactionController, :delete)
post("/notifications/read", NotificationController, :mark_as_read)
- patch("/accounts/update_avatar", AccountController, :update_avatar)
- patch("/accounts/update_banner", AccountController, :update_banner)
- patch("/accounts/update_background", AccountController, :update_background)
-
get("/mascot", MascotController, :show)
put("/mascot", MascotController, :update)
diff --git a/test/web/pleroma_api/controllers/account_controller_test.exs b/test/web/pleroma_api/controllers/account_controller_test.exs
index 103997c31..07909d48b 100644
--- a/test/web/pleroma_api/controllers/account_controller_test.exs
+++ b/test/web/pleroma_api/controllers/account_controller_test.exs
@@ -13,8 +13,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
import Pleroma.Factory
import Swoosh.TestAssertions
- @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
-
describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
setup do
{:ok, user} =
@@ -68,103 +66,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
end
end
- describe "PATCH /api/v1/pleroma/accounts/update_avatar" do
- setup do: oauth_access(["write:accounts"])
-
- test "user avatar can be set", %{user: user, conn: conn} do
- avatar_image = File.read!("test/fixtures/avatar_data_uri")
-
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
-
- user = refresh_record(user)
-
- assert %{
- "name" => _,
- "type" => _,
- "url" => [
- %{
- "href" => _,
- "mediaType" => _,
- "type" => _
- }
- ]
- } = user.avatar
-
- assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
- end
-
- test "user avatar can be reset", %{user: user, conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: ""})
-
- user = User.get_cached_by_id(user.id)
-
- assert user.avatar == nil
-
- assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
- end
- end
-
- describe "PATCH /api/v1/pleroma/accounts/update_banner" do
- setup do: oauth_access(["write:accounts"])
-
- test "can set profile banner", %{user: user, conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
-
- user = refresh_record(user)
- assert user.banner["type"] == "Image"
-
- assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
- end
-
- test "can reset profile banner", %{user: user, conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
-
- user = refresh_record(user)
- assert user.banner == %{}
-
- assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
- end
- end
-
- describe "PATCH /api/v1/pleroma/accounts/update_background" do
- setup do: oauth_access(["write:accounts"])
-
- test "background image can be set", %{user: user, conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => @image})
-
- user = refresh_record(user)
- assert user.background["type"] == "Image"
- # assert %{"url" => _} = json_response(conn, 200)
- assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
- end
-
- test "background image can be reset", %{user: user, conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "multipart/form-data")
- |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => ""})
-
- user = refresh_record(user)
- assert user.background == %{}
- assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
- end
- end
-
describe "getting favorites timeline of specified user" do
setup do
[current_user, user] = insert_pair(:user, hide_favorites: false)
From 92e6801c179080e833575226fdf291d9393286c5 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 7 Jul 2020 16:51:44 +0200
Subject: [PATCH 4/4] Changelog: Add info about avatar removal
---
CHANGELOG.md | 2 ++
1 file changed, 2 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0e2b54916..304c9027f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,8 +16,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
<details>
<summary>API Changes</summary>
+- **Breaking:** Pleroma API: The routes to update avatar, banner and background have been removed.
- **Breaking:** Image description length is limited now.
- **Breaking:** Emoji API: changed methods and renamed routes.
+- MastodonAPI: Allow removal of avatar, banner and background.
- Streaming: Repeats of a user's posts will no longer be pushed to the user's stream.
- Mastodon API: Added `pleroma.metadata.fields_limits` to /api/v1/instance
- Mastodon API: On deletion, returns the original post text.