Commit 0618f099 authored by Matt Jankowski's avatar Matt Jankowski Committed by Eugen Rochko
Browse files

Add spec coverage and refactor authorize_follows controller (#2505)

parent a23eaf72
# frozen_string_literal: true
class AuthorizeFollowController < ApplicationController
layout 'public'
before_action :authenticate_user!
def new
uri = Addressable::URI.parse(acct_param).normalize
if uri.path && %w(http https).include?(uri.scheme)
set_account_from_url
else
set_account_from_acct
end
render :error if @account.nil?
end
def create
@account = FollowService.new.call(current_account, acct_param).try(:target_account)
if @account.nil?
render :error
else
redirect_to web_url("accounts/#{@account.id}")
end
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
render :error
end
private
def set_account_from_url
@account = FetchRemoteAccountService.new.call(acct_param)
end
def set_account_from_acct
@account = FollowRemoteAccountService.new.call(acct_param)
end
def acct_param
params[:acct].gsub(/\Aacct:/, '')
end
end
# frozen_string_literal: true
class AuthorizeFollowsController < ApplicationController
layout 'public'
before_action :authenticate_user!
def show
@account = located_account || render(:error)
end
def create
@account = follow_attempt.try(:target_account)
if @account.nil?
render :error
else
redirect_to web_url("accounts/#{@account.id}")
end
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
render :error
end
private
def follow_attempt
FollowService.new.call(current_account, acct_without_prefix)
end
def located_account
if acct_param_is_url?
account_from_remote_fetch
else
account_from_remote_follow
end
end
def account_from_remote_fetch
FetchRemoteAccountService.new.call(acct_without_prefix)
end
def account_from_remote_follow
FollowRemoteAccountService.new.call(acct_without_prefix)
end
def acct_param_is_url?
parsed_uri.path && %w[http https].include?(parsed_uri.scheme)
end
def parsed_uri
Addressable::URI.parse(acct_without_prefix).normalize
end
def acct_without_prefix
acct_params.gsub(/\Aacct:/, '')
end
def acct_params
params.fetch(:acct, '')
end
end
......@@ -71,8 +71,7 @@ Rails.application.routes.draw do
resources :tags, only: [:show]
# Remote follow
get :authorize_follow, to: 'authorize_follow#new'
post :authorize_follow, to: 'authorize_follow#create'
resource :authorize_follow, only: [:show, :create]
namespace :admin do
resources :pubsubhubbub, only: [:index]
......
require 'rails_helper'
RSpec.describe AuthorizeFollowController, type: :controller do
describe 'GET #new'
describe 'POST #create'
end
# frozen_string_literal: true
require 'rails_helper'
describe AuthorizeFollowsController do
describe 'GET #show' do
describe 'when signed out' do
it 'redirects to sign in page' do
get :show
expect(response).to redirect_to(new_user_session_path)
end
end
describe 'when signed in' do
let(:user) { Fabricate(:user) }
let(:account) { Fabricate(:account, user: user) }
before do
sign_in(user)
end
it 'renders error without acct param' do
get :show
expect(response).to render_template(:error)
end
it 'renders error when account cant be found' do
service = double
allow(FollowRemoteAccountService).to receive(:new).and_return(service)
allow(service).to receive(:call).with('missing@hostname').and_return(nil)
get :show, params: { acct: 'acct:missing@hostname' }
expect(response).to render_template(:error)
expect(service).to have_received(:call).with('missing@hostname')
end
it 'sets account from url' do
account = double
service = double
allow(FetchRemoteAccountService).to receive(:new).and_return(service)
allow(service).to receive(:call).with('http://example.com').and_return(account)
get :show, params: { acct: 'http://example.com' }
expect(response).to have_http_status(:success)
expect(service).to have_received(:call).with('http://example.com')
end
it 'sets account from acct uri' do
account = double
service = double
allow(FollowRemoteAccountService).to receive(:new).and_return(service)
allow(service).to receive(:call).with('found@hostname').and_return(account)
get :show, params: { acct: 'acct:found@hostname' }
expect(response).to have_http_status(:success)
expect(service).to have_received(:call).with('found@hostname')
end
end
end
describe 'POST #create' do
describe 'when signed out' do
it 'redirects to sign in page' do
post :create
expect(response).to redirect_to(new_user_session_path)
end
end
describe 'when signed in' do
let(:user) { Fabricate(:user) }
let(:account) { Fabricate(:account, user: user) }
before do
sign_in(user)
end
it 'shows error when account not found' do
service = double
allow(FollowService).to receive(:new).and_return(service)
allow(service).to receive(:call).with(account, 'user@hostname').and_return(nil)
post :create, params: { acct: 'acct:user@hostname' }
expect(service).to have_received(:call).with(account, 'user@hostname')
expect(response).to render_template(:error)
end
it 'follows account when found' do
target_account = double(id: '123')
result_account = double(target_account: target_account)
service = double
allow(FollowService).to receive(:new).and_return(service)
allow(service).to receive(:call).with(account, 'user@hostname').and_return(result_account)
post :create, params: { acct: 'acct:user@hostname' }
expect(service).to have_received(:call).with(account, 'user@hostname')
expect(response).to redirect_to(web_url('accounts/123'))
end
end
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment