mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
Follow request improvements (#282)
* tiny doc update * add rejectfollowrequest to db * add follow request reject to processor * add reject handler * tidy up follow request api * tidy up federation call * regenerate swagger docs * api endpoint tests * processor test * add reject federatingdb handler * start writing reject tests * test reject follow request * go fmt * increase sleep for slow test setups * more relaxed time.sleep
This commit is contained in:
99
internal/api/client/followrequest/authorize.go
Normal file
99
internal/api/client/followrequest/authorize.go
Normal file
@@ -0,0 +1,99 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest
|
||||
|
||||
import (
|
||||
"github.com/sirupsen/logrus"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
)
|
||||
|
||||
// FollowRequestAuthorizePOSTHandler swagger:operation POST /api/v1/follow_requests/{account_id}/authorize authorizeFollowRequest
|
||||
//
|
||||
// Accept/authorize follow request from the given account ID.
|
||||
//
|
||||
// Accept a follow request and put the requesting account in your 'followers' list.
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - follow_requests
|
||||
//
|
||||
// produces:
|
||||
// - application/json
|
||||
//
|
||||
// parameters:
|
||||
// - name: account_id
|
||||
// type: string
|
||||
// description: ID of the account requesting to follow you.
|
||||
// in: path
|
||||
// required: true
|
||||
//
|
||||
// security:
|
||||
// - OAuth2 Bearer:
|
||||
// - write:follows
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// name: account relationship
|
||||
// description: Your relationship to this account.
|
||||
// schema:
|
||||
// "$ref": "#/definitions/accountRelationship"
|
||||
// '400':
|
||||
// description: bad request
|
||||
// '401':
|
||||
// description: unauthorized
|
||||
// '403':
|
||||
// description: forbidden
|
||||
// '404':
|
||||
// description: not found
|
||||
// '500':
|
||||
// description: internal server error
|
||||
func (m *Module) FollowRequestAuthorizePOSTHandler(c *gin.Context) {
|
||||
l := logrus.WithField("func", "FollowRequestAuthorizePOSTHandler")
|
||||
|
||||
authed, err := oauth.Authed(c, true, true, true, true)
|
||||
if err != nil {
|
||||
l.Debugf("couldn't auth: %s", err)
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
if authed.User.Disabled || !authed.User.Approved || !authed.Account.SuspendedAt.IsZero() {
|
||||
l.Debugf("couldn't auth: %s", err)
|
||||
c.JSON(http.StatusForbidden, gin.H{"error": "account is disabled, not yet approved, or suspended"})
|
||||
return
|
||||
}
|
||||
|
||||
originAccountID := c.Param(IDKey)
|
||||
if originAccountID == "" {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "no follow request origin account id provided"})
|
||||
return
|
||||
}
|
||||
|
||||
relationship, errWithCode := m.processor.FollowRequestAccept(c.Request.Context(), authed, originAccountID)
|
||||
if errWithCode != nil {
|
||||
l.Debug(errWithCode.Error())
|
||||
c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, relationship)
|
||||
}
|
87
internal/api/client/followrequest/authorize_test.go
Normal file
87
internal/api/client/followrequest/authorize_test.go
Normal file
@@ -0,0 +1,87 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/followrequest"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
)
|
||||
|
||||
type AuthorizeTestSuite struct {
|
||||
FollowRequestStandardTestSuite
|
||||
}
|
||||
|
||||
func (suite *AuthorizeTestSuite) TestAuthorize() {
|
||||
requestingAccount := suite.testAccounts["remote_account_2"]
|
||||
targetAccount := suite.testAccounts["local_account_1"]
|
||||
|
||||
// put a follow request in the database
|
||||
fr := >smodel.FollowRequest{
|
||||
ID: "01FJ1S8DX3STJJ6CEYPMZ1M0R3",
|
||||
CreatedAt: time.Now(),
|
||||
UpdatedAt: time.Now(),
|
||||
URI: fmt.Sprintf("%s/follow/01FJ1S8DX3STJJ6CEYPMZ1M0R3", requestingAccount.URI),
|
||||
AccountID: requestingAccount.ID,
|
||||
TargetAccountID: targetAccount.ID,
|
||||
}
|
||||
|
||||
err := suite.db.Put(context.Background(), fr)
|
||||
suite.NoError(err)
|
||||
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx := suite.newContext(recorder, http.MethodPost, []byte{}, fmt.Sprintf("/api/v1/follow_requests/%s/authorize", requestingAccount.ID), "")
|
||||
|
||||
ctx.Params = gin.Params{
|
||||
gin.Param{
|
||||
Key: followrequest.IDKey,
|
||||
Value: requestingAccount.ID,
|
||||
},
|
||||
}
|
||||
|
||||
// call the handler
|
||||
suite.followRequestModule.FollowRequestAuthorizePOSTHandler(ctx)
|
||||
|
||||
// 1. we should have OK because our request was valid
|
||||
suite.Equal(http.StatusOK, recorder.Code)
|
||||
|
||||
// 2. we should have no error message in the result body
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
|
||||
// check the response
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
assert.NoError(suite.T(), err)
|
||||
|
||||
suite.Equal(`{"id":"01FHMQX3GAABWSM0S2VZEC2SWC","following":false,"showing_reblogs":false,"notifying":false,"followed_by":true,"blocking":false,"blocked_by":false,"muting":false,"muting_notifications":false,"requested":false,"domain_blocking":false,"endorsed":false,"note":""}`, string(b))
|
||||
}
|
||||
|
||||
func TestAuthorizeTestSuite(t *testing.T) {
|
||||
suite.Run(t, &AuthorizeTestSuite{})
|
||||
}
|
@@ -1,27 +0,0 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest
|
||||
|
||||
import "github.com/gin-gonic/gin"
|
||||
|
||||
// FollowRequestDenyPOSTHandler deals with follow request rejection. It should be served at
|
||||
// /api/v1/follow_requests/:id/reject
|
||||
func (m *Module) FollowRequestDenyPOSTHandler(c *gin.Context) {
|
||||
|
||||
}
|
@@ -28,21 +28,20 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
// IDKey is for status UUIDs
|
||||
// IDKey is for account IDs
|
||||
IDKey = "id"
|
||||
// BasePath is the base path for serving the follow request API
|
||||
BasePath = "/api/v1/follow_requests"
|
||||
// BasePathWithID is just the base path with the ID key in it.
|
||||
// Use this anywhere you need to know the ID of the follow request being queried.
|
||||
// Use this anywhere you need to know the ID of the account that owns the follow request being queried.
|
||||
BasePathWithID = BasePath + "/:" + IDKey
|
||||
|
||||
// AcceptPath is used for accepting follow requests
|
||||
AcceptPath = BasePathWithID + "/authorize"
|
||||
// DenyPath is used for denying follow requests
|
||||
DenyPath = BasePathWithID + "/reject"
|
||||
// AuthorizePath is used for authorizing follow requests
|
||||
AuthorizePath = BasePathWithID + "/authorize"
|
||||
// RejectPath is used for rejecting follow requests
|
||||
RejectPath = BasePathWithID + "/reject"
|
||||
)
|
||||
|
||||
// Module implements the ClientAPIModule interface for every related to interacting with follow requests
|
||||
// Module implements the ClientAPIModule interface
|
||||
type Module struct {
|
||||
config *config.Config
|
||||
processor processing.Processor
|
||||
@@ -59,7 +58,7 @@ func New(config *config.Config, processor processing.Processor) api.ClientModule
|
||||
// Route attaches all routes from this module to the given router
|
||||
func (m *Module) Route(r router.Router) error {
|
||||
r.AttachHandler(http.MethodGet, BasePath, m.FollowRequestGETHandler)
|
||||
r.AttachHandler(http.MethodPost, AcceptPath, m.FollowRequestAcceptPOSTHandler)
|
||||
r.AttachHandler(http.MethodPost, DenyPath, m.FollowRequestDenyPOSTHandler)
|
||||
r.AttachHandler(http.MethodPost, AuthorizePath, m.FollowRequestAuthorizePOSTHandler)
|
||||
r.AttachHandler(http.MethodPost, RejectPath, m.FollowRequestRejectPOSTHandler)
|
||||
return nil
|
||||
}
|
||||
|
105
internal/api/client/followrequest/followrequest_test.go
Normal file
105
internal/api/client/followrequest/followrequest_test.go
Normal file
@@ -0,0 +1,105 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"net/http/httptest"
|
||||
|
||||
"git.iim.gay/grufwub/go-store/kv"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/followrequest"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/federation"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
||||
)
|
||||
|
||||
type FollowRequestStandardTestSuite struct {
|
||||
suite.Suite
|
||||
config *config.Config
|
||||
db db.DB
|
||||
storage *kv.KVStore
|
||||
federator federation.Federator
|
||||
processor processing.Processor
|
||||
|
||||
// standard suite models
|
||||
testTokens map[string]*gtsmodel.Token
|
||||
testClients map[string]*gtsmodel.Client
|
||||
testApplications map[string]*gtsmodel.Application
|
||||
testUsers map[string]*gtsmodel.User
|
||||
testAccounts map[string]*gtsmodel.Account
|
||||
testAttachments map[string]*gtsmodel.MediaAttachment
|
||||
testStatuses map[string]*gtsmodel.Status
|
||||
|
||||
// module being tested
|
||||
followRequestModule *followrequest.Module
|
||||
}
|
||||
|
||||
func (suite *FollowRequestStandardTestSuite) SetupSuite() {
|
||||
suite.testTokens = testrig.NewTestTokens()
|
||||
suite.testClients = testrig.NewTestClients()
|
||||
suite.testApplications = testrig.NewTestApplications()
|
||||
suite.testUsers = testrig.NewTestUsers()
|
||||
suite.testAccounts = testrig.NewTestAccounts()
|
||||
suite.testAttachments = testrig.NewTestAttachments()
|
||||
suite.testStatuses = testrig.NewTestStatuses()
|
||||
}
|
||||
|
||||
func (suite *FollowRequestStandardTestSuite) SetupTest() {
|
||||
testrig.InitTestLog()
|
||||
suite.config = testrig.NewTestConfig()
|
||||
suite.db = testrig.NewTestDB()
|
||||
suite.storage = testrig.NewTestStorage()
|
||||
suite.federator = testrig.NewTestFederator(suite.db, testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil), suite.db), suite.storage)
|
||||
suite.processor = testrig.NewTestProcessor(suite.db, suite.storage, suite.federator)
|
||||
suite.followRequestModule = followrequest.New(suite.config, suite.processor).(*followrequest.Module)
|
||||
testrig.StandardDBSetup(suite.db, nil)
|
||||
testrig.StandardStorageSetup(suite.storage, "../../../../testrig/media")
|
||||
}
|
||||
|
||||
func (suite *FollowRequestStandardTestSuite) TearDownTest() {
|
||||
testrig.StandardDBTeardown(suite.db)
|
||||
testrig.StandardStorageTeardown(suite.storage)
|
||||
}
|
||||
|
||||
func (suite *FollowRequestStandardTestSuite) newContext(recorder *httptest.ResponseRecorder, requestMethod string, requestBody []byte, requestPath string, bodyContentType string) *gin.Context {
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
|
||||
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens["local_account_1"]))
|
||||
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||
|
||||
baseURI := fmt.Sprintf("%s://%s", suite.config.Protocol, suite.config.Host)
|
||||
requestURI := fmt.Sprintf("%s/%s", baseURI, requestPath)
|
||||
|
||||
ctx.Request = httptest.NewRequest(requestMethod, requestURI, bytes.NewReader(requestBody)) // the endpoint we're hitting
|
||||
|
||||
if bodyContentType != "" {
|
||||
ctx.Request.Header.Set("Content-Type", bodyContentType)
|
||||
}
|
||||
|
||||
return ctx
|
||||
}
|
@@ -26,13 +26,60 @@ import (
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
)
|
||||
|
||||
// FollowRequestGETHandler allows clients to get a list of their incoming follow requests.
|
||||
// FollowRequestGETHandler swagger:operation GET /api/v1/follow_requests getFollowRequests
|
||||
//
|
||||
// Get an array of accounts that have requested to follow you.
|
||||
//
|
||||
// The next and previous queries can be parsed from the returned Link header.
|
||||
// Example:
|
||||
//
|
||||
// ```
|
||||
// <https://example.org/api/v1/follow_requests?limit=80&max_id=01FC0SKA48HNSVR6YKZCQGS2V8>; rel="next", <https://example.org/api/v1/follow_requests?limit=80&min_id=01FC0SKW5JK2Q4EVAV2B462YY0>; rel="prev"
|
||||
// ````
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - follow_requests
|
||||
//
|
||||
// produces:
|
||||
// - application/json
|
||||
//
|
||||
// parameters:
|
||||
// - name: limit
|
||||
// type: integer
|
||||
// description: Number of accounts to return.
|
||||
// default: 40
|
||||
// in: query
|
||||
//
|
||||
// security:
|
||||
// - OAuth2 Bearer:
|
||||
// - read:follows
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// headers:
|
||||
// Link:
|
||||
// type: string
|
||||
// description: Links to the next and previous queries.
|
||||
// schema:
|
||||
// type: array
|
||||
// items:
|
||||
// "$ref": "#/definitions/account"
|
||||
// '400':
|
||||
// description: bad request
|
||||
// '401':
|
||||
// description: unauthorized
|
||||
// '403':
|
||||
// description: forbidden
|
||||
// '404':
|
||||
// description: not found
|
||||
func (m *Module) FollowRequestGETHandler(c *gin.Context) {
|
||||
l := logrus.WithField("func", "statusCreatePOSTHandler")
|
||||
l := logrus.WithField("func", "FollowRequestGETHandler")
|
||||
|
||||
authed, err := oauth.Authed(c, true, true, true, true)
|
||||
if err != nil {
|
||||
l.Debugf("couldn't auth: %s", err)
|
||||
c.JSON(http.StatusForbidden, gin.H{"error": err.Error()})
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
|
78
internal/api/client/followrequest/get_test.go
Normal file
78
internal/api/client/followrequest/get_test.go
Normal file
@@ -0,0 +1,78 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
)
|
||||
|
||||
type GetTestSuite struct {
|
||||
FollowRequestStandardTestSuite
|
||||
}
|
||||
|
||||
func (suite *GetTestSuite) TestGet() {
|
||||
requestingAccount := suite.testAccounts["remote_account_2"]
|
||||
targetAccount := suite.testAccounts["local_account_1"]
|
||||
|
||||
// put a follow request in the database
|
||||
fr := >smodel.FollowRequest{
|
||||
ID: "01FJ1S8DX3STJJ6CEYPMZ1M0R3",
|
||||
CreatedAt: time.Now(),
|
||||
UpdatedAt: time.Now(),
|
||||
URI: fmt.Sprintf("%s/follow/01FJ1S8DX3STJJ6CEYPMZ1M0R3", requestingAccount.URI),
|
||||
AccountID: requestingAccount.ID,
|
||||
TargetAccountID: targetAccount.ID,
|
||||
}
|
||||
|
||||
err := suite.db.Put(context.Background(), fr)
|
||||
suite.NoError(err)
|
||||
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx := suite.newContext(recorder, http.MethodGet, []byte{}, "/api/v1/follow_requests", "")
|
||||
|
||||
// call the handler
|
||||
suite.followRequestModule.FollowRequestGETHandler(ctx)
|
||||
|
||||
// 1. we should have OK because our request was valid
|
||||
suite.Equal(http.StatusOK, recorder.Code)
|
||||
|
||||
// 2. we should have no error message in the result body
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
|
||||
// check the response
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
assert.NoError(suite.T(), err)
|
||||
|
||||
suite.Equal(`[{"id":"01FHMQX3GAABWSM0S2VZEC2SWC","username":"some_user","acct":"some_user@example.org","display_name":"some user","locked":true,"bot":false,"created_at":"2020-08-10T12:13:28Z","note":"i'm a real son of a gun","url":"http://example.org/@some_user","avatar":"","avatar_static":"","header":"","header_static":"","followers_count":0,"following_count":0,"statuses_count":0,"last_status_at":"","emojis":[],"fields":[]}]`, string(b))
|
||||
}
|
||||
|
||||
func TestGetTestSuite(t *testing.T) {
|
||||
suite.Run(t, &GetTestSuite{})
|
||||
}
|
@@ -19,21 +19,58 @@
|
||||
package followrequest
|
||||
|
||||
import (
|
||||
"github.com/sirupsen/logrus"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
)
|
||||
|
||||
// FollowRequestAcceptPOSTHandler deals with follow request accepting. It should be served at
|
||||
// /api/v1/follow_requests/:id/authorize
|
||||
func (m *Module) FollowRequestAcceptPOSTHandler(c *gin.Context) {
|
||||
l := logrus.WithField("func", "statusCreatePOSTHandler")
|
||||
// FollowRequestRejectPOSTHandler swagger:operation POST /api/v1/follow_requests/{account_id}/reject rejectFollowRequest
|
||||
//
|
||||
// Reject/deny follow request from the given account ID.
|
||||
//
|
||||
// ---
|
||||
// tags:
|
||||
// - follow_requests
|
||||
//
|
||||
// produces:
|
||||
// - application/json
|
||||
//
|
||||
// parameters:
|
||||
// - name: account_id
|
||||
// type: string
|
||||
// description: ID of the account requesting to follow you.
|
||||
// in: path
|
||||
// required: true
|
||||
//
|
||||
// security:
|
||||
// - OAuth2 Bearer:
|
||||
// - write:follows
|
||||
//
|
||||
// responses:
|
||||
// '200':
|
||||
// name: account relationship
|
||||
// description: Your relationship to this account.
|
||||
// schema:
|
||||
// "$ref": "#/definitions/accountRelationship"
|
||||
// '400':
|
||||
// description: bad request
|
||||
// '401':
|
||||
// description: unauthorized
|
||||
// '403':
|
||||
// description: forbidden
|
||||
// '404':
|
||||
// description: not found
|
||||
// '500':
|
||||
// description: internal server error
|
||||
func (m *Module) FollowRequestRejectPOSTHandler(c *gin.Context) {
|
||||
l := logrus.WithField("func", "FollowRequestRejectPOSTHandler")
|
||||
|
||||
authed, err := oauth.Authed(c, true, true, true, true)
|
||||
if err != nil {
|
||||
l.Debugf("couldn't auth: %s", err)
|
||||
c.JSON(http.StatusForbidden, gin.H{"error": err.Error()})
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
@@ -49,11 +86,12 @@ func (m *Module) FollowRequestAcceptPOSTHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
r, errWithCode := m.processor.FollowRequestAccept(c.Request.Context(), authed, originAccountID)
|
||||
relationship, errWithCode := m.processor.FollowRequestReject(c.Request.Context(), authed, originAccountID)
|
||||
if errWithCode != nil {
|
||||
l.Debug(errWithCode.Error())
|
||||
c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, r)
|
||||
|
||||
c.JSON(http.StatusOK, relationship)
|
||||
}
|
87
internal/api/client/followrequest/reject_test.go
Normal file
87
internal/api/client/followrequest/reject_test.go
Normal file
@@ -0,0 +1,87 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package followrequest_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/followrequest"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
)
|
||||
|
||||
type RejectTestSuite struct {
|
||||
FollowRequestStandardTestSuite
|
||||
}
|
||||
|
||||
func (suite *RejectTestSuite) TestReject() {
|
||||
requestingAccount := suite.testAccounts["remote_account_2"]
|
||||
targetAccount := suite.testAccounts["local_account_1"]
|
||||
|
||||
// put a follow request in the database
|
||||
fr := >smodel.FollowRequest{
|
||||
ID: "01FJ1S8DX3STJJ6CEYPMZ1M0R3",
|
||||
CreatedAt: time.Now(),
|
||||
UpdatedAt: time.Now(),
|
||||
URI: fmt.Sprintf("%s/follow/01FJ1S8DX3STJJ6CEYPMZ1M0R3", requestingAccount.URI),
|
||||
AccountID: requestingAccount.ID,
|
||||
TargetAccountID: targetAccount.ID,
|
||||
}
|
||||
|
||||
err := suite.db.Put(context.Background(), fr)
|
||||
suite.NoError(err)
|
||||
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx := suite.newContext(recorder, http.MethodPost, []byte{}, fmt.Sprintf("/api/v1/follow_requests/%s/reject", requestingAccount.ID), "")
|
||||
|
||||
ctx.Params = gin.Params{
|
||||
gin.Param{
|
||||
Key: followrequest.IDKey,
|
||||
Value: requestingAccount.ID,
|
||||
},
|
||||
}
|
||||
|
||||
// call the handler
|
||||
suite.followRequestModule.FollowRequestRejectPOSTHandler(ctx)
|
||||
|
||||
// 1. we should have OK because our request was valid
|
||||
suite.Equal(http.StatusOK, recorder.Code)
|
||||
|
||||
// 2. we should have no error message in the result body
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
|
||||
// check the response
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
assert.NoError(suite.T(), err)
|
||||
|
||||
suite.Equal(`{"id":"01FHMQX3GAABWSM0S2VZEC2SWC","following":false,"showing_reblogs":false,"notifying":false,"followed_by":false,"blocking":false,"blocked_by":false,"muting":false,"muting_notifications":false,"requested":false,"domain_blocking":false,"endorsed":false,"note":""}`, string(b))
|
||||
}
|
||||
|
||||
func TestRejectTestSuite(t *testing.T) {
|
||||
suite.Run(t, &RejectTestSuite{})
|
||||
}
|
Reference in New Issue
Block a user