Return 404 if account to filter notifications from is not found

This commit is contained in:
Egor Kislitsyn 2019-12-19 20:45:44 +07:00
parent 6c39fa20b1
commit 34d85f8a54
No known key found for this signature in database
GPG Key ID: 1B49CB15B71E7805
3 changed files with 23 additions and 9 deletions

View File

@ -23,6 +23,23 @@ defmodule Pleroma.Web.MastodonAPI.NotificationController do
plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug) plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
# GET /api/v1/notifications # GET /api/v1/notifications
def index(conn, %{"account_id" => account_id} = params) do
case Pleroma.User.get_cached_by_id(account_id) do
%{ap_id: account_ap_id} ->
params =
params
|> Map.delete("account_id")
|> Map.put("account_ap_id", account_ap_id)
index(conn, params)
_ ->
conn
|> put_status(:not_found)
|> json(%{"error" => "Account is not found"})
end
end
def index(%{assigns: %{user: user}} = conn, params) do def index(%{assigns: %{user: user}} = conn, params) do
notifications = MastodonAPI.get_notifications(user, params) notifications = MastodonAPI.get_notifications(user, params)

View File

@ -56,7 +56,7 @@ def get_notifications(user, params \\ %{}) do
user user
|> Notification.for_user_query(options) |> Notification.for_user_query(options)
|> restrict(:exclude_types, options) |> restrict(:exclude_types, options)
|> restrict(:account_id, options) |> restrict(:account_ap_id, options)
|> Pagination.fetch_paginated(params) |> Pagination.fetch_paginated(params)
end end
@ -73,7 +73,7 @@ defp cast_params(params) do
reblogs: :boolean, reblogs: :boolean,
with_muted: :boolean, with_muted: :boolean,
with_move: :boolean, with_move: :boolean,
account_id: :string account_ap_id: :string
} }
changeset = cast({%{}, param_types}, params, Map.keys(param_types)) changeset = cast({%{}, param_types}, params, Map.keys(param_types))
@ -90,11 +90,8 @@ defp restrict(query, :exclude_types, %{exclude_types: mastodon_types = [_ | _]})
|> where([q, a], not fragment("? @> ARRAY[?->>'type']::varchar[]", ^ap_types, a.data)) |> where([q, a], not fragment("? @> ARRAY[?->>'type']::varchar[]", ^ap_types, a.data))
end end
defp restrict(query, :account_id, %{account_id: account_id}) do defp restrict(query, :account_ap_id, %{account_ap_id: account_ap_id}) do
case User.get_cached_by_id(account_id) do where(query, [n, a], a.actor == ^account_ap_id)
%{ap_id: ap_id} -> where(query, [n, a], a.actor == ^ap_id)
_ -> where(query, [n, a], a.actor == "fake ap id")
end
end end
defp restrict(query, _, _), do: query defp restrict(query, _, _), do: query

View File

@ -478,11 +478,11 @@ test "account_id", %{conn: conn} do
|> get("/api/v1/notifications", %{account_id: account_id}) |> get("/api/v1/notifications", %{account_id: account_id})
|> json_response(200) |> json_response(200)
assert [] = assert %{"error" => "Account is not found"} =
conn conn
|> assign(:user, user) |> assign(:user, user)
|> get("/api/v1/notifications", %{account_id: "cofe"}) |> get("/api/v1/notifications", %{account_id: "cofe"})
|> json_response(200) |> json_response(404)
end end
end end