AP C2S: Restrict character limit on Note
This commit is contained in:
parent
a781ac6ca5
commit
10ef532c63
|
@ -399,10 +399,18 @@ def read_inbox(%{assigns: %{user: %User{nickname: as_nickname}}} = conn, %{
|
||||||
|
|
||||||
defp handle_user_activity(
|
defp handle_user_activity(
|
||||||
%User{} = user,
|
%User{} = user,
|
||||||
%{"type" => "Create", "object" => %{"type" => "Note"}} = params
|
%{"type" => "Create", "object" => %{"type" => "Note"} = object} = params
|
||||||
) do
|
) do
|
||||||
|
content = if is_binary(object["content"]), do: object["content"], else: ""
|
||||||
|
name = if is_binary(object["name"]), do: object["name"], else: ""
|
||||||
|
summary = if is_binary(object["summary"]), do: object["summary"], else: ""
|
||||||
|
length = String.length(content <> name <> summary)
|
||||||
|
|
||||||
|
if length > Pleroma.Config.get([:instance, :limit]) do
|
||||||
|
{:error, dgettext("errors", "Note is over the character limit")}
|
||||||
|
else
|
||||||
object =
|
object =
|
||||||
params["object"]
|
object
|
||||||
|> Map.merge(Map.take(params, ["to", "cc"]))
|
|> Map.merge(Map.take(params, ["to", "cc"]))
|
||||||
|> Map.put("attributedTo", user.ap_id())
|
|> Map.put("attributedTo", user.ap_id())
|
||||||
|> Transmogrifier.fix_object()
|
|> Transmogrifier.fix_object()
|
||||||
|
@ -415,6 +423,7 @@ defp handle_user_activity(
|
||||||
additional: Map.take(params, ["cc"])
|
additional: Map.take(params, ["cc"])
|
||||||
})
|
})
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
|
defp handle_user_activity(%User{} = user, %{"type" => "Delete"} = params) do
|
||||||
with %Object{} = object <- Object.normalize(params["object"]),
|
with %Object{} = object <- Object.normalize(params["object"]),
|
||||||
|
|
|
@ -905,6 +905,8 @@ test "it requires authentication if instance is NOT federating", %{
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "POST /users/:nickname/outbox (C2S)" do
|
describe "POST /users/:nickname/outbox (C2S)" do
|
||||||
|
setup do: clear_config([:instance, :limit])
|
||||||
|
|
||||||
setup do
|
setup do
|
||||||
[
|
[
|
||||||
activity: %{
|
activity: %{
|
||||||
|
@ -1121,6 +1123,20 @@ test "it doesn't spreads faulty attributedTo or actor fields", %{
|
||||||
assert cirno_object.data["actor"] == cirno.ap_id
|
assert cirno_object.data["actor"] == cirno.ap_id
|
||||||
assert cirno_object.data["attributedTo"] == cirno.ap_id
|
assert cirno_object.data["attributedTo"] == cirno.ap_id
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "Character limitation", %{conn: conn, activity: activity} do
|
||||||
|
Pleroma.Config.put([:instance, :limit], 5)
|
||||||
|
user = insert(:user)
|
||||||
|
|
||||||
|
result =
|
||||||
|
conn
|
||||||
|
|> assign(:user, user)
|
||||||
|
|> put_req_header("content-type", "application/activity+json")
|
||||||
|
|> post("/users/#{user.nickname}/outbox", activity)
|
||||||
|
|> json_response(400)
|
||||||
|
|
||||||
|
assert result == "Note is over the character limit"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "/relay/followers" do
|
describe "/relay/followers" do
|
||||||
|
|
Loading…
Reference in New Issue