parent
7975351550
commit
cfc99fe05c
|
@ -182,11 +182,10 @@ def list(%{assigns: %{user: user}} = conn, %{list_id: id} = params) do
|
|||
with %Pleroma.List{title: _title, following: following} <- Pleroma.List.get(id, user) do
|
||||
params =
|
||||
params
|
||||
|> Map.new(fn {key, value} -> {to_string(key), value} end)
|
||||
|> Map.put("type", "Create")
|
||||
|> Map.put("blocking_user", user)
|
||||
|> Map.put("user", user)
|
||||
|> Map.put("muting_user", user)
|
||||
|> Map.put(:type, "Create")
|
||||
|> Map.put(:blocking_user, user)
|
||||
|> Map.put(:user, user)
|
||||
|> Map.put(:muting_user, user)
|
||||
|
||||
# we must filter the following list for the user to avoid leaking statuses the user
|
||||
# does not actually have permission to see (for more info, peruse security issue #270).
|
||||
|
|
|
@ -333,6 +333,46 @@ test "doesn't include DMs from blocked users" do
|
|||
describe "list" do
|
||||
setup do: oauth_access(["read:lists"])
|
||||
|
||||
test "does not contain retoots", %{user: user, conn: conn} do
|
||||
other_user = insert(:user)
|
||||
{:ok, activity_one} = CommonAPI.post(user, %{status: "Marisa is cute."})
|
||||
{:ok, activity_two} = CommonAPI.post(other_user, %{status: "Marisa is stupid."})
|
||||
{:ok, _} = CommonAPI.repeat(activity_one.id, other_user)
|
||||
|
||||
{:ok, list} = Pleroma.List.create("name", user)
|
||||
{:ok, list} = Pleroma.List.follow(list, other_user)
|
||||
|
||||
conn = get(conn, "/api/v1/timelines/list/#{list.id}")
|
||||
|
||||
assert [%{"id" => id}] = json_response_and_validate_schema(conn, :ok)
|
||||
|
||||
assert id == to_string(activity_two.id)
|
||||
end
|
||||
|
||||
test "works with pagination", %{user: user, conn: conn} do
|
||||
other_user = insert(:user)
|
||||
{:ok, list} = Pleroma.List.create("name", user)
|
||||
{:ok, list} = Pleroma.List.follow(list, other_user)
|
||||
|
||||
Enum.each(1..30, fn i ->
|
||||
CommonAPI.post(other_user, %{status: "post number #{i}"})
|
||||
end)
|
||||
|
||||
res =
|
||||
get(conn, "/api/v1/timelines/list/#{list.id}?limit=1")
|
||||
|> json_response_and_validate_schema(:ok)
|
||||
|
||||
assert length(res) == 1
|
||||
|
||||
[first] = res
|
||||
|
||||
res =
|
||||
get(conn, "/api/v1/timelines/list/#{list.id}?max_id=#{first["id"]}&limit=30")
|
||||
|> json_response_and_validate_schema(:ok)
|
||||
|
||||
assert length(res) == 29
|
||||
end
|
||||
|
||||
test "list timeline", %{user: user, conn: conn} do
|
||||
other_user = insert(:user)
|
||||
{:ok, _activity_one} = CommonAPI.post(user, %{status: "Marisa is cute."})
|
||||
|
|
Loading…
Reference in New Issue