mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-20 03:25:17 +01:00
WIP
This commit is contained in:
parent
17ea727950
commit
0c7116d267
@ -8,7 +8,7 @@ class Api::V1::Timelines::BaseController < Api::BaseController
|
||||
private
|
||||
|
||||
def require_auth?
|
||||
!Setting.timeline_preview
|
||||
!(Setting.timeline_preview_local && Setting.timeline_preview_remote)
|
||||
end
|
||||
|
||||
def pagination_collection
|
||||
|
@ -2,6 +2,7 @@
|
||||
|
||||
class Api::V1::Timelines::LinkController < Api::V1::Timelines::BaseController
|
||||
before_action -> { authorize_if_got_token! :read, :'read:statuses' }
|
||||
before_action :require_user!, if: :require_auth?
|
||||
before_action :set_preview_card
|
||||
before_action :set_statuses
|
||||
|
||||
@ -17,6 +18,12 @@ class Api::V1::Timelines::LinkController < Api::V1::Timelines::BaseController
|
||||
|
||||
private
|
||||
|
||||
# A viewer can only see the link timeline if both timeline_preview_local and
|
||||
# timeline_preview_remote are true, since it includes remote content
|
||||
def require_auth?
|
||||
!(Setting.timeline_preview_local && Setting.timeline_preview_remote)
|
||||
end
|
||||
|
||||
def set_preview_card
|
||||
@preview_card = PreviewCard.joins(:trend).merge(PreviewCardTrend.allowed).find_by!(url: params[:url])
|
||||
end
|
||||
|
@ -14,10 +14,6 @@ class Api::V1::Timelines::TagController < Api::V1::Timelines::BaseController
|
||||
|
||||
private
|
||||
|
||||
def require_auth?
|
||||
!Setting.timeline_preview
|
||||
end
|
||||
|
||||
def load_tag
|
||||
@tag = Tag.find_normalized(params[:id])
|
||||
end
|
||||
|
@ -17,6 +17,14 @@ describe 'Link' do
|
||||
end
|
||||
end
|
||||
|
||||
# The default settings are that timeline_preview_local is true but
|
||||
# timeline_preview_remote is false, which caused this spec to fail because it
|
||||
# assumes the default visibility is true.
|
||||
before do
|
||||
Form::AdminSettings.new(timeline_preview_local: true).save
|
||||
Form::AdminSettings.new(timeline_preview_remote: true).save
|
||||
end
|
||||
|
||||
describe 'GET /api/v1/timelines/link' do
|
||||
subject do
|
||||
get '/api/v1/timelines/link', headers: headers, params: params
|
||||
@ -79,7 +87,8 @@ describe 'Link' do
|
||||
|
||||
context 'when the instance does not allow public preview' do
|
||||
before do
|
||||
Form::AdminSettings.new(timeline_preview: false).save
|
||||
Form::AdminSettings.new(timeline_preview_local: false).save
|
||||
Form::AdminSettings.new(timeline_preview_remote: false).save
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'profile'
|
||||
@ -110,6 +119,11 @@ describe 'Link' do
|
||||
end
|
||||
|
||||
context 'when the instance allows public preview' do
|
||||
before do
|
||||
Form::AdminSettings.new(timeline_preview_local: true).save
|
||||
Form::AdminSettings.new(timeline_preview_remote: true).save
|
||||
end
|
||||
|
||||
context 'with an authorized user' do
|
||||
it_behaves_like 'a successful request to the link timeline'
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user