forked from treehouse/mastodon
Add avatar image to webfinger responses (#26558)
parent
40b69cc1cd
commit
336ec503c2
|
@ -18,18 +18,31 @@ class WebfingerSerializer < ActiveModel::Serializer
|
|||
end
|
||||
|
||||
def links
|
||||
if object.instance_actor?
|
||||
[
|
||||
{ rel: 'http://webfinger.net/rel/profile-page', type: 'text/html', href: about_more_url(instance_actor: true) },
|
||||
{ rel: 'self', type: 'application/activity+json', href: instance_actor_url },
|
||||
{ rel: 'http://ostatus.org/schema/1.0/subscribe', template: "#{authorize_interaction_url}?uri={uri}" },
|
||||
]
|
||||
else
|
||||
[
|
||||
{ rel: 'http://webfinger.net/rel/profile-page', type: 'text/html', href: short_account_url(object) },
|
||||
{ rel: 'self', type: 'application/activity+json', href: account_url(object) },
|
||||
{ rel: 'http://ostatus.org/schema/1.0/subscribe', template: "#{authorize_interaction_url}?uri={uri}" },
|
||||
]
|
||||
[
|
||||
{ rel: 'http://webfinger.net/rel/profile-page', type: 'text/html', href: profile_page_href },
|
||||
{ rel: 'self', type: 'application/activity+json', href: self_href },
|
||||
{ rel: 'http://ostatus.org/schema/1.0/subscribe', template: "#{authorize_interaction_url}?uri={uri}" },
|
||||
].tap do |x|
|
||||
x << { rel: 'http://webfinger.net/rel/avatar', type: object.avatar.content_type, href: full_asset_url(object.avatar_original_url) } if show_avatar?
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def show_avatar?
|
||||
media_present = object.avatar.present? && object.avatar.content_type.present?
|
||||
|
||||
# Show avatar only if an instance shows profiles to logged out users
|
||||
allowed_by_config = ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] != 'true' && !Rails.configuration.x.limited_federation_mode
|
||||
|
||||
media_present && allowed_by_config
|
||||
end
|
||||
|
||||
def profile_page_href
|
||||
object.instance_actor? ? about_more_url(instance_actor: true) : short_account_url(object)
|
||||
end
|
||||
|
||||
def self_href
|
||||
object.instance_actor? ? instance_actor_url : account_url(object)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
require 'rails_helper'
|
||||
|
||||
describe WellKnown::WebfingerController do
|
||||
include RoutingHelper
|
||||
|
||||
render_views
|
||||
|
||||
describe 'GET #show' do
|
||||
|
@ -167,5 +169,67 @@ describe WellKnown::WebfingerController do
|
|||
expect(response).to have_http_status(400)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account has an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('attachment.jpg')) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
it 'returns avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to_not be_nil
|
||||
expect(avatar_link[:type]).to eq alice.avatar.content_type
|
||||
expect(avatar_link[:href]).to eq full_asset_url(alice.avatar)
|
||||
end
|
||||
|
||||
context 'with limited federation mode' do
|
||||
before do
|
||||
allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'when enabling DISALLOW_UNAUTHENTICATED_API_ACCESS' do
|
||||
around do |example|
|
||||
ClimateControl.modify DISALLOW_UNAUTHENTICATED_API_ACCESS: 'true' do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
perform_show!
|
||||
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when an account does not have an avatar' do
|
||||
let(:alice) { Fabricate(:account, username: 'alice', avatar: nil) }
|
||||
let(:resource) { alice.to_webfinger_s }
|
||||
|
||||
before do
|
||||
perform_show!
|
||||
end
|
||||
|
||||
it 'does not return avatar in response' do
|
||||
avatar_link = get_avatar_link(body_as_json)
|
||||
expect(avatar_link).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def get_avatar_link(json)
|
||||
json[:links].find { |link| link[:rel] == 'http://webfinger.net/rel/avatar' }
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue