Commit Graph

11 Commits (6ac6d8652561cb18fea9ef09c4e1f151fc5e95b4)

Author SHA1 Message Date
Claire 221bba1897 Merge commit '7ed9c590b98610f8d68deab9ef8df260eec6d8f0' into glitch-soc/merge-upstream 2024-09-21 15:06:06 +02:00
Matt Jankowski 66326065b0
Add `response.content_type` checks for JSON to `api/v1` request specs (#31981) 2024-09-20 13:13:04 +00:00
Matt Jankowski b071e618e7
Combine API request spec assertions (#31970) 2024-09-19 10:15:21 +00:00
Claire 29124990a2 Merge commit '7335a43b6dac0e82c305ce4dec9db4da114c769e' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/application_helper.rb`:
  Upstream reworked how CSS classes for the document's body are computed.
  Slight conflict due to glitch-soc's different theming system.
  Updated as upstream did.
2024-09-06 19:25:31 +02:00
Matt Jankowski 6b6a80b407
Remove `body_as_json` in favor of built-in `response.parsed_body` for JSON response specs (#31749) 2024-09-06 09:58:46 +00:00
Claire 5a55180b95 Merge commit 'fe04291af46d7cb9d3439fa73739b2ffb2b53d72' into glitch-soc/merge-upstream
Conflicts:
- `spec/lib/sanitize/config_spec.rb`:
  Upstream rewrote top-level `describe` calls to `RSpec.describe`, and
  glitch-soc had differences in the first few tests because of the wider
  subset of HTML it accepts.
  Changed `describe` to `RSpec.describe` as upstream did, keeping
  glitch-soc's tests.
2024-09-04 19:38:52 +02:00
Matt Jankowski f1003b2560
Enable "zero monkey patching" mode in RSpec (#31614) 2024-09-04 05:12:25 +00:00
Claire e61a7794f8 Merge commit 'df9e26158d9787859b24bdc276af478abf05e1af' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Conflict because glitch-soc has a different list of allowed tags.
  Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
  Conflict because of glitch-soc's default settings.
  Updated accordingly.
2024-07-04 17:12:14 +02:00
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire 578b0eae7d Fix /api/v1/timelines/link specs for glitch-soc default settings 2024-06-06 12:52:15 +02:00
Eugen Rochko a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00