Merge branch 'rmhasan-fix_462'

2017-02-26 23:23:47 +01:00 · 2017-02-26 23:23:47 +01:00 · a0df694c24
parent 1b8d3375c8 5f511324b6
commit a0df694c24
8 changed files with 21 additions and 10 deletions
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@ -67,7 +67,6 @@ class Api::V1::StatusesController < ApiController
                                                                                                                                                             spoiler_text: params[:spoiler_text],
                                                                                                                                                             visibility: params[:visibility],
                                                                                                                                                             application: doorkeeper_token.application)
-
    render action: :show
  end

--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@ -10,7 +10,7 @@ class ApiController < ApplicationController

  before_action :set_rate_limit_headers

-  rescue_from ActiveRecord::RecordInvalid do |e|
+  rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
    render json: { error: e.to_s }, status: 422
  end

@ -30,7 +30,7 @@ class ApiController < ApplicationController
    render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
  end

-  rescue_from Mastodon::NotPermitted do
+  rescue_from Mastodon::NotPermittedError do
    render json: { error: 'This action is not allowed' }, status: 403
  end

--- a/app/controllers/authorize_follow_controller.rb
+++ b/app/controllers/authorize_follow_controller.rb
@ -25,7 +25,7 @@ class AuthorizeFollowController < ApplicationController
    else
      redirect_to web_url("accounts/#{@account.id}")
    end
-  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted
+  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
    render :error
  end

--- a/app/lib/exceptions.rb
+++ b/app/lib/exceptions.rb
@ -2,5 +2,6 @@

 module Mastodon
  class Error < StandardError; end
-  class NotPermitted < Error; end
+  class NotPermittedError < Error; end
+  class ValidationError < Error; end
 end
--- a/app/services/favourite_service.rb
+++ b/app/services/favourite_service.rb
@ -6,7 +6,7 @@ class FavouriteService < BaseService
  # @param [Status] status
  # @return [Favourite]
  def call(account, status)
-    raise Mastodon::NotPermitted unless status.permitted?(account)
+    raise Mastodon::NotPermittedError unless status.permitted?(account)

    favourite = Favourite.create!(account: account, status: status)

--- a/app/services/follow_service.rb
+++ b/app/services/follow_service.rb
@ -10,7 +10,7 @@ class FollowService < BaseService
    target_account = FollowRemoteAccountService.new.call(uri)

    raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
-    raise Mastodon::NotPermitted       if target_account.blocking?(source_account) || source_account.blocking?(target_account)
+    raise Mastodon::NotPermittedError       if target_account.blocking?(source_account) || source_account.blocking?(target_account)

    if target_account.locked?
      request_follow(source_account, target_account)
--- a/app/services/post_status_service.rb
+++ b/app/services/post_status_service.rb
@ -13,6 +13,7 @@ class PostStatusService < BaseService
  # @option [Doorkeeper::Application] :application
  # @return [Status]
  def call(account, text, in_reply_to = nil, options = {})
+    media  = validate_media!(options[:media_ids])
    status = account.statuses.create!(text: text,
                                      thread: in_reply_to,
                                      sensitive: options[:sensitive],
@ -20,7 +21,7 @@ class PostStatusService < BaseService
                                      visibility: options[:visibility],
                                      application: options[:application])

-    attach_media(status, options[:media_ids])
+    attach_media(status, media)
    process_mentions_service.call(status)
    process_hashtags_service.call(status)

@ -33,10 +34,20 @@ class PostStatusService < BaseService

  private

-  def attach_media(status, media_ids)
+  def validate_media!(media_ids)
    return if media_ids.nil? || !media_ids.is_a?(Enumerable)

+    raise Mastodon::ValidationError, 'Cannot attach more than 4 files' if media_ids.size > 4
+
    media = MediaAttachment.where(status_id: nil).where(id: media_ids.take(4).map(&:to_i))
+
+    raise Mastodon::ValidationError, 'Cannot attach a video to a toot that already contains images' if media.size > 1 && media.find(&:video?)
+
+    media
+  end
+
+  def attach_media(status, media)
+    return if media.nil?
    media.update(status_id: status.id)
  end

--- a/app/services/reblog_service.rb
+++ b/app/services/reblog_service.rb
@ -10,7 +10,7 @@ class ReblogService < BaseService
  def call(account, reblogged_status)
    reblogged_status = reblogged_status.reblog if reblogged_status.reblog?

-    raise Mastodon::NotPermitted if reblogged_status.private_visibility? || !reblogged_status.permitted?(account)
+    raise Mastodon::NotPermittedError if reblogged_status.private_visibility? || !reblogged_status.permitted?(account)

    reblog = account.statuses.create!(reblog: reblogged_status, text: '')