Merge remote-tracking branch 'parent/main' into upstream-20240817
This commit is contained in:
KMY
commit
82ffc95733
97 changed files with 1377 additions and 472 deletions
|
|
@ -182,30 +182,30 @@ RSpec.describe User do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'blacklist' do
|
||||
describe 'email domains denylist integration' do
|
||||
around do |example|
|
||||
old_blacklist = Rails.configuration.x.email_blacklist
|
||||
original = Rails.configuration.x.email_domains_denylist
|
||||
|
||||
Rails.configuration.x.email_domains_blacklist = 'mvrht.com'
|
||||
Rails.configuration.x.email_domains_denylist = 'mvrht.com'
|
||||
|
||||
example.run
|
||||
|
||||
Rails.configuration.x.email_domains_blacklist = old_blacklist
|
||||
Rails.configuration.x.email_domains_denylist = original
|
||||
end
|
||||
|
||||
it 'allows a non-blacklisted user to be created' do
|
||||
it 'allows a user with an email domain that is not on the denylist to be created' do
|
||||
user = described_class.new(email: 'foo@example.com', account: account, password: password, agreement: true)
|
||||
|
||||
expect(user).to be_valid
|
||||
end
|
||||
|
||||
it 'does not allow a blacklisted user to be created' do
|
||||
it 'does not allow a user with an email domain on the deylist to be created' do
|
||||
user = described_class.new(email: 'foo@mvrht.com', account: account, password: password, agreement: true)
|
||||
|
||||
expect(user).to_not be_valid
|
||||
end
|
||||
|
||||
it 'does not allow a subdomain blacklisted user to be created' do
|
||||
it 'does not allow a user with an email where the subdomain is on the denylist to be created' do
|
||||
user = described_class.new(email: 'foo@mvrht.com.topdomain.tld', account: account, password: password, agreement: true)
|
||||
|
||||
expect(user).to_not be_valid
|
||||
|
|
@ -406,43 +406,43 @@ RSpec.describe User do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'whitelist' do
|
||||
describe 'allowlist integration' do
|
||||
around do |example|
|
||||
old_whitelist = Rails.configuration.x.email_domains_whitelist
|
||||
original = Rails.configuration.x.email_domains_allowlist
|
||||
|
||||
Rails.configuration.x.email_domains_whitelist = 'mastodon.space'
|
||||
Rails.configuration.x.email_domains_allowlist = 'mastodon.space'
|
||||
|
||||
example.run
|
||||
|
||||
Rails.configuration.x.email_domains_whitelist = old_whitelist
|
||||
Rails.configuration.x.email_domains_allowlist = original
|
||||
end
|
||||
|
||||
it 'does not allow a user to be created unless they are whitelisted' do
|
||||
it 'does not allow a user to be created when their email is not on the allowlist' do
|
||||
user = described_class.new(email: 'foo@example.com', account: account, password: password, agreement: true)
|
||||
expect(user).to_not be_valid
|
||||
end
|
||||
|
||||
it 'allows a user to be created if they are whitelisted' do
|
||||
it 'allows a user to be created when their email is on the allowlist' do
|
||||
user = described_class.new(email: 'foo@mastodon.space', account: account, password: password, agreement: true)
|
||||
expect(user).to be_valid
|
||||
end
|
||||
|
||||
it 'does not allow a user with a whitelisted top domain as subdomain in their email address to be created' do
|
||||
it 'does not allow a user with an email subdomain included on the top level domain allowlist to be created' do
|
||||
user = described_class.new(email: 'foo@mastodon.space.userdomain.com', account: account, password: password, agreement: true)
|
||||
expect(user).to_not be_valid
|
||||
end
|
||||
|
||||
context 'with a blacklisted subdomain' do
|
||||
context 'with a subdomain on the denylist' do
|
||||
around do |example|
|
||||
old_blacklist = Rails.configuration.x.email_blacklist
|
||||
original = Rails.configuration.x.email_domains_denylist
|
||||
example.run
|
||||
Rails.configuration.x.email_domains_blacklist = old_blacklist
|
||||
Rails.configuration.x.email_domains_denylist = original
|
||||
end
|
||||
|
||||
it 'does not allow a user to be created with a specific blacklisted subdomain even if the top domain is whitelisted' do
|
||||
Rails.configuration.x.email_domains_blacklist = 'blacklisted.mastodon.space'
|
||||
it 'does not allow a user to be created with an email subdomain on the denylist even if the top domain is on the allowlist' do
|
||||
Rails.configuration.x.email_domains_denylist = 'denylisted.mastodon.space'
|
||||
|
||||
user = described_class.new(email: 'foo@blacklisted.mastodon.space', account: account, password: password)
|
||||
user = described_class.new(email: 'foo@denylisted.mastodon.space', account: account, password: password)
|
||||
expect(user).to_not be_valid
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue