Merge remote-tracking branch 'parent/main' into upstream-20240705

2024-07-05 07:22:34 +09:00 · 2024-07-05 07:22:34 +09:00 · 9a07550fa6
commit 9a07550fa6
parent 8b2effcf16 df9e26158d
75 changed files with 1046 additions and 543 deletions
--- a/spec/controllers/oauth/authorized_applications_controller_spec.rb
+++ b/spec/controllers/oauth/authorized_applications_controller_spec.rb
@ -50,9 +50,11 @@ describe Oauth::AuthorizedApplicationsController do
    let!(:application) { Fabricate(:application) }
    let!(:access_token) { Fabricate(:accessible_access_token, application: application, resource_owner_id: user.id) }
    let!(:web_push_subscription) { Fabricate(:web_push_subscription, user: user, access_token: access_token) }
+    let(:redis_pipeline_stub) { instance_double(Redis::Namespace, publish: nil) }

    before do
      sign_in user, scope: :user
+      allow(redis).to receive(:pipelined).and_yield(redis_pipeline_stub)
      post :destroy, params: { id: application.id }
    end

@ -67,5 +69,9 @@ describe Oauth::AuthorizedApplicationsController do
    it 'removes the web_push_subscription' do
      expect { web_push_subscription.reload }.to raise_error(ActiveRecord::RecordNotFound)
    end
+
+    it 'sends a session kill payload to the streaming server' do
+      expect(redis_pipeline_stub).to have_received(:publish).with("timeline:access_token:#{access_token.id}", '{"event":"kill"}')
+    end
  end
 end
--- a/spec/controllers/settings/applications_controller_spec.rb
+++ b/spec/controllers/settings/applications_controller_spec.rb
@ -147,14 +147,22 @@ describe Settings::ApplicationsController do
  end

  describe 'destroy' do
+    let(:redis_pipeline_stub) { instance_double(Redis::Namespace, publish: nil) }
+    let!(:access_token) { Fabricate(:accessible_access_token, application: app) }
+
    before do
+      allow(redis).to receive(:pipelined).and_yield(redis_pipeline_stub)
      post :destroy, params: { id: app.id }
    end

-    it 'redirects back to applications page and removes the app' do
+    it 'redirects back to applications page removes the app' do
      expect(response).to redirect_to(settings_applications_path)
      expect(Doorkeeper::Application.find_by(id: app.id)).to be_nil
    end
+
+    it 'sends a session kill payload to the streaming server' do
+      expect(redis_pipeline_stub).to have_received(:publish).with("timeline:access_token:#{access_token.id}", '{"event":"kill"}')
+    end
  end

  describe 'regenerate' do
--- a/spec/lib/html_aware_formatter_spec.rb
+++ b/spec/lib/html_aware_formatter_spec.rb
@ -41,6 +41,14 @@ RSpec.describe HtmlAwareFormatter do
          expect(subject).to_not include 'status__content__spoiler-link'
        end
      end
+
+      context 'when given text containing ruby tags for east-asian languages' do
+        let(:text) { '<ruby>明日 <rp>(</rp><rt>Ashita</rt><rp>)</rp></ruby>' }
+
+        it 'keeps the ruby tags' do
+          expect(subject).to eq '<ruby>明日 <rp>(</rp><rt>Ashita</rt><rp>)</rp></ruby>'
+        end
+      end
    end
  end
 end
--- a/spec/lib/plain_text_formatter_spec.rb
+++ b/spec/lib/plain_text_formatter_spec.rb
@ -72,6 +72,14 @@ RSpec.describe PlainTextFormatter do
          expect(subject).to eq 'Lorem ipsum'
        end
      end
+
+      context 'when text contains HTML ruby tags' do
+        let(:status) { Fabricate(:status, account: remote_account, text: '<p>Lorem <ruby>明日 <rp>(</rp><rt>Ashita</rt><rp>)</rp></ruby> ipsum</p>') }
+
+        it 'strips the comment' do
+          expect(subject).to eq 'Lorem 明日 (Ashita) ipsum'
+        end
+      end
    end
  end
 end
--- a/spec/lib/sanitize/config_spec.rb
+++ b/spec/lib/sanitize/config_spec.rb
@ -18,6 +18,10 @@ describe Sanitize::Config do
      expect(Sanitize.fragment('<p>Check out:</p><ol start="3" reversed=""><li>Foo</li><li>Bar</li></ol>', subject)).to eq '<p>Check out:</p><ol start="3" reversed=""><li>Foo</li><li>Bar</li></ol>'
    end

+    it 'keeps ruby tags' do
+      expect(Sanitize.fragment('<p><ruby>明日 <rp>(</rp><rt>Ashita</rt><rp>)</rp></ruby></p>', subject)).to eq '<p><ruby>明日 <rp>(</rp><rt>Ashita</rt><rp>)</rp></ruby></p>'
+    end
+
    it 'removes a without href' do
      expect(Sanitize.fragment('<a>Test</a>', subject)).to eq 'Test'
    end
--- a/spec/requests/api/v1/scheduled_status_spec.rb
+++ b/spec/requests/api/v1/scheduled_status_spec.rb
@ -25,6 +25,17 @@ describe 'Scheduled Statuses' do
      it_behaves_like 'forbidden for wrong scope', 'write write:statuses'
    end

+    context 'with an application token' do
+      let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: 'read:statuses') }
+
+      it 'returns http unprocessable entity' do
+        get api_v1_scheduled_statuses_path, headers: headers
+
+        expect(response)
+          .to have_http_status(422)
+      end
+    end
+
    context 'with correct scope' do
      let(:scopes) { 'read:statuses' }

--- a/spec/requests/api/v1/statuses/translations_spec.rb
+++ b/spec/requests/api/v1/statuses/translations_spec.rb
@ -8,6 +8,22 @@ describe 'API V1 Statuses Translations' do
  let(:scopes)  { 'read:statuses' }
  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }

+  context 'with an application token' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: scopes) }
+
+    describe 'POST /api/v1/statuses/:status_id/translate' do
+      let(:status) { Fabricate(:status, account: user.account, text: 'Hola', language: 'es') }
+
+      before do
+        post "/api/v1/statuses/#{status.id}/translate", headers: headers
+      end
+
+      it 'returns http unprocessable entity' do
+        expect(response).to have_http_status(422)
+      end
+    end
+  end
+
  context 'with an oauth token' do
    describe 'POST /api/v1/statuses/:status_id/translate' do
      let(:status) { Fabricate(:status, account: user.account, text: 'Hola', language: 'es') }
--- a/spec/requests/api/v1/timelines/link_spec.rb
+++ b/spec/requests/api/v1/timelines/link_spec.rb
@ -41,6 +41,8 @@ describe 'Link' do
      end
    end

+    it_behaves_like 'forbidden for wrong scope', 'profile'
+
    context 'when there is no preview card' do
      let(:preview_card) { nil }

@ -80,13 +82,25 @@ describe 'Link' do
        Form::AdminSettings.new(timeline_preview: false).save
      end

-      context 'when the user is not authenticated' do
+      it_behaves_like 'forbidden for wrong scope', 'profile'
+
+      context 'without an authentication token' do
        let(:headers) { {} }

-        it 'returns http unauthorized' do
+        it 'returns http unprocessable entity' do
          subject

-          expect(response).to have_http_status(401)
+          expect(response).to have_http_status(422)
+        end
+      end
+
+      context 'with an application access token, not bound to a user' do
+        let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: scopes) }
+
+        it 'returns http unprocessable entity' do
+          subject
+
+          expect(response).to have_http_status(422)
        end
      end

--- a/spec/requests/api/v1/timelines/public_spec.rb
+++ b/spec/requests/api/v1/timelines/public_spec.rb
@ -37,6 +37,8 @@ describe 'Public' do
    context 'when the instance allows public preview' do
      let(:expected_statuses) { [local_status, remote_status, media_status] }

+      it_behaves_like 'forbidden for wrong scope', 'profile'
+
      context 'with an authorized user' do
        it_behaves_like 'a successful request to the public timeline'
      end
@ -122,13 +124,9 @@ describe 'Public' do
        Form::AdminSettings.new(timeline_preview: false).save
      end

-      context 'with an authenticated user' do
-        let(:expected_statuses) { [local_status, remote_status, media_status] }
+      it_behaves_like 'forbidden for wrong scope', 'profile'

-        it_behaves_like 'a successful request to the public timeline'
-      end
-
-      context 'with an unauthenticated user' do
+      context 'without an authentication token' do
        let(:headers) { {} }

        it 'returns http unprocessable entity' do
@ -137,6 +135,22 @@ describe 'Public' do
          expect(response).to have_http_status(422)
        end
      end
+
+      context 'with an application access token, not bound to a user' do
+        let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: scopes) }
+
+        it 'returns http unprocessable entity' do
+          subject
+
+          expect(response).to have_http_status(422)
+        end
+      end
+
+      context 'with an authenticated user' do
+        let(:expected_statuses) { [local_status, remote_status, media_status] }
+
+        it_behaves_like 'a successful request to the public timeline'
+      end
    end

    context 'when user is setting filters' do
--- a/spec/requests/api/v1/timelines/tag_spec.rb
+++ b/spec/requests/api/v1/timelines/tag_spec.rb
@ -30,6 +30,8 @@ RSpec.describe 'Tag' do
    let(:params)          { {} }
    let(:hashtag)         { 'life' }

+    it_behaves_like 'forbidden for wrong scope', 'profile'
+
    context 'when given only one hashtag' do
      let(:expected_statuses) { [life_status] }

@ -93,13 +95,15 @@ RSpec.describe 'Tag' do
        Form::AdminSettings.new(timeline_preview: false).save
      end

-      context 'when the user is not authenticated' do
+      it_behaves_like 'forbidden for wrong scope', 'profile'
+
+      context 'without an authentication token' do
        let(:headers) { {} }

-        it 'returns http unauthorized' do
+        it 'returns http unprocessable entity' do
          subject

-          expect(response).to have_http_status(401)
+          expect(response).to have_http_status(422)
        end
      end