Merge commit '55e7c08a83547424024bac311d5459cb82cf6dae' into glitch-soc/merge-upstream

Conflicts: - `app/models/user_settings.rb`: Upstream added a constraint on a setting textually close to glitch-soc-only settings. Applied upstream's change. - `lib/sanitize_ext/sanitize_config.rb`: Upstream added support for the `translate` attribute on a few elements, where glitch-soc had a different set of allowed elements and attributes. Extended glitch-soc's allowed attributes with `translate` as upstream did. - `spec/validators/status_length_validator_spec.rb`: Upstream refactored to use RSpec's `instance_double` instead of `double`, but glitch-soc had changes to tests due to configurable max toot chars. Applied upstream's changes while keeping tests against configurable max toot chars.
2023-06-25 12:02:52 +02:00
parent eba3411bfa 55e7c08a83
commit 178e151019
117 changed files with 1235 additions and 862 deletions
--- a/app/models/account_conversation.rb
+++ b/app/models/account_conversation.rb
@ -32,14 +32,8 @@ class AccountConversation < ApplicationRecord
  end

  def participant_accounts
-    @participant_accounts ||= begin
-      if participant_account_ids.empty?
-        [account]
-      else
-        participants = Account.where(id: participant_account_ids).to_a
-        participants.empty? ? [account] : participants
-      end
-    end
+    @participant_accounts ||= Account.where(id: participant_account_ids).to_a
+    @participant_accounts.presence || [account]
  end

  class << self
--- a/app/models/user_settings.rb
+++ b/app/models/user_settings.rb
@ -15,7 +15,7 @@ class UserSettings
  setting :show_application, default: true
  setting :default_language, default: nil
  setting :default_sensitive, default: false
-  setting :default_privacy, default: nil
+  setting :default_privacy, default: nil, in: %w(public unlisted private)
  setting :default_content_type, default: 'text/plain'
  setting :hide_followers_count, default: false

@ -79,7 +79,10 @@ class UserSettings

    raise KeyError, "Undefined setting: #{key}" unless self.class.definition_for?(key)

-    typecast_value = self.class.definition_for(key).type_cast(value)
+    setting_definition = self.class.definition_for(key)
+    typecast_value = setting_definition.type_cast(value)
+
+    raise ArgumentError, "Invalid value for setting #{key}: #{typecast_value}" if setting_definition.in.present? && setting_definition.in.exclude?(typecast_value)

    if typecast_value.nil?
      @original_hash.delete(key)
--- a/app/models/webhook.rb
+++ b/app/models/webhook.rb
@ -24,6 +24,8 @@ class Webhook < ApplicationRecord
    status.updated
  ).freeze

+  attr_writer :current_account
+
  scope :enabled, -> { where(enabled: true) }

  validates :url, presence: true, url: true
@ -31,6 +33,7 @@ class Webhook < ApplicationRecord
  validates :events, presence: true

  validate :validate_events
+  validate :validate_permissions
  validate :validate_template

  before_validation :strip_events
@ -48,12 +51,31 @@ class Webhook < ApplicationRecord
    update!(enabled: false)
  end

+  def required_permissions
+    events.map { |event| Webhook.permission_for_event(event) }
+  end
+
+  def self.permission_for_event(event)
+    case event
+    when 'account.approved', 'account.created', 'account.updated'
+      :manage_users
+    when 'report.created'
+      :manage_reports
+    when 'status.created', 'status.updated'
+      :view_devops
+    end
+  end
+
  private

  def validate_events
    errors.add(:events, :invalid) if events.any? { |e| EVENTS.exclude?(e) }
  end

+  def validate_permissions
+    errors.add(:events, :invalid_permissions) if defined?(@current_account) && required_permissions.any? { |permission| !@current_account.user_role.can?(permission) }
+  end
+
  def validate_template
    return if template.blank?