Merge branch 'main' into glitch-soc/merge-upstream

Conflicts: - `app/helpers/accounts_helper.rb`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change. - `app/views/accounts/_header.html.haml`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change. - `app/views/directories/index.html.haml`: Conflict due to upstream changing how followers count is displayed while we have an option to hide followers count. Ported upstream change.
2021-07-08 16:17:19 +02:00
parent 0c2eb949fc c4568e3b60
commit 3160e050a9
43 changed files with 377 additions and 154 deletions
--- a/spec/controllers/activitypub/outboxes_controller_spec.rb
+++ b/spec/controllers/activitypub/outboxes_controller_spec.rb
@ -55,6 +55,10 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do

        it_behaves_like 'cachable response'

+        it 'does not have a Vary header' do
+          expect(response.headers['Vary']).to be_nil
+        end
+
        context 'when account is permanently suspended' do
          before do
            account.suspend!
@ -96,6 +100,10 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do

        it_behaves_like 'cachable response'

+        it 'returns Vary header with Signature' do
+          expect(response.headers['Vary']).to include 'Signature'
+        end
+
        context 'when account is permanently suspended' do
          before do
            account.suspend!
@ -144,7 +152,7 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do
        end

        it 'returns private Cache-Control header' do
-          expect(response.headers['Cache-Control']).to eq 'max-age=0, private'
+          expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
        end
      end

@ -170,7 +178,7 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do
        end

        it 'returns private Cache-Control header' do
-          expect(response.headers['Cache-Control']).to eq 'max-age=0, private'
+          expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
        end
      end

@ -195,7 +203,7 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do
        end

        it 'returns private Cache-Control header' do
-          expect(response.headers['Cache-Control']).to eq 'max-age=0, private'
+          expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
        end
      end

@ -220,7 +228,7 @@ RSpec.describe ActivityPub::OutboxesController, type: :controller do
        end

        it 'returns private Cache-Control header' do
-          expect(response.headers['Cache-Control']).to eq 'max-age=0, private'
+          expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
        end
      end
    end
--- a/spec/controllers/admin/resets_controller_spec.rb
+++ b/spec/controllers/admin/resets_controller_spec.rb
@ -16,7 +16,7 @@ describe Admin::ResetsController do

      post :create, params: { account_id: account.id }

-      expect(response).to redirect_to(admin_accounts_path)
+      expect(response).to redirect_to(admin_account_path(account.id))
    end
  end
 end
--- a/spec/controllers/admin/two_factor_authentications_controller_spec.rb
+++ b/spec/controllers/admin/two_factor_authentications_controller_spec.rb
@ -15,12 +15,12 @@ describe Admin::TwoFactorAuthenticationsController do
        user.update(otp_required_for_login: true)
      end

-      it 'redirects to admin accounts page' do
+      it 'redirects to admin account page' do
        delete :destroy, params: { user_id: user.id }

        user.reload
        expect(user.otp_enabled?).to eq false
-        expect(response).to redirect_to(admin_accounts_path)
+        expect(response).to redirect_to(admin_account_path(user.account_id))
      end
    end

@ -38,13 +38,13 @@ describe Admin::TwoFactorAuthenticationsController do
                  nickname: 'Security Key')
      end

-      it 'redirects to admin accounts page' do
+      it 'redirects to admin account page' do
        delete :destroy, params: { user_id: user.id }

        user.reload
        expect(user.otp_enabled?).to eq false
        expect(user.webauthn_enabled?).to eq false
-        expect(response).to redirect_to(admin_accounts_path)
+        expect(response).to redirect_to(admin_account_path(user.account_id))
      end
    end
  end
--- a/spec/controllers/well_known/webfinger_controller_spec.rb
+++ b/spec/controllers/well_known/webfinger_controller_spec.rb
@ -24,6 +24,10 @@ describe WellKnown::WebfingerController, type: :controller do
        expect(response).to have_http_status(200)
      end

+      it 'does not set a Vary header' do
+        expect(response.headers['Vary']).to be_nil
+      end
+
      it 'returns application/jrd+json' do
        expect(response.media_type).to eq 'application/jrd+json'
      end
--- a/spec/models/tag_feed_spec.rb
+++ b/spec/models/tag_feed_spec.rb
@ -37,7 +37,7 @@ describe TagFeed, type: :service do
      expect(results).to     include both
    end

-    it 'handles being passed non existant tag names' do
+    it 'handles being passed non existent tag names' do
      results = described_class.new(tag1, nil, any: ['wark']).get(20)
      expect(results).to     include status1
      expect(results).to_not include status2
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@ -344,6 +344,34 @@ RSpec.describe User, type: :model do
    end
  end

+  describe '#reset_password!' do
+    subject(:user) { Fabricate(:user, password: 'foobar12345') }
+
+    let!(:session_activation) { Fabricate(:session_activation, user: user) }
+    let!(:access_token) { Fabricate(:access_token, resource_owner_id: user.id) }
+    let!(:web_push_subscription) { Fabricate(:web_push_subscription, access_token: access_token) }
+
+    before do
+      user.reset_password!
+    end
+
+    it 'changes the password immediately' do
+      expect(user.external_or_valid_password?('foobar12345')).to be false
+    end
+
+    it 'deactivates all sessions' do
+      expect(user.session_activations.count).to eq 0
+    end
+
+    it 'revokes all access tokens' do
+      expect(Doorkeeper::AccessToken.active_for(user).count).to eq 0
+    end
+
+    it 'removes push subscriptions' do
+      expect(Web::PushSubscription.where(user: user).or(Web::PushSubscription.where(access_token: access_token)).count).to eq 0
+    end
+  end
+
  describe '#confirm!' do
    subject(:user) { Fabricate(:user, confirmed_at: confirmed_at) }

--- a/spec/services/bootstrap_timeline_service_spec.rb
+++ b/spec/services/bootstrap_timeline_service_spec.rb
@ -1,4 +1,37 @@
 require 'rails_helper'

 RSpec.describe BootstrapTimelineService, type: :service do
+  subject { BootstrapTimelineService.new }
+
+  context 'when the new user has registered from an invite' do
+    let(:service)    { double }
+    let(:autofollow) { false }
+    let(:inviter)    { Fabricate(:user, confirmed_at: 2.days.ago) }
+    let(:invite)     { Fabricate(:invite, user: inviter, max_uses: nil, expires_at: 1.hour.from_now, autofollow: autofollow) }
+    let(:new_user)   { Fabricate(:user, invite_code: invite.code) }
+
+    before do
+      allow(FollowService).to receive(:new).and_return(service)
+      allow(service).to receive(:call)
+    end
+
+    context 'when the invite has auto-follow enabled' do
+      let(:autofollow) { true }
+
+      it 'calls FollowService to follow the inviter' do
+        subject.call(new_user.account)
+        expect(service).to have_received(:call).with(new_user.account, inviter.account)
+      end
+    end
+
+    context 'when the invite does not have auto-follow enable' do
+      let(:autofollow) { false }
+
+      it 'calls FollowService to follow the inviter' do
+        subject.call(new_user.account)
+        expect(service).to_not have_received(:call)
+      end
+    end
+
+  end
 end