mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 22:15:23 +01:00
Add error message when user tries to follow their own account (#31910)
This commit is contained in:
parent
bfabd6a2b8
commit
4238da6ee3
3 changed files with 26 additions and 0 deletions
|
@ -16,6 +16,7 @@ class Api::V1::AccountsController < Api::BaseController
|
||||||
before_action :check_account_confirmation, except: [:index, :create]
|
before_action :check_account_confirmation, except: [:index, :create]
|
||||||
before_action :check_enabled_registrations, only: [:create]
|
before_action :check_enabled_registrations, only: [:create]
|
||||||
before_action :check_accounts_limit, only: [:index]
|
before_action :check_accounts_limit, only: [:index]
|
||||||
|
before_action :check_following_self, only: [:follow]
|
||||||
|
|
||||||
skip_before_action :require_authenticated_user!, only: :create
|
skip_before_action :require_authenticated_user!, only: :create
|
||||||
|
|
||||||
|
@ -101,6 +102,10 @@ class Api::V1::AccountsController < Api::BaseController
|
||||||
raise(Mastodon::ValidationError) if account_ids.size > DEFAULT_ACCOUNTS_LIMIT
|
raise(Mastodon::ValidationError) if account_ids.size > DEFAULT_ACCOUNTS_LIMIT
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def check_following_self
|
||||||
|
render json: { error: I18n.t('accounts.self_follow_error') }, status: 403 if current_user.account.id == @account.id
|
||||||
|
end
|
||||||
|
|
||||||
def relationships(**options)
|
def relationships(**options)
|
||||||
AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
|
AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
|
||||||
end
|
end
|
||||||
|
|
|
@ -21,6 +21,7 @@ en:
|
||||||
one: Post
|
one: Post
|
||||||
other: Posts
|
other: Posts
|
||||||
posts_tab_heading: Posts
|
posts_tab_heading: Posts
|
||||||
|
self_follow_error: Following your own account is not allowed
|
||||||
admin:
|
admin:
|
||||||
account_actions:
|
account_actions:
|
||||||
action: Perform action
|
action: Perform action
|
||||||
|
|
|
@ -163,6 +163,26 @@ RSpec.describe '/api/v1/accounts' do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'when user tries to follow their own account' do
|
||||||
|
subject do
|
||||||
|
post "/api/v1/accounts/#{other_account.id}/follow", headers: headers
|
||||||
|
end
|
||||||
|
|
||||||
|
let(:locked) { false }
|
||||||
|
let(:other_account) { user.account }
|
||||||
|
|
||||||
|
it 'returns http forbidden and error message' do
|
||||||
|
subject
|
||||||
|
|
||||||
|
error_msg = I18n.t('accounts.self_follow_error')
|
||||||
|
|
||||||
|
expect(response).to have_http_status(403)
|
||||||
|
expect(response.parsed_body[:error]).to eq(error_msg)
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
|
||||||
|
end
|
||||||
|
|
||||||
context 'when modifying follow options' do
|
context 'when modifying follow options' do
|
||||||
let(:locked) { false }
|
let(:locked) { false }
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue