mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 21:06:01 +01:00
Add error message when user tries to follow their own account (#31910)
This commit is contained in:
parent
bfabd6a2b8
commit
4238da6ee3
3 changed files with 26 additions and 0 deletions
|
@ -16,6 +16,7 @@ class Api::V1::AccountsController < Api::BaseController
|
|||
before_action :check_account_confirmation, except: [:index, :create]
|
||||
before_action :check_enabled_registrations, only: [:create]
|
||||
before_action :check_accounts_limit, only: [:index]
|
||||
before_action :check_following_self, only: [:follow]
|
||||
|
||||
skip_before_action :require_authenticated_user!, only: :create
|
||||
|
||||
|
@ -101,6 +102,10 @@ class Api::V1::AccountsController < Api::BaseController
|
|||
raise(Mastodon::ValidationError) if account_ids.size > DEFAULT_ACCOUNTS_LIMIT
|
||||
end
|
||||
|
||||
def check_following_self
|
||||
render json: { error: I18n.t('accounts.self_follow_error') }, status: 403 if current_user.account.id == @account.id
|
||||
end
|
||||
|
||||
def relationships(**options)
|
||||
AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
|
||||
end
|
||||
|
|
|
@ -21,6 +21,7 @@ en:
|
|||
one: Post
|
||||
other: Posts
|
||||
posts_tab_heading: Posts
|
||||
self_follow_error: Following your own account is not allowed
|
||||
admin:
|
||||
account_actions:
|
||||
action: Perform action
|
||||
|
|
|
@ -163,6 +163,26 @@ RSpec.describe '/api/v1/accounts' do
|
|||
end
|
||||
end
|
||||
|
||||
context 'when user tries to follow their own account' do
|
||||
subject do
|
||||
post "/api/v1/accounts/#{other_account.id}/follow", headers: headers
|
||||
end
|
||||
|
||||
let(:locked) { false }
|
||||
let(:other_account) { user.account }
|
||||
|
||||
it 'returns http forbidden and error message' do
|
||||
subject
|
||||
|
||||
error_msg = I18n.t('accounts.self_follow_error')
|
||||
|
||||
expect(response).to have_http_status(403)
|
||||
expect(response.parsed_body[:error]).to eq(error_msg)
|
||||
end
|
||||
|
||||
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
|
||||
end
|
||||
|
||||
context 'when modifying follow options' do
|
||||
let(:locked) { false }
|
||||
|
||||
|
|
Loading…
Reference in a new issue