mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 23:20:44 +01:00
Fix being able to retrieve unusable hashtags through the API
This commit is contained in:
parent
3939352e92
commit
8733975f13
5 changed files with 30 additions and 3 deletions
|
@ -29,5 +29,7 @@ class Api::V1::TagsController < Api::BaseController
|
||||||
return not_found unless Tag::HASHTAG_NAME_RE.match?(params[:id])
|
return not_found unless Tag::HASHTAG_NAME_RE.match?(params[:id])
|
||||||
|
|
||||||
@tag = Tag.find_normalized(params[:id]) || Tag.new(name: Tag.normalize(params[:id]), display_name: params[:id])
|
@tag = Tag.find_normalized(params[:id]) || Tag.new(name: Tag.normalize(params[:id]), display_name: params[:id])
|
||||||
|
|
||||||
|
not_found unless @tag.usable?
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -19,7 +19,7 @@ class Api::V1::Timelines::TagController < Api::V1::Timelines::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def load_tag
|
def load_tag
|
||||||
@tag = Tag.find_normalized(params[:id])
|
@tag = Tag.usable.find_normalized(params[:id])
|
||||||
end
|
end
|
||||||
|
|
||||||
def load_statuses
|
def load_statuses
|
||||||
|
|
|
@ -13,6 +13,8 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
).freeze
|
).freeze
|
||||||
|
|
||||||
class Query
|
class Query
|
||||||
|
attr_reader :keywords
|
||||||
|
|
||||||
def initialize(clauses, options = {})
|
def initialize(clauses, options = {})
|
||||||
raise ArgumentError if options[:current_account].nil?
|
raise ArgumentError if options[:current_account].nil?
|
||||||
|
|
||||||
|
@ -20,6 +22,7 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
@options = options
|
@options = options
|
||||||
|
|
||||||
flags_from_clauses!
|
flags_from_clauses!
|
||||||
|
keywords_from_clauses!
|
||||||
end
|
end
|
||||||
|
|
||||||
def request
|
def request
|
||||||
|
@ -42,6 +45,10 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
@flags = clauses_by_operator.fetch(:flag, []).to_h { |clause| [clause.prefix, clause.term] }
|
@flags = clauses_by_operator.fetch(:flag, []).to_h { |clause| [clause.prefix, clause.term] }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def keywords_from_clauses!
|
||||||
|
@keywords = must_clauses.flat_map(&:keywords).uniq
|
||||||
|
end
|
||||||
|
|
||||||
def must_clauses
|
def must_clauses
|
||||||
clauses_by_operator.fetch(:must, [])
|
clauses_by_operator.fetch(:must, [])
|
||||||
end
|
end
|
||||||
|
@ -128,6 +135,10 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
{ multi_match: { type: 'most_fields', query: @term, fields: ['text', 'text.stemmed'], operator: 'and' } }
|
{ multi_match: { type: 'most_fields', query: @term, fields: ['text', 'text.stemmed'], operator: 'and' } }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def keywords
|
||||||
|
@term.split
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
class PhraseClause
|
class PhraseClause
|
||||||
|
@ -141,6 +152,10 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
def to_query
|
def to_query
|
||||||
{ match_phrase: { text: { query: @phrase } } }
|
{ match_phrase: { text: { query: @phrase } } }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def keywords
|
||||||
|
@phrase.split
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
class PrefixClause
|
class PrefixClause
|
||||||
|
@ -193,6 +208,10 @@ class SearchQueryTransformer < Parslet::Transform
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def keywords
|
||||||
|
[]
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def account_id_from_term(term)
|
def account_id_from_term(term)
|
||||||
|
|
|
@ -25,6 +25,8 @@ class StatusesSearchService < BaseService
|
||||||
private
|
private
|
||||||
|
|
||||||
def status_search_results
|
def status_search_results
|
||||||
|
return [] if contains_forbidden_terms?
|
||||||
|
|
||||||
request = parsed_query.request
|
request = parsed_query.request
|
||||||
results = request.collapse(field: :id).order(id: { order: :desc }).limit(@limit).offset(@offset).objects.compact
|
results = request.collapse(field: :id).order(id: { order: :desc }).limit(@limit).offset(@offset).objects.compact
|
||||||
account_ids = results.map(&:account_id)
|
account_ids = results.map(&:account_id)
|
||||||
|
@ -37,7 +39,7 @@ class StatusesSearchService < BaseService
|
||||||
end
|
end
|
||||||
|
|
||||||
def parsed_query
|
def parsed_query
|
||||||
SearchQueryTransformer.new.apply(SearchQueryParser.new.parse(@query), current_account: @account)
|
@parsed_query ||= SearchQueryTransformer.new.apply(SearchQueryParser.new.parse(@query), current_account: @account)
|
||||||
end
|
end
|
||||||
|
|
||||||
def convert_deprecated_options!
|
def convert_deprecated_options!
|
||||||
|
@ -60,4 +62,8 @@ class StatusesSearchService < BaseService
|
||||||
|
|
||||||
@query = "#{@query} #{syntax_options.join(' ')}".strip if syntax_options.any?
|
@query = "#{@query} #{syntax_options.join(' ')}".strip if syntax_options.any?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def contains_forbidden_terms?
|
||||||
|
Tag.where(usable: false).matching_name(parsed_query.keywords).exists?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -41,7 +41,7 @@ class TagSearchService < BaseService
|
||||||
|
|
||||||
normalized_query = Tag.normalize(@query)
|
normalized_query = Tag.normalize(@query)
|
||||||
exact_match = results.find { |tag| tag.name.downcase == normalized_query }
|
exact_match = results.find { |tag| tag.name.downcase == normalized_query }
|
||||||
exact_match ||= Tag.find_normalized(normalized_query)
|
exact_match ||= Tag.listable.find_normalized(normalized_query)
|
||||||
unless exact_match.nil?
|
unless exact_match.nil?
|
||||||
results.delete(exact_match)
|
results.delete(exact_match)
|
||||||
results = [exact_match] + results
|
results = [exact_match] + results
|
||||||
|
|
Loading…
Reference in a new issue