bida/busky
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

When looking up fediverse urls, verify that account results returned match the input query. (#3341)

Browse source 
Fixes #2804
This commit is contained in:
Levi Bard 2023-02-25 21:27:26 +01:00 committed by GitHub
parent fda8c80949
commit 2e189a17dc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/src/main/java/com/keylesspalace/tusky/BottomSheetActivity.kt
View file

@ -86,8 +86,11 @@ abstract class BottomSheetActivity : BaseActivity() {
if (statuses.isNotEmpty()) { if (statuses.isNotEmpty()) {
viewThread(statuses[0].id, statuses[0].url) viewThread(statuses[0].id, statuses[0].url)
return@subscribe return@subscribe
} else if (accounts.isNotEmpty()) { }
viewAccount(accounts[0].id) accounts.firstOrNull { it.url == url }?.let { account ->
// Some servers return (unrelated) accounts for url searches (#2804)
// Verify that the account's url matches the query
viewAccount(account.id)
return@subscribe return@subscribe
} }

12
app/src/test/java/com/keylesspalace/tusky/BottomSheetActivityTest.kt
View file

@ -46,6 +46,7 @@ class BottomSheetActivityTest {
private lateinit var apiMock: MastodonApi private lateinit var apiMock: MastodonApi
private val accountQuery = "http://mastodon.foo.bar/@User" private val accountQuery = "http://mastodon.foo.bar/@User"
private val statusQuery = "http://mastodon.foo.bar/@User/345678" private val statusQuery = "http://mastodon.foo.bar/@User/345678"
private val nonexistentStatusQuery = "http://mastodon.foo.bar/@User/345678000"
private val nonMastodonQuery = "http://medium.com/@correspondent/345678" private val nonMastodonQuery = "http://medium.com/@correspondent/345678"
private val emptyCallback = Single.just(SearchResult(emptyList(), emptyList(), emptyList())) private val emptyCallback = Single.just(SearchResult(emptyList(), emptyList(), emptyList()))
private val testScheduler = TestScheduler() private val testScheduler = TestScheduler()
@ -55,7 +56,7 @@ class BottomSheetActivityTest {
localUsername = "admin", localUsername = "admin",
username = "admin", username = "admin",
displayName = "Ad Min", displayName = "Ad Min",
url = "http://mastodon.foo.bar", url = "http://mastodon.foo.bar/@User",
avatar = "" avatar = ""
) )
private val accountSingle = Single.just(SearchResult(listOf(account), emptyList(), emptyList())) private val accountSingle = Single.just(SearchResult(listOf(account), emptyList(), emptyList()))
@ -101,6 +102,7 @@ class BottomSheetActivityTest {
apiMock = mock { apiMock = mock {
on { searchObservable(eq(accountQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn accountSingle on { searchObservable(eq(accountQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn accountSingle
on { searchObservable(eq(statusQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn statusSingle on { searchObservable(eq(statusQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn statusSingle
on { searchObservable(eq(nonexistentStatusQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn accountSingle
on { searchObservable(eq(nonMastodonQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn emptyCallback on { searchObservable(eq(nonMastodonQuery), eq(null), anyBoolean(), eq(null), eq(null), eq(null)) } doReturn emptyCallback
} }
@ -184,6 +186,14 @@ class BottomSheetActivityTest {
} }
} }
@Test
fun search_doesNotRespectUnrelatedResult() {
activity.viewUrl(nonexistentStatusQuery)
testScheduler.advanceTimeBy(100, TimeUnit.MILLISECONDS)
assertEquals(nonexistentStatusQuery, activity.link)
assertEquals(null, activity.accountId)
}
@Test @Test
fun search_withCancellation_doesNotLoadUrl_forAccount() { fun search_withCancellation_doesNotLoadUrl_forAccount() {
activity.viewUrl(accountQuery) activity.viewUrl(accountQuery)