mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-31 20:02:25 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[bugfix] return 422 for invalid status visibility (#4252)

Browse source 
Signed-off-by: nicole mikołajczyk <git@mkljczk.pl>

# Description

closes #4247

## Checklist

Please put an x inside each checkbox to indicate that you've read and followed it: `[ ]` -> `[x]`

If this is a documentation change, only the first checkbox must be filled (you can delete the others if you want).

- [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md).
- [ ] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
- [x] I/we have not leveraged AI to create the proposed changes.
- [x] I/we have performed a self-review of added code.
- [x] I/we have written code that is legible and maintainable by others.
- [ ] I/we have commented the added code, particularly in hard-to-understand areas.
- [ ] I/we have made any necessary changes to documentation.
- [x] I/we have added tests that cover new code.
- [x] I/we have run tests and they pass locally with the changes.
- [x] I/we have run `go fmt ./...` and `golangci-lint run`.

Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4252
Co-authored-by: nicole mikołajczyk <git@mkljczk.pl>
Co-committed-by: nicole mikołajczyk <git@mkljczk.pl>
This commit is contained in:
nicole mikołajczyk 2025-06-09 16:26:49 +02:00 committed by tobi
commit 3f1c3c0dac
3 changed files with 44 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

19
internal/processing/status/create.go
View file

@ -218,7 +218,9 @@ func (p *Processor) Create(
}
// Process the incoming created status visibility.
processVisibility(form, requester.Settings.Privacy, status)
if errWithCode := processVisibility(form, requester.Settings.Privacy, status); errWithCode != nil {
return nil, errWithCode
}
// Process policy AFTER visibility as it relies
// on status.Visibility and form.Visibility being set.
@ -444,11 +446,20 @@ func processVisibility(
form *apimodel.StatusCreateRequest,
accountDefaultVis gtsmodel.Visibility,
status *gtsmodel.Status,
) {
) gtserror.WithCode {
switch {
// Visibility set on form, use that.
case form.Visibility != "":
status.Visibility = typeutils.APIVisToVis(form.Visibility)
visibility := typeutils.APIVisToVis(form.Visibility)
if visibility == 0 {
const errText = "invalid visibility"
err := gtserror.New(errText)
errWithCode := gtserror.NewErrorUnprocessableEntity(err, err.Error())
return errWithCode
}
status.Visibility = visibility
// Fall back to account default, set
// this back on the form for later use.
@ -467,6 +478,8 @@ func processVisibility(
// assuming federated (ie., not local-only) by default.
localOnly := util.PtrOrValue(form.LocalOnly, false)
status.Federated = util.Ptr(!localOnly)
return nil
}
func processInteractionPolicy(