yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-05 21:21:57 +02:00
Code Issues Releases Wiki Activity

See #853: force authenticated ActivityPub checks when allow-list is enabled

Browse source
This commit is contained in:
Eliot Berriot 2019-06-26 10:22:29 +02:00
parent 2403815d56
commit 45acf7ca3f
4 changed files with 63 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

14
api/tests/federation/test_views.py
View file

@ -5,6 +5,20 @@ from django.urls import reverse
from funkwhale_api.federation import actors, serializers, webfinger
def test_authenticate_skips_anonymous_fetch_when_allow_list_enabled(
preferences, api_client
):
preferences["moderation__allow_list_enabled"] = True
actor = actors.get_service_actor()
url = reverse(
"federation:actors-detail",
kwargs={"preferred_username": actor.preferred_username},
)
response = api_client.get(url)
assert response.status_code == 403
def test_wellknown_webfinger_validates_resource(db, api_client, settings, mocker):
clean = mocker.spy(webfinger, "clean_resource")
url = reverse("federation:well-known-webfinger")