diff options
| author | Sergey Suprunenko <suprunenko.s@gmail.com> | 2019-07-29 16:17:22 +0000 |
|---|---|---|
| committer | Ariadne Conill <ariadne@dereferenced.org> | 2019-08-14 01:50:22 +0000 |
| commit | 25c818ed6fd8fb66143a544e8e745b3d0703c51b (patch) | |
| tree | 4a94a7b41d5f5dea4bd00579717be83e225598bd | |
| parent | f7028ae8acc8a1a5af426725778b84c7648f5854 (diff) | |
| download | pleroma-25c818ed6fd8fb66143a544e8e745b3d0703c51b.tar.gz | |
Redirect not logged-in users to the MastoFE login page on private instances
| -rw-r--r-- | CHANGELOG.md | 5 | ||||
| -rw-r--r-- | lib/pleroma/web/router.ex | 2 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 15 |
3 files changed, 21 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ea0052c6..eb47be7cf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: return the actual profile URL in the Account entity's `url` property when appropriate - Templates: properly style anchor tags - Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised. +- Not being able to access the Mastodon FE login page on private instances ### Added - Relays: Added a task to list relay subscriptions. @@ -35,6 +36,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [1.0.2] - 2019-07-28 ### Fixed - Not being able to pin unlisted posts +- Mastodon API: represent poll IDs as strings +- MediaProxy: fix matching filenames +- MediaProxy: fix filename encoding +- Migrations: fix a sporadic migration failure - Metadata rendering errors resulting in the entire page being inaccessible - Federation/MediaProxy not working with instances that have wrong certificate order - ActivityPub S2S: remote user deletions now work the same as local user deletions. diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index ff9ed1640..3a8dda772 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -684,7 +684,7 @@ defmodule Pleroma.Web.Router do delete("/auth/sign_out", MastodonAPIController, :logout) scope [] do - pipe_through(:oauth_read_or_public) + pipe_through(:oauth_read) get("/web/*path", MastodonAPIController, :index) end end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 7efdc7adb..de6f044e7 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -2879,6 +2879,21 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert redirected_to(conn) == "/web/login" end + test "redirects not logged-in users to the login page on private instances", %{ + conn: conn, + path: path + } do + is_public = Pleroma.Config.get([:instance, :public]) + Pleroma.Config.put([:instance, :public], false) + + conn = get(conn, path) + + assert conn.status == 302 + assert redirected_to(conn) == "/web/login" + + Pleroma.Config.put([:instance, :public], is_public) + end + test "does not redirect logged in users to the login page", %{conn: conn, path: path} do token = insert(:oauth_token) |