Merge branch 'develop' into feature/incoming_ostatus

3 files changed, 47 insertions, 28 deletions

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 160acbdb9..9b7912c5b 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -65,6 +65,7 @@ defmodule Pleroma.User do
     |> validate_confirmation(:password)
     |> unique_constraint(:email)
     |> unique_constraint(:nickname)
+    |> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/)
 
     if changeset.valid? do
       hashed = Comeonin.Pbkdf2.hashpwsalt(changeset.changes[:password])
diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex
index e4e26df15..1c3396d27 100644
--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -124,9 +124,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
     end
   end
 
-  def follow(%User{} = follower, followed_id) do
-    with %User{} = followed <- Repo.get(User, followed_id),
-    { :ok, follower } <- User.follow(follower, followed),
+  def follow(%User{} = follower, params) do
+    with { :ok, %User{} = followed } <- get_user(params),
+         { :ok, follower } <- User.follow(follower, followed),
          { :ok, activity } <- ActivityPub.insert(%{
            "type" => "Follow",
            "actor" => follower.ap_id,
@@ -140,11 +140,11 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
     end
   end
 
-  def unfollow(%User{} = follower, followed_id) do
-    with %User{} = followed <- Repo.get(User, followed_id),
-         { :ok, follower } <- User.unfollow(follower, followed)
+  def unfollow(%User{} = follower, params) do
+    with { :ok, %User{} = unfollowed } <- get_user(params),
+         { :ok, follower } <- User.unfollow(follower, unfollowed)
     do
-      { :ok, follower, followed }
+      { :ok, follower, unfollowed}
     else
       err -> err
     end
@@ -257,7 +257,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
     end
   end
 
-  def get_user(user, params) do
+  def get_user(user \\ nil, params) do
     case params do
       %{ "user_id" => user_id } ->
         case target = Repo.get(User, user_id) do
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index 8ea54852d..b5b829ca0 100644
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -12,11 +12,23 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     |> json_reply(200, response)
   end
 
-  def status_update(%{assigns: %{user: user}} = conn, status_data) do
-    media_ids = extract_media_ids(status_data)
-    {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids",  media_ids ))
-    conn
-    |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user}))
+  def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do
+    if status_text |> String.trim |> String.length != 0 do
+      media_ids = extract_media_ids(status_data)
+      {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids",  media_ids ))
+      conn
+      |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user}))
+    else
+      empty_status_reply(conn)
+    end
+  end
+
+  def status_update(conn, _status_data) do
+    empty_status_reply(conn)
+  end
+
+  defp empty_status_reply(conn) do
+    bad_request_reply(conn, "Client must provide a 'status' parameter with a value.")
   end
 
   defp extract_media_ids(status_data) do
@@ -65,8 +77,8 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     |> json_reply(200, json)
   end
 
-  def follow(%{assigns: %{user: user}} = conn, %{ "user_id" => followed_id }) do
-    case TwitterAPI.follow(user, followed_id) do
+  def follow(%{assigns: %{user: user}} = conn, params) do
+    case TwitterAPI.follow(user, params) do
       { :ok, user, followed, _activity } ->
         response = followed |> UserRepresenter.to_json(%{for: user})
         conn
@@ -75,11 +87,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     end
   end
 
-  def unfollow(%{assigns: %{user: user}} = conn, %{ "user_id" => followed_id }) do
-    case TwitterAPI.unfollow(user, followed_id) do
-      { :ok, user, followed } ->
-        response = followed |> UserRepresenter.to_json(%{for: user})
-
+  def unfollow(%{assigns: %{user: user}} = conn, params) do
+    case TwitterAPI.unfollow(user, params) do
+      { :ok, user, unfollowed, } ->
+        response = unfollowed |> UserRepresenter.to_json(%{for: user})
         conn
         |> json_reply(200, response)
       { :error, msg } -> forbidden_json_reply(conn, msg)
@@ -152,11 +163,16 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
 
   def retweet(%{assigns: %{user: user}} = conn, %{"id" => id}) do
     activity = Repo.get(Activity, id)
-    {:ok, status} = TwitterAPI.retweet(user, activity)
-    response = Poison.encode!(status)
+    if activity.data["actor"] == user.ap_id do
+      bad_request_reply(conn, "You cannot repeat your own notice.")
+    else
+      {:ok, status} = TwitterAPI.retweet(user, activity)
+      response = Poison.encode!(status)
 
-    conn
-    |> json_reply(200, response)
+      conn
+
+      |> json_reply(200, response)
+    end
   end
 
   def register(conn, params) do
@@ -183,7 +199,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   end
 
   defp bad_request_reply(conn, error_message) do
-    json = Poison.encode!(%{"error" => error_message})
+    json = error_json(conn, error_message)
     json_reply(conn, 400, json)
   end
 
@@ -194,9 +210,11 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
   end
 
   defp forbidden_json_reply(conn, error_message) do
-    json = %{"error" => error_message, "request" => conn.request_path}
-    |> Poison.encode!
-
+    json = error_json(conn, error_message)
     json_reply(conn, 403, json)
   end
+
+  defp error_json(conn, error_message) do
+    %{"error" => error_message, "request" => conn.request_path} |> Poison.encode!
+  end
 end