FIX: Exclude hidden topic posts and small actions from the RSS feed. (#18649)

This commit excludes posts from hidden topics from the latest posts and user activity RSS feeds. Additionally, it also excludes small actions from the first one.
This commit is contained in:
Roman Rizzi 2022-10-18 15:19:54 -03:00 committed by GitHub
parent 5c7d951330
commit d25ca2a468
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 53 additions and 0 deletions

View File

@ -79,6 +79,8 @@ class PostsController < ApplicationController
rss_description = I18n.t("rss_description.private_posts") rss_description = I18n.t("rss_description.private_posts")
else else
posts = Post.public_posts posts = Post.public_posts
.visible
.where(post_type: Post.types[:regular])
.order(created_at: :desc) .order(created_at: :desc)
.where('posts.id <= ?', last_post_id) .where('posts.id <= ?', last_post_id)
.where('posts.id > ?', last_post_id - 50) .where('posts.id > ?', last_post_id - 50)
@ -122,6 +124,7 @@ class PostsController < ApplicationController
raise Discourse::NotFound unless guardian.can_see_profile?(user) raise Discourse::NotFound unless guardian.can_see_profile?(user)
posts = Post.public_posts posts = Post.public_posts
.visible
.where(user_id: user.id) .where(user_id: user.id)
.where(post_type: Post.types[:regular]) .where(post_type: Post.types[:regular])
.order(created_at: :desc) .order(created_at: :desc)

View File

@ -2063,6 +2063,29 @@ RSpec.describe PostsController do
expect(body).to include(public_post.url) expect(body).to include(public_post.url)
end end
it "doesn't include posts from hidden topics" do
public_post.topic.update!(visible: false)
get "/u/#{user.username}/activity.rss"
expect(response.status).to eq(200)
body = response.body
expect(body).not_to include(public_post.url)
end
it "excludes small actions" do
small_action = Fabricate(:small_action, user: user)
get "/u/#{user.username}/activity.rss"
expect(response.status).to eq(200)
body = response.body
expect(body).not_to include(small_action.canonical_url)
end
it 'returns public posts as JSON' do it 'returns public posts as JSON' do
public_post public_post
private_post private_post
@ -2164,6 +2187,33 @@ RSpec.describe PostsController do
expect(body).to_not include(private_post.url) expect(body).to_not include(private_post.url)
end end
it "doesn't include posts from hidden topics" do
public_post.topic.update!(visible: false)
get "/posts.rss"
expect(response.status).to eq(200)
body = response.body
# we cache in redis, in rare cases this can cause a flaky test
PostsHelper.clear_canonical_cache!(public_post)
expect(body).not_to include(public_post.canonical_url)
end
it "excludes small actions" do
small_action = Fabricate(:small_action)
get "/posts.rss"
expect(response.status).to eq(200)
body = response.body
expect(body).not_to include(small_action.canonical_url)
end
it 'returns public posts with topic for json' do it 'returns public posts with topic for json' do
topicless_post.update topic_id: -100 topicless_post.update topic_id: -100