From a8af94f1926b769784133ba447210d28609c0860 Mon Sep 17 00:00:00 2001
From: Benjamin Neff <benjamin@coding4coffee.ch>
Date: Sat, 2 Apr 2016 23:07:57 +0200
Subject: [PATCH] validates entity on receive if it can be public but is not

---
 .../federation/receiver/exceptions.rb         |  4 +++
 .../federation/receiver/public.rb             | 10 +++++++
 .../federation/receiver/public_spec.rb        | 29 +++++++++++++++++++
 3 files changed, 43 insertions(+)

diff --git a/lib/diaspora_federation/federation/receiver/exceptions.rb b/lib/diaspora_federation/federation/receiver/exceptions.rb
index 65395ca..5c1a0b8 100644
--- a/lib/diaspora_federation/federation/receiver/exceptions.rb
+++ b/lib/diaspora_federation/federation/receiver/exceptions.rb
@@ -8,6 +8,10 @@ module DiasporaFederation
       # Raised, if receiving a private message without recipient.
       class RecipientRequired < RuntimeError
       end
+
+      # Raised, if receiving a message with public receiver which is not public but should be.
+      class NotPublic < RuntimeError
+      end
     end
   end
 end
diff --git a/lib/diaspora_federation/federation/receiver/public.rb b/lib/diaspora_federation/federation/receiver/public.rb
index ffc53cb..d18fdfa 100644
--- a/lib/diaspora_federation/federation/receiver/public.rb
+++ b/lib/diaspora_federation/federation/receiver/public.rb
@@ -3,6 +3,16 @@ module DiasporaFederation
     module Receiver
       # receiver for public entities
       class Public < AbstractReceiver
+        private
+
+        def validate
+          super
+          raise NotPublic if entity_can_be_public_but_it_is_not?
+        end
+
+        def entity_can_be_public_but_it_is_not?
+          entity.respond_to?(:public) && !entity.public
+        end
       end
     end
   end
diff --git a/spec/lib/diaspora_federation/federation/receiver/public_spec.rb b/spec/lib/diaspora_federation/federation/receiver/public_spec.rb
index b1b1635..348e331 100644
--- a/spec/lib/diaspora_federation/federation/receiver/public_spec.rb
+++ b/spec/lib/diaspora_federation/federation/receiver/public_spec.rb
@@ -105,6 +105,35 @@ module DiasporaFederation
           end
         end
       end
+
+      context "validates if it is public" do
+        it "allows public entities" do
+          public_post = FactoryGirl.build(:status_message_entity, public: true)
+          magic_env = Salmon::MagicEnvelope.new(public_post, public_post.author)
+
+          expect_callback(:receive_entity, public_post, nil)
+
+          described_class.new(magic_env).receive
+        end
+
+        it "does not allow non-public entities" do
+          private_post = FactoryGirl.build(:status_message_entity, public: false)
+          magic_env = Salmon::MagicEnvelope.new(private_post, private_post.author)
+
+          expect {
+            described_class.new(magic_env).receive
+          }.to raise_error Federation::Receiver::NotPublic
+        end
+
+        it "allows entities without public flag" do
+          profile = FactoryGirl.build(:profile_entity)
+          magic_env = Salmon::MagicEnvelope.new(profile, profile.author)
+
+          expect_callback(:receive_entity, profile, nil)
+
+          described_class.new(magic_env).receive
+        end
+      end
     end
   end
 end