From 06663fcf87fe0d6bc71336e6f212b82f098066d7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 13 Mar 2019 13:02:13 +0100 Subject: [PATCH] Fix `tagged` param not being normalized before querying tags (#10249) --- app/controllers/accounts_controller.rb | 8 +++++++- app/controllers/api/v1/accounts/statuses_controller.rb | 8 +++++++- app/controllers/api/v1/timelines/tag_controller.rb | 2 +- app/controllers/tags_controller.rb | 2 +- app/models/tag.rb | 8 ++++++++ 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index cad2ecf3f..dfbe5bffc 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -80,7 +80,13 @@ class AccountsController < ApplicationController end def hashtag_scope - Status.tagged_with(Tag.find_by(name: params[:tag].downcase)&.id) + tag = Tag.find_normalized(params[:tag]) + + if tag + Status.tagged_with(tag.id) + else + Status.none + end end def set_account diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index ed10f3f6a..8cd8f8e79 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -69,7 +69,13 @@ class Api::V1::Accounts::StatusesController < Api::BaseController end def hashtag_scope - Status.tagged_with(Tag.find_by(name: params[:tagged])&.id) + tag = Tag.find_normalized(params[:tagged]) + + if tag + Status.tagged_with(tag.id) + else + Status.none + end end def pagination_params(core_params) diff --git a/app/controllers/api/v1/timelines/tag_controller.rb b/app/controllers/api/v1/timelines/tag_controller.rb index 92c32c178..9adc4ad29 100644 --- a/app/controllers/api/v1/timelines/tag_controller.rb +++ b/app/controllers/api/v1/timelines/tag_controller.rb @@ -14,7 +14,7 @@ class Api::V1::Timelines::TagController < Api::BaseController private def load_tag - @tag = Tag.find_by(name: params[:id].downcase) + @tag = Tag.find_normalized(params[:id]) end def load_statuses diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index 729553e1e..66b184901 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -9,7 +9,7 @@ class TagsController < ApplicationController before_action :set_instance_presenter def show - @tag = Tag.find_by!(name: params[:id].downcase) + @tag = Tag.find_normalized!(params[:id]) respond_to do |format| format.html do diff --git a/app/models/tag.rb b/app/models/tag.rb index 788a678bd..7db76d157 100644 --- a/app/models/tag.rb +++ b/app/models/tag.rb @@ -72,6 +72,14 @@ class Tag < ApplicationRecord .limit(limit) .offset(offset) end + + def find_normalized(name) + find_by(name: name.mb_chars.downcase.to_s) + end + + def find_normalized!(name) + find_normalized(name) || raise(ActiveRecord::RecordNotFound) + end end private