From 5ff943716e99f4bfaa698e3a2e17fbbffe03124a Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 13 Mar 2019 13:02:13 +0100 Subject: [PATCH] Fix `tagged` param not being normalized before querying tags (#10249) --- app/controllers/accounts_controller.rb | 8 +++++++- app/controllers/api/v1/accounts/statuses_controller.rb | 8 +++++++- app/controllers/api/v1/timelines/tag_controller.rb | 2 +- app/controllers/tags_controller.rb | 2 +- app/models/tag.rb | 8 ++++++++ 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index cad2ecf3fe..dfbe5bffcf 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -80,7 +80,13 @@ class AccountsController < ApplicationController end def hashtag_scope - Status.tagged_with(Tag.find_by(name: params[:tag].downcase)&.id) + tag = Tag.find_normalized(params[:tag]) + + if tag + Status.tagged_with(tag.id) + else + Status.none + end end def set_account diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index ed10f3f6a7..8cd8f8e799 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -69,7 +69,13 @@ class Api::V1::Accounts::StatusesController < Api::BaseController end def hashtag_scope - Status.tagged_with(Tag.find_by(name: params[:tagged])&.id) + tag = Tag.find_normalized(params[:tagged]) + + if tag + Status.tagged_with(tag.id) + else + Status.none + end end def pagination_params(core_params) diff --git a/app/controllers/api/v1/timelines/tag_controller.rb b/app/controllers/api/v1/timelines/tag_controller.rb index 92c32c1784..9adc4ad291 100644 --- a/app/controllers/api/v1/timelines/tag_controller.rb +++ b/app/controllers/api/v1/timelines/tag_controller.rb @@ -14,7 +14,7 @@ class Api::V1::Timelines::TagController < Api::BaseController private def load_tag - @tag = Tag.find_by(name: params[:id].downcase) + @tag = Tag.find_normalized(params[:id]) end def load_statuses diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index 729553e1e7..66b1849011 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -9,7 +9,7 @@ class TagsController < ApplicationController before_action :set_instance_presenter def show - @tag = Tag.find_by!(name: params[:id].downcase) + @tag = Tag.find_normalized!(params[:id]) respond_to do |format| format.html do diff --git a/app/models/tag.rb b/app/models/tag.rb index 788a678bde..7db76d157b 100644 --- a/app/models/tag.rb +++ b/app/models/tag.rb @@ -72,6 +72,14 @@ class Tag < ApplicationRecord .limit(limit) .offset(offset) end + + def find_normalized(name) + find_by(name: name.mb_chars.downcase.to_s) + end + + def find_normalized!(name) + find_normalized(name) || raise(ActiveRecord::RecordNotFound) + end end private