From cd0eaa349ca5d7e53e2ed246e70e99fc61c98370 Mon Sep 17 00:00:00 2001
From: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Date: Sun, 8 Apr 2018 13:43:10 +0200
Subject: [PATCH] Enable updating additional account information from user
 preferences via rest api (#6789)

* Enable updating additional account information from user preferences via rest api
Resolves #6553

* Pacify rubocop

* Decoerce incoming settings in UserSettingsDecorator

* Create user preferences hash directly from incoming credentials instead of going through ActionController::Parameters

* Clean up user preferences update

* Use ActiveModel::Type::Boolean instead of manually checking stringified number equivalence
---
 .../api/v1/accounts/credentials_controller.rb        | 12 ++++++++++++
 app/lib/user_settings_decorator.rb                   |  4 ++--
 .../api/v1/accounts/credentials_controller_spec.rb   |  6 ++++++
 spec/lib/user_settings_decorator_spec.rb             | 11 +++++++++++
 4 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/app/controllers/api/v1/accounts/credentials_controller.rb b/app/controllers/api/v1/accounts/credentials_controller.rb
index 68af22529..062d490a7 100644
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@@ -13,6 +13,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   def update
     @account = current_account
     UpdateAccountService.new.call(@account, account_params, raise_error: true)
+    UserSettingsDecorator.new(current_user).update(user_settings_params) if user_settings_params
     ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
     render json: @account, serializer: REST::CredentialAccountSerializer
   end
@@ -22,4 +23,15 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   def account_params
     params.permit(:display_name, :note, :avatar, :header, :locked)
   end
+
+  def user_settings_params
+    return nil unless params.key?(:source)
+
+    source_params = params.require(:source)
+
+    {
+      'setting_default_privacy' => source_params.fetch(:privacy, @account.user.setting_default_privacy),
+      'setting_default_sensitive' => source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
+    }
+  end
 end
diff --git a/app/lib/user_settings_decorator.rb b/app/lib/user_settings_decorator.rb
index 4d6f19467..9260a81bc 100644
--- a/app/lib/user_settings_decorator.rb
+++ b/app/lib/user_settings_decorator.rb
@@ -83,7 +83,7 @@ class UserSettingsDecorator
   end
 
   def boolean_cast_setting(key)
-    settings[key] == '1'
+    ActiveModel::Type::Boolean.new.cast(settings[key])
   end
 
   def coerced_settings(key)
@@ -91,7 +91,7 @@ class UserSettingsDecorator
   end
 
   def coerce_values(params_hash)
-    params_hash.transform_values { |x| x == '1' }
+    params_hash.transform_values { |x| ActiveModel::Type::Boolean.new.cast(x) }
   end
 
   def change?(key)
diff --git a/spec/controllers/api/v1/accounts/credentials_controller_spec.rb b/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
index 461b8b34b..87fce64eb 100644
--- a/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
@@ -28,6 +28,10 @@ describe Api::V1::Accounts::CredentialsController do
             note: "Hi!\n\nToot toot!",
             avatar: fixture_file_upload('files/avatar.gif', 'image/gif'),
             header: fixture_file_upload('files/attachment.jpg', 'image/jpeg'),
+            source: {
+              privacy: 'unlisted',
+              sensitive: true,
+            }
           }
         end
 
@@ -42,6 +46,8 @@ describe Api::V1::Accounts::CredentialsController do
           expect(user.account.note).to eq("Hi!\n\nToot toot!")
           expect(user.account.avatar).to exist
           expect(user.account.header).to exist
+          expect(user.setting_default_privacy).to eq('unlisted')
+          expect(user.setting_default_sensitive).to eq(true)
         end
 
         it 'queues up an account update distribution' do
diff --git a/spec/lib/user_settings_decorator_spec.rb b/spec/lib/user_settings_decorator_spec.rb
index fee875373..462c5b124 100644
--- a/spec/lib/user_settings_decorator_spec.rb
+++ b/spec/lib/user_settings_decorator_spec.rb
@@ -69,5 +69,16 @@ describe UserSettingsDecorator do
       settings.update(values)
       expect(user.settings['system_font_ui']).to eq false
     end
+
+    it 'decoerces setting values before applying' do
+      values = {
+        'setting_delete_modal' => 'false',
+        'setting_boost_modal' => 'true',
+      }
+
+      settings.update(values)
+      expect(user.settings['delete_modal']).to eq false
+      expect(user.settings['boost_modal']).to eq true
+    end
   end
 end