diff options
| -rw-r--r-- | lib/mix/tasks/make_moderator.ex | 15 | ||||
| -rw-r--r-- | lib/mix/tasks/set_admin.ex | 18 | ||||
| -rw-r--r-- | lib/mix/tasks/set_locked.ex | 17 | ||||
| -rw-r--r-- | lib/pleroma/formatter.ex | 10 | ||||
| -rw-r--r-- | lib/pleroma/html.ex | 4 | ||||
| -rw-r--r-- | lib/pleroma/plugs/oauth_plug.ex | 74 | ||||
| -rw-r--r-- | lib/pleroma/user.ex | 1 | ||||
| -rw-r--r-- | lib/pleroma/user/info.ex | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/activity_pub/views/user_view.ex | 12 | ||||
| -rw-r--r-- | lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 19 | ||||
| -rw-r--r-- | lib/pleroma/web/twitter_api/twitter_api_controller.ex | 22 | ||||
| -rw-r--r-- | test/formatter_test.exs | 18 | ||||
| -rw-r--r-- | test/plugs/oauth_plug_test.exs | 56 | ||||
| -rw-r--r-- | test/user_test.exs | 12 | ||||
| -rw-r--r-- | test/web/activity_pub/activity_pub_controller_test.exs | 28 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 60 | ||||
| -rw-r--r-- | test/web/twitter_api/twitter_api_controller_test.exs | 125 | ||||
| -rw-r--r-- | test/web/twitter_api/twitter_api_test.exs | 6 | ||||
| -rw-r--r-- | test/web/twitter_api/views/activity_view_test.exs | 2 |
19 files changed, 424 insertions, 77 deletions
diff --git a/lib/mix/tasks/make_moderator.ex b/lib/mix/tasks/make_moderator.ex index 15586dc30..8dc0a04dd 100644 --- a/lib/mix/tasks/make_moderator.ex +++ b/lib/mix/tasks/make_moderator.ex @@ -8,7 +8,7 @@ defmodule Mix.Tasks.SetModerator do """ use Mix.Task - import Mix.Ecto + import Ecto.Changeset alias Pleroma.{Repo, User} def run([nickname | rest]) do @@ -21,14 +21,15 @@ defmodule Mix.Tasks.SetModerator do end with %User{local: true} = user <- User.get_by_nickname(nickname) do - info = - user.info - |> Map.put("is_moderator", !!moderator) + info_cng = User.Info.admin_api_update(user.info, %{is_moderator: !!moderator}) - cng = User.info_changeset(user, %{info: info}) - {:ok, user} = User.update_and_set_cache(cng) + user_cng = + Ecto.Changeset.change(user) + |> put_embed(:info, info_cng) - IO.puts("Moderator status of #{nickname}: #{user.info["is_moderator"]}") + {:ok, user} = User.update_and_set_cache(user_cng) + + IO.puts("Moderator status of #{nickname}: #{user.info.is_moderator}") else _ -> IO.puts("No local user #{nickname}") diff --git a/lib/mix/tasks/set_admin.ex b/lib/mix/tasks/set_admin.ex index d5ccf261b..ac26516f1 100644 --- a/lib/mix/tasks/set_admin.ex +++ b/lib/mix/tasks/set_admin.ex @@ -1,5 +1,6 @@ defmodule Mix.Tasks.SetAdmin do use Mix.Task + import Ecto.Changeset alias Pleroma.User @doc """ @@ -9,21 +10,22 @@ defmodule Mix.Tasks.SetAdmin do def run([nickname | rest]) do Application.ensure_all_started(:pleroma) - status = + admin = case rest do - [status] -> status == "true" + [admin] -> admin == "true" _ -> true end with %User{local: true} = user <- User.get_by_nickname(nickname) do - info = - user.info - |> Map.put("is_admin", !!status) + info_cng = User.Info.admin_api_update(user.info, %{is_admin: !!admin}) - cng = User.info_changeset(user, %{info: info}) - {:ok, user} = User.update_and_set_cache(cng) + user_cng = + Ecto.Changeset.change(user) + |> put_embed(:info, info_cng) - IO.puts("Admin status of #{nickname}: #{user.info["is_admin"]}") + {:ok, user} = User.update_and_set_cache(user_cng) + + IO.puts("Admin status of #{nickname}: #{user.info.is_admin}") else _ -> IO.puts("No local user #{nickname}") diff --git a/lib/mix/tasks/set_locked.ex b/lib/mix/tasks/set_locked.ex index a154595ca..e93a63505 100644 --- a/lib/mix/tasks/set_locked.ex +++ b/lib/mix/tasks/set_locked.ex @@ -10,11 +10,11 @@ defmodule Mix.Tasks.SetLocked do """ use Mix.Task - import Mix.Ecto + import Ecto.Changeset alias Pleroma.{Repo, User} def run([nickname | rest]) do - ensure_started(Repo, []) + Application.ensure_all_started(:pleroma) locked = case rest do @@ -23,14 +23,15 @@ defmodule Mix.Tasks.SetLocked do end with %User{local: true} = user <- User.get_by_nickname(nickname) do - info = - user.info - |> Map.put("locked", !!locked) + info_cng = User.Info.profile_update(user.info, %{locked: !!locked}) - cng = User.info_changeset(user, %{info: info}) - user = Repo.update!(cng) + user_cng = + Ecto.Changeset.change(user) + |> put_embed(:info, info_cng) - IO.puts("locked status of #{nickname}: #{user.info["locked"]}") + {:ok, user} = User.update_and_set_cache(user_cng) + + IO.puts("Locked status of #{nickname}: #{user.info.locked}") else _ -> IO.puts("No local user #{nickname}") diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index 1a5c07c8a..5b03e9aeb 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -114,7 +114,7 @@ defmodule Pleroma.Formatter do subs = subs ++ - Enum.map(mentions, fn {match, %User{ap_id: ap_id, info: info}, uuid} -> + Enum.map(mentions, fn {match, %User{id: id, ap_id: ap_id, info: info}, uuid} -> ap_id = if is_binary(info.source_data["url"]) do info.source_data["url"] @@ -125,7 +125,7 @@ defmodule Pleroma.Formatter do short_match = String.split(match, "@") |> tl() |> hd() {uuid, - "<span><a class='mention' href='#{ap_id}'>@<span>#{short_match}</span></a></span>"} + "<span><a data-user='#{id}' class='mention' href='#{ap_id}'>@<span>#{short_match}</span></a></span>"} end) {subs, uuid_text} @@ -147,7 +147,11 @@ defmodule Pleroma.Formatter do subs = subs ++ Enum.map(tags, fn {tag_text, tag, uuid} -> - url = "<a href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>#{tag_text}</a>" + url = + "<a data-tag='#{tag}' href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>#{ + tag_text + }</a>" + {uuid, url} end) diff --git a/lib/pleroma/html.ex b/lib/pleroma/html.ex index 1b920d7fd..5daaa5e69 100644 --- a/lib/pleroma/html.ex +++ b/lib/pleroma/html.ex @@ -45,7 +45,7 @@ defmodule Pleroma.HTML.Scrubber.TwitterText do Meta.strip_comments() # links - Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes) + Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes) Meta.allow_tag_with_these_attributes("a", ["name", "title"]) # paragraphs and linebreaks @@ -86,7 +86,7 @@ defmodule Pleroma.HTML.Scrubber.Default do Meta.remove_cdata_sections_before_scrub() Meta.strip_comments() - Meta.allow_tag_with_uri_attributes("a", ["href"], @valid_schemes) + Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes) Meta.allow_tag_with_these_attributes("a", ["name", "title"]) Meta.allow_tag_with_these_attributes("abbr", ["title"]) diff --git a/lib/pleroma/plugs/oauth_plug.ex b/lib/pleroma/plugs/oauth_plug.ex index 630f15eec..75f9209c2 100644 --- a/lib/pleroma/plugs/oauth_plug.ex +++ b/lib/pleroma/plugs/oauth_plug.ex @@ -1,30 +1,68 @@ defmodule Pleroma.Plugs.OAuthPlug do import Plug.Conn - alias Pleroma.User - alias Pleroma.Repo - alias Pleroma.Web.OAuth.Token + import Ecto.Query - def init(options) do - options - end + alias Pleroma.{ + User, + Repo, + Web.OAuth.Token + } + + @realm_reg Regex.compile!("Bearer\:?\s+(.*)$", "i") + + def init(options), do: options def call(%{assigns: %{user: %User{}}} = conn, _), do: conn def call(conn, _) do - token = - case get_req_header(conn, "authorization") do - ["Bearer " <> header] -> header - _ -> get_session(conn, :oauth_token) - end - - with token when not is_nil(token) <- token, - %Token{user_id: user_id} <- Repo.get_by(Token, token: token), - %User{} = user <- Repo.get(User, user_id), - false <- !!user.info.deactivated do - conn - |> assign(:user, user) + with {:ok, token} <- fetch_token(conn), + {:ok, user} <- fetch_user(token) do + assign(conn, :user, user) else _ -> conn end end + + # Gets user by token + # + @spec fetch_user(String.t()) :: {:ok, User.t()} | nil + defp fetch_user(token) do + query = from(q in Token, where: q.token == ^token, preload: [:user]) + + with %Token{user: %{info: %{deactivated: false} = _} = user} <- Repo.one(query) do + {:ok, user} + end + end + + # Gets token from session by :oauth_token key + # + @spec fetch_token_from_session(Plug.Conn.t()) :: :no_token_found | {:ok, String.t()} + defp fetch_token_from_session(conn) do + case get_session(conn, :oauth_token) do + nil -> :no_token_found + token -> {:ok, token} + end + end + + # Gets token from headers + # + @spec fetch_token(Plug.Conn.t()) :: :no_token_found | {:ok, String.t()} + defp fetch_token(%Plug.Conn{} = conn) do + headers = get_req_header(conn, "authorization") + + with :no_token_found <- fetch_token(headers), + do: fetch_token_from_session(conn) + end + + @spec fetch_token(Keyword.t()) :: :no_token_found | {:ok, String.t()} + defp fetch_token([]), do: :no_token_found + + defp fetch_token([token | tail]) do + trimmed_token = String.trim(token) + + case Regex.run(@realm_reg, trimmed_token) do + [_, match] -> {:ok, String.trim(match)} + _ -> fetch_token(tail) + end + end end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 3bd92c157..74ae5ef0d 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -177,6 +177,7 @@ defmodule Pleroma.User do |> validate_format(:email, @email_regex) |> validate_length(:bio, max: 1000) |> validate_length(:name, min: 1, max: 100) + |> put_change(:info, %Pleroma.User.Info{}) if changeset.valid? do hashed = Pbkdf2.hashpwsalt(changeset.changes[:password]) diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 49b2f0eda..7a99787f8 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -24,6 +24,7 @@ defmodule Pleroma.User.Info do field(:topic, :string, default: nil) field(:hub, :string, default: nil) field(:salmon, :string, default: nil) + field(:hide_network, :boolean, default: false) # Found in the wild # ap_id -> Where is this used? @@ -135,6 +136,7 @@ defmodule Pleroma.User.Info do :no_rich_text, :default_scope, :banner, + :hide_network, :background ]) end diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex index aaa777602..869934172 100644 --- a/lib/pleroma/web/activity_pub/views/user_view.ex +++ b/lib/pleroma/web/activity_pub/views/user_view.ex @@ -82,7 +82,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) following = Repo.all(query) - collection(following, "#{user.ap_id}/following", page) + collection(following, "#{user.ap_id}/following", page, !user.info.hide_network) |> Map.merge(Utils.make_json_ld_header()) end @@ -95,7 +95,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do "id" => "#{user.ap_id}/following", "type" => "OrderedCollection", "totalItems" => length(following), - "first" => collection(following, "#{user.ap_id}/following", 1) + "first" => collection(following, "#{user.ap_id}/following", 1, !user.info.hide_network) } |> Map.merge(Utils.make_json_ld_header()) end @@ -105,7 +105,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do query = from(user in query, select: [:ap_id]) followers = Repo.all(query) - collection(followers, "#{user.ap_id}/followers", page) + collection(followers, "#{user.ap_id}/followers", page, !user.info.hide_network) |> Map.merge(Utils.make_json_ld_header()) end @@ -118,7 +118,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do "id" => "#{user.ap_id}/followers", "type" => "OrderedCollection", "totalItems" => length(followers), - "first" => collection(followers, "#{user.ap_id}/followers", 1) + "first" => collection(followers, "#{user.ap_id}/followers", 1, !user.info.hide_network) } |> Map.merge(Utils.make_json_ld_header()) end @@ -172,7 +172,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do end end - def collection(collection, iri, page, total \\ nil) do + def collection(collection, iri, page, show_items \\ true, total \\ nil) do offset = (page - 1) * 10 items = Enum.slice(collection, offset, 10) items = Enum.map(items, fn user -> user.ap_id end) @@ -183,7 +183,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do "type" => "OrderedCollectionPage", "partOf" => iri, "totalItems" => total, - "orderedItems" => items + "orderedItems" => if(show_items, do: items, else: []) } if offset < total do diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index f9007a808..300bdc04a 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -502,17 +502,30 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do |> render(StatusView, "index.json", %{activities: activities, for: user, as: :activity}) end - # TODO: Pagination - def followers(conn, %{"id" => id}) do + def followers(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do with %User{} = user <- Repo.get(User, id), {:ok, followers} <- User.get_followers(user) do + followers = + cond do + for_user && user.id == for_user.id -> followers + user.info.hide_network -> [] + true -> followers + end + render(conn, AccountView, "accounts.json", %{users: followers, as: :user}) end end - def following(conn, %{"id" => id}) do + def following(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do with %User{} = user <- Repo.get(User, id), {:ok, followers} <- User.get_friends(user) do + followers = + cond do + for_user && user.id == for_user.id -> followers + user.info.hide_network -> [] + true -> followers + end + render(conn, AccountView, "accounts.json", %{users: followers, as: :user}) end end diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 961250d92..8fd6ea078 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -340,18 +340,32 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end end - def followers(conn, params) do - with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params), + def followers(%{assigns: %{user: for_user}} = conn, params) do + with {:ok, user} <- TwitterAPI.get_user(for_user, params), {:ok, followers} <- User.get_followers(user) do + followers = + cond do + for_user && user.id == for_user.id -> followers + user.info.hide_network -> [] + true -> followers + end + render(conn, UserView, "index.json", %{users: followers, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get followers") end end - def friends(conn, params) do + def friends(%{assigns: %{user: for_user}} = conn, params) do with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params), {:ok, friends} <- User.get_friends(user) do + friends = + cond do + for_user && user.id == for_user.id -> friends + user.info.hide_network -> [] + true -> friends + end + render(conn, UserView, "index.json", %{users: friends, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get friends") @@ -429,7 +443,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do defp build_info_cng(user, params) do info_params = - ["no_rich_text", "locked"] + ["no_rich_text", "locked", "hide_network"] |> Enum.reduce(%{}, fn key, res -> if value = params[key] do Map.put(res, key, value == "true") diff --git a/test/formatter_test.exs b/test/formatter_test.exs index 5d745510f..abb9d882c 100644 --- a/test/formatter_test.exs +++ b/test/formatter_test.exs @@ -15,7 +15,7 @@ defmodule Pleroma.FormatterTest do text = "I love #cofe and #2hu" expected_text = - "I love <a href='http://localhost:4001/tag/cofe' rel='tag'>#cofe</a> and <a href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a>" + "I love <a data-tag='cofe' href='http://localhost:4001/tag/cofe' rel='tag'>#cofe</a> and <a data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a>" tags = Formatter.parse_tags(text) @@ -128,11 +128,11 @@ defmodule Pleroma.FormatterTest do Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end) expected_text = - "<span><a class='mention' href='#{gsimg.ap_id}'>@<span>gsimg</span></a></span> According to <span><a class='mention' href='#{ - "https://archeme/@archaeme" - }'>@<span>archaeme</span></a></span>, that is @daggsy. Also hello <span><a class='mention' href='#{ - archaeme_remote.ap_id - }'>@<span>archaeme</span></a></span>" + "<span><a data-user='#{gsimg.id}' class='mention' href='#{gsimg.ap_id}'>@<span>gsimg</span></a></span> According to <span><a data-user='#{ + archaeme.id + }' class='mention' href='#{"https://archeme/@archaeme"}'>@<span>archaeme</span></a></span>, that is @daggsy. Also hello <span><a data-user='#{ + archaeme_remote.id + }' class='mention' href='#{archaeme_remote.ap_id}'>@<span>archaeme</span></a></span>" assert expected_text == Formatter.finalize({subs, text}) end @@ -150,7 +150,7 @@ defmodule Pleroma.FormatterTest do Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end) expected_text = - "<span><a class='mention' href='#{mike.ap_id}'>@<span>mike</span></a></span> test" + "<span><a data-user='#{mike.id}' class='mention' href='#{mike.ap_id}'>@<span>mike</span></a></span> test" assert expected_text == Formatter.finalize({subs, text}) end @@ -166,7 +166,9 @@ defmodule Pleroma.FormatterTest do assert length(subs) == 1 Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end) - expected_text = "<span><a class='mention' href='#{o.ap_id}'>@<span>o</span></a></span> hi" + expected_text = + "<span><a data-user='#{o.id}' class='mention' href='#{o.ap_id}'>@<span>o</span></a></span> hi" + assert expected_text == Formatter.finalize({subs, text}) end diff --git a/test/plugs/oauth_plug_test.exs b/test/plugs/oauth_plug_test.exs new file mode 100644 index 000000000..4dd12f207 --- /dev/null +++ b/test/plugs/oauth_plug_test.exs @@ -0,0 +1,56 @@ +defmodule Pleroma.Plugs.OAuthPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.OAuthPlug + import Pleroma.Factory + + @session_opts [ + store: :cookie, + key: "_test", + signing_salt: "cooldude" + ] + + setup %{conn: conn} do + user = insert(:user) + {:ok, %{token: token}} = Pleroma.Web.OAuth.Token.create_token(insert(:oauth_app), user) + %{user: user, token: token, conn: conn} + end + + test "with valid token(uppercase), it assigns the user", %{conn: conn} = opts do + conn = + conn + |> put_req_header("authorization", "BEARER #{opts[:token]}") + |> OAuthPlug.call(%{}) + + assert conn.assigns[:user] == opts[:user] + end + + test "with valid token(downcase), it assigns the user", %{conn: conn} = opts do + conn = + conn + |> put_req_header("authorization", "bearer #{opts[:token]}") + |> OAuthPlug.call(%{}) + + assert conn.assigns[:user] == opts[:user] + end + + test "with invalid token, it not assigns the user", %{conn: conn} do + conn = + conn + |> put_req_header("authorization", "bearer TTTTT") + |> OAuthPlug.call(%{}) + + refute conn.assigns[:user] + end + + test "when token is missed but token in session, it assigns the user", %{conn: conn} = opts do + conn = + conn + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session() + |> put_session(:oauth_token, opts[:token]) + |> OAuthPlug.call(%{}) + + assert conn.assigns[:user] == opts[:user] + end +end diff --git a/test/user_test.exs b/test/user_test.exs index d097eb171..3d2f7f4e0 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -149,6 +149,18 @@ defmodule Pleroma.UserTest do assert changeset.changes.follower_address == "#{changeset.changes.ap_id}/followers" end + + test "it ensures info is not nil" do + changeset = User.register_changeset(%User{}, @full_user_data) + + assert changeset.valid? + + {:ok, user} = + changeset + |> Repo.insert() + + refute is_nil(user.info) + end end describe "fetching a user from nickname or trying to build one" do diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 980f43553..b4af2df5a 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -150,6 +150,20 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert result["first"]["orderedItems"] == [user.ap_id] end + test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do + user = insert(:user) + user_two = insert(:user, %{info: %{hide_network: true}}) + User.follow(user, user_two) + + result = + conn + |> get("/users/#{user_two.nickname}/followers") + |> json_response(200) + + assert result["first"]["orderedItems"] == [] + assert result["totalItems"] == 1 + end + test "it works for more than 10 users", %{conn: conn} do user = insert(:user) @@ -191,6 +205,20 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert result["first"]["orderedItems"] == [user_two.ap_id] end + test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do + user = insert(:user, %{info: %{hide_network: true}}) + user_two = insert(:user) + User.follow(user, user_two) + + result = + conn + |> get("/users/#{user.nickname}/following") + |> json_response(200) + + assert result["first"]["orderedItems"] == [] + assert result["totalItems"] == 1 + end + test "it works for more than 10 users", %{conn: conn} do user = insert(:user) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 7cd98cde8..0ff611648 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -590,7 +590,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do |> get("/api/v1/notifications") expected_response = - "hi <span><a href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>" + "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>" assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200) assert response == expected_response @@ -611,7 +611,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do |> get("/api/v1/notifications/#{notification.id}") expected_response = - "hi <span><a href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>" + "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>" assert %{"status" => %{"content" => response}} = json_response(conn, 200) assert response == expected_response @@ -1008,6 +1008,31 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert id == to_string(user.id) end + test "getting followers, hide_network", %{conn: conn} do + user = insert(:user) + other_user = insert(:user, %{info: %{hide_network: true}}) + {:ok, user} = User.follow(user, other_user) + + conn = + conn + |> get("/api/v1/accounts/#{other_user.id}/followers") + + assert [] == json_response(conn, 200) + end + + test "getting followers, hide_network, same user requesting", %{conn: conn} do + user = insert(:user) + other_user = insert(:user, %{info: %{hide_network: true}}) + {:ok, user} = User.follow(user, other_user) + + conn = + conn + |> assign(:user, other_user) + |> get("/api/v1/accounts/#{other_user.id}/followers") + + refute [] == json_response(conn, 200) + end + test "getting following", %{conn: conn} do user = insert(:user) other_user = insert(:user) @@ -1021,6 +1046,31 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert id == to_string(other_user.id) end + test "getting following, hide_network", %{conn: conn} do + user = insert(:user, %{info: %{hide_network: true}}) + other_user = insert(:user) + {:ok, user} = User.follow(user, other_user) + + conn = + conn + |> get("/api/v1/accounts/#{user.id}/following") + + assert [] == json_response(conn, 200) + end + + test "getting following, hide_network, same user requesting", %{conn: conn} do + user = insert(:user, %{info: %{hide_network: true}}) + other_user = insert(:user) + {:ok, user} = User.follow(user, other_user) + + conn = + conn + |> assign(:user, user) + |> get("/api/v1/accounts/#{user.id}/following") + + refute [] == json_response(conn, 200) + end + test "following / unfollowing a user", %{conn: conn} do user = insert(:user) other_user = insert(:user) @@ -1271,9 +1321,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert user = json_response(conn, 200) assert user["note"] == - "I drink <a href=\"http://localhost:4001/tag/cofe\">#cofe</a> with <span><a href=\"#{ - user2.ap_id - }\">@<span>#{user2.nickname}</span></a></span>" + "I drink <a data-tag=\"cofe\" href=\"http://localhost:4001/tag/cofe\">#cofe</a> with <span><a data-user=\"#{ + user2.id + }\" href=\"#{user2.ap_id}\">@<span>#{user2.nickname}</span></a></span>" end test "updates the user's locking status", %{conn: conn} do diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index a6495ffc1..a8a9da781 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -861,6 +861,67 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do result = json_response(conn, 200) assert Enum.sort(expected) == Enum.sort(result) end + + test "it returns a given user's followers with user_id", %{conn: conn} do + user = insert(:user) + follower_one = insert(:user) + follower_two = insert(:user) + not_follower = insert(:user) + + {:ok, follower_one} = User.follow(follower_one, user) + {:ok, follower_two} = User.follow(follower_two, user) + + conn = + conn + |> assign(:user, not_follower) + |> get("/api/statuses/followers", %{"user_id" => user.id}) + + assert MapSet.equal?( + MapSet.new(json_response(conn, 200)), + MapSet.new( + UserView.render("index.json", %{ + users: [follower_one, follower_two], + for: not_follower + }) + ) + ) + end + + test "it returns empty for a hidden network", %{conn: conn} do + user = insert(:user, %{info: %{hide_network: true}}) + follower_one = insert(:user) + follower_two = insert(:user) + not_follower = insert(:user) + + {:ok, follower_one} = User.follow(follower_one, user) + {:ok, follower_two} = User.follow(follower_two, user) + + conn = + conn + |> assign(:user, not_follower) + |> get("/api/statuses/followers", %{"user_id" => user.id}) + + assert [] == json_response(conn, 200) + end + + test "it returns the followers for a hidden network if requested by the user themselves", %{ + conn: conn + } do + user = insert(:user, %{info: %{hide_network: true}}) + follower_one = insert(:user) + follower_two = insert(:user) + not_follower = insert(:user) + + {:ok, follower_one} = User.follow(follower_one, user) + {:ok, follower_two} = User.follow(follower_two, user) + + conn = + conn + |> assign(:user, user) + |> get("/api/statuses/followers", %{"user_id" => user.id}) + + refute [] == json_response(conn, 200) + end end describe "GET /api/statuses/friends" do @@ -905,6 +966,42 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do ) end + test "it returns empty for a hidden network", %{conn: conn} do + user = insert(:user, %{info: %{hide_network: true}}) + followed_one = insert(:user) + followed_two = insert(:user) + not_followed = insert(:user) + + {:ok, user} = User.follow(user, followed_one) + {:ok, user} = User.follow(user, followed_two) + + conn = + conn + |> assign(:user, not_followed) + |> get("/api/statuses/friends", %{"user_id" => user.id}) + + assert [] == json_response(conn, 200) + end + + test "it returns friends for a hidden network if the user themselves request it", %{ + conn: conn + } do + user = insert(:user, %{info: %{hide_network: true}}) + followed_one = insert(:user) + followed_two = insert(:user) + not_followed = insert(:user) + + {:ok, user} = User.follow(user, followed_one) + {:ok, user} = User.follow(user, followed_two) + + conn = + conn + |> assign(:user, user) + |> get("/api/statuses/friends", %{"user_id" => user.id}) + + refute [] == json_response(conn, 200) + end + test "it returns a given user's friends with screen_name", %{conn: conn} do user = insert(:user) followed_one = insert(:user) @@ -969,8 +1066,34 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do assert user.name == "new name" assert user.bio == - "hi <span><a class='mention' href='#{user2.ap_id}'>@<span>#{user2.nickname}</span></a></span>" + "hi <span><a data-user='#{user2.id}' class='mention' href='#{user2.ap_id}'>@<span>#{ + user2.nickname + }</span></a></span>" + + assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) + end + test "it sets and un-sets hide_network", %{conn: conn} do + user = insert(:user) + + conn + |> assign(:user, user) + |> post("/api/account/update_profile.json", %{ + "hide_network" => "true" + }) + + user = Repo.get!(User, user.id) + assert user.info.hide_network == true + + conn = + conn + |> assign(:user, user) + |> post("/api/account/update_profile.json", %{ + "hide_network" => "false" + }) + + user = Repo.get!(User, user.id) + assert user.info.hide_network == false assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) end diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 28230699f..76de68783 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -10,7 +10,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do test "create a status" do user = insert(:user) - _mentioned_user = insert(:user, %{nickname: "shp", ap_id: "shp"}) + mentioned_user = insert(:user, %{nickname: "shp", ap_id: "shp"}) object_data = %{ "type" => "Image", @@ -35,7 +35,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do {:ok, activity = %Activity{}} = TwitterAPI.create_status(user, input) expected_text = - "Hello again, <span><a class='mention' href='shp'>@<span>shp</span></a></span>.<script></script><br>This is on another :moominmamma: line. <a href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a> <a href='http://localhost:4001/tag/epic' rel='tag'>#epic</a> <a href='http://localhost:4001/tag/phantasmagoric' rel='tag'>#phantasmagoric</a><br><a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>" + "Hello again, <span><a data-user='#{mentioned_user.id}' class='mention' href='shp'>@<span>shp</span></a></span>.<script></script><br>This is on another :moominmamma: line. <a data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a> <a data-tag='epic' href='http://localhost:4001/tag/epic' rel='tag'>#epic</a> <a data-tag='phantasmagoric' href='http://localhost:4001/tag/phantasmagoric' rel='tag'>#phantasmagoric</a><br><a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>" assert get_in(activity.data, ["object", "content"]) == expected_text assert get_in(activity.data, ["object", "type"]) == "Note" @@ -281,7 +281,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do {:ok, user2} = TwitterAPI.register_user(data2) expected_text = - "<span><a class='mention' href='#{user1.ap_id}'>@<span>john</span></a></span> test" + "<span><a data-user='#{user1.id}' class='mention' href='#{user1.ap_id}'>@<span>john</span></a></span> test" assert user2.bio == expected_text end diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index 5cef06f88..bc36b0e90 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -47,7 +47,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do "repeated" => false, "statusnet_conversation_id" => convo_id, "statusnet_html" => - "Hey <span><a href=\"#{other_user.ap_id}\">@<span>shp</span></a></span>!", + "Hey <span><a data-user=\"#{other_user.id}\" href=\"#{other_user.ap_id}\">@<span>shp</span></a></span>!", "tags" => [], "text" => "Hey @shp!", "uri" => activity.data["object"]["id"], |