diff options
Diffstat (limited to 'test/web/controller')
6 files changed, 352 insertions, 0 deletions
diff --git a/test/web/controller/frontend/admin_controller_test.exs b/test/web/controller/frontend/admin_controller_test.exs new file mode 100644 index 000000000..8375cefdc --- /dev/null +++ b/test/web/controller/frontend/admin_controller_test.exs @@ -0,0 +1,12 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.AdminControllerTest do + use Pleroma.Web.ConnCase + + test "renders index.html from admin fe", %{conn: conn} do + conn = get(conn, frontend_admin_path(conn, :index, [])) + assert html_response(conn, 200) =~ "test Admin Develop FE" + end +end diff --git a/test/web/controller/frontend/headless_controller_test.exs b/test/web/controller/frontend/headless_controller_test.exs new file mode 100644 index 000000000..db9b8ef27 --- /dev/null +++ b/test/web/controller/frontend/headless_controller_test.exs @@ -0,0 +1,16 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.HeadlessControllerTest do + use Pleroma.Web.ConnCase + + setup do: clear_config([:frontends, :primary]) + + test "Returns 404", %{conn: conn} do + Pleroma.Config.put([:frontends, :primary], %{"name" => "none", "ref" => ""}) + + conn = get(conn, frontend_path(conn, :index_with_preload, [])) + assert text_response(conn, 404) == "" + end +end diff --git a/test/web/controller/frontend/kenoma_controller_test.exs b/test/web/controller/frontend/kenoma_controller_test.exs new file mode 100644 index 000000000..342d44fc5 --- /dev/null +++ b/test/web/controller/frontend/kenoma_controller_test.exs @@ -0,0 +1,16 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.KenomaControllerTest do + use Pleroma.Web.ConnCase + + setup do: clear_config([:frontends, :primary]) + + test "renders index.html from kenoma fe", %{conn: conn} do + Pleroma.Config.put([:frontends, :primary], %{"name" => "kenoma", "ref" => "develop"}) + + conn = get(conn, frontend_path(conn, :index_with_preload, [])) + assert html_response(conn, 200) =~ "test Kenoma Develop FE" + end +end diff --git a/test/web/controller/frontend/mastodon_controller_test.exs b/test/web/controller/frontend/mastodon_controller_test.exs new file mode 100644 index 000000000..c45554159 --- /dev/null +++ b/test/web/controller/frontend/mastodon_controller_test.exs @@ -0,0 +1,85 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.MastodonControllerTest do + use Pleroma.Web.ConnCase + + alias Pleroma.Config + alias Pleroma.User + + import Pleroma.Factory + + setup do: clear_config([:instance, :public]) + + test "put settings", %{conn: conn} do + user = insert(:user) + + conn = + conn + |> assign(:user, user) + |> assign(:token, insert(:oauth_token, user: user, scopes: ["write:accounts"])) + |> put(frontend_mastodon_path(conn, :put_settings), %{"data" => %{"programming" => "socks"}}) + + assert _result = json_response(conn, 200) + + user = User.get_cached_by_ap_id(user.ap_id) + assert user.mastofe_settings == %{"programming" => "socks"} + end + + describe "index/2 redirections" do + setup %{conn: conn} do + session_opts = [ + store: :cookie, + key: "_test", + signing_salt: "cooldude" + ] + + conn = + conn + |> Plug.Session.call(Plug.Session.init(session_opts)) + |> fetch_session() + + test_path = frontend_mastodon_path(conn, :index, ["statuses", "test"]) + %{conn: conn, path: test_path} + end + + test "redirects not logged-in users to the login page", %{conn: conn, path: path} do + conn = get(conn, path) + + assert conn.status == 302 + assert redirected_to(conn) == auth_path(conn, :login) + end + + test "redirects not logged-in users to the login page on private instances", %{ + conn: conn, + path: path + } do + Config.put([:instance, :public], false) + + conn = get(conn, path) + + assert conn.status == 302 + assert redirected_to(conn) == auth_path(conn, :login) + end + + test "does not redirect logged in users to the login page", %{conn: conn, path: path} do + token = insert(:oauth_token, scopes: ["read"]) + + conn = + conn + |> assign(:user, token.user) + |> assign(:token, token) + |> get(path) + + assert conn.status == 200 + end + + test "saves referer path to session", %{conn: conn, path: path} do + conn = get(conn, path) + return_to = Plug.Conn.get_session(conn, :return_to) + + assert return_to == path + end + end +end diff --git a/test/web/controller/frontend/pleroma_controller_test.exs b/test/web/controller/frontend/pleroma_controller_test.exs new file mode 100644 index 000000000..2210731a2 --- /dev/null +++ b/test/web/controller/frontend/pleroma_controller_test.exs @@ -0,0 +1,24 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.PleromaControllerTest do + use Pleroma.Web.ConnCase + + import Pleroma.Factory + + test "renders index.html from pleroma fe", %{conn: conn} do + conn = get(conn, frontend_path(conn, :index_with_preload, [])) + assert html_response(conn, 200) =~ "test Pleroma Develop FE" + end + + test "index_with_meta", %{conn: conn} do + user = insert(:user) + + conn = get(conn, frontend_path(conn, :index_with_meta_and_user, "nonexistinguser")) + assert html_response(conn, 200) =~ "<!--server-generated-meta-->" + + conn = get(conn, frontend_path(conn, :index_with_meta_and_user, user.nickname)) + refute html_response(conn, 200) =~ "<!--server-generated-meta-->" + end +end diff --git a/test/web/controller/frontend/static_controller_test.exs b/test/web/controller/frontend/static_controller_test.exs new file mode 100644 index 000000000..ac447341b --- /dev/null +++ b/test/web/controller/frontend/static_controller_test.exs @@ -0,0 +1,199 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Frontend.StaticControllerTest do + use Pleroma.Web.ConnCase + + alias Pleroma.Activity + alias Pleroma.Config + alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Web.CommonAPI + + import Pleroma.Factory + + setup_all do: clear_config([:frontends, :static], true) + setup do: clear_config([:instance, :federating], true) + + setup %{conn: conn} do + conn = put_req_header(conn, "accept", "text/html") + user = insert(:user) + + %{conn: conn, user: user} + end + + describe "user profile html" do + test "just the profile as HTML", %{conn: conn, user: user} do + conn = get(conn, user_feed_path(conn, :feed_redirect, user.nickname)) + + assert html_response(conn, 200) =~ user.nickname + end + + test "404 when user not found", %{conn: conn} do + conn = get(conn, user_feed_path(conn, :feed_redirect, "nonexistinguser")) + + assert html_response(conn, 404) =~ "not found" + end + + test "profile does not include private messages", %{conn: conn, user: user} do + CommonAPI.post(user, %{status: "public"}) + CommonAPI.post(user, %{status: "private", visibility: "private"}) + + conn = get(conn, user_feed_path(conn, :feed_redirect, user.nickname)) + + html = html_response(conn, 200) + + assert html =~ ">public<" + refute html =~ ">private<" + end + + test "pagination", %{conn: conn, user: user} do + Enum.each(1..30, &CommonAPI.post(user, %{status: "test#{&1}"})) + conn = get(conn, user_feed_path(conn, :feed_redirect, user.nickname)) + + html = html_response(conn, 200) + + assert html =~ ">test30<" + assert html =~ ">test11<" + refute html =~ ">test10<" + refute html =~ ">test1<" + end + + test "pagination, page 2", %{conn: conn, user: user} do + activities = Enum.map(1..30, fn i -> CommonAPI.post(user, %{status: "test#{i}"}) end) + {:ok, a11} = Enum.at(activities, 11) + + conn = get(conn, user_feed_path(conn, :feed_redirect, user.nickname, max_id: a11.id)) + + html = html_response(conn, 200) + + assert html =~ ">test1<" + assert html =~ ">test10<" + refute html =~ ">test20<" + refute html =~ ">test29<" + end + + test "it requires authentication if instance is NOT federating", %{conn: conn, user: user} do + ensure_federating_or_authenticated( + conn, + user_feed_path(conn, :feed_redirect, user.nickname), + user + ) + end + end + + describe "notice html" do + test "single notice page", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"}) + + conn = get(conn, o_status_path(conn, :notice, activity.id)) + + html = html_response(conn, 200) + assert html =~ "<header>" + assert html =~ user.nickname + assert html =~ "testing a thing!" + end + + test "redirects to json if requested", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"}) + + conn = + conn + |> put_req_header( + "accept", + "Accept: application/activity+json, application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\", text/html" + ) + |> get("/notice/#{activity.id}") + + assert redirected_to(conn, 302) =~ activity.data["object"] + end + + test "filters HTML tags", %{conn: conn} do + user = insert(:user) + {:ok, activity} = CommonAPI.post(user, %{status: "<script>alert('xss')</script>"}) + + conn = + conn + |> put_req_header("accept", "text/html") + |> get(o_status_path(conn, :notice, activity.id)) + + html = html_response(conn, 200) + assert html =~ ~s[<script>alert('xss')</script>] + end + + test "shows the whole thread", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "space: the final frontier"}) + + CommonAPI.post(user, %{ + status: "these are the voyages or something", + in_reply_to_status_id: activity.id + }) + + conn = get(conn, o_status_path(conn, :notice, activity.id)) + + html = html_response(conn, 200) + assert html =~ "the final frontier" + assert html =~ "voyages" + end + + test "redirect by AP object ID", %{conn: conn, user: user} do + {:ok, %Activity{data: %{"object" => object_url}}} = + CommonAPI.post(user, %{status: "beam me up"}) + + conn = get(conn, URI.parse(object_url).path) + + assert html_response(conn, 302) =~ "redirected" + end + + test "redirect by activity ID", %{conn: conn, user: user} do + {:ok, %Activity{data: %{"id" => id}}} = + CommonAPI.post(user, %{status: "I'm a doctor, not a devops!"}) + + conn = get(conn, URI.parse(id).path) + + assert html_response(conn, 302) =~ "redirected" + end + + test "404 when notice not found", %{conn: conn} do + conn = get(conn, o_status_path(conn, :notice, "nonexistingnotice")) + + assert html_response(conn, 404) =~ "not found" + end + + test "404 for private status", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "don't show me!", visibility: "private"}) + + conn = get(conn, o_status_path(conn, :notice, activity.id)) + + assert html_response(conn, 404) =~ "not found" + end + + test "302 for remote cached status", %{conn: conn, user: user} do + message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "to" => user.follower_address, + "cc" => "https://www.w3.org/ns/activitystreams#Public", + "type" => "Create", + "object" => %{ + "content" => "blah blah blah", + "type" => "Note", + "attributedTo" => user.ap_id, + "inReplyTo" => nil + }, + "actor" => user.ap_id + } + + assert {:ok, activity} = Transmogrifier.handle_incoming(message) + + conn = get(conn, o_status_path(conn, :notice, activity.id)) + + assert html_response(conn, 302) =~ "redirected" + end + + test "it requires authentication if instance is NOT federating", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"}) + + ensure_federating_or_authenticated(conn, o_status_path(conn, :notice, activity.id), user) + end + end +end |