diff options
Diffstat (limited to 'test/web')
| -rw-r--r-- | test/web/activity_pub/activity_pub_controller_test.exs | 99 | ||||
| -rw-r--r-- | test/web/activity_pub/transmogrifier/follow_handling_test.exs | 19 | ||||
| -rw-r--r-- | test/web/activity_pub/transmogrifier_test.exs | 2 | ||||
| -rw-r--r-- | test/web/admin_api/admin_api_controller_test.exs | 12 | ||||
| -rw-r--r-- | test/web/admin_api/config_test.exs | 24 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 109 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_test.exs | 7 | ||||
| -rw-r--r-- | test/web/mastodon_api/views/status_view_test.exs | 29 | ||||
| -rw-r--r-- | test/web/pleroma_api/pleroma_api_controller_test.exs | 56 | ||||
| -rw-r--r-- | test/web/twitter_api/representers/object_representer_test.exs | 60 | ||||
| -rw-r--r-- | test/web/twitter_api/twitter_api_controller_test.exs | 2150 | ||||
| -rw-r--r-- | test/web/twitter_api/twitter_api_test.exs | 305 | ||||
| -rw-r--r-- | test/web/twitter_api/util_controller_test.exs | 139 | ||||
| -rw-r--r-- | test/web/twitter_api/views/activity_view_test.exs | 384 | ||||
| -rw-r--r-- | test/web/twitter_api/views/notification_view_test.exs | 112 | ||||
| -rw-r--r-- | test/web/twitter_api/views/user_view_test.exs | 323 |
16 files changed, 447 insertions, 3383 deletions
diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 5192e734f..9698c7099 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -175,6 +175,49 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert json_response(conn, 404) end + + test "it caches a response", %{conn: conn} do + note = insert(:note) + uuid = String.split(note.data["id"], "/") |> List.last() + + conn1 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert json_response(conn1, :ok) + assert Enum.any?(conn1.resp_headers, &(&1 == {"x-cache", "MISS from Pleroma"})) + + conn2 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert json_response(conn1, :ok) == json_response(conn2, :ok) + assert Enum.any?(conn2.resp_headers, &(&1 == {"x-cache", "HIT from Pleroma"})) + end + + test "cached purged after object deletion", %{conn: conn} do + note = insert(:note) + uuid = String.split(note.data["id"], "/") |> List.last() + + conn1 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert json_response(conn1, :ok) + assert Enum.any?(conn1.resp_headers, &(&1 == {"x-cache", "MISS from Pleroma"})) + + Object.delete(note) + + conn2 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert "Not found" == json_response(conn2, :not_found) + end end describe "/object/:uuid/likes" do @@ -264,6 +307,51 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert json_response(conn, 404) end + + test "it caches a response", %{conn: conn} do + activity = insert(:note_activity) + uuid = String.split(activity.data["id"], "/") |> List.last() + + conn1 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert json_response(conn1, :ok) + assert Enum.any?(conn1.resp_headers, &(&1 == {"x-cache", "MISS from Pleroma"})) + + conn2 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert json_response(conn1, :ok) == json_response(conn2, :ok) + assert Enum.any?(conn2.resp_headers, &(&1 == {"x-cache", "HIT from Pleroma"})) + end + + test "cached purged after activity deletion", %{conn: conn} do + user = insert(:user) + {:ok, activity} = CommonAPI.post(user, %{"status" => "cofe"}) + + uuid = String.split(activity.data["id"], "/") |> List.last() + + conn1 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert json_response(conn1, :ok) + assert Enum.any?(conn1.resp_headers, &(&1 == {"x-cache", "MISS from Pleroma"})) + + Activity.delete_by_ap_id(activity.object.data["id"]) + + conn2 = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/activities/#{uuid}") + + assert "Not found" == json_response(conn2, :not_found) + end end describe "/inbox" do @@ -365,6 +453,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert json_response(conn, 403) end + test "it doesn't crash without an authenticated user", %{conn: conn} do + user = insert(:user) + + conn = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}/inbox") + + assert json_response(conn, 403) + end + test "it returns a note activity in a collection", %{conn: conn} do note_activity = insert(:direct_note_activity) note_object = Object.normalize(note_activity) diff --git a/test/web/activity_pub/transmogrifier/follow_handling_test.exs b/test/web/activity_pub/transmogrifier/follow_handling_test.exs index 857d65564..fe89f7cb0 100644 --- a/test/web/activity_pub/transmogrifier/follow_handling_test.exs +++ b/test/web/activity_pub/transmogrifier/follow_handling_test.exs @@ -19,6 +19,25 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.FollowHandlingTest do end describe "handle_incoming" do + test "it works for osada follow request" do + user = insert(:user) + + data = + File.read!("test/fixtures/osada-follow-activity.json") + |> Poison.decode!() + |> Map.put("object", user.ap_id) + + {:ok, %Activity{data: data, local: false} = activity} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "https://apfed.club/channel/indio" + assert data["type"] == "Follow" + assert data["id"] == "https://apfed.club/follow/9" + + activity = Repo.get(Activity, activity.id) + assert activity.data["state"] == "accept" + assert User.following?(User.get_cached_by_ap_id(data["actor"]), user) + end + test "it works for incoming follow requests" do user = insert(:user) diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 20d274a02..136c8034c 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -102,7 +102,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do assert capture_log(fn -> {:ok, _returned_activity} = Transmogrifier.handle_incoming(data) - end) =~ "[error] Couldn't fetch \"\"https://404.site/whatever\"\", error: nil" + end) =~ "[error] Couldn't fetch \"https://404.site/whatever\", error: nil" end test "it works for incoming notices" do diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 4e2c27431..3b6d75a4c 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -1779,7 +1779,11 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{"tuple" => [":seconds_valid", 60]}, %{"tuple" => [":path", ""]}, %{"tuple" => [":key1", nil]}, - %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]} + %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]}, + %{"tuple" => [":regex1", "~r/https:\/\/example.com/"]}, + %{"tuple" => [":regex2", "~r/https:\/\/example.com/u"]}, + %{"tuple" => [":regex3", "~r/https:\/\/example.com/i"]}, + %{"tuple" => [":regex4", "~r/https:\/\/example.com/s"]} ] } ] @@ -1796,7 +1800,11 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{"tuple" => [":seconds_valid", 60]}, %{"tuple" => [":path", ""]}, %{"tuple" => [":key1", nil]}, - %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]} + %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]}, + %{"tuple" => [":regex1", "~r/https:\\/\\/example.com/"]}, + %{"tuple" => [":regex2", "~r/https:\\/\\/example.com/u"]}, + %{"tuple" => [":regex3", "~r/https:\\/\\/example.com/i"]}, + %{"tuple" => [":regex4", "~r/https:\\/\\/example.com/s"]} ] } ] diff --git a/test/web/admin_api/config_test.exs b/test/web/admin_api/config_test.exs index 3190dc1c8..204446b79 100644 --- a/test/web/admin_api/config_test.exs +++ b/test/web/admin_api/config_test.exs @@ -103,6 +103,30 @@ defmodule Pleroma.Web.AdminAPI.ConfigTest do assert Config.from_binary(binary) == ~r/comp[lL][aA][iI][nN]er/ end + test "link sigil" do + binary = Config.transform("~r/https:\/\/example.com/") + assert binary == :erlang.term_to_binary(~r/https:\/\/example.com/) + assert Config.from_binary(binary) == ~r/https:\/\/example.com/ + end + + test "link sigil with u modifier" do + binary = Config.transform("~r/https:\/\/example.com/u") + assert binary == :erlang.term_to_binary(~r/https:\/\/example.com/u) + assert Config.from_binary(binary) == ~r/https:\/\/example.com/u + end + + test "link sigil with i modifier" do + binary = Config.transform("~r/https:\/\/example.com/i") + assert binary == :erlang.term_to_binary(~r/https:\/\/example.com/i) + assert Config.from_binary(binary) == ~r/https:\/\/example.com/i + end + + test "link sigil with s modifier" do + binary = Config.transform("~r/https:\/\/example.com/s") + assert binary == :erlang.term_to_binary(~r/https:\/\/example.com/s) + assert Config.from_binary(binary) == ~r/https:\/\/example.com/s + end + test "2 child tuple" do binary = Config.transform(%{"tuple" => ["v1", ":v2"]}) assert binary == :erlang.term_to_binary({"v1", :v2}) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 4fd0a5aeb..f4902d043 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -21,7 +21,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do alias Pleroma.Web.OAuth.Token alias Pleroma.Web.OStatus alias Pleroma.Web.Push - alias Pleroma.Web.TwitterAPI.TwitterAPI import Pleroma.Factory import ExUnit.CaptureLog import Tesla.Mock @@ -745,6 +744,16 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert id == to_string(activity.id) end + test "get statuses by IDs", %{conn: conn} do + %{id: id1} = insert(:note_activity) + %{id: id2} = insert(:note_activity) + + query_string = "ids[]=#{id1}&ids[]=#{id2}" + conn = get(conn, "/api/v1/statuses/?#{query_string}") + + assert [%{"id" => ^id1}, %{"id" => ^id2}] = json_response(conn, :ok) + end + describe "deleting a status" do test "when you created it", %{conn: conn} do activity = insert(:note_activity) @@ -1484,12 +1493,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do filename: "an_image.jpg" } - media = - TwitterAPI.upload(file, user, "json") - |> Jason.decode!() + {:ok, %{id: media_id}} = ActivityPub.upload(file, actor: user.ap_id) - {:ok, image_post} = - CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]}) + {:ok, image_post} = CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) conn = conn @@ -1675,32 +1681,85 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do end end - test "account fetching", %{conn: conn} do - user = insert(:user) + describe "account fetching" do + test "works by id" do + user = insert(:user) - conn = - conn - |> get("/api/v1/accounts/#{user.id}") + conn = + build_conn() + |> get("/api/v1/accounts/#{user.id}") - assert %{"id" => id} = json_response(conn, 200) - assert id == to_string(user.id) + assert %{"id" => id} = json_response(conn, 200) + assert id == to_string(user.id) - conn = - build_conn() - |> get("/api/v1/accounts/-1") + conn = + build_conn() + |> get("/api/v1/accounts/-1") - assert %{"error" => "Can't find user"} = json_response(conn, 404) - end + assert %{"error" => "Can't find user"} = json_response(conn, 404) + end - test "account fetching also works nickname", %{conn: conn} do - user = insert(:user) + test "works by nickname" do + user = insert(:user) - conn = - conn - |> get("/api/v1/accounts/#{user.nickname}") + conn = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") - assert %{"id" => id} = json_response(conn, 200) - assert id == user.id + assert %{"id" => id} = json_response(conn, 200) + assert id == user.id + end + + test "works by nickname for remote users" do + limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content]) + Pleroma.Config.put([:instance, :limit_to_local_content], false) + user = insert(:user, nickname: "user@example.com", local: false) + + conn = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + + Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local) + assert %{"id" => id} = json_response(conn, 200) + assert id == user.id + end + + test "respects limit_to_local_content == :all for remote user nicknames" do + limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content]) + Pleroma.Config.put([:instance, :limit_to_local_content], :all) + + user = insert(:user, nickname: "user@example.com", local: false) + + conn = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + + Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local) + assert json_response(conn, 404) + end + + test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do + limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content]) + Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated) + + user = insert(:user, nickname: "user@example.com", local: false) + reading_user = insert(:user) + + conn = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + + assert json_response(conn, 404) + + conn = + build_conn() + |> assign(:user, reading_user) + |> get("/api/v1/accounts/#{user.nickname}") + + Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local) + assert %{"id" => id} = json_response(conn, 200) + assert id == user.id + end end test "mascot upload", %{conn: conn} do diff --git a/test/web/mastodon_api/mastodon_api_test.exs b/test/web/mastodon_api/mastodon_api_test.exs index b4c0427c9..7fcb2bd55 100644 --- a/test/web/mastodon_api/mastodon_api_test.exs +++ b/test/web/mastodon_api/mastodon_api_test.exs @@ -8,8 +8,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPITest do alias Pleroma.Notification alias Pleroma.ScheduledActivity alias Pleroma.User + alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.MastodonAPI - alias Pleroma.Web.TwitterAPI.TwitterAPI import Pleroma.Factory @@ -75,8 +75,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPITest do User.subscribe(subscriber, user) - {:ok, status} = TwitterAPI.create_status(user, %{"status" => "Akariiiin"}) - {:ok, status1} = TwitterAPI.create_status(user, %{"status" => "Magi"}) + {:ok, status} = CommonAPI.post(user, %{"status" => "Akariiiin"}) + + {:ok, status1} = CommonAPI.post(user, %{"status" => "Magi"}) {:ok, [notification]} = Notification.create_notifications(status) {:ok, [notification1]} = Notification.create_notifications(status1) res = MastodonAPI.get_notifications(subscriber) diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs index 1b6beb6d2..fcdd7fbcb 100644 --- a/test/web/mastodon_api/views/status_view_test.exs +++ b/test/web/mastodon_api/views/status_view_test.exs @@ -150,7 +150,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do content: %{"text/plain" => HtmlSanitizeEx.strip_tags(object_data["content"])}, spoiler_text: %{"text/plain" => HtmlSanitizeEx.strip_tags(object_data["summary"])}, expires_at: nil, - direct_conversation_id: nil + direct_conversation_id: nil, + thread_muted: false } } @@ -173,6 +174,24 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do assert status.muted == true end + test "tells if the message is thread muted" do + user = insert(:user) + other_user = insert(:user) + + {:ok, user} = User.mute(user, other_user) + + {:ok, activity} = CommonAPI.post(other_user, %{"status" => "test"}) + status = StatusView.render("status.json", %{activity: activity, for: user}) + + assert status.pleroma.thread_muted == false + + {:ok, activity} = CommonAPI.add_mute(user, activity) + + status = StatusView.render("status.json", %{activity: activity, for: user}) + + assert status.pleroma.thread_muted == true + end + test "tells if the status is bookmarked" do user = insert(:user) @@ -532,6 +551,14 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do assert Enum.at(result[:options], 1)[:votes_count] == 1 assert Enum.at(result[:options], 2)[:votes_count] == 1 end + + test "does not crash on polls with no end date" do + object = Object.normalize("https://skippers-bin.com/notes/7x9tmrp97i") + result = StatusView.render("poll.json", %{object: object}) + + assert result[:expires_at] == nil + assert result[:expired] == false + end end test "embeds a relationship in the account" do diff --git a/test/web/pleroma_api/pleroma_api_controller_test.exs b/test/web/pleroma_api/pleroma_api_controller_test.exs index fa85d9174..3c2a087ca 100644 --- a/test/web/pleroma_api/pleroma_api_controller_test.exs +++ b/test/web/pleroma_api/pleroma_api_controller_test.exs @@ -6,6 +6,7 @@ defmodule Pleroma.Web.PleromaAPI.PleromaAPIControllerTest do use Pleroma.Web.ConnCase alias Pleroma.Conversation.Participation + alias Pleroma.Notification alias Pleroma.Repo alias Pleroma.Web.CommonAPI @@ -130,4 +131,59 @@ defmodule Pleroma.Web.PleromaAPI.PleromaAPIControllerTest do assert user in participation.recipients assert other_user in participation.recipients end + + describe "POST /api/v1/pleroma/notifications/read" do + test "it marks a single notification as read", %{conn: conn} do + user1 = insert(:user) + user2 = insert(:user) + {:ok, activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) + {:ok, activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) + {:ok, [notification1]} = Notification.create_notifications(activity1) + {:ok, [notification2]} = Notification.create_notifications(activity2) + + response = + conn + |> assign(:user, user1) + |> post("/api/v1/pleroma/notifications/read", %{"id" => "#{notification1.id}"}) + |> json_response(:ok) + + assert %{"pleroma" => %{"is_seen" => true}} = response + assert Repo.get(Notification, notification1.id).seen + refute Repo.get(Notification, notification2.id).seen + end + + test "it marks multiple notifications as read", %{conn: conn} do + user1 = insert(:user) + user2 = insert(:user) + {:ok, _activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) + {:ok, _activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) + {:ok, _activity3} = CommonAPI.post(user2, %{"status" => "HIE @#{user1.nickname}"}) + + [notification3, notification2, notification1] = Notification.for_user(user1, %{limit: 3}) + + [response1, response2] = + conn + |> assign(:user, user1) + |> post("/api/v1/pleroma/notifications/read", %{"max_id" => "#{notification2.id}"}) + |> json_response(:ok) + + assert %{"pleroma" => %{"is_seen" => true}} = response1 + assert %{"pleroma" => %{"is_seen" => true}} = response2 + assert Repo.get(Notification, notification1.id).seen + assert Repo.get(Notification, notification2.id).seen + refute Repo.get(Notification, notification3.id).seen + end + + test "it returns error when notification not found", %{conn: conn} do + user1 = insert(:user) + + response = + conn + |> assign(:user, user1) + |> post("/api/v1/pleroma/notifications/read", %{"id" => "22222222222222"}) + |> json_response(:bad_request) + + assert response == %{"error" => "Cannot get notification"} + end + end end diff --git a/test/web/twitter_api/representers/object_representer_test.exs b/test/web/twitter_api/representers/object_representer_test.exs deleted file mode 100644 index c3cf330f1..000000000 --- a/test/web/twitter_api/representers/object_representer_test.exs +++ /dev/null @@ -1,60 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.TwitterAPI.Representers.ObjectReprenterTest do - use Pleroma.DataCase - - alias Pleroma.Object - alias Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter - - test "represent an image attachment" do - object = %Object{ - id: 5, - data: %{ - "type" => "Image", - "url" => [ - %{ - "mediaType" => "sometype", - "href" => "someurl" - } - ], - "uuid" => 6 - } - } - - expected_object = %{ - id: 6, - url: "someurl", - mimetype: "sometype", - oembed: false, - description: nil - } - - assert expected_object == ObjectRepresenter.to_map(object) - end - - test "represents mastodon-style attachments" do - object = %Object{ - id: nil, - data: %{ - "mediaType" => "image/png", - "name" => "blabla", - "type" => "Document", - "url" => - "http://mastodon.example.org/system/media_attachments/files/000/000/001/original/8619f31c6edec470.png" - } - } - - expected_object = %{ - url: - "http://mastodon.example.org/system/media_attachments/files/000/000/001/original/8619f31c6edec470.png", - mimetype: "image/png", - oembed: false, - id: nil, - description: "blabla" - } - - assert expected_object == ObjectRepresenter.to_map(object) - end -end diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs deleted file mode 100644 index 8ef14b4c5..000000000 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ /dev/null @@ -1,2150 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.TwitterAPI.ControllerTest do - use Pleroma.Web.ConnCase - alias Comeonin.Pbkdf2 - alias Ecto.Changeset - alias Pleroma.Activity - alias Pleroma.Builders.ActivityBuilder - alias Pleroma.Builders.UserBuilder - alias Pleroma.Notification - alias Pleroma.Object - alias Pleroma.Repo - alias Pleroma.User - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.CommonAPI - alias Pleroma.Web.OAuth.Token - alias Pleroma.Web.TwitterAPI.ActivityView - alias Pleroma.Web.TwitterAPI.Controller - alias Pleroma.Web.TwitterAPI.NotificationView - alias Pleroma.Web.TwitterAPI.TwitterAPI - alias Pleroma.Web.TwitterAPI.UserView - - import Mock - import Pleroma.Factory - import Swoosh.TestAssertions - - @banner "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7" - - describe "POST /api/account/update_profile_banner" do - test "it updates the banner", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post(authenticated_twitter_api__path(conn, :update_banner), %{"banner" => @banner}) - |> json_response(200) - - user = refresh_record(user) - assert user.info.banner["type"] == "Image" - end - - test "profile banner can be reset", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post(authenticated_twitter_api__path(conn, :update_banner), %{"banner" => ""}) - |> json_response(200) - - user = refresh_record(user) - assert user.info.banner == %{} - end - end - - describe "POST /api/qvitter/update_background_image" do - test "it updates the background", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post(authenticated_twitter_api__path(conn, :update_background), %{"img" => @banner}) - |> json_response(200) - - user = refresh_record(user) - assert user.info.background["type"] == "Image" - end - - test "background can be reset", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post(authenticated_twitter_api__path(conn, :update_background), %{"img" => ""}) - |> json_response(200) - - user = refresh_record(user) - assert user.info.background == %{} - end - end - - describe "POST /api/account/verify_credentials" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/account/verify_credentials.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: user} do - response = - conn - |> with_credentials(user.nickname, "test") - |> post("/api/account/verify_credentials.json") - |> json_response(200) - - assert response == - UserView.render("show.json", %{user: user, token: response["token"], for: user}) - end - end - - describe "POST /statuses/update.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/statuses/update.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: user} do - conn_with_creds = conn |> with_credentials(user.nickname, "test") - request_path = "/api/statuses/update.json" - - error_response = %{ - "request" => request_path, - "error" => "Client must provide a 'status' parameter with a value." - } - - conn = - conn_with_creds - |> post(request_path) - - assert json_response(conn, 400) == error_response - - conn = - conn_with_creds - |> post(request_path, %{status: ""}) - - assert json_response(conn, 400) == error_response - - conn = - conn_with_creds - |> post(request_path, %{status: " "}) - - assert json_response(conn, 400) == error_response - - # we post with visibility private in order to avoid triggering relay - conn = - conn_with_creds - |> post(request_path, %{status: "Nice meme.", visibility: "private"}) - - assert json_response(conn, 200) == - ActivityView.render("activity.json", %{ - activity: Repo.one(Activity), - user: user, - for: user - }) - end - end - - describe "GET /statuses/public_timeline.json" do - setup [:valid_user] - clear_config([:instance, :public]) - - test "returns statuses", %{conn: conn} do - user = insert(:user) - activities = ActivityBuilder.insert_list(30, %{}, %{user: user}) - ActivityBuilder.insert_list(10, %{}, %{user: user}) - since_id = List.last(activities).id - - conn = - conn - |> get("/api/statuses/public_timeline.json", %{since_id: since_id}) - - response = json_response(conn, 200) - - assert length(response) == 10 - end - - test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do - Pleroma.Config.put([:instance, :public], false) - - conn - |> get("/api/statuses/public_timeline.json") - |> json_response(403) - end - - test "returns 200 to authenticated request when the instance is not public", - %{conn: conn, user: user} do - Pleroma.Config.put([:instance, :public], false) - - conn - |> with_credentials(user.nickname, "test") - |> get("/api/statuses/public_timeline.json") - |> json_response(200) - end - - test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do - conn - |> get("/api/statuses/public_timeline.json") - |> json_response(200) - end - - test "returns 200 to authenticated request when the instance is public", - %{conn: conn, user: user} do - conn - |> with_credentials(user.nickname, "test") - |> get("/api/statuses/public_timeline.json") - |> json_response(200) - end - - test_with_mock "treats user as unauthenticated if `assigns[:token]` is present but lacks `read` permission", - Controller, - [:passthrough], - [] do - token = insert(:oauth_token, scopes: ["write"]) - - build_conn() - |> put_req_header("authorization", "Bearer #{token.token}") - |> get("/api/statuses/public_timeline.json") - |> json_response(200) - - assert called(Controller.public_timeline(%{assigns: %{user: nil}}, :_)) - end - end - - describe "GET /statuses/public_and_external_timeline.json" do - setup [:valid_user] - clear_config([:instance, :public]) - - test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do - Pleroma.Config.put([:instance, :public], false) - - conn - |> get("/api/statuses/public_and_external_timeline.json") - |> json_response(403) - end - - test "returns 200 to authenticated request when the instance is not public", - %{conn: conn, user: user} do - Pleroma.Config.put([:instance, :public], false) - - conn - |> with_credentials(user.nickname, "test") - |> get("/api/statuses/public_and_external_timeline.json") - |> json_response(200) - end - - test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do - conn - |> get("/api/statuses/public_and_external_timeline.json") - |> json_response(200) - end - - test "returns 200 to authenticated request when the instance is public", - %{conn: conn, user: user} do - conn - |> with_credentials(user.nickname, "test") - |> get("/api/statuses/public_and_external_timeline.json") - |> json_response(200) - end - end - - describe "GET /statuses/show/:id.json" do - test "returns one status", %{conn: conn} do - user = insert(:user) - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"}) - actor = User.get_cached_by_ap_id(activity.data["actor"]) - - conn = - conn - |> get("/api/statuses/show/#{activity.id}.json") - - response = json_response(conn, 200) - - assert response == ActivityView.render("activity.json", %{activity: activity, user: actor}) - end - end - - describe "GET /users/show.json" do - test "gets user with screen_name", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> get("/api/users/show.json", %{"screen_name" => user.nickname}) - - response = json_response(conn, 200) - - assert response["id"] == user.id - end - - test "gets user with user_id", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> get("/api/users/show.json", %{"user_id" => user.id}) - - response = json_response(conn, 200) - - assert response["id"] == user.id - end - - test "gets a user for a logged in user", %{conn: conn} do - user = insert(:user) - logged_in = insert(:user) - - {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id}) - - conn = - conn - |> with_credentials(logged_in.nickname, "test") - |> get("/api/users/show.json", %{"user_id" => user.id}) - - response = json_response(conn, 200) - - assert response["following"] == true - end - end - - describe "GET /statusnet/conversation/:id.json" do - test "returns the statuses in the conversation", %{conn: conn} do - {:ok, _user} = UserBuilder.insert() - {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"}) - {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"}) - {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"}) - - conn = - conn - |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json") - - response = json_response(conn, 200) - - assert length(response) == 2 - end - end - - describe "GET /statuses/friends_timeline.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = get(conn, "/api/statuses/friends_timeline.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - user = insert(:user) - - activities = - ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user}) - - returned_activities = - ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user}) - - other_user = insert(:user) - ActivityBuilder.insert_list(10, %{}, %{user: other_user}) - since_id = List.last(activities).id - - current_user = - Changeset.change(current_user, following: [User.ap_followers(user)]) - |> Repo.update!() - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/friends_timeline.json", %{since_id: since_id}) - - response = json_response(conn, 200) - - assert length(response) == 10 - - assert response == - Enum.map(returned_activities, fn activity -> - ActivityView.render("activity.json", %{ - activity: activity, - user: User.get_cached_by_ap_id(activity.data["actor"]), - for: current_user - }) - end) - end - end - - describe "GET /statuses/dm_timeline.json" do - test "it show direct messages", %{conn: conn} do - user_one = insert(:user) - user_two = insert(:user) - - {:ok, user_two} = User.follow(user_two, user_one) - - {:ok, direct} = - CommonAPI.post(user_one, %{ - "status" => "Hi @#{user_two.nickname}!", - "visibility" => "direct" - }) - - {:ok, direct_two} = - CommonAPI.post(user_two, %{ - "status" => "Hi @#{user_one.nickname}!", - "visibility" => "direct" - }) - - {:ok, _follower_only} = - CommonAPI.post(user_one, %{ - "status" => "Hi @#{user_two.nickname}!", - "visibility" => "private" - }) - - # Only direct should be visible here - res_conn = - conn - |> assign(:user, user_two) - |> get("/api/statuses/dm_timeline.json") - - [status, status_two] = json_response(res_conn, 200) - assert status["id"] == direct_two.id - assert status_two["id"] == direct.id - end - - test "doesn't include DMs from blocked users", %{conn: conn} do - blocker = insert(:user) - blocked = insert(:user) - user = insert(:user) - {:ok, blocker} = User.block(blocker, blocked) - - {:ok, _blocked_direct} = - CommonAPI.post(blocked, %{ - "status" => "Hi @#{blocker.nickname}!", - "visibility" => "direct" - }) - - {:ok, direct} = - CommonAPI.post(user, %{ - "status" => "Hi @#{blocker.nickname}!", - "visibility" => "direct" - }) - - res_conn = - conn - |> assign(:user, blocker) - |> get("/api/statuses/dm_timeline.json") - - [status] = json_response(res_conn, 200) - assert status["id"] == direct.id - end - end - - describe "GET /statuses/mentions.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = get(conn, "/api/statuses/mentions.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - {:ok, activity} = - CommonAPI.post(current_user, %{ - "status" => "why is tenshi eating a corndog so cute?", - "visibility" => "public" - }) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/mentions.json") - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{ - user: current_user, - for: current_user, - activity: activity - }) - end - - test "does not show DMs in mentions timeline", %{conn: conn, user: current_user} do - {:ok, _activity} = - CommonAPI.post(current_user, %{ - "status" => "Have you guys ever seen how cute tenshi eating a corndog is?", - "visibility" => "direct" - }) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/mentions.json") - - response = json_response(conn, 200) - - assert Enum.empty?(response) - end - end - - describe "GET /api/qvitter/statuses/notifications.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = get(conn, "/api/qvitter/statuses/notifications.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - other_user = insert(:user) - - {:ok, _activity} = - ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/qvitter/statuses/notifications.json") - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert response == - NotificationView.render("notification.json", %{ - notifications: Notification.for_user(current_user), - for: current_user - }) - end - - test "muted user", %{conn: conn, user: current_user} do - other_user = insert(:user) - - {:ok, current_user} = User.mute(current_user, other_user) - - {:ok, _activity} = - ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/qvitter/statuses/notifications.json") - - assert json_response(conn, 200) == [] - end - - test "muted user with with_muted parameter", %{conn: conn, user: current_user} do - other_user = insert(:user) - - {:ok, current_user} = User.mute(current_user, other_user) - - {:ok, _activity} = - ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/qvitter/statuses/notifications.json", %{"with_muted" => "true"}) - - assert length(json_response(conn, 200)) == 1 - end - end - - describe "POST /api/qvitter/statuses/notifications/read" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567}) - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials, without any params", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/qvitter/statuses/notifications/read") - - assert json_response(conn, 400) == %{ - "error" => "You need to specify latest_id", - "request" => "/api/qvitter/statuses/notifications/read" - } - end - - test "with credentials, with params", %{conn: conn, user: current_user} do - other_user = insert(:user) - - {:ok, _activity} = - ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user}) - - response_conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/qvitter/statuses/notifications.json") - - [notification] = response = json_response(response_conn, 200) - - assert length(response) == 1 - - assert notification["is_seen"] == 0 - - response_conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]}) - - [notification] = response = json_response(response_conn, 200) - - assert length(response) == 1 - - assert notification["is_seen"] == 1 - end - end - - describe "GET /statuses/user_timeline.json" do - setup [:valid_user] - - test "without any params", %{conn: conn} do - conn = get(conn, "/api/statuses/user_timeline.json") - - assert json_response(conn, 400) == %{ - "error" => "You need to specify screen_name or user_id", - "request" => "/api/statuses/user_timeline.json" - } - end - - test "with user_id", %{conn: conn} do - user = insert(:user) - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user}) - - conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id}) - response = json_response(conn, 200) - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - end - - test "with screen_name", %{conn: conn} do - user = insert(:user) - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user}) - - conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname}) - response = json_response(conn, 200) - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - end - - test "with credentials", %{conn: conn, user: current_user} do - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/user_timeline.json") - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{ - user: current_user, - for: current_user, - activity: activity - }) - end - - test "with credentials with user_id", %{conn: conn, user: current_user} do - user = insert(:user) - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id}) - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - end - - test "with credentials screen_name", %{conn: conn, user: current_user} do - user = insert(:user) - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname}) - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - end - - test "with credentials with user_id, excluding RTs", %{conn: conn, user: current_user} do - user = insert(:user) - {:ok, activity} = ActivityBuilder.insert(%{"id" => 1, "type" => "Create"}, %{user: user}) - {:ok, _} = ActivityBuilder.insert(%{"id" => 2, "type" => "Announce"}, %{user: user}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/statuses/user_timeline.json", %{ - "user_id" => user.id, - "include_rts" => "false" - }) - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - - conn = - conn - |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id, "include_rts" => "0"}) - - response = json_response(conn, 200) - - assert length(response) == 1 - - assert Enum.at(response, 0) == - ActivityView.render("activity.json", %{user: user, activity: activity}) - end - end - - describe "POST /friendships/create.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/friendships/create.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - followed = insert(:user) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/friendships/create.json", %{user_id: followed.id}) - - current_user = User.get_cached_by_id(current_user.id) - assert User.ap_followers(followed) in current_user.following - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: followed, for: current_user}) - end - - test "for restricted account", %{conn: conn, user: current_user} do - followed = insert(:user, info: %User.Info{locked: true}) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/friendships/create.json", %{user_id: followed.id}) - - current_user = User.get_cached_by_id(current_user.id) - followed = User.get_cached_by_id(followed.id) - - refute User.ap_followers(followed) in current_user.following - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: followed, for: current_user}) - end - end - - describe "POST /friendships/destroy.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/friendships/destroy.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - followed = insert(:user) - - {:ok, current_user} = User.follow(current_user, followed) - assert User.ap_followers(followed) in current_user.following - ActivityPub.follow(current_user, followed) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/friendships/destroy.json", %{user_id: followed.id}) - - current_user = User.get_cached_by_id(current_user.id) - assert current_user.following == [current_user.ap_id] - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: followed, for: current_user}) - end - end - - describe "POST /blocks/create.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/blocks/create.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - blocked = insert(:user) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/blocks/create.json", %{user_id: blocked.id}) - - current_user = User.get_cached_by_id(current_user.id) - assert User.blocks?(current_user, blocked) - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: blocked, for: current_user}) - end - end - - describe "POST /blocks/destroy.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/blocks/destroy.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - blocked = insert(:user) - - {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id}) - assert User.blocks?(current_user, blocked) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/blocks/destroy.json", %{user_id: blocked.id}) - - current_user = User.get_cached_by_id(current_user.id) - assert current_user.info.blocks == [] - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: blocked, for: current_user}) - end - end - - describe "GET /help/test.json" do - test "returns \"ok\"", %{conn: conn} do - conn = get(conn, "/api/help/test.json") - assert json_response(conn, 200) == "ok" - end - end - - describe "POST /api/qvitter/update_avatar.json" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - conn = post(conn, "/api/qvitter/update_avatar.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - avatar_image = File.read!("test/fixtures/avatar_data_uri") - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/qvitter/update_avatar.json", %{img: avatar_image}) - - current_user = User.get_cached_by_id(current_user.id) - assert is_map(current_user.avatar) - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: current_user, for: current_user}) - end - - test "user avatar can be reset", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/qvitter/update_avatar.json", %{img: ""}) - - current_user = User.get_cached_by_id(current_user.id) - assert current_user.avatar == nil - - assert json_response(conn, 200) == - UserView.render("show.json", %{user: current_user, for: current_user}) - end - end - - describe "GET /api/qvitter/mutes.json" do - setup [:valid_user] - - test "unimplemented mutes without valid credentials", %{conn: conn} do - conn = get(conn, "/api/qvitter/mutes.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do - response = - conn - |> with_credentials(current_user.nickname, "test") - |> get("/api/qvitter/mutes.json") - |> json_response(200) - - assert [] = response - end - end - - describe "POST /api/favorites/create/:id" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/favorites/create/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - note_activity = insert(:note_activity) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/favorites/create/#{note_activity.id}.json") - - assert json_response(conn, 200) - end - - test "with credentials, invalid param", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/favorites/create/wrong.json") - - assert json_response(conn, 400) - end - - test "with credentials, invalid activity", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/favorites/create/1.json") - - assert json_response(conn, 400) - end - end - - describe "POST /api/favorites/destroy/:id" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - note_activity = insert(:note_activity) - object = Object.normalize(note_activity) - ActivityPub.like(current_user, object) - - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/favorites/destroy/#{note_activity.id}.json") - - assert json_response(conn, 200) - end - end - - describe "POST /api/statuses/retweet/:id" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - note_activity = insert(:note_activity) - - request_path = "/api/statuses/retweet/#{note_activity.id}.json" - - response = - conn - |> with_credentials(current_user.nickname, "test") - |> post(request_path) - - activity = Activity.get_by_id(note_activity.id) - activity_user = User.get_cached_by_ap_id(note_activity.data["actor"]) - - assert json_response(response, 200) == - ActivityView.render("activity.json", %{ - user: activity_user, - for: current_user, - activity: activity - }) - end - end - - describe "POST /api/statuses/unretweet/:id" do - setup [:valid_user] - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: current_user} do - note_activity = insert(:note_activity) - - request_path = "/api/statuses/retweet/#{note_activity.id}.json" - - _response = - conn - |> with_credentials(current_user.nickname, "test") - |> post(request_path) - - request_path = String.replace(request_path, "retweet", "unretweet") - - response = - conn - |> with_credentials(current_user.nickname, "test") - |> post(request_path) - - activity = Activity.get_by_id(note_activity.id) - activity_user = User.get_cached_by_ap_id(note_activity.data["actor"]) - - assert json_response(response, 200) == - ActivityView.render("activity.json", %{ - user: activity_user, - for: current_user, - activity: activity - }) - end - end - - describe "POST /api/account/register" do - test "it creates a new user", %{conn: conn} do - data = %{ - "nickname" => "lain", - "email" => "lain@wired.jp", - "fullname" => "lain iwakura", - "bio" => "close the world.", - "password" => "bear", - "confirm" => "bear" - } - - conn = - conn - |> post("/api/account/register", data) - - user = json_response(conn, 200) - - fetched_user = User.get_cached_by_nickname("lain") - assert user == UserView.render("show.json", %{user: fetched_user}) - end - - test "it returns errors on a problem", %{conn: conn} do - data = %{ - "email" => "lain@wired.jp", - "fullname" => "lain iwakura", - "bio" => "close the world.", - "password" => "bear", - "confirm" => "bear" - } - - conn = - conn - |> post("/api/account/register", data) - - errors = json_response(conn, 400) - - assert is_binary(errors["error"]) - end - end - - describe "POST /api/account/password_reset, with valid parameters" do - setup %{conn: conn} do - user = insert(:user) - conn = post(conn, "/api/account/password_reset?email=#{user.email}") - %{conn: conn, user: user} - end - - test "it returns 204", %{conn: conn} do - assert json_response(conn, :no_content) - end - - test "it creates a PasswordResetToken record for user", %{user: user} do - token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) - assert token_record - end - - test "it sends an email to user", %{user: user} do - token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id) - - email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token) - notify_email = Pleroma.Config.get([:instance, :notify_email]) - instance_name = Pleroma.Config.get([:instance, :name]) - - assert_email_sent( - from: {instance_name, notify_email}, - to: {user.name, user.email}, - html_body: email.html_body - ) - end - end - - describe "POST /api/account/password_reset, with invalid parameters" do - setup [:valid_user] - - test "it returns 404 when user is not found", %{conn: conn, user: user} do - conn = post(conn, "/api/account/password_reset?email=nonexisting_#{user.email}") - assert conn.status == 404 - assert conn.resp_body == "" - end - - test "it returns 400 when user is not local", %{conn: conn, user: user} do - {:ok, user} = Repo.update(Changeset.change(user, local: false)) - conn = post(conn, "/api/account/password_reset?email=#{user.email}") - assert conn.status == 400 - assert conn.resp_body == "" - end - end - - describe "GET /api/account/confirm_email/:id/:token" do - setup do - user = insert(:user) - info_change = User.Info.confirmation_changeset(user.info, need_confirmation: true) - - {:ok, user} = - user - |> Changeset.change() - |> Changeset.put_embed(:info, info_change) - |> Repo.update() - - assert user.info.confirmation_pending - - [user: user] - end - - test "it redirects to root url", %{conn: conn, user: user} do - conn = get(conn, "/api/account/confirm_email/#{user.id}/#{user.info.confirmation_token}") - - assert 302 == conn.status - end - - test "it confirms the user account", %{conn: conn, user: user} do - get(conn, "/api/account/confirm_email/#{user.id}/#{user.info.confirmation_token}") - - user = User.get_cached_by_id(user.id) - - refute user.info.confirmation_pending - refute user.info.confirmation_token - end - - test "it returns 500 if user cannot be found by id", %{conn: conn, user: user} do - conn = get(conn, "/api/account/confirm_email/0/#{user.info.confirmation_token}") - - assert 500 == conn.status - end - - test "it returns 500 if token is invalid", %{conn: conn, user: user} do - conn = get(conn, "/api/account/confirm_email/#{user.id}/wrong_token") - - assert 500 == conn.status - end - end - - describe "POST /api/account/resend_confirmation_email" do - setup do - user = insert(:user) - info_change = User.Info.confirmation_changeset(user.info, need_confirmation: true) - - {:ok, user} = - user - |> Changeset.change() - |> Changeset.put_embed(:info, info_change) - |> Repo.update() - - assert user.info.confirmation_pending - - [user: user] - end - - clear_config([:instance, :account_activation_required]) do - Pleroma.Config.put([:instance, :account_activation_required], true) - end - - test "it returns 204 No Content", %{conn: conn, user: user} do - conn - |> assign(:user, user) - |> post("/api/account/resend_confirmation_email?email=#{user.email}") - |> json_response(:no_content) - end - - test "it sends confirmation email", %{conn: conn, user: user} do - conn - |> assign(:user, user) - |> post("/api/account/resend_confirmation_email?email=#{user.email}") - - email = Pleroma.Emails.UserEmail.account_confirmation_email(user) - notify_email = Pleroma.Config.get([:instance, :notify_email]) - instance_name = Pleroma.Config.get([:instance, :name]) - - assert_email_sent( - from: {instance_name, notify_email}, - to: {user.name, user.email}, - html_body: email.html_body - ) - end - end - - describe "GET /api/externalprofile/show" do - test "it returns the user", %{conn: conn} do - user = insert(:user) - other_user = insert(:user) - - conn = - conn - |> assign(:user, user) - |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id}) - - assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user}) - end - end - - describe "GET /api/statuses/followers" do - test "it returns a user's followers", %{conn: conn} do - user = insert(:user) - follower_one = insert(:user) - follower_two = insert(:user) - _not_follower = insert(:user) - - {:ok, follower_one} = User.follow(follower_one, user) - {:ok, follower_two} = User.follow(follower_two, user) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/followers") - - expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user}) - result = json_response(conn, 200) - assert Enum.sort(expected) == Enum.sort(result) - end - - test "it returns 20 followers per page", %{conn: conn} do - user = insert(:user) - followers = insert_list(21, :user) - - Enum.each(followers, fn follower -> - User.follow(follower, user) - end) - - res_conn = - conn - |> assign(:user, user) - |> get("/api/statuses/followers") - - result = json_response(res_conn, 200) - assert length(result) == 20 - - res_conn = - conn - |> assign(:user, user) - |> get("/api/statuses/followers?page=2") - - result = json_response(res_conn, 200) - assert length(result) == 1 - end - - test "it returns a given user's followers with user_id", %{conn: conn} do - user = insert(:user) - follower_one = insert(:user) - follower_two = insert(:user) - not_follower = insert(:user) - - {:ok, follower_one} = User.follow(follower_one, user) - {:ok, follower_two} = User.follow(follower_two, user) - - conn = - conn - |> assign(:user, not_follower) - |> get("/api/statuses/followers", %{"user_id" => user.id}) - - assert MapSet.equal?( - MapSet.new(json_response(conn, 200)), - MapSet.new( - UserView.render("index.json", %{ - users: [follower_one, follower_two], - for: not_follower - }) - ) - ) - end - - test "it returns empty when hide_followers is set to true", %{conn: conn} do - user = insert(:user, %{info: %{hide_followers: true}}) - follower_one = insert(:user) - follower_two = insert(:user) - not_follower = insert(:user) - - {:ok, _follower_one} = User.follow(follower_one, user) - {:ok, _follower_two} = User.follow(follower_two, user) - - response = - conn - |> assign(:user, not_follower) - |> get("/api/statuses/followers", %{"user_id" => user.id}) - |> json_response(200) - - assert [] == response - end - - test "it returns the followers when hide_followers is set to true if requested by the user themselves", - %{ - conn: conn - } do - user = insert(:user, %{info: %{hide_followers: true}}) - follower_one = insert(:user) - follower_two = insert(:user) - _not_follower = insert(:user) - - {:ok, _follower_one} = User.follow(follower_one, user) - {:ok, _follower_two} = User.follow(follower_two, user) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/followers", %{"user_id" => user.id}) - - refute [] == json_response(conn, 200) - end - end - - describe "GET /api/statuses/blocks" do - test "it returns the list of users blocked by requester", %{conn: conn} do - user = insert(:user) - other_user = insert(:user) - - {:ok, user} = User.block(user, other_user) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/blocks") - - expected = UserView.render("index.json", %{users: [other_user], for: user}) - result = json_response(conn, 200) - assert Enum.sort(expected) == Enum.sort(result) - end - end - - describe "GET /api/statuses/friends" do - test "it returns the logged in user's friends", %{conn: conn} do - user = insert(:user) - followed_one = insert(:user) - followed_two = insert(:user) - _not_followed = insert(:user) - - {:ok, user} = User.follow(user, followed_one) - {:ok, user} = User.follow(user, followed_two) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends") - - expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user}) - result = json_response(conn, 200) - assert Enum.sort(expected) == Enum.sort(result) - end - - test "it returns 20 friends per page, except if 'export' is set to true", %{conn: conn} do - user = insert(:user) - followeds = insert_list(21, :user) - - {:ok, user} = - Enum.reduce(followeds, {:ok, user}, fn followed, {:ok, user} -> - User.follow(user, followed) - end) - - res_conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends") - - result = json_response(res_conn, 200) - assert length(result) == 20 - - res_conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends", %{page: 2}) - - result = json_response(res_conn, 200) - assert length(result) == 1 - - res_conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends", %{all: true}) - - result = json_response(res_conn, 200) - assert length(result) == 21 - end - - test "it returns a given user's friends with user_id", %{conn: conn} do - user = insert(:user) - followed_one = insert(:user) - followed_two = insert(:user) - _not_followed = insert(:user) - - {:ok, user} = User.follow(user, followed_one) - {:ok, user} = User.follow(user, followed_two) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends", %{"user_id" => user.id}) - - assert MapSet.equal?( - MapSet.new(json_response(conn, 200)), - MapSet.new( - UserView.render("index.json", %{users: [followed_one, followed_two], for: user}) - ) - ) - end - - test "it returns empty when hide_follows is set to true", %{conn: conn} do - user = insert(:user, %{info: %{hide_follows: true}}) - followed_one = insert(:user) - followed_two = insert(:user) - not_followed = insert(:user) - - {:ok, user} = User.follow(user, followed_one) - {:ok, user} = User.follow(user, followed_two) - - conn = - conn - |> assign(:user, not_followed) - |> get("/api/statuses/friends", %{"user_id" => user.id}) - - assert [] == json_response(conn, 200) - end - - test "it returns friends when hide_follows is set to true if the user themselves request it", - %{ - conn: conn - } do - user = insert(:user, %{info: %{hide_follows: true}}) - followed_one = insert(:user) - followed_two = insert(:user) - _not_followed = insert(:user) - - {:ok, _user} = User.follow(user, followed_one) - {:ok, _user} = User.follow(user, followed_two) - - response = - conn - |> assign(:user, user) - |> get("/api/statuses/friends", %{"user_id" => user.id}) - |> json_response(200) - - refute [] == response - end - - test "it returns a given user's friends with screen_name", %{conn: conn} do - user = insert(:user) - followed_one = insert(:user) - followed_two = insert(:user) - _not_followed = insert(:user) - - {:ok, user} = User.follow(user, followed_one) - {:ok, user} = User.follow(user, followed_two) - - conn = - conn - |> assign(:user, user) - |> get("/api/statuses/friends", %{"screen_name" => user.nickname}) - - assert MapSet.equal?( - MapSet.new(json_response(conn, 200)), - MapSet.new( - UserView.render("index.json", %{users: [followed_one, followed_two], for: user}) - ) - ) - end - end - - describe "GET /friends/ids" do - test "it returns a user's friends", %{conn: conn} do - user = insert(:user) - followed_one = insert(:user) - followed_two = insert(:user) - _not_followed = insert(:user) - - {:ok, user} = User.follow(user, followed_one) - {:ok, user} = User.follow(user, followed_two) - - conn = - conn - |> assign(:user, user) - |> get("/api/friends/ids") - - expected = [followed_one.id, followed_two.id] - - assert MapSet.equal?( - MapSet.new(Poison.decode!(json_response(conn, 200))), - MapSet.new(expected) - ) - end - end - - describe "POST /api/account/update_profile.json" do - test "it updates a user's profile", %{conn: conn} do - user = insert(:user) - user2 = insert(:user) - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "name" => "new name", - "description" => "hi @#{user2.nickname}" - }) - - user = Repo.get!(User, user.id) - assert user.name == "new name" - - assert user.bio == - "hi <span class='h-card'><a data-user='#{user2.id}' class='u-url mention' href='#{ - user2.ap_id - }'>@<span>#{user2.nickname}</span></a></span>" - - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - test "it sets and un-sets hide_follows", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "hide_follows" => "true" - }) - - user = Repo.get!(User, user.id) - assert user.info.hide_follows == true - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "hide_follows" => "false" - }) - - user = refresh_record(user) - assert user.info.hide_follows == false - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - test "it sets and un-sets hide_followers", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "hide_followers" => "true" - }) - - user = Repo.get!(User, user.id) - assert user.info.hide_followers == true - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "hide_followers" => "false" - }) - - user = Repo.get!(User, user.id) - assert user.info.hide_followers == false - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - test "it sets and un-sets show_role", %{conn: conn} do - user = insert(:user) - - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "show_role" => "true" - }) - - user = Repo.get!(User, user.id) - assert user.info.show_role == true - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "show_role" => "false" - }) - - user = Repo.get!(User, user.id) - assert user.info.show_role == false - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - test "it sets and un-sets skip_thread_containment", %{conn: conn} do - user = insert(:user) - - response = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{"skip_thread_containment" => "true"}) - |> json_response(200) - - assert response["pleroma"]["skip_thread_containment"] == true - user = refresh_record(user) - assert user.info.skip_thread_containment - - response = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{"skip_thread_containment" => "false"}) - |> json_response(200) - - assert response["pleroma"]["skip_thread_containment"] == false - refute refresh_record(user).info.skip_thread_containment - end - - test "it locks an account", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "locked" => "true" - }) - - user = Repo.get!(User, user.id) - assert user.info.locked == true - - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - test "it unlocks an account", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "locked" => "false" - }) - - user = Repo.get!(User, user.id) - assert user.info.locked == false - - assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user}) - end - - # Broken before the change to class="emoji" and non-<img/> in the DB - @tag :skip - test "it formats emojos", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "bio" => "I love our :moominmamma:" - }) - - assert response = json_response(conn, 200) - - assert %{ - "description" => "I love our :moominmamma:", - "description_html" => - ~s{I love our <img class="emoji" alt="moominmamma" title="moominmamma" src="} <> - _ - } = response - - conn = - conn - |> get("/api/users/show.json?user_id=#{user.nickname}") - - assert response == json_response(conn, 200) - end - end - - defp valid_user(_context) do - user = insert(:user) - [user: user] - end - - defp with_credentials(conn, username, password) do - header_content = "Basic " <> Base.encode64("#{username}:#{password}") - put_req_header(conn, "authorization", header_content) - end - - describe "GET /api/search.json" do - test "it returns search results", %{conn: conn} do - user = insert(:user) - user_two = insert(:user, %{nickname: "shp@shitposter.club"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"}) - {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"}) - - conn = - conn - |> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"}) - - assert [status] = json_response(conn, 200) - assert status["id"] == activity.id - end - end - - describe "GET /api/statusnet/tags/timeline/:tag.json" do - test "it returns the tags timeline", %{conn: conn} do - user = insert(:user) - user_two = insert(:user, %{nickname: "shp@shitposter.club"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"}) - {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"}) - - conn = - conn - |> get("/api/statusnet/tags/timeline/2hu.json") - - assert [status] = json_response(conn, 200) - assert status["id"] == activity.id - end - end - - test "Convert newlines to <br> in bio", %{conn: conn} do - user = insert(:user) - - _conn = - conn - |> assign(:user, user) - |> post("/api/account/update_profile.json", %{ - "description" => "Hello,\r\nWorld! I\n am a test." - }) - - user = Repo.get!(User, user.id) - assert user.bio == "Hello,<br>World! I<br> am a test." - end - - describe "POST /api/pleroma/change_password" do - setup [:valid_user] - - test "without credentials", %{conn: conn} do - conn = post(conn, "/api/pleroma/change_password") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials and invalid password", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/change_password", %{ - "password" => "hi", - "new_password" => "newpass", - "new_password_confirmation" => "newpass" - }) - - assert json_response(conn, 200) == %{"error" => "Invalid password."} - end - - test "with credentials, valid password and new password and confirmation not matching", %{ - conn: conn, - user: current_user - } do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/change_password", %{ - "password" => "test", - "new_password" => "newpass", - "new_password_confirmation" => "notnewpass" - }) - - assert json_response(conn, 200) == %{ - "error" => "New password does not match confirmation." - } - end - - test "with credentials, valid password and invalid new password", %{ - conn: conn, - user: current_user - } do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/change_password", %{ - "password" => "test", - "new_password" => "", - "new_password_confirmation" => "" - }) - - assert json_response(conn, 200) == %{ - "error" => "New password can't be blank." - } - end - - test "with credentials, valid password and matching new password and confirmation", %{ - conn: conn, - user: current_user - } do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/change_password", %{ - "password" => "test", - "new_password" => "newpass", - "new_password_confirmation" => "newpass" - }) - - assert json_response(conn, 200) == %{"status" => "success"} - fetched_user = User.get_cached_by_id(current_user.id) - assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true - end - end - - describe "POST /api/pleroma/delete_account" do - setup [:valid_user] - - test "without credentials", %{conn: conn} do - conn = post(conn, "/api/pleroma/delete_account") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials and invalid password", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/delete_account", %{"password" => "hi"}) - - assert json_response(conn, 200) == %{"error" => "Invalid password."} - end - - test "with credentials and valid password", %{conn: conn, user: current_user} do - conn = - conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/pleroma/delete_account", %{"password" => "test"}) - - assert json_response(conn, 200) == %{"status" => "success"} - # Wait a second for the started task to end - :timer.sleep(1000) - end - end - - describe "GET /api/pleroma/friend_requests" do - test "it lists friend requests" do - user = insert(:user) - other_user = insert(:user) - - {:ok, _activity} = ActivityPub.follow(other_user, user) - - user = User.get_cached_by_id(user.id) - other_user = User.get_cached_by_id(other_user.id) - - assert User.following?(other_user, user) == false - - conn = - build_conn() - |> assign(:user, user) - |> get("/api/pleroma/friend_requests") - - assert [relationship] = json_response(conn, 200) - assert other_user.id == relationship["id"] - end - - test "requires 'read' permission", %{conn: conn} do - token1 = insert(:oauth_token, scopes: ["write"]) - token2 = insert(:oauth_token, scopes: ["read"]) - - for token <- [token1, token2] do - conn = - conn - |> put_req_header("authorization", "Bearer #{token.token}") - |> get("/api/pleroma/friend_requests") - - if token == token1 do - assert %{"error" => "Insufficient permissions: read."} == json_response(conn, 403) - else - assert json_response(conn, 200) - end - end - end - end - - describe "POST /api/pleroma/friendships/approve" do - test "it approves a friend request" do - user = insert(:user) - other_user = insert(:user) - - {:ok, _activity} = ActivityPub.follow(other_user, user) - - user = User.get_cached_by_id(user.id) - other_user = User.get_cached_by_id(other_user.id) - - assert User.following?(other_user, user) == false - - conn = - build_conn() - |> assign(:user, user) - |> post("/api/pleroma/friendships/approve", %{"user_id" => other_user.id}) - - assert relationship = json_response(conn, 200) - assert other_user.id == relationship["id"] - assert relationship["follows_you"] == true - end - end - - describe "POST /api/pleroma/friendships/deny" do - test "it denies a friend request" do - user = insert(:user) - other_user = insert(:user) - - {:ok, _activity} = ActivityPub.follow(other_user, user) - - user = User.get_cached_by_id(user.id) - other_user = User.get_cached_by_id(other_user.id) - - assert User.following?(other_user, user) == false - - conn = - build_conn() - |> assign(:user, user) - |> post("/api/pleroma/friendships/deny", %{"user_id" => other_user.id}) - - assert relationship = json_response(conn, 200) - assert other_user.id == relationship["id"] - assert relationship["follows_you"] == false - end - end - - describe "GET /api/pleroma/search_user" do - test "it returns users, ordered by similarity", %{conn: conn} do - user = insert(:user, %{name: "eal"}) - user_two = insert(:user, %{name: "eal me"}) - _user_three = insert(:user, %{name: "zzz"}) - - resp = - conn - |> get(twitter_api_search__path(conn, :search_user), query: "eal me") - |> json_response(200) - - assert length(resp) == 2 - assert [user_two.id, user.id] == Enum.map(resp, fn %{"id" => id} -> id end) - end - end - - describe "POST /api/media/upload" do - setup context do - Pleroma.DataCase.ensure_local_uploader(context) - end - - test "it performs the upload and sets `data[actor]` with AP id of uploader user", %{ - conn: conn - } do - user = insert(:user) - - upload_filename = "test/fixtures/image_tmp.jpg" - File.cp!("test/fixtures/image.jpg", upload_filename) - - file = %Plug.Upload{ - content_type: "image/jpg", - path: Path.absname(upload_filename), - filename: "image.jpg" - } - - response = - conn - |> assign(:user, user) - |> put_req_header("content-type", "application/octet-stream") - |> post("/api/media/upload", %{ - "media" => file - }) - |> json_response(:ok) - - assert response["media_id"] - object = Repo.get(Object, response["media_id"]) - assert object - assert object.data["actor"] == User.ap_id(user) - end - end - - describe "POST /api/media/metadata/create" do - setup do - object = insert(:note) - user = User.get_cached_by_ap_id(object.data["actor"]) - %{object: object, user: user} - end - - test "it returns :forbidden status on attempt to modify someone else's upload", %{ - conn: conn, - object: object - } do - initial_description = object.data["name"] - another_user = insert(:user) - - conn - |> assign(:user, another_user) - |> post("/api/media/metadata/create", %{"media_id" => object.id}) - |> json_response(:forbidden) - - object = Repo.get(Object, object.id) - assert object.data["name"] == initial_description - end - - test "it updates `data[name]` of referenced Object with provided value", %{ - conn: conn, - object: object, - user: user - } do - description = "Informative description of the image. Initial value: #{object.data["name"]}}" - - conn - |> assign(:user, user) - |> post("/api/media/metadata/create", %{ - "media_id" => object.id, - "alt_text" => %{"text" => description} - }) - |> json_response(:no_content) - - object = Repo.get(Object, object.id) - assert object.data["name"] == description - end - end - - describe "POST /api/statuses/user_timeline.json?user_id=:user_id&pinned=true" do - test "it returns a list of pinned statuses", %{conn: conn} do - Pleroma.Config.put([:instance, :max_pinned_statuses], 1) - - user = insert(:user, %{name: "egor"}) - {:ok, %{id: activity_id}} = CommonAPI.post(user, %{"status" => "HI!!!"}) - {:ok, _} = CommonAPI.pin(activity_id, user) - - resp = - conn - |> get("/api/statuses/user_timeline.json", %{user_id: user.id, pinned: true}) - |> json_response(200) - - assert length(resp) == 1 - assert [%{"id" => ^activity_id, "pinned" => true}] = resp - end - end - - describe "POST /api/statuses/pin/:id" do - setup do - Pleroma.Config.put([:instance, :max_pinned_statuses], 1) - [user: insert(:user)] - end - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/statuses/pin/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: user} do - {:ok, activity} = CommonAPI.post(user, %{"status" => "test!"}) - - request_path = "/api/statuses/pin/#{activity.id}.json" - - response = - conn - |> with_credentials(user.nickname, "test") - |> post(request_path) - - user = refresh_record(user) - - assert json_response(response, 200) == - ActivityView.render("activity.json", %{user: user, for: user, activity: activity}) - end - end - - describe "POST /api/statuses/unpin/:id" do - setup do - Pleroma.Config.put([:instance, :max_pinned_statuses], 1) - [user: insert(:user)] - end - - test "without valid credentials", %{conn: conn} do - note_activity = insert(:note_activity) - conn = post(conn, "/api/statuses/unpin/#{note_activity.id}.json") - assert json_response(conn, 403) == %{"error" => "Invalid credentials."} - end - - test "with credentials", %{conn: conn, user: user} do - {:ok, activity} = CommonAPI.post(user, %{"status" => "test!"}) - {:ok, activity} = CommonAPI.pin(activity.id, user) - - request_path = "/api/statuses/unpin/#{activity.id}.json" - - response = - conn - |> with_credentials(user.nickname, "test") - |> post(request_path) - - user = refresh_record(user) - - assert json_response(response, 200) == - ActivityView.render("activity.json", %{user: user, for: user, activity: activity}) - end - end - - describe "GET /api/oauth_tokens" do - setup do - token = insert(:oauth_token) |> Repo.preload(:user) - - %{token: token} - end - - test "renders list", %{token: token} do - response = - build_conn() - |> assign(:user, token.user) - |> get("/api/oauth_tokens") - - keys = - json_response(response, 200) - |> hd() - |> Map.keys() - - assert keys -- ["id", "app_name", "valid_until"] == [] - end - - test "revoke token", %{token: token} do - response = - build_conn() - |> assign(:user, token.user) - |> delete("/api/oauth_tokens/#{token.id}") - - tokens = Token.get_user_tokens(token.user) - - assert tokens == [] - assert response.status == 201 - end - end -end diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index cbe83852e..c5b18234e 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -4,270 +4,17 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do use Pleroma.DataCase - alias Pleroma.Activity - alias Pleroma.Object alias Pleroma.Repo alias Pleroma.User alias Pleroma.UserInviteToken - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.TwitterAPI.ActivityView + alias Pleroma.Web.MastodonAPI.AccountView alias Pleroma.Web.TwitterAPI.TwitterAPI - alias Pleroma.Web.TwitterAPI.UserView - - import Pleroma.Factory setup_all do Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end) :ok end - test "create a status" do - user = insert(:user) - mentioned_user = insert(:user, %{nickname: "shp", ap_id: "shp"}) - - object_data = %{ - "type" => "Image", - "url" => [ - %{ - "type" => "Link", - "mediaType" => "image/jpg", - "href" => "http://example.org/image.jpg" - } - ], - "uuid" => 1 - } - - object = Repo.insert!(%Object{data: object_data}) - - input = %{ - "status" => - "Hello again, @shp.<script></script>\nThis is on another :firefox: line. #2hu #epic #phantasmagoric", - "media_ids" => [object.id] - } - - {:ok, activity = %Activity{}} = TwitterAPI.create_status(user, input) - object = Object.normalize(activity) - - expected_text = - "Hello again, <span class='h-card'><a data-user='#{mentioned_user.id}' class='u-url mention' href='shp'>@<span>shp</span></a></span>.<script></script><br>This is on another :firefox: line. <a class='hashtag' data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a> <a class='hashtag' data-tag='epic' href='http://localhost:4001/tag/epic' rel='tag'>#epic</a> <a class='hashtag' data-tag='phantasmagoric' href='http://localhost:4001/tag/phantasmagoric' rel='tag'>#phantasmagoric</a><br><a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>" - - assert get_in(object.data, ["content"]) == expected_text - assert get_in(object.data, ["type"]) == "Note" - assert get_in(object.data, ["actor"]) == user.ap_id - assert get_in(activity.data, ["actor"]) == user.ap_id - assert Enum.member?(get_in(activity.data, ["cc"]), User.ap_followers(user)) - - assert Enum.member?( - get_in(activity.data, ["to"]), - "https://www.w3.org/ns/activitystreams#Public" - ) - - assert Enum.member?(get_in(activity.data, ["to"]), "shp") - assert activity.local == true - - assert %{"firefox" => "http://localhost:4001/emoji/Firefox.gif"} = object.data["emoji"] - - # hashtags - assert object.data["tag"] == ["2hu", "epic", "phantasmagoric"] - - # Add a context - assert is_binary(get_in(activity.data, ["context"])) - assert is_binary(get_in(object.data, ["context"])) - - assert is_list(object.data["attachment"]) - - assert activity.data["object"] == object.data["id"] - - user = User.get_cached_by_ap_id(user.ap_id) - - assert user.info.note_count == 1 - end - - test "create a status that is a reply" do - user = insert(:user) - - input = %{ - "status" => "Hello again." - } - - {:ok, activity = %Activity{}} = TwitterAPI.create_status(user, input) - object = Object.normalize(activity) - - input = %{ - "status" => "Here's your (you).", - "in_reply_to_status_id" => activity.id - } - - {:ok, reply = %Activity{}} = TwitterAPI.create_status(user, input) - reply_object = Object.normalize(reply) - - assert get_in(reply.data, ["context"]) == get_in(activity.data, ["context"]) - - assert get_in(reply_object.data, ["context"]) == get_in(object.data, ["context"]) - - assert get_in(reply_object.data, ["inReplyTo"]) == get_in(activity.data, ["object"]) - assert Activity.get_in_reply_to_activity(reply).id == activity.id - end - - test "Follow another user using user_id" do - user = insert(:user) - followed = insert(:user) - - {:ok, user, followed, _activity} = TwitterAPI.follow(user, %{"user_id" => followed.id}) - assert User.ap_followers(followed) in user.following - - {:ok, _, _, _} = TwitterAPI.follow(user, %{"user_id" => followed.id}) - end - - test "Follow another user using screen_name" do - user = insert(:user) - followed = insert(:user) - - {:ok, user, followed, _activity} = - TwitterAPI.follow(user, %{"screen_name" => followed.nickname}) - - assert User.ap_followers(followed) in user.following - - followed = User.get_cached_by_ap_id(followed.ap_id) - assert followed.info.follower_count == 1 - - {:ok, _, _, _} = TwitterAPI.follow(user, %{"screen_name" => followed.nickname}) - end - - test "Unfollow another user using user_id" do - unfollowed = insert(:user) - user = insert(:user, %{following: [User.ap_followers(unfollowed)]}) - ActivityPub.follow(user, unfollowed) - - {:ok, user, unfollowed} = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id}) - assert user.following == [] - - {:error, msg} = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id}) - assert msg == "Not subscribed!" - end - - test "Unfollow another user using screen_name" do - unfollowed = insert(:user) - user = insert(:user, %{following: [User.ap_followers(unfollowed)]}) - - ActivityPub.follow(user, unfollowed) - - {:ok, user, unfollowed} = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname}) - assert user.following == [] - - {:error, msg} = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname}) - assert msg == "Not subscribed!" - end - - test "Block another user using user_id" do - user = insert(:user) - blocked = insert(:user) - - {:ok, user, blocked} = TwitterAPI.block(user, %{"user_id" => blocked.id}) - assert User.blocks?(user, blocked) - end - - test "Block another user using screen_name" do - user = insert(:user) - blocked = insert(:user) - - {:ok, user, blocked} = TwitterAPI.block(user, %{"screen_name" => blocked.nickname}) - assert User.blocks?(user, blocked) - end - - test "Unblock another user using user_id" do - unblocked = insert(:user) - user = insert(:user) - {:ok, user, _unblocked} = TwitterAPI.block(user, %{"user_id" => unblocked.id}) - - {:ok, user, _unblocked} = TwitterAPI.unblock(user, %{"user_id" => unblocked.id}) - assert user.info.blocks == [] - end - - test "Unblock another user using screen_name" do - unblocked = insert(:user) - user = insert(:user) - {:ok, user, _unblocked} = TwitterAPI.block(user, %{"screen_name" => unblocked.nickname}) - - {:ok, user, _unblocked} = TwitterAPI.unblock(user, %{"screen_name" => unblocked.nickname}) - assert user.info.blocks == [] - end - - test "upload a file" do - user = insert(:user) - - file = %Plug.Upload{ - content_type: "image/jpg", - path: Path.absname("test/fixtures/image.jpg"), - filename: "an_image.jpg" - } - - response = TwitterAPI.upload(file, user) - - assert is_binary(response) - end - - test "it favorites a status, returns the updated activity" do - user = insert(:user) - other_user = insert(:user) - note_activity = insert(:note_activity) - - {:ok, status} = TwitterAPI.fav(user, note_activity.id) - updated_activity = Activity.get_by_ap_id(note_activity.data["id"]) - assert ActivityView.render("activity.json", %{activity: updated_activity})["fave_num"] == 1 - - object = Object.normalize(note_activity) - - assert object.data["like_count"] == 1 - - assert status == updated_activity - - {:ok, _status} = TwitterAPI.fav(other_user, note_activity.id) - - object = Object.normalize(note_activity) - - assert object.data["like_count"] == 2 - - updated_activity = Activity.get_by_ap_id(note_activity.data["id"]) - assert ActivityView.render("activity.json", %{activity: updated_activity})["fave_num"] == 2 - end - - test "it unfavorites a status, returns the updated activity" do - user = insert(:user) - note_activity = insert(:note_activity) - object = Object.normalize(note_activity) - - {:ok, _like_activity, _object} = ActivityPub.like(user, object) - updated_activity = Activity.get_by_ap_id(note_activity.data["id"]) - - assert ActivityView.render("activity.json", activity: updated_activity)["fave_num"] == 1 - - {:ok, activity} = TwitterAPI.unfav(user, note_activity.id) - - assert ActivityView.render("activity.json", activity: activity)["fave_num"] == 0 - end - - test "it retweets a status and returns the retweet" do - user = insert(:user) - note_activity = insert(:note_activity) - - {:ok, status} = TwitterAPI.repeat(user, note_activity.id) - updated_activity = Activity.get_by_ap_id(note_activity.data["id"]) - - assert status == updated_activity - end - - test "it unretweets an already retweeted status" do - user = insert(:user) - note_activity = insert(:note_activity) - - {:ok, _status} = TwitterAPI.repeat(user, note_activity.id) - {:ok, status} = TwitterAPI.unrepeat(user, note_activity.id) - updated_activity = Activity.get_by_ap_id(note_activity.data["id"]) - - assert status == updated_activity - end - test "it registers a new user and returns the user." do data = %{ "nickname" => "lain", @@ -281,8 +28,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do fetched_user = User.get_cached_by_nickname("lain") - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) end test "it registers a new user with empty string in bio and returns the user." do @@ -299,8 +46,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do fetched_user = User.get_cached_by_nickname("lain") - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) end test "it sends confirmation email if :account_activation_required is specified in instance config" do @@ -397,8 +144,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do assert invite.used == true - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) end test "returns error on invalid token" do @@ -462,8 +209,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do {:ok, user} = TwitterAPI.register_user(data) fetched_user = User.get_cached_by_nickname("vinny") - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) end {:ok, data: data, check_fn: check_fn} @@ -537,8 +284,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do assert invite.used == true - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) data = %{ "nickname" => "GrimReaper", @@ -588,8 +335,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do refute invite.used - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) end test "error after max uses" do @@ -612,8 +359,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do invite = Repo.get_by(UserInviteToken, token: invite.token) assert invite.used == true - assert UserView.render("show.json", %{user: user}) == - UserView.render("show.json", %{user: fetched_user}) + assert AccountView.render("account.json", %{user: user}) == + AccountView.render("account.json", %{user: fetched_user}) data = %{ "nickname" => "GrimReaper", @@ -689,31 +436,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do refute User.get_cached_by_nickname("lain") end - test "it assigns an integer conversation_id" do - note_activity = insert(:note_activity) - status = ActivityView.render("activity.json", activity: note_activity) - - assert is_number(status["statusnet_conversation_id"]) - end - setup do Supervisor.terminate_child(Pleroma.Supervisor, Cachex) Supervisor.restart_child(Pleroma.Supervisor, Cachex) :ok end - - describe "fetching a user by uri" do - test "fetches a user by uri" do - id = "https://mastodon.social/users/lambadalambda" - user = insert(:user) - {:ok, represented} = TwitterAPI.get_external_profile(user, id) - remote = User.get_cached_by_ap_id(id) - - assert represented["id"] == UserView.render("show.json", %{user: remote, for: user})["id"] - - # Also fetches the feed. - # assert Activity.get_create_by_object_ap_id("tag:mastodon.social,2017-04-05:objectId=1641750:objectType=Status") - # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength - end - end end diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs index fe4ffdb59..a3c6145c0 100644 --- a/test/web/twitter_api/util_controller_test.exs +++ b/test/web/twitter_api/util_controller_test.exs @@ -5,7 +5,6 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do use Pleroma.Web.ConnCase - alias Pleroma.Notification alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.CommonAPI @@ -141,37 +140,6 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do end end - describe "POST /api/pleroma/notifications/read" do - test "it marks a single notification as read", %{conn: conn} do - user1 = insert(:user) - user2 = insert(:user) - {:ok, activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) - {:ok, activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"}) - {:ok, [notification1]} = Notification.create_notifications(activity1) - {:ok, [notification2]} = Notification.create_notifications(activity2) - - conn - |> assign(:user, user1) - |> post("/api/pleroma/notifications/read", %{"id" => "#{notification1.id}"}) - |> json_response(:ok) - - assert Repo.get(Notification, notification1.id).seen - refute Repo.get(Notification, notification2.id).seen - end - - test "it returns error when notification not found", %{conn: conn} do - user1 = insert(:user) - - response = - conn - |> assign(:user, user1) - |> post("/api/pleroma/notifications/read", %{"id" => "22222222222222"}) - |> json_response(403) - - assert response == %{"error" => "Cannot get notification"} - end - end - describe "PUT /api/pleroma/notification_settings" do test "it updates notification settings", %{conn: conn} do user = insert(:user) @@ -694,4 +662,111 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do assert called(Pleroma.Captcha.new()) end end + + defp with_credentials(conn, username, password) do + header_content = "Basic " <> Base.encode64("#{username}:#{password}") + put_req_header(conn, "authorization", header_content) + end + + defp valid_user(_context) do + user = insert(:user) + [user: user] + end + + describe "POST /api/pleroma/change_email" do + setup [:valid_user] + + test "without credentials", %{conn: conn} do + conn = post(conn, "/api/pleroma/change_email") + assert json_response(conn, 403) == %{"error" => "Invalid credentials."} + end + + test "with credentials and invalid password", %{conn: conn, user: current_user} do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "hi", + "email" => "test@test.com" + }) + + assert json_response(conn, 200) == %{"error" => "Invalid password."} + end + + test "with credentials, valid password and invalid email", %{ + conn: conn, + user: current_user + } do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "test", + "email" => "foobar" + }) + + assert json_response(conn, 200) == %{"error" => "Email has invalid format."} + end + + test "with credentials, valid password and no email", %{ + conn: conn, + user: current_user + } do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "test" + }) + + assert json_response(conn, 200) == %{"error" => "Email can't be blank."} + end + + test "with credentials, valid password and blank email", %{ + conn: conn, + user: current_user + } do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "test", + "email" => "" + }) + + assert json_response(conn, 200) == %{"error" => "Email can't be blank."} + end + + test "with credentials, valid password and non unique email", %{ + conn: conn, + user: current_user + } do + user = insert(:user) + + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "test", + "email" => user.email + }) + + assert json_response(conn, 200) == %{"error" => "Email has already been taken."} + end + + test "with credentials, valid password and valid email", %{ + conn: conn, + user: current_user + } do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/pleroma/change_email", %{ + "password" => "test", + "email" => "cofe@foobar.com" + }) + + assert json_response(conn, 200) == %{"status" => "success"} + end + end end diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs deleted file mode 100644 index 56d861efb..000000000 --- a/test/web/twitter_api/views/activity_view_test.exs +++ /dev/null @@ -1,384 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do - use Pleroma.DataCase - - alias Pleroma.Activity - alias Pleroma.Object - alias Pleroma.Repo - alias Pleroma.User - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.CommonAPI - alias Pleroma.Web.CommonAPI.Utils - alias Pleroma.Web.TwitterAPI.ActivityView - alias Pleroma.Web.TwitterAPI.UserView - - import Pleroma.Factory - import Tesla.Mock - - setup do - mock(fn env -> apply(HttpRequestMock, :request, [env]) end) - :ok - end - - import Mock - - test "returns a temporary ap_id based user for activities missing db users" do - user = insert(:user) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"}) - - Repo.delete(user) - Cachex.clear(:user_cache) - - %{"user" => tw_user} = ActivityView.render("activity.json", activity: activity) - - assert tw_user["screen_name"] == "erroruser@example.com" - assert tw_user["name"] == user.ap_id - assert tw_user["statusnet_profile_url"] == user.ap_id - end - - test "tries to get a user by nickname if fetching by ap_id doesn't work" do - user = insert(:user) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"}) - - {:ok, user} = - user - |> Ecto.Changeset.change(%{ap_id: "#{user.ap_id}/extension/#{user.nickname}"}) - |> Repo.update() - - Cachex.clear(:user_cache) - - result = ActivityView.render("activity.json", activity: activity) - assert result["user"]["id"] == user.id - end - - test "tells if the message is muted for some reason" do - user = insert(:user) - other_user = insert(:user) - - {:ok, user} = User.mute(user, other_user) - - {:ok, activity} = CommonAPI.post(other_user, %{"status" => "test"}) - status = ActivityView.render("activity.json", %{activity: activity}) - - assert status["muted"] == false - - status = ActivityView.render("activity.json", %{activity: activity, for: user}) - - assert status["muted"] == true - end - - test "a create activity with a html status" do - text = """ - #Bike log - Commute Tuesday\nhttps://pla.bike/posts/20181211/\n#cycling #CHScycling #commute\nMVIMG_20181211_054020.jpg - """ - - {:ok, activity} = CommonAPI.post(insert(:user), %{"status" => text}) - - result = ActivityView.render("activity.json", activity: activity) - - assert result["statusnet_html"] == - "<a class=\"hashtag\" data-tag=\"bike\" href=\"http://localhost:4001/tag/bike\" rel=\"tag\">#Bike</a> log - Commute Tuesday<br /><a href=\"https://pla.bike/posts/20181211/\">https://pla.bike/posts/20181211/</a><br /><a class=\"hashtag\" data-tag=\"cycling\" href=\"http://localhost:4001/tag/cycling\" rel=\"tag\">#cycling</a> <a class=\"hashtag\" data-tag=\"chscycling\" href=\"http://localhost:4001/tag/chscycling\" rel=\"tag\">#CHScycling</a> <a class=\"hashtag\" data-tag=\"commute\" href=\"http://localhost:4001/tag/commute\" rel=\"tag\">#commute</a><br />MVIMG_20181211_054020.jpg" - - assert result["text"] == - "#Bike log - Commute Tuesday\nhttps://pla.bike/posts/20181211/\n#cycling #CHScycling #commute\nMVIMG_20181211_054020.jpg" - end - - test "a create activity with a summary containing emoji" do - {:ok, activity} = - CommonAPI.post(insert(:user), %{ - "spoiler_text" => ":firefox: meow", - "status" => "." - }) - - result = ActivityView.render("activity.json", activity: activity) - - expected = ":firefox: meow" - - expected_html = - "<img class=\"emoji\" alt=\"firefox\" title=\"firefox\" src=\"http://localhost:4001/emoji/Firefox.gif\" /> meow" - - assert result["summary"] == expected - assert result["summary_html"] == expected_html - end - - test "a create activity with a summary containing invalid HTML" do - {:ok, activity} = - CommonAPI.post(insert(:user), %{ - "spoiler_text" => "<span style=\"color: magenta; font-size: 32px;\">meow</span>", - "status" => "." - }) - - result = ActivityView.render("activity.json", activity: activity) - - expected = "meow" - - assert result["summary"] == expected - assert result["summary_html"] == expected - end - - test "a create activity with a note" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"}) - object = Object.normalize(activity) - - result = ActivityView.render("activity.json", activity: activity) - - convo_id = Utils.context_to_conversation_id(object.data["context"]) - - expected = %{ - "activity_type" => "post", - "attachments" => [], - "attentions" => [ - UserView.render("show.json", %{user: other_user}) - ], - "created_at" => object.data["published"] |> Utils.date_to_asctime(), - "external_url" => object.data["id"], - "fave_num" => 0, - "favorited" => false, - "id" => activity.id, - "in_reply_to_status_id" => nil, - "in_reply_to_screen_name" => nil, - "in_reply_to_user_id" => nil, - "in_reply_to_profileurl" => nil, - "in_reply_to_ostatus_uri" => nil, - "is_local" => true, - "is_post_verb" => true, - "possibly_sensitive" => false, - "repeat_num" => 0, - "repeated" => false, - "pinned" => false, - "statusnet_conversation_id" => convo_id, - "summary" => "", - "summary_html" => "", - "statusnet_html" => - "Hey <span class=\"h-card\"><a data-user=\"#{other_user.id}\" class=\"u-url mention\" href=\"#{ - other_user.ap_id - }\">@<span>shp</span></a></span>!", - "tags" => [], - "text" => "Hey @shp!", - "uri" => object.data["id"], - "user" => UserView.render("show.json", %{user: user}), - "visibility" => "direct", - "card" => nil, - "muted" => false - } - - assert result == expected - end - - test "a list of activities" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - object = Object.normalize(activity) - - convo_id = Utils.context_to_conversation_id(object.data["context"]) - - mocks = [ - { - Utils, - [:passthrough], - [context_to_conversation_id: fn _ -> false end] - }, - { - User, - [:passthrough], - [get_cached_by_ap_id: fn _ -> nil end] - } - ] - - with_mocks mocks do - [result] = ActivityView.render("index.json", activities: [activity]) - - assert result["statusnet_conversation_id"] == convo_id - assert result["user"] - refute called(Utils.context_to_conversation_id(:_)) - refute called(User.get_cached_by_ap_id(user.ap_id)) - refute called(User.get_cached_by_ap_id(other_user.ap_id)) - end - end - - test "an activity that is a reply" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - - {:ok, answer} = - CommonAPI.post(other_user, %{"status" => "Hi!", "in_reply_to_status_id" => activity.id}) - - result = ActivityView.render("activity.json", %{activity: answer}) - - assert result["in_reply_to_status_id"] == activity.id - end - - test "a like activity" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - {:ok, like, _object} = CommonAPI.favorite(activity.id, other_user) - - result = ActivityView.render("activity.json", activity: like) - activity = Pleroma.Activity.get_by_ap_id(activity.data["id"]) - - expected = %{ - "activity_type" => "like", - "created_at" => like.data["published"] |> Utils.date_to_asctime(), - "external_url" => like.data["id"], - "id" => like.id, - "in_reply_to_status_id" => activity.id, - "is_local" => true, - "is_post_verb" => false, - "favorited_status" => ActivityView.render("activity.json", activity: activity), - "statusnet_html" => "shp favorited a status.", - "text" => "shp favorited a status.", - "uri" => "tag:#{like.data["id"]}:objectType=Favourite", - "user" => UserView.render("show.json", user: other_user) - } - - assert result == expected - end - - test "a like activity for deleted post" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - {:ok, like, _object} = CommonAPI.favorite(activity.id, other_user) - CommonAPI.delete(activity.id, user) - - result = ActivityView.render("activity.json", activity: like) - - expected = %{ - "activity_type" => "like", - "created_at" => like.data["published"] |> Utils.date_to_asctime(), - "external_url" => like.data["id"], - "id" => like.id, - "in_reply_to_status_id" => nil, - "is_local" => true, - "is_post_verb" => false, - "favorited_status" => nil, - "statusnet_html" => "shp favorited a status.", - "text" => "shp favorited a status.", - "uri" => "tag:#{like.data["id"]}:objectType=Favourite", - "user" => UserView.render("show.json", user: other_user) - } - - assert result == expected - end - - test "an announce activity" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - {:ok, announce, object} = CommonAPI.repeat(activity.id, other_user) - - convo_id = Utils.context_to_conversation_id(object.data["context"]) - - activity = Activity.get_by_id(activity.id) - - result = ActivityView.render("activity.json", activity: announce) - - expected = %{ - "activity_type" => "repeat", - "created_at" => announce.data["published"] |> Utils.date_to_asctime(), - "external_url" => announce.data["id"], - "id" => announce.id, - "is_local" => true, - "is_post_verb" => false, - "statusnet_html" => "shp repeated a status.", - "text" => "shp repeated a status.", - "uri" => "tag:#{announce.data["id"]}:objectType=note", - "user" => UserView.render("show.json", user: other_user), - "retweeted_status" => ActivityView.render("activity.json", activity: activity), - "statusnet_conversation_id" => convo_id - } - - assert result == expected - end - - test "A follow activity" do - user = insert(:user) - other_user = insert(:user, %{nickname: "shp"}) - - {:ok, follower} = User.follow(user, other_user) - {:ok, follow} = ActivityPub.follow(follower, other_user) - - result = ActivityView.render("activity.json", activity: follow) - - expected = %{ - "activity_type" => "follow", - "attentions" => [], - "created_at" => follow.data["published"] |> Utils.date_to_asctime(), - "external_url" => follow.data["id"], - "id" => follow.id, - "in_reply_to_status_id" => nil, - "is_local" => true, - "is_post_verb" => false, - "statusnet_html" => "#{user.nickname} started following shp", - "text" => "#{user.nickname} started following shp", - "user" => UserView.render("show.json", user: user) - } - - assert result == expected - end - - test "a delete activity" do - user = insert(:user) - - {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"}) - {:ok, delete} = CommonAPI.delete(activity.id, user) - - result = ActivityView.render("activity.json", activity: delete) - - expected = %{ - "activity_type" => "delete", - "attentions" => [], - "created_at" => delete.data["published"] |> Utils.date_to_asctime(), - "external_url" => delete.data["id"], - "id" => delete.id, - "in_reply_to_status_id" => nil, - "is_local" => true, - "is_post_verb" => false, - "statusnet_html" => "deleted notice {{tag", - "text" => "deleted notice {{tag", - "uri" => Object.normalize(delete).data["id"], - "user" => UserView.render("show.json", user: user) - } - - assert result == expected - end - - test "a peertube video" do - {:ok, object} = - Pleroma.Object.Fetcher.fetch_object_from_id( - "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3" - ) - - %Activity{} = activity = Activity.get_create_by_object_ap_id(object.data["id"]) - - result = ActivityView.render("activity.json", activity: activity) - - assert length(result["attachments"]) == 1 - assert result["summary"] == "Friday Night" - end - - test "special characters are not escaped in text field for status created" do - text = "<3 is on the way" - - {:ok, activity} = CommonAPI.post(insert(:user), %{"status" => text}) - - result = ActivityView.render("activity.json", activity: activity) - - assert result["text"] == text - end -end diff --git a/test/web/twitter_api/views/notification_view_test.exs b/test/web/twitter_api/views/notification_view_test.exs deleted file mode 100644 index 6baeeaf63..000000000 --- a/test/web/twitter_api/views/notification_view_test.exs +++ /dev/null @@ -1,112 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.TwitterAPI.NotificationViewTest do - use Pleroma.DataCase - - alias Pleroma.Notification - alias Pleroma.User - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.CommonAPI.Utils - alias Pleroma.Web.TwitterAPI.ActivityView - alias Pleroma.Web.TwitterAPI.NotificationView - alias Pleroma.Web.TwitterAPI.TwitterAPI - alias Pleroma.Web.TwitterAPI.UserView - - import Pleroma.Factory - - setup do - user = insert(:user, bio: "<span>Here's some html</span>") - [user: user] - end - - test "A follow notification" do - note_activity = insert(:note_activity) - user = User.get_cached_by_ap_id(note_activity.data["actor"]) - follower = insert(:user) - - {:ok, follower} = User.follow(follower, user) - {:ok, activity} = ActivityPub.follow(follower, user) - Cachex.put(:user_cache, "user_info:#{user.id}", User.user_info(Repo.get!(User, user.id))) - [follow_notif] = Notification.for_user(user) - - represented = %{ - "created_at" => follow_notif.inserted_at |> Utils.format_naive_asctime(), - "from_profile" => UserView.render("show.json", %{user: follower, for: user}), - "id" => follow_notif.id, - "is_seen" => 0, - "notice" => ActivityView.render("activity.json", %{activity: activity, for: user}), - "ntype" => "follow" - } - - assert represented == - NotificationView.render("notification.json", %{notification: follow_notif, for: user}) - end - - test "A mention notification" do - user = insert(:user) - other_user = insert(:user) - - {:ok, activity} = - TwitterAPI.create_status(other_user, %{"status" => "Päivää, @#{user.nickname}"}) - - [notification] = Notification.for_user(user) - - represented = %{ - "created_at" => notification.inserted_at |> Utils.format_naive_asctime(), - "from_profile" => UserView.render("show.json", %{user: other_user, for: user}), - "id" => notification.id, - "is_seen" => 0, - "notice" => ActivityView.render("activity.json", %{activity: activity, for: user}), - "ntype" => "mention" - } - - assert represented == - NotificationView.render("notification.json", %{notification: notification, for: user}) - end - - test "A retweet notification" do - note_activity = insert(:note_activity) - user = User.get_cached_by_ap_id(note_activity.data["actor"]) - repeater = insert(:user) - - {:ok, _activity} = TwitterAPI.repeat(repeater, note_activity.id) - [notification] = Notification.for_user(user) - - represented = %{ - "created_at" => notification.inserted_at |> Utils.format_naive_asctime(), - "from_profile" => UserView.render("show.json", %{user: repeater, for: user}), - "id" => notification.id, - "is_seen" => 0, - "notice" => - ActivityView.render("activity.json", %{activity: notification.activity, for: user}), - "ntype" => "repeat" - } - - assert represented == - NotificationView.render("notification.json", %{notification: notification, for: user}) - end - - test "A like notification" do - note_activity = insert(:note_activity) - user = User.get_cached_by_ap_id(note_activity.data["actor"]) - liker = insert(:user) - - {:ok, _activity} = TwitterAPI.fav(liker, note_activity.id) - [notification] = Notification.for_user(user) - - represented = %{ - "created_at" => notification.inserted_at |> Utils.format_naive_asctime(), - "from_profile" => UserView.render("show.json", %{user: liker, for: user}), - "id" => notification.id, - "is_seen" => 0, - "notice" => - ActivityView.render("activity.json", %{activity: notification.activity, for: user}), - "ntype" => "like" - } - - assert represented == - NotificationView.render("notification.json", %{notification: notification, for: user}) - end -end diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs deleted file mode 100644 index 70c5a0b7f..000000000 --- a/test/web/twitter_api/views/user_view_test.exs +++ /dev/null @@ -1,323 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.TwitterAPI.UserViewTest do - use Pleroma.DataCase - - alias Pleroma.User - alias Pleroma.Web.CommonAPI.Utils - alias Pleroma.Web.TwitterAPI.UserView - - import Pleroma.Factory - - setup do - user = insert(:user, bio: "<span>Here's some html</span>") - [user: user] - end - - test "A user with only a nickname", %{user: user} do - user = %{user | name: nil, nickname: "scarlett@catgirl.science"} - represented = UserView.render("show.json", %{user: user}) - assert represented["name"] == user.nickname - assert represented["name_html"] == user.nickname - end - - test "A user with an avatar object", %{user: user} do - image = "image" - user = %{user | avatar: %{"url" => [%{"href" => image}]}} - represented = UserView.render("show.json", %{user: user}) - assert represented["profile_image_url"] == image - end - - test "A user with emoji in username" do - expected = - "<img class=\"emoji\" alt=\"karjalanpiirakka\" title=\"karjalanpiirakka\" src=\"/file.png\" /> man" - - user = - insert(:user, %{ - info: %{ - source_data: %{ - "tag" => [ - %{ - "type" => "Emoji", - "icon" => %{"url" => "/file.png"}, - "name" => ":karjalanpiirakka:" - } - ] - } - }, - name: ":karjalanpiirakka: man" - }) - - represented = UserView.render("show.json", %{user: user}) - assert represented["name_html"] == expected - end - - test "A user" do - note_activity = insert(:note_activity) - user = User.get_cached_by_ap_id(note_activity.data["actor"]) - {:ok, user} = User.update_note_count(user) - follower = insert(:user) - second_follower = insert(:user) - - User.follow(follower, user) - User.follow(second_follower, user) - User.follow(user, follower) - {:ok, user} = User.update_follower_count(user) - Cachex.put(:user_cache, "user_info:#{user.id}", User.user_info(Repo.get!(User, user.id))) - - image = "http://localhost:4001/images/avi.png" - banner = "http://localhost:4001/images/banner.png" - - represented = %{ - "id" => user.id, - "name" => user.name, - "screen_name" => user.nickname, - "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), - "description_html" => HtmlSanitizeEx.basic_html(user.bio), - "created_at" => user.inserted_at |> Utils.format_naive_asctime(), - "favourites_count" => 0, - "statuses_count" => 1, - "friends_count" => 1, - "followers_count" => 2, - "profile_image_url" => image, - "profile_image_url_https" => image, - "profile_image_url_profile_size" => image, - "profile_image_url_original" => image, - "following" => false, - "follows_you" => false, - "statusnet_blocking" => false, - "statusnet_profile_url" => user.ap_id, - "cover_photo" => banner, - "background_image" => nil, - "is_local" => true, - "locked" => false, - "hide_follows" => false, - "hide_followers" => false, - "fields" => [], - "pleroma" => %{ - "confirmation_pending" => false, - "tags" => [], - "skip_thread_containment" => false - }, - "rights" => %{"admin" => false, "delete_others_notice" => false}, - "role" => "member" - } - - assert represented == UserView.render("show.json", %{user: user}) - end - - test "User exposes settings for themselves and only for themselves", %{user: user} do - as_user = UserView.render("show.json", %{user: user, for: user}) - assert as_user["default_scope"] == user.info.default_scope - assert as_user["no_rich_text"] == user.info.no_rich_text - assert as_user["pleroma"]["notification_settings"] == user.info.notification_settings - as_stranger = UserView.render("show.json", %{user: user}) - refute as_stranger["default_scope"] - refute as_stranger["no_rich_text"] - refute as_stranger["pleroma"]["notification_settings"] - end - - test "A user for a given other follower", %{user: user} do - follower = insert(:user, %{following: [User.ap_followers(user)]}) - {:ok, user} = User.update_follower_count(user) - image = "http://localhost:4001/images/avi.png" - banner = "http://localhost:4001/images/banner.png" - - represented = %{ - "id" => user.id, - "name" => user.name, - "screen_name" => user.nickname, - "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), - "description_html" => HtmlSanitizeEx.basic_html(user.bio), - "created_at" => user.inserted_at |> Utils.format_naive_asctime(), - "favourites_count" => 0, - "statuses_count" => 0, - "friends_count" => 0, - "followers_count" => 1, - "profile_image_url" => image, - "profile_image_url_https" => image, - "profile_image_url_profile_size" => image, - "profile_image_url_original" => image, - "following" => true, - "follows_you" => false, - "statusnet_blocking" => false, - "statusnet_profile_url" => user.ap_id, - "cover_photo" => banner, - "background_image" => nil, - "is_local" => true, - "locked" => false, - "hide_follows" => false, - "hide_followers" => false, - "fields" => [], - "pleroma" => %{ - "confirmation_pending" => false, - "tags" => [], - "skip_thread_containment" => false - }, - "rights" => %{"admin" => false, "delete_others_notice" => false}, - "role" => "member" - } - - assert represented == UserView.render("show.json", %{user: user, for: follower}) - end - - test "A user that follows you", %{user: user} do - follower = insert(:user) - {:ok, follower} = User.follow(follower, user) - {:ok, user} = User.update_follower_count(user) - image = "http://localhost:4001/images/avi.png" - banner = "http://localhost:4001/images/banner.png" - - represented = %{ - "id" => follower.id, - "name" => follower.name, - "screen_name" => follower.nickname, - "name_html" => follower.name, - "description" => HtmlSanitizeEx.strip_tags(follower.bio |> String.replace("<br>", "\n")), - "description_html" => HtmlSanitizeEx.basic_html(follower.bio), - "created_at" => follower.inserted_at |> Utils.format_naive_asctime(), - "favourites_count" => 0, - "statuses_count" => 0, - "friends_count" => 1, - "followers_count" => 0, - "profile_image_url" => image, - "profile_image_url_https" => image, - "profile_image_url_profile_size" => image, - "profile_image_url_original" => image, - "following" => false, - "follows_you" => true, - "statusnet_blocking" => false, - "statusnet_profile_url" => follower.ap_id, - "cover_photo" => banner, - "background_image" => nil, - "is_local" => true, - "locked" => false, - "hide_follows" => false, - "hide_followers" => false, - "fields" => [], - "pleroma" => %{ - "confirmation_pending" => false, - "tags" => [], - "skip_thread_containment" => false - }, - "rights" => %{"admin" => false, "delete_others_notice" => false}, - "role" => "member" - } - - assert represented == UserView.render("show.json", %{user: follower, for: user}) - end - - test "a user that is a moderator" do - user = insert(:user, %{info: %{is_moderator: true}}) - represented = UserView.render("show.json", %{user: user, for: user}) - - assert represented["rights"]["delete_others_notice"] - assert represented["role"] == "moderator" - end - - test "a user that is a admin" do - user = insert(:user, %{info: %{is_admin: true}}) - represented = UserView.render("show.json", %{user: user, for: user}) - - assert represented["rights"]["admin"] - assert represented["role"] == "admin" - end - - test "A moderator with hidden role for another user", %{user: user} do - admin = insert(:user, %{info: %{is_moderator: true, show_role: false}}) - represented = UserView.render("show.json", %{user: admin, for: user}) - - assert represented["role"] == nil - end - - test "An admin with hidden role for another user", %{user: user} do - admin = insert(:user, %{info: %{is_admin: true, show_role: false}}) - represented = UserView.render("show.json", %{user: admin, for: user}) - - assert represented["role"] == nil - end - - test "A regular user for the admin", %{user: user} do - admin = insert(:user, %{info: %{is_admin: true}}) - represented = UserView.render("show.json", %{user: user, for: admin}) - - assert represented["pleroma"]["deactivated"] == false - end - - test "A blocked user for the blocker" do - user = insert(:user) - blocker = insert(:user) - User.block(blocker, user) - image = "http://localhost:4001/images/avi.png" - banner = "http://localhost:4001/images/banner.png" - - represented = %{ - "id" => user.id, - "name" => user.name, - "screen_name" => user.nickname, - "name_html" => user.name, - "description" => HtmlSanitizeEx.strip_tags(user.bio |> String.replace("<br>", "\n")), - "description_html" => HtmlSanitizeEx.basic_html(user.bio), - "created_at" => user.inserted_at |> Utils.format_naive_asctime(), - "favourites_count" => 0, - "statuses_count" => 0, - "friends_count" => 0, - "followers_count" => 0, - "profile_image_url" => image, - "profile_image_url_https" => image, - "profile_image_url_profile_size" => image, - "profile_image_url_original" => image, - "following" => false, - "follows_you" => false, - "statusnet_blocking" => true, - "statusnet_profile_url" => user.ap_id, - "cover_photo" => banner, - "background_image" => nil, - "is_local" => true, - "locked" => false, - "hide_follows" => false, - "hide_followers" => false, - "fields" => [], - "pleroma" => %{ - "confirmation_pending" => false, - "tags" => [], - "skip_thread_containment" => false - }, - "rights" => %{"admin" => false, "delete_others_notice" => false}, - "role" => "member" - } - - blocker = User.get_cached_by_id(blocker.id) - assert represented == UserView.render("show.json", %{user: user, for: blocker}) - end - - test "a user with mastodon fields" do - fields = [ - %{ - "name" => "Pronouns", - "value" => "she/her" - }, - %{ - "name" => "Website", - "value" => "https://example.org/" - } - ] - - user = - insert(:user, %{ - info: %{ - source_data: %{ - "attachment" => - Enum.map(fields, fn field -> Map.put(field, "type", "PropertyValue") end) - } - } - }) - - userview = UserView.render("show.json", %{user: user}) - assert userview["fields"] == fields - end -end |