7 files changed, 188 insertions, 14 deletions

diff --git a/test/plugs/admin_secret_authentication_plug_test.exs b/test/plugs/admin_secret_authentication_plug_test.exs
index c94a62c10..506b1f609 100644
--- a/test/plugs/admin_secret_authentication_plug_test.exs
+++ b/test/plugs/admin_secret_authentication_plug_test.exs
@@ -22,21 +22,39 @@ defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
     assert conn == ret_conn
   end
 
-  test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{
-    conn: conn
-  } do
-    Pleroma.Config.put(:admin_token, "password123")
+  describe "when secret set it assigns an admin user" do
+    test "with `admin_token` query parameter", %{conn: conn} do
+      Pleroma.Config.put(:admin_token, "password123")
 
-    conn =
-      %{conn | params: %{"admin_token" => "wrong_password"}}
-      |> AdminSecretAuthenticationPlug.call(%{})
+      conn =
+        %{conn | params: %{"admin_token" => "wrong_password"}}
+        |> AdminSecretAuthenticationPlug.call(%{})
 
-    refute conn.assigns[:user]
+      refute conn.assigns[:user]
 
-    conn =
-      %{conn | params: %{"admin_token" => "password123"}}
-      |> AdminSecretAuthenticationPlug.call(%{})
+      conn =
+        %{conn | params: %{"admin_token" => "password123"}}
+        |> AdminSecretAuthenticationPlug.call(%{})
+
+      assert conn.assigns[:user].is_admin
+    end
+
+    test "with `x-admin-token` HTTP header", %{conn: conn} do
+      Pleroma.Config.put(:admin_token, "☕️")
+
+      conn =
+        conn
+        |> put_req_header("x-admin-token", "🥛")
+        |> AdminSecretAuthenticationPlug.call(%{})
+
+      refute conn.assigns[:user]
+
+      conn =
+        conn
+        |> put_req_header("x-admin-token", "☕️")
+        |> AdminSecretAuthenticationPlug.call(%{})
 
-    assert conn.assigns[:user].is_admin
+      assert conn.assigns[:user].is_admin
+    end
   end
 end
diff --git a/test/plugs/user_enabled_plug_test.exs b/test/plugs/user_enabled_plug_test.exs
index 996a7d77b..a4035bf0e 100644
--- a/test/plugs/user_enabled_plug_test.exs
+++ b/test/plugs/user_enabled_plug_test.exs
@@ -16,6 +16,23 @@ defmodule Pleroma.Plugs.UserEnabledPlugTest do
     assert ret_conn == conn
   end
 
+  test "with a user that's not confirmed and a config requiring confirmation, it removes that user",
+       %{conn: conn} do
+    old = Pleroma.Config.get([:instance, :account_activation_required])
+    Pleroma.Config.put([:instance, :account_activation_required], true)
+
+    user = insert(:user, confirmation_pending: true)
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> UserEnabledPlug.call(%{})
+
+    assert conn.assigns.user == nil
+
+    Pleroma.Config.put([:instance, :account_activation_required], old)
+  end
+
   test "with a user that is deactivated, it removes that user", %{conn: conn} do
     user = insert(:user, deactivated: true)
 
diff --git a/test/user_test.exs b/test/user_test.exs
index 6b1b24ce5..8fdb6b25f 100644
--- a/test/user_test.exs
+++ b/test/user_test.exs
@@ -1195,6 +1195,13 @@ defmodule Pleroma.UserTest do
     refute User.auth_active?(local_user)
     assert User.auth_active?(confirmed_user)
     assert User.auth_active?(remote_user)
+
+    # also shows unactive for deactivated users
+
+    deactivated_but_confirmed =
+      insert(:user, local: true, confirmation_pending: false, deactivated: true)
+
+    refute User.auth_active?(deactivated_but_confirmed)
   end
 
   describe "superuser?/1" do
diff --git a/test/web/activity_pub/mrf/object_age_policy_test.exs b/test/web/activity_pub/mrf/object_age_policy_test.exs
new file mode 100644
index 000000000..643609da4
--- /dev/null
+++ b/test/web/activity_pub/mrf/object_age_policy_test.exs
@@ -0,0 +1,105 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
+  use Pleroma.DataCase
+  alias Pleroma.Config
+  alias Pleroma.User
+  alias Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy
+  alias Pleroma.Web.ActivityPub.Visibility
+
+  clear_config([:mrf_object_age]) do
+    Config.put(:mrf_object_age,
+      threshold: 172_800,
+      actions: [:delist, :strip_followers]
+    )
+  end
+
+  setup_all do
+    Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
+    :ok
+  end
+
+  describe "with reject action" do
+    test "it rejects an old post" do
+      Config.put([:mrf_object_age, :actions], [:reject])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+
+      {:reject, _} = ObjectAgePolicy.filter(data)
+    end
+
+    test "it allows a new post" do
+      Config.put([:mrf_object_age, :actions], [:reject])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+
+      {:ok, _} = ObjectAgePolicy.filter(data)
+    end
+  end
+
+  describe "with delist action" do
+    test "it delists an old post" do
+      Config.put([:mrf_object_age, :actions], [:delist])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+
+      {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, data} = ObjectAgePolicy.filter(data)
+
+      assert Visibility.get_visibility(%{data: data}) == "unlisted"
+    end
+
+    test "it allows a new post" do
+      Config.put([:mrf_object_age, :actions], [:delist])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+
+      {:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, ^data} = ObjectAgePolicy.filter(data)
+    end
+  end
+
+  describe "with strip_followers action" do
+    test "it strips followers collections from an old post" do
+      Config.put([:mrf_object_age, :actions], [:strip_followers])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+
+      {:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, data} = ObjectAgePolicy.filter(data)
+
+      refute user.follower_address in data["to"]
+      refute user.follower_address in data["cc"]
+    end
+
+    test "it allows a new post" do
+      Config.put([:mrf_object_age, :actions], [:strip_followers])
+
+      data =
+        File.read!("test/fixtures/mastodon-post-activity.json")
+        |> Poison.decode!()
+        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+
+      {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, ^data} = ObjectAgePolicy.filter(data)
+    end
+  end
+end
diff --git a/test/web/mastodon_api/controllers/filter_controller_test.exs b/test/web/mastodon_api/controllers/filter_controller_test.exs
index 5d5b56c8e..550689788 100644
--- a/test/web/mastodon_api/controllers/filter_controller_test.exs
+++ b/test/web/mastodon_api/controllers/filter_controller_test.exs
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MastodonAPI.FilterControllerTest do
-  use Pleroma.Web.ConnCase, async: true
+  use Pleroma.Web.ConnCase
 
   alias Pleroma.Web.MastodonAPI.FilterView
 
diff --git a/test/web/mastodon_api/controllers/scheduled_activity_controller_test.exs b/test/web/mastodon_api/controllers/scheduled_activity_controller_test.exs
index 9ad6a4fa7..ae5fee2bc 100644
--- a/test/web/mastodon_api/controllers/scheduled_activity_controller_test.exs
+++ b/test/web/mastodon_api/controllers/scheduled_activity_controller_test.exs
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MastodonAPI.ScheduledActivityControllerTest do
-  use Pleroma.Web.ConnCase, async: true
+  use Pleroma.Web.ConnCase
 
   alias Pleroma.Repo
   alias Pleroma.ScheduledActivity
diff --git a/test/web/node_info_test.exs b/test/web/node_info_test.exs
index 6cc876602..9a574a38d 100644
--- a/test/web/node_info_test.exs
+++ b/test/web/node_info_test.exs
@@ -61,6 +61,33 @@ defmodule Pleroma.Web.NodeInfoTest do
     assert Pleroma.Application.repository() == result["software"]["repository"]
   end
 
+  test "returns fieldsLimits field", %{conn: conn} do
+    max_account_fields = Pleroma.Config.get([:instance, :max_account_fields])
+    max_remote_account_fields = Pleroma.Config.get([:instance, :max_remote_account_fields])
+    account_field_name_length = Pleroma.Config.get([:instance, :account_field_name_length])
+    account_field_value_length = Pleroma.Config.get([:instance, :account_field_value_length])
+
+    Pleroma.Config.put([:instance, :max_account_fields], 10)
+    Pleroma.Config.put([:instance, :max_remote_account_fields], 15)
+    Pleroma.Config.put([:instance, :account_field_name_length], 255)
+    Pleroma.Config.put([:instance, :account_field_value_length], 2048)
+
+    response =
+      conn
+      |> get("/nodeinfo/2.1.json")
+      |> json_response(:ok)
+
+    assert response["metadata"]["fieldsLimits"]["maxFields"] == 10
+    assert response["metadata"]["fieldsLimits"]["maxRemoteFields"] == 15
+    assert response["metadata"]["fieldsLimits"]["nameLength"] == 255
+    assert response["metadata"]["fieldsLimits"]["valueLength"] == 2048
+
+    Pleroma.Config.put([:instance, :max_account_fields], max_account_fields)
+    Pleroma.Config.put([:instance, :max_remote_account_fields], max_remote_account_fields)
+    Pleroma.Config.put([:instance, :account_field_name_length], account_field_name_length)
+    Pleroma.Config.put([:instance, :account_field_value_length], account_field_value_length)
+  end
+
   test "it returns the safe_dm_mentions feature if enabled", %{conn: conn} do
     option = Pleroma.Config.get([:instance, :safe_dm_mentions])
     Pleroma.Config.put([:instance, :safe_dm_mentions], true)