Merge branch 'develop' into feature/database-compaction

17 files changed, 377 insertions, 11 deletions

diff --git a/test/plugs/admin_secret_authentication_plug_test.exs b/test/plugs/admin_secret_authentication_plug_test.exs
new file mode 100644
index 000000000..e1d4b391f
--- /dev/null
+++ b/test/plugs/admin_secret_authentication_plug_test.exs
@@ -0,0 +1,42 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+  import Pleroma.Factory
+
+  alias Pleroma.Plugs.AdminSecretAuthenticationPlug
+
+  test "does nothing if a user is assigned", %{conn: conn} do
+    user = insert(:user)
+
+    conn =
+      conn
+      |> assign(:user, user)
+
+    ret_conn =
+      conn
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    assert conn == ret_conn
+  end
+
+  test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{
+    conn: conn
+  } do
+    Pleroma.Config.put(:admin_token, "password123")
+
+    conn =
+      %{conn | params: %{"admin_token" => "wrong_password"}}
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    refute conn.assigns[:user]
+
+    conn =
+      %{conn | params: %{"admin_token" => "password123"}}
+      |> AdminSecretAuthenticationPlug.call(%{})
+
+    assert conn.assigns[:user].info.is_admin
+  end
+end
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs
index 061fa0cac..6158086ea 100644
--- a/test/plugs/authentication_plug_test.exs
+++ b/test/plugs/authentication_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.AuthenticationPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/basic_auth_decoder_plug_test.exs b/test/plugs/basic_auth_decoder_plug_test.exs
index a4876fef7..4d7728e93 100644
--- a/test/plugs/basic_auth_decoder_plug_test.exs
+++ b/test/plugs/basic_auth_decoder_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.BasicAuthDecoderPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/ensure_authenticated_plug_test.exs b/test/plugs/ensure_authenticated_plug_test.exs
index b32817fef..37ab5213a 100644
--- a/test/plugs/ensure_authenticated_plug_test.exs
+++ b/test/plugs/ensure_authenticated_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.EnsureAuthenticatedPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/ensure_user_key_plug_test.exs b/test/plugs/ensure_user_key_plug_test.exs
index 9beda838e..6a9627f6a 100644
--- a/test/plugs/ensure_user_key_plug_test.exs
+++ b/test/plugs/ensure_user_key_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.EnsureUserKeyPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/http_security_plug_test.exs b/test/plugs/http_security_plug_test.exs
index 169c3b3a8..0cbb7e4b1 100644
--- a/test/plugs/http_security_plug_test.exs
+++ b/test/plugs/http_security_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
   use Pleroma.Web.ConnCase
   alias Pleroma.Config
diff --git a/test/plugs/http_signature_plug_test.exs b/test/plugs/http_signature_plug_test.exs
index a15c5b470..6a00dd4fd 100644
--- a/test/plugs/http_signature_plug_test.exs
+++ b/test/plugs/http_signature_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
   use Pleroma.Web.ConnCase
   alias Pleroma.Web.HTTPSignatures
diff --git a/test/plugs/instance_static_test.exs b/test/plugs/instance_static_test.exs
new file mode 100644
index 000000000..e2dcfa3d8
--- /dev/null
+++ b/test/plugs/instance_static_test.exs
@@ -0,0 +1,47 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.RuntimeStaticPlugTest do
+  use Pleroma.Web.ConnCase
+
+  @dir "test/tmp/instance_static"
+
+  setup do
+    static_dir = Pleroma.Config.get([:instance, :static_dir])
+    Pleroma.Config.put([:instance, :static_dir], @dir)
+    File.mkdir_p!(@dir)
+
+    on_exit(fn ->
+      Pleroma.Config.put([:instance, :static_dir], static_dir)
+      File.rm_rf(@dir)
+    end)
+  end
+
+  test "overrides index" do
+    bundled_index = get(build_conn(), "/")
+    assert html_response(bundled_index, 200) == File.read!("priv/static/index.html")
+
+    File.write!(@dir <> "/index.html", "hello world")
+
+    index = get(build_conn(), "/")
+    assert html_response(index, 200) == "hello world"
+  end
+
+  test "overrides any file in static/static" do
+    bundled_index = get(build_conn(), "/static/terms-of-service.html")
+
+    assert html_response(bundled_index, 200) ==
+             File.read!("priv/static/static/terms-of-service.html")
+
+    File.mkdir!(@dir <> "/static")
+    File.write!(@dir <> "/static/terms-of-service.html", "plz be kind")
+
+    index = get(build_conn(), "/static/terms-of-service.html")
+    assert html_response(index, 200) == "plz be kind"
+
+    File.write!(@dir <> "/static/kaniini.html", "<h1>rabbit hugs as a service</h1>")
+    index = get(build_conn(), "/static/kaniini.html")
+    assert html_response(index, 200) == "<h1>rabbit hugs as a service</h1>"
+  end
+end
diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs
index 383a22ff8..8b0b06772 100644
--- a/test/plugs/legacy_authentication_plug_test.exs
+++ b/test/plugs/legacy_authentication_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
@@ -43,16 +47,18 @@ defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do
       |> assign(:auth_user, user)
 
     conn =
-      with_mock User,
-        reset_password: fn user, %{password: password, password_confirmation: password} ->
-          send(self(), :reset_password)
-          {:ok, user}
-        end do
-        conn
-        |> LegacyAuthenticationPlug.call(%{})
+      with_mocks([
+        {:crypt, [], [crypt: fn _password, password_hash -> password_hash end]},
+        {User, [],
+         [
+           reset_password: fn user, %{password: password, password_confirmation: password} ->
+             {:ok, user}
+           end
+         ]}
+      ]) do
+        LegacyAuthenticationPlug.call(conn, %{})
       end
 
-    assert_received :reset_password
     assert conn.assigns.user == user
   end
 
diff --git a/test/plugs/oauth_plug_test.exs b/test/plugs/oauth_plug_test.exs
new file mode 100644
index 000000000..17fdba916
--- /dev/null
+++ b/test/plugs/oauth_plug_test.exs
@@ -0,0 +1,60 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Plugs.OAuthPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Plugs.OAuthPlug
+  import Pleroma.Factory
+
+  @session_opts [
+    store: :cookie,
+    key: "_test",
+    signing_salt: "cooldude"
+  ]
+
+  setup %{conn: conn} do
+    user = insert(:user)
+    {:ok, %{token: token}} = Pleroma.Web.OAuth.Token.create_token(insert(:oauth_app), user)
+    %{user: user, token: token, conn: conn}
+  end
+
+  test "with valid token(uppercase), it assigns the user", %{conn: conn} = opts do
+    conn =
+      conn
+      |> put_req_header("authorization", "BEARER #{opts[:token]}")
+      |> OAuthPlug.call(%{})
+
+    assert conn.assigns[:user] == opts[:user]
+  end
+
+  test "with valid token(downcase), it assigns the user", %{conn: conn} = opts do
+    conn =
+      conn
+      |> put_req_header("authorization", "bearer #{opts[:token]}")
+      |> OAuthPlug.call(%{})
+
+    assert conn.assigns[:user] == opts[:user]
+  end
+
+  test "with invalid token, it not assigns the user", %{conn: conn} do
+    conn =
+      conn
+      |> put_req_header("authorization", "bearer TTTTT")
+      |> OAuthPlug.call(%{})
+
+    refute conn.assigns[:user]
+  end
+
+  test "when token is missed but token in session, it assigns the user", %{conn: conn} = opts do
+    conn =
+      conn
+      |> Plug.Session.call(Plug.Session.init(@session_opts))
+      |> fetch_session()
+      |> put_session(:oauth_token, opts[:token])
+      |> OAuthPlug.call(%{})
+
+    assert conn.assigns[:user] == opts[:user]
+  end
+end
diff --git a/test/plugs/oauth_scopes_plug_test.exs b/test/plugs/oauth_scopes_plug_test.exs
new file mode 100644
index 000000000..f328026df
--- /dev/null
+++ b/test/plugs/oauth_scopes_plug_test.exs
@@ -0,0 +1,122 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Plugs.OAuthScopesPlugTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Plugs.OAuthScopesPlug
+  alias Pleroma.Repo
+
+  import Pleroma.Factory
+
+  test "proceeds with no op if `assigns[:token]` is nil", %{conn: conn} do
+    conn =
+      conn
+      |> assign(:user, insert(:user))
+      |> OAuthScopesPlug.call(%{scopes: ["read"]})
+
+    refute conn.halted
+    assert conn.assigns[:user]
+  end
+
+  test "proceeds with no op if `token.scopes` fulfill specified 'any of' conditions", %{
+    conn: conn
+  } do
+    token = insert(:oauth_token, scopes: ["read", "write"]) |> Repo.preload(:user)
+
+    conn =
+      conn
+      |> assign(:user, token.user)
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{scopes: ["read"]})
+
+    refute conn.halted
+    assert conn.assigns[:user]
+  end
+
+  test "proceeds with no op if `token.scopes` fulfill specified 'all of' conditions", %{
+    conn: conn
+  } do
+    token = insert(:oauth_token, scopes: ["scope1", "scope2", "scope3"]) |> Repo.preload(:user)
+
+    conn =
+      conn
+      |> assign(:user, token.user)
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{scopes: ["scope2", "scope3"], op: :&})
+
+    refute conn.halted
+    assert conn.assigns[:user]
+  end
+
+  test "proceeds with cleared `assigns[:user]` if `token.scopes` doesn't fulfill specified 'any of' conditions " <>
+         "and `fallback: :proceed_unauthenticated` option is specified",
+       %{conn: conn} do
+    token = insert(:oauth_token, scopes: ["read", "write"]) |> Repo.preload(:user)
+
+    conn =
+      conn
+      |> assign(:user, token.user)
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{scopes: ["follow"], fallback: :proceed_unauthenticated})
+
+    refute conn.halted
+    refute conn.assigns[:user]
+  end
+
+  test "proceeds with cleared `assigns[:user]` if `token.scopes` doesn't fulfill specified 'all of' conditions " <>
+         "and `fallback: :proceed_unauthenticated` option is specified",
+       %{conn: conn} do
+    token = insert(:oauth_token, scopes: ["read", "write"]) |> Repo.preload(:user)
+
+    conn =
+      conn
+      |> assign(:user, token.user)
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{
+        scopes: ["read", "follow"],
+        op: :&,
+        fallback: :proceed_unauthenticated
+      })
+
+    refute conn.halted
+    refute conn.assigns[:user]
+  end
+
+  test "returns 403 and halts in case of no :fallback option and `token.scopes` not fulfilling specified 'any of' conditions",
+       %{conn: conn} do
+    token = insert(:oauth_token, scopes: ["read", "write"])
+    any_of_scopes = ["follow"]
+
+    conn =
+      conn
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{scopes: any_of_scopes})
+
+    assert conn.halted
+    assert 403 == conn.status
+
+    expected_error = "Insufficient permissions: #{Enum.join(any_of_scopes, ", ")}."
+    assert Jason.encode!(%{error: expected_error}) == conn.resp_body
+  end
+
+  test "returns 403 and halts in case of no :fallback option and `token.scopes` not fulfilling specified 'all of' conditions",
+       %{conn: conn} do
+    token = insert(:oauth_token, scopes: ["read", "write"])
+    all_of_scopes = ["write", "follow"]
+
+    conn =
+      conn
+      |> assign(:token, token)
+      |> OAuthScopesPlug.call(%{scopes: all_of_scopes, op: :&})
+
+    assert conn.halted
+    assert 403 == conn.status
+
+    expected_error =
+      "Insufficient permissions: #{Enum.join(all_of_scopes -- token.scopes, ", ")}."
+
+    assert Jason.encode!(%{error: expected_error}) == conn.resp_body
+  end
+end
diff --git a/test/plugs/session_authentication_plug_test.exs b/test/plugs/session_authentication_plug_test.exs
index bb51bc0db..0000f4258 100644
--- a/test/plugs/session_authentication_plug_test.exs
+++ b/test/plugs/session_authentication_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.SessionAuthenticationPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/set_user_session_id_plug_test.exs b/test/plugs/set_user_session_id_plug_test.exs
index 5edc0dab8..f8bfde039 100644
--- a/test/plugs/set_user_session_id_plug_test.exs
+++ b/test/plugs/set_user_session_id_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.SetUserSessionIdPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
@@ -28,6 +32,8 @@ defmodule Pleroma.Plugs.SetUserSessionIdPlugTest do
   end
 
   test "sets the user_id in the session to the user id of the user assign", %{conn: conn} do
+    Code.ensure_compiled(Pleroma.User)
+
     conn =
       conn
       |> assign(:user, %User{id: 1})
diff --git a/test/plugs/uploaded_media_plug_test.exs b/test/plugs/uploaded_media_plug_test.exs
new file mode 100644
index 000000000..49cf5396a
--- /dev/null
+++ b/test/plugs/uploaded_media_plug_test.exs
@@ -0,0 +1,43 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.UploadedMediaPlugTest do
+  use Pleroma.Web.ConnCase
+  alias Pleroma.Upload
+
+  defp upload_file(context) do
+    Pleroma.DataCase.ensure_local_uploader(context)
+    File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
+
+    file = %Plug.Upload{
+      content_type: "image/jpg",
+      path: Path.absname("test/fixtures/image_tmp.jpg"),
+      filename: "nice_tf.jpg"
+    }
+
+    {:ok, data} = Upload.store(file)
+    [%{"href" => attachment_url} | _] = data["url"]
+    [attachment_url: attachment_url]
+  end
+
+  setup_all :upload_file
+
+  test "does not send Content-Disposition header when name param is not set", %{
+    attachment_url: attachment_url
+  } do
+    conn = get(build_conn(), attachment_url)
+    refute Enum.any?(conn.resp_headers, &(elem(&1, 0) == "content-disposition"))
+  end
+
+  test "sends Content-Disposition header when name param is set", %{
+    attachment_url: attachment_url
+  } do
+    conn = get(build_conn(), attachment_url <> "?name=\"cofe\".gif")
+
+    assert Enum.any?(
+             conn.resp_headers,
+             &(&1 == {"content-disposition", "filename=\"\\\"cofe\\\".gif\""})
+           )
+  end
+end
diff --git a/test/plugs/user_enabled_plug_test.exs b/test/plugs/user_enabled_plug_test.exs
index eeb167933..c0fafcab1 100644
--- a/test/plugs/user_enabled_plug_test.exs
+++ b/test/plugs/user_enabled_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.UserEnabledPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/user_fetcher_plug_test.exs b/test/plugs/user_fetcher_plug_test.exs
index 5195a0c4a..262eb8d93 100644
--- a/test/plugs/user_fetcher_plug_test.exs
+++ b/test/plugs/user_fetcher_plug_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.UserFetcherPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
diff --git a/test/plugs/user_is_admin_plug_test.exs b/test/plugs/user_is_admin_plug_test.exs
index 031b2f466..9e05fff18 100644
--- a/test/plugs/user_is_admin_plug_test.exs
+++ b/test/plugs/user_is_admin_plug_test.exs
@@ -1,10 +1,14 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Plugs.UserIsAdminPlugTest do
   use Pleroma.Web.ConnCase, async: true
 
   alias Pleroma.Plugs.UserIsAdminPlug
   import Pleroma.Factory
 
-  test "accepts a user that is admin", %{conn: conn} do
+  test "accepts a user that is admin" do
     user = insert(:user, info: %{is_admin: true})
 
     conn =
@@ -18,7 +22,7 @@ defmodule Pleroma.Plugs.UserIsAdminPlugTest do
     assert conn == ret_conn
   end
 
-  test "denies a user that isn't admin", %{conn: conn} do
+  test "denies a user that isn't admin" do
     user = insert(:user)
 
     conn =
@@ -29,7 +33,7 @@ defmodule Pleroma.Plugs.UserIsAdminPlugTest do
     assert conn.status == 403
   end
 
-  test "denies when a user isn't set", %{conn: conn} do
+  test "denies when a user isn't set" do
     conn =
       build_conn()
       |> UserIsAdminPlug.call(%{})