Merge remote-tracking branch 'origin/develop' into global-status-expiration

author: Egor Kislitsyn <egor@kislitsyn.com> 2020-03-03 00:32:34 +0400
committer: Egor Kislitsyn <egor@kislitsyn.com> 2020-03-03 00:32:34 +0400
commit: 0f386110c6e15148ff1ff5ea3451885485fcb7ff (patch)
tree: 8a4dcbede6c674730980e1fafa5b956518170a14 /test/web/mastodon_api/controllers/account_controller_test.exs
parent: 011ede45361096f55dda938078e24574cdf33b2b (diff)
parent: 4c02e049358441529c54a72cd11f1c81ee897d49 (diff)
download: pleroma-0f386110c6e15148ff1ff5ea3451885485fcb7ff.tar.gz
pleroma-0f386110c6e15148ff1ff5ea3451885485fcb7ff.zip
1 files changed, 45 insertions, 40 deletions
diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index e2abcd7c5..57d0f4416 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
@@ -15,6 +15,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
   import Pleroma.Factory
 
   describe "account fetching" do
+    clear_config([:instance, :limit_to_local_content])
+
     test "works by id" do
       user = insert(:user)
 
@@ -44,7 +46,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
     end
 
     test "works by nickname for remote users" do
-      limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content])
       Pleroma.Config.put([:instance, :limit_to_local_content], false)
       user = insert(:user, nickname: "user@example.com", local: false)
 
@@ -52,13 +53,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         build_conn()
         |> get("/api/v1/accounts/#{user.nickname}")
 
-      Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local)
       assert %{"id" => id} = json_response(conn, 200)
       assert id == user.id
     end
 
     test "respects limit_to_local_content == :all for remote user nicknames" do
-      limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content])
       Pleroma.Config.put([:instance, :limit_to_local_content], :all)
 
       user = insert(:user, nickname: "user@example.com", local: false)
@@ -67,12 +66,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         build_conn()
         |> get("/api/v1/accounts/#{user.nickname}")
 
-      Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local)
       assert json_response(conn, 404)
     end
 
     test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do
-      limit_to_local = Pleroma.Config.get([:instance, :limit_to_local_content])
       Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated)
 
       user = insert(:user, nickname: "user@example.com", local: false)
@@ -90,7 +87,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         |> assign(:token, insert(:oauth_token, user: reading_user, scopes: ["read:accounts"]))
         |> get("/api/v1/accounts/#{user.nickname}")
 
-      Pleroma.Config.put([:instance, :limit_to_local_content], limit_to_local)
       assert %{"id" => id} = json_response(conn, 200)
       assert id == user.id
     end
@@ -677,8 +673,48 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       assert json_response(res, 400) == %{"error" => "{\"email\":[\"has already been taken\"]}"}
     end
 
-    test "rate limit", %{conn: conn} do
+    test "returns bad_request if missing required params", %{
+      conn: conn,
+      valid_params: valid_params
+    } do
+      app_token = insert(:oauth_token, user: nil)
+
+      conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token)
+
+      res = post(conn, "/api/v1/accounts", valid_params)
+      assert json_response(res, 200)
+
+      [{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}]
+      |> Stream.zip(valid_params)
+      |> Enum.each(fn {ip, {attr, _}} ->
+        res =
+          conn
+          |> Map.put(:remote_ip, ip)
+          |> post("/api/v1/accounts", Map.delete(valid_params, attr))
+          |> json_response(400)
+
+        assert res == %{"error" => "Missing parameters"}
+      end)
+    end
+
+    test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do
+      conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token")
+
+      res = post(conn, "/api/v1/accounts", valid_params)
+      assert json_response(res, 403) == %{"error" => "Invalid credentials"}
+    end
+  end
+
+  describe "create account by app / rate limit" do
+    clear_config([Pleroma.Plugs.RemoteIp, :enabled]) do
       Pleroma.Config.put([Pleroma.Plugs.RemoteIp, :enabled], true)
+    end
+
+    clear_config([:rate_limit, :app_account_creation]) do
+      Pleroma.Config.put([:rate_limit, :app_account_creation], {10_000, 2})
+    end
+
+    test "respects rate limit setting", %{conn: conn} do
       app_token = insert(:oauth_token, user: nil)
 
       conn =
@@ -686,7 +722,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         |> put_req_header("authorization", "Bearer " <> app_token.token)
         |> Map.put(:remote_ip, {15, 15, 15, 15})
 
-      for i <- 1..5 do
+      for i <- 1..2 do
         conn =
           post(conn, "/api/v1/accounts", %{
             username: "#{i}lain",
@@ -720,37 +756,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
 
       assert json_response(conn, :too_many_requests) == %{"error" => "Throttled"}
     end
-
-    test "returns bad_request if missing required params", %{
-      conn: conn,
-      valid_params: valid_params
-    } do
-      app_token = insert(:oauth_token, user: nil)
-
-      conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token)
-
-      res = post(conn, "/api/v1/accounts", valid_params)
-      assert json_response(res, 200)
-
-      [{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}]
-      |> Stream.zip(valid_params)
-      |> Enum.each(fn {ip, {attr, _}} ->
-        res =
-          conn
-          |> Map.put(:remote_ip, ip)
-          |> post("/api/v1/accounts", Map.delete(valid_params, attr))
-          |> json_response(400)
-
-        assert res == %{"error" => "Missing parameters"}
-      end)
-    end
-
-    test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do
-      conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token")
-
-      res = post(conn, "/api/v1/accounts", valid_params)
-      assert json_response(res, 403) == %{"error" => "Invalid credentials"}
-    end
   end
 
   describe "GET /api/v1/accounts/:id/lists - account_lists" do
author	Egor Kislitsyn <egor@kislitsyn.com>	2020-03-03 00:32:34 +0400
committer	Egor Kislitsyn <egor@kislitsyn.com>	2020-03-03 00:32:34 +0400
commit	0f386110c6e15148ff1ff5ea3451885485fcb7ff (patch)
tree	8a4dcbede6c674730980e1fafa5b956518170a14 /test/web/mastodon_api/controllers/account_controller_test.exs
parent	011ede45361096f55dda938078e24574cdf33b2b (diff)
parent	4c02e049358441529c54a72cd11f1c81ee897d49 (diff)
download	pleroma-0f386110c6e15148ff1ff5ea3451885485fcb7ff.tar.gz pleroma-0f386110c6e15148ff1ff5ea3451885485fcb7ff.zip