summaryrefslogtreecommitdiff
path: root/test/web/mastodon_api/controllers/status_controller_test.exs
diff options
context:
space:
mode:
authorIvan Tashkinov <ivantashkinov@gmail.com>2020-03-20 18:08:23 +0300
committerIvan Tashkinov <ivantashkinov@gmail.com>2020-03-20 18:08:23 +0300
commit0e27c274f4f68f3385753a2482d881bae7c35a06 (patch)
tree9193330053ce995462c9c735e9c43467d7a9b50e /test/web/mastodon_api/controllers/status_controller_test.exs
parentec3719f5391d6f9945cec2e36287049d72743cd4 (diff)
parent5efa5b0c4a08c2bf73d6926ee7c418e31a04195c (diff)
downloadpleroma-0e27c274f4f68f3385753a2482d881bae7c35a06.tar.gz
pleroma-0e27c274f4f68f3385753a2482d881bae7c35a06.zip
Merge remote-tracking branch 'remotes/origin/develop' into clear-config-test-improvements
# Conflicts: # test/web/mastodon_api/controllers/account_controller_test.exs
Diffstat (limited to 'test/web/mastodon_api/controllers/status_controller_test.exs')
-rw-r--r--test/web/mastodon_api/controllers/status_controller_test.exs169
1 files changed, 169 insertions, 0 deletions
diff --git a/test/web/mastodon_api/controllers/status_controller_test.exs b/test/web/mastodon_api/controllers/status_controller_test.exs
index 5259abdcd..beb547780 100644
--- a/test/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/web/mastodon_api/controllers/status_controller_test.exs
@@ -476,6 +476,103 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert id == to_string(activity.id)
end
+ defp local_and_remote_activities do
+ local = insert(:note_activity)
+ remote = insert(:note_activity, local: false)
+ {:ok, local: local, remote: remote}
+ end
+
+ describe "status with restrict unauthenticated activities for local and remote" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :local]) do
+ Config.put([:restrict_unauthenticated, :activities, :local], true)
+ end
+
+ clear_config([:restrict_unauthenticated, :activities, :remote]) do
+ Config.put([:restrict_unauthenticated, :activities, :remote], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
+ describe "status with restrict unauthenticated activities for local" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :local]) do
+ Config.put([:restrict_unauthenticated, :activities, :local], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
+ describe "status with restrict unauthenticated activities for remote" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :remote]) do
+ Config.put([:restrict_unauthenticated, :activities, :remote], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
test "getting a status that doesn't exist returns 404" do
%{conn: conn} = oauth_access(["read:statuses"])
activity = insert(:note_activity)
@@ -514,6 +611,78 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert [%{"id" => ^id1}, %{"id" => ^id2}] = Enum.sort_by(json_response(conn, :ok), & &1["id"])
end
+ describe "getting statuses by ids with restricted unauthenticated for local and remote" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :local]) do
+ Config.put([:restrict_unauthenticated, :activities, :local], true)
+ end
+
+ clear_config([:restrict_unauthenticated, :activities, :remote]) do
+ Config.put([:restrict_unauthenticated, :activities, :remote], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert json_response(res_conn, 200) == []
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "getting statuses by ids with restricted unauthenticated for local" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :local]) do
+ Config.put([:restrict_unauthenticated, :activities, :local], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ remote_id = remote.id
+ assert [%{"id" => ^remote_id}] = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "getting statuses by ids with restricted unauthenticated for remote" do
+ setup do: local_and_remote_activities()
+
+ clear_config([:restrict_unauthenticated, :activities, :remote]) do
+ Config.put([:restrict_unauthenticated, :activities, :remote], true)
+ end
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ local_id = local.id
+ assert [%{"id" => ^local_id}] = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
describe "deleting a status" do
test "when you created it" do
%{user: author, conn: conn} = oauth_access(["write:statuses"])
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 02:58:49 +0000