diff options
| author | sxsdv1 <sxsdv1@gmail.com> | 2018-12-29 18:01:15 +0100 |
|---|---|---|
| committer | sxsdv1 <sxsdv1@gmail.com> | 2018-12-29 22:22:03 +0100 |
| commit | aa082ca7b6a64f6cfd509118f76a5c18492e07b9 (patch) | |
| tree | 5b9c1c73e05b228f93ab2be77fd072debf81fbc2 /test | |
| parent | f5d7b0003ea200d13abca2cbd4e4f59db9658231 (diff) | |
| download | pleroma-aa082ca7b6a64f6cfd509118f76a5c18492e07b9.tar.gz pleroma-aa082ca7b6a64f6cfd509118f76a5c18492e07b9.zip | |
Wire up stub routes for client calls of activitypub inbox/outbox
Code style: remove wrapping function of outbox
Diffstat (limited to 'test')
| -rw-r--r-- | test/fixtures/activitypub-client-post-activity.json | 9 | ||||
| -rw-r--r-- | test/web/activity_pub/activity_pub_controller_test.exs | 27 |
2 files changed, 36 insertions, 0 deletions
diff --git a/test/fixtures/activitypub-client-post-activity.json b/test/fixtures/activitypub-client-post-activity.json new file mode 100644 index 000000000..c985e072b --- /dev/null +++ b/test/fixtures/activitypub-client-post-activity.json @@ -0,0 +1,9 @@ +{ + "@context": ["https://www.w3.org/ns/activitystreams", {"@language": "en-GB"}], + "type": "Create", + "object": { + "type": "Note", + "content": "It's a note" + }, + "to": ["https://www.w3.org/ns/activitystreams#Public"] +} diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 9fdf15505..95027f855 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -112,6 +112,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do :timer.sleep(500) assert Activity.get_by_ap_id(data["id"]) end + + test "it rejects reads from other users", %{conn: conn} do + user = insert(:user) + otheruser = insert(:user) + + conn = + conn + |> assign(:user, otheruser) + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}/inbox") + + assert json_response(conn, 403) + end end describe "/users/:nickname/outbox" do @@ -138,6 +151,20 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert response(conn, 200) =~ announce_activity.data["object"] end + + test "it rejects posts from other users", %{conn: conn} do + data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!() + user = insert(:user) + otheruser = insert(:user) + + conn = + conn + |> assign(:user, otheruser) + |> put_req_header("content-type", "application/activity+json") + |> post("/users/#{user.nickname}/outbox", data) + + assert json_response(conn, 403) + end end describe "/users/:nickname/followers" do |