diff options
| -rw-r--r-- | lib/pleroma/web/common_api/common_api.ex | 10 | ||||
| -rw-r--r-- | lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 20 | ||||
| -rw-r--r-- | test/reverse_proxy_test.exs | 1 | ||||
| -rw-r--r-- | test/web/common_api/common_api_test.exs | 38 | ||||
| -rw-r--r-- | test/web/common_api/common_api_utils_test.exs | 19 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 251 | 
6 files changed, 289 insertions, 50 deletions
| diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index 44669b228..44af6a773 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -4,7 +4,6 @@  defmodule Pleroma.Web.CommonAPI do    alias Pleroma.Activity -  alias Pleroma.Bookmark    alias Pleroma.Formatter    alias Pleroma.Object    alias Pleroma.ThreadMute @@ -356,15 +355,6 @@ defmodule Pleroma.Web.CommonAPI do      end    end -  def bookmarked?(user, activity) do -    with %Bookmark{} <- Bookmark.get(user.id, activity.id) do -      true -    else -      _ -> -        false -    end -  end -    def report(user, data) do      with {:account_id, %{"account_id" => account_id}} <- {:account_id, data},           {:account, %User{} = account} <- {:account, User.get_cached_by_id(account_id)}, diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index b3513b5bf..f4aa576f7 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -693,11 +693,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do        conn        |> put_view(StatusView)        |> try_render("status.json", %{activity: activity, for: user, as: :activity}) -    else -      {:error, reason} -> -        conn -        |> put_status(:bad_request) -        |> json(%{"error" => reason})      end    end @@ -738,11 +733,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do        conn        |> put_view(StatusView)        |> try_render("status.json", %{activity: activity, for: user, as: :activity}) -    else -      {:error, reason} -> -        conn -        |> put_resp_content_type("application/json") -        |> send_resp(:bad_request, Jason.encode!(%{"error" => reason}))      end    end @@ -881,7 +871,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do    end    def favourited_by(%{assigns: %{user: user}} = conn, %{"id" => id}) do -    with %Activity{data: %{"object" => object}} <- Repo.get(Activity, id), +    with %Activity{data: %{"object" => object}} <- Activity.get_by_id(id),           %Object{data: %{"likes" => likes}} <- Object.normalize(object) do        q = from(u in User, where: u.ap_id in ^likes)        users = Repo.all(q) @@ -895,7 +885,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do    end    def reblogged_by(%{assigns: %{user: user}} = conn, %{"id" => id}) do -    with %Activity{data: %{"object" => object}} <- Repo.get(Activity, id), +    with %Activity{data: %{"object" => object}} <- Activity.get_by_id(id),           %Object{data: %{"announcements" => announces}} <- Object.normalize(object) do        q = from(u in User, where: u.ap_id in ^announces)        users = Repo.all(q) @@ -1651,6 +1641,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do      render_error(conn, :not_found, "Record not found")    end +  def errors(conn, {:error, error_message}) do +    conn +    |> put_status(:bad_request) +    |> json(%{error: error_message}) +  end +    def errors(conn, _) do      conn      |> put_status(:internal_server_error) diff --git a/test/reverse_proxy_test.exs b/test/reverse_proxy_test.exs index f542de97c..f4b7d6add 100644 --- a/test/reverse_proxy_test.exs +++ b/test/reverse_proxy_test.exs @@ -5,7 +5,6 @@  defmodule Pleroma.ReverseProxyTest do    use Pleroma.Web.ConnCase, async: true    import ExUnit.CaptureLog -  import ExUnit.CaptureLog    import Mox    alias Pleroma.ReverseProxy    alias Pleroma.ReverseProxy.ClientMock diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index 7d8eeb12e..16b3f121d 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -141,6 +141,25 @@ defmodule Pleroma.Web.CommonAPITest do        assert activity.recipients == [list.ap_id, user.ap_id]        assert activity.data["listMessage"] == list.ap_id      end + +    test "it returns error when status is empty and no attachments" do +      user = insert(:user) + +      assert {:error, "Cannot post an empty status without attachments"} = +               CommonAPI.post(user, %{"status" => ""}) +    end + +    test "it returns error when character limit is exceeded" do +      limit = Pleroma.Config.get([:instance, :limit]) +      Pleroma.Config.put([:instance, :limit], 5) + +      user = insert(:user) + +      assert {:error, "The status is over the character limit"} = +               CommonAPI.post(user, %{"status" => "foobar"}) + +      Pleroma.Config.put([:instance, :limit], limit) +    end    end    describe "reactions" do @@ -413,4 +432,23 @@ defmodule Pleroma.Web.CommonAPITest do        assert Repo.get(Activity, follow_activity_three.id).data["state"] == "pending"      end    end + +  describe "vote/3" do +    test "does not allow to vote twice" do +      user = insert(:user) +      other_user = insert(:user) + +      {:ok, activity} = +        CommonAPI.post(user, %{ +          "status" => "Am I cute?", +          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20} +        }) + +      object = Object.normalize(activity) + +      {:ok, _, object} = CommonAPI.vote(other_user, object, [0]) + +      assert {:error, "Already voted"} == CommonAPI.vote(other_user, object, [1]) +    end +  end  end diff --git a/test/web/common_api/common_api_utils_test.exs b/test/web/common_api/common_api_utils_test.exs index b3a334d50..af320f31f 100644 --- a/test/web/common_api/common_api_utils_test.exs +++ b/test/web/common_api/common_api_utils_test.exs @@ -10,6 +10,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do    alias Pleroma.Web.Endpoint    use Pleroma.DataCase +  import ExUnit.CaptureLog    import Pleroma.Factory    @public_address "https://www.w3.org/ns/activitystreams#Public" @@ -202,7 +203,9 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do        expected = "" -      assert Utils.date_to_asctime(date) == expected +      assert capture_log(fn -> +               assert Utils.date_to_asctime(date) == expected +             end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"      end      test "when date is a Unix timestamp" do @@ -210,13 +213,23 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do        expected = "" -      assert Utils.date_to_asctime(date) == expected +      assert capture_log(fn -> +               assert Utils.date_to_asctime(date) == expected +             end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"      end      test "when date is nil" do        expected = "" -      assert Utils.date_to_asctime(nil) == expected +      assert capture_log(fn -> +               assert Utils.date_to_asctime(nil) == expected +             end) =~ "[warn] Date  in wrong format, must be ISO 8601" +    end + +    test "when date is a random string" do +      assert capture_log(fn -> +               assert Utils.date_to_asctime("foo") == "" +             end) =~ "[warn] Date foo in wrong format, must be ISO 8601"      end    end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 6ffa64dc8..af24fddc1 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -35,7 +35,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      user = insert(:user)      following = insert(:user) -    {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"}) +    {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})      conn =        conn @@ -58,7 +58,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      following = insert(:user)      capture_log(fn -> -      {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"}) +      {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})        {:ok, [_activity]} =          OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873") @@ -1004,8 +1004,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      test "list timeline", %{conn: conn} do        user = insert(:user)        other_user = insert(:user) -      {:ok, _activity_one} = TwitterAPI.create_status(user, %{"status" => "Marisa is cute."}) -      {:ok, activity_two} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."}) +      {:ok, _activity_one} = CommonAPI.post(user, %{"status" => "Marisa is cute."}) +      {:ok, activity_two} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})        {:ok, list} = Pleroma.List.create("name", user)        {:ok, list} = Pleroma.List.follow(list, other_user) @@ -1022,10 +1022,10 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do        user = insert(:user)        other_user = insert(:user) -      {:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."}) +      {:ok, activity_one} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})        {:ok, _activity_two} = -        TwitterAPI.create_status(other_user, %{ +        CommonAPI.post(other_user, %{            "status" => "Marisa is cute.",            "visibility" => "private"          }) @@ -1049,8 +1049,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        user = insert(:user)        other_user = insert(:user) -      {:ok, activity} = -        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"}) +      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})        {:ok, [_notification]} = Notification.create_notifications(activity) @@ -1072,8 +1071,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        user = insert(:user)        other_user = insert(:user) -      {:ok, activity} = -        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"}) +      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})        {:ok, [notification]} = Notification.create_notifications(activity) @@ -1095,8 +1093,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        user = insert(:user)        other_user = insert(:user) -      {:ok, activity} = -        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"}) +      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})        {:ok, [notification]} = Notification.create_notifications(activity) @@ -1112,8 +1109,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        user = insert(:user)        other_user = insert(:user) -      {:ok, activity} = -        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"}) +      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})        {:ok, [_notification]} = Notification.create_notifications(activity) @@ -1395,6 +1391,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        assert to_string(activity.id) == id      end + +    test "returns 400 error when activity is not exist", %{conn: conn} do +      user = insert(:user) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/foo/reblog") + +      assert json_response(conn, 400) == %{"error" => "Could not repeat"} +    end    end    describe "unreblogging" do @@ -1413,6 +1420,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        assert to_string(activity.id) == id      end + +    test "returns 400 error when activity is not exist", %{conn: conn} do +      user = insert(:user) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/foo/unreblog") + +      assert json_response(conn, 400) == %{"error" => "Could not unrepeat"} +    end    end    describe "favoriting" do @@ -1431,16 +1449,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        assert to_string(activity.id) == id      end -    test "returns 500 for a wrong id", %{conn: conn} do +    test "returns 400 error for a wrong id", %{conn: conn} do        user = insert(:user) -      resp = +      conn =          conn          |> assign(:user, user)          |> post("/api/v1/statuses/1/favourite") -        |> json_response(500) -      assert resp == "Something went wrong" +      assert json_response(conn, 400) == %{"error" => "Could not favorite"}      end    end @@ -1461,6 +1478,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        assert to_string(activity.id) == id      end + +    test "returns 400 error for a wrong id", %{conn: conn} do +      user = insert(:user) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/1/unfavourite") + +      assert json_response(conn, 400) == %{"error" => "Could not unfavorite"} +    end    end    describe "user timelines" do @@ -1531,10 +1559,10 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        media =          TwitterAPI.upload(file, user, "json") -        |> Poison.decode!() +        |> Jason.decode!()        {:ok, image_post} = -        TwitterAPI.create_status(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]}) +        CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})        conn =          conn @@ -1857,7 +1885,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      following = insert(:user)      capture_log(fn -> -      {:ok, activity} = TwitterAPI.create_status(following, %{"status" => "test #2hu"}) +      {:ok, activity} = CommonAPI.post(following, %{"status" => "test #2hu"})        {:ok, [_activity]} =          OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873") @@ -2616,7 +2644,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      insert(:user, %{local: false, nickname: "u@peer1.com"})      insert(:user, %{local: false, nickname: "u@peer2.com"}) -    {:ok, _} = TwitterAPI.create_status(user, %{"status" => "cofe"}) +    {:ok, _} = CommonAPI.post(user, %{"status" => "cofe"})      # Stats should count users with missing or nil `info.deactivated` value      user = User.get_cached_by_id(user.id) @@ -2709,6 +2737,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 |> json_response(200)      end +    test "/pin: returns 400 error when activity is not public", %{conn: conn, user: user} do +      {:ok, dm} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"}) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/#{dm.id}/pin") + +      assert json_response(conn, 400) == %{"error" => "Could not pin"} +    end +      test "unpin status", %{conn: conn, user: user, activity: activity} do        {:ok, _} = CommonAPI.pin(activity.id, user) @@ -2728,6 +2767,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 |> json_response(200)      end +    test "/unpin: returns 400 error when activity is not exist", %{conn: conn, user: user} do +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/1/unpin") + +      assert json_response(conn, 400) == %{"error" => "Could not unpin"} +    end +      test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do        {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"}) @@ -2902,6 +2950,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 |> json_response(200)      end +    test "cannot mute already muted conversation", %{conn: conn, user: user, activity: activity} do +      {:ok, _} = CommonAPI.add_mute(user, activity) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/statuses/#{activity.id}/mute") + +      assert json_response(conn, 400) == %{"error" => "conversation is already muted"} +    end +      test "unmute conversation", %{conn: conn, user: user, activity: activity} do        {:ok, _} = CommonAPI.add_mute(user, activity) @@ -2946,7 +3005,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 |> post("/api/v1/reports", %{                   "account_id" => target_user.id,                   "status_ids" => [activity.id], -                 "comment" => "bad status!" +                 "comment" => "bad status!", +                 "forward" => "false"                 })                 |> json_response(200)      end @@ -2979,6 +3039,19 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 |> post("/api/v1/reports", %{"account_id" => target_user.id, "comment" => comment})                 |> json_response(400)      end + +    test "returns error when account is not exist", %{ +      conn: conn, +      reporter: reporter, +      activity: activity +    } do +      conn = +        conn +        |> assign(:user, reporter) +        |> post("/api/v1/reports", %{"status_ids" => [activity.id], "account_id" => "foo"}) + +      assert json_response(conn, 400) == %{"error" => "Account not found"} +    end    end    describe "link headers" do @@ -3338,7 +3411,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      user2 = insert(:user)      user3 = insert(:user) -    {:ok, replied_to} = TwitterAPI.create_status(user1, %{"status" => "cofe"}) +    {:ok, replied_to} = CommonAPI.post(user1, %{"status" => "cofe"})      # Reply to status from another user      conn1 = @@ -3603,5 +3676,135 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do                 total_items == 1               end)      end + +    test "does not allow choice index to be greater than options count", %{conn: conn} do +      user = insert(:user) +      other_user = insert(:user) + +      {:ok, activity} = +        CommonAPI.post(user, %{ +          "status" => "Am I cute?", +          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20} +        }) + +      object = Object.normalize(activity) + +      conn = +        conn +        |> assign(:user, other_user) +        |> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [2]}) + +      assert json_response(conn, 422) == %{"error" => "Invalid indices"} +    end + +    test "returns 404 error when object is not exist", %{conn: conn} do +      user = insert(:user) + +      conn = +        conn +        |> assign(:user, user) +        |> post("/api/v1/polls/1/votes", %{"choices" => [0]}) + +      assert json_response(conn, 404) == %{"error" => "Record not found"} +    end + +    test "returns 404 when poll is private and not available for user", %{conn: conn} do +      user = insert(:user) +      other_user = insert(:user) + +      {:ok, activity} = +        CommonAPI.post(user, %{ +          "status" => "Am I cute?", +          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20}, +          "visibility" => "private" +        }) + +      object = Object.normalize(activity) + +      conn = +        conn +        |> assign(:user, other_user) +        |> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [0]}) + +      assert json_response(conn, 404) == %{"error" => "Record not found"} +    end +  end + +  describe "GET /api/v1/statuses/:id/favourited_by" do +    setup do +      user = insert(:user) +      {:ok, activity} = CommonAPI.post(user, %{"status" => "test"}) + +      conn = +        build_conn() +        |> assign(:user, user) + +      [conn: conn, activity: activity] +    end + +    test "returns users who have favorited the status", %{conn: conn, activity: activity} do +      other_user = insert(:user) +      {:ok, _, _} = CommonAPI.favorite(activity.id, other_user) + +      response = +        conn +        |> get("/api/v1/statuses/#{activity.id}/favourited_by") +        |> json_response(:ok) + +      [%{"id" => id}] = response + +      assert id == other_user.id +    end + +    test "returns empty array when status has not been favorited yet", %{ +      conn: conn, +      activity: activity +    } do +      response = +        conn +        |> get("/api/v1/statuses/#{activity.id}/favourited_by") +        |> json_response(:ok) + +      assert Enum.empty?(response) +    end +  end + +  describe "GET /api/v1/statuses/:id/reblogged_by" do +    setup do +      user = insert(:user) +      {:ok, activity} = CommonAPI.post(user, %{"status" => "test"}) + +      conn = +        build_conn() +        |> assign(:user, user) + +      [conn: conn, activity: activity] +    end + +    test "returns users who have reblogged the status", %{conn: conn, activity: activity} do +      other_user = insert(:user) +      {:ok, _, _} = CommonAPI.repeat(activity.id, other_user) + +      response = +        conn +        |> get("/api/v1/statuses/#{activity.id}/reblogged_by") +        |> json_response(:ok) + +      [%{"id" => id}] = response + +      assert id == other_user.id +    end + +    test "returns empty array when status has not been reblogged yet", %{ +      conn: conn, +      activity: activity +    } do +      response = +        conn +        |> get("/api/v1/statuses/#{activity.id}/reblogged_by") +        |> json_response(:ok) + +      assert Enum.empty?(response) +    end    end  end | 
