summaryrefslogtreecommitdiff
path: root/test/web/activity_pub
diff options
context:
space:
mode:
Diffstat (limited to 'test/web/activity_pub')
-rw-r--r--test/web/activity_pub/activity_pub_controller_test.exs160
-rw-r--r--test/web/activity_pub/activity_pub_test.exs92
-rw-r--r--test/web/activity_pub/relay_test.exs4
-rw-r--r--test/web/activity_pub/transmogrifier_test.exs34
4 files changed, 288 insertions, 2 deletions
diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs
index faeace016..7aed8c71d 100644
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@@ -1,8 +1,12 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
use Pleroma.Web.ConnCase
import Pleroma.Factory
alias Pleroma.Web.ActivityPub.{UserView, ObjectView}
- alias Pleroma.{Repo, User}
+ alias Pleroma.{Object, Repo, User}
alias Pleroma.Activity
setup_all do
@@ -71,6 +75,44 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert json_response(conn, 404)
end
+
+ test "it returns 404 for tombstone objects", %{conn: conn} do
+ tombstone = insert(:tombstone)
+ uuid = String.split(tombstone.data["id"], "/") |> List.last()
+
+ conn =
+ conn
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/objects/#{uuid}")
+
+ assert json_response(conn, 404)
+ end
+ end
+
+ describe "/activities/:uuid" do
+ test "it returns a json representation of the activity", %{conn: conn} do
+ activity = insert(:note_activity)
+ uuid = String.split(activity.data["id"], "/") |> List.last()
+
+ conn =
+ conn
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/activities/#{uuid}")
+
+ assert json_response(conn, 200) == ObjectView.render("object.json", %{object: activity})
+ end
+
+ test "it returns 404 for non-public activities", %{conn: conn} do
+ activity = insert(:direct_note_activity)
+ uuid = String.split(activity.data["id"], "/") |> List.last()
+
+ conn =
+ conn
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/activities/#{uuid}")
+
+ assert json_response(conn, 404)
+ end
end
describe "/inbox" do
@@ -108,6 +150,32 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
:timer.sleep(500)
assert Activity.get_by_ap_id(data["id"])
end
+
+ test "it rejects reads from other users", %{conn: conn} do
+ user = insert(:user)
+ otheruser = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, otheruser)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/users/#{user.nickname}/inbox")
+
+ assert json_response(conn, 403)
+ end
+
+ test "it returns a note activity in a collection", %{conn: conn} do
+ note_activity = insert(:direct_note_activity)
+ user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/users/#{user.nickname}/inbox")
+
+ assert response(conn, 200) =~ note_activity.data["object"]["content"]
+ end
end
describe "/users/:nickname/outbox" do
@@ -134,6 +202,96 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert response(conn, 200) =~ announce_activity.data["object"]
end
+
+ test "it rejects posts from other users", %{conn: conn} do
+ data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+ user = insert(:user)
+ otheruser = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, otheruser)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ assert json_response(conn, 403)
+ end
+
+ test "it inserts an incoming create activity into the database", %{conn: conn} do
+ data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+ user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ result = json_response(conn, 201)
+ assert Activity.get_by_ap_id(result["id"])
+ end
+
+ test "it rejects an incoming activity with bogus type", %{conn: conn} do
+ data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+ user = insert(:user)
+
+ data =
+ data
+ |> Map.put("type", "BadType")
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ assert json_response(conn, 400)
+ end
+
+ test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
+ note_activity = insert(:note_activity)
+ user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+ data = %{
+ type: "Delete",
+ object: %{
+ id: note_activity.data["object"]["id"]
+ }
+ }
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ result = json_response(conn, 201)
+ assert Activity.get_by_ap_id(result["id"])
+
+ object = Object.get_by_ap_id(note_activity.data["object"]["id"])
+ assert object
+ assert object.data["type"] == "Tombstone"
+ end
+
+ test "it rejects delete activity of object from other actor", %{conn: conn} do
+ note_activity = insert(:note_activity)
+ user = insert(:user)
+
+ data = %{
+ type: "Delete",
+ object: %{
+ id: note_activity.data["object"]["id"]
+ }
+ }
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ assert json_response(conn, 400)
+ end
end
describe "/users/:nickname/followers" do
diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index 470ed08b2..eafb96f3a 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
use Pleroma.DataCase
alias Pleroma.Web.ActivityPub.ActivityPub
@@ -14,6 +18,42 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
:ok
end
+ describe "fetching restricted by visibility" do
+ test "it restricts by the appropriate visibility" do
+ user = insert(:user)
+
+ {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"})
+
+ {:ok, direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"})
+
+ {:ok, unlisted_activity} =
+ CommonAPI.post(user, %{"status" => ".", "visibility" => "unlisted"})
+
+ {:ok, private_activity} =
+ CommonAPI.post(user, %{"status" => ".", "visibility" => "private"})
+
+ activities =
+ ActivityPub.fetch_activities([], %{:visibility => "direct", "actor_id" => user.ap_id})
+
+ assert activities == [direct_activity]
+
+ activities =
+ ActivityPub.fetch_activities([], %{:visibility => "unlisted", "actor_id" => user.ap_id})
+
+ assert activities == [unlisted_activity]
+
+ activities =
+ ActivityPub.fetch_activities([], %{:visibility => "private", "actor_id" => user.ap_id})
+
+ assert activities == [private_activity]
+
+ activities =
+ ActivityPub.fetch_activities([], %{:visibility => "public", "actor_id" => user.ap_id})
+
+ assert activities == [public_activity]
+ end
+ end
+
describe "building a user from his ap id" do
test "it returns a user" do
user_id = "http://mastodon.example.org/users/admin"
@@ -27,6 +67,24 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
end
describe "insertion" do
+ test "drops activities beyond a certain limit" do
+ limit = Pleroma.Config.get([:instance, :remote_limit])
+
+ random_text =
+ :crypto.strong_rand_bytes(limit + 1)
+ |> Base.encode64()
+ |> binary_part(0, limit + 1)
+
+ data = %{
+ "ok" => true,
+ "object" => %{
+ "content" => random_text
+ }
+ }
+
+ assert {:error, {:remote_limit_error, _}} = ActivityPub.insert(data)
+ end
+
test "returns the activity if one with the same id is already in" do
activity = insert(:note_activity)
{:ok, new_activity} = ActivityPub.insert(activity.data)
@@ -176,6 +234,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert Enum.member?(activities, activity_one)
end
+ test "excludes reblogs on request" do
+ user = insert(:user)
+ {:ok, expected_activity} = ActivityBuilder.insert(%{"type" => "Create"}, %{:user => user})
+ {:ok, _} = ActivityBuilder.insert(%{"type" => "Announce"}, %{:user => user})
+
+ [activity] = ActivityPub.fetch_user_activities(user, nil, %{"exclude_reblogs" => "true"})
+
+ assert activity == expected_activity
+ end
+
describe "public fetch activities" do
test "doesn't retrieve unlisted activities" do
user = insert(:user)
@@ -478,7 +546,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert Repo.get(Activity, delete.id) != nil
- assert Repo.get(Object, object.id) == nil
+ assert Repo.get(Object, object.id).data["type"] == "Tombstone"
end
end
@@ -569,6 +637,28 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert object
end
+ test "returned pinned statuses" do
+ Pleroma.Config.put([:instance, :max_pinned_statuses], 3)
+ user = insert(:user)
+
+ {:ok, activity_one} = CommonAPI.post(user, %{"status" => "HI!!!"})
+ {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})
+ {:ok, activity_three} = CommonAPI.post(user, %{"status" => "HI!!!"})
+
+ CommonAPI.pin(activity_one.id, user)
+ user = refresh_record(user)
+
+ CommonAPI.pin(activity_two.id, user)
+ user = refresh_record(user)
+
+ CommonAPI.pin(activity_three.id, user)
+ user = refresh_record(user)
+
+ activities = ActivityPub.fetch_user_activities(user, nil, %{"pinned" => "true"})
+
+ assert 3 = length(activities)
+ end
+
def data_uri do
File.read!("test/fixtures/avatar_data_uri")
end
diff --git a/test/web/activity_pub/relay_test.exs b/test/web/activity_pub/relay_test.exs
index 41d13e055..21a63c493 100644
--- a/test/web/activity_pub/relay_test.exs
+++ b/test/web/activity_pub/relay_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.ActivityPub.RelayTest do
use Pleroma.DataCase
diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index 0428e052d..a5fd87ed4 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -1,3 +1,7 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
use Pleroma.DataCase
alias Pleroma.Web.ActivityPub.Transmogrifier
@@ -684,6 +688,36 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
:error = Transmogrifier.handle_incoming(data)
end
+
+ test "it remaps video URLs as attachments if necessary" do
+ {:ok, object} =
+ ActivityPub.fetch_object_from_id(
+ "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
+ )
+
+ attachment = %{
+ "type" => "Link",
+ "mediaType" => "video/mp4",
+ "href" =>
+ "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
+ "mimeType" => "video/mp4",
+ "size" => 5_015_880,
+ "url" => [
+ %{
+ "href" =>
+ "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
+ "mediaType" => "video/mp4",
+ "type" => "Link"
+ }
+ ],
+ "width" => 480
+ }
+
+ assert object.data["url"] ==
+ "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
+
+ assert object.data["attachment"] == [attachment]
+ end
end
describe "prepare outgoing" do
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-20 07:29:13 +0000