diff options
Diffstat (limited to 'test/web/admin_api/controllers')
4 files changed, 435 insertions, 29 deletions
diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs index 2eb698807..e4d3512de 100644 --- a/test/web/admin_api/controllers/admin_api_controller_test.exs +++ b/test/web/admin_api/controllers/admin_api_controller_test.exs @@ -203,7 +203,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert user.note_count == 0 assert user.follower_count == 0 assert user.following_count == 0 - assert user.bio == nil + assert user.bio == "" assert user.name == nil assert called(Pleroma.Web.Federator.publish(:_)) @@ -381,7 +381,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } assert expected == json_response(conn, 200) @@ -663,7 +664,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => user.deactivated, @@ -677,7 +679,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => user2.deactivated, @@ -691,7 +694,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => true, "url" => user2.ap_id, - "registration_reason" => "I'm a chill dude" + "registration_reason" => "I'm a chill dude", + "actor_type" => "Person" } ] |> Enum.sort_by(& &1["nickname"]) @@ -766,7 +770,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -794,7 +799,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -822,7 +828,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -850,7 +857,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -878,7 +886,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -906,7 +915,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -929,7 +939,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user2.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -964,7 +975,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -992,7 +1004,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => admin.deactivated, @@ -1006,7 +1019,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => false, @@ -1020,7 +1034,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => old_admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] |> Enum.sort_by(& &1["nickname"]) @@ -1058,7 +1073,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => true, "url" => user.ap_id, - "registration_reason" => "Plz let me in!" + "registration_reason" => "Plz let me in!", + "actor_type" => "Person" } ] |> Enum.sort_by(& &1["nickname"]) @@ -1091,7 +1107,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => false, @@ -1105,7 +1122,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => second_admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] |> Enum.sort_by(& &1["nickname"]) @@ -1140,7 +1158,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => moderator.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -1168,7 +1187,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user1.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" }, %{ "deactivated" => false, @@ -1182,7 +1202,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user2.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] |> Enum.sort_by(& &1["nickname"]) @@ -1245,7 +1266,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -1272,7 +1294,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => admin.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } ] } @@ -1357,7 +1380,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do "confirmation_pending" => false, "approval_pending" => false, "url" => user.ap_id, - "registration_reason" => nil + "registration_reason" => nil, + "actor_type" => "Person" } log_entry = Repo.one(ModerationLog) @@ -1486,6 +1510,56 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end + describe "GET /api/pleroma/admin/users/:nickname/chats" do + setup do + user = insert(:user) + recipients = insert_list(3, :user) + + Enum.each(recipients, fn recipient -> + CommonAPI.post_chat_message(user, recipient, "yo") + end) + + %{user: user} + end + + test "renders user's chats", %{conn: conn, user: user} do + conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats") + + assert json_response(conn, 200) |> length() == 3 + end + end + + describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do + setup do + user = insert(:user) + recipient = insert(:user) + CommonAPI.post_chat_message(user, recipient, "yo") + %{conn: conn} = oauth_access(["read:chats"]) + %{conn: conn, user: user} + end + + test "returns 403", %{conn: conn, user: user} do + conn + |> get("/api/pleroma/admin/users/#{user.nickname}/chats") + |> json_response(403) + end + end + + describe "GET /api/pleroma/admin/users/:nickname/chats unauthenticated" do + setup do + user = insert(:user) + recipient = insert(:user) + CommonAPI.post_chat_message(user, recipient, "yo") + %{conn: build_conn(), user: user} + end + + test "returns 403", %{conn: conn, user: user} do + conn + |> get("/api/pleroma/admin/users/#{user.nickname}/chats") + |> json_response(403) + end + end + describe "GET /api/pleroma/admin/moderation_log" do setup do moderator = insert(:user, is_moderator: true) diff --git a/test/web/admin_api/controllers/chat_controller_test.exs b/test/web/admin_api/controllers/chat_controller_test.exs new file mode 100644 index 000000000..bd4c9c9d1 --- /dev/null +++ b/test/web/admin_api/controllers/chat_controller_test.exs @@ -0,0 +1,219 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.AdminAPI.ChatControllerTest do + use Pleroma.Web.ConnCase + + import Pleroma.Factory + + alias Pleroma.Chat + alias Pleroma.Chat.MessageReference + alias Pleroma.Config + alias Pleroma.ModerationLog + alias Pleroma.Object + alias Pleroma.Repo + alias Pleroma.Web.CommonAPI + + defp admin_setup do + admin = insert(:user, is_admin: true) + token = insert(:oauth_admin_token, user: admin) + + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, token) + + {:ok, %{admin: admin, token: token, conn: conn}} + end + + describe "DELETE /api/pleroma/admin/chats/:id/messages/:message_id" do + setup do: admin_setup() + + test "it deletes a message from the chat", %{conn: conn, admin: admin} do + user = insert(:user) + recipient = insert(:user) + + {:ok, message} = + CommonAPI.post_chat_message(user, recipient, "Hello darkness my old friend") + + object = Object.normalize(message, false) + + chat = Chat.get(user.id, recipient.ap_id) + recipient_chat = Chat.get(recipient.id, user.ap_id) + + cm_ref = MessageReference.for_chat_and_object(chat, object) + recipient_cm_ref = MessageReference.for_chat_and_object(recipient_chat, object) + + result = + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}") + |> json_response_and_validate_schema(200) + + log_entry = Repo.one(ModerationLog) + + assert ModerationLog.get_log_entry_message(log_entry) == + "@#{admin.nickname} deleted chat message ##{cm_ref.id}" + + assert result["id"] == cm_ref.id + refute MessageReference.get_by_id(cm_ref.id) + refute MessageReference.get_by_id(recipient_cm_ref.id) + assert %{data: %{"type" => "Tombstone"}} = Object.get_by_id(object.id) + end + end + + describe "GET /api/pleroma/admin/chats/:id/messages" do + setup do: admin_setup() + + test "it paginates", %{conn: conn} do + user = insert(:user) + recipient = insert(:user) + + Enum.each(1..30, fn _ -> + {:ok, _} = CommonAPI.post_chat_message(user, recipient, "hey") + end) + + chat = Chat.get(user.id, recipient.ap_id) + + result = + conn + |> get("/api/pleroma/admin/chats/#{chat.id}/messages") + |> json_response_and_validate_schema(200) + + assert length(result) == 20 + + result = + conn + |> get("/api/pleroma/admin/chats/#{chat.id}/messages?max_id=#{List.last(result)["id"]}") + |> json_response_and_validate_schema(200) + + assert length(result) == 10 + end + + test "it returns the messages for a given chat", %{conn: conn} do + user = insert(:user) + other_user = insert(:user) + third_user = insert(:user) + + {:ok, _} = CommonAPI.post_chat_message(user, other_user, "hey") + {:ok, _} = CommonAPI.post_chat_message(user, third_user, "hey") + {:ok, _} = CommonAPI.post_chat_message(user, other_user, "how are you?") + {:ok, _} = CommonAPI.post_chat_message(other_user, user, "fine, how about you?") + + chat = Chat.get(user.id, other_user.ap_id) + + result = + conn + |> get("/api/pleroma/admin/chats/#{chat.id}/messages") + |> json_response_and_validate_schema(200) + + result + |> Enum.each(fn message -> + assert message["chat_id"] == chat.id |> to_string() + end) + + assert length(result) == 3 + end + end + + describe "GET /api/pleroma/admin/chats/:id" do + setup do: admin_setup() + + test "it returns a chat", %{conn: conn} do + user = insert(:user) + other_user = insert(:user) + + {:ok, chat} = Chat.get_or_create(user.id, other_user.ap_id) + + result = + conn + |> get("/api/pleroma/admin/chats/#{chat.id}") + |> json_response_and_validate_schema(200) + + assert result["id"] == to_string(chat.id) + assert %{} = result["sender"] + assert %{} = result["receiver"] + refute result["account"] + end + end + + describe "unauthorized chat moderation" do + setup do + user = insert(:user) + recipient = insert(:user) + + {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo") + object = Object.normalize(message, false) + chat = Chat.get(user.id, recipient.ap_id) + cm_ref = MessageReference.for_chat_and_object(chat, object) + + %{conn: conn} = oauth_access(["read:chats", "write:chats"]) + %{conn: conn, chat: chat, cm_ref: cm_ref} + end + + test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{ + conn: conn, + chat: chat, + cm_ref: cm_ref + } do + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}") + |> json_response(403) + + assert MessageReference.get_by_id(cm_ref.id) == cm_ref + end + + test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do + conn + |> get("/api/pleroma/admin/chats/#{chat.id}/messages") + |> json_response(403) + end + + test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do + conn + |> get("/api/pleroma/admin/chats/#{chat.id}") + |> json_response(403) + end + end + + describe "unauthenticated chat moderation" do + setup do + user = insert(:user) + recipient = insert(:user) + + {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo") + object = Object.normalize(message, false) + chat = Chat.get(user.id, recipient.ap_id) + cm_ref = MessageReference.for_chat_and_object(chat, object) + + %{conn: build_conn(), chat: chat, cm_ref: cm_ref} + end + + test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{ + conn: conn, + chat: chat, + cm_ref: cm_ref + } do + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}") + |> json_response(403) + + assert MessageReference.get_by_id(cm_ref.id) == cm_ref + end + + test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do + conn + |> get("/api/pleroma/admin/chats/#{chat.id}/messages") + |> json_response(403) + end + + test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do + conn + |> get("/api/pleroma/admin/chats/#{chat.id}") + |> json_response(403) + end + end +end diff --git a/test/web/admin_api/controllers/instance_document_controller_test.exs b/test/web/admin_api/controllers/instance_document_controller_test.exs new file mode 100644 index 000000000..5f7b042f6 --- /dev/null +++ b/test/web/admin_api/controllers/instance_document_controller_test.exs @@ -0,0 +1,106 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.AdminAPI.InstanceDocumentControllerTest do + use Pleroma.Web.ConnCase, async: true + import Pleroma.Factory + alias Pleroma.Config + + @dir "test/tmp/instance_static" + @default_instance_panel ~s(<p>Welcome to <a href="https://pleroma.social" target="_blank">Pleroma!</a></p>) + + setup do + File.mkdir_p!(@dir) + on_exit(fn -> File.rm_rf(@dir) end) + end + + setup do: clear_config([:instance, :static_dir], @dir) + + setup do + admin = insert(:user, is_admin: true) + token = insert(:oauth_admin_token, user: admin) + + conn = + build_conn() + |> assign(:user, admin) + |> assign(:token, token) + + {:ok, %{admin: admin, token: token, conn: conn}} + end + + describe "GET /api/pleroma/admin/instance_document/:name" do + test "return the instance document url", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/instance_document/instance-panel") + + assert content = html_response(conn, 200) + assert String.contains?(content, @default_instance_panel) + end + + test "it returns 403 if requested by a non-admin" do + non_admin_user = insert(:user) + token = insert(:oauth_token, user: non_admin_user) + + conn = + build_conn() + |> assign(:user, non_admin_user) + |> assign(:token, token) + |> get("/api/pleroma/admin/instance_document/instance-panel") + + assert json_response(conn, :forbidden) + end + + test "it returns 404 if the instance document with the given name doesn't exist", %{ + conn: conn + } do + conn = get(conn, "/api/pleroma/admin/instance_document/1234") + + assert json_response_and_validate_schema(conn, 404) + end + end + + describe "PATCH /api/pleroma/admin/instance_document/:name" do + test "uploads the instance document", %{conn: conn} do + image = %Plug.Upload{ + content_type: "text/html", + path: Path.absname("test/fixtures/custom_instance_panel.html"), + filename: "custom_instance_panel.html" + } + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/pleroma/admin/instance_document/instance-panel", %{ + "file" => image + }) + + assert %{"url" => url} = json_response_and_validate_schema(conn, 200) + index = get(build_conn(), url) + assert html_response(index, 200) == "<h2>Custom instance panel</h2>" + end + end + + describe "DELETE /api/pleroma/admin/instance_document/:name" do + test "deletes the instance document", %{conn: conn} do + File.mkdir!(@dir <> "/instance/") + File.write!(@dir <> "/instance/panel.html", "Custom instance panel") + + conn_resp = + conn + |> get("/api/pleroma/admin/instance_document/instance-panel") + + assert html_response(conn_resp, 200) == "Custom instance panel" + + conn + |> delete("/api/pleroma/admin/instance_document/instance-panel") + |> json_response_and_validate_schema(200) + + conn_resp = + conn + |> get("/api/pleroma/admin/instance_document/instance-panel") + + assert content = html_response(conn_resp, 200) + assert String.contains?(content, @default_instance_panel) + end + end +end diff --git a/test/web/admin_api/controllers/relay_controller_test.exs b/test/web/admin_api/controllers/relay_controller_test.exs index 64086adc5..adadf2b5c 100644 --- a/test/web/admin_api/controllers/relay_controller_test.exs +++ b/test/web/admin_api/controllers/relay_controller_test.exs @@ -39,8 +39,10 @@ defmodule Pleroma.Web.AdminAPI.RelayControllerTest do relay_url: "http://mastodon.example.org/users/admin" }) - assert json_response_and_validate_schema(conn, 200) == - "http://mastodon.example.org/users/admin" + assert json_response_and_validate_schema(conn, 200) == %{ + "actor" => "http://mastodon.example.org/users/admin", + "followed_back" => false + } log_entry = Repo.one(ModerationLog) @@ -59,8 +61,13 @@ defmodule Pleroma.Web.AdminAPI.RelayControllerTest do conn = get(conn, "/api/pleroma/admin/relay") - assert json_response_and_validate_schema(conn, 200)["relays"] -- - ["mastodon.example.org", "mstdn.io"] == [] + assert json_response_and_validate_schema(conn, 200)["relays"] == [ + %{ + "actor" => "http://mastodon.example.org/users/admin", + "followed_back" => true + }, + %{"actor" => "https://mstdn.io/users/mayuutann", "followed_back" => true} + ] end test "DELETE /relay", %{conn: conn, admin: admin} do |