diff options
Diffstat (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs')
| -rw-r--r-- | test/web/mastodon_api/controllers/account_controller_test.exs | 101 |
1 files changed, 55 insertions, 46 deletions
diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index ff7cb88d1..7f7d8cea3 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -675,52 +675,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert json_response(res, 400) == %{"error" => "{\"email\":[\"has already been taken\"]}"} end - clear_config([Pleroma.Plugs.RemoteIp, :enabled]) - - test "rate limit", %{conn: conn} do - Pleroma.Config.put([Pleroma.Plugs.RemoteIp, :enabled], true) - app_token = insert(:oauth_token, user: nil) - - conn = - conn - |> put_req_header("authorization", "Bearer " <> app_token.token) - |> Map.put(:remote_ip, {15, 15, 15, 15}) - - for i <- 1..5 do - conn = - post(conn, "/api/v1/accounts", %{ - username: "#{i}lain", - email: "#{i}lain@example.org", - password: "PlzDontHackLain", - agreement: true - }) - - %{ - "access_token" => token, - "created_at" => _created_at, - "scope" => _scope, - "token_type" => "Bearer" - } = json_response(conn, 200) - - token_from_db = Repo.get_by(Token, token: token) - assert token_from_db - token_from_db = Repo.preload(token_from_db, :user) - assert token_from_db.user - - assert token_from_db.user.confirmation_pending - end - - conn = - post(conn, "/api/v1/accounts", %{ - username: "6lain", - email: "6lain@example.org", - password: "PlzDontHackLain", - agreement: true - }) - - assert json_response(conn, :too_many_requests) == %{"error" => "Throttled"} - end - test "returns bad_request if missing required params", %{ conn: conn, valid_params: valid_params @@ -745,6 +699,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end) end + clear_config([:instance, :account_activation_required]) + test "returns bad_request if missing email params when :account_activation_required is enabled", %{conn: conn, valid_params: valid_params} do Pleroma.Config.put([:instance, :account_activation_required], true) @@ -799,6 +755,59 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end end + describe "create account by app / rate limit" do + clear_config([Pleroma.Plugs.RemoteIp, :enabled]) do + Pleroma.Config.put([Pleroma.Plugs.RemoteIp, :enabled], true) + end + + clear_config([:rate_limit, :app_account_creation]) do + Pleroma.Config.put([:rate_limit, :app_account_creation], {10_000, 2}) + end + + test "respects rate limit setting", %{conn: conn} do + app_token = insert(:oauth_token, user: nil) + + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> Map.put(:remote_ip, {15, 15, 15, 15}) + + for i <- 1..2 do + conn = + post(conn, "/api/v1/accounts", %{ + username: "#{i}lain", + email: "#{i}lain@example.org", + password: "PlzDontHackLain", + agreement: true + }) + + %{ + "access_token" => token, + "created_at" => _created_at, + "scope" => _scope, + "token_type" => "Bearer" + } = json_response(conn, 200) + + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + token_from_db = Repo.preload(token_from_db, :user) + assert token_from_db.user + + assert token_from_db.user.confirmation_pending + end + + conn = + post(conn, "/api/v1/accounts", %{ + username: "6lain", + email: "6lain@example.org", + password: "PlzDontHackLain", + agreement: true + }) + + assert json_response(conn, :too_many_requests) == %{"error" => "Throttled"} + end + end + describe "GET /api/v1/accounts/:id/lists - account_lists" do test "returns lists to which the account belongs" do %{user: user, conn: conn} = oauth_access(["read:lists"]) |