8 files changed, 276 insertions, 17 deletions

diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index 6d23adfcd..9adce84b5 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -171,6 +171,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
   end
 
   describe "public fetch activities" do
+    test "doesn't retrieve unlisted activities" do
+      user = insert(:user)
+
+      {:ok, unlisted_activity} =
+        CommonAPI.post(user, %{"status" => "yeah", "visibility" => "unlisted"})
+
+      {:ok, listed_activity} = CommonAPI.post(user, %{"status" => "yeah"})
+
+      [activity] = ActivityPub.fetch_public_activities()
+
+      assert activity == listed_activity
+    end
+
     test "retrieves public activities" do
       _activities = ActivityPub.fetch_public_activities()
 
@@ -264,7 +277,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
       {:ok, like_activity, object} = ActivityPub.like(user, object)
       assert object.data["like_count"] == 1
 
-      {:ok, object} = ActivityPub.unlike(user, object)
+      {:ok, _, _, object} = ActivityPub.unlike(user, object)
       assert object.data["like_count"] == 0
 
       assert Repo.get(Activity, like_activity.id) == nil
@@ -292,6 +305,38 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
     end
   end
 
+  describe "unannouncing an object" do
+    test "unannouncing a previously announced object" do
+      note_activity = insert(:note_activity)
+      object = Object.get_by_ap_id(note_activity.data["object"]["id"])
+      user = insert(:user)
+
+      # Unannouncing an object that is not announced does nothing
+      # {:ok, object} = ActivityPub.unannounce(user, object)
+      # assert object.data["announcement_count"] == 0
+
+      {:ok, announce_activity, object} = ActivityPub.announce(user, object)
+      assert object.data["announcement_count"] == 1
+
+      {:ok, unannounce_activity, activity, object} = ActivityPub.unannounce(user, object)
+      assert object.data["announcement_count"] == 0
+
+      assert activity == announce_activity
+
+      assert unannounce_activity.data["to"] == [
+               User.ap_followers(user),
+               announce_activity.data["actor"]
+             ]
+
+      assert unannounce_activity.data["type"] == "Undo"
+      assert unannounce_activity.data["object"] == announce_activity.data
+      assert unannounce_activity.data["actor"] == user.ap_id
+      assert unannounce_activity.data["context"] == announce_activity.data["context"]
+
+      assert Repo.get(Activity, announce_activity.id) == nil
+    end
+  end
+
   describe "uploading files" do
     test "copies the file to the configured folder" do
       file = %Plug.Upload{
diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index eb093262f..a0af75a69 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -1,6 +1,7 @@
 defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
   use Pleroma.DataCase
   alias Pleroma.Web.ActivityPub.Transmogrifier
+  alias Pleroma.Web.ActivityPub.Utils
   alias Pleroma.Web.OStatus
   alias Pleroma.Activity
   alias Pleroma.User
@@ -118,6 +119,23 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
       assert User.following?(User.get_by_ap_id(data["actor"]), user)
     end
 
+    test "it works for incoming follow requests from hubzilla" do
+      user = insert(:user)
+
+      data =
+        File.read!("test/fixtures/hubzilla-follow-activity.json")
+        |> Poison.decode!()
+        |> Map.put("object", user.ap_id)
+        |> Utils.normalize_params()
+
+      {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+
+      assert data["actor"] == "https://hubzilla.example.org/channel/kaniini"
+      assert data["type"] == "Follow"
+      assert data["id"] == "https://hubzilla.example.org/channel/kaniini#follows/2"
+      assert User.following?(User.get_by_ap_id(data["actor"]), user)
+    end
+
     test "it works for incoming likes" do
       user = insert(:user)
       {:ok, activity} = CommonAPI.post(user, %{"status" => "hello"})
@@ -135,6 +153,43 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
       assert data["object"] == activity.data["object"]["id"]
     end
 
+    test "it returns an error for incoming unlikes wihout a like activity" do
+      user = insert(:user)
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "leave a like pls"})
+
+      data =
+        File.read!("test/fixtures/mastodon-undo-like.json")
+        |> Poison.decode!()
+        |> Map.put("object", activity.data["object"]["id"])
+
+      assert Transmogrifier.handle_incoming(data) == :error
+    end
+
+    test "it works for incoming unlikes with an existing like activity" do
+      user = insert(:user)
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "leave a like pls"})
+
+      like_data =
+        File.read!("test/fixtures/mastodon-like.json")
+        |> Poison.decode!()
+        |> Map.put("object", activity.data["object"]["id"])
+
+      {:ok, %Activity{data: like_data, local: false}} = Transmogrifier.handle_incoming(like_data)
+
+      data =
+        File.read!("test/fixtures/mastodon-undo-like.json")
+        |> Poison.decode!()
+        |> Map.put("object", like_data)
+        |> Map.put("actor", like_data["actor"])
+
+      {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+
+      assert data["actor"] == "http://mastodon.example.org/users/admin"
+      assert data["type"] == "Undo"
+      assert data["id"] == "http://mastodon.example.org/users/admin#likes/2/undo"
+      assert data["object"]["id"] == "http://mastodon.example.org/users/admin#likes/2"
+    end
+
     test "it works for incoming announces" do
       data = File.read!("test/fixtures/mastodon-announce.json") |> Poison.decode!()
 
@@ -232,6 +287,34 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       refute Repo.get(Activity, activity.id)
     end
+
+    test "it works for incoming unannounces with an existing notice" do
+      user = insert(:user)
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"})
+
+      announce_data =
+        File.read!("test/fixtures/mastodon-announce.json")
+        |> Poison.decode!()
+        |> Map.put("object", activity.data["object"]["id"])
+
+      {:ok, %Activity{data: announce_data, local: false}} =
+        Transmogrifier.handle_incoming(announce_data)
+
+      data =
+        File.read!("test/fixtures/mastodon-undo-announce.json")
+        |> Poison.decode!()
+        |> Map.put("object", announce_data)
+        |> Map.put("actor", announce_data["actor"])
+
+      {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+
+      assert data["type"] == "Undo"
+      assert data["object"]["type"] == "Announce"
+      assert data["object"]["object"] == activity.data["object"]["id"]
+
+      assert data["object"]["id"] ==
+               "http://mastodon.example.org/users/admin/statuses/99542391527669785/activity"
+    end
   end
 
   describe "prepare outgoing" do
@@ -392,4 +475,15 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
       assert Repo.get(WebsubClientSubscription, ws2.id)
     end
   end
+
+  describe "actor rewriting" do
+    test "it fixes the actor URL property to be a proper URI" do
+      data = %{
+        "url" => %{"href" => "http://example.com"}
+      }
+
+      rewritten = Transmogrifier.maybe_fix_user_object(data)
+      assert rewritten["url"] == "http://example.com"
+    end
+  end
 end
diff --git a/test/web/common_api/common_api_utils_test.exs b/test/web/common_api/common_api_utils_test.exs
index 689bdd61e..23cce471f 100644
--- a/test/web/common_api/common_api_utils_test.exs
+++ b/test/web/common_api/common_api_utils_test.exs
@@ -1,5 +1,6 @@
 defmodule Pleroma.Web.CommonAPI.UtilsTest do
   alias Pleroma.Web.CommonAPI.Utils
+  alias Pleroma.Builders.{UserBuilder}
   use Pleroma.DataCase
 
   test "it adds attachment links to a given text and attachment set" do
@@ -15,4 +16,18 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
     assert res ==
              "<br><a href=\"#{name}\" class='attachment'>Sakura Mana – Turned on by a Se…</a>"
   end
+
+  describe "it confirms the password given is the current users password" do
+    test "incorrect password given" do
+      {:ok, user} = UserBuilder.insert()
+
+      assert Utils.confirm_current_password(user, %{"password" => ""}) ==
+               {:error, "Invalid password."}
+    end
+
+    test "correct password given" do
+      {:ok, user} = UserBuilder.insert()
+      assert Utils.confirm_current_password(user, %{"password" => "test"}) == {:ok, user}
+    end
+  end
 end
diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs
index 94131dcb3..72f948230 100644
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@@ -332,6 +332,24 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
     end
   end
 
+  describe "unreblogging" do
+    test "unreblogs and returns the unreblogged status", %{conn: conn} do
+      activity = insert(:note_activity)
+      user = insert(:user)
+
+      {:ok, _, _} = CommonAPI.repeat(activity.id, user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/#{activity.id}/unreblog")
+
+      assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} = json_response(conn, 200)
+
+      assert to_string(activity.id) == id
+    end
+  end
+
   describe "favoriting" do
     test "favs a status and returns it", %{conn: conn} do
       activity = insert(:note_activity)
@@ -370,18 +388,47 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
 
   describe "user timelines" do
     test "gets a users statuses", %{conn: conn} do
-      _note = insert(:note_activity)
-      note_two = insert(:note_activity)
+      user_one = insert(:user)
+      user_two = insert(:user)
+      user_three = insert(:user)
 
-      user = User.get_by_ap_id(note_two.data["actor"])
+      {:ok, user_three} = User.follow(user_three, user_one)
 
-      conn =
+      {:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"})
+
+      {:ok, direct_activity} =
+        CommonAPI.post(user_one, %{
+          "status" => "Hi, @#{user_two.nickname}.",
+          "visibility" => "direct"
+        })
+
+      {:ok, private_activity} =
+        CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"})
+
+      resp =
         conn
-        |> get("/api/v1/accounts/#{user.id}/statuses")
+        |> get("/api/v1/accounts/#{user_one.id}/statuses")
 
-      assert [%{"id" => id}] = json_response(conn, 200)
+      assert [%{"id" => id}] = json_response(resp, 200)
+      assert id == to_string(activity.id)
+
+      resp =
+        conn
+        |> assign(:user, user_two)
+        |> get("/api/v1/accounts/#{user_one.id}/statuses")
+
+      assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
+      assert id_one == to_string(direct_activity.id)
+      assert id_two == to_string(activity.id)
 
-      assert id == to_string(note_two.id)
+      resp =
+        conn
+        |> assign(:user, user_three)
+        |> get("/api/v1/accounts/#{user_one.id}/statuses")
+
+      assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
+      assert id_one == to_string(private_activity.id)
+      assert id_two == to_string(activity.id)
     end
 
     test "unimplemented pinned statuses feature", %{conn: conn} do
@@ -625,16 +672,29 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
 
   test "account search", %{conn: conn} do
     user = insert(:user)
-    _user_two = insert(:user, %{nickname: "shp@shitposter.club"})
+    user_two = insert(:user, %{nickname: "shp@shitposter.club"})
     user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
 
-    conn =
+    results =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/accounts/search", %{"q" => "shp"})
+      |> json_response(200)
+
+    result_ids = for result <- results, do: result["acct"]
+
+    assert user_two.nickname in result_ids
+    assert user_three.nickname in result_ids
+
+    results =
       conn
       |> assign(:user, user)
       |> get("/api/v1/accounts/search", %{"q" => "2hu"})
+      |> json_response(200)
 
-    assert [account] = json_response(conn, 200)
-    assert account["id"] == to_string(user_three.id)
+    result_ids = for result <- results, do: result["acct"]
+
+    assert user_three.nickname in result_ids
   end
 
   test "search", %{conn: conn} do
@@ -658,7 +718,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
 
     assert results = json_response(conn, 200)
 
-    [account] = results["accounts"]
+    [account | _] = results["accounts"]
     assert account["id"] == to_string(user_three.id)
 
     assert results["hashtags"] == []
diff --git a/test/web/twitter_api/representers/activity_representer_test.exs b/test/web/twitter_api/representers/activity_representer_test.exs
index bb47d4409..16c6e7b0d 100644
--- a/test/web/twitter_api/representers/activity_representer_test.exs
+++ b/test/web/twitter_api/representers/activity_representer_test.exs
@@ -154,7 +154,8 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenterTest do
       "tags" => ["nsfw", "content", "mentioning"],
       "activity_type" => "post",
       "possibly_sensitive" => true,
-      "uri" => activity.data["object"]["id"]
+      "uri" => activity.data["object"]["id"],
+      "visibility" => "direct"
     }
 
     assert ActivityRepresenter.to_map(activity, %{
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index d7113979a..02aba0bc8 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -257,8 +257,10 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     end
 
     test "with credentials", %{conn: conn, user: current_user} do
+      other_user = insert(:user)
+
       {:ok, activity} =
-        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
+        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
 
       conn =
         conn
@@ -798,4 +800,31 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     user = Repo.get!(User, user.id)
     assert user.bio == "Hello,<br>World! I<br> am a test."
   end
+
+  describe "POST /api/pleroma/delete_account" do
+    setup [:valid_user]
+
+    test "without credentials", %{conn: conn} do
+      conn = post(conn, "/api/pleroma/delete_account")
+      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
+    end
+
+    test "with credentials and invalid password", %{conn: conn, user: current_user} do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/delete_account", %{"password" => "hi"})
+
+      assert json_response(conn, 200) == %{"error" => "Invalid password."}
+    end
+
+    test "with credentials and valid password", %{conn: conn, user: current_user} do
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> post("/api/pleroma/delete_account", %{"password" => "test"})
+
+      assert json_response(conn, 200) == %{"status" => "success"}
+    end
+  end
 end
diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs
index 7f2017d3c..5b2a7466b 100644
--- a/test/web/twitter_api/views/activity_view_test.exs
+++ b/test/web/twitter_api/views/activity_view_test.exs
@@ -18,7 +18,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do
     user = insert(:user)
     other_user = insert(:user, %{nickname: "shp"})
 
-    {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})
+    {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})
 
     result = ActivityView.render("activity.json", activity: activity)
 
@@ -47,7 +47,8 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do
       "tags" => [],
       "text" => "Hey @shp!",
       "uri" => activity.data["object"]["id"],
-      "user" => UserView.render("show.json", %{user: user})
+      "user" => UserView.render("show.json", %{user: user}),
+      "visibility" => "direct"
     }
 
     assert result == expected
diff --git a/test/web/web_finger/web_finger_test.exs b/test/web/web_finger/web_finger_test.exs
index 69216f393..99bf210ea 100644
--- a/test/web/web_finger/web_finger_test.exs
+++ b/test/web/web_finger/web_finger_test.exs
@@ -49,6 +49,14 @@ defmodule Pleroma.Web.WebFingerTest do
       {:ok, _data} = WebFinger.finger(user)
     end
 
+    test "returns the ActivityPub actor URI for an ActivityPub user with the ld+json mimetype" do
+      user = "kaniini@gerzilla.de"
+
+      {:ok, data} = WebFinger.finger(user)
+
+      assert data["ap_id"] == "https://gerzilla.de/channel/kaniini"
+    end
+
     test "returns the correctly for json ostatus users" do
       user = "winterdienst@gnusocial.de"
 
@@ -80,6 +88,12 @@ defmodule Pleroma.Web.WebFingerTest do
 
       assert template == "https://macgirvin.com/xrd/?uri={uri}"
     end
+
+    test "it gets the xrd endpoint for statusnet" do
+      {:ok, template} = WebFinger.find_lrdd_template("status.alpicola.com")
+
+      assert template == "http://status.alpicola.com/main/xrd?uri={uri}"
+    end
   end
 
   describe "ensure_keys_present" do