summaryrefslogtreecommitdiff
path: root/test/web
diff options
context:
space:
mode:
Diffstat (limited to 'test/web')
-rw-r--r--test/web/activity_pub/activity_pub_controller_test.exs54
-rw-r--r--test/web/activity_pub/activity_pub_test.exs18
-rw-r--r--test/web/retry_queue_test.exs31
-rw-r--r--test/web/twitter_api/twitter_api_controller_test.exs78
-rw-r--r--test/web/twitter_api/util_controller_test.exs35
5 files changed, 207 insertions, 9 deletions
diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs
index 9fdf15505..cb95e0e09 100644
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@@ -112,6 +112,32 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
:timer.sleep(500)
assert Activity.get_by_ap_id(data["id"])
end
+
+ test "it rejects reads from other users", %{conn: conn} do
+ user = insert(:user)
+ otheruser = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, otheruser)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/users/#{user.nickname}/inbox")
+
+ assert json_response(conn, 403)
+ end
+
+ test "it returns a note activity in a collection", %{conn: conn} do
+ note_activity = insert(:direct_note_activity)
+ user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("accept", "application/activity+json")
+ |> get("/users/#{user.nickname}/inbox")
+
+ assert response(conn, 200) =~ note_activity.data["object"]["content"]
+ end
end
describe "/users/:nickname/outbox" do
@@ -138,6 +164,34 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert response(conn, 200) =~ announce_activity.data["object"]
end
+
+ test "it rejects posts from other users", %{conn: conn} do
+ data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+ user = insert(:user)
+ otheruser = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, otheruser)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ assert json_response(conn, 403)
+ end
+
+ test "it inserts an incoming activity into the database", %{conn: conn} do
+ data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
+ user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{user.nickname}/outbox", data)
+
+ result = json_response(conn, 201)
+ assert Activity.get_by_ap_id(result["id"])
+ end
end
describe "/users/:nickname/followers" do
diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index 7bccd7500..2453998ad 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -31,6 +31,24 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
end
describe "insertion" do
+ test "drops activities beyond a certain limit" do
+ limit = Pleroma.Config.get([:instance, :remote_limit])
+
+ random_text =
+ :crypto.strong_rand_bytes(limit + 1)
+ |> Base.encode64()
+ |> binary_part(0, limit + 1)
+
+ data = %{
+ "ok" => true,
+ "object" => %{
+ "content" => random_text
+ }
+ }
+
+ assert {:error, {:remote_limit_error, _}} = ActivityPub.insert(data)
+ end
+
test "returns the activity if one with the same id is already in" do
activity = insert(:note_activity)
{:ok, new_activity} = ActivityPub.insert(activity.data)
diff --git a/test/web/retry_queue_test.exs b/test/web/retry_queue_test.exs
index 9351b6c24..ecb3ce5d0 100644
--- a/test/web/retry_queue_test.exs
+++ b/test/web/retry_queue_test.exs
@@ -3,7 +3,8 @@
# SPDX-License-Identifier: AGPL-3.0-only
defmodule MockActivityPub do
- def publish_one(ret) do
+ def publish_one({ret, waiter}) do
+ send(waiter, :complete)
{ret, "success"}
end
end
@@ -15,21 +16,33 @@ defmodule Pleroma.Web.Federator.RetryQueueTest do
@small_retry_count 0
@hopeless_retry_count 10
+ setup do
+ RetryQueue.reset_stats()
+ end
+
+ test "RetryQueue responds to stats request" do
+ assert %{delivered: 0, dropped: 0} == RetryQueue.get_stats()
+ end
+
test "failed posts are retried" do
{:retry, _timeout} = RetryQueue.get_retry_params(@small_retry_count)
- assert {:noreply, %{delivered: 1}} ==
- RetryQueue.handle_info({:send, :ok, MockActivityPub, @small_retry_count}, %{
- delivered: 0
- })
+ wait_task =
+ Task.async(fn ->
+ receive do
+ :complete -> :ok
+ end
+ end)
+
+ RetryQueue.enqueue({:ok, wait_task.pid}, MockActivityPub, @small_retry_count)
+ Task.await(wait_task)
+ assert %{delivered: 1, dropped: 0} == RetryQueue.get_stats()
end
test "posts that have been tried too many times are dropped" do
{:drop, _timeout} = RetryQueue.get_retry_params(@hopeless_retry_count)
- assert {:noreply, %{dropped: 1}} ==
- RetryQueue.handle_cast({:maybe_enqueue, %{}, nil, @hopeless_retry_count}, %{
- dropped: 0
- })
+ RetryQueue.enqueue({:ok, nil}, MockActivityPub, @hopeless_retry_count)
+ assert %{delivered: 0, dropped: 1} == RetryQueue.get_stats()
end
end
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index 474d72df6..c41f615ac 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -112,6 +112,8 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
end
describe "GET /statuses/public_timeline.json" do
+ setup [:valid_user]
+
test "returns statuses", %{conn: conn} do
user = insert(:user)
activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
@@ -145,14 +147,44 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
Application.put_env(:pleroma, :instance, instance)
end
+ test "returns 200 to authenticated request when the instance is not public",
+ %{conn: conn, user: user} do
+ instance =
+ Application.get_env(:pleroma, :instance)
+ |> Keyword.put(:public, false)
+
+ Application.put_env(:pleroma, :instance, instance)
+
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> get("/api/statuses/public_timeline.json")
+ |> json_response(200)
+
+ instance =
+ Application.get_env(:pleroma, :instance)
+ |> Keyword.put(:public, true)
+
+ Application.put_env(:pleroma, :instance, instance)
+ end
+
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
conn
|> get("/api/statuses/public_timeline.json")
|> json_response(200)
end
+
+ test "returns 200 to authenticated request when the instance is public",
+ %{conn: conn, user: user} do
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> get("/api/statuses/public_timeline.json")
+ |> json_response(200)
+ end
end
describe "GET /statuses/public_and_external_timeline.json" do
+ setup [:valid_user]
+
test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do
instance =
Application.get_env(:pleroma, :instance)
@@ -171,11 +203,39 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
Application.put_env(:pleroma, :instance, instance)
end
+ test "returns 200 to authenticated request when the instance is not public",
+ %{conn: conn, user: user} do
+ instance =
+ Application.get_env(:pleroma, :instance)
+ |> Keyword.put(:public, false)
+
+ Application.put_env(:pleroma, :instance, instance)
+
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> get("/api/statuses/public_and_external_timeline.json")
+ |> json_response(200)
+
+ instance =
+ Application.get_env(:pleroma, :instance)
+ |> Keyword.put(:public, true)
+
+ Application.put_env(:pleroma, :instance, instance)
+ end
+
test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
conn
|> get("/api/statuses/public_and_external_timeline.json")
|> json_response(200)
end
+
+ test "returns 200 to authenticated request when the instance is public",
+ %{conn: conn, user: user} do
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> get("/api/statuses/public_and_external_timeline.json")
+ |> json_response(200)
+ end
end
describe "GET /statuses/show/:id.json" do
@@ -1085,6 +1145,24 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
end
end
+ describe "GET /api/statuses/blocks" do
+ test "it returns the list of users blocked by requester", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user)
+
+ {:ok, user} = User.block(user, other_user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/statuses/blocks")
+
+ expected = UserView.render("index.json", %{users: [other_user], for: user})
+ result = json_response(conn, 200)
+ assert Enum.sort(expected) == Enum.sort(result)
+ end
+ end
+
describe "GET /api/statuses/friends" do
test "it returns the logged in user's friends", %{conn: conn} do
user = insert(:user)
diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs
new file mode 100644
index 000000000..73aa70bd5
--- /dev/null
+++ b/test/web/twitter_api/util_controller_test.exs
@@ -0,0 +1,35 @@
+defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
+ use Pleroma.Web.ConnCase
+
+ import Pleroma.Factory
+
+ describe "POST /api/pleroma/follow_import" do
+ test "it returns HTTP 200", %{conn: conn} do
+ user1 = insert(:user)
+ user2 = insert(:user)
+
+ response =
+ conn
+ |> assign(:user, user1)
+ |> post("/api/pleroma/follow_import", %{"list" => "#{user2.ap_id}"})
+ |> json_response(:ok)
+
+ assert response == "job started"
+ end
+ end
+
+ describe "POST /api/pleroma/blocks_import" do
+ test "it returns HTTP 200", %{conn: conn} do
+ user1 = insert(:user)
+ user2 = insert(:user)
+
+ response =
+ conn
+ |> assign(:user, user1)
+ |> post("/api/pleroma/blocks_import", %{"list" => "#{user2.ap_id}"})
+ |> json_response(:ok)
+
+ assert response == "job started"
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-02 02:21:59 +0000