diff options
Diffstat (limited to 'test/web')
| -rw-r--r-- | test/web/activity_pub/activity_pub_test.exs | 41 | ||||
| -rw-r--r-- | test/web/activity_pub/mrf/anti_followbot_policy_test.exs | 57 | ||||
| -rw-r--r-- | test/web/mastodon_api/account_view_test.exs | 8 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 57 | ||||
| -rw-r--r-- | test/web/mastodon_api/status_view_test.exs | 5 | ||||
| -rw-r--r-- | test/web/metadata/opengraph_test.exs | 94 | ||||
| -rw-r--r-- | test/web/oauth/oauth_controller_test.exs | 25 | ||||
| -rw-r--r-- | test/web/ostatus/ostatus_controller_test.exs | 24 | ||||
| -rw-r--r-- | test/web/rich_media/controllers/rich_media_controller_test.exs | 17 | ||||
| -rw-r--r-- | test/web/twitter_api/twitter_api_controller_test.exs | 6 | ||||
| -rw-r--r-- | test/web/twitter_api/views/user_view_test.exs | 4 |
11 files changed, 309 insertions, 29 deletions
diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index d517c7aa7..75b0918a6 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -65,6 +65,34 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do assert user.info.ap_enabled assert user.follower_address == "http://mastodon.example.org/users/admin/followers" end + + test "it fetches the appropriate tag-restricted posts" do + user = insert(:user) + + {:ok, status_one} = CommonAPI.post(user, %{"status" => ". #test"}) + {:ok, status_two} = CommonAPI.post(user, %{"status" => ". #essais"}) + {:ok, status_three} = CommonAPI.post(user, %{"status" => ". #test #reject"}) + + fetch_one = ActivityPub.fetch_activities([], %{"tag" => "test"}) + fetch_two = ActivityPub.fetch_activities([], %{"tag" => ["test", "essais"]}) + + fetch_three = + ActivityPub.fetch_activities([], %{ + "tag" => ["test", "essais"], + "tag_reject" => ["reject"] + }) + + fetch_four = + ActivityPub.fetch_activities([], %{ + "tag" => ["test"], + "tag_all" => ["test", "reject"] + }) + + assert fetch_one == [status_one, status_three] + assert fetch_two == [status_one, status_two, status_three] + assert fetch_three == [status_one, status_two] + assert fetch_four == [status_three] + end end describe "insertion" do @@ -86,6 +114,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do assert {:error, {:remote_limit_error, _}} = ActivityPub.insert(data) end + test "doesn't drop activities with content being null" do + data = %{ + "ok" => true, + "object" => %{ + "content" => nil + } + } + + assert {:ok, _} = ActivityPub.insert(data) + end + test "returns the activity if one with the same id is already in" do activity = insert(:note_activity) {:ok, new_activity} = ActivityPub.insert(activity.data) @@ -161,7 +200,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do assert activity.data["to"] == ["user1", "user2"] assert activity.actor == user.ap_id - assert activity.recipients == ["user1", "user2"] + assert activity.recipients == ["user1", "user2", user.ap_id] end end diff --git a/test/web/activity_pub/mrf/anti_followbot_policy_test.exs b/test/web/activity_pub/mrf/anti_followbot_policy_test.exs new file mode 100644 index 000000000..2ea4f9d3f --- /dev/null +++ b/test/web/activity_pub/mrf/anti_followbot_policy_test.exs @@ -0,0 +1,57 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicyTest do + use Pleroma.DataCase + import Pleroma.Factory + + alias Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicy + + describe "blocking based on attributes" do + test "matches followbots by nickname" do + actor = insert(:user, %{nickname: "followbot@example.com"}) + target = insert(:user) + + message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "type" => "Follow", + "actor" => actor.ap_id, + "object" => target.ap_id, + "id" => "https://example.com/activities/1234" + } + + {:reject, nil} = AntiFollowbotPolicy.filter(message) + end + + test "matches followbots by display name" do + actor = insert(:user, %{name: "Federation Bot"}) + target = insert(:user) + + message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "type" => "Follow", + "actor" => actor.ap_id, + "object" => target.ap_id, + "id" => "https://example.com/activities/1234" + } + + {:reject, nil} = AntiFollowbotPolicy.filter(message) + end + end + + test "it allows non-followbots" do + actor = insert(:user) + target = insert(:user) + + message = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "type" => "Follow", + "actor" => actor.ap_id, + "object" => target.ap_id, + "id" => "https://example.com/activities/1234" + } + + {:ok, _} = AntiFollowbotPolicy.filter(message) + end +end diff --git a/test/web/mastodon_api/account_view_test.exs b/test/web/mastodon_api/account_view_test.exs index d53e11963..f8cd68173 100644 --- a/test/web/mastodon_api/account_view_test.exs +++ b/test/web/mastodon_api/account_view_test.exs @@ -61,7 +61,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do }, pleroma: %{ confirmation_pending: false, - tags: [] + tags: [], + is_admin: false, + is_moderator: false } } @@ -102,7 +104,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do }, pleroma: %{ confirmation_pending: false, - tags: [] + tags: [], + is_admin: false, + is_moderator: false } } diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 8443dc856..b8f901e6c 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -148,7 +148,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert %{"id" => id, "visibility" => "direct"} = json_response(conn, 200) assert activity = Repo.get(Activity, id) - assert activity.recipients == [user2.ap_id] + assert activity.recipients == [user2.ap_id, user1.ap_id] assert activity.data["to"] == [user2.ap_id] assert activity.data["cc"] == [] end @@ -182,6 +182,16 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert %{"visibility" => "direct"} = status assert status["url"] != direct.data["id"] + # User should be able to see his own direct message + res_conn = + build_conn() + |> assign(:user, user_one) + |> get("api/v1/timelines/direct") + + [status] = json_response(res_conn, 200) + + assert %{"visibility" => "direct"} = status + # Both should be visible here res_conn = conn @@ -1034,6 +1044,34 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do end) end + test "multi-hashtag timeline", %{conn: conn} do + user = insert(:user) + + {:ok, activity_test} = CommonAPI.post(user, %{"status" => "#test"}) + {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"}) + {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"}) + + any_test = + conn + |> get("/api/v1/timelines/tag/test", %{"any" => ["test1"]}) + + [status_none, status_test1, status_test] = json_response(any_test, 200) + + assert to_string(activity_test.id) == status_test["id"] + assert to_string(activity_test1.id) == status_test1["id"] + assert to_string(activity_none.id) == status_none["id"] + + restricted_test = + conn + |> get("/api/v1/timelines/tag/test", %{"all" => ["test1"], "none" => ["none"]}) + + assert [status_test1] == json_response(restricted_test, 200) + + all_test = conn |> get("/api/v1/timelines/tag/test", %{"all" => ["none"]}) + + assert [status_none] == json_response(all_test, 200) + end + test "getting followers", %{conn: conn} do user = insert(:user) other_user = insert(:user) @@ -1613,5 +1651,22 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do |> post("/api/v1/statuses/#{activity_two.id}/pin") |> json_response(400) end + + test "Status rich-media Card", %{conn: conn, user: user} do + {:ok, activity} = CommonAPI.post(user, %{"status" => "http://example.com/ogp"}) + + response = + conn + |> get("/api/v1/statuses/#{activity.id}/card") + |> json_response(200) + + assert response == %{ + "image" => "http://ia.media-imdb.com/images/rock.jpg", + "provider_name" => "www.imdb.com", + "title" => "The Rock", + "type" => "link", + "url" => "http://www.imdb.com/title/tt0117500/" + } + end end end diff --git a/test/web/mastodon_api/status_view_test.exs b/test/web/mastodon_api/status_view_test.exs index e33479368..ebf6273e8 100644 --- a/test/web/mastodon_api/status_view_test.exs +++ b/test/web/mastodon_api/status_view_test.exs @@ -149,7 +149,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do status = StatusView.render("status.json", %{activity: activity}) - assert status.mentions == [AccountView.render("mention.json", %{user: user})] + actor = Repo.get_by(User, ap_id: activity.actor) + + assert status.mentions == + Enum.map([user, actor], fn u -> AccountView.render("mention.json", %{user: u}) end) end test "attachments" do diff --git a/test/web/metadata/opengraph_test.exs b/test/web/metadata/opengraph_test.exs new file mode 100644 index 000000000..4283f72cd --- /dev/null +++ b/test/web/metadata/opengraph_test.exs @@ -0,0 +1,94 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Metadata.Providers.OpenGraphTest do + use Pleroma.DataCase + import Pleroma.Factory + alias Pleroma.Web.Metadata.Providers.OpenGraph + + test "it renders all supported types of attachments and skips unknown types" do + user = insert(:user) + + note = + insert(:note, %{ + data: %{ + "actor" => user.ap_id, + "tag" => [], + "id" => "https://pleroma.gov/objects/whatever", + "content" => "pleroma in a nutshell", + "attachment" => [ + %{ + "url" => [ + %{"mediaType" => "image/png", "href" => "https://pleroma.gov/tenshi.png"} + ] + }, + %{ + "url" => [ + %{ + "mediaType" => "application/octet-stream", + "href" => "https://pleroma.gov/fqa/badapple.sfc" + } + ] + }, + %{ + "url" => [ + %{"mediaType" => "video/webm", "href" => "https://pleroma.gov/about/juche.webm"} + ] + }, + %{ + "url" => [ + %{ + "mediaType" => "audio/basic", + "href" => "http://www.gnu.org/music/free-software-song.au" + } + ] + } + ] + } + }) + + result = OpenGraph.build_tags(%{object: note, url: note.data["id"], user: user}) + + assert Enum.all?( + [ + {:meta, [property: "og:image", content: "https://pleroma.gov/tenshi.png"], []}, + {:meta, + [property: "og:audio", content: "http://www.gnu.org/music/free-software-song.au"], + []}, + {:meta, [property: "og:video", content: "https://pleroma.gov/about/juche.webm"], + []} + ], + fn element -> element in result end + ) + end + + test "it does not render attachments if post is nsfw" do + Pleroma.Config.put([Pleroma.Web.Metadata, :unfurl_nsfw], false) + user = insert(:user, avatar: %{"url" => [%{"href" => "https://pleroma.gov/tenshi.png"}]}) + + note = + insert(:note, %{ + data: %{ + "actor" => user.ap_id, + "id" => "https://pleroma.gov/objects/whatever", + "content" => "#cuteposting #nsfw #hambaga", + "tag" => ["cuteposting", "nsfw", "hambaga"], + "sensitive" => true, + "attachment" => [ + %{ + "url" => [ + %{"mediaType" => "image/png", "href" => "https://misskey.microsoft/corndog.png"} + ] + } + ] + } + }) + + result = OpenGraph.build_tags(%{object: note, url: note.data["id"], user: user}) + + assert {:meta, [property: "og:image", content: "https://pleroma.gov/tenshi.png"], []} in result + + refute {:meta, [property: "og:image", content: "https://misskey.microsoft/corndog.png"], []} in result + end +end diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index ccd552258..e0d3cb55f 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -34,6 +34,31 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do assert Repo.get_by(Authorization, token: code) end + test "correctly handles wrong credentials", %{conn: conn} do + user = insert(:user) + app = insert(:oauth_app) + + result = + conn + |> post("/oauth/authorize", %{ + "authorization" => %{ + "name" => user.nickname, + "password" => "wrong", + "client_id" => app.client_id, + "redirect_uri" => app.redirect_uris, + "state" => "statepassed" + } + }) + |> html_response(:unauthorized) + + # Keep the details + assert result =~ app.client_id + assert result =~ app.redirect_uris + + # Error message + assert result =~ "Invalid" + end + test "issues a token for an all-body request" do user = insert(:user) app = insert(:oauth_app) diff --git a/test/web/ostatus/ostatus_controller_test.exs b/test/web/ostatus/ostatus_controller_test.exs index ad9bc418a..cba12b3f7 100644 --- a/test/web/ostatus/ostatus_controller_test.exs +++ b/test/web/ostatus/ostatus_controller_test.exs @@ -108,6 +108,7 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do conn = conn + |> put_req_header("accept", "application/xml") |> get(url) expected = @@ -134,31 +135,34 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do |> response(404) end + test "gets an activity in xml format", %{conn: conn} do + note_activity = insert(:note_activity) + [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"])) + + conn + |> put_req_header("accept", "application/xml") + |> get("/activities/#{uuid}") + |> response(200) + end + test "404s on deleted objects", %{conn: conn} do note_activity = insert(:note_activity) [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["object"]["id"])) object = Object.get_by_ap_id(note_activity.data["object"]["id"]) conn + |> put_req_header("accept", "application/xml") |> get("/objects/#{uuid}") |> response(200) Object.delete(object) conn + |> put_req_header("accept", "application/xml") |> get("/objects/#{uuid}") |> response(404) end - test "gets an activity", %{conn: conn} do - note_activity = insert(:note_activity) - [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"])) - - conn - |> get("/activities/#{uuid}") - |> response(200) - end - test "404s on private activities", %{conn: conn} do note_activity = insert(:direct_note_activity) [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"])) @@ -174,7 +178,7 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do |> response(404) end - test "gets a notice", %{conn: conn} do + test "gets a notice in xml format", %{conn: conn} do note_activity = insert(:note_activity) conn diff --git a/test/web/rich_media/controllers/rich_media_controller_test.exs b/test/web/rich_media/controllers/rich_media_controller_test.exs index 37c82631f..fef126513 100644 --- a/test/web/rich_media/controllers/rich_media_controller_test.exs +++ b/test/web/rich_media/controllers/rich_media_controller_test.exs @@ -1,19 +1,14 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.RichMedia.RichMediaControllerTest do use Pleroma.Web.ConnCase import Pleroma.Factory + import Tesla.Mock setup do - Tesla.Mock.mock(fn - %{ - method: :get, - url: "http://example.com/ogp" - } -> - %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")} - - %{method: :get, url: "http://example.com/empty"} -> - %Tesla.Env{status: 200, body: "hello"} - end) - + mock(fn env -> apply(HttpRequestMock, :request, [env]) end) :ok end diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index f22cdd870..863abd10f 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -797,7 +797,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> with_credentials(current_user.nickname, "test") |> post("/api/favorites/create/1.json") - assert json_response(conn, 500) + assert json_response(conn, 400) end end @@ -1621,7 +1621,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do conn = build_conn() |> assign(:user, user) - |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)}) + |> post("/api/pleroma/friendships/approve", %{"user_id" => other_user.id}) assert relationship = json_response(conn, 200) assert other_user.id == relationship["id"] @@ -1644,7 +1644,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do conn = build_conn() |> assign(:user, user) - |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)}) + |> post("/api/pleroma/friendships/deny", %{"user_id" => other_user.id}) assert relationship = json_response(conn, 200) assert other_user.id == relationship["id"] diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 5f7481eb6..daf18c1c5 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -100,6 +100,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "locked" => false, "default_scope" => "public", "no_rich_text" => false, + "hide_network" => false, "fields" => [], "pleroma" => %{ "confirmation_pending" => false, @@ -146,6 +147,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "locked" => false, "default_scope" => "public", "no_rich_text" => false, + "hide_network" => false, "fields" => [], "pleroma" => %{ "confirmation_pending" => false, @@ -193,6 +195,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "locked" => false, "default_scope" => "public", "no_rich_text" => false, + "hide_network" => false, "fields" => [], "pleroma" => %{ "confirmation_pending" => false, @@ -254,6 +257,7 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "locked" => false, "default_scope" => "public", "no_rich_text" => false, + "hide_network" => false, "fields" => [], "pleroma" => %{ "confirmation_pending" => false, |