diff options
Diffstat (limited to 'test')
21 files changed, 1026 insertions, 34 deletions
diff --git a/test/fixtures/tesla_mock/https___lm.kazv.moe_users_mewmew.xml b/test/fixtures/tesla_mock/https___lm.kazv.moe_users_mewmew.xml new file mode 100644 index 000000000..b9e8dbbf5 --- /dev/null +++ b/test/fixtures/tesla_mock/https___lm.kazv.moe_users_mewmew.xml @@ -0,0 +1 @@ +<?xml version="1.0" encoding="UTF-8"?><XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0"><Subject>acct:mewmew@lm.kazv.moe</Subject><Alias>https://lm.kazv.moe/users/mewmew</Alias><Alias>https://lm.kazv.moe/users/tester</Alias><Alias>https://lm.kazv.moe/users/testuser</Alias><Link href="https://lm.kazv.moe/users/mewmew" rel="http://webfinger.net/rel/profile-page" type="text/html" /><Link href="https://lm.kazv.moe/users/mewmew" rel="self" type="application/activity+json" /><Link href="https://lm.kazv.moe/users/mewmew" rel="self" type="application/ld+json; profile="https://www.w3.org/ns/activitystreams"" /><Link rel="http://ostatus.org/schema/1.0/subscribe" template="https://lm.kazv.moe/ostatus_subscribe?acct={uri}" /></XRD> diff --git a/test/fixtures/tesla_mock/lm.kazv.moe_host_meta b/test/fixtures/tesla_mock/lm.kazv.moe_host_meta new file mode 100644 index 000000000..02e6f055e --- /dev/null +++ b/test/fixtures/tesla_mock/lm.kazv.moe_host_meta @@ -0,0 +1 @@ +<?xml version="1.0" encoding="UTF-8"?><XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0"><Link rel="lrdd" template="https://lm.kazv.moe/.well-known/webfinger?resource={uri}" type="application/xrd+xml" /></XRD> diff --git a/test/fixtures/tesla_mock/mewmew@lm.kazv.moe.json b/test/fixtures/tesla_mock/mewmew@lm.kazv.moe.json new file mode 100644 index 000000000..8d2c3e1e7 --- /dev/null +++ b/test/fixtures/tesla_mock/mewmew@lm.kazv.moe.json @@ -0,0 +1 @@ +{"@context":["https://www.w3.org/ns/activitystreams","https://lm.kazv.moe/schemas/litepub-0.1.jsonld",{"@language":"und"}],"alsoKnownAs":["https://lm.kazv.moe/users/tester","https://lm.kazv.moe/users/testuser"],"attachment":[],"capabilities":{"acceptsChatMessages":true},"discoverable":false,"endpoints":{"oauthAuthorizationEndpoint":"https://lm.kazv.moe/oauth/authorize","oauthRegistrationEndpoint":"https://lm.kazv.moe/api/v1/apps","oauthTokenEndpoint":"https://lm.kazv.moe/oauth/token","sharedInbox":"https://lm.kazv.moe/inbox","uploadMedia":"https://lm.kazv.moe/api/ap/upload_media"},"featured":"https://lm.kazv.moe/users/mewmew/collections/featured","followers":"https://lm.kazv.moe/users/mewmew/followers","following":"https://lm.kazv.moe/users/mewmew/following","id":"https://lm.kazv.moe/users/mewmew","inbox":"https://lm.kazv.moe/users/mewmew/inbox","manuallyApprovesFollowers":false,"name":"mew","outbox":"https://lm.kazv.moe/users/mewmew/outbox","preferredUsername":"mewmew","publicKey":{"id":"https://lm.kazv.moe/users/mewmew#main-key","owner":"https://lm.kazv.moe/users/mewmew","publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nT3IVUwx799FSJyJEOY\n5D2c5zgtt2Z+BD9417eVLmVQF5fJlWgcKS4pbFc76zkYoBkZtV7XbzvN9KTNulpa\nUGNOM0/UdEoQLB8xbVCMm0ABUU8vbTWoMTxp93bfVHBz+33FPYdH1JHX4TCU/mJF\nX4UJMvFmMn5BFjSQm9GG6Eq2j6SAUsaTa8+Rrd8FzS6zb/dk3N/Llz0tfsZYS0sq\nEy9OYhsKOQ6eegULFJOF3Hz04vzwftmeXFsbb3aO2zKz3uAMYZglWHNBYJAePBtJ\ng362kqdJwgT14TFnZ0K2ziDPbkRULG1Kke/lsqw2rPF6Q6P4PeO1shCEDthoDoID\newIDAQAB\n-----END PUBLIC KEY-----\n\n"},"summary":"","tag":[],"type":"Person","url":"https://lm.kazv.moe/users/mewmew"} diff --git a/test/pleroma/activity/search_test.exs b/test/pleroma/activity/search_test.exs index b8096fe73..3b5fd2c3c 100644 --- a/test/pleroma/activity/search_test.exs +++ b/test/pleroma/activity/search_test.exs @@ -18,6 +18,23 @@ defmodule Pleroma.Activity.SearchTest do assert result.id == post.id end + test "it finds local-only posts for authenticated users" do + user = insert(:user) + reader = insert(:user) + {:ok, post} = CommonAPI.post(user, %{status: "it's wednesday my dudes", visibility: "local"}) + + [result] = Search.search(reader, "wednesday") + + assert result.id == post.id + end + + test "it does not find local-only posts for anonymous users" do + user = insert(:user) + {:ok, _post} = CommonAPI.post(user, %{status: "it's wednesday my dudes", visibility: "local"}) + + assert [] = Search.search(nil, "wednesday") + end + test "using plainto_tsquery on postgres < 11" do old_version = :persistent_term.get({Pleroma.Repo, :postgres_version}) :persistent_term.put({Pleroma.Repo, :postgres_version}, 10.0) diff --git a/test/pleroma/user/backup_test.exs b/test/pleroma/user/backup_test.exs index 6441c5ba8..5c9b94000 100644 --- a/test/pleroma/user/backup_test.exs +++ b/test/pleroma/user/backup_test.exs @@ -22,15 +22,15 @@ defmodule Pleroma.User.BackupTest do clear_config([Pleroma.Emails.Mailer, :enabled], true) end - test "it requries enabled email" do + test "it does not requrie enabled email" do clear_config([Pleroma.Emails.Mailer, :enabled], false) user = insert(:user) - assert {:error, "Backups require enabled email"} == Backup.create(user) + assert {:ok, _} = Backup.create(user) end - test "it requries user's email" do + test "it does not require user's email" do user = insert(:user, %{email: nil}) - assert {:error, "Email is required"} == Backup.create(user) + assert {:ok, _} = Backup.create(user) end test "it creates a backup record and an Oban job" do @@ -75,6 +75,43 @@ defmodule Pleroma.User.BackupTest do ) end + test "it does not send an email if the user does not have an email" do + clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local) + %{id: user_id} = user = insert(:user, %{email: nil}) + + assert {:ok, %Oban.Job{args: %{"backup_id" => backup_id} = args}} = Backup.create(user) + assert {:ok, backup} = perform_job(BackupWorker, args) + assert backup.file_size > 0 + assert %Backup{id: ^backup_id, processed: true, user_id: ^user_id} = backup + + assert_no_email_sent() + end + + test "it does not send an email if mailer is not on" do + clear_config([Pleroma.Emails.Mailer, :enabled], false) + clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local) + %{id: user_id} = user = insert(:user) + + assert {:ok, %Oban.Job{args: %{"backup_id" => backup_id} = args}} = Backup.create(user) + assert {:ok, backup} = perform_job(BackupWorker, args) + assert backup.file_size > 0 + assert %Backup{id: ^backup_id, processed: true, user_id: ^user_id} = backup + + assert_no_email_sent() + end + + test "it does not send an email if the user has an empty email" do + clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local) + %{id: user_id} = user = insert(:user, %{email: ""}) + + assert {:ok, %Oban.Job{args: %{"backup_id" => backup_id} = args}} = Backup.create(user) + assert {:ok, backup} = perform_job(BackupWorker, args) + assert backup.file_size > 0 + assert %Backup{id: ^backup_id, processed: true, user_id: ^user_id} = backup + + assert_no_email_sent() + end + test "it removes outdated backups after creating a fresh one" do clear_config([Backup, :limit_days], -1) clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local) diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs index 408389c3a..b4a49624a 100644 --- a/test/pleroma/user_test.exs +++ b/test/pleroma/user_test.exs @@ -1146,7 +1146,7 @@ defmodule Pleroma.UserTest do user = insert(:user) muted_user = insert(:user) - {:ok, _user_relationships} = User.mute(user, muted_user, %{expires_in: 60}) + {:ok, _user_relationships} = User.mute(user, muted_user, %{duration: 60}) assert User.mutes?(user, muted_user) worker = Pleroma.Workers.MuteExpireWorker @@ -2602,6 +2602,82 @@ defmodule Pleroma.UserTest do object_id end + describe "add_alias/2" do + test "should add alias for another user" do + user = insert(:user) + user2 = insert(:user) + + assert {:ok, user_updated} = user |> User.add_alias(user2) + + assert user_updated.also_known_as |> length() == 1 + assert user2.ap_id in user_updated.also_known_as + end + + test "should add multiple aliases" do + user = insert(:user) + user2 = insert(:user) + user3 = insert(:user) + + assert {:ok, user} = user |> User.add_alias(user2) + assert {:ok, user_updated} = user |> User.add_alias(user3) + + assert user_updated.also_known_as |> length() == 2 + assert user2.ap_id in user_updated.also_known_as + assert user3.ap_id in user_updated.also_known_as + end + + test "should not add duplicate aliases" do + user = insert(:user) + user2 = insert(:user) + + assert {:ok, user} = user |> User.add_alias(user2) + + assert {:ok, user_updated} = user |> User.add_alias(user2) + + assert user_updated.also_known_as |> length() == 1 + assert user2.ap_id in user_updated.also_known_as + end + end + + describe "alias_users/1" do + test "should get aliases for a user" do + user = insert(:user) + user2 = insert(:user, also_known_as: [user.ap_id]) + + aliases = user2 |> User.alias_users() + + assert aliases |> length() == 1 + + alias_user = aliases |> Enum.at(0) + + assert alias_user.ap_id == user.ap_id + end + end + + describe "delete_alias/2" do + test "should delete existing alias" do + user = insert(:user) + user2 = insert(:user, also_known_as: [user.ap_id]) + + assert {:ok, user_updated} = user2 |> User.delete_alias(user) + + assert user_updated.also_known_as == [] + end + + test "should report error on non-existing alias" do + user = insert(:user) + user2 = insert(:user) + user3 = insert(:user, also_known_as: [user.ap_id]) + + assert {:error, :no_such_alias} = user3 |> User.delete_alias(user2) + + user3_updated = User.get_cached_by_ap_id(user3.ap_id) + + assert user3_updated.also_known_as |> length() == 1 + assert user.ap_id in user3_updated.also_known_as + end + end + describe "account endorsements" do test "it pins people" do user = insert(:user) diff --git a/test/pleroma/web/activity_pub/activity_pub_controller_test.exs b/test/pleroma/web/activity_pub/activity_pub_controller_test.exs index 1c5c40e84..ef91066c1 100644 --- a/test/pleroma/web/activity_pub/activity_pub_controller_test.exs +++ b/test/pleroma/web/activity_pub/activity_pub_controller_test.exs @@ -247,6 +247,27 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert json_response(response, 200) == ObjectView.render("object.json", %{object: object}) end + test "does not return local-only objects for remote users", %{conn: conn} do + user = insert(:user) + reader = insert(:user, local: false) + + {:ok, post} = + CommonAPI.post(user, %{status: "test @#{reader.nickname}", visibility: "local"}) + + assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post) + + object = Object.normalize(post, fetch: false) + uuid = String.split(object.data["id"], "/") |> List.last() + + assert response = + conn + |> assign(:user, reader) + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + json_response(response, 404) + end + test "it returns a json representation of the object with accept application/json", %{ conn: conn } do @@ -1297,6 +1318,35 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do assert outbox_endpoint == result["id"] end + test "it returns a local note activity when authenticated as local user", %{conn: conn} do + user = insert(:user) + reader = insert(:user) + {:ok, note_activity} = CommonAPI.post(user, %{status: "mew mew", visibility: "local"}) + ap_id = note_activity.data["id"] + + resp = + conn + |> assign(:user, reader) + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}/outbox?page=true") + |> json_response(200) + + assert %{"orderedItems" => [%{"id" => ^ap_id}]} = resp + end + + test "it does not return a local note activity when unauthenticated", %{conn: conn} do + user = insert(:user) + {:ok, _note_activity} = CommonAPI.post(user, %{status: "mew mew", visibility: "local"}) + + resp = + conn + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}/outbox?page=true") + |> json_response(200) + + assert %{"orderedItems" => []} = resp + end + test "it returns a note activity in a collection", %{conn: conn} do note_activity = insert(:note_activity) note_object = Object.normalize(note_activity, fetch: false) diff --git a/test/pleroma/web/activity_pub/activity_pub_test.exs b/test/pleroma/web/activity_pub/activity_pub_test.exs index 8aa586f40..4d7e76266 100644 --- a/test/pleroma/web/activity_pub/activity_pub_test.exs +++ b/test/pleroma/web/activity_pub/activity_pub_test.exs @@ -1836,9 +1836,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do "target" => ^new_ap_id, "type" => "Move" }, - local: true + local: true, + recipients: recipients } = activity + assert old_user.follower_address in recipients + params = %{ "op" => "move_following", "origin_id" => old_user.id, @@ -1869,6 +1872,42 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do assert {:error, "Target account must have the origin in `alsoKnownAs`"} = ActivityPub.move(old_user, new_user) end + + test "do not move remote user following relationships" do + %{ap_id: old_ap_id} = old_user = insert(:user) + %{ap_id: new_ap_id} = new_user = insert(:user, also_known_as: [old_ap_id]) + follower_remote = insert(:user, local: false) + + User.follow(follower_remote, old_user) + + assert User.following?(follower_remote, old_user) + + assert {:ok, activity} = ActivityPub.move(old_user, new_user) + + assert %Activity{ + actor: ^old_ap_id, + data: %{ + "actor" => ^old_ap_id, + "object" => ^old_ap_id, + "target" => ^new_ap_id, + "type" => "Move" + }, + local: true + } = activity + + params = %{ + "op" => "move_following", + "origin_id" => old_user.id, + "target_id" => new_user.id + } + + assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params) + + Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params}) + + assert User.following?(follower_remote, old_user) + refute User.following?(follower_remote, new_user) + end end test "doesn't retrieve replies activities with exclude_replies" do diff --git a/test/pleroma/web/common_api_test.exs b/test/pleroma/web/common_api_test.exs index b502aaa03..288175ddb 100644 --- a/test/pleroma/web/common_api_test.exs +++ b/test/pleroma/web/common_api_test.exs @@ -61,9 +61,11 @@ defmodule Pleroma.Web.CommonAPITest do describe "blocking" do setup do blocker = insert(:user) - blocked = insert(:user) - User.follow(blocker, blocked) - User.follow(blocked, blocker) + blocked = insert(:user, local: false) + CommonAPI.follow(blocker, blocked) + CommonAPI.follow(blocked, blocker) + CommonAPI.accept_follow_request(blocker, blocked) + CommonAPI.accept_follow_request(blocked, blocked) %{blocker: blocker, blocked: blocked} end @@ -72,6 +74,9 @@ defmodule Pleroma.Web.CommonAPITest do with_mock Pleroma.Web.Federator, publish: fn _ -> nil end do + assert User.get_follow_state(blocker, blocked) == :follow_accept + refute is_nil(Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(blocker, blocked)) + assert {:ok, block} = CommonAPI.block(blocker, blocked) assert block.local @@ -79,6 +84,11 @@ defmodule Pleroma.Web.CommonAPITest do refute User.following?(blocker, blocked) refute User.following?(blocked, blocker) + refute User.get_follow_state(blocker, blocked) + + assert %{data: %{"state" => "reject"}} = + Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(blocker, blocked) + assert called(Pleroma.Web.Federator.publish(block)) end end diff --git a/test/pleroma/web/federator_test.exs b/test/pleroma/web/federator_test.exs index 5120bf57c..41d1c5d5e 100644 --- a/test/pleroma/web/federator_test.exs +++ b/test/pleroma/web/federator_test.exs @@ -153,7 +153,7 @@ defmodule Pleroma.Web.FederatorTest do } assert {:ok, job} = Federator.incoming_ap_doc(params) - assert {:error, :origin_containment_failed} = ObanHelpers.perform(job) + assert {:cancel, :origin_containment_failed} = ObanHelpers.perform(job) end test "it does not crash if MRF rejects the post" do @@ -169,7 +169,7 @@ defmodule Pleroma.Web.FederatorTest do |> Jason.decode!() assert {:ok, job} = Federator.incoming_ap_doc(params) - assert {:error, _} = ObanHelpers.perform(job) + assert {:cancel, _} = ObanHelpers.perform(job) end end end diff --git a/test/pleroma/web/mastodon_api/controllers/account_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/account_controller_test.exs index ee9db4288..ba7293d36 100644 --- a/test/pleroma/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/account_controller_test.exs @@ -9,6 +9,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do alias Pleroma.Repo alias Pleroma.Tests.ObanHelpers alias Pleroma.User + alias Pleroma.UserRelationship alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.InternalFetchActor alias Pleroma.Web.CommonAPI @@ -407,6 +408,20 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert id_two == to_string(activity.id) end + test "gets local-only statuses for authenticated users", %{user: _user, conn: conn} do + user_one = insert(:user) + + {:ok, activity} = CommonAPI.post(user_one, %{status: "HI!!!", visibility: "local"}) + + resp = + conn + |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response_and_validate_schema(200) + + assert [%{"id" => id}] = resp + assert id == to_string(activity.id) + end + test "gets an users media, excludes reblogs", %{conn: conn} do note = insert(:note_activity) user = User.get_cached_by_ap_id(note.data["actor"]) @@ -1011,6 +1026,40 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = json_response_and_validate_schema(conn, 200) end + + test "expiring", %{conn: conn, user: user} do + other_user = insert(:user) + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/accounts/#{other_user.id}/mute", %{"duration" => "86400"}) + + assert %{"id" => _id, "muting" => true} = json_response_and_validate_schema(conn, 200) + + mute_expires_at = UserRelationship.get_mute_expire_date(user, other_user) + + assert DateTime.diff( + mute_expires_at, + DateTime.utc_now() |> DateTime.add(24 * 60 * 60) + ) in -3..3 + end + + test "falls back to expires_in", %{conn: conn, user: user} do + other_user = insert(:user) + + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/accounts/#{other_user.id}/mute", %{"expires_in" => "86400"}) + |> json_response_and_validate_schema(200) + + mute_expires_at = UserRelationship.get_mute_expire_date(user, other_user) + + assert DateTime.diff( + mute_expires_at, + DateTime.utc_now() |> DateTime.add(24 * 60 * 60) + ) in -3..3 + end end describe "pinned statuses" do diff --git a/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs index 8753c7716..9a5d88109 100644 --- a/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs @@ -79,6 +79,51 @@ defmodule Pleroma.Web.MastodonAPI.SearchControllerTest do assert status["id"] == to_string(activity.id) end + test "search local-only status as an authenticated user" do + user = insert(:user) + %{conn: conn} = oauth_access(["read:search"]) + + {:ok, activity} = + CommonAPI.post(user, %{status: "This is about 2hu private 天子", visibility: "local"}) + + results = + conn + |> get("/api/v2/search?#{URI.encode_query(%{q: "2hu"})}") + |> json_response_and_validate_schema(200) + + [status] = results["statuses"] + assert status["id"] == to_string(activity.id) + end + + test "search local-only status as an unauthenticated user" do + user = insert(:user) + %{conn: conn} = oauth_access([]) + + {:ok, _activity} = + CommonAPI.post(user, %{status: "This is about 2hu private 天子", visibility: "local"}) + + results = + conn + |> get("/api/v2/search?#{URI.encode_query(%{q: "2hu"})}") + |> json_response_and_validate_schema(200) + + assert [] = results["statuses"] + end + + test "search local-only status as an anonymous user" do + user = insert(:user) + + {:ok, _activity} = + CommonAPI.post(user, %{status: "This is about 2hu private 天子", visibility: "local"}) + + results = + build_conn() + |> get("/api/v2/search?#{URI.encode_query(%{q: "2hu"})}") + |> json_response_and_validate_schema(200) + + assert [] = results["statuses"] + end + @tag capture_log: true test "constructs hashtags from search query", %{conn: conn} do results = diff --git a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs index dc6912b7b..d3ba9fced 100644 --- a/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/status_controller_test.exs @@ -1901,23 +1901,50 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do |> json_response_and_validate_schema(:ok) end - test "posting a local only status" do - %{user: _user, conn: conn} = oauth_access(["write:statuses"]) + describe "local-only statuses" do + test "posting a local only status" do + %{user: _user, conn: conn} = oauth_access(["write:statuses"]) - conn_one = - conn - |> put_req_header("content-type", "application/json") - |> post("/api/v1/statuses", %{ - "status" => "cofe", - "visibility" => "local" - }) + conn_one = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/statuses", %{ + "status" => "cofe", + "visibility" => "local" + }) + + local = Utils.as_local_public() - local = Utils.as_local_public() + assert %{"content" => "cofe", "id" => id, "visibility" => "local"} = + json_response_and_validate_schema(conn_one, 200) + + assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id) + end - assert %{"content" => "cofe", "id" => id, "visibility" => "local"} = - json_response_and_validate_schema(conn_one, 200) + test "other users can read local-only posts" do + user = insert(:user) + %{user: _reader, conn: conn} = oauth_access(["read:statuses"]) - assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id) + {:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + received = + conn + |> get("/api/v1/statuses/#{activity.id}") + |> json_response_and_validate_schema(:ok) + + assert received["id"] == activity.id + end + + test "anonymous users cannot see local-only posts" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + _received = + build_conn() + |> get("/api/v1/statuses/#{activity.id}") + |> json_response_and_validate_schema(:not_found) + end end describe "muted reactions" do diff --git a/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs index 2c7e78595..1328b42c9 100644 --- a/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs @@ -367,6 +367,47 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } ] = result end + + test "should return local-only posts for authenticated users" do + user = insert(:user) + %{user: _reader, conn: conn} = oauth_access(["read:statuses"]) + + {:ok, %{id: id}} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + conn + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [%{"id" => ^id}] = result + end + + test "should not return local-only posts for users without read:statuses" do + user = insert(:user) + %{user: _reader, conn: conn} = oauth_access([]) + + {:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + conn + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [] = result + end + + test "should not return local-only posts for anonymous users" do + user = insert(:user) + + {:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + build_conn() + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [] = result + end end defp local_and_remote_activities do diff --git a/test/pleroma/web/mastodon_api/views/account_view_test.exs b/test/pleroma/web/mastodon_api/views/account_view_test.exs index 8fa946d43..692ec8c92 100644 --- a/test/pleroma/web/mastodon_api/views/account_view_test.exs +++ b/test/pleroma/web/mastodon_api/views/account_view_test.exs @@ -640,7 +640,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do other_user = insert(:user) {:ok, _user_relationships} = - User.mute(user, other_user, %{notifications: true, expires_in: 24 * 60 * 60}) + User.mute(user, other_user, %{notifications: true, duration: 24 * 60 * 60}) %{ mute_expires_at: mute_expires_at diff --git a/test/pleroma/web/media_proxy/media_proxy_controller_test.exs b/test/pleroma/web/media_proxy/media_proxy_controller_test.exs index 5ace2eee9..5246bf0c4 100644 --- a/test/pleroma/web/media_proxy/media_proxy_controller_test.exs +++ b/test/pleroma/web/media_proxy/media_proxy_controller_test.exs @@ -158,7 +158,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do media_proxy_url: media_proxy_url } do Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 500, body: ""} end) @@ -173,7 +173,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do media_proxy_url: media_proxy_url } do Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "application/pdf"}]} end) @@ -193,7 +193,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do clear_config([:media_preview_proxy, :min_content_length], 1_000_000_000) Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{ status: 200, body: "", @@ -218,7 +218,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do media_proxy_url: media_proxy_url } do Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/gif"}]} end) @@ -236,7 +236,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do media_proxy_url: media_proxy_url } do Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]} end) @@ -256,7 +256,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do clear_config([:media_preview_proxy, :min_content_length], 100_000) Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{ status: 200, body: "", @@ -278,7 +278,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do assert_dependencies_installed() Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/png"}]} %{method: :get, url: ^media_proxy_url} -> @@ -300,7 +300,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do assert_dependencies_installed() Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]} %{method: :get, url: ^media_proxy_url} -> @@ -320,7 +320,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do media_proxy_url: media_proxy_url } do Tesla.Mock.mock(fn - %{method: "head", url: ^media_proxy_url} -> + %{method: "HEAD", url: ^media_proxy_url} -> %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]} %{method: :get, url: ^media_proxy_url} -> diff --git a/test/pleroma/web/pleroma_api/controllers/backup_controller_test.exs b/test/pleroma/web/pleroma_api/controllers/backup_controller_test.exs index 650f3d80d..3b4b1bfff 100644 --- a/test/pleroma/web/pleroma_api/controllers/backup_controller_test.exs +++ b/test/pleroma/web/pleroma_api/controllers/backup_controller_test.exs @@ -82,4 +82,24 @@ defmodule Pleroma.Web.PleromaAPI.BackupControllerTest do |> post("/api/v1/pleroma/backups") |> json_response_and_validate_schema(400) end + + test "Backup without email address" do + user = Pleroma.Factory.insert(:user, email: nil) + %{conn: conn} = oauth_access(["read:accounts"], user: user) + + assert is_nil(user.email) + + assert [ + %{ + "content_type" => "application/zip", + "url" => _url, + "file_size" => 0, + "processed" => false, + "inserted_at" => _ + } + ] = + conn + |> post("/api/v1/pleroma/backups") + |> json_response_and_validate_schema(:ok) + end end diff --git a/test/pleroma/web/pleroma_api/controllers/settings_controller_test.exs b/test/pleroma/web/pleroma_api/controllers/settings_controller_test.exs new file mode 100644 index 000000000..e3c752d53 --- /dev/null +++ b/test/pleroma/web/pleroma_api/controllers/settings_controller_test.exs @@ -0,0 +1,126 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.PleromaAPI.SettingsControllerTest do + use Pleroma.Web.ConnCase + + import Pleroma.Factory + + describe "GET /api/v1/pleroma/settings/:app" do + setup do + oauth_access(["read:accounts"]) + end + + test "it gets empty settings", %{conn: conn} do + response = + conn + |> get("/api/v1/pleroma/settings/pleroma-fe") + |> json_response_and_validate_schema(:ok) + + assert response == %{} + end + + test "it gets settings", %{conn: conn, user: user} do + response = + conn + |> assign( + :user, + struct(user, + pleroma_settings_store: %{ + "pleroma-fe" => %{ + "foo" => "bar" + } + } + ) + ) + |> get("/api/v1/pleroma/settings/pleroma-fe") + |> json_response_and_validate_schema(:ok) + + assert %{"foo" => "bar"} == response + end + end + + describe "POST /api/v1/pleroma/settings/:app" do + setup do + settings = %{ + "foo" => "bar", + "nested" => %{ + "1" => "2" + } + } + + user = + insert( + :user, + %{ + pleroma_settings_store: %{ + "pleroma-fe" => settings + } + } + ) + + %{conn: conn} = oauth_access(["write:accounts"], user: user) + + %{conn: conn, user: user, settings: settings} + end + + test "it adds keys", %{conn: conn} do + response = + conn + |> put_req_header("content-type", "application/json") + |> patch("/api/v1/pleroma/settings/pleroma-fe", %{ + "foo" => "edited", + "bar" => "new", + "nested" => %{"3" => "4"} + }) + |> json_response_and_validate_schema(:ok) + + assert response == %{ + "foo" => "edited", + "bar" => "new", + "nested" => %{ + "1" => "2", + "3" => "4" + } + } + end + + test "it removes keys", %{conn: conn} do + response = + conn + |> put_req_header("content-type", "application/json") + |> patch("/api/v1/pleroma/settings/pleroma-fe", %{ + "foo" => nil, + "bar" => nil, + "nested" => %{ + "1" => nil, + "3" => nil + } + }) + |> json_response_and_validate_schema(:ok) + + assert response == %{ + "nested" => %{} + } + end + + test "it does not override settings for other apps", %{ + conn: conn, + user: user, + settings: settings + } do + conn + |> put_req_header("content-type", "application/json") + |> patch("/api/v1/pleroma/settings/admin-fe", %{"foo" => "bar"}) + |> json_response_and_validate_schema(:ok) + + user = Pleroma.User.get_by_id(user.id) + + assert user.pleroma_settings_store == %{ + "pleroma-fe" => settings, + "admin-fe" => %{"foo" => "bar"} + } + end + end +end diff --git a/test/pleroma/web/twitter_api/util_controller_test.exs b/test/pleroma/web/twitter_api/util_controller_test.exs index c795fd501..5dc72b177 100644 --- a/test/pleroma/web/twitter_api/util_controller_test.exs +++ b/test/pleroma/web/twitter_api/util_controller_test.exs @@ -516,4 +516,371 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do assert user.password_hash == nil end end + + describe "POST /api/pleroma/move_account" do + setup do: oauth_access(["write:accounts"]) + + test "without permissions", %{conn: conn} do + target_user = insert(:user) + target_nick = target_user |> User.full_nickname() + + conn = + conn + |> assign(:token, nil) + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "hi", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: write:accounts." + } + end + + test "with proper permissions and invalid password", %{conn: conn} do + target_user = insert(:user) + target_nick = target_user |> User.full_nickname() + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "hi", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."} + end + + test "with proper permissions, valid password and target account does not alias it", + %{ + conn: conn + } do + target_user = insert(:user) + target_nick = target_user |> User.full_nickname() + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "test", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 200) == %{ + "error" => "Target account must have the origin in `alsoKnownAs`" + } + end + + test "with proper permissions, valid password and target account does not exist", + %{ + conn: conn + } do + target_nick = "not_found@mastodon.social" + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "test", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 404) == %{ + "error" => "Target account not found." + } + end + + test "with proper permissions, valid password, remote target account aliases it and local cache does not exist", + %{} do + user = insert(:user, ap_id: "https://lm.kazv.moe/users/testuser") + %{user: _user, conn: conn} = oauth_access(["write:accounts"], user: user) + + target_nick = "mewmew@lm.kazv.moe" + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "test", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} + end + + test "with proper permissions, valid password, remote target account aliases it and local cache does not aliases it", + %{} do + user = insert(:user, ap_id: "https://lm.kazv.moe/users/testuser") + %{user: _user, conn: conn} = oauth_access(["write:accounts"], user: user) + + target_user = + insert( + :user, + ap_id: "https://lm.kazv.moe/users/mewmew", + nickname: "mewmew@lm.kazv.moe", + local: false + ) + + target_nick = target_user |> User.full_nickname() + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "test", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} + end + + test "with proper permissions, valid password, remote target account does not aliases it and local cache aliases it", + %{ + user: user, + conn: conn + } do + target_user = + insert( + :user, + ap_id: "https://lm.kazv.moe/users/mewmew", + nickname: "mewmew@lm.kazv.moe", + local: false, + also_known_as: [user.ap_id] + ) + + target_nick = target_user |> User.full_nickname() + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/move_account", %{ + "password" => "test", + "target_account" => target_nick + }) + + assert json_response_and_validate_schema(conn, 200) == %{ + "error" => "Target account must have the origin in `alsoKnownAs`" + } + end + + test "with proper permissions, valid password and target account aliases it", %{ + conn: conn, + user: user + } do + target_user = insert(:user, also_known_as: [user.ap_id]) + target_nick = target_user |> User.full_nickname() + follower = insert(:user) + + User.follow(follower, user) + + assert User.following?(follower, user) + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post( + "/api/pleroma/move_account", + %{ + password: "test", + target_account: target_nick + } + ) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} + + params = %{ + "op" => "move_following", + "origin_id" => user.id, + "target_id" => target_user.id + } + + assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params) + + Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params}) + + refute User.following?(follower, user) + assert User.following?(follower, target_user) + end + + test "prefix nickname by @ should work", %{ + conn: conn, + user: user + } do + target_user = insert(:user, also_known_as: [user.ap_id]) + target_nick = target_user |> User.full_nickname() + follower = insert(:user) + + User.follow(follower, user) + + assert User.following?(follower, user) + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post( + "/api/pleroma/move_account", + %{ + password: "test", + target_account: "@" <> target_nick + } + ) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} + + params = %{ + "op" => "move_following", + "origin_id" => user.id, + "target_id" => target_user.id + } + + assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params) + + Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params}) + + refute User.following?(follower, user) + assert User.following?(follower, target_user) + end + end + + describe "GET /api/pleroma/aliases" do + setup do: oauth_access(["read:accounts"]) + + test "without permissions", %{conn: conn} do + conn = + conn + |> assign(:token, nil) + |> get("/api/pleroma/aliases") + + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: read:accounts." + } + end + + test "with permissions", %{ + conn: conn + } do + assert %{"aliases" => []} = + conn + |> get("/api/pleroma/aliases") + |> json_response_and_validate_schema(200) + end + + test "with permissions and aliases", %{} do + user = insert(:user) + user2 = insert(:user) + + assert {:ok, user} = user |> User.add_alias(user2) + + %{user: _user, conn: conn} = oauth_access(["read:accounts"], user: user) + + assert %{"aliases" => aliases} = + conn + |> get("/api/pleroma/aliases") + |> json_response_and_validate_schema(200) + + assert aliases == [user2 |> User.full_nickname()] + end + end + + describe "PUT /api/pleroma/aliases" do + setup do: oauth_access(["write:accounts"]) + + test "without permissions", %{conn: conn} do + conn = + conn + |> assign(:token, nil) + |> put_req_header("content-type", "application/json") + |> put("/api/pleroma/aliases", %{alias: "none"}) + + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: write:accounts." + } + end + + test "with permissions, no alias param", %{ + conn: conn + } do + conn = + conn + |> put_req_header("content-type", "application/json") + |> put("/api/pleroma/aliases", %{}) + + assert %{"error" => "Missing field: alias."} = json_response_and_validate_schema(conn, 400) + end + + test "with permissions, with alias param", %{ + conn: conn + } do + user2 = insert(:user) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> put("/api/pleroma/aliases", %{alias: user2 |> User.full_nickname()}) + + assert json_response_and_validate_schema(conn, 200) == %{ + "status" => "success" + } + end + end + + describe "DELETE /api/pleroma/aliases" do + setup do + alias_user = insert(:user) + non_alias_user = insert(:user) + user = insert(:user, also_known_as: [alias_user.ap_id]) + + oauth_access(["write:accounts"], user: user) + |> Map.put(:alias_user, alias_user) + |> Map.put(:non_alias_user, non_alias_user) + end + + test "without permissions", %{conn: conn} do + conn = + conn + |> assign(:token, nil) + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/aliases", %{alias: "none"}) + + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: write:accounts." + } + end + + test "with permissions, no alias param", %{conn: conn} do + conn = + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/aliases", %{}) + + assert %{"error" => "Missing field: alias."} = json_response_and_validate_schema(conn, 400) + end + + test "with permissions, account does not have such alias", %{ + conn: conn, + non_alias_user: non_alias_user + } do + conn = + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/aliases", %{alias: non_alias_user |> User.full_nickname()}) + + assert %{"error" => "Account has no such alias."} = + json_response_and_validate_schema(conn, 404) + end + + test "with permissions, account does have such alias", %{ + conn: conn, + alias_user: alias_user + } do + conn = + conn + |> put_req_header("content-type", "application/json") + |> delete("/api/pleroma/aliases", %{alias: alias_user |> User.full_nickname()}) + + assert %{"status" => "success"} = json_response_and_validate_schema(conn, 200) + end + end end diff --git a/test/pleroma/workers/receiver_worker_test.exs b/test/pleroma/workers/receiver_worker_test.exs new file mode 100644 index 000000000..283beee4d --- /dev/null +++ b/test/pleroma/workers/receiver_worker_test.exs @@ -0,0 +1,25 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Workers.ReceiverWorkerTest do + use Pleroma.DataCase, async: true + use Oban.Testing, repo: Pleroma.Repo + + import Mock + import Pleroma.Factory + + alias Pleroma.Workers.ReceiverWorker + + test "it ignores MRF reject" do + params = insert(:note).data + + with_mock Pleroma.Web.ActivityPub.Transmogrifier, + handle_incoming: fn _ -> {:reject, "MRF"} end do + assert {:cancel, "MRF"} = + ReceiverWorker.perform(%Oban.Job{ + args: %{"op" => "incoming_ap_doc", "params" => params} + }) + end + end +end diff --git a/test/support/http_request_mock.ex b/test/support/http_request_mock.ex index ad4925a5c..eb844e469 100644 --- a/test/support/http_request_mock.ex +++ b/test/support/http_request_mock.ex @@ -725,6 +725,15 @@ defmodule HttpRequestMock do }} end + def get( + "https://mastodon.social/.well-known/webfinger?resource=acct:not_found@mastodon.social", + _, + _, + [{"accept", "application/xrd+xml,application/jrd+json"}] + ) do + {:ok, %Tesla.Env{status: 404}} + end + def get("http://gs.example.org/.well-known/host-meta", _, _, _) do {:ok, %Tesla.Env{ @@ -1124,6 +1133,57 @@ defmodule HttpRequestMock do }} end + def get("http://lm.kazv.moe/.well-known/host-meta", _, _, _) do + {:ok, + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/tesla_mock/lm.kazv.moe_host_meta") + }} + end + + def get("https://lm.kazv.moe/.well-known/host-meta", _, _, _) do + {:ok, + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/tesla_mock/lm.kazv.moe_host_meta") + }} + end + + def get( + "https://lm.kazv.moe/.well-known/webfinger?resource=acct:mewmew@lm.kazv.moe", + _, + _, + [{"accept", "application/xrd+xml,application/jrd+json"}] + ) do + {:ok, + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/tesla_mock/https___lm.kazv.moe_users_mewmew.xml"), + headers: [{"content-type", "application/xrd+xml"}] + }} + end + + def get("https://lm.kazv.moe/users/mewmew", _, _, _) do + {:ok, + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/tesla_mock/mewmew@lm.kazv.moe.json"), + headers: activitypub_object_headers() + }} + end + + def get("https://lm.kazv.moe/users/mewmew/collections/featured", _, _, _) do + {:ok, + %Tesla.Env{ + status: 200, + body: + File.read!("test/fixtures/users_mock/masto_featured.json") + |> String.replace("{{domain}}", "lm.kazv.moe") + |> String.replace("{{nickname}}", "mewmew"), + headers: [{"content-type", "application/activity+json"}] + }} + end + def get("https://info.pleroma.site/activity.json", _, _, [ {"accept", "application/activity+json"} ]) do |