diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/support/factory.ex | 2 | ||||
| -rw-r--r-- | test/tasks/app_test.exs | 65 | ||||
| -rw-r--r-- | test/web/admin_api/admin_api_controller_test.exs | 185 | ||||
| -rw-r--r-- | test/web/mastodon_api/controllers/account_controller_test.exs | 67 | 
4 files changed, 318 insertions, 1 deletions
| diff --git a/test/support/factory.ex b/test/support/factory.ex index af639b6cd..f0b797fd4 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -294,7 +294,7 @@ defmodule Pleroma.Factory do    def oauth_app_factory do      %Pleroma.Web.OAuth.App{ -      client_name: "Some client", +      client_name: sequence(:client_name, &"Some client #{&1}"),        redirect_uris: "https://example.com/callback",        scopes: ["read", "write", "follow", "push", "admin"],        website: "https://example.com", diff --git a/test/tasks/app_test.exs b/test/tasks/app_test.exs new file mode 100644 index 000000000..b8f03566d --- /dev/null +++ b/test/tasks/app_test.exs @@ -0,0 +1,65 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Mix.Tasks.Pleroma.AppTest do +  use Pleroma.DataCase, async: true + +  setup_all do +    Mix.shell(Mix.Shell.Process) + +    on_exit(fn -> +      Mix.shell(Mix.Shell.IO) +    end) +  end + +  describe "creates new app" do +    test "with default scopes" do +      name = "Some name" +      redirect = "https://example.com" +      Mix.Tasks.Pleroma.App.run(["create", "-n", name, "-r", redirect]) + +      assert_app(name, redirect, ["read", "write", "follow", "push"]) +    end + +    test "with custom scopes" do +      name = "Another name" +      redirect = "https://example.com" + +      Mix.Tasks.Pleroma.App.run([ +        "create", +        "-n", +        name, +        "-r", +        redirect, +        "-s", +        "read,write,follow,push,admin" +      ]) + +      assert_app(name, redirect, ["read", "write", "follow", "push", "admin"]) +    end +  end + +  test "with errors" do +    Mix.Tasks.Pleroma.App.run(["create"]) +    {:mix_shell, :error, ["Creating failed:"]} +    {:mix_shell, :error, ["name: can't be blank"]} +    {:mix_shell, :error, ["redirect_uris: can't be blank"]} +  end + +  defp assert_app(name, redirect, scopes) do +    app = Repo.get_by(Pleroma.Web.OAuth.App, client_name: name) + +    assert_received {:mix_shell, :info, [message]} +    assert message == "#{name} successfully created:" + +    assert_received {:mix_shell, :info, [message]} +    assert message == "App client_id: #{app.client_id}" + +    assert_received {:mix_shell, :info, [message]} +    assert message == "App client_secret: #{app.client_secret}" + +    assert app.scopes == scopes +    assert app.redirect_uris == redirect +  end +end diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 158966365..f80dbf8dd 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -3517,6 +3517,191 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do                 response["status_visibility"]      end    end + +  describe "POST /api/pleroma/admin/oauth_app" do +    test "errors", %{conn: conn} do +      response = conn |> post("/api/pleroma/admin/oauth_app", %{}) |> json_response(200) + +      assert response == %{"name" => "can't be blank", "redirect_uris" => "can't be blank"} +    end + +    test "success", %{conn: conn} do +      base_url = Pleroma.Web.base_url() +      app_name = "Trusted app" + +      response = +        conn +        |> post("/api/pleroma/admin/oauth_app", %{ +          name: app_name, +          redirect_uris: base_url +        }) +        |> json_response(200) + +      assert %{ +               "client_id" => _, +               "client_secret" => _, +               "name" => ^app_name, +               "redirect_uri" => ^base_url, +               "trusted" => false +             } = response +    end + +    test "with trusted", %{conn: conn} do +      base_url = Pleroma.Web.base_url() +      app_name = "Trusted app" + +      response = +        conn +        |> post("/api/pleroma/admin/oauth_app", %{ +          name: app_name, +          redirect_uris: base_url, +          trusted: true +        }) +        |> json_response(200) + +      assert %{ +               "client_id" => _, +               "client_secret" => _, +               "name" => ^app_name, +               "redirect_uri" => ^base_url, +               "trusted" => true +             } = response +    end +  end + +  describe "GET /api/pleroma/admin/oauth_app" do +    setup do +      app = insert(:oauth_app) +      {:ok, app: app} +    end + +    test "list", %{conn: conn} do +      response = +        conn +        |> get("/api/pleroma/admin/oauth_app") +        |> json_response(200) + +      assert %{"apps" => apps, "count" => count, "page_size" => _} = response + +      assert length(apps) == count +    end + +    test "with page size", %{conn: conn} do +      insert(:oauth_app) +      page_size = 1 + +      response = +        conn +        |> get("/api/pleroma/admin/oauth_app", %{page_size: to_string(page_size)}) +        |> json_response(200) + +      assert %{"apps" => apps, "count" => _, "page_size" => ^page_size} = response + +      assert length(apps) == page_size +    end + +    test "search by client name", %{conn: conn, app: app} do +      response = +        conn +        |> get("/api/pleroma/admin/oauth_app", %{name: app.client_name}) +        |> json_response(200) + +      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response + +      assert returned["client_id"] == app.client_id +      assert returned["name"] == app.client_name +    end + +    test "search by client id", %{conn: conn, app: app} do +      response = +        conn +        |> get("/api/pleroma/admin/oauth_app", %{client_id: app.client_id}) +        |> json_response(200) + +      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response + +      assert returned["client_id"] == app.client_id +      assert returned["name"] == app.client_name +    end + +    test "only trusted", %{conn: conn} do +      app = insert(:oauth_app, trusted: true) + +      response = +        conn +        |> get("/api/pleroma/admin/oauth_app", %{trusted: true}) +        |> json_response(200) + +      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response + +      assert returned["client_id"] == app.client_id +      assert returned["name"] == app.client_name +    end +  end + +  describe "DELETE /api/pleroma/admin/oauth_app/:id" do +    test "with id", %{conn: conn} do +      app = insert(:oauth_app) + +      response = +        conn +        |> delete("/api/pleroma/admin/oauth_app/" <> to_string(app.id)) +        |> json_response(:no_content) + +      assert response == "" +    end + +    test "with non existance id", %{conn: conn} do +      response = +        conn +        |> delete("/api/pleroma/admin/oauth_app/0") +        |> json_response(:bad_request) + +      assert response == "" +    end +  end + +  describe "PATCH /api/pleroma/admin/oauth_app/:id" do +    test "with id", %{conn: conn} do +      app = insert(:oauth_app) + +      name = "another name" +      url = "https://example.com" +      scopes = ["admin"] +      id = app.id +      website = "http://website.com" + +      response = +        conn +        |> patch("/api/pleroma/admin/oauth_app/" <> to_string(app.id), %{ +          name: name, +          trusted: true, +          redirect_uris: url, +          scopes: scopes, +          website: website +        }) +        |> json_response(200) + +      assert %{ +               "client_id" => _, +               "client_secret" => _, +               "id" => ^id, +               "name" => ^name, +               "redirect_uri" => ^url, +               "trusted" => true, +               "website" => ^website +             } = response +    end + +    test "without id", %{conn: conn} do +      response = +        conn +        |> patch("/api/pleroma/admin/oauth_app/0") +        |> json_response(:bad_request) + +      assert response == "" +    end +  end  end  # Needed for testing diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index a450a732c..61c2697b2 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -944,6 +944,73 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do        res = post(conn, "/api/v1/accounts", valid_params)        assert json_response(res, 403) == %{"error" => "Invalid credentials"}      end + +    test "registration from trusted app" do +      clear_config([Pleroma.Captcha, :enabled], true) +      app = insert(:oauth_app, trusted: true, scopes: ["read", "write", "follow", "push"]) + +      conn = +        build_conn() +        |> post("/oauth/token", %{ +          "grant_type" => "client_credentials", +          "client_id" => app.client_id, +          "client_secret" => app.client_secret +        }) + +      assert %{"access_token" => token, "token_type" => "Bearer"} = json_response(conn, 200) + +      response = +        build_conn() +        |> Plug.Conn.put_req_header("authorization", "Bearer " <> token) +        |> post("/api/v1/accounts", %{ +          nickname: "nickanme", +          agreement: true, +          email: "email@example.com", +          fullname: "Lain", +          username: "Lain", +          password: "some_password", +          confirm: "some_password" +        }) +        |> json_response(200) + +      assert %{ +               "access_token" => access_token, +               "created_at" => _, +               "scope" => ["read", "write", "follow", "push"], +               "token_type" => "Bearer" +             } = response + +      response = +        build_conn() +        |> Plug.Conn.put_req_header("authorization", "Bearer " <> access_token) +        |> get("/api/v1/accounts/verify_credentials") +        |> json_response(200) + +      assert %{ +               "acct" => "Lain", +               "bot" => false, +               "display_name" => "Lain", +               "follow_requests_count" => 0, +               "followers_count" => 0, +               "following_count" => 0, +               "locked" => false, +               "note" => "", +               "source" => %{ +                 "fields" => [], +                 "note" => "", +                 "pleroma" => %{ +                   "actor_type" => "Person", +                   "discoverable" => false, +                   "no_rich_text" => false, +                   "show_role" => true +                 }, +                 "privacy" => "public", +                 "sensitive" => false +               }, +               "statuses_count" => 0, +               "username" => "Lain" +             } = response +    end    end    describe "create account by app / rate limit" do | 
