summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/support/factory.ex11
-rw-r--r--test/support/httpoison_mock.ex6
-rw-r--r--test/user_test.exs21
-rw-r--r--test/web/activity_pub/activity_pub_controller_test.exs1
-rw-r--r--test/web/activity_pub/transmogrifier_test.exs23
-rw-r--r--test/web/mastodon_api/mastodon_api_controller_test.exs52
-rw-r--r--test/web/oauth/oauth_controller_test.exs113
-rw-r--r--test/web/ostatus/ostatus_controller_test.exs40
-rw-r--r--test/web/twitter_api/twitter_api_controller_test.exs24
9 files changed, 285 insertions, 6 deletions
diff --git a/test/support/factory.ex b/test/support/factory.ex
index 5cf456e3c..6c48d390f 100644
--- a/test/support/factory.ex
+++ b/test/support/factory.ex
@@ -146,4 +146,15 @@ defmodule Pleroma.Factory do
subscribers: []
}
end
+
+ def oauth_app_factory do
+ %Pleroma.Web.OAuth.App{
+ client_name: "Some client",
+ redirect_uris: "https://example.com/callback",
+ scopes: "read",
+ website: "https://example.com",
+ client_id: "aaabbb==",
+ client_secret: "aaa;/&bbb"
+ }
+ end
end
diff --git a/test/support/httpoison_mock.ex b/test/support/httpoison_mock.ex
index 6e8336a93..befebad8a 100644
--- a/test/support/httpoison_mock.ex
+++ b/test/support/httpoison_mock.ex
@@ -4,7 +4,7 @@ defmodule HTTPoisonMock do
def get(url, body \\ [], headers \\ [])
def get(
- "http://gerzilla.de/.well-known/webfinger?resource=acct:kaniini@gerzilla.de",
+ "https://gerzilla.de/.well-known/webfinger?resource=acct:kaniini@gerzilla.de",
[Accept: "application/xrd+xml,application/jrd+json"],
follow_redirect: true
) do
@@ -16,7 +16,7 @@ defmodule HTTPoisonMock do
end
def get(
- "http://framatube.org/.well-known/webfinger?resource=acct:framasoft@framatube.org",
+ "https://framatube.org/.well-known/webfinger?resource=acct:framasoft@framatube.org",
[Accept: "application/xrd+xml,application/jrd+json"],
follow_redirect: true
) do
@@ -28,7 +28,7 @@ defmodule HTTPoisonMock do
end
def get(
- "http://gnusocial.de/.well-known/webfinger?resource=acct:winterdienst@gnusocial.de",
+ "https://gnusocial.de/.well-known/webfinger?resource=acct:winterdienst@gnusocial.de",
[Accept: "application/xrd+xml,application/jrd+json"],
follow_redirect: true
) do
diff --git a/test/user_test.exs b/test/user_test.exs
index 8c8cfd673..200352981 100644
--- a/test/user_test.exs
+++ b/test/user_test.exs
@@ -361,6 +361,27 @@ defmodule Pleroma.UserTest do
end
end
+ describe "domain blocking" do
+ test "blocks domains" do
+ user = insert(:user)
+ collateral_user = insert(:user, %{ap_id: "https://awful-and-rude-instance.com/user/bully"})
+
+ {:ok, user} = User.block_domain(user, "awful-and-rude-instance.com")
+
+ assert User.blocks?(user, collateral_user)
+ end
+
+ test "unblocks domains" do
+ user = insert(:user)
+ collateral_user = insert(:user, %{ap_id: "https://awful-and-rude-instance.com/user/bully"})
+
+ {:ok, user} = User.block_domain(user, "awful-and-rude-instance.com")
+ {:ok, user} = User.unblock_domain(user, "awful-and-rude-instance.com")
+
+ refute User.blocks?(user, collateral_user)
+ end
+ end
+
test "get recipients from activity" do
actor = insert(:user)
user = insert(:user, local: true)
diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs
index 305f9d0e0..bbf89136b 100644
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@@ -4,7 +4,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
alias Pleroma.Web.ActivityPub.{UserView, ObjectView}
alias Pleroma.{Repo, User}
alias Pleroma.Activity
- alias Pleroma.Web.CommonAPI
describe "/users/:nickname" do
test "it returns a json representation of the user", %{conn: conn} do
diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index 384844095..7e771b9f8 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -266,6 +266,29 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
assert user.bio == "<p>Some bio</p>"
end
+ test "it works for incoming update activities which lock the account" do
+ data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
+
+ {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+ update_data = File.read!("test/fixtures/mastodon-update.json") |> Poison.decode!()
+
+ object =
+ update_data["object"]
+ |> Map.put("actor", data["actor"])
+ |> Map.put("id", data["actor"])
+ |> Map.put("manuallyApprovesFollowers", true)
+
+ update_data =
+ update_data
+ |> Map.put("actor", data["actor"])
+ |> Map.put("object", object)
+
+ {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(update_data)
+
+ user = User.get_cached_by_ap_id(data["actor"])
+ assert user.info["locked"] == true
+ end
+
test "it works for incoming deletes" do
activity = insert(:note_activity)
diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs
index 2abcf0dfe..566f5acfc 100644
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@@ -505,6 +505,18 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
assert to_string(activity.id) == id
end
+
+ test "returns 500 for a wrong id", %{conn: conn} do
+ user = insert(:user)
+
+ resp =
+ conn
+ |> assign(:user, user)
+ |> post("/api/v1/statuses/1/favourite")
+ |> json_response(500)
+
+ assert resp == "Something went wrong"
+ end
end
describe "unfavoriting" do
@@ -780,6 +792,46 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
end
+ test "blocking / unblocking a domain", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+
+ assert %{} = json_response(conn, 200)
+ user = User.get_cached_by_ap_id(user.ap_id)
+ assert User.blocks?(user, other_user)
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+ |> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+
+ assert %{} = json_response(conn, 200)
+ user = User.get_cached_by_ap_id(user.ap_id)
+ refute User.blocks?(user, other_user)
+ end
+
+ test "getting a list of domain blocks" do
+ user = insert(:user)
+
+ {:ok, user} = User.block_domain(user, "bad.site")
+ {:ok, user} = User.block_domain(user, "even.worse.site")
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/domain_blocks")
+
+ domain_blocks = json_response(conn, 200)
+
+ assert "bad.site" in domain_blocks
+ assert "even.worse.site" in domain_blocks
+ end
+
test "unimplemented mute endpoints" do
user = insert(:user)
other_user = insert(:user)
diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs
new file mode 100644
index 000000000..3a902f128
--- /dev/null
+++ b/test/web/oauth/oauth_controller_test.exs
@@ -0,0 +1,113 @@
+defmodule Pleroma.Web.OAuth.OAuthControllerTest do
+ use Pleroma.Web.ConnCase
+ import Pleroma.Factory
+
+ alias Pleroma.Repo
+ alias Pleroma.Web.OAuth.{Authorization, Token}
+
+ test "redirects with oauth authorization" do
+ user = insert(:user)
+ app = insert(:oauth_app)
+
+ conn =
+ build_conn()
+ |> post("/oauth/authorize", %{
+ "authorization" => %{
+ "name" => user.nickname,
+ "password" => "test",
+ "client_id" => app.client_id,
+ "redirect_uri" => app.redirect_uris,
+ "state" => "statepassed"
+ }
+ })
+
+ target = redirected_to(conn)
+ assert target =~ app.redirect_uris
+
+ query = URI.parse(target).query |> URI.query_decoder() |> Map.new()
+
+ assert %{"state" => "statepassed", "code" => code} = query
+ assert Repo.get_by(Authorization, token: code)
+ end
+
+ test "issues a token for an all-body request" do
+ user = insert(:user)
+ app = insert(:oauth_app)
+
+ {:ok, auth} = Authorization.create_authorization(app, user)
+
+ conn =
+ build_conn()
+ |> post("/oauth/token", %{
+ "grant_type" => "authorization_code",
+ "code" => auth.token,
+ "redirect_uri" => app.redirect_uris,
+ "client_id" => app.client_id,
+ "client_secret" => app.client_secret
+ })
+
+ assert %{"access_token" => token} = json_response(conn, 200)
+ assert Repo.get_by(Token, token: token)
+ end
+
+ test "issues a token for request with HTTP basic auth client credentials" do
+ user = insert(:user)
+ app = insert(:oauth_app)
+
+ {:ok, auth} = Authorization.create_authorization(app, user)
+
+ app_encoded =
+ (URI.encode_www_form(app.client_id) <> ":" <> URI.encode_www_form(app.client_secret))
+ |> Base.encode64()
+
+ conn =
+ build_conn()
+ |> put_req_header("authorization", "Basic " <> app_encoded)
+ |> post("/oauth/token", %{
+ "grant_type" => "authorization_code",
+ "code" => auth.token,
+ "redirect_uri" => app.redirect_uris
+ })
+
+ assert %{"access_token" => token} = json_response(conn, 200)
+ assert Repo.get_by(Token, token: token)
+ end
+
+ test "rejects token exchange with invalid client credentials" do
+ user = insert(:user)
+ app = insert(:oauth_app)
+
+ {:ok, auth} = Authorization.create_authorization(app, user)
+
+ conn =
+ build_conn()
+ |> put_req_header("authorization", "Basic JTIxOiVGMCU5RiVBNCVCNwo=")
+ |> post("/oauth/token", %{
+ "grant_type" => "authorization_code",
+ "code" => auth.token,
+ "redirect_uri" => app.redirect_uris
+ })
+
+ assert resp = json_response(conn, 400)
+ assert %{"error" => _} = resp
+ refute Map.has_key?(resp, "access_token")
+ end
+
+ test "rejects an invalid authorization code" do
+ app = insert(:oauth_app)
+
+ conn =
+ build_conn()
+ |> post("/oauth/token", %{
+ "grant_type" => "authorization_code",
+ "code" => "Imobviouslyinvalid",
+ "redirect_uri" => app.redirect_uris,
+ "client_id" => app.client_id,
+ "client_secret" => app.client_secret
+ })
+
+ assert resp = json_response(conn, 400)
+ assert %{"error" => _} = json_response(conn, 400)
+ refute Map.has_key?(resp, "access_token")
+ end
+end
diff --git a/test/web/ostatus/ostatus_controller_test.exs b/test/web/ostatus/ostatus_controller_test.exs
index faee4fc3e..d5adf3bf3 100644
--- a/test/web/ostatus/ostatus_controller_test.exs
+++ b/test/web/ostatus/ostatus_controller_test.exs
@@ -53,11 +53,21 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
conn =
conn
+ |> put_req_header("content-type", "application/atom+xml")
|> get("/users/#{user.nickname}/feed.atom")
assert response(conn, 200) =~ note_activity.data["object"]["content"]
end
+ test "returns 404 for a missing feed", %{conn: conn} do
+ conn =
+ conn
+ |> put_req_header("content-type", "application/atom+xml")
+ |> get("/users/nonexisting/feed.atom")
+
+ assert response(conn, 404)
+ end
+
test "gets an object", %{conn: conn} do
note_activity = insert(:note_activity)
user = User.get_by_ap_id(note_activity.data["actor"])
@@ -90,6 +100,16 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
assert response(conn, 404)
end
+ test "404s on nonexisting objects", %{conn: conn} do
+ url = "/objects/123"
+
+ conn =
+ conn
+ |> get(url)
+
+ assert response(conn, 404)
+ end
+
test "gets an activity", %{conn: conn} do
note_activity = insert(:note_activity)
[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
@@ -114,6 +134,16 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
assert response(conn, 404)
end
+ test "404s on nonexistent activities", %{conn: conn} do
+ url = "/activities/123"
+
+ conn =
+ conn
+ |> get(url)
+
+ assert response(conn, 404)
+ end
+
test "gets a notice", %{conn: conn} do
note_activity = insert(:note_activity)
url = "/notice/#{note_activity.id}"
@@ -135,4 +165,14 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
assert response(conn, 404)
end
+
+ test "404s a nonexisting notice", %{conn: conn} do
+ url = "/notice/123"
+
+ conn =
+ conn
+ |> get(url)
+
+ assert response(conn, 404)
+ end
end
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index 03e5824a9..68f4331df 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -260,7 +260,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
test "with credentials", %{conn: conn, user: current_user} do
other_user = insert(:user)
- {:ok, activity} =
+ {:ok, _activity} =
ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
conn =
@@ -510,6 +510,24 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
assert json_response(conn, 200)
end
+
+ test "with credentials, invalid param", %{conn: conn, user: current_user} do
+ conn =
+ conn
+ |> with_credentials(current_user.nickname, "test")
+ |> post("/api/favorites/create/wrong.json")
+
+ assert json_response(conn, 400)
+ end
+
+ test "with credentials, invalid activity", %{conn: conn, user: current_user} do
+ conn =
+ conn
+ |> with_credentials(current_user.nickname, "test")
+ |> post("/api/favorites/create/1.json")
+
+ assert json_response(conn, 500)
+ end
end
describe "POST /api/favorites/destroy/:id" do
@@ -793,7 +811,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
test "Convert newlines to <br> in bio", %{conn: conn} do
user = insert(:user)
- conn =
+ _conn =
conn
|> assign(:user, user)
|> post("/api/account/update_profile.json", %{
@@ -904,6 +922,8 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
|> post("/api/pleroma/delete_account", %{"password" => "test"})
assert json_response(conn, 200) == %{"status" => "success"}
+ # Wait a second for the started task to end
+ :timer.sleep(1000)
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-25 23:06:03 +0000