From f446744a6a72d707504c2ba20ea2326f956b5097 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 26 Feb 2020 20:13:53 +0400 Subject: Allow account registration without an email --- .../controllers/account_controller_test.exs | 52 +++++++++++++++++++++- 1 file changed, 50 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 8625bb9cf..ff7cb88d1 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1,5 +1,5 @@ # Pleroma: A lightweight social networking server -# Copyright © 2017-2019 Pleroma Authors +# Copyright © 2017-2020 Pleroma Authors # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do @@ -601,6 +601,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do [valid_params: valid_params] end + clear_config([:instance, :account_activation_required]) + test "Account registration via Application", %{conn: conn} do conn = post(conn, "/api/v1/apps", %{ @@ -731,7 +733,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert json_response(res, 200) [{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}] - |> Stream.zip(valid_params) + |> Stream.zip(Map.delete(valid_params, :email)) |> Enum.each(fn {ip, {attr, _}} -> res = conn @@ -743,6 +745,52 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end) end + test "returns bad_request if missing email params when :account_activation_required is enabled", + %{conn: conn, valid_params: valid_params} do + Pleroma.Config.put([:instance, :account_activation_required], true) + + app_token = insert(:oauth_token, user: nil) + conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + + res = + conn + |> Map.put(:remote_ip, {127, 0, 0, 5}) + |> post("/api/v1/accounts", Map.delete(valid_params, :email)) + + assert json_response(res, 400) == %{"error" => "Missing parameters"} + + res = + conn + |> Map.put(:remote_ip, {127, 0, 0, 6}) + |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) + + assert json_response(res, 400) == %{"error" => "{\"email\":[\"can't be blank\"]}"} + end + + test "allow registration without an email", %{conn: conn, valid_params: valid_params} do + app_token = insert(:oauth_token, user: nil) + conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + + res = + conn + |> Map.put(:remote_ip, {127, 0, 0, 7}) + |> post("/api/v1/accounts", Map.delete(valid_params, :email)) + + assert json_response(res, 200) + end + + test "allow registration with an empty email", %{conn: conn, valid_params: valid_params} do + app_token = insert(:oauth_token, user: nil) + conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + + res = + conn + |> Map.put(:remote_ip, {127, 0, 0, 8}) + |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) + + assert json_response(res, 200) + end + test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token") -- cgit v1.2.3 From fc4496d4fa45b0389f8476b2c2ee00d647a1dfbe Mon Sep 17 00:00:00 2001 From: rinpatch Date: Fri, 13 Mar 2020 21:15:42 +0300 Subject: rate limiter: disable based on if remote ip was found, not on if the plug was enabled The current rate limiter disable logic won't trigger when the remote ip is not forwarded, only when the remoteip plug is not enabled, which is not the case on most instances since it's enabled by default. This changes the behavior to warn and disable when the remote ip was not forwarded, even if the RemoteIP plug is enabled. Also closes #1620 --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 ---- 1 file changed, 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 7f7d8cea3..7efccd9c4 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -756,10 +756,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end describe "create account by app / rate limit" do - clear_config([Pleroma.Plugs.RemoteIp, :enabled]) do - Pleroma.Config.put([Pleroma.Plugs.RemoteIp, :enabled], true) - end - clear_config([:rate_limit, :app_account_creation]) do Pleroma.Config.put([:rate_limit, :app_account_creation], {10_000, 2}) end -- cgit v1.2.3 From ec3719f5391d6f9945cec2e36287049d72743cd4 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Wed, 18 Mar 2020 20:30:31 +0300 Subject: Improved in-test config management functions. --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 7efccd9c4..5a78f2968 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -756,9 +756,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end describe "create account by app / rate limit" do - clear_config([:rate_limit, :app_account_creation]) do - Pleroma.Config.put([:rate_limit, :app_account_creation], {10_000, 2}) - end + clear_config([:rate_limit, :app_account_creation], {10_000, 2}) test "respects rate limit setting", %{conn: conn} do app_token = insert(:oauth_token, user: nil) -- cgit v1.2.3 From fe15f0ba15d02809fa4c21fb646e65d06060f3bb Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 20 Mar 2020 13:04:37 +0300 Subject: restrict_unauthenticated setting --- .../controllers/account_controller_test.exs | 213 ++++++++++++++++++++- 1 file changed, 209 insertions(+), 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 7efccd9c4..2182dd28e 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -5,6 +5,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do use Pleroma.Web.ConnCase + alias Pleroma.Config alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub @@ -46,7 +47,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "works by nickname for remote users" do - Pleroma.Config.put([:instance, :limit_to_local_content], false) + Config.put([:instance, :limit_to_local_content], false) user = insert(:user, nickname: "user@example.com", local: false) conn = @@ -58,7 +59,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "respects limit_to_local_content == :all for remote user nicknames" do - Pleroma.Config.put([:instance, :limit_to_local_content], :all) + Config.put([:instance, :limit_to_local_content], :all) user = insert(:user, nickname: "user@example.com", local: false) @@ -70,7 +71,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do - Pleroma.Config.put([:instance, :limit_to_local_content], :unauthenticated) + Config.put([:instance, :limit_to_local_content], :unauthenticated) user = insert(:user, nickname: "user@example.com", local: false) reading_user = insert(:user) @@ -140,6 +141,106 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end end + defp local_and_remote_users do + local = insert(:user) + remote = insert(:user, local: false) + {:ok, local: local, remote: remote} + end + + describe "user fetching with restrict unauthenticated profiles for local and remote" do + setup do: local_and_remote_users() + + clear_config([:restrict_unauthenticated, :profiles, :local]) do + Config.put([:restrict_unauthenticated, :profiles, :local], true) + end + + clear_config([:restrict_unauthenticated, :profiles, :remote]) do + Config.put([:restrict_unauthenticated, :profiles, :remote], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + assert %{"id" => _} = json_response(res_conn, 200) + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + assert %{"id" => _} = json_response(res_conn, 200) + end + end + + describe "user fetching with restrict unauthenticated profiles for local" do + setup do: local_and_remote_users() + + clear_config([:restrict_unauthenticated, :profiles, :local]) do + Config.put([:restrict_unauthenticated, :profiles, :local], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + assert %{"id" => _} = json_response(res_conn, 200) + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + assert %{"id" => _} = json_response(res_conn, 200) + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + assert %{"id" => _} = json_response(res_conn, 200) + end + end + + describe "user fetching with restrict unauthenticated profiles for remote" do + setup do: local_and_remote_users() + + clear_config([:restrict_unauthenticated, :profiles, :remote]) do + Config.put([:restrict_unauthenticated, :profiles, :remote], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + assert %{"id" => _} = json_response(res_conn, 200) + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}") + assert %{"id" => _} = json_response(res_conn, 200) + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + assert %{"id" => _} = json_response(res_conn, 200) + end + end + describe "user timelines" do setup do: oauth_access(["read:statuses"]) @@ -293,6 +394,110 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end end + defp local_and_remote_activities(%{local: local, remote: remote}) do + insert(:note_activity, user: local) + insert(:note_activity, user: remote, local: false) + + :ok + end + + describe "statuses with restrict unauthenticated profiles for local and remote" do + setup do: local_and_remote_users() + setup :local_and_remote_activities + + clear_config([:restrict_unauthenticated, :profiles, :local]) do + Config.put([:restrict_unauthenticated, :profiles, :local], true) + end + + clear_config([:restrict_unauthenticated, :profiles, :remote]) do + Config.put([:restrict_unauthenticated, :profiles, :remote], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + end + end + + describe "statuses with restrict unauthenticated profiles for local" do + setup do: local_and_remote_users() + setup :local_and_remote_activities + + clear_config([:restrict_unauthenticated, :profiles, :local]) do + Config.put([:restrict_unauthenticated, :profiles, :local], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + end + end + + describe "statuses with restrict unauthenticated profiles for remote" do + setup do: local_and_remote_users() + setup :local_and_remote_activities + + clear_config([:restrict_unauthenticated, :profiles, :remote]) do + Config.put([:restrict_unauthenticated, :profiles, :remote], true) + end + + test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + + assert json_response(res_conn, :not_found) == %{ + "error" => "Can't find user" + } + end + + test "if user is authenticated", %{local: local, remote: remote} do + %{conn: conn} = oauth_access(["read"]) + + res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + assert length(json_response(res_conn, 200)) == 1 + end + end + describe "followers" do setup do: oauth_access(["read:accounts"]) @@ -757,7 +962,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "create account by app / rate limit" do clear_config([:rate_limit, :app_account_creation]) do - Pleroma.Config.put([:rate_limit, :app_account_creation], {10_000, 2}) + Config.put([:rate_limit, :app_account_creation], {10_000, 2}) end test "respects rate limit setting", %{conn: conn} do -- cgit v1.2.3 From 1c05f539aaea32fe993e5299e656aa44c322e8de Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 20 Mar 2020 18:33:00 +0300 Subject: Improved in-test `clear_config/n` applicability (setup / setup_all / in-test usage). --- .../controllers/account_controller_test.exs | 40 +++++++--------------- 1 file changed, 12 insertions(+), 28 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 59ad0a596..a9fa0ce48 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -16,7 +16,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do import Pleroma.Factory describe "account fetching" do - clear_config([:instance, :limit_to_local_content]) + setup do: clear_config([:instance, :limit_to_local_content]) test "works by id" do user = insert(:user) @@ -150,13 +150,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "user fetching with restrict unauthenticated profiles for local and remote" do setup do: local_and_remote_users() - clear_config([:restrict_unauthenticated, :profiles, :local]) do - Config.put([:restrict_unauthenticated, :profiles, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) - clear_config([:restrict_unauthenticated, :profiles, :remote]) do - Config.put([:restrict_unauthenticated, :profiles, :remote], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") @@ -186,9 +182,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "user fetching with restrict unauthenticated profiles for local" do setup do: local_and_remote_users() - clear_config([:restrict_unauthenticated, :profiles, :local]) do - Config.put([:restrict_unauthenticated, :profiles, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") @@ -215,9 +209,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "user fetching with restrict unauthenticated profiles for remote" do setup do: local_and_remote_users() - clear_config([:restrict_unauthenticated, :profiles, :remote]) do - Config.put([:restrict_unauthenticated, :profiles, :remote], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") @@ -405,13 +397,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: local_and_remote_users() setup :local_and_remote_activities - clear_config([:restrict_unauthenticated, :profiles, :local]) do - Config.put([:restrict_unauthenticated, :profiles, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) - clear_config([:restrict_unauthenticated, :profiles, :remote]) do - Config.put([:restrict_unauthenticated, :profiles, :remote], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") @@ -442,9 +430,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: local_and_remote_users() setup :local_and_remote_activities - clear_config([:restrict_unauthenticated, :profiles, :local]) do - Config.put([:restrict_unauthenticated, :profiles, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") @@ -472,9 +458,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: local_and_remote_users() setup :local_and_remote_activities - clear_config([:restrict_unauthenticated, :profiles, :remote]) do - Config.put([:restrict_unauthenticated, :profiles, :remote], true) - end + setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") @@ -806,7 +790,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do [valid_params: valid_params] end - clear_config([:instance, :account_activation_required]) + setup do: clear_config([:instance, :account_activation_required]) test "Account registration via Application", %{conn: conn} do conn = @@ -904,7 +888,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end) end - clear_config([:instance, :account_activation_required]) + setup do: clear_config([:instance, :account_activation_required]) test "returns bad_request if missing email params when :account_activation_required is enabled", %{conn: conn, valid_params: valid_params} do @@ -961,7 +945,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end describe "create account by app / rate limit" do - clear_config([:rate_limit, :app_account_creation], {10_000, 2}) + setup do: clear_config([:rate_limit, :app_account_creation], {10_000, 2}) test "respects rate limit setting", %{conn: conn} do app_token = insert(:oauth_token, user: nil) -- cgit v1.2.3 From a6ee6784bc74b311d454112c427f41b1fdec6ce0 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 28 Feb 2020 11:16:40 +0300 Subject: creating trusted app from adminFE & mix task --- .../controllers/account_controller_test.exs | 67 ++++++++++++++++++++++ 1 file changed, 67 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index a9fa0ce48..f770232df 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -942,6 +942,73 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 403) == %{"error" => "Invalid credentials"} end + + test "registration from trusted app" do + clear_config([Pleroma.Captcha, :enabled], true) + app = insert(:oauth_app, trusted: true, scopes: ["read", "write", "follow", "push"]) + + conn = + build_conn() + |> post("/oauth/token", %{ + "grant_type" => "client_credentials", + "client_id" => app.client_id, + "client_secret" => app.client_secret + }) + + assert %{"access_token" => token, "token_type" => "Bearer"} = json_response(conn, 200) + + response = + build_conn() + |> Plug.Conn.put_req_header("authorization", "Bearer " <> token) + |> post("/api/v1/accounts", %{ + nickname: "nickanme", + agreement: true, + email: "email@example.com", + fullname: "Lain", + username: "Lain", + password: "some_password", + confirm: "some_password" + }) + |> json_response(200) + + assert %{ + "access_token" => access_token, + "created_at" => _, + "scope" => ["read", "write", "follow", "push"], + "token_type" => "Bearer" + } = response + + response = + build_conn() + |> Plug.Conn.put_req_header("authorization", "Bearer " <> access_token) + |> get("/api/v1/accounts/verify_credentials") + |> json_response(200) + + assert %{ + "acct" => "Lain", + "bot" => false, + "display_name" => "Lain", + "follow_requests_count" => 0, + "followers_count" => 0, + "following_count" => 0, + "locked" => false, + "note" => "", + "source" => %{ + "fields" => [], + "note" => "", + "pleroma" => %{ + "actor_type" => "Person", + "discoverable" => false, + "no_rich_text" => false, + "show_role" => true + }, + "privacy" => "public", + "sensitive" => false + }, + "statuses_count" => 0, + "username" => "Lain" + } = response + end end describe "create account by app / rate limit" do -- cgit v1.2.3 From 23219e6fb3163bfac07fb5fb1b2602dcd27e47c2 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 1 Apr 2020 23:00:59 +0400 Subject: Add OpenAPI --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index a9fa0ce48..a450a732c 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -794,7 +794,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "Account registration via Application", %{conn: conn} do conn = - post(conn, "/api/v1/apps", %{ + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/apps", %{ client_name: "client_name", redirect_uris: "urn:ietf:wg:oauth:2.0:oob", scopes: "read, write, follow" -- cgit v1.2.3 From b08ded6c2f5ee29c6efc8c67cfc2ce0a679f0c77 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 3 Apr 2020 22:45:08 +0400 Subject: Add spec for AccountController.create --- .../controllers/account_controller_test.exs | 30 +++++++++++++++++----- 1 file changed, 23 insertions(+), 7 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index a450a732c..6fe46af3c 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -830,6 +830,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = build_conn() + |> put_req_header("content-type", "multipart/form-data") |> put_req_header("authorization", "Bearer " <> token) |> post("/api/v1/accounts", %{ username: "lain", @@ -858,11 +859,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do _user = insert(:user, email: "lain@example.org") app_token = insert(:oauth_token, user: nil) - conn = + res = conn |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts", valid_params) - res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 400) == %{"error" => "{\"email\":[\"has already been taken\"]}"} end @@ -872,7 +874,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do } do app_token = insert(:oauth_token, user: nil) - conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 200) @@ -897,7 +902,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do Pleroma.Config.put([:instance, :account_activation_required], true) app_token = insert(:oauth_token, user: nil) - conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") res = conn @@ -920,6 +929,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res = conn + |> put_req_header("content-type", "application/json") |> Map.put(:remote_ip, {127, 0, 0, 7}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) @@ -932,6 +942,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res = conn + |> put_req_header("content-type", "application/json") |> Map.put(:remote_ip, {127, 0, 0, 8}) |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) @@ -939,9 +950,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do - conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token") + res = + conn + |> put_req_header("authorization", "Bearer " <> "invalid-token") + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/accounts", valid_params) - res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 403) == %{"error" => "Invalid credentials"} end end @@ -956,10 +970,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn |> put_req_header("authorization", "Bearer " <> app_token.token) |> Map.put(:remote_ip, {15, 15, 15, 15}) + |> put_req_header("content-type", "multipart/form-data") for i <- 1..2 do conn = - post(conn, "/api/v1/accounts", %{ + conn + |> post("/api/v1/accounts", %{ username: "#{i}lain", email: "#{i}lain@example.org", password: "PlzDontHackLain", -- cgit v1.2.3 From d7d6a83233f24b80005b4f49a8697535620e4b83 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 7 Apr 2020 18:29:05 +0400 Subject: Add spec for AccountController.relationships --- .../mastodon_api/controllers/account_controller_test.exs | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 6fe46af3c..060a7c1cd 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1062,14 +1062,18 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: oauth_access(["read:follows"]) test "returns the relationships for the current user", %{user: user, conn: conn} do - other_user = insert(:user) + %{id: other_user_id} = other_user = insert(:user) {:ok, _user} = User.follow(user, other_user) - conn = get(conn, "/api/v1/accounts/relationships", %{"id" => [other_user.id]}) - - assert [relationship] = json_response(conn, 200) + assert [%{"id" => ^other_user_id}] = + conn + |> get("/api/v1/accounts/relationships?id=#{other_user.id}") + |> json_response(200) - assert to_string(other_user.id) == relationship["id"] + assert [%{"id" => ^other_user_id}] = + conn + |> get("/api/v1/accounts/relationships?id[]=#{other_user.id}") + |> json_response(200) end test "returns an empty list on a bad request", %{conn: conn} do -- cgit v1.2.3 From 03124c96cc192ef8c4893738a0cee552c6984da6 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 8 Apr 2020 22:33:25 +0400 Subject: Add spec for AccountController.statuses --- .../controllers/account_controller_test.exs | 60 ++++++++++++++-------- 1 file changed, 40 insertions(+), 20 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 060a7c1cd..969256fa4 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -10,9 +10,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.InternalFetchActor + alias Pleroma.Web.ApiSpec alias Pleroma.Web.CommonAPI alias Pleroma.Web.OAuth.Token + import OpenApiSpex.TestAssertions import Pleroma.Factory describe "account fetching" do @@ -245,22 +247,23 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, activity} = CommonAPI.post(user_two, %{"status" => "User one sux0rz"}) {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) - resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) assert id == activity.id # Even a blocked user will deliver the full user timeline, there would be # no point in looking at a blocked users timeline otherwise - resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == activity.id + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # Third user's timeline includes the repeat when viewed by unauthenticated user - resp = get(build_conn(), "/api/v1/accounts/#{user_three.id}/statuses") - assert [%{"id" => id}] = json_response(resp, 200) + resp = get(build_conn(), "/api/v1/accounts/#{user_three.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == repeat.id + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # When viewing a third user's timeline, the blocked users' statuses will NOT be shown resp = get(conn, "/api/v1/accounts/#{user_three.id}/statuses") @@ -286,30 +289,34 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, private_activity} = CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"}) - resp = get(conn, "/api/v1/accounts/#{user_one.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + resp = get(conn, "/api/v1/accounts/#{user_one.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_two) |> assign(:token, insert(:oauth_token, user: user_two, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response(200) - assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200) + assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(direct_activity.id) assert id_two == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_three) |> assign(:token, insert(:oauth_token, user: user_three, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response(200) - assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200) + assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(private_activity.id) assert id_two == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) end test "unimplemented pinned statuses feature", %{conn: conn} do @@ -335,40 +342,45 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, image_post} = CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "true"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(image_post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) - conn = get(build_conn(), "/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "1"}) + conn = get(build_conn(), "/api/v1/accounts/#{user.id}/statuses?only_media=1") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(image_post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "gets a user's statuses without reblogs", %{user: user, conn: conn} do {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"}) {:ok, _, _} = CommonAPI.repeat(post.id, user) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=1") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "filters user's statuses by a hashtag", %{user: user, conn: conn} do {:ok, post} = CommonAPI.post(user, %{"status" => "#hashtag"}) {:ok, _post} = CommonAPI.post(user, %{"status" => "hashtag"}) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"tagged" => "hashtag"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?tagged=hashtag") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "the user views their own timelines and excludes direct messages", %{ @@ -378,11 +390,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) - conn = - get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_visibilities" => ["direct"]}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_visibilities[]=direct") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(public_activity.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -420,9 +432,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -441,6 +455,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end test "if user is authenticated", %{local: local, remote: remote} do @@ -448,9 +463,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -463,6 +480,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") @@ -476,9 +494,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end -- cgit v1.2.3 From bd6e2b300f82e66afb121c2339c3cbbfb0b1a446 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 8 Apr 2020 23:16:20 +0400 Subject: Add spec for AccountController.followers --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 969256fa4..79b3adc69 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -513,6 +513,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(user.id) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting followers, hide_followers", %{user: user, conn: conn} do @@ -536,6 +537,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/#{other_user.id}/followers") refute [] == json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting followers, pagination", %{user: user, conn: conn} do @@ -551,6 +553,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) assert id3 == follower3.id assert id2 == follower2.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?max_id=#{follower3.id}") @@ -566,6 +569,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [link_header] = get_resp_header(res_conn, "link") assert link_header =~ ~r/min_id=#{follower2.id}/ assert link_header =~ ~r/max_id=#{follower2.id}/ + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) end end -- cgit v1.2.3 From e105cc12b67e44eb4e19293b850731f300999a4f Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 8 Apr 2020 23:38:07 +0400 Subject: Add spec for AccountController.following --- test/web/mastodon_api/controllers/account_controller_test.exs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 79b3adc69..341c9b015 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -584,6 +584,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(other_user.id) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting following, hide_follows, other user requesting" do @@ -598,6 +599,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/#{user.id}/following") assert [] == json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting following, hide_follows, same user requesting" do @@ -627,12 +629,14 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) assert id3 == following3.id assert id2 == following2.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?max_id=#{following3.id}") assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200) assert id2 == following2.id assert id1 == following1.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}") @@ -643,6 +647,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [link_header] = get_resp_header(res_conn, "link") assert link_header =~ ~r/min_id=#{following2.id}/ assert link_header =~ ~r/max_id=#{following2.id}/ + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) end end -- cgit v1.2.3 From 1b680a98ae15035215fa8489f825af72532340c4 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 8 Apr 2020 23:51:46 +0400 Subject: Add spec for AccountController.lists --- test/web/mastodon_api/controllers/account_controller_test.exs | 1 + 1 file changed, 1 insertion(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 341c9b015..706eea5d9 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1051,6 +1051,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> json_response(200) assert res == [%{"id" => to_string(list.id), "title" => "Test List"}] + assert_schema(res, "ListsResponse", ApiSpec.spec()) end end -- cgit v1.2.3 From 854780c72bc90a55d7005a05861d45771c5aeadf Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 15:25:24 +0400 Subject: Add spec for AccountController.follow --- test/web/mastodon_api/controllers/account_controller_test.exs | 1 + 1 file changed, 1 insertion(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 706eea5d9..7a3d58600 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -669,6 +669,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"id" => id} = json_response(conn, 200) assert id == to_string(other_user.id) + assert_schema(json_response(conn, 200), "AccountRelationship", ApiSpec.spec()) end test "cancelling follow request", %{conn: conn} do -- cgit v1.2.3 From aa958a6dda7cdcf12e9cd9232e7c6be421610317 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 17:57:21 +0400 Subject: Add spec for AccountController.unfollow --- .../mastodon_api/controllers/account_controller_test.exs | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 7a3d58600..d56e7fb4a 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -660,10 +660,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/follow") assert %{"id" => _id, "following" => true} = json_response(ret_conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/unfollow") assert %{"id" => _id, "following" => false} = json_response(ret_conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) conn = post(conn, "/api/v1/follows", %{"uri" => other_user.nickname}) @@ -675,11 +677,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "cancelling follow request", %{conn: conn} do %{id: other_user_id} = insert(:user, %{locked: true}) - assert %{"id" => ^other_user_id, "following" => false, "requested" => true} = - conn |> post("/api/v1/accounts/#{other_user_id}/follow") |> json_response(:ok) + resp = conn |> post("/api/v1/accounts/#{other_user_id}/follow") |> json_response(:ok) - assert %{"id" => ^other_user_id, "following" => false, "requested" => false} = - conn |> post("/api/v1/accounts/#{other_user_id}/unfollow") |> json_response(:ok) + assert %{"id" => ^other_user_id, "following" => false, "requested" => true} = resp + assert_schema(resp, "AccountRelationship", ApiSpec.spec()) + + resp = conn |> post("/api/v1/accounts/#{other_user_id}/unfollow") |> json_response(:ok) + + assert %{"id" => ^other_user_id, "following" => false, "requested" => false} = resp + assert_schema(resp, "AccountRelationship", ApiSpec.spec()) end test "following without reblogs" do @@ -690,6 +696,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow?reblogs=false") assert %{"showing_reblogs" => false} = json_response(ret_conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hey"}) {:ok, reblog, _} = CommonAPI.repeat(activity.id, followed) @@ -701,6 +708,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow?reblogs=true") assert %{"showing_reblogs" => true} = json_response(ret_conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) conn = get(conn, "/api/v1/timelines/home") -- cgit v1.2.3 From e4195d4a684908d58482f9c865375a080e7b78bc Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 18:28:14 +0400 Subject: Add specs for AccountController.mute and AccountController.unmute --- .../mastodon_api/controllers/account_controller_test.exs | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index d56e7fb4a..91d4685cb 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -751,32 +751,41 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "with notifications", %{conn: conn} do other_user = insert(:user) - ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/mute") + ret_conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts/#{other_user.id}/mute") response = json_response(ret_conn, 200) assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = response + assert_schema(response, "AccountRelationship", ApiSpec.spec()) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unmute") response = json_response(conn, 200) assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response + assert_schema(response, "AccountRelationship", ApiSpec.spec()) end test "without notifications", %{conn: conn} do other_user = insert(:user) ret_conn = - post(conn, "/api/v1/accounts/#{other_user.id}/mute", %{"notifications" => "false"}) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/accounts/#{other_user.id}/mute", %{"notifications" => "false"}) response = json_response(ret_conn, 200) assert %{"id" => _id, "muting" => true, "muting_notifications" => false} = response + assert_schema(response, "AccountRelationship", ApiSpec.spec()) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unmute") response = json_response(conn, 200) assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response + assert_schema(response, "AccountRelationship", ApiSpec.spec()) end end -- cgit v1.2.3 From 68a979b8243b9a5b685df2c13388a93b9ede1900 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 18:41:18 +0400 Subject: Add specs for AccountController.block and AccountController.unblock --- test/web/mastodon_api/controllers/account_controller_test.exs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 91d4685cb..f71b54ade 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -819,10 +819,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/block") assert %{"id" => _id, "blocking" => true} = json_response(ret_conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unblock") assert %{"id" => _id, "blocking" => false} = json_response(conn, 200) + assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) end describe "create account by app" do -- cgit v1.2.3 From ab185d3ea47deb38128dc501acdf27c47c542de2 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 20:12:09 +0400 Subject: Add spec for AccountController.follows --- .../controllers/account_controller_test.exs | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index f71b54ade..fa2091c5e 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -667,11 +667,14 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"id" => _id, "following" => false} = json_response(ret_conn, 200) assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) - conn = post(conn, "/api/v1/follows", %{"uri" => other_user.nickname}) + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/follows", %{"uri" => other_user.nickname}) assert %{"id" => id} = json_response(conn, 200) assert id == to_string(other_user.id) - assert_schema(json_response(conn, 200), "AccountRelationship", ApiSpec.spec()) + assert_schema(json_response(conn, 200), "Account", ApiSpec.spec()) end test "cancelling follow request", %{conn: conn} do @@ -728,7 +731,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do # self follow via uri user = User.get_cached_by_id(user.id) - conn_res = post(conn, "/api/v1/follows", %{"uri" => user.nickname}) + + conn_res = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/follows", %{"uri" => user.nickname}) + assert %{"error" => "Record not found"} = json_response(conn_res, 404) # follow non existing user @@ -736,7 +744,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"error" => "Record not found"} = json_response(conn_res, 404) # follow non existing user via uri - conn_res = post(conn, "/api/v1/follows", %{"uri" => "doesntexist"}) + conn_res = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/follows", %{"uri" => "doesntexist"}) + assert %{"error" => "Record not found"} = json_response(conn_res, 404) # unfollow non existing user -- cgit v1.2.3 From 7e0b42d99f3eb9520bc29cc29c06512c55183482 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 9 Apr 2020 20:34:21 +0400 Subject: Add specs for AccountController.mutes, AccountController.blocks, AccountController.mutes, AccountController.endorsements --- test/web/mastodon_api/controllers/account_controller_test.exs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index fa2091c5e..86136f7e4 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1155,6 +1155,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do other_user_id = to_string(other_user.id) assert [%{"id" => ^other_user_id}] = json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting a list of blocks" do @@ -1170,5 +1171,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do other_user_id = to_string(other_user.id) assert [%{"id" => ^other_user_id}] = json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end end -- cgit v1.2.3 From 163341857a726e8d74b6ddcd1230579e4c36a1b5 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 17 Apr 2020 19:27:22 +0400 Subject: Improve OpenAPI errors --- test/web/mastodon_api/controllers/account_controller_test.exs | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 86136f7e4..133d7f642 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -952,7 +952,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> post("/api/v1/accounts", Map.delete(valid_params, attr)) |> json_response(400) - assert res == %{"error" => "Missing parameters"} + assert res == %{ + "error" => "Missing field: #{attr}.", + "errors" => [ + %{ + "message" => "Missing field: #{attr}", + "source" => %{"pointer" => "/#{attr}"}, + "title" => "Invalid value" + } + ] + } end) end -- cgit v1.2.3 From 5b3952619818d38f8fdba9a64b050ce3f24394ff Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 Apr 2020 15:04:26 +0200 Subject: AccountController: Use code 400 for self-follow. --- test/web/mastodon_api/controllers/account_controller_test.exs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 61c2697b2..8c428efee 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -681,17 +681,17 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "following / unfollowing errors", %{user: user, conn: conn} do # self follow conn_res = post(conn, "/api/v1/accounts/#{user.id}/follow") - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400) # self unfollow user = User.get_cached_by_id(user.id) conn_res = post(conn, "/api/v1/accounts/#{user.id}/unfollow") - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Can not unfollow yourself"} = json_response(conn_res, 400) # self follow via uri user = User.get_cached_by_id(user.id) conn_res = post(conn, "/api/v1/follows", %{"uri" => user.nickname}) - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400) # follow non existing user conn_res = post(conn, "/api/v1/accounts/doesntexist/follow") -- cgit v1.2.3 From 2efc00b3cf5413ae7f8e8411ee1372343ee2618a Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 27 Apr 2020 20:46:52 +0400 Subject: Use `json_response_and_validate_schema/2` in tests to validate OpenAPI schema --- .../controllers/account_controller_test.exs | 569 ++++++++++----------- 1 file changed, 257 insertions(+), 312 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index d885b5e08..ba70ba66c 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -10,54 +10,46 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.InternalFetchActor - alias Pleroma.Web.ApiSpec alias Pleroma.Web.CommonAPI alias Pleroma.Web.OAuth.Token - import OpenApiSpex.TestAssertions import Pleroma.Factory describe "account fetching" do setup do: clear_config([:instance, :limit_to_local_content]) test "works by id" do - user = insert(:user) + %User{id: user_id} = insert(:user) - conn = - build_conn() - |> get("/api/v1/accounts/#{user.id}") - - assert %{"id" => id} = json_response(conn, 200) - assert id == to_string(user.id) + assert %{"id" => ^user_id} = + build_conn() + |> get("/api/v1/accounts/#{user_id}") + |> json_response_and_validate_schema(200) - conn = - build_conn() - |> get("/api/v1/accounts/-1") - - assert %{"error" => "Can't find user"} = json_response(conn, 404) + assert %{"error" => "Can't find user"} = + build_conn() + |> get("/api/v1/accounts/-1") + |> json_response_and_validate_schema(404) end test "works by nickname" do user = insert(:user) - conn = - build_conn() - |> get("/api/v1/accounts/#{user.nickname}") - - assert %{"id" => id} = json_response(conn, 200) - assert id == user.id + assert %{"id" => user_id} = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + |> json_response_and_validate_schema(200) end test "works by nickname for remote users" do Config.put([:instance, :limit_to_local_content], false) - user = insert(:user, nickname: "user@example.com", local: false) - conn = - build_conn() - |> get("/api/v1/accounts/#{user.nickname}") + user = insert(:user, nickname: "user@example.com", local: false) - assert %{"id" => id} = json_response(conn, 200) - assert id == user.id + assert %{"id" => user_id} = + build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + |> json_response_and_validate_schema(200) end test "respects limit_to_local_content == :all for remote user nicknames" do @@ -65,11 +57,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do user = insert(:user, nickname: "user@example.com", local: false) - conn = - build_conn() - |> get("/api/v1/accounts/#{user.nickname}") - - assert json_response(conn, 404) + assert build_conn() + |> get("/api/v1/accounts/#{user.nickname}") + |> json_response_and_validate_schema(404) end test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do @@ -82,7 +72,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do build_conn() |> get("/api/v1/accounts/#{user.nickname}") - assert json_response(conn, 404) + assert json_response_and_validate_schema(conn, 404) conn = build_conn() @@ -90,7 +80,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> assign(:token, insert(:oauth_token, user: reading_user, scopes: ["read:accounts"])) |> get("/api/v1/accounts/#{user.nickname}") - assert %{"id" => id} = json_response(conn, 200) + assert %{"id" => id} = json_response_and_validate_schema(conn, 200) assert id == user.id end @@ -101,21 +91,21 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do user_one = insert(:user, %{id: 1212}) user_two = insert(:user, %{nickname: "#{user_one.id}garbage"}) - resp_one = + acc_one = conn |> get("/api/v1/accounts/#{user_one.id}") + |> json_response_and_validate_schema(:ok) - resp_two = + acc_two = conn |> get("/api/v1/accounts/#{user_two.nickname}") + |> json_response_and_validate_schema(:ok) - resp_three = + acc_three = conn |> get("/api/v1/accounts/#{user_two.id}") + |> json_response_and_validate_schema(:ok) - acc_one = json_response(resp_one, 200) - acc_two = json_response(resp_two, 200) - acc_three = json_response(resp_three, 200) refute acc_one == acc_two assert acc_two == acc_three end @@ -123,23 +113,19 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "returns 404 when user is invisible", %{conn: conn} do user = insert(:user, %{invisible: true}) - resp = - conn - |> get("/api/v1/accounts/#{user.nickname}") - |> json_response(404) - - assert %{"error" => "Can't find user"} = resp + assert %{"error" => "Can't find user"} = + conn + |> get("/api/v1/accounts/#{user.nickname}") + |> json_response_and_validate_schema(404) end test "returns 404 for internal.fetch actor", %{conn: conn} do %User{nickname: "internal.fetch"} = InternalFetchActor.get_actor() - resp = - conn - |> get("/api/v1/accounts/internal.fetch") - |> json_response(404) - - assert %{"error" => "Can't find user"} = resp + assert %{"error" => "Can't find user"} = + conn + |> get("/api/v1/accounts/internal.fetch") + |> json_response_and_validate_schema(404) end end @@ -157,27 +143,25 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - res_conn = get(conn, "/api/v1/accounts/#{local.id}") - - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } - - res_conn = get(conn, "/api/v1/accounts/#{remote.id}") + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{local.id}") + |> json_response_and_validate_schema(:not_found) - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{remote.id}") + |> json_response_and_validate_schema(:not_found) end test "if user is authenticated", %{local: local, remote: remote} do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) end end @@ -189,22 +173,22 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert json_response(res_conn, :not_found) == %{ + assert json_response_and_validate_schema(res_conn, :not_found) == %{ "error" => "Can't find user" } res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) end test "if user is authenticated", %{local: local, remote: remote} do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) end end @@ -215,11 +199,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert json_response(res_conn, :not_found) == %{ + assert json_response_and_validate_schema(res_conn, :not_found) == %{ "error" => "Can't find user" } end @@ -228,10 +212,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert %{"id" => _} = json_response(res_conn, 200) + assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200) end end @@ -247,28 +231,37 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, activity} = CommonAPI.post(user_two, %{"status" => "User one sux0rz"}) {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) - assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert resp = + conn + |> get("/api/v1/accounts/#{user_two.id}/statuses") + |> json_response_and_validate_schema(200) + assert [%{"id" => id}] = resp - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) assert id == activity.id # Even a blocked user will deliver the full user timeline, there would be # no point in looking at a blocked users timeline otherwise - assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert resp = + conn + |> get("/api/v1/accounts/#{user_two.id}/statuses") + |> json_response_and_validate_schema(200) + assert [%{"id" => id}] = resp assert id == activity.id - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # Third user's timeline includes the repeat when viewed by unauthenticated user - resp = get(build_conn(), "/api/v1/accounts/#{user_three.id}/statuses") |> json_response(200) + resp = + build_conn() + |> get("/api/v1/accounts/#{user_three.id}/statuses") + |> json_response_and_validate_schema(200) + assert [%{"id" => id}] = resp assert id == repeat.id - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # When viewing a third user's timeline, the blocked users' statuses will NOT be shown resp = get(conn, "/api/v1/accounts/#{user_three.id}/statuses") - assert [] = json_response(resp, 200) + assert [] == json_response_and_validate_schema(resp, 200) end test "gets users statuses", %{conn: conn} do @@ -289,34 +282,36 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, private_activity} = CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"}) - resp = get(conn, "/api/v1/accounts/#{user_one.id}/statuses") |> json_response(200) + # TODO!!! + resp = + conn + |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response_and_validate_schema(200) + assert [%{"id" => id}] = resp assert id == to_string(activity.id) - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_two) |> assign(:token, insert(:oauth_token, user: user_two, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") - |> json_response(200) + |> json_response_and_validate_schema(200) assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(direct_activity.id) assert id_two == to_string(activity.id) - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_three) |> assign(:token, insert(:oauth_token, user: user_three, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") - |> json_response(200) + |> json_response_and_validate_schema(200) assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(private_activity.id) assert id_two == to_string(activity.id) - assert_schema(resp, "StatusesResponse", ApiSpec.spec()) end test "unimplemented pinned statuses feature", %{conn: conn} do @@ -325,7 +320,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?pinned=true") - assert json_response(conn, 200) == [] + assert json_response_and_validate_schema(conn, 200) == [] end test "gets an users media", %{conn: conn} do @@ -340,61 +335,48 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, %{id: media_id}} = ActivityPub.upload(file, actor: user.ap_id) - {:ok, image_post} = CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) + {:ok, %{id: image_post_id}} = + CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(image_post.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^image_post_id}] = json_response_and_validate_schema(conn, 200) conn = get(build_conn(), "/api/v1/accounts/#{user.id}/statuses?only_media=1") - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(image_post.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^image_post_id}] = json_response_and_validate_schema(conn, 200) end test "gets a user's statuses without reblogs", %{user: user, conn: conn} do - {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"}) - {:ok, _, _} = CommonAPI.repeat(post.id, user) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "HI!!!"}) + {:ok, _, _} = CommonAPI.repeat(post_id, user) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") - - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(post.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=1") - - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(post.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) end test "filters user's statuses by a hashtag", %{user: user, conn: conn} do - {:ok, post} = CommonAPI.post(user, %{"status" => "#hashtag"}) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "#hashtag"}) {:ok, _post} = CommonAPI.post(user, %{"status" => "hashtag"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?tagged=hashtag") - - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(post.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) end test "the user views their own timelines and excludes direct messages", %{ user: user, conn: conn } do - {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) + {:ok, %{id: public_activity_id}} = + CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) + {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_visibilities[]=direct") - - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(public_activity.id) - assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) + assert [%{"id" => ^public_activity_id}] = json_response_and_validate_schema(conn, 200) end end @@ -414,29 +396,25 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } - - res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{local.id}/statuses") + |> json_response_and_validate_schema(:not_found) - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{remote.id}/statuses") + |> json_response_and_validate_schema(:not_found) end test "if user is authenticated", %{local: local, remote: remote} do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end end @@ -447,27 +425,23 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{local.id}/statuses") + |> json_response_and_validate_schema(:not_found) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end test "if user is authenticated", %{local: local, remote: remote} do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end end @@ -479,26 +453,22 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") - - assert json_response(res_conn, :not_found) == %{ - "error" => "Can't find user" - } + assert %{"error" => "Can't find user"} == + conn + |> get("/api/v1/accounts/#{remote.id}/statuses") + |> json_response_and_validate_schema(:not_found) end test "if user is authenticated", %{local: local, remote: remote} do %{conn: conn} = oauth_access(["read"]) res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") - assert length(json_response(res_conn, 200)) == 1 - assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end end @@ -507,13 +477,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "getting followers", %{user: user, conn: conn} do other_user = insert(:user) - {:ok, user} = User.follow(user, other_user) + {:ok, %{id: user_id}} = User.follow(user, other_user) conn = get(conn, "/api/v1/accounts/#{other_user.id}/followers") - assert [%{"id" => id}] = json_response(conn, 200) - assert id == to_string(user.id) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) + assert [%{"id" => ^user_id}] = json_response_and_validate_schema(conn, 200) end test "getting followers, hide_followers", %{user: user, conn: conn} do @@ -522,7 +490,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/accounts/#{other_user.id}/followers") - assert [] == json_response(conn, 200) + assert [] == json_response_and_validate_schema(conn, 200) end test "getting followers, hide_followers, same user requesting" do @@ -536,40 +504,31 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"])) |> get("/api/v1/accounts/#{other_user.id}/followers") - refute [] == json_response(conn, 200) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) + refute [] == json_response_and_validate_schema(conn, 200) end test "getting followers, pagination", %{user: user, conn: conn} do - follower1 = insert(:user) - follower2 = insert(:user) - follower3 = insert(:user) - {:ok, _} = User.follow(follower1, user) - {:ok, _} = User.follow(follower2, user) - {:ok, _} = User.follow(follower3, user) - - res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?since_id=#{follower1.id}") + {:ok, %User{id: follower1_id}} = :user |> insert() |> User.follow(user) + {:ok, %User{id: follower2_id}} = :user |> insert() |> User.follow(user) + {:ok, %User{id: follower3_id}} = :user |> insert() |> User.follow(user) - assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) - assert id3 == follower3.id - assert id2 == follower2.id - assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) - - res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?max_id=#{follower3.id}") + assert [%{"id" => ^follower3_id}, %{"id" => ^follower2_id}] = + conn + |> get("/api/v1/accounts/#{user.id}/followers?since_id=#{follower1_id}") + |> json_response_and_validate_schema(200) - assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200) - assert id2 == follower2.id - assert id1 == follower1.id + assert [%{"id" => ^follower2_id}, %{"id" => ^follower1_id}] = + conn + |> get("/api/v1/accounts/#{user.id}/followers?max_id=#{follower3_id}") + |> json_response_and_validate_schema(200) - res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?limit=1&max_id=#{follower3.id}") + res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?limit=1&max_id=#{follower3_id}") - assert [%{"id" => id2}] = json_response(res_conn, 200) - assert id2 == follower2.id + assert [%{"id" => ^follower2_id}] = json_response_and_validate_schema(res_conn, 200) assert [link_header] = get_resp_header(res_conn, "link") - assert link_header =~ ~r/min_id=#{follower2.id}/ - assert link_header =~ ~r/max_id=#{follower2.id}/ - assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) + assert link_header =~ ~r/min_id=#{follower2_id}/ + assert link_header =~ ~r/max_id=#{follower2_id}/ end end @@ -582,9 +541,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/accounts/#{user.id}/following") - assert [%{"id" => id}] = json_response(conn, 200) + assert [%{"id" => id}] = json_response_and_validate_schema(conn, 200) assert id == to_string(other_user.id) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting following, hide_follows, other user requesting" do @@ -598,8 +556,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"])) |> get("/api/v1/accounts/#{user.id}/following") - assert [] == json_response(conn, 200) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) + assert [] == json_response_and_validate_schema(conn, 200) end test "getting following, hide_follows, same user requesting" do @@ -613,7 +570,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> assign(:token, insert(:oauth_token, user: user, scopes: ["read:accounts"])) |> get("/api/v1/accounts/#{user.id}/following") - refute [] == json_response(conn, 200) + refute [] == json_response_and_validate_schema(conn, 200) end test "getting following, pagination", %{user: user, conn: conn} do @@ -626,28 +583,25 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?since_id=#{following1.id}") - assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) + assert [%{"id" => id3}, %{"id" => id2}] = json_response_and_validate_schema(res_conn, 200) assert id3 == following3.id assert id2 == following2.id - assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?max_id=#{following3.id}") - assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200) + assert [%{"id" => id2}, %{"id" => id1}] = json_response_and_validate_schema(res_conn, 200) assert id2 == following2.id assert id1 == following1.id - assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}") - assert [%{"id" => id2}] = json_response(res_conn, 200) + assert [%{"id" => id2}] = json_response_and_validate_schema(res_conn, 200) assert id2 == following2.id assert [link_header] = get_resp_header(res_conn, "link") assert link_header =~ ~r/min_id=#{following2.id}/ assert link_header =~ ~r/max_id=#{following2.id}/ - assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) end end @@ -655,40 +609,37 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: oauth_access(["follow"]) test "following / unfollowing a user", %{conn: conn} do - other_user = insert(:user) - - ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/follow") - - assert %{"id" => _id, "following" => true} = json_response(ret_conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + %{id: other_user_id, nickname: other_user_nickname} = insert(:user) - ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/unfollow") - - assert %{"id" => _id, "following" => false} = json_response(ret_conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "following" => true} = + conn + |> post("/api/v1/accounts/#{other_user_id}/follow") + |> json_response_and_validate_schema(200) - conn = - conn - |> put_req_header("content-type", "application/json") - |> post("/api/v1/follows", %{"uri" => other_user.nickname}) + assert %{"id" => _id, "following" => false} = + conn + |> post("/api/v1/accounts/#{other_user_id}/unfollow") + |> json_response_and_validate_schema(200) - assert %{"id" => id} = json_response(conn, 200) - assert id == to_string(other_user.id) - assert_schema(json_response(conn, 200), "Account", ApiSpec.spec()) + assert %{"id" => ^other_user_id} = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/follows", %{"uri" => other_user_nickname}) + |> json_response_and_validate_schema(200) end test "cancelling follow request", %{conn: conn} do %{id: other_user_id} = insert(:user, %{locked: true}) - resp = conn |> post("/api/v1/accounts/#{other_user_id}/follow") |> json_response(:ok) - - assert %{"id" => ^other_user_id, "following" => false, "requested" => true} = resp - assert_schema(resp, "AccountRelationship", ApiSpec.spec()) - - resp = conn |> post("/api/v1/accounts/#{other_user_id}/unfollow") |> json_response(:ok) + assert %{"id" => ^other_user_id, "following" => false, "requested" => true} = + conn + |> post("/api/v1/accounts/#{other_user_id}/follow") + |> json_response_and_validate_schema(:ok) - assert %{"id" => ^other_user_id, "following" => false, "requested" => false} = resp - assert_schema(resp, "AccountRelationship", ApiSpec.spec()) + assert %{"id" => ^other_user_id, "following" => false, "requested" => false} = + conn + |> post("/api/v1/accounts/#{other_user_id}/unfollow") + |> json_response_and_validate_schema(:ok) end test "following without reblogs" do @@ -698,50 +649,53 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow?reblogs=false") - assert %{"showing_reblogs" => false} = json_response(ret_conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + assert %{"showing_reblogs" => false} = json_response_and_validate_schema(ret_conn, 200) {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hey"}) - {:ok, reblog, _} = CommonAPI.repeat(activity.id, followed) - - ret_conn = get(conn, "/api/v1/timelines/home") + {:ok, %{id: reblog_id}, _} = CommonAPI.repeat(activity.id, followed) - assert [] == json_response(ret_conn, 200) - - ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow?reblogs=true") - - assert %{"showing_reblogs" => true} = json_response(ret_conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + assert [] == + conn + |> get("/api/v1/timelines/home") + |> json_response(200) - conn = get(conn, "/api/v1/timelines/home") + assert %{"showing_reblogs" => true} = + conn + |> post("/api/v1/accounts/#{followed.id}/follow?reblogs=true") + |> json_response_and_validate_schema(200) - expected_activity_id = reblog.id - assert [%{"id" => ^expected_activity_id}] = json_response(conn, 200) + assert [%{"id" => ^reblog_id}] = + conn + |> get("/api/v1/timelines/home") + |> json_response(200) end test "following / unfollowing errors", %{user: user, conn: conn} do # self follow conn_res = post(conn, "/api/v1/accounts/#{user.id}/follow") - assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400) + + assert %{"error" => "Can not follow yourself"} = + json_response_and_validate_schema(conn_res, 400) # self unfollow user = User.get_cached_by_id(user.id) conn_res = post(conn, "/api/v1/accounts/#{user.id}/unfollow") - assert %{"error" => "Can not unfollow yourself"} = json_response(conn_res, 400) + + assert %{"error" => "Can not unfollow yourself"} = + json_response_and_validate_schema(conn_res, 400) # self follow via uri user = User.get_cached_by_id(user.id) - conn_res = - conn - |> put_req_header("content-type", "multipart/form-data") - |> post("/api/v1/follows", %{"uri" => user.nickname}) - - assert %{"error" => "Can not follow yourself"} = json_response(conn_res, 400) + assert %{"error" => "Can not follow yourself"} = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/follows", %{"uri" => user.nickname}) + |> json_response_and_validate_schema(400) # follow non existing user conn_res = post(conn, "/api/v1/accounts/doesntexist/follow") - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn_res, 404) # follow non existing user via uri conn_res = @@ -749,11 +703,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("content-type", "multipart/form-data") |> post("/api/v1/follows", %{"uri" => "doesntexist"}) - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn_res, 404) # unfollow non existing user conn_res = post(conn, "/api/v1/accounts/doesntexist/unfollow") - assert %{"error" => "Record not found"} = json_response(conn_res, 404) + assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn_res, 404) end end @@ -763,21 +717,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "with notifications", %{conn: conn} do other_user = insert(:user) - ret_conn = - conn - |> put_req_header("content-type", "application/json") - |> post("/api/v1/accounts/#{other_user.id}/mute") - - response = json_response(ret_conn, 200) - - assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = response - assert_schema(response, "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts/#{other_user.id}/mute") + |> json_response_and_validate_schema(200) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unmute") - response = json_response(conn, 200) - assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response - assert_schema(response, "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = + json_response_and_validate_schema(conn, 200) end test "without notifications", %{conn: conn} do @@ -788,16 +737,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("content-type", "multipart/form-data") |> post("/api/v1/accounts/#{other_user.id}/mute", %{"notifications" => "false"}) - response = json_response(ret_conn, 200) - - assert %{"id" => _id, "muting" => true, "muting_notifications" => false} = response - assert_schema(response, "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "muting" => true, "muting_notifications" => false} = + json_response_and_validate_schema(ret_conn, 200) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unmute") - response = json_response(conn, 200) - assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response - assert_schema(response, "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = + json_response_and_validate_schema(conn, 200) end end @@ -810,17 +756,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do [conn: conn, user: user, activity: activity] end - test "returns pinned statuses", %{conn: conn, user: user, activity: activity} do - {:ok, _} = CommonAPI.pin(activity.id, user) + test "returns pinned statuses", %{conn: conn, user: user, activity: %{id: activity_id}} do + {:ok, _} = CommonAPI.pin(activity_id, user) - result = - conn - |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true") - |> json_response(200) - - id_str = to_string(activity.id) - - assert [%{"id" => ^id_str, "pinned" => true}] = result + assert [%{"id" => ^activity_id, "pinned" => true}] = + conn + |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true") + |> json_response_and_validate_schema(200) end end @@ -830,13 +772,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do ret_conn = post(conn, "/api/v1/accounts/#{other_user.id}/block") - assert %{"id" => _id, "blocking" => true} = json_response(ret_conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "blocking" => true} = json_response_and_validate_schema(ret_conn, 200) conn = post(conn, "/api/v1/accounts/#{other_user.id}/unblock") - assert %{"id" => _id, "blocking" => false} = json_response(conn, 200) - assert_schema(json_response(ret_conn, 200), "AccountRelationship", ApiSpec.spec()) + assert %{"id" => _id, "blocking" => false} = json_response_and_validate_schema(conn, 200) end describe "create account by app" do @@ -863,15 +803,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do scopes: "read, write, follow" }) - %{ - "client_id" => client_id, - "client_secret" => client_secret, - "id" => _, - "name" => "client_name", - "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob", - "vapid_key" => _, - "website" => nil - } = json_response(conn, 200) + assert %{ + "client_id" => client_id, + "client_secret" => client_secret, + "id" => _, + "name" => "client_name", + "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob", + "vapid_key" => _, + "website" => nil + } = json_response_and_validate_schema(conn, 200) conn = post(conn, "/oauth/token", %{ @@ -906,7 +846,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do "created_at" => _created_at, "scope" => _scope, "token_type" => "Bearer" - } = json_response(conn, 200) + } = json_response_and_validate_schema(conn, 200) token_from_db = Repo.get_by(Token, token: token) assert token_from_db @@ -926,7 +866,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("content-type", "application/json") |> post("/api/v1/accounts", valid_params) - assert json_response(res, 400) == %{"error" => "{\"email\":[\"has already been taken\"]}"} + assert json_response_and_validate_schema(res, 400) == %{ + "error" => "{\"email\":[\"has already been taken\"]}" + } end test "returns bad_request if missing required params", %{ @@ -941,7 +883,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("content-type", "application/json") res = post(conn, "/api/v1/accounts", valid_params) - assert json_response(res, 200) + assert json_response_and_validate_schema(res, 200) [{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}] |> Stream.zip(Map.delete(valid_params, :email)) @@ -950,7 +892,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn |> Map.put(:remote_ip, ip) |> post("/api/v1/accounts", Map.delete(valid_params, attr)) - |> json_response(400) + |> json_response_and_validate_schema(400) assert res == %{ "error" => "Missing field: #{attr}.", @@ -983,14 +925,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> Map.put(:remote_ip, {127, 0, 0, 5}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) - assert json_response(res, 400) == %{"error" => "Missing parameters"} + assert json_response_and_validate_schema(res, 400) == %{"error" => "Missing parameters"} res = conn |> Map.put(:remote_ip, {127, 0, 0, 6}) |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) - assert json_response(res, 400) == %{"error" => "{\"email\":[\"can't be blank\"]}"} + assert json_response_and_validate_schema(res, 400) == %{ + "error" => "{\"email\":[\"can't be blank\"]}" + } end test "allow registration without an email", %{conn: conn, valid_params: valid_params} do @@ -1003,7 +947,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> Map.put(:remote_ip, {127, 0, 0, 7}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) - assert json_response(res, 200) + assert json_response_and_validate_schema(res, 200) end test "allow registration with an empty email", %{conn: conn, valid_params: valid_params} do @@ -1016,7 +960,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> Map.put(:remote_ip, {127, 0, 0, 8}) |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) - assert json_response(res, 200) + assert json_response_and_validate_schema(res, 200) end test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do @@ -1026,7 +970,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("content-type", "multipart/form-data") |> post("/api/v1/accounts", valid_params) - assert json_response(res, 403) == %{"error" => "Invalid credentials"} + assert json_response_and_validate_schema(res, 403) == %{"error" => "Invalid credentials"} end test "registration from trusted app" do @@ -1056,7 +1000,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do password: "some_password", confirm: "some_password" }) - |> json_response(200) + |> json_response_and_validate_schema(200) assert %{ "access_token" => access_token, @@ -1069,7 +1013,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do build_conn() |> Plug.Conn.put_req_header("authorization", "Bearer " <> access_token) |> get("/api/v1/accounts/verify_credentials") - |> json_response(200) + |> json_response_and_validate_schema(200) assert %{ "acct" => "Lain", @@ -1125,7 +1069,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do "created_at" => _created_at, "scope" => _scope, "token_type" => "Bearer" - } = json_response(conn, 200) + } = json_response_and_validate_schema(conn, 200) token_from_db = Repo.get_by(Token, token: token) assert token_from_db @@ -1143,7 +1087,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do agreement: true }) - assert json_response(conn, :too_many_requests) == %{"error" => "Throttled"} + assert json_response_and_validate_schema(conn, :too_many_requests) == %{ + "error" => "Throttled" + } end end @@ -1151,16 +1097,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "returns lists to which the account belongs" do %{user: user, conn: conn} = oauth_access(["read:lists"]) other_user = insert(:user) - assert {:ok, %Pleroma.List{} = list} = Pleroma.List.create("Test List", user) + assert {:ok, %Pleroma.List{id: list_id} = list} = Pleroma.List.create("Test List", user) {:ok, %{following: _following}} = Pleroma.List.follow(list, other_user) - res = - conn - |> get("/api/v1/accounts/#{other_user.id}/lists") - |> json_response(200) - - assert res == [%{"id" => to_string(list.id), "title" => "Test List"}] - assert_schema(res, "ListsResponse", ApiSpec.spec()) + assert [%{"id" => list_id, "title" => "Test List"}] = + conn + |> get("/api/v1/accounts/#{other_user.id}/lists") + |> json_response_and_validate_schema(200) end end @@ -1169,7 +1112,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do %{user: user, conn: conn} = oauth_access(["read:accounts"]) conn = get(conn, "/api/v1/accounts/verify_credentials") - response = json_response(conn, 200) + response = json_response_and_validate_schema(conn, 200) assert %{"id" => id, "source" => %{"privacy" => "public"}} = response assert response["pleroma"]["chat_token"] @@ -1182,7 +1125,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/accounts/verify_credentials") - assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = json_response(conn, 200) + assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = + json_response_and_validate_schema(conn, 200) + assert id == to_string(user.id) end @@ -1192,7 +1137,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/accounts/verify_credentials") - assert %{"id" => id, "source" => %{"privacy" => "private"}} = json_response(conn, 200) + assert %{"id" => id, "source" => %{"privacy" => "private"}} = + json_response_and_validate_schema(conn, 200) + assert id == to_string(user.id) end end @@ -1207,18 +1154,18 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => ^other_user_id}] = conn |> get("/api/v1/accounts/relationships?id=#{other_user.id}") - |> json_response(200) + |> json_response_and_validate_schema(200) assert [%{"id" => ^other_user_id}] = conn |> get("/api/v1/accounts/relationships?id[]=#{other_user.id}") - |> json_response(200) + |> json_response_and_validate_schema(200) end test "returns an empty list on a bad request", %{conn: conn} do conn = get(conn, "/api/v1/accounts/relationships", %{}) - assert [] = json_response(conn, 200) + assert [] = json_response_and_validate_schema(conn, 200) end end @@ -1231,8 +1178,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = get(conn, "/api/v1/mutes") other_user_id = to_string(other_user.id) - assert [%{"id" => ^other_user_id}] = json_response(conn, 200) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) + assert [%{"id" => ^other_user_id}] = json_response_and_validate_schema(conn, 200) end test "getting a list of blocks" do @@ -1247,7 +1193,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/blocks") other_user_id = to_string(other_user.id) - assert [%{"id" => ^other_user_id}] = json_response(conn, 200) - assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) + assert [%{"id" => ^other_user_id}] = json_response_and_validate_schema(conn, 200) end end -- cgit v1.2.3 From 7b0c8f0fde495e50c5434575c452addeace39e60 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 29 Apr 2020 20:48:08 +0400 Subject: Add tests for account registration with captcha enabled and improve errors --- .../controllers/account_controller_test.exs | 88 +++++++++++++++++++++- 1 file changed, 87 insertions(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index ba70ba66c..b9da7e924 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -925,7 +925,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> Map.put(:remote_ip, {127, 0, 0, 5}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) - assert json_response_and_validate_schema(res, 400) == %{"error" => "Missing parameters"} + assert json_response_and_validate_schema(res, 400) == + %{"error" => "Missing parameter: email"} res = conn @@ -1093,6 +1094,91 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end end + describe "create account with enabled captcha" do + setup %{conn: conn} do + app_token = insert(:oauth_token, user: nil) + + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "multipart/form-data") + + [conn: conn] + end + + setup do: clear_config([Pleroma.Captcha, :enabled], true) + + test "creates an account and returns 200 if captcha is valid", %{conn: conn} do + %{token: token, answer_data: answer_data} = Pleroma.Captcha.new() + + params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: Pleroma.Captcha.Mock.solution(), + captcha_token: token, + captcha_answer_data: answer_data + } + + assert %{ + "access_token" => access_token, + "created_at" => _, + "scope" => ["read"], + "token_type" => "Bearer" + } = + conn + |> post("/api/v1/accounts", params) + |> json_response_and_validate_schema(:ok) + + assert Token |> Repo.get_by(token: access_token) |> Repo.preload(:user) |> Map.get(:user) + + Cachex.del(:used_captcha_cache, token) + end + + test "returns 400 if any captcha field is not provided", %{conn: conn} do + captcha_fields = [:captcha_solution, :captcha_token, :captcha_answer_data] + + valid_params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: "xx", + captcha_token: "xx", + captcha_answer_data: "xx" + } + + for field <- captcha_fields do + expected = %{ + "error" => "{\"captcha\":[\"Invalid CAPTCHA (Missing parameter: #{field})\"]}" + } + + assert expected == + conn + |> post("/api/v1/accounts", Map.delete(valid_params, field)) + |> json_response_and_validate_schema(:bad_request) + end + end + + test "returns an error if captcha is invalid", %{conn: conn} do + params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: "cofe", + captcha_token: "cofe", + captcha_answer_data: "cofe" + } + + assert %{"error" => "{\"captcha\":[\"Invalid answer data\"]}"} == + conn + |> post("/api/v1/accounts", params) + |> json_response_and_validate_schema(:bad_request) + end + end + describe "GET /api/v1/accounts/:id/lists - account_lists" do test "returns lists to which the account belongs" do %{user: user, conn: conn} = oauth_access(["read:lists"]) -- cgit v1.2.3 From bd261309cc27ebf5d2f78ea3c1474fe71ae8046d Mon Sep 17 00:00:00 2001 From: Maksim Pechnikov Date: Wed, 6 May 2020 15:08:38 +0300 Subject: added `unread_notifications_count` for `/api/v1/accounts/verify_credentials` --- test/web/mastodon_api/controllers/account_controller_test.exs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index b9da7e924..256a8b304 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1196,12 +1196,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "verify_credentials" do test "verify_credentials" do %{user: user, conn: conn} = oauth_access(["read:accounts"]) + [notification | _] = insert_list(7, :notification, user: user) + Pleroma.Notification.set_read_up_to(user, notification.id) conn = get(conn, "/api/v1/accounts/verify_credentials") response = json_response_and_validate_schema(conn, 200) assert %{"id" => id, "source" => %{"privacy" => "public"}} = response assert response["pleroma"]["chat_token"] + assert response["pleroma"]["unread_notifications_count"] == 6 assert id == to_string(user.id) end -- cgit v1.2.3 From dfb90a1fd64cfb8f81707d939a87a02e8047dc3b Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 12 May 2020 12:50:48 +0200 Subject: Transmogrifier: Add tests for certain announces --- .../controllers/account_controller_test.exs | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 256a8b304..0d48ae4ae 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -222,6 +222,33 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "user timelines" do setup do: oauth_access(["read:statuses"]) + test "works with announces that are just addressed to public", %{conn: conn} do + user = insert(:user, ap_id: "https://honktest/u/test", local: false) + other_user = insert(:user) + + {:ok, post} = CommonAPI.post(other_user, %{"status" => "bonkeronk"}) + + {:ok, announce, _} = + %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "actor" => "https://honktest/u/test", + "id" => "https://honktest/u/test/bonk/1793M7B9MQ48847vdx", + "object" => post.data["object"], + "published" => "2019-06-25T19:33:58Z", + "to" => ["https://www.w3.org/ns/activitystreams#Public"], + "type" => "Announce" + } + |> ActivityPub.persist(local: false) + + assert resp = + conn + |> get("/api/v1/accounts/#{user.id}/statuses") + |> json_response_and_validate_schema(200) + + assert [%{"id" => id}] = resp + assert id == announce.id + end + test "respects blocks", %{user: user_one, conn: conn} do user_two = insert(:user) user_three = insert(:user) -- cgit v1.2.3 From 7803a85d2ced092fbd8e0f1bde0944bd27f8d649 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 12 May 2020 23:59:26 +0400 Subject: Add OpenAPI spec for StatusController --- .../controllers/account_controller_test.exs | 29 +++++++++++----------- 1 file changed, 14 insertions(+), 15 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 0d48ae4ae..280bd6aca 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -226,7 +226,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do user = insert(:user, ap_id: "https://honktest/u/test", local: false) other_user = insert(:user) - {:ok, post} = CommonAPI.post(other_user, %{"status" => "bonkeronk"}) + {:ok, post} = CommonAPI.post(other_user, %{status: "bonkeronk"}) {:ok, announce, _} = %{ @@ -255,7 +255,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do User.block(user_one, user_two) - {:ok, activity} = CommonAPI.post(user_two, %{"status" => "User one sux0rz"}) + {:ok, activity} = CommonAPI.post(user_two, %{status: "User one sux0rz"}) {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) assert resp = @@ -298,16 +298,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, _user_three} = User.follow(user_three, user_one) - {:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"}) + {:ok, activity} = CommonAPI.post(user_one, %{status: "HI!!!"}) {:ok, direct_activity} = CommonAPI.post(user_one, %{ - "status" => "Hi, @#{user_two.nickname}.", - "visibility" => "direct" + status: "Hi, @#{user_two.nickname}.", + visibility: "direct" }) {:ok, private_activity} = - CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"}) + CommonAPI.post(user_one, %{status: "private", visibility: "private"}) # TODO!!! resp = @@ -362,8 +362,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, %{id: media_id}} = ActivityPub.upload(file, actor: user.ap_id) - {:ok, %{id: image_post_id}} = - CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) + {:ok, %{id: image_post_id}} = CommonAPI.post(user, %{status: "cofe", media_ids: [media_id]}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") @@ -375,7 +374,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "gets a user's statuses without reblogs", %{user: user, conn: conn} do - {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "HI!!!"}) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{status: "HI!!!"}) {:ok, _, _} = CommonAPI.repeat(post_id, user) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") @@ -386,8 +385,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "filters user's statuses by a hashtag", %{user: user, conn: conn} do - {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "#hashtag"}) - {:ok, _post} = CommonAPI.post(user, %{"status" => "hashtag"}) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{status: "#hashtag"}) + {:ok, _post} = CommonAPI.post(user, %{status: "hashtag"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?tagged=hashtag") assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) @@ -398,9 +397,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn: conn } do {:ok, %{id: public_activity_id}} = - CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) + CommonAPI.post(user, %{status: ".", visibility: "public"}) - {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) + {:ok, _direct_activity} = CommonAPI.post(user, %{status: ".", visibility: "direct"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_visibilities[]=direct") assert [%{"id" => ^public_activity_id}] = json_response_and_validate_schema(conn, 200) @@ -678,7 +677,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"showing_reblogs" => false} = json_response_and_validate_schema(ret_conn, 200) - {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hey"}) + {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"}) {:ok, %{id: reblog_id}, _} = CommonAPI.repeat(activity.id, followed) assert [] == @@ -777,7 +776,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "pinned statuses" do setup do user = insert(:user) - {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"}) + {:ok, activity} = CommonAPI.post(user, %{status: "HI!!!"}) %{conn: conn} = oauth_access(["read:statuses"], user: user) [conn: conn, user: user, activity: activity] -- cgit v1.2.3 From e7bc2f980cce170731960e024614c497b821fe90 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Thu, 7 May 2020 13:44:38 +0300 Subject: account visibility --- .../controllers/account_controller_test.exs | 59 ++++++++++++++++------ 1 file changed, 43 insertions(+), 16 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 280bd6aca..7dfea2f9e 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -127,6 +127,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/internal.fetch") |> json_response_and_validate_schema(404) end + + test "returns 401 for deactivated user", %{conn: conn} do + user = insert(:user, deactivated: true) + + assert %{} = + conn + |> get("/api/v1/accounts/#{user.id}") + |> json_response_and_validate_schema(:gone) + end end defp local_and_remote_users do @@ -143,15 +152,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{local.id}") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{remote.id}") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) end test "if user is authenticated", %{local: local, remote: remote} do @@ -173,8 +182,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}") - assert json_response_and_validate_schema(res_conn, :not_found) == %{ - "error" => "Can't find user" + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ + "error" => "This API requires an authenticated user" } res_conn = get(conn, "/api/v1/accounts/#{remote.id}") @@ -203,8 +212,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{remote.id}") - assert json_response_and_validate_schema(res_conn, :not_found) == %{ - "error" => "Can't find user" + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ + "error" => "This API requires an authenticated user" } end @@ -249,6 +258,24 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert id == announce.id end + test "deactivated user", %{conn: conn} do + user = insert(:user, deactivated: true) + + assert %{} == + conn + |> get("/api/v1/accounts/#{user.id}/statuses") + |> json_response_and_validate_schema(:gone) + end + + test "returns 404 when user is invisible", %{conn: conn} do + user = insert(:user, %{invisible: true}) + + assert %{"error" => "Can't find user"} = + conn + |> get("/api/v1/accounts/#{user.id}") + |> json_response_and_validate_schema(404) + end + test "respects blocks", %{user: user_one, conn: conn} do user_two = insert(:user) user_three = insert(:user) @@ -422,15 +449,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{local.id}/statuses") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{remote.id}/statuses") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) end test "if user is authenticated", %{local: local, remote: remote} do @@ -451,10 +478,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true) test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{local.id}/statuses") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response_and_validate_schema(res_conn, 200)) == 1 @@ -481,10 +508,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - assert %{"error" => "Can't find user"} == + assert %{"error" => "This API requires an authenticated user"} == conn |> get("/api/v1/accounts/#{remote.id}/statuses") - |> json_response_and_validate_schema(:not_found) + |> json_response_and_validate_schema(:unauthorized) end test "if user is authenticated", %{local: local, remote: remote} do -- cgit v1.2.3 From b1aa402229b6422a5ab1aa7102c7a104e218d0e3 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 13 May 2020 11:11:10 +0300 Subject: removing 410 status --- test/web/mastodon_api/controllers/account_controller_test.exs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 7dfea2f9e..8700ab2f5 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -131,10 +131,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "returns 401 for deactivated user", %{conn: conn} do user = insert(:user, deactivated: true) - assert %{} = + assert %{"error" => "Can't find user"} = conn |> get("/api/v1/accounts/#{user.id}") - |> json_response_and_validate_schema(:gone) + |> json_response_and_validate_schema(:not_found) end end @@ -261,10 +261,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "deactivated user", %{conn: conn} do user = insert(:user, deactivated: true) - assert %{} == + assert %{"error" => "Can't find user"} == conn |> get("/api/v1/accounts/#{user.id}/statuses") - |> json_response_and_validate_schema(:gone) + |> json_response_and_validate_schema(:not_found) end test "returns 404 when user is invisible", %{conn: conn} do -- cgit v1.2.3 From 0321a3e07814c3f225f19e0372b69a7813cef15e Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Mon, 18 May 2020 10:34:34 +0300 Subject: test naming fix --- test/web/mastodon_api/controllers/account_controller_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 8700ab2f5..3008970af 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -128,7 +128,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> json_response_and_validate_schema(404) end - test "returns 401 for deactivated user", %{conn: conn} do + test "returns 404 for deactivated user", %{conn: conn} do user = insert(:user, deactivated: true) assert %{"error" => "Can't find user"} = -- cgit v1.2.3 From 23e248694df988d50e8a07b704a7ac56b8e9b19c Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 21 May 2020 13:16:21 +0200 Subject: Announcements: Fix all tests. --- test/web/mastodon_api/controllers/account_controller_test.exs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 280bd6aca..1ce97378d 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -256,7 +256,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do User.block(user_one, user_two) {:ok, activity} = CommonAPI.post(user_two, %{status: "User one sux0rz"}) - {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) + {:ok, repeat} = CommonAPI.repeat(activity.id, user_three) assert resp = conn @@ -375,7 +375,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "gets a user's statuses without reblogs", %{user: user, conn: conn} do {:ok, %{id: post_id}} = CommonAPI.post(user, %{status: "HI!!!"}) - {:ok, _, _} = CommonAPI.repeat(post_id, user) + {:ok, _} = CommonAPI.repeat(post_id, user) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) @@ -678,7 +678,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"showing_reblogs" => false} = json_response_and_validate_schema(ret_conn, 200) {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"}) - {:ok, %{id: reblog_id}, _} = CommonAPI.repeat(activity.id, followed) + {:ok, %{id: reblog_id}} = CommonAPI.repeat(activity.id, followed) assert [] == conn -- cgit v1.2.3 From 1eb6cedaadee4e1ab3e0885b4e03a8dd17ba08ea Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 16 Jun 2020 13:08:27 +0200 Subject: ActivityPub: When restricting to media posts, only show 'Creates'. --- test/web/mastodon_api/controllers/account_controller_test.exs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 1ce97378d..2343a9d2d 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -350,9 +350,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert json_response_and_validate_schema(conn, 200) == [] end - test "gets an users media", %{conn: conn} do + test "gets an users media, excludes reblogs", %{conn: conn} do note = insert(:note_activity) user = User.get_cached_by_ap_id(note.data["actor"]) + other_user = insert(:user) file = %Plug.Upload{ content_type: "image/jpg", @@ -364,6 +365,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, %{id: image_post_id}} = CommonAPI.post(user, %{status: "cofe", media_ids: [media_id]}) + {:ok, %{id: media_id}} = ActivityPub.upload(file, actor: other_user.ap_id) + + {:ok, %{id: other_image_post_id}} = + CommonAPI.post(other_user, %{status: "cofe2", media_ids: [media_id]}) + + {:ok, _announce} = CommonAPI.repeat(other_image_post_id, user) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") assert [%{"id" => ^image_post_id}] = json_response_and_validate_schema(conn, 200) -- cgit v1.2.3 From f378e93bf4ca4bc9547f242e76e6258e25852972 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 26 Jun 2020 16:15:27 +0200 Subject: AccountController: Return scope in proper format. --- test/web/mastodon_api/controllers/account_controller_test.exs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index ebfcedd01..fcc1e792b 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -905,7 +905,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do %{ "access_token" => token, "created_at" => _created_at, - "scope" => _scope, + "scope" => ^scope, "token_type" => "Bearer" } = json_response_and_validate_schema(conn, 200) @@ -1067,7 +1067,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{ "access_token" => access_token, "created_at" => _, - "scope" => ["read", "write", "follow", "push"], + "scope" => "read write follow push", "token_type" => "Bearer" } = response @@ -1185,7 +1185,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{ "access_token" => access_token, "created_at" => _, - "scope" => ["read"], + "scope" => "read", "token_type" => "Bearer" } = conn -- cgit v1.2.3 From 3aa04b81c4d558dfa8d3c35ab7db6041671ac121 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 29 Jun 2020 19:47:04 +0400 Subject: Test default "content-type" for CastAndValidate --- test/web/mastodon_api/controllers/account_controller_test.exs | 1 - 1 file changed, 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index ebfcedd01..260ad2306 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -780,7 +780,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = conn - |> put_req_header("content-type", "application/json") |> post("/api/v1/accounts/#{other_user.id}/mute") |> json_response_and_validate_schema(200) -- cgit v1.2.3 From c0385cf47ae9c2dac527387225dee7d45dd33d8c Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 Jul 2020 11:52:29 +0200 Subject: AccountController: Fix muting / unmuting reblogs. --- .../controllers/account_controller_test.exs | 37 ++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 260ad2306..f102c0cd2 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -708,7 +708,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do followed = insert(:user) other_user = insert(:user) - ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow?reblogs=false") + ret_conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts/#{followed.id}/follow", %{reblogs: false}) assert %{"showing_reblogs" => false} = json_response_and_validate_schema(ret_conn, 200) @@ -722,7 +725,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"showing_reblogs" => true} = conn - |> post("/api/v1/accounts/#{followed.id}/follow?reblogs=true") + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts/#{followed.id}/follow", %{reblogs: true}) |> json_response_and_validate_schema(200) assert [%{"id" => ^reblog_id}] = @@ -731,6 +735,35 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> json_response(200) end + test "following with reblogs" do + %{conn: conn} = oauth_access(["follow", "read:statuses"]) + followed = insert(:user) + other_user = insert(:user) + + ret_conn = post(conn, "/api/v1/accounts/#{followed.id}/follow") + + assert %{"showing_reblogs" => true} = json_response_and_validate_schema(ret_conn, 200) + + {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"}) + {:ok, %{id: reblog_id}} = CommonAPI.repeat(activity.id, followed) + + assert [%{"id" => ^reblog_id}] = + conn + |> get("/api/v1/timelines/home") + |> json_response(200) + + assert %{"showing_reblogs" => false} = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts/#{followed.id}/follow", %{reblogs: false}) + |> json_response_and_validate_schema(200) + + assert [] == + conn + |> get("/api/v1/timelines/home") + |> json_response(200) + end + test "following / unfollowing errors", %{user: user, conn: conn} do # self follow conn_res = post(conn, "/api/v1/accounts/#{user.id}/follow") -- cgit v1.2.3 From 5ddf0415c4fd6021422eb38b4625c01ad27582c5 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Tue, 14 Jul 2020 00:22:12 -0500 Subject: Accept `reason` in POST /api/v1/accounts and store in DB --- .../controllers/account_controller_test.exs | 70 ++++++++++++++++++++++ 1 file changed, 70 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 9c7b5e9b2..28d21371a 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -885,6 +885,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end setup do: clear_config([:instance, :account_activation_required]) + setup do: clear_config([:instance, :account_approval_required]) test "Account registration via Application", %{conn: conn} do conn = @@ -949,6 +950,75 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert token_from_db.user.confirmation_pending end + test "Account registration via app with account_approval_required", %{conn: conn} do + Pleroma.Config.put([:instance, :account_approval_required], true) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/apps", %{ + client_name: "client_name", + redirect_uris: "urn:ietf:wg:oauth:2.0:oob", + scopes: "read, write, follow" + }) + + assert %{ + "client_id" => client_id, + "client_secret" => client_secret, + "id" => _, + "name" => "client_name", + "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob", + "vapid_key" => _, + "website" => nil + } = json_response_and_validate_schema(conn, 200) + + conn = + post(conn, "/oauth/token", %{ + grant_type: "client_credentials", + client_id: client_id, + client_secret: client_secret + }) + + assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} = + json_response(conn, 200) + + assert token + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + assert refresh + assert scope == "read write follow" + + conn = + build_conn() + |> put_req_header("content-type", "multipart/form-data") + |> put_req_header("authorization", "Bearer " <> token) + |> post("/api/v1/accounts", %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + bio: "Test Bio", + agreement: true, + reason: "I'm a cool dude, bro" + }) + + %{ + "access_token" => token, + "created_at" => _created_at, + "scope" => ^scope, + "token_type" => "Bearer" + } = json_response_and_validate_schema(conn, 200) + + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + token_from_db = Repo.preload(token_from_db, :user) + assert token_from_db.user + + assert token_from_db.user.confirmation_pending + assert token_from_db.user.approval_pending + + assert token_from_db.user.registration_reason == "I'm a cool dude, bro" + end + test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do _user = insert(:user, email: "lain@example.org") app_token = insert(:oauth_token, user: nil) -- cgit v1.2.3 From 48f8b26c92880c0898daac3d691c61be0b891d0b Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Thu, 16 Jul 2020 21:39:10 -0500 Subject: OpenAPI: Add :id to follower/following endpoints, fixes #1958 --- .../controllers/account_controller_test.exs | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 9c7b5e9b2..c304487ea 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -583,6 +583,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/#{user.id}/followers?max_id=#{follower3_id}") |> json_response_and_validate_schema(200) + assert [%{"id" => ^follower2_id}, %{"id" => ^follower1_id}] = + conn + |> get( + "/api/v1/accounts/#{user.id}/followers?id=#{user.id}&limit=20&max_id=#{ + follower3_id + }" + ) + |> json_response_and_validate_schema(200) + res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?limit=1&max_id=#{follower3_id}") assert [%{"id" => ^follower2_id}] = json_response_and_validate_schema(res_conn, 200) @@ -654,6 +663,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert id2 == following2.id assert id1 == following1.id + res_conn = + get( + conn, + "/api/v1/accounts/#{user.id}/following?id=#{user.id}&limit=20&max_id=#{following3.id}" + ) + + assert [%{"id" => id2}, %{"id" => id1}] = json_response_and_validate_schema(res_conn, 200) + assert id2 == following2.id + assert id1 == following1.id + res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}") -- cgit v1.2.3 From f43518eb7433a6c50d635d6536c3fbe3a37ea82b Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Mon, 27 Jul 2020 19:19:14 -0500 Subject: Lint, fix test --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index e6b283aab..1ba5bc964 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1017,7 +1017,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do password: "PlzDontHackLain", bio: "Test Bio", agreement: true, - reason: "I'm a cool dude, bro" + reason: "I am a cool dude, bro" }) %{ @@ -1035,7 +1035,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert token_from_db.user.confirmation_pending assert token_from_db.user.approval_pending - assert token_from_db.user.registration_reason == "I'm a cool dude, bro" + assert token_from_db.user.registration_reason == "I am a cool dude, bro" end test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do -- cgit v1.2.3 From f688c8df82b955b50552b3198ddc153a716451c2 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Mon, 27 Jul 2020 20:36:31 -0500 Subject: Fix User.registration_reason HTML sanitizing issues --- test/web/mastodon_api/controllers/account_controller_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 1ba5bc964..e6b283aab 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -1017,7 +1017,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do password: "PlzDontHackLain", bio: "Test Bio", agreement: true, - reason: "I am a cool dude, bro" + reason: "I'm a cool dude, bro" }) %{ @@ -1035,7 +1035,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert token_from_db.user.confirmation_pending assert token_from_db.user.approval_pending - assert token_from_db.user.registration_reason == "I am a cool dude, bro" + assert token_from_db.user.registration_reason == "I'm a cool dude, bro" end test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do -- cgit v1.2.3 From c25c21dd22202fe0fc827ef57e5a69631fa35bf7 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 29 Jul 2020 11:47:03 +0200 Subject: AccountController: Don't explicitly ask to keep users unconfirmed. Confirmation is set in User.register_changeset based on the config settings. --- .../controllers/account_controller_test.exs | 68 +++++++++++++++++++++- 1 file changed, 65 insertions(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index c304487ea..a2332d2af 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -903,9 +903,73 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do [valid_params: valid_params] end - setup do: clear_config([:instance, :account_activation_required]) + test "Account registration via Application, no confirmation required", %{conn: conn} do + clear_config([:instance, :account_activation_required], false) + + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/apps", %{ + client_name: "client_name", + redirect_uris: "urn:ietf:wg:oauth:2.0:oob", + scopes: "read, write, follow" + }) + + assert %{ + "client_id" => client_id, + "client_secret" => client_secret, + "id" => _, + "name" => "client_name", + "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob", + "vapid_key" => _, + "website" => nil + } = json_response_and_validate_schema(conn, 200) + + conn = + post(conn, "/oauth/token", %{ + grant_type: "client_credentials", + client_id: client_id, + client_secret: client_secret + }) + + assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} = + json_response(conn, 200) + + assert token + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + assert refresh + assert scope == "read write follow" + + conn = + build_conn() + |> put_req_header("content-type", "multipart/form-data") + |> put_req_header("authorization", "Bearer " <> token) + |> post("/api/v1/accounts", %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + bio: "Test Bio", + agreement: true + }) + + %{ + "access_token" => token, + "created_at" => _created_at, + "scope" => ^scope, + "token_type" => "Bearer" + } = json_response_and_validate_schema(conn, 200) + + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + token_from_db = Repo.preload(token_from_db, :user) + assert token_from_db.user + refute token_from_db.user.confirmation_pending + end test "Account registration via Application", %{conn: conn} do + clear_config([:instance, :account_activation_required], true) + conn = conn |> put_req_header("content-type", "application/json") @@ -1188,8 +1252,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert token_from_db token_from_db = Repo.preload(token_from_db, :user) assert token_from_db.user - - assert token_from_db.user.confirmation_pending end conn = -- cgit v1.2.3 From 27b0a8b15542c645f70937a124ab8190cc399313 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 31 Jul 2020 14:13:38 +0300 Subject: [#1985] Prevented force login on registration if account approval and/or email confirmation needed. Refactored login code in OAuthController, reused in AccountController. Added tests. --- .../controllers/account_controller_test.exs | 73 +++++++++------------- 1 file changed, 30 insertions(+), 43 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 708f8b5b3..d390c3ce1 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -5,7 +5,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do use Pleroma.Web.ConnCase - alias Pleroma.Config alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub @@ -16,8 +15,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do import Pleroma.Factory describe "account fetching" do - setup do: clear_config([:instance, :limit_to_local_content]) - test "works by id" do %User{id: user_id} = insert(:user) @@ -42,7 +39,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "works by nickname for remote users" do - Config.put([:instance, :limit_to_local_content], false) + clear_config([:instance, :limit_to_local_content], false) user = insert(:user, nickname: "user@example.com", local: false) @@ -53,7 +50,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "respects limit_to_local_content == :all for remote user nicknames" do - Config.put([:instance, :limit_to_local_content], :all) + clear_config([:instance, :limit_to_local_content], :all) user = insert(:user, nickname: "user@example.com", local: false) @@ -63,7 +60,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do - Config.put([:instance, :limit_to_local_content], :unauthenticated) + clear_config([:instance, :limit_to_local_content], :unauthenticated) user = insert(:user, nickname: "user@example.com", local: false) reading_user = insert(:user) @@ -903,8 +900,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do [valid_params: valid_params] end - test "Account registration via Application, no confirmation required", %{conn: conn} do + test "registers and logs in without :account_activation_required / :account_approval_required", + %{conn: conn} do clear_config([:instance, :account_activation_required], false) + clear_config([:instance, :account_approval_required], false) conn = conn @@ -962,15 +961,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do token_from_db = Repo.get_by(Token, token: token) assert token_from_db - token_from_db = Repo.preload(token_from_db, :user) - assert token_from_db.user - refute token_from_db.user.confirmation_pending - end + user = Repo.preload(token_from_db, :user).user - setup do: clear_config([:instance, :account_approval_required]) + assert user + refute user.confirmation_pending + refute user.approval_pending + end - test "Account registration via Application", %{conn: conn} do + test "registers but does not log in with :account_activation_required", %{conn: conn} do clear_config([:instance, :account_activation_required], true) + clear_config([:instance, :account_approval_required], false) conn = conn @@ -1019,23 +1019,18 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do agreement: true }) - %{ - "access_token" => token, - "created_at" => _created_at, - "scope" => ^scope, - "token_type" => "Bearer" - } = json_response_and_validate_schema(conn, 200) - - token_from_db = Repo.get_by(Token, token: token) - assert token_from_db - token_from_db = Repo.preload(token_from_db, :user) - assert token_from_db.user + response = json_response_and_validate_schema(conn, 200) + assert %{"identifier" => "missing_confirmed_email"} = response + refute response["access_token"] + refute response["token_type"] - assert token_from_db.user.confirmation_pending + user = Repo.get_by(User, email: "lain@example.org") + assert user.confirmation_pending end - test "Account registration via app with account_approval_required", %{conn: conn} do - Pleroma.Config.put([:instance, :account_approval_required], true) + test "registers but does not log in with :account_approval_required", %{conn: conn} do + clear_config([:instance, :account_approval_required], true) + clear_config([:instance, :account_activation_required], false) conn = conn @@ -1085,21 +1080,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do reason: "I'm a cool dude, bro" }) - %{ - "access_token" => token, - "created_at" => _created_at, - "scope" => ^scope, - "token_type" => "Bearer" - } = json_response_and_validate_schema(conn, 200) - - token_from_db = Repo.get_by(Token, token: token) - assert token_from_db - token_from_db = Repo.preload(token_from_db, :user) - assert token_from_db.user + response = json_response_and_validate_schema(conn, 200) + assert %{"identifier" => "awaiting_approval"} = response + refute response["access_token"] + refute response["token_type"] - assert token_from_db.user.approval_pending + user = Repo.get_by(User, email: "lain@example.org") - assert token_from_db.user.registration_reason == "I'm a cool dude, bro" + assert user.approval_pending + assert user.registration_reason == "I'm a cool dude, bro" end test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do @@ -1153,11 +1142,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end) end - setup do: clear_config([:instance, :account_activation_required]) - test "returns bad_request if missing email params when :account_activation_required is enabled", %{conn: conn, valid_params: valid_params} do - Pleroma.Config.put([:instance, :account_activation_required], true) + clear_config([:instance, :account_activation_required], true) app_token = insert(:oauth_token, user: nil) -- cgit v1.2.3 From de3bdc63adac0141500bdc2692124cd104330bda Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 3 Aug 2020 15:00:14 +0200 Subject: AccountControllerTest: Add test for message returned. --- .../controllers/account_controller_test.exs | 29 ++++++++++++++++------ 1 file changed, 22 insertions(+), 7 deletions(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index d390c3ce1..2cb388655 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -940,17 +940,32 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert refresh assert scope == "read write follow" + clear_config([User, :email_blacklist], ["example.org"]) + + params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + bio: "Test Bio", + agreement: true + } + conn = build_conn() |> put_req_header("content-type", "multipart/form-data") |> put_req_header("authorization", "Bearer " <> token) - |> post("/api/v1/accounts", %{ - username: "lain", - email: "lain@example.org", - password: "PlzDontHackLain", - bio: "Test Bio", - agreement: true - }) + |> post("/api/v1/accounts", params) + + assert %{"error" => "{\"email\":[\"Email domain is blacklisted\"]}"} = + json_response_and_validate_schema(conn, 400) + + Pleroma.Config.put([User, :email_blacklist], []) + + conn = + build_conn() + |> put_req_header("content-type", "multipart/form-data") + |> put_req_header("authorization", "Bearer " <> token) + |> post("/api/v1/accounts", params) %{ "access_token" => token, -- cgit v1.2.3 From 058daf498f10e58221bd29a42799f52e56a800a9 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Mon, 3 Aug 2020 19:57:53 -0500 Subject: Email blacklist: Update response phrasing --- test/web/mastodon_api/controllers/account_controller_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 2cb388655..86e3ac3e7 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -956,7 +956,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("authorization", "Bearer " <> token) |> post("/api/v1/accounts", params) - assert %{"error" => "{\"email\":[\"Email domain is blacklisted\"]}"} = + assert %{"error" => "{\"credentials\":[\"Invalid credentials\"]}"} = json_response_and_validate_schema(conn, 400) Pleroma.Config.put([User, :email_blacklist], []) -- cgit v1.2.3 From 4f57e85ab9c80fb7cb51428cef978793ba22971c Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Mon, 3 Aug 2020 22:20:49 -0500 Subject: Email blacklist: Update phrasing again --- test/web/mastodon_api/controllers/account_controller_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/account_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index 86e3ac3e7..17a1e7d66 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -956,7 +956,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> put_req_header("authorization", "Bearer " <> token) |> post("/api/v1/accounts", params) - assert %{"error" => "{\"credentials\":[\"Invalid credentials\"]}"} = + assert %{"error" => "{\"email\":[\"Invalid email\"]}"} = json_response_and_validate_schema(conn, 400) Pleroma.Config.put([User, :email_blacklist], []) -- cgit v1.2.3