From fe15f0ba15d02809fa4c21fb646e65d06060f3bb Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 20 Mar 2020 13:04:37 +0300 Subject: restrict_unauthenticated setting --- .../controllers/timeline_controller_test.exs | 111 +++++++++++++++++++-- 1 file changed, 100 insertions(+), 11 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 2c03b0a75..a15c759d4 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -12,8 +12,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do alias Pleroma.User alias Pleroma.Web.CommonAPI - clear_config([:instance, :public]) - setup do mock(fn env -> apply(HttpRequestMock, :request, [env]) end) :ok @@ -80,15 +78,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do assert [%{"content" => "test"}] = json_response(conn, :ok) end - test "the public timeline when public is set to false", %{conn: conn} do - Config.put([:instance, :public], false) - - assert %{"error" => "This resource requires authentication."} == - conn - |> get("/api/v1/timelines/public", %{"local" => "False"}) - |> json_response(:forbidden) - end - test "the public timeline includes only public statuses for an authenticated user" do %{user: user, conn: conn} = oauth_access(["read:statuses"]) @@ -102,6 +91,106 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end end + defp local_and_remote_activities do + insert(:note_activity) + insert(:note_activity, local: false) + :ok + end + + describe "public with restrict unauthenticated timeline for local and federated timelines" do + setup do: local_and_remote_activities() + + clear_config([:restrict_unauthenticated, :timelines, :local]) do + Config.put([:restrict_unauthenticated, :timelines, :local], true) + end + + clear_config([:restrict_unauthenticated, :timelines, :federated]) do + Config.put([:restrict_unauthenticated, :timelines, :federated], true) + end + + test "if user is unauthenticated", %{conn: conn} do + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + + assert json_response(res_conn, :unauthorized) == %{ + "error" => "authorization required for timeline view" + } + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + + assert json_response(res_conn, :unauthorized) == %{ + "error" => "authorization required for timeline view" + } + end + + test "if user is authenticated" do + %{conn: conn} = oauth_access(["read:statuses"]) + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + assert length(json_response(res_conn, 200)) == 2 + end + end + + describe "public with restrict unauthenticated timeline for local" do + setup do: local_and_remote_activities() + + clear_config([:restrict_unauthenticated, :timelines, :local]) do + Config.put([:restrict_unauthenticated, :timelines, :local], true) + end + + test "if user is unauthenticated", %{conn: conn} do + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + + assert json_response(res_conn, :unauthorized) == %{ + "error" => "authorization required for timeline view" + } + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + assert length(json_response(res_conn, 200)) == 2 + end + + test "if user is authenticated", %{conn: _conn} do + %{conn: conn} = oauth_access(["read:statuses"]) + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + assert length(json_response(res_conn, 200)) == 2 + end + end + + describe "public with restrict unauthenticated timeline for remote" do + setup do: local_and_remote_activities() + + clear_config([:restrict_unauthenticated, :timelines, :federated]) do + Config.put([:restrict_unauthenticated, :timelines, :federated], true) + end + + test "if user is unauthenticated", %{conn: conn} do + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + + assert json_response(res_conn, :unauthorized) == %{ + "error" => "authorization required for timeline view" + } + end + + test "if user is authenticated", %{conn: _conn} do + %{conn: conn} = oauth_access(["read:statuses"]) + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + assert length(json_response(res_conn, 200)) == 2 + end + end + describe "direct" do test "direct timeline", %{conn: conn} do user_one = insert(:user) -- cgit v1.2.3 From 1c05f539aaea32fe993e5299e656aa44c322e8de Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 20 Mar 2020 18:33:00 +0300 Subject: Improved in-test `clear_config/n` applicability (setup / setup_all / in-test usage). --- .../controllers/timeline_controller_test.exs | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index a15c759d4..6fedb4223 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -100,13 +100,9 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "public with restrict unauthenticated timeline for local and federated timelines" do setup do: local_and_remote_activities() - clear_config([:restrict_unauthenticated, :timelines, :local]) do - Config.put([:restrict_unauthenticated, :timelines, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true) - clear_config([:restrict_unauthenticated, :timelines, :federated]) do - Config.put([:restrict_unauthenticated, :timelines, :federated], true) - end + setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true) test "if user is unauthenticated", %{conn: conn} do res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) @@ -136,9 +132,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "public with restrict unauthenticated timeline for local" do setup do: local_and_remote_activities() - clear_config([:restrict_unauthenticated, :timelines, :local]) do - Config.put([:restrict_unauthenticated, :timelines, :local], true) - end + setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true) test "if user is unauthenticated", %{conn: conn} do res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) @@ -165,9 +159,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "public with restrict unauthenticated timeline for remote" do setup do: local_and_remote_activities() - clear_config([:restrict_unauthenticated, :timelines, :federated]) do - Config.put([:restrict_unauthenticated, :timelines, :federated], true) - end + setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true) test "if user is unauthenticated", %{conn: conn} do res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) -- cgit v1.2.3 From eec1fcaf55bdcbc2d3aed4eaf044bb8ef6c4effa Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 23 Mar 2020 15:58:55 +0100 Subject: Home timeline tests: Add failing test for relationships --- .../controllers/timeline_controller_test.exs | 57 ++++++++++++++++++++-- 1 file changed, 53 insertions(+), 4 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 6fedb4223..47849fc48 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -21,9 +21,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do setup do: oauth_access(["read:statuses"]) test "the home timeline", %{user: user, conn: conn} do - following = insert(:user) + following = insert(:user, nickname: "followed") + third_user = insert(:user, nickname: "repeated") - {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"}) + {:ok, _activity} = CommonAPI.post(following, %{"status" => "post"}) + {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"}) + {:ok, _, _} = CommonAPI.repeat(activity.id, following) ret_conn = get(conn, "/api/v1/timelines/home") @@ -31,9 +34,55 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, _user} = User.follow(user, following) - conn = get(conn, "/api/v1/timelines/home") + ret_conn = get(conn, "/api/v1/timelines/home") - assert [%{"content" => "test"}] = json_response(conn, :ok) + assert [ + %{ + "reblog" => %{ + "content" => "repeated post", + "account" => %{ + "pleroma" => %{ + "relationship" => %{"following" => false, "followed_by" => false} + } + } + }, + "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + }, + %{ + "content" => "post", + "account" => %{ + "acct" => "followed", + "pleroma" => %{"relationship" => %{"following" => true}} + } + } + ] = json_response(ret_conn, :ok) + + {:ok, _user} = User.follow(third_user, user) + + ret_conn = get(conn, "/api/v1/timelines/home") + + assert [ + %{ + "reblog" => %{ + "content" => "repeated post", + "account" => %{ + "acct" => "repeated", + "pleroma" => %{ + # This part does not match correctly + "relationship" => %{"following" => false, "followed_by" => true} + } + } + }, + "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + }, + %{ + "content" => "post", + "account" => %{ + "acct" => "followed", + "pleroma" => %{"relationship" => %{"following" => true}} + } + } + ] = json_response(ret_conn, :ok) end test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do -- cgit v1.2.3 From 13cbb9f6ada8dcb15bb7ed12be4d88a18c5db7f7 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Tue, 24 Mar 2020 22:14:26 +0300 Subject: Implemented preloading of relationships with parent activities' actors for statuses/timeline rendering. Applied preloading for notifications rendering. Fixed announces rendering issue (preloading-related). --- test/web/mastodon_api/controllers/timeline_controller_test.exs | 1 - 1 file changed, 1 deletion(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 47849fc48..97b1c3e66 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -68,7 +68,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do "account" => %{ "acct" => "repeated", "pleroma" => %{ - # This part does not match correctly "relationship" => %{"following" => false, "followed_by" => true} } } -- cgit v1.2.3 From 2f2bd7fe72f474b7177c751a2dc3af716622ba91 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Wed, 1 Apr 2020 19:49:09 +0300 Subject: Ability to control the output of account/pleroma/relationship in statuses in order to improve the rendering performance. See `[:extensions, output_relationships_in_statuses_by_default]` setting and `with_relationships` param. --- .../controllers/timeline_controller_test.exs | 29 +++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 97b1c3e66..06efdc901 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -20,7 +20,30 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "home" do setup do: oauth_access(["read:statuses"]) + test "does NOT render account/pleroma/relationship if this is disabled by default", %{ + user: user, + conn: conn + } do + clear_config([:extensions, :output_relationships_in_statuses_by_default], false) + + other_user = insert(:user) + + {:ok, _} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"}) + + response = + conn + |> assign(:user, user) + |> get("/api/v1/timelines/home") + |> json_response(200) + + assert Enum.all?(response, fn n -> + get_in(n, ["account", "pleroma", "relationship"]) == %{} + end) + end + test "the home timeline", %{user: user, conn: conn} do + uri = "/api/v1/timelines/home?with_relationships=true" + following = insert(:user, nickname: "followed") third_user = insert(:user, nickname: "repeated") @@ -28,13 +51,13 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"}) {:ok, _, _} = CommonAPI.repeat(activity.id, following) - ret_conn = get(conn, "/api/v1/timelines/home") + ret_conn = get(conn, uri) assert Enum.empty?(json_response(ret_conn, :ok)) {:ok, _user} = User.follow(user, following) - ret_conn = get(conn, "/api/v1/timelines/home") + ret_conn = get(conn, uri) assert [ %{ @@ -59,7 +82,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, _user} = User.follow(third_user, user) - ret_conn = get(conn, "/api/v1/timelines/home") + ret_conn = get(conn, uri) assert [ %{ -- cgit v1.2.3 From d5cdc907e3fda14c2ce78ddbb124739441330ecc Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 1 May 2020 18:45:24 +0300 Subject: Restricted embedding of relationships where applicable (statuses / notifications / accounts rendering). Added support for :skip_notifications for accounts listing (index.json). Adjusted tests. --- .../controllers/timeline_controller_test.exs | 26 +++++++++++++++------- 1 file changed, 18 insertions(+), 8 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 06efdc901..b8bb83af7 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -20,12 +20,10 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "home" do setup do: oauth_access(["read:statuses"]) - test "does NOT render account/pleroma/relationship if this is disabled by default", %{ + test "does NOT render account/pleroma/relationship by default", %{ user: user, conn: conn } do - clear_config([:extensions, :output_relationships_in_statuses_by_default], false) - other_user = insert(:user) {:ok, _} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"}) @@ -41,7 +39,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end) end - test "the home timeline", %{user: user, conn: conn} do + test "embeds account relationships with `with_relationships=true`", %{user: user, conn: conn} do uri = "/api/v1/timelines/home?with_relationships=true" following = insert(:user, nickname: "followed") @@ -69,13 +67,19 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } } }, - "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + "account" => %{ + "pleroma" => %{ + "relationship" => %{"following" => true} + } + } }, %{ "content" => "post", "account" => %{ "acct" => "followed", - "pleroma" => %{"relationship" => %{"following" => true}} + "pleroma" => %{ + "relationship" => %{"following" => true} + } } } ] = json_response(ret_conn, :ok) @@ -95,13 +99,19 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } } }, - "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + "account" => %{ + "pleroma" => %{ + "relationship" => %{"following" => true} + } + } }, %{ "content" => "post", "account" => %{ "acct" => "followed", - "pleroma" => %{"relationship" => %{"following" => true}} + "pleroma" => %{ + "relationship" => %{"following" => true} + } } } ] = json_response(ret_conn, :ok) -- cgit v1.2.3 From 14a49a04837b0dc5a0d72dd7c5b4dfa482801e7c Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sat, 9 May 2020 18:05:44 +0300 Subject: [#2456] Dropped support for embedded `pleroma/account/relationship` in statuses and notifications. --- .../controllers/timeline_controller_test.exs | 80 +--------------------- 1 file changed, 1 insertion(+), 79 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index b8bb83af7..47541979d 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -20,7 +20,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "home" do setup do: oauth_access(["read:statuses"]) - test "does NOT render account/pleroma/relationship by default", %{ + test "does NOT embed account/pleroma/relationship in statuses", %{ user: user, conn: conn } do @@ -39,84 +39,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end) end - test "embeds account relationships with `with_relationships=true`", %{user: user, conn: conn} do - uri = "/api/v1/timelines/home?with_relationships=true" - - following = insert(:user, nickname: "followed") - third_user = insert(:user, nickname: "repeated") - - {:ok, _activity} = CommonAPI.post(following, %{"status" => "post"}) - {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"}) - {:ok, _, _} = CommonAPI.repeat(activity.id, following) - - ret_conn = get(conn, uri) - - assert Enum.empty?(json_response(ret_conn, :ok)) - - {:ok, _user} = User.follow(user, following) - - ret_conn = get(conn, uri) - - assert [ - %{ - "reblog" => %{ - "content" => "repeated post", - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => false, "followed_by" => false} - } - } - }, - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - }, - %{ - "content" => "post", - "account" => %{ - "acct" => "followed", - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - } - ] = json_response(ret_conn, :ok) - - {:ok, _user} = User.follow(third_user, user) - - ret_conn = get(conn, uri) - - assert [ - %{ - "reblog" => %{ - "content" => "repeated post", - "account" => %{ - "acct" => "repeated", - "pleroma" => %{ - "relationship" => %{"following" => false, "followed_by" => true} - } - } - }, - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - }, - %{ - "content" => "post", - "account" => %{ - "acct" => "followed", - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - } - ] = json_response(ret_conn, :ok) - end - test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) {:ok, direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) -- cgit v1.2.3 From 3bde0fa3f668d42c03ce83174325920551960de3 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 11 May 2020 15:24:59 +0400 Subject: Add OpenAPI spec for TimelineController --- .../controllers/timeline_controller_test.exs | 114 ++++++++++----------- 1 file changed, 57 insertions(+), 57 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 06efdc901..5e0d92f28 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -34,7 +34,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do conn |> assign(:user, user) |> get("/api/v1/timelines/home") - |> json_response(200) + |> json_response_and_validate_schema(200) assert Enum.all?(response, fn n -> get_in(n, ["account", "pleroma", "relationship"]) == %{} @@ -42,7 +42,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end test "the home timeline", %{user: user, conn: conn} do - uri = "/api/v1/timelines/home?with_relationships=true" + uri = "/api/v1/timelines/home?with_relationships=1" following = insert(:user, nickname: "followed") third_user = insert(:user, nickname: "repeated") @@ -53,7 +53,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do ret_conn = get(conn, uri) - assert Enum.empty?(json_response(ret_conn, :ok)) + assert Enum.empty?(json_response_and_validate_schema(ret_conn, :ok)) {:ok, _user} = User.follow(user, following) @@ -78,7 +78,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do "pleroma" => %{"relationship" => %{"following" => true}} } } - ] = json_response(ret_conn, :ok) + ] = json_response_and_validate_schema(ret_conn, :ok) {:ok, _user} = User.follow(third_user, user) @@ -104,7 +104,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do "pleroma" => %{"relationship" => %{"following" => true}} } } - ] = json_response(ret_conn, :ok) + ] = json_response_and_validate_schema(ret_conn, :ok) end test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do @@ -117,9 +117,9 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, private_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "private"}) - conn = get(conn, "/api/v1/timelines/home", %{"exclude_visibilities" => ["direct"]}) + conn = get(conn, "/api/v1/timelines/home?exclude_visibilities[]=direct") - assert status_ids = json_response(conn, :ok) |> Enum.map(& &1["id"]) + assert status_ids = json_response_and_validate_schema(conn, :ok) |> Enum.map(& &1["id"]) assert public_activity.id in status_ids assert unlisted_activity.id in status_ids assert private_activity.id in status_ids @@ -136,17 +136,17 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do _activity = insert(:note_activity, local: false) - conn = get(conn, "/api/v1/timelines/public", %{"local" => "False"}) + conn = get(conn, "/api/v1/timelines/public?local=False") - assert length(json_response(conn, :ok)) == 2 + assert length(json_response_and_validate_schema(conn, :ok)) == 2 - conn = get(build_conn(), "/api/v1/timelines/public", %{"local" => "True"}) + conn = get(build_conn(), "/api/v1/timelines/public?local=True") - assert [%{"content" => "test"}] = json_response(conn, :ok) + assert [%{"content" => "test"}] = json_response_and_validate_schema(conn, :ok) - conn = get(build_conn(), "/api/v1/timelines/public", %{"local" => "1"}) + conn = get(build_conn(), "/api/v1/timelines/public?local=1") - assert [%{"content" => "test"}] = json_response(conn, :ok) + assert [%{"content" => "test"}] = json_response_and_validate_schema(conn, :ok) end test "the public timeline includes only public statuses for an authenticated user" do @@ -158,7 +158,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"}) res_conn = get(conn, "/api/v1/timelines/public") - assert length(json_response(res_conn, 200)) == 1 + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end end @@ -176,15 +176,15 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true) test "if user is unauthenticated", %{conn: conn} do - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + res_conn = get(conn, "/api/v1/timelines/public?local=true") - assert json_response(res_conn, :unauthorized) == %{ + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ "error" => "authorization required for timeline view" } - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + res_conn = get(conn, "/api/v1/timelines/public?local=false") - assert json_response(res_conn, :unauthorized) == %{ + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ "error" => "authorization required for timeline view" } end @@ -192,11 +192,11 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "if user is authenticated" do %{conn: conn} = oauth_access(["read:statuses"]) - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) - assert length(json_response(res_conn, 200)) == 1 + res_conn = get(conn, "/api/v1/timelines/public?local=true") + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) - assert length(json_response(res_conn, 200)) == 2 + res_conn = get(conn, "/api/v1/timelines/public?local=false") + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 end end @@ -206,24 +206,24 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true) test "if user is unauthenticated", %{conn: conn} do - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) + res_conn = get(conn, "/api/v1/timelines/public?local=true") - assert json_response(res_conn, :unauthorized) == %{ + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ "error" => "authorization required for timeline view" } - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) - assert length(json_response(res_conn, 200)) == 2 + res_conn = get(conn, "/api/v1/timelines/public?local=false") + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 end test "if user is authenticated", %{conn: _conn} do %{conn: conn} = oauth_access(["read:statuses"]) - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) - assert length(json_response(res_conn, 200)) == 1 + res_conn = get(conn, "/api/v1/timelines/public?local=true") + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) - assert length(json_response(res_conn, 200)) == 2 + res_conn = get(conn, "/api/v1/timelines/public?local=false") + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 end end @@ -233,12 +233,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true) test "if user is unauthenticated", %{conn: conn} do - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) - assert length(json_response(res_conn, 200)) == 1 + res_conn = get(conn, "/api/v1/timelines/public?local=true") + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) + res_conn = get(conn, "/api/v1/timelines/public?local=false") - assert json_response(res_conn, :unauthorized) == %{ + assert json_response_and_validate_schema(res_conn, :unauthorized) == %{ "error" => "authorization required for timeline view" } end @@ -246,11 +246,11 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "if user is authenticated", %{conn: _conn} do %{conn: conn} = oauth_access(["read:statuses"]) - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"}) - assert length(json_response(res_conn, 200)) == 1 + res_conn = get(conn, "/api/v1/timelines/public?local=true") + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 - res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"}) - assert length(json_response(res_conn, 200)) == 2 + res_conn = get(conn, "/api/v1/timelines/public?local=false") + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 end end @@ -281,7 +281,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do # Only direct should be visible here res_conn = get(conn_user_two, "api/v1/timelines/direct") - [status] = json_response(res_conn, :ok) + assert [status] = json_response_and_validate_schema(res_conn, :ok) assert %{"visibility" => "direct"} = status assert status["url"] != direct.data["id"] @@ -293,14 +293,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do |> assign(:token, insert(:oauth_token, user: user_one, scopes: ["read:statuses"])) |> get("api/v1/timelines/direct") - [status] = json_response(res_conn, :ok) + [status] = json_response_and_validate_schema(res_conn, :ok) assert %{"visibility" => "direct"} = status # Both should be visible here res_conn = get(conn_user_two, "api/v1/timelines/home") - [_s1, _s2] = json_response(res_conn, :ok) + [_s1, _s2] = json_response_and_validate_schema(res_conn, :ok) # Test pagination Enum.each(1..20, fn _ -> @@ -313,13 +313,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do res_conn = get(conn_user_two, "api/v1/timelines/direct") - statuses = json_response(res_conn, :ok) + statuses = json_response_and_validate_schema(res_conn, :ok) assert length(statuses) == 20 - res_conn = - get(conn_user_two, "api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]}) + max_id = List.last(statuses)["id"] + + res_conn = get(conn_user_two, "api/v1/timelines/direct?max_id=#{max_id}") - [status] = json_response(res_conn, :ok) + assert [status] = json_response_and_validate_schema(res_conn, :ok) assert status["url"] != direct.data["id"] end @@ -344,7 +345,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do res_conn = get(conn, "api/v1/timelines/direct") - [status] = json_response(res_conn, :ok) + [status] = json_response_and_validate_schema(res_conn, :ok) assert status["id"] == direct.id end end @@ -361,7 +362,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do conn = get(conn, "/api/v1/timelines/list/#{list.id}") - assert [%{"id" => id}] = json_response(conn, :ok) + assert [%{"id" => id}] = json_response_and_validate_schema(conn, :ok) assert id == to_string(activity_two.id) end @@ -384,7 +385,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do conn = get(conn, "/api/v1/timelines/list/#{list.id}") - assert [%{"id" => id}] = json_response(conn, :ok) + assert [%{"id" => id}] = json_response_and_validate_schema(conn, :ok) assert id == to_string(activity_one.id) end @@ -401,14 +402,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do nconn = get(conn, "/api/v1/timelines/tag/2hu") - assert [%{"id" => id}] = json_response(nconn, :ok) + assert [%{"id" => id}] = json_response_and_validate_schema(nconn, :ok) assert id == to_string(activity.id) # works for different capitalization too nconn = get(conn, "/api/v1/timelines/tag/2HU") - assert [%{"id" => id}] = json_response(nconn, :ok) + assert [%{"id" => id}] = json_response_and_validate_schema(nconn, :ok) assert id == to_string(activity.id) end @@ -420,22 +421,21 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"}) {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"}) - any_test = get(conn, "/api/v1/timelines/tag/test", %{"any" => ["test1"]}) + any_test = get(conn, "/api/v1/timelines/tag/test?any[]=test1") - [status_none, status_test1, status_test] = json_response(any_test, :ok) + [status_none, status_test1, status_test] = json_response_and_validate_schema(any_test, :ok) assert to_string(activity_test.id) == status_test["id"] assert to_string(activity_test1.id) == status_test1["id"] assert to_string(activity_none.id) == status_none["id"] - restricted_test = - get(conn, "/api/v1/timelines/tag/test", %{"all" => ["test1"], "none" => ["none"]}) + restricted_test = get(conn, "/api/v1/timelines/tag/test?all[]=test1&none[]=none") - assert [status_test1] == json_response(restricted_test, :ok) + assert [status_test1] == json_response_and_validate_schema(restricted_test, :ok) - all_test = get(conn, "/api/v1/timelines/tag/test", %{"all" => ["none"]}) + all_test = get(conn, "/api/v1/timelines/tag/test?all[]=none") - assert [status_none] == json_response(all_test, :ok) + assert [status_none] == json_response_and_validate_schema(all_test, :ok) end end end -- cgit v1.2.3 From 7803a85d2ced092fbd8e0f1bde0944bd27f8d649 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 12 May 2020 23:59:26 +0400 Subject: Add OpenAPI spec for StatusController --- .../controllers/timeline_controller_test.exs | 64 +++++++++++----------- 1 file changed, 31 insertions(+), 33 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 06efdc901..6d8f81b75 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -28,7 +28,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do other_user = insert(:user) - {:ok, _} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"}) + {:ok, _} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"}) response = conn @@ -47,8 +47,8 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do following = insert(:user, nickname: "followed") third_user = insert(:user, nickname: "repeated") - {:ok, _activity} = CommonAPI.post(following, %{"status" => "post"}) - {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"}) + {:ok, _activity} = CommonAPI.post(following, %{status: "post"}) + {:ok, activity} = CommonAPI.post(third_user, %{status: "repeated post"}) {:ok, _, _} = CommonAPI.repeat(activity.id, following) ret_conn = get(conn, uri) @@ -108,14 +108,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do - {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) - {:ok, direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) + {:ok, public_activity} = CommonAPI.post(user, %{status: ".", visibility: "public"}) + {:ok, direct_activity} = CommonAPI.post(user, %{status: ".", visibility: "direct"}) - {:ok, unlisted_activity} = - CommonAPI.post(user, %{"status" => ".", "visibility" => "unlisted"}) + {:ok, unlisted_activity} = CommonAPI.post(user, %{status: ".", visibility: "unlisted"}) - {:ok, private_activity} = - CommonAPI.post(user, %{"status" => ".", "visibility" => "private"}) + {:ok, private_activity} = CommonAPI.post(user, %{status: ".", visibility: "private"}) conn = get(conn, "/api/v1/timelines/home", %{"exclude_visibilities" => ["direct"]}) @@ -132,7 +130,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "the public timeline", %{conn: conn} do following = insert(:user) - {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"}) + {:ok, _activity} = CommonAPI.post(following, %{status: "test"}) _activity = insert(:note_activity, local: false) @@ -152,10 +150,10 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "the public timeline includes only public statuses for an authenticated user" do %{user: user, conn: conn} = oauth_access(["read:statuses"]) - {:ok, _activity} = CommonAPI.post(user, %{"status" => "test"}) - {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "private"}) - {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "unlisted"}) - {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"}) + {:ok, _activity} = CommonAPI.post(user, %{status: "test"}) + {:ok, _activity} = CommonAPI.post(user, %{status: "test", visibility: "private"}) + {:ok, _activity} = CommonAPI.post(user, %{status: "test", visibility: "unlisted"}) + {:ok, _activity} = CommonAPI.post(user, %{status: "test", visibility: "direct"}) res_conn = get(conn, "/api/v1/timelines/public") assert length(json_response(res_conn, 200)) == 1 @@ -263,14 +261,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, direct} = CommonAPI.post(user_one, %{ - "status" => "Hi @#{user_two.nickname}!", - "visibility" => "direct" + status: "Hi @#{user_two.nickname}!", + visibility: "direct" }) {:ok, _follower_only} = CommonAPI.post(user_one, %{ - "status" => "Hi @#{user_two.nickname}!", - "visibility" => "private" + status: "Hi @#{user_two.nickname}!", + visibility: "private" }) conn_user_two = @@ -306,8 +304,8 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do Enum.each(1..20, fn _ -> {:ok, _} = CommonAPI.post(user_one, %{ - "status" => "Hi @#{user_two.nickname}!", - "visibility" => "direct" + status: "Hi @#{user_two.nickname}!", + visibility: "direct" }) end) @@ -332,14 +330,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, _blocked_direct} = CommonAPI.post(blocked, %{ - "status" => "Hi @#{blocker.nickname}!", - "visibility" => "direct" + status: "Hi @#{blocker.nickname}!", + visibility: "direct" }) {:ok, direct} = CommonAPI.post(other_user, %{ - "status" => "Hi @#{blocker.nickname}!", - "visibility" => "direct" + status: "Hi @#{blocker.nickname}!", + visibility: "direct" }) res_conn = get(conn, "api/v1/timelines/direct") @@ -354,8 +352,8 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "list timeline", %{user: user, conn: conn} do other_user = insert(:user) - {:ok, _activity_one} = CommonAPI.post(user, %{"status" => "Marisa is cute."}) - {:ok, activity_two} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."}) + {:ok, _activity_one} = CommonAPI.post(user, %{status: "Marisa is cute."}) + {:ok, activity_two} = CommonAPI.post(other_user, %{status: "Marisa is cute."}) {:ok, list} = Pleroma.List.create("name", user) {:ok, list} = Pleroma.List.follow(list, other_user) @@ -371,12 +369,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do conn: conn } do other_user = insert(:user) - {:ok, activity_one} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."}) + {:ok, activity_one} = CommonAPI.post(other_user, %{status: "Marisa is cute."}) {:ok, _activity_two} = CommonAPI.post(other_user, %{ - "status" => "Marisa is cute.", - "visibility" => "private" + status: "Marisa is cute.", + visibility: "private" }) {:ok, list} = Pleroma.List.create("name", user) @@ -397,7 +395,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "hashtag timeline", %{conn: conn} do following = insert(:user) - {:ok, activity} = CommonAPI.post(following, %{"status" => "test #2hu"}) + {:ok, activity} = CommonAPI.post(following, %{status: "test #2hu"}) nconn = get(conn, "/api/v1/timelines/tag/2hu") @@ -416,9 +414,9 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do test "multi-hashtag timeline", %{conn: conn} do user = insert(:user) - {:ok, activity_test} = CommonAPI.post(user, %{"status" => "#test"}) - {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"}) - {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"}) + {:ok, activity_test} = CommonAPI.post(user, %{status: "#test"}) + {:ok, activity_test1} = CommonAPI.post(user, %{status: "#test #test1"}) + {:ok, activity_none} = CommonAPI.post(user, %{status: "#test #none"}) any_test = get(conn, "/api/v1/timelines/tag/test", %{"any" => ["test1"]}) -- cgit v1.2.3 From d4d4b92f758979fbc22cd56a9f30435df5c40ab6 Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 1 Jun 2020 13:17:56 +0200 Subject: TimelineController: Only return `Create` in public timelines. --- .../web/mastodon_api/controllers/timeline_controller_test.exs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 2375ac8e8..65b4079fe 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -60,9 +60,9 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "public" do @tag capture_log: true test "the public timeline", %{conn: conn} do - following = insert(:user) + user = insert(:user) - {:ok, _activity} = CommonAPI.post(following, %{status: "test"}) + {:ok, activity} = CommonAPI.post(user, %{status: "test"}) _activity = insert(:note_activity, local: false) @@ -77,6 +77,13 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do conn = get(build_conn(), "/api/v1/timelines/public?local=1") assert [%{"content" => "test"}] = json_response_and_validate_schema(conn, :ok) + + # does not contain repeats + {:ok, _} = CommonAPI.repeat(activity.id, user) + + conn = get(build_conn(), "/api/v1/timelines/public?local=true") + + assert [_] = json_response_and_validate_schema(conn, :ok) end test "the public timeline includes only public statuses for an authenticated user" do -- cgit v1.2.3 From 7e6ec778d965419ed4083428d4d39b2a689f7619 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Wed, 20 May 2020 17:45:06 +0300 Subject: exclude replies on blocked domains --- .../controllers/timeline_controller_test.exs | 68 ++++++++++++++++++++++ 1 file changed, 68 insertions(+) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 2375ac8e8..3474c0cf9 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -90,6 +90,74 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do res_conn = get(conn, "/api/v1/timelines/public") assert length(json_response_and_validate_schema(res_conn, 200)) == 1 end + + test "doesn't return replies if follower is posting with blocked user" do + %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) + [blockee, friend] = insert_list(2, :user) + {:ok, blocker} = User.follow(blocker, friend) + {:ok, _} = User.block(blocker, blockee) + + conn = assign(conn, :user, blocker) + + {:ok, %{id: activity_id} = activity} = CommonAPI.post(friend, %{status: "hey!"}) + + {:ok, reply_from_blockee} = + CommonAPI.post(blockee, %{status: "heya", in_reply_to_status_id: activity}) + + {:ok, _reply_from_friend} = + CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee}) + + res_conn = get(conn, "/api/v1/timelines/public") + [%{"id" => ^activity_id}] = json_response_and_validate_schema(res_conn, 200) + end + + # TODO: update after benchmarks + test "doesn't return replies if follow is posting with users from blocked domain" do + %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) + friend = insert(:user) + blockee = insert(:user, ap_id: "https://example.com/users/blocked") + {:ok, blocker} = User.follow(blocker, friend) + {:ok, blocker} = User.block_domain(blocker, "example.com") + + conn = assign(conn, :user, blocker) + + {:ok, %{id: activity_id} = activity} = CommonAPI.post(friend, %{status: "hey!"}) + + {:ok, reply_from_blockee} = + CommonAPI.post(blockee, %{status: "heya", in_reply_to_status_id: activity}) + + {:ok, _reply_from_friend} = + CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee}) + + res_conn = get(conn, "/api/v1/timelines/public?method=fun") + + activities = json_response_and_validate_schema(res_conn, 200) + [%{"id" => ^activity_id}] = activities + end + + # TODO: update after benchmarks + test "doesn't return replies if follow is posting with users from blocked domain with unnest param" do + %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) + friend = insert(:user) + blockee = insert(:user, ap_id: "https://example.com/users/blocked") + {:ok, blocker} = User.follow(blocker, friend) + {:ok, blocker} = User.block_domain(blocker, "example.com") + + conn = assign(conn, :user, blocker) + + {:ok, %{id: activity_id} = activity} = CommonAPI.post(friend, %{status: "hey!"}) + + {:ok, reply_from_blockee} = + CommonAPI.post(blockee, %{status: "heya", in_reply_to_status_id: activity}) + + {:ok, _reply_from_friend} = + CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee}) + + res_conn = get(conn, "/api/v1/timelines/public?method=unnest") + + activities = json_response_and_validate_schema(res_conn, 200) + [%{"id" => ^activity_id}] = activities + end end defp local_and_remote_activities do -- cgit v1.2.3 From 19f468c5bc230d6790b00aa87e509a07e709aaa7 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Tue, 2 Jun 2020 08:50:24 +0300 Subject: replies filtering for blocked domains --- .../controllers/timeline_controller_test.exs | 27 +--------------------- 1 file changed, 1 insertion(+), 26 deletions(-) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 3474c0cf9..2ad6828ad 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -111,7 +111,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do [%{"id" => ^activity_id}] = json_response_and_validate_schema(res_conn, 200) end - # TODO: update after benchmarks test "doesn't return replies if follow is posting with users from blocked domain" do %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) friend = insert(:user) @@ -129,31 +128,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do {:ok, _reply_from_friend} = CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee}) - res_conn = get(conn, "/api/v1/timelines/public?method=fun") - - activities = json_response_and_validate_schema(res_conn, 200) - [%{"id" => ^activity_id}] = activities - end - - # TODO: update after benchmarks - test "doesn't return replies if follow is posting with users from blocked domain with unnest param" do - %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) - friend = insert(:user) - blockee = insert(:user, ap_id: "https://example.com/users/blocked") - {:ok, blocker} = User.follow(blocker, friend) - {:ok, blocker} = User.block_domain(blocker, "example.com") - - conn = assign(conn, :user, blocker) - - {:ok, %{id: activity_id} = activity} = CommonAPI.post(friend, %{status: "hey!"}) - - {:ok, reply_from_blockee} = - CommonAPI.post(blockee, %{status: "heya", in_reply_to_status_id: activity}) - - {:ok, _reply_from_friend} = - CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee}) - - res_conn = get(conn, "/api/v1/timelines/public?method=unnest") + res_conn = get(conn, "/api/v1/timelines/public") activities = json_response_and_validate_schema(res_conn, 200) [%{"id" => ^activity_id}] = activities -- cgit v1.2.3 From 3e08e7715126ca1f3bfaf7dddf4806e76d9bd993 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Tue, 7 Jul 2020 20:37:11 +0300 Subject: [#1895] Made hashtag timeline respect `:restrict_unauthenticated` instance setting. --- .../controllers/timeline_controller_test.exs | 74 ++++++++++++++++++++++ 1 file changed, 74 insertions(+) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index f069390c1..50e0d783d 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -418,4 +418,78 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do assert [status_none] == json_response_and_validate_schema(all_test, :ok) end end + + describe "hashtag timeline handling of :restrict_unauthenticated setting" do + setup do + user = insert(:user) + {:ok, activity1} = CommonAPI.post(user, %{status: "test #tag1"}) + {:ok, _activity2} = CommonAPI.post(user, %{status: "test #tag1"}) + + activity1 + |> Ecto.Changeset.change(%{local: false}) + |> Pleroma.Repo.update() + + base_uri = "/api/v1/timelines/tag/tag1" + error_response = %{"error" => "authorization required for timeline view"} + + %{base_uri: base_uri, error_response: error_response} + end + + defp ensure_authenticated_access(base_uri) do + %{conn: auth_conn} = oauth_access(["read:statuses"]) + + res_conn = get(auth_conn, "#{base_uri}?local=true") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(auth_conn, "#{base_uri}?local=false") + assert length(json_response(res_conn, 200)) == 2 + end + + test "with `%{local: true, federated: true}`, returns 403 for unauthenticated users", %{ + conn: conn, + base_uri: base_uri, + error_response: error_response + } do + clear_config([:restrict_unauthenticated, :timelines, :local], true) + clear_config([:restrict_unauthenticated, :timelines, :federated], true) + + for local <- [true, false] do + res_conn = get(conn, "#{base_uri}?local=#{local}") + + assert json_response(res_conn, :unauthorized) == error_response + end + + ensure_authenticated_access(base_uri) + end + + test "with `%{local: false, federated: true}`, forbids unauthenticated access to federated timeline", + %{conn: conn, base_uri: base_uri, error_response: error_response} do + clear_config([:restrict_unauthenticated, :timelines, :local], false) + clear_config([:restrict_unauthenticated, :timelines, :federated], true) + + res_conn = get(conn, "#{base_uri}?local=true") + assert length(json_response(res_conn, 200)) == 1 + + res_conn = get(conn, "#{base_uri}?local=false") + assert json_response(res_conn, :unauthorized) == error_response + + ensure_authenticated_access(base_uri) + end + + test "with `%{local: true, federated: false}`, forbids unauthenticated access to public timeline" <> + "(but not to local public activities which are delivered as part of federated timeline)", + %{conn: conn, base_uri: base_uri, error_response: error_response} do + clear_config([:restrict_unauthenticated, :timelines, :local], true) + clear_config([:restrict_unauthenticated, :timelines, :federated], false) + + res_conn = get(conn, "#{base_uri}?local=true") + assert json_response(res_conn, :unauthorized) == error_response + + # Note: local activities get delivered as part of federated timeline + res_conn = get(conn, "#{base_uri}?local=false") + assert length(json_response(res_conn, 200)) == 2 + + ensure_authenticated_access(base_uri) + end + end end -- cgit v1.2.3 From 60ac83a4c196233ed13c3da9ca296b0a4224e9a3 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sat, 15 Aug 2020 18:30:20 +0300 Subject: [#2046] Added test for pleroma/restrict_unauthenticated defaults on private instance. Updated docs and changelog. --- .../controllers/timeline_controller_test.exs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 50e0d783d..71bac99f7 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -445,6 +445,23 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do assert length(json_response(res_conn, 200)) == 2 end + test "with default settings on private instances, returns 403 for unauthenticated users", %{ + conn: conn, + base_uri: base_uri, + error_response: error_response + } do + clear_config([:instance, :public], false) + clear_config([:restrict_unauthenticated, :timelines]) + + for local <- [true, false] do + res_conn = get(conn, "#{base_uri}?local=#{local}") + + assert json_response(res_conn, :unauthorized) == error_response + end + + ensure_authenticated_access(base_uri) + end + test "with `%{local: true, federated: true}`, returns 403 for unauthenticated users", %{ conn: conn, base_uri: base_uri, -- cgit v1.2.3 From cfc99fe05c31d5e2140c35f3a2d223635dc07a2f Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 26 Aug 2020 15:37:30 +0200 Subject: TimelineController: Keys are atoms now. Closes #2078 Closes #2070 --- .../controllers/timeline_controller_test.exs | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'test/web/mastodon_api/controllers/timeline_controller_test.exs') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 71bac99f7..517cabcff 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -333,6 +333,46 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "list" do setup do: oauth_access(["read:lists"]) + test "does not contain retoots", %{user: user, conn: conn} do + other_user = insert(:user) + {:ok, activity_one} = CommonAPI.post(user, %{status: "Marisa is cute."}) + {:ok, activity_two} = CommonAPI.post(other_user, %{status: "Marisa is stupid."}) + {:ok, _} = CommonAPI.repeat(activity_one.id, other_user) + + {:ok, list} = Pleroma.List.create("name", user) + {:ok, list} = Pleroma.List.follow(list, other_user) + + conn = get(conn, "/api/v1/timelines/list/#{list.id}") + + assert [%{"id" => id}] = json_response_and_validate_schema(conn, :ok) + + assert id == to_string(activity_two.id) + end + + test "works with pagination", %{user: user, conn: conn} do + other_user = insert(:user) + {:ok, list} = Pleroma.List.create("name", user) + {:ok, list} = Pleroma.List.follow(list, other_user) + + Enum.each(1..30, fn i -> + CommonAPI.post(other_user, %{status: "post number #{i}"}) + end) + + res = + get(conn, "/api/v1/timelines/list/#{list.id}?limit=1") + |> json_response_and_validate_schema(:ok) + + assert length(res) == 1 + + [first] = res + + res = + get(conn, "/api/v1/timelines/list/#{list.id}?max_id=#{first["id"]}&limit=30") + |> json_response_and_validate_schema(:ok) + + assert length(res) == 29 + end + test "list timeline", %{user: user, conn: conn} do other_user = insert(:user) {:ok, _activity_one} = CommonAPI.post(user, %{status: "Marisa is cute."}) -- cgit v1.2.3