From 2c820e10b828ca2a00f94d09127d1234bf001d6b Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 26 Sep 2018 07:48:34 +0200 Subject: transmogrifier_test: incoming notices with tag not being an array (kroeg) --- test/web/activity_pub/transmogrifier_test.exs | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index afa25bb60..42ce701ca 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -121,6 +121,16 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do "

henlo from my Psion netBook

message sent from my Psion netBook

" end + test "it works for incoming notices with tag not being an array (kroeg)" do + data = File.read!("test/fixtures/https___puckipedia.com_1jjx-ob5r.json") |> Poison.decode!() + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["object"]["emoji"] == %{ + "icon_e_smile" => "https://puckipedia.com/forum/images/smilies/icon_e_smile.png" + } + end + test "it works for incoming follow requests" do user = insert(:user) -- cgit v1.2.3 From eebe33e86a064f8dff43663af634f101d25f88b3 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 26 Sep 2018 11:27:00 +0200 Subject: transmogrifier: Add support for array-less hashtags, add broken announce, harden get_actor --- test/web/activity_pub/transmogrifier_test.exs | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 42ce701ca..7b3c05caa 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -121,14 +121,30 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do "

henlo from my Psion netBook

message sent from my Psion netBook

" end + # Broken ;/ + # + # test "it works for incoming announces with actor being inlined (kroeg)" do + # data = File.read!("test/fixtures/kroeg-announce-with-inline-actor.json") |> Poison.decode!() + # + # {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + # + # assert data["object"]["actor"] == "https://puckipedia.com/" + # end + test "it works for incoming notices with tag not being an array (kroeg)" do - data = File.read!("test/fixtures/https___puckipedia.com_1jjx-ob5r.json") |> Poison.decode!() + data = File.read!("test/fixtures/kroeg-array-less-emoji.json") |> Poison.decode!() {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) assert data["object"]["emoji"] == %{ "icon_e_smile" => "https://puckipedia.com/forum/images/smilies/icon_e_smile.png" } + + data = File.read!("test/fixtures/kroeg-array-less-hashtag.json") |> Poison.decode!() + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert "test" in data["object"]["tag"] end test "it works for incoming follow requests" do -- cgit v1.2.3 From d830a243a34b1c41ac81f368bce565285bd89ab7 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 27 Sep 2018 07:14:15 +0000 Subject: transmogrifier: more robustly handle dereferencing pointer URIs --- test/web/activity_pub/transmogrifier_test.exs | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 7b3c05caa..6a6f2a44c 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -121,15 +121,13 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do "

henlo from my Psion netBook

message sent from my Psion netBook

" end - # Broken ;/ - # - # test "it works for incoming announces with actor being inlined (kroeg)" do - # data = File.read!("test/fixtures/kroeg-announce-with-inline-actor.json") |> Poison.decode!() - # - # {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) - # - # assert data["object"]["actor"] == "https://puckipedia.com/" - # end + test "it works for incoming announces with actor being inlined (kroeg)" do + data = File.read!("test/fixtures/kroeg-announce-with-inline-actor.json") |> Poison.decode!() + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "https://puckipedia.com/" + end test "it works for incoming notices with tag not being an array (kroeg)" do data = File.read!("test/fixtures/kroeg-array-less-emoji.json") |> Poison.decode!() -- cgit v1.2.3 From 82b57ebad1b5de0fc4614441e8838cbdb4fe32b3 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 27 Sep 2018 20:17:44 +0200 Subject: [Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields" --- test/web/twitter_api/views/user_view_test.exs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'test/web') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 50687f450..383d7d34c 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -88,7 +88,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "is_local" => true, "locked" => false, "default_scope" => "public", - "no_rich_text" => false + "no_rich_text" => false, + "fields" => [] } assert represented == UserView.render("show.json", %{user: user}) @@ -128,7 +129,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "is_local" => true, "locked" => false, "default_scope" => "public", - "no_rich_text" => false + "no_rich_text" => false, + "fields" => [] } assert represented == UserView.render("show.json", %{user: user, for: follower}) @@ -169,7 +171,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "is_local" => true, "locked" => false, "default_scope" => "public", - "no_rich_text" => false + "no_rich_text" => false, + "fields" => [] } assert represented == UserView.render("show.json", %{user: follower, for: user}) @@ -217,7 +220,8 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do "is_local" => true, "locked" => false, "default_scope" => "public", - "no_rich_text" => false + "no_rich_text" => false, + "fields" => [] } blocker = Repo.get(User, blocker.id) -- cgit v1.2.3 From a74daabfae5ed149942b5afc64982d3e2ca95b11 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Fri, 28 Sep 2018 11:17:33 +0200 Subject: [Pleroma.Web.TwitterAPI.UserViewTest]: Add test for mastodon-fields --- test/web/twitter_api/views/user_view_test.exs | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 383d7d34c..2deb22fb1 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -227,4 +227,30 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do blocker = Repo.get(User, blocker.id) assert represented == UserView.render("show.json", %{user: user, for: blocker}) end + + test "a user with mastodon fields" do + fields = [ + %{ + "name" => "Pronouns", + "value" => "she/her" + }, + %{ + "name" => "Website", + "value" => "https://example.org/" + } + ] + + user = + insert(:user, %{ + info: %{ + "source_data" => %{ + "attachment" => + Enum.map(fields, fn field -> Map.put(field, "type", "PropertyValue") end) + } + } + }) + + userview = UserView.render("show.json", %{user: user}) + assert userview["fields"] == fields + end end -- cgit v1.2.3 From b1be9415effadf81e557eddee3f60bdf0fa359af Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 2 Sep 2018 00:14:25 +0000 Subject: Revert "Merge branch 'revert-a26d5e6b' into 'develop'" This reverts commit d31bbb1cfe04ca6073a322bcf77239e7d4b79839, reversing changes made to 340ab3cb9068d444b77213e07beb8c2c3ca128b9. --- test/web/common_api/common_api_test.exs | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'test/web') diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index 2a2c40833..cd5aca961 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -21,4 +21,36 @@ defmodule Pleroma.Web.CommonAPI.Test do assert karjalanpiirakka["name"] == ":karjalanpiirakka:" end + + describe "posting" do + test "it filters out obviously bad tags when accepting a post as HTML" do + user = insert(:user) + + post = "

2hu

" + + {:ok, activity} = + CommonAPI.post(user, %{ + "status" => post, + "content_type" => "text/html" + }) + + content = activity.data["object"]["content"] + assert content == "

2hu

alert('xss')" + end + + test "it filters out obviously bad tags when accepting a post as Markdown" do + user = insert(:user) + + post = "

2hu

" + + {:ok, activity} = + CommonAPI.post(user, %{ + "status" => post, + "content_type" => "text/markdown" + }) + + content = activity.data["object"]["content"] + assert content == "

2hu

alert('xss')" + end + end end -- cgit v1.2.3 From 497814cbbb4baea91b2882fbddd5cd8d5ad6e170 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 5 Oct 2018 21:11:22 +0000 Subject: test: update test for new html scrub policy --- test/web/common_api/common_api_test.exs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'test/web') diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index cd5aca961..cd36e409c 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -26,7 +26,7 @@ defmodule Pleroma.Web.CommonAPI.Test do test "it filters out obviously bad tags when accepting a post as HTML" do user = insert(:user) - post = "

2hu

" + post = "

2hu

" {:ok, activity} = CommonAPI.post(user, %{ @@ -35,13 +35,13 @@ defmodule Pleroma.Web.CommonAPI.Test do }) content = activity.data["object"]["content"] - assert content == "

2hu

alert('xss')" + assert content == "

2hu

alert('xss')" end test "it filters out obviously bad tags when accepting a post as Markdown" do user = insert(:user) - post = "

2hu

" + post = "

2hu

" {:ok, activity} = CommonAPI.post(user, %{ @@ -50,7 +50,7 @@ defmodule Pleroma.Web.CommonAPI.Test do }) content = activity.data["object"]["content"] - assert content == "

2hu

alert('xss')" + assert content == "

2hu

alert('xss')" end end end -- cgit v1.2.3 From eacab0fb056ffc018b7e0abea27db7af435dc553 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 14 Oct 2018 01:45:11 +0200 Subject: Delete Tokens and Authorizations on password change Closes: https://git.pleroma.social/pleroma/pleroma/issues/320 --- test/web/oauth/authorization_test.exs | 22 ++++++++++++++++++++++ test/web/oauth/token_test.exs | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) (limited to 'test/web') diff --git a/test/web/oauth/authorization_test.exs b/test/web/oauth/authorization_test.exs index 4a9e2a3ac..98c7c4133 100644 --- a/test/web/oauth/authorization_test.exs +++ b/test/web/oauth/authorization_test.exs @@ -55,4 +55,26 @@ defmodule Pleroma.Web.OAuth.AuthorizationTest do assert {:error, "token expired"} == Authorization.use_token(expired_auth) end + + test "delete authorizations" do + {:ok, app} = + Repo.insert( + App.register_changeset(%App{}, %{ + client_name: "client", + scopes: "scope", + redirect_uris: "url" + }) + ) + + user = insert(:user) + + {:ok, auth} = Authorization.create_authorization(app, user) + {:ok, auth} = Authorization.use_token(auth) + + {auths, _} = Authorization.delete_user_authorizations(user) + + {_, invalid} = Authorization.use_token(auth) + + assert auth != invalid + end end diff --git a/test/web/oauth/token_test.exs b/test/web/oauth/token_test.exs index 58448949c..f926ff50b 100644 --- a/test/web/oauth/token_test.exs +++ b/test/web/oauth/token_test.exs @@ -29,4 +29,36 @@ defmodule Pleroma.Web.OAuth.TokenTest do auth = Repo.get(Authorization, auth.id) {:error, "already used"} = Token.exchange_token(app, auth) end + + test "deletes all tokens of a user" do + {:ok, app1} = + Repo.insert( + App.register_changeset(%App{}, %{ + client_name: "client1", + scopes: "scope", + redirect_uris: "url" + }) + ) + + {:ok, app2} = + Repo.insert( + App.register_changeset(%App{}, %{ + client_name: "client2", + scopes: "scope", + redirect_uris: "url" + }) + ) + + user = insert(:user) + + {:ok, auth1} = Authorization.create_authorization(app1, user) + {:ok, auth2} = Authorization.create_authorization(app2, user) + + {:ok, token1} = Token.exchange_token(app1, auth1) + {:ok, token2} = Token.exchange_token(app2, auth2) + + {tokens, _} = Token.delete_user_tokens(user) + + assert tokens == 2 + end end -- cgit v1.2.3 From 9563f3766d45e6c95fe50e371bc0048d9f4a2452 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 25 Oct 2018 03:03:44 +0000 Subject: tests: update for new in_reply_to_screen_name field --- test/web/twitter_api/representers/activity_representer_test.exs | 1 + test/web/twitter_api/views/activity_view_test.exs | 1 + 2 files changed, 2 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/representers/activity_representer_test.exs b/test/web/twitter_api/representers/activity_representer_test.exs index 894d20049..ae6f62ed0 100644 --- a/test/web/twitter_api/representers/activity_representer_test.exs +++ b/test/web/twitter_api/representers/activity_representer_test.exs @@ -139,6 +139,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenterTest do "is_post_verb" => true, "created_at" => "Tue May 24 13:26:08 +0000 2016", "in_reply_to_status_id" => 213_123, + "in_reply_to_screen_name" => nil, "statusnet_conversation_id" => convo_object.id, "attachments" => [ ObjectRepresenter.to_map(object) diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index b9a8efdad..3ab87d6fa 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -36,6 +36,7 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do "favorited" => false, "id" => activity.id, "in_reply_to_status_id" => nil, + "in_reply_to_screen_name" => nil, "is_local" => true, "is_post_verb" => true, "possibly_sensitive" => false, -- cgit v1.2.3 From 6cfba7db8de1cdb409243885724101500fa21e6d Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 25 Oct 2018 04:06:42 +0000 Subject: tests: twitterapi: add additional fields --- test/web/twitter_api/representers/activity_representer_test.exs | 3 +++ test/web/twitter_api/views/activity_view_test.exs | 3 +++ 2 files changed, 6 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/representers/activity_representer_test.exs b/test/web/twitter_api/representers/activity_representer_test.exs index ae6f62ed0..291fd5237 100644 --- a/test/web/twitter_api/representers/activity_representer_test.exs +++ b/test/web/twitter_api/representers/activity_representer_test.exs @@ -140,6 +140,9 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenterTest do "created_at" => "Tue May 24 13:26:08 +0000 2016", "in_reply_to_status_id" => 213_123, "in_reply_to_screen_name" => nil, + "in_reply_to_user_id" => nil, + "in_reply_to_profileurl" => nil, + "in_reply_to_ostatus_uri" => nil, "statusnet_conversation_id" => convo_object.id, "attachments" => [ ObjectRepresenter.to_map(object) diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs index 3ab87d6fa..5cef06f88 100644 --- a/test/web/twitter_api/views/activity_view_test.exs +++ b/test/web/twitter_api/views/activity_view_test.exs @@ -37,6 +37,9 @@ defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do "id" => activity.id, "in_reply_to_status_id" => nil, "in_reply_to_screen_name" => nil, + "in_reply_to_user_id" => nil, + "in_reply_to_profileurl" => nil, + "in_reply_to_ostatus_uri" => nil, "is_local" => true, "is_post_verb" => true, "possibly_sensitive" => false, -- cgit v1.2.3 From b1d1f9bc271d80f05b2f636e304775e6803c02f6 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 25 Oct 2018 05:24:17 +0000 Subject: tests: add test for user inbox --- .../activity_pub/activity_pub_controller_test.exs | 23 +++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 3ed7be402..e63cd6583 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -46,7 +46,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do end end - describe "/users/:nickname/inbox" do + describe "/inbox" do test "it inserts an incoming activity into the database", %{conn: conn} do data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!() @@ -62,6 +62,27 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do end end + describe "/users/:nickname/inbox" do + test "it inserts an incoming activity into the database", %{conn: conn} do + user = insert(:user) + + data = + File.read!("test/fixtures/mastodon-post-activity.json") + |> Poison.decode!() + |> Map.put("bcc", [user.ap_id]) + + conn = + conn + |> assign(:valid_signature, true) + |> put_req_header("content-type", "application/activity+json") + |> post("/users/#{user.nickname}/inbox", data) + + assert "ok" == json_response(conn, 200) + :timer.sleep(500) + assert Activity.get_by_ap_id(data["id"]) + end + end + describe "/users/:nickname/outbox" do test "it returns a note activity in a collection", %{conn: conn} do note_activity = insert(:note_activity) -- cgit v1.2.3 From 0d0c1dcf440707535afa852503e9afa049cd8374 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 26 Oct 2018 06:35:06 +0000 Subject: tests: add testsuite for broken thread filter --- test/web/activity_pub/activity_pub_test.exs | 36 +++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 1cf7d6bbc..14011a010 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -476,6 +476,42 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do end end + describe "timeline post-processing" do + test "it filters broken threads" do + user1 = insert(:user) + user2 = insert(:user) + user3 = insert(:user) + + {:ok, user1} = User.follow(user1, user3) + assert User.following?(user1, user3) + + {:ok, user2} = User.follow(user2, user3) + assert User.following?(user2, user3) + + {:ok, user3} = User.follow(user3, user2) + assert User.following?(user3, user2) + + {:ok, public_activity} = CommonAPI.post(user3, %{"status" => "hi 1"}) + + {:ok, private_activity_1} = CommonAPI.post(user3, %{"status" => "hi 2", "visibility" => "private"}) + {:ok, private_activity_2} = CommonAPI.post(user2, %{"status" => "hi 3", "visibility" => "private", "in_reply_to_status_id" => private_activity_1.id}) + {:ok, private_activity_3} = CommonAPI.post(user3, %{"status" => "hi 4", "visibility" => "private", "in_reply_to_status_id" => private_activity_2.id}) + + assert user1.following == [user3.ap_id <> "/followers", user1.ap_id] + + activities = + ActivityPub.fetch_activities([user1.ap_id | user1.following]) + + assert [public_activity, private_activity_1, private_activity_3] == activities + assert length(activities) == 3 + + activities = ActivityPub.contain_timeline(activities, user1) + + assert [public_activity, private_activity_1] == activities + assert length(activities) == 2 + end + end + test "it can fetch plume articles" do {:ok, object} = ActivityPub.fetch_object_from_id( -- cgit v1.2.3 From 2ac13061afe4c360bb98ba8f05bc540b2cf27e74 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 26 Oct 2018 06:37:00 +0000 Subject: testsuite: formatting --- test/web/activity_pub/activity_pub_test.exs | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 14011a010..35c381ac3 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -493,14 +493,26 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do {:ok, public_activity} = CommonAPI.post(user3, %{"status" => "hi 1"}) - {:ok, private_activity_1} = CommonAPI.post(user3, %{"status" => "hi 2", "visibility" => "private"}) - {:ok, private_activity_2} = CommonAPI.post(user2, %{"status" => "hi 3", "visibility" => "private", "in_reply_to_status_id" => private_activity_1.id}) - {:ok, private_activity_3} = CommonAPI.post(user3, %{"status" => "hi 4", "visibility" => "private", "in_reply_to_status_id" => private_activity_2.id}) + {:ok, private_activity_1} = + CommonAPI.post(user3, %{"status" => "hi 2", "visibility" => "private"}) + + {:ok, private_activity_2} = + CommonAPI.post(user2, %{ + "status" => "hi 3", + "visibility" => "private", + "in_reply_to_status_id" => private_activity_1.id + }) + + {:ok, private_activity_3} = + CommonAPI.post(user3, %{ + "status" => "hi 4", + "visibility" => "private", + "in_reply_to_status_id" => private_activity_2.id + }) assert user1.following == [user3.ap_id <> "/followers", user1.ap_id] - activities = - ActivityPub.fetch_activities([user1.ap_id | user1.following]) + activities = ActivityPub.fetch_activities([user1.ap_id | user1.following]) assert [public_activity, private_activity_1, private_activity_3] == activities assert length(activities) == 3 -- cgit v1.2.3 From 1e9ced5af478ba38c9e9d46140891a8f4473e02d Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 8 Sep 2018 14:02:38 +0200 Subject: Test Relay, switch to runtime configuration. --- .../activity_pub/activity_pub_controller_test.exs | 23 +++++++++++ test/web/activity_pub/relay_test.exs | 11 ++++++ test/web/federator_test.exs | 45 ++++++++++++++++++++++ 3 files changed, 79 insertions(+) create mode 100644 test/web/activity_pub/relay_test.exs (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index e63cd6583..5b46bbe76 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -4,6 +4,29 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do alias Pleroma.Web.ActivityPub.{UserView, ObjectView} alias Pleroma.{Repo, User} alias Pleroma.Activity + alias Pleroma.Config + + describe "/relay" do + test "with the relay active, it returns the relay user", %{conn: conn} do + Config.put([:instance, :allow_relay], true) + + res = + conn + |> get(activity_pub_path(conn, :relay)) + |> json_response(200) + + assert res["id"] =~ "/relay" + end + + test "with the relay disabled, it returns 404", %{conn: conn} do + Config.put([:instance, :allow_relay], false) + + res = + conn + |> get(activity_pub_path(conn, :relay)) + |> json_response(404) + end + end describe "/users/:nickname" do test "it returns a json representation of the user", %{conn: conn} do diff --git a/test/web/activity_pub/relay_test.exs b/test/web/activity_pub/relay_test.exs new file mode 100644 index 000000000..41d13e055 --- /dev/null +++ b/test/web/activity_pub/relay_test.exs @@ -0,0 +1,11 @@ +defmodule Pleroma.Web.ActivityPub.RelayTest do + use Pleroma.DataCase + + alias Pleroma.Web.ActivityPub.Relay + + test "gets an actor for the relay" do + user = Relay.get_actor() + + assert user.ap_id =~ "/relay" + end +end diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index 09533362a..966702935 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -1,6 +1,10 @@ defmodule Pleroma.Web.FederatorTest do alias Pleroma.Web.Federator + alias Pleroma.Web.CommonAPI + alias Pleroma.Config use Pleroma.DataCase + import Pleroma.Factory + import Mock test "enqueues an element according to priority" do queue = [%{item: 1, priority: 2}] @@ -17,4 +21,45 @@ defmodule Pleroma.Web.FederatorTest do assert {2, [%{item: 1, priority: 2}]} = Federator.queue_pop(queue) end + + describe "Publish an activity" do + setup do + user = insert(:user) + {:ok, activity} = CommonAPI.post(user, %{"status" => "HI"}) + + relay_mock = { + Pleroma.Web.ActivityPub.Relay, + [], + [publish: fn _activity -> send(self(), :relay_publish) end] + } + + %{activity: activity, relay_mock: relay_mock} + end + + test "with relays active, it publishes to the relay", %{ + activity: activity, + relay_mock: relay_mock + } do + Config.put([:instance, :allow_relay], true) + + with_mocks([relay_mock]) do + Federator.handle(:publish, activity) + end + + assert_received :relay_publish + end + + test "with relays deactivated, it does not publish to the relay", %{ + activity: activity, + relay_mock: relay_mock + } do + Config.put([:instance, :allow_relay], false) + + with_mocks([relay_mock]) do + Federator.handle(:publish, activity) + end + + refute_received :relay_publish + end + end end -- cgit v1.2.3 From 585b29337ce66eb2c574e71588db542044574609 Mon Sep 17 00:00:00 2001 From: Lee Starnes Date: Fri, 12 Oct 2018 00:19:43 -0500 Subject: Ensure filters have a filter_id --- test/web/mastodon_api/mastodon_api_controller_test.exs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'test/web') diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index e9deae64d..42a43f129 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -280,6 +280,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert response = json_response(conn, 200) assert response["phrase"] == filter.phrase assert response["context"] == filter.context + assert response["id"] != nil + assert response["id"] != "" end test "fetching a list of filters", %{conn: conn} do -- cgit v1.2.3 From c5f26f3ce2ef84a424a59498cc2d5e4ca9e1b525 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 1 Nov 2018 11:27:22 +0100 Subject: Test that prismo url-map transforms into a string --- test/web/activity_pub/transmogrifier_test.exs | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 6a6f2a44c..14b02eb71 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -145,6 +145,14 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do assert "test" in data["object"]["tag"] end + test "it works for incoming notices with url not being a string (prismo)" do + data = File.read!("test/fixtures/prismo-url-map.json") |> Poison.decode!() + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["object"]["url"] == "https://prismo.news/posts/83" + end + test "it works for incoming follow requests" do user = insert(:user) -- cgit v1.2.3 From 45ebc8dd9a27ae862aad1c8251a71b95a2c3be17 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 2 Nov 2018 17:33:51 +0100 Subject: Check for empty string in_reply_to ids. --- test/web/mastodon_api/mastodon_api_controller_test.exs | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'test/web') diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 42a43f129..938d556c7 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -198,6 +198,21 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do assert activity.data["object"]["inReplyToStatusId"] == replied_to.id end + test "posting a status with an invalid in_reply_to_id", %{conn: conn} do + user = insert(:user) + + conn = + conn + |> assign(:user, user) + |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""}) + + assert %{"content" => "xD", "id" => id} = json_response(conn, 200) + + activity = Repo.get(Activity, id) + + assert activity + end + test "verify_credentials", %{conn: conn} do user = insert(:user) -- cgit v1.2.3 From 7dfe611620fbcc45411345ee3e5c5cf7fb169f76 Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 3 Nov 2018 11:41:40 +0100 Subject: Test for case-insensitive mastodon hashtag timelines. --- test/web/mastodon_api/mastodon_api_controller_test.exs | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'test/web') diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 938d556c7..3f9324fcc 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -944,11 +944,20 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do {:ok, [_activity]} = OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873") - conn = + nconn = conn |> get("/api/v1/timelines/tag/2hu") - assert [%{"id" => id}] = json_response(conn, 200) + assert [%{"id" => id}] = json_response(nconn, 200) + + assert id == to_string(activity.id) + + # works for different capitalization too + nconn = + conn + |> get("/api/v1/timelines/tag/2HU") + + assert [%{"id" => id}] = json_response(nconn, 200) assert id == to_string(activity.id) end) -- cgit v1.2.3 From 81af7fd02d2ca0430e0470b78ad2384e5598fbe1 Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 3 Nov 2018 16:28:29 +0100 Subject: Test for null-content activities. --- test/web/mastodon_api/status_view_test.exs | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'test/web') diff --git a/test/web/mastodon_api/status_view_test.exs b/test/web/mastodon_api/status_view_test.exs index b9c019206..b29f13e20 100644 --- a/test/web/mastodon_api/status_view_test.exs +++ b/test/web/mastodon_api/status_view_test.exs @@ -7,6 +7,20 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do alias Pleroma.Web.CommonAPI import Pleroma.Factory + test "a note with null content" do + note = insert(:note_activity) + data = note.data + |> put_in(["object", "content"], nil) + note = note + |> Map.put(:data, data) + + user = User.get_cached_by_ap_id(note.data["actor"]) + + status = StatusView.render("status.json", %{activity: note}) + + assert status.content == "" + end + test "a note activity" do note = insert(:note_activity) user = User.get_cached_by_ap_id(note.data["actor"]) -- cgit v1.2.3 From 2fedd93931ad3430daa9a311cb0905dac71ee01d Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 3 Nov 2018 16:40:57 +0100 Subject: Fix formatting. --- test/web/mastodon_api/status_view_test.exs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'test/web') diff --git a/test/web/mastodon_api/status_view_test.exs b/test/web/mastodon_api/status_view_test.exs index b29f13e20..31554a07d 100644 --- a/test/web/mastodon_api/status_view_test.exs +++ b/test/web/mastodon_api/status_view_test.exs @@ -9,10 +9,14 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do test "a note with null content" do note = insert(:note_activity) - data = note.data - |> put_in(["object", "content"], nil) - note = note - |> Map.put(:data, data) + + data = + note.data + |> put_in(["object", "content"], nil) + + note = + note + |> Map.put(:data, data) user = User.get_cached_by_ap_id(note.data["actor"]) -- cgit v1.2.3 From 013f7ba8c1c4e6519cf30d192e3a41c6c96f8a63 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 6 Nov 2018 14:44:00 +0100 Subject: Add federating plug & public tests --- test/web/node_info_test.exs | 32 ++++++++++++++ test/web/plugs/federating_plug_test.exs | 33 ++++++++++++++ .../twitter_api/twitter_api_controller_test.exs | 50 ++++++++++++++++++++++ 3 files changed, 115 insertions(+) create mode 100644 test/web/plugs/federating_plug_test.exs (limited to 'test/web') diff --git a/test/web/node_info_test.exs b/test/web/node_info_test.exs index d48f40e47..a6376453c 100644 --- a/test/web/node_info_test.exs +++ b/test/web/node_info_test.exs @@ -14,4 +14,36 @@ defmodule Pleroma.Web.NodeInfoTest do assert user.ap_id in result["metadata"]["staffAccounts"] end + + test "returns 404 when federation is disabled" do + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:federating, false) + + Application.put_env(:pleroma, :instance, instance) + + conn + |> get("/.well-known/nodeinfo") + |> json_response(404) + + conn + |> get("/nodeinfo/2.0.json") + |> json_response(404) + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:federating, true) + + Application.put_env(:pleroma, :instance, instance) + end + + test "returns 200 when federation is enabled" do + conn + |> get("/.well-known/nodeinfo") + |> json_response(200) + + conn + |> get("/nodeinfo/2.0.json") + |> json_response(200) + end end diff --git a/test/web/plugs/federating_plug_test.exs b/test/web/plugs/federating_plug_test.exs new file mode 100644 index 000000000..1455a1c46 --- /dev/null +++ b/test/web/plugs/federating_plug_test.exs @@ -0,0 +1,33 @@ +defmodule Pleroma.Web.FederatingPlugTest do + use Pleroma.Web.ConnCase + + test "returns and halt the conn when federating is disabled" do + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:federating, false) + + Application.put_env(:pleroma, :instance, instance) + + conn = + build_conn() + |> Pleroma.Web.FederatingPlug.call(%{}) + + assert conn.status == 404 + assert conn.halted + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:federating, true) + + Application.put_env(:pleroma, :instance, instance) + end + + test "does nothing when federating is enabled" do + conn = + build_conn() + |> Pleroma.Web.FederatingPlug.call(%{}) + + refute conn.status + refute conn.halted + end +end diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 87bcdaf71..b64f416e3 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -100,6 +100,56 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do assert length(response) == 10 end + + test "returns 403 to unauthenticated request when the instance is not public" do + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:public, false) + + Application.put_env(:pleroma, :instance, instance) + + conn + |> get("/api/statuses/public_timeline.json") + |> json_response(403) + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:public, true) + + Application.put_env(:pleroma, :instance, instance) + end + + test "returns 200 to unauthenticated request when the instance is public" do + conn + |> get("/api/statuses/public_timeline.json") + |> json_response(200) + end + end + + describe "GET /statuses/public_and_external_timeline.json" do + test "returns 403 to unauthenticated request when the instance is not public" do + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:public, false) + + Application.put_env(:pleroma, :instance, instance) + + conn + |> get("/api/statuses/public_and_external_timeline.json") + |> json_response(403) + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:public, true) + + Application.put_env(:pleroma, :instance, instance) + end + + test "returns 200 to unauthenticated request when the instance is public" do + conn + |> get("/api/statuses/public_and_external_timeline.json") + |> json_response(200) + end end describe "GET /statuses/show/:id.json" do -- cgit v1.2.3 From 2bc924ba451b1a324663133632093914192cec2d Mon Sep 17 00:00:00 2001 From: href Date: Tue, 6 Nov 2018 11:34:34 +0100 Subject: Get rid of Pleroma.Config in favor of Application Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232 --- test/web/activity_pub/activity_pub_controller_test.exs | 16 ++++++++++++---- test/web/federator_test.exs | 15 +++++++++++---- 2 files changed, 23 insertions(+), 8 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 5b46bbe76..524ed9eaa 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -4,12 +4,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do alias Pleroma.Web.ActivityPub.{UserView, ObjectView} alias Pleroma.{Repo, User} alias Pleroma.Activity - alias Pleroma.Config describe "/relay" do test "with the relay active, it returns the relay user", %{conn: conn} do - Config.put([:instance, :allow_relay], true) - res = conn |> get(activity_pub_path(conn, :relay)) @@ -19,12 +16,23 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do end test "with the relay disabled, it returns 404", %{conn: conn} do - Config.put([:instance, :allow_relay], false) + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:allow_relay, false) + + Application.put_env(:pleroma, :instance, instance) res = conn |> get(activity_pub_path(conn, :relay)) |> json_response(404) + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:allow_relay, true) + + Application.put_env(:pleroma, :instance, instance) + end end diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index 966702935..88aef0d0f 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -1,7 +1,6 @@ defmodule Pleroma.Web.FederatorTest do alias Pleroma.Web.Federator alias Pleroma.Web.CommonAPI - alias Pleroma.Config use Pleroma.DataCase import Pleroma.Factory import Mock @@ -40,8 +39,6 @@ defmodule Pleroma.Web.FederatorTest do activity: activity, relay_mock: relay_mock } do - Config.put([:instance, :allow_relay], true) - with_mocks([relay_mock]) do Federator.handle(:publish, activity) end @@ -53,13 +50,23 @@ defmodule Pleroma.Web.FederatorTest do activity: activity, relay_mock: relay_mock } do - Config.put([:instance, :allow_relay], false) + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:allow_relay, false) + + Application.put_env(:pleroma, :instance, instance) with_mocks([relay_mock]) do Federator.handle(:publish, activity) end refute_received :relay_publish + + instance = + Application.get_env(:pleroma, :instance) + |> Keyword.put(:allow_relay, true) + + Application.put_env(:pleroma, :instance, instance) end end end -- cgit v1.2.3 From 36ca3c1b3ec814609d14815a672239a31b1e0ec5 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 6 Nov 2018 15:17:13 +0100 Subject: format --- test/web/activity_pub/activity_pub_controller_test.exs | 1 - 1 file changed, 1 deletion(-) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index 524ed9eaa..f22975f86 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -32,7 +32,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do |> Keyword.put(:allow_relay, true) Application.put_env(:pleroma, :instance, instance) - end end -- cgit v1.2.3 From 7d328c658da69ec236d10fa89d23f2a6886b3205 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 6 Nov 2018 16:00:48 +0100 Subject: Small wrapper module around Application.get_env/put_env Same API as the old Pleroma.Config --- test/web/activity_pub/activity_pub_controller_test.exs | 12 ++---------- test/web/federator_test.exs | 12 ++---------- 2 files changed, 4 insertions(+), 20 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs index f22975f86..1c24b348c 100644 --- a/test/web/activity_pub/activity_pub_controller_test.exs +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -16,22 +16,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do end test "with the relay disabled, it returns 404", %{conn: conn} do - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:allow_relay, false) - - Application.put_env(:pleroma, :instance, instance) + Pleroma.Config.put([:instance, :allow_relay], false) res = conn |> get(activity_pub_path(conn, :relay)) |> json_response(404) - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:allow_relay, true) - - Application.put_env(:pleroma, :instance, instance) + Pleroma.Config.put([:instance, :allow_relay], true) end end diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index 88aef0d0f..c709d1181 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -50,11 +50,7 @@ defmodule Pleroma.Web.FederatorTest do activity: activity, relay_mock: relay_mock } do - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:allow_relay, false) - - Application.put_env(:pleroma, :instance, instance) + Pleroma.Config.put([:instance, :allow_relay], false) with_mocks([relay_mock]) do Federator.handle(:publish, activity) @@ -62,11 +58,7 @@ defmodule Pleroma.Web.FederatorTest do refute_received :relay_publish - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:allow_relay, true) - - Application.put_env(:pleroma, :instance, instance) + Pleroma.Config.put([:instance, :allow_relay], true) end end end -- cgit v1.2.3 From d675b8a16f84728134b09340a78db9e77f87839c Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 6 Nov 2018 23:25:16 +0000 Subject: tests: add tests for twitterapi endpoint --- .../twitter_api/twitter_api_controller_test.exs | 50 ++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index b64f416e3..13480c21b 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -331,6 +331,56 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do end end + describe "POST /api/qvitter/statuses/notifications/read" do + setup [:valid_user] + + test "without valid credentials", %{conn: conn} do + conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567}) + assert json_response(conn, 403) == %{"error" => "Invalid credentials."} + end + + test "with credentials, without any params", %{conn: conn, user: current_user} do + conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/qvitter/statuses/notifications/read") + + assert json_response(conn, 400) == %{ + "error" => "You need to specify latest_id", + "request" => "/api/qvitter/statuses/notifications/read" + } + end + + test "with credentials, with params", %{conn: conn, user: current_user} do + other_user = insert(:user) + + {:ok, _activity} = + ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user}) + + response_conn = + conn + |> with_credentials(current_user.nickname, "test") + |> get("/api/qvitter/statuses/notifications.json") + + [notification] = response = json_response(response_conn, 200) + + assert length(response) == 1 + + assert notification["is_seen"] == 0 + + response_conn = + conn + |> with_credentials(current_user.nickname, "test") + |> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]}) + + [notification] = response = json_response(response_conn, 200) + + assert length(response) == 1 + + assert notification["is_seen"] == 1 + end + end + describe "GET /statuses/user_timeline.json" do setup [:valid_user] -- cgit v1.2.3 From 3b02fd9fb7a834771c0582bf5a113f04ec2d46e0 Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 8 Nov 2018 16:05:28 +0100 Subject: Small refactor. --- test/web/activity_pub/views/object_view_test.exs | 1 + 1 file changed, 1 insertion(+) (limited to 'test/web') diff --git a/test/web/activity_pub/views/object_view_test.exs b/test/web/activity_pub/views/object_view_test.exs index 6a1311be7..7e08dff5d 100644 --- a/test/web/activity_pub/views/object_view_test.exs +++ b/test/web/activity_pub/views/object_view_test.exs @@ -13,5 +13,6 @@ defmodule Pleroma.Web.ActivityPub.ObjectViewTest do assert result["to"] == note.data["to"] assert result["content"] == note.data["content"] assert result["type"] == "Note" + assert result["@context"] end end -- cgit v1.2.3 From 34bd411781c598386f35397eb0affe124390c066 Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 8 Nov 2018 16:39:38 +0100 Subject: Unify json ld header handling. --- test/web/activity_pub/transmogrifier_test.exs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 6a6f2a44c..07ff1deeb 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -695,7 +695,9 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"}) {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) - assert modified["@context"] == "https://www.w3.org/ns/activitystreams" + assert modified["@context"] == + Pleroma.Web.ActivityPub.Utils.make_json_ld_header()["@context"] + assert modified["object"]["conversation"] == modified["context"] end -- cgit v1.2.3 From 719a8a1f826972a43b80f100d3cbe65e75891366 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 8 Nov 2018 19:17:15 +0000 Subject: tests: flip testing to/cc for mentions --- test/web/twitter_api/twitter_api_test.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs index 6486540f8..8b9920bd9 100644 --- a/test/web/twitter_api/twitter_api_test.exs +++ b/test/web/twitter_api/twitter_api_test.exs @@ -48,7 +48,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do "https://www.w3.org/ns/activitystreams#Public" ) - assert Enum.member?(get_in(activity.data, ["cc"]), "shp") + assert Enum.member?(get_in(activity.data, ["to"]), "shp") assert activity.local == true assert %{"moominmamma" => "http://localhost:4001/finmoji/128px/moominmamma-128.png"} = -- cgit v1.2.3 From c9df0112155c066a6120675a8b5d974564e9ccb4 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 10 Nov 2018 10:39:42 +0000 Subject: tests: add tests for new OStatus.is_representable? function --- test/web/ostatus/ostatus_test.exs | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'test/web') diff --git a/test/web/ostatus/ostatus_test.exs b/test/web/ostatus/ostatus_test.exs index f095e41dd..f95da8b0a 100644 --- a/test/web/ostatus/ostatus_test.exs +++ b/test/web/ostatus/ostatus_test.exs @@ -456,4 +456,28 @@ defmodule Pleroma.Web.OStatusTest do "https://www.w3.org/ns/activitystreams#Public" ] end + + describe "is_representable?" do + test "Note objects are representable" do + note_activity = insert(:note_activity) + + assert OStatus.is_representable?(note_activity) + end + + test "Article objects are not representable" do + note_activity = insert(:note_activity) + + note_object = Object.normalize(note_activity.data["object"]) + + note_data = + note_object.data + |> Map.put("type", "Article") + + cs = Object.change(note_object, %{data: note_data}) + {:ok, article_object} = Repo.update(cs) + + # the underlying object is now an Article instead of a note, so this should fail + refute OStatus.is_representable?(note_activity) + end + end end -- cgit v1.2.3 From 69b8c0e299c9d4ec16bd056adf2fede326de7f69 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 10 Nov 2018 12:16:10 +0000 Subject: tests: add test for internal data stripping --- test/web/activity_pub/transmogrifier_test.exs | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 6e4820dbc..0278ef5d1 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -743,6 +743,39 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do assert modified["object"]["inReplyTo"] == "http://gs.example.org:4040/index.php/notice/29" end + + test "it strips internal hashtag data" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "#2hu"}) + + expected_tag = %{ + "href" => Pleroma.Web.Endpoint.url() <> "/tags/2hu", + "type" => "Hashtag", + "name" => "#2hu" + } + + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + + assert modified["object"]["tag"] == [expected_tag] + end + + test "it strips internal fields" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "#2hu :moominmamma:"}) + + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + + assert length(modified["object"]["tag"]) == 2 + + assert is_nil(modified["object"]["emoji"]) + assert is_nil(modified["object"]["likes"]) + assert is_nil(modified["object"]["like_count"]) + assert is_nil(modified["object"]["announcements"]) + assert is_nil(modified["object"]["announcement_count"]) + assert is_nil(modified["object"]["context_id"]) + end end describe "user upgrade" do -- cgit v1.2.3 From db78c72868358eed6c07ee43a5f1427d545c45ed Mon Sep 17 00:00:00 2001 From: scarlett Date: Mon, 12 Nov 2018 16:40:34 +0000 Subject: Twitter API: Add tests for nil names. --- test/web/twitter_api/views/user_view_test.exs | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/views/user_view_test.exs b/test/web/twitter_api/views/user_view_test.exs index 2deb22fb1..2c583c0d3 100644 --- a/test/web/twitter_api/views/user_view_test.exs +++ b/test/web/twitter_api/views/user_view_test.exs @@ -13,6 +13,13 @@ defmodule Pleroma.Web.TwitterAPI.UserViewTest do [user: user] end + test "A user with only a nickname", %{user: user} do + user = %{user | name: nil, nickname: "scarlett@catgirl.science"} + represented = UserView.render("show.json", %{user: user}) + assert represented["name"] == user.nickname + assert represented["name_html"] == user.nickname + end + test "A user with an avatar object", %{user: user} do image = "image" user = %{user | avatar: %{"url" => [%{"href" => image}]}} -- cgit v1.2.3 From 2cf40237ff44cdb04b20546ca51efb671270dbc2 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 13 Nov 2018 19:46:34 +0100 Subject: MastodonAPI: Add pagination to private messages. --- .../mastodon_api/mastodon_api_controller_test.exs | 26 ++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'test/web') diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 3f9324fcc..ad67cae6b 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -178,6 +178,32 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do |> get("api/v1/timelines/home") [_s1, _s2] = json_response(res_conn, 200) + + # Test pagination + Enum.each(1..20, fn _ -> + {:ok, _} = + CommonAPI.post(user_one, %{ + "status" => "Hi @#{user_two.nickname}!", + "visibility" => "direct" + }) + end) + + res_conn = + conn + |> assign(:user, user_two) + |> get("api/v1/timelines/direct") + + statuses = json_response(res_conn, 200) + assert length(statuses) == 20 + + res_conn = + conn + |> assign(:user, user_two) + |> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]}) + + [status] = json_response(res_conn, 200) + + assert status["url"] != direct.data["id"] end test "replying to a status", %{conn: conn} do -- cgit v1.2.3 From ea9a776d7beb32b157269652759b85cdc17fec32 Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 13 Nov 2018 20:08:50 +0100 Subject: TwitterApi: Add direct message endpoint --- .../twitter_api/twitter_api_controller_test.exs | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 13480c21b..788e3a6eb 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -271,6 +271,36 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do end end + describe "GET /statuses/dm_timeline.json" do + test "it show direct messages", %{conn: conn} do + user_one = insert(:user) + user_two = insert(:user) + + {:ok, user_two} = User.follow(user_two, user_one) + + {:ok, direct} = + CommonAPI.post(user_one, %{ + "status" => "Hi @#{user_two.nickname}!", + "visibility" => "direct" + }) + + {:ok, _follower_only} = + CommonAPI.post(user_one, %{ + "status" => "Hi @#{user_two.nickname}!", + "visibility" => "private" + }) + + # Only direct should be visible here + res_conn = + conn + |> assign(:user, user_two) + |> get("/api/statuses/dm_timeline.json") + + [status] = json_response(res_conn, 200) + assert status["id"] == direct.id + end + end + describe "GET /statuses/mentions.json" do setup [:valid_user] -- cgit v1.2.3 From 7b170cd6161166e153ad54856d5f1cf189f4e3ae Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 14 Nov 2018 20:33:23 +0100 Subject: Add Pleroma user search api for PleromaFE. --- test/web/twitter_api/twitter_api_controller_test.exs | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 788e3a6eb..07f9c7814 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1211,4 +1211,19 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do assert relationship["follows_you"] == false end end + + describe "GET /api/pleroma/search_user" do + test "it returns users, ordered by similarity", %{conn: conn} do + user = insert(:user, %{name: "eal"}) + user_two = insert(:user, %{name: "ean"}) + user_three = insert(:user, %{name: "ebn"}) + + resp = conn + |> get(twitter_api_search__path(conn, :search_user), query: "eal") + |> json_response(200) + + assert length(resp) == 3 + assert [user.id, user_two.id, user_three.id] == Enum.map(resp, fn (%{"id" => id}) -> id end) + end + end end -- cgit v1.2.3 From 27aa136aacb43084089234df59649bc81e53d63c Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 14 Nov 2018 20:41:12 +0100 Subject: Format. --- test/web/twitter_api/twitter_api_controller_test.exs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 07f9c7814..1d45d9437 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1218,12 +1218,13 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do user_two = insert(:user, %{name: "ean"}) user_three = insert(:user, %{name: "ebn"}) - resp = conn - |> get(twitter_api_search__path(conn, :search_user), query: "eal") - |> json_response(200) + resp = + conn + |> get(twitter_api_search__path(conn, :search_user), query: "eal") + |> json_response(200) assert length(resp) == 3 - assert [user.id, user_two.id, user_three.id] == Enum.map(resp, fn (%{"id" => id}) -> id end) + assert [user.id, user_two.id, user_three.id] == Enum.map(resp, fn %{"id" => id} -> id end) end end end -- cgit v1.2.3 From f87b315618cf55f5c0794ab0dfc5523bdce348ef Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 16 Nov 2018 19:47:36 +0100 Subject: TwitterAPI: Fix dm_timeline displaying only half of the conversation. --- test/web/twitter_api/twitter_api_controller_test.exs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'test/web') diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 1d45d9437..6bdcb4fd8 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -284,6 +284,12 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do "visibility" => "direct" }) + {:ok, direct_two} = + CommonAPI.post(user_two, %{ + "status" => "Hi @#{user_one.nickname}!", + "visibility" => "direct" + }) + {:ok, _follower_only} = CommonAPI.post(user_one, %{ "status" => "Hi @#{user_two.nickname}!", @@ -296,8 +302,9 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> assign(:user, user_two) |> get("/api/statuses/dm_timeline.json") - [status] = json_response(res_conn, 200) - assert status["id"] == direct.id + [status, status_two] = json_response(res_conn, 200) + assert status["id"] == direct_two.id + assert status_two["id"] == direct.id end end -- cgit v1.2.3 From 2ab8e287289d3b4d6458f6d9cc29c5d29dfcd102 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 18:11:31 +0000 Subject: transmogrifier tests: fix defective spoofing test --- test/web/activity_pub/transmogrifier_test.exs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 0278ef5d1..9250598f4 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -872,12 +872,10 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do end test "it rejects activities which reference objects with bogus origins" do - user = insert(:user, %{local: false}) - data = %{ "@context" => "https://www.w3.org/ns/activitystreams", - "id" => user.ap_id <> "/activities/1234", - "actor" => user.ap_id, + "id" => "https://mastodon.example.org/users/admin/activities/1234", + "actor" => "https://mastodon.example.org/users/admin", "to" => ["https://www.w3.org/ns/activitystreams#Public"], "object" => "https://info.pleroma.site/activity.json", "type" => "Announce" -- cgit v1.2.3 From d9cb081f0723881343b6dd71e1bb1b52b5492f2b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 18:12:11 +0000 Subject: tests: add additional spoofing tests --- test/web/activity_pub/transmogrifier_test.exs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 9250598f4..0ba969263 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -883,5 +883,22 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do :error = Transmogrifier.handle_incoming(data) end + + test "it rejects objects when the ID does not match the fetched URI" do + {:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity2.json") + end + + test "it rejects activities which reference objects by mismatched URI" do + data = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "id" => "http://mastodon.example.org/users/admin/activities/1234", + "actor" => "http://mastodon.example.org/users/admin", + "to" => ["https://www.w3.org/ns/activitystreams#Public"], + "object" => "https://info.pleroma.site/activity2.json", + "type" => "Announce" + } + + :error = Transmogrifier.handle_incoming(data) + end end end -- cgit v1.2.3 From 9c8adfb6efb0adf0638f91533ff1bc9f9df36668 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 18:16:55 +0000 Subject: test: fix more test defects --- test/web/activity_pub/transmogrifier_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 0ba969263..e5308d125 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -874,8 +874,8 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do test "it rejects activities which reference objects with bogus origins" do data = %{ "@context" => "https://www.w3.org/ns/activitystreams", - "id" => "https://mastodon.example.org/users/admin/activities/1234", - "actor" => "https://mastodon.example.org/users/admin", + "id" => "http://mastodon.example.org/users/admin/activities/1234", + "actor" => "http://mastodon.example.org/users/admin", "to" => ["https://www.w3.org/ns/activitystreams#Public"], "object" => "https://info.pleroma.site/activity.json", "type" => "Announce" -- cgit v1.2.3 From b483ae0a724a2b76e8c61f63a96d7867339dacb1 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 18:24:58 +0000 Subject: tests: add a second spoofing variant --- test/web/activity_pub/transmogrifier_test.exs | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index e5308d125..6320b5b6e 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -884,11 +884,11 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do :error = Transmogrifier.handle_incoming(data) end - test "it rejects objects when the ID does not match the fetched URI" do + test "it rejects objects when attributedTo is wrong (variant 1)" do {:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity2.json") end - test "it rejects activities which reference objects by mismatched URI" do + test "it rejects activities which reference objects that have an incorrect attribution (variant 1)" do data = %{ "@context" => "https://www.w3.org/ns/activitystreams", "id" => "http://mastodon.example.org/users/admin/activities/1234", @@ -900,5 +900,22 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do :error = Transmogrifier.handle_incoming(data) end + + test "it rejects objects when attributedTo is wrong (variant 2)" do + {:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity3.json") + end + + test "it rejects activities which reference objects that have an incorrect attribution (variant 2)" do + data = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "id" => "http://mastodon.example.org/users/admin/activities/1234", + "actor" => "http://mastodon.example.org/users/admin", + "to" => ["https://www.w3.org/ns/activitystreams#Public"], + "object" => "https://info.pleroma.site/activity3.json", + "type" => "Announce" + } + + :error = Transmogrifier.handle_incoming(data) + end end end -- cgit v1.2.3 From 1a940cb46e1fb06b391043ae2efa3ac0d3c49fe0 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 20:07:49 +0000 Subject: tests: add tests for contain_origin_from_id() --- test/web/activity_pub/transmogrifier_test.exs | 38 +++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 6320b5b6e..b8adf3b8a 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -918,4 +918,42 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do :error = Transmogrifier.handle_incoming(data) end end + + describe "general origin containment" do + test "contain_origin_from_id() catches obvious spoofing attempts" do + data = %{ + "id" => "http://example.com/~alyssa/activities/1234.json" + } + + :error = + Transmogrifier.contain_origin_from_id( + "http://example.org/~alyssa/activities/1234.json", + data + ) + end + + test "contain_origin_from_id() allows alternate IDs within the same origin domain" do + data = %{ + "id" => "http://example.com/~alyssa/activities/1234.json" + } + + :ok = + Transmogrifier.contain_origin_from_id( + "http://example.com/~alyssa/activities/1234", + data + ) + end + + test "contain_origin_from_id() allows matching IDs" do + data = %{ + "id" => "http://example.com/~alyssa/activities/1234.json" + } + + :ok = + Transmogrifier.contain_origin_from_id( + "http://example.com/~alyssa/activities/1234.json", + data + ) + end + end end -- cgit v1.2.3 From dc1d8e13b483d6e5df4ea6432aa3e37971bb3fb1 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 20:20:45 +0000 Subject: tests: add a testcase for user collision --- test/web/activity_pub/transmogrifier_test.exs | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index b8adf3b8a..f8a82dd5b 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -955,5 +955,17 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do data ) end + + test "users cannot be collided through fake direction spoofing attempts" do + user = + insert(:user, %{ + nickname: "rye@niu.moe", + local: false, + ap_id: "https://niu.moe/users/rye", + follower_address: User.ap_followers(%User{nickname: "rye@niu.moe"}) + }) + + {:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye") + end end end -- cgit v1.2.3 From 55640c4804d1fe1c39b155f8acd5f820425fb7f6 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 20:31:20 +0000 Subject: tests: add a test to verify the general fake direction protection works in all cases --- test/web/activity_pub/transmogrifier_test.exs | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index f8a82dd5b..9174d9b76 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -967,5 +967,12 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do {:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye") end + + test "all objects with fake directions are rejected by the object fetcher" do + {:error, _} = + ActivityPub.fetch_and_contain_remote_object_from_id( + "https://info.pleroma.site/activity4.json" + ) + end end end -- cgit v1.2.3 From b1a6e8d80d47efdea5110e9d86e080a16b5aeaa8 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 21:01:19 +0000 Subject: test: add sanity tests for federator handling of AP docs --- test/web/federator_test.exs | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'test/web') diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index c709d1181..1d48931b5 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -61,4 +61,42 @@ defmodule Pleroma.Web.FederatorTest do Pleroma.Config.put([:instance, :allow_relay], true) end end + + describe "Receive an activity" do + test "successfully processes incoming AP docs with correct origin" do + params = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "actor" => "http://mastodon.example.org/users/admin", + "type" => "Create", + "id" => "http://mastodon.example.org/users/admin/activities/1", + "object" => %{ + "type" => "Note", + "content" => "hi world!", + "id" => "http://mastodon.example.org/users/admin/objects/1", + "attributedTo" => "http://mastodon.example.org/users/admin", + }, + "to" => ["https://www.w3.org/ns/activitystreams#Public"] + } + + {:ok, _activity} = Federator.handle(:incoming_ap_doc, params) + end + + test "rejects incoming AP docs with incorrect origin" do + params = %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "actor" => "https://niu.moe/users/rye", + "type" => "Create", + "id" => "http://mastodon.example.org/users/admin/activities/1", + "object" => %{ + "type" => "Note", + "content" => "hi world!", + "id" => "http://mastodon.example.org/users/admin/objects/1", + "attributedTo" => "http://mastodon.example.org/users/admin", + }, + "to" => ["https://www.w3.org/ns/activitystreams#Public"] + } + + :error = Federator.handle(:incoming_ap_doc, params) + end + end end -- cgit v1.2.3 From 52681f7fd01c17876b03176cd82b299e6a342d56 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 17 Nov 2018 22:11:18 +0100 Subject: Web.AdminAPI.AdminAPIControllerTest: New Test --- test/web/admin_api/admin_api_controller_test.exs | 112 +++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 test/web/admin_api/admin_api_controller_test.exs (limited to 'test/web') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs new file mode 100644 index 000000000..fa0cb71bf --- /dev/null +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -0,0 +1,112 @@ +defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do + use Pleroma.Web.ConnCase + + alias Pleroma.{Repo, User} + + import Pleroma.Factory + import ExUnit.CaptureLog + + describe "/api/pleroma/admin/user" do + test "Delete" do + admin = insert(:user, info: %{"is_admin" => true}) + user = insert(:user) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}") + + assert json_response(conn, 200) == user.nickname + end + + test "Create" do + admin = insert(:user, info: %{"is_admin" => true}) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> post("/api/pleroma/admin/user", %{ + "nickname" => "lain", + "email" => "lain@example.org", + "password" => "test" + }) + + assert json_response(conn, 200) == "lain" + end + end + + describe "/api/pleroma/admin/permission_group" do + test "GET is giving user_info" do + admin = insert(:user, info: %{"is_admin" => true}) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> get("/api/pleroma/admin/permission_group/#{admin.nickname}") + + assert json_response(conn, 200) == admin.info + end + + test "/:right POST, can add to a permission group" do + admin = insert(:user, info: %{"is_admin" => true}) + user = insert(:user) + + user_info = + user.info + |> Map.put("is_admin", true) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + + assert json_response(conn, 200) == user_info + end + + test "/:right DELETE, can remove from a permission group" do + admin = insert(:user, info: %{"is_admin" => true}) + user = insert(:user, info: %{"is_admin" => true}) + + user_info = + user.info + |> Map.put("is_admin", false) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + + assert json_response(conn, 200) == user_info + end + end + + test "/api/pleroma/admin/invite_token" do + admin = insert(:user, info: %{"is_admin" => true}) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> get("/api/pleroma/admin/invite_token") + + assert conn.status == 200 + end + + test "/api/pleroma/admin/password_reset" do + admin = insert(:user, info: %{"is_admin" => true}) + user = insert(:user, info: %{"is_admin" => true}) + + conn = + build_conn() + |> assign(:user, admin) + |> put_req_header("accept", "application/json") + |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}") + + assert conn.status == 200 + end +end -- cgit v1.2.3 From dfcfb184b10428af8d37492e64f271c0275fc2c9 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 21:22:30 +0000 Subject: activitypub: transmogrifier: make deletes secure --- test/web/activity_pub/transmogrifier_test.exs | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs index 9174d9b76..829da0a65 100644 --- a/test/web/activity_pub/transmogrifier_test.exs +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -361,6 +361,26 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do refute Repo.get(Activity, activity.id) end + test "it fails for incoming deletes with spoofed origin" do + activity = insert(:note_activity) + + data = + File.read!("test/fixtures/mastodon-delete.json") + |> Poison.decode!() + + object = + data["object"] + |> Map.put("id", activity.data["object"]["id"]) + + data = + data + |> Map.put("object", object) + + :error = Transmogrifier.handle_incoming(data) + + assert Repo.get(Activity, activity.id) + end + test "it works for incoming unannounces with an existing notice" do user = insert(:user) {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"}) -- cgit v1.2.3 From e10f839e9b413a58dfa2c55f136862ec0f56e314 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 21:41:08 +0000 Subject: tests: federator: fix formatting --- test/web/federator_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test/web') diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index 1d48931b5..02e1ca76e 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -73,7 +73,7 @@ defmodule Pleroma.Web.FederatorTest do "type" => "Note", "content" => "hi world!", "id" => "http://mastodon.example.org/users/admin/objects/1", - "attributedTo" => "http://mastodon.example.org/users/admin", + "attributedTo" => "http://mastodon.example.org/users/admin" }, "to" => ["https://www.w3.org/ns/activitystreams#Public"] } @@ -91,7 +91,7 @@ defmodule Pleroma.Web.FederatorTest do "type" => "Note", "content" => "hi world!", "id" => "http://mastodon.example.org/users/admin/objects/1", - "attributedTo" => "http://mastodon.example.org/users/admin", + "attributedTo" => "http://mastodon.example.org/users/admin" }, "to" => ["https://www.w3.org/ns/activitystreams#Public"] } -- cgit v1.2.3 From 98795172a76db8d3331015461a021092c75cae5d Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 22:10:15 +0000 Subject: ostatus controller: respond with AS2 objects instead of activities to notice URIs --- test/web/ostatus/ostatus_controller_test.exs | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'test/web') diff --git a/test/web/ostatus/ostatus_controller_test.exs b/test/web/ostatus/ostatus_controller_test.exs index c23b175e8..371c835c0 100644 --- a/test/web/ostatus/ostatus_controller_test.exs +++ b/test/web/ostatus/ostatus_controller_test.exs @@ -2,6 +2,7 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do use Pleroma.Web.ConnCase import Pleroma.Factory alias Pleroma.{User, Repo} + alias Pleroma.Web.CommonAPI alias Pleroma.Web.OStatus.ActivityRepresenter test "decodes a salmon", %{conn: conn} do @@ -167,6 +168,32 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do assert json_response(conn, 200) end + test "only gets a notice in AS2 format for Create messages", %{conn: conn} do + note_activity = insert(:note_activity) + url = "/notice/#{note_activity.id}" + + conn = + conn + |> put_req_header("accept", "application/activity+json") + |> get(url) + + assert json_response(conn, 200) + + user = insert(:user) + + {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user) + url = "/notice/#{like_activity.id}" + + assert like_activity.data["type"] == "Like" + + conn = + build_conn() + |> put_req_header("accept", "application/activity+json") + |> get(url) + + assert response(conn, 404) + end + test "gets an activity in AS2 format", %{conn: conn} do note_activity = insert(:note_activity) [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"])) -- cgit v1.2.3 From f6be980f4faaef9408333fe59f0bb915dd087fd0 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 17 Nov 2018 22:29:08 +0000 Subject: activitypub: object view: avoid leaking private details --- test/web/activity_pub/views/object_view_test.exs | 40 ++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'test/web') diff --git a/test/web/activity_pub/views/object_view_test.exs b/test/web/activity_pub/views/object_view_test.exs index 7e08dff5d..d144a77fc 100644 --- a/test/web/activity_pub/views/object_view_test.exs +++ b/test/web/activity_pub/views/object_view_test.exs @@ -2,6 +2,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectViewTest do use Pleroma.DataCase import Pleroma.Factory + alias Pleroma.Web.CommonAPI alias Pleroma.Web.ActivityPub.ObjectView test "renders a note object" do @@ -15,4 +16,43 @@ defmodule Pleroma.Web.ActivityPub.ObjectViewTest do assert result["type"] == "Note" assert result["@context"] end + + test "renders a note activity" do + note = insert(:note_activity) + + result = ObjectView.render("object.json", %{object: note}) + + assert result["id"] == note.data["id"] + assert result["to"] == note.data["to"] + assert result["object"]["type"] == "Note" + assert result["object"]["content"] == note.data["object"]["content"] + assert result["type"] == "Create" + assert result["@context"] + end + + test "renders a like activity" do + note = insert(:note_activity) + user = insert(:user) + + {:ok, like_activity, _} = CommonAPI.favorite(note.id, user) + + result = ObjectView.render("object.json", %{object: like_activity}) + + assert result["id"] == like_activity.data["id"] + assert result["object"] == note.data["object"]["id"] + assert result["type"] == "Like" + end + + test "renders an announce activity" do + note = insert(:note_activity) + user = insert(:user) + + {:ok, announce_activity, _} = CommonAPI.repeat(note.id, user) + + result = ObjectView.render("object.json", %{object: announce_activity}) + + assert result["id"] == announce_activity.data["id"] + assert result["object"] == note.data["object"]["id"] + assert result["type"] == "Announce" + end end -- cgit v1.2.3 From 689b46efc87dd128fd7c26f0eaf8c514b8295b30 Mon Sep 17 00:00:00 2001 From: eal Date: Mon, 19 Nov 2018 18:08:41 +0200 Subject: RetryQueue: tiny refractor, add tests --- test/web/retry_queue_test.exs | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 test/web/retry_queue_test.exs (limited to 'test/web') diff --git a/test/web/retry_queue_test.exs b/test/web/retry_queue_test.exs new file mode 100644 index 000000000..ce2964993 --- /dev/null +++ b/test/web/retry_queue_test.exs @@ -0,0 +1,31 @@ +defmodule MockActivityPub do + def publish_one(ret) do + {ret, "success"} + end +end + +defmodule Pleroma.ActivityTest do + use Pleroma.DataCase + alias Pleroma.Web.Federator.RetryQueue + + @small_retry_count 0 + @hopeless_retry_count 10 + + test "failed posts are retried" do + {:retry, _timeout} = RetryQueue.get_retry_params(@small_retry_count) + + assert {:noreply, %{delivered: 1}} == + RetryQueue.handle_info({:send, :ok, MockActivityPub, @small_retry_count}, %{ + delivered: 0 + }) + end + + test "posts that have been tried too many times are dropped" do + {:drop, _timeout} = RetryQueue.get_retry_params(@hopeless_retry_count) + + assert {:noreply, %{dropped: 1}} == + RetryQueue.handle_cast({:maybe_enqueue, %{}, nil, @hopeless_retry_count}, %{ + dropped: 0 + }) + end +end -- cgit v1.2.3 From cc8952b45fc9c8d77f1d7c83674d4194b032c5fd Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 24 Nov 2018 08:47:35 +0100 Subject: Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket --- test/web/mastodon_api/mastodon_socket_test.exs | 33 ++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 test/web/mastodon_api/mastodon_socket_test.exs (limited to 'test/web') diff --git a/test/web/mastodon_api/mastodon_socket_test.exs b/test/web/mastodon_api/mastodon_socket_test.exs new file mode 100644 index 000000000..c7d71defc --- /dev/null +++ b/test/web/mastodon_api/mastodon_socket_test.exs @@ -0,0 +1,33 @@ +defmodule Pleroma.Web.MastodonApi.MastodonSocketTest do + use Pleroma.DataCase + + alias Pleroma.Web.MastodonApi.MastodonSocket + alias Pleroma.Web.{Streamer, CommonAPI} + alias Pleroma.User + + import Pleroma.Factory + + test "public is working when non-authenticated" do + user = insert(:user) + + task = + Task.async(fn -> + assert_receive {:text, _}, 4_000 + end) + + fake_socket = %{ + transport_pid: task.pid, + assigns: %{} + } + + topics = %{ + "public" => [fake_socket] + } + + {:ok, activity} = CommonAPI.post(user, %{"status" => "Test"}) + + Streamer.push_to_socket(topics, "public", activity) + + Task.await(task) + end +end -- cgit v1.2.3 From 87098d1676b4521f83804c19a94d34f0cd8a8109 Mon Sep 17 00:00:00 2001 From: KokaKiwi Date: Tue, 27 Nov 2018 01:14:43 +0100 Subject: Streamer: Don't send unwanted DMs to list streams --- test/web/streamer_test.exs | 109 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 108 insertions(+), 1 deletion(-) (limited to 'test/web') diff --git a/test/web/streamer_test.exs b/test/web/streamer_test.exs index 47d491d1b..df58441f0 100644 --- a/test/web/streamer_test.exs +++ b/test/web/streamer_test.exs @@ -2,7 +2,7 @@ defmodule Pleroma.Web.StreamerTest do use Pleroma.DataCase alias Pleroma.Web.Streamer - alias Pleroma.User + alias Pleroma.{List, User} alias Pleroma.Web.CommonAPI import Pleroma.Factory @@ -60,4 +60,111 @@ defmodule Pleroma.Web.StreamerTest do Task.await(task) end + + test "it doesn't send unwanted DMs to list" do + user_a = insert(:user) + user_b = insert(:user) + user_c = insert(:user) + + {:ok, user_a} = User.follow(user_a, user_b) + + {:ok, list} = List.create("Test", user_a) + {:ok, list} = List.follow(list, user_b) + + task = + Task.async(fn -> + refute_receive {:text, _}, 1_000 + end) + + fake_socket = %{ + transport_pid: task.pid, + assigns: %{ + user: user_a + } + } + + {:ok, activity} = + CommonAPI.post(user_b, %{ + "status" => "@#{user_c.nickname} Test", + "visibility" => "direct" + }) + + topics = %{ + "list:#{list.id}" => [fake_socket] + } + + Streamer.handle_cast(%{action: :stream, topic: "list", item: activity}, topics) + + Task.await(task) + end + + test "it doesn't send unwanted private posts to list" do + user_a = insert(:user) + user_b = insert(:user) + + {:ok, list} = List.create("Test", user_a) + {:ok, list} = List.follow(list, user_b) + + task = + Task.async(fn -> + refute_receive {:text, _}, 1_000 + end) + + fake_socket = %{ + transport_pid: task.pid, + assigns: %{ + user: user_a + } + } + + {:ok, activity} = + CommonAPI.post(user_b, %{ + "status" => "Test", + "visibility" => "private" + }) + + topics = %{ + "list:#{list.id}" => [fake_socket] + } + + Streamer.handle_cast(%{action: :stream, topic: "list", item: activity}, topics) + + Task.await(task) + end + + test "it send wanted private posts to list" do + user_a = insert(:user) + user_b = insert(:user) + + {:ok, user_a} = User.follow(user_a, user_b) + + {:ok, list} = List.create("Test", user_a) + {:ok, list} = List.follow(list, user_b) + + task = + Task.async(fn -> + assert_receive {:text, _}, 1_000 + end) + + fake_socket = %{ + transport_pid: task.pid, + assigns: %{ + user: user_a + } + } + + {:ok, activity} = + CommonAPI.post(user_b, %{ + "status" => "Test", + "visibility" => "private" + }) + + topics = %{ + "list:#{list.id}" => [fake_socket] + } + + Streamer.handle_cast(%{action: :stream, topic: "list", item: activity}, topics) + + Task.await(task) + end end -- cgit v1.2.3