From d5cdc907e3fda14c2ce78ddbb124739441330ecc Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Fri, 1 May 2020 18:45:24 +0300 Subject: Restricted embedding of relationships where applicable (statuses / notifications / accounts rendering). Added support for :skip_notifications for accounts listing (index.json). Adjusted tests. --- .../controllers/notification_controller_test.exs | 4 +--- .../controllers/status_controller_test.exs | 2 +- .../controllers/timeline_controller_test.exs | 26 +++++++++++++++------- .../mastodon_api/views/notification_view_test.exs | 25 +++++++++++++++------ test/web/mastodon_api/views/status_view_test.exs | 14 +++++------- 5 files changed, 43 insertions(+), 28 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/controllers/notification_controller_test.exs b/test/web/mastodon_api/controllers/notification_controller_test.exs index db380f76a..e2d98ef3e 100644 --- a/test/web/mastodon_api/controllers/notification_controller_test.exs +++ b/test/web/mastodon_api/controllers/notification_controller_test.exs @@ -12,9 +12,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationControllerTest do import Pleroma.Factory - test "does NOT render account/pleroma/relationship if this is disabled by default" do - clear_config([:extensions, :output_relationships_in_statuses_by_default], false) - + test "does NOT render account/pleroma/relationship by default" do %{user: user, conn: conn} = oauth_access(["read:notifications"]) other_user = insert(:user) diff --git a/test/web/mastodon_api/controllers/status_controller_test.exs b/test/web/mastodon_api/controllers/status_controller_test.exs index 85068edd0..00e026087 100644 --- a/test/web/mastodon_api/controllers/status_controller_test.exs +++ b/test/web/mastodon_api/controllers/status_controller_test.exs @@ -1058,7 +1058,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do end test "bookmarks" do - bookmarks_uri = "/api/v1/bookmarks?with_relationships=true" + bookmarks_uri = "/api/v1/bookmarks" %{conn: conn} = oauth_access(["write:bookmarks", "read:bookmarks"]) author = insert(:user) diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index 06efdc901..b8bb83af7 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -20,12 +20,10 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "home" do setup do: oauth_access(["read:statuses"]) - test "does NOT render account/pleroma/relationship if this is disabled by default", %{ + test "does NOT render account/pleroma/relationship by default", %{ user: user, conn: conn } do - clear_config([:extensions, :output_relationships_in_statuses_by_default], false) - other_user = insert(:user) {:ok, _} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"}) @@ -41,7 +39,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end) end - test "the home timeline", %{user: user, conn: conn} do + test "embeds account relationships with `with_relationships=true`", %{user: user, conn: conn} do uri = "/api/v1/timelines/home?with_relationships=true" following = insert(:user, nickname: "followed") @@ -69,13 +67,19 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } } }, - "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + "account" => %{ + "pleroma" => %{ + "relationship" => %{"following" => true} + } + } }, %{ "content" => "post", "account" => %{ "acct" => "followed", - "pleroma" => %{"relationship" => %{"following" => true}} + "pleroma" => %{ + "relationship" => %{"following" => true} + } } } ] = json_response(ret_conn, :ok) @@ -95,13 +99,19 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } } }, - "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}} + "account" => %{ + "pleroma" => %{ + "relationship" => %{"following" => true} + } + } }, %{ "content" => "post", "account" => %{ "acct" => "followed", - "pleroma" => %{"relationship" => %{"following" => true}} + "pleroma" => %{ + "relationship" => %{"following" => true} + } } } ] = json_response(ret_conn, :ok) diff --git a/test/web/mastodon_api/views/notification_view_test.exs b/test/web/mastodon_api/views/notification_view_test.exs index c3ec9dfec..e1f9c3ac4 100644 --- a/test/web/mastodon_api/views/notification_view_test.exs +++ b/test/web/mastodon_api/views/notification_view_test.exs @@ -42,7 +42,12 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "mention", - account: AccountView.render("show.json", %{user: user, for: mentioned_user}), + account: + AccountView.render("show.json", %{ + user: user, + for: mentioned_user, + skip_relationships: true + }), status: StatusView.render("show.json", %{activity: activity, for: mentioned_user}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -62,7 +67,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "favourite", - account: AccountView.render("show.json", %{user: another_user, for: user}), + account: + AccountView.render("show.json", %{user: another_user, for: user, skip_relationships: true}), status: StatusView.render("show.json", %{activity: create_activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -82,7 +88,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "reblog", - account: AccountView.render("show.json", %{user: another_user, for: user}), + account: + AccountView.render("show.json", %{user: another_user, for: user, skip_relationships: true}), status: StatusView.render("show.json", %{activity: reblog_activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -100,7 +107,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "follow", - account: AccountView.render("show.json", %{user: follower, for: followed}), + account: + AccountView.render("show.json", %{user: follower, for: followed, skip_relationships: true}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -143,8 +151,10 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "move", - account: AccountView.render("show.json", %{user: old_user, for: follower}), - target: AccountView.render("show.json", %{user: new_user, for: follower}), + account: + AccountView.render("show.json", %{user: old_user, for: follower, skip_relationships: true}), + target: + AccountView.render("show.json", %{user: new_user, for: follower, skip_relationships: true}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -169,7 +179,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do pleroma: %{is_seen: false}, type: "pleroma:emoji_reaction", emoji: "☕", - account: AccountView.render("show.json", %{user: other_user, for: user}), + account: + AccountView.render("show.json", %{user: other_user, for: user, skip_relationships: true}), status: StatusView.render("show.json", %{activity: activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs index 6791c2fb0..91d4ded2c 100644 --- a/test/web/mastodon_api/views/status_view_test.exs +++ b/test/web/mastodon_api/views/status_view_test.exs @@ -555,7 +555,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do end end - test "embeds a relationship in the account" do + test "does not embed a relationship in the account" do user = insert(:user) other_user = insert(:user) @@ -566,11 +566,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do result = StatusView.render("show.json", %{activity: activity, for: other_user}) - assert result[:account][:pleroma][:relationship] == - AccountView.render("relationship.json", %{user: other_user, target: user}) + assert result[:account][:pleroma][:relationship] == %{} end - test "embeds a relationship in the account in reposts" do + test "does not embed a relationship in the account in reposts" do user = insert(:user) other_user = insert(:user) @@ -583,11 +582,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do result = StatusView.render("show.json", %{activity: activity, for: user}) - assert result[:account][:pleroma][:relationship] == - AccountView.render("relationship.json", %{user: user, target: other_user}) - - assert result[:reblog][:account][:pleroma][:relationship] == - AccountView.render("relationship.json", %{user: user, target: user}) + assert result[:account][:pleroma][:relationship] == %{} + assert result[:reblog][:account][:pleroma][:relationship] == %{} end test "visibility/list" do -- cgit v1.2.3 From 14a49a04837b0dc5a0d72dd7c5b4dfa482801e7c Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sat, 9 May 2020 18:05:44 +0300 Subject: [#2456] Dropped support for embedded `pleroma/account/relationship` in statuses and notifications. --- .../controllers/timeline_controller_test.exs | 80 +--------------------- 1 file changed, 1 insertion(+), 79 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs index b8bb83af7..47541979d 100644 --- a/test/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs @@ -20,7 +20,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do describe "home" do setup do: oauth_access(["read:statuses"]) - test "does NOT render account/pleroma/relationship by default", %{ + test "does NOT embed account/pleroma/relationship in statuses", %{ user: user, conn: conn } do @@ -39,84 +39,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do end) end - test "embeds account relationships with `with_relationships=true`", %{user: user, conn: conn} do - uri = "/api/v1/timelines/home?with_relationships=true" - - following = insert(:user, nickname: "followed") - third_user = insert(:user, nickname: "repeated") - - {:ok, _activity} = CommonAPI.post(following, %{"status" => "post"}) - {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"}) - {:ok, _, _} = CommonAPI.repeat(activity.id, following) - - ret_conn = get(conn, uri) - - assert Enum.empty?(json_response(ret_conn, :ok)) - - {:ok, _user} = User.follow(user, following) - - ret_conn = get(conn, uri) - - assert [ - %{ - "reblog" => %{ - "content" => "repeated post", - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => false, "followed_by" => false} - } - } - }, - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - }, - %{ - "content" => "post", - "account" => %{ - "acct" => "followed", - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - } - ] = json_response(ret_conn, :ok) - - {:ok, _user} = User.follow(third_user, user) - - ret_conn = get(conn, uri) - - assert [ - %{ - "reblog" => %{ - "content" => "repeated post", - "account" => %{ - "acct" => "repeated", - "pleroma" => %{ - "relationship" => %{"following" => false, "followed_by" => true} - } - } - }, - "account" => %{ - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - }, - %{ - "content" => "post", - "account" => %{ - "acct" => "followed", - "pleroma" => %{ - "relationship" => %{"following" => true} - } - } - } - ] = json_response(ret_conn, :ok) - end - test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) {:ok, direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) -- cgit v1.2.3 From aee88d11be898921d79ad7f1481ab055190f4dfd Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sun, 10 May 2020 09:16:48 +0300 Subject: [#2456] Removed support for embedded relationships in account view. --- test/web/mastodon_api/views/account_view_test.exs | 76 ---------------------- .../mastodon_api/views/notification_view_test.exs | 21 ++---- 2 files changed, 7 insertions(+), 90 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/views/account_view_test.exs b/test/web/mastodon_api/views/account_view_test.exs index 5fb162141..3c1aeb6d5 100644 --- a/test/web/mastodon_api/views/account_view_test.exs +++ b/test/web/mastodon_api/views/account_view_test.exs @@ -295,82 +295,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do end end - test "represent an embedded relationship" do - user = - insert(:user, %{ - follower_count: 0, - note_count: 5, - actor_type: "Service", - nickname: "shp@shitposter.club", - inserted_at: ~N[2017-08-15 15:47:06.597036] - }) - - other_user = insert(:user) - {:ok, other_user} = User.follow(other_user, user) - {:ok, _user_relationship} = User.block(other_user, user) - {:ok, _} = User.follow(insert(:user), user) - - expected = %{ - id: to_string(user.id), - username: "shp", - acct: user.nickname, - display_name: user.name, - locked: false, - created_at: "2017-08-15T15:47:06.000Z", - followers_count: 1, - following_count: 0, - statuses_count: 5, - note: user.bio, - url: user.ap_id, - avatar: "http://localhost:4001/images/avi.png", - avatar_static: "http://localhost:4001/images/avi.png", - header: "http://localhost:4001/images/banner.png", - header_static: "http://localhost:4001/images/banner.png", - emojis: [], - fields: [], - bot: true, - source: %{ - note: user.bio, - sensitive: false, - pleroma: %{ - actor_type: "Service", - discoverable: false - }, - fields: [] - }, - pleroma: %{ - background_image: nil, - confirmation_pending: false, - tags: [], - is_admin: false, - is_moderator: false, - hide_favorites: true, - hide_followers: false, - hide_follows: false, - hide_followers_count: false, - hide_follows_count: false, - relationship: %{ - id: to_string(user.id), - following: false, - followed_by: false, - blocking: true, - blocked_by: false, - subscribing: false, - muting: false, - muting_notifications: false, - requested: false, - domain_blocking: false, - showing_reblogs: true, - endorsed: false - }, - skip_thread_containment: false - } - } - - assert expected == - AccountView.render("show.json", %{user: refresh_record(user), for: other_user}) - end - test "returns the settings store if the requesting user is the represented user and it's requested specifically" do user = insert(:user, pleroma_settings_store: %{fe: "test"}) diff --git a/test/web/mastodon_api/views/notification_view_test.exs b/test/web/mastodon_api/views/notification_view_test.exs index 61e6e3ae5..7cdba2fe0 100644 --- a/test/web/mastodon_api/views/notification_view_test.exs +++ b/test/web/mastodon_api/views/notification_view_test.exs @@ -45,8 +45,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do account: AccountView.render("show.json", %{ user: user, - for: mentioned_user, - skip_relationships: true + for: mentioned_user }), status: StatusView.render("show.json", %{activity: activity, for: mentioned_user}), created_at: Utils.to_masto_date(notification.inserted_at) @@ -67,8 +66,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "favourite", - account: - AccountView.render("show.json", %{user: another_user, for: user, skip_relationships: true}), + account: AccountView.render("show.json", %{user: another_user, for: user}), status: StatusView.render("show.json", %{activity: create_activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -88,8 +86,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "reblog", - account: - AccountView.render("show.json", %{user: another_user, for: user, skip_relationships: true}), + account: AccountView.render("show.json", %{user: another_user, for: user}), status: StatusView.render("show.json", %{activity: reblog_activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -107,8 +104,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "follow", - account: - AccountView.render("show.json", %{user: follower, for: followed, skip_relationships: true}), + account: AccountView.render("show.json", %{user: follower, for: followed}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -151,10 +147,8 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do id: to_string(notification.id), pleroma: %{is_seen: false}, type: "move", - account: - AccountView.render("show.json", %{user: old_user, for: follower, skip_relationships: true}), - target: - AccountView.render("show.json", %{user: new_user, for: follower, skip_relationships: true}), + account: AccountView.render("show.json", %{user: old_user, for: follower}), + target: AccountView.render("show.json", %{user: new_user, for: follower}), created_at: Utils.to_masto_date(notification.inserted_at) } @@ -179,8 +173,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do pleroma: %{is_seen: false}, type: "pleroma:emoji_reaction", emoji: "☕", - account: - AccountView.render("show.json", %{user: other_user, for: user, skip_relationships: true}), + account: AccountView.render("show.json", %{user: other_user, for: user}), status: StatusView.render("show.json", %{activity: activity, for: user}), created_at: Utils.to_masto_date(notification.inserted_at) } -- cgit v1.2.3 From 620247a015f6cd894a119bb5173a3da7e5913064 Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Tue, 12 May 2020 17:12:27 +0100 Subject: Add database configuration whitelist --- test/web/admin_api/admin_api_controller_test.exs | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'test') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 4697af50e..31e73d6a5 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2943,6 +2943,30 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do ] } end + + test "doesn't set keys not in the whitelist", %{conn: conn} do + clear_config(:database_config_whitelist, [ + {:pleroma, :key1}, + {:pleroma, :key2}, + {:pleroma, Pleroma.Captcha.NotReal} + ]) + + post(conn, "/api/pleroma/admin/config", %{ + configs: [ + %{group: ":pleroma", key: ":key1", value: "value1"}, + %{group: ":pleroma", key: ":key2", value: "value2"}, + %{group: ":pleroma", key: ":key3", value: "value3"}, + %{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"}, + %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"} + ] + }) + + assert Application.get_env(:pleroma, :key1) == "value1" + assert Application.get_env(:pleroma, :key2) == "value2" + assert Application.get_env(:pleroma, :key3) == nil + assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil + assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5" + end end describe "GET /api/pleroma/admin/restart" do -- cgit v1.2.3 From a2fcfc78c9dcf33081db47292d96ffa7c7709abb Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Tue, 12 May 2020 21:07:33 +0100 Subject: Filter config descriptions by config whitelist --- test/web/admin_api/admin_api_controller_test.exs | 51 +++++++++++++++++++----- 1 file changed, 41 insertions(+), 10 deletions(-) (limited to 'test') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 31e73d6a5..7d42a400c 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -3604,19 +3604,50 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end - test "GET /api/pleroma/admin/config/descriptions", %{conn: conn} do - admin = insert(:user, is_admin: true) + describe "GET /api/pleroma/admin/config/descriptions" do + test "structure", %{conn: conn} do + admin = insert(:user, is_admin: true) - conn = - assign(conn, :user, admin) - |> get("/api/pleroma/admin/config/descriptions") + conn = + assign(conn, :user, admin) + |> get("/api/pleroma/admin/config/descriptions") + + assert [child | _others] = json_response(conn, 200) - assert [child | _others] = json_response(conn, 200) + assert child["children"] + assert child["key"] + assert String.starts_with?(child["group"], ":") + assert child["description"] + end - assert child["children"] - assert child["key"] - assert String.starts_with?(child["group"], ":") - assert child["description"] + test "filters by database configuration whitelist", %{conn: conn} do + clear_config(:database_config_whitelist, [ + {:pleroma, :instance}, + {:pleroma, :activitypub}, + {:pleroma, Pleroma.Upload} + ]) + + admin = insert(:user, is_admin: true) + + conn = + assign(conn, :user, admin) + |> get("/api/pleroma/admin/config/descriptions") + + children = json_response(conn, 200) + + assert length(children) == 3 + + assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end) + + instance = Enum.find(children, fn c -> c["key"] == ":instance" end) + assert instance["children"] + + activitypub = Enum.find(children, fn c -> c["key"] == ":activitypub" end) + assert activitypub["children"] + + web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end) + assert web_endpoint["children"] + end end describe "/api/pleroma/admin/stats" do -- cgit v1.2.3 From 6802dc28ba10aa8120680c2c9610649316907f55 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 13 May 2020 19:06:25 +0400 Subject: Add OpenAPI spec for PleromaAPI.AccountController --- test/web/activity_pub/activity_pub_test.exs | 2 +- .../controllers/account_controller_test.exs | 107 ++++++++++++++------- 2 files changed, 75 insertions(+), 34 deletions(-) (limited to 'test') diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 56fde97e7..77bd07edf 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -951,7 +951,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do test "works with base64 encoded images" do file = %{ - "img" => data_uri() + img: data_uri() } {:ok, %Object{}} = ActivityPub.upload(file) diff --git a/test/web/pleroma_api/controllers/account_controller_test.exs b/test/web/pleroma_api/controllers/account_controller_test.exs index 34fc4aa23..103997c31 100644 --- a/test/web/pleroma_api/controllers/account_controller_test.exs +++ b/test/web/pleroma_api/controllers/account_controller_test.exs @@ -31,8 +31,28 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do test "resend account confirmation email", %{conn: conn, user: user} do conn + |> put_req_header("content-type", "application/json") |> post("/api/v1/pleroma/accounts/confirmation_resend?email=#{user.email}") - |> json_response(:no_content) + |> json_response_and_validate_schema(:no_content) + + ObanHelpers.perform_all() + + email = Pleroma.Emails.UserEmail.account_confirmation_email(user) + notify_email = Config.get([:instance, :notify_email]) + instance_name = Config.get([:instance, :name]) + + assert_email_sent( + from: {instance_name, notify_email}, + to: {user.name, user.email}, + html_body: email.html_body + ) + end + + test "resend account confirmation email (with nickname)", %{conn: conn, user: user} do + conn + |> put_req_header("content-type", "application/json") + |> post("/api/v1/pleroma/accounts/confirmation_resend?nickname=#{user.nickname}") + |> json_response_and_validate_schema(:no_content) ObanHelpers.perform_all() @@ -54,7 +74,10 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do test "user avatar can be set", %{user: user, conn: conn} do avatar_image = File.read!("test/fixtures/avatar_data_uri") - conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image}) user = refresh_record(user) @@ -70,17 +93,20 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do ] } = user.avatar - assert %{"url" => _} = json_response(conn, 200) + assert %{"url" => _} = json_response_and_validate_schema(conn, 200) end test "user avatar can be reset", %{user: user, conn: conn} do - conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: ""}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: ""}) user = User.get_cached_by_id(user.id) assert user.avatar == nil - assert %{"url" => nil} = json_response(conn, 200) + assert %{"url" => nil} = json_response_and_validate_schema(conn, 200) end end @@ -88,21 +114,27 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do setup do: oauth_access(["write:accounts"]) test "can set profile banner", %{user: user, conn: conn} do - conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => @image}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => @image}) user = refresh_record(user) assert user.banner["type"] == "Image" - assert %{"url" => _} = json_response(conn, 200) + assert %{"url" => _} = json_response_and_validate_schema(conn, 200) end test "can reset profile banner", %{user: user, conn: conn} do - conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => ""}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => ""}) user = refresh_record(user) assert user.banner == %{} - assert %{"url" => nil} = json_response(conn, 200) + assert %{"url" => nil} = json_response_and_validate_schema(conn, 200) end end @@ -110,19 +142,26 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do setup do: oauth_access(["write:accounts"]) test "background image can be set", %{user: user, conn: conn} do - conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => @image}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => @image}) user = refresh_record(user) assert user.background["type"] == "Image" - assert %{"url" => _} = json_response(conn, 200) + # assert %{"url" => _} = json_response(conn, 200) + assert %{"url" => _} = json_response_and_validate_schema(conn, 200) end test "background image can be reset", %{user: user, conn: conn} do - conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => ""}) + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => ""}) user = refresh_record(user) assert user.background == %{} - assert %{"url" => nil} = json_response(conn, 200) + assert %{"url" => nil} = json_response_and_validate_schema(conn, 200) end end @@ -143,7 +182,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = conn |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) [like] = response @@ -160,7 +199,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = build_conn() |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(200) + |> json_response_and_validate_schema(200) assert length(response) == 1 end @@ -183,7 +222,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do |> assign(:user, u) |> assign(:token, insert(:oauth_token, user: u, scopes: ["read:favourites"])) |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert length(response) == 1 end @@ -191,7 +230,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = build_conn() |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(200) + |> json_response_and_validate_schema(200) assert length(response) == 0 end @@ -213,7 +252,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = conn |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert Enum.empty?(response) end @@ -233,11 +272,12 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = conn - |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{ - since_id: third_activity.id, - max_id: seventh_activity.id - }) - |> json_response(:ok) + |> get( + "/api/v1/pleroma/accounts/#{user.id}/favourites?since_id=#{third_activity.id}&max_id=#{ + seventh_activity.id + }" + ) + |> json_response_and_validate_schema(:ok) assert length(response) == 3 refute third_activity in response @@ -256,8 +296,8 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = conn - |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{limit: "3"}) - |> json_response(:ok) + |> get("/api/v1/pleroma/accounts/#{user.id}/favourites?limit=3") + |> json_response_and_validate_schema(:ok) assert length(response) == 3 end @@ -269,7 +309,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do response = conn |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert Enum.empty?(response) end @@ -277,7 +317,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do test "returns 404 error when specified user is not exist", %{conn: conn} do conn = get(conn, "/api/v1/pleroma/accounts/test/favourites") - assert json_response(conn, 404) == %{"error" => "Record not found"} + assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"} end test "returns 403 error when user has hidden own favorites", %{conn: conn} do @@ -287,7 +327,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites") - assert json_response(conn, 403) == %{"error" => "Can't get favorites"} + assert json_response_and_validate_schema(conn, 403) == %{"error" => "Can't get favorites"} end test "hides favorites for new users by default", %{conn: conn} do @@ -298,7 +338,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do assert user.hide_favorites conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites") - assert json_response(conn, 403) == %{"error" => "Can't get favorites"} + assert json_response_and_validate_schema(conn, 403) == %{"error" => "Can't get favorites"} end end @@ -312,11 +352,12 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do |> assign(:user, user) |> post("/api/v1/pleroma/accounts/#{subscription_target.id}/subscribe") - assert %{"id" => _id, "subscribing" => true} = json_response(ret_conn, 200) + assert %{"id" => _id, "subscribing" => true} = + json_response_and_validate_schema(ret_conn, 200) conn = post(conn, "/api/v1/pleroma/accounts/#{subscription_target.id}/unsubscribe") - assert %{"id" => _id, "subscribing" => false} = json_response(conn, 200) + assert %{"id" => _id, "subscribing" => false} = json_response_and_validate_schema(conn, 200) end end @@ -326,7 +367,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do conn = post(conn, "/api/v1/pleroma/accounts/target_id/subscribe") - assert %{"error" => "Record not found"} = json_response(conn, 404) + assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404) end end @@ -336,7 +377,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do conn = post(conn, "/api/v1/pleroma/accounts/target_id/unsubscribe") - assert %{"error" => "Record not found"} = json_response(conn, 404) + assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404) end end end -- cgit v1.2.3 From 9cbf17d59fe34a760f8a4f94bc60f78b38ccba06 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Tue, 12 May 2020 16:57:01 -0500 Subject: Handle bcrypt passwords for Mastodon migration --- test/plugs/authentication_plug_test.exs | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'test') diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index 31e20d726..c8ede71c0 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -79,6 +79,13 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do assert AuthenticationPlug.checkpw("password", hash) end + test "check bcrypt hash" do + hash = "$2a$10$uyhC/R/zoE1ndwwCtMusK.TLVzkQ/Ugsbqp3uXI.CTTz0gBw.24jS" + + assert AuthenticationPlug.checkpw("password", hash) + refute AuthenticationPlug.checkpw("password1", hash) + end + test "it returns false when hash invalid" do hash = "psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1" -- cgit v1.2.3 From cb363f018380cceb9531e0ddd12a979b8accc0b2 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 29 Apr 2020 17:38:14 +0200 Subject: MastodonAPI: /api/v2/media endpoints --- .../controllers/media_controller_test.exs | 62 ++++++++++++++++++++-- 1 file changed, 57 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/controllers/media_controller_test.exs b/test/web/mastodon_api/controllers/media_controller_test.exs index 6ac4cf63b..d872ff484 100644 --- a/test/web/mastodon_api/controllers/media_controller_test.exs +++ b/test/web/mastodon_api/controllers/media_controller_test.exs @@ -11,7 +11,7 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do setup do: oauth_access(["write:media"]) - describe "media upload" do + describe "Upload media" do setup do image = %Plug.Upload{ content_type: "image/jpg", @@ -25,7 +25,7 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do setup do: clear_config([:media_proxy]) setup do: clear_config([Pleroma.Upload]) - test "returns uploaded image", %{conn: conn, image: image} do + test "/api/v1/media", %{conn: conn, image: image} do desc = "Description of the image" media = @@ -40,9 +40,31 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do object = Object.get_by_id(media["id"]) assert object.data["actor"] == User.ap_id(conn.assigns[:user]) end + + test "/api/v2/media", %{conn: conn, image: image} do + desc = "Description of the image" + + response = + conn + |> post("/api/v2/media", %{"file" => image, "description" => desc}) + |> json_response(202) + + assert media_id = response["id"] + + media = + conn + |> get("/api/v1/media/#{media_id}") + |> json_response(200) + + assert media["type"] == "image" + assert media["description"] == desc + assert media["id"] + object = Object.get_by_id(media["id"]) + assert object.data["actor"] == User.ap_id(conn.assigns[:user]) + end end - describe "PUT /api/v1/media/:id" do + describe "Update media description" do setup %{user: actor} do file = %Plug.Upload{ content_type: "image/jpg", @@ -60,7 +82,7 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do [object: object] end - test "updates name of media", %{conn: conn, object: object} do + test "/api/v1/media/:id good request", %{conn: conn, object: object} do media = conn |> put("/api/v1/media/#{object.id}", %{"description" => "test-media"}) @@ -70,7 +92,7 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do assert refresh_record(object).data["name"] == "test-media" end - test "returns error when request is bad", %{conn: conn, object: object} do + test "/api/v1/media/:id bad request", %{conn: conn, object: object} do media = conn |> put("/api/v1/media/#{object.id}", %{}) @@ -79,4 +101,34 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do assert media == %{"error" => "bad_request"} end end + + describe "Get media by id" do + setup %{user: actor} do + file = %Plug.Upload{ + content_type: "image/jpg", + path: Path.absname("test/fixtures/image.jpg"), + filename: "an_image.jpg" + } + + {:ok, %Object{} = object} = + ActivityPub.upload( + file, + actor: User.ap_id(actor), + description: "test-media" + ) + + [object: object] + end + + test "/api/v1/media/:id", %{conn: conn, object: object} do + media = + conn + |> get("/api/v1/media/#{object.id}") + |> json_response(:ok) + + assert media["description"] == "test-media" + assert media["type"] == "image" + assert media["id"] + end + end end -- cgit v1.2.3 From 20cbfb5cb5515044de03cc48e8464ec45ad0ca50 Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Thu, 14 May 2020 12:34:46 +0100 Subject: Allow whitelisting whole groups --- test/web/admin_api/admin_api_controller_test.exs | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 7d42a400c..e573220ba 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2948,7 +2948,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do clear_config(:database_config_whitelist, [ {:pleroma, :key1}, {:pleroma, :key2}, - {:pleroma, Pleroma.Captcha.NotReal} + {:pleroma, Pleroma.Captcha.NotReal}, + {:not_real} ]) post(conn, "/api/pleroma/admin/config", %{ @@ -2957,7 +2958,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{group: ":pleroma", key: ":key2", value: "value2"}, %{group: ":pleroma", key: ":key3", value: "value3"}, %{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"}, - %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"} + %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"}, + %{group: ":not_real", key: ":anything", value: "value6"} ] }) @@ -2966,6 +2968,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert Application.get_env(:pleroma, :key3) == nil assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5" + assert Application.get_env(:not_real, :anything) == "value6" end end @@ -3624,7 +3627,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do clear_config(:database_config_whitelist, [ {:pleroma, :instance}, {:pleroma, :activitypub}, - {:pleroma, Pleroma.Upload} + {:pleroma, Pleroma.Upload}, + {:esshd} ]) admin = insert(:user, is_admin: true) @@ -3635,9 +3639,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do children = json_response(conn, 200) - assert length(children) == 3 + assert length(children) == 4 - assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end) + assert Enum.count(children, fn c -> c["group"] == ":pleroma" end) == 3 instance = Enum.find(children, fn c -> c["key"] == ":instance" end) assert instance["children"] @@ -3647,6 +3651,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end) assert web_endpoint["children"] + + esshd = Enum.find(children, fn c -> c["group"] == ":esshd" end) + assert esshd["children"] end end -- cgit v1.2.3 From 0f885b4b86ad7ba738ef0dd0de7f7d0496b7e43d Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 14 May 2020 16:18:30 +0400 Subject: Fix OpenAPI spec --- .../mastodon_api/controllers/media_controller_test.exs | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/controllers/media_controller_test.exs b/test/web/mastodon_api/controllers/media_controller_test.exs index d872ff484..715747818 100644 --- a/test/web/mastodon_api/controllers/media_controller_test.exs +++ b/test/web/mastodon_api/controllers/media_controller_test.exs @@ -30,8 +30,9 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do media = conn + |> put_req_header("content-type", "multipart/form-data") |> post("/api/v1/media", %{"file" => image, "description" => desc}) - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert media["type"] == "image" assert media["description"] == desc @@ -46,15 +47,16 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do response = conn + |> put_req_header("content-type", "multipart/form-data") |> post("/api/v2/media", %{"file" => image, "description" => desc}) - |> json_response(202) + |> json_response_and_validate_schema(202) assert media_id = response["id"] media = conn |> get("/api/v1/media/#{media_id}") - |> json_response(200) + |> json_response_and_validate_schema(200) assert media["type"] == "image" assert media["description"] == desc @@ -85,8 +87,9 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do test "/api/v1/media/:id good request", %{conn: conn, object: object} do media = conn + |> put_req_header("content-type", "multipart/form-data") |> put("/api/v1/media/#{object.id}", %{"description" => "test-media"}) - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert media["description"] == "test-media" assert refresh_record(object).data["name"] == "test-media" @@ -95,8 +98,9 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do test "/api/v1/media/:id bad request", %{conn: conn, object: object} do media = conn + |> put_req_header("content-type", "multipart/form-data") |> put("/api/v1/media/#{object.id}", %{}) - |> json_response(400) + |> json_response_and_validate_schema(400) assert media == %{"error" => "bad_request"} end @@ -124,7 +128,7 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do media = conn |> get("/api/v1/media/#{object.id}") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert media["description"] == "test-media" assert media["type"] == "image" -- cgit v1.2.3 From bb03dfdb03714027640087ad1bd6475a8bb1c2c3 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 14 May 2020 16:29:32 +0400 Subject: Do not require `description` in `update` action --- test/web/mastodon_api/controllers/media_controller_test.exs | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'test') diff --git a/test/web/mastodon_api/controllers/media_controller_test.exs b/test/web/mastodon_api/controllers/media_controller_test.exs index 715747818..7ba1727f2 100644 --- a/test/web/mastodon_api/controllers/media_controller_test.exs +++ b/test/web/mastodon_api/controllers/media_controller_test.exs @@ -94,16 +94,6 @@ defmodule Pleroma.Web.MastodonAPI.MediaControllerTest do assert media["description"] == "test-media" assert refresh_record(object).data["name"] == "test-media" end - - test "/api/v1/media/:id bad request", %{conn: conn, object: object} do - media = - conn - |> put_req_header("content-type", "multipart/form-data") - |> put("/api/v1/media/#{object.id}", %{}) - |> json_response_and_validate_schema(400) - - assert media == %{"error" => "bad_request"} - end end describe "Get media by id" do -- cgit v1.2.3 From 3c29f4f957dbfa4bf7b914ecc1680bfa71bb7621 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 15 May 2020 16:16:02 +0300 Subject: returning partial chain --- test/config/config_db_test.exs | 8 ++++++++ test/web/admin_api/admin_api_controller_test.exs | 3 +++ 2 files changed, 11 insertions(+) (limited to 'test') diff --git a/test/config/config_db_test.exs b/test/config/config_db_test.exs index a8e947365..336de7359 100644 --- a/test/config/config_db_test.exs +++ b/test/config/config_db_test.exs @@ -476,6 +476,14 @@ defmodule Pleroma.ConfigDBTest do assert ConfigDB.from_binary(binary) == [key: "value"] end + test "keyword with partial_chain key" do + binary = + ConfigDB.transform([%{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]}]) + + assert binary == :erlang.term_to_binary(partial_chain: &:hackney_connect.partial_chain/1) + assert ConfigDB.from_binary(binary) == [partial_chain: &:hackney_connect.partial_chain/1] + end + test "keyword" do binary = ConfigDB.transform([ diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 9b7120712..370d876d0 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2509,6 +2509,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{"tuple" => [":seconds_valid", 60]}, %{"tuple" => [":path", ""]}, %{"tuple" => [":key1", nil]}, + %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]}, %{"tuple" => [":regex1", "~r/https:\/\/example.com/"]}, %{"tuple" => [":regex2", "~r/https:\/\/example.com/u"]}, %{"tuple" => [":regex3", "~r/https:\/\/example.com/i"]}, @@ -2532,6 +2533,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{"tuple" => [":seconds_valid", 60]}, %{"tuple" => [":path", ""]}, %{"tuple" => [":key1", nil]}, + %{"tuple" => [":partial_chain", "&:hackney_connect.partial_chain/1"]}, %{"tuple" => [":regex1", "~r/https:\\/\\/example.com/"]}, %{"tuple" => [":regex2", "~r/https:\\/\\/example.com/u"]}, %{"tuple" => [":regex3", "~r/https:\\/\\/example.com/i"]}, @@ -2544,6 +2546,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do ":seconds_valid", ":path", ":key1", + ":partial_chain", ":regex1", ":regex2", ":regex3", -- cgit v1.2.3 From 2dcb26a6e52b18c62aaa1ef464d94685732496ab Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 16 May 2020 12:28:24 +0200 Subject: CommonAPI: Unblock a user even if we don't have an activity. --- test/web/common_api/common_api_test.exs | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'test') diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index 26e41c313..fd8299013 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -23,6 +23,18 @@ defmodule Pleroma.Web.CommonAPITest do setup do: clear_config([:instance, :limit]) setup do: clear_config([:instance, :max_pinned_statuses]) + describe "unblocking" do + test "it works even without an existing block activity" do + blocked = insert(:user) + blocker = insert(:user) + User.block(blocker, blocked) + + assert User.blocks?(blocker, blocked) + assert {:ok, :no_activity} == CommonAPI.unblock(blocker, blocked) + refute User.blocks?(blocker, blocked) + end + end + describe "deletion" do test "it works with pruned objects" do user = insert(:user) -- cgit v1.2.3 From baef35bcc8685757b0039f76d2614bbb08e410f7 Mon Sep 17 00:00:00 2001 From: lain Date: Sun, 17 May 2020 10:31:01 +0200 Subject: Authentication Plug: Update bcrypt password on login. --- test/plugs/authentication_plug_test.exs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'test') diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index c8ede71c0..2c793b29a 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -11,6 +11,7 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do alias Pleroma.User import ExUnit.CaptureLog + import Pleroma.Factory setup %{conn: conn} do user = %User{ @@ -50,16 +51,21 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) end - test "with a wrong password in the credentials, it does nothing", %{conn: conn} do - conn = - conn - |> assign(:auth_credentials, %{password: "wrong"}) + test "with a bcrypt hash, it updates to a pkbdf2 hash", %{conn: conn} do + user = insert(:user, password_hash: Bcrypt.hash_pwd_salt("123")) + assert "$2" <> _ = user.password_hash - ret_conn = + conn = conn + |> assign(:auth_user, user) + |> assign(:auth_credentials, %{password: "123"}) |> AuthenticationPlug.call(%{}) - assert conn == ret_conn + assert conn.assigns.user.id == conn.assigns.auth_user.id + assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) + + user = User.get_by_id(user.id) + assert "$pbkdf2" <> _ = user.password_hash end describe "checkpw/2" do -- cgit v1.2.3 From bfdd90f6d7c9bb85e572033070d6fa7efda8aeac Mon Sep 17 00:00:00 2001 From: lain Date: Sun, 17 May 2020 11:40:25 +0200 Subject: AuthenticationPlug: Also update crypt passwords. --- test/plugs/authentication_plug_test.exs | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'test') diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index 2c793b29a..3c70c1747 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -68,6 +68,26 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do assert "$pbkdf2" <> _ = user.password_hash end + test "with a crypt hash, it updates to a pkbdf2 hash", %{conn: conn} do + user = + insert(:user, + password_hash: + "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1" + ) + + conn = + conn + |> assign(:auth_user, user) + |> assign(:auth_credentials, %{password: "password"}) + |> AuthenticationPlug.call(%{}) + + assert conn.assigns.user.id == conn.assigns.auth_user.id + assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) + + user = User.get_by_id(user.id) + assert "$pbkdf2" <> _ = user.password_hash + end + describe "checkpw/2" do test "check pbkdf2 hash" do hash = -- cgit v1.2.3 From 8bfd9710ae70204b29e184f08d78b95a2f81ad6c Mon Sep 17 00:00:00 2001 From: lain Date: Sun, 17 May 2020 11:53:17 +0200 Subject: Pleroma Authenticator: Also update passwords here. --- test/web/auth/pleroma_authenticator_test.exs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/web/auth/pleroma_authenticator_test.exs b/test/web/auth/pleroma_authenticator_test.exs index 5a421e5ed..731bd5932 100644 --- a/test/web/auth/pleroma_authenticator_test.exs +++ b/test/web/auth/pleroma_authenticator_test.exs @@ -15,11 +15,16 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticatorTest do {:ok, [user: user, name: name, password: password]} end - test "get_user/authorization", %{user: user, name: name, password: password} do + test "get_user/authorization", %{name: name, password: password} do + name = name <> "1" + user = insert(:user, nickname: name, password_hash: Bcrypt.hash_pwd_salt(password)) + params = %{"authorization" => %{"name" => name, "password" => password}} res = PleromaAuthenticator.get_user(%Plug.Conn{params: params}) - assert {:ok, user} == res + assert {:ok, returned_user} = res + assert returned_user.id == user.id + assert "$pbkdf2" <> _ = returned_user.password_hash end test "get_user/authorization with invalid password", %{name: name} do -- cgit v1.2.3