1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
# Pleroma: A lightweight social networking server
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ReportViewTest do
use Pleroma.DataCase
import Pleroma.Factory
alias Pleroma.Web.AdminAPI.ReportView
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.MastodonAPI.AccountView
alias Pleroma.Web.MastodonAPI.StatusView
test "renders a report" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
expected = %{
content: nil,
actor: AccountView.render("account.json", %{user: user}),
account: AccountView.render("account.json", %{user: other_user}),
statuses: [],
state: "open",
id: activity.id
}
result =
ReportView.render("show.json", %{report: activity})
|> Map.delete(:created_at)
assert result == expected
end
test "includes reported statuses" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.post(other_user, %{"status" => "toot"})
{:ok, report_activity} =
CommonAPI.report(user, %{"account_id" => other_user.id, "status_ids" => [activity.id]})
expected = %{
content: nil,
actor: AccountView.render("account.json", %{user: user}),
account: AccountView.render("account.json", %{user: other_user}),
statuses: [StatusView.render("status.json", %{activity: activity})],
state: "open",
id: report_activity.id
}
result =
ReportView.render("show.json", %{report: report_activity})
|> Map.delete(:created_at)
assert result == expected
end
test "renders report's state" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
{:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
assert %{state: "closed"} = ReportView.render("show.json", %{report: activity})
end
test "renders report description" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.report(user, %{
"account_id" => other_user.id,
"comment" => "posts are too good for this instance"
})
assert %{content: "posts are too good for this instance"} =
ReportView.render("show.json", %{report: activity})
end
test "sanitizes report description" do
user = insert(:user)
other_user = insert(:user)
{:ok, activity} =
CommonAPI.report(user, %{
"account_id" => other_user.id,
"comment" => ""
})
data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
activity = Map.put(activity, :data, data)
refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
ReportView.render("show.json", %{report: activity})[:content]
end
end
|
