1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.NotificationControllerTest do
6 use Pleroma.Web.ConnCase
8 alias Pleroma.Notification
11 alias Pleroma.Web.CommonAPI
13 import Pleroma.Factory
15 test "does NOT render account/pleroma/relationship by default" do
16 %{user: user, conn: conn} = oauth_access(["read:notifications"])
17 other_user = insert(:user)
19 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
20 {:ok, [_notification]} = Notification.create_notifications(activity)
24 |> assign(:user, user)
25 |> get("/api/v1/notifications")
26 |> json_response_and_validate_schema(200)
28 assert Enum.all?(response, fn n ->
29 get_in(n, ["account", "pleroma", "relationship"]) == %{}
33 test "list of notifications" do
34 %{user: user, conn: conn} = oauth_access(["read:notifications"])
35 other_user = insert(:user)
37 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
39 {:ok, [_notification]} = Notification.create_notifications(activity)
43 |> assign(:user, user)
44 |> get("/api/v1/notifications")
47 "hi <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{user.id}\" href=\"#{
49 }\" rel=\"ugc\">@<span>#{user.nickname}</span></a></span>"
51 assert [%{"status" => %{"content" => response}} | _rest] =
52 json_response_and_validate_schema(conn, 200)
54 assert response == expected_response
57 test "by default, does not contain pleroma:chat_mention" do
58 %{user: user, conn: conn} = oauth_access(["read:notifications"])
59 other_user = insert(:user)
61 {:ok, _activity} = CommonAPI.post_chat_message(other_user, user, "hey")
65 |> get("/api/v1/notifications")
66 |> json_response_and_validate_schema(200)
72 |> get("/api/v1/notifications?include_types[]=pleroma:chat_mention")
73 |> json_response_and_validate_schema(200)
78 test "by default, does not contain pleroma:report" do
79 %{user: user, conn: conn} = oauth_access(["read:notifications"])
80 other_user = insert(:user)
81 third_user = insert(:user)
84 |> User.admin_api_update(%{is_moderator: true})
86 {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
89 CommonAPI.report(third_user, %{account_id: other_user.id, status_ids: [activity.id]})
93 |> get("/api/v1/notifications")
94 |> json_response_and_validate_schema(200)
100 |> get("/api/v1/notifications?include_types[]=pleroma:report")
101 |> json_response_and_validate_schema(200)
106 test "excludes mentions from blockers when blockers_visible is false" do
107 clear_config([:activitypub, :blockers_visible], false)
109 %{user: user, conn: conn} = oauth_access(["read:notifications"])
110 blocker = insert(:user)
112 {:ok, _} = CommonAPI.block(blocker, user)
113 {:ok, activity} = CommonAPI.post(blocker, %{status: "hi @#{user.nickname}"})
115 {:ok, [_notification]} = Notification.create_notifications(activity)
119 |> assign(:user, user)
120 |> get("/api/v1/notifications")
122 assert [] == json_response_and_validate_schema(conn, 200)
125 test "getting a single notification" do
126 %{user: user, conn: conn} = oauth_access(["read:notifications"])
127 other_user = insert(:user)
129 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
131 {:ok, [notification]} = Notification.create_notifications(activity)
133 conn = get(conn, "/api/v1/notifications/#{notification.id}")
136 "hi <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{user.id}\" href=\"#{
138 }\" rel=\"ugc\">@<span>#{user.nickname}</span></a></span>"
140 assert %{"status" => %{"content" => response}} = json_response_and_validate_schema(conn, 200)
141 assert response == expected_response
144 test "dismissing a single notification (deprecated endpoint)" do
145 %{user: user, conn: conn} = oauth_access(["write:notifications"])
146 other_user = insert(:user)
148 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
150 {:ok, [notification]} = Notification.create_notifications(activity)
154 |> assign(:user, user)
155 |> put_req_header("content-type", "application/json")
156 |> post("/api/v1/notifications/dismiss", %{"id" => to_string(notification.id)})
158 assert %{} = json_response_and_validate_schema(conn, 200)
161 test "dismissing a single notification" do
162 %{user: user, conn: conn} = oauth_access(["write:notifications"])
163 other_user = insert(:user)
165 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
167 {:ok, [notification]} = Notification.create_notifications(activity)
171 |> assign(:user, user)
172 |> post("/api/v1/notifications/#{notification.id}/dismiss")
174 assert %{} = json_response_and_validate_schema(conn, 200)
177 test "clearing all notifications" do
178 %{user: user, conn: conn} = oauth_access(["write:notifications", "read:notifications"])
179 other_user = insert(:user)
181 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
183 {:ok, [_notification]} = Notification.create_notifications(activity)
185 ret_conn = post(conn, "/api/v1/notifications/clear")
187 assert %{} = json_response_and_validate_schema(ret_conn, 200)
189 ret_conn = get(conn, "/api/v1/notifications")
191 assert all = json_response_and_validate_schema(ret_conn, 200)
195 test "paginates notifications using min_id, since_id, max_id, and limit" do
196 %{user: user, conn: conn} = oauth_access(["read:notifications"])
197 other_user = insert(:user)
199 {:ok, activity1} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
200 {:ok, activity2} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
201 {:ok, activity3} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
202 {:ok, activity4} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
204 notification1_id = get_notification_id_by_activity(activity1)
205 notification2_id = get_notification_id_by_activity(activity2)
206 notification3_id = get_notification_id_by_activity(activity3)
207 notification4_id = get_notification_id_by_activity(activity4)
209 conn = assign(conn, :user, user)
214 |> get("/api/v1/notifications?limit=2&min_id=#{notification1_id}")
215 |> json_response_and_validate_schema(:ok)
217 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
222 |> get("/api/v1/notifications?limit=2&since_id=#{notification1_id}")
223 |> json_response_and_validate_schema(:ok)
225 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
230 |> get("/api/v1/notifications?limit=2&max_id=#{notification4_id}")
231 |> json_response_and_validate_schema(:ok)
233 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
236 describe "exclude_visibilities" do
237 test "filters notifications for mentions" do
238 %{user: user, conn: conn} = oauth_access(["read:notifications"])
239 other_user = insert(:user)
241 {:ok, public_activity} =
242 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "public"})
244 {:ok, direct_activity} =
245 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "direct"})
247 {:ok, unlisted_activity} =
248 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "unlisted"})
250 {:ok, private_activity} =
251 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "private"})
253 query = params_to_query(%{exclude_visibilities: ["public", "unlisted", "private"]})
254 conn_res = get(conn, "/api/v1/notifications?" <> query)
256 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
257 assert id == direct_activity.id
259 query = params_to_query(%{exclude_visibilities: ["public", "unlisted", "direct"]})
260 conn_res = get(conn, "/api/v1/notifications?" <> query)
262 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
263 assert id == private_activity.id
265 query = params_to_query(%{exclude_visibilities: ["public", "private", "direct"]})
266 conn_res = get(conn, "/api/v1/notifications?" <> query)
268 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
269 assert id == unlisted_activity.id
271 query = params_to_query(%{exclude_visibilities: ["unlisted", "private", "direct"]})
272 conn_res = get(conn, "/api/v1/notifications?" <> query)
274 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
275 assert id == public_activity.id
278 test "filters notifications for Like activities" do
280 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
282 {:ok, public_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "public"})
284 {:ok, direct_activity} =
285 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "direct"})
287 {:ok, unlisted_activity} =
288 CommonAPI.post(other_user, %{status: ".", visibility: "unlisted"})
290 {:ok, private_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "private"})
292 {:ok, _} = CommonAPI.favorite(user, public_activity.id)
293 {:ok, _} = CommonAPI.favorite(user, direct_activity.id)
294 {:ok, _} = CommonAPI.favorite(user, unlisted_activity.id)
295 {:ok, _} = CommonAPI.favorite(user, private_activity.id)
299 |> get("/api/v1/notifications?exclude_visibilities[]=direct")
300 |> json_response_and_validate_schema(200)
301 |> Enum.map(& &1["status"]["id"])
303 assert public_activity.id in activity_ids
304 assert unlisted_activity.id in activity_ids
305 assert private_activity.id in activity_ids
306 refute direct_activity.id in activity_ids
310 |> get("/api/v1/notifications?exclude_visibilities[]=unlisted")
311 |> json_response_and_validate_schema(200)
312 |> Enum.map(& &1["status"]["id"])
314 assert public_activity.id in activity_ids
315 refute unlisted_activity.id in activity_ids
316 assert private_activity.id in activity_ids
317 assert direct_activity.id in activity_ids
321 |> get("/api/v1/notifications?exclude_visibilities[]=private")
322 |> json_response_and_validate_schema(200)
323 |> Enum.map(& &1["status"]["id"])
325 assert public_activity.id in activity_ids
326 assert unlisted_activity.id in activity_ids
327 refute private_activity.id in activity_ids
328 assert direct_activity.id in activity_ids
332 |> get("/api/v1/notifications?exclude_visibilities[]=public")
333 |> json_response_and_validate_schema(200)
334 |> Enum.map(& &1["status"]["id"])
336 refute public_activity.id in activity_ids
337 assert unlisted_activity.id in activity_ids
338 assert private_activity.id in activity_ids
339 assert direct_activity.id in activity_ids
342 test "filters notifications for Announce activities" do
344 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
346 {:ok, public_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "public"})
348 {:ok, unlisted_activity} =
349 CommonAPI.post(other_user, %{status: ".", visibility: "unlisted"})
351 {:ok, _} = CommonAPI.repeat(public_activity.id, user)
352 {:ok, _} = CommonAPI.repeat(unlisted_activity.id, user)
356 |> get("/api/v1/notifications?exclude_visibilities[]=unlisted")
357 |> json_response_and_validate_schema(200)
358 |> Enum.map(& &1["status"]["id"])
360 assert public_activity.id in activity_ids
361 refute unlisted_activity.id in activity_ids
364 test "doesn't return less than the requested amount of records when the user's reply is liked" do
366 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
369 CommonAPI.post(user, %{status: "@#{other_user.nickname}", visibility: "public"})
371 {:ok, activity} = CommonAPI.post(user, %{status: ".", visibility: "public"})
374 CommonAPI.post(other_user, %{
376 visibility: "public",
377 in_reply_to_status_id: activity.id
380 {:ok, _favorite} = CommonAPI.favorite(user, reply.id)
384 |> get("/api/v1/notifications?exclude_visibilities[]=direct&limit=2")
385 |> json_response_and_validate_schema(200)
386 |> Enum.map(& &1["status"]["id"])
388 assert [reply.id, mention.id] == activity_ids
392 test "filters notifications using exclude_types" do
393 %{user: user, conn: conn} = oauth_access(["read:notifications"])
394 other_user = insert(:user)
396 {:ok, mention_activity} = CommonAPI.post(other_user, %{status: "hey @#{user.nickname}"})
397 {:ok, create_activity} = CommonAPI.post(user, %{status: "hey"})
398 {:ok, favorite_activity} = CommonAPI.favorite(other_user, create_activity.id)
399 {:ok, reblog_activity} = CommonAPI.repeat(create_activity.id, other_user)
400 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
402 mention_notification_id = get_notification_id_by_activity(mention_activity)
403 favorite_notification_id = get_notification_id_by_activity(favorite_activity)
404 reblog_notification_id = get_notification_id_by_activity(reblog_activity)
405 follow_notification_id = get_notification_id_by_activity(follow_activity)
407 query = params_to_query(%{exclude_types: ["mention", "favourite", "reblog"]})
408 conn_res = get(conn, "/api/v1/notifications?" <> query)
410 assert [%{"id" => ^follow_notification_id}] = json_response_and_validate_schema(conn_res, 200)
412 query = params_to_query(%{exclude_types: ["favourite", "reblog", "follow"]})
413 conn_res = get(conn, "/api/v1/notifications?" <> query)
415 assert [%{"id" => ^mention_notification_id}] =
416 json_response_and_validate_schema(conn_res, 200)
418 query = params_to_query(%{exclude_types: ["reblog", "follow", "mention"]})
419 conn_res = get(conn, "/api/v1/notifications?" <> query)
421 assert [%{"id" => ^favorite_notification_id}] =
422 json_response_and_validate_schema(conn_res, 200)
424 query = params_to_query(%{exclude_types: ["follow", "mention", "favourite"]})
425 conn_res = get(conn, "/api/v1/notifications?" <> query)
427 assert [%{"id" => ^reblog_notification_id}] = json_response_and_validate_schema(conn_res, 200)
430 test "filters notifications using include_types" do
431 %{user: user, conn: conn} = oauth_access(["read:notifications"])
432 other_user = insert(:user)
434 {:ok, mention_activity} = CommonAPI.post(other_user, %{status: "hey @#{user.nickname}"})
435 {:ok, create_activity} = CommonAPI.post(user, %{status: "hey"})
436 {:ok, favorite_activity} = CommonAPI.favorite(other_user, create_activity.id)
437 {:ok, reblog_activity} = CommonAPI.repeat(create_activity.id, other_user)
438 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
440 mention_notification_id = get_notification_id_by_activity(mention_activity)
441 favorite_notification_id = get_notification_id_by_activity(favorite_activity)
442 reblog_notification_id = get_notification_id_by_activity(reblog_activity)
443 follow_notification_id = get_notification_id_by_activity(follow_activity)
445 conn_res = get(conn, "/api/v1/notifications?include_types[]=follow")
447 assert [%{"id" => ^follow_notification_id}] = json_response_and_validate_schema(conn_res, 200)
449 conn_res = get(conn, "/api/v1/notifications?include_types[]=mention")
451 assert [%{"id" => ^mention_notification_id}] =
452 json_response_and_validate_schema(conn_res, 200)
454 conn_res = get(conn, "/api/v1/notifications?include_types[]=favourite")
456 assert [%{"id" => ^favorite_notification_id}] =
457 json_response_and_validate_schema(conn_res, 200)
459 conn_res = get(conn, "/api/v1/notifications?include_types[]=reblog")
461 assert [%{"id" => ^reblog_notification_id}] = json_response_and_validate_schema(conn_res, 200)
463 result = conn |> get("/api/v1/notifications") |> json_response_and_validate_schema(200)
465 assert length(result) == 4
467 query = params_to_query(%{include_types: ["follow", "mention", "favourite", "reblog"]})
471 |> get("/api/v1/notifications?" <> query)
472 |> json_response_and_validate_schema(200)
474 assert length(result) == 4
477 test "destroy multiple" do
478 %{user: user, conn: conn} = oauth_access(["read:notifications", "write:notifications"])
479 other_user = insert(:user)
481 {:ok, activity1} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
482 {:ok, activity2} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
483 {:ok, activity3} = CommonAPI.post(user, %{status: "hi @#{other_user.nickname}"})
484 {:ok, activity4} = CommonAPI.post(user, %{status: "hi @#{other_user.nickname}"})
486 notification1_id = get_notification_id_by_activity(activity1)
487 notification2_id = get_notification_id_by_activity(activity2)
488 notification3_id = get_notification_id_by_activity(activity3)
489 notification4_id = get_notification_id_by_activity(activity4)
493 |> get("/api/v1/notifications")
494 |> json_response_and_validate_schema(:ok)
496 assert [%{"id" => ^notification2_id}, %{"id" => ^notification1_id}] = result
500 |> assign(:user, other_user)
501 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:notifications"]))
505 |> get("/api/v1/notifications")
506 |> json_response_and_validate_schema(:ok)
508 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
510 query = params_to_query(%{ids: [notification1_id, notification2_id]})
511 conn_destroy = delete(conn, "/api/v1/notifications/destroy_multiple?" <> query)
513 assert json_response_and_validate_schema(conn_destroy, 200) == %{}
517 |> get("/api/v1/notifications")
518 |> json_response_and_validate_schema(:ok)
520 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
523 test "doesn't see notifications after muting user with notifications" do
524 %{user: user, conn: conn} = oauth_access(["read:notifications"])
525 user2 = insert(:user)
527 {:ok, _, _, _} = CommonAPI.follow(user, user2)
528 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
530 ret_conn = get(conn, "/api/v1/notifications")
532 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
534 {:ok, _user_relationships} = User.mute(user, user2)
536 conn = get(conn, "/api/v1/notifications")
538 assert json_response_and_validate_schema(conn, 200) == []
541 test "see notifications after muting user without notifications" do
542 %{user: user, conn: conn} = oauth_access(["read:notifications"])
543 user2 = insert(:user)
545 {:ok, _, _, _} = CommonAPI.follow(user, user2)
546 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
548 ret_conn = get(conn, "/api/v1/notifications")
550 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
552 {:ok, _user_relationships} = User.mute(user, user2, %{notifications: false})
554 conn = get(conn, "/api/v1/notifications")
556 assert length(json_response_and_validate_schema(conn, 200)) == 1
559 test "see notifications after muting user with notifications and with_muted parameter" do
560 %{user: user, conn: conn} = oauth_access(["read:notifications"])
561 user2 = insert(:user)
563 {:ok, _, _, _} = CommonAPI.follow(user, user2)
564 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
566 ret_conn = get(conn, "/api/v1/notifications")
568 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
570 {:ok, _user_relationships} = User.mute(user, user2)
572 conn = get(conn, "/api/v1/notifications?with_muted=true")
574 assert length(json_response_and_validate_schema(conn, 200)) == 1
577 @tag capture_log: true
578 test "see move notifications" do
579 old_user = insert(:user)
580 new_user = insert(:user, also_known_as: [old_user.ap_id])
581 %{user: follower, conn: conn} = oauth_access(["read:notifications"])
583 old_user_url = old_user.ap_id
586 File.read!("test/fixtures/users_mock/localhost.json")
587 |> String.replace("{{nickname}}", old_user.nickname)
591 %{method: :get, url: ^old_user_url} ->
592 %Tesla.Env{status: 200, body: body}
595 User.follow(follower, old_user)
596 Pleroma.Web.ActivityPub.ActivityPub.move(old_user, new_user)
597 Pleroma.Tests.ObanHelpers.perform_all()
599 conn = get(conn, "/api/v1/notifications")
601 assert length(json_response_and_validate_schema(conn, 200)) == 1
604 describe "link headers" do
605 test "preserves parameters in link headers" do
606 %{user: user, conn: conn} = oauth_access(["read:notifications"])
607 other_user = insert(:user)
610 CommonAPI.post(other_user, %{
611 status: "hi @#{user.nickname}",
616 CommonAPI.post(other_user, %{
617 status: "hi @#{user.nickname}",
621 notification1 = Repo.get_by(Notification, activity_id: activity1.id)
622 notification2 = Repo.get_by(Notification, activity_id: activity2.id)
626 |> assign(:user, user)
627 |> get("/api/v1/notifications?limit=5")
629 assert [link_header] = get_resp_header(conn, "link")
630 assert link_header =~ ~r/limit=5/
631 assert link_header =~ ~r/min_id=#{notification2.id}/
632 assert link_header =~ ~r/max_id=#{notification1.id}/
636 describe "from specified user" do
638 %{user: user, conn: conn} = oauth_access(["read:notifications"])
640 %{id: account_id} = other_user1 = insert(:user)
641 other_user2 = insert(:user)
643 {:ok, _activity} = CommonAPI.post(other_user1, %{status: "hi @#{user.nickname}"})
644 {:ok, _activity} = CommonAPI.post(other_user2, %{status: "bye @#{user.nickname}"})
646 assert [%{"account" => %{"id" => ^account_id}}] =
648 |> assign(:user, user)
649 |> get("/api/v1/notifications?account_id=#{account_id}")
650 |> json_response_and_validate_schema(200)
652 assert %{"error" => "Account is not found"} =
654 |> assign(:user, user)
655 |> get("/api/v1/notifications?account_id=cofe")
656 |> json_response_and_validate_schema(404)
660 defp get_notification_id_by_activity(%{id: id}) do
662 |> Repo.get_by(activity_id: id)
667 defp params_to_query(%{} = params) do
668 Enum.map_join(params, "&", fn
669 {k, v} when is_list(v) -> Enum.map_join(v, "&", &"#{k}[]=#{&1}")
670 {k, v} -> k <> "=" <> v