1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.NotificationControllerTest do
6 use Pleroma.Web.ConnCase
8 alias Pleroma.Notification
11 alias Pleroma.Web.CommonAPI
13 import Pleroma.Factory
15 test "does NOT render account/pleroma/relationship by default" do
16 %{user: user, conn: conn} = oauth_access(["read:notifications"])
17 other_user = insert(:user)
19 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
20 {:ok, [_notification]} = Notification.create_notifications(activity)
24 |> assign(:user, user)
25 |> get("/api/v1/notifications")
26 |> json_response_and_validate_schema(200)
28 assert Enum.all?(response, fn n ->
29 get_in(n, ["account", "pleroma", "relationship"]) == %{}
33 test "list of notifications" do
34 %{user: user, conn: conn} = oauth_access(["read:notifications"])
35 other_user = insert(:user)
37 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
39 {:ok, [_notification]} = Notification.create_notifications(activity)
43 |> assign(:user, user)
44 |> get("/api/v1/notifications")
47 "hi <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{user.id}\" href=\"#{user.ap_id}\" rel=\"ugc\">@<span>#{user.nickname}</span></a></span>"
49 assert [%{"status" => %{"content" => response}} | _rest] =
50 json_response_and_validate_schema(conn, 200)
52 assert response == expected_response
55 test "by default, does not contain pleroma:chat_mention" do
56 %{user: user, conn: conn} = oauth_access(["read:notifications"])
57 other_user = insert(:user)
59 {:ok, _activity} = CommonAPI.post_chat_message(other_user, user, "hey")
63 |> get("/api/v1/notifications")
64 |> json_response_and_validate_schema(200)
70 |> get("/api/v1/notifications?include_types[]=pleroma:chat_mention")
71 |> json_response_and_validate_schema(200)
76 test "by default, does not contain pleroma:report" do
77 %{user: user, conn: conn} = oauth_access(["read:notifications"])
78 other_user = insert(:user)
79 third_user = insert(:user)
82 |> User.admin_api_update(%{is_moderator: true})
84 {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
87 CommonAPI.report(third_user, %{account_id: other_user.id, status_ids: [activity.id]})
91 |> get("/api/v1/notifications")
92 |> json_response_and_validate_schema(200)
98 |> get("/api/v1/notifications?include_types[]=pleroma:report")
99 |> json_response_and_validate_schema(200)
104 test "excludes mentions from blockers when blockers_visible is false" do
105 clear_config([:activitypub, :blockers_visible], false)
107 %{user: user, conn: conn} = oauth_access(["read:notifications"])
108 blocker = insert(:user)
110 {:ok, _} = CommonAPI.block(blocker, user)
111 {:ok, activity} = CommonAPI.post(blocker, %{status: "hi @#{user.nickname}"})
113 {:ok, [_notification]} = Notification.create_notifications(activity)
117 |> assign(:user, user)
118 |> get("/api/v1/notifications")
120 assert [] == json_response_and_validate_schema(conn, 200)
123 test "getting a single notification" do
124 %{user: user, conn: conn} = oauth_access(["read:notifications"])
125 other_user = insert(:user)
127 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
129 {:ok, [notification]} = Notification.create_notifications(activity)
131 conn = get(conn, "/api/v1/notifications/#{notification.id}")
134 "hi <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{user.id}\" href=\"#{user.ap_id}\" rel=\"ugc\">@<span>#{user.nickname}</span></a></span>"
136 assert %{"status" => %{"content" => response}} = json_response_and_validate_schema(conn, 200)
137 assert response == expected_response
140 test "dismissing a single notification (deprecated endpoint)" do
141 %{user: user, conn: conn} = oauth_access(["write:notifications"])
142 other_user = insert(:user)
144 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
146 {:ok, [notification]} = Notification.create_notifications(activity)
150 |> assign(:user, user)
151 |> put_req_header("content-type", "application/json")
152 |> post("/api/v1/notifications/dismiss", %{"id" => to_string(notification.id)})
154 assert %{} = json_response_and_validate_schema(conn, 200)
157 test "dismissing a single notification" do
158 %{user: user, conn: conn} = oauth_access(["write:notifications"])
159 other_user = insert(:user)
161 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
163 {:ok, [notification]} = Notification.create_notifications(activity)
167 |> assign(:user, user)
168 |> post("/api/v1/notifications/#{notification.id}/dismiss")
170 assert %{} = json_response_and_validate_schema(conn, 200)
173 test "clearing all notifications" do
174 %{user: user, conn: conn} = oauth_access(["write:notifications", "read:notifications"])
175 other_user = insert(:user)
177 {:ok, activity} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
179 {:ok, [_notification]} = Notification.create_notifications(activity)
181 ret_conn = post(conn, "/api/v1/notifications/clear")
183 assert %{} = json_response_and_validate_schema(ret_conn, 200)
185 ret_conn = get(conn, "/api/v1/notifications")
187 assert all = json_response_and_validate_schema(ret_conn, 200)
191 test "paginates notifications using min_id, since_id, max_id, and limit" do
192 %{user: user, conn: conn} = oauth_access(["read:notifications"])
193 other_user = insert(:user)
195 {:ok, activity1} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
196 {:ok, activity2} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
197 {:ok, activity3} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
198 {:ok, activity4} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
200 notification1_id = get_notification_id_by_activity(activity1)
201 notification2_id = get_notification_id_by_activity(activity2)
202 notification3_id = get_notification_id_by_activity(activity3)
203 notification4_id = get_notification_id_by_activity(activity4)
205 conn = assign(conn, :user, user)
210 |> get("/api/v1/notifications?limit=2&min_id=#{notification1_id}")
211 |> json_response_and_validate_schema(:ok)
213 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
218 |> get("/api/v1/notifications?limit=2&since_id=#{notification1_id}")
219 |> json_response_and_validate_schema(:ok)
221 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
226 |> get("/api/v1/notifications?limit=2&max_id=#{notification4_id}")
227 |> json_response_and_validate_schema(:ok)
229 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
232 describe "exclude_visibilities" do
233 test "filters notifications for mentions" do
234 %{user: user, conn: conn} = oauth_access(["read:notifications"])
235 other_user = insert(:user)
237 {:ok, public_activity} =
238 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "public"})
240 {:ok, direct_activity} =
241 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "direct"})
243 {:ok, unlisted_activity} =
244 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "unlisted"})
246 {:ok, private_activity} =
247 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "private"})
249 query = params_to_query(%{exclude_visibilities: ["public", "unlisted", "private"]})
250 conn_res = get(conn, "/api/v1/notifications?" <> query)
252 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
253 assert id == direct_activity.id
255 query = params_to_query(%{exclude_visibilities: ["public", "unlisted", "direct"]})
256 conn_res = get(conn, "/api/v1/notifications?" <> query)
258 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
259 assert id == private_activity.id
261 query = params_to_query(%{exclude_visibilities: ["public", "private", "direct"]})
262 conn_res = get(conn, "/api/v1/notifications?" <> query)
264 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
265 assert id == unlisted_activity.id
267 query = params_to_query(%{exclude_visibilities: ["unlisted", "private", "direct"]})
268 conn_res = get(conn, "/api/v1/notifications?" <> query)
270 assert [%{"status" => %{"id" => id}}] = json_response_and_validate_schema(conn_res, 200)
271 assert id == public_activity.id
274 test "filters notifications for Like activities" do
276 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
278 {:ok, public_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "public"})
280 {:ok, direct_activity} =
281 CommonAPI.post(other_user, %{status: "@#{user.nickname}", visibility: "direct"})
283 {:ok, unlisted_activity} =
284 CommonAPI.post(other_user, %{status: ".", visibility: "unlisted"})
286 {:ok, private_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "private"})
288 {:ok, _} = CommonAPI.favorite(user, public_activity.id)
289 {:ok, _} = CommonAPI.favorite(user, direct_activity.id)
290 {:ok, _} = CommonAPI.favorite(user, unlisted_activity.id)
291 {:ok, _} = CommonAPI.favorite(user, private_activity.id)
295 |> get("/api/v1/notifications?exclude_visibilities[]=direct")
296 |> json_response_and_validate_schema(200)
297 |> Enum.map(& &1["status"]["id"])
299 assert public_activity.id in activity_ids
300 assert unlisted_activity.id in activity_ids
301 assert private_activity.id in activity_ids
302 refute direct_activity.id in activity_ids
306 |> get("/api/v1/notifications?exclude_visibilities[]=unlisted")
307 |> json_response_and_validate_schema(200)
308 |> Enum.map(& &1["status"]["id"])
310 assert public_activity.id in activity_ids
311 refute unlisted_activity.id in activity_ids
312 assert private_activity.id in activity_ids
313 assert direct_activity.id in activity_ids
317 |> get("/api/v1/notifications?exclude_visibilities[]=private")
318 |> json_response_and_validate_schema(200)
319 |> Enum.map(& &1["status"]["id"])
321 assert public_activity.id in activity_ids
322 assert unlisted_activity.id in activity_ids
323 refute private_activity.id in activity_ids
324 assert direct_activity.id in activity_ids
328 |> get("/api/v1/notifications?exclude_visibilities[]=public")
329 |> json_response_and_validate_schema(200)
330 |> Enum.map(& &1["status"]["id"])
332 refute public_activity.id in activity_ids
333 assert unlisted_activity.id in activity_ids
334 assert private_activity.id in activity_ids
335 assert direct_activity.id in activity_ids
338 test "filters notifications for Announce activities" do
340 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
342 {:ok, public_activity} = CommonAPI.post(other_user, %{status: ".", visibility: "public"})
344 {:ok, unlisted_activity} =
345 CommonAPI.post(other_user, %{status: ".", visibility: "unlisted"})
347 {:ok, _} = CommonAPI.repeat(public_activity.id, user)
348 {:ok, _} = CommonAPI.repeat(unlisted_activity.id, user)
352 |> get("/api/v1/notifications?exclude_visibilities[]=unlisted")
353 |> json_response_and_validate_schema(200)
354 |> Enum.map(& &1["status"]["id"])
356 assert public_activity.id in activity_ids
357 refute unlisted_activity.id in activity_ids
360 test "doesn't return less than the requested amount of records when the user's reply is liked" do
362 %{user: other_user, conn: conn} = oauth_access(["read:notifications"])
365 CommonAPI.post(user, %{status: "@#{other_user.nickname}", visibility: "public"})
367 {:ok, activity} = CommonAPI.post(user, %{status: ".", visibility: "public"})
370 CommonAPI.post(other_user, %{
372 visibility: "public",
373 in_reply_to_status_id: activity.id
376 {:ok, _favorite} = CommonAPI.favorite(user, reply.id)
380 |> get("/api/v1/notifications?exclude_visibilities[]=direct&limit=2")
381 |> json_response_and_validate_schema(200)
382 |> Enum.map(& &1["status"]["id"])
384 assert [reply.id, mention.id] == activity_ids
388 test "filters notifications using exclude_types" do
389 %{user: user, conn: conn} = oauth_access(["read:notifications"])
390 other_user = insert(:user)
392 {:ok, mention_activity} = CommonAPI.post(other_user, %{status: "hey @#{user.nickname}"})
393 {:ok, create_activity} = CommonAPI.post(user, %{status: "hey"})
394 {:ok, favorite_activity} = CommonAPI.favorite(other_user, create_activity.id)
395 {:ok, reblog_activity} = CommonAPI.repeat(create_activity.id, other_user)
396 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
398 mention_notification_id = get_notification_id_by_activity(mention_activity)
399 favorite_notification_id = get_notification_id_by_activity(favorite_activity)
400 reblog_notification_id = get_notification_id_by_activity(reblog_activity)
401 follow_notification_id = get_notification_id_by_activity(follow_activity)
403 query = params_to_query(%{exclude_types: ["mention", "favourite", "reblog"]})
404 conn_res = get(conn, "/api/v1/notifications?" <> query)
406 assert [%{"id" => ^follow_notification_id}] = json_response_and_validate_schema(conn_res, 200)
408 query = params_to_query(%{exclude_types: ["favourite", "reblog", "follow"]})
409 conn_res = get(conn, "/api/v1/notifications?" <> query)
411 assert [%{"id" => ^mention_notification_id}] =
412 json_response_and_validate_schema(conn_res, 200)
414 query = params_to_query(%{exclude_types: ["reblog", "follow", "mention"]})
415 conn_res = get(conn, "/api/v1/notifications?" <> query)
417 assert [%{"id" => ^favorite_notification_id}] =
418 json_response_and_validate_schema(conn_res, 200)
420 query = params_to_query(%{exclude_types: ["follow", "mention", "favourite"]})
421 conn_res = get(conn, "/api/v1/notifications?" <> query)
423 assert [%{"id" => ^reblog_notification_id}] = json_response_and_validate_schema(conn_res, 200)
426 test "filters notifications using include_types" do
427 %{user: user, conn: conn} = oauth_access(["read:notifications"])
428 other_user = insert(:user)
430 {:ok, mention_activity} = CommonAPI.post(other_user, %{status: "hey @#{user.nickname}"})
431 {:ok, create_activity} = CommonAPI.post(user, %{status: "hey"})
432 {:ok, favorite_activity} = CommonAPI.favorite(other_user, create_activity.id)
433 {:ok, reblog_activity} = CommonAPI.repeat(create_activity.id, other_user)
434 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
436 mention_notification_id = get_notification_id_by_activity(mention_activity)
437 favorite_notification_id = get_notification_id_by_activity(favorite_activity)
438 reblog_notification_id = get_notification_id_by_activity(reblog_activity)
439 follow_notification_id = get_notification_id_by_activity(follow_activity)
441 conn_res = get(conn, "/api/v1/notifications?include_types[]=follow")
443 assert [%{"id" => ^follow_notification_id}] = json_response_and_validate_schema(conn_res, 200)
445 conn_res = get(conn, "/api/v1/notifications?include_types[]=mention")
447 assert [%{"id" => ^mention_notification_id}] =
448 json_response_and_validate_schema(conn_res, 200)
450 conn_res = get(conn, "/api/v1/notifications?include_types[]=favourite")
452 assert [%{"id" => ^favorite_notification_id}] =
453 json_response_and_validate_schema(conn_res, 200)
455 conn_res = get(conn, "/api/v1/notifications?include_types[]=reblog")
457 assert [%{"id" => ^reblog_notification_id}] = json_response_and_validate_schema(conn_res, 200)
459 result = conn |> get("/api/v1/notifications") |> json_response_and_validate_schema(200)
461 assert length(result) == 4
463 query = params_to_query(%{include_types: ["follow", "mention", "favourite", "reblog"]})
467 |> get("/api/v1/notifications?" <> query)
468 |> json_response_and_validate_schema(200)
470 assert length(result) == 4
473 test "destroy multiple" do
474 %{user: user, conn: conn} = oauth_access(["read:notifications", "write:notifications"])
475 other_user = insert(:user)
477 {:ok, activity1} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
478 {:ok, activity2} = CommonAPI.post(other_user, %{status: "hi @#{user.nickname}"})
479 {:ok, activity3} = CommonAPI.post(user, %{status: "hi @#{other_user.nickname}"})
480 {:ok, activity4} = CommonAPI.post(user, %{status: "hi @#{other_user.nickname}"})
482 notification1_id = get_notification_id_by_activity(activity1)
483 notification2_id = get_notification_id_by_activity(activity2)
484 notification3_id = get_notification_id_by_activity(activity3)
485 notification4_id = get_notification_id_by_activity(activity4)
489 |> get("/api/v1/notifications")
490 |> json_response_and_validate_schema(:ok)
492 assert [%{"id" => ^notification2_id}, %{"id" => ^notification1_id}] = result
496 |> assign(:user, other_user)
497 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:notifications"]))
501 |> get("/api/v1/notifications")
502 |> json_response_and_validate_schema(:ok)
504 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
506 query = params_to_query(%{ids: [notification1_id, notification2_id]})
507 conn_destroy = delete(conn, "/api/v1/notifications/destroy_multiple?" <> query)
509 assert json_response_and_validate_schema(conn_destroy, 200) == %{}
513 |> get("/api/v1/notifications")
514 |> json_response_and_validate_schema(:ok)
516 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
519 test "doesn't see notifications after muting user with notifications" do
520 %{user: user, conn: conn} = oauth_access(["read:notifications"])
521 user2 = insert(:user)
523 {:ok, _, _, _} = CommonAPI.follow(user, user2)
524 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
526 ret_conn = get(conn, "/api/v1/notifications")
528 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
530 {:ok, _user_relationships} = User.mute(user, user2)
532 conn = get(conn, "/api/v1/notifications")
534 assert json_response_and_validate_schema(conn, 200) == []
537 test "see notifications after muting user without notifications" do
538 %{user: user, conn: conn} = oauth_access(["read:notifications"])
539 user2 = insert(:user)
541 {:ok, _, _, _} = CommonAPI.follow(user, user2)
542 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
544 ret_conn = get(conn, "/api/v1/notifications")
546 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
548 {:ok, _user_relationships} = User.mute(user, user2, %{notifications: false})
550 conn = get(conn, "/api/v1/notifications")
552 assert length(json_response_and_validate_schema(conn, 200)) == 1
555 test "see notifications after muting user with notifications and with_muted parameter" do
556 %{user: user, conn: conn} = oauth_access(["read:notifications"])
557 user2 = insert(:user)
559 {:ok, _, _, _} = CommonAPI.follow(user, user2)
560 {:ok, _} = CommonAPI.post(user2, %{status: "hey @#{user.nickname}"})
562 ret_conn = get(conn, "/api/v1/notifications")
564 assert length(json_response_and_validate_schema(ret_conn, 200)) == 1
566 {:ok, _user_relationships} = User.mute(user, user2)
568 conn = get(conn, "/api/v1/notifications?with_muted=true")
570 assert length(json_response_and_validate_schema(conn, 200)) == 1
573 test "see move notifications" do
574 old_user = insert(:user)
575 new_user = insert(:user, also_known_as: [old_user.ap_id])
576 %{user: follower, conn: conn} = oauth_access(["read:notifications"])
578 User.follow(follower, old_user)
579 Pleroma.Web.ActivityPub.ActivityPub.move(old_user, new_user)
580 Pleroma.Tests.ObanHelpers.perform_all()
582 conn = get(conn, "/api/v1/notifications")
584 assert length(json_response_and_validate_schema(conn, 200)) == 1
587 describe "link headers" do
588 test "preserves parameters in link headers" do
589 %{user: user, conn: conn} = oauth_access(["read:notifications"])
590 other_user = insert(:user)
593 CommonAPI.post(other_user, %{
594 status: "hi @#{user.nickname}",
599 CommonAPI.post(other_user, %{
600 status: "hi @#{user.nickname}",
604 notification1 = Repo.get_by(Notification, activity_id: activity1.id)
605 notification2 = Repo.get_by(Notification, activity_id: activity2.id)
609 |> assign(:user, user)
610 |> get("/api/v1/notifications?limit=5")
612 assert [link_header] = get_resp_header(conn, "link")
613 assert link_header =~ ~r/limit=5/
614 assert link_header =~ ~r/min_id=#{notification2.id}/
615 assert link_header =~ ~r/max_id=#{notification1.id}/
619 describe "from specified user" do
621 %{user: user, conn: conn} = oauth_access(["read:notifications"])
623 %{id: account_id} = other_user1 = insert(:user)
624 other_user2 = insert(:user)
626 {:ok, _activity} = CommonAPI.post(other_user1, %{status: "hi @#{user.nickname}"})
627 {:ok, _activity} = CommonAPI.post(other_user2, %{status: "bye @#{user.nickname}"})
629 assert [%{"account" => %{"id" => ^account_id}}] =
631 |> assign(:user, user)
632 |> get("/api/v1/notifications?account_id=#{account_id}")
633 |> json_response_and_validate_schema(200)
635 assert %{"error" => "Account is not found"} =
637 |> assign(:user, user)
638 |> get("/api/v1/notifications?account_id=cofe")
639 |> json_response_and_validate_schema(404)
643 defp get_notification_id_by_activity(%{id: id}) do
645 |> Repo.get_by(activity_id: id)
650 defp params_to_query(%{} = params) do
651 Enum.map_join(params, "&", fn
652 {k, v} when is_list(v) -> Enum.map_join(v, "&", &"#{k}[]=#{&1}")
653 {k, v} -> k <> "=" <> v