1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
10 alias Pleroma.Conversation.Participation
13 alias Pleroma.ScheduledActivity
14 alias Pleroma.Tests.ObanHelpers
16 alias Pleroma.Web.ActivityPub.ActivityPub
17 alias Pleroma.Web.CommonAPI
19 import Pleroma.Factory
21 setup do: clear_config([:instance, :federating])
22 setup do: clear_config([:instance, :allow_relay])
23 setup do: clear_config([:rich_media, :enabled])
24 setup do: clear_config([:mrf, :policies])
25 setup do: clear_config([:mrf_keyword, :reject])
27 describe "posting statuses" do
28 setup do: oauth_access(["write:statuses"])
30 test "posting a status does not increment reblog_count when relaying", %{conn: conn} do
31 clear_config([:instance, :federating], true)
32 Config.get([:instance, :allow_relay], true)
36 |> put_req_header("content-type", "application/json")
37 |> post("api/v1/statuses", %{
38 "content_type" => "text/plain",
39 "source" => "Pleroma FE",
40 "status" => "Hello world",
41 "visibility" => "public"
43 |> json_response_and_validate_schema(200)
45 assert response["reblogs_count"] == 0
46 ObanHelpers.perform_all()
50 |> get("api/v1/statuses/#{response["id"]}", %{})
51 |> json_response_and_validate_schema(200)
53 assert response["reblogs_count"] == 0
56 test "posting a status", %{conn: conn} do
57 idempotency_key = "Pikachu rocks!"
61 |> put_req_header("content-type", "application/json")
62 |> put_req_header("idempotency-key", idempotency_key)
63 |> post("/api/v1/statuses", %{
65 "spoiler_text" => "2hu",
69 assert %{"content" => "cofe", "id" => id, "spoiler_text" => "2hu", "sensitive" => false} =
70 json_response_and_validate_schema(conn_one, 200)
72 assert Activity.get_by_id(id)
76 |> put_req_header("content-type", "application/json")
77 |> put_req_header("idempotency-key", idempotency_key)
78 |> post("/api/v1/statuses", %{
80 "spoiler_text" => "2hu",
84 assert %{"id" => second_id} = json_response(conn_two, 200)
85 assert id == second_id
89 |> put_req_header("content-type", "application/json")
90 |> post("/api/v1/statuses", %{
92 "spoiler_text" => "2hu",
93 "sensitive" => "False"
96 assert %{"id" => third_id} = json_response_and_validate_schema(conn_three, 200)
99 # An activity that will expire:
101 expires_in = 2 * 60 * 60
103 expires_at = DateTime.add(DateTime.utc_now(), expires_in)
107 |> put_req_header("content-type", "application/json")
108 |> post("api/v1/statuses", %{
109 "status" => "oolong",
110 "expires_in" => expires_in
113 assert %{"id" => fourth_id} = json_response_and_validate_schema(conn_four, 200)
115 assert Activity.get_by_id(fourth_id)
118 worker: Pleroma.Workers.PurgeExpiredActivity,
119 args: %{activity_id: fourth_id},
120 scheduled_at: expires_at
124 test "it fails to create a status if `expires_in` is less or equal than an hour", %{
130 assert %{"error" => "Expiry date is too soon"} =
132 |> put_req_header("content-type", "application/json")
133 |> post("api/v1/statuses", %{
134 "status" => "oolong",
135 "expires_in" => expires_in
137 |> json_response_and_validate_schema(422)
142 assert %{"error" => "Expiry date is too soon"} =
144 |> put_req_header("content-type", "application/json")
145 |> post("api/v1/statuses", %{
146 "status" => "oolong",
147 "expires_in" => expires_in
149 |> json_response_and_validate_schema(422)
152 test "Get MRF reason when posting a status is rejected by one", %{conn: conn} do
153 clear_config([:mrf_keyword, :reject], ["GNO"])
154 clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
156 assert %{"error" => "[KeywordPolicy] Matches with rejected keyword"} =
158 |> put_req_header("content-type", "application/json")
159 |> post("api/v1/statuses", %{"status" => "GNO/Linux"})
160 |> json_response_and_validate_schema(422)
163 test "posting an undefined status with an attachment", %{user: user, conn: conn} do
165 content_type: "image/jpeg",
166 path: Path.absname("test/fixtures/image.jpg"),
167 filename: "an_image.jpg"
170 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
174 |> put_req_header("content-type", "application/json")
175 |> post("/api/v1/statuses", %{
176 "media_ids" => [to_string(upload.id)]
179 assert json_response_and_validate_schema(conn, 200)
182 test "replying to a status", %{user: user, conn: conn} do
183 {:ok, replied_to} = CommonAPI.post(user, %{status: "cofe"})
187 |> put_req_header("content-type", "application/json")
188 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
190 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn, 200)
192 activity = Activity.get_by_id(id)
194 assert activity.data["context"] == replied_to.data["context"]
195 assert Activity.get_in_reply_to_activity(activity).id == replied_to.id
198 test "replying to a direct message with visibility other than direct", %{
202 {:ok, replied_to} = CommonAPI.post(user, %{status: "suya..", visibility: "direct"})
204 Enum.each(["public", "private", "unlisted"], fn visibility ->
207 |> put_req_header("content-type", "application/json")
208 |> post("/api/v1/statuses", %{
209 "status" => "@#{user.nickname} hey",
210 "in_reply_to_id" => replied_to.id,
211 "visibility" => visibility
214 assert json_response_and_validate_schema(conn, 422) == %{
215 "error" => "The message visibility must be direct"
220 test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
223 |> put_req_header("content-type", "application/json")
224 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})
226 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn, 200)
227 assert Activity.get_by_id(id)
230 test "posting a sensitive status", %{conn: conn} do
233 |> put_req_header("content-type", "application/json")
234 |> post("/api/v1/statuses", %{"status" => "cofe", "sensitive" => true})
236 assert %{"content" => "cofe", "id" => id, "sensitive" => true} =
237 json_response_and_validate_schema(conn, 200)
239 assert Activity.get_by_id(id)
242 test "posting a fake status", %{conn: conn} do
245 |> put_req_header("content-type", "application/json")
246 |> post("/api/v1/statuses", %{
248 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it"
251 real_status = json_response_and_validate_schema(real_conn, 200)
254 assert Object.get_by_ap_id(real_status["uri"])
258 |> Map.put("id", nil)
259 |> Map.put("url", nil)
260 |> Map.put("uri", nil)
261 |> Map.put("created_at", nil)
262 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
266 |> assign(:user, refresh_record(conn.assigns.user))
267 |> put_req_header("content-type", "application/json")
268 |> post("/api/v1/statuses", %{
270 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it",
274 fake_status = json_response_and_validate_schema(fake_conn, 200)
277 refute Object.get_by_ap_id(fake_status["uri"])
281 |> Map.put("id", nil)
282 |> Map.put("url", nil)
283 |> Map.put("uri", nil)
284 |> Map.put("created_at", nil)
285 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
287 assert real_status == fake_status
290 test "fake statuses' preview card is not cached", %{conn: conn} do
291 clear_config([:rich_media, :enabled], true)
296 url: "https://example.com/twitter-card"
298 %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/twitter_card.html")}
301 apply(HttpRequestMock, :request, [env])
306 |> put_req_header("content-type", "application/json")
307 |> post("/api/v1/statuses", %{
308 "status" => "https://example.com/ogp",
314 |> put_req_header("content-type", "application/json")
315 |> post("/api/v1/statuses", %{
316 "status" => "https://example.com/twitter-card",
320 assert %{"card" => %{"title" => "The Rock"}} = json_response_and_validate_schema(conn1, 200)
322 assert %{"card" => %{"title" => "Small Island Developing States Photo Submission"}} =
323 json_response_and_validate_schema(conn2, 200)
326 test "posting a status with OGP link preview", %{conn: conn} do
327 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
328 clear_config([:rich_media, :enabled], true)
332 |> put_req_header("content-type", "application/json")
333 |> post("/api/v1/statuses", %{
334 "status" => "https://example.com/ogp"
337 assert %{"id" => id, "card" => %{"title" => "The Rock"}} =
338 json_response_and_validate_schema(conn, 200)
340 assert Activity.get_by_id(id)
343 test "posting a direct status", %{conn: conn} do
344 user2 = insert(:user)
345 content = "direct cofe @#{user2.nickname}"
349 |> put_req_header("content-type", "application/json")
350 |> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})
352 assert %{"id" => id} = response = json_response_and_validate_schema(conn, 200)
353 assert response["visibility"] == "direct"
354 assert response["pleroma"]["direct_conversation_id"]
355 assert activity = Activity.get_by_id(id)
356 assert activity.recipients == [user2.ap_id, conn.assigns[:user].ap_id]
357 assert activity.data["to"] == [user2.ap_id]
358 assert activity.data["cc"] == []
362 test "discloses application metadata when enabled" do
363 user = insert(:user, disclose_client: true)
364 %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
366 %Pleroma.Web.OAuth.Token{
367 app: %Pleroma.Web.OAuth.App{
368 client_name: app_name,
375 |> put_req_header("content-type", "application/json")
376 |> post("/api/v1/statuses", %{
377 "status" => "cofe is my copilot"
381 "content" => "cofe is my copilot",
384 "website" => ^app_website
386 } = json_response_and_validate_schema(result, 200)
389 test "hides application metadata when disabled" do
390 user = insert(:user, disclose_client: false)
391 %{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
395 |> put_req_header("content-type", "application/json")
396 |> post("/api/v1/statuses", %{
397 "status" => "club mate is my wingman"
401 "content" => "club mate is my wingman",
403 } = json_response_and_validate_schema(result, 200)
407 describe "posting scheduled statuses" do
408 setup do: oauth_access(["write:statuses"])
410 test "creates a scheduled activity", %{conn: conn} do
412 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
413 |> NaiveDateTime.to_iso8601()
418 |> put_req_header("content-type", "application/json")
419 |> post("/api/v1/statuses", %{
420 "status" => "scheduled",
421 "scheduled_at" => scheduled_at
424 assert %{"scheduled_at" => expected_scheduled_at} =
425 json_response_and_validate_schema(conn, 200)
427 assert expected_scheduled_at == CommonAPI.Utils.to_masto_date(scheduled_at)
428 assert [] == Repo.all(Activity)
431 test "with expiration" do
432 %{conn: conn} = oauth_access(["write:statuses", "read:statuses"])
435 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond)
436 |> NaiveDateTime.to_iso8601()
439 assert %{"id" => status_id, "params" => %{"expires_in" => 300}} =
441 |> put_req_header("content-type", "application/json")
442 |> post("/api/v1/statuses", %{
443 "status" => "scheduled",
444 "scheduled_at" => scheduled_at,
447 |> json_response_and_validate_schema(200)
449 assert %{"id" => ^status_id, "params" => %{"expires_in" => 300}} =
451 |> put_req_header("content-type", "application/json")
452 |> get("/api/v1/scheduled_statuses/#{status_id}")
453 |> json_response_and_validate_schema(200)
456 test "ignores nil values", %{conn: conn} do
459 |> put_req_header("content-type", "application/json")
460 |> post("/api/v1/statuses", %{
461 "status" => "not scheduled",
462 "scheduled_at" => nil
465 assert result = json_response_and_validate_schema(conn, 200)
466 assert Activity.get_by_id(result["id"])
469 test "creates a scheduled activity with a media attachment", %{user: user, conn: conn} do
471 NaiveDateTime.utc_now()
472 |> NaiveDateTime.add(:timer.minutes(120), :millisecond)
473 |> NaiveDateTime.to_iso8601()
477 content_type: "image/jpeg",
478 path: Path.absname("test/fixtures/image.jpg"),
479 filename: "an_image.jpg"
482 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
486 |> put_req_header("content-type", "application/json")
487 |> post("/api/v1/statuses", %{
488 "media_ids" => [to_string(upload.id)],
489 "status" => "scheduled",
490 "scheduled_at" => scheduled_at
493 assert %{"media_attachments" => [media_attachment]} =
494 json_response_and_validate_schema(conn, 200)
496 assert %{"type" => "image"} = media_attachment
499 test "skips the scheduling and creates the activity if scheduled_at is earlier than 5 minutes from now",
502 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(5) - 1, :millisecond)
503 |> NaiveDateTime.to_iso8601()
508 |> put_req_header("content-type", "application/json")
509 |> post("/api/v1/statuses", %{
510 "status" => "not scheduled",
511 "scheduled_at" => scheduled_at
514 assert %{"content" => "not scheduled"} = json_response_and_validate_schema(conn, 200)
515 assert [] == Repo.all(ScheduledActivity)
518 test "returns error when daily user limit is exceeded", %{user: user, conn: conn} do
520 NaiveDateTime.utc_now()
521 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
522 |> NaiveDateTime.to_iso8601()
526 attrs = %{params: %{}, scheduled_at: today}
527 {:ok, _} = ScheduledActivity.create(user, attrs)
528 {:ok, _} = ScheduledActivity.create(user, attrs)
532 |> put_req_header("content-type", "application/json")
533 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => today})
535 assert %{"error" => "daily limit exceeded"} == json_response_and_validate_schema(conn, 422)
538 test "returns error when total user limit is exceeded", %{user: user, conn: conn} do
540 NaiveDateTime.utc_now()
541 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
542 |> NaiveDateTime.to_iso8601()
546 NaiveDateTime.utc_now()
547 |> NaiveDateTime.add(:timer.hours(36), :millisecond)
548 |> NaiveDateTime.to_iso8601()
551 attrs = %{params: %{}, scheduled_at: today}
552 {:ok, _} = ScheduledActivity.create(user, attrs)
553 {:ok, _} = ScheduledActivity.create(user, attrs)
554 {:ok, _} = ScheduledActivity.create(user, %{params: %{}, scheduled_at: tomorrow})
558 |> put_req_header("content-type", "application/json")
559 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => tomorrow})
561 assert %{"error" => "total limit exceeded"} == json_response_and_validate_schema(conn, 422)
565 describe "posting polls" do
566 setup do: oauth_access(["write:statuses"])
568 test "posting a poll", %{conn: conn} do
569 time = NaiveDateTime.utc_now()
573 |> put_req_header("content-type", "application/json")
574 |> post("/api/v1/statuses", %{
575 "status" => "Who is the #bestgrill?",
577 "options" => ["Rei", "Asuka", "Misato"],
582 response = json_response_and_validate_schema(conn, 200)
584 assert Enum.all?(response["poll"]["options"], fn %{"title" => title} ->
585 title in ["Rei", "Asuka", "Misato"]
588 assert NaiveDateTime.diff(NaiveDateTime.from_iso8601!(response["poll"]["expires_at"]), time) in 420..430
589 assert response["poll"]["expired"] == false
591 question = Object.get_by_id(response["poll"]["id"])
593 # closed contains utc timezone
594 assert question.data["closed"] =~ "Z"
597 test "option limit is enforced", %{conn: conn} do
598 limit = Config.get([:instance, :poll_limits, :max_options])
602 |> put_req_header("content-type", "application/json")
603 |> post("/api/v1/statuses", %{
605 "poll" => %{"options" => Enum.map(0..limit, fn _ -> "desu" end), "expires_in" => 1}
608 %{"error" => error} = json_response_and_validate_schema(conn, 422)
609 assert error == "Poll can't contain more than #{limit} options"
612 test "option character limit is enforced", %{conn: conn} do
613 limit = Config.get([:instance, :poll_limits, :max_option_chars])
617 |> put_req_header("content-type", "application/json")
618 |> post("/api/v1/statuses", %{
621 "options" => [Enum.reduce(0..limit, "", fn _, acc -> acc <> "." end)],
626 %{"error" => error} = json_response_and_validate_schema(conn, 422)
627 assert error == "Poll options cannot be longer than #{limit} characters each"
630 test "minimal date limit is enforced", %{conn: conn} do
631 limit = Config.get([:instance, :poll_limits, :min_expiration])
635 |> put_req_header("content-type", "application/json")
636 |> post("/api/v1/statuses", %{
637 "status" => "imagine arbitrary limits",
639 "options" => ["this post was made by pleroma gang"],
640 "expires_in" => limit - 1
644 %{"error" => error} = json_response_and_validate_schema(conn, 422)
645 assert error == "Expiration date is too soon"
648 test "maximum date limit is enforced", %{conn: conn} do
649 limit = Config.get([:instance, :poll_limits, :max_expiration])
653 |> put_req_header("content-type", "application/json")
654 |> post("/api/v1/statuses", %{
655 "status" => "imagine arbitrary limits",
657 "options" => ["this post was made by pleroma gang"],
658 "expires_in" => limit + 1
662 %{"error" => error} = json_response_and_validate_schema(conn, 422)
663 assert error == "Expiration date is too far in the future"
666 test "scheduled poll", %{conn: conn} do
667 clear_config([ScheduledActivity, :enabled], true)
670 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond)
671 |> NaiveDateTime.to_iso8601()
674 %{"id" => scheduled_id} =
676 |> put_req_header("content-type", "application/json")
677 |> post("/api/v1/statuses", %{
678 "status" => "very cool poll",
680 "options" => ~w(a b c),
683 "scheduled_at" => scheduled_at
685 |> json_response_and_validate_schema(200)
687 assert {:ok, %{id: activity_id}} =
688 perform_job(Pleroma.Workers.ScheduledActivityWorker, %{
689 activity_id: scheduled_id
692 assert Repo.all(Oban.Job) == []
696 |> Repo.get(activity_id)
697 |> Object.normalize()
699 assert object.data["content"] == "very cool poll"
700 assert object.data["type"] == "Question"
701 assert length(object.data["oneOf"]) == 3
705 test "get a status" do
706 %{conn: conn} = oauth_access(["read:statuses"])
707 activity = insert(:note_activity)
709 conn = get(conn, "/api/v1/statuses/#{activity.id}")
711 assert %{"id" => id} = json_response_and_validate_schema(conn, 200)
712 assert id == to_string(activity.id)
715 defp local_and_remote_activities do
716 local = insert(:note_activity)
717 remote = insert(:note_activity, local: false)
718 {:ok, local: local, remote: remote}
721 describe "status with restrict unauthenticated activities for local and remote" do
722 setup do: local_and_remote_activities()
724 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
726 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
728 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
729 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
731 assert json_response_and_validate_schema(res_conn, :not_found) == %{
732 "error" => "Record not found"
735 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
737 assert json_response_and_validate_schema(res_conn, :not_found) == %{
738 "error" => "Record not found"
742 test "if user is authenticated", %{local: local, remote: remote} do
743 %{conn: conn} = oauth_access(["read"])
744 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
745 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
747 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
748 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
752 describe "status with restrict unauthenticated activities for local" do
753 setup do: local_and_remote_activities()
755 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
757 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
758 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
760 assert json_response_and_validate_schema(res_conn, :not_found) == %{
761 "error" => "Record not found"
764 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
765 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
768 test "if user is authenticated", %{local: local, remote: remote} do
769 %{conn: conn} = oauth_access(["read"])
770 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
771 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
773 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
774 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
778 describe "status with restrict unauthenticated activities for remote" do
779 setup do: local_and_remote_activities()
781 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
783 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
784 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
785 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
787 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
789 assert json_response_and_validate_schema(res_conn, :not_found) == %{
790 "error" => "Record not found"
794 test "if user is authenticated", %{local: local, remote: remote} do
795 %{conn: conn} = oauth_access(["read"])
796 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
797 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
799 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
800 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
804 test "getting a status that doesn't exist returns 404" do
805 %{conn: conn} = oauth_access(["read:statuses"])
806 activity = insert(:note_activity)
808 conn = get(conn, "/api/v1/statuses/#{String.downcase(activity.id)}")
810 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
813 test "get a direct status" do
814 %{user: user, conn: conn} = oauth_access(["read:statuses"])
815 other_user = insert(:user)
818 CommonAPI.post(user, %{status: "@#{other_user.nickname}", visibility: "direct"})
822 |> assign(:user, user)
823 |> get("/api/v1/statuses/#{activity.id}")
825 [participation] = Participation.for_user(user)
827 res = json_response_and_validate_schema(conn, 200)
828 assert res["pleroma"]["direct_conversation_id"] == participation.id
831 test "get statuses by IDs" do
832 %{conn: conn} = oauth_access(["read:statuses"])
833 %{id: id1} = insert(:note_activity)
834 %{id: id2} = insert(:note_activity)
836 query_string = "ids[]=#{id1}&ids[]=#{id2}"
837 conn = get(conn, "/api/v1/statuses/?#{query_string}")
839 assert [%{"id" => ^id1}, %{"id" => ^id2}] =
840 Enum.sort_by(json_response_and_validate_schema(conn, :ok), & &1["id"])
843 describe "getting statuses by ids with restricted unauthenticated for local and remote" do
844 setup do: local_and_remote_activities()
846 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
848 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
850 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
851 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
853 assert json_response_and_validate_schema(res_conn, 200) == []
856 test "if user is authenticated", %{local: local, remote: remote} do
857 %{conn: conn} = oauth_access(["read"])
859 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
861 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
865 describe "getting statuses by ids with restricted unauthenticated for local" do
866 setup do: local_and_remote_activities()
868 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
870 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
871 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
873 remote_id = remote.id
874 assert [%{"id" => ^remote_id}] = json_response_and_validate_schema(res_conn, 200)
877 test "if user is authenticated", %{local: local, remote: remote} do
878 %{conn: conn} = oauth_access(["read"])
880 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
882 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
886 describe "getting statuses by ids with restricted unauthenticated for remote" do
887 setup do: local_and_remote_activities()
889 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
891 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
892 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
895 assert [%{"id" => ^local_id}] = json_response_and_validate_schema(res_conn, 200)
898 test "if user is authenticated", %{local: local, remote: remote} do
899 %{conn: conn} = oauth_access(["read"])
901 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
903 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
907 describe "deleting a status" do
908 test "when you created it" do
909 %{user: author, conn: conn} = oauth_access(["write:statuses"])
910 activity = insert(:note_activity, user: author)
911 object = Object.normalize(activity, fetch: false)
913 content = object.data["content"]
914 source = object.data["source"]
918 |> assign(:user, author)
919 |> delete("/api/v1/statuses/#{activity.id}")
920 |> json_response_and_validate_schema(200)
922 assert match?(%{"content" => ^content, "text" => ^source}, result)
924 refute Activity.get_by_id(activity.id)
927 test "when it doesn't exist" do
928 %{user: author, conn: conn} = oauth_access(["write:statuses"])
929 activity = insert(:note_activity, user: author)
933 |> assign(:user, author)
934 |> delete("/api/v1/statuses/#{String.downcase(activity.id)}")
936 assert %{"error" => "Record not found"} == json_response_and_validate_schema(conn, 404)
939 test "when you didn't create it" do
940 %{conn: conn} = oauth_access(["write:statuses"])
941 activity = insert(:note_activity)
943 conn = delete(conn, "/api/v1/statuses/#{activity.id}")
945 assert %{"error" => "Record not found"} == json_response_and_validate_schema(conn, 404)
947 assert Activity.get_by_id(activity.id) == activity
950 test "when you're an admin or moderator", %{conn: conn} do
951 activity1 = insert(:note_activity)
952 activity2 = insert(:note_activity)
953 admin = insert(:user, is_admin: true)
954 moderator = insert(:user, is_moderator: true)
958 |> assign(:user, admin)
959 |> assign(:token, insert(:oauth_token, user: admin, scopes: ["write:statuses"]))
960 |> delete("/api/v1/statuses/#{activity1.id}")
962 assert %{} = json_response_and_validate_schema(res_conn, 200)
966 |> assign(:user, moderator)
967 |> assign(:token, insert(:oauth_token, user: moderator, scopes: ["write:statuses"]))
968 |> delete("/api/v1/statuses/#{activity2.id}")
970 assert %{} = json_response_and_validate_schema(res_conn, 200)
972 refute Activity.get_by_id(activity1.id)
973 refute Activity.get_by_id(activity2.id)
977 describe "reblogging" do
978 setup do: oauth_access(["write:statuses"])
980 test "reblogs and returns the reblogged status", %{conn: conn} do
981 activity = insert(:note_activity)
985 |> put_req_header("content-type", "application/json")
986 |> post("/api/v1/statuses/#{activity.id}/reblog")
989 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
991 } = json_response_and_validate_schema(conn, 200)
993 assert to_string(activity.id) == id
996 test "returns 404 if the reblogged status doesn't exist", %{conn: conn} do
997 activity = insert(:note_activity)
1001 |> put_req_header("content-type", "application/json")
1002 |> post("/api/v1/statuses/#{String.downcase(activity.id)}/reblog")
1004 assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404)
1007 test "reblogs privately and returns the reblogged status", %{conn: conn} do
1008 activity = insert(:note_activity)
1012 |> put_req_header("content-type", "application/json")
1014 "/api/v1/statuses/#{activity.id}/reblog",
1015 %{"visibility" => "private"}
1019 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
1020 "reblogged" => true,
1021 "visibility" => "private"
1022 } = json_response_and_validate_schema(conn, 200)
1024 assert to_string(activity.id) == id
1027 test "reblogged status for another user" do
1028 activity = insert(:note_activity)
1029 user1 = insert(:user)
1030 user2 = insert(:user)
1031 user3 = insert(:user)
1032 {:ok, _} = CommonAPI.favorite(user2, activity.id)
1033 {:ok, _bookmark} = Pleroma.Bookmark.create(user2.id, activity.id)
1034 {:ok, reblog_activity1} = CommonAPI.repeat(activity.id, user1)
1035 {:ok, _} = CommonAPI.repeat(activity.id, user2)
1039 |> assign(:user, user3)
1040 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["read:statuses"]))
1041 |> get("/api/v1/statuses/#{reblog_activity1.id}")
1044 "reblog" => %{"id" => _id, "reblogged" => false, "reblogs_count" => 2},
1045 "reblogged" => false,
1046 "favourited" => false,
1047 "bookmarked" => false
1048 } = json_response_and_validate_schema(conn_res, 200)
1052 |> assign(:user, user2)
1053 |> assign(:token, insert(:oauth_token, user: user2, scopes: ["read:statuses"]))
1054 |> get("/api/v1/statuses/#{reblog_activity1.id}")
1057 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 2},
1058 "reblogged" => true,
1059 "favourited" => true,
1060 "bookmarked" => true
1061 } = json_response_and_validate_schema(conn_res, 200)
1063 assert to_string(activity.id) == id
1066 test "author can reblog own private status", %{conn: conn, user: user} do
1067 {:ok, activity} = CommonAPI.post(user, %{status: "cofe", visibility: "private"})
1071 |> put_req_header("content-type", "application/json")
1072 |> post("/api/v1/statuses/#{activity.id}/reblog")
1075 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
1076 "reblogged" => true,
1077 "visibility" => "private"
1078 } = json_response_and_validate_schema(conn, 200)
1080 assert to_string(activity.id) == id
1084 describe "unreblogging" do
1085 setup do: oauth_access(["write:statuses"])
1087 test "unreblogs and returns the unreblogged status", %{user: user, conn: conn} do
1088 activity = insert(:note_activity)
1090 {:ok, _} = CommonAPI.repeat(activity.id, user)
1094 |> put_req_header("content-type", "application/json")
1095 |> post("/api/v1/statuses/#{activity.id}/unreblog")
1097 assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} =
1098 json_response_and_validate_schema(conn, 200)
1100 assert to_string(activity.id) == id
1103 test "returns 404 error when activity does not exist", %{conn: conn} do
1106 |> put_req_header("content-type", "application/json")
1107 |> post("/api/v1/statuses/foo/unreblog")
1109 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1113 describe "favoriting" do
1114 setup do: oauth_access(["write:favourites"])
1116 test "favs a status and returns it", %{conn: conn} do
1117 activity = insert(:note_activity)
1121 |> put_req_header("content-type", "application/json")
1122 |> post("/api/v1/statuses/#{activity.id}/favourite")
1124 assert %{"id" => id, "favourites_count" => 1, "favourited" => true} =
1125 json_response_and_validate_schema(conn, 200)
1127 assert to_string(activity.id) == id
1130 test "favoriting twice will just return 200", %{conn: conn} do
1131 activity = insert(:note_activity)
1134 |> put_req_header("content-type", "application/json")
1135 |> post("/api/v1/statuses/#{activity.id}/favourite")
1138 |> put_req_header("content-type", "application/json")
1139 |> post("/api/v1/statuses/#{activity.id}/favourite")
1140 |> json_response_and_validate_schema(200)
1143 test "returns 404 error for a wrong id", %{conn: conn} do
1146 |> put_req_header("content-type", "application/json")
1147 |> post("/api/v1/statuses/1/favourite")
1149 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1153 describe "unfavoriting" do
1154 setup do: oauth_access(["write:favourites"])
1156 test "unfavorites a status and returns it", %{user: user, conn: conn} do
1157 activity = insert(:note_activity)
1159 {:ok, _} = CommonAPI.favorite(user, activity.id)
1163 |> put_req_header("content-type", "application/json")
1164 |> post("/api/v1/statuses/#{activity.id}/unfavourite")
1166 assert %{"id" => id, "favourites_count" => 0, "favourited" => false} =
1167 json_response_and_validate_schema(conn, 200)
1169 assert to_string(activity.id) == id
1172 test "returns 404 error for a wrong id", %{conn: conn} do
1175 |> put_req_header("content-type", "application/json")
1176 |> post("/api/v1/statuses/1/unfavourite")
1178 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1182 describe "pinned statuses" do
1183 setup do: oauth_access(["write:accounts"])
1185 setup %{user: user} do
1186 {:ok, activity} = CommonAPI.post(user, %{status: "HI!!!"})
1188 %{activity: activity}
1191 setup do: clear_config([:instance, :max_pinned_statuses], 1)
1193 test "pin status", %{conn: conn, user: user, activity: activity} do
1194 id_str = to_string(activity.id)
1196 assert %{"id" => ^id_str, "pinned" => true} =
1198 |> put_req_header("content-type", "application/json")
1199 |> post("/api/v1/statuses/#{activity.id}/pin")
1200 |> json_response_and_validate_schema(200)
1202 assert [%{"id" => ^id_str, "pinned" => true}] =
1204 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1205 |> json_response_and_validate_schema(200)
1208 test "/pin: returns 400 error when activity is not public", %{conn: conn, user: user} do
1209 {:ok, dm} = CommonAPI.post(user, %{status: "test", visibility: "direct"})
1213 |> put_req_header("content-type", "application/json")
1214 |> post("/api/v1/statuses/#{dm.id}/pin")
1216 assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not pin"}
1219 test "unpin status", %{conn: conn, user: user, activity: activity} do
1220 {:ok, _} = CommonAPI.pin(activity.id, user)
1221 user = refresh_record(user)
1223 id_str = to_string(activity.id)
1225 assert %{"id" => ^id_str, "pinned" => false} =
1227 |> assign(:user, user)
1228 |> post("/api/v1/statuses/#{activity.id}/unpin")
1229 |> json_response_and_validate_schema(200)
1233 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1234 |> json_response_and_validate_schema(200)
1237 test "/unpin: returns 400 error when activity is not exist", %{conn: conn} do
1240 |> put_req_header("content-type", "application/json")
1241 |> post("/api/v1/statuses/1/unpin")
1243 assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not unpin"}
1246 test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
1247 {:ok, activity_two} = CommonAPI.post(user, %{status: "HI!!!"})
1249 id_str_one = to_string(activity_one.id)
1251 assert %{"id" => ^id_str_one, "pinned" => true} =
1253 |> put_req_header("content-type", "application/json")
1254 |> post("/api/v1/statuses/#{id_str_one}/pin")
1255 |> json_response_and_validate_schema(200)
1257 user = refresh_record(user)
1259 assert %{"error" => "You have already pinned the maximum number of statuses"} =
1261 |> assign(:user, user)
1262 |> post("/api/v1/statuses/#{activity_two.id}/pin")
1263 |> json_response_and_validate_schema(400)
1266 test "on pin removes deletion job, on unpin reschedule deletion" do
1267 %{conn: conn} = oauth_access(["write:accounts", "write:statuses"])
1268 expires_in = 2 * 60 * 60
1270 expires_at = DateTime.add(DateTime.utc_now(), expires_in)
1272 assert %{"id" => id} =
1274 |> put_req_header("content-type", "application/json")
1275 |> post("api/v1/statuses", %{
1276 "status" => "oolong",
1277 "expires_in" => expires_in
1279 |> json_response_and_validate_schema(200)
1282 worker: Pleroma.Workers.PurgeExpiredActivity,
1283 args: %{activity_id: id},
1284 scheduled_at: expires_at
1287 assert %{"id" => ^id, "pinned" => true} =
1289 |> put_req_header("content-type", "application/json")
1290 |> post("/api/v1/statuses/#{id}/pin")
1291 |> json_response_and_validate_schema(200)
1294 worker: Pleroma.Workers.PurgeExpiredActivity,
1295 args: %{activity_id: id},
1296 scheduled_at: expires_at
1299 assert %{"id" => ^id, "pinned" => false} =
1301 |> put_req_header("content-type", "application/json")
1302 |> post("/api/v1/statuses/#{id}/unpin")
1303 |> json_response_and_validate_schema(200)
1306 worker: Pleroma.Workers.PurgeExpiredActivity,
1307 args: %{activity_id: id},
1308 scheduled_at: expires_at
1315 clear_config([:rich_media, :enabled], true)
1317 oauth_access(["read:statuses"])
1320 test "returns rich-media card", %{conn: conn, user: user} do
1321 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
1323 {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp"})
1326 "image" => "http://ia.media-imdb.com/images/rock.jpg",
1327 "provider_name" => "example.com",
1328 "provider_url" => "https://example.com",
1329 "title" => "The Rock",
1331 "url" => "https://example.com/ogp",
1333 "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer.",
1336 "image" => "http://ia.media-imdb.com/images/rock.jpg",
1337 "title" => "The Rock",
1338 "type" => "video.movie",
1339 "url" => "https://example.com/ogp",
1341 "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer."
1348 |> get("/api/v1/statuses/#{activity.id}/card")
1349 |> json_response_and_validate_schema(200)
1351 assert response == card_data
1353 # works with private posts
1355 CommonAPI.post(user, %{status: "https://example.com/ogp", visibility: "direct"})
1359 |> get("/api/v1/statuses/#{activity.id}/card")
1360 |> json_response_and_validate_schema(200)
1362 assert response_two == card_data
1365 test "replaces missing description with an empty string", %{conn: conn, user: user} do
1366 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
1368 {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp-missing-data"})
1372 |> get("/api/v1/statuses/#{activity.id}/card")
1373 |> json_response_and_validate_schema(:ok)
1375 assert response == %{
1377 "title" => "Pleroma",
1378 "description" => "",
1380 "provider_name" => "example.com",
1381 "provider_url" => "https://example.com",
1382 "url" => "https://example.com/ogp-missing-data",
1385 "title" => "Pleroma",
1386 "type" => "website",
1387 "url" => "https://example.com/ogp-missing-data"
1395 bookmarks_uri = "/api/v1/bookmarks"
1397 %{conn: conn} = oauth_access(["write:bookmarks", "read:bookmarks"])
1398 author = insert(:user)
1400 {:ok, activity1} = CommonAPI.post(author, %{status: "heweoo?"})
1401 {:ok, activity2} = CommonAPI.post(author, %{status: "heweoo!"})
1405 |> put_req_header("content-type", "application/json")
1406 |> post("/api/v1/statuses/#{activity1.id}/bookmark")
1408 assert json_response_and_validate_schema(response1, 200)["bookmarked"] == true
1412 |> put_req_header("content-type", "application/json")
1413 |> post("/api/v1/statuses/#{activity2.id}/bookmark")
1415 assert json_response_and_validate_schema(response2, 200)["bookmarked"] == true
1417 bookmarks = get(conn, bookmarks_uri)
1420 json_response_and_validate_schema(response2, 200),
1421 json_response_and_validate_schema(response1, 200)
1423 json_response_and_validate_schema(bookmarks, 200)
1427 |> put_req_header("content-type", "application/json")
1428 |> post("/api/v1/statuses/#{activity1.id}/unbookmark")
1430 assert json_response_and_validate_schema(response1, 200)["bookmarked"] == false
1432 bookmarks = get(conn, bookmarks_uri)
1434 assert [json_response_and_validate_schema(response2, 200)] ==
1435 json_response_and_validate_schema(bookmarks, 200)
1438 describe "conversation muting" do
1439 setup do: oauth_access(["write:mutes"])
1442 post_user = insert(:user)
1443 {:ok, activity} = CommonAPI.post(post_user, %{status: "HIE"})
1444 %{activity: activity}
1447 test "mute conversation", %{conn: conn, activity: activity} do
1448 id_str = to_string(activity.id)
1450 assert %{"id" => ^id_str, "muted" => true} =
1452 |> put_req_header("content-type", "application/json")
1453 |> post("/api/v1/statuses/#{activity.id}/mute")
1454 |> json_response_and_validate_schema(200)
1457 test "cannot mute already muted conversation", %{conn: conn, user: user, activity: activity} do
1458 {:ok, _} = CommonAPI.add_mute(user, activity)
1462 |> put_req_header("content-type", "application/json")
1463 |> post("/api/v1/statuses/#{activity.id}/mute")
1465 assert json_response_and_validate_schema(conn, 400) == %{
1466 "error" => "conversation is already muted"
1470 test "unmute conversation", %{conn: conn, user: user, activity: activity} do
1471 {:ok, _} = CommonAPI.add_mute(user, activity)
1473 id_str = to_string(activity.id)
1475 assert %{"id" => ^id_str, "muted" => false} =
1477 # |> assign(:user, user)
1478 |> post("/api/v1/statuses/#{activity.id}/unmute")
1479 |> json_response_and_validate_schema(200)
1483 test "Repeated posts that are replies incorrectly have in_reply_to_id null", %{conn: conn} do
1484 user1 = insert(:user)
1485 user2 = insert(:user)
1486 user3 = insert(:user)
1488 {:ok, replied_to} = CommonAPI.post(user1, %{status: "cofe"})
1490 # Reply to status from another user
1493 |> assign(:user, user2)
1494 |> assign(:token, insert(:oauth_token, user: user2, scopes: ["write:statuses"]))
1495 |> put_req_header("content-type", "application/json")
1496 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
1498 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn1, 200)
1500 activity = Activity.get_by_id_with_object(id)
1502 assert Object.normalize(activity, fetch: false).data["inReplyTo"] ==
1503 Object.normalize(replied_to, fetch: false).data["id"]
1505 assert Activity.get_in_reply_to_activity(activity).id == replied_to.id
1507 # Reblog from the third user
1510 |> assign(:user, user3)
1511 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["write:statuses"]))
1512 |> put_req_header("content-type", "application/json")
1513 |> post("/api/v1/statuses/#{activity.id}/reblog")
1515 assert %{"reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1}} =
1516 json_response_and_validate_schema(conn2, 200)
1518 assert to_string(activity.id) == id
1520 # Getting third user status
1523 |> assign(:user, user3)
1524 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["read:statuses"]))
1525 |> get("api/v1/timelines/home")
1527 [reblogged_activity] = json_response(conn3, 200)
1529 assert reblogged_activity["reblog"]["in_reply_to_id"] == replied_to.id
1531 replied_to_user = User.get_by_ap_id(replied_to.data["actor"])
1532 assert reblogged_activity["reblog"]["in_reply_to_account_id"] == replied_to_user.id
1535 describe "GET /api/v1/statuses/:id/favourited_by" do
1536 setup do: oauth_access(["read:accounts"])
1538 setup %{user: user} do
1539 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1541 %{activity: activity}
1544 test "returns users who have favorited the status", %{conn: conn, activity: activity} do
1545 other_user = insert(:user)
1546 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1550 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1551 |> json_response_and_validate_schema(:ok)
1553 [%{"id" => id}] = response
1555 assert id == other_user.id
1558 test "returns empty array when status has not been favorited yet", %{
1564 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1565 |> json_response_and_validate_schema(:ok)
1567 assert Enum.empty?(response)
1570 test "does not return users who have favorited the status but are blocked", %{
1571 conn: %{assigns: %{user: user}} = conn,
1574 other_user = insert(:user)
1575 {:ok, _user_relationship} = User.block(user, other_user)
1577 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1581 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1582 |> json_response_and_validate_schema(:ok)
1584 assert Enum.empty?(response)
1587 test "does not fail on an unauthenticated request", %{activity: activity} do
1588 other_user = insert(:user)
1589 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1593 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1594 |> json_response_and_validate_schema(:ok)
1596 [%{"id" => id}] = response
1597 assert id == other_user.id
1600 test "requires authentication for private posts", %{user: user} do
1601 other_user = insert(:user)
1604 CommonAPI.post(user, %{
1605 status: "@#{other_user.nickname} wanna get some #cofe together?",
1606 visibility: "direct"
1609 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1611 favourited_by_url = "/api/v1/statuses/#{activity.id}/favourited_by"
1614 |> get(favourited_by_url)
1615 |> json_response_and_validate_schema(404)
1619 |> assign(:user, other_user)
1620 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"]))
1623 |> assign(:token, nil)
1624 |> get(favourited_by_url)
1625 |> json_response_and_validate_schema(404)
1629 |> get(favourited_by_url)
1630 |> json_response_and_validate_schema(200)
1632 [%{"id" => id}] = response
1633 assert id == other_user.id
1636 test "returns empty array when :show_reactions is disabled", %{conn: conn, activity: activity} do
1637 clear_config([:instance, :show_reactions], false)
1639 other_user = insert(:user)
1640 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1644 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1645 |> json_response_and_validate_schema(:ok)
1647 assert Enum.empty?(response)
1651 describe "GET /api/v1/statuses/:id/reblogged_by" do
1652 setup do: oauth_access(["read:accounts"])
1654 setup %{user: user} do
1655 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1657 %{activity: activity}
1660 test "returns users who have reblogged the status", %{conn: conn, activity: activity} do
1661 other_user = insert(:user)
1662 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1666 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1667 |> json_response_and_validate_schema(:ok)
1669 [%{"id" => id}] = response
1671 assert id == other_user.id
1674 test "returns empty array when status has not been reblogged yet", %{
1680 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1681 |> json_response_and_validate_schema(:ok)
1683 assert Enum.empty?(response)
1686 test "does not return users who have reblogged the status but are blocked", %{
1687 conn: %{assigns: %{user: user}} = conn,
1690 other_user = insert(:user)
1691 {:ok, _user_relationship} = User.block(user, other_user)
1693 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1697 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1698 |> json_response_and_validate_schema(:ok)
1700 assert Enum.empty?(response)
1703 test "does not return users who have reblogged the status privately", %{
1706 other_user = insert(:user)
1707 {:ok, activity} = CommonAPI.post(other_user, %{status: "my secret post"})
1709 {:ok, _} = CommonAPI.repeat(activity.id, other_user, %{visibility: "private"})
1713 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1714 |> json_response_and_validate_schema(:ok)
1716 assert Enum.empty?(response)
1719 test "does not fail on an unauthenticated request", %{activity: activity} do
1720 other_user = insert(:user)
1721 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1725 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1726 |> json_response_and_validate_schema(:ok)
1728 [%{"id" => id}] = response
1729 assert id == other_user.id
1732 test "requires authentication for private posts", %{user: user} do
1733 other_user = insert(:user)
1736 CommonAPI.post(user, %{
1737 status: "@#{other_user.nickname} wanna get some #cofe together?",
1738 visibility: "direct"
1742 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1743 |> json_response_and_validate_schema(404)
1747 |> assign(:user, other_user)
1748 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"]))
1749 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1750 |> json_response_and_validate_schema(200)
1752 assert [] == response
1757 user = insert(:user)
1759 {:ok, %{id: id1}} = CommonAPI.post(user, %{status: "1"})
1760 {:ok, %{id: id2}} = CommonAPI.post(user, %{status: "2", in_reply_to_status_id: id1})
1761 {:ok, %{id: id3}} = CommonAPI.post(user, %{status: "3", in_reply_to_status_id: id2})
1762 {:ok, %{id: id4}} = CommonAPI.post(user, %{status: "4", in_reply_to_status_id: id3})
1763 {:ok, %{id: id5}} = CommonAPI.post(user, %{status: "5", in_reply_to_status_id: id4})
1767 |> get("/api/v1/statuses/#{id3}/context")
1768 |> json_response_and_validate_schema(:ok)
1771 "ancestors" => [%{"id" => ^id1}, %{"id" => ^id2}],
1772 "descendants" => [%{"id" => ^id4}, %{"id" => ^id5}]
1776 test "favorites paginate correctly" do
1777 %{user: user, conn: conn} = oauth_access(["read:favourites"])
1778 other_user = insert(:user)
1779 {:ok, first_post} = CommonAPI.post(other_user, %{status: "bla"})
1780 {:ok, second_post} = CommonAPI.post(other_user, %{status: "bla"})
1781 {:ok, third_post} = CommonAPI.post(other_user, %{status: "bla"})
1783 {:ok, _first_favorite} = CommonAPI.favorite(user, third_post.id)
1784 {:ok, _second_favorite} = CommonAPI.favorite(user, first_post.id)
1785 {:ok, third_favorite} = CommonAPI.favorite(user, second_post.id)
1789 |> get("/api/v1/favourites?limit=1")
1791 assert [%{"id" => post_id}] = json_response_and_validate_schema(result, 200)
1792 assert post_id == second_post.id
1794 # Using the header for pagination works correctly
1795 [next, _] = get_resp_header(result, "link") |> hd() |> String.split(", ")
1796 [_, max_id] = Regex.run(~r/max_id=([^&]+)/, next)
1798 assert max_id == third_favorite.id
1802 |> get("/api/v1/favourites?max_id=#{max_id}")
1804 assert [%{"id" => first_post_id}, %{"id" => third_post_id}] =
1805 json_response_and_validate_schema(result, 200)
1807 assert first_post_id == first_post.id
1808 assert third_post_id == third_post.id
1811 test "returns the favorites of a user" do
1812 %{user: user, conn: conn} = oauth_access(["read:favourites"])
1813 other_user = insert(:user)
1815 {:ok, _} = CommonAPI.post(other_user, %{status: "bla"})
1816 {:ok, activity} = CommonAPI.post(other_user, %{status: "trees are happy"})
1818 {:ok, last_like} = CommonAPI.favorite(user, activity.id)
1820 first_conn = get(conn, "/api/v1/favourites")
1822 assert [status] = json_response_and_validate_schema(first_conn, 200)
1823 assert status["id"] == to_string(activity.id)
1825 assert [{"link", _link_header}] =
1826 Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end)
1828 # Honours query params
1829 {:ok, second_activity} =
1830 CommonAPI.post(other_user, %{
1831 status: "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful."
1834 {:ok, _} = CommonAPI.favorite(user, second_activity.id)
1836 second_conn = get(conn, "/api/v1/favourites?since_id=#{last_like.id}")
1838 assert [second_status] = json_response_and_validate_schema(second_conn, 200)
1839 assert second_status["id"] == to_string(second_activity.id)
1841 third_conn = get(conn, "/api/v1/favourites?limit=0")
1843 assert [] = json_response_and_validate_schema(third_conn, 200)
1846 test "expires_at is nil for another user" do
1847 %{conn: conn, user: user} = oauth_access(["read:statuses"])
1848 expires_at = DateTime.add(DateTime.utc_now(), 1_000_000)
1849 {:ok, activity} = CommonAPI.post(user, %{status: "foobar", expires_in: 1_000_000})
1851 assert %{"pleroma" => %{"expires_at" => a_expires_at}} =
1853 |> get("/api/v1/statuses/#{activity.id}")
1854 |> json_response_and_validate_schema(:ok)
1856 {:ok, a_expires_at, 0} = DateTime.from_iso8601(a_expires_at)
1857 assert DateTime.diff(expires_at, a_expires_at) == 0
1859 %{conn: conn} = oauth_access(["read:statuses"])
1861 assert %{"pleroma" => %{"expires_at" => nil}} =
1863 |> get("/api/v1/statuses/#{activity.id}")
1864 |> json_response_and_validate_schema(:ok)
1867 test "posting a local only status" do
1868 %{user: _user, conn: conn} = oauth_access(["write:statuses"])
1872 |> put_req_header("content-type", "application/json")
1873 |> post("/api/v1/statuses", %{
1875 "visibility" => "local"
1878 local = Pleroma.Constants.as_local_public()
1880 assert %{"content" => "cofe", "id" => id, "visibility" => "local"} =
1881 json_response(conn_one, 200)
1883 assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id)
1886 describe "muted reactions" do
1888 %{conn: conn, user: user} = oauth_access(["read:statuses"])
1890 other_user = insert(:user)
1891 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1893 {:ok, _} = CommonAPI.react_with_emoji(activity.id, other_user, "🎅")
1894 User.mute(user, other_user)
1898 |> get("/api/v1/statuses/?ids[]=#{activity.id}")
1899 |> json_response_and_validate_schema(200)
1904 "emoji_reactions" => []
1911 |> get("/api/v1/statuses/?ids[]=#{activity.id}&with_muted=true")
1912 |> json_response_and_validate_schema(200)
1917 "emoji_reactions" => [%{"count" => 1, "me" => false, "name" => "🎅"}]
1924 # %{conn: conn, user: user, token: token} = oauth_access(["read:statuses"])
1925 %{conn: conn, user: user, token: _token} = oauth_access(["read:statuses"])
1927 other_user = insert(:user)
1928 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1930 {:ok, _} = CommonAPI.react_with_emoji(activity.id, other_user, "🎅")
1931 User.mute(user, other_user)
1935 |> get("/api/v1/statuses/#{activity.id}")
1936 |> json_response_and_validate_schema(200)
1940 "emoji_reactions" => []
1946 |> get("/api/v1/statuses/#{activity.id}?with_muted=true")
1947 |> json_response_and_validate_schema(200)
1951 "emoji_reactions" => [%{"count" => 1, "me" => false, "name" => "🎅"}]