Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma...
[akkoma] / test / pleroma / web / mastodon_api / views / account_view_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
6 use Pleroma.DataCase
7
8 alias Pleroma.Config
9 alias Pleroma.User
10 alias Pleroma.UserRelationship
11 alias Pleroma.Web.CommonAPI
12 alias Pleroma.Web.MastodonAPI.AccountView
13
14 import Pleroma.Factory
15 import Tesla.Mock
16
17 setup do
18 mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
19 :ok
20 end
21
22 test "Represent a user account" do
23 background_image = %{
24 "url" => [%{"href" => "https://example.com/images/asuka_hospital.png"}]
25 }
26
27 user =
28 insert(:user, %{
29 follower_count: 3,
30 note_count: 5,
31 background: background_image,
32 nickname: "shp@shitposter.club",
33 name: ":karjalanpiirakka: shp",
34 bio:
35 "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f '&<>\"",
36 inserted_at: ~N[2017-08-15 15:47:06.597036],
37 emoji: %{"karjalanpiirakka" => "/file.png"},
38 raw_bio: "valid html. a\nb\nc\nd\nf '&<>\""
39 })
40
41 expected = %{
42 id: to_string(user.id),
43 username: "shp",
44 acct: user.nickname,
45 display_name: user.name,
46 locked: false,
47 created_at: "2017-08-15T15:47:06.000Z",
48 followers_count: 3,
49 following_count: 0,
50 statuses_count: 5,
51 note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f &#39;&amp;&lt;&gt;&quot;",
52 url: user.ap_id,
53 avatar: "http://localhost:4001/images/avi.png",
54 avatar_static: "http://localhost:4001/images/avi.png",
55 header: "http://localhost:4001/images/banner.png",
56 header_static: "http://localhost:4001/images/banner.png",
57 emojis: [
58 %{
59 static_url: "/file.png",
60 url: "/file.png",
61 shortcode: "karjalanpiirakka",
62 visible_in_picker: false
63 }
64 ],
65 fields: [],
66 bot: false,
67 source: %{
68 note: "valid html. a\nb\nc\nd\nf '&<>\"",
69 sensitive: false,
70 pleroma: %{
71 actor_type: "Person",
72 discoverable: true
73 },
74 fields: []
75 },
76 pleroma: %{
77 ap_id: user.ap_id,
78 background_image: "https://example.com/images/asuka_hospital.png",
79 favicon: nil,
80 confirmation_pending: false,
81 tags: [],
82 is_admin: false,
83 is_moderator: false,
84 hide_favorites: true,
85 hide_followers: false,
86 hide_follows: false,
87 hide_followers_count: false,
88 hide_follows_count: false,
89 relationship: %{},
90 skip_thread_containment: false,
91 accepts_chat_messages: nil
92 }
93 }
94
95 assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})
96 end
97
98 describe "favicon" do
99 setup do
100 [user: insert(:user)]
101 end
102
103 test "is parsed when :instance_favicons is enabled", %{user: user} do
104 clear_config([:instances_favicons, :enabled], true)
105
106 assert %{
107 pleroma: %{
108 favicon:
109 "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png"
110 }
111 } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
112 end
113
114 test "is nil when :instances_favicons is disabled", %{user: user} do
115 assert %{pleroma: %{favicon: nil}} =
116 AccountView.render("show.json", %{user: user, skip_visibility_check: true})
117 end
118 end
119
120 test "Represent the user account for the account owner" do
121 user = insert(:user)
122
123 notification_settings = %{
124 block_from_strangers: false,
125 hide_notification_contents: false
126 }
127
128 privacy = user.default_scope
129
130 assert %{
131 pleroma: %{notification_settings: ^notification_settings, allow_following_move: true},
132 source: %{privacy: ^privacy}
133 } = AccountView.render("show.json", %{user: user, for: user})
134 end
135
136 test "Represent a Service(bot) account" do
137 user =
138 insert(:user, %{
139 follower_count: 3,
140 note_count: 5,
141 actor_type: "Service",
142 nickname: "shp@shitposter.club",
143 inserted_at: ~N[2017-08-15 15:47:06.597036]
144 })
145
146 expected = %{
147 id: to_string(user.id),
148 username: "shp",
149 acct: user.nickname,
150 display_name: user.name,
151 locked: false,
152 created_at: "2017-08-15T15:47:06.000Z",
153 followers_count: 3,
154 following_count: 0,
155 statuses_count: 5,
156 note: user.bio,
157 url: user.ap_id,
158 avatar: "http://localhost:4001/images/avi.png",
159 avatar_static: "http://localhost:4001/images/avi.png",
160 header: "http://localhost:4001/images/banner.png",
161 header_static: "http://localhost:4001/images/banner.png",
162 emojis: [],
163 fields: [],
164 bot: true,
165 source: %{
166 note: user.bio,
167 sensitive: false,
168 pleroma: %{
169 actor_type: "Service",
170 discoverable: true
171 },
172 fields: []
173 },
174 pleroma: %{
175 ap_id: user.ap_id,
176 background_image: nil,
177 favicon: nil,
178 confirmation_pending: false,
179 tags: [],
180 is_admin: false,
181 is_moderator: false,
182 hide_favorites: true,
183 hide_followers: false,
184 hide_follows: false,
185 hide_followers_count: false,
186 hide_follows_count: false,
187 relationship: %{},
188 skip_thread_containment: false,
189 accepts_chat_messages: nil
190 }
191 }
192
193 assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})
194 end
195
196 test "Represent a Funkwhale channel" do
197 {:ok, user} =
198 User.get_or_fetch_by_ap_id(
199 "https://channels.tests.funkwhale.audio/federation/actors/compositions"
200 )
201
202 assert represented =
203 AccountView.render("show.json", %{user: user, skip_visibility_check: true})
204
205 assert represented.acct == "compositions@channels.tests.funkwhale.audio"
206 assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"
207 end
208
209 test "Represent a deactivated user for an admin" do
210 admin = insert(:user, is_admin: true)
211 deactivated_user = insert(:user, deactivated: true)
212 represented = AccountView.render("show.json", %{user: deactivated_user, for: admin})
213 assert represented[:pleroma][:deactivated] == true
214 end
215
216 test "Represent a smaller mention" do
217 user = insert(:user)
218
219 expected = %{
220 id: to_string(user.id),
221 acct: user.nickname,
222 username: user.nickname,
223 url: user.ap_id
224 }
225
226 assert expected == AccountView.render("mention.json", %{user: user})
227 end
228
229 test "demands :for or :skip_visibility_check option for account rendering" do
230 clear_config([:restrict_unauthenticated, :profiles, :local], false)
231
232 user = insert(:user)
233 user_id = user.id
234
235 assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil})
236 assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user})
237
238 assert %{id: ^user_id} =
239 AccountView.render("show.json", %{user: user, skip_visibility_check: true})
240
241 assert_raise RuntimeError, ~r/:skip_visibility_check or :for option is required/, fn ->
242 AccountView.render("show.json", %{user: user})
243 end
244 end
245
246 describe "relationship" do
247 defp test_relationship_rendering(user, other_user, expected_result) do
248 opts = %{user: user, target: other_user, relationships: nil}
249 assert expected_result == AccountView.render("relationship.json", opts)
250
251 relationships_opt = UserRelationship.view_relationships_option(user, [other_user])
252 opts = Map.put(opts, :relationships, relationships_opt)
253 assert expected_result == AccountView.render("relationship.json", opts)
254
255 assert [expected_result] ==
256 AccountView.render("relationships.json", %{user: user, targets: [other_user]})
257 end
258
259 @blank_response %{
260 following: false,
261 followed_by: false,
262 blocking: false,
263 blocked_by: false,
264 muting: false,
265 muting_notifications: false,
266 subscribing: false,
267 requested: false,
268 domain_blocking: false,
269 showing_reblogs: true,
270 endorsed: false
271 }
272
273 test "represent a relationship for the following and followed user" do
274 user = insert(:user)
275 other_user = insert(:user)
276
277 {:ok, user} = User.follow(user, other_user)
278 {:ok, other_user} = User.follow(other_user, user)
279 {:ok, _subscription} = User.subscribe(user, other_user)
280 {:ok, _user_relationships} = User.mute(user, other_user, true)
281 {:ok, _reblog_mute} = CommonAPI.hide_reblogs(user, other_user)
282
283 expected =
284 Map.merge(
285 @blank_response,
286 %{
287 following: true,
288 followed_by: true,
289 muting: true,
290 muting_notifications: true,
291 subscribing: true,
292 showing_reblogs: false,
293 id: to_string(other_user.id)
294 }
295 )
296
297 test_relationship_rendering(user, other_user, expected)
298 end
299
300 test "represent a relationship for the blocking and blocked user" do
301 user = insert(:user)
302 other_user = insert(:user)
303
304 {:ok, user} = User.follow(user, other_user)
305 {:ok, _subscription} = User.subscribe(user, other_user)
306 {:ok, _user_relationship} = User.block(user, other_user)
307 {:ok, _user_relationship} = User.block(other_user, user)
308
309 expected =
310 Map.merge(
311 @blank_response,
312 %{following: false, blocking: true, blocked_by: true, id: to_string(other_user.id)}
313 )
314
315 test_relationship_rendering(user, other_user, expected)
316 end
317
318 test "represent a relationship for the user blocking a domain" do
319 user = insert(:user)
320 other_user = insert(:user, ap_id: "https://bad.site/users/other_user")
321
322 {:ok, user} = User.block_domain(user, "bad.site")
323
324 expected =
325 Map.merge(
326 @blank_response,
327 %{domain_blocking: true, blocking: false, id: to_string(other_user.id)}
328 )
329
330 test_relationship_rendering(user, other_user, expected)
331 end
332
333 test "represent a relationship for the user with a pending follow request" do
334 user = insert(:user)
335 other_user = insert(:user, is_locked: true)
336
337 {:ok, user, other_user, _} = CommonAPI.follow(user, other_user)
338 user = User.get_cached_by_id(user.id)
339 other_user = User.get_cached_by_id(other_user.id)
340
341 expected =
342 Map.merge(
343 @blank_response,
344 %{requested: true, following: false, id: to_string(other_user.id)}
345 )
346
347 test_relationship_rendering(user, other_user, expected)
348 end
349 end
350
351 test "returns the settings store if the requesting user is the represented user and it's requested specifically" do
352 user = insert(:user, pleroma_settings_store: %{fe: "test"})
353
354 result =
355 AccountView.render("show.json", %{user: user, for: user, with_pleroma_settings: true})
356
357 assert result.pleroma.settings_store == %{:fe => "test"}
358
359 result = AccountView.render("show.json", %{user: user, for: nil, with_pleroma_settings: true})
360 assert result.pleroma[:settings_store] == nil
361
362 result = AccountView.render("show.json", %{user: user, for: user})
363 assert result.pleroma[:settings_store] == nil
364 end
365
366 test "doesn't sanitize display names" do
367 user = insert(:user, name: "<marquee> username </marquee>")
368 result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
369 assert result.display_name == "<marquee> username </marquee>"
370 end
371
372 test "never display nil user follow counts" do
373 user = insert(:user, following_count: 0, follower_count: 0)
374 result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
375
376 assert result.following_count == 0
377 assert result.followers_count == 0
378 end
379
380 describe "hiding follows/following" do
381 test "shows when follows/followers stats are hidden and sets follow/follower count to 0" do
382 user =
383 insert(:user, %{
384 hide_followers: true,
385 hide_followers_count: true,
386 hide_follows: true,
387 hide_follows_count: true
388 })
389
390 other_user = insert(:user)
391 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
392 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
393
394 assert %{
395 followers_count: 0,
396 following_count: 0,
397 pleroma: %{hide_follows_count: true, hide_followers_count: true}
398 } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
399 end
400
401 test "shows when follows/followers are hidden" do
402 user = insert(:user, hide_followers: true, hide_follows: true)
403 other_user = insert(:user)
404 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
405 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
406
407 assert %{
408 followers_count: 1,
409 following_count: 1,
410 pleroma: %{hide_follows: true, hide_followers: true}
411 } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
412 end
413
414 test "shows actual follower/following count to the account owner" do
415 user = insert(:user, hide_followers: true, hide_follows: true)
416 other_user = insert(:user)
417 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
418
419 assert User.following?(user, other_user)
420 assert Pleroma.FollowingRelationship.follower_count(other_user) == 1
421 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
422
423 assert %{
424 followers_count: 1,
425 following_count: 1
426 } = AccountView.render("show.json", %{user: user, for: user})
427 end
428
429 test "shows unread_conversation_count only to the account owner" do
430 user = insert(:user)
431 other_user = insert(:user)
432
433 {:ok, _activity} =
434 CommonAPI.post(other_user, %{
435 status: "Hey @#{user.nickname}.",
436 visibility: "direct"
437 })
438
439 user = User.get_cached_by_ap_id(user.ap_id)
440
441 assert AccountView.render("show.json", %{user: user, for: other_user})[:pleroma][
442 :unread_conversation_count
443 ] == nil
444
445 assert AccountView.render("show.json", %{user: user, for: user})[:pleroma][
446 :unread_conversation_count
447 ] == 1
448 end
449
450 test "shows unread_count only to the account owner" do
451 user = insert(:user)
452 insert_list(7, :notification, user: user, activity: insert(:note_activity))
453 other_user = insert(:user)
454
455 user = User.get_cached_by_ap_id(user.ap_id)
456
457 assert AccountView.render(
458 "show.json",
459 %{user: user, for: other_user}
460 )[:pleroma][:unread_notifications_count] == nil
461
462 assert AccountView.render(
463 "show.json",
464 %{user: user, for: user}
465 )[:pleroma][:unread_notifications_count] == 7
466 end
467 end
468
469 describe "follow requests counter" do
470 test "shows zero when no follow requests are pending" do
471 user = insert(:user)
472
473 assert %{follow_requests_count: 0} =
474 AccountView.render("show.json", %{user: user, for: user})
475
476 other_user = insert(:user)
477 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
478
479 assert %{follow_requests_count: 0} =
480 AccountView.render("show.json", %{user: user, for: user})
481 end
482
483 test "shows non-zero when follow requests are pending" do
484 user = insert(:user, is_locked: true)
485
486 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
487
488 other_user = insert(:user)
489 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
490
491 assert %{locked: true, follow_requests_count: 1} =
492 AccountView.render("show.json", %{user: user, for: user})
493 end
494
495 test "decreases when accepting a follow request" do
496 user = insert(:user, is_locked: true)
497
498 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
499
500 other_user = insert(:user)
501 {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)
502
503 assert %{locked: true, follow_requests_count: 1} =
504 AccountView.render("show.json", %{user: user, for: user})
505
506 {:ok, _other_user} = CommonAPI.accept_follow_request(other_user, user)
507
508 assert %{locked: true, follow_requests_count: 0} =
509 AccountView.render("show.json", %{user: user, for: user})
510 end
511
512 test "decreases when rejecting a follow request" do
513 user = insert(:user, is_locked: true)
514
515 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
516
517 other_user = insert(:user)
518 {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)
519
520 assert %{locked: true, follow_requests_count: 1} =
521 AccountView.render("show.json", %{user: user, for: user})
522
523 {:ok, _other_user} = CommonAPI.reject_follow_request(other_user, user)
524
525 assert %{locked: true, follow_requests_count: 0} =
526 AccountView.render("show.json", %{user: user, for: user})
527 end
528
529 test "shows non-zero when historical unapproved requests are present" do
530 user = insert(:user, is_locked: true)
531
532 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
533
534 other_user = insert(:user)
535 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
536
537 {:ok, user} = User.update_and_set_cache(user, %{is_locked: false})
538
539 assert %{locked: false, follow_requests_count: 1} =
540 AccountView.render("show.json", %{user: user, for: user})
541 end
542 end
543
544 test "uses mediaproxy urls when it's enabled (regardless of media preview proxy state)" do
545 clear_config([:media_proxy, :enabled], true)
546 clear_config([:media_preview_proxy, :enabled])
547
548 user =
549 insert(:user,
550 avatar: %{"url" => [%{"href" => "https://evil.website/avatar.png"}]},
551 banner: %{"url" => [%{"href" => "https://evil.website/banner.png"}]},
552 emoji: %{"joker_smile" => "https://evil.website/society.png"}
553 )
554
555 with media_preview_enabled <- [false, true] do
556 Config.put([:media_preview_proxy, :enabled], media_preview_enabled)
557
558 AccountView.render("show.json", %{user: user, skip_visibility_check: true})
559 |> Enum.all?(fn
560 {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
561 String.starts_with?(url, Pleroma.Web.base_url())
562
563 {:emojis, emojis} ->
564 Enum.all?(emojis, fn %{url: url, static_url: static_url} ->
565 String.starts_with?(url, Pleroma.Web.base_url()) &&
566 String.starts_with?(static_url, Pleroma.Web.base_url())
567 end)
568
569 _ ->
570 true
571 end)
572 |> assert()
573 end
574 end
575 end