Merge develop to bump elixir version in the CI so I don't get failing formatting
[akkoma] / test / web / activity_pub / activity_pub_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
6 use Pleroma.Web.ConnCase
7 import Pleroma.Factory
8 alias Pleroma.Activity
9 alias Pleroma.Instances
10 alias Pleroma.Object
11 alias Pleroma.Repo
12 alias Pleroma.User
13 alias Pleroma.Web.ActivityPub.ObjectView
14 alias Pleroma.Web.ActivityPub.UserView
15
16 setup_all do
17 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
18 :ok
19 end
20
21 describe "/relay" do
22 test "with the relay active, it returns the relay user", %{conn: conn} do
23 res =
24 conn
25 |> get(activity_pub_path(conn, :relay))
26 |> json_response(200)
27
28 assert res["id"] =~ "/relay"
29 end
30
31 test "with the relay disabled, it returns 404", %{conn: conn} do
32 Pleroma.Config.put([:instance, :allow_relay], false)
33
34 conn
35 |> get(activity_pub_path(conn, :relay))
36 |> json_response(404)
37 |> assert
38
39 Pleroma.Config.put([:instance, :allow_relay], true)
40 end
41 end
42
43 describe "/users/:nickname" do
44 test "it returns a json representation of the user with accept application/json", %{
45 conn: conn
46 } do
47 user = insert(:user)
48
49 conn =
50 conn
51 |> put_req_header("accept", "application/json")
52 |> get("/users/#{user.nickname}")
53
54 user = Repo.get(User, user.id)
55
56 assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
57 end
58
59 test "it returns a json representation of the user with accept application/activity+json", %{
60 conn: conn
61 } do
62 user = insert(:user)
63
64 conn =
65 conn
66 |> put_req_header("accept", "application/activity+json")
67 |> get("/users/#{user.nickname}")
68
69 user = Repo.get(User, user.id)
70
71 assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
72 end
73
74 test "it returns a json representation of the user with accept application/ld+json", %{
75 conn: conn
76 } do
77 user = insert(:user)
78
79 conn =
80 conn
81 |> put_req_header(
82 "accept",
83 "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\""
84 )
85 |> get("/users/#{user.nickname}")
86
87 user = Repo.get(User, user.id)
88
89 assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
90 end
91 end
92
93 describe "/object/:uuid" do
94 test "it returns a json representation of the object with accept application/json", %{
95 conn: conn
96 } do
97 note = insert(:note)
98 uuid = String.split(note.data["id"], "/") |> List.last()
99
100 conn =
101 conn
102 |> put_req_header("accept", "application/json")
103 |> get("/objects/#{uuid}")
104
105 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note})
106 end
107
108 test "it returns a json representation of the object with accept application/activity+json",
109 %{conn: conn} do
110 note = insert(:note)
111 uuid = String.split(note.data["id"], "/") |> List.last()
112
113 conn =
114 conn
115 |> put_req_header("accept", "application/activity+json")
116 |> get("/objects/#{uuid}")
117
118 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note})
119 end
120
121 test "it returns a json representation of the object with accept application/ld+json", %{
122 conn: conn
123 } do
124 note = insert(:note)
125 uuid = String.split(note.data["id"], "/") |> List.last()
126
127 conn =
128 conn
129 |> put_req_header(
130 "accept",
131 "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\""
132 )
133 |> get("/objects/#{uuid}")
134
135 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note})
136 end
137
138 test "it returns 404 for non-public messages", %{conn: conn} do
139 note = insert(:direct_note)
140 uuid = String.split(note.data["id"], "/") |> List.last()
141
142 conn =
143 conn
144 |> put_req_header("accept", "application/activity+json")
145 |> get("/objects/#{uuid}")
146
147 assert json_response(conn, 404)
148 end
149
150 test "it returns 404 for tombstone objects", %{conn: conn} do
151 tombstone = insert(:tombstone)
152 uuid = String.split(tombstone.data["id"], "/") |> List.last()
153
154 conn =
155 conn
156 |> put_req_header("accept", "application/activity+json")
157 |> get("/objects/#{uuid}")
158
159 assert json_response(conn, 404)
160 end
161 end
162
163 describe "/object/:uuid/likes" do
164 test "it returns the like activities in a collection", %{conn: conn} do
165 like = insert(:like_activity)
166 uuid = String.split(like.data["object"], "/") |> List.last()
167
168 result =
169 conn
170 |> put_req_header("accept", "application/activity+json")
171 |> get("/objects/#{uuid}/likes")
172 |> json_response(200)
173
174 assert List.first(result["first"]["orderedItems"])["id"] == like.data["id"]
175 end
176 end
177
178 describe "/activities/:uuid" do
179 test "it returns a json representation of the activity", %{conn: conn} do
180 activity = insert(:note_activity)
181 uuid = String.split(activity.data["id"], "/") |> List.last()
182
183 conn =
184 conn
185 |> put_req_header("accept", "application/activity+json")
186 |> get("/activities/#{uuid}")
187
188 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: activity})
189 end
190
191 test "it returns 404 for non-public activities", %{conn: conn} do
192 activity = insert(:direct_note_activity)
193 uuid = String.split(activity.data["id"], "/") |> List.last()
194
195 conn =
196 conn
197 |> put_req_header("accept", "application/activity+json")
198 |> get("/activities/#{uuid}")
199
200 assert json_response(conn, 404)
201 end
202 end
203
204 describe "/inbox" do
205 test "it inserts an incoming activity into the database", %{conn: conn} do
206 data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
207
208 conn =
209 conn
210 |> assign(:valid_signature, true)
211 |> put_req_header("content-type", "application/activity+json")
212 |> post("/inbox", data)
213
214 assert "ok" == json_response(conn, 200)
215 :timer.sleep(500)
216 assert Activity.get_by_ap_id(data["id"])
217 end
218
219 test "it clears `unreachable` federation status of the sender", %{conn: conn} do
220 data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
221
222 sender_url = data["actor"]
223 Instances.set_consistently_unreachable(sender_url)
224 refute Instances.reachable?(sender_url)
225
226 conn =
227 conn
228 |> assign(:valid_signature, true)
229 |> put_req_header("content-type", "application/activity+json")
230 |> post("/inbox", data)
231
232 assert "ok" == json_response(conn, 200)
233 assert Instances.reachable?(sender_url)
234 end
235 end
236
237 describe "/users/:nickname/inbox" do
238 test "it inserts an incoming activity into the database", %{conn: conn} do
239 user = insert(:user)
240
241 data =
242 File.read!("test/fixtures/mastodon-post-activity.json")
243 |> Poison.decode!()
244 |> Map.put("bcc", [user.ap_id])
245
246 conn =
247 conn
248 |> assign(:valid_signature, true)
249 |> put_req_header("content-type", "application/activity+json")
250 |> post("/users/#{user.nickname}/inbox", data)
251
252 assert "ok" == json_response(conn, 200)
253 :timer.sleep(500)
254 assert Activity.get_by_ap_id(data["id"])
255 end
256
257 test "it rejects reads from other users", %{conn: conn} do
258 user = insert(:user)
259 otheruser = insert(:user)
260
261 conn =
262 conn
263 |> assign(:user, otheruser)
264 |> put_req_header("accept", "application/activity+json")
265 |> get("/users/#{user.nickname}/inbox")
266
267 assert json_response(conn, 403)
268 end
269
270 test "it returns a note activity in a collection", %{conn: conn} do
271 note_activity = insert(:direct_note_activity)
272 user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))
273
274 conn =
275 conn
276 |> assign(:user, user)
277 |> put_req_header("accept", "application/activity+json")
278 |> get("/users/#{user.nickname}/inbox")
279
280 assert response(conn, 200) =~ note_activity.data["object"]["content"]
281 end
282
283 test "it clears `unreachable` federation status of the sender", %{conn: conn} do
284 user = insert(:user)
285
286 data =
287 File.read!("test/fixtures/mastodon-post-activity.json")
288 |> Poison.decode!()
289 |> Map.put("bcc", [user.ap_id])
290
291 sender_host = URI.parse(data["actor"]).host
292 Instances.set_consistently_unreachable(sender_host)
293 refute Instances.reachable?(sender_host)
294
295 conn =
296 conn
297 |> assign(:valid_signature, true)
298 |> put_req_header("content-type", "application/activity+json")
299 |> post("/users/#{user.nickname}/inbox", data)
300
301 assert "ok" == json_response(conn, 200)
302 assert Instances.reachable?(sender_host)
303 end
304 end
305
306 describe "/users/:nickname/outbox" do
307 test "it will not bomb when there is no activity", %{conn: conn} do
308 user = insert(:user)
309
310 conn =
311 conn
312 |> put_req_header("accept", "application/activity+json")
313 |> get("/users/#{user.nickname}/outbox")
314
315 result = json_response(conn, 200)
316 assert user.ap_id <> "/outbox" == result["id"]
317 end
318
319 test "it returns a note activity in a collection", %{conn: conn} do
320 note_activity = insert(:note_activity)
321 user = User.get_cached_by_ap_id(note_activity.data["actor"])
322
323 conn =
324 conn
325 |> put_req_header("accept", "application/activity+json")
326 |> get("/users/#{user.nickname}/outbox")
327
328 assert response(conn, 200) =~ note_activity.data["object"]["content"]
329 end
330
331 test "it returns an announce activity in a collection", %{conn: conn} do
332 announce_activity = insert(:announce_activity)
333 user = User.get_cached_by_ap_id(announce_activity.data["actor"])
334
335 conn =
336 conn
337 |> put_req_header("accept", "application/activity+json")
338 |> get("/users/#{user.nickname}/outbox")
339
340 assert response(conn, 200) =~ announce_activity.data["object"]
341 end
342
343 test "it rejects posts from other users", %{conn: conn} do
344 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
345 user = insert(:user)
346 otheruser = insert(:user)
347
348 conn =
349 conn
350 |> assign(:user, otheruser)
351 |> put_req_header("content-type", "application/activity+json")
352 |> post("/users/#{user.nickname}/outbox", data)
353
354 assert json_response(conn, 403)
355 end
356
357 test "it inserts an incoming create activity into the database", %{conn: conn} do
358 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
359 user = insert(:user)
360
361 conn =
362 conn
363 |> assign(:user, user)
364 |> put_req_header("content-type", "application/activity+json")
365 |> post("/users/#{user.nickname}/outbox", data)
366
367 result = json_response(conn, 201)
368 assert Activity.get_by_ap_id(result["id"])
369 end
370
371 test "it rejects an incoming activity with bogus type", %{conn: conn} do
372 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
373 user = insert(:user)
374
375 data =
376 data
377 |> Map.put("type", "BadType")
378
379 conn =
380 conn
381 |> assign(:user, user)
382 |> put_req_header("content-type", "application/activity+json")
383 |> post("/users/#{user.nickname}/outbox", data)
384
385 assert json_response(conn, 400)
386 end
387
388 test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
389 note_activity = insert(:note_activity)
390 user = User.get_cached_by_ap_id(note_activity.data["actor"])
391
392 data = %{
393 type: "Delete",
394 object: %{
395 id: note_activity.data["object"]["id"]
396 }
397 }
398
399 conn =
400 conn
401 |> assign(:user, user)
402 |> put_req_header("content-type", "application/activity+json")
403 |> post("/users/#{user.nickname}/outbox", data)
404
405 result = json_response(conn, 201)
406 assert Activity.get_by_ap_id(result["id"])
407
408 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
409 assert object
410 assert object.data["type"] == "Tombstone"
411 end
412
413 test "it rejects delete activity of object from other actor", %{conn: conn} do
414 note_activity = insert(:note_activity)
415 user = insert(:user)
416
417 data = %{
418 type: "Delete",
419 object: %{
420 id: note_activity.data["object"]["id"]
421 }
422 }
423
424 conn =
425 conn
426 |> assign(:user, user)
427 |> put_req_header("content-type", "application/activity+json")
428 |> post("/users/#{user.nickname}/outbox", data)
429
430 assert json_response(conn, 400)
431 end
432
433 test "it increases like count when receiving a like action", %{conn: conn} do
434 note_activity = insert(:note_activity)
435 user = User.get_cached_by_ap_id(note_activity.data["actor"])
436
437 data = %{
438 type: "Like",
439 object: %{
440 id: note_activity.data["object"]["id"]
441 }
442 }
443
444 conn =
445 conn
446 |> assign(:user, user)
447 |> put_req_header("content-type", "application/activity+json")
448 |> post("/users/#{user.nickname}/outbox", data)
449
450 result = json_response(conn, 201)
451 assert Activity.get_by_ap_id(result["id"])
452
453 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
454 assert object
455 assert object.data["like_count"] == 1
456 end
457 end
458
459 describe "/users/:nickname/followers" do
460 test "it returns the followers in a collection", %{conn: conn} do
461 user = insert(:user)
462 user_two = insert(:user)
463 User.follow(user, user_two)
464
465 result =
466 conn
467 |> get("/users/#{user_two.nickname}/followers")
468 |> json_response(200)
469
470 assert result["first"]["orderedItems"] == [user.ap_id]
471 end
472
473 test "it returns returns empty if the user has 'hide_followers' set", %{conn: conn} do
474 user = insert(:user)
475 user_two = insert(:user, %{info: %{hide_followers: true}})
476 User.follow(user, user_two)
477
478 result =
479 conn
480 |> get("/users/#{user_two.nickname}/followers")
481 |> json_response(200)
482
483 assert result["first"]["orderedItems"] == []
484 assert result["totalItems"] == 0
485 end
486
487 test "it works for more than 10 users", %{conn: conn} do
488 user = insert(:user)
489
490 Enum.each(1..15, fn _ ->
491 other_user = insert(:user)
492 User.follow(other_user, user)
493 end)
494
495 result =
496 conn
497 |> get("/users/#{user.nickname}/followers")
498 |> json_response(200)
499
500 assert length(result["first"]["orderedItems"]) == 10
501 assert result["first"]["totalItems"] == 15
502 assert result["totalItems"] == 15
503
504 result =
505 conn
506 |> get("/users/#{user.nickname}/followers?page=2")
507 |> json_response(200)
508
509 assert length(result["orderedItems"]) == 5
510 assert result["totalItems"] == 15
511 end
512 end
513
514 describe "/users/:nickname/following" do
515 test "it returns the following in a collection", %{conn: conn} do
516 user = insert(:user)
517 user_two = insert(:user)
518 User.follow(user, user_two)
519
520 result =
521 conn
522 |> get("/users/#{user.nickname}/following")
523 |> json_response(200)
524
525 assert result["first"]["orderedItems"] == [user_two.ap_id]
526 end
527
528 test "it returns returns empty if the user has 'hide_follows' set", %{conn: conn} do
529 user = insert(:user, %{info: %{hide_follows: true}})
530 user_two = insert(:user)
531 User.follow(user, user_two)
532
533 result =
534 conn
535 |> get("/users/#{user.nickname}/following")
536 |> json_response(200)
537
538 assert result["first"]["orderedItems"] == []
539 assert result["totalItems"] == 0
540 end
541
542 test "it works for more than 10 users", %{conn: conn} do
543 user = insert(:user)
544
545 Enum.each(1..15, fn _ ->
546 user = Repo.get(User, user.id)
547 other_user = insert(:user)
548 User.follow(user, other_user)
549 end)
550
551 result =
552 conn
553 |> get("/users/#{user.nickname}/following")
554 |> json_response(200)
555
556 assert length(result["first"]["orderedItems"]) == 10
557 assert result["first"]["totalItems"] == 15
558 assert result["totalItems"] == 15
559
560 result =
561 conn
562 |> get("/users/#{user.nickname}/following?page=2")
563 |> json_response(200)
564
565 assert length(result["orderedItems"]) == 5
566 assert result["totalItems"] == 15
567 end
568 end
569 end