git.squeep.com Git - akkoma/blob - test/web/admin_api/views/report_view_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
   6   use Pleroma.DataCase
   7   import Pleroma.Factory
   8   alias Pleroma.Web.AdminAPI.Report
   9   alias Pleroma.Web.AdminAPI.ReportView
  10   alias Pleroma.Web.CommonAPI
  11   alias Pleroma.Web.MastodonAPI.AccountView
  12   alias Pleroma.Web.MastodonAPI.StatusView
  13
  14   test "renders a report" do
  15     user = insert(:user)
  16     other_user = insert(:user)
  17
  18     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  19
  20     expected = %{
  21       content: nil,
  22       actor:
  23         Map.merge(
  24           AccountView.render("show.json", %{user: user}),
  25           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  26         ),
  27       account:
  28         Map.merge(
  29           AccountView.render("show.json", %{user: other_user}),
  30           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  31         ),
  32       statuses: [],
  33       state: "open",
  34       id: activity.id
  35     }
  36
  37     result =
  38       ReportView.render("show.json", Report.extract_report_info(activity))
  39       |> Map.delete(:created_at)
  40
  41     assert result == expected
  42   end
  43
  44   test "includes reported statuses" do
  45     user = insert(:user)
  46     other_user = insert(:user)
  47     {:ok, activity} = CommonAPI.post(other_user, %{"status" => "toot"})
  48
  49     {:ok, report_activity} =
  50       CommonAPI.report(user, %{"account_id" => other_user.id, "status_ids" => [activity.id]})
  51
  52     expected = %{
  53       content: nil,
  54       actor:
  55         Map.merge(
  56           AccountView.render("show.json", %{user: user}),
  57           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  58         ),
  59       account:
  60         Map.merge(
  61           AccountView.render("show.json", %{user: other_user}),
  62           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  63         ),
  64       statuses: [StatusView.render("show.json", %{activity: activity})],
  65       state: "open",
  66       id: report_activity.id
  67     }
  68
  69     result =
  70       ReportView.render("show.json", Report.extract_report_info(report_activity))
  71       |> Map.delete(:created_at)
  72
  73     assert result == expected
  74   end
  75
  76   test "renders report's state" do
  77     user = insert(:user)
  78     other_user = insert(:user)
  79
  80     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  81     {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
  82
  83     assert %{state: "closed"} =
  84              ReportView.render("show.json", Report.extract_report_info(activity))
  85   end
  86
  87   test "renders report description" do
  88     user = insert(:user)
  89     other_user = insert(:user)
  90
  91     {:ok, activity} =
  92       CommonAPI.report(user, %{
  93         "account_id" => other_user.id,
  94         "comment" => "posts are too good for this instance"
  95       })
  96
  97     assert %{content: "posts are too good for this instance"} =
  98              ReportView.render("show.json", Report.extract_report_info(activity))
  99   end
 100
 101   test "sanitizes report description" do
 102     user = insert(:user)
 103     other_user = insert(:user)
 104
 105     {:ok, activity} =
 106       CommonAPI.report(user, %{
 107         "account_id" => other_user.id,
 108         "comment" => ""
 109       })
 110
 111     data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
 112     activity = Map.put(activity, :data, data)
 113
 114     refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
 115              ReportView.render("show.json", Report.extract_report_info(activity))[:content]
 116   end
 117
 118   test "doesn't error out when the user doesn't exists" do
 119     user = insert(:user)
 120     other_user = insert(:user)
 121
 122     {:ok, activity} =
 123       CommonAPI.report(user, %{
 124         "account_id" => other_user.id,
 125         "comment" => ""
 126       })
 127
 128     Pleroma.User.delete(other_user)
 129     Pleroma.User.invalidate_cache(other_user)
 130
 131     assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))
 132   end
 133 end