git.squeep.com Git - akkoma/blob - test/web/admin_api/views/report_view_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
   6   use Pleroma.DataCase
   7   import Pleroma.Factory
   8   alias Pleroma.Web.AdminAPI.ReportView
   9   alias Pleroma.Web.CommonAPI
  10   alias Pleroma.Web.MastodonAPI.AccountView
  11   alias Pleroma.Web.MastodonAPI.StatusView
  12
  13   test "renders a report" do
  14     user = insert(:user)
  15     other_user = insert(:user)
  16
  17     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  18
  19     expected = %{
  20       content: nil,
  21       actor:
  22         Map.merge(
  23           AccountView.render("account.json", %{user: user}),
  24           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  25         ),
  26       account:
  27         Map.merge(
  28           AccountView.render("account.json", %{user: other_user}),
  29           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  30         ),
  31       statuses: [],
  32       state: "open",
  33       id: activity.id
  34     }
  35
  36     result =
  37       ReportView.render("show.json", %{report: activity})
  38       |> Map.delete(:created_at)
  39
  40     assert result == expected
  41   end
  42
  43   test "includes reported statuses" do
  44     user = insert(:user)
  45     other_user = insert(:user)
  46     {:ok, activity} = CommonAPI.post(other_user, %{"status" => "toot"})
  47
  48     {:ok, report_activity} =
  49       CommonAPI.report(user, %{"account_id" => other_user.id, "status_ids" => [activity.id]})
  50
  51     expected = %{
  52       content: nil,
  53       actor:
  54         Map.merge(
  55           AccountView.render("account.json", %{user: user}),
  56           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  57         ),
  58       account:
  59         Map.merge(
  60           AccountView.render("account.json", %{user: other_user}),
  61           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  62         ),
  63       statuses: [StatusView.render("status.json", %{activity: activity})],
  64       state: "open",
  65       id: report_activity.id
  66     }
  67
  68     result =
  69       ReportView.render("show.json", %{report: report_activity})
  70       |> Map.delete(:created_at)
  71
  72     assert result == expected
  73   end
  74
  75   test "renders report's state" do
  76     user = insert(:user)
  77     other_user = insert(:user)
  78
  79     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  80     {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
  81     assert %{state: "closed"} = ReportView.render("show.json", %{report: activity})
  82   end
  83
  84   test "renders report description" do
  85     user = insert(:user)
  86     other_user = insert(:user)
  87
  88     {:ok, activity} =
  89       CommonAPI.report(user, %{
  90         "account_id" => other_user.id,
  91         "comment" => "posts are too good for this instance"
  92       })
  93
  94     assert %{content: "posts are too good for this instance"} =
  95              ReportView.render("show.json", %{report: activity})
  96   end
  97
  98   test "sanitizes report description" do
  99     user = insert(:user)
 100     other_user = insert(:user)
 101
 102     {:ok, activity} =
 103       CommonAPI.report(user, %{
 104         "account_id" => other_user.id,
 105         "comment" => ""
 106       })
 107
 108     data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
 109     activity = Map.put(activity, :data, data)
 110
 111     refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
 112              ReportView.render("show.json", %{report: activity})[:content]
 113   end
 114 end