git.squeep.com Git - akkoma/blob - test/web/admin_api/views/report_view_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
   6   use Pleroma.DataCase
   7   import Pleroma.Factory
   8   alias Pleroma.Web.AdminAPI.Report
   9   alias Pleroma.Web.AdminAPI.ReportView
  10   alias Pleroma.Web.CommonAPI
  11   alias Pleroma.Web.MastodonAPI.AccountView
  12   alias Pleroma.Web.MastodonAPI.StatusView
  13
  14   test "renders a report" do
  15     user = insert(:user)
  16     other_user = insert(:user)
  17
  18     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  19
  20     expected = %{
  21       content: nil,
  22       actor:
  23         Map.merge(
  24           AccountView.render("show.json", %{user: user}),
  25           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  26         ),
  27       account:
  28         Map.merge(
  29           AccountView.render("show.json", %{user: other_user}),
  30           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  31         ),
  32       statuses: [],
  33       state: "open",
  34       id: activity.id
  35     }
  36
  37     result =
  38       ReportView.render("show.json", Report.extract_report_info(activity))
  39       |> Map.delete(:created_at)
  40
  41     assert result == expected
  42   end
  43
  44   test "includes reported statuses" do
  45     user = insert(:user)
  46     other_user = insert(:user)
  47     {:ok, activity} = CommonAPI.post(other_user, %{"status" => "toot"})
  48
  49     {:ok, report_activity} =
  50       CommonAPI.report(user, %{"account_id" => other_user.id, "status_ids" => [activity.id]})
  51
  52     other_user = Pleroma.User.get_by_id(other_user.id)
  53
  54     expected = %{
  55       content: nil,
  56       actor:
  57         Map.merge(
  58           AccountView.render("show.json", %{user: user}),
  59           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  60         ),
  61       account:
  62         Map.merge(
  63           AccountView.render("show.json", %{user: other_user}),
  64           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  65         ),
  66       statuses: [StatusView.render("show.json", %{activity: activity})],
  67       state: "open",
  68       id: report_activity.id
  69     }
  70
  71     result =
  72       ReportView.render("show.json", Report.extract_report_info(report_activity))
  73       |> Map.delete(:created_at)
  74
  75     assert result == expected
  76   end
  77
  78   test "renders report's state" do
  79     user = insert(:user)
  80     other_user = insert(:user)
  81
  82     {:ok, activity} = CommonAPI.report(user, %{"account_id" => other_user.id})
  83     {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
  84
  85     assert %{state: "closed"} =
  86              ReportView.render("show.json", Report.extract_report_info(activity))
  87   end
  88
  89   test "renders report description" do
  90     user = insert(:user)
  91     other_user = insert(:user)
  92
  93     {:ok, activity} =
  94       CommonAPI.report(user, %{
  95         "account_id" => other_user.id,
  96         "comment" => "posts are too good for this instance"
  97       })
  98
  99     assert %{content: "posts are too good for this instance"} =
 100              ReportView.render("show.json", Report.extract_report_info(activity))
 101   end
 102
 103   test "sanitizes report description" do
 104     user = insert(:user)
 105     other_user = insert(:user)
 106
 107     {:ok, activity} =
 108       CommonAPI.report(user, %{
 109         "account_id" => other_user.id,
 110         "comment" => ""
 111       })
 112
 113     data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
 114     activity = Map.put(activity, :data, data)
 115
 116     refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
 117              ReportView.render("show.json", Report.extract_report_info(activity))[:content]
 118   end
 119
 120   test "doesn't error out when the user doesn't exists" do
 121     user = insert(:user)
 122     other_user = insert(:user)
 123
 124     {:ok, activity} =
 125       CommonAPI.report(user, %{
 126         "account_id" => other_user.id,
 127         "comment" => ""
 128       })
 129
 130     Pleroma.User.delete(other_user)
 131     Pleroma.User.invalidate_cache(other_user)
 132
 133     assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))
 134   end
 135 end