projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'fix/1658-invite-send' into 'develop'
[akkoma] / test / web / mastodon_api / controllers / account_controller / update_credentials_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
6 alias Pleroma.Repo
7 alias Pleroma.User
8
9 use Pleroma.Web.ConnCase
10
11 import Pleroma.Factory
12
13 setup do: clear_config([:instance, :max_account_fields])
14
15 describe "updating credentials" do
16 setup do: oauth_access(["write:accounts"])
17
18 test "sets user settings in a generic way", %{conn: conn} do
19 res_conn =
20 patch(conn, "/api/v1/accounts/update_credentials", %{
21 "pleroma_settings_store" => %{
22 pleroma_fe: %{
23 theme: "bla"
24 }
25 }
26 })
27
28 assert user_data = json_response(res_conn, 200)
29 assert user_data["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
30
31 user = Repo.get(User, user_data["id"])
32
33 res_conn =
34 conn
35 |> assign(:user, user)
36 |> patch("/api/v1/accounts/update_credentials", %{
37 "pleroma_settings_store" => %{
38 masto_fe: %{
39 theme: "bla"
40 }
41 }
42 })
43
44 assert user_data = json_response(res_conn, 200)
45
46 assert user_data["pleroma"]["settings_store"] ==
47 %{
48 "pleroma_fe" => %{"theme" => "bla"},
49 "masto_fe" => %{"theme" => "bla"}
50 }
51
52 user = Repo.get(User, user_data["id"])
53
54 res_conn =
55 conn
56 |> assign(:user, user)
57 |> patch("/api/v1/accounts/update_credentials", %{
58 "pleroma_settings_store" => %{
59 masto_fe: %{
60 theme: "blub"
61 }
62 }
63 })
64
65 assert user_data = json_response(res_conn, 200)
66
67 assert user_data["pleroma"]["settings_store"] ==
68 %{
69 "pleroma_fe" => %{"theme" => "bla"},
70 "masto_fe" => %{"theme" => "blub"}
71 }
72 end
73
74 test "updates the user's bio", %{conn: conn} do
75 user2 = insert(:user)
76
77 conn =
78 patch(conn, "/api/v1/accounts/update_credentials", %{
79 "note" => "I drink #cofe with @#{user2.nickname}\n\nsuya.."
80 })
81
82 assert user_data = json_response(conn, 200)
83
84 assert user_data["note"] ==
85 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe">#cofe</a> with <span class="h-card"><a class="u-url mention" data-user="#{
86 user2.id
87 }" href="#{user2.ap_id}" rel="ugc">@<span>#{user2.nickname}</span></a></span><br/><br/>suya..)
88 end
89
90 test "updates the user's locking status", %{conn: conn} do
91 conn = patch(conn, "/api/v1/accounts/update_credentials", %{locked: "true"})
92
93 assert user_data = json_response(conn, 200)
94 assert user_data["locked"] == true
95 end
96
97 test "updates the user's allow_following_move", %{user: user, conn: conn} do
98 assert user.allow_following_move == true
99
100 conn = patch(conn, "/api/v1/accounts/update_credentials", %{allow_following_move: "false"})
101
102 assert refresh_record(user).allow_following_move == false
103 assert user_data = json_response(conn, 200)
104 assert user_data["pleroma"]["allow_following_move"] == false
105 end
106
107 test "updates the user's default scope", %{conn: conn} do
108 conn = patch(conn, "/api/v1/accounts/update_credentials", %{default_scope: "cofe"})
109
110 assert user_data = json_response(conn, 200)
111 assert user_data["source"]["privacy"] == "cofe"
112 end
113
114 test "updates the user's hide_followers status", %{conn: conn} do
115 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_followers: "true"})
116
117 assert user_data = json_response(conn, 200)
118 assert user_data["pleroma"]["hide_followers"] == true
119 end
120
121 test "updates the user's discoverable status", %{conn: conn} do
122 assert %{"source" => %{"pleroma" => %{"discoverable" => true}}} =
123 conn
124 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "true"})
125 |> json_response(:ok)
126
127 assert %{"source" => %{"pleroma" => %{"discoverable" => false}}} =
128 conn
129 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "false"})
130 |> json_response(:ok)
131 end
132
133 test "updates the user's hide_followers_count and hide_follows_count", %{conn: conn} do
134 conn =
135 patch(conn, "/api/v1/accounts/update_credentials", %{
136 hide_followers_count: "true",
137 hide_follows_count: "true"
138 })
139
140 assert user_data = json_response(conn, 200)
141 assert user_data["pleroma"]["hide_followers_count"] == true
142 assert user_data["pleroma"]["hide_follows_count"] == true
143 end
144
145 test "updates the user's skip_thread_containment option", %{user: user, conn: conn} do
146 response =
147 conn
148 |> patch("/api/v1/accounts/update_credentials", %{skip_thread_containment: "true"})
149 |> json_response(200)
150
151 assert response["pleroma"]["skip_thread_containment"] == true
152 assert refresh_record(user).skip_thread_containment
153 end
154
155 test "updates the user's hide_follows status", %{conn: conn} do
156 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_follows: "true"})
157
158 assert user_data = json_response(conn, 200)
159 assert user_data["pleroma"]["hide_follows"] == true
160 end
161
162 test "updates the user's hide_favorites status", %{conn: conn} do
163 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_favorites: "true"})
164
165 assert user_data = json_response(conn, 200)
166 assert user_data["pleroma"]["hide_favorites"] == true
167 end
168
169 test "updates the user's show_role status", %{conn: conn} do
170 conn = patch(conn, "/api/v1/accounts/update_credentials", %{show_role: "false"})
171
172 assert user_data = json_response(conn, 200)
173 assert user_data["source"]["pleroma"]["show_role"] == false
174 end
175
176 test "updates the user's no_rich_text status", %{conn: conn} do
177 conn = patch(conn, "/api/v1/accounts/update_credentials", %{no_rich_text: "true"})
178
179 assert user_data = json_response(conn, 200)
180 assert user_data["source"]["pleroma"]["no_rich_text"] == true
181 end
182
183 test "updates the user's name", %{conn: conn} do
184 conn =
185 patch(conn, "/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
186
187 assert user_data = json_response(conn, 200)
188 assert user_data["display_name"] == "markorepairs"
189 end
190
191 test "updates the user's avatar", %{user: user, conn: conn} do
192 new_avatar = %Plug.Upload{
193 content_type: "image/jpg",
194 path: Path.absname("test/fixtures/image.jpg"),
195 filename: "an_image.jpg"
196 }
197
198 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
199
200 assert user_response = json_response(conn, 200)
201 assert user_response["avatar"] != User.avatar_url(user)
202 end
203
204 test "updates the user's banner", %{user: user, conn: conn} do
205 new_header = %Plug.Upload{
206 content_type: "image/jpg",
207 path: Path.absname("test/fixtures/image.jpg"),
208 filename: "an_image.jpg"
209 }
210
211 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header})
212
213 assert user_response = json_response(conn, 200)
214 assert user_response["header"] != User.banner_url(user)
215 end
216
217 test "updates the user's background", %{conn: conn} do
218 new_header = %Plug.Upload{
219 content_type: "image/jpg",
220 path: Path.absname("test/fixtures/image.jpg"),
221 filename: "an_image.jpg"
222 }
223
224 conn =
225 patch(conn, "/api/v1/accounts/update_credentials", %{
226 "pleroma_background_image" => new_header
227 })
228
229 assert user_response = json_response(conn, 200)
230 assert user_response["pleroma"]["background_image"]
231 end
232
233 test "requires 'write:accounts' permission" do
234 token1 = insert(:oauth_token, scopes: ["read"])
235 token2 = insert(:oauth_token, scopes: ["write", "follow"])
236
237 for token <- [token1, token2] do
238 conn =
239 build_conn()
240 |> put_req_header("authorization", "Bearer #{token.token}")
241 |> patch("/api/v1/accounts/update_credentials", %{})
242
243 if token == token1 do
244 assert %{"error" => "Insufficient permissions: write:accounts."} ==
245 json_response(conn, 403)
246 else
247 assert json_response(conn, 200)
248 end
249 end
250 end
251
252 test "updates profile emojos", %{user: user, conn: conn} do
253 note = "*sips :blank:*"
254 name = "I am :firefox:"
255
256 ret_conn =
257 patch(conn, "/api/v1/accounts/update_credentials", %{
258 "note" => note,
259 "display_name" => name
260 })
261
262 assert json_response(ret_conn, 200)
263
264 conn = get(conn, "/api/v1/accounts/#{user.id}")
265
266 assert user_data = json_response(conn, 200)
267
268 assert user_data["note"] == note
269 assert user_data["display_name"] == name
270 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user_data["emojis"]
271 end
272
273 test "update fields", %{conn: conn} do
274 fields = [
275 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
276 %{"name" => "link.io", "value" => "cofe.io"}
277 ]
278
279 account_data =
280 conn
281 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
282 |> json_response(200)
283
284 assert account_data["fields"] == [
285 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "bar"},
286 %{
287 "name" => "link.io",
288 "value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)
289 }
290 ]
291
292 assert account_data["source"]["fields"] == [
293 %{
294 "name" => "<a href=\"http://google.com\">foo</a>",
295 "value" => "<script>bar</script>"
296 },
297 %{"name" => "link.io", "value" => "cofe.io"}
298 ]
299 end
300
301 test "update fields via x-www-form-urlencoded", %{conn: conn} do
302 fields =
303 [
304 "fields_attributes[1][name]=link",
305 "fields_attributes[1][value]=http://cofe.io",
306 "fields_attributes[0][name]=foo",
307 "fields_attributes[0][value]=bar"
308 ]
309 |> Enum.join("&")
310
311 account =
312 conn
313 |> put_req_header("content-type", "application/x-www-form-urlencoded")
314 |> patch("/api/v1/accounts/update_credentials", fields)
315 |> json_response(200)
316
317 assert account["fields"] == [
318 %{"name" => "foo", "value" => "bar"},
319 %{
320 "name" => "link",
321 "value" => ~S(<a href="http://cofe.io" rel="ugc">http://cofe.io</a>)
322 }
323 ]
324
325 assert account["source"]["fields"] == [
326 %{"name" => "foo", "value" => "bar"},
327 %{"name" => "link", "value" => "http://cofe.io"}
328 ]
329 end
330
331 test "update fields with empty name", %{conn: conn} do
332 fields = [
333 %{"name" => "foo", "value" => ""},
334 %{"name" => "", "value" => "bar"}
335 ]
336
337 account =
338 conn
339 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
340 |> json_response(200)
341
342 assert account["fields"] == [
343 %{"name" => "foo", "value" => ""}
344 ]
345 end
346
347 test "update fields when invalid request", %{conn: conn} do
348 name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
349 value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
350
351 long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
352 long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
353
354 fields = [%{"name" => "foo", "value" => long_value}]
355
356 assert %{"error" => "Invalid request"} ==
357 conn
358 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
359 |> json_response(403)
360
361 fields = [%{"name" => long_name, "value" => "bar"}]
362
363 assert %{"error" => "Invalid request"} ==
364 conn
365 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
366 |> json_response(403)
367
368 Pleroma.Config.put([:instance, :max_account_fields], 1)
369
370 fields = [
371 %{"name" => "foo", "value" => "bar"},
372 %{"name" => "link", "value" => "cofe.io"}
373 ]
374
375 assert %{"error" => "Invalid request"} ==
376 conn
377 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
378 |> json_response(403)
379 end
380 end
381 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git