1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
6 use Pleroma.Web.ConnCase
10 alias Pleroma.Notification
13 alias Pleroma.ScheduledActivity
15 alias Pleroma.Web.ActivityPub.ActivityPub
16 alias Pleroma.Web.CommonAPI
17 alias Pleroma.Web.MastodonAPI.FilterView
18 alias Pleroma.Web.OAuth.App
19 alias Pleroma.Web.OStatus
20 alias Pleroma.Web.Push
21 alias Pleroma.Web.TwitterAPI.TwitterAPI
22 import Pleroma.Factory
23 import ExUnit.CaptureLog
27 mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
31 test "the home timeline", %{conn: conn} do
33 following = insert(:user)
35 {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
39 |> assign(:user, user)
40 |> get("/api/v1/timelines/home")
42 assert Enum.empty?(json_response(conn, 200))
44 {:ok, user} = User.follow(user, following)
48 |> assign(:user, user)
49 |> get("/api/v1/timelines/home")
51 assert [%{"content" => "test"}] = json_response(conn, 200)
54 test "the public timeline", %{conn: conn} do
55 following = insert(:user)
58 {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
61 OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
65 |> get("/api/v1/timelines/public", %{"local" => "False"})
67 assert length(json_response(conn, 200)) == 2
71 |> get("/api/v1/timelines/public", %{"local" => "True"})
73 assert [%{"content" => "test"}] = json_response(conn, 200)
77 |> get("/api/v1/timelines/public", %{"local" => "1"})
79 assert [%{"content" => "test"}] = json_response(conn, 200)
83 test "posting a status", %{conn: conn} do
86 idempotency_key = "Pikachu rocks!"
90 |> assign(:user, user)
91 |> put_req_header("idempotency-key", idempotency_key)
92 |> post("/api/v1/statuses", %{
94 "spoiler_text" => "2hu",
95 "sensitive" => "false"
98 {:ok, ttl} = Cachex.ttl(:idempotency_cache, idempotency_key)
100 assert ttl > :timer.seconds(6 * 60 * 60 - 1)
102 assert %{"content" => "cofe", "id" => id, "spoiler_text" => "2hu", "sensitive" => false} =
103 json_response(conn_one, 200)
105 assert Activity.get_by_id(id)
109 |> assign(:user, user)
110 |> put_req_header("idempotency-key", idempotency_key)
111 |> post("/api/v1/statuses", %{
113 "spoiler_text" => "2hu",
114 "sensitive" => "false"
117 assert %{"id" => second_id} = json_response(conn_two, 200)
119 assert id == second_id
123 |> assign(:user, user)
124 |> post("/api/v1/statuses", %{
126 "spoiler_text" => "2hu",
127 "sensitive" => "false"
130 assert %{"id" => third_id} = json_response(conn_three, 200)
132 refute id == third_id
135 test "posting a sensitive status", %{conn: conn} do
140 |> assign(:user, user)
141 |> post("/api/v1/statuses", %{"status" => "cofe", "sensitive" => true})
143 assert %{"content" => "cofe", "id" => id, "sensitive" => true} = json_response(conn, 200)
144 assert Activity.get_by_id(id)
147 test "posting a fake status", %{conn: conn} do
152 |> assign(:user, user)
153 |> post("/api/v1/statuses", %{
155 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it"
158 real_status = json_response(real_conn, 200)
161 assert Object.get_by_ap_id(real_status["uri"])
165 |> Map.put("id", nil)
166 |> Map.put("url", nil)
167 |> Map.put("uri", nil)
168 |> Map.put("created_at", nil)
169 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
173 |> assign(:user, user)
174 |> post("/api/v1/statuses", %{
176 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it",
180 fake_status = json_response(fake_conn, 200)
183 refute Object.get_by_ap_id(fake_status["uri"])
187 |> Map.put("id", nil)
188 |> Map.put("url", nil)
189 |> Map.put("uri", nil)
190 |> Map.put("created_at", nil)
191 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
193 assert real_status == fake_status
196 test "posting a status with OGP link preview", %{conn: conn} do
197 Pleroma.Config.put([:rich_media, :enabled], true)
202 |> assign(:user, user)
203 |> post("/api/v1/statuses", %{
204 "status" => "http://example.com/ogp"
207 assert %{"id" => id, "card" => %{"title" => "The Rock"}} = json_response(conn, 200)
208 assert Activity.get_by_id(id)
209 Pleroma.Config.put([:rich_media, :enabled], false)
212 test "posting a direct status", %{conn: conn} do
213 user1 = insert(:user)
214 user2 = insert(:user)
215 content = "direct cofe @#{user2.nickname}"
219 |> assign(:user, user1)
220 |> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})
222 assert %{"id" => id, "visibility" => "direct"} = json_response(conn, 200)
223 assert activity = Activity.get_by_id(id)
224 assert activity.recipients == [user2.ap_id, user1.ap_id]
225 assert activity.data["to"] == [user2.ap_id]
226 assert activity.data["cc"] == []
229 test "direct timeline", %{conn: conn} do
230 user_one = insert(:user)
231 user_two = insert(:user)
233 {:ok, user_two} = User.follow(user_two, user_one)
236 CommonAPI.post(user_one, %{
237 "status" => "Hi @#{user_two.nickname}!",
238 "visibility" => "direct"
241 {:ok, _follower_only} =
242 CommonAPI.post(user_one, %{
243 "status" => "Hi @#{user_two.nickname}!",
244 "visibility" => "private"
247 # Only direct should be visible here
250 |> assign(:user, user_two)
251 |> get("api/v1/timelines/direct")
253 [status] = json_response(res_conn, 200)
255 assert %{"visibility" => "direct"} = status
256 assert status["url"] != direct.data["id"]
258 # User should be able to see his own direct message
261 |> assign(:user, user_one)
262 |> get("api/v1/timelines/direct")
264 [status] = json_response(res_conn, 200)
266 assert %{"visibility" => "direct"} = status
268 # Both should be visible here
271 |> assign(:user, user_two)
272 |> get("api/v1/timelines/home")
274 [_s1, _s2] = json_response(res_conn, 200)
277 Enum.each(1..20, fn _ ->
279 CommonAPI.post(user_one, %{
280 "status" => "Hi @#{user_two.nickname}!",
281 "visibility" => "direct"
287 |> assign(:user, user_two)
288 |> get("api/v1/timelines/direct")
290 statuses = json_response(res_conn, 200)
291 assert length(statuses) == 20
295 |> assign(:user, user_two)
296 |> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]})
298 [status] = json_response(res_conn, 200)
300 assert status["url"] != direct.data["id"]
303 test "doesn't include DMs from blocked users", %{conn: conn} do
304 blocker = insert(:user)
305 blocked = insert(:user)
307 {:ok, blocker} = User.block(blocker, blocked)
309 {:ok, _blocked_direct} =
310 CommonAPI.post(blocked, %{
311 "status" => "Hi @#{blocker.nickname}!",
312 "visibility" => "direct"
316 CommonAPI.post(user, %{
317 "status" => "Hi @#{blocker.nickname}!",
318 "visibility" => "direct"
323 |> assign(:user, user)
324 |> get("api/v1/timelines/direct")
326 [status] = json_response(res_conn, 200)
327 assert status["id"] == direct.id
330 test "replying to a status", %{conn: conn} do
333 {:ok, replied_to} = TwitterAPI.create_status(user, %{"status" => "cofe"})
337 |> assign(:user, user)
338 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
340 assert %{"content" => "xD", "id" => id} = json_response(conn, 200)
342 activity = Activity.get_by_id(id)
344 assert activity.data["context"] == replied_to.data["context"]
345 assert activity.data["object"]["inReplyToStatusId"] == replied_to.id
348 test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
353 |> assign(:user, user)
354 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})
356 assert %{"content" => "xD", "id" => id} = json_response(conn, 200)
358 activity = Activity.get_by_id(id)
363 test "verify_credentials", %{conn: conn} do
368 |> assign(:user, user)
369 |> get("/api/v1/accounts/verify_credentials")
371 assert %{"id" => id, "source" => %{"privacy" => "public"}} = json_response(conn, 200)
372 assert id == to_string(user.id)
375 test "verify_credentials default scope unlisted", %{conn: conn} do
376 user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "unlisted"}})
380 |> assign(:user, user)
381 |> get("/api/v1/accounts/verify_credentials")
383 assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = json_response(conn, 200)
384 assert id == to_string(user.id)
387 test "apps/verify_credentials", %{conn: conn} do
388 token = insert(:oauth_token)
392 |> assign(:user, token.user)
393 |> assign(:token, token)
394 |> get("/api/v1/apps/verify_credentials")
396 app = Repo.preload(token, :app).app
399 "name" => app.client_name,
400 "website" => app.website,
401 "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
404 assert expected == json_response(conn, 200)
407 test "creates an oauth app", %{conn: conn} do
409 app_attrs = build(:oauth_app)
413 |> assign(:user, user)
414 |> post("/api/v1/apps", %{
415 client_name: app_attrs.client_name,
416 redirect_uris: app_attrs.redirect_uris
419 [app] = Repo.all(App)
422 "name" => app.client_name,
423 "website" => app.website,
424 "client_id" => app.client_id,
425 "client_secret" => app.client_secret,
426 "id" => app.id |> to_string(),
427 "redirect_uri" => app.redirect_uris,
428 "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
431 assert expected == json_response(conn, 200)
434 test "get a status", %{conn: conn} do
435 activity = insert(:note_activity)
439 |> get("/api/v1/statuses/#{activity.id}")
441 assert %{"id" => id} = json_response(conn, 200)
442 assert id == to_string(activity.id)
445 describe "deleting a status" do
446 test "when you created it", %{conn: conn} do
447 activity = insert(:note_activity)
448 author = User.get_by_ap_id(activity.data["actor"])
452 |> assign(:user, author)
453 |> delete("/api/v1/statuses/#{activity.id}")
455 assert %{} = json_response(conn, 200)
457 refute Activity.get_by_id(activity.id)
460 test "when you didn't create it", %{conn: conn} do
461 activity = insert(:note_activity)
466 |> assign(:user, user)
467 |> delete("/api/v1/statuses/#{activity.id}")
469 assert %{"error" => _} = json_response(conn, 403)
471 assert Activity.get_by_id(activity.id) == activity
474 test "when you're an admin or moderator", %{conn: conn} do
475 activity1 = insert(:note_activity)
476 activity2 = insert(:note_activity)
477 admin = insert(:user, info: %{is_admin: true})
478 moderator = insert(:user, info: %{is_moderator: true})
482 |> assign(:user, admin)
483 |> delete("/api/v1/statuses/#{activity1.id}")
485 assert %{} = json_response(res_conn, 200)
489 |> assign(:user, moderator)
490 |> delete("/api/v1/statuses/#{activity2.id}")
492 assert %{} = json_response(res_conn, 200)
494 refute Activity.get_by_id(activity1.id)
495 refute Activity.get_by_id(activity2.id)
499 describe "filters" do
500 test "creating a filter", %{conn: conn} do
503 filter = %Pleroma.Filter{
510 |> assign(:user, user)
511 |> post("/api/v1/filters", %{"phrase" => filter.phrase, context: filter.context})
513 assert response = json_response(conn, 200)
514 assert response["phrase"] == filter.phrase
515 assert response["context"] == filter.context
516 assert response["id"] != nil
517 assert response["id"] != ""
520 test "fetching a list of filters", %{conn: conn} do
523 query_one = %Pleroma.Filter{
530 query_two = %Pleroma.Filter{
537 {:ok, filter_one} = Pleroma.Filter.create(query_one)
538 {:ok, filter_two} = Pleroma.Filter.create(query_two)
542 |> assign(:user, user)
543 |> get("/api/v1/filters")
544 |> json_response(200)
550 filters: [filter_two, filter_one]
554 test "get a filter", %{conn: conn} do
557 query = %Pleroma.Filter{
564 {:ok, filter} = Pleroma.Filter.create(query)
568 |> assign(:user, user)
569 |> get("/api/v1/filters/#{filter.filter_id}")
571 assert _response = json_response(conn, 200)
574 test "update a filter", %{conn: conn} do
577 query = %Pleroma.Filter{
584 {:ok, _filter} = Pleroma.Filter.create(query)
586 new = %Pleroma.Filter{
593 |> assign(:user, user)
594 |> put("/api/v1/filters/#{query.filter_id}", %{
599 assert response = json_response(conn, 200)
600 assert response["phrase"] == new.phrase
601 assert response["context"] == new.context
604 test "delete a filter", %{conn: conn} do
607 query = %Pleroma.Filter{
614 {:ok, filter} = Pleroma.Filter.create(query)
618 |> assign(:user, user)
619 |> delete("/api/v1/filters/#{filter.filter_id}")
621 assert response = json_response(conn, 200)
622 assert response == %{}
627 test "creating a list", %{conn: conn} do
632 |> assign(:user, user)
633 |> post("/api/v1/lists", %{"title" => "cuties"})
635 assert %{"title" => title} = json_response(conn, 200)
636 assert title == "cuties"
639 test "adding users to a list", %{conn: conn} do
641 other_user = insert(:user)
642 {:ok, list} = Pleroma.List.create("name", user)
646 |> assign(:user, user)
647 |> post("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
649 assert %{} == json_response(conn, 200)
650 %Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
651 assert following == [other_user.follower_address]
654 test "removing users from a list", %{conn: conn} do
656 other_user = insert(:user)
657 third_user = insert(:user)
658 {:ok, list} = Pleroma.List.create("name", user)
659 {:ok, list} = Pleroma.List.follow(list, other_user)
660 {:ok, list} = Pleroma.List.follow(list, third_user)
664 |> assign(:user, user)
665 |> delete("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
667 assert %{} == json_response(conn, 200)
668 %Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
669 assert following == [third_user.follower_address]
672 test "listing users in a list", %{conn: conn} do
674 other_user = insert(:user)
675 {:ok, list} = Pleroma.List.create("name", user)
676 {:ok, list} = Pleroma.List.follow(list, other_user)
680 |> assign(:user, user)
681 |> get("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
683 assert [%{"id" => id}] = json_response(conn, 200)
684 assert id == to_string(other_user.id)
687 test "retrieving a list", %{conn: conn} do
689 {:ok, list} = Pleroma.List.create("name", user)
693 |> assign(:user, user)
694 |> get("/api/v1/lists/#{list.id}")
696 assert %{"id" => id} = json_response(conn, 200)
697 assert id == to_string(list.id)
700 test "renaming a list", %{conn: conn} do
702 {:ok, list} = Pleroma.List.create("name", user)
706 |> assign(:user, user)
707 |> put("/api/v1/lists/#{list.id}", %{"title" => "newname"})
709 assert %{"title" => name} = json_response(conn, 200)
710 assert name == "newname"
713 test "deleting a list", %{conn: conn} do
715 {:ok, list} = Pleroma.List.create("name", user)
719 |> assign(:user, user)
720 |> delete("/api/v1/lists/#{list.id}")
722 assert %{} = json_response(conn, 200)
723 assert is_nil(Repo.get(Pleroma.List, list.id))
726 test "list timeline", %{conn: conn} do
728 other_user = insert(:user)
729 {:ok, _activity_one} = TwitterAPI.create_status(user, %{"status" => "Marisa is cute."})
730 {:ok, activity_two} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
731 {:ok, list} = Pleroma.List.create("name", user)
732 {:ok, list} = Pleroma.List.follow(list, other_user)
736 |> assign(:user, user)
737 |> get("/api/v1/timelines/list/#{list.id}")
739 assert [%{"id" => id}] = json_response(conn, 200)
741 assert id == to_string(activity_two.id)
744 test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
746 other_user = insert(:user)
747 {:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
749 {:ok, _activity_two} =
750 TwitterAPI.create_status(other_user, %{
751 "status" => "Marisa is cute.",
752 "visibility" => "private"
755 {:ok, list} = Pleroma.List.create("name", user)
756 {:ok, list} = Pleroma.List.follow(list, other_user)
760 |> assign(:user, user)
761 |> get("/api/v1/timelines/list/#{list.id}")
763 assert [%{"id" => id}] = json_response(conn, 200)
765 assert id == to_string(activity_one.id)
769 describe "notifications" do
770 test "list of notifications", %{conn: conn} do
772 other_user = insert(:user)
775 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
777 {:ok, [_notification]} = Notification.create_notifications(activity)
781 |> assign(:user, user)
782 |> get("/api/v1/notifications")
785 "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
787 }\">@<span>#{user.nickname}</span></a></span>"
789 assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200)
790 assert response == expected_response
793 test "getting a single notification", %{conn: conn} do
795 other_user = insert(:user)
798 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
800 {:ok, [notification]} = Notification.create_notifications(activity)
804 |> assign(:user, user)
805 |> get("/api/v1/notifications/#{notification.id}")
808 "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
810 }\">@<span>#{user.nickname}</span></a></span>"
812 assert %{"status" => %{"content" => response}} = json_response(conn, 200)
813 assert response == expected_response
816 test "dismissing a single notification", %{conn: conn} do
818 other_user = insert(:user)
821 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
823 {:ok, [notification]} = Notification.create_notifications(activity)
827 |> assign(:user, user)
828 |> post("/api/v1/notifications/dismiss", %{"id" => notification.id})
830 assert %{} = json_response(conn, 200)
833 test "clearing all notifications", %{conn: conn} do
835 other_user = insert(:user)
838 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
840 {:ok, [_notification]} = Notification.create_notifications(activity)
844 |> assign(:user, user)
845 |> post("/api/v1/notifications/clear")
847 assert %{} = json_response(conn, 200)
851 |> assign(:user, user)
852 |> get("/api/v1/notifications")
854 assert all = json_response(conn, 200)
858 test "paginates notifications using min_id, since_id, max_id, and limit", %{conn: conn} do
860 other_user = insert(:user)
862 {:ok, activity1} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
863 {:ok, activity2} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
864 {:ok, activity3} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
865 {:ok, activity4} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
867 notification1_id = Repo.get_by(Notification, activity_id: activity1.id).id |> to_string()
868 notification2_id = Repo.get_by(Notification, activity_id: activity2.id).id |> to_string()
869 notification3_id = Repo.get_by(Notification, activity_id: activity3.id).id |> to_string()
870 notification4_id = Repo.get_by(Notification, activity_id: activity4.id).id |> to_string()
874 |> assign(:user, user)
879 |> get("/api/v1/notifications?limit=2&min_id=#{notification1_id}")
881 result = json_response(conn_res, 200)
882 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
887 |> get("/api/v1/notifications?limit=2&since_id=#{notification1_id}")
889 result = json_response(conn_res, 200)
890 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
895 |> get("/api/v1/notifications?limit=2&max_id=#{notification4_id}")
897 result = json_response(conn_res, 200)
898 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
901 test "filters notifications using exclude_types", %{conn: conn} do
903 other_user = insert(:user)
905 {:ok, mention_activity} = CommonAPI.post(other_user, %{"status" => "hey @#{user.nickname}"})
906 {:ok, create_activity} = CommonAPI.post(user, %{"status" => "hey"})
907 {:ok, favorite_activity, _} = CommonAPI.favorite(create_activity.id, other_user)
908 {:ok, reblog_activity, _} = CommonAPI.repeat(create_activity.id, other_user)
909 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
911 mention_notification_id =
912 Repo.get_by(Notification, activity_id: mention_activity.id).id |> to_string()
914 favorite_notification_id =
915 Repo.get_by(Notification, activity_id: favorite_activity.id).id |> to_string()
917 reblog_notification_id =
918 Repo.get_by(Notification, activity_id: reblog_activity.id).id |> to_string()
920 follow_notification_id =
921 Repo.get_by(Notification, activity_id: follow_activity.id).id |> to_string()
925 |> assign(:user, user)
928 get(conn, "/api/v1/notifications", %{exclude_types: ["mention", "favourite", "reblog"]})
930 assert [%{"id" => ^follow_notification_id}] = json_response(conn_res, 200)
933 get(conn, "/api/v1/notifications", %{exclude_types: ["favourite", "reblog", "follow"]})
935 assert [%{"id" => ^mention_notification_id}] = json_response(conn_res, 200)
938 get(conn, "/api/v1/notifications", %{exclude_types: ["reblog", "follow", "mention"]})
940 assert [%{"id" => ^favorite_notification_id}] = json_response(conn_res, 200)
943 get(conn, "/api/v1/notifications", %{exclude_types: ["follow", "mention", "favourite"]})
945 assert [%{"id" => ^reblog_notification_id}] = json_response(conn_res, 200)
949 describe "reblogging" do
950 test "reblogs and returns the reblogged status", %{conn: conn} do
951 activity = insert(:note_activity)
956 |> assign(:user, user)
957 |> post("/api/v1/statuses/#{activity.id}/reblog")
959 assert %{"reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1}} =
960 json_response(conn, 200)
962 assert to_string(activity.id) == id
966 describe "unreblogging" do
967 test "unreblogs and returns the unreblogged status", %{conn: conn} do
968 activity = insert(:note_activity)
971 {:ok, _, _} = CommonAPI.repeat(activity.id, user)
975 |> assign(:user, user)
976 |> post("/api/v1/statuses/#{activity.id}/unreblog")
978 assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} = json_response(conn, 200)
980 assert to_string(activity.id) == id
984 describe "favoriting" do
985 test "favs a status and returns it", %{conn: conn} do
986 activity = insert(:note_activity)
991 |> assign(:user, user)
992 |> post("/api/v1/statuses/#{activity.id}/favourite")
994 assert %{"id" => id, "favourites_count" => 1, "favourited" => true} =
995 json_response(conn, 200)
997 assert to_string(activity.id) == id
1000 test "returns 500 for a wrong id", %{conn: conn} do
1001 user = insert(:user)
1005 |> assign(:user, user)
1006 |> post("/api/v1/statuses/1/favourite")
1007 |> json_response(500)
1009 assert resp == "Something went wrong"
1013 describe "unfavoriting" do
1014 test "unfavorites a status and returns it", %{conn: conn} do
1015 activity = insert(:note_activity)
1016 user = insert(:user)
1018 {:ok, _, _} = CommonAPI.favorite(activity.id, user)
1022 |> assign(:user, user)
1023 |> post("/api/v1/statuses/#{activity.id}/unfavourite")
1025 assert %{"id" => id, "favourites_count" => 0, "favourited" => false} =
1026 json_response(conn, 200)
1028 assert to_string(activity.id) == id
1032 describe "user timelines" do
1033 test "gets a users statuses", %{conn: conn} do
1034 user_one = insert(:user)
1035 user_two = insert(:user)
1036 user_three = insert(:user)
1038 {:ok, user_three} = User.follow(user_three, user_one)
1040 {:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"})
1042 {:ok, direct_activity} =
1043 CommonAPI.post(user_one, %{
1044 "status" => "Hi, @#{user_two.nickname}.",
1045 "visibility" => "direct"
1048 {:ok, private_activity} =
1049 CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"})
1053 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1055 assert [%{"id" => id}] = json_response(resp, 200)
1056 assert id == to_string(activity.id)
1060 |> assign(:user, user_two)
1061 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1063 assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
1064 assert id_one == to_string(direct_activity.id)
1065 assert id_two == to_string(activity.id)
1069 |> assign(:user, user_three)
1070 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1072 assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
1073 assert id_one == to_string(private_activity.id)
1074 assert id_two == to_string(activity.id)
1077 test "unimplemented pinned statuses feature", %{conn: conn} do
1078 note = insert(:note_activity)
1079 user = User.get_by_ap_id(note.data["actor"])
1083 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1085 assert json_response(conn, 200) == []
1088 test "gets an users media", %{conn: conn} do
1089 note = insert(:note_activity)
1090 user = User.get_by_ap_id(note.data["actor"])
1092 file = %Plug.Upload{
1093 content_type: "image/jpg",
1094 path: Path.absname("test/fixtures/image.jpg"),
1095 filename: "an_image.jpg"
1099 TwitterAPI.upload(file, user, "json")
1103 TwitterAPI.create_status(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})
1107 |> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "true"})
1109 assert [%{"id" => id}] = json_response(conn, 200)
1110 assert id == to_string(image_post.id)
1114 |> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "1"})
1116 assert [%{"id" => id}] = json_response(conn, 200)
1117 assert id == to_string(image_post.id)
1120 test "gets a user's statuses without reblogs", %{conn: conn} do
1121 user = insert(:user)
1122 {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"})
1123 {:ok, _, _} = CommonAPI.repeat(post.id, user)
1127 |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"})
1129 assert [%{"id" => id}] = json_response(conn, 200)
1130 assert id == to_string(post.id)
1134 |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"})
1136 assert [%{"id" => id}] = json_response(conn, 200)
1137 assert id == to_string(post.id)
1141 describe "user relationships" do
1142 test "returns the relationships for the current user", %{conn: conn} do
1143 user = insert(:user)
1144 other_user = insert(:user)
1145 {:ok, user} = User.follow(user, other_user)
1149 |> assign(:user, user)
1150 |> get("/api/v1/accounts/relationships", %{"id" => [other_user.id]})
1152 assert [relationship] = json_response(conn, 200)
1154 assert to_string(other_user.id) == relationship["id"]
1158 describe "locked accounts" do
1159 test "/api/v1/follow_requests works" do
1160 user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
1161 other_user = insert(:user)
1163 {:ok, _activity} = ActivityPub.follow(other_user, user)
1165 user = User.get_by_id(user.id)
1166 other_user = User.get_by_id(other_user.id)
1168 assert User.following?(other_user, user) == false
1172 |> assign(:user, user)
1173 |> get("/api/v1/follow_requests")
1175 assert [relationship] = json_response(conn, 200)
1176 assert to_string(other_user.id) == relationship["id"]
1179 test "/api/v1/follow_requests/:id/authorize works" do
1180 user = insert(:user, %{info: %User.Info{locked: true}})
1181 other_user = insert(:user)
1183 {:ok, _activity} = ActivityPub.follow(other_user, user)
1185 user = User.get_by_id(user.id)
1186 other_user = User.get_by_id(other_user.id)
1188 assert User.following?(other_user, user) == false
1192 |> assign(:user, user)
1193 |> post("/api/v1/follow_requests/#{other_user.id}/authorize")
1195 assert relationship = json_response(conn, 200)
1196 assert to_string(other_user.id) == relationship["id"]
1198 user = User.get_by_id(user.id)
1199 other_user = User.get_by_id(other_user.id)
1201 assert User.following?(other_user, user) == true
1204 test "verify_credentials", %{conn: conn} do
1205 user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "private"}})
1209 |> assign(:user, user)
1210 |> get("/api/v1/accounts/verify_credentials")
1212 assert %{"id" => id, "source" => %{"privacy" => "private"}} = json_response(conn, 200)
1213 assert id == to_string(user.id)
1216 test "/api/v1/follow_requests/:id/reject works" do
1217 user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
1218 other_user = insert(:user)
1220 {:ok, _activity} = ActivityPub.follow(other_user, user)
1222 user = User.get_by_id(user.id)
1226 |> assign(:user, user)
1227 |> post("/api/v1/follow_requests/#{other_user.id}/reject")
1229 assert relationship = json_response(conn, 200)
1230 assert to_string(other_user.id) == relationship["id"]
1232 user = User.get_by_id(user.id)
1233 other_user = User.get_by_id(other_user.id)
1235 assert User.following?(other_user, user) == false
1239 test "account fetching", %{conn: conn} do
1240 user = insert(:user)
1244 |> get("/api/v1/accounts/#{user.id}")
1246 assert %{"id" => id} = json_response(conn, 200)
1247 assert id == to_string(user.id)
1251 |> get("/api/v1/accounts/-1")
1253 assert %{"error" => "Can't find user"} = json_response(conn, 404)
1256 test "account fetching also works nickname", %{conn: conn} do
1257 user = insert(:user)
1261 |> get("/api/v1/accounts/#{user.nickname}")
1263 assert %{"id" => id} = json_response(conn, 200)
1264 assert id == user.id
1267 test "media upload", %{conn: conn} do
1268 file = %Plug.Upload{
1269 content_type: "image/jpg",
1270 path: Path.absname("test/fixtures/image.jpg"),
1271 filename: "an_image.jpg"
1274 desc = "Description of the image"
1276 user = insert(:user)
1280 |> assign(:user, user)
1281 |> post("/api/v1/media", %{"file" => file, "description" => desc})
1283 assert media = json_response(conn, 200)
1285 assert media["type"] == "image"
1286 assert media["description"] == desc
1289 object = Repo.get(Object, media["id"])
1290 assert object.data["actor"] == User.ap_id(user)
1293 test "hashtag timeline", %{conn: conn} do
1294 following = insert(:user)
1297 {:ok, activity} = TwitterAPI.create_status(following, %{"status" => "test #2hu"})
1299 {:ok, [_activity]} =
1300 OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
1304 |> get("/api/v1/timelines/tag/2hu")
1306 assert [%{"id" => id}] = json_response(nconn, 200)
1308 assert id == to_string(activity.id)
1310 # works for different capitalization too
1313 |> get("/api/v1/timelines/tag/2HU")
1315 assert [%{"id" => id}] = json_response(nconn, 200)
1317 assert id == to_string(activity.id)
1321 test "multi-hashtag timeline", %{conn: conn} do
1322 user = insert(:user)
1324 {:ok, activity_test} = CommonAPI.post(user, %{"status" => "#test"})
1325 {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"})
1326 {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"})
1330 |> get("/api/v1/timelines/tag/test", %{"any" => ["test1"]})
1332 [status_none, status_test1, status_test] = json_response(any_test, 200)
1334 assert to_string(activity_test.id) == status_test["id"]
1335 assert to_string(activity_test1.id) == status_test1["id"]
1336 assert to_string(activity_none.id) == status_none["id"]
1340 |> get("/api/v1/timelines/tag/test", %{"all" => ["test1"], "none" => ["none"]})
1342 assert [status_test1] == json_response(restricted_test, 200)
1344 all_test = conn |> get("/api/v1/timelines/tag/test", %{"all" => ["none"]})
1346 assert [status_none] == json_response(all_test, 200)
1349 test "getting followers", %{conn: conn} do
1350 user = insert(:user)
1351 other_user = insert(:user)
1352 {:ok, user} = User.follow(user, other_user)
1356 |> get("/api/v1/accounts/#{other_user.id}/followers")
1358 assert [%{"id" => id}] = json_response(conn, 200)
1359 assert id == to_string(user.id)
1362 test "getting followers, hide_followers", %{conn: conn} do
1363 user = insert(:user)
1364 other_user = insert(:user, %{info: %{hide_followers: true}})
1365 {:ok, _user} = User.follow(user, other_user)
1369 |> get("/api/v1/accounts/#{other_user.id}/followers")
1371 assert [] == json_response(conn, 200)
1374 test "getting followers, hide_followers, same user requesting", %{conn: conn} do
1375 user = insert(:user)
1376 other_user = insert(:user, %{info: %{hide_followers: true}})
1377 {:ok, _user} = User.follow(user, other_user)
1381 |> assign(:user, other_user)
1382 |> get("/api/v1/accounts/#{other_user.id}/followers")
1384 refute [] == json_response(conn, 200)
1387 test "getting followers, pagination", %{conn: conn} do
1388 user = insert(:user)
1389 follower1 = insert(:user)
1390 follower2 = insert(:user)
1391 follower3 = insert(:user)
1392 {:ok, _} = User.follow(follower1, user)
1393 {:ok, _} = User.follow(follower2, user)
1394 {:ok, _} = User.follow(follower3, user)
1398 |> assign(:user, user)
1402 |> get("/api/v1/accounts/#{user.id}/followers?since_id=#{follower1.id}")
1404 assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200)
1405 assert id3 == follower3.id
1406 assert id2 == follower2.id
1410 |> get("/api/v1/accounts/#{user.id}/followers?max_id=#{follower3.id}")
1412 assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200)
1413 assert id2 == follower2.id
1414 assert id1 == follower1.id
1418 |> get("/api/v1/accounts/#{user.id}/followers?limit=1&max_id=#{follower3.id}")
1420 assert [%{"id" => id2}] = json_response(res_conn, 200)
1421 assert id2 == follower2.id
1423 assert [link_header] = get_resp_header(res_conn, "link")
1424 assert link_header =~ ~r/since_id=#{follower2.id}/
1425 assert link_header =~ ~r/max_id=#{follower2.id}/
1428 test "getting following", %{conn: conn} do
1429 user = insert(:user)
1430 other_user = insert(:user)
1431 {:ok, user} = User.follow(user, other_user)
1435 |> get("/api/v1/accounts/#{user.id}/following")
1437 assert [%{"id" => id}] = json_response(conn, 200)
1438 assert id == to_string(other_user.id)
1441 test "getting following, hide_follows", %{conn: conn} do
1442 user = insert(:user, %{info: %{hide_follows: true}})
1443 other_user = insert(:user)
1444 {:ok, user} = User.follow(user, other_user)
1448 |> get("/api/v1/accounts/#{user.id}/following")
1450 assert [] == json_response(conn, 200)
1453 test "getting following, hide_follows, same user requesting", %{conn: conn} do
1454 user = insert(:user, %{info: %{hide_follows: true}})
1455 other_user = insert(:user)
1456 {:ok, user} = User.follow(user, other_user)
1460 |> assign(:user, user)
1461 |> get("/api/v1/accounts/#{user.id}/following")
1463 refute [] == json_response(conn, 200)
1466 test "getting following, pagination", %{conn: conn} do
1467 user = insert(:user)
1468 following1 = insert(:user)
1469 following2 = insert(:user)
1470 following3 = insert(:user)
1471 {:ok, _} = User.follow(user, following1)
1472 {:ok, _} = User.follow(user, following2)
1473 {:ok, _} = User.follow(user, following3)
1477 |> assign(:user, user)
1481 |> get("/api/v1/accounts/#{user.id}/following?since_id=#{following1.id}")
1483 assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200)
1484 assert id3 == following3.id
1485 assert id2 == following2.id
1489 |> get("/api/v1/accounts/#{user.id}/following?max_id=#{following3.id}")
1491 assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200)
1492 assert id2 == following2.id
1493 assert id1 == following1.id
1497 |> get("/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}")
1499 assert [%{"id" => id2}] = json_response(res_conn, 200)
1500 assert id2 == following2.id
1502 assert [link_header] = get_resp_header(res_conn, "link")
1503 assert link_header =~ ~r/since_id=#{following2.id}/
1504 assert link_header =~ ~r/max_id=#{following2.id}/
1507 test "following / unfollowing a user", %{conn: conn} do
1508 user = insert(:user)
1509 other_user = insert(:user)
1513 |> assign(:user, user)
1514 |> post("/api/v1/accounts/#{other_user.id}/follow")
1516 assert %{"id" => _id, "following" => true} = json_response(conn, 200)
1518 user = User.get_by_id(user.id)
1522 |> assign(:user, user)
1523 |> post("/api/v1/accounts/#{other_user.id}/unfollow")
1525 assert %{"id" => _id, "following" => false} = json_response(conn, 200)
1527 user = User.get_by_id(user.id)
1531 |> assign(:user, user)
1532 |> post("/api/v1/follows", %{"uri" => other_user.nickname})
1534 assert %{"id" => id} = json_response(conn, 200)
1535 assert id == to_string(other_user.id)
1538 test "muting / unmuting a user", %{conn: conn} do
1539 user = insert(:user)
1540 other_user = insert(:user)
1544 |> assign(:user, user)
1545 |> post("/api/v1/accounts/#{other_user.id}/mute")
1547 assert %{"id" => _id, "muting" => true} = json_response(conn, 200)
1549 user = User.get_by_id(user.id)
1553 |> assign(:user, user)
1554 |> post("/api/v1/accounts/#{other_user.id}/unmute")
1556 assert %{"id" => _id, "muting" => false} = json_response(conn, 200)
1559 test "getting a list of mutes", %{conn: conn} do
1560 user = insert(:user)
1561 other_user = insert(:user)
1563 {:ok, user} = User.mute(user, other_user)
1567 |> assign(:user, user)
1568 |> get("/api/v1/mutes")
1570 other_user_id = to_string(other_user.id)
1571 assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
1574 test "blocking / unblocking a user", %{conn: conn} do
1575 user = insert(:user)
1576 other_user = insert(:user)
1580 |> assign(:user, user)
1581 |> post("/api/v1/accounts/#{other_user.id}/block")
1583 assert %{"id" => _id, "blocking" => true} = json_response(conn, 200)
1585 user = User.get_by_id(user.id)
1589 |> assign(:user, user)
1590 |> post("/api/v1/accounts/#{other_user.id}/unblock")
1592 assert %{"id" => _id, "blocking" => false} = json_response(conn, 200)
1595 test "getting a list of blocks", %{conn: conn} do
1596 user = insert(:user)
1597 other_user = insert(:user)
1599 {:ok, user} = User.block(user, other_user)
1603 |> assign(:user, user)
1604 |> get("/api/v1/blocks")
1606 other_user_id = to_string(other_user.id)
1607 assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
1610 test "blocking / unblocking a domain", %{conn: conn} do
1611 user = insert(:user)
1612 other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
1616 |> assign(:user, user)
1617 |> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
1619 assert %{} = json_response(conn, 200)
1620 user = User.get_cached_by_ap_id(user.ap_id)
1621 assert User.blocks?(user, other_user)
1625 |> assign(:user, user)
1626 |> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
1628 assert %{} = json_response(conn, 200)
1629 user = User.get_cached_by_ap_id(user.ap_id)
1630 refute User.blocks?(user, other_user)
1633 test "getting a list of domain blocks", %{conn: conn} do
1634 user = insert(:user)
1636 {:ok, user} = User.block_domain(user, "bad.site")
1637 {:ok, user} = User.block_domain(user, "even.worse.site")
1641 |> assign(:user, user)
1642 |> get("/api/v1/domain_blocks")
1644 domain_blocks = json_response(conn, 200)
1646 assert "bad.site" in domain_blocks
1647 assert "even.worse.site" in domain_blocks
1650 test "unimplemented follow_requests, blocks, domain blocks" do
1651 user = insert(:user)
1653 ["blocks", "domain_blocks", "follow_requests"]
1654 |> Enum.each(fn endpoint ->
1657 |> assign(:user, user)
1658 |> get("/api/v1/#{endpoint}")
1660 assert [] = json_response(conn, 200)
1664 test "account search", %{conn: conn} do
1665 user = insert(:user)
1666 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1667 user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
1671 |> assign(:user, user)
1672 |> get("/api/v1/accounts/search", %{"q" => "shp"})
1673 |> json_response(200)
1675 result_ids = for result <- results, do: result["acct"]
1677 assert user_two.nickname in result_ids
1678 assert user_three.nickname in result_ids
1682 |> assign(:user, user)
1683 |> get("/api/v1/accounts/search", %{"q" => "2hu"})
1684 |> json_response(200)
1686 result_ids = for result <- results, do: result["acct"]
1688 assert user_three.nickname in result_ids
1691 test "search", %{conn: conn} do
1692 user = insert(:user)
1693 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1694 user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
1696 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
1699 CommonAPI.post(user, %{
1700 "status" => "This is about 2hu, but private",
1701 "visibility" => "private"
1704 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
1708 |> get("/api/v1/search", %{"q" => "2hu"})
1710 assert results = json_response(conn, 200)
1712 [account | _] = results["accounts"]
1713 assert account["id"] == to_string(user_three.id)
1715 assert results["hashtags"] == []
1717 [status] = results["statuses"]
1718 assert status["id"] == to_string(activity.id)
1721 test "search fetches remote statuses", %{conn: conn} do
1725 |> get("/api/v1/search", %{"q" => "https://shitposter.club/notice/2827873"})
1727 assert results = json_response(conn, 200)
1729 [status] = results["statuses"]
1730 assert status["uri"] == "tag:shitposter.club,2017-05-05:noticeId=2827873:objectType=comment"
1734 test "search doesn't show statuses that it shouldn't", %{conn: conn} do
1736 CommonAPI.post(insert(:user), %{
1737 "status" => "This is about 2hu, but private",
1738 "visibility" => "private"
1744 |> get("/api/v1/search", %{"q" => activity.data["object"]["id"]})
1746 assert results = json_response(conn, 200)
1748 [] = results["statuses"]
1752 test "search fetches remote accounts", %{conn: conn} do
1755 |> get("/api/v1/search", %{"q" => "shp@social.heldscal.la", "resolve" => "true"})
1757 assert results = json_response(conn, 200)
1758 [account] = results["accounts"]
1759 assert account["acct"] == "shp@social.heldscal.la"
1762 test "returns the favorites of a user", %{conn: conn} do
1763 user = insert(:user)
1764 other_user = insert(:user)
1766 {:ok, _} = CommonAPI.post(other_user, %{"status" => "bla"})
1767 {:ok, activity} = CommonAPI.post(other_user, %{"status" => "traps are happy"})
1769 {:ok, _, _} = CommonAPI.favorite(activity.id, user)
1773 |> assign(:user, user)
1774 |> get("/api/v1/favourites")
1776 assert [status] = json_response(first_conn, 200)
1777 assert status["id"] == to_string(activity.id)
1779 assert [{"link", _link_header}] =
1780 Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end)
1782 # Honours query params
1783 {:ok, second_activity} =
1784 CommonAPI.post(other_user, %{
1786 "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful."
1789 {:ok, _, _} = CommonAPI.favorite(second_activity.id, user)
1791 last_like = status["id"]
1795 |> assign(:user, user)
1796 |> get("/api/v1/favourites?since_id=#{last_like}")
1798 assert [second_status] = json_response(second_conn, 200)
1799 assert second_status["id"] == to_string(second_activity.id)
1803 |> assign(:user, user)
1804 |> get("/api/v1/favourites?limit=0")
1806 assert [] = json_response(third_conn, 200)
1809 describe "updating credentials" do
1810 test "updates the user's bio", %{conn: conn} do
1811 user = insert(:user)
1812 user2 = insert(:user)
1816 |> assign(:user, user)
1817 |> patch("/api/v1/accounts/update_credentials", %{
1818 "note" => "I drink #cofe with @#{user2.nickname}"
1821 assert user = json_response(conn, 200)
1823 assert user["note"] ==
1824 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe" rel="tag">#cofe</a> with <span class="h-card"><a data-user=") <>
1826 ~s(" class="u-url mention" href=") <>
1827 user2.ap_id <> ~s(">@<span>) <> user2.nickname <> ~s(</span></a></span>)
1830 test "updates the user's locking status", %{conn: conn} do
1831 user = insert(:user)
1835 |> assign(:user, user)
1836 |> patch("/api/v1/accounts/update_credentials", %{locked: "true"})
1838 assert user = json_response(conn, 200)
1839 assert user["locked"] == true
1842 test "updates the user's name", %{conn: conn} do
1843 user = insert(:user)
1847 |> assign(:user, user)
1848 |> patch("/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
1850 assert user = json_response(conn, 200)
1851 assert user["display_name"] == "markorepairs"
1854 test "updates the user's avatar", %{conn: conn} do
1855 user = insert(:user)
1857 new_avatar = %Plug.Upload{
1858 content_type: "image/jpg",
1859 path: Path.absname("test/fixtures/image.jpg"),
1860 filename: "an_image.jpg"
1865 |> assign(:user, user)
1866 |> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
1868 assert user_response = json_response(conn, 200)
1869 assert user_response["avatar"] != User.avatar_url(user)
1872 test "updates the user's banner", %{conn: conn} do
1873 user = insert(:user)
1875 new_header = %Plug.Upload{
1876 content_type: "image/jpg",
1877 path: Path.absname("test/fixtures/image.jpg"),
1878 filename: "an_image.jpg"
1883 |> assign(:user, user)
1884 |> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})
1886 assert user_response = json_response(conn, 200)
1887 assert user_response["header"] != User.banner_url(user)
1890 test "requires 'write' permission", %{conn: conn} do
1891 token1 = insert(:oauth_token, scopes: ["read"])
1892 token2 = insert(:oauth_token, scopes: ["write", "follow"])
1894 for token <- [token1, token2] do
1897 |> put_req_header("authorization", "Bearer #{token.token}")
1898 |> patch("/api/v1/accounts/update_credentials", %{})
1900 if token == token1 do
1901 assert %{"error" => "Insufficient permissions: write."} == json_response(conn, 403)
1903 assert json_response(conn, 200)
1909 test "get instance information", %{conn: conn} do
1910 conn = get(conn, "/api/v1/instance")
1911 assert result = json_response(conn, 200)
1913 # Note: not checking for "max_toot_chars" since it's optional
1921 "streaming_api" => _
1926 "registrations" => _
1930 test "get instance stats", %{conn: conn} do
1931 user = insert(:user, %{local: true})
1933 user2 = insert(:user, %{local: true})
1934 {:ok, _user2} = User.deactivate(user2, !user2.info.deactivated)
1936 insert(:user, %{local: false, nickname: "u@peer1.com"})
1937 insert(:user, %{local: false, nickname: "u@peer2.com"})
1939 {:ok, _} = TwitterAPI.create_status(user, %{"status" => "cofe"})
1941 # Stats should count users with missing or nil `info.deactivated` value
1942 user = User.get_by_id(user.id)
1943 info_change = Changeset.change(user.info, %{deactivated: nil})
1947 |> Changeset.change()
1948 |> Changeset.put_embed(:info, info_change)
1949 |> User.update_and_set_cache()
1951 Pleroma.Stats.update_stats()
1953 conn = get(conn, "/api/v1/instance")
1955 assert result = json_response(conn, 200)
1957 stats = result["stats"]
1960 assert stats["user_count"] == 1
1961 assert stats["status_count"] == 1
1962 assert stats["domain_count"] == 2
1965 test "get peers", %{conn: conn} do
1966 insert(:user, %{local: false, nickname: "u@peer1.com"})
1967 insert(:user, %{local: false, nickname: "u@peer2.com"})
1969 Pleroma.Stats.update_stats()
1971 conn = get(conn, "/api/v1/instance/peers")
1973 assert result = json_response(conn, 200)
1975 assert ["peer1.com", "peer2.com"] == Enum.sort(result)
1978 test "put settings", %{conn: conn} do
1979 user = insert(:user)
1983 |> assign(:user, user)
1984 |> put("/api/web/settings", %{"data" => %{"programming" => "socks"}})
1986 assert _result = json_response(conn, 200)
1988 user = User.get_cached_by_ap_id(user.ap_id)
1989 assert user.info.settings == %{"programming" => "socks"}
1992 describe "pinned statuses" do
1994 Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
1996 user = insert(:user)
1997 {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"})
1999 [user: user, activity: activity]
2002 test "returns pinned statuses", %{conn: conn, user: user, activity: activity} do
2003 {:ok, _} = CommonAPI.pin(activity.id, user)
2007 |> assign(:user, user)
2008 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2009 |> json_response(200)
2011 id_str = to_string(activity.id)
2013 assert [%{"id" => ^id_str, "pinned" => true}] = result
2016 test "pin status", %{conn: conn, user: user, activity: activity} do
2017 id_str = to_string(activity.id)
2019 assert %{"id" => ^id_str, "pinned" => true} =
2021 |> assign(:user, user)
2022 |> post("/api/v1/statuses/#{activity.id}/pin")
2023 |> json_response(200)
2025 assert [%{"id" => ^id_str, "pinned" => true}] =
2027 |> assign(:user, user)
2028 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2029 |> json_response(200)
2032 test "unpin status", %{conn: conn, user: user, activity: activity} do
2033 {:ok, _} = CommonAPI.pin(activity.id, user)
2035 id_str = to_string(activity.id)
2036 user = refresh_record(user)
2038 assert %{"id" => ^id_str, "pinned" => false} =
2040 |> assign(:user, user)
2041 |> post("/api/v1/statuses/#{activity.id}/unpin")
2042 |> json_response(200)
2046 |> assign(:user, user)
2047 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2048 |> json_response(200)
2051 test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
2052 {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})
2054 id_str_one = to_string(activity_one.id)
2056 assert %{"id" => ^id_str_one, "pinned" => true} =
2058 |> assign(:user, user)
2059 |> post("/api/v1/statuses/#{id_str_one}/pin")
2060 |> json_response(200)
2062 user = refresh_record(user)
2064 assert %{"error" => "You have already pinned the maximum number of statuses"} =
2066 |> assign(:user, user)
2067 |> post("/api/v1/statuses/#{activity_two.id}/pin")
2068 |> json_response(400)
2071 test "Status rich-media Card", %{conn: conn, user: user} do
2072 Pleroma.Config.put([:rich_media, :enabled], true)
2073 {:ok, activity} = CommonAPI.post(user, %{"status" => "http://example.com/ogp"})
2077 |> get("/api/v1/statuses/#{activity.id}/card")
2078 |> json_response(200)
2080 assert response == %{
2081 "image" => "http://ia.media-imdb.com/images/rock.jpg",
2082 "provider_name" => "www.imdb.com",
2083 "provider_url" => "http://www.imdb.com",
2084 "title" => "The Rock",
2086 "url" => "http://www.imdb.com/title/tt0117500/",
2087 "description" => nil,
2090 "image" => "http://ia.media-imdb.com/images/rock.jpg",
2091 "title" => "The Rock",
2092 "type" => "video.movie",
2093 "url" => "http://www.imdb.com/title/tt0117500/"
2098 # works with private posts
2100 CommonAPI.post(user, %{"status" => "http://example.com/ogp", "visibility" => "direct"})
2104 |> assign(:user, user)
2105 |> get("/api/v1/statuses/#{activity.id}/card")
2106 |> json_response(200)
2108 assert response_two == response
2110 Pleroma.Config.put([:rich_media, :enabled], false)
2115 user = insert(:user)
2116 for_user = insert(:user)
2119 CommonAPI.post(user, %{
2120 "status" => "heweoo?"
2124 CommonAPI.post(user, %{
2125 "status" => "heweoo!"
2130 |> assign(:user, for_user)
2131 |> post("/api/v1/statuses/#{activity1.id}/bookmark")
2133 assert json_response(response1, 200)["bookmarked"] == true
2137 |> assign(:user, for_user)
2138 |> post("/api/v1/statuses/#{activity2.id}/bookmark")
2140 assert json_response(response2, 200)["bookmarked"] == true
2144 |> assign(:user, for_user)
2145 |> get("/api/v1/bookmarks")
2147 assert [json_response(response2, 200), json_response(response1, 200)] ==
2148 json_response(bookmarks, 200)
2152 |> assign(:user, for_user)
2153 |> post("/api/v1/statuses/#{activity1.id}/unbookmark")
2155 assert json_response(response1, 200)["bookmarked"] == false
2159 |> assign(:user, for_user)
2160 |> get("/api/v1/bookmarks")
2162 assert [json_response(response2, 200)] == json_response(bookmarks, 200)
2165 describe "conversation muting" do
2167 user = insert(:user)
2168 {:ok, activity} = CommonAPI.post(user, %{"status" => "HIE"})
2170 [user: user, activity: activity]
2173 test "mute conversation", %{conn: conn, user: user, activity: activity} do
2174 id_str = to_string(activity.id)
2176 assert %{"id" => ^id_str, "muted" => true} =
2178 |> assign(:user, user)
2179 |> post("/api/v1/statuses/#{activity.id}/mute")
2180 |> json_response(200)
2183 test "unmute conversation", %{conn: conn, user: user, activity: activity} do
2184 {:ok, _} = CommonAPI.add_mute(user, activity)
2186 id_str = to_string(activity.id)
2187 user = refresh_record(user)
2189 assert %{"id" => ^id_str, "muted" => false} =
2191 |> assign(:user, user)
2192 |> post("/api/v1/statuses/#{activity.id}/unmute")
2193 |> json_response(200)
2197 test "flavours switching (Pleroma Extension)", %{conn: conn} do
2198 user = insert(:user)
2202 |> assign(:user, user)
2203 |> get("/api/v1/pleroma/flavour")
2205 assert "glitch" == json_response(get_old_flavour, 200)
2209 |> assign(:user, user)
2210 |> post("/api/v1/pleroma/flavour/vanilla")
2212 assert "vanilla" == json_response(set_flavour, 200)
2216 |> assign(:user, user)
2217 |> post("/api/v1/pleroma/flavour/vanilla")
2219 assert json_response(set_flavour, 200) == json_response(get_new_flavour, 200)
2222 describe "reports" do
2224 reporter = insert(:user)
2225 target_user = insert(:user)
2227 {:ok, activity} = CommonAPI.post(target_user, %{"status" => "foobar"})
2229 [reporter: reporter, target_user: target_user, activity: activity]
2232 test "submit a basic report", %{conn: conn, reporter: reporter, target_user: target_user} do
2233 assert %{"action_taken" => false, "id" => _} =
2235 |> assign(:user, reporter)
2236 |> post("/api/v1/reports", %{"account_id" => target_user.id})
2237 |> json_response(200)
2240 test "submit a report with statuses and comment", %{
2243 target_user: target_user,
2246 assert %{"action_taken" => false, "id" => _} =
2248 |> assign(:user, reporter)
2249 |> post("/api/v1/reports", %{
2250 "account_id" => target_user.id,
2251 "status_ids" => [activity.id],
2252 "comment" => "bad status!"
2254 |> json_response(200)
2257 test "account_id is required", %{
2262 assert %{"error" => "Valid `account_id` required"} =
2264 |> assign(:user, reporter)
2265 |> post("/api/v1/reports", %{"status_ids" => [activity.id]})
2266 |> json_response(400)
2269 test "comment must be up to the size specified in the config", %{
2272 target_user: target_user
2274 max_size = Pleroma.Config.get([:instance, :max_report_comment_size], 1000)
2275 comment = String.pad_trailing("a", max_size + 1, "a")
2277 error = %{"error" => "Comment must be up to #{max_size} characters"}
2281 |> assign(:user, reporter)
2282 |> post("/api/v1/reports", %{"account_id" => target_user.id, "comment" => comment})
2283 |> json_response(400)
2287 describe "link headers" do
2288 test "preserves parameters in link headers", %{conn: conn} do
2289 user = insert(:user)
2290 other_user = insert(:user)
2293 CommonAPI.post(other_user, %{
2294 "status" => "hi @#{user.nickname}",
2295 "visibility" => "public"
2299 CommonAPI.post(other_user, %{
2300 "status" => "hi @#{user.nickname}",
2301 "visibility" => "public"
2304 notification1 = Repo.get_by(Notification, activity_id: activity1.id)
2305 notification2 = Repo.get_by(Notification, activity_id: activity2.id)
2309 |> assign(:user, user)
2310 |> get("/api/v1/notifications", %{media_only: true})
2312 assert [link_header] = get_resp_header(conn, "link")
2313 assert link_header =~ ~r/media_only=true/
2314 assert link_header =~ ~r/since_id=#{notification2.id}/
2315 assert link_header =~ ~r/max_id=#{notification1.id}/
2319 test "accounts fetches correct account for nicknames beginning with numbers", %{conn: conn} do
2320 # Need to set an old-style integer ID to reproduce the problem
2321 # (these are no longer assigned to new accounts but were preserved
2322 # for existing accounts during the migration to flakeIDs)
2323 user_one = insert(:user, %{id: 1212})
2324 user_two = insert(:user, %{nickname: "#{user_one.id}garbage"})
2328 |> get("/api/v1/accounts/#{user_one.id}")
2332 |> get("/api/v1/accounts/#{user_two.nickname}")
2336 |> get("/api/v1/accounts/#{user_two.id}")
2338 acc_one = json_response(resp_one, 200)
2339 acc_two = json_response(resp_two, 200)
2340 acc_three = json_response(resp_three, 200)
2341 refute acc_one == acc_two
2342 assert acc_two == acc_three
2345 describe "index/2 redirections" do
2346 setup %{conn: conn} do
2350 signing_salt: "cooldude"
2355 |> Plug.Session.call(Plug.Session.init(session_opts))
2358 test_path = "/web/statuses/test"
2359 %{conn: conn, path: test_path}
2362 test "redirects not logged-in users to the login page", %{conn: conn, path: path} do
2363 conn = get(conn, path)
2365 assert conn.status == 302
2366 assert redirected_to(conn) == "/web/login"
2369 test "does not redirect logged in users to the login page", %{conn: conn, path: path} do
2370 token = insert(:oauth_token)
2374 |> assign(:user, token.user)
2375 |> put_session(:oauth_token, token.token)
2378 assert conn.status == 200
2381 test "saves referer path to session", %{conn: conn, path: path} do
2382 conn = get(conn, path)
2383 return_to = Plug.Conn.get_session(conn, :return_to)
2385 assert return_to == path
2388 test "redirects to the saved path after log in", %{conn: conn, path: path} do
2389 app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
2390 auth = insert(:oauth_authorization, app: app)
2394 |> put_session(:return_to, path)
2395 |> get("/web/login", %{code: auth.token})
2397 assert conn.status == 302
2398 assert redirected_to(conn) == path
2401 test "redirects to the getting-started page when referer is not present", %{conn: conn} do
2402 app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
2403 auth = insert(:oauth_authorization, app: app)
2405 conn = get(conn, "/web/login", %{code: auth.token})
2407 assert conn.status == 302
2408 assert redirected_to(conn) == "/web/getting-started"
2412 describe "scheduled activities" do
2413 test "creates a scheduled activity", %{conn: conn} do
2414 user = insert(:user)
2415 scheduled_at = NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2419 |> assign(:user, user)
2420 |> post("/api/v1/statuses", %{
2421 "status" => "scheduled",
2422 "scheduled_at" => scheduled_at
2425 assert %{"scheduled_at" => expected_scheduled_at} = json_response(conn, 200)
2426 assert expected_scheduled_at == Pleroma.Web.CommonAPI.Utils.to_masto_date(scheduled_at)
2427 assert [] == Repo.all(Activity)
2430 test "creates a scheduled activity with a media attachment", %{conn: conn} do
2431 user = insert(:user)
2432 scheduled_at = NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2434 file = %Plug.Upload{
2435 content_type: "image/jpg",
2436 path: Path.absname("test/fixtures/image.jpg"),
2437 filename: "an_image.jpg"
2440 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
2444 |> assign(:user, user)
2445 |> post("/api/v1/statuses", %{
2446 "media_ids" => [to_string(upload.id)],
2447 "status" => "scheduled",
2448 "scheduled_at" => scheduled_at
2451 assert %{"media_attachments" => [media_attachment]} = json_response(conn, 200)
2452 assert %{"type" => "image"} = media_attachment
2455 test "skips the scheduling and creates the activity if scheduled_at is earlier than 5 minutes from now",
2457 user = insert(:user)
2460 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(5) - 1, :millisecond)
2464 |> assign(:user, user)
2465 |> post("/api/v1/statuses", %{
2466 "status" => "not scheduled",
2467 "scheduled_at" => scheduled_at
2470 assert %{"content" => "not scheduled"} = json_response(conn, 200)
2471 assert [] == Repo.all(ScheduledActivity)
2474 test "returns error when daily user limit is exceeded", %{conn: conn} do
2475 user = insert(:user)
2478 NaiveDateTime.utc_now()
2479 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
2480 |> NaiveDateTime.to_iso8601()
2482 attrs = %{params: %{}, scheduled_at: today}
2483 {:ok, _} = ScheduledActivity.create(user, attrs)
2484 {:ok, _} = ScheduledActivity.create(user, attrs)
2488 |> assign(:user, user)
2489 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => today})
2491 assert %{"error" => "daily limit exceeded"} == json_response(conn, 422)
2494 test "returns error when total user limit is exceeded", %{conn: conn} do
2495 user = insert(:user)
2498 NaiveDateTime.utc_now()
2499 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
2500 |> NaiveDateTime.to_iso8601()
2503 NaiveDateTime.utc_now()
2504 |> NaiveDateTime.add(:timer.hours(36), :millisecond)
2505 |> NaiveDateTime.to_iso8601()
2507 attrs = %{params: %{}, scheduled_at: today}
2508 {:ok, _} = ScheduledActivity.create(user, attrs)
2509 {:ok, _} = ScheduledActivity.create(user, attrs)
2510 {:ok, _} = ScheduledActivity.create(user, %{params: %{}, scheduled_at: tomorrow})
2514 |> assign(:user, user)
2515 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => tomorrow})
2517 assert %{"error" => "total limit exceeded"} == json_response(conn, 422)
2520 test "shows scheduled activities", %{conn: conn} do
2521 user = insert(:user)
2522 scheduled_activity_id1 = insert(:scheduled_activity, user: user).id |> to_string()
2523 scheduled_activity_id2 = insert(:scheduled_activity, user: user).id |> to_string()
2524 scheduled_activity_id3 = insert(:scheduled_activity, user: user).id |> to_string()
2525 scheduled_activity_id4 = insert(:scheduled_activity, user: user).id |> to_string()
2529 |> assign(:user, user)
2534 |> get("/api/v1/scheduled_statuses?limit=2&min_id=#{scheduled_activity_id1}")
2536 result = json_response(conn_res, 200)
2537 assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
2542 |> get("/api/v1/scheduled_statuses?limit=2&since_id=#{scheduled_activity_id1}")
2544 result = json_response(conn_res, 200)
2545 assert [%{"id" => ^scheduled_activity_id4}, %{"id" => ^scheduled_activity_id3}] = result
2550 |> get("/api/v1/scheduled_statuses?limit=2&max_id=#{scheduled_activity_id4}")
2552 result = json_response(conn_res, 200)
2553 assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
2556 test "shows a scheduled activity", %{conn: conn} do
2557 user = insert(:user)
2558 scheduled_activity = insert(:scheduled_activity, user: user)
2562 |> assign(:user, user)
2563 |> get("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2565 assert %{"id" => scheduled_activity_id} = json_response(res_conn, 200)
2566 assert scheduled_activity_id == scheduled_activity.id |> to_string()
2570 |> assign(:user, user)
2571 |> get("/api/v1/scheduled_statuses/404")
2573 assert %{"error" => "Record not found"} = json_response(res_conn, 404)
2576 test "updates a scheduled activity", %{conn: conn} do
2577 user = insert(:user)
2578 scheduled_activity = insert(:scheduled_activity, user: user)
2581 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2585 |> assign(:user, user)
2586 |> put("/api/v1/scheduled_statuses/#{scheduled_activity.id}", %{
2587 scheduled_at: new_scheduled_at
2590 assert %{"scheduled_at" => expected_scheduled_at} = json_response(res_conn, 200)
2591 assert expected_scheduled_at == Pleroma.Web.CommonAPI.Utils.to_masto_date(new_scheduled_at)
2595 |> assign(:user, user)
2596 |> put("/api/v1/scheduled_statuses/404", %{scheduled_at: new_scheduled_at})
2598 assert %{"error" => "Record not found"} = json_response(res_conn, 404)
2601 test "deletes a scheduled activity", %{conn: conn} do
2602 user = insert(:user)
2603 scheduled_activity = insert(:scheduled_activity, user: user)
2607 |> assign(:user, user)
2608 |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2610 assert %{} = json_response(res_conn, 200)
2611 assert nil == Repo.get(ScheduledActivity, scheduled_activity.id)
2615 |> assign(:user, user)
2616 |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2618 assert %{"error" => "Record not found"} = json_response(res_conn, 404)