1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
6 use Pleroma.Web.ConnCase
10 alias Pleroma.Notification
13 alias Pleroma.ScheduledActivity
15 alias Pleroma.Web.ActivityPub.ActivityPub
16 alias Pleroma.Web.CommonAPI
17 alias Pleroma.Web.MastodonAPI.FilterView
18 alias Pleroma.Web.OAuth.App
19 alias Pleroma.Web.OStatus
20 alias Pleroma.Web.Push
21 alias Pleroma.Web.TwitterAPI.TwitterAPI
22 import Pleroma.Factory
23 import ExUnit.CaptureLog
27 mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
31 test "the home timeline", %{conn: conn} do
33 following = insert(:user)
35 {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
39 |> assign(:user, user)
40 |> get("/api/v1/timelines/home")
42 assert Enum.empty?(json_response(conn, 200))
44 {:ok, user} = User.follow(user, following)
48 |> assign(:user, user)
49 |> get("/api/v1/timelines/home")
51 assert [%{"content" => "test"}] = json_response(conn, 200)
54 test "the public timeline", %{conn: conn} do
55 following = insert(:user)
58 {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
61 OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
65 |> get("/api/v1/timelines/public", %{"local" => "False"})
67 assert length(json_response(conn, 200)) == 2
71 |> get("/api/v1/timelines/public", %{"local" => "True"})
73 assert [%{"content" => "test"}] = json_response(conn, 200)
77 |> get("/api/v1/timelines/public", %{"local" => "1"})
79 assert [%{"content" => "test"}] = json_response(conn, 200)
83 test "posting a status", %{conn: conn} do
86 idempotency_key = "Pikachu rocks!"
90 |> assign(:user, user)
91 |> put_req_header("idempotency-key", idempotency_key)
92 |> post("/api/v1/statuses", %{
94 "spoiler_text" => "2hu",
95 "sensitive" => "false"
98 {:ok, ttl} = Cachex.ttl(:idempotency_cache, idempotency_key)
100 assert ttl > :timer.seconds(6 * 60 * 60 - 1)
102 assert %{"content" => "cofe", "id" => id, "spoiler_text" => "2hu", "sensitive" => false} =
103 json_response(conn_one, 200)
105 assert Activity.get_by_id(id)
109 |> assign(:user, user)
110 |> put_req_header("idempotency-key", idempotency_key)
111 |> post("/api/v1/statuses", %{
113 "spoiler_text" => "2hu",
114 "sensitive" => "false"
117 assert %{"id" => second_id} = json_response(conn_two, 200)
119 assert id == second_id
123 |> assign(:user, user)
124 |> post("/api/v1/statuses", %{
126 "spoiler_text" => "2hu",
127 "sensitive" => "false"
130 assert %{"id" => third_id} = json_response(conn_three, 200)
132 refute id == third_id
135 test "posting a sensitive status", %{conn: conn} do
140 |> assign(:user, user)
141 |> post("/api/v1/statuses", %{"status" => "cofe", "sensitive" => true})
143 assert %{"content" => "cofe", "id" => id, "sensitive" => true} = json_response(conn, 200)
144 assert Activity.get_by_id(id)
147 test "posting a fake status", %{conn: conn} do
152 |> assign(:user, user)
153 |> post("/api/v1/statuses", %{
155 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it"
158 real_status = json_response(real_conn, 200)
161 assert Object.get_by_ap_id(real_status["uri"])
165 |> Map.put("id", nil)
166 |> Map.put("url", nil)
167 |> Map.put("uri", nil)
168 |> Map.put("created_at", nil)
169 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
173 |> assign(:user, user)
174 |> post("/api/v1/statuses", %{
176 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it",
180 fake_status = json_response(fake_conn, 200)
183 refute Object.get_by_ap_id(fake_status["uri"])
187 |> Map.put("id", nil)
188 |> Map.put("url", nil)
189 |> Map.put("uri", nil)
190 |> Map.put("created_at", nil)
191 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
193 assert real_status == fake_status
196 test "posting a status with OGP link preview", %{conn: conn} do
197 Pleroma.Config.put([:rich_media, :enabled], true)
202 |> assign(:user, user)
203 |> post("/api/v1/statuses", %{
204 "status" => "http://example.com/ogp"
207 assert %{"id" => id, "card" => %{"title" => "The Rock"}} = json_response(conn, 200)
208 assert Activity.get_by_id(id)
209 Pleroma.Config.put([:rich_media, :enabled], false)
212 test "posting a direct status", %{conn: conn} do
213 user1 = insert(:user)
214 user2 = insert(:user)
215 content = "direct cofe @#{user2.nickname}"
219 |> assign(:user, user1)
220 |> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})
222 assert %{"id" => id, "visibility" => "direct"} = json_response(conn, 200)
223 assert activity = Activity.get_by_id(id)
224 assert activity.recipients == [user2.ap_id, user1.ap_id]
225 assert activity.data["to"] == [user2.ap_id]
226 assert activity.data["cc"] == []
229 test "direct timeline", %{conn: conn} do
230 user_one = insert(:user)
231 user_two = insert(:user)
233 {:ok, user_two} = User.follow(user_two, user_one)
236 CommonAPI.post(user_one, %{
237 "status" => "Hi @#{user_two.nickname}!",
238 "visibility" => "direct"
241 {:ok, _follower_only} =
242 CommonAPI.post(user_one, %{
243 "status" => "Hi @#{user_two.nickname}!",
244 "visibility" => "private"
247 # Only direct should be visible here
250 |> assign(:user, user_two)
251 |> get("api/v1/timelines/direct")
253 [status] = json_response(res_conn, 200)
255 assert %{"visibility" => "direct"} = status
256 assert status["url"] != direct.data["id"]
258 # User should be able to see his own direct message
261 |> assign(:user, user_one)
262 |> get("api/v1/timelines/direct")
264 [status] = json_response(res_conn, 200)
266 assert %{"visibility" => "direct"} = status
268 # Both should be visible here
271 |> assign(:user, user_two)
272 |> get("api/v1/timelines/home")
274 [_s1, _s2] = json_response(res_conn, 200)
277 Enum.each(1..20, fn _ ->
279 CommonAPI.post(user_one, %{
280 "status" => "Hi @#{user_two.nickname}!",
281 "visibility" => "direct"
287 |> assign(:user, user_two)
288 |> get("api/v1/timelines/direct")
290 statuses = json_response(res_conn, 200)
291 assert length(statuses) == 20
295 |> assign(:user, user_two)
296 |> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]})
298 [status] = json_response(res_conn, 200)
300 assert status["url"] != direct.data["id"]
303 test "doesn't include DMs from blocked users", %{conn: conn} do
304 blocker = insert(:user)
305 blocked = insert(:user)
307 {:ok, blocker} = User.block(blocker, blocked)
309 {:ok, _blocked_direct} =
310 CommonAPI.post(blocked, %{
311 "status" => "Hi @#{blocker.nickname}!",
312 "visibility" => "direct"
316 CommonAPI.post(user, %{
317 "status" => "Hi @#{blocker.nickname}!",
318 "visibility" => "direct"
323 |> assign(:user, user)
324 |> get("api/v1/timelines/direct")
326 [status] = json_response(res_conn, 200)
327 assert status["id"] == direct.id
330 test "replying to a status", %{conn: conn} do
333 {:ok, replied_to} = TwitterAPI.create_status(user, %{"status" => "cofe"})
337 |> assign(:user, user)
338 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
340 assert %{"content" => "xD", "id" => id} = json_response(conn, 200)
342 activity = Activity.get_by_id(id)
344 assert activity.data["context"] == replied_to.data["context"]
345 assert activity.data["object"]["inReplyToStatusId"] == replied_to.id
348 test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
353 |> assign(:user, user)
354 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})
356 assert %{"content" => "xD", "id" => id} = json_response(conn, 200)
358 activity = Activity.get_by_id(id)
363 test "verify_credentials", %{conn: conn} do
368 |> assign(:user, user)
369 |> get("/api/v1/accounts/verify_credentials")
371 assert %{"id" => id, "source" => %{"privacy" => "public"}} = json_response(conn, 200)
372 assert id == to_string(user.id)
375 test "verify_credentials default scope unlisted", %{conn: conn} do
376 user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "unlisted"}})
380 |> assign(:user, user)
381 |> get("/api/v1/accounts/verify_credentials")
383 assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = json_response(conn, 200)
384 assert id == to_string(user.id)
387 test "apps/verify_credentials", %{conn: conn} do
388 token = insert(:oauth_token)
392 |> assign(:user, token.user)
393 |> assign(:token, token)
394 |> get("/api/v1/apps/verify_credentials")
396 app = Repo.preload(token, :app).app
399 "name" => app.client_name,
400 "website" => app.website,
401 "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
404 assert expected == json_response(conn, 200)
407 test "creates an oauth app", %{conn: conn} do
409 app_attrs = build(:oauth_app)
413 |> assign(:user, user)
414 |> post("/api/v1/apps", %{
415 client_name: app_attrs.client_name,
416 redirect_uris: app_attrs.redirect_uris
419 [app] = Repo.all(App)
422 "name" => app.client_name,
423 "website" => app.website,
424 "client_id" => app.client_id,
425 "client_secret" => app.client_secret,
426 "id" => app.id |> to_string(),
427 "redirect_uri" => app.redirect_uris,
428 "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key)
431 assert expected == json_response(conn, 200)
434 test "get a status", %{conn: conn} do
435 activity = insert(:note_activity)
439 |> get("/api/v1/statuses/#{activity.id}")
441 assert %{"id" => id} = json_response(conn, 200)
442 assert id == to_string(activity.id)
445 describe "deleting a status" do
446 test "when you created it", %{conn: conn} do
447 activity = insert(:note_activity)
448 author = User.get_by_ap_id(activity.data["actor"])
452 |> assign(:user, author)
453 |> delete("/api/v1/statuses/#{activity.id}")
455 assert %{} = json_response(conn, 200)
457 refute Activity.get_by_id(activity.id)
460 test "when you didn't create it", %{conn: conn} do
461 activity = insert(:note_activity)
466 |> assign(:user, user)
467 |> delete("/api/v1/statuses/#{activity.id}")
469 assert %{"error" => _} = json_response(conn, 403)
471 assert Activity.get_by_id(activity.id) == activity
474 test "when you're an admin or moderator", %{conn: conn} do
475 activity1 = insert(:note_activity)
476 activity2 = insert(:note_activity)
477 admin = insert(:user, info: %{is_admin: true})
478 moderator = insert(:user, info: %{is_moderator: true})
482 |> assign(:user, admin)
483 |> delete("/api/v1/statuses/#{activity1.id}")
485 assert %{} = json_response(res_conn, 200)
489 |> assign(:user, moderator)
490 |> delete("/api/v1/statuses/#{activity2.id}")
492 assert %{} = json_response(res_conn, 200)
494 refute Activity.get_by_id(activity1.id)
495 refute Activity.get_by_id(activity2.id)
499 describe "filters" do
500 test "creating a filter", %{conn: conn} do
503 filter = %Pleroma.Filter{
510 |> assign(:user, user)
511 |> post("/api/v1/filters", %{"phrase" => filter.phrase, context: filter.context})
513 assert response = json_response(conn, 200)
514 assert response["phrase"] == filter.phrase
515 assert response["context"] == filter.context
516 assert response["id"] != nil
517 assert response["id"] != ""
520 test "fetching a list of filters", %{conn: conn} do
523 query_one = %Pleroma.Filter{
530 query_two = %Pleroma.Filter{
537 {:ok, filter_one} = Pleroma.Filter.create(query_one)
538 {:ok, filter_two} = Pleroma.Filter.create(query_two)
542 |> assign(:user, user)
543 |> get("/api/v1/filters")
544 |> json_response(200)
550 filters: [filter_two, filter_one]
554 test "get a filter", %{conn: conn} do
557 query = %Pleroma.Filter{
564 {:ok, filter} = Pleroma.Filter.create(query)
568 |> assign(:user, user)
569 |> get("/api/v1/filters/#{filter.filter_id}")
571 assert _response = json_response(conn, 200)
574 test "update a filter", %{conn: conn} do
577 query = %Pleroma.Filter{
584 {:ok, _filter} = Pleroma.Filter.create(query)
586 new = %Pleroma.Filter{
593 |> assign(:user, user)
594 |> put("/api/v1/filters/#{query.filter_id}", %{
599 assert response = json_response(conn, 200)
600 assert response["phrase"] == new.phrase
601 assert response["context"] == new.context
604 test "delete a filter", %{conn: conn} do
607 query = %Pleroma.Filter{
614 {:ok, filter} = Pleroma.Filter.create(query)
618 |> assign(:user, user)
619 |> delete("/api/v1/filters/#{filter.filter_id}")
621 assert response = json_response(conn, 200)
622 assert response == %{}
627 test "creating a list", %{conn: conn} do
632 |> assign(:user, user)
633 |> post("/api/v1/lists", %{"title" => "cuties"})
635 assert %{"title" => title} = json_response(conn, 200)
636 assert title == "cuties"
639 test "adding users to a list", %{conn: conn} do
641 other_user = insert(:user)
642 {:ok, list} = Pleroma.List.create("name", user)
646 |> assign(:user, user)
647 |> post("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
649 assert %{} == json_response(conn, 200)
650 %Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
651 assert following == [other_user.follower_address]
654 test "removing users from a list", %{conn: conn} do
656 other_user = insert(:user)
657 third_user = insert(:user)
658 {:ok, list} = Pleroma.List.create("name", user)
659 {:ok, list} = Pleroma.List.follow(list, other_user)
660 {:ok, list} = Pleroma.List.follow(list, third_user)
664 |> assign(:user, user)
665 |> delete("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
667 assert %{} == json_response(conn, 200)
668 %Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
669 assert following == [third_user.follower_address]
672 test "listing users in a list", %{conn: conn} do
674 other_user = insert(:user)
675 {:ok, list} = Pleroma.List.create("name", user)
676 {:ok, list} = Pleroma.List.follow(list, other_user)
680 |> assign(:user, user)
681 |> get("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})
683 assert [%{"id" => id}] = json_response(conn, 200)
684 assert id == to_string(other_user.id)
687 test "retrieving a list", %{conn: conn} do
689 {:ok, list} = Pleroma.List.create("name", user)
693 |> assign(:user, user)
694 |> get("/api/v1/lists/#{list.id}")
696 assert %{"id" => id} = json_response(conn, 200)
697 assert id == to_string(list.id)
700 test "renaming a list", %{conn: conn} do
702 {:ok, list} = Pleroma.List.create("name", user)
706 |> assign(:user, user)
707 |> put("/api/v1/lists/#{list.id}", %{"title" => "newname"})
709 assert %{"title" => name} = json_response(conn, 200)
710 assert name == "newname"
713 test "deleting a list", %{conn: conn} do
715 {:ok, list} = Pleroma.List.create("name", user)
719 |> assign(:user, user)
720 |> delete("/api/v1/lists/#{list.id}")
722 assert %{} = json_response(conn, 200)
723 assert is_nil(Repo.get(Pleroma.List, list.id))
726 test "list timeline", %{conn: conn} do
728 other_user = insert(:user)
729 {:ok, _activity_one} = TwitterAPI.create_status(user, %{"status" => "Marisa is cute."})
730 {:ok, activity_two} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
731 {:ok, list} = Pleroma.List.create("name", user)
732 {:ok, list} = Pleroma.List.follow(list, other_user)
736 |> assign(:user, user)
737 |> get("/api/v1/timelines/list/#{list.id}")
739 assert [%{"id" => id}] = json_response(conn, 200)
741 assert id == to_string(activity_two.id)
744 test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
746 other_user = insert(:user)
747 {:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
749 {:ok, _activity_two} =
750 TwitterAPI.create_status(other_user, %{
751 "status" => "Marisa is cute.",
752 "visibility" => "private"
755 {:ok, list} = Pleroma.List.create("name", user)
756 {:ok, list} = Pleroma.List.follow(list, other_user)
760 |> assign(:user, user)
761 |> get("/api/v1/timelines/list/#{list.id}")
763 assert [%{"id" => id}] = json_response(conn, 200)
765 assert id == to_string(activity_one.id)
769 describe "notifications" do
770 test "list of notifications", %{conn: conn} do
772 other_user = insert(:user)
775 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
777 {:ok, [_notification]} = Notification.create_notifications(activity)
781 |> assign(:user, user)
782 |> get("/api/v1/notifications")
785 "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
787 }\">@<span>#{user.nickname}</span></a></span>"
789 assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200)
790 assert response == expected_response
793 test "getting a single notification", %{conn: conn} do
795 other_user = insert(:user)
798 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
800 {:ok, [notification]} = Notification.create_notifications(activity)
804 |> assign(:user, user)
805 |> get("/api/v1/notifications/#{notification.id}")
808 "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
810 }\">@<span>#{user.nickname}</span></a></span>"
812 assert %{"status" => %{"content" => response}} = json_response(conn, 200)
813 assert response == expected_response
816 test "dismissing a single notification", %{conn: conn} do
818 other_user = insert(:user)
821 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
823 {:ok, [notification]} = Notification.create_notifications(activity)
827 |> assign(:user, user)
828 |> post("/api/v1/notifications/dismiss", %{"id" => notification.id})
830 assert %{} = json_response(conn, 200)
833 test "clearing all notifications", %{conn: conn} do
835 other_user = insert(:user)
838 TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
840 {:ok, [_notification]} = Notification.create_notifications(activity)
844 |> assign(:user, user)
845 |> post("/api/v1/notifications/clear")
847 assert %{} = json_response(conn, 200)
851 |> assign(:user, user)
852 |> get("/api/v1/notifications")
854 assert all = json_response(conn, 200)
858 test "paginates notifications using min_id, since_id, max_id, and limit", %{conn: conn} do
860 other_user = insert(:user)
862 {:ok, activity1} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
863 {:ok, activity2} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
864 {:ok, activity3} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
865 {:ok, activity4} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
867 notification1_id = Repo.get_by(Notification, activity_id: activity1.id).id |> to_string()
868 notification2_id = Repo.get_by(Notification, activity_id: activity2.id).id |> to_string()
869 notification3_id = Repo.get_by(Notification, activity_id: activity3.id).id |> to_string()
870 notification4_id = Repo.get_by(Notification, activity_id: activity4.id).id |> to_string()
874 |> assign(:user, user)
879 |> get("/api/v1/notifications?limit=2&min_id=#{notification1_id}")
881 result = json_response(conn_res, 200)
882 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
887 |> get("/api/v1/notifications?limit=2&since_id=#{notification1_id}")
889 result = json_response(conn_res, 200)
890 assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
895 |> get("/api/v1/notifications?limit=2&max_id=#{notification4_id}")
897 result = json_response(conn_res, 200)
898 assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
901 test "filters notifications using exclude_types", %{conn: conn} do
903 other_user = insert(:user)
905 {:ok, mention_activity} = CommonAPI.post(other_user, %{"status" => "hey @#{user.nickname}"})
906 {:ok, create_activity} = CommonAPI.post(user, %{"status" => "hey"})
907 {:ok, favorite_activity, _} = CommonAPI.favorite(create_activity.id, other_user)
908 {:ok, reblog_activity, _} = CommonAPI.repeat(create_activity.id, other_user)
909 {:ok, _, _, follow_activity} = CommonAPI.follow(other_user, user)
911 mention_notification_id =
912 Repo.get_by(Notification, activity_id: mention_activity.id).id |> to_string()
914 favorite_notification_id =
915 Repo.get_by(Notification, activity_id: favorite_activity.id).id |> to_string()
917 reblog_notification_id =
918 Repo.get_by(Notification, activity_id: reblog_activity.id).id |> to_string()
920 follow_notification_id =
921 Repo.get_by(Notification, activity_id: follow_activity.id).id |> to_string()
925 |> assign(:user, user)
928 get(conn, "/api/v1/notifications", %{exclude_types: ["mention", "favourite", "reblog"]})
930 assert [%{"id" => ^follow_notification_id}] = json_response(conn_res, 200)
933 get(conn, "/api/v1/notifications", %{exclude_types: ["favourite", "reblog", "follow"]})
935 assert [%{"id" => ^mention_notification_id}] = json_response(conn_res, 200)
938 get(conn, "/api/v1/notifications", %{exclude_types: ["reblog", "follow", "mention"]})
940 assert [%{"id" => ^favorite_notification_id}] = json_response(conn_res, 200)
943 get(conn, "/api/v1/notifications", %{exclude_types: ["follow", "mention", "favourite"]})
945 assert [%{"id" => ^reblog_notification_id}] = json_response(conn_res, 200)
949 describe "reblogging" do
950 test "reblogs and returns the reblogged status", %{conn: conn} do
951 activity = insert(:note_activity)
956 |> assign(:user, user)
957 |> post("/api/v1/statuses/#{activity.id}/reblog")
959 assert %{"reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1}} =
960 json_response(conn, 200)
962 assert to_string(activity.id) == id
966 describe "unreblogging" do
967 test "unreblogs and returns the unreblogged status", %{conn: conn} do
968 activity = insert(:note_activity)
971 {:ok, _, _} = CommonAPI.repeat(activity.id, user)
975 |> assign(:user, user)
976 |> post("/api/v1/statuses/#{activity.id}/unreblog")
978 assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} = json_response(conn, 200)
980 assert to_string(activity.id) == id
984 describe "favoriting" do
985 test "favs a status and returns it", %{conn: conn} do
986 activity = insert(:note_activity)
991 |> assign(:user, user)
992 |> post("/api/v1/statuses/#{activity.id}/favourite")
994 assert %{"id" => id, "favourites_count" => 1, "favourited" => true} =
995 json_response(conn, 200)
997 assert to_string(activity.id) == id
1000 test "returns 500 for a wrong id", %{conn: conn} do
1001 user = insert(:user)
1005 |> assign(:user, user)
1006 |> post("/api/v1/statuses/1/favourite")
1007 |> json_response(500)
1009 assert resp == "Something went wrong"
1013 describe "unfavoriting" do
1014 test "unfavorites a status and returns it", %{conn: conn} do
1015 activity = insert(:note_activity)
1016 user = insert(:user)
1018 {:ok, _, _} = CommonAPI.favorite(activity.id, user)
1022 |> assign(:user, user)
1023 |> post("/api/v1/statuses/#{activity.id}/unfavourite")
1025 assert %{"id" => id, "favourites_count" => 0, "favourited" => false} =
1026 json_response(conn, 200)
1028 assert to_string(activity.id) == id
1032 describe "user timelines" do
1033 test "gets a users statuses", %{conn: conn} do
1034 user_one = insert(:user)
1035 user_two = insert(:user)
1036 user_three = insert(:user)
1038 {:ok, user_three} = User.follow(user_three, user_one)
1040 {:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"})
1042 {:ok, direct_activity} =
1043 CommonAPI.post(user_one, %{
1044 "status" => "Hi, @#{user_two.nickname}.",
1045 "visibility" => "direct"
1048 {:ok, private_activity} =
1049 CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"})
1053 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1055 assert [%{"id" => id}] = json_response(resp, 200)
1056 assert id == to_string(activity.id)
1060 |> assign(:user, user_two)
1061 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1063 assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
1064 assert id_one == to_string(direct_activity.id)
1065 assert id_two == to_string(activity.id)
1069 |> assign(:user, user_three)
1070 |> get("/api/v1/accounts/#{user_one.id}/statuses")
1072 assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
1073 assert id_one == to_string(private_activity.id)
1074 assert id_two == to_string(activity.id)
1077 test "unimplemented pinned statuses feature", %{conn: conn} do
1078 note = insert(:note_activity)
1079 user = User.get_by_ap_id(note.data["actor"])
1083 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1085 assert json_response(conn, 200) == []
1088 test "gets an users media", %{conn: conn} do
1089 note = insert(:note_activity)
1090 user = User.get_by_ap_id(note.data["actor"])
1092 file = %Plug.Upload{
1093 content_type: "image/jpg",
1094 path: Path.absname("test/fixtures/image.jpg"),
1095 filename: "an_image.jpg"
1099 TwitterAPI.upload(file, user, "json")
1103 TwitterAPI.create_status(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})
1107 |> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "true"})
1109 assert [%{"id" => id}] = json_response(conn, 200)
1110 assert id == to_string(image_post.id)
1114 |> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "1"})
1116 assert [%{"id" => id}] = json_response(conn, 200)
1117 assert id == to_string(image_post.id)
1120 test "gets a user's statuses without reblogs", %{conn: conn} do
1121 user = insert(:user)
1122 {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"})
1123 {:ok, _, _} = CommonAPI.repeat(post.id, user)
1127 |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"})
1129 assert [%{"id" => id}] = json_response(conn, 200)
1130 assert id == to_string(post.id)
1134 |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"})
1136 assert [%{"id" => id}] = json_response(conn, 200)
1137 assert id == to_string(post.id)
1141 describe "user relationships" do
1142 test "returns the relationships for the current user", %{conn: conn} do
1143 user = insert(:user)
1144 other_user = insert(:user)
1145 {:ok, user} = User.follow(user, other_user)
1149 |> assign(:user, user)
1150 |> get("/api/v1/accounts/relationships", %{"id" => [other_user.id]})
1152 assert [relationship] = json_response(conn, 200)
1154 assert to_string(other_user.id) == relationship["id"]
1158 describe "locked accounts" do
1159 test "/api/v1/follow_requests works" do
1160 user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
1161 other_user = insert(:user)
1163 {:ok, _activity} = ActivityPub.follow(other_user, user)
1165 user = User.get_by_id(user.id)
1166 other_user = User.get_by_id(other_user.id)
1168 assert User.following?(other_user, user) == false
1172 |> assign(:user, user)
1173 |> get("/api/v1/follow_requests")
1175 assert [relationship] = json_response(conn, 200)
1176 assert to_string(other_user.id) == relationship["id"]
1179 test "/api/v1/follow_requests/:id/authorize works" do
1180 user = insert(:user, %{info: %User.Info{locked: true}})
1181 other_user = insert(:user)
1183 {:ok, _activity} = ActivityPub.follow(other_user, user)
1185 user = User.get_by_id(user.id)
1186 other_user = User.get_by_id(other_user.id)
1188 assert User.following?(other_user, user) == false
1192 |> assign(:user, user)
1193 |> post("/api/v1/follow_requests/#{other_user.id}/authorize")
1195 assert relationship = json_response(conn, 200)
1196 assert to_string(other_user.id) == relationship["id"]
1198 user = User.get_by_id(user.id)
1199 other_user = User.get_by_id(other_user.id)
1201 assert User.following?(other_user, user) == true
1204 test "verify_credentials", %{conn: conn} do
1205 user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "private"}})
1209 |> assign(:user, user)
1210 |> get("/api/v1/accounts/verify_credentials")
1212 assert %{"id" => id, "source" => %{"privacy" => "private"}} = json_response(conn, 200)
1213 assert id == to_string(user.id)
1216 test "/api/v1/follow_requests/:id/reject works" do
1217 user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
1218 other_user = insert(:user)
1220 {:ok, _activity} = ActivityPub.follow(other_user, user)
1222 user = User.get_by_id(user.id)
1226 |> assign(:user, user)
1227 |> post("/api/v1/follow_requests/#{other_user.id}/reject")
1229 assert relationship = json_response(conn, 200)
1230 assert to_string(other_user.id) == relationship["id"]
1232 user = User.get_by_id(user.id)
1233 other_user = User.get_by_id(other_user.id)
1235 assert User.following?(other_user, user) == false
1239 test "account fetching", %{conn: conn} do
1240 user = insert(:user)
1244 |> get("/api/v1/accounts/#{user.id}")
1246 assert %{"id" => id} = json_response(conn, 200)
1247 assert id == to_string(user.id)
1251 |> get("/api/v1/accounts/-1")
1253 assert %{"error" => "Can't find user"} = json_response(conn, 404)
1256 test "account fetching also works nickname", %{conn: conn} do
1257 user = insert(:user)
1261 |> get("/api/v1/accounts/#{user.nickname}")
1263 assert %{"id" => id} = json_response(conn, 200)
1264 assert id == user.id
1267 test "media upload", %{conn: conn} do
1268 file = %Plug.Upload{
1269 content_type: "image/jpg",
1270 path: Path.absname("test/fixtures/image.jpg"),
1271 filename: "an_image.jpg"
1274 desc = "Description of the image"
1276 user = insert(:user)
1280 |> assign(:user, user)
1281 |> post("/api/v1/media", %{"file" => file, "description" => desc})
1283 assert media = json_response(conn, 200)
1285 assert media["type"] == "image"
1286 assert media["description"] == desc
1289 object = Repo.get(Object, media["id"])
1290 assert object.data["actor"] == User.ap_id(user)
1293 test "hashtag timeline", %{conn: conn} do
1294 following = insert(:user)
1297 {:ok, activity} = TwitterAPI.create_status(following, %{"status" => "test #2hu"})
1299 {:ok, [_activity]} =
1300 OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
1304 |> get("/api/v1/timelines/tag/2hu")
1306 assert [%{"id" => id}] = json_response(nconn, 200)
1308 assert id == to_string(activity.id)
1310 # works for different capitalization too
1313 |> get("/api/v1/timelines/tag/2HU")
1315 assert [%{"id" => id}] = json_response(nconn, 200)
1317 assert id == to_string(activity.id)
1321 test "multi-hashtag timeline", %{conn: conn} do
1322 user = insert(:user)
1324 {:ok, activity_test} = CommonAPI.post(user, %{"status" => "#test"})
1325 {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"})
1326 {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"})
1330 |> get("/api/v1/timelines/tag/test", %{"any" => ["test1"]})
1332 [status_none, status_test1, status_test] = json_response(any_test, 200)
1334 assert to_string(activity_test.id) == status_test["id"]
1335 assert to_string(activity_test1.id) == status_test1["id"]
1336 assert to_string(activity_none.id) == status_none["id"]
1340 |> get("/api/v1/timelines/tag/test", %{"all" => ["test1"], "none" => ["none"]})
1342 assert [status_test1] == json_response(restricted_test, 200)
1344 all_test = conn |> get("/api/v1/timelines/tag/test", %{"all" => ["none"]})
1346 assert [status_none] == json_response(all_test, 200)
1349 test "getting followers", %{conn: conn} do
1350 user = insert(:user)
1351 other_user = insert(:user)
1352 {:ok, user} = User.follow(user, other_user)
1356 |> get("/api/v1/accounts/#{other_user.id}/followers")
1358 assert [%{"id" => id}] = json_response(conn, 200)
1359 assert id == to_string(user.id)
1362 test "getting followers, hide_followers", %{conn: conn} do
1363 user = insert(:user)
1364 other_user = insert(:user, %{info: %{hide_followers: true}})
1365 {:ok, _user} = User.follow(user, other_user)
1369 |> get("/api/v1/accounts/#{other_user.id}/followers")
1371 assert [] == json_response(conn, 200)
1374 test "getting followers, hide_followers, same user requesting", %{conn: conn} do
1375 user = insert(:user)
1376 other_user = insert(:user, %{info: %{hide_followers: true}})
1377 {:ok, _user} = User.follow(user, other_user)
1381 |> assign(:user, other_user)
1382 |> get("/api/v1/accounts/#{other_user.id}/followers")
1384 refute [] == json_response(conn, 200)
1387 test "getting followers, pagination", %{conn: conn} do
1388 user = insert(:user)
1389 follower1 = insert(:user)
1390 follower2 = insert(:user)
1391 follower3 = insert(:user)
1392 {:ok, _} = User.follow(follower1, user)
1393 {:ok, _} = User.follow(follower2, user)
1394 {:ok, _} = User.follow(follower3, user)
1398 |> assign(:user, user)
1402 |> get("/api/v1/accounts/#{user.id}/followers?since_id=#{follower1.id}")
1404 assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200)
1405 assert id3 == follower3.id
1406 assert id2 == follower2.id
1410 |> get("/api/v1/accounts/#{user.id}/followers?max_id=#{follower3.id}")
1412 assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200)
1413 assert id2 == follower2.id
1414 assert id1 == follower1.id
1418 |> get("/api/v1/accounts/#{user.id}/followers?limit=1&max_id=#{follower3.id}")
1420 assert [%{"id" => id2}] = json_response(res_conn, 200)
1421 assert id2 == follower2.id
1423 assert [link_header] = get_resp_header(res_conn, "link")
1424 assert link_header =~ ~r/since_id=#{follower2.id}/
1425 assert link_header =~ ~r/max_id=#{follower2.id}/
1428 test "getting following", %{conn: conn} do
1429 user = insert(:user)
1430 other_user = insert(:user)
1431 {:ok, user} = User.follow(user, other_user)
1435 |> get("/api/v1/accounts/#{user.id}/following")
1437 assert [%{"id" => id}] = json_response(conn, 200)
1438 assert id == to_string(other_user.id)
1441 test "getting following, hide_follows", %{conn: conn} do
1442 user = insert(:user, %{info: %{hide_follows: true}})
1443 other_user = insert(:user)
1444 {:ok, user} = User.follow(user, other_user)
1448 |> get("/api/v1/accounts/#{user.id}/following")
1450 assert [] == json_response(conn, 200)
1453 test "getting following, hide_follows, same user requesting", %{conn: conn} do
1454 user = insert(:user, %{info: %{hide_follows: true}})
1455 other_user = insert(:user)
1456 {:ok, user} = User.follow(user, other_user)
1460 |> assign(:user, user)
1461 |> get("/api/v1/accounts/#{user.id}/following")
1463 refute [] == json_response(conn, 200)
1466 test "getting following, pagination", %{conn: conn} do
1467 user = insert(:user)
1468 following1 = insert(:user)
1469 following2 = insert(:user)
1470 following3 = insert(:user)
1471 {:ok, _} = User.follow(user, following1)
1472 {:ok, _} = User.follow(user, following2)
1473 {:ok, _} = User.follow(user, following3)
1477 |> assign(:user, user)
1481 |> get("/api/v1/accounts/#{user.id}/following?since_id=#{following1.id}")
1483 assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200)
1484 assert id3 == following3.id
1485 assert id2 == following2.id
1489 |> get("/api/v1/accounts/#{user.id}/following?max_id=#{following3.id}")
1491 assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200)
1492 assert id2 == following2.id
1493 assert id1 == following1.id
1497 |> get("/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}")
1499 assert [%{"id" => id2}] = json_response(res_conn, 200)
1500 assert id2 == following2.id
1502 assert [link_header] = get_resp_header(res_conn, "link")
1503 assert link_header =~ ~r/since_id=#{following2.id}/
1504 assert link_header =~ ~r/max_id=#{following2.id}/
1507 test "following / unfollowing a user", %{conn: conn} do
1508 user = insert(:user)
1509 other_user = insert(:user)
1513 |> assign(:user, user)
1514 |> post("/api/v1/accounts/#{other_user.id}/follow")
1516 assert %{"id" => _id, "following" => true} = json_response(conn, 200)
1518 user = User.get_by_id(user.id)
1522 |> assign(:user, user)
1523 |> post("/api/v1/accounts/#{other_user.id}/unfollow")
1525 assert %{"id" => _id, "following" => false} = json_response(conn, 200)
1527 user = User.get_by_id(user.id)
1531 |> assign(:user, user)
1532 |> post("/api/v1/follows", %{"uri" => other_user.nickname})
1534 assert %{"id" => id} = json_response(conn, 200)
1535 assert id == to_string(other_user.id)
1538 test "muting / unmuting a user", %{conn: conn} do
1539 user = insert(:user)
1540 other_user = insert(:user)
1544 |> assign(:user, user)
1545 |> post("/api/v1/accounts/#{other_user.id}/mute")
1547 assert %{"id" => _id, "muting" => true} = json_response(conn, 200)
1549 user = User.get_by_id(user.id)
1553 |> assign(:user, user)
1554 |> post("/api/v1/accounts/#{other_user.id}/unmute")
1556 assert %{"id" => _id, "muting" => false} = json_response(conn, 200)
1559 test "getting a list of mutes", %{conn: conn} do
1560 user = insert(:user)
1561 other_user = insert(:user)
1563 {:ok, user} = User.mute(user, other_user)
1567 |> assign(:user, user)
1568 |> get("/api/v1/mutes")
1570 other_user_id = to_string(other_user.id)
1571 assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
1574 test "blocking / unblocking a user", %{conn: conn} do
1575 user = insert(:user)
1576 other_user = insert(:user)
1580 |> assign(:user, user)
1581 |> post("/api/v1/accounts/#{other_user.id}/block")
1583 assert %{"id" => _id, "blocking" => true} = json_response(conn, 200)
1585 user = User.get_by_id(user.id)
1589 |> assign(:user, user)
1590 |> post("/api/v1/accounts/#{other_user.id}/unblock")
1592 assert %{"id" => _id, "blocking" => false} = json_response(conn, 200)
1595 test "getting a list of blocks", %{conn: conn} do
1596 user = insert(:user)
1597 other_user = insert(:user)
1599 {:ok, user} = User.block(user, other_user)
1603 |> assign(:user, user)
1604 |> get("/api/v1/blocks")
1606 other_user_id = to_string(other_user.id)
1607 assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
1610 test "blocking / unblocking a domain", %{conn: conn} do
1611 user = insert(:user)
1612 other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
1616 |> assign(:user, user)
1617 |> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
1619 assert %{} = json_response(conn, 200)
1620 user = User.get_cached_by_ap_id(user.ap_id)
1621 assert User.blocks?(user, other_user)
1625 |> assign(:user, user)
1626 |> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
1628 assert %{} = json_response(conn, 200)
1629 user = User.get_cached_by_ap_id(user.ap_id)
1630 refute User.blocks?(user, other_user)
1633 test "getting a list of domain blocks", %{conn: conn} do
1634 user = insert(:user)
1636 {:ok, user} = User.block_domain(user, "bad.site")
1637 {:ok, user} = User.block_domain(user, "even.worse.site")
1641 |> assign(:user, user)
1642 |> get("/api/v1/domain_blocks")
1644 domain_blocks = json_response(conn, 200)
1646 assert "bad.site" in domain_blocks
1647 assert "even.worse.site" in domain_blocks
1650 test "unimplemented follow_requests, blocks, domain blocks" do
1651 user = insert(:user)
1653 ["blocks", "domain_blocks", "follow_requests"]
1654 |> Enum.each(fn endpoint ->
1657 |> assign(:user, user)
1658 |> get("/api/v1/#{endpoint}")
1660 assert [] = json_response(conn, 200)
1664 test "account search", %{conn: conn} do
1665 user = insert(:user)
1666 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1667 user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
1671 |> assign(:user, user)
1672 |> get("/api/v1/accounts/search", %{"q" => "shp"})
1673 |> json_response(200)
1675 result_ids = for result <- results, do: result["acct"]
1677 assert user_two.nickname in result_ids
1678 assert user_three.nickname in result_ids
1682 |> assign(:user, user)
1683 |> get("/api/v1/accounts/search", %{"q" => "2hu"})
1684 |> json_response(200)
1686 result_ids = for result <- results, do: result["acct"]
1688 assert user_three.nickname in result_ids
1691 test "search", %{conn: conn} do
1692 user = insert(:user)
1693 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1694 user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
1696 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
1699 CommonAPI.post(user, %{
1700 "status" => "This is about 2hu, but private",
1701 "visibility" => "private"
1704 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
1708 |> get("/api/v1/search", %{"q" => "2hu"})
1710 assert results = json_response(conn, 200)
1712 [account | _] = results["accounts"]
1713 assert account["id"] == to_string(user_three.id)
1715 assert results["hashtags"] == []
1717 [status] = results["statuses"]
1718 assert status["id"] == to_string(activity.id)
1721 test "search fetches remote statuses", %{conn: conn} do
1725 |> get("/api/v1/search", %{"q" => "https://shitposter.club/notice/2827873"})
1727 assert results = json_response(conn, 200)
1729 [status] = results["statuses"]
1730 assert status["uri"] == "tag:shitposter.club,2017-05-05:noticeId=2827873:objectType=comment"
1734 test "search doesn't show statuses that it shouldn't", %{conn: conn} do
1736 CommonAPI.post(insert(:user), %{
1737 "status" => "This is about 2hu, but private",
1738 "visibility" => "private"
1744 |> get("/api/v1/search", %{"q" => activity.data["object"]["id"]})
1746 assert results = json_response(conn, 200)
1748 [] = results["statuses"]
1752 test "search fetches remote accounts", %{conn: conn} do
1755 |> get("/api/v1/search", %{"q" => "shp@social.heldscal.la", "resolve" => "true"})
1757 assert results = json_response(conn, 200)
1758 [account] = results["accounts"]
1759 assert account["acct"] == "shp@social.heldscal.la"
1762 test "returns the favorites of a user", %{conn: conn} do
1763 user = insert(:user)
1764 other_user = insert(:user)
1766 {:ok, _} = CommonAPI.post(other_user, %{"status" => "bla"})
1767 {:ok, activity} = CommonAPI.post(other_user, %{"status" => "traps are happy"})
1769 {:ok, _, _} = CommonAPI.favorite(activity.id, user)
1773 |> assign(:user, user)
1774 |> get("/api/v1/favourites")
1776 assert [status] = json_response(first_conn, 200)
1777 assert status["id"] == to_string(activity.id)
1779 assert [{"link", _link_header}] =
1780 Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end)
1782 # Honours query params
1783 {:ok, second_activity} =
1784 CommonAPI.post(other_user, %{
1786 "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful."
1789 {:ok, _, _} = CommonAPI.favorite(second_activity.id, user)
1791 last_like = status["id"]
1795 |> assign(:user, user)
1796 |> get("/api/v1/favourites?since_id=#{last_like}")
1798 assert [second_status] = json_response(second_conn, 200)
1799 assert second_status["id"] == to_string(second_activity.id)
1803 |> assign(:user, user)
1804 |> get("/api/v1/favourites?limit=0")
1806 assert [] = json_response(third_conn, 200)
1809 describe "updating credentials" do
1810 test "updates the user's bio", %{conn: conn} do
1811 user = insert(:user)
1812 user2 = insert(:user)
1816 |> assign(:user, user)
1817 |> patch("/api/v1/accounts/update_credentials", %{
1818 "note" => "I drink #cofe with @#{user2.nickname}"
1821 assert user = json_response(conn, 200)
1823 assert user["note"] ==
1824 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe" rel="tag">#cofe</a> with <span class="h-card"><a data-user=") <>
1826 ~s(" class="u-url mention" href=") <>
1827 user2.ap_id <> ~s(">@<span>) <> user2.nickname <> ~s(</span></a></span>)
1830 test "updates the user's locking status", %{conn: conn} do
1831 user = insert(:user)
1835 |> assign(:user, user)
1836 |> patch("/api/v1/accounts/update_credentials", %{locked: "true"})
1838 assert user = json_response(conn, 200)
1839 assert user["locked"] == true
1842 test "updates the user's name", %{conn: conn} do
1843 user = insert(:user)
1847 |> assign(:user, user)
1848 |> patch("/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
1850 assert user = json_response(conn, 200)
1851 assert user["display_name"] == "markorepairs"
1854 test "updates the user's avatar", %{conn: conn} do
1855 user = insert(:user)
1857 new_avatar = %Plug.Upload{
1858 content_type: "image/jpg",
1859 path: Path.absname("test/fixtures/image.jpg"),
1860 filename: "an_image.jpg"
1865 |> assign(:user, user)
1866 |> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
1868 assert user_response = json_response(conn, 200)
1869 assert user_response["avatar"] != User.avatar_url(user)
1872 test "updates the user's banner", %{conn: conn} do
1873 user = insert(:user)
1875 new_header = %Plug.Upload{
1876 content_type: "image/jpg",
1877 path: Path.absname("test/fixtures/image.jpg"),
1878 filename: "an_image.jpg"
1883 |> assign(:user, user)
1884 |> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})
1886 assert user_response = json_response(conn, 200)
1887 assert user_response["header"] != User.banner_url(user)
1890 test "requires 'write' permission", %{conn: conn} do
1891 token1 = insert(:oauth_token, scopes: ["read"])
1892 token2 = insert(:oauth_token, scopes: ["write", "follow"])
1894 for token <- [token1, token2] do
1897 |> put_req_header("authorization", "Bearer #{token.token}")
1898 |> patch("/api/v1/accounts/update_credentials", %{})
1900 if token == token1 do
1901 assert %{"error" => "Insufficient permissions: write."} == json_response(conn, 403)
1903 assert json_response(conn, 200)
1909 test "get instance information", %{conn: conn} do
1910 conn = get(conn, "/api/v1/instance")
1911 assert result = json_response(conn, 200)
1913 email = Pleroma.Config.get([:instance, :email])
1914 # Note: not checking for "max_toot_chars" since it's optional
1920 "email" => from_config_email,
1922 "streaming_api" => _
1927 "registrations" => _
1930 assert email == from_config_email
1933 test "get instance stats", %{conn: conn} do
1934 user = insert(:user, %{local: true})
1936 user2 = insert(:user, %{local: true})
1937 {:ok, _user2} = User.deactivate(user2, !user2.info.deactivated)
1939 insert(:user, %{local: false, nickname: "u@peer1.com"})
1940 insert(:user, %{local: false, nickname: "u@peer2.com"})
1942 {:ok, _} = TwitterAPI.create_status(user, %{"status" => "cofe"})
1944 # Stats should count users with missing or nil `info.deactivated` value
1945 user = User.get_by_id(user.id)
1946 info_change = Changeset.change(user.info, %{deactivated: nil})
1950 |> Changeset.change()
1951 |> Changeset.put_embed(:info, info_change)
1952 |> User.update_and_set_cache()
1954 Pleroma.Stats.update_stats()
1956 conn = get(conn, "/api/v1/instance")
1958 assert result = json_response(conn, 200)
1960 stats = result["stats"]
1963 assert stats["user_count"] == 1
1964 assert stats["status_count"] == 1
1965 assert stats["domain_count"] == 2
1968 test "get peers", %{conn: conn} do
1969 insert(:user, %{local: false, nickname: "u@peer1.com"})
1970 insert(:user, %{local: false, nickname: "u@peer2.com"})
1972 Pleroma.Stats.update_stats()
1974 conn = get(conn, "/api/v1/instance/peers")
1976 assert result = json_response(conn, 200)
1978 assert ["peer1.com", "peer2.com"] == Enum.sort(result)
1981 test "put settings", %{conn: conn} do
1982 user = insert(:user)
1986 |> assign(:user, user)
1987 |> put("/api/web/settings", %{"data" => %{"programming" => "socks"}})
1989 assert _result = json_response(conn, 200)
1991 user = User.get_cached_by_ap_id(user.ap_id)
1992 assert user.info.settings == %{"programming" => "socks"}
1995 describe "pinned statuses" do
1997 Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
1999 user = insert(:user)
2000 {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"})
2002 [user: user, activity: activity]
2005 test "returns pinned statuses", %{conn: conn, user: user, activity: activity} do
2006 {:ok, _} = CommonAPI.pin(activity.id, user)
2010 |> assign(:user, user)
2011 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2012 |> json_response(200)
2014 id_str = to_string(activity.id)
2016 assert [%{"id" => ^id_str, "pinned" => true}] = result
2019 test "pin status", %{conn: conn, user: user, activity: activity} do
2020 id_str = to_string(activity.id)
2022 assert %{"id" => ^id_str, "pinned" => true} =
2024 |> assign(:user, user)
2025 |> post("/api/v1/statuses/#{activity.id}/pin")
2026 |> json_response(200)
2028 assert [%{"id" => ^id_str, "pinned" => true}] =
2030 |> assign(:user, user)
2031 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2032 |> json_response(200)
2035 test "unpin status", %{conn: conn, user: user, activity: activity} do
2036 {:ok, _} = CommonAPI.pin(activity.id, user)
2038 id_str = to_string(activity.id)
2039 user = refresh_record(user)
2041 assert %{"id" => ^id_str, "pinned" => false} =
2043 |> assign(:user, user)
2044 |> post("/api/v1/statuses/#{activity.id}/unpin")
2045 |> json_response(200)
2049 |> assign(:user, user)
2050 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
2051 |> json_response(200)
2054 test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
2055 {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})
2057 id_str_one = to_string(activity_one.id)
2059 assert %{"id" => ^id_str_one, "pinned" => true} =
2061 |> assign(:user, user)
2062 |> post("/api/v1/statuses/#{id_str_one}/pin")
2063 |> json_response(200)
2065 user = refresh_record(user)
2067 assert %{"error" => "You have already pinned the maximum number of statuses"} =
2069 |> assign(:user, user)
2070 |> post("/api/v1/statuses/#{activity_two.id}/pin")
2071 |> json_response(400)
2074 test "Status rich-media Card", %{conn: conn, user: user} do
2075 Pleroma.Config.put([:rich_media, :enabled], true)
2076 {:ok, activity} = CommonAPI.post(user, %{"status" => "http://example.com/ogp"})
2080 |> get("/api/v1/statuses/#{activity.id}/card")
2081 |> json_response(200)
2083 assert response == %{
2084 "image" => "http://ia.media-imdb.com/images/rock.jpg",
2085 "provider_name" => "www.imdb.com",
2086 "provider_url" => "http://www.imdb.com",
2087 "title" => "The Rock",
2089 "url" => "http://www.imdb.com/title/tt0117500/",
2090 "description" => nil,
2093 "image" => "http://ia.media-imdb.com/images/rock.jpg",
2094 "title" => "The Rock",
2095 "type" => "video.movie",
2096 "url" => "http://www.imdb.com/title/tt0117500/"
2101 # works with private posts
2103 CommonAPI.post(user, %{"status" => "http://example.com/ogp", "visibility" => "direct"})
2107 |> assign(:user, user)
2108 |> get("/api/v1/statuses/#{activity.id}/card")
2109 |> json_response(200)
2111 assert response_two == response
2113 Pleroma.Config.put([:rich_media, :enabled], false)
2118 user = insert(:user)
2119 for_user = insert(:user)
2122 CommonAPI.post(user, %{
2123 "status" => "heweoo?"
2127 CommonAPI.post(user, %{
2128 "status" => "heweoo!"
2133 |> assign(:user, for_user)
2134 |> post("/api/v1/statuses/#{activity1.id}/bookmark")
2136 assert json_response(response1, 200)["bookmarked"] == true
2140 |> assign(:user, for_user)
2141 |> post("/api/v1/statuses/#{activity2.id}/bookmark")
2143 assert json_response(response2, 200)["bookmarked"] == true
2147 |> assign(:user, for_user)
2148 |> get("/api/v1/bookmarks")
2150 assert [json_response(response2, 200), json_response(response1, 200)] ==
2151 json_response(bookmarks, 200)
2155 |> assign(:user, for_user)
2156 |> post("/api/v1/statuses/#{activity1.id}/unbookmark")
2158 assert json_response(response1, 200)["bookmarked"] == false
2162 |> assign(:user, for_user)
2163 |> get("/api/v1/bookmarks")
2165 assert [json_response(response2, 200)] == json_response(bookmarks, 200)
2168 describe "conversation muting" do
2170 user = insert(:user)
2171 {:ok, activity} = CommonAPI.post(user, %{"status" => "HIE"})
2173 [user: user, activity: activity]
2176 test "mute conversation", %{conn: conn, user: user, activity: activity} do
2177 id_str = to_string(activity.id)
2179 assert %{"id" => ^id_str, "muted" => true} =
2181 |> assign(:user, user)
2182 |> post("/api/v1/statuses/#{activity.id}/mute")
2183 |> json_response(200)
2186 test "unmute conversation", %{conn: conn, user: user, activity: activity} do
2187 {:ok, _} = CommonAPI.add_mute(user, activity)
2189 id_str = to_string(activity.id)
2190 user = refresh_record(user)
2192 assert %{"id" => ^id_str, "muted" => false} =
2194 |> assign(:user, user)
2195 |> post("/api/v1/statuses/#{activity.id}/unmute")
2196 |> json_response(200)
2200 test "flavours switching (Pleroma Extension)", %{conn: conn} do
2201 user = insert(:user)
2205 |> assign(:user, user)
2206 |> get("/api/v1/pleroma/flavour")
2208 assert "glitch" == json_response(get_old_flavour, 200)
2212 |> assign(:user, user)
2213 |> post("/api/v1/pleroma/flavour/vanilla")
2215 assert "vanilla" == json_response(set_flavour, 200)
2219 |> assign(:user, user)
2220 |> post("/api/v1/pleroma/flavour/vanilla")
2222 assert json_response(set_flavour, 200) == json_response(get_new_flavour, 200)
2225 describe "reports" do
2227 reporter = insert(:user)
2228 target_user = insert(:user)
2230 {:ok, activity} = CommonAPI.post(target_user, %{"status" => "foobar"})
2232 [reporter: reporter, target_user: target_user, activity: activity]
2235 test "submit a basic report", %{conn: conn, reporter: reporter, target_user: target_user} do
2236 assert %{"action_taken" => false, "id" => _} =
2238 |> assign(:user, reporter)
2239 |> post("/api/v1/reports", %{"account_id" => target_user.id})
2240 |> json_response(200)
2243 test "submit a report with statuses and comment", %{
2246 target_user: target_user,
2249 assert %{"action_taken" => false, "id" => _} =
2251 |> assign(:user, reporter)
2252 |> post("/api/v1/reports", %{
2253 "account_id" => target_user.id,
2254 "status_ids" => [activity.id],
2255 "comment" => "bad status!"
2257 |> json_response(200)
2260 test "account_id is required", %{
2265 assert %{"error" => "Valid `account_id` required"} =
2267 |> assign(:user, reporter)
2268 |> post("/api/v1/reports", %{"status_ids" => [activity.id]})
2269 |> json_response(400)
2272 test "comment must be up to the size specified in the config", %{
2275 target_user: target_user
2277 max_size = Pleroma.Config.get([:instance, :max_report_comment_size], 1000)
2278 comment = String.pad_trailing("a", max_size + 1, "a")
2280 error = %{"error" => "Comment must be up to #{max_size} characters"}
2284 |> assign(:user, reporter)
2285 |> post("/api/v1/reports", %{"account_id" => target_user.id, "comment" => comment})
2286 |> json_response(400)
2290 describe "link headers" do
2291 test "preserves parameters in link headers", %{conn: conn} do
2292 user = insert(:user)
2293 other_user = insert(:user)
2296 CommonAPI.post(other_user, %{
2297 "status" => "hi @#{user.nickname}",
2298 "visibility" => "public"
2302 CommonAPI.post(other_user, %{
2303 "status" => "hi @#{user.nickname}",
2304 "visibility" => "public"
2307 notification1 = Repo.get_by(Notification, activity_id: activity1.id)
2308 notification2 = Repo.get_by(Notification, activity_id: activity2.id)
2312 |> assign(:user, user)
2313 |> get("/api/v1/notifications", %{media_only: true})
2315 assert [link_header] = get_resp_header(conn, "link")
2316 assert link_header =~ ~r/media_only=true/
2317 assert link_header =~ ~r/since_id=#{notification2.id}/
2318 assert link_header =~ ~r/max_id=#{notification1.id}/
2322 test "accounts fetches correct account for nicknames beginning with numbers", %{conn: conn} do
2323 # Need to set an old-style integer ID to reproduce the problem
2324 # (these are no longer assigned to new accounts but were preserved
2325 # for existing accounts during the migration to flakeIDs)
2326 user_one = insert(:user, %{id: 1212})
2327 user_two = insert(:user, %{nickname: "#{user_one.id}garbage"})
2331 |> get("/api/v1/accounts/#{user_one.id}")
2335 |> get("/api/v1/accounts/#{user_two.nickname}")
2339 |> get("/api/v1/accounts/#{user_two.id}")
2341 acc_one = json_response(resp_one, 200)
2342 acc_two = json_response(resp_two, 200)
2343 acc_three = json_response(resp_three, 200)
2344 refute acc_one == acc_two
2345 assert acc_two == acc_three
2348 describe "custom emoji" do
2349 test "with tags", %{conn: conn} do
2352 |> get("/api/v1/custom_emojis")
2353 |> json_response(200)
2355 assert Map.has_key?(emoji, "shortcode")
2356 assert Map.has_key?(emoji, "static_url")
2357 assert Map.has_key?(emoji, "tags")
2358 assert is_list(emoji["tags"])
2359 assert Map.has_key?(emoji, "url")
2360 assert Map.has_key?(emoji, "visible_in_picker")
2364 describe "index/2 redirections" do
2365 setup %{conn: conn} do
2369 signing_salt: "cooldude"
2374 |> Plug.Session.call(Plug.Session.init(session_opts))
2377 test_path = "/web/statuses/test"
2378 %{conn: conn, path: test_path}
2381 test "redirects not logged-in users to the login page", %{conn: conn, path: path} do
2382 conn = get(conn, path)
2384 assert conn.status == 302
2385 assert redirected_to(conn) == "/web/login"
2388 test "does not redirect logged in users to the login page", %{conn: conn, path: path} do
2389 token = insert(:oauth_token)
2393 |> assign(:user, token.user)
2394 |> put_session(:oauth_token, token.token)
2397 assert conn.status == 200
2400 test "saves referer path to session", %{conn: conn, path: path} do
2401 conn = get(conn, path)
2402 return_to = Plug.Conn.get_session(conn, :return_to)
2404 assert return_to == path
2407 test "redirects to the saved path after log in", %{conn: conn, path: path} do
2408 app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
2409 auth = insert(:oauth_authorization, app: app)
2413 |> put_session(:return_to, path)
2414 |> get("/web/login", %{code: auth.token})
2416 assert conn.status == 302
2417 assert redirected_to(conn) == path
2420 test "redirects to the getting-started page when referer is not present", %{conn: conn} do
2421 app = insert(:oauth_app, client_name: "Mastodon-Local", redirect_uris: ".")
2422 auth = insert(:oauth_authorization, app: app)
2424 conn = get(conn, "/web/login", %{code: auth.token})
2426 assert conn.status == 302
2427 assert redirected_to(conn) == "/web/getting-started"
2431 describe "scheduled activities" do
2432 test "creates a scheduled activity", %{conn: conn} do
2433 user = insert(:user)
2434 scheduled_at = NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2438 |> assign(:user, user)
2439 |> post("/api/v1/statuses", %{
2440 "status" => "scheduled",
2441 "scheduled_at" => scheduled_at
2444 assert %{"scheduled_at" => expected_scheduled_at} = json_response(conn, 200)
2445 assert expected_scheduled_at == Pleroma.Web.CommonAPI.Utils.to_masto_date(scheduled_at)
2446 assert [] == Repo.all(Activity)
2449 test "creates a scheduled activity with a media attachment", %{conn: conn} do
2450 user = insert(:user)
2451 scheduled_at = NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2453 file = %Plug.Upload{
2454 content_type: "image/jpg",
2455 path: Path.absname("test/fixtures/image.jpg"),
2456 filename: "an_image.jpg"
2459 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
2463 |> assign(:user, user)
2464 |> post("/api/v1/statuses", %{
2465 "media_ids" => [to_string(upload.id)],
2466 "status" => "scheduled",
2467 "scheduled_at" => scheduled_at
2470 assert %{"media_attachments" => [media_attachment]} = json_response(conn, 200)
2471 assert %{"type" => "image"} = media_attachment
2474 test "skips the scheduling and creates the activity if scheduled_at is earlier than 5 minutes from now",
2476 user = insert(:user)
2479 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(5) - 1, :millisecond)
2483 |> assign(:user, user)
2484 |> post("/api/v1/statuses", %{
2485 "status" => "not scheduled",
2486 "scheduled_at" => scheduled_at
2489 assert %{"content" => "not scheduled"} = json_response(conn, 200)
2490 assert [] == Repo.all(ScheduledActivity)
2493 test "returns error when daily user limit is exceeded", %{conn: conn} do
2494 user = insert(:user)
2497 NaiveDateTime.utc_now()
2498 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
2499 |> NaiveDateTime.to_iso8601()
2501 attrs = %{params: %{}, scheduled_at: today}
2502 {:ok, _} = ScheduledActivity.create(user, attrs)
2503 {:ok, _} = ScheduledActivity.create(user, attrs)
2507 |> assign(:user, user)
2508 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => today})
2510 assert %{"error" => "daily limit exceeded"} == json_response(conn, 422)
2513 test "returns error when total user limit is exceeded", %{conn: conn} do
2514 user = insert(:user)
2517 NaiveDateTime.utc_now()
2518 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
2519 |> NaiveDateTime.to_iso8601()
2522 NaiveDateTime.utc_now()
2523 |> NaiveDateTime.add(:timer.hours(36), :millisecond)
2524 |> NaiveDateTime.to_iso8601()
2526 attrs = %{params: %{}, scheduled_at: today}
2527 {:ok, _} = ScheduledActivity.create(user, attrs)
2528 {:ok, _} = ScheduledActivity.create(user, attrs)
2529 {:ok, _} = ScheduledActivity.create(user, %{params: %{}, scheduled_at: tomorrow})
2533 |> assign(:user, user)
2534 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => tomorrow})
2536 assert %{"error" => "total limit exceeded"} == json_response(conn, 422)
2539 test "shows scheduled activities", %{conn: conn} do
2540 user = insert(:user)
2541 scheduled_activity_id1 = insert(:scheduled_activity, user: user).id |> to_string()
2542 scheduled_activity_id2 = insert(:scheduled_activity, user: user).id |> to_string()
2543 scheduled_activity_id3 = insert(:scheduled_activity, user: user).id |> to_string()
2544 scheduled_activity_id4 = insert(:scheduled_activity, user: user).id |> to_string()
2548 |> assign(:user, user)
2553 |> get("/api/v1/scheduled_statuses?limit=2&min_id=#{scheduled_activity_id1}")
2555 result = json_response(conn_res, 200)
2556 assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
2561 |> get("/api/v1/scheduled_statuses?limit=2&since_id=#{scheduled_activity_id1}")
2563 result = json_response(conn_res, 200)
2564 assert [%{"id" => ^scheduled_activity_id4}, %{"id" => ^scheduled_activity_id3}] = result
2569 |> get("/api/v1/scheduled_statuses?limit=2&max_id=#{scheduled_activity_id4}")
2571 result = json_response(conn_res, 200)
2572 assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
2575 test "shows a scheduled activity", %{conn: conn} do
2576 user = insert(:user)
2577 scheduled_activity = insert(:scheduled_activity, user: user)
2581 |> assign(:user, user)
2582 |> get("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2584 assert %{"id" => scheduled_activity_id} = json_response(res_conn, 200)
2585 assert scheduled_activity_id == scheduled_activity.id |> to_string()
2589 |> assign(:user, user)
2590 |> get("/api/v1/scheduled_statuses/404")
2592 assert %{"error" => "Record not found"} = json_response(res_conn, 404)
2595 test "updates a scheduled activity", %{conn: conn} do
2596 user = insert(:user)
2597 scheduled_activity = insert(:scheduled_activity, user: user)
2600 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
2604 |> assign(:user, user)
2605 |> put("/api/v1/scheduled_statuses/#{scheduled_activity.id}", %{
2606 scheduled_at: new_scheduled_at
2609 assert %{"scheduled_at" => expected_scheduled_at} = json_response(res_conn, 200)
2610 assert expected_scheduled_at == Pleroma.Web.CommonAPI.Utils.to_masto_date(new_scheduled_at)
2614 |> assign(:user, user)
2615 |> put("/api/v1/scheduled_statuses/404", %{scheduled_at: new_scheduled_at})
2617 assert %{"error" => "Record not found"} = json_response(res_conn, 404)
2620 test "deletes a scheduled activity", %{conn: conn} do
2621 user = insert(:user)
2622 scheduled_activity = insert(:scheduled_activity, user: user)
2626 |> assign(:user, user)
2627 |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2629 assert %{} = json_response(res_conn, 200)
2630 assert nil == Repo.get(ScheduledActivity, scheduled_activity.id)
2634 |> assign(:user, user)
2635 |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
2637 assert %{"error" => "Record not found"} = json_response(res_conn, 404)