1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
9 alias Pleroma.UserRelationship
10 alias Pleroma.Web.CommonAPI
11 alias Pleroma.Web.MastodonAPI.AccountView
13 import Pleroma.Factory
17 mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
21 test "Represent a user account" do
23 "url" => [%{"href" => "https://example.com/images/asuka_hospital.png"}]
30 background: background_image,
31 nickname: "shp@shitposter.club",
32 name: ":karjalanpiirakka: shp",
34 "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f '&<>\"",
35 inserted_at: ~N[2017-08-15 15:47:06.597036],
36 emoji: %{"karjalanpiirakka" => "/file.png"},
37 raw_bio: "valid html. a\nb\nc\nd\nf '&<>\""
41 id: to_string(user.id),
44 display_name: user.name,
46 created_at: "2017-08-15T15:47:06.000Z",
50 note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f '&<>"",
52 avatar: "http://localhost:4001/images/avi.png",
53 avatar_static: "http://localhost:4001/images/avi.png",
54 header: "http://localhost:4001/images/banner.png",
55 header_static: "http://localhost:4001/images/banner.png",
58 static_url: "/file.png",
60 shortcode: "karjalanpiirakka",
61 visible_in_picker: false
67 note: "valid html. a\nb\nc\nd\nf '&<>\"",
77 background_image: "https://example.com/images/asuka_hospital.png",
79 "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png",
80 confirmation_pending: false,
85 hide_followers: false,
87 hide_followers_count: false,
88 hide_follows_count: false,
90 skip_thread_containment: false
94 assert expected == AccountView.render("show.json", %{user: user})
97 test "Represent the user account for the account owner" do
100 notification_settings = %{
105 privacy_option: false
108 privacy = user.default_scope
111 pleroma: %{notification_settings: ^notification_settings, allow_following_move: true},
112 source: %{privacy: ^privacy}
113 } = AccountView.render("show.json", %{user: user, for: user})
116 test "Represent a Service(bot) account" do
121 actor_type: "Service",
122 nickname: "shp@shitposter.club",
123 inserted_at: ~N[2017-08-15 15:47:06.597036]
127 id: to_string(user.id),
130 display_name: user.name,
132 created_at: "2017-08-15T15:47:06.000Z",
138 avatar: "http://localhost:4001/images/avi.png",
139 avatar_static: "http://localhost:4001/images/avi.png",
140 header: "http://localhost:4001/images/banner.png",
141 header_static: "http://localhost:4001/images/banner.png",
149 actor_type: "Service",
156 background_image: nil,
158 "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png",
159 confirmation_pending: false,
163 hide_favorites: true,
164 hide_followers: false,
166 hide_followers_count: false,
167 hide_follows_count: false,
169 skip_thread_containment: false
173 assert expected == AccountView.render("show.json", %{user: user})
176 test "Represent a Funkwhale channel" do
178 User.get_or_fetch_by_ap_id(
179 "https://channels.tests.funkwhale.audio/federation/actors/compositions"
182 assert represented = AccountView.render("show.json", %{user: user})
183 assert represented.acct == "compositions@channels.tests.funkwhale.audio"
184 assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"
187 test "Represent a deactivated user for an admin" do
188 admin = insert(:user, is_admin: true)
189 deactivated_user = insert(:user, deactivated: true)
190 represented = AccountView.render("show.json", %{user: deactivated_user, for: admin})
191 assert represented[:pleroma][:deactivated] == true
194 test "Represent a smaller mention" do
198 id: to_string(user.id),
200 username: user.nickname,
204 assert expected == AccountView.render("mention.json", %{user: user})
207 describe "relationship" do
208 defp test_relationship_rendering(user, other_user, expected_result) do
209 opts = %{user: user, target: other_user, relationships: nil}
210 assert expected_result == AccountView.render("relationship.json", opts)
212 relationships_opt = UserRelationship.view_relationships_option(user, [other_user])
213 opts = Map.put(opts, :relationships, relationships_opt)
214 assert expected_result == AccountView.render("relationship.json", opts)
216 assert [expected_result] ==
217 AccountView.render("relationships.json", %{user: user, targets: [other_user]})
226 muting_notifications: false,
229 domain_blocking: false,
230 showing_reblogs: true,
234 test "represent a relationship for the following and followed user" do
236 other_user = insert(:user)
238 {:ok, user} = User.follow(user, other_user)
239 {:ok, other_user} = User.follow(other_user, user)
240 {:ok, _subscription} = User.subscribe(user, other_user)
241 {:ok, _user_relationships} = User.mute(user, other_user, true)
242 {:ok, _reblog_mute} = CommonAPI.hide_reblogs(user, other_user)
251 muting_notifications: true,
253 showing_reblogs: false,
254 id: to_string(other_user.id)
258 test_relationship_rendering(user, other_user, expected)
261 test "represent a relationship for the blocking and blocked user" do
263 other_user = insert(:user)
265 {:ok, user} = User.follow(user, other_user)
266 {:ok, _subscription} = User.subscribe(user, other_user)
267 {:ok, _user_relationship} = User.block(user, other_user)
268 {:ok, _user_relationship} = User.block(other_user, user)
273 %{following: false, blocking: true, blocked_by: true, id: to_string(other_user.id)}
276 test_relationship_rendering(user, other_user, expected)
279 test "represent a relationship for the user blocking a domain" do
281 other_user = insert(:user, ap_id: "https://bad.site/users/other_user")
283 {:ok, user} = User.block_domain(user, "bad.site")
288 %{domain_blocking: true, blocking: false, id: to_string(other_user.id)}
291 test_relationship_rendering(user, other_user, expected)
294 test "represent a relationship for the user with a pending follow request" do
296 other_user = insert(:user, locked: true)
298 {:ok, user, other_user, _} = CommonAPI.follow(user, other_user)
299 user = User.get_cached_by_id(user.id)
300 other_user = User.get_cached_by_id(other_user.id)
305 %{requested: true, following: false, id: to_string(other_user.id)}
308 test_relationship_rendering(user, other_user, expected)
312 test "returns the settings store if the requesting user is the represented user and it's requested specifically" do
313 user = insert(:user, pleroma_settings_store: %{fe: "test"})
316 AccountView.render("show.json", %{user: user, for: user, with_pleroma_settings: true})
318 assert result.pleroma.settings_store == %{:fe => "test"}
320 result = AccountView.render("show.json", %{user: user, with_pleroma_settings: true})
321 assert result.pleroma[:settings_store] == nil
323 result = AccountView.render("show.json", %{user: user, for: user})
324 assert result.pleroma[:settings_store] == nil
327 test "doesn't sanitize display names" do
328 user = insert(:user, name: "<marquee> username </marquee>")
329 result = AccountView.render("show.json", %{user: user})
330 assert result.display_name == "<marquee> username </marquee>"
333 test "never display nil user follow counts" do
334 user = insert(:user, following_count: 0, follower_count: 0)
335 result = AccountView.render("show.json", %{user: user})
337 assert result.following_count == 0
338 assert result.followers_count == 0
341 describe "hiding follows/following" do
342 test "shows when follows/followers stats are hidden and sets follow/follower count to 0" do
345 hide_followers: true,
346 hide_followers_count: true,
348 hide_follows_count: true
351 other_user = insert(:user)
352 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
353 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
358 pleroma: %{hide_follows_count: true, hide_followers_count: true}
359 } = AccountView.render("show.json", %{user: user})
362 test "shows when follows/followers are hidden" do
363 user = insert(:user, hide_followers: true, hide_follows: true)
364 other_user = insert(:user)
365 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
366 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
371 pleroma: %{hide_follows: true, hide_followers: true}
372 } = AccountView.render("show.json", %{user: user})
375 test "shows actual follower/following count to the account owner" do
376 user = insert(:user, hide_followers: true, hide_follows: true)
377 other_user = insert(:user)
378 {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)
379 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
384 } = AccountView.render("show.json", %{user: user, for: user})
387 test "shows unread_conversation_count only to the account owner" do
389 other_user = insert(:user)
392 CommonAPI.post(other_user, %{
393 status: "Hey @#{user.nickname}.",
397 user = User.get_cached_by_ap_id(user.ap_id)
399 assert AccountView.render("show.json", %{user: user, for: other_user})[:pleroma][
400 :unread_conversation_count
403 assert AccountView.render("show.json", %{user: user, for: user})[:pleroma][
404 :unread_conversation_count
408 test "shows unread_count only to the account owner" do
410 insert_list(7, :notification, user: user)
411 other_user = insert(:user)
413 user = User.get_cached_by_ap_id(user.ap_id)
415 assert AccountView.render(
417 %{user: user, for: other_user}
418 )[:pleroma][:unread_notifications_count] == nil
420 assert AccountView.render(
422 %{user: user, for: user}
423 )[:pleroma][:unread_notifications_count] == 7
427 describe "follow requests counter" do
428 test "shows zero when no follow requests are pending" do
431 assert %{follow_requests_count: 0} =
432 AccountView.render("show.json", %{user: user, for: user})
434 other_user = insert(:user)
435 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
437 assert %{follow_requests_count: 0} =
438 AccountView.render("show.json", %{user: user, for: user})
441 test "shows non-zero when follow requests are pending" do
442 user = insert(:user, locked: true)
444 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
446 other_user = insert(:user)
447 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
449 assert %{locked: true, follow_requests_count: 1} =
450 AccountView.render("show.json", %{user: user, for: user})
453 test "decreases when accepting a follow request" do
454 user = insert(:user, locked: true)
456 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
458 other_user = insert(:user)
459 {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)
461 assert %{locked: true, follow_requests_count: 1} =
462 AccountView.render("show.json", %{user: user, for: user})
464 {:ok, _other_user} = CommonAPI.accept_follow_request(other_user, user)
466 assert %{locked: true, follow_requests_count: 0} =
467 AccountView.render("show.json", %{user: user, for: user})
470 test "decreases when rejecting a follow request" do
471 user = insert(:user, locked: true)
473 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
475 other_user = insert(:user)
476 {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)
478 assert %{locked: true, follow_requests_count: 1} =
479 AccountView.render("show.json", %{user: user, for: user})
481 {:ok, _other_user} = CommonAPI.reject_follow_request(other_user, user)
483 assert %{locked: true, follow_requests_count: 0} =
484 AccountView.render("show.json", %{user: user, for: user})
487 test "shows non-zero when historical unapproved requests are present" do
488 user = insert(:user, locked: true)
490 assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})
492 other_user = insert(:user)
493 {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
495 {:ok, user} = User.update_and_set_cache(user, %{locked: false})
497 assert %{locked: false, follow_requests_count: 1} =
498 AccountView.render("show.json", %{user: user, for: user})
502 test "uses mediaproxy urls when it's enabled" do
503 clear_config([:media_proxy, :enabled], true)
507 avatar: %{"url" => [%{"href" => "https://evil.website/avatar.png"}]},
508 banner: %{"url" => [%{"href" => "https://evil.website/banner.png"}]},
509 emoji: %{"joker_smile" => "https://evil.website/society.png"}
512 AccountView.render("show.json", %{user: user})
514 {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
515 String.starts_with?(url, Pleroma.Web.base_url())
518 Enum.all?(emojis, fn %{url: url, static_url: static_url} ->
519 String.starts_with?(url, Pleroma.Web.base_url()) &&
520 String.starts_with?(static_url, Pleroma.Web.base_url())