projects / akkoma / blob
? search:


29804cfe12431388f8ee4f081111e5064e2baf33
[akkoma] / test / web / ostatus / ostatus_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.OStatus.OStatusControllerTest do
6 use Pleroma.Web.ConnCase
7
8 import ExUnit.CaptureLog
9 import Pleroma.Factory
10
11 alias Pleroma.Object
12 alias Pleroma.User
13 alias Pleroma.Web.CommonAPI
14
15 setup_all do
16 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
17 :ok
18 end
19
20 clear_config_all([:instance, :federating]) do
21 Pleroma.Config.put([:instance, :federating], true)
22 end
23
24 describe "salmon_incoming" do
25 test "decodes a salmon", %{conn: conn} do
26 user = insert(:user)
27 salmon = File.read!("test/fixtures/salmon.xml")
28
29 assert capture_log(fn ->
30 conn =
31 conn
32 |> put_req_header("content-type", "application/atom+xml")
33 |> post("/users/#{user.nickname}/salmon", salmon)
34
35 assert response(conn, 200)
36 end) =~ "[error]"
37 end
38
39 test "decodes a salmon with a changed magic key", %{conn: conn} do
40 user = insert(:user)
41 salmon = File.read!("test/fixtures/salmon.xml")
42
43 assert capture_log(fn ->
44 conn =
45 conn
46 |> put_req_header("content-type", "application/atom+xml")
47 |> post("/users/#{user.nickname}/salmon", salmon)
48
49 assert response(conn, 200)
50 end) =~ "[error]"
51
52 # Wrong key
53 info = %{
54 magic_key:
55 "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwrong1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAB"
56 }
57
58 # Set a wrong magic-key for a user so it has to refetch
59 "http://gs.example.org:4040/index.php/user/1"
60 |> User.get_cached_by_ap_id()
61 |> User.update_info(&User.Info.remote_user_creation(&1, info))
62
63 assert capture_log(fn ->
64 conn =
65 build_conn()
66 |> put_req_header("content-type", "application/atom+xml")
67 |> post("/users/#{user.nickname}/salmon", salmon)
68
69 assert response(conn, 200)
70 end) =~ "[error]"
71 end
72 end
73
74 describe "GET object/2" do
75 test "redirects to /notice/id for html format", %{conn: conn} do
76 note_activity = insert(:note_activity)
77 object = Object.normalize(note_activity)
78 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
79 url = "/objects/#{uuid}"
80
81 conn =
82 conn
83 |> put_req_header("accept", "text/html")
84 |> get(url)
85
86 assert redirected_to(conn) == "/notice/#{note_activity.id}"
87 end
88
89 test "500s when user not found", %{conn: conn} do
90 note_activity = insert(:note_activity)
91 object = Object.normalize(note_activity)
92 user = User.get_cached_by_ap_id(note_activity.data["actor"])
93 User.invalidate_cache(user)
94 Pleroma.Repo.delete(user)
95 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
96 url = "/objects/#{uuid}"
97
98 conn =
99 conn
100 |> put_req_header("accept", "application/xml")
101 |> get(url)
102
103 assert response(conn, 500) == ~S({"error":"Something went wrong"})
104 end
105
106 test "404s on private objects", %{conn: conn} do
107 note_activity = insert(:direct_note_activity)
108 object = Object.normalize(note_activity)
109 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
110
111 conn
112 |> get("/objects/#{uuid}")
113 |> response(404)
114 end
115
116 test "404s on nonexisting objects", %{conn: conn} do
117 conn
118 |> get("/objects/123")
119 |> response(404)
120 end
121 end
122
123 describe "GET activity/2" do
124 test "gets an activity in xml format", %{conn: conn} do
125 note_activity = insert(:note_activity)
126 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
127
128 conn
129 |> put_req_header("accept", "application/xml")
130 |> get("/activities/#{uuid}")
131 |> response(200)
132 end
133
134 test "redirects to /notice/id for html format", %{conn: conn} do
135 note_activity = insert(:note_activity)
136 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
137
138 conn =
139 conn
140 |> put_req_header("accept", "text/html")
141 |> get("/activities/#{uuid}")
142
143 assert redirected_to(conn) == "/notice/#{note_activity.id}"
144 end
145
146 test "505s when user not found", %{conn: conn} do
147 note_activity = insert(:note_activity)
148 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
149 user = User.get_cached_by_ap_id(note_activity.data["actor"])
150 User.invalidate_cache(user)
151 Pleroma.Repo.delete(user)
152
153 conn =
154 conn
155 |> put_req_header("accept", "text/html")
156 |> get("/activities/#{uuid}")
157
158 assert response(conn, 500) == ~S({"error":"Something went wrong"})
159 end
160
161 test "404s on deleted objects", %{conn: conn} do
162 note_activity = insert(:note_activity)
163 object = Object.normalize(note_activity)
164 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
165
166 conn
167 |> put_req_header("accept", "application/xml")
168 |> get("/objects/#{uuid}")
169 |> response(200)
170
171 Object.delete(object)
172
173 conn
174 |> put_req_header("accept", "application/xml")
175 |> get("/objects/#{uuid}")
176 |> response(404)
177 end
178
179 test "404s on private activities", %{conn: conn} do
180 note_activity = insert(:direct_note_activity)
181 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
182
183 conn
184 |> get("/activities/#{uuid}")
185 |> response(404)
186 end
187
188 test "404s on nonexistent activities", %{conn: conn} do
189 conn
190 |> get("/activities/123")
191 |> response(404)
192 end
193
194 test "gets an activity in AS2 format", %{conn: conn} do
195 note_activity = insert(:note_activity)
196 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
197 url = "/activities/#{uuid}"
198
199 conn =
200 conn
201 |> put_req_header("accept", "application/activity+json")
202 |> get(url)
203
204 assert json_response(conn, 200)
205 end
206 end
207
208 describe "GET notice/2" do
209 test "gets a notice in xml format", %{conn: conn} do
210 note_activity = insert(:note_activity)
211
212 conn
213 |> get("/notice/#{note_activity.id}")
214 |> response(200)
215 end
216
217 test "gets a notice in AS2 format", %{conn: conn} do
218 note_activity = insert(:note_activity)
219
220 conn
221 |> put_req_header("accept", "application/activity+json")
222 |> get("/notice/#{note_activity.id}")
223 |> json_response(200)
224 end
225
226 test "500s when actor not found", %{conn: conn} do
227 note_activity = insert(:note_activity)
228 user = User.get_cached_by_ap_id(note_activity.data["actor"])
229 User.invalidate_cache(user)
230 Pleroma.Repo.delete(user)
231
232 conn =
233 conn
234 |> get("/notice/#{note_activity.id}")
235
236 assert response(conn, 500) == ~S({"error":"Something went wrong"})
237 end
238
239 test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
240 note_activity = insert(:note_activity)
241 url = "/notice/#{note_activity.id}"
242
243 conn =
244 conn
245 |> put_req_header("accept", "application/activity+json")
246 |> get(url)
247
248 assert json_response(conn, 200)
249
250 user = insert(:user)
251
252 {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
253 url = "/notice/#{like_activity.id}"
254
255 assert like_activity.data["type"] == "Like"
256
257 conn =
258 build_conn()
259 |> put_req_header("accept", "application/activity+json")
260 |> get(url)
261
262 assert response(conn, 404)
263 end
264
265 test "render html for redirect for html format", %{conn: conn} do
266 note_activity = insert(:note_activity)
267
268 resp =
269 conn
270 |> put_req_header("accept", "text/html")
271 |> get("/notice/#{note_activity.id}")
272 |> response(200)
273
274 assert resp =~
275 "<meta content=\"#{Pleroma.Web.base_url()}/notice/#{note_activity.id}\" property=\"og:url\">"
276
277 user = insert(:user)
278
279 {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
280
281 assert like_activity.data["type"] == "Like"
282
283 resp =
284 conn
285 |> put_req_header("accept", "text/html")
286 |> get("/notice/#{like_activity.id}")
287 |> response(200)
288
289 assert resp =~ "<!--server-generated-meta-->"
290 end
291
292 test "404s a private notice", %{conn: conn} do
293 note_activity = insert(:direct_note_activity)
294 url = "/notice/#{note_activity.id}"
295
296 conn =
297 conn
298 |> get(url)
299
300 assert response(conn, 404)
301 end
302
303 test "404s a nonexisting notice", %{conn: conn} do
304 url = "/notice/123"
305
306 conn =
307 conn
308 |> get(url)
309
310 assert response(conn, 404)
311 end
312 end
313
314 describe "GET /notice/:id/embed_player" do
315 test "render embed player", %{conn: conn} do
316 note_activity = insert(:note_activity)
317 object = Pleroma.Object.normalize(note_activity)
318
319 object_data =
320 Map.put(object.data, "attachment", [
321 %{
322 "url" => [
323 %{
324 "href" =>
325 "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
326 "mediaType" => "video/mp4",
327 "type" => "Link"
328 }
329 ]
330 }
331 ])
332
333 object
334 |> Ecto.Changeset.change(data: object_data)
335 |> Pleroma.Repo.update()
336
337 conn =
338 conn
339 |> get("/notice/#{note_activity.id}/embed_player")
340
341 assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
342
343 assert Plug.Conn.get_resp_header(
344 conn,
345 "content-security-policy"
346 ) == [
347 "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
348 ]
349
350 assert response(conn, 200) =~
351 "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
352 end
353
354 test "404s when activity isn't create", %{conn: conn} do
355 note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
356
357 assert conn
358 |> get("/notice/#{note_activity.id}/embed_player")
359 |> response(404)
360 end
361
362 test "404s when activity is direct message", %{conn: conn} do
363 note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
364
365 assert conn
366 |> get("/notice/#{note_activity.id}/embed_player")
367 |> response(404)
368 end
369
370 test "404s when attachment is empty", %{conn: conn} do
371 note_activity = insert(:note_activity)
372 object = Pleroma.Object.normalize(note_activity)
373 object_data = Map.put(object.data, "attachment", [])
374
375 object
376 |> Ecto.Changeset.change(data: object_data)
377 |> Pleroma.Repo.update()
378
379 assert conn
380 |> get("/notice/#{note_activity.id}/embed_player")
381 |> response(404)
382 end
383
384 test "404s when attachment isn't audio or video", %{conn: conn} do
385 note_activity = insert(:note_activity)
386 object = Pleroma.Object.normalize(note_activity)
387
388 object_data =
389 Map.put(object.data, "attachment", [
390 %{
391 "url" => [
392 %{
393 "href" => "https://peertube.moe/static/webseed/480.jpg",
394 "mediaType" => "image/jpg",
395 "type" => "Link"
396 }
397 ]
398 }
399 ])
400
401 object
402 |> Ecto.Changeset.change(data: object_data)
403 |> Pleroma.Repo.update()
404
405 assert conn
406 |> get("/notice/#{note_activity.id}/embed_player")
407 |> response(404)
408 end
409 end
410 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git