1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.OStatus.OStatusControllerTest do
6 use Pleroma.Web.ConnCase
13 alias Pleroma.Web.CommonAPI
16 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
20 clear_config([:instance, :federating]) do
21 Config.put([:instance, :federating], true)
24 # Note: see ActivityPubControllerTest for JSON format tests
25 describe "GET /objects/:uuid (text/html)" do
26 setup %{conn: conn} do
27 conn = put_req_header(conn, "accept", "text/html")
31 test "redirects to /notice/id for html format", %{conn: conn} do
32 note_activity = insert(:note_activity)
33 object = Object.normalize(note_activity)
34 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
35 url = "/objects/#{uuid}"
38 assert redirected_to(conn) == "/notice/#{note_activity.id}"
41 test "404s on private objects", %{conn: conn} do
42 note_activity = insert(:direct_note_activity)
43 object = Object.normalize(note_activity)
44 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
47 |> get("/objects/#{uuid}")
51 test "404s on non-existing objects", %{conn: conn} do
53 |> get("/objects/123")
58 # Note: see ActivityPubControllerTest for JSON format tests
59 describe "GET /activities/:uuid (text/html)" do
60 setup %{conn: conn} do
61 conn = put_req_header(conn, "accept", "text/html")
65 test "redirects to /notice/id for html format", %{conn: conn} do
66 note_activity = insert(:note_activity)
67 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
69 conn = get(conn, "/activities/#{uuid}")
70 assert redirected_to(conn) == "/notice/#{note_activity.id}"
73 test "404s on private activities", %{conn: conn} do
74 note_activity = insert(:direct_note_activity)
75 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
78 |> get("/activities/#{uuid}")
82 test "404s on nonexistent activities", %{conn: conn} do
84 |> get("/activities/123")
89 describe "GET notice/2" do
90 test "redirects to a proper object URL when json requested and the object is local", %{
93 note_activity = insert(:note_activity)
94 expected_redirect_url = Object.normalize(note_activity).data["id"]
98 |> put_req_header("accept", "application/activity+json")
99 |> get("/notice/#{note_activity.id}")
102 assert redirect_url == expected_redirect_url
105 test "returns a 404 on remote notice when json requested", %{conn: conn} do
106 note_activity = insert(:note_activity, local: false)
109 |> put_req_header("accept", "application/activity+json")
110 |> get("/notice/#{note_activity.id}")
114 test "500s when actor not found", %{conn: conn} do
115 note_activity = insert(:note_activity)
116 user = User.get_cached_by_ap_id(note_activity.data["actor"])
117 User.invalidate_cache(user)
118 Pleroma.Repo.delete(user)
122 |> get("/notice/#{note_activity.id}")
124 assert response(conn, 500) == ~S({"error":"Something went wrong"})
127 test "render html for redirect for html format", %{conn: conn} do
128 note_activity = insert(:note_activity)
132 |> put_req_header("accept", "text/html")
133 |> get("/notice/#{note_activity.id}")
137 "<meta content=\"#{Pleroma.Web.base_url()}/notice/#{note_activity.id}\" property=\"og:url\">"
141 {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
143 assert like_activity.data["type"] == "Like"
147 |> put_req_header("accept", "text/html")
148 |> get("/notice/#{like_activity.id}")
151 assert resp =~ "<!--server-generated-meta-->"
154 test "404s a private notice", %{conn: conn} do
155 note_activity = insert(:direct_note_activity)
156 url = "/notice/#{note_activity.id}"
162 assert response(conn, 404)
165 test "404s a non-existing notice", %{conn: conn} do
172 assert response(conn, 404)
175 test "it requires authentication if instance is NOT federating", %{
179 note_activity = insert(:note_activity)
181 conn = put_req_header(conn, "accept", "text/html")
183 ensure_federating_or_authenticated(conn, "/notice/#{note_activity.id}", user)
187 describe "GET /notice/:id/embed_player" do
189 note_activity = insert(:note_activity)
190 object = Pleroma.Object.normalize(note_activity)
193 Map.put(object.data, "attachment", [
198 "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
199 "mediaType" => "video/mp4",
207 |> Ecto.Changeset.change(data: object_data)
208 |> Pleroma.Repo.update()
210 %{note_activity: note_activity}
213 test "renders embed player", %{conn: conn, note_activity: note_activity} do
214 conn = get(conn, "/notice/#{note_activity.id}/embed_player")
216 assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
218 assert Plug.Conn.get_resp_header(
220 "content-security-policy"
222 "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
225 assert response(conn, 200) =~
226 "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
229 test "404s when activity isn't create", %{conn: conn} do
230 note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
233 |> get("/notice/#{note_activity.id}/embed_player")
237 test "404s when activity is direct message", %{conn: conn} do
238 note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
241 |> get("/notice/#{note_activity.id}/embed_player")
245 test "404s when attachment is empty", %{conn: conn} do
246 note_activity = insert(:note_activity)
247 object = Pleroma.Object.normalize(note_activity)
248 object_data = Map.put(object.data, "attachment", [])
251 |> Ecto.Changeset.change(data: object_data)
252 |> Pleroma.Repo.update()
255 |> get("/notice/#{note_activity.id}/embed_player")
259 test "404s when attachment isn't audio or video", %{conn: conn} do
260 note_activity = insert(:note_activity)
261 object = Pleroma.Object.normalize(note_activity)
264 Map.put(object.data, "attachment", [
268 "href" => "https://peertube.moe/static/webseed/480.jpg",
269 "mediaType" => "image/jpg",
277 |> Ecto.Changeset.change(data: object_data)
278 |> Pleroma.Repo.update()
281 |> get("/notice/#{note_activity.id}/embed_player")
285 test "it requires authentication if instance is NOT federating", %{
287 note_activity: note_activity
290 conn = put_req_header(conn, "accept", "text/html")
292 ensure_federating_or_authenticated(conn, "/notice/#{note_activity.id}/embed_player", user)