Merge branch 'develop' into gun
[akkoma] / test / web / pleroma_api / controllers / account_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.Config
9 alias Pleroma.Tests.ObanHelpers
10 alias Pleroma.User
11 alias Pleroma.Web.CommonAPI
12
13 import Pleroma.Factory
14 import Swoosh.TestAssertions
15
16 @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
17
18 describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
19 setup do
20 {:ok, user} =
21 insert(:user)
22 |> User.confirmation_changeset(need_confirmation: true)
23 |> User.update_and_set_cache()
24
25 assert user.confirmation_pending
26
27 [user: user]
28 end
29
30 clear_config([:instance, :account_activation_required]) do
31 Config.put([:instance, :account_activation_required], true)
32 end
33
34 test "resend account confirmation email", %{conn: conn, user: user} do
35 conn
36 |> post("/api/v1/pleroma/accounts/confirmation_resend?email=#{user.email}")
37 |> json_response(:no_content)
38
39 ObanHelpers.perform_all()
40
41 email = Pleroma.Emails.UserEmail.account_confirmation_email(user)
42 notify_email = Config.get([:instance, :notify_email])
43 instance_name = Config.get([:instance, :name])
44
45 assert_email_sent(
46 from: {instance_name, notify_email},
47 to: {user.name, user.email},
48 html_body: email.html_body
49 )
50 end
51 end
52
53 describe "PATCH /api/v1/pleroma/accounts/update_avatar" do
54 setup do: oauth_access(["write:accounts"])
55
56 test "user avatar can be set", %{user: user, conn: conn} do
57 avatar_image = File.read!("test/fixtures/avatar_data_uri")
58
59 conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
60
61 user = refresh_record(user)
62
63 assert %{
64 "name" => _,
65 "type" => _,
66 "url" => [
67 %{
68 "href" => _,
69 "mediaType" => _,
70 "type" => _
71 }
72 ]
73 } = user.avatar
74
75 assert %{"url" => _} = json_response(conn, 200)
76 end
77
78 test "user avatar can be reset", %{user: user, conn: conn} do
79 conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: ""})
80
81 user = User.get_cached_by_id(user.id)
82
83 assert user.avatar == nil
84
85 assert %{"url" => nil} = json_response(conn, 200)
86 end
87 end
88
89 describe "PATCH /api/v1/pleroma/accounts/update_banner" do
90 setup do: oauth_access(["write:accounts"])
91
92 test "can set profile banner", %{user: user, conn: conn} do
93 conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
94
95 user = refresh_record(user)
96 assert user.banner["type"] == "Image"
97
98 assert %{"url" => _} = json_response(conn, 200)
99 end
100
101 test "can reset profile banner", %{user: user, conn: conn} do
102 conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
103
104 user = refresh_record(user)
105 assert user.banner == %{}
106
107 assert %{"url" => nil} = json_response(conn, 200)
108 end
109 end
110
111 describe "PATCH /api/v1/pleroma/accounts/update_background" do
112 setup do: oauth_access(["write:accounts"])
113
114 test "background image can be set", %{user: user, conn: conn} do
115 conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => @image})
116
117 user = refresh_record(user)
118 assert user.background["type"] == "Image"
119 assert %{"url" => _} = json_response(conn, 200)
120 end
121
122 test "background image can be reset", %{user: user, conn: conn} do
123 conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => ""})
124
125 user = refresh_record(user)
126 assert user.background == %{}
127 assert %{"url" => nil} = json_response(conn, 200)
128 end
129 end
130
131 describe "getting favorites timeline of specified user" do
132 setup do
133 [current_user, user] = insert_pair(:user, hide_favorites: false)
134 %{user: current_user, conn: conn} = oauth_access(["read:favourites"], user: current_user)
135 [current_user: current_user, user: user, conn: conn]
136 end
137
138 test "returns list of statuses favorited by specified user", %{
139 conn: conn,
140 user: user
141 } do
142 [activity | _] = insert_pair(:note_activity)
143 CommonAPI.favorite(activity.id, user)
144
145 response =
146 conn
147 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
148 |> json_response(:ok)
149
150 [like] = response
151
152 assert length(response) == 1
153 assert like["id"] == activity.id
154 end
155
156 test "does not return favorites for specified user_id when user is not logged in", %{
157 user: user
158 } do
159 activity = insert(:note_activity)
160 CommonAPI.favorite(activity.id, user)
161
162 build_conn()
163 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
164 |> json_response(403)
165 end
166
167 test "returns favorited DM only when user is logged in and he is one of recipients", %{
168 current_user: current_user,
169 user: user
170 } do
171 {:ok, direct} =
172 CommonAPI.post(current_user, %{
173 "status" => "Hi @#{user.nickname}!",
174 "visibility" => "direct"
175 })
176
177 CommonAPI.favorite(direct.id, user)
178
179 for u <- [user, current_user] do
180 response =
181 build_conn()
182 |> assign(:user, u)
183 |> assign(:token, insert(:oauth_token, user: u, scopes: ["read:favourites"]))
184 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
185 |> json_response(:ok)
186
187 assert length(response) == 1
188 end
189
190 build_conn()
191 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
192 |> json_response(403)
193 end
194
195 test "does not return others' favorited DM when user is not one of recipients", %{
196 conn: conn,
197 user: user
198 } do
199 user_two = insert(:user)
200
201 {:ok, direct} =
202 CommonAPI.post(user_two, %{
203 "status" => "Hi @#{user.nickname}!",
204 "visibility" => "direct"
205 })
206
207 CommonAPI.favorite(direct.id, user)
208
209 response =
210 conn
211 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
212 |> json_response(:ok)
213
214 assert Enum.empty?(response)
215 end
216
217 test "paginates favorites using since_id and max_id", %{
218 conn: conn,
219 user: user
220 } do
221 activities = insert_list(10, :note_activity)
222
223 Enum.each(activities, fn activity ->
224 CommonAPI.favorite(activity.id, user)
225 end)
226
227 third_activity = Enum.at(activities, 2)
228 seventh_activity = Enum.at(activities, 6)
229
230 response =
231 conn
232 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{
233 since_id: third_activity.id,
234 max_id: seventh_activity.id
235 })
236 |> json_response(:ok)
237
238 assert length(response) == 3
239 refute third_activity in response
240 refute seventh_activity in response
241 end
242
243 test "limits favorites using limit parameter", %{
244 conn: conn,
245 user: user
246 } do
247 7
248 |> insert_list(:note_activity)
249 |> Enum.each(fn activity ->
250 CommonAPI.favorite(activity.id, user)
251 end)
252
253 response =
254 conn
255 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{limit: "3"})
256 |> json_response(:ok)
257
258 assert length(response) == 3
259 end
260
261 test "returns empty response when user does not have any favorited statuses", %{
262 conn: conn,
263 user: user
264 } do
265 response =
266 conn
267 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
268 |> json_response(:ok)
269
270 assert Enum.empty?(response)
271 end
272
273 test "returns 404 error when specified user is not exist", %{conn: conn} do
274 conn = get(conn, "/api/v1/pleroma/accounts/test/favourites")
275
276 assert json_response(conn, 404) == %{"error" => "Record not found"}
277 end
278
279 test "returns 403 error when user has hidden own favorites", %{conn: conn} do
280 user = insert(:user, hide_favorites: true)
281 activity = insert(:note_activity)
282 CommonAPI.favorite(activity.id, user)
283
284 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
285
286 assert json_response(conn, 403) == %{"error" => "Can't get favorites"}
287 end
288
289 test "hides favorites for new users by default", %{conn: conn} do
290 user = insert(:user)
291 activity = insert(:note_activity)
292 CommonAPI.favorite(activity.id, user)
293
294 assert user.hide_favorites
295 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
296
297 assert json_response(conn, 403) == %{"error" => "Can't get favorites"}
298 end
299 end
300
301 describe "subscribing / unsubscribing" do
302 test "subscribing / unsubscribing to a user" do
303 %{user: user, conn: conn} = oauth_access(["follow"])
304 subscription_target = insert(:user)
305
306 ret_conn =
307 conn
308 |> assign(:user, user)
309 |> post("/api/v1/pleroma/accounts/#{subscription_target.id}/subscribe")
310
311 assert %{"id" => _id, "subscribing" => true} = json_response(ret_conn, 200)
312
313 conn = post(conn, "/api/v1/pleroma/accounts/#{subscription_target.id}/unsubscribe")
314
315 assert %{"id" => _id, "subscribing" => false} = json_response(conn, 200)
316 end
317 end
318
319 describe "subscribing" do
320 test "returns 404 when subscription_target not found" do
321 %{conn: conn} = oauth_access(["write:follows"])
322
323 conn = post(conn, "/api/v1/pleroma/accounts/target_id/subscribe")
324
325 assert %{"error" => "Record not found"} = json_response(conn, 404)
326 end
327 end
328
329 describe "unsubscribing" do
330 test "returns 404 when subscription_target not found" do
331 %{conn: conn} = oauth_access(["follow"])
332
333 conn = post(conn, "/api/v1/pleroma/accounts/target_id/unsubscribe")
334
335 assert %{"error" => "Record not found"} = json_response(conn, 404)
336 end
337 end
338 end