Merge branch 'feature/1734-user-deletion' into 'develop'
[akkoma] / test / web / pleroma_api / controllers / account_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
6 use Pleroma.Web.ConnCase
7
8 alias Pleroma.Config
9 alias Pleroma.Tests.ObanHelpers
10 alias Pleroma.User
11 alias Pleroma.Web.CommonAPI
12
13 import Pleroma.Factory
14 import Swoosh.TestAssertions
15
16 @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
17
18 describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
19 setup do
20 {:ok, user} =
21 insert(:user)
22 |> User.confirmation_changeset(need_confirmation: true)
23 |> User.update_and_set_cache()
24
25 assert user.confirmation_pending
26
27 [user: user]
28 end
29
30 setup do: clear_config([:instance, :account_activation_required], true)
31
32 test "resend account confirmation email", %{conn: conn, user: user} do
33 conn
34 |> put_req_header("content-type", "application/json")
35 |> post("/api/v1/pleroma/accounts/confirmation_resend?email=#{user.email}")
36 |> json_response_and_validate_schema(:no_content)
37
38 ObanHelpers.perform_all()
39
40 email = Pleroma.Emails.UserEmail.account_confirmation_email(user)
41 notify_email = Config.get([:instance, :notify_email])
42 instance_name = Config.get([:instance, :name])
43
44 assert_email_sent(
45 from: {instance_name, notify_email},
46 to: {user.name, user.email},
47 html_body: email.html_body
48 )
49 end
50
51 test "resend account confirmation email (with nickname)", %{conn: conn, user: user} do
52 conn
53 |> put_req_header("content-type", "application/json")
54 |> post("/api/v1/pleroma/accounts/confirmation_resend?nickname=#{user.nickname}")
55 |> json_response_and_validate_schema(:no_content)
56
57 ObanHelpers.perform_all()
58
59 email = Pleroma.Emails.UserEmail.account_confirmation_email(user)
60 notify_email = Config.get([:instance, :notify_email])
61 instance_name = Config.get([:instance, :name])
62
63 assert_email_sent(
64 from: {instance_name, notify_email},
65 to: {user.name, user.email},
66 html_body: email.html_body
67 )
68 end
69 end
70
71 describe "PATCH /api/v1/pleroma/accounts/update_avatar" do
72 setup do: oauth_access(["write:accounts"])
73
74 test "user avatar can be set", %{user: user, conn: conn} do
75 avatar_image = File.read!("test/fixtures/avatar_data_uri")
76
77 conn =
78 conn
79 |> put_req_header("content-type", "multipart/form-data")
80 |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
81
82 user = refresh_record(user)
83
84 assert %{
85 "name" => _,
86 "type" => _,
87 "url" => [
88 %{
89 "href" => _,
90 "mediaType" => _,
91 "type" => _
92 }
93 ]
94 } = user.avatar
95
96 assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
97 end
98
99 test "user avatar can be reset", %{user: user, conn: conn} do
100 conn =
101 conn
102 |> put_req_header("content-type", "multipart/form-data")
103 |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: ""})
104
105 user = User.get_cached_by_id(user.id)
106
107 assert user.avatar == nil
108
109 assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
110 end
111 end
112
113 describe "PATCH /api/v1/pleroma/accounts/update_banner" do
114 setup do: oauth_access(["write:accounts"])
115
116 test "can set profile banner", %{user: user, conn: conn} do
117 conn =
118 conn
119 |> put_req_header("content-type", "multipart/form-data")
120 |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
121
122 user = refresh_record(user)
123 assert user.banner["type"] == "Image"
124
125 assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
126 end
127
128 test "can reset profile banner", %{user: user, conn: conn} do
129 conn =
130 conn
131 |> put_req_header("content-type", "multipart/form-data")
132 |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
133
134 user = refresh_record(user)
135 assert user.banner == %{}
136
137 assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
138 end
139 end
140
141 describe "PATCH /api/v1/pleroma/accounts/update_background" do
142 setup do: oauth_access(["write:accounts"])
143
144 test "background image can be set", %{user: user, conn: conn} do
145 conn =
146 conn
147 |> put_req_header("content-type", "multipart/form-data")
148 |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => @image})
149
150 user = refresh_record(user)
151 assert user.background["type"] == "Image"
152 # assert %{"url" => _} = json_response(conn, 200)
153 assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
154 end
155
156 test "background image can be reset", %{user: user, conn: conn} do
157 conn =
158 conn
159 |> put_req_header("content-type", "multipart/form-data")
160 |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => ""})
161
162 user = refresh_record(user)
163 assert user.background == %{}
164 assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
165 end
166 end
167
168 describe "getting favorites timeline of specified user" do
169 setup do
170 [current_user, user] = insert_pair(:user, hide_favorites: false)
171 %{user: current_user, conn: conn} = oauth_access(["read:favourites"], user: current_user)
172 [current_user: current_user, user: user, conn: conn]
173 end
174
175 test "returns list of statuses favorited by specified user", %{
176 conn: conn,
177 user: user
178 } do
179 [activity | _] = insert_pair(:note_activity)
180 CommonAPI.favorite(user, activity.id)
181
182 response =
183 conn
184 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
185 |> json_response_and_validate_schema(:ok)
186
187 [like] = response
188
189 assert length(response) == 1
190 assert like["id"] == activity.id
191 end
192
193 test "returns favorites for specified user_id when requester is not logged in", %{
194 user: user
195 } do
196 activity = insert(:note_activity)
197 CommonAPI.favorite(user, activity.id)
198
199 response =
200 build_conn()
201 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
202 |> json_response_and_validate_schema(200)
203
204 assert length(response) == 1
205 end
206
207 test "returns favorited DM only when user is logged in and he is one of recipients", %{
208 current_user: current_user,
209 user: user
210 } do
211 {:ok, direct} =
212 CommonAPI.post(current_user, %{
213 status: "Hi @#{user.nickname}!",
214 visibility: "direct"
215 })
216
217 CommonAPI.favorite(user, direct.id)
218
219 for u <- [user, current_user] do
220 response =
221 build_conn()
222 |> assign(:user, u)
223 |> assign(:token, insert(:oauth_token, user: u, scopes: ["read:favourites"]))
224 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
225 |> json_response_and_validate_schema(:ok)
226
227 assert length(response) == 1
228 end
229
230 response =
231 build_conn()
232 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
233 |> json_response_and_validate_schema(200)
234
235 assert length(response) == 0
236 end
237
238 test "does not return others' favorited DM when user is not one of recipients", %{
239 conn: conn,
240 user: user
241 } do
242 user_two = insert(:user)
243
244 {:ok, direct} =
245 CommonAPI.post(user_two, %{
246 status: "Hi @#{user.nickname}!",
247 visibility: "direct"
248 })
249
250 CommonAPI.favorite(user, direct.id)
251
252 response =
253 conn
254 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
255 |> json_response_and_validate_schema(:ok)
256
257 assert Enum.empty?(response)
258 end
259
260 test "paginates favorites using since_id and max_id", %{
261 conn: conn,
262 user: user
263 } do
264 activities = insert_list(10, :note_activity)
265
266 Enum.each(activities, fn activity ->
267 CommonAPI.favorite(user, activity.id)
268 end)
269
270 third_activity = Enum.at(activities, 2)
271 seventh_activity = Enum.at(activities, 6)
272
273 response =
274 conn
275 |> get(
276 "/api/v1/pleroma/accounts/#{user.id}/favourites?since_id=#{third_activity.id}&max_id=#{
277 seventh_activity.id
278 }"
279 )
280 |> json_response_and_validate_schema(:ok)
281
282 assert length(response) == 3
283 refute third_activity in response
284 refute seventh_activity in response
285 end
286
287 test "limits favorites using limit parameter", %{
288 conn: conn,
289 user: user
290 } do
291 7
292 |> insert_list(:note_activity)
293 |> Enum.each(fn activity ->
294 CommonAPI.favorite(user, activity.id)
295 end)
296
297 response =
298 conn
299 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites?limit=3")
300 |> json_response_and_validate_schema(:ok)
301
302 assert length(response) == 3
303 end
304
305 test "returns empty response when user does not have any favorited statuses", %{
306 conn: conn,
307 user: user
308 } do
309 response =
310 conn
311 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
312 |> json_response_and_validate_schema(:ok)
313
314 assert Enum.empty?(response)
315 end
316
317 test "returns 404 error when specified user is not exist", %{conn: conn} do
318 conn = get(conn, "/api/v1/pleroma/accounts/test/favourites")
319
320 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
321 end
322
323 test "returns 403 error when user has hidden own favorites", %{conn: conn} do
324 user = insert(:user, hide_favorites: true)
325 activity = insert(:note_activity)
326 CommonAPI.favorite(user, activity.id)
327
328 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
329
330 assert json_response_and_validate_schema(conn, 403) == %{"error" => "Can't get favorites"}
331 end
332
333 test "hides favorites for new users by default", %{conn: conn} do
334 user = insert(:user)
335 activity = insert(:note_activity)
336 CommonAPI.favorite(user, activity.id)
337
338 assert user.hide_favorites
339 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
340
341 assert json_response_and_validate_schema(conn, 403) == %{"error" => "Can't get favorites"}
342 end
343 end
344
345 describe "subscribing / unsubscribing" do
346 test "subscribing / unsubscribing to a user" do
347 %{user: user, conn: conn} = oauth_access(["follow"])
348 subscription_target = insert(:user)
349
350 ret_conn =
351 conn
352 |> assign(:user, user)
353 |> post("/api/v1/pleroma/accounts/#{subscription_target.id}/subscribe")
354
355 assert %{"id" => _id, "subscribing" => true} =
356 json_response_and_validate_schema(ret_conn, 200)
357
358 conn = post(conn, "/api/v1/pleroma/accounts/#{subscription_target.id}/unsubscribe")
359
360 assert %{"id" => _id, "subscribing" => false} = json_response_and_validate_schema(conn, 200)
361 end
362 end
363
364 describe "subscribing" do
365 test "returns 404 when subscription_target not found" do
366 %{conn: conn} = oauth_access(["write:follows"])
367
368 conn = post(conn, "/api/v1/pleroma/accounts/target_id/subscribe")
369
370 assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404)
371 end
372 end
373
374 describe "unsubscribing" do
375 test "returns 404 when subscription_target not found" do
376 %{conn: conn} = oauth_access(["follow"])
377
378 conn = post(conn, "/api/v1/pleroma/accounts/target_id/unsubscribe")
379
380 assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404)
381 end
382 end
383 end