1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
6 use Pleroma.Web.ConnCase
9 alias Pleroma.Tests.ObanHelpers
11 alias Pleroma.Web.CommonAPI
13 import Pleroma.Factory
14 import Swoosh.TestAssertions
16 @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
18 describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
22 |> User.confirmation_changeset(need_confirmation: true)
23 |> User.update_and_set_cache()
25 assert user.confirmation_pending
30 clear_config([:instance, :account_activation_required]) do
31 Config.put([:instance, :account_activation_required], true)
34 test "resend account confirmation email", %{conn: conn, user: user} do
36 |> post("/api/v1/pleroma/accounts/confirmation_resend?email=#{user.email}")
37 |> json_response(:no_content)
39 ObanHelpers.perform_all()
41 email = Pleroma.Emails.UserEmail.account_confirmation_email(user)
42 notify_email = Config.get([:instance, :notify_email])
43 instance_name = Config.get([:instance, :name])
46 from: {instance_name, notify_email},
47 to: {user.name, user.email},
48 html_body: email.html_body
53 describe "PATCH /api/v1/pleroma/accounts/update_avatar" do
54 setup do: oauth_access(["write:accounts"])
56 test "user avatar can be set", %{user: user, conn: conn} do
57 avatar_image = File.read!("test/fixtures/avatar_data_uri")
59 conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
61 user = refresh_record(user)
75 assert %{"url" => _} = json_response(conn, 200)
78 test "user avatar can be reset", %{user: user, conn: conn} do
79 conn = patch(conn, "/api/v1/pleroma/accounts/update_avatar", %{img: ""})
81 user = User.get_cached_by_id(user.id)
83 assert user.avatar == nil
85 assert %{"url" => nil} = json_response(conn, 200)
89 describe "PATCH /api/v1/pleroma/accounts/update_banner" do
90 setup do: oauth_access(["write:accounts"])
92 test "can set profile banner", %{user: user, conn: conn} do
93 conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
95 user = refresh_record(user)
96 assert user.banner["type"] == "Image"
98 assert %{"url" => _} = json_response(conn, 200)
101 test "can reset profile banner", %{user: user, conn: conn} do
102 conn = patch(conn, "/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
104 user = refresh_record(user)
105 assert user.banner == %{}
107 assert %{"url" => nil} = json_response(conn, 200)
111 describe "PATCH /api/v1/pleroma/accounts/update_background" do
112 setup do: oauth_access(["write:accounts"])
114 test "background image can be set", %{user: user, conn: conn} do
115 conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => @image})
117 user = refresh_record(user)
118 assert user.background["type"] == "Image"
119 assert %{"url" => _} = json_response(conn, 200)
122 test "background image can be reset", %{user: user, conn: conn} do
123 conn = patch(conn, "/api/v1/pleroma/accounts/update_background", %{"img" => ""})
125 user = refresh_record(user)
126 assert user.background == %{}
127 assert %{"url" => nil} = json_response(conn, 200)
131 describe "getting favorites timeline of specified user" do
133 [current_user, user] = insert_pair(:user, hide_favorites: false)
134 %{user: current_user, conn: conn} = oauth_access(["read:favourites"], user: current_user)
135 [current_user: current_user, user: user, conn: conn]
138 test "returns list of statuses favorited by specified user", %{
142 [activity | _] = insert_pair(:note_activity)
143 CommonAPI.favorite(activity.id, user)
147 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
148 |> json_response(:ok)
152 assert length(response) == 1
153 assert like["id"] == activity.id
156 test "does not return favorites for specified user_id when user is not logged in", %{
159 activity = insert(:note_activity)
160 CommonAPI.favorite(activity.id, user)
163 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
164 |> json_response(403)
167 test "returns favorited DM only when user is logged in and he is one of recipients", %{
168 current_user: current_user,
172 CommonAPI.post(current_user, %{
173 "status" => "Hi @#{user.nickname}!",
174 "visibility" => "direct"
177 CommonAPI.favorite(direct.id, user)
179 for u <- [user, current_user] do
183 |> assign(:token, insert(:oauth_token, user: u, scopes: ["read:favourites"]))
184 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
185 |> json_response(:ok)
187 assert length(response) == 1
191 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
192 |> json_response(403)
195 test "does not return others' favorited DM when user is not one of recipients", %{
199 user_two = insert(:user)
202 CommonAPI.post(user_two, %{
203 "status" => "Hi @#{user.nickname}!",
204 "visibility" => "direct"
207 CommonAPI.favorite(direct.id, user)
211 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
212 |> json_response(:ok)
214 assert Enum.empty?(response)
217 test "paginates favorites using since_id and max_id", %{
221 activities = insert_list(10, :note_activity)
223 Enum.each(activities, fn activity ->
224 CommonAPI.favorite(activity.id, user)
227 third_activity = Enum.at(activities, 2)
228 seventh_activity = Enum.at(activities, 6)
232 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{
233 since_id: third_activity.id,
234 max_id: seventh_activity.id
236 |> json_response(:ok)
238 assert length(response) == 3
239 refute third_activity in response
240 refute seventh_activity in response
243 test "limits favorites using limit parameter", %{
248 |> insert_list(:note_activity)
249 |> Enum.each(fn activity ->
250 CommonAPI.favorite(activity.id, user)
255 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites", %{limit: "3"})
256 |> json_response(:ok)
258 assert length(response) == 3
261 test "returns empty response when user does not have any favorited statuses", %{
267 |> get("/api/v1/pleroma/accounts/#{user.id}/favourites")
268 |> json_response(:ok)
270 assert Enum.empty?(response)
273 test "returns 404 error when specified user is not exist", %{conn: conn} do
274 conn = get(conn, "/api/v1/pleroma/accounts/test/favourites")
276 assert json_response(conn, 404) == %{"error" => "Record not found"}
279 test "returns 403 error when user has hidden own favorites", %{conn: conn} do
280 user = insert(:user, hide_favorites: true)
281 activity = insert(:note_activity)
282 CommonAPI.favorite(activity.id, user)
284 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
286 assert json_response(conn, 403) == %{"error" => "Can't get favorites"}
289 test "hides favorites for new users by default", %{conn: conn} do
291 activity = insert(:note_activity)
292 CommonAPI.favorite(activity.id, user)
294 assert user.hide_favorites
295 conn = get(conn, "/api/v1/pleroma/accounts/#{user.id}/favourites")
297 assert json_response(conn, 403) == %{"error" => "Can't get favorites"}
301 describe "subscribing / unsubscribing" do
302 test "subscribing / unsubscribing to a user" do
303 %{user: user, conn: conn} = oauth_access(["follow"])
304 subscription_target = insert(:user)
308 |> assign(:user, user)
309 |> post("/api/v1/pleroma/accounts/#{subscription_target.id}/subscribe")
311 assert %{"id" => _id, "subscribing" => true} = json_response(ret_conn, 200)
313 conn = post(conn, "/api/v1/pleroma/accounts/#{subscription_target.id}/unsubscribe")
315 assert %{"id" => _id, "subscribing" => false} = json_response(conn, 200)
319 describe "subscribing" do
320 test "returns 404 when subscription_target not found" do
321 %{conn: conn} = oauth_access(["write:follows"])
323 conn = post(conn, "/api/v1/pleroma/accounts/target_id/subscribe")
325 assert %{"error" => "Record not found"} = json_response(conn, 404)
329 describe "unsubscribing" do
330 test "returns 404 when subscription_target not found" do
331 %{conn: conn} = oauth_access(["follow"])
333 conn = post(conn, "/api/v1/pleroma/accounts/target_id/unsubscribe")
335 assert %{"error" => "Record not found"} = json_response(conn, 404)