projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Use ModerationLog instead of Logger
[akkoma] / test / web / static_fe / static_fe_controller_test.exs
1 defmodule Pleroma.Web.StaticFE.StaticFEControllerTest do
2 use Pleroma.Web.ConnCase
3
4 alias Pleroma.Activity
5 alias Pleroma.Config
6 alias Pleroma.Web.ActivityPub.Transmogrifier
7 alias Pleroma.Web.CommonAPI
8
9 import Pleroma.Factory
10
11 setup_all do: clear_config([:static_fe, :enabled], true)
12 setup do: clear_config([:instance, :federating], true)
13
14 setup %{conn: conn} do
15 conn = put_req_header(conn, "accept", "text/html")
16 user = insert(:user)
17
18 %{conn: conn, user: user}
19 end
20
21 describe "user profile html" do
22 test "just the profile as HTML", %{conn: conn, user: user} do
23 conn = get(conn, "/users/#{user.nickname}")
24
25 assert html_response(conn, 200) =~ user.nickname
26 end
27
28 test "404 when user not found", %{conn: conn} do
29 conn = get(conn, "/users/limpopo")
30
31 assert html_response(conn, 404) =~ "not found"
32 end
33
34 test "profile does not include private messages", %{conn: conn, user: user} do
35 CommonAPI.post(user, %{status: "public"})
36 CommonAPI.post(user, %{status: "private", visibility: "private"})
37
38 conn = get(conn, "/users/#{user.nickname}")
39
40 html = html_response(conn, 200)
41
42 assert html =~ ">public<"
43 refute html =~ ">private<"
44 end
45
46 test "pagination", %{conn: conn, user: user} do
47 Enum.map(1..30, fn i -> CommonAPI.post(user, %{status: "test#{i}"}) end)
48
49 conn = get(conn, "/users/#{user.nickname}")
50
51 html = html_response(conn, 200)
52
53 assert html =~ ">test30<"
54 assert html =~ ">test11<"
55 refute html =~ ">test10<"
56 refute html =~ ">test1<"
57 end
58
59 test "pagination, page 2", %{conn: conn, user: user} do
60 activities = Enum.map(1..30, fn i -> CommonAPI.post(user, %{status: "test#{i}"}) end)
61 {:ok, a11} = Enum.at(activities, 11)
62
63 conn = get(conn, "/users/#{user.nickname}?max_id=#{a11.id}")
64
65 html = html_response(conn, 200)
66
67 assert html =~ ">test1<"
68 assert html =~ ">test10<"
69 refute html =~ ">test20<"
70 refute html =~ ">test29<"
71 end
72
73 test "it requires authentication if instance is NOT federating", %{conn: conn, user: user} do
74 ensure_federating_or_authenticated(conn, "/users/#{user.nickname}", user)
75 end
76 end
77
78 describe "notice html" do
79 test "single notice page", %{conn: conn, user: user} do
80 {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"})
81
82 conn = get(conn, "/notice/#{activity.id}")
83
84 html = html_response(conn, 200)
85 assert html =~ "<header>"
86 assert html =~ user.nickname
87 assert html =~ "testing a thing!"
88 end
89
90 test "redirects to json if requested", %{conn: conn, user: user} do
91 {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"})
92
93 conn =
94 conn
95 |> put_req_header(
96 "accept",
97 "Accept: application/activity+json, application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\", text/html"
98 )
99 |> get("/notice/#{activity.id}")
100
101 assert redirected_to(conn, 302) =~ activity.data["object"]
102 end
103
104 test "filters HTML tags", %{conn: conn} do
105 user = insert(:user)
106 {:ok, activity} = CommonAPI.post(user, %{status: "<script>alert('xss')</script>"})
107
108 conn =
109 conn
110 |> put_req_header("accept", "text/html")
111 |> get("/notice/#{activity.id}")
112
113 html = html_response(conn, 200)
114 assert html =~ ~s[&lt;script&gt;alert(&#39;xss&#39;)&lt;/script&gt;]
115 end
116
117 test "shows the whole thread", %{conn: conn, user: user} do
118 {:ok, activity} = CommonAPI.post(user, %{status: "space: the final frontier"})
119
120 CommonAPI.post(user, %{
121 status: "these are the voyages or something",
122 in_reply_to_status_id: activity.id
123 })
124
125 conn = get(conn, "/notice/#{activity.id}")
126
127 html = html_response(conn, 200)
128 assert html =~ "the final frontier"
129 assert html =~ "voyages"
130 end
131
132 test "redirect by AP object ID", %{conn: conn, user: user} do
133 {:ok, %Activity{data: %{"object" => object_url}}} =
134 CommonAPI.post(user, %{status: "beam me up"})
135
136 conn = get(conn, URI.parse(object_url).path)
137
138 assert html_response(conn, 302) =~ "redirected"
139 end
140
141 test "redirect by activity ID", %{conn: conn, user: user} do
142 {:ok, %Activity{data: %{"id" => id}}} =
143 CommonAPI.post(user, %{status: "I'm a doctor, not a devops!"})
144
145 conn = get(conn, URI.parse(id).path)
146
147 assert html_response(conn, 302) =~ "redirected"
148 end
149
150 test "404 when notice not found", %{conn: conn} do
151 conn = get(conn, "/notice/88c9c317")
152
153 assert html_response(conn, 404) =~ "not found"
154 end
155
156 test "404 for private status", %{conn: conn, user: user} do
157 {:ok, activity} = CommonAPI.post(user, %{status: "don't show me!", visibility: "private"})
158
159 conn = get(conn, "/notice/#{activity.id}")
160
161 assert html_response(conn, 404) =~ "not found"
162 end
163
164 test "302 for remote cached status", %{conn: conn, user: user} do
165 message = %{
166 "@context" => "https://www.w3.org/ns/activitystreams",
167 "to" => user.follower_address,
168 "cc" => "https://www.w3.org/ns/activitystreams#Public",
169 "type" => "Create",
170 "object" => %{
171 "content" => "blah blah blah",
172 "type" => "Note",
173 "attributedTo" => user.ap_id,
174 "inReplyTo" => nil
175 },
176 "actor" => user.ap_id
177 }
178
179 assert {:ok, activity} = Transmogrifier.handle_incoming(message)
180
181 conn = get(conn, "/notice/#{activity.id}")
182
183 assert html_response(conn, 302) =~ "redirected"
184 end
185
186 test "it requires authentication if instance is NOT federating", %{conn: conn, user: user} do
187 {:ok, activity} = CommonAPI.post(user, %{status: "testing a thing!"})
188
189 ensure_federating_or_authenticated(conn, "/notice/#{activity.id}", user)
190 end
191 end
192 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git