projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'runtime-router' into 'develop'
[akkoma] / test / web / twitter_api / twitter_api_controller_test.exs
1 defmodule Pleroma.Web.TwitterAPI.ControllerTest do
2 use Pleroma.Web.ConnCase
3 alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
4 alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
5 alias Pleroma.{Repo, Activity, User, Object, Notification}
6 alias Pleroma.Web.ActivityPub.ActivityPub
7 alias Pleroma.Web.TwitterAPI.UserView
8 alias Pleroma.Web.TwitterAPI.NotificationView
9 alias Pleroma.Web.CommonAPI
10 alias Pleroma.Web.TwitterAPI.TwitterAPI
11 alias Comeonin.Pbkdf2
12
13 import Pleroma.Factory
14
15 describe "POST /api/account/verify_credentials" do
16 setup [:valid_user]
17
18 test "without valid credentials", %{conn: conn} do
19 conn = post(conn, "/api/account/verify_credentials.json")
20 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
21 end
22
23 test "with credentials", %{conn: conn, user: user} do
24 conn =
25 conn
26 |> with_credentials(user.nickname, "test")
27 |> post("/api/account/verify_credentials.json")
28
29 assert response = json_response(conn, 200)
30 assert response == UserView.render("show.json", %{user: user, token: response["token"]})
31 end
32 end
33
34 describe "POST /api/account/most_recent_notification" do
35 setup [:valid_user]
36
37 test "without valid credentials", %{conn: conn} do
38 conn = post(conn, "/api/account/most_recent_notification.json")
39 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
40 end
41
42 test "with credentials", %{conn: conn, user: user} do
43 conn =
44 conn
45 |> with_credentials(user.nickname, "test")
46 |> post("/api/account/most_recent_notification.json", %{id: "200"})
47
48 assert json_response(conn, 200)
49 user = User.get_by_nickname(user.nickname)
50 assert user.info["most_recent_notification"] == 200
51 end
52 end
53
54 describe "POST /statuses/update.json" do
55 setup [:valid_user]
56
57 test "without valid credentials", %{conn: conn} do
58 conn = post(conn, "/api/statuses/update.json")
59 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
60 end
61
62 test "with credentials", %{conn: conn, user: user} do
63 conn_with_creds = conn |> with_credentials(user.nickname, "test")
64 request_path = "/api/statuses/update.json"
65
66 error_response = %{
67 "request" => request_path,
68 "error" => "Client must provide a 'status' parameter with a value."
69 }
70
71 conn = conn_with_creds |> post(request_path)
72 assert json_response(conn, 400) == error_response
73
74 conn = conn_with_creds |> post(request_path, %{status: ""})
75 assert json_response(conn, 400) == error_response
76
77 conn = conn_with_creds |> post(request_path, %{status: " "})
78 assert json_response(conn, 400) == error_response
79
80 # we post with visibility private in order to avoid triggering relay
81 conn = conn_with_creds |> post(request_path, %{status: "Nice meme.", visibility: "private"})
82
83 assert json_response(conn, 200) ==
84 ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
85 end
86 end
87
88 describe "GET /statuses/public_timeline.json" do
89 test "returns statuses", %{conn: conn} do
90 {:ok, user} = UserBuilder.insert()
91 activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
92 ActivityBuilder.insert_list(10, %{}, %{user: user})
93 since_id = List.last(activities).id
94
95 conn =
96 conn
97 |> get("/api/statuses/public_timeline.json", %{since_id: since_id})
98
99 response = json_response(conn, 200)
100
101 assert length(response) == 10
102 end
103
104 test "returns 403 to unauthenticated request when the instance is not public" do
105 instance =
106 Application.get_env(:pleroma, :instance)
107 |> Keyword.put(:public, false)
108
109 Application.put_env(:pleroma, :instance, instance)
110
111 conn
112 |> get("/api/statuses/public_timeline.json")
113 |> json_response(403)
114
115 instance =
116 Application.get_env(:pleroma, :instance)
117 |> Keyword.put(:public, true)
118
119 Application.put_env(:pleroma, :instance, instance)
120 end
121
122 test "returns 200 to unauthenticated request when the instance is public" do
123 conn
124 |> get("/api/statuses/public_timeline.json")
125 |> json_response(200)
126 end
127 end
128
129 describe "GET /statuses/public_and_external_timeline.json" do
130 test "returns 403 to unauthenticated request when the instance is not public" do
131 instance =
132 Application.get_env(:pleroma, :instance)
133 |> Keyword.put(:public, false)
134
135 Application.put_env(:pleroma, :instance, instance)
136
137 conn
138 |> get("/api/statuses/public_and_external_timeline.json")
139 |> json_response(403)
140
141 instance =
142 Application.get_env(:pleroma, :instance)
143 |> Keyword.put(:public, true)
144
145 Application.put_env(:pleroma, :instance, instance)
146 end
147
148 test "returns 200 to unauthenticated request when the instance is public" do
149 conn
150 |> get("/api/statuses/public_and_external_timeline.json")
151 |> json_response(200)
152 end
153 end
154
155 describe "GET /statuses/show/:id.json" do
156 test "returns one status", %{conn: conn} do
157 user = insert(:user)
158 {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
159 actor = Repo.get_by!(User, ap_id: activity.data["actor"])
160
161 conn =
162 conn
163 |> get("/api/statuses/show/#{activity.id}.json")
164
165 response = json_response(conn, 200)
166
167 assert response == ActivityRepresenter.to_map(activity, %{user: actor})
168 end
169 end
170
171 describe "GET /users/show.json" do
172 test "gets user with screen_name", %{conn: conn} do
173 user = insert(:user)
174
175 conn =
176 conn
177 |> get("/api/users/show.json", %{"screen_name" => user.nickname})
178
179 response = json_response(conn, 200)
180
181 assert response["id"] == user.id
182 end
183
184 test "gets user with user_id", %{conn: conn} do
185 user = insert(:user)
186
187 conn =
188 conn
189 |> get("/api/users/show.json", %{"user_id" => user.id})
190
191 response = json_response(conn, 200)
192
193 assert response["id"] == user.id
194 end
195
196 test "gets a user for a logged in user", %{conn: conn} do
197 user = insert(:user)
198 logged_in = insert(:user)
199
200 {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})
201
202 conn =
203 conn
204 |> with_credentials(logged_in.nickname, "test")
205 |> get("/api/users/show.json", %{"user_id" => user.id})
206
207 response = json_response(conn, 200)
208
209 assert response["following"] == true
210 end
211 end
212
213 describe "GET /statusnet/conversation/:id.json" do
214 test "returns the statuses in the conversation", %{conn: conn} do
215 {:ok, _user} = UserBuilder.insert()
216 {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
217 {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
218 {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})
219
220 conn =
221 conn
222 |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")
223
224 response = json_response(conn, 200)
225
226 assert length(response) == 2
227 end
228 end
229
230 describe "GET /statuses/friends_timeline.json" do
231 setup [:valid_user]
232
233 test "without valid credentials", %{conn: conn} do
234 conn = get(conn, "/api/statuses/friends_timeline.json")
235 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
236 end
237
238 test "with credentials", %{conn: conn, user: current_user} do
239 user = insert(:user)
240
241 activities =
242 ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})
243
244 returned_activities =
245 ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})
246
247 other_user = insert(:user)
248 ActivityBuilder.insert_list(10, %{}, %{user: other_user})
249 since_id = List.last(activities).id
250
251 current_user =
252 Ecto.Changeset.change(current_user, following: [User.ap_followers(user)])
253 |> Repo.update!()
254
255 conn =
256 conn
257 |> with_credentials(current_user.nickname, "test")
258 |> get("/api/statuses/friends_timeline.json", %{since_id: since_id})
259
260 response = json_response(conn, 200)
261
262 assert length(response) == 10
263
264 assert response ==
265 Enum.map(returned_activities, fn activity ->
266 ActivityRepresenter.to_map(activity, %{
267 user: User.get_cached_by_ap_id(activity.data["actor"]),
268 for: current_user
269 })
270 end)
271 end
272 end
273
274 describe "GET /statuses/mentions.json" do
275 setup [:valid_user]
276
277 test "without valid credentials", %{conn: conn} do
278 conn = get(conn, "/api/statuses/mentions.json")
279 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
280 end
281
282 test "with credentials", %{conn: conn, user: current_user} do
283 {:ok, activity} =
284 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
285
286 conn =
287 conn
288 |> with_credentials(current_user.nickname, "test")
289 |> get("/api/statuses/mentions.json")
290
291 response = json_response(conn, 200)
292
293 assert length(response) == 1
294
295 assert Enum.at(response, 0) ==
296 ActivityRepresenter.to_map(activity, %{
297 user: current_user,
298 mentioned: [current_user]
299 })
300 end
301 end
302
303 describe "GET /api/qvitter/statuses/notifications.json" do
304 setup [:valid_user]
305
306 test "without valid credentials", %{conn: conn} do
307 conn = get(conn, "/api/qvitter/statuses/notifications.json")
308 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
309 end
310
311 test "with credentials", %{conn: conn, user: current_user} do
312 other_user = insert(:user)
313
314 {:ok, _activity} =
315 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
316
317 conn =
318 conn
319 |> with_credentials(current_user.nickname, "test")
320 |> get("/api/qvitter/statuses/notifications.json")
321
322 response = json_response(conn, 200)
323
324 assert length(response) == 1
325
326 assert response ==
327 NotificationView.render("notification.json", %{
328 notifications: Notification.for_user(current_user),
329 for: current_user
330 })
331 end
332 end
333
334 describe "GET /statuses/user_timeline.json" do
335 setup [:valid_user]
336
337 test "without any params", %{conn: conn} do
338 conn = get(conn, "/api/statuses/user_timeline.json")
339
340 assert json_response(conn, 400) == %{
341 "error" => "You need to specify screen_name or user_id",
342 "request" => "/api/statuses/user_timeline.json"
343 }
344 end
345
346 test "with user_id", %{conn: conn} do
347 user = insert(:user)
348 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
349
350 conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
351 response = json_response(conn, 200)
352 assert length(response) == 1
353 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
354 end
355
356 test "with screen_name", %{conn: conn} do
357 user = insert(:user)
358 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
359
360 conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
361 response = json_response(conn, 200)
362 assert length(response) == 1
363 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
364 end
365
366 test "with credentials", %{conn: conn, user: current_user} do
367 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})
368
369 conn =
370 conn
371 |> with_credentials(current_user.nickname, "test")
372 |> get("/api/statuses/user_timeline.json")
373
374 response = json_response(conn, 200)
375
376 assert length(response) == 1
377 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
378 end
379
380 test "with credentials with user_id", %{conn: conn, user: current_user} do
381 user = insert(:user)
382 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
383
384 conn =
385 conn
386 |> with_credentials(current_user.nickname, "test")
387 |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})
388
389 response = json_response(conn, 200)
390
391 assert length(response) == 1
392 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
393 end
394
395 test "with credentials screen_name", %{conn: conn, user: current_user} do
396 user = insert(:user)
397 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
398
399 conn =
400 conn
401 |> with_credentials(current_user.nickname, "test")
402 |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
403
404 response = json_response(conn, 200)
405
406 assert length(response) == 1
407 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
408 end
409 end
410
411 describe "POST /friendships/create.json" do
412 setup [:valid_user]
413
414 test "without valid credentials", %{conn: conn} do
415 conn = post(conn, "/api/friendships/create.json")
416 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
417 end
418
419 test "with credentials", %{conn: conn, user: current_user} do
420 followed = insert(:user)
421
422 conn =
423 conn
424 |> with_credentials(current_user.nickname, "test")
425 |> post("/api/friendships/create.json", %{user_id: followed.id})
426
427 current_user = Repo.get(User, current_user.id)
428 assert User.ap_followers(followed) in current_user.following
429
430 assert json_response(conn, 200) ==
431 UserView.render("show.json", %{user: followed, for: current_user})
432 end
433 end
434
435 describe "POST /friendships/destroy.json" do
436 setup [:valid_user]
437
438 test "without valid credentials", %{conn: conn} do
439 conn = post(conn, "/api/friendships/destroy.json")
440 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
441 end
442
443 test "with credentials", %{conn: conn, user: current_user} do
444 followed = insert(:user)
445
446 {:ok, current_user} = User.follow(current_user, followed)
447 assert User.ap_followers(followed) in current_user.following
448 ActivityPub.follow(current_user, followed)
449
450 conn =
451 conn
452 |> with_credentials(current_user.nickname, "test")
453 |> post("/api/friendships/destroy.json", %{user_id: followed.id})
454
455 current_user = Repo.get(User, current_user.id)
456 assert current_user.following == [current_user.ap_id]
457
458 assert json_response(conn, 200) ==
459 UserView.render("show.json", %{user: followed, for: current_user})
460 end
461 end
462
463 describe "POST /blocks/create.json" do
464 setup [:valid_user]
465
466 test "without valid credentials", %{conn: conn} do
467 conn = post(conn, "/api/blocks/create.json")
468 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
469 end
470
471 test "with credentials", %{conn: conn, user: current_user} do
472 blocked = insert(:user)
473
474 conn =
475 conn
476 |> with_credentials(current_user.nickname, "test")
477 |> post("/api/blocks/create.json", %{user_id: blocked.id})
478
479 current_user = Repo.get(User, current_user.id)
480 assert User.blocks?(current_user, blocked)
481
482 assert json_response(conn, 200) ==
483 UserView.render("show.json", %{user: blocked, for: current_user})
484 end
485 end
486
487 describe "POST /blocks/destroy.json" do
488 setup [:valid_user]
489
490 test "without valid credentials", %{conn: conn} do
491 conn = post(conn, "/api/blocks/destroy.json")
492 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
493 end
494
495 test "with credentials", %{conn: conn, user: current_user} do
496 blocked = insert(:user)
497
498 {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
499 assert User.blocks?(current_user, blocked)
500
501 conn =
502 conn
503 |> with_credentials(current_user.nickname, "test")
504 |> post("/api/blocks/destroy.json", %{user_id: blocked.id})
505
506 current_user = Repo.get(User, current_user.id)
507 assert current_user.info["blocks"] == []
508
509 assert json_response(conn, 200) ==
510 UserView.render("show.json", %{user: blocked, for: current_user})
511 end
512 end
513
514 describe "GET /help/test.json" do
515 test "returns \"ok\"", %{conn: conn} do
516 conn = get(conn, "/api/help/test.json")
517 assert json_response(conn, 200) == "ok"
518 end
519 end
520
521 describe "POST /api/qvitter/update_avatar.json" do
522 setup [:valid_user]
523
524 test "without valid credentials", %{conn: conn} do
525 conn = post(conn, "/api/qvitter/update_avatar.json")
526 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
527 end
528
529 test "with credentials", %{conn: conn, user: current_user} do
530 avatar_image = File.read!("test/fixtures/avatar_data_uri")
531
532 conn =
533 conn
534 |> with_credentials(current_user.nickname, "test")
535 |> post("/api/qvitter/update_avatar.json", %{img: avatar_image})
536
537 current_user = Repo.get(User, current_user.id)
538 assert is_map(current_user.avatar)
539
540 assert json_response(conn, 200) ==
541 UserView.render("show.json", %{user: current_user, for: current_user})
542 end
543 end
544
545 describe "GET /api/qvitter/mutes.json" do
546 setup [:valid_user]
547
548 test "unimplemented mutes without valid credentials", %{conn: conn} do
549 conn = get(conn, "/api/qvitter/mutes.json")
550 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
551 end
552
553 test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
554 conn =
555 conn
556 |> with_credentials(current_user.nickname, "test")
557 |> get("/api/qvitter/mutes.json")
558
559 current_user = Repo.get(User, current_user.id)
560
561 assert [] = json_response(conn, 200)
562 end
563 end
564
565 describe "POST /api/favorites/create/:id" do
566 setup [:valid_user]
567
568 test "without valid credentials", %{conn: conn} do
569 note_activity = insert(:note_activity)
570 conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
571 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
572 end
573
574 test "with credentials", %{conn: conn, user: current_user} do
575 note_activity = insert(:note_activity)
576
577 conn =
578 conn
579 |> with_credentials(current_user.nickname, "test")
580 |> post("/api/favorites/create/#{note_activity.id}.json")
581
582 assert json_response(conn, 200)
583 end
584
585 test "with credentials, invalid param", %{conn: conn, user: current_user} do
586 conn =
587 conn
588 |> with_credentials(current_user.nickname, "test")
589 |> post("/api/favorites/create/wrong.json")
590
591 assert json_response(conn, 400)
592 end
593
594 test "with credentials, invalid activity", %{conn: conn, user: current_user} do
595 conn =
596 conn
597 |> with_credentials(current_user.nickname, "test")
598 |> post("/api/favorites/create/1.json")
599
600 assert json_response(conn, 500)
601 end
602 end
603
604 describe "POST /api/favorites/destroy/:id" do
605 setup [:valid_user]
606
607 test "without valid credentials", %{conn: conn} do
608 note_activity = insert(:note_activity)
609 conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
610 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
611 end
612
613 test "with credentials", %{conn: conn, user: current_user} do
614 note_activity = insert(:note_activity)
615 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
616 ActivityPub.like(current_user, object)
617
618 conn =
619 conn
620 |> with_credentials(current_user.nickname, "test")
621 |> post("/api/favorites/destroy/#{note_activity.id}.json")
622
623 assert json_response(conn, 200)
624 end
625 end
626
627 describe "POST /api/statuses/retweet/:id" do
628 setup [:valid_user]
629
630 test "without valid credentials", %{conn: conn} do
631 note_activity = insert(:note_activity)
632 conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
633 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
634 end
635
636 test "with credentials", %{conn: conn, user: current_user} do
637 note_activity = insert(:note_activity)
638
639 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
640
641 response =
642 conn
643 |> with_credentials(current_user.nickname, "test")
644 |> post(request_path)
645
646 activity = Repo.get(Activity, note_activity.id)
647 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
648
649 assert json_response(response, 200) ==
650 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
651 end
652 end
653
654 describe "POST /api/statuses/unretweet/:id" do
655 setup [:valid_user]
656
657 test "without valid credentials", %{conn: conn} do
658 note_activity = insert(:note_activity)
659 conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
660 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
661 end
662
663 test "with credentials", %{conn: conn, user: current_user} do
664 note_activity = insert(:note_activity)
665
666 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
667
668 _response =
669 conn
670 |> with_credentials(current_user.nickname, "test")
671 |> post(request_path)
672
673 request_path = String.replace(request_path, "retweet", "unretweet")
674
675 response =
676 conn
677 |> with_credentials(current_user.nickname, "test")
678 |> post(request_path)
679
680 activity = Repo.get(Activity, note_activity.id)
681 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
682
683 assert json_response(response, 200) ==
684 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
685 end
686 end
687
688 describe "POST /api/account/register" do
689 test "it creates a new user", %{conn: conn} do
690 data = %{
691 "nickname" => "lain",
692 "email" => "lain@wired.jp",
693 "fullname" => "lain iwakura",
694 "bio" => "close the world.",
695 "password" => "bear",
696 "confirm" => "bear"
697 }
698
699 conn =
700 conn
701 |> post("/api/account/register", data)
702
703 user = json_response(conn, 200)
704
705 fetched_user = Repo.get_by(User, nickname: "lain")
706 assert user == UserView.render("show.json", %{user: fetched_user})
707 end
708
709 test "it returns errors on a problem", %{conn: conn} do
710 data = %{
711 "email" => "lain@wired.jp",
712 "fullname" => "lain iwakura",
713 "bio" => "close the world.",
714 "password" => "bear",
715 "confirm" => "bear"
716 }
717
718 conn =
719 conn
720 |> post("/api/account/register", data)
721
722 errors = json_response(conn, 400)
723
724 assert is_binary(errors["error"])
725 end
726 end
727
728 describe "GET /api/externalprofile/show" do
729 test "it returns the user", %{conn: conn} do
730 user = insert(:user)
731 other_user = insert(:user)
732
733 conn =
734 conn
735 |> assign(:user, user)
736 |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
737
738 assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
739 end
740 end
741
742 describe "GET /api/statuses/followers" do
743 test "it returns a user's followers", %{conn: conn} do
744 user = insert(:user)
745 follower_one = insert(:user)
746 follower_two = insert(:user)
747 _not_follower = insert(:user)
748
749 {:ok, follower_one} = User.follow(follower_one, user)
750 {:ok, follower_two} = User.follow(follower_two, user)
751
752 conn =
753 conn
754 |> assign(:user, user)
755 |> get("/api/statuses/followers")
756
757 expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
758 result = json_response(conn, 200)
759 assert Enum.sort(expected) == Enum.sort(result)
760 end
761 end
762
763 describe "GET /api/statuses/friends" do
764 test "it returns the logged in user's friends", %{conn: conn} do
765 user = insert(:user)
766 followed_one = insert(:user)
767 followed_two = insert(:user)
768 _not_followed = insert(:user)
769
770 {:ok, user} = User.follow(user, followed_one)
771 {:ok, user} = User.follow(user, followed_two)
772
773 conn =
774 conn
775 |> assign(:user, user)
776 |> get("/api/statuses/friends")
777
778 expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
779 result = json_response(conn, 200)
780 assert Enum.sort(expected) == Enum.sort(result)
781 end
782
783 test "it returns a given user's friends with user_id", %{conn: conn} do
784 user = insert(:user)
785 followed_one = insert(:user)
786 followed_two = insert(:user)
787 _not_followed = insert(:user)
788
789 {:ok, user} = User.follow(user, followed_one)
790 {:ok, user} = User.follow(user, followed_two)
791
792 conn =
793 conn
794 |> assign(:user, user)
795 |> get("/api/statuses/friends", %{"user_id" => user.id})
796
797 assert MapSet.equal?(
798 MapSet.new(json_response(conn, 200)),
799 MapSet.new(
800 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
801 )
802 )
803 end
804
805 test "it returns a given user's friends with screen_name", %{conn: conn} do
806 user = insert(:user)
807 followed_one = insert(:user)
808 followed_two = insert(:user)
809 _not_followed = insert(:user)
810
811 {:ok, user} = User.follow(user, followed_one)
812 {:ok, user} = User.follow(user, followed_two)
813
814 conn =
815 conn
816 |> assign(:user, user)
817 |> get("/api/statuses/friends", %{"screen_name" => user.nickname})
818
819 assert MapSet.equal?(
820 MapSet.new(json_response(conn, 200)),
821 MapSet.new(
822 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
823 )
824 )
825 end
826 end
827
828 describe "GET /friends/ids" do
829 test "it returns a user's friends", %{conn: conn} do
830 user = insert(:user)
831 followed_one = insert(:user)
832 followed_two = insert(:user)
833 _not_followed = insert(:user)
834
835 {:ok, user} = User.follow(user, followed_one)
836 {:ok, user} = User.follow(user, followed_two)
837
838 conn =
839 conn
840 |> assign(:user, user)
841 |> get("/api/friends/ids")
842
843 expected = [followed_one.id, followed_two.id]
844
845 assert MapSet.equal?(
846 MapSet.new(Poison.decode!(json_response(conn, 200))),
847 MapSet.new(expected)
848 )
849 end
850 end
851
852 describe "POST /api/account/update_profile.json" do
853 test "it updates a user's profile", %{conn: conn} do
854 user = insert(:user)
855
856 conn =
857 conn
858 |> assign(:user, user)
859 |> post("/api/account/update_profile.json", %{
860 "name" => "new name",
861 "description" => "new description"
862 })
863
864 user = Repo.get!(User, user.id)
865 assert user.name == "new name"
866 assert user.bio == "new description"
867
868 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
869 end
870
871 test "it locks an account", %{conn: conn} do
872 user = insert(:user)
873
874 conn =
875 conn
876 |> assign(:user, user)
877 |> post("/api/account/update_profile.json", %{
878 "locked" => "true"
879 })
880
881 user = Repo.get!(User, user.id)
882 assert user.info["locked"] == true
883
884 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
885 end
886
887 test "it unlocks an account", %{conn: conn} do
888 user = insert(:user)
889
890 conn =
891 conn
892 |> assign(:user, user)
893 |> post("/api/account/update_profile.json", %{
894 "locked" => "false"
895 })
896
897 user = Repo.get!(User, user.id)
898 assert user.info["locked"] == false
899
900 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
901 end
902 end
903
904 defp valid_user(_context) do
905 user = insert(:user)
906 [user: user]
907 end
908
909 defp with_credentials(conn, username, password) do
910 header_content = "Basic " <> Base.encode64("#{username}:#{password}")
911 put_req_header(conn, "authorization", header_content)
912 end
913
914 describe "GET /api/search.json" do
915 test "it returns search results", %{conn: conn} do
916 user = insert(:user)
917 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
918
919 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
920 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
921
922 conn =
923 conn
924 |> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"})
925
926 assert [status] = json_response(conn, 200)
927 assert status["id"] == activity.id
928 end
929 end
930
931 describe "GET /api/statusnet/tags/timeline/:tag.json" do
932 test "it returns the tags timeline", %{conn: conn} do
933 user = insert(:user)
934 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
935
936 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"})
937 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
938
939 conn =
940 conn
941 |> get("/api/statusnet/tags/timeline/2hu.json")
942
943 assert [status] = json_response(conn, 200)
944 assert status["id"] == activity.id
945 end
946 end
947
948 test "Convert newlines to <br> in bio", %{conn: conn} do
949 user = insert(:user)
950
951 _conn =
952 conn
953 |> assign(:user, user)
954 |> post("/api/account/update_profile.json", %{
955 "description" => "Hello,\r\nWorld! I\n am a test."
956 })
957
958 user = Repo.get!(User, user.id)
959 assert user.bio == "Hello,<br>World! I<br> am a test."
960 end
961
962 describe "POST /api/pleroma/change_password" do
963 setup [:valid_user]
964
965 test "without credentials", %{conn: conn} do
966 conn = post(conn, "/api/pleroma/change_password")
967 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
968 end
969
970 test "with credentials and invalid password", %{conn: conn, user: current_user} do
971 conn =
972 conn
973 |> with_credentials(current_user.nickname, "test")
974 |> post("/api/pleroma/change_password", %{
975 "password" => "hi",
976 "new_password" => "newpass",
977 "new_password_confirmation" => "newpass"
978 })
979
980 assert json_response(conn, 200) == %{"error" => "Invalid password."}
981 end
982
983 test "with credentials, valid password and new password and confirmation not matching", %{
984 conn: conn,
985 user: current_user
986 } do
987 conn =
988 conn
989 |> with_credentials(current_user.nickname, "test")
990 |> post("/api/pleroma/change_password", %{
991 "password" => "test",
992 "new_password" => "newpass",
993 "new_password_confirmation" => "notnewpass"
994 })
995
996 assert json_response(conn, 200) == %{
997 "error" => "New password does not match confirmation."
998 }
999 end
1000
1001 test "with credentials, valid password and invalid new password", %{
1002 conn: conn,
1003 user: current_user
1004 } do
1005 conn =
1006 conn
1007 |> with_credentials(current_user.nickname, "test")
1008 |> post("/api/pleroma/change_password", %{
1009 "password" => "test",
1010 "new_password" => "",
1011 "new_password_confirmation" => ""
1012 })
1013
1014 assert json_response(conn, 200) == %{
1015 "error" => "New password can't be blank."
1016 }
1017 end
1018
1019 test "with credentials, valid password and matching new password and confirmation", %{
1020 conn: conn,
1021 user: current_user
1022 } do
1023 conn =
1024 conn
1025 |> with_credentials(current_user.nickname, "test")
1026 |> post("/api/pleroma/change_password", %{
1027 "password" => "test",
1028 "new_password" => "newpass",
1029 "new_password_confirmation" => "newpass"
1030 })
1031
1032 assert json_response(conn, 200) == %{"status" => "success"}
1033 fetched_user = Repo.get(User, current_user.id)
1034 assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
1035 end
1036 end
1037
1038 describe "POST /api/pleroma/delete_account" do
1039 setup [:valid_user]
1040
1041 test "without credentials", %{conn: conn} do
1042 conn = post(conn, "/api/pleroma/delete_account")
1043 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
1044 end
1045
1046 test "with credentials and invalid password", %{conn: conn, user: current_user} do
1047 conn =
1048 conn
1049 |> with_credentials(current_user.nickname, "test")
1050 |> post("/api/pleroma/delete_account", %{"password" => "hi"})
1051
1052 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1053 end
1054
1055 test "with credentials and valid password", %{conn: conn, user: current_user} do
1056 conn =
1057 conn
1058 |> with_credentials(current_user.nickname, "test")
1059 |> post("/api/pleroma/delete_account", %{"password" => "test"})
1060
1061 assert json_response(conn, 200) == %{"status" => "success"}
1062 # Wait a second for the started task to end
1063 :timer.sleep(1000)
1064 end
1065 end
1066
1067 describe "GET /api/pleroma/friend_requests" do
1068 test "it lists friend requests" do
1069 user = insert(:user, %{info: %{"locked" => true}})
1070 other_user = insert(:user)
1071
1072 {:ok, activity} = ActivityPub.follow(other_user, user)
1073
1074 user = Repo.get(User, user.id)
1075 other_user = Repo.get(User, other_user.id)
1076
1077 assert User.following?(other_user, user) == false
1078
1079 conn =
1080 build_conn()
1081 |> assign(:user, user)
1082 |> get("/api/pleroma/friend_requests")
1083
1084 assert [relationship] = json_response(conn, 200)
1085 assert other_user.id == relationship["id"]
1086 end
1087 end
1088
1089 describe "POST /api/pleroma/friendships/approve" do
1090 test "it approves a friend request" do
1091 user = insert(:user, %{info: %{"locked" => true}})
1092 other_user = insert(:user)
1093
1094 {:ok, activity} = ActivityPub.follow(other_user, user)
1095
1096 user = Repo.get(User, user.id)
1097 other_user = Repo.get(User, other_user.id)
1098
1099 assert User.following?(other_user, user) == false
1100
1101 conn =
1102 build_conn()
1103 |> assign(:user, user)
1104 |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})
1105
1106 assert relationship = json_response(conn, 200)
1107 assert other_user.id == relationship["id"]
1108 assert relationship["follows_you"] == true
1109 end
1110 end
1111
1112 describe "POST /api/pleroma/friendships/deny" do
1113 test "it denies a friend request" do
1114 user = insert(:user, %{info: %{"locked" => true}})
1115 other_user = insert(:user)
1116
1117 {:ok, activity} = ActivityPub.follow(other_user, user)
1118
1119 user = Repo.get(User, user.id)
1120 other_user = Repo.get(User, other_user.id)
1121
1122 assert User.following?(other_user, user) == false
1123
1124 conn =
1125 build_conn()
1126 |> assign(:user, user)
1127 |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})
1128
1129 assert relationship = json_response(conn, 200)
1130 assert other_user.id == relationship["id"]
1131 assert relationship["follows_you"] == false
1132 end
1133 end
1134 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git