projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove vapidPublicKey from Nodeinfo
[akkoma] / test / web / twitter_api / util_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
8
9 alias Pleroma.Config
10 alias Pleroma.Tests.ObanHelpers
11 alias Pleroma.User
12
13 import Pleroma.Factory
14 import Mock
15
16 setup do
17 Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
18 :ok
19 end
20
21 setup do: clear_config([:instance])
22 setup do: clear_config([:frontend_configurations, :pleroma_fe])
23
24 describe "POST /api/pleroma/follow_import" do
25 setup do: oauth_access(["follow"])
26
27 test "it returns HTTP 200", %{conn: conn} do
28 user2 = insert(:user)
29
30 response =
31 conn
32 |> post("/api/pleroma/follow_import", %{"list" => "#{user2.ap_id}"})
33 |> json_response(:ok)
34
35 assert response == "job started"
36 end
37
38 test "it imports follow lists from file", %{user: user1, conn: conn} do
39 user2 = insert(:user)
40
41 with_mocks([
42 {File, [],
43 read!: fn "follow_list.txt" ->
44 "Account address,Show boosts\n#{user2.ap_id},true"
45 end}
46 ]) do
47 response =
48 conn
49 |> post("/api/pleroma/follow_import", %{"list" => %Plug.Upload{path: "follow_list.txt"}})
50 |> json_response(:ok)
51
52 assert response == "job started"
53
54 assert ObanHelpers.member?(
55 %{
56 "op" => "follow_import",
57 "follower_id" => user1.id,
58 "followed_identifiers" => [user2.ap_id]
59 },
60 all_enqueued(worker: Pleroma.Workers.BackgroundWorker)
61 )
62 end
63 end
64
65 test "it imports new-style mastodon follow lists", %{conn: conn} do
66 user2 = insert(:user)
67
68 response =
69 conn
70 |> post("/api/pleroma/follow_import", %{
71 "list" => "Account address,Show boosts\n#{user2.ap_id},true"
72 })
73 |> json_response(:ok)
74
75 assert response == "job started"
76 end
77
78 test "requires 'follow' or 'write:follows' permissions" do
79 token1 = insert(:oauth_token, scopes: ["read", "write"])
80 token2 = insert(:oauth_token, scopes: ["follow"])
81 token3 = insert(:oauth_token, scopes: ["something"])
82 another_user = insert(:user)
83
84 for token <- [token1, token2, token3] do
85 conn =
86 build_conn()
87 |> put_req_header("authorization", "Bearer #{token.token}")
88 |> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"})
89
90 if token == token3 do
91 assert %{"error" => "Insufficient permissions: follow | write:follows."} ==
92 json_response(conn, 403)
93 else
94 assert json_response(conn, 200)
95 end
96 end
97 end
98 end
99
100 describe "POST /api/pleroma/blocks_import" do
101 # Note: "follow" or "write:blocks" permission is required
102 setup do: oauth_access(["write:blocks"])
103
104 test "it returns HTTP 200", %{conn: conn} do
105 user2 = insert(:user)
106
107 response =
108 conn
109 |> post("/api/pleroma/blocks_import", %{"list" => "#{user2.ap_id}"})
110 |> json_response(:ok)
111
112 assert response == "job started"
113 end
114
115 test "it imports blocks users from file", %{user: user1, conn: conn} do
116 user2 = insert(:user)
117 user3 = insert(:user)
118
119 with_mocks([
120 {File, [], read!: fn "blocks_list.txt" -> "#{user2.ap_id} #{user3.ap_id}" end}
121 ]) do
122 response =
123 conn
124 |> post("/api/pleroma/blocks_import", %{"list" => %Plug.Upload{path: "blocks_list.txt"}})
125 |> json_response(:ok)
126
127 assert response == "job started"
128
129 assert ObanHelpers.member?(
130 %{
131 "op" => "blocks_import",
132 "blocker_id" => user1.id,
133 "blocked_identifiers" => [user2.ap_id, user3.ap_id]
134 },
135 all_enqueued(worker: Pleroma.Workers.BackgroundWorker)
136 )
137 end
138 end
139 end
140
141 describe "PUT /api/pleroma/notification_settings" do
142 setup do: oauth_access(["write:accounts"])
143
144 test "it updates notification settings", %{user: user, conn: conn} do
145 conn
146 |> put("/api/pleroma/notification_settings", %{
147 "followers" => false,
148 "bar" => 1
149 })
150 |> json_response(:ok)
151
152 user = refresh_record(user)
153
154 assert %Pleroma.User.NotificationSetting{
155 followers: false,
156 follows: true,
157 non_follows: true,
158 non_followers: true,
159 privacy_option: false
160 } == user.notification_settings
161 end
162
163 test "it updates notification privacy option", %{user: user, conn: conn} do
164 conn
165 |> put("/api/pleroma/notification_settings", %{"privacy_option" => "1"})
166 |> json_response(:ok)
167
168 user = refresh_record(user)
169
170 assert %Pleroma.User.NotificationSetting{
171 followers: true,
172 follows: true,
173 non_follows: true,
174 non_followers: true,
175 privacy_option: true
176 } == user.notification_settings
177 end
178 end
179
180 describe "GET /api/pleroma/frontend_configurations" do
181 test "returns everything in :pleroma, :frontend_configurations", %{conn: conn} do
182 config = [
183 frontend_a: %{
184 x: 1,
185 y: 2
186 },
187 frontend_b: %{
188 z: 3
189 }
190 ]
191
192 Config.put(:frontend_configurations, config)
193
194 response =
195 conn
196 |> get("/api/pleroma/frontend_configurations")
197 |> json_response(:ok)
198
199 assert response == Jason.encode!(config |> Enum.into(%{})) |> Jason.decode!()
200 end
201 end
202
203 describe "/api/pleroma/emoji" do
204 test "returns json with custom emoji with tags", %{conn: conn} do
205 emoji =
206 conn
207 |> get("/api/pleroma/emoji")
208 |> json_response(200)
209
210 assert Enum.all?(emoji, fn
211 {_key,
212 %{
213 "image_url" => url,
214 "tags" => tags
215 }} ->
216 is_binary(url) and is_list(tags)
217 end)
218 end
219 end
220
221 describe "GET /api/pleroma/healthcheck" do
222 setup do: clear_config([:instance, :healthcheck])
223
224 test "returns 503 when healthcheck disabled", %{conn: conn} do
225 Config.put([:instance, :healthcheck], false)
226
227 response =
228 conn
229 |> get("/api/pleroma/healthcheck")
230 |> json_response(503)
231
232 assert response == %{}
233 end
234
235 test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
236 Config.put([:instance, :healthcheck], true)
237
238 with_mock Pleroma.Healthcheck,
239 system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
240 response =
241 conn
242 |> get("/api/pleroma/healthcheck")
243 |> json_response(200)
244
245 assert %{
246 "active" => _,
247 "healthy" => true,
248 "idle" => _,
249 "memory_used" => _,
250 "pool_size" => _
251 } = response
252 end
253 end
254
255 test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do
256 Config.put([:instance, :healthcheck], true)
257
258 with_mock Pleroma.Healthcheck,
259 system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
260 response =
261 conn
262 |> get("/api/pleroma/healthcheck")
263 |> json_response(503)
264
265 assert %{
266 "active" => _,
267 "healthy" => false,
268 "idle" => _,
269 "memory_used" => _,
270 "pool_size" => _
271 } = response
272 end
273 end
274 end
275
276 describe "POST /api/pleroma/disable_account" do
277 setup do: oauth_access(["write:accounts"])
278
279 test "with valid permissions and password, it disables the account", %{conn: conn, user: user} do
280 response =
281 conn
282 |> post("/api/pleroma/disable_account", %{"password" => "test"})
283 |> json_response(:ok)
284
285 assert response == %{"status" => "success"}
286 ObanHelpers.perform_all()
287
288 user = User.get_cached_by_id(user.id)
289
290 assert user.deactivated == true
291 end
292
293 test "with valid permissions and invalid password, it returns an error", %{conn: conn} do
294 user = insert(:user)
295
296 response =
297 conn
298 |> post("/api/pleroma/disable_account", %{"password" => "test1"})
299 |> json_response(:ok)
300
301 assert response == %{"error" => "Invalid password."}
302 user = User.get_cached_by_id(user.id)
303
304 refute user.deactivated
305 end
306 end
307
308 describe "POST /main/ostatus - remote_subscribe/2" do
309 setup do: clear_config([:instance, :federating], true)
310
311 test "renders subscribe form", %{conn: conn} do
312 user = insert(:user)
313
314 response =
315 conn
316 |> post("/main/ostatus", %{"nickname" => user.nickname, "profile" => ""})
317 |> response(:ok)
318
319 refute response =~ "Could not find user"
320 assert response =~ "Remotely follow #{user.nickname}"
321 end
322
323 test "renders subscribe form with error when user not found", %{conn: conn} do
324 response =
325 conn
326 |> post("/main/ostatus", %{"nickname" => "nickname", "profile" => ""})
327 |> response(:ok)
328
329 assert response =~ "Could not find user"
330 refute response =~ "Remotely follow"
331 end
332
333 test "it redirect to webfinger url", %{conn: conn} do
334 user = insert(:user)
335 user2 = insert(:user, ap_id: "shp@social.heldscal.la")
336
337 conn =
338 conn
339 |> post("/main/ostatus", %{
340 "user" => %{"nickname" => user.nickname, "profile" => user2.ap_id}
341 })
342
343 assert redirected_to(conn) ==
344 "https://social.heldscal.la/main/ostatussub?profile=#{user.ap_id}"
345 end
346
347 test "it renders form with error when user not found", %{conn: conn} do
348 user2 = insert(:user, ap_id: "shp@social.heldscal.la")
349
350 response =
351 conn
352 |> post("/main/ostatus", %{"user" => %{"nickname" => "jimm", "profile" => user2.ap_id}})
353 |> response(:ok)
354
355 assert response =~ "Something went wrong."
356 end
357 end
358
359 test "it returns new captcha", %{conn: conn} do
360 with_mock Pleroma.Captcha,
361 new: fn -> "test_captcha" end do
362 resp =
363 conn
364 |> get("/api/pleroma/captcha")
365 |> response(200)
366
367 assert resp == "\"test_captcha\""
368 assert called(Pleroma.Captcha.new())
369 end
370 end
371
372 describe "POST /api/pleroma/change_email" do
373 setup do: oauth_access(["write:accounts"])
374
375 test "without permissions", %{conn: conn} do
376 conn =
377 conn
378 |> assign(:token, nil)
379 |> post("/api/pleroma/change_email")
380
381 assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}
382 end
383
384 test "with proper permissions and invalid password", %{conn: conn} do
385 conn =
386 post(conn, "/api/pleroma/change_email", %{
387 "password" => "hi",
388 "email" => "test@test.com"
389 })
390
391 assert json_response(conn, 200) == %{"error" => "Invalid password."}
392 end
393
394 test "with proper permissions, valid password and invalid email", %{
395 conn: conn
396 } do
397 conn =
398 post(conn, "/api/pleroma/change_email", %{
399 "password" => "test",
400 "email" => "foobar"
401 })
402
403 assert json_response(conn, 200) == %{"error" => "Email has invalid format."}
404 end
405
406 test "with proper permissions, valid password and no email", %{
407 conn: conn
408 } do
409 conn =
410 post(conn, "/api/pleroma/change_email", %{
411 "password" => "test"
412 })
413
414 assert json_response(conn, 200) == %{"error" => "Email can't be blank."}
415 end
416
417 test "with proper permissions, valid password and blank email", %{
418 conn: conn
419 } do
420 conn =
421 post(conn, "/api/pleroma/change_email", %{
422 "password" => "test",
423 "email" => ""
424 })
425
426 assert json_response(conn, 200) == %{"error" => "Email can't be blank."}
427 end
428
429 test "with proper permissions, valid password and non unique email", %{
430 conn: conn
431 } do
432 user = insert(:user)
433
434 conn =
435 post(conn, "/api/pleroma/change_email", %{
436 "password" => "test",
437 "email" => user.email
438 })
439
440 assert json_response(conn, 200) == %{"error" => "Email has already been taken."}
441 end
442
443 test "with proper permissions, valid password and valid email", %{
444 conn: conn
445 } do
446 conn =
447 post(conn, "/api/pleroma/change_email", %{
448 "password" => "test",
449 "email" => "cofe@foobar.com"
450 })
451
452 assert json_response(conn, 200) == %{"status" => "success"}
453 end
454 end
455
456 describe "POST /api/pleroma/change_password" do
457 setup do: oauth_access(["write:accounts"])
458
459 test "without permissions", %{conn: conn} do
460 conn =
461 conn
462 |> assign(:token, nil)
463 |> post("/api/pleroma/change_password")
464
465 assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}
466 end
467
468 test "with proper permissions and invalid password", %{conn: conn} do
469 conn =
470 post(conn, "/api/pleroma/change_password", %{
471 "password" => "hi",
472 "new_password" => "newpass",
473 "new_password_confirmation" => "newpass"
474 })
475
476 assert json_response(conn, 200) == %{"error" => "Invalid password."}
477 end
478
479 test "with proper permissions, valid password and new password and confirmation not matching",
480 %{
481 conn: conn
482 } do
483 conn =
484 post(conn, "/api/pleroma/change_password", %{
485 "password" => "test",
486 "new_password" => "newpass",
487 "new_password_confirmation" => "notnewpass"
488 })
489
490 assert json_response(conn, 200) == %{
491 "error" => "New password does not match confirmation."
492 }
493 end
494
495 test "with proper permissions, valid password and invalid new password", %{
496 conn: conn
497 } do
498 conn =
499 post(conn, "/api/pleroma/change_password", %{
500 "password" => "test",
501 "new_password" => "",
502 "new_password_confirmation" => ""
503 })
504
505 assert json_response(conn, 200) == %{
506 "error" => "New password can't be blank."
507 }
508 end
509
510 test "with proper permissions, valid password and matching new password and confirmation", %{
511 conn: conn,
512 user: user
513 } do
514 conn =
515 post(conn, "/api/pleroma/change_password", %{
516 "password" => "test",
517 "new_password" => "newpass",
518 "new_password_confirmation" => "newpass"
519 })
520
521 assert json_response(conn, 200) == %{"status" => "success"}
522 fetched_user = User.get_cached_by_id(user.id)
523 assert Comeonin.Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
524 end
525 end
526
527 describe "POST /api/pleroma/delete_account" do
528 setup do: oauth_access(["write:accounts"])
529
530 test "without permissions", %{conn: conn} do
531 conn =
532 conn
533 |> assign(:token, nil)
534 |> post("/api/pleroma/delete_account")
535
536 assert json_response(conn, 403) ==
537 %{"error" => "Insufficient permissions: write:accounts."}
538 end
539
540 test "with proper permissions and wrong or missing password", %{conn: conn} do
541 for params <- [%{"password" => "hi"}, %{}] do
542 ret_conn = post(conn, "/api/pleroma/delete_account", params)
543
544 assert json_response(ret_conn, 200) == %{"error" => "Invalid password."}
545 end
546 end
547
548 test "with proper permissions and valid password", %{conn: conn} do
549 conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"})
550
551 assert json_response(conn, 200) == %{"status" => "success"}
552 end
553 end
554 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git