+
+ test "the user views their own timelines and excludes direct messages", %{
+ user: user,
+ conn: conn
+ } do
+ {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"})
+ {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"})
+
+ conn =
+ get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_visibilities" => ["direct"]})
+
+ assert [%{"id" => id}] = json_response(conn, 200)
+ assert id == to_string(public_activity.id)
+ end
+ end
+
+ defp local_and_remote_activities(%{local: local, remote: remote}) do
+ insert(:note_activity, user: local)
+ insert(:note_activity, user: remote, local: false)
+
+ :ok
+ end
+
+ describe "statuses with restrict unauthenticated profiles for local and remote" do
+ setup do: local_and_remote_users()
+ setup :local_and_remote_activities
+
+ setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true)
+
+ setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Can't find user"
+ }
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Can't find user"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+ end
+ end
+
+ describe "statuses with restrict unauthenticated profiles for local" do
+ setup do: local_and_remote_users()
+ setup :local_and_remote_activities
+
+ setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Can't find user"
+ }
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+ end
+ end
+
+ describe "statuses with restrict unauthenticated profiles for remote" do
+ setup do: local_and_remote_users()
+ setup :local_and_remote_activities
+
+ setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Can't find user"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
+ assert length(json_response(res_conn, 200)) == 1
+ end