+
+ describe "GET /api/pleroma/search_user" do
+ test "it returns users, ordered by similarity", %{conn: conn} do
+ user = insert(:user, %{name: "eal"})
+ user_two = insert(:user, %{name: "eal me"})
+ _user_three = insert(:user, %{name: "zzz"})
+
+ resp =
+ conn
+ |> get(twitter_api_search__path(conn, :search_user), query: "eal me")
+ |> json_response(200)
+
+ assert length(resp) == 2
+ assert [user_two.id, user.id] == Enum.map(resp, fn %{"id" => id} -> id end)
+ end
+ end
+
+ describe "POST /api/media/upload" do
+ setup context do
+ Pleroma.DataCase.ensure_local_uploader(context)
+ end
+
+ test "it performs the upload and sets `data[actor]` with AP id of uploader user", %{
+ conn: conn
+ } do
+ user = insert(:user)
+
+ upload_filename = "test/fixtures/image_tmp.jpg"
+ File.cp!("test/fixtures/image.jpg", upload_filename)
+
+ file = %Plug.Upload{
+ content_type: "image/jpg",
+ path: Path.absname(upload_filename),
+ filename: "image.jpg"
+ }
+
+ response =
+ conn
+ |> assign(:user, user)
+ |> put_req_header("content-type", "application/octet-stream")
+ |> post("/api/media/upload", %{
+ "media" => file
+ })
+ |> json_response(:ok)
+
+ assert response["media_id"]
+ object = Repo.get(Object, response["media_id"])
+ assert object
+ assert object.data["actor"] == User.ap_id(user)
+ end
+ end
+
+ describe "POST /api/media/metadata/create" do
+ setup do
+ object = insert(:note)
+ user = User.get_by_ap_id(object.data["actor"])
+ %{object: object, user: user}
+ end
+
+ test "it returns :forbidden status on attempt to modify someone else's upload", %{
+ conn: conn,
+ object: object
+ } do
+ initial_description = object.data["name"]
+ another_user = insert(:user)
+
+ conn
+ |> assign(:user, another_user)
+ |> post("/api/media/metadata/create", %{"media_id" => object.id})
+ |> json_response(:forbidden)
+
+ object = Repo.get(Object, object.id)
+ assert object.data["name"] == initial_description
+ end
+
+ test "it updates `data[name]` of referenced Object with provided value", %{
+ conn: conn,
+ object: object,
+ user: user
+ } do
+ description = "Informative description of the image. Initial value: #{object.data["name"]}}"
+
+ conn
+ |> assign(:user, user)
+ |> post("/api/media/metadata/create", %{
+ "media_id" => object.id,
+ "alt_text" => %{"text" => description}
+ })
+ |> json_response(:no_content)
+
+ object = Repo.get(Object, object.id)
+ assert object.data["name"] == description
+ end
+ end
+
+ describe "POST /api/statuses/user_timeline.json?user_id=:user_id&pinned=true" do
+ test "it returns a list of pinned statuses", %{conn: conn} do
+ Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
+
+ user = insert(:user, %{name: "egor"})
+ {:ok, %{id: activity_id}} = CommonAPI.post(user, %{"status" => "HI!!!"})
+ {:ok, _} = CommonAPI.pin(activity_id, user)
+
+ resp =
+ conn
+ |> get("/api/statuses/user_timeline.json", %{user_id: user.id, pinned: true})
+ |> json_response(200)
+
+ assert length(resp) == 1
+ assert [%{"id" => ^activity_id, "pinned" => true}] = resp
+ end
+ end
+
+ describe "POST /api/statuses/pin/:id" do
+ setup do
+ Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
+ [user: insert(:user)]
+ end
+
+ test "without valid credentials", %{conn: conn} do
+ note_activity = insert(:note_activity)
+ conn = post(conn, "/api/statuses/pin/#{note_activity.id}.json")
+ assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
+ end
+
+ test "with credentials", %{conn: conn, user: user} do
+ {:ok, activity} = CommonAPI.post(user, %{"status" => "test!"})
+
+ request_path = "/api/statuses/pin/#{activity.id}.json"
+
+ response =
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> post(request_path)
+
+ user = refresh_record(user)
+
+ assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: user})
+ end
+ end
+
+ describe "POST /api/statuses/unpin/:id" do
+ setup do
+ Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
+ [user: insert(:user)]
+ end
+
+ test "without valid credentials", %{conn: conn} do
+ note_activity = insert(:note_activity)
+ conn = post(conn, "/api/statuses/unpin/#{note_activity.id}.json")
+ assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
+ end
+
+ test "with credentials", %{conn: conn, user: user} do
+ {:ok, activity} = CommonAPI.post(user, %{"status" => "test!"})
+ {:ok, activity} = CommonAPI.pin(activity.id, user)
+
+ request_path = "/api/statuses/unpin/#{activity.id}.json"
+
+ response =
+ conn
+ |> with_credentials(user.nickname, "test")
+ |> post(request_path)
+
+ user = refresh_record(user)
+
+ assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: user})
+ end
+ end