# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
alias Pleroma.Activity
alias Pleroma.Builders.ActivityBuilder
+ alias Pleroma.Web.ActivityPub.Builder
alias Pleroma.Config
alias Pleroma.Notification
alias Pleroma.Object
import Tesla.Mock
setup do
+ clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local)
+ clear_config([Pleroma.Uploaders.Local, :uploads], "uploads")
mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
end
assert User.invisible?(user)
end
- test "it returns a user that accepts chat messages" do
- user_id = "http://mastodon.example.org/users/admin"
+ test "works for guppe actors" do
+ user_id = "https://gup.pe/u/bernie2020"
+
+ Tesla.Mock.mock(fn
+ %{method: :get, url: ^user_id} ->
+ %Tesla.Env{
+ status: 200,
+ body: File.read!("test/fixtures/guppe-actor.json"),
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ {:ok, user} = ActivityPub.make_user_from_ap_id(user_id)
+
+ assert user.name == "Bernie2020 group"
+ assert user.actor_type == "Group"
+ end
+
+ test "works for bridgy actors" do
+ user_id = "https://fed.brid.gy/jk.nipponalba.scot"
+
+ Tesla.Mock.mock(fn
+ %{method: :get, url: ^user_id} ->
+ %Tesla.Env{
+ status: 200,
+ body: File.read!("test/fixtures/bridgy/actor.json"),
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
{:ok, user} = ActivityPub.make_user_from_ap_id(user_id)
- assert user.accepts_chat_messages
+ assert user.actor_type == "Person"
+
+ assert user.avatar == %{
+ "type" => "Image",
+ "url" => [%{"href" => "https://jk.nipponalba.scot/images/profile.jpg"}]
+ }
+
+ assert user.banner == %{
+ "type" => "Image",
+ "url" => [%{"href" => "https://jk.nipponalba.scot/images/profile.jpg"}]
+ }
+ end
+
+ test "fetches user featured collection" do
+ ap_id = "https://example.com/users/lain"
+
+ featured_url = "https://example.com/users/lain/collections/featured"
+
+ user_data =
+ "test/fixtures/users_mock/user.json"
+ |> File.read!()
+ |> String.replace("{{nickname}}", "lain")
+ |> Jason.decode!()
+ |> Map.put("featured", featured_url)
+ |> Jason.encode!()
+
+ object_id = Ecto.UUID.generate()
+
+ featured_data =
+ "test/fixtures/mastodon/collections/featured.json"
+ |> File.read!()
+ |> String.replace("{{domain}}", "example.com")
+ |> String.replace("{{nickname}}", "lain")
+ |> String.replace("{{object_id}}", object_id)
+
+ object_url = "https://example.com/objects/#{object_id}"
+
+ object_data =
+ "test/fixtures/statuses/note.json"
+ |> File.read!()
+ |> String.replace("{{object_id}}", object_id)
+ |> String.replace("{{nickname}}", "lain")
+
+ Tesla.Mock.mock(fn
+ %{
+ method: :get,
+ url: ^ap_id
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: user_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+
+ %{
+ method: :get,
+ url: ^featured_url
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: featured_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ Tesla.Mock.mock_global(fn
+ %{
+ method: :get,
+ url: ^object_url
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: object_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ {:ok, user} = ActivityPub.make_user_from_ap_id(ap_id)
+ Process.sleep(50)
+
+ assert user.featured_address == featured_url
+ assert Map.has_key?(user.pinned_objects, object_url)
+
+ in_db = Pleroma.User.get_by_ap_id(ap_id)
+ assert in_db.featured_address == featured_url
+ assert Map.has_key?(user.pinned_objects, object_url)
+
+ assert %{data: %{"id" => ^object_url}} = Object.get_by_ap_id(object_url)
end
end
+ test "fetches user featured collection using the first property" do
+ featured_url = "https://friendica.example.com/raha/collections/featured"
+ first_url = "https://friendica.example.com/featured/raha?page=1"
+
+ featured_data =
+ "test/fixtures/friendica/friendica_featured_collection.json"
+ |> File.read!()
+
+ page_data =
+ "test/fixtures/friendica/friendica_featured_collection_first.json"
+ |> File.read!()
+
+ Tesla.Mock.mock(fn
+ %{
+ method: :get,
+ url: ^featured_url
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: featured_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+
+ %{
+ method: :get,
+ url: ^first_url
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: page_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ {:ok, data} = ActivityPub.fetch_and_prepare_featured_from_ap_id(featured_url)
+ assert Map.has_key?(data, "http://inserted")
+ end
+
+ test "fetches user featured when it has string IDs" do
+ featured_url = "https://example.com/alisaie/collections/featured"
+ dead_url = "https://example.com/users/alisaie/statuses/108311386746229284"
+
+ featured_data =
+ "test/fixtures/mastodon/featured_collection.json"
+ |> File.read!()
+
+ Tesla.Mock.mock(fn
+ %{
+ method: :get,
+ url: ^featured_url
+ } ->
+ %Tesla.Env{
+ status: 200,
+ body: featured_data,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+
+ %{
+ method: :get,
+ url: ^dead_url
+ } ->
+ %Tesla.Env{
+ status: 404,
+ body: "{}",
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ {:ok, %{}} = ActivityPub.fetch_and_prepare_featured_from_ap_id(featured_url)
+ end
+
test "it fetches the appropriate tag-restricted posts" do
user = insert(:user)
- {:ok, status_one} = CommonAPI.post(user, %{status: ". #test"})
+ {:ok, status_one} = CommonAPI.post(user, %{status: ". #TEST"})
{:ok, status_two} = CommonAPI.post(user, %{status: ". #essais"})
- {:ok, status_three} = CommonAPI.post(user, %{status: ". #test #reject"})
+ {:ok, status_three} = CommonAPI.post(user, %{status: ". #test #Reject"})
- fetch_one = ActivityPub.fetch_activities([], %{type: "Create", tag: "test"})
+ {:ok, status_four} = CommonAPI.post(user, %{status: ". #Any1 #any2"})
+ {:ok, status_five} = CommonAPI.post(user, %{status: ". #Any2 #any1"})
- fetch_two = ActivityPub.fetch_activities([], %{type: "Create", tag: ["test", "essais"]})
+ for hashtag_timeline_strategy <- [:enabled, :disabled] do
+ clear_config([:features, :improved_hashtag_timeline], hashtag_timeline_strategy)
- fetch_three =
- ActivityPub.fetch_activities([], %{
- type: "Create",
- tag: ["test", "essais"],
- tag_reject: ["reject"]
- })
+ fetch_one = ActivityPub.fetch_activities([], %{type: "Create", tag: "test"})
- fetch_four =
- ActivityPub.fetch_activities([], %{
- type: "Create",
- tag: ["test"],
- tag_all: ["test", "reject"]
- })
+ fetch_two = ActivityPub.fetch_activities([], %{type: "Create", tag: ["TEST", "essais"]})
+
+ fetch_three =
+ ActivityPub.fetch_activities([], %{
+ type: "Create",
+ tag: ["test", "Essais"],
+ tag_reject: ["reject"]
+ })
+
+ fetch_four =
+ ActivityPub.fetch_activities([], %{
+ type: "Create",
+ tag: ["test"],
+ tag_all: ["test", "REJECT"]
+ })
- assert fetch_one == [status_one, status_three]
- assert fetch_two == [status_one, status_two, status_three]
- assert fetch_three == [status_one, status_two]
- assert fetch_four == [status_three]
+ # Testing that deduplication (if needed) is done on DB (not Ecto) level; :limit is important
+ fetch_five =
+ ActivityPub.fetch_activities([], %{
+ type: "Create",
+ tag: ["ANY1", "any2"],
+ limit: 2
+ })
+
+ fetch_six =
+ ActivityPub.fetch_activities([], %{
+ type: "Create",
+ tag: ["any1", "Any2"],
+ tag_all: [],
+ tag_reject: []
+ })
+
+ # Regression test: passing empty lists as filter options shouldn't affect the results
+ assert fetch_five == fetch_six
+
+ [fetch_one, fetch_two, fetch_three, fetch_four, fetch_five] =
+ Enum.map([fetch_one, fetch_two, fetch_three, fetch_four, fetch_five], fn statuses ->
+ Enum.map(statuses, fn s -> Repo.preload(s, object: :hashtags) end)
+ end)
+
+ assert fetch_one == [status_one, status_three]
+ assert fetch_two == [status_one, status_two, status_three]
+ assert fetch_three == [status_one, status_two]
+ assert fetch_four == [status_three]
+ assert fetch_five == [status_four, status_five]
+ end
end
describe "insertion" do
assert activity.data["ok"] == data["ok"]
assert activity.data["id"] == given_id
assert activity.data["context"] == "blabla"
- assert activity.data["context_id"]
end
test "adds a context when none is there" do
assert is_binary(activity.data["context"])
assert is_binary(object.data["context"])
- assert activity.data["context_id"]
- assert object.data["context_id"]
end
test "adds an id to a given object if it lacks one and is a note and inserts it to the object database" do
end
end
- describe "listen activities" do
- test "does not increase user note count" do
- user = insert(:user)
-
- {:ok, activity} =
- ActivityPub.listen(%{
- to: ["https://www.w3.org/ns/activitystreams#Public"],
- actor: user,
- context: "",
- object: %{
- "actor" => user.ap_id,
- "to" => ["https://www.w3.org/ns/activitystreams#Public"],
- "artist" => "lain",
- "title" => "lain radio episode 1",
- "length" => 180_000,
- "type" => "Audio"
- }
- })
-
- assert activity.actor == user.ap_id
-
- user = User.get_cached_by_id(user.id)
- assert user.note_count == 0
- end
-
- test "can be fetched into a timeline" do
- _listen_activity_1 = insert(:listen)
- _listen_activity_2 = insert(:listen)
- _listen_activity_3 = insert(:listen)
-
- timeline = ActivityPub.fetch_activities([], %{type: ["Listen"]})
-
- assert length(timeline) == 3
- end
- end
-
describe "create activities" do
setup do
[user: insert(:user)]
end
end
+ describe "fetch activities for followed hashtags" do
+ test "it should return public activities that reference a given hashtag" do
+ hashtag = insert(:hashtag, name: "tenshi")
+ user = insert(:user)
+ other_user = insert(:user)
+
+ {:ok, normally_visible} =
+ CommonAPI.post(other_user, %{status: "hello :)", visibility: "public"})
+
+ {:ok, public} = CommonAPI.post(user, %{status: "maji #tenshi", visibility: "public"})
+ {:ok, _unrelated} = CommonAPI.post(user, %{status: "dai #tensh", visibility: "public"})
+ {:ok, unlisted} = CommonAPI.post(user, %{status: "maji #tenshi", visibility: "unlisted"})
+ {:ok, _private} = CommonAPI.post(user, %{status: "maji #tenshi", visibility: "private"})
+
+ activities =
+ ActivityPub.fetch_activities([other_user.follower_address], %{
+ followed_hashtags: [hashtag.id]
+ })
+
+ assert length(activities) == 3
+ normal_id = normally_visible.id
+ public_id = public.id
+ unlisted_id = unlisted.id
+ assert [%{id: ^normal_id}, %{id: ^public_id}, %{id: ^unlisted_id}] = activities
+ end
+ end
+
describe "fetch activities in context" do
test "retrieves activities that have a given context" do
{:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
assert Enum.member?(activities, activity_one)
end
+ test "doesn't return activities from deactivated users" do
+ _user = insert(:user)
+ deactivated = insert(:user)
+ active = insert(:user)
+ {:ok, activity_one} = CommonAPI.post(deactivated, %{status: "hey!"})
+ {:ok, activity_two} = CommonAPI.post(active, %{status: "yay!"})
+ {:ok, _updated_user} = User.set_activation(deactivated, false)
+
+ activities = ActivityPub.fetch_activities([], %{})
+
+ refute Enum.member?(activities, activity_one)
+ assert Enum.member?(activities, activity_two)
+ end
+
+ test "always see your own posts even when they address people you block" do
+ user = insert(:user)
+ blockee = insert(:user)
+
+ {:ok, _} = User.block(user, blockee)
+ {:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{blockee.nickname}"})
+
+ activities = ActivityPub.fetch_activities([], %{blocking_user: user})
+
+ assert Enum.member?(activities, activity)
+ end
+
test "doesn't return transitive interactions concerning blocked users" do
blocker = insert(:user)
blockee = insert(:user)
refute repeat_activity in activities
end
+ test "see your own posts even when they adress actors from blocked domains" do
+ user = insert(:user)
+
+ domain = "dogwhistle.zone"
+ domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
+
+ {:ok, user} = User.block_domain(user, domain)
+
+ {:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{domain_user.nickname}"})
+
+ activities = ActivityPub.fetch_activities([], %{blocking_user: user})
+
+ assert Enum.member?(activities, activity)
+ end
+
test "does return activities from followed users on blocked domains" do
domain = "meanies.social"
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
%{test_file: test_file}
end
+ test "strips / from filename", %{test_file: file} do
+ file = %Plug.Upload{file | filename: "../../../../../nested/bad.jpg"}
+ {:ok, %Object{} = object} = ActivityPub.upload(file)
+ [%{"href" => href}] = object.data["url"]
+ assert Regex.match?(~r"/bad.jpg$", href)
+ refute Regex.match?(~r"/nested/", href)
+ end
+
test "sets a description if given", %{test_file: file} do
{:ok, %Object{} = object} = ActivityPub.upload(file, description: "a cool file")
assert object.data["name"] == "a cool file"
test "it sets the default description depending on the configuration", %{test_file: file} do
clear_config([Pleroma.Upload, :default_description])
- Pleroma.Config.put([Pleroma.Upload, :default_description], nil)
+ clear_config([Pleroma.Upload, :default_description], nil)
{:ok, %Object{} = object} = ActivityPub.upload(file)
assert object.data["name"] == ""
- Pleroma.Config.put([Pleroma.Upload, :default_description], :filename)
+ clear_config([Pleroma.Upload, :default_description], :filename)
{:ok, %Object{} = object} = ActivityPub.upload(file)
assert object.data["name"] == "an_image.jpg"
- Pleroma.Config.put([Pleroma.Upload, :default_description], "unnamed attachment")
+ clear_config([Pleroma.Upload, :default_description], "unnamed attachment")
{:ok, %Object{} = object} = ActivityPub.upload(file)
assert object.data["name"] == "unnamed attachment"
end
assert embedded_object["object"] == followed.ap_id
assert embedded_object["id"] == follow_activity.data["id"]
end
+
+ test "it removes the follow activity if it was local" do
+ follower = insert(:user, local: true)
+ followed = insert(:user)
+
+ {:ok, _, _, follow_activity} = CommonAPI.follow(follower, followed)
+ {:ok, activity} = ActivityPub.unfollow(follower, followed, nil, true)
+
+ assert activity.data["type"] == "Undo"
+ assert activity.data["actor"] == follower.ap_id
+
+ follow_activity = Activity.get_by_id(follow_activity.id)
+ assert is_nil(follow_activity)
+ assert is_nil(Utils.fetch_latest_follow(follower, followed))
+
+ # We need to keep our own undo
+ undo_activity = Activity.get_by_ap_id(activity.data["id"])
+ refute is_nil(undo_activity)
+ end
+
+ test "it removes the follow activity if it was remote" do
+ follower = insert(:user, local: false)
+ followed = insert(:user)
+
+ {:ok, _, _, follow_activity} = CommonAPI.follow(follower, followed)
+ {:ok, activity} = ActivityPub.unfollow(follower, followed, nil, false)
+
+ assert activity.data["type"] == "Undo"
+ assert activity.data["actor"] == follower.ap_id
+
+ follow_activity = Activity.get_by_id(follow_activity.id)
+ assert is_nil(follow_activity)
+ assert is_nil(Utils.fetch_latest_follow(follower, followed))
+
+ undo_activity = Activity.get_by_ap_id(activity.data["id"])
+ assert is_nil(undo_activity)
+ end
end
describe "timeline post-processing" do
})
assert Repo.aggregate(Activity, :count, :id) == 1
- assert Repo.aggregate(Object, :count, :id) == 2
+ assert Repo.aggregate(Object, :count, :id) == 1
assert Repo.aggregate(Notification, :count, :id) == 0
end
end
end
describe "fetch_follow_information_for_user" do
- test "syncronizes following/followers counters" do
+ test "synchronizes following/followers counters" do
user =
insert(:user,
local: false,
"target" => ^new_ap_id,
"type" => "Move"
},
- local: true
+ local: true,
+ recipients: recipients
} = activity
+ assert old_user.follower_address in recipients
+
params = %{
"op" => "move_following",
"origin_id" => old_user.id,
assert {:error, "Target account must have the origin in `alsoKnownAs`"} =
ActivityPub.move(old_user, new_user)
end
+
+ test "do not move remote user following relationships" do
+ %{ap_id: old_ap_id} = old_user = insert(:user)
+ %{ap_id: new_ap_id} = new_user = insert(:user, also_known_as: [old_ap_id])
+ follower_remote = insert(:user, local: false)
+
+ User.follow(follower_remote, old_user)
+
+ assert User.following?(follower_remote, old_user)
+
+ assert {:ok, activity} = ActivityPub.move(old_user, new_user)
+
+ assert %Activity{
+ actor: ^old_ap_id,
+ data: %{
+ "actor" => ^old_ap_id,
+ "object" => ^old_ap_id,
+ "target" => ^new_ap_id,
+ "type" => "Move"
+ },
+ local: true
+ } = activity
+
+ params = %{
+ "op" => "move_following",
+ "origin_id" => old_user.id,
+ "target_id" => new_user.id
+ }
+
+ assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params)
+
+ Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params})
+
+ assert User.following?(follower_remote, old_user)
+ refute User.following?(follower_remote, new_user)
+ end
end
test "doesn't retrieve replies activities with exclude_replies" do
{:ok, user} = ActivityPub.make_user_from_ap_id("https://princess.cat/users/mewmew")
assert user.name == " "
end
+
+ describe "persist/1" do
+ test "should not persist remote delete activities" do
+ poster = insert(:user, local: false)
+ {:ok, post} = CommonAPI.post(poster, %{status: "hhhhhh"})
+
+ {:ok, delete_data, meta} = Builder.delete(poster, post)
+ local_opts = Keyword.put(meta, :local, false)
+ {:ok, act, _meta} = ActivityPub.persist(delete_data, local_opts)
+ refute act.inserted_at
+ end
+
+ test "should not persist remote undo activities" do
+ poster = insert(:user, local: false)
+ liker = insert(:user, local: false)
+ {:ok, post} = CommonAPI.post(poster, %{status: "hhhhhh"})
+ {:ok, like} = CommonAPI.favorite(liker, post.id)
+
+ {:ok, undo_data, meta} = Builder.undo(liker, like)
+ local_opts = Keyword.put(meta, :local, false)
+ {:ok, act, _meta} = ActivityPub.persist(undo_data, local_opts)
+ refute act.inserted_at
+ end
+ end
end