alias Pleroma.Tests.ObanHelpers
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.CommonAPI
alias Pleroma.Workers.ScheduledActivityWorker
setup do: clear_config([:rich_media, :enabled])
setup do: clear_config([:mrf, :policies])
setup do: clear_config([:mrf_keyword, :reject])
+ setup do: clear_config([Pleroma.Upload, :uploader], Pleroma.Uploaders.Local)
+ setup do: clear_config([Pleroma.Uploaders.Local, :uploads], "uploads")
describe "posting statuses" do
setup do: oauth_access(["write:statuses"])
"sensitive" => 0
})
+ # Idempotency plug response means detection fail
assert %{"id" => second_id} = json_response(conn_two, 200)
assert id == second_id
assert activity.data["cc"] == []
end
- @tag :skip
test "discloses application metadata when enabled" do
user = insert(:user, disclose_client: true)
%{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
"status" => "cofe is my copilot"
})
+ assert %{
+ "content" => "cofe is my copilot"
+ } = json_response_and_validate_schema(result, 200)
+
+ activity = result.assigns.activity.id
+
+ result =
+ conn
+ |> get("api/v1/statuses/#{activity}")
+
assert %{
"content" => "cofe is my copilot",
"application" => %{
"status" => "club mate is my wingman"
})
+ assert %{"content" => "club mate is my wingman"} =
+ json_response_and_validate_schema(result, 200)
+
+ activity = result.assigns.activity.id
+
+ result =
+ conn
+ |> get("api/v1/statuses/#{activity}")
+
assert %{
"content" => "club mate is my wingman",
"application" => nil
setup do: clear_config([:instance, :max_pinned_statuses], 1)
test "pin status", %{conn: conn, user: user, activity: activity} do
- id_str = to_string(activity.id)
+ id = activity.id
- assert %{"id" => ^id_str, "pinned" => true} =
+ assert %{"id" => ^id, "pinned" => true} =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/statuses/#{activity.id}/pin")
|> json_response_and_validate_schema(200)
- assert [%{"id" => ^id_str, "pinned" => true}] =
+ assert [%{"id" => ^id, "pinned" => true}] =
conn
|> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
|> json_response_and_validate_schema(200)
end
+ test "non authenticated user", %{activity: activity} do
+ assert build_conn()
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses/#{activity.id}/pin")
+ |> json_response(403) == %{"error" => "Invalid credentials."}
+ end
+
test "/pin: returns 400 error when activity is not public", %{conn: conn, user: user} do
{:ok, dm} = CommonAPI.post(user, %{status: "test", visibility: "direct"})
|> put_req_header("content-type", "application/json")
|> post("/api/v1/statuses/#{dm.id}/pin")
- assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not pin"}
+ assert json_response_and_validate_schema(conn, 422) == %{
+ "error" => "Non-public status cannot be pinned"
+ }
+ end
+
+ test "pin by another user", %{activity: activity} do
+ %{conn: conn} = oauth_access(["write:accounts"])
+
+ assert conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses/#{activity.id}/pin")
+ |> json_response(422) == %{"error" => "Someone else's status cannot be pinned"}
end
test "unpin status", %{conn: conn, user: user, activity: activity} do
|> json_response_and_validate_schema(200)
end
- test "/unpin: returns 400 error when activity is not exist", %{conn: conn} do
- conn =
- conn
- |> put_req_header("content-type", "application/json")
- |> post("/api/v1/statuses/1/unpin")
-
- assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not unpin"}
+ test "/unpin: returns 404 error when activity doesn't exist", %{conn: conn} do
+ assert conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses/1/unpin")
+ |> json_response_and_validate_schema(404) == %{"error" => "Record not found"}
end
test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
end
end
- describe "cards" do
- setup do
- clear_config([:rich_media, :enabled], true)
-
- oauth_access(["read:statuses"])
- end
-
- test "returns rich-media card", %{conn: conn, user: user} do
- Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
-
- {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp"})
-
- card_data = %{
- "image" => "http://ia.media-imdb.com/images/rock.jpg",
- "provider_name" => "example.com",
- "provider_url" => "https://example.com",
- "title" => "The Rock",
- "type" => "link",
- "url" => "https://example.com/ogp",
- "description" =>
- "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer.",
- "pleroma" => %{
- "opengraph" => %{
- "image" => "http://ia.media-imdb.com/images/rock.jpg",
- "title" => "The Rock",
- "type" => "video.movie",
- "url" => "https://example.com/ogp",
- "description" =>
- "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer."
- }
- }
- }
-
- response =
- conn
- |> get("/api/v1/statuses/#{activity.id}/card")
- |> json_response_and_validate_schema(200)
-
- assert response == card_data
-
- # works with private posts
- {:ok, activity} =
- CommonAPI.post(user, %{status: "https://example.com/ogp", visibility: "direct"})
-
- response_two =
- conn
- |> get("/api/v1/statuses/#{activity.id}/card")
- |> json_response_and_validate_schema(200)
-
- assert response_two == card_data
- end
-
- test "replaces missing description with an empty string", %{conn: conn, user: user} do
- Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
-
- {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp-missing-data"})
-
- response =
- conn
- |> get("/api/v1/statuses/#{activity.id}/card")
- |> json_response_and_validate_schema(:ok)
-
- assert response == %{
- "type" => "link",
- "title" => "Pleroma",
- "description" => "",
- "image" => nil,
- "provider_name" => "example.com",
- "provider_url" => "https://example.com",
- "url" => "https://example.com/ogp-missing-data",
- "pleroma" => %{
- "opengraph" => %{
- "title" => "Pleroma",
- "type" => "website",
- "url" => "https://example.com/ogp-missing-data"
- }
- }
- }
- end
- end
-
test "bookmarks" do
bookmarks_uri = "/api/v1/bookmarks"
|> assign(:token, insert(:oauth_token, user: user3, scopes: ["read:statuses"]))
|> get("api/v1/timelines/home")
- [reblogged_activity] = json_response(conn3, 200)
+ [reblogged_activity] = json_response_and_validate_schema(conn3, 200)
assert reblogged_activity["reblog"]["in_reply_to_id"] == replied_to.id
} = response
end
+ test "context when restrict_unauthenticated is on" do
+ user = insert(:user)
+ remote_user = insert(:user, local: false)
+
+ {:ok, %{id: id1}} = CommonAPI.post(user, %{status: "1"})
+ {:ok, %{id: id2}} = CommonAPI.post(user, %{status: "2", in_reply_to_status_id: id1})
+
+ {:ok, %{id: id3}} =
+ CommonAPI.post(remote_user, %{status: "3", in_reply_to_status_id: id2, local: false})
+
+ response =
+ build_conn()
+ |> get("/api/v1/statuses/#{id2}/context")
+ |> json_response_and_validate_schema(:ok)
+
+ assert %{
+ "ancestors" => [%{"id" => ^id1}],
+ "descendants" => [%{"id" => ^id3}]
+ } = response
+
+ clear_config([:restrict_unauthenticated, :activities, :local], true)
+
+ response =
+ build_conn()
+ |> get("/api/v1/statuses/#{id2}/context")
+ |> json_response_and_validate_schema(:ok)
+
+ assert %{
+ "ancestors" => [],
+ "descendants" => []
+ } = response
+ end
+
test "favorites paginate correctly" do
%{user: user, conn: conn} = oauth_access(["read:favourites"])
other_user = insert(:user)
"visibility" => "local"
})
- local = Pleroma.Constants.as_local_public()
+ local = Utils.as_local_public()
assert %{"content" => "cofe", "id" => id, "visibility" => "local"} =
- json_response(conn_one, 200)
+ json_response_and_validate_schema(conn_one, 200)
assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id)
end
} = result
end
end
+
+ describe "posting quotes" do
+ setup do: oauth_access(["write:statuses"])
+
+ test "posting a quote", %{conn: conn} do
+ user = insert(:user)
+ {:ok, quoted_status} = CommonAPI.post(user, %{status: "tell me, for whom do you fight?"})
+
+ conn =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "Hmph, how very glib",
+ "quote_id" => quoted_status.id
+ })
+
+ response = json_response_and_validate_schema(conn, 200)
+
+ assert response["quote_id"] == quoted_status.id
+ assert response["quote"]["id"] == quoted_status.id
+ assert response["quote"]["content"] == quoted_status.object.data["content"]
+ end
+
+ test "posting a quote, quoting a status that isn't public", %{conn: conn} do
+ user = insert(:user)
+
+ Enum.each(["private", "local", "direct"], fn visibility ->
+ {:ok, quoted_status} =
+ CommonAPI.post(user, %{
+ status: "tell me, for whom do you fight?",
+ visibility: visibility
+ })
+
+ assert %{"error" => "You can only quote public or unlisted statuses"} =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "Hmph, how very glib",
+ "quote_id" => quoted_status.id
+ })
+ |> json_response_and_validate_schema(422)
+ end)
+ end
+
+ test "posting a quote, after quote, the status gets deleted", %{conn: conn} do
+ user = insert(:user)
+
+ {:ok, quoted_status} =
+ CommonAPI.post(user, %{status: "tell me, for whom do you fight?", visibility: "public"})
+
+ resp =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "I fight for eorzea!",
+ "quote_id" => quoted_status.id
+ })
+ |> json_response_and_validate_schema(200)
+
+ {:ok, _} = CommonAPI.delete(quoted_status.id, user)
+
+ resp =
+ conn
+ |> get("/api/v1/statuses/#{resp["id"]}")
+ |> json_response_and_validate_schema(200)
+
+ assert is_nil(resp["quote"])
+ end
+
+ test "posting a quote of a deleted status", %{conn: conn} do
+ user = insert(:user)
+
+ {:ok, quoted_status} =
+ CommonAPI.post(user, %{status: "tell me, for whom do you fight?", visibility: "public"})
+
+ {:ok, _} = CommonAPI.delete(quoted_status.id, user)
+
+ assert %{"error" => _} =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "I fight for eorzea!",
+ "quote_id" => quoted_status.id
+ })
+ |> json_response_and_validate_schema(422)
+ end
+
+ test "posting a quote of a status that doesn't exist", %{conn: conn} do
+ assert %{"error" => "You can't quote a status that doesn't exist"} =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/v1/statuses", %{
+ "status" => "I fight for eorzea!",
+ "quote_id" => "oops"
+ })
+ |> json_response_and_validate_schema(422)
+ end
+ end
end