[#1560] Added tests for non-federating instance bahaviour to ActivityPubControllerTest.

[akkoma] / test / web / activity_pub / activity_pub_controller_test.exs

diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs
index fc0444c32f217153a4e61824f52f03b52b45aa2d..af0417406f3826dacaffe99cff456c507c6aa615 100644 (file)
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@@ -25,9 +25,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
     :ok
   end
 
-  clear_config_all([:instance, :federating],
-    do: Pleroma.Config.put([:instance, :federating], true)
-  )
+  clear_config_all([:instance, :federating]) do
+    Pleroma.Config.put([:instance, :federating], true)
+  end
 
   describe "/relay" do
     clear_config([:instance, :allow_relay])
@@ -110,6 +110,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
       assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
     end
+
+    test "it returns 404 for remote users", %{
+      conn: conn
+    } do
+      user = insert(:user, local: false, nickname: "remoteuser@example.com")
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/json")
+        |> get("/users/#{user.nickname}.json")
+
+      assert json_response(conn, 404)
+    end
   end
 
   describe "/object/:uuid" do
@@ -285,7 +298,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
       assert json_response(conn1, :ok)
       assert Enum.any?(conn1.resp_headers, &(&1 == {"x-cache", "MISS from Pleroma"}))
 
-      Activity.delete_by_ap_id(activity.object.data["id"])
+      Activity.delete_all_by_object_ap_id(activity.object.data["id"])
 
       conn2 =
         conn
@@ -764,7 +777,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
     test "it returns returns a uri if the user has 'hide_followers' set", %{conn: conn} do
       user = insert(:user)
-      user_two = insert(:user, %{info: %{hide_followers: true}})
+      user_two = insert(:user, hide_followers: true)
       User.follow(user, user_two)
 
       result =
@@ -777,7 +790,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
     test "it returns a 403 error on pages, if the user has 'hide_followers' set and the request is not authenticated",
          %{conn: conn} do
-      user = insert(:user, %{info: %{hide_followers: true}})
+      user = insert(:user, hide_followers: true)
 
       result =
         conn
@@ -789,7 +802,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
     test "it renders the page, if the user has 'hide_followers' set and the request is authenticated with the same user",
          %{conn: conn} do
-      user = insert(:user, %{info: %{hide_followers: true}})
+      user = insert(:user, hide_followers: true)
       other_user = insert(:user)
       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)
 
@@ -845,7 +858,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
     end
 
     test "it returns a uri if the user has 'hide_follows' set", %{conn: conn} do
-      user = insert(:user, %{info: %{hide_follows: true}})
+      user = insert(:user, hide_follows: true)
       user_two = insert(:user)
       User.follow(user, user_two)
 
@@ -859,7 +872,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
     test "it returns a 403 error on pages, if the user has 'hide_follows' set and the request is not authenticated",
          %{conn: conn} do
-      user = insert(:user, %{info: %{hide_follows: true}})
+      user = insert(:user, hide_follows: true)
 
       result =
         conn
@@ -871,7 +884,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
 
     test "it renders the page, if the user has 'hide_follows' set and the request is authenticated with the same user",
          %{conn: conn} do
-      user = insert(:user, %{info: %{hide_follows: true}})
+      user = insert(:user, hide_follows: true)
       other_user = insert(:user)
       {:ok, user, _other_user, _activity} = CommonAPI.follow(user, other_user)
 
@@ -995,7 +1008,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
     end
   end
 
-  describe "Additionnal ActivityPub C2S endpoints" do
+  describe "Additional ActivityPub C2S endpoints" do
     test "/api/ap/whoami", %{conn: conn} do
       user = insert(:user)
 
@@ -1034,4 +1047,87 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
       assert object["actor"] == user.ap_id
     end
   end
+
+  describe "when instance is not federating," do
+    clear_config([:instance, :federating]) do
+      Pleroma.Config.put([:instance, :federating], false)
+    end
+
+    test "returns 404 for GET routes", %{conn: conn} do
+      user = insert(:user)
+      conn = put_req_header(conn, "accept", "application/json")
+
+      get_uris = [
+        "/users/#{user.nickname}",
+        "/users/#{user.nickname}/outbox",
+        "/users/#{user.nickname}/inbox?page=true",
+        "/users/#{user.nickname}/followers",
+        "/users/#{user.nickname}/following",
+        "/internal/fetch",
+        "/relay",
+        "/relay/following",
+        "/relay/followers",
+        "/api/ap/whoami"
+      ]
+
+      for get_uri <- get_uris do
+        conn
+        |> get(get_uri)
+        |> json_response(404)
+
+        conn
+        |> assign(:user, user)
+        |> get(get_uri)
+        |> json_response(404)
+      end
+    end
+
+    test "returns 404 for activity-related POST routes", %{conn: conn} do
+      user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:valid_signature, true)
+        |> put_req_header("content-type", "application/activity+json")
+
+      post_activity_data =
+        "test/fixtures/mastodon-post-activity.json"
+        |> File.read!()
+        |> Poison.decode!()
+
+      post_activity_uris = [
+        "/inbox",
+        "/relay/inbox",
+        "/users/#{user.nickname}/inbox",
+        "/users/#{user.nickname}/outbox"
+      ]
+
+      for post_activity_uri <- post_activity_uris do
+        conn
+        |> post(post_activity_uri, post_activity_data)
+        |> json_response(404)
+
+        conn
+        |> assign(:user, user)
+        |> post(post_activity_uri, post_activity_data)
+        |> json_response(404)
+      end
+    end
+
+    test "returns 404 for media upload attempt", %{conn: conn} do
+      user = insert(:user)
+      desc = "Description of the image"
+
+      image = %Plug.Upload{
+        content_type: "image/jpg",
+        path: Path.absname("test/fixtures/image.jpg"),
+        filename: "an_image.jpg"
+      }
+
+      conn
+      |> assign(:user, user)
+      |> post("/api/ap/upload_media", %{"file" => image, "description" => desc})
+      |> json_response(404)
+    end
+  end
 end