projects / akkoma / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/pinned...
[akkoma] / test / web / common_api / common_api_test.exs
diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs
index 2a2c40833839bfbd28f9890c2a6fc1cc161687c7..59beb312021b05df1bd454c0083b19cedce6e688 100644 (file)
--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@@ -1,7 +1,12 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.CommonAPI.Test do
   use Pleroma.DataCase
   alias Pleroma.Web.CommonAPI
   alias Pleroma.User
+  alias Pleroma.Activity
 
   import Pleroma.Factory
 
@@ -17,8 +22,114 @@ defmodule Pleroma.Web.CommonAPI.Test do
 
     CommonAPI.update(user)
     user = User.get_cached_by_ap_id(user.ap_id)
-    [karjalanpiirakka] = user.info["source_data"]["tag"]
+    [karjalanpiirakka] = user.info.source_data["tag"]
 
     assert karjalanpiirakka["name"] == ":karjalanpiirakka:"
   end
+
+  describe "posting" do
+    test "it filters out obviously bad tags when accepting a post as HTML" do
+      user = insert(:user)
+
+      post = "<p><b>2hu</b></p><script>alert('xss')</script>"
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          "status" => post,
+          "content_type" => "text/html"
+        })
+
+      content = activity.data["object"]["content"]
+      assert content == "<p><b>2hu</b></p>alert('xss')"
+    end
+
+    test "it filters out obviously bad tags when accepting a post as Markdown" do
+      user = insert(:user)
+
+      post = "<p><b>2hu</b></p><script>alert('xss')</script>"
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          "status" => post,
+          "content_type" => "text/markdown"
+        })
+
+      content = activity.data["object"]["content"]
+      assert content == "<p><b>2hu</b></p>alert('xss')"
+    end
+  end
+
+  describe "reactions" do
+    test "repeating a status" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
+
+      {:ok, %Activity{}, _} = CommonAPI.repeat(activity.id, user)
+    end
+
+    test "favoriting a status" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
+
+      {:ok, %Activity{}, _} = CommonAPI.favorite(activity.id, user)
+    end
+
+    test "retweeting a status twice returns an error" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
+      {:ok, %Activity{}, _object} = CommonAPI.repeat(activity.id, user)
+      {:error, _} = CommonAPI.repeat(activity.id, user)
+    end
+
+    test "favoriting a status twice returns an error" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "cofe"})
+      {:ok, %Activity{}, _object} = CommonAPI.favorite(activity.id, user)
+      {:error, _} = CommonAPI.favorite(activity.id, user)
+    end
+  end
+
+  describe "pinned posts" do
+    test "pin post" do
+      Pleroma.Config.put([:instance, :max_pinned_posts], 1)
+      user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"})
+
+      assert {:ok, ^activity} = CommonAPI.pin(activity.id, user)
+    end
+
+    test "max pinned posts" do
+      Pleroma.Config.put([:instance, :max_pinned_posts], 1)
+      user = insert(:user)
+
+      {:ok, activity_one} = CommonAPI.post(user, %{"status" => "HI!!!"})
+      {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})
+
+      assert {:ok, ^activity_one} = CommonAPI.pin(activity_one.id, user)
+
+      user = User.get_by_ap_id(user.ap_id)
+
+      assert {:error, "You have already pinned the maximum number of toots"} =
+               CommonAPI.pin(activity_two.id, user)
+    end
+
+    test "unpin post" do
+      Pleroma.Config.put([:instance, :max_pinned_posts], 1)
+      user = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"})
+      {:ok, activity} = CommonAPI.pin(activity.id, user)
+
+      assert {:ok, ^activity} = CommonAPI.unpin(activity.id, user)
+    end
+  end
 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git