+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
use Pleroma.Web.ConnCase
alias Pleroma.Web.TwitterAPI.TwitterAPI
- alias Pleroma.{Repo, User, Activity, Notification}
+ alias Pleroma.{Repo, User, Object, Activity, Notification}
alias Pleroma.Web.{OStatus, CommonAPI}
alias Pleroma.Web.ActivityPub.ActivityPub
-
+ alias Pleroma.Web.MastodonAPI.FilterView
import Pleroma.Factory
import ExUnit.CaptureLog
+ import Tesla.Mock
+
+ setup do
+ mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
+ :ok
+ end
test "the home timeline", %{conn: conn} do
user = insert(:user)
|> get("api/v1/timelines/home")
[_s1, _s2] = json_response(res_conn, 200)
+
+ # Test pagination
+ Enum.each(1..20, fn _ ->
+ {:ok, _} =
+ CommonAPI.post(user_one, %{
+ "status" => "Hi @#{user_two.nickname}!",
+ "visibility" => "direct"
+ })
+ end)
+
+ res_conn =
+ conn
+ |> assign(:user, user_two)
+ |> get("api/v1/timelines/direct")
+
+ statuses = json_response(res_conn, 200)
+ assert length(statuses) == 20
+
+ res_conn =
+ conn
+ |> assign(:user, user_two)
+ |> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]})
+
+ [status] = json_response(res_conn, 200)
+
+ assert status["url"] != direct.data["id"]
end
test "replying to a status", %{conn: conn} do
assert activity.data["object"]["inReplyToStatusId"] == replied_to.id
end
+ test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
+ user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})
+
+ assert %{"content" => "xD", "id" => id} = json_response(conn, 200)
+
+ activity = Repo.get(Activity, id)
+
+ assert activity
+ end
+
test "verify_credentials", %{conn: conn} do
user = insert(:user)
|> assign(:user, user)
|> get("/api/v1/accounts/verify_credentials")
- assert %{"id" => id} = json_response(conn, 200)
+ assert %{"id" => id, "source" => %{"privacy" => "public"}} = json_response(conn, 200)
+ assert id == to_string(user.id)
+ end
+
+ test "verify_credentials default scope unlisted", %{conn: conn} do
+ user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "unlisted"}})
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/accounts/verify_credentials")
+
+ assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = json_response(conn, 200)
assert id == to_string(user.id)
end
assert %{} = json_response(conn, 200)
- assert Repo.get(Activity, activity.id) == nil
+ refute Repo.get(Activity, activity.id)
end
test "when you didn't create it", %{conn: conn} do
end
end
+ describe "filters" do
+ test "creating a filter", %{conn: conn} do
+ user = insert(:user)
+
+ filter = %Pleroma.Filter{
+ phrase: "knights",
+ context: ["home"]
+ }
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> post("/api/v1/filters", %{"phrase" => filter.phrase, context: filter.context})
+
+ assert response = json_response(conn, 200)
+ assert response["phrase"] == filter.phrase
+ assert response["context"] == filter.context
+ assert response["id"] != nil
+ assert response["id"] != ""
+ end
+
+ test "fetching a list of filters", %{conn: conn} do
+ user = insert(:user)
+
+ query_one = %Pleroma.Filter{
+ user_id: user.id,
+ filter_id: 1,
+ phrase: "knights",
+ context: ["home"]
+ }
+
+ query_two = %Pleroma.Filter{
+ user_id: user.id,
+ filter_id: 2,
+ phrase: "who",
+ context: ["home"]
+ }
+
+ {:ok, filter_one} = Pleroma.Filter.create(query_one)
+ {:ok, filter_two} = Pleroma.Filter.create(query_two)
+
+ response =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/filters")
+ |> json_response(200)
+
+ assert response ==
+ render_json(
+ FilterView,
+ "filters.json",
+ filters: [filter_two, filter_one]
+ )
+ end
+
+ test "get a filter", %{conn: conn} do
+ user = insert(:user)
+
+ query = %Pleroma.Filter{
+ user_id: user.id,
+ filter_id: 2,
+ phrase: "knight",
+ context: ["home"]
+ }
+
+ {:ok, filter} = Pleroma.Filter.create(query)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/filters/#{filter.filter_id}")
+
+ assert response = json_response(conn, 200)
+ end
+
+ test "update a filter", %{conn: conn} do
+ user = insert(:user)
+
+ query = %Pleroma.Filter{
+ user_id: user.id,
+ filter_id: 2,
+ phrase: "knight",
+ context: ["home"]
+ }
+
+ {:ok, _filter} = Pleroma.Filter.create(query)
+
+ new = %Pleroma.Filter{
+ phrase: "nii",
+ context: ["home"]
+ }
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put("/api/v1/filters/#{query.filter_id}", %{
+ phrase: new.phrase,
+ context: new.context
+ })
+
+ assert response = json_response(conn, 200)
+ assert response["phrase"] == new.phrase
+ assert response["context"] == new.context
+ end
+
+ test "delete a filter", %{conn: conn} do
+ user = insert(:user)
+
+ query = %Pleroma.Filter{
+ user_id: user.id,
+ filter_id: 2,
+ phrase: "knight",
+ context: ["home"]
+ }
+
+ {:ok, filter} = Pleroma.Filter.create(query)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> delete("/api/v1/filters/#{filter.filter_id}")
+
+ assert response = json_response(conn, 200)
+ assert response == %{}
+ end
+ end
+
describe "lists" do
test "creating a list", %{conn: conn} do
user = insert(:user)
assert id == to_string(activity_two.id)
end
+
+ test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user)
+ {:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
+
+ {:ok, _activity_two} =
+ TwitterAPI.create_status(other_user, %{
+ "status" => "Marisa is cute.",
+ "visibility" => "private"
+ })
+
+ {:ok, list} = Pleroma.List.create("name", user)
+ {:ok, list} = Pleroma.List.follow(list, other_user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/timelines/list/#{list.id}")
+
+ assert [%{"id" => id}] = json_response(conn, 200)
+
+ assert id == to_string(activity_one.id)
+ end
end
describe "notifications" do
|> get("/api/v1/notifications")
expected_response =
- "hi <span><a href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
+ "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200)
assert response == expected_response
|> get("/api/v1/notifications/#{notification.id}")
expected_response =
- "hi <span><a href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
+ "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
assert %{"status" => %{"content" => response}} = json_response(conn, 200)
assert response == expected_response
}
media =
- TwitterAPI.upload(file, "json")
+ TwitterAPI.upload(file, user, "json")
|> Poison.decode!()
{:ok, image_post} =
assert [%{"id" => id}] = json_response(conn, 200)
assert id == to_string(image_post.id)
end
+
+ test "gets a user's statuses without reblogs", %{conn: conn} do
+ user = insert(:user)
+ {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"})
+ {:ok, _, _} = CommonAPI.repeat(post.id, user)
+
+ conn =
+ conn
+ |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"})
+
+ assert [%{"id" => id}] = json_response(conn, 200)
+ assert id == to_string(post.id)
+
+ conn =
+ conn
+ |> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"})
+
+ assert [%{"id" => id}] = json_response(conn, 200)
+ assert id == to_string(post.id)
+ end
end
describe "user relationships" do
describe "locked accounts" do
test "/api/v1/follow_requests works" do
- user = insert(:user, %{info: %{"locked" => true}})
+ user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
other_user = insert(:user)
- {:ok, activity} = ActivityPub.follow(other_user, user)
+ {:ok, _activity} = ActivityPub.follow(other_user, user)
user = Repo.get(User, user.id)
other_user = Repo.get(User, other_user.id)
end
test "/api/v1/follow_requests/:id/authorize works" do
- user = insert(:user, %{info: %{"locked" => true}})
+ user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
other_user = insert(:user)
- {:ok, activity} = ActivityPub.follow(other_user, user)
+ {:ok, _activity} = ActivityPub.follow(other_user, user)
user = Repo.get(User, user.id)
other_user = Repo.get(User, other_user.id)
assert User.following?(other_user, user) == true
end
+ test "verify_credentials", %{conn: conn} do
+ user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "private"}})
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/accounts/verify_credentials")
+
+ assert %{"id" => id, "source" => %{"privacy" => "private"}} = json_response(conn, 200)
+ assert id == to_string(user.id)
+ end
+
test "/api/v1/follow_requests/:id/reject works" do
- user = insert(:user, %{info: %{"locked" => true}})
+ user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
other_user = insert(:user)
- {:ok, activity} = ActivityPub.follow(other_user, user)
+ {:ok, _activity} = ActivityPub.follow(other_user, user)
conn =
build_conn()
filename: "an_image.jpg"
}
+ desc = "Description of the image"
+
user = insert(:user)
conn =
conn
|> assign(:user, user)
- |> post("/api/v1/media", %{"file" => file})
+ |> post("/api/v1/media", %{"file" => file, "description" => desc})
assert media = json_response(conn, 200)
assert media["type"] == "image"
+ assert media["description"] == desc
+ assert media["id"]
+
+ object = Repo.get(Object, media["id"])
+ assert object.data["actor"] == User.ap_id(user)
end
test "hashtag timeline", %{conn: conn} do
{:ok, [_activity]} =
OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
- conn =
+ nconn =
conn
|> get("/api/v1/timelines/tag/2hu")
- assert [%{"id" => id}] = json_response(conn, 200)
+ assert [%{"id" => id}] = json_response(nconn, 200)
+
+ assert id == to_string(activity.id)
+
+ # works for different capitalization too
+ nconn =
+ conn
+ |> get("/api/v1/timelines/tag/2HU")
+
+ assert [%{"id" => id}] = json_response(nconn, 200)
assert id == to_string(activity.id)
end)
assert id == to_string(user.id)
end
+ test "getting followers, hide_network", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user, %{info: %{hide_network: true}})
+ {:ok, _user} = User.follow(user, other_user)
+
+ conn =
+ conn
+ |> get("/api/v1/accounts/#{other_user.id}/followers")
+
+ assert [] == json_response(conn, 200)
+ end
+
+ test "getting followers, hide_network, same user requesting", %{conn: conn} do
+ user = insert(:user)
+ other_user = insert(:user, %{info: %{hide_network: true}})
+ {:ok, _user} = User.follow(user, other_user)
+
+ conn =
+ conn
+ |> assign(:user, other_user)
+ |> get("/api/v1/accounts/#{other_user.id}/followers")
+
+ refute [] == json_response(conn, 200)
+ end
+
test "getting following", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
assert id == to_string(other_user.id)
end
+ test "getting following, hide_network", %{conn: conn} do
+ user = insert(:user, %{info: %{hide_network: true}})
+ other_user = insert(:user)
+ {:ok, user} = User.follow(user, other_user)
+
+ conn =
+ conn
+ |> get("/api/v1/accounts/#{user.id}/following")
+
+ assert [] == json_response(conn, 200)
+ end
+
+ test "getting following, hide_network, same user requesting", %{conn: conn} do
+ user = insert(:user, %{info: %{hide_network: true}})
+ other_user = insert(:user)
+ {:ok, user} = User.follow(user, other_user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/accounts/#{user.id}/following")
+
+ refute [] == json_response(conn, 200)
+ end
+
test "following / unfollowing a user", %{conn: conn} do
user = insert(:user)
other_user = insert(:user)
refute User.blocks?(user, other_user)
end
- test "getting a list of domain blocks" do
+ test "getting a list of domain blocks", %{conn: conn} do
user = insert(:user)
{:ok, user} = User.block_domain(user, "bad.site")
describe "updating credentials" do
test "updates the user's bio", %{conn: conn} do
user = insert(:user)
+ user2 = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{
+ "note" => "I drink #cofe with @#{user2.nickname}"
+ })
+
+ assert user = json_response(conn, 200)
+
+ assert user["note"] ==
+ "I drink <a data-tag=\"cofe\" href=\"http://localhost:4001/tag/cofe\">#cofe</a> with <span><a data-user=\"#{
+ user2.id
+ }\" href=\"#{user2.ap_id}\">@<span>#{user2.nickname}</span></a></span>"
+ end
+
+ test "updates the user's locking status", %{conn: conn} do
+ user = insert(:user)
conn =
conn
|> assign(:user, user)
- |> patch("/api/v1/accounts/update_credentials", %{"note" => "I drink #cofe"})
+ |> patch("/api/v1/accounts/update_credentials", %{locked: "true"})
assert user = json_response(conn, 200)
- assert user["note"] == "I drink #cofe"
+ assert user["locked"] == true
end
test "updates the user's name", %{conn: conn} do
|> assign(:user, user)
|> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
- assert user = json_response(conn, 200)
- assert user["avatar"] != "https://placehold.it/48x48"
+ assert user_response = json_response(conn, 200)
+ assert user_response["avatar"] != User.avatar_url(user)
end
test "updates the user's banner", %{conn: conn} do
|> assign(:user, user)
|> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})
- assert user = json_response(conn, 200)
- assert user["header"] != "https://placehold.it/700x335"
+ assert user_response = json_response(conn, 200)
+ assert user_response["header"] != User.banner_url(user)
end
end
assert result["stats"]["user_count"] == 2
assert result["stats"]["status_count"] == 1
end
+
+ test "put settings", %{conn: conn} do
+ user = insert(:user)
+
+ conn =
+ conn
+ |> assign(:user, user)
+ |> put("/api/web/settings", %{"data" => %{"programming" => "socks"}})
+
+ assert result = json_response(conn, 200)
+
+ user = User.get_cached_by_ap_id(user.ap_id)
+ assert user.info.settings == %{"programming" => "socks"}
+ end
end
projects / akkoma / blobdiff