|> json_response(403) == %{"error" => "This resource requires authentication."}
end
+ test "the public timeline includes only public statuses for an authenticated user" do
+ user = insert(:user)
+
+ conn =
+ build_conn()
+ |> assign(:user, user)
+
+ {:ok, _activity} = CommonAPI.post(user, %{"status" => "test"})
+ {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "private"})
+ {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "unlisted"})
+ {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"})
+
+ res_conn = get(conn, "/api/v1/timelines/public")
+ assert length(json_response(res_conn, 200)) == 1
+ end
+
describe "posting statuses" do
setup do
user = insert(:user)
conn
|> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})
- assert %{"id" => id, "visibility" => "direct"} = json_response(conn, 200)
+ assert %{"id" => id} = response = json_response(conn, 200)
+ assert response["visibility"] == "direct"
+ assert response["pleroma"]["direct_conversation_id"]
assert activity = Activity.get_by_id(id)
assert activity.recipients == [user2.ap_id, conn.assigns[:user].ap_id]
assert activity.data["to"] == [user2.ap_id]
query_string = "ids[]=#{id1}&ids[]=#{id2}"
conn = get(conn, "/api/v1/statuses/?#{query_string}")
- assert [%{"id" => ^id1}, %{"id" => ^id2}] = json_response(conn, :ok)
+ assert [%{"id" => ^id1}, %{"id" => ^id2}] = Enum.sort_by(json_response(conn, :ok), & &1["id"])
end
describe "deleting a status" do
|> get("/api/v1/notifications")
expected_response =
- "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
+ ~s(hi <span class="h-card"><a data-user="#{user.id}" class="u-url mention" href="#{
user.ap_id
- }\">@<span>#{user.nickname}</span></a></span>"
+ }" rel="ugc">@<span>#{user.nickname}</span></a></span>)
assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200)
assert response == expected_response
|> get("/api/v1/notifications/#{notification.id}")
expected_response =
- "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
+ ~s(hi <span class="h-card"><a data-user="#{user.id}" class="u-url mention" href="#{
user.ap_id
- }\">@<span>#{user.nickname}</span></a></span>"
+ }" rel="ugc">@<span>#{user.nickname}</span></a></span>)
assert %{"status" => %{"content" => response}} = json_response(conn, 200)
assert response == expected_response
build_conn()
|> assign(:user, user)
- [conn: conn, activity: activity]
+ [conn: conn, activity: activity, user: user]
end
test "returns users who have favorited the status", %{conn: conn, activity: activity} do
[%{"id" => id}] = response
assert id == other_user.id
end
+
+ test "requires authentification for private posts", %{conn: conn, user: user} do
+ other_user = insert(:user)
+
+ {:ok, activity} =
+ CommonAPI.post(user, %{
+ "status" => "@#{other_user.nickname} wanna get some #cofe together?",
+ "visibility" => "direct"
+ })
+
+ {:ok, _, _} = CommonAPI.favorite(activity.id, other_user)
+
+ conn
+ |> assign(:user, nil)
+ |> get("/api/v1/statuses/#{activity.id}/favourited_by")
+ |> json_response(404)
+
+ response =
+ build_conn()
+ |> assign(:user, other_user)
+ |> get("/api/v1/statuses/#{activity.id}/favourited_by")
+ |> json_response(200)
+
+ [%{"id" => id}] = response
+ assert id == other_user.id
+ end
end
describe "GET /api/v1/statuses/:id/reblogged_by" do
build_conn()
|> assign(:user, user)
- [conn: conn, activity: activity]
+ [conn: conn, activity: activity, user: user]
end
test "returns users who have reblogged the status", %{conn: conn, activity: activity} do
[%{"id" => id}] = response
assert id == other_user.id
end
+
+ test "requires authentification for private posts", %{conn: conn, user: user} do
+ other_user = insert(:user)
+
+ {:ok, activity} =
+ CommonAPI.post(user, %{
+ "status" => "@#{other_user.nickname} wanna get some #cofe together?",
+ "visibility" => "direct"
+ })
+
+ conn
+ |> assign(:user, nil)
+ |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
+ |> json_response(404)
+
+ response =
+ build_conn()
+ |> assign(:user, other_user)
+ |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
+ |> json_response(200)
+
+ assert [] == response
+ end
end
describe "POST /auth/password, with valid parameters" do