assert user_response = json_response(conn, 200)
assert user_response["header"] != User.banner_url(user)
end
+
+ test "requires 'write' permission", %{conn: conn} do
+ token1 = insert(:oauth_token, scopes: ["read"])
+ token2 = insert(:oauth_token, scopes: ["write", "follow"])
+
+ for token <- [token1, token2] do
+ conn =
+ conn
+ |> put_req_header("authorization", "Bearer #{token.token}")
+ |> patch("/api/v1/accounts/update_credentials", %{})
+
+ if token == token1 do
+ assert %{"error" => "Insufficient permissions: write."} == json_response(conn, 403)
+ else
+ assert json_response(conn, 200)
+ end
+ end
+ end
end
test "get instance information", %{conn: conn} do
}
}
+ # works with private posts
+ {:ok, activity} =
+ CommonAPI.post(user, %{"status" => "http://example.com/ogp", "visibility" => "direct"})
+
+ response_two =
+ conn
+ |> assign(:user, user)
+ |> get("/api/v1/statuses/#{activity.id}/card")
+ |> json_response(200)
+
+ assert response_two == response
+
Pleroma.Config.put([:rich_media, :enabled], false)
end
end
assert json_response(set_flavour, 200) == json_response(get_new_flavour, 200)
end
+
+ describe "reports" do
+ setup do
+ reporter = insert(:user)
+ target_user = insert(:user)
+
+ {:ok, activity} = CommonAPI.post(target_user, %{"status" => "foobar"})
+
+ [reporter: reporter, target_user: target_user, activity: activity]
+ end
+
+ test "submit a basic report", %{conn: conn, reporter: reporter, target_user: target_user} do
+ assert %{"action_taken" => false, "id" => _} =
+ conn
+ |> assign(:user, reporter)
+ |> post("/api/v1/reports", %{"account_id" => target_user.id})
+ |> json_response(200)
+ end
+
+ test "submit a report with statuses and comment", %{
+ conn: conn,
+ reporter: reporter,
+ target_user: target_user,
+ activity: activity
+ } do
+ assert %{"action_taken" => false, "id" => _} =
+ conn
+ |> assign(:user, reporter)
+ |> post("/api/v1/reports", %{
+ "account_id" => target_user.id,
+ "status_ids" => [activity.id],
+ "comment" => "bad status!"
+ })
+ |> json_response(200)
+ end
+
+ test "accound_id is required", %{
+ conn: conn,
+ reporter: reporter,
+ activity: activity
+ } do
+ assert %{"error" => "Valid `account_id` required"} =
+ conn
+ |> assign(:user, reporter)
+ |> post("/api/v1/reports", %{"status_ids" => [activity.id]})
+ |> json_response(400)
+ end
+
+ test "comment must be up to the size specified in the config", %{
+ conn: conn,
+ reporter: reporter,
+ target_user: target_user
+ } do
+ max_size = Pleroma.Config.get([:instance, :max_report_comment_size], 1000)
+ comment = String.pad_trailing("a", max_size + 1, "a")
+
+ error = %{"error" => "Comment must be up to #{max_size} characters"}
+
+ assert ^error =
+ conn
+ |> assign(:user, reporter)
+ |> post("/api/v1/reports", %{"account_id" => target_user.id, "comment" => comment})
+ |> json_response(400)
+ end
+ end
end