assert response == "job started"
end
+
+ test "requires 'follow' permission", %{conn: conn} do
+ token1 = insert(:oauth_token, scopes: ["read", "write"])
+ token2 = insert(:oauth_token, scopes: ["follow"])
+ another_user = insert(:user)
+
+ for token <- [token1, token2] do
+ conn =
+ conn
+ |> put_req_header("authorization", "Bearer #{token.token}")
+ |> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"})
+
+ if token == token1 do
+ assert %{"error" => "Insufficient permissions: follow."} == json_response(conn, 403)
+ else
+ assert json_response(conn, 200)
+ end
+ end
+ end
end
describe "POST /api/pleroma/blocks_import" do
describe "GET /api/statusnet/config.json" do
test "it returns the managed config", %{conn: conn} do
Pleroma.Config.put([:instance, :managed_config], false)
+ Pleroma.Config.put([:fe], theme: "rei-ayanami-towel")
response =
conn