X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=sidebyside;f=test%2Fweb%2Fmastodon_api%2Fcontrollers%2Ftimeline_controller_test.exs;h=97b1c3e66c35b06d82d1488d1b3b89b0a6f19f6f;hb=5e365448f3fed98da0395ad69c9325795a85a12d;hp=bb94d8e5ab8564dd25d950dd9a67d0646572a2f7;hpb=ea4a462858c16d66228ab07db6c17e3cbd9114d1;p=akkoma
diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs
index bb94d8e5a..97b1c3e66 100644
--- a/test/web/mastodon_api/controllers/timeline_controller_test.exs
+++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
@@ -12,8 +12,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
alias Pleroma.User
alias Pleroma.Web.CommonAPI
- clear_config([:instance, :public])
-
setup do
mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
@@ -23,9 +21,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
setup do: oauth_access(["read:statuses"])
test "the home timeline", %{user: user, conn: conn} do
- following = insert(:user)
+ following = insert(:user, nickname: "followed")
+ third_user = insert(:user, nickname: "repeated")
- {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})
+ {:ok, _activity} = CommonAPI.post(following, %{"status" => "post"})
+ {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"})
+ {:ok, _, _} = CommonAPI.repeat(activity.id, following)
ret_conn = get(conn, "/api/v1/timelines/home")
@@ -33,9 +34,54 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
{:ok, _user} = User.follow(user, following)
- conn = get(conn, "/api/v1/timelines/home")
+ ret_conn = get(conn, "/api/v1/timelines/home")
- assert [%{"content" => "test"}] = json_response(conn, :ok)
+ assert [
+ %{
+ "reblog" => %{
+ "content" => "repeated post",
+ "account" => %{
+ "pleroma" => %{
+ "relationship" => %{"following" => false, "followed_by" => false}
+ }
+ }
+ },
+ "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}}
+ },
+ %{
+ "content" => "post",
+ "account" => %{
+ "acct" => "followed",
+ "pleroma" => %{"relationship" => %{"following" => true}}
+ }
+ }
+ ] = json_response(ret_conn, :ok)
+
+ {:ok, _user} = User.follow(third_user, user)
+
+ ret_conn = get(conn, "/api/v1/timelines/home")
+
+ assert [
+ %{
+ "reblog" => %{
+ "content" => "repeated post",
+ "account" => %{
+ "acct" => "repeated",
+ "pleroma" => %{
+ "relationship" => %{"following" => false, "followed_by" => true}
+ }
+ }
+ },
+ "account" => %{"pleroma" => %{"relationship" => %{"following" => true}}}
+ },
+ %{
+ "content" => "post",
+ "account" => %{
+ "acct" => "followed",
+ "pleroma" => %{"relationship" => %{"following" => true}}
+ }
+ }
+ ] = json_response(ret_conn, :ok)
end
test "the home timeline when the direct messages are excluded", %{user: user, conn: conn} do
@@ -80,15 +126,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
assert [%{"content" => "test"}] = json_response(conn, :ok)
end
- test "the public timeline when public is set to false", %{conn: conn} do
- Config.put([:instance, :public], false)
-
- assert %{"error" => "This resource requires authentication."} ==
- conn
- |> get("/api/v1/timelines/public", %{"local" => "False"})
- |> json_response(:forbidden)
- end
-
test "the public timeline includes only public statuses for an authenticated user" do
%{user: user, conn: conn} = oauth_access(["read:statuses"])
@@ -102,6 +139,98 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
end
end
+ defp local_and_remote_activities do
+ insert(:note_activity)
+ insert(:note_activity, local: false)
+ :ok
+ end
+
+ describe "public with restrict unauthenticated timeline for local and federated timelines" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true)
+
+ setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true)
+
+ test "if user is unauthenticated", %{conn: conn} do
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+
+ assert json_response(res_conn, :unauthorized) == %{
+ "error" => "authorization required for timeline view"
+ }
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+
+ assert json_response(res_conn, :unauthorized) == %{
+ "error" => "authorization required for timeline view"
+ }
+ end
+
+ test "if user is authenticated" do
+ %{conn: conn} = oauth_access(["read:statuses"])
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "public with restrict unauthenticated timeline for local" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true)
+
+ test "if user is unauthenticated", %{conn: conn} do
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+
+ assert json_response(res_conn, :unauthorized) == %{
+ "error" => "authorization required for timeline view"
+ }
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+ assert length(json_response(res_conn, 200)) == 2
+ end
+
+ test "if user is authenticated", %{conn: _conn} do
+ %{conn: conn} = oauth_access(["read:statuses"])
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "public with restrict unauthenticated timeline for remote" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true)
+
+ test "if user is unauthenticated", %{conn: conn} do
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+
+ assert json_response(res_conn, :unauthorized) == %{
+ "error" => "authorization required for timeline view"
+ }
+ end
+
+ test "if user is authenticated", %{conn: _conn} do
+ %{conn: conn} = oauth_access(["read:statuses"])
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+ assert length(json_response(res_conn, 200)) == 1
+
+ res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
describe "direct" do
test "direct timeline", %{conn: conn} do
user_one = insert(:user)