X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Factivity_pub%2Factivity_pub_controller_test.exs;h=91a3109bbb948f3514ed629d6ad5c48047348b9a;hb=e2d7c4fd570cf3d4af649bc4a98c927b38088bc2;hp=0517571f28f7cde9cbfa7bc36cb9fe274da313e9;hpb=7dffaef4799b0e867e91e19b76567c0e1a19bb43;p=akkoma
diff --git a/test/pleroma/web/activity_pub/activity_pub_controller_test.exs b/test/pleroma/web/activity_pub/activity_pub_controller_test.exs
index 0517571f2..91a3109bb 100644
--- a/test/pleroma/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/pleroma/web/activity_pub/activity_pub_controller_test.exs
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
@@ -7,7 +7,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
use Oban.Testing, repo: Pleroma.Repo
alias Pleroma.Activity
- alias Pleroma.Config
alias Pleroma.Delivery
alias Pleroma.Instances
alias Pleroma.Object
@@ -46,7 +45,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "with the relay disabled, it returns 404", %{conn: conn} do
- Config.put([:instance, :allow_relay], false)
+ clear_config([:instance, :allow_relay], false)
conn
|> get(activity_pub_path(conn, :relay))
@@ -54,7 +53,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "on non-federating instance, it returns 404", %{conn: conn} do
- Config.put([:instance, :federating], false)
+ clear_config([:instance, :federating], false)
user = insert(:user)
conn
@@ -75,7 +74,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "on non-federating instance, it returns 404", %{conn: conn} do
- Config.put([:instance, :federating], false)
+ clear_config([:instance, :federating], false)
user = insert(:user)
conn
@@ -156,21 +155,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert response == "Not found"
end
-
- test "it requires authentication if instance is NOT federating", %{
- conn: conn
- } do
- user = insert(:user)
-
- conn =
- put_req_header(
- conn,
- "accept",
- "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\""
- )
-
- ensure_federating_or_authenticated(conn, "/users/#{user.nickname}.json", user)
- end
end
describe "mastodon compatibility routes" do
@@ -228,6 +212,23 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
describe "/objects/:uuid" do
+ test "it doesn't return a local-only object", %{conn: conn} do
+ user = insert(:user)
+ {:ok, post} = CommonAPI.post(user, %{status: "test", visibility: "local"})
+
+ assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post)
+
+ object = Object.normalize(post, fetch: false)
+ uuid = String.split(object.data["id"], "/") |> List.last()
+
+ conn =
+ conn
+ |> put_req_header("accept", "application/json")
+ |> get("/objects/#{uuid}")
+
+ assert json_response(conn, 404)
+ end
+
test "it returns a json representation of the object with accept application/json", %{
conn: conn
} do
@@ -338,21 +339,25 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert "Not found" == json_response(conn2, :not_found)
end
+ end
- test "it requires authentication if instance is NOT federating", %{
- conn: conn
- } do
+ describe "/activities/:uuid" do
+ test "it doesn't return a local-only activity", %{conn: conn} do
user = insert(:user)
- note = insert(:note)
- uuid = String.split(note.data["id"], "/") |> List.last()
+ {:ok, post} = CommonAPI.post(user, %{status: "test", visibility: "local"})
- conn = put_req_header(conn, "accept", "application/activity+json")
+ assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post)
+
+ uuid = String.split(post.data["id"], "/") |> List.last()
+
+ conn =
+ conn
+ |> put_req_header("accept", "application/json")
+ |> get("/activities/#{uuid}")
- ensure_federating_or_authenticated(conn, "/objects/#{uuid}", user)
+ assert json_response(conn, 404)
end
- end
- describe "/activities/:uuid" do
test "it returns a json representation of the activity", %{conn: conn} do
activity = insert(:note_activity)
uuid = String.split(activity.data["id"], "/") |> List.last()
@@ -421,23 +426,11 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert "Not found" == json_response(conn2, :not_found)
end
-
- test "it requires authentication if instance is NOT federating", %{
- conn: conn
- } do
- user = insert(:user)
- activity = insert(:note_activity)
- uuid = String.split(activity.data["id"], "/") |> List.last()
-
- conn = put_req_header(conn, "accept", "application/activity+json")
-
- ensure_federating_or_authenticated(conn, "/activities/#{uuid}", user)
- end
end
describe "/inbox" do
test "it inserts an incoming activity into the database", %{conn: conn} do
- data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
+ data = File.read!("test/fixtures/mastodon-post-activity.json") |> Jason.decode!()
conn =
conn
@@ -465,7 +458,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
data =
File.read!("test/fixtures/mastodon-post-activity.json")
- |> Poison.decode!()
+ |> Jason.decode!()
|> Map.put("actor", user.ap_id)
|> put_in(["object", "attridbutedTo"], user.ap_id)
@@ -482,7 +475,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "it clears `unreachable` federation status of the sender", %{conn: conn} do
- data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
+ data = File.read!("test/fixtures/mastodon-post-activity.json") |> Jason.decode!()
sender_url = data["actor"]
Instances.set_consistently_unreachable(sender_url)
@@ -499,7 +492,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "accept follow activity", %{conn: conn} do
- Pleroma.Config.put([:instance, :federating], true)
+ clear_config([:instance, :federating], true)
relay = Relay.get_actor()
assert {:ok, %Activity{} = activity} = Relay.follow("https://relay.mastodon.host/actor")
@@ -540,12 +533,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "without valid signature, " <>
"it only accepts Create activities and requires enabled federation",
%{conn: conn} do
- data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
- non_create_data = File.read!("test/fixtures/mastodon-announce.json") |> Poison.decode!()
+ data = File.read!("test/fixtures/mastodon-post-activity.json") |> Jason.decode!()
+ non_create_data = File.read!("test/fixtures/mastodon-announce.json") |> Jason.decode!()
conn = put_req_header(conn, "content-type", "application/activity+json")
- Config.put([:instance, :federating], false)
+ clear_config([:instance, :federating], false)
conn
|> post("/inbox", data)
@@ -555,7 +548,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|> post("/inbox", non_create_data)
|> json_response(403)
- Config.put([:instance, :federating], true)
+ clear_config([:instance, :federating], true)
ret_conn = post(conn, "/inbox", data)
assert "ok" == json_response(ret_conn, 200)
@@ -570,7 +563,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
setup do
data =
File.read!("test/fixtures/mastodon-post-activity.json")
- |> Poison.decode!()
+ |> Jason.decode!()
[data: data]
end
@@ -681,7 +674,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
recipient = insert(:user)
actor = insert(:user, %{ap_id: "http://mastodon.example.org/users/actor"})
- {:ok, recipient} = User.follow(recipient, actor)
+ {:ok, recipient, actor} = User.follow(recipient, actor)
object =
data["object"]
@@ -718,7 +711,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it returns a note activity in a collection", %{conn: conn} do
note_activity = insert(:direct_note_activity)
- note_object = Object.normalize(note_activity)
+ note_object = Object.normalize(note_activity, fetch: false)
user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))
conn =
@@ -753,7 +746,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
data =
File.read!("test/fixtures/activitypub-client-post-activity.json")
- |> Poison.decode!()
+ |> Jason.decode!()
object = Map.put(data["object"], "attributedTo", actor.ap_id)
@@ -805,6 +798,142 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert json_response(ret_conn, 200)
end
+
+ @tag capture_log: true
+ test "forwarded report", %{conn: conn} do
+ admin = insert(:user, is_admin: true)
+ actor = insert(:user, local: false)
+ remote_domain = URI.parse(actor.ap_id).host
+ reported_user = insert(:user)
+
+ note = insert(:note_activity, user: reported_user)
+
+ data = %{
+ "@context" => [
+ "https://www.w3.org/ns/activitystreams",
+ "https://#{remote_domain}/schemas/litepub-0.1.jsonld",
+ %{
+ "@language" => "und"
+ }
+ ],
+ "actor" => actor.ap_id,
+ "cc" => [
+ reported_user.ap_id
+ ],
+ "content" => "test",
+ "context" => "context",
+ "id" => "http://#{remote_domain}/activities/02be56cf-35e3-46b4-b2c6-47ae08dfee9e",
+ "nickname" => reported_user.nickname,
+ "object" => [
+ reported_user.ap_id,
+ %{
+ "actor" => %{
+ "actor_type" => "Person",
+ "approval_pending" => false,
+ "avatar" => "",
+ "confirmation_pending" => false,
+ "deactivated" => false,
+ "display_name" => "test user",
+ "id" => reported_user.id,
+ "local" => false,
+ "nickname" => reported_user.nickname,
+ "registration_reason" => nil,
+ "roles" => %{
+ "admin" => false,
+ "moderator" => false
+ },
+ "tags" => [],
+ "url" => reported_user.ap_id
+ },
+ "content" => "",
+ "id" => note.data["id"],
+ "published" => note.data["published"],
+ "type" => "Note"
+ }
+ ],
+ "published" => note.data["published"],
+ "state" => "open",
+ "to" => [],
+ "type" => "Flag"
+ }
+
+ conn
+ |> assign(:valid_signature, true)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{reported_user.nickname}/inbox", data)
+ |> json_response(200)
+
+ ObanHelpers.perform(all_enqueued(worker: ReceiverWorker))
+
+ assert Pleroma.Repo.aggregate(Activity, :count, :id) == 2
+
+ ObanHelpers.perform_all()
+
+ Swoosh.TestAssertions.assert_email_sent(
+ to: {admin.name, admin.email},
+ html_body: ~r/Reported Account:/i
+ )
+ end
+
+ @tag capture_log: true
+ test "forwarded report from mastodon", %{conn: conn} do
+ admin = insert(:user, is_admin: true)
+ actor = insert(:user, local: false)
+ remote_domain = URI.parse(actor.ap_id).host
+ remote_actor = "https://#{remote_domain}/actor"
+ [reported_user, another] = insert_list(2, :user)
+
+ note = insert(:note_activity, user: reported_user)
+
+ Pleroma.Web.CommonAPI.favorite(another, note.id)
+
+ mock_json_body =
+ "test/fixtures/mastodon/application_actor.json"
+ |> File.read!()
+ |> String.replace("{{DOMAIN}}", remote_domain)
+
+ Tesla.Mock.mock(fn %{url: ^remote_actor} ->
+ %Tesla.Env{
+ status: 200,
+ body: mock_json_body,
+ headers: [{"content-type", "application/activity+json"}]
+ }
+ end)
+
+ data = %{
+ "@context" => "https://www.w3.org/ns/activitystreams",
+ "actor" => remote_actor,
+ "content" => "test report",
+ "id" => "https://#{remote_domain}/e3b12fd1-948c-446e-b93b-a5e67edbe1d8",
+ "nickname" => reported_user.nickname,
+ "object" => [
+ reported_user.ap_id,
+ note.data["object"]
+ ],
+ "type" => "Flag"
+ }
+
+ conn
+ |> assign(:valid_signature, true)
+ |> put_req_header("content-type", "application/activity+json")
+ |> post("/users/#{reported_user.nickname}/inbox", data)
+ |> json_response(200)
+
+ ObanHelpers.perform(all_enqueued(worker: ReceiverWorker))
+
+ flag_activity = "Flag" |> Pleroma.Activity.Queries.by_type() |> Pleroma.Repo.one()
+ reported_user_ap_id = reported_user.ap_id
+
+ [^reported_user_ap_id, flag_data] = flag_activity.data["object"]
+
+ Enum.each(~w(actor content id published type), &Map.has_key?(flag_data, &1))
+ ObanHelpers.perform_all()
+
+ Swoosh.TestAssertions.assert_email_sent(
+ to: {admin.name, admin.email},
+ html_body: ~r/#{note.data["object"]}/i
+ )
+ end
end
describe "GET /users/:nickname/outbox" do
@@ -869,7 +998,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it returns a note activity in a collection", %{conn: conn} do
note_activity = insert(:note_activity)
- note_object = Object.normalize(note_activity)
+ note_object = Object.normalize(note_activity, fetch: false)
user = User.get_cached_by_ap_id(note_activity.data["actor"])
conn =
@@ -893,15 +1022,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert response(conn, 200) =~ announce_activity.data["object"]
end
-
- test "it requires authentication if instance is NOT federating", %{
- conn: conn
- } do
- user = insert(:user)
- conn = put_req_header(conn, "accept", "application/activity+json")
-
- ensure_federating_or_authenticated(conn, "/users/#{user.nickname}/outbox", user)
- end
end
describe "POST /users/:nickname/outbox (C2S)" do
@@ -952,7 +1072,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert Activity.get_by_ap_id(result["id"])
assert result["object"]
- assert %Object{data: object} = Object.normalize(result["object"])
+ assert %Object{data: object} = Object.normalize(result["object"], fetch: false)
assert object["content"] == activity["object"]["content"]
end
@@ -988,7 +1108,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert Activity.get_by_ap_id(response["id"])
assert response["object"]
- assert %Object{data: response_object} = Object.normalize(response["object"])
+ assert %Object{data: response_object} = Object.normalize(response["object"], fetch: false)
assert response_object["sensitive"] == true
assert response_object["content"] == activity["object"]["content"]
@@ -1016,7 +1136,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
note_activity = insert(:note_activity)
- note_object = Object.normalize(note_activity)
+ note_object = Object.normalize(note_activity, fetch: false)
user = User.get_cached_by_ap_id(note_activity.data["actor"])
data = %{
@@ -1041,7 +1161,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it rejects delete activity of object from other actor", %{conn: conn} do
note_activity = insert(:note_activity)
- note_object = Object.normalize(note_activity)
+ note_object = Object.normalize(note_activity, fetch: false)
user = insert(:user)
data = %{
@@ -1062,7 +1182,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it increases like count when receiving a like action", %{conn: conn} do
note_activity = insert(:note_activity)
- note_object = Object.normalize(note_activity)
+ note_object = Object.normalize(note_activity, fetch: false)
user = User.get_cached_by_ap_id(note_activity.data["actor"])
data = %{
@@ -1119,13 +1239,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert cirno_outbox["attributedTo"] == nil
assert cirno_outbox["actor"] == cirno.ap_id
- assert cirno_object = Object.normalize(cirno_outbox["object"])
+ assert cirno_object = Object.normalize(cirno_outbox["object"], fetch: false)
assert cirno_object.data["actor"] == cirno.ap_id
assert cirno_object.data["attributedTo"] == cirno.ap_id
end
test "Character limitation", %{conn: conn, activity: activity} do
- Pleroma.Config.put([:instance, :limit], 5)
+ clear_config([:instance, :limit], 5)
user = insert(:user)
result =
@@ -1154,7 +1274,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "on non-federating instance, it returns 404", %{conn: conn} do
- Config.put([:instance, :federating], false)
+ clear_config([:instance, :federating], false)
user = insert(:user)
conn
@@ -1175,7 +1295,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
end
test "on non-federating instance, it returns 404", %{conn: conn} do
- Config.put([:instance, :federating], false)
+ clear_config([:instance, :federating], false)
user = insert(:user)
conn
@@ -1382,7 +1502,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it tracks a signed object fetch", %{conn: conn} do
user = insert(:user, local: false)
activity = insert(:note_activity)
- object = Object.normalize(activity)
+ object = Object.normalize(activity, fetch: false)
object_path = String.trim_leading(object.data["id"], Pleroma.Web.Endpoint.url())
@@ -1398,7 +1518,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
test "it tracks a signed activity fetch", %{conn: conn} do
user = insert(:user, local: false)
activity = insert(:note_activity)
- object = Object.normalize(activity)
+ object = Object.normalize(activity, fetch: false)
activity_path = String.trim_leading(activity.data["id"], Pleroma.Web.Endpoint.url())
@@ -1415,7 +1535,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
user = insert(:user, local: false)
other_user = insert(:user, local: false)
activity = insert(:note_activity)
- object = Object.normalize(activity)
+ object = Object.normalize(activity, fetch: false)
object_path = String.trim_leading(object.data["id"], Pleroma.Web.Endpoint.url())
@@ -1439,7 +1559,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
user = insert(:user, local: false)
other_user = insert(:user, local: false)
activity = insert(:note_activity)
- object = Object.normalize(activity)
+ object = Object.normalize(activity, fetch: false)
activity_path = String.trim_leading(activity.data["id"], Pleroma.Web.Endpoint.url())
@@ -1487,7 +1607,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
desc = "Description of the image"
image = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image.jpg"),
filename: "an_image.jpg"
}
@@ -1504,6 +1624,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert [%{"href" => object_href, "mediaType" => object_mediatype}] = object["url"]
assert is_binary(object_href)
assert object_mediatype == "image/jpeg"
+ assert String.ends_with?(object_href, ".jpg")
activity_request = %{
"@context" => "https://www.w3.org/ns/activitystreams",
@@ -1528,7 +1649,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert activity_response["actor"] == user.ap_id
assert %Object{data: %{"attachment" => [attachment]}} =
- Object.normalize(activity_response["object"])
+ Object.normalize(activity_response["object"], fetch: false)
assert attachment["type"] == "Document"
assert attachment["name"] == desc