X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Fmastodon_api%2Fcontrollers%2Ftimeline_controller_test.exs;h=aa9006681823441f93c963028078910c9a8701cd;hb=0c8da6466e9fd01b63e9224f9ac18655fd8bf86b;hp=066762748c20b6580a201d1395f9a17a5ee877aa;hpb=77f0a0af7df3ad4cf566a8c68560a09ba6a50cd5;p=akkoma diff --git a/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs index 066762748..aa9006681 100644 --- a/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/timeline_controller_test.exs @@ -131,22 +131,22 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do refute remote_activity.id in only_local_media_ids assert with_media.id in only_local_media_ids - only_remote_ids = + remote_ids = conn - |> get("/api/v1/timelines/home?only_remote=true") + |> get("/api/v1/timelines/home?remote=true") |> json_response_and_validate_schema(200) |> Enum.map(& &1["id"]) - refute local_activity.id in only_remote_ids - assert remote_activity.id in only_remote_ids - refute with_media.id in only_remote_ids + refute local_activity.id in remote_ids + assert remote_activity.id in remote_ids + refute with_media.id in remote_ids assert conn - |> get("/api/v1/timelines/home?only_remote=true&only_media=true") + |> get("/api/v1/timelines/home?remote=true&only_media=true") |> json_response_and_validate_schema(200) == [] assert conn - |> get("/api/v1/timelines/home?only_remote=true&local=true") + |> get("/api/v1/timelines/home?remote=true&local=true") |> json_response_and_validate_schema(200) == [] end end @@ -210,7 +210,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do assert [%{"id" => ^remote_id}] = conn - |> get("/api/v1/timelines/public?only_remote=true") + |> get("/api/v1/timelines/public?remote=true") |> json_response_and_validate_schema(:ok) with_media_id = with_media.id @@ -221,7 +221,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do |> json_response_and_validate_schema(:ok) assert conn - |> get("/api/v1/timelines/public?only_remote=true&only_media=true") + |> get("/api/v1/timelines/public?remote=true&only_media=true") |> json_response_and_validate_schema(:ok) == [] # does not contain repeats @@ -273,6 +273,24 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do [%{"id" => ^reply_from_me}, %{"id" => ^activity_id}] = response end + test "doesn't return posts from users who blocked you when :blockers_visible is disabled" do + clear_config([:activitypub, :blockers_visible], false) + + %{conn: conn, user: blockee} = oauth_access(["read:statuses"]) + blocker = insert(:user) + {:ok, _} = User.block(blocker, blockee) + + conn = assign(conn, :user, blockee) + + {:ok, _} = CommonAPI.post(blocker, %{status: "hey!"}) + + response = + get(conn, "/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert response == [] + end + test "doesn't return replies if follow is posting with users from blocked domain" do %{conn: conn, user: blocker} = oauth_access(["read:statuses"]) friend = insert(:user) @@ -349,6 +367,47 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do } ] = result end + + test "should return local-only posts for authenticated users" do + user = insert(:user) + %{user: _reader, conn: conn} = oauth_access(["read:statuses"]) + + {:ok, %{id: id}} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + conn + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [%{"id" => ^id}] = result + end + + test "should not return local-only posts for users without read:statuses" do + user = insert(:user) + %{user: _reader, conn: conn} = oauth_access([]) + + {:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + conn + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [] = result + end + + test "should not return local-only posts for anonymous users" do + user = insert(:user) + + {:ok, _activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + result = + build_conn() + |> get("/api/v1/timelines/public") + |> json_response_and_validate_schema(200) + + assert [] = result + end end defp local_and_remote_activities do @@ -468,7 +527,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do |> assign(:token, insert(:oauth_token, user: user_two, scopes: ["read:statuses"])) # Only direct should be visible here - res_conn = get(conn_user_two, "api/v1/timelines/direct") + res_conn = get(conn_user_two, "/api/v1/timelines/direct") assert [status] = json_response_and_validate_schema(res_conn, :ok) @@ -480,14 +539,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do build_conn() |> assign(:user, user_one) |> assign(:token, insert(:oauth_token, user: user_one, scopes: ["read:statuses"])) - |> get("api/v1/timelines/direct") + |> get("/api/v1/timelines/direct") [status] = json_response_and_validate_schema(res_conn, :ok) assert %{"visibility" => "direct"} = status # Both should be visible here - res_conn = get(conn_user_two, "api/v1/timelines/home") + res_conn = get(conn_user_two, "/api/v1/timelines/home") [_s1, _s2] = json_response_and_validate_schema(res_conn, :ok) @@ -500,14 +559,14 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do }) end) - res_conn = get(conn_user_two, "api/v1/timelines/direct") + res_conn = get(conn_user_two, "/api/v1/timelines/direct") statuses = json_response_and_validate_schema(res_conn, :ok) assert length(statuses) == 20 max_id = List.last(statuses)["id"] - res_conn = get(conn_user_two, "api/v1/timelines/direct?max_id=#{max_id}") + res_conn = get(conn_user_two, "/api/v1/timelines/direct?max_id=#{max_id}") assert [status] = json_response_and_validate_schema(res_conn, :ok) @@ -532,7 +591,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do visibility: "direct" }) - res_conn = get(conn, "api/v1/timelines/direct") + res_conn = get(conn, "/api/v1/timelines/direct") [status] = json_response_and_validate_schema(res_conn, :ok) assert status["id"] == direct.id @@ -657,7 +716,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do ] = result end - test "filering", %{user: user, conn: conn} do + test "filtering", %{user: user, conn: conn} do {:ok, list} = Pleroma.List.create("name", user) local_user = insert(:user) @@ -699,18 +758,18 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do assert with_media.id in only_local_media_ids refute remote_activity.id in only_local_media_ids - only_remote_ids = + remote_ids = conn - |> get("/api/v1/timelines/list/#{list.id}?only_remote=true") + |> get("/api/v1/timelines/list/#{list.id}?remote=true") |> json_response_and_validate_schema(200) |> Enum.map(& &1["id"]) - refute local_activity.id in only_remote_ids - refute with_media.id in only_remote_ids - assert remote_activity.id in only_remote_ids + refute local_activity.id in remote_ids + refute with_media.id in remote_ids + assert remote_activity.id in remote_ids assert conn - |> get("/api/v1/timelines/list/#{list.id}?only_remote=true&only_media=true") + |> get("/api/v1/timelines/list/#{list.id}?remote=true&only_media=true") |> json_response_and_validate_schema(200) == [] only_media_ids = @@ -724,9 +783,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do refute remote_activity.id in only_media_ids assert conn - |> get( - "/api/v1/timelines/list/#{list.id}?only_media=true&local=true&only_remote=true" - ) + |> get("/api/v1/timelines/list/#{list.id}?only_media=true&local=true&remote=true") |> json_response_and_validate_schema(200) == [] end end @@ -777,7 +834,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do remote_ids = conn - |> get("/api/v1/timelines/tag/2hu?only_remote=true") + |> get("/api/v1/timelines/tag/2hu?remote=true") |> json_response_and_validate_schema(:ok) |> Enum.map(& &1["id"]) @@ -807,7 +864,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do ids = conn - |> get("/api/v1/timelines/tag/2hu?only_media=true&local=true&only_remote=true") + |> get("/api/v1/timelines/tag/2hu?only_media=true&local=true&remote=true") |> json_response_and_validate_schema(:ok) |> Enum.map(& &1["id"]) @@ -816,7 +873,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do refute remote_activity.id in ids assert conn - |> get("/api/v1/timelines/tag/2hu?only_media=true&only_remote=true") + |> get("/api/v1/timelines/tag/2hu?only_media=true&remote=true") |> json_response_and_validate_schema(:ok) == [] end @@ -907,10 +964,10 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do %{conn: auth_conn} = oauth_access(["read:statuses"]) res_conn = get(auth_conn, "#{base_uri}?local=true") - assert length(json_response(res_conn, 200)) == 1 + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 res_conn = get(auth_conn, "#{base_uri}?local=false") - assert length(json_response(res_conn, 200)) == 2 + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 end test "with default settings on private instances, returns 403 for unauthenticated users", %{ @@ -924,7 +981,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do for local <- [true, false] do res_conn = get(conn, "#{base_uri}?local=#{local}") - assert json_response(res_conn, :unauthorized) == error_response + assert json_response_and_validate_schema(res_conn, :unauthorized) == error_response end ensure_authenticated_access(base_uri) @@ -941,7 +998,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do for local <- [true, false] do res_conn = get(conn, "#{base_uri}?local=#{local}") - assert json_response(res_conn, :unauthorized) == error_response + assert json_response_and_validate_schema(res_conn, :unauthorized) == error_response end ensure_authenticated_access(base_uri) @@ -953,31 +1010,70 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do clear_config([:restrict_unauthenticated, :timelines, :federated], true) res_conn = get(conn, "#{base_uri}?local=true") - assert length(json_response(res_conn, 200)) == 1 + assert length(json_response_and_validate_schema(res_conn, 200)) == 1 res_conn = get(conn, "#{base_uri}?local=false") - assert json_response(res_conn, :unauthorized) == error_response + assert json_response_and_validate_schema(res_conn, :unauthorized) == error_response ensure_authenticated_access(base_uri) end - test "with `%{local: true, federated: false}`, forbids unauthenticated access to public timeline" <> - "(but not to local public activities which are delivered as part of federated timeline)", + test "with `%{local: true, federated: false}`, forbids unauthenticated access to public timeline", %{conn: conn, base_uri: base_uri, error_response: error_response} do + # (but not to local public activities which are delivered as part of federated timeline) clear_config([:restrict_unauthenticated, :timelines, :local], true) clear_config([:restrict_unauthenticated, :timelines, :federated], false) res_conn = get(conn, "#{base_uri}?local=true") - assert json_response(res_conn, :unauthorized) == error_response + assert json_response_and_validate_schema(res_conn, :unauthorized) == error_response # Note: local activities get delivered as part of federated timeline res_conn = get(conn, "#{base_uri}?local=false") - assert length(json_response(res_conn, 200)) == 2 + assert length(json_response_and_validate_schema(res_conn, 200)) == 2 ensure_authenticated_access(base_uri) end end + describe "bubble" do + setup do: oauth_access(["read:statuses"]) + + test "filtering", %{conn: conn, user: user} do + clear_config([:instance, :local_bubble], []) + # our endpoint host has a port in it so let's set the AP ID + local_user = insert(:user, %{ap_id: "https://localhost/users/user"}) + remote_user = insert(:user, %{ap_id: "https://example.com/users/remote_user"}) + {:ok, user, local_user} = User.follow(user, local_user) + {:ok, _user, remote_user} = User.follow(user, remote_user) + + {:ok, local_activity} = CommonAPI.post(local_user, %{status: "Status"}) + remote_activity = create_remote_activity(remote_user) + + # If nothing, only include ours + clear_config([:instance, :local_bubble], []) + + one_instance = + conn + |> get("/api/v1/timelines/bubble") + |> json_response_and_validate_schema(200) + |> Enum.map(& &1["id"]) + + assert local_activity.id in one_instance + + # If we have others, also include theirs + clear_config([:instance, :local_bubble], ["example.com"]) + + two_instances = + conn + |> get("/api/v1/timelines/bubble") + |> json_response_and_validate_schema(200) + |> Enum.map(& &1["id"]) + + assert local_activity.id in two_instances + assert remote_activity.id in two_instances + end + end + defp create_remote_activity(user) do obj = insert(:note, %{