X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Fmastodon_api%2Fupdate_credentials_test.exs;h=2ba909dadca93e2192a39ffc46ac97616eb0202c;hb=07a48b9293e4046c50b5d424d60a1bf16c7cc198;hp=435782d0ac58e592c3b1206fbba8685156621c67;hpb=0cfd5b4e89b02688342345755577e58eece3db0f;p=akkoma
diff --git a/test/pleroma/web/mastodon_api/update_credentials_test.exs b/test/pleroma/web/mastodon_api/update_credentials_test.exs
index 435782d0a..2ba909dad 100644
--- a/test/pleroma/web/mastodon_api/update_credentials_test.exs
+++ b/test/pleroma/web/mastodon_api/update_credentials_test.exs
@@ -226,7 +226,7 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
test "does not allow negative integers other than -1 for TTL", %{conn: conn} do
conn = patch(conn, "/api/v1/accounts/update_credentials", %{"status_ttl_days" => "-2"})
- assert user_data = json_response_and_validate_schema(conn, 403)
+ assert json_response_and_validate_schema(conn, 403)
end
test "updates the user's AKAs", %{conn: conn} do
@@ -272,6 +272,34 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
assert user.avatar == nil
end
+ test "updates the user's avatar, upload_limit, returns a HTTP 413", %{conn: conn, user: user} do
+ upload_limit = Config.get([:instance, :upload_limit]) * 8 + 8
+
+ assert :ok ==
+ File.write(Path.absname("test/tmp/large_binary.data"), <<0::size(upload_limit)>>)
+
+ new_avatar_oversized = %Plug.Upload{
+ content_type: nil,
+ path: Path.absname("test/tmp/large_binary.data"),
+ filename: "large_binary.data"
+ }
+
+ assert user.avatar == %{}
+
+ res =
+ patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar_oversized})
+
+ assert user_response = json_response_and_validate_schema(res, 413)
+ assert user_response["avatar"] != User.avatar_url(user)
+
+ user = User.get_by_id(user.id)
+ assert user.avatar == %{}
+
+ clear_config([:instance, :upload_limit], upload_limit)
+
+ assert :ok == File.rm(Path.absname("test/tmp/large_binary.data"))
+ end
+
test "updates the user's banner", %{user: user, conn: conn} do
new_header = %Plug.Upload{
content_type: "image/jpeg",
@@ -291,6 +319,32 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
assert user.banner == nil
end
+ test "updates the user's banner, upload_limit, returns a HTTP 413", %{conn: conn, user: user} do
+ upload_limit = Config.get([:instance, :upload_limit]) * 8 + 8
+
+ assert :ok ==
+ File.write(Path.absname("test/tmp/large_binary.data"), <<0::size(upload_limit)>>)
+
+ new_header_oversized = %Plug.Upload{
+ content_type: nil,
+ path: Path.absname("test/tmp/large_binary.data"),
+ filename: "large_binary.data"
+ }
+
+ res =
+ patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header_oversized})
+
+ assert user_response = json_response_and_validate_schema(res, 413)
+ assert user_response["header"] != User.banner_url(user)
+
+ user = User.get_by_id(user.id)
+ assert user.banner == %{}
+
+ clear_config([:instance, :upload_limit], upload_limit)
+
+ assert :ok == File.rm(Path.absname("test/tmp/large_binary.data"))
+ end
+
test "updates the user's background", %{conn: conn, user: user} do
new_header = %Plug.Upload{
content_type: "image/jpeg",
@@ -314,6 +368,34 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
assert user.background == nil
end
+ test "updates the user's background, upload_limit, returns a HTTP 413", %{
+ conn: conn,
+ user: user
+ } do
+ upload_limit = Config.get([:instance, :upload_limit]) * 8 + 8
+
+ assert :ok ==
+ File.write(Path.absname("test/tmp/large_binary.data"), <<0::size(upload_limit)>>)
+
+ new_background_oversized = %Plug.Upload{
+ content_type: nil,
+ path: Path.absname("test/tmp/large_binary.data"),
+ filename: "large_binary.data"
+ }
+
+ res =
+ patch(conn, "/api/v1/accounts/update_credentials", %{
+ "pleroma_background_image" => new_background_oversized
+ })
+
+ assert json_response_and_validate_schema(res, 413)
+ assert user.background == %{}
+
+ clear_config([:instance, :upload_limit], upload_limit)
+
+ assert :ok == File.rm(Path.absname("test/tmp/large_binary.data"))
+ end
+
test "requires 'write:accounts' permission" do
token1 = insert(:oauth_token, scopes: ["read"])
token2 = insert(:oauth_token, scopes: ["write", "follow"])
@@ -357,13 +439,13 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
test "update fields", %{conn: conn} do
fields = [
- %{"name" => "foo", "value" => ""},
- %{"name" => "link.io", "value" => "cofe.io"}
+ %{name: "foo", value: ""},
+ %{name: "link.io", value: "cofe.io"}
]
account_data =
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(200)
assert account_data["fields"] == [
@@ -385,13 +467,13 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
test "emojis in fields labels", %{conn: conn} do
fields = [
- %{"name" => ":firefox:", "value" => "is best 2hu"},
- %{"name" => "they wins", "value" => ":blank:"}
+ %{name: ":firefox:", value: "is best 2hu"},
+ %{name: "they wins", value: ":blank:"}
]
account_data =
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(200)
assert account_data["fields"] == [
@@ -439,13 +521,13 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
test "update fields with empty name", %{conn: conn} do
fields = [
- %{"name" => "foo", "value" => ""},
- %{"name" => "", "value" => "bar"}
+ %{name: "foo", value: ""},
+ %{name: "", value: "bar"}
]
account =
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(200)
assert account["fields"] == [
@@ -460,30 +542,30 @@ defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
- fields = [%{"name" => "foo", "value" => long_value}]
+ fields = [%{name: "foo", value: long_value}]
assert %{"error" => "Invalid request"} ==
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(403)
- fields = [%{"name" => long_name, "value" => "bar"}]
+ fields = [%{name: long_name, value: "bar"}]
assert %{"error" => "Invalid request"} ==
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(403)
clear_config([:instance, :max_account_fields], 1)
fields = [
- %{"name" => "foo", "value" => "bar"},
+ %{name: "foo", value: "bar"},
%{"name" => "link", "value" => "cofe.io"}
]
assert %{"error" => "Invalid request"} ==
conn
- |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> patch("/api/v1/accounts/update_credentials", %{fields_attributes: fields})
|> json_response_and_validate_schema(403)
end
end