X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Ftwitter_api%2Futil_controller_test.exs;h=ee658ddf64f6f780ae10a27f82fc0d9b69f7790d;hb=6eb7d69e60a96e577de92de232ed48e509f23cd4;hp=283c616780636a1b57d0310f4727f74c41b78abe;hpb=250e2020987b1fc65251ba9564e41b38ba060391;p=akkoma diff --git a/test/pleroma/web/twitter_api/util_controller_test.exs b/test/pleroma/web/twitter_api/util_controller_test.exs index 283c61678..ee658ddf6 100644 --- a/test/pleroma/web/twitter_api/util_controller_test.exs +++ b/test/pleroma/web/twitter_api/util_controller_test.exs @@ -6,7 +6,6 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do use Pleroma.Web.ConnCase use Oban.Testing, repo: Pleroma.Repo - alias Pleroma.Config alias Pleroma.Tests.ObanHelpers alias Pleroma.User @@ -26,11 +25,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do test "it updates notification settings", %{user: user, conn: conn} do conn - |> put("/api/pleroma/notification_settings", %{ - "block_from_strangers" => true, - "bar" => 1 - }) - |> json_response(:ok) + |> put( + "/api/pleroma/notification_settings?#{URI.encode_query(%{block_from_strangers: true})}" + ) + |> json_response_and_validate_schema(:ok) user = refresh_record(user) @@ -42,8 +40,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do test "it updates notification settings to enable hiding contents", %{user: user, conn: conn} do conn - |> put("/api/pleroma/notification_settings", %{"hide_notification_contents" => "1"}) - |> json_response(:ok) + |> put( + "/api/pleroma/notification_settings?#{URI.encode_query(%{hide_notification_contents: 1})}" + ) + |> json_response_and_validate_schema(:ok) user = refresh_record(user) @@ -66,12 +66,12 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do } ] - Config.put(:frontend_configurations, config) + clear_config(:frontend_configurations, config) response = conn |> get("/api/pleroma/frontend_configurations") - |> json_response(:ok) + |> json_response_and_validate_schema(:ok) assert response == Jason.encode!(config |> Enum.into(%{})) |> Jason.decode!() end @@ -82,7 +82,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do emoji = conn |> get("/api/pleroma/emoji") - |> json_response(200) + |> json_response_and_validate_schema(200) assert Enum.all?(emoji, fn {_key, @@ -99,25 +99,25 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do setup do: clear_config([:instance, :healthcheck]) test "returns 503 when healthcheck disabled", %{conn: conn} do - Config.put([:instance, :healthcheck], false) + clear_config([:instance, :healthcheck], false) response = conn |> get("/api/pleroma/healthcheck") - |> json_response(503) + |> json_response_and_validate_schema(503) assert response == %{} end test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do - Config.put([:instance, :healthcheck], true) + clear_config([:instance, :healthcheck], true) with_mock Pleroma.Healthcheck, system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do response = conn |> get("/api/pleroma/healthcheck") - |> json_response(200) + |> json_response_and_validate_schema(200) assert %{ "active" => _, @@ -130,14 +130,14 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do end test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do - Config.put([:instance, :healthcheck], true) + clear_config([:instance, :healthcheck], true) with_mock Pleroma.Healthcheck, system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do response = conn |> get("/api/pleroma/healthcheck") - |> json_response(503) + |> json_response_and_validate_schema(503) assert %{ "active" => _, @@ -156,8 +156,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do test "with valid permissions and password, it disables the account", %{conn: conn, user: user} do response = conn - |> post("/api/pleroma/disable_account", %{"password" => "test"}) - |> json_response(:ok) + |> post("/api/pleroma/disable_account?password=test") + |> json_response_and_validate_schema(:ok) assert response == %{"status" => "success"} ObanHelpers.perform_all() @@ -172,8 +172,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do response = conn - |> post("/api/pleroma/disable_account", %{"password" => "test1"}) - |> json_response(:ok) + |> post("/api/pleroma/disable_account?password=test1") + |> json_response_and_validate_schema(:ok) assert response == %{"error" => "Invalid password."} user = User.get_cached_by_id(user.id) @@ -253,54 +253,93 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do conn = conn |> assign(:token, nil) - |> post("/api/pleroma/change_email") + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"}) - assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."} + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: write:accounts." + } end test "with proper permissions and invalid password", %{conn: conn} do conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "hi", - "email" => "test@test.com" - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"}) - assert json_response(conn, 200) == %{"error" => "Invalid password."} + assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."} end test "with proper permissions, valid password and invalid email", %{ conn: conn } do conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "test", - "email" => "foobar" - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test", email: "foobar"}) - assert json_response(conn, 200) == %{"error" => "Email has invalid format."} + assert json_response_and_validate_schema(conn, 200) == %{ + "error" => "Email has invalid format." + } end test "with proper permissions, valid password and no email", %{ conn: conn } do conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "test" - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test"}) - assert json_response(conn, 200) == %{"error" => "Email can't be blank."} + assert %{"error" => "Missing field: email."} = json_response_and_validate_schema(conn, 400) end - test "with proper permissions, valid password and blank email", %{ - conn: conn - } do + test "with proper permissions, valid password and blank email, when instance requires user email", + %{ + conn: conn + } do + orig_account_activation_required = + Pleroma.Config.get([:instance, :account_activation_required]) + + Pleroma.Config.put([:instance, :account_activation_required], true) + + on_exit(fn -> + Pleroma.Config.put( + [:instance, :account_activation_required], + orig_account_activation_required + ) + end) + conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "test", - "email" => "" - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test", email: ""}) - assert json_response(conn, 200) == %{"error" => "Email can't be blank."} + assert json_response_and_validate_schema(conn, 200) == %{"error" => "Email can't be blank."} + end + + test "with proper permissions, valid password and blank email, when instance does not require user email", + %{ + conn: conn + } do + orig_account_activation_required = + Pleroma.Config.get([:instance, :account_activation_required]) + + Pleroma.Config.put([:instance, :account_activation_required], false) + + on_exit(fn -> + Pleroma.Config.put( + [:instance, :account_activation_required], + orig_account_activation_required + ) + end) + + conn = + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test", email: ""}) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} end test "with proper permissions, valid password and non unique email", %{ @@ -309,24 +348,24 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do user = insert(:user) conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "test", - "email" => user.email - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test", email: user.email}) - assert json_response(conn, 200) == %{"error" => "Email has already been taken."} + assert json_response_and_validate_schema(conn, 200) == %{ + "error" => "Email has already been taken." + } end test "with proper permissions, valid password and valid email", %{ conn: conn } do conn = - post(conn, "/api/pleroma/change_email", %{ - "password" => "test", - "email" => "cofe@foobar.com" - }) + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_email", %{password: "test", email: "cofe@foobar.com"}) - assert json_response(conn, 200) == %{"status" => "success"} + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} end end @@ -337,20 +376,29 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do conn = conn |> assign(:token, nil) - |> post("/api/pleroma/change_password") + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_password", %{ + "password" => "hi", + "new_password" => "newpass", + "new_password_confirmation" => "newpass" + }) - assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."} + assert json_response_and_validate_schema(conn, 403) == %{ + "error" => "Insufficient permissions: write:accounts." + } end test "with proper permissions and invalid password", %{conn: conn} do conn = - post(conn, "/api/pleroma/change_password", %{ + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_password", %{ "password" => "hi", "new_password" => "newpass", "new_password_confirmation" => "newpass" }) - assert json_response(conn, 200) == %{"error" => "Invalid password."} + assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."} end test "with proper permissions, valid password and new password and confirmation not matching", @@ -358,13 +406,15 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do conn: conn } do conn = - post(conn, "/api/pleroma/change_password", %{ + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_password", %{ "password" => "test", "new_password" => "newpass", "new_password_confirmation" => "notnewpass" }) - assert json_response(conn, 200) == %{ + assert json_response_and_validate_schema(conn, 200) == %{ "error" => "New password does not match confirmation." } end @@ -373,13 +423,15 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do conn: conn } do conn = - post(conn, "/api/pleroma/change_password", %{ - "password" => "test", - "new_password" => "", - "new_password_confirmation" => "" + conn + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/pleroma/change_password", %{ + password: "test", + new_password: "", + new_password_confirmation: "" }) - assert json_response(conn, 200) == %{ + assert json_response_and_validate_schema(conn, 200) == %{ "error" => "New password can't be blank." } end @@ -389,13 +441,18 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do user: user } do conn = - post(conn, "/api/pleroma/change_password", %{ - "password" => "test", - "new_password" => "newpass", - "new_password_confirmation" => "newpass" - }) - - assert json_response(conn, 200) == %{"status" => "success"} + conn + |> put_req_header("content-type", "multipart/form-data") + |> post( + "/api/pleroma/change_password", + %{ + password: "test", + new_password: "newpass", + new_password_confirmation: "newpass" + } + ) + + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} fetched_user = User.get_cached_by_id(user.id) assert Pleroma.Password.Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true end @@ -410,22 +467,47 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do |> assign(:token, nil) |> post("/api/pleroma/delete_account") - assert json_response(conn, 403) == + assert json_response_and_validate_schema(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."} end test "with proper permissions and wrong or missing password", %{conn: conn} do for params <- [%{"password" => "hi"}, %{}] do - ret_conn = post(conn, "/api/pleroma/delete_account", params) + ret_conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/pleroma/delete_account", params) - assert json_response(ret_conn, 200) == %{"error" => "Invalid password."} + assert json_response_and_validate_schema(ret_conn, 200) == %{ + "error" => "Invalid password." + } end end - test "with proper permissions and valid password", %{conn: conn, user: user} do - conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"}) + test "with proper permissions and valid password (URL query)", %{conn: conn, user: user} do + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/pleroma/delete_account?password=test") + + ObanHelpers.perform_all() + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} + + user = User.get_by_id(user.id) + refute user.is_active + assert user.name == nil + assert user.bio == "" + assert user.password_hash == nil + end + + test "with proper permissions and valid password (JSON body)", %{conn: conn, user: user} do + conn = + conn + |> put_req_header("content-type", "application/json") + |> post("/api/pleroma/delete_account", %{password: "test"}) + ObanHelpers.perform_all() - assert json_response(conn, 200) == %{"status" => "success"} + assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"} user = User.get_by_id(user.id) refute user.is_active