X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Ftwitter_api%2Futil_controller_test.exs;h=ee658ddf64f6f780ae10a27f82fc0d9b69f7790d;hb=6eb7d69e60a96e577de92de232ed48e509f23cd4;hp=60f2fb052292e6f8ca9a8636e0a6aa666efa0cf4;hpb=8b6221d4ecd1d7e354e7de831dd46e285cb85077;p=akkoma
diff --git a/test/pleroma/web/twitter_api/util_controller_test.exs b/test/pleroma/web/twitter_api/util_controller_test.exs
index 60f2fb052..ee658ddf6 100644
--- a/test/pleroma/web/twitter_api/util_controller_test.exs
+++ b/test/pleroma/web/twitter_api/util_controller_test.exs
@@ -1,12 +1,11 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
use Pleroma.Web.ConnCase
use Oban.Testing, repo: Pleroma.Repo
- alias Pleroma.Config
alias Pleroma.Tests.ObanHelpers
alias Pleroma.User
@@ -26,11 +25,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
test "it updates notification settings", %{user: user, conn: conn} do
conn
- |> put("/api/pleroma/notification_settings", %{
- "block_from_strangers" => true,
- "bar" => 1
- })
- |> json_response(:ok)
+ |> put(
+ "/api/pleroma/notification_settings?#{URI.encode_query(%{block_from_strangers: true})}"
+ )
+ |> json_response_and_validate_schema(:ok)
user = refresh_record(user)
@@ -42,8 +40,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
test "it updates notification settings to enable hiding contents", %{user: user, conn: conn} do
conn
- |> put("/api/pleroma/notification_settings", %{"hide_notification_contents" => "1"})
- |> json_response(:ok)
+ |> put(
+ "/api/pleroma/notification_settings?#{URI.encode_query(%{hide_notification_contents: 1})}"
+ )
+ |> json_response_and_validate_schema(:ok)
user = refresh_record(user)
@@ -66,12 +66,12 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
}
]
- Config.put(:frontend_configurations, config)
+ clear_config(:frontend_configurations, config)
response =
conn
|> get("/api/pleroma/frontend_configurations")
- |> json_response(:ok)
+ |> json_response_and_validate_schema(:ok)
assert response == Jason.encode!(config |> Enum.into(%{})) |> Jason.decode!()
end
@@ -82,7 +82,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
emoji =
conn
|> get("/api/pleroma/emoji")
- |> json_response(200)
+ |> json_response_and_validate_schema(200)
assert Enum.all?(emoji, fn
{_key,
@@ -99,25 +99,25 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
setup do: clear_config([:instance, :healthcheck])
test "returns 503 when healthcheck disabled", %{conn: conn} do
- Config.put([:instance, :healthcheck], false)
+ clear_config([:instance, :healthcheck], false)
response =
conn
|> get("/api/pleroma/healthcheck")
- |> json_response(503)
+ |> json_response_and_validate_schema(503)
assert response == %{}
end
test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
- Config.put([:instance, :healthcheck], true)
+ clear_config([:instance, :healthcheck], true)
with_mock Pleroma.Healthcheck,
system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
response =
conn
|> get("/api/pleroma/healthcheck")
- |> json_response(200)
+ |> json_response_and_validate_schema(200)
assert %{
"active" => _,
@@ -130,14 +130,14 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
end
test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do
- Config.put([:instance, :healthcheck], true)
+ clear_config([:instance, :healthcheck], true)
with_mock Pleroma.Healthcheck,
system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
response =
conn
|> get("/api/pleroma/healthcheck")
- |> json_response(503)
+ |> json_response_and_validate_schema(503)
assert %{
"active" => _,
@@ -156,15 +156,15 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
test "with valid permissions and password, it disables the account", %{conn: conn, user: user} do
response =
conn
- |> post("/api/pleroma/disable_account", %{"password" => "test"})
- |> json_response(:ok)
+ |> post("/api/pleroma/disable_account?password=test")
+ |> json_response_and_validate_schema(:ok)
assert response == %{"status" => "success"}
ObanHelpers.perform_all()
user = User.get_cached_by_id(user.id)
- assert user.deactivated == true
+ refute user.is_active
end
test "with valid permissions and invalid password, it returns an error", %{conn: conn} do
@@ -172,13 +172,13 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
response =
conn
- |> post("/api/pleroma/disable_account", %{"password" => "test1"})
- |> json_response(:ok)
+ |> post("/api/pleroma/disable_account?password=test1")
+ |> json_response_and_validate_schema(:ok)
assert response == %{"error" => "Invalid password."}
user = User.get_cached_by_id(user.id)
- refute user.deactivated
+ assert user.is_active
end
end
@@ -253,54 +253,93 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
conn =
conn
|> assign(:token, nil)
- |> post("/api/pleroma/change_email")
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"})
- assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}
+ assert json_response_and_validate_schema(conn, 403) == %{
+ "error" => "Insufficient permissions: write:accounts."
+ }
end
test "with proper permissions and invalid password", %{conn: conn} do
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "hi",
- "email" => "test@test.com"
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"})
- assert json_response(conn, 200) == %{"error" => "Invalid password."}
+ assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."}
end
test "with proper permissions, valid password and invalid email", %{
conn: conn
} do
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "test",
- "email" => "foobar"
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test", email: "foobar"})
- assert json_response(conn, 200) == %{"error" => "Email has invalid format."}
+ assert json_response_and_validate_schema(conn, 200) == %{
+ "error" => "Email has invalid format."
+ }
end
test "with proper permissions, valid password and no email", %{
conn: conn
} do
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "test"
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test"})
- assert json_response(conn, 200) == %{"error" => "Email can't be blank."}
+ assert %{"error" => "Missing field: email."} = json_response_and_validate_schema(conn, 400)
end
- test "with proper permissions, valid password and blank email", %{
- conn: conn
- } do
+ test "with proper permissions, valid password and blank email, when instance requires user email",
+ %{
+ conn: conn
+ } do
+ orig_account_activation_required =
+ Pleroma.Config.get([:instance, :account_activation_required])
+
+ Pleroma.Config.put([:instance, :account_activation_required], true)
+
+ on_exit(fn ->
+ Pleroma.Config.put(
+ [:instance, :account_activation_required],
+ orig_account_activation_required
+ )
+ end)
+
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "test",
- "email" => ""
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test", email: ""})
- assert json_response(conn, 200) == %{"error" => "Email can't be blank."}
+ assert json_response_and_validate_schema(conn, 200) == %{"error" => "Email can't be blank."}
+ end
+
+ test "with proper permissions, valid password and blank email, when instance does not require user email",
+ %{
+ conn: conn
+ } do
+ orig_account_activation_required =
+ Pleroma.Config.get([:instance, :account_activation_required])
+
+ Pleroma.Config.put([:instance, :account_activation_required], false)
+
+ on_exit(fn ->
+ Pleroma.Config.put(
+ [:instance, :account_activation_required],
+ orig_account_activation_required
+ )
+ end)
+
+ conn =
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test", email: ""})
+
+ assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
end
test "with proper permissions, valid password and non unique email", %{
@@ -309,24 +348,24 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
user = insert(:user)
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "test",
- "email" => user.email
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test", email: user.email})
- assert json_response(conn, 200) == %{"error" => "Email has already been taken."}
+ assert json_response_and_validate_schema(conn, 200) == %{
+ "error" => "Email has already been taken."
+ }
end
test "with proper permissions, valid password and valid email", %{
conn: conn
} do
conn =
- post(conn, "/api/pleroma/change_email", %{
- "password" => "test",
- "email" => "cofe@foobar.com"
- })
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_email", %{password: "test", email: "cofe@foobar.com"})
- assert json_response(conn, 200) == %{"status" => "success"}
+ assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
end
end
@@ -337,20 +376,29 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
conn =
conn
|> assign(:token, nil)
- |> post("/api/pleroma/change_password")
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_password", %{
+ "password" => "hi",
+ "new_password" => "newpass",
+ "new_password_confirmation" => "newpass"
+ })
- assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}
+ assert json_response_and_validate_schema(conn, 403) == %{
+ "error" => "Insufficient permissions: write:accounts."
+ }
end
test "with proper permissions and invalid password", %{conn: conn} do
conn =
- post(conn, "/api/pleroma/change_password", %{
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_password", %{
"password" => "hi",
"new_password" => "newpass",
"new_password_confirmation" => "newpass"
})
- assert json_response(conn, 200) == %{"error" => "Invalid password."}
+ assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."}
end
test "with proper permissions, valid password and new password and confirmation not matching",
@@ -358,13 +406,15 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
conn: conn
} do
conn =
- post(conn, "/api/pleroma/change_password", %{
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_password", %{
"password" => "test",
"new_password" => "newpass",
"new_password_confirmation" => "notnewpass"
})
- assert json_response(conn, 200) == %{
+ assert json_response_and_validate_schema(conn, 200) == %{
"error" => "New password does not match confirmation."
}
end
@@ -373,13 +423,15 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
conn: conn
} do
conn =
- post(conn, "/api/pleroma/change_password", %{
- "password" => "test",
- "new_password" => "",
- "new_password_confirmation" => ""
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post("/api/pleroma/change_password", %{
+ password: "test",
+ new_password: "",
+ new_password_confirmation: ""
})
- assert json_response(conn, 200) == %{
+ assert json_response_and_validate_schema(conn, 200) == %{
"error" => "New password can't be blank."
}
end
@@ -389,15 +441,20 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
user: user
} do
conn =
- post(conn, "/api/pleroma/change_password", %{
- "password" => "test",
- "new_password" => "newpass",
- "new_password_confirmation" => "newpass"
- })
-
- assert json_response(conn, 200) == %{"status" => "success"}
+ conn
+ |> put_req_header("content-type", "multipart/form-data")
+ |> post(
+ "/api/pleroma/change_password",
+ %{
+ password: "test",
+ new_password: "newpass",
+ new_password_confirmation: "newpass"
+ }
+ )
+
+ assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
fetched_user = User.get_cached_by_id(user.id)
- assert Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true
+ assert Pleroma.Password.Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true
end
end
@@ -410,25 +467,50 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
|> assign(:token, nil)
|> post("/api/pleroma/delete_account")
- assert json_response(conn, 403) ==
+ assert json_response_and_validate_schema(conn, 403) ==
%{"error" => "Insufficient permissions: write:accounts."}
end
test "with proper permissions and wrong or missing password", %{conn: conn} do
for params <- [%{"password" => "hi"}, %{}] do
- ret_conn = post(conn, "/api/pleroma/delete_account", params)
+ ret_conn =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/pleroma/delete_account", params)
- assert json_response(ret_conn, 200) == %{"error" => "Invalid password."}
+ assert json_response_and_validate_schema(ret_conn, 200) == %{
+ "error" => "Invalid password."
+ }
end
end
- test "with proper permissions and valid password", %{conn: conn, user: user} do
- conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"})
+ test "with proper permissions and valid password (URL query)", %{conn: conn, user: user} do
+ conn =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/pleroma/delete_account?password=test")
+
+ ObanHelpers.perform_all()
+ assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
+
+ user = User.get_by_id(user.id)
+ refute user.is_active
+ assert user.name == nil
+ assert user.bio == ""
+ assert user.password_hash == nil
+ end
+
+ test "with proper permissions and valid password (JSON body)", %{conn: conn, user: user} do
+ conn =
+ conn
+ |> put_req_header("content-type", "application/json")
+ |> post("/api/pleroma/delete_account", %{password: "test"})
+
ObanHelpers.perform_all()
- assert json_response(conn, 200) == %{"status" => "success"}
+ assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
user = User.get_by_id(user.id)
- assert user.deactivated == true
+ refute user.is_active
assert user.name == nil
assert user.bio == ""
assert user.password_hash == nil