X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fweb%2Fmastodon_api%2Fcontrollers%2Faccount_controller_test.exs;h=1ce97378d18fabe0f7a106503839d9f156c580e5;hb=954acdda2072cac343409b3d17d831b86ac6a18c;hp=ba70ba66c95998c6965710c46de456ab1b15a210;hpb=908cf22a6cb07044eb0fb44c9673c8adcf22c0db;p=akkoma diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index ba70ba66c..1ce97378d 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -222,14 +222,41 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "user timelines" do setup do: oauth_access(["read:statuses"]) + test "works with announces that are just addressed to public", %{conn: conn} do + user = insert(:user, ap_id: "https://honktest/u/test", local: false) + other_user = insert(:user) + + {:ok, post} = CommonAPI.post(other_user, %{status: "bonkeronk"}) + + {:ok, announce, _} = + %{ + "@context" => "https://www.w3.org/ns/activitystreams", + "actor" => "https://honktest/u/test", + "id" => "https://honktest/u/test/bonk/1793M7B9MQ48847vdx", + "object" => post.data["object"], + "published" => "2019-06-25T19:33:58Z", + "to" => ["https://www.w3.org/ns/activitystreams#Public"], + "type" => "Announce" + } + |> ActivityPub.persist(local: false) + + assert resp = + conn + |> get("/api/v1/accounts/#{user.id}/statuses") + |> json_response_and_validate_schema(200) + + assert [%{"id" => id}] = resp + assert id == announce.id + end + test "respects blocks", %{user: user_one, conn: conn} do user_two = insert(:user) user_three = insert(:user) User.block(user_one, user_two) - {:ok, activity} = CommonAPI.post(user_two, %{"status" => "User one sux0rz"}) - {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) + {:ok, activity} = CommonAPI.post(user_two, %{status: "User one sux0rz"}) + {:ok, repeat} = CommonAPI.repeat(activity.id, user_three) assert resp = conn @@ -271,16 +298,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, _user_three} = User.follow(user_three, user_one) - {:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"}) + {:ok, activity} = CommonAPI.post(user_one, %{status: "HI!!!"}) {:ok, direct_activity} = CommonAPI.post(user_one, %{ - "status" => "Hi, @#{user_two.nickname}.", - "visibility" => "direct" + status: "Hi, @#{user_two.nickname}.", + visibility: "direct" }) {:ok, private_activity} = - CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"}) + CommonAPI.post(user_one, %{status: "private", visibility: "private"}) # TODO!!! resp = @@ -335,8 +362,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, %{id: media_id}} = ActivityPub.upload(file, actor: user.ap_id) - {:ok, %{id: image_post_id}} = - CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) + {:ok, %{id: image_post_id}} = CommonAPI.post(user, %{status: "cofe", media_ids: [media_id]}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") @@ -348,8 +374,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "gets a user's statuses without reblogs", %{user: user, conn: conn} do - {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "HI!!!"}) - {:ok, _, _} = CommonAPI.repeat(post_id, user) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{status: "HI!!!"}) + {:ok, _} = CommonAPI.repeat(post_id, user) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) @@ -359,8 +385,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "filters user's statuses by a hashtag", %{user: user, conn: conn} do - {:ok, %{id: post_id}} = CommonAPI.post(user, %{"status" => "#hashtag"}) - {:ok, _post} = CommonAPI.post(user, %{"status" => "hashtag"}) + {:ok, %{id: post_id}} = CommonAPI.post(user, %{status: "#hashtag"}) + {:ok, _post} = CommonAPI.post(user, %{status: "hashtag"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?tagged=hashtag") assert [%{"id" => ^post_id}] = json_response_and_validate_schema(conn, 200) @@ -371,9 +397,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn: conn } do {:ok, %{id: public_activity_id}} = - CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) + CommonAPI.post(user, %{status: ".", visibility: "public"}) - {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) + {:ok, _direct_activity} = CommonAPI.post(user, %{status: ".", visibility: "direct"}) conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_visibilities[]=direct") assert [%{"id" => ^public_activity_id}] = json_response_and_validate_schema(conn, 200) @@ -651,8 +677,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert %{"showing_reblogs" => false} = json_response_and_validate_schema(ret_conn, 200) - {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hey"}) - {:ok, %{id: reblog_id}, _} = CommonAPI.repeat(activity.id, followed) + {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"}) + {:ok, %{id: reblog_id}} = CommonAPI.repeat(activity.id, followed) assert [] == conn @@ -750,7 +776,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "pinned statuses" do setup do user = insert(:user) - {:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"}) + {:ok, activity} = CommonAPI.post(user, %{status: "HI!!!"}) %{conn: conn} = oauth_access(["read:statuses"], user: user) [conn: conn, user: user, activity: activity] @@ -925,7 +951,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> Map.put(:remote_ip, {127, 0, 0, 5}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) - assert json_response_and_validate_schema(res, 400) == %{"error" => "Missing parameters"} + assert json_response_and_validate_schema(res, 400) == + %{"error" => "Missing parameter: email"} res = conn @@ -1093,6 +1120,91 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end end + describe "create account with enabled captcha" do + setup %{conn: conn} do + app_token = insert(:oauth_token, user: nil) + + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "multipart/form-data") + + [conn: conn] + end + + setup do: clear_config([Pleroma.Captcha, :enabled], true) + + test "creates an account and returns 200 if captcha is valid", %{conn: conn} do + %{token: token, answer_data: answer_data} = Pleroma.Captcha.new() + + params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: Pleroma.Captcha.Mock.solution(), + captcha_token: token, + captcha_answer_data: answer_data + } + + assert %{ + "access_token" => access_token, + "created_at" => _, + "scope" => ["read"], + "token_type" => "Bearer" + } = + conn + |> post("/api/v1/accounts", params) + |> json_response_and_validate_schema(:ok) + + assert Token |> Repo.get_by(token: access_token) |> Repo.preload(:user) |> Map.get(:user) + + Cachex.del(:used_captcha_cache, token) + end + + test "returns 400 if any captcha field is not provided", %{conn: conn} do + captcha_fields = [:captcha_solution, :captcha_token, :captcha_answer_data] + + valid_params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: "xx", + captcha_token: "xx", + captcha_answer_data: "xx" + } + + for field <- captcha_fields do + expected = %{ + "error" => "{\"captcha\":[\"Invalid CAPTCHA (Missing parameter: #{field})\"]}" + } + + assert expected == + conn + |> post("/api/v1/accounts", Map.delete(valid_params, field)) + |> json_response_and_validate_schema(:bad_request) + end + end + + test "returns an error if captcha is invalid", %{conn: conn} do + params = %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true, + captcha_solution: "cofe", + captcha_token: "cofe", + captcha_answer_data: "cofe" + } + + assert %{"error" => "{\"captcha\":[\"Invalid answer data\"]}"} == + conn + |> post("/api/v1/accounts", params) + |> json_response_and_validate_schema(:bad_request) + end + end + describe "GET /api/v1/accounts/:id/lists - account_lists" do test "returns lists to which the account belongs" do %{user: user, conn: conn} = oauth_access(["read:lists"]) @@ -1110,12 +1222,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do describe "verify_credentials" do test "verify_credentials" do %{user: user, conn: conn} = oauth_access(["read:accounts"]) + [notification | _] = insert_list(7, :notification, user: user) + Pleroma.Notification.set_read_up_to(user, notification.id) conn = get(conn, "/api/v1/accounts/verify_credentials") response = json_response_and_validate_schema(conn, 200) assert %{"id" => id, "source" => %{"privacy" => "public"}} = response assert response["pleroma"]["chat_token"] + assert response["pleroma"]["unread_notifications_count"] == 6 assert id == to_string(user.id) end