X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fweb%2Fmastodon_api%2Fcontrollers%2Faccount_controller_test.exs;h=341c9b0155af94909c34e5df342d736c8cb60873;hb=e105cc12b67e44eb4e19293b850731f300999a4f;hp=a450a732c8bcadf12116757318e0bb28196cf35d;hpb=648cc699e551324a067cd1b906df5f497ade5861;p=akkoma diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs index a450a732c..341c9b015 100644 --- a/test/web/mastodon_api/controllers/account_controller_test.exs +++ b/test/web/mastodon_api/controllers/account_controller_test.exs @@ -10,9 +10,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.InternalFetchActor + alias Pleroma.Web.ApiSpec alias Pleroma.Web.CommonAPI alias Pleroma.Web.OAuth.Token + import OpenApiSpex.TestAssertions import Pleroma.Factory describe "account fetching" do @@ -245,22 +247,23 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, activity} = CommonAPI.post(user_two, %{"status" => "User one sux0rz"}) {:ok, repeat, _} = CommonAPI.repeat(activity.id, user_three) - resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) assert id == activity.id # Even a blocked user will deliver the full user timeline, there would be # no point in looking at a blocked users timeline otherwise - resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + assert resp = get(conn, "/api/v1/accounts/#{user_two.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == activity.id + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # Third user's timeline includes the repeat when viewed by unauthenticated user - resp = get(build_conn(), "/api/v1/accounts/#{user_three.id}/statuses") - assert [%{"id" => id}] = json_response(resp, 200) + resp = get(build_conn(), "/api/v1/accounts/#{user_three.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == repeat.id + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) # When viewing a third user's timeline, the blocked users' statuses will NOT be shown resp = get(conn, "/api/v1/accounts/#{user_three.id}/statuses") @@ -286,30 +289,34 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, private_activity} = CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"}) - resp = get(conn, "/api/v1/accounts/#{user_one.id}/statuses") - - assert [%{"id" => id}] = json_response(resp, 200) + resp = get(conn, "/api/v1/accounts/#{user_one.id}/statuses") |> json_response(200) + assert [%{"id" => id}] = resp assert id == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_two) |> assign(:token, insert(:oauth_token, user: user_two, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response(200) - assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200) + assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(direct_activity.id) assert id_two == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) resp = conn |> assign(:user, user_three) |> assign(:token, insert(:oauth_token, user: user_three, scopes: ["read:statuses"])) |> get("/api/v1/accounts/#{user_one.id}/statuses") + |> json_response(200) - assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200) + assert [%{"id" => id_one}, %{"id" => id_two}] = resp assert id_one == to_string(private_activity.id) assert id_two == to_string(activity.id) + assert_schema(resp, "StatusesResponse", ApiSpec.spec()) end test "unimplemented pinned statuses feature", %{conn: conn} do @@ -335,40 +342,45 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, image_post} = CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media_id]}) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "true"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?only_media=true") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(image_post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) - conn = get(build_conn(), "/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "1"}) + conn = get(build_conn(), "/api/v1/accounts/#{user.id}/statuses?only_media=1") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(image_post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "gets a user's statuses without reblogs", %{user: user, conn: conn} do {:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"}) {:ok, _, _} = CommonAPI.repeat(post.id, user) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=true") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_reblogs=1") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "filters user's statuses by a hashtag", %{user: user, conn: conn} do {:ok, post} = CommonAPI.post(user, %{"status" => "#hashtag"}) {:ok, _post} = CommonAPI.post(user, %{"status" => "hashtag"}) - conn = get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"tagged" => "hashtag"}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?tagged=hashtag") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(post.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end test "the user views their own timelines and excludes direct messages", %{ @@ -378,11 +390,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) {:ok, _direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) - conn = - get(conn, "/api/v1/accounts/#{user.id}/statuses", %{"exclude_visibilities" => ["direct"]}) + conn = get(conn, "/api/v1/accounts/#{user.id}/statuses?exclude_visibilities[]=direct") assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(public_activity.id) + assert_schema(json_response(conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -420,9 +432,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -441,6 +455,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end test "if user is authenticated", %{local: local, remote: remote} do @@ -448,9 +463,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -463,6 +480,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") @@ -476,9 +494,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses") assert length(json_response(res_conn, 200)) == 1 + assert_schema(json_response(res_conn, 200), "StatusesResponse", ApiSpec.spec()) end end @@ -493,6 +513,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(user.id) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting followers, hide_followers", %{user: user, conn: conn} do @@ -516,6 +537,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/#{other_user.id}/followers") refute [] == json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting followers, pagination", %{user: user, conn: conn} do @@ -531,6 +553,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) assert id3 == follower3.id assert id2 == follower2.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/followers?max_id=#{follower3.id}") @@ -546,6 +569,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [link_header] = get_resp_header(res_conn, "link") assert link_header =~ ~r/min_id=#{follower2.id}/ assert link_header =~ ~r/max_id=#{follower2.id}/ + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) end end @@ -560,6 +584,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id}] = json_response(conn, 200) assert id == to_string(other_user.id) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting following, hide_follows, other user requesting" do @@ -574,6 +599,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do |> get("/api/v1/accounts/#{user.id}/following") assert [] == json_response(conn, 200) + assert_schema(json_response(conn, 200), "AccountsResponse", ApiSpec.spec()) end test "getting following, hide_follows, same user requesting" do @@ -603,12 +629,14 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [%{"id" => id3}, %{"id" => id2}] = json_response(res_conn, 200) assert id3 == following3.id assert id2 == following2.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?max_id=#{following3.id}") assert [%{"id" => id2}, %{"id" => id1}] = json_response(res_conn, 200) assert id2 == following2.id assert id1 == following1.id + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) res_conn = get(conn, "/api/v1/accounts/#{user.id}/following?limit=1&max_id=#{following3.id}") @@ -619,6 +647,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do assert [link_header] = get_resp_header(res_conn, "link") assert link_header =~ ~r/min_id=#{following2.id}/ assert link_header =~ ~r/max_id=#{following2.id}/ + assert_schema(json_response(res_conn, 200), "AccountsResponse", ApiSpec.spec()) end end @@ -830,6 +859,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn = build_conn() + |> put_req_header("content-type", "multipart/form-data") |> put_req_header("authorization", "Bearer " <> token) |> post("/api/v1/accounts", %{ username: "lain", @@ -858,11 +888,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do _user = insert(:user, email: "lain@example.org") app_token = insert(:oauth_token, user: nil) - conn = + res = conn |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") + |> post("/api/v1/accounts", valid_params) - res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 400) == %{"error" => "{\"email\":[\"has already been taken\"]}"} end @@ -872,7 +903,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do } do app_token = insert(:oauth_token, user: nil) - conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 200) @@ -897,7 +931,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do Pleroma.Config.put([:instance, :account_activation_required], true) app_token = insert(:oauth_token, user: nil) - conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token) + + conn = + conn + |> put_req_header("authorization", "Bearer " <> app_token.token) + |> put_req_header("content-type", "application/json") res = conn @@ -920,6 +958,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res = conn + |> put_req_header("content-type", "application/json") |> Map.put(:remote_ip, {127, 0, 0, 7}) |> post("/api/v1/accounts", Map.delete(valid_params, :email)) @@ -932,6 +971,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do res = conn + |> put_req_header("content-type", "application/json") |> Map.put(:remote_ip, {127, 0, 0, 8}) |> post("/api/v1/accounts", Map.put(valid_params, :email, "")) @@ -939,9 +979,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do end test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do - conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token") + res = + conn + |> put_req_header("authorization", "Bearer " <> "invalid-token") + |> put_req_header("content-type", "multipart/form-data") + |> post("/api/v1/accounts", valid_params) - res = post(conn, "/api/v1/accounts", valid_params) assert json_response(res, 403) == %{"error" => "Invalid credentials"} end end @@ -956,10 +999,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do conn |> put_req_header("authorization", "Bearer " <> app_token.token) |> Map.put(:remote_ip, {15, 15, 15, 15}) + |> put_req_header("content-type", "multipart/form-data") for i <- 1..2 do conn = - post(conn, "/api/v1/accounts", %{ + conn + |> post("/api/v1/accounts", %{ username: "#{i}lain", email: "#{i}lain@example.org", password: "PlzDontHackLain", @@ -1046,14 +1091,18 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do setup do: oauth_access(["read:follows"]) test "returns the relationships for the current user", %{user: user, conn: conn} do - other_user = insert(:user) + %{id: other_user_id} = other_user = insert(:user) {:ok, _user} = User.follow(user, other_user) - conn = get(conn, "/api/v1/accounts/relationships", %{"id" => [other_user.id]}) - - assert [relationship] = json_response(conn, 200) + assert [%{"id" => ^other_user_id}] = + conn + |> get("/api/v1/accounts/relationships?id=#{other_user.id}") + |> json_response(200) - assert to_string(other_user.id) == relationship["id"] + assert [%{"id" => ^other_user_id}] = + conn + |> get("/api/v1/accounts/relationships?id[]=#{other_user.id}") + |> json_response(200) end test "returns an empty list on a bad request", %{conn: conn} do