X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fweb%2Fmastodon_api%2Fcontrollers%2Fstatus_controller_test.exs;h=d59974d50bf479dc236ac2a0d954e917a36b6a86;hb=a43e05591639132ce121d2e14258944a53004438;hp=b03b4b344904ab42904052b47eef3ebd590996ca;hpb=00d08c9231abfebc872b669cd8b1f7a02cbb0175;p=akkoma
diff --git a/test/web/mastodon_api/controllers/status_controller_test.exs b/test/web/mastodon_api/controllers/status_controller_test.exs
index b03b4b344..d59974d50 100644
--- a/test/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/web/mastodon_api/controllers/status_controller_test.exs
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
@@ -19,8 +19,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
import Pleroma.Factory
- clear_config([:instance, :federating])
- clear_config([:instance, :allow_relay])
+ setup do: clear_config([:instance, :federating])
+ setup do: clear_config([:instance, :allow_relay])
+ setup do: clear_config([:rich_media, :enabled])
describe "posting statuses" do
setup do: oauth_access(["write:statuses"])
@@ -121,6 +122,32 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
NaiveDateTime.to_iso8601(expiration.scheduled_at)
end
+ test "it fails to create a status if `expires_in` is less or equal than an hour", %{
+ conn: conn
+ } do
+ # 1 hour
+ expires_in = 60 * 60
+
+ assert %{"error" => "Expiry date is too soon"} =
+ conn
+ |> post("api/v1/statuses", %{
+ "status" => "oolong",
+ "expires_in" => expires_in
+ })
+ |> json_response(422)
+
+ # 30 minutes
+ expires_in = 30 * 60
+
+ assert %{"error" => "Expiry date is too soon"} =
+ conn
+ |> post("api/v1/statuses", %{
+ "status" => "oolong",
+ "expires_in" => expires_in
+ })
+ |> json_response(422)
+ end
+
test "posting an undefined status with an attachment", %{user: user, conn: conn} do
file = %Plug.Upload{
content_type: "image/jpg",
@@ -370,6 +397,11 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert NaiveDateTime.diff(NaiveDateTime.from_iso8601!(response["poll"]["expires_at"]), time) in 420..430
refute response["poll"]["expred"]
+
+ question = Object.get_by_id(response["poll"]["id"])
+
+ # closed contains utc timezone
+ assert question.data["closed"] =~ "Z"
end
test "option limit is enforced", %{conn: conn} do
@@ -444,6 +476,104 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert id == to_string(activity.id)
end
+ defp local_and_remote_activities do
+ local = insert(:note_activity)
+ remote = insert(:note_activity, local: false)
+ {:ok, local: local, remote: remote}
+ end
+
+ describe "status with restrict unauthenticated activities for local and remote" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
+ describe "status with restrict unauthenticated activities for local" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
+ describe "status with restrict unauthenticated activities for remote" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+
+ assert json_response(res_conn, :not_found) == %{
+ "error" => "Record not found"
+ }
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+ res_conn = get(conn, "/api/v1/statuses/#{local.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+
+ res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
+ assert %{"id" => _} = json_response(res_conn, 200)
+ end
+ end
+
+ test "getting a status that doesn't exist returns 404" do
+ %{conn: conn} = oauth_access(["read:statuses"])
+ activity = insert(:note_activity)
+
+ conn = get(conn, "/api/v1/statuses/#{String.downcase(activity.id)}")
+
+ assert json_response(conn, 404) == %{"error" => "Record not found"}
+ end
+
test "get a direct status" do
%{user: user, conn: conn} = oauth_access(["read:statuses"])
other_user = insert(:user)
@@ -473,6 +603,70 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert [%{"id" => ^id1}, %{"id" => ^id2}] = Enum.sort_by(json_response(conn, :ok), & &1["id"])
end
+ describe "getting statuses by ids with restricted unauthenticated for local and remote" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert json_response(res_conn, 200) == []
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "getting statuses by ids with restricted unauthenticated for local" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ remote_id = remote.id
+ assert [%{"id" => ^remote_id}] = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
+ describe "getting statuses by ids with restricted unauthenticated for remote" do
+ setup do: local_and_remote_activities()
+
+ setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
+
+ test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ local_id = local.id
+ assert [%{"id" => ^local_id}] = json_response(res_conn, 200)
+ end
+
+ test "if user is authenticated", %{local: local, remote: remote} do
+ %{conn: conn} = oauth_access(["read"])
+
+ res_conn = get(conn, "/api/v1/statuses", %{ids: [local.id, remote.id]})
+
+ assert length(json_response(res_conn, 200)) == 2
+ end
+ end
+
describe "deleting a status" do
test "when you created it" do
%{user: author, conn: conn} = oauth_access(["write:statuses"])
@@ -488,6 +682,18 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
refute Activity.get_by_id(activity.id)
end
+ test "when it doesn't exist" do
+ %{user: author, conn: conn} = oauth_access(["write:statuses"])
+ activity = insert(:note_activity, user: author)
+
+ conn =
+ conn
+ |> assign(:user, author)
+ |> delete("/api/v1/statuses/#{String.downcase(activity.id)}")
+
+ assert %{"error" => "Record not found"} == json_response(conn, 404)
+ end
+
test "when you didn't create it" do
%{conn: conn} = oauth_access(["write:statuses"])
activity = insert(:note_activity)
@@ -542,6 +748,14 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert to_string(activity.id) == id
end
+ test "returns 404 if the reblogged status doesn't exist", %{conn: conn} do
+ activity = insert(:note_activity)
+
+ conn = post(conn, "/api/v1/statuses/#{String.downcase(activity.id)}/reblog")
+
+ assert %{"error" => "Record not found"} = json_response(conn, 404)
+ end
+
test "reblogs privately and returns the reblogged status", %{conn: conn} do
activity = insert(:note_activity)
@@ -594,12 +808,6 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert to_string(activity.id) == id
end
-
- test "returns 400 error when activity is not exist", %{conn: conn} do
- conn = post(conn, "/api/v1/statuses/foo/reblog")
-
- assert json_response(conn, 400) == %{"error" => "Could not repeat"}
- end
end
describe "unreblogging" do
@@ -617,10 +825,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert to_string(activity.id) == id
end
- test "returns 400 error when activity is not exist", %{conn: conn} do
+ test "returns 404 error when activity does not exist", %{conn: conn} do
conn = post(conn, "/api/v1/statuses/foo/unreblog")
- assert json_response(conn, 400) == %{"error" => "Could not unrepeat"}
+ assert json_response(conn, 404) == %{"error" => "Record not found"}
end
end
@@ -645,10 +853,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert post(conn, "/api/v1/statuses/#{activity.id}/favourite") |> json_response(200)
end
- test "returns 400 error for a wrong id", %{conn: conn} do
+ test "returns 404 error for a wrong id", %{conn: conn} do
conn = post(conn, "/api/v1/statuses/1/favourite")
- assert json_response(conn, 400) == %{"error" => "Could not favorite"}
+ assert json_response(conn, 404) == %{"error" => "Record not found"}
end
end
@@ -668,10 +876,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert to_string(activity.id) == id
end
- test "returns 400 error for a wrong id", %{conn: conn} do
+ test "returns 404 error for a wrong id", %{conn: conn} do
conn = post(conn, "/api/v1/statuses/1/unfavourite")
- assert json_response(conn, 400) == %{"error" => "Could not unfavorite"}
+ assert json_response(conn, 404) == %{"error" => "Record not found"}
end
end
@@ -684,9 +892,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
%{activity: activity}
end
- clear_config([:instance, :max_pinned_statuses]) do
- Config.put([:instance, :max_pinned_statuses], 1)
- end
+ setup do: clear_config([:instance, :max_pinned_statuses], 1)
test "pin status", %{conn: conn, user: user, activity: activity} do
id_str = to_string(activity.id)
@@ -1223,4 +1429,23 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
assert [] = json_response(third_conn, 200)
end
+
+ test "expires_at is nil for another user" do
+ %{conn: conn, user: user} = oauth_access(["read:statuses"])
+ {:ok, activity} = CommonAPI.post(user, %{"status" => "foobar", "expires_in" => 1_000_000})
+
+ expires_at =
+ activity.id
+ |> ActivityExpiration.get_by_activity_id()
+ |> Map.get(:scheduled_at)
+ |> NaiveDateTime.to_iso8601()
+
+ assert %{"pleroma" => %{"expires_at" => ^expires_at}} =
+ conn |> get("/api/v1/statuses/#{activity.id}") |> json_response(:ok)
+
+ %{conn: conn} = oauth_access(["read:statuses"])
+
+ assert %{"pleroma" => %{"expires_at" => nil}} =
+ conn |> get("/api/v1/statuses/#{activity.id}") |> json_response(:ok)
+ end
end