X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fweb%2Fmastodon_api%2Fcontrollers%2Ftimeline_controller_test.exs;h=6fedb4223d8963bbeb7b4251820e8b4f2960caf2;hb=7f9b5284fa7dd1d9100de730a6fe0c93739d1b30;hp=bb94d8e5ab8564dd25d950dd9a67d0646572a2f7;hpb=badd0a96eaa9ff8fca7d25eccd05e8428e132699;p=akkoma

diff --git a/test/web/mastodon_api/controllers/timeline_controller_test.exs b/test/web/mastodon_api/controllers/timeline_controller_test.exs
index bb94d8e5a..6fedb4223 100644
--- a/test/web/mastodon_api/controllers/timeline_controller_test.exs
+++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright Â© 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright Â© 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
@@ -12,8 +12,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
   alias Pleroma.User
   alias Pleroma.Web.CommonAPI
 
-  clear_config([:instance, :public])
-
   setup do
     mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
     :ok
@@ -80,15 +78,6 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
       assert [%{"content" => "test"}] = json_response(conn, :ok)
     end
 
-    test "the public timeline when public is set to false", %{conn: conn} do
-      Config.put([:instance, :public], false)
-
-      assert %{"error" => "This resource requires authentication."} ==
-               conn
-               |> get("/api/v1/timelines/public", %{"local" => "False"})
-               |> json_response(:forbidden)
-    end
-
     test "the public timeline includes only public statuses for an authenticated user" do
       %{user: user, conn: conn} = oauth_access(["read:statuses"])
 
@@ -102,6 +91,98 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
     end
   end
 
+  defp local_and_remote_activities do
+    insert(:note_activity)
+    insert(:note_activity, local: false)
+    :ok
+  end
+
+  describe "public with restrict unauthenticated timeline for local and federated timelines" do
+    setup do: local_and_remote_activities()
+
+    setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true)
+
+    setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true)
+
+    test "if user is unauthenticated", %{conn: conn} do
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+
+      assert json_response(res_conn, :unauthorized) == %{
+               "error" => "authorization required for timeline view"
+             }
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+
+      assert json_response(res_conn, :unauthorized) == %{
+               "error" => "authorization required for timeline view"
+             }
+    end
+
+    test "if user is authenticated" do
+      %{conn: conn} = oauth_access(["read:statuses"])
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+      assert length(json_response(res_conn, 200)) == 1
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+      assert length(json_response(res_conn, 200)) == 2
+    end
+  end
+
+  describe "public with restrict unauthenticated timeline for local" do
+    setup do: local_and_remote_activities()
+
+    setup do: clear_config([:restrict_unauthenticated, :timelines, :local], true)
+
+    test "if user is unauthenticated", %{conn: conn} do
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+
+      assert json_response(res_conn, :unauthorized) == %{
+               "error" => "authorization required for timeline view"
+             }
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+      assert length(json_response(res_conn, 200)) == 2
+    end
+
+    test "if user is authenticated", %{conn: _conn} do
+      %{conn: conn} = oauth_access(["read:statuses"])
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+      assert length(json_response(res_conn, 200)) == 1
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+      assert length(json_response(res_conn, 200)) == 2
+    end
+  end
+
+  describe "public with restrict unauthenticated timeline for remote" do
+    setup do: local_and_remote_activities()
+
+    setup do: clear_config([:restrict_unauthenticated, :timelines, :federated], true)
+
+    test "if user is unauthenticated", %{conn: conn} do
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+      assert length(json_response(res_conn, 200)) == 1
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+
+      assert json_response(res_conn, :unauthorized) == %{
+               "error" => "authorization required for timeline view"
+             }
+    end
+
+    test "if user is authenticated", %{conn: _conn} do
+      %{conn: conn} = oauth_access(["read:statuses"])
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "true"})
+      assert length(json_response(res_conn, 200)) == 1
+
+      res_conn = get(conn, "/api/v1/timelines/public", %{"local" => "false"})
+      assert length(json_response(res_conn, 200)) == 2
+    end
+  end
+
   describe "direct" do
     test "direct timeline", %{conn: conn} do
       user_one = insert(:user)