git.squeep.com Git - akkoma/blob - test/pleroma/object/fetcher_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Object.FetcherTest do
   6   use Pleroma.DataCase
   7
   8   alias Pleroma.Activity
   9   alias Pleroma.Object
  10   alias Pleroma.Object.Fetcher
  11
  12   import Mock
  13   import Tesla.Mock
  14
  15   setup do
  16     mock(fn
  17       %{method: :get, url: "https://mastodon.example.org/users/userisgone"} ->
  18         %Tesla.Env{status: 410}
  19
  20       %{method: :get, url: "https://mastodon.example.org/users/userisgone404"} ->
  21         %Tesla.Env{status: 404}
  22
  23       %{
  24         method: :get,
  25         url:
  26           "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
  27       } ->
  28         %Tesla.Env{
  29           status: 200,
  30           headers: [{"content-type", "application/json"}],
  31           body: File.read!("test/fixtures/spoofed-object.json")
  32         }
  33
  34       env ->
  35         apply(HttpRequestMock, :request, [env])
  36     end)
  37
  38     :ok
  39   end
  40
  41   describe "error cases" do
  42     setup do
  43       mock(fn
  44         %{method: :get, url: "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"} ->
  45           %Tesla.Env{
  46             status: 200,
  47             body: File.read!("test/fixtures/fetch_mocks/9wTkLEnuq47B25EehM.json"),
  48             headers: HttpRequestMock.activitypub_object_headers()
  49           }
  50
  51         %{method: :get, url: "https://social.sakamoto.gq/users/eal"} ->
  52           %Tesla.Env{
  53             status: 200,
  54             body: File.read!("test/fixtures/fetch_mocks/eal.json"),
  55             headers: HttpRequestMock.activitypub_object_headers()
  56           }
  57
  58         %{method: :get, url: "https://busshi.moe/users/tuxcrafting/statuses/104410921027210069"} ->
  59           %Tesla.Env{
  60             status: 200,
  61             body: File.read!("test/fixtures/fetch_mocks/104410921027210069.json"),
  62             headers: HttpRequestMock.activitypub_object_headers()
  63           }
  64
  65         %{method: :get, url: "https://busshi.moe/users/tuxcrafting"} ->
  66           %Tesla.Env{
  67             status: 500
  68           }
  69       end)
  70
  71       :ok
  72     end
  73
  74     @tag capture_log: true
  75     test "it works when fetching the OP actor errors out" do
  76       # Here we simulate a case where the author of the OP can't be read
  77       assert {:ok, _} =
  78                Fetcher.fetch_object_from_id(
  79                  "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"
  80                )
  81     end
  82   end
  83
  84   describe "max thread distance restriction" do
  85     @ap_id "http://mastodon.example.org/@admin/99541947525187367"
  86     setup do: clear_config([:instance, :federation_incoming_replies_max_depth])
  87
  88     test "it returns thread depth exceeded error if thread depth is exceeded" do
  89       clear_config([:instance, :federation_incoming_replies_max_depth], 0)
  90
  91       assert {:error, "Max thread distance exceeded."} =
  92                Fetcher.fetch_object_from_id(@ap_id, depth: 1)
  93     end
  94
  95     test "it fetches object if max thread depth is restricted to 0 and depth is not specified" do
  96       clear_config([:instance, :federation_incoming_replies_max_depth], 0)
  97
  98       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id)
  99     end
 100
 101     test "it fetches object if requested depth does not exceed max thread depth" do
 102       clear_config([:instance, :federation_incoming_replies_max_depth], 10)
 103
 104       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id, depth: 10)
 105     end
 106   end
 107
 108   describe "actor origin containment" do
 109     test "it rejects objects with a bogus origin" do
 110       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity.json")
 111     end
 112
 113     test "it rejects objects when attributedTo is wrong (variant 1)" do
 114       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity2.json")
 115     end
 116
 117     test "it rejects objects when attributedTo is wrong (variant 2)" do
 118       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity3.json")
 119     end
 120   end
 121
 122   describe "fetching an object" do
 123     test "it fetches an object" do
 124       {:ok, object} =
 125         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 126
 127       assert activity = Activity.get_create_by_object_ap_id(object.data["id"])
 128       assert activity.data["id"]
 129
 130       {:ok, object_again} =
 131         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 132
 133       assert [attachment] = object.data["attachment"]
 134       assert is_list(attachment["url"])
 135
 136       assert object == object_again
 137     end
 138
 139     test "Return MRF reason when fetched status is rejected by one" do
 140       clear_config([:mrf_keyword, :reject], ["yeah"])
 141       clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
 142
 143       assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} ==
 144                Fetcher.fetch_object_from_id(
 145                  "http://mastodon.example.org/@admin/99541947525187367"
 146                )
 147     end
 148
 149     test "it does not fetch a spoofed object uploaded on an instance as an attachment" do
 150       assert {:error, _} =
 151                Fetcher.fetch_object_from_id(
 152                  "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
 153                )
 154     end
 155   end
 156
 157   describe "implementation quirks" do
 158     test "it can fetch plume articles" do
 159       {:ok, object} =
 160         Fetcher.fetch_object_from_id(
 161           "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"
 162         )
 163
 164       assert object
 165     end
 166
 167     test "it can fetch peertube videos" do
 168       {:ok, object} =
 169         Fetcher.fetch_object_from_id(
 170           "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
 171         )
 172
 173       assert object
 174     end
 175
 176     test "it can fetch Mobilizon events" do
 177       {:ok, object} =
 178         Fetcher.fetch_object_from_id(
 179           "https://mobilizon.org/events/252d5816-00a3-4a89-a66f-15bf65c33e39"
 180         )
 181
 182       assert object
 183     end
 184
 185     test "it can fetch wedistribute articles" do
 186       {:ok, object} =
 187         Fetcher.fetch_object_from_id("https://wedistribute.org/wp-json/pterotype/v1/object/85810")
 188
 189       assert object
 190     end
 191
 192     test "all objects with fake directions are rejected by the object fetcher" do
 193       assert {:error, _} =
 194                Fetcher.fetch_and_contain_remote_object_from_id(
 195                  "https://info.pleroma.site/activity4.json"
 196                )
 197     end
 198
 199     test "handle HTTP 410 Gone response" do
 200       assert {:error, "Object has been deleted"} ==
 201                Fetcher.fetch_and_contain_remote_object_from_id(
 202                  "https://mastodon.example.org/users/userisgone"
 203                )
 204     end
 205
 206     test "handle HTTP 404 response" do
 207       assert {:error, "Object has been deleted"} ==
 208                Fetcher.fetch_and_contain_remote_object_from_id(
 209                  "https://mastodon.example.org/users/userisgone404"
 210                )
 211     end
 212
 213     test "it can fetch pleroma polls with attachments" do
 214       {:ok, object} =
 215         Fetcher.fetch_object_from_id("https://patch.cx/objects/tesla_mock/poll_attachment")
 216
 217       assert object
 218     end
 219   end
 220
 221   describe "pruning" do
 222     test "it can refetch pruned objects" do
 223       object_id = "http://mastodon.example.org/@admin/99541947525187367"
 224
 225       {:ok, object} = Fetcher.fetch_object_from_id(object_id)
 226
 227       assert object
 228
 229       {:ok, _object} = Object.prune(object)
 230
 231       refute Object.get_by_ap_id(object_id)
 232
 233       {:ok, %Object{} = object_two} = Fetcher.fetch_object_from_id(object_id)
 234
 235       assert object.data["id"] == object_two.data["id"]
 236       assert object.id != object_two.id
 237     end
 238   end
 239
 240   describe "signed fetches" do
 241     setup do: clear_config([:activitypub, :sign_object_fetches])
 242
 243     test_with_mock "it signs fetches when configured to do so",
 244                    Pleroma.Signature,
 245                    [:passthrough],
 246                    [] do
 247       clear_config([:activitypub, :sign_object_fetches], true)
 248
 249       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 250
 251       assert called(Pleroma.Signature.sign(:_, :_))
 252     end
 253
 254     test_with_mock "it doesn't sign fetches when not configured to do so",
 255                    Pleroma.Signature,
 256                    [:passthrough],
 257                    [] do
 258       clear_config([:activitypub, :sign_object_fetches], false)
 259
 260       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 261
 262       refute called(Pleroma.Signature.sign(:_, :_))
 263     end
 264   end
 265 end