git.squeep.com Git - akkoma/blob - test/pleroma/object/fetcher_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Object.FetcherTest do
   6   use Pleroma.DataCase
   7
   8   alias Pleroma.Activity
   9   alias Pleroma.Object
  10   alias Pleroma.Object.Fetcher
  11
  12   import Mock
  13   import Tesla.Mock
  14
  15   setup do
  16     mock(fn
  17       %{method: :get, url: "https://mastodon.example.org/users/userisgone"} ->
  18         %Tesla.Env{status: 410}
  19
  20       %{method: :get, url: "https://mastodon.example.org/users/userisgone404"} ->
  21         %Tesla.Env{status: 404}
  22
  23       %{
  24         method: :get,
  25         url:
  26           "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
  27       } ->
  28         %Tesla.Env{
  29           status: 200,
  30           headers: [{"content-type", "application/json"}],
  31           body: File.read!("test/fixtures/spoofed-object.json")
  32         }
  33
  34       env ->
  35         apply(HttpRequestMock, :request, [env])
  36     end)
  37
  38     :ok
  39   end
  40
  41   describe "error cases" do
  42     setup do
  43       mock(fn
  44         %{method: :get, url: "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"} ->
  45           %Tesla.Env{
  46             status: 200,
  47             body: File.read!("test/fixtures/fetch_mocks/9wTkLEnuq47B25EehM.json"),
  48             headers: HttpRequestMock.activitypub_object_headers()
  49           }
  50
  51         %{method: :get, url: "https://social.sakamoto.gq/users/eal"} ->
  52           %Tesla.Env{
  53             status: 200,
  54             body: File.read!("test/fixtures/fetch_mocks/eal.json"),
  55             headers: HttpRequestMock.activitypub_object_headers()
  56           }
  57
  58         %{method: :get, url: "https://busshi.moe/users/tuxcrafting/statuses/104410921027210069"} ->
  59           %Tesla.Env{
  60             status: 200,
  61             body: File.read!("test/fixtures/fetch_mocks/104410921027210069.json"),
  62             headers: HttpRequestMock.activitypub_object_headers()
  63           }
  64
  65         %{method: :get, url: "https://busshi.moe/users/tuxcrafting"} ->
  66           %Tesla.Env{
  67             status: 500
  68           }
  69
  70         %{
  71           method: :get,
  72           url: "https://stereophonic.space/objects/02997b83-3ea7-4b63-94af-ef3aa2d4ed17"
  73         } ->
  74           %Tesla.Env{
  75             status: 500
  76           }
  77       end)
  78
  79       :ok
  80     end
  81
  82     @tag capture_log: true
  83     test "it works when fetching the OP actor errors out" do
  84       # Here we simulate a case where the author of the OP can't be read
  85       assert {:ok, _} =
  86                Fetcher.fetch_object_from_id(
  87                  "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"
  88                )
  89     end
  90   end
  91
  92   describe "max thread distance restriction" do
  93     @ap_id "http://mastodon.example.org/@admin/99541947525187367"
  94     setup do: clear_config([:instance, :federation_incoming_replies_max_depth])
  95
  96     test "it returns thread depth exceeded error if thread depth is exceeded" do
  97       clear_config([:instance, :federation_incoming_replies_max_depth], 0)
  98
  99       assert {:error, "Max thread distance exceeded."} =
 100                Fetcher.fetch_object_from_id(@ap_id, depth: 1)
 101     end
 102
 103     test "it fetches object if max thread depth is restricted to 0 and depth is not specified" do
 104       clear_config([:instance, :federation_incoming_replies_max_depth], 0)
 105
 106       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id)
 107     end
 108
 109     test "it fetches object if requested depth does not exceed max thread depth" do
 110       clear_config([:instance, :federation_incoming_replies_max_depth], 10)
 111
 112       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id, depth: 10)
 113     end
 114   end
 115
 116   describe "actor origin containment" do
 117     test "it rejects objects with a bogus origin" do
 118       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity.json")
 119     end
 120
 121     test "it rejects objects when attributedTo is wrong (variant 1)" do
 122       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity2.json")
 123     end
 124
 125     test "it rejects objects when attributedTo is wrong (variant 2)" do
 126       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity3.json")
 127     end
 128   end
 129
 130   describe "fetching an object" do
 131     test "it fetches an object" do
 132       {:ok, object} =
 133         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 134
 135       assert _activity = Activity.get_create_by_object_ap_id(object.data["id"])
 136
 137       {:ok, object_again} =
 138         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 139
 140       assert [attachment] = object.data["attachment"]
 141       assert is_list(attachment["url"])
 142
 143       assert object == object_again
 144     end
 145
 146     test "Return MRF reason when fetched status is rejected by one" do
 147       clear_config([:mrf_keyword, :reject], ["yeah"])
 148       clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
 149
 150       assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} ==
 151                Fetcher.fetch_object_from_id(
 152                  "http://mastodon.example.org/@admin/99541947525187367"
 153                )
 154     end
 155
 156     test "it does not fetch a spoofed object uploaded on an instance as an attachment" do
 157       assert {:error, _} =
 158                Fetcher.fetch_object_from_id(
 159                  "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
 160                )
 161     end
 162   end
 163
 164   describe "implementation quirks" do
 165     test "it can fetch plume articles" do
 166       {:ok, object} =
 167         Fetcher.fetch_object_from_id(
 168           "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"
 169         )
 170
 171       assert object
 172     end
 173
 174     test "it can fetch peertube videos" do
 175       {:ok, object} =
 176         Fetcher.fetch_object_from_id(
 177           "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
 178         )
 179
 180       assert object
 181     end
 182
 183     test "it can fetch Mobilizon events" do
 184       {:ok, object} =
 185         Fetcher.fetch_object_from_id(
 186           "https://mobilizon.org/events/252d5816-00a3-4a89-a66f-15bf65c33e39"
 187         )
 188
 189       assert object
 190     end
 191
 192     test "it can fetch wedistribute articles" do
 193       {:ok, object} =
 194         Fetcher.fetch_object_from_id("https://wedistribute.org/wp-json/pterotype/v1/object/85810")
 195
 196       assert object
 197     end
 198
 199     test "all objects with fake directions are rejected by the object fetcher" do
 200       assert {:error, _} =
 201                Fetcher.fetch_and_contain_remote_object_from_id(
 202                  "https://info.pleroma.site/activity4.json"
 203                )
 204     end
 205
 206     test "handle HTTP 410 Gone response" do
 207       assert {:error, "Object has been deleted"} ==
 208                Fetcher.fetch_and_contain_remote_object_from_id(
 209                  "https://mastodon.example.org/users/userisgone"
 210                )
 211     end
 212
 213     test "handle HTTP 404 response" do
 214       assert {:error, "Object has been deleted"} ==
 215                Fetcher.fetch_and_contain_remote_object_from_id(
 216                  "https://mastodon.example.org/users/userisgone404"
 217                )
 218     end
 219
 220     test "it can fetch pleroma polls with attachments" do
 221       {:ok, object} =
 222         Fetcher.fetch_object_from_id("https://patch.cx/objects/tesla_mock/poll_attachment")
 223
 224       assert object
 225     end
 226   end
 227
 228   describe "pruning" do
 229     test "it can refetch pruned objects" do
 230       object_id = "http://mastodon.example.org/@admin/99541947525187367"
 231
 232       {:ok, object} = Fetcher.fetch_object_from_id(object_id)
 233
 234       assert object
 235
 236       {:ok, _object} = Object.prune(object)
 237
 238       refute Object.get_by_ap_id(object_id)
 239
 240       {:ok, %Object{} = object_two} = Fetcher.fetch_object_from_id(object_id)
 241
 242       assert object.data["id"] == object_two.data["id"]
 243       assert object.id != object_two.id
 244     end
 245   end
 246
 247   describe "signed fetches" do
 248     setup do: clear_config([:activitypub, :sign_object_fetches])
 249
 250     test_with_mock "it signs fetches when configured to do so",
 251                    Pleroma.Signature,
 252                    [:passthrough],
 253                    [] do
 254       clear_config([:activitypub, :sign_object_fetches], true)
 255
 256       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 257
 258       assert called(Pleroma.Signature.sign(:_, :_))
 259     end
 260
 261     test_with_mock "it doesn't sign fetches when not configured to do so",
 262                    Pleroma.Signature,
 263                    [:passthrough],
 264                    [] do
 265       clear_config([:activitypub, :sign_object_fetches], false)
 266
 267       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 268
 269       refute called(Pleroma.Signature.sign(:_, :_))
 270     end
 271   end
 272 end