git.squeep.com Git - akkoma/blob - test/pleroma/object/fetcher_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Object.FetcherTest do
   6   use Pleroma.DataCase
   7
   8   alias Pleroma.Activity
   9   alias Pleroma.Config
  10   alias Pleroma.Object
  11   alias Pleroma.Object.Fetcher
  12
  13   import Mock
  14   import Tesla.Mock
  15
  16   setup do
  17     mock(fn
  18       %{method: :get, url: "https://mastodon.example.org/users/userisgone"} ->
  19         %Tesla.Env{status: 410}
  20
  21       %{method: :get, url: "https://mastodon.example.org/users/userisgone404"} ->
  22         %Tesla.Env{status: 404}
  23
  24       %{
  25         method: :get,
  26         url:
  27           "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
  28       } ->
  29         %Tesla.Env{
  30           status: 200,
  31           headers: [{"content-type", "application/json"}],
  32           body: File.read!("test/fixtures/spoofed-object.json")
  33         }
  34
  35       env ->
  36         apply(HttpRequestMock, :request, [env])
  37     end)
  38
  39     :ok
  40   end
  41
  42   describe "error cases" do
  43     setup do
  44       mock(fn
  45         %{method: :get, url: "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"} ->
  46           %Tesla.Env{
  47             status: 200,
  48             body: File.read!("test/fixtures/fetch_mocks/9wTkLEnuq47B25EehM.json"),
  49             headers: HttpRequestMock.activitypub_object_headers()
  50           }
  51
  52         %{method: :get, url: "https://social.sakamoto.gq/users/eal"} ->
  53           %Tesla.Env{
  54             status: 200,
  55             body: File.read!("test/fixtures/fetch_mocks/eal.json"),
  56             headers: HttpRequestMock.activitypub_object_headers()
  57           }
  58
  59         %{method: :get, url: "https://busshi.moe/users/tuxcrafting/statuses/104410921027210069"} ->
  60           %Tesla.Env{
  61             status: 200,
  62             body: File.read!("test/fixtures/fetch_mocks/104410921027210069.json"),
  63             headers: HttpRequestMock.activitypub_object_headers()
  64           }
  65
  66         %{method: :get, url: "https://busshi.moe/users/tuxcrafting"} ->
  67           %Tesla.Env{
  68             status: 500
  69           }
  70       end)
  71
  72       :ok
  73     end
  74
  75     @tag capture_log: true
  76     test "it works when fetching the OP actor errors out" do
  77       # Here we simulate a case where the author of the OP can't be read
  78       assert {:ok, _} =
  79                Fetcher.fetch_object_from_id(
  80                  "https://social.sakamoto.gq/notice/9wTkLEnuq47B25EehM"
  81                )
  82     end
  83   end
  84
  85   describe "max thread distance restriction" do
  86     @ap_id "http://mastodon.example.org/@admin/99541947525187367"
  87     setup do: clear_config([:instance, :federation_incoming_replies_max_depth])
  88
  89     test "it returns thread depth exceeded error if thread depth is exceeded" do
  90       Config.put([:instance, :federation_incoming_replies_max_depth], 0)
  91
  92       assert {:error, "Max thread distance exceeded."} =
  93                Fetcher.fetch_object_from_id(@ap_id, depth: 1)
  94     end
  95
  96     test "it fetches object if max thread depth is restricted to 0 and depth is not specified" do
  97       Config.put([:instance, :federation_incoming_replies_max_depth], 0)
  98
  99       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id)
 100     end
 101
 102     test "it fetches object if requested depth does not exceed max thread depth" do
 103       Config.put([:instance, :federation_incoming_replies_max_depth], 10)
 104
 105       assert {:ok, _} = Fetcher.fetch_object_from_id(@ap_id, depth: 10)
 106     end
 107   end
 108
 109   describe "actor origin containment" do
 110     test "it rejects objects with a bogus origin" do
 111       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity.json")
 112     end
 113
 114     test "it rejects objects when attributedTo is wrong (variant 1)" do
 115       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity2.json")
 116     end
 117
 118     test "it rejects objects when attributedTo is wrong (variant 2)" do
 119       {:error, _} = Fetcher.fetch_object_from_id("https://info.pleroma.site/activity3.json")
 120     end
 121   end
 122
 123   describe "fetching an object" do
 124     test "it fetches an object" do
 125       {:ok, object} =
 126         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 127
 128       assert activity = Activity.get_create_by_object_ap_id(object.data["id"])
 129       assert activity.data["id"]
 130
 131       {:ok, object_again} =
 132         Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 133
 134       assert [attachment] = object.data["attachment"]
 135       assert is_list(attachment["url"])
 136
 137       assert object == object_again
 138     end
 139
 140     test "Return MRF reason when fetched status is rejected by one" do
 141       clear_config([:mrf_keyword, :reject], ["yeah"])
 142       clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
 143
 144       assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} ==
 145                Fetcher.fetch_object_from_id(
 146                  "http://mastodon.example.org/@admin/99541947525187367"
 147                )
 148     end
 149
 150     test "it does not fetch a spoofed object uploaded on an instance as an attachment" do
 151       assert {:error, _} =
 152                Fetcher.fetch_object_from_id(
 153                  "https://patch.cx/media/03ca3c8b4ac3ddd08bf0f84be7885f2f88de0f709112131a22d83650819e36c2.json"
 154                )
 155     end
 156   end
 157
 158   describe "implementation quirks" do
 159     test "it can fetch plume articles" do
 160       {:ok, object} =
 161         Fetcher.fetch_object_from_id(
 162           "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"
 163         )
 164
 165       assert object
 166     end
 167
 168     test "it can fetch peertube videos" do
 169       {:ok, object} =
 170         Fetcher.fetch_object_from_id(
 171           "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
 172         )
 173
 174       assert object
 175     end
 176
 177     test "it can fetch Mobilizon events" do
 178       {:ok, object} =
 179         Fetcher.fetch_object_from_id(
 180           "https://mobilizon.org/events/252d5816-00a3-4a89-a66f-15bf65c33e39"
 181         )
 182
 183       assert object
 184     end
 185
 186     test "it can fetch wedistribute articles" do
 187       {:ok, object} =
 188         Fetcher.fetch_object_from_id("https://wedistribute.org/wp-json/pterotype/v1/object/85810")
 189
 190       assert object
 191     end
 192
 193     test "all objects with fake directions are rejected by the object fetcher" do
 194       assert {:error, _} =
 195                Fetcher.fetch_and_contain_remote_object_from_id(
 196                  "https://info.pleroma.site/activity4.json"
 197                )
 198     end
 199
 200     test "handle HTTP 410 Gone response" do
 201       assert {:error, "Object has been deleted"} ==
 202                Fetcher.fetch_and_contain_remote_object_from_id(
 203                  "https://mastodon.example.org/users/userisgone"
 204                )
 205     end
 206
 207     test "handle HTTP 404 response" do
 208       assert {:error, "Object has been deleted"} ==
 209                Fetcher.fetch_and_contain_remote_object_from_id(
 210                  "https://mastodon.example.org/users/userisgone404"
 211                )
 212     end
 213
 214     test "it can fetch pleroma polls with attachments" do
 215       {:ok, object} =
 216         Fetcher.fetch_object_from_id("https://patch.cx/objects/tesla_mock/poll_attachment")
 217
 218       assert object
 219     end
 220   end
 221
 222   describe "pruning" do
 223     test "it can refetch pruned objects" do
 224       object_id = "http://mastodon.example.org/@admin/99541947525187367"
 225
 226       {:ok, object} = Fetcher.fetch_object_from_id(object_id)
 227
 228       assert object
 229
 230       {:ok, _object} = Object.prune(object)
 231
 232       refute Object.get_by_ap_id(object_id)
 233
 234       {:ok, %Object{} = object_two} = Fetcher.fetch_object_from_id(object_id)
 235
 236       assert object.data["id"] == object_two.data["id"]
 237       assert object.id != object_two.id
 238     end
 239   end
 240
 241   describe "signed fetches" do
 242     setup do: clear_config([:activitypub, :sign_object_fetches])
 243
 244     test_with_mock "it signs fetches when configured to do so",
 245                    Pleroma.Signature,
 246                    [:passthrough],
 247                    [] do
 248       Config.put([:activitypub, :sign_object_fetches], true)
 249
 250       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 251
 252       assert called(Pleroma.Signature.sign(:_, :_))
 253     end
 254
 255     test_with_mock "it doesn't sign fetches when not configured to do so",
 256                    Pleroma.Signature,
 257                    [:passthrough],
 258                    [] do
 259       Config.put([:activitypub, :sign_object_fetches], false)
 260
 261       Fetcher.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367")
 262
 263       refute called(Pleroma.Signature.sign(:_, :_))
 264     end
 265   end
 266 end