1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
6 use Oban.Testing, repo: Pleroma.Repo
11 alias Pleroma.Tests.ObanHelpers
13 alias Pleroma.Web.ActivityPub.Transmogrifier
14 alias Pleroma.Web.AdminAPI.AccountView
15 alias Pleroma.Web.CommonAPI
18 import Pleroma.Factory
19 import ExUnit.CaptureLog
22 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
26 setup do: clear_config([:instance, :max_remote_account_fields])
28 describe "handle_incoming" do
29 test "it works for incoming unfollows with an existing follow" do
33 File.read!("test/fixtures/mastodon-follow-activity.json")
35 |> Map.put("object", user.ap_id)
37 {:ok, %Activity{data: _, local: false}} = Transmogrifier.handle_incoming(follow_data)
40 File.read!("test/fixtures/mastodon-unfollow-activity.json")
42 |> Map.put("object", follow_data)
44 {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
46 assert data["type"] == "Undo"
47 assert data["object"]["type"] == "Follow"
48 assert data["object"]["object"] == user.ap_id
49 assert data["actor"] == "http://mastodon.example.org/users/admin"
51 refute User.following?(User.get_cached_by_ap_id(data["actor"]), user)
54 test "it accepts Flag activities" do
56 other_user = insert(:user)
58 {:ok, activity} = CommonAPI.post(user, %{status: "test post"})
59 object = Object.normalize(activity)
63 "id" => activity.data["id"],
64 "content" => "test post",
65 "published" => object.data["published"],
66 "actor" => AccountView.render("show.json", %{user: user, skip_visibility_check: true})
70 "@context" => "https://www.w3.org/ns/activitystreams",
72 "object" => [user.ap_id, activity.data["id"]],
74 "content" => "blocked AND reported!!!",
75 "actor" => other_user.ap_id
78 assert {:ok, activity} = Transmogrifier.handle_incoming(message)
80 assert activity.data["object"] == [user.ap_id, note_obj]
81 assert activity.data["content"] == "blocked AND reported!!!"
82 assert activity.data["actor"] == other_user.ap_id
83 assert activity.data["cc"] == [user.ap_id]
86 test "it accepts Move activities" do
87 old_user = insert(:user)
88 new_user = insert(:user)
91 "@context" => "https://www.w3.org/ns/activitystreams",
93 "actor" => old_user.ap_id,
94 "object" => old_user.ap_id,
95 "target" => new_user.ap_id
98 assert :error = Transmogrifier.handle_incoming(message)
100 {:ok, _new_user} = User.update_and_set_cache(new_user, %{also_known_as: [old_user.ap_id]})
102 assert {:ok, %Activity{} = activity} = Transmogrifier.handle_incoming(message)
103 assert activity.actor == old_user.ap_id
104 assert activity.data["actor"] == old_user.ap_id
105 assert activity.data["object"] == old_user.ap_id
106 assert activity.data["target"] == new_user.ap_id
107 assert activity.data["type"] == "Move"
111 describe "prepare outgoing" do
112 test "it inlines private announced objects" do
115 {:ok, activity} = CommonAPI.post(user, %{status: "hey", visibility: "private"})
117 {:ok, announce_activity} = CommonAPI.repeat(activity.id, user)
119 {:ok, modified} = Transmogrifier.prepare_outgoing(announce_activity.data)
121 assert modified["object"]["content"] == "hey"
122 assert modified["object"]["actor"] == modified["object"]["attributedTo"]
125 test "it turns mentions into tags" do
127 other_user = insert(:user)
130 CommonAPI.post(user, %{status: "hey, @#{other_user.nickname}, how are ya? #2hu"})
132 with_mock Pleroma.Notification,
133 get_notified_from_activity: fn _, _ -> [] end do
134 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
136 object = modified["object"]
138 expected_mention = %{
139 "href" => other_user.ap_id,
140 "name" => "@#{other_user.nickname}",
145 "href" => Pleroma.Web.Endpoint.url() <> "/tags/2hu",
150 refute called(Pleroma.Notification.get_notified_from_activity(:_, :_))
151 assert Enum.member?(object["tag"], expected_tag)
152 assert Enum.member?(object["tag"], expected_mention)
156 test "it adds the sensitive property" do
159 {:ok, activity} = CommonAPI.post(user, %{status: "#nsfw hey"})
160 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
162 assert modified["object"]["sensitive"]
165 test "it adds the json-ld context and the conversation property" do
168 {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
169 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
171 assert modified["@context"] ==
172 Pleroma.Web.ActivityPub.Utils.make_json_ld_header()["@context"]
174 assert modified["object"]["conversation"] == modified["context"]
177 test "it sets the 'attributedTo' property to the actor of the object if it doesn't have one" do
180 {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
181 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
183 assert modified["object"]["actor"] == modified["object"]["attributedTo"]
186 test "it strips internal hashtag data" do
189 {:ok, activity} = CommonAPI.post(user, %{status: "#2hu"})
192 "href" => Pleroma.Web.Endpoint.url() <> "/tags/2hu",
197 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
199 assert modified["object"]["tag"] == [expected_tag]
202 test "it strips internal fields" do
205 {:ok, activity} = CommonAPI.post(user, %{status: "#2hu :firefox:"})
207 {:ok, %{"object" => modified_object}} = Transmogrifier.prepare_outgoing(activity.data)
210 %{"name" => "#2hu", "type" => "Hashtag"},
211 %{"name" => ":firefox:", "type" => "Emoji"}
212 ] = modified_object["tag"]
214 refute Map.has_key?(modified_object, "hashtags")
215 refute Map.has_key?(modified_object, "emoji")
216 refute Map.has_key?(modified_object, "like_count")
217 refute Map.has_key?(modified_object, "announcements")
218 refute Map.has_key?(modified_object, "announcement_count")
219 refute Map.has_key?(modified_object, "context_id")
222 test "it strips internal fields of article" do
223 activity = insert(:article_activity)
225 {:ok, %{"object" => modified_object}} = Transmogrifier.prepare_outgoing(activity.data)
228 %{"name" => "#2hu", "type" => "Hashtag"},
229 %{"name" => ":2hu:", "type" => "Emoji"}
230 ] = modified_object["tag"]
232 refute Map.has_key?(modified_object, "hashtags")
233 refute Map.has_key?(modified_object, "emoji")
234 refute Map.has_key?(modified_object, "like_count")
235 refute Map.has_key?(modified_object, "announcements")
236 refute Map.has_key?(modified_object, "announcement_count")
237 refute Map.has_key?(modified_object, "context_id")
240 test "the directMessage flag is present" do
242 other_user = insert(:user)
244 {:ok, activity} = CommonAPI.post(user, %{status: "2hu :moominmamma:"})
246 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
248 assert modified["directMessage"] == false
250 {:ok, activity} = CommonAPI.post(user, %{status: "@#{other_user.nickname} :moominmamma:"})
252 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
254 assert modified["directMessage"] == false
257 CommonAPI.post(user, %{
258 status: "@#{other_user.nickname} :moominmamma:",
262 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
264 assert modified["directMessage"] == true
267 test "it strips BCC field" do
269 {:ok, list} = Pleroma.List.create("foo", user)
271 {:ok, activity} = CommonAPI.post(user, %{status: "foobar", visibility: "list:#{list.id}"})
273 {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
275 assert is_nil(modified["bcc"])
278 test "it can handle Listen activities" do
279 listen_activity = insert(:listen)
281 {:ok, modified} = Transmogrifier.prepare_outgoing(listen_activity.data)
283 assert modified["type"] == "Listen"
287 {:ok, activity} = CommonAPI.listen(user, %{"title" => "lain radio episode 1"})
289 {:ok, _modified} = Transmogrifier.prepare_outgoing(activity.data)
293 describe "user upgrade" do
294 test "it upgrades a user to activitypub" do
297 nickname: "rye@niu.moe",
299 ap_id: "https://niu.moe/users/rye",
300 follower_address: User.ap_followers(%User{nickname: "rye@niu.moe"})
303 user_two = insert(:user)
304 Pleroma.FollowingRelationship.follow(user_two, user, :follow_accept)
306 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
307 {:ok, unrelated_activity} = CommonAPI.post(user_two, %{status: "test"})
308 assert "http://localhost:4001/users/rye@niu.moe/followers" in activity.recipients
310 user = User.get_cached_by_id(user.id)
311 assert user.note_count == 1
313 {:ok, user} = Transmogrifier.upgrade_user_from_ap_id("https://niu.moe/users/rye")
314 ObanHelpers.perform_all()
316 assert user.ap_enabled
317 assert user.note_count == 1
318 assert user.follower_address == "https://niu.moe/users/rye/followers"
319 assert user.following_address == "https://niu.moe/users/rye/following"
321 user = User.get_cached_by_id(user.id)
322 assert user.note_count == 1
324 activity = Activity.get_by_id(activity.id)
325 assert user.follower_address in activity.recipients
331 "https://cdn.niu.moe/accounts/avatars/000/033/323/original/fd7f8ae0b3ffedc9.jpeg"
340 "https://cdn.niu.moe/accounts/headers/000/033/323/original/850b3448fa5fd477.png"
345 refute "..." in activity.recipients
347 unrelated_activity = Activity.get_by_id(unrelated_activity.id)
348 refute user.follower_address in unrelated_activity.recipients
350 user_two = User.get_cached_by_id(user_two.id)
351 assert User.following?(user_two, user)
352 refute "..." in User.following(user_two)
356 describe "actor rewriting" do
357 test "it fixes the actor URL property to be a proper URI" do
359 "url" => %{"href" => "http://example.com"}
362 rewritten = Transmogrifier.maybe_fix_user_object(data)
363 assert rewritten["url"] == "http://example.com"
367 describe "actor origin containment" do
368 test "it rejects activities which reference objects with bogus origins" do
370 "@context" => "https://www.w3.org/ns/activitystreams",
371 "id" => "http://mastodon.example.org/users/admin/activities/1234",
372 "actor" => "http://mastodon.example.org/users/admin",
373 "to" => ["https://www.w3.org/ns/activitystreams#Public"],
374 "object" => "https://info.pleroma.site/activity.json",
378 assert capture_log(fn ->
379 {:error, _} = Transmogrifier.handle_incoming(data)
380 end) =~ "Object containment failed"
383 test "it rejects activities which reference objects that have an incorrect attribution (variant 1)" do
385 "@context" => "https://www.w3.org/ns/activitystreams",
386 "id" => "http://mastodon.example.org/users/admin/activities/1234",
387 "actor" => "http://mastodon.example.org/users/admin",
388 "to" => ["https://www.w3.org/ns/activitystreams#Public"],
389 "object" => "https://info.pleroma.site/activity2.json",
393 assert capture_log(fn ->
394 {:error, _} = Transmogrifier.handle_incoming(data)
395 end) =~ "Object containment failed"
398 test "it rejects activities which reference objects that have an incorrect attribution (variant 2)" do
400 "@context" => "https://www.w3.org/ns/activitystreams",
401 "id" => "http://mastodon.example.org/users/admin/activities/1234",
402 "actor" => "http://mastodon.example.org/users/admin",
403 "to" => ["https://www.w3.org/ns/activitystreams#Public"],
404 "object" => "https://info.pleroma.site/activity3.json",
408 assert capture_log(fn ->
409 {:error, _} = Transmogrifier.handle_incoming(data)
410 end) =~ "Object containment failed"
414 describe "fix_explicit_addressing" do
420 test "moves non-explicitly mentioned actors to cc", %{user: user} do
421 explicitly_mentioned_actors = [
422 "https://pleroma.gold/users/user1",
423 "https://pleroma.gold/user2"
427 "actor" => user.ap_id,
428 "to" => explicitly_mentioned_actors ++ ["https://social.beepboop.ga/users/dirb"],
431 Enum.map(explicitly_mentioned_actors, fn href ->
432 %{"type" => "Mention", "href" => href}
436 fixed_object = Transmogrifier.fix_explicit_addressing(object)
437 assert Enum.all?(explicitly_mentioned_actors, &(&1 in fixed_object["to"]))
438 refute "https://social.beepboop.ga/users/dirb" in fixed_object["to"]
439 assert "https://social.beepboop.ga/users/dirb" in fixed_object["cc"]
442 test "does not move actor's follower collection to cc", %{user: user} do
444 "actor" => user.ap_id,
445 "to" => [user.follower_address],
449 fixed_object = Transmogrifier.fix_explicit_addressing(object)
450 assert user.follower_address in fixed_object["to"]
451 refute user.follower_address in fixed_object["cc"]
454 test "removes recipient's follower collection from cc", %{user: user} do
455 recipient = insert(:user)
458 "actor" => user.ap_id,
459 "to" => [recipient.ap_id, "https://www.w3.org/ns/activitystreams#Public"],
460 "cc" => [user.follower_address, recipient.follower_address]
463 fixed_object = Transmogrifier.fix_explicit_addressing(object)
465 assert user.follower_address in fixed_object["cc"]
466 refute recipient.follower_address in fixed_object["cc"]
467 refute recipient.follower_address in fixed_object["to"]
471 describe "fix_summary/1" do
472 test "returns fixed object" do
473 assert Transmogrifier.fix_summary(%{"summary" => nil}) == %{"summary" => ""}
474 assert Transmogrifier.fix_summary(%{"summary" => "ok"}) == %{"summary" => "ok"}
475 assert Transmogrifier.fix_summary(%{}) == %{"summary" => ""}
479 describe "fix_url/1" do
480 test "fixes data for object when url is map" do
484 "mimeType" => "video/mp4",
485 "href" => "https://peede8d-46fb-ad81-2d4c2d1630e3-480.mp4"
489 assert Transmogrifier.fix_url(object) == %{
490 "url" => "https://peede8d-46fb-ad81-2d4c2d1630e3-480.mp4"
494 test "returns non-modified object" do
495 assert Transmogrifier.fix_url(%{"type" => "Text"}) == %{"type" => "Text"}
499 describe "get_obj_helper/2" do
500 test "returns nil when cannot normalize object" do
501 assert capture_log(fn ->
502 refute Transmogrifier.get_obj_helper("test-obj-id")
503 end) =~ "Unsupported URI scheme"
506 @tag capture_log: true
507 test "returns {:ok, %Object{}} for success case" do
508 assert {:ok, %Object{}} =
509 Transmogrifier.get_obj_helper(
510 "https://mstdn.io/users/mayuutann/statuses/99568293732299394"