1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
6 use Pleroma.DataCase, async: true
10 alias Pleroma.Web.AdminAPI
11 alias Pleroma.Web.AdminAPI.Report
12 alias Pleroma.Web.AdminAPI.ReportView
13 alias Pleroma.Web.CommonAPI
14 alias Pleroma.Web.MastodonAPI
15 alias Pleroma.Web.MastodonAPI.StatusView
17 test "renders a report" do
19 other_user = insert(:user)
21 {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})
27 MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
28 AdminAPI.AccountView.render("show.json", %{user: user})
32 MastodonAPI.AccountView.render("show.json", %{
34 skip_visibility_check: true
36 AdminAPI.AccountView.render("show.json", %{user: other_user})
45 ReportView.render("show.json", Report.extract_report_info(activity))
46 |> Map.delete(:created_at)
48 assert result == expected
51 test "includes reported statuses" do
53 other_user = insert(:user)
54 {:ok, activity} = CommonAPI.post(other_user, %{status: "toot"})
56 {:ok, report_activity} =
57 CommonAPI.report(user, %{account_id: other_user.id, status_ids: [activity.id]})
59 other_user = Pleroma.User.get_by_id(other_user.id)
65 MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
66 AdminAPI.AccountView.render("show.json", %{user: user})
70 MastodonAPI.AccountView.render("show.json", %{
72 skip_visibility_check: true
74 AdminAPI.AccountView.render("show.json", %{user: other_user})
76 statuses: [StatusView.render("show.json", %{activity: activity})],
79 id: report_activity.id
83 ReportView.render("show.json", Report.extract_report_info(report_activity))
84 |> Map.delete(:created_at)
86 assert result == expected
89 test "renders report's state" do
91 other_user = insert(:user)
93 {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})
94 {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
96 assert %{state: "closed"} =
97 ReportView.render("show.json", Report.extract_report_info(activity))
100 test "renders report description" do
102 other_user = insert(:user)
105 CommonAPI.report(user, %{
106 account_id: other_user.id,
107 comment: "posts are too good for this instance"
110 assert %{content: "posts are too good for this instance"} =
111 ReportView.render("show.json", Report.extract_report_info(activity))
114 test "sanitizes report description" do
116 other_user = insert(:user)
119 CommonAPI.report(user, %{
120 account_id: other_user.id,
124 data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
125 activity = Map.put(activity, :data, data)
127 refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
128 ReportView.render("show.json", Report.extract_report_info(activity))[:content]
131 test "doesn't error out when the user doesn't exists" do
133 other_user = insert(:user)
136 CommonAPI.report(user, %{
137 account_id: other_user.id,
141 Pleroma.User.delete(other_user)
142 Pleroma.User.invalidate_cache(other_user)
144 assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))
147 test "reports are ordered newest first" do
149 other_user = insert(:user)
152 CommonAPI.report(user, %{
153 account_id: other_user.id,
154 comment: "first report"
158 CommonAPI.report(user, %{
159 account_id: other_user.id,
160 comment: "second report"
163 %{reports: rendered} =
164 ReportView.render("index.json",
165 reports: Pleroma.Web.ActivityPub.Utils.get_reports(%{}, 1, 50)
168 assert report2.id == rendered |> Enum.at(0) |> Map.get(:id)
169 assert report1.id == rendered |> Enum.at(1) |> Map.get(:id)