1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
10 alias Pleroma.Conversation.Participation
13 alias Pleroma.ScheduledActivity
14 alias Pleroma.Tests.ObanHelpers
16 alias Pleroma.Web.ActivityPub.ActivityPub
17 alias Pleroma.Web.CommonAPI
19 import Pleroma.Factory
21 setup do: clear_config([:instance, :federating])
22 setup do: clear_config([:instance, :allow_relay])
23 setup do: clear_config([:rich_media, :enabled])
24 setup do: clear_config([:mrf, :policies])
25 setup do: clear_config([:mrf_keyword, :reject])
27 describe "posting statuses" do
28 setup do: oauth_access(["write:statuses"])
30 test "posting a status does not increment reblog_count when relaying", %{conn: conn} do
31 clear_config([:instance, :federating], true)
32 Config.get([:instance, :allow_relay], true)
36 |> put_req_header("content-type", "application/json")
37 |> post("api/v1/statuses", %{
38 "content_type" => "text/plain",
39 "source" => "Pleroma FE",
40 "status" => "Hello world",
41 "visibility" => "public"
43 |> json_response_and_validate_schema(200)
45 assert response["reblogs_count"] == 0
46 ObanHelpers.perform_all()
50 |> get("api/v1/statuses/#{response["id"]}", %{})
51 |> json_response_and_validate_schema(200)
53 assert response["reblogs_count"] == 0
56 test "posting a status", %{conn: conn} do
57 idempotency_key = "Pikachu rocks!"
61 |> put_req_header("content-type", "application/json")
62 |> put_req_header("idempotency-key", idempotency_key)
63 |> post("/api/v1/statuses", %{
65 "spoiler_text" => "2hu",
69 assert %{"content" => "cofe", "id" => id, "spoiler_text" => "2hu", "sensitive" => false} =
70 json_response_and_validate_schema(conn_one, 200)
72 assert Activity.get_by_id(id)
76 |> put_req_header("content-type", "application/json")
77 |> put_req_header("idempotency-key", idempotency_key)
78 |> post("/api/v1/statuses", %{
80 "spoiler_text" => "2hu",
84 assert %{"id" => second_id} = json_response(conn_two, 200)
85 assert id == second_id
89 |> put_req_header("content-type", "application/json")
90 |> post("/api/v1/statuses", %{
92 "spoiler_text" => "2hu",
93 "sensitive" => "False"
96 assert %{"id" => third_id} = json_response_and_validate_schema(conn_three, 200)
99 # An activity that will expire:
101 expires_in = 2 * 60 * 60
103 expires_at = DateTime.add(DateTime.utc_now(), expires_in)
107 |> put_req_header("content-type", "application/json")
108 |> post("api/v1/statuses", %{
109 "status" => "oolong",
110 "expires_in" => expires_in
113 assert %{"id" => fourth_id} = json_response_and_validate_schema(conn_four, 200)
115 assert Activity.get_by_id(fourth_id)
118 worker: Pleroma.Workers.PurgeExpiredActivity,
119 args: %{activity_id: fourth_id},
120 scheduled_at: expires_at
124 test "it fails to create a status if `expires_in` is less or equal than an hour", %{
130 assert %{"error" => "Expiry date is too soon"} =
132 |> put_req_header("content-type", "application/json")
133 |> post("api/v1/statuses", %{
134 "status" => "oolong",
135 "expires_in" => expires_in
137 |> json_response_and_validate_schema(422)
142 assert %{"error" => "Expiry date is too soon"} =
144 |> put_req_header("content-type", "application/json")
145 |> post("api/v1/statuses", %{
146 "status" => "oolong",
147 "expires_in" => expires_in
149 |> json_response_and_validate_schema(422)
152 test "Get MRF reason when posting a status is rejected by one", %{conn: conn} do
153 clear_config([:mrf_keyword, :reject], ["GNO"])
154 clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
156 assert %{"error" => "[KeywordPolicy] Matches with rejected keyword"} =
158 |> put_req_header("content-type", "application/json")
159 |> post("api/v1/statuses", %{"status" => "GNO/Linux"})
160 |> json_response_and_validate_schema(422)
163 test "posting an undefined status with an attachment", %{user: user, conn: conn} do
165 content_type: "image/jpeg",
166 path: Path.absname("test/fixtures/image.jpg"),
167 filename: "an_image.jpg"
170 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
174 |> put_req_header("content-type", "application/json")
175 |> post("/api/v1/statuses", %{
176 "media_ids" => [to_string(upload.id)]
179 assert json_response_and_validate_schema(conn, 200)
182 test "replying to a status", %{user: user, conn: conn} do
183 {:ok, replied_to} = CommonAPI.post(user, %{status: "cofe"})
187 |> put_req_header("content-type", "application/json")
188 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
190 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn, 200)
192 activity = Activity.get_by_id(id)
194 assert activity.data["context"] == replied_to.data["context"]
195 assert Activity.get_in_reply_to_activity(activity).id == replied_to.id
198 test "replying to a direct message with visibility other than direct", %{
202 {:ok, replied_to} = CommonAPI.post(user, %{status: "suya..", visibility: "direct"})
204 Enum.each(["public", "private", "unlisted"], fn visibility ->
207 |> put_req_header("content-type", "application/json")
208 |> post("/api/v1/statuses", %{
209 "status" => "@#{user.nickname} hey",
210 "in_reply_to_id" => replied_to.id,
211 "visibility" => visibility
214 assert json_response_and_validate_schema(conn, 422) == %{
215 "error" => "The message visibility must be direct"
220 test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
223 |> put_req_header("content-type", "application/json")
224 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})
226 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn, 200)
227 assert Activity.get_by_id(id)
230 test "posting a sensitive status", %{conn: conn} do
233 |> put_req_header("content-type", "application/json")
234 |> post("/api/v1/statuses", %{"status" => "cofe", "sensitive" => true})
236 assert %{"content" => "cofe", "id" => id, "sensitive" => true} =
237 json_response_and_validate_schema(conn, 200)
239 assert Activity.get_by_id(id)
242 test "posting a fake status", %{conn: conn} do
245 |> put_req_header("content-type", "application/json")
246 |> post("/api/v1/statuses", %{
248 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it"
251 real_status = json_response_and_validate_schema(real_conn, 200)
254 assert Object.get_by_ap_id(real_status["uri"])
258 |> Map.put("id", nil)
259 |> Map.put("url", nil)
260 |> Map.put("uri", nil)
261 |> Map.put("created_at", nil)
262 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
266 |> assign(:user, refresh_record(conn.assigns.user))
267 |> put_req_header("content-type", "application/json")
268 |> post("/api/v1/statuses", %{
270 "\"Tenshi Eating a Corndog\" is a much discussed concept on /jp/. The significance of it is disputed, so I will focus on one core concept: the symbolism behind it",
274 fake_status = json_response_and_validate_schema(fake_conn, 200)
277 refute Object.get_by_ap_id(fake_status["uri"])
281 |> Map.put("id", nil)
282 |> Map.put("url", nil)
283 |> Map.put("uri", nil)
284 |> Map.put("created_at", nil)
285 |> Kernel.put_in(["pleroma", "conversation_id"], nil)
287 assert real_status == fake_status
290 test "fake statuses' preview card is not cached", %{conn: conn} do
291 clear_config([:rich_media, :enabled], true)
296 url: "https://example.com/twitter-card"
298 %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/twitter_card.html")}
301 apply(HttpRequestMock, :request, [env])
306 |> put_req_header("content-type", "application/json")
307 |> post("/api/v1/statuses", %{
308 "status" => "https://example.com/ogp",
314 |> put_req_header("content-type", "application/json")
315 |> post("/api/v1/statuses", %{
316 "status" => "https://example.com/twitter-card",
320 assert %{"card" => %{"title" => "The Rock"}} = json_response_and_validate_schema(conn1, 200)
322 assert %{"card" => %{"title" => "Small Island Developing States Photo Submission"}} =
323 json_response_and_validate_schema(conn2, 200)
326 test "posting a status with OGP link preview", %{conn: conn} do
327 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
328 clear_config([:rich_media, :enabled], true)
332 |> put_req_header("content-type", "application/json")
333 |> post("/api/v1/statuses", %{
334 "status" => "https://example.com/ogp"
337 assert %{"id" => id, "card" => %{"title" => "The Rock"}} =
338 json_response_and_validate_schema(conn, 200)
340 assert Activity.get_by_id(id)
343 test "posting a direct status", %{conn: conn} do
344 user2 = insert(:user)
345 content = "direct cofe @#{user2.nickname}"
349 |> put_req_header("content-type", "application/json")
350 |> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})
352 assert %{"id" => id} = response = json_response_and_validate_schema(conn, 200)
353 assert response["visibility"] == "direct"
354 assert response["pleroma"]["direct_conversation_id"]
355 assert activity = Activity.get_by_id(id)
356 assert activity.recipients == [user2.ap_id, conn.assigns[:user].ap_id]
357 assert activity.data["to"] == [user2.ap_id]
358 assert activity.data["cc"] == []
361 test "discloses application metadata when enabled" do
362 user = insert(:user, disclose_client: true)
363 %{user: _user, token: token, conn: conn} = oauth_access(["write:statuses"], user: user)
365 %Pleroma.Web.OAuth.Token{
366 app: %Pleroma.Web.OAuth.App{
367 client_name: app_name,
374 |> put_req_header("content-type", "application/json")
375 |> post("/api/v1/statuses", %{
376 "status" => "cofe is my copilot"
380 "content" => "cofe is my copilot"
381 } = json_response_and_validate_schema(result, 200)
383 activity = result.assigns.activity.id
387 |> get("api/v1/statuses/#{activity}")
390 "content" => "cofe is my copilot",
393 "website" => ^app_website
395 } = json_response_and_validate_schema(result, 200)
398 test "hides application metadata when disabled" do
399 user = insert(:user, disclose_client: false)
400 %{user: _user, token: _token, conn: conn} = oauth_access(["write:statuses"], user: user)
404 |> put_req_header("content-type", "application/json")
405 |> post("/api/v1/statuses", %{
406 "status" => "club mate is my wingman"
409 assert %{"content" => "club mate is my wingman"} =
410 json_response_and_validate_schema(result, 200)
412 activity = result.assigns.activity.id
416 |> get("api/v1/statuses/#{activity}")
419 "content" => "club mate is my wingman",
421 } = json_response_and_validate_schema(result, 200)
425 describe "posting scheduled statuses" do
426 setup do: oauth_access(["write:statuses"])
428 test "creates a scheduled activity", %{conn: conn} do
430 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
431 |> NaiveDateTime.to_iso8601()
436 |> put_req_header("content-type", "application/json")
437 |> post("/api/v1/statuses", %{
438 "status" => "scheduled",
439 "scheduled_at" => scheduled_at
442 assert %{"scheduled_at" => expected_scheduled_at} =
443 json_response_and_validate_schema(conn, 200)
445 assert expected_scheduled_at == CommonAPI.Utils.to_masto_date(scheduled_at)
446 assert [] == Repo.all(Activity)
449 test "with expiration" do
450 %{conn: conn} = oauth_access(["write:statuses", "read:statuses"])
453 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond)
454 |> NaiveDateTime.to_iso8601()
457 assert %{"id" => status_id, "params" => %{"expires_in" => 300}} =
459 |> put_req_header("content-type", "application/json")
460 |> post("/api/v1/statuses", %{
461 "status" => "scheduled",
462 "scheduled_at" => scheduled_at,
465 |> json_response_and_validate_schema(200)
467 assert %{"id" => ^status_id, "params" => %{"expires_in" => 300}} =
469 |> put_req_header("content-type", "application/json")
470 |> get("/api/v1/scheduled_statuses/#{status_id}")
471 |> json_response_and_validate_schema(200)
474 test "ignores nil values", %{conn: conn} do
477 |> put_req_header("content-type", "application/json")
478 |> post("/api/v1/statuses", %{
479 "status" => "not scheduled",
480 "scheduled_at" => nil
483 assert result = json_response_and_validate_schema(conn, 200)
484 assert Activity.get_by_id(result["id"])
487 test "creates a scheduled activity with a media attachment", %{user: user, conn: conn} do
489 NaiveDateTime.utc_now()
490 |> NaiveDateTime.add(:timer.minutes(120), :millisecond)
491 |> NaiveDateTime.to_iso8601()
495 content_type: "image/jpeg",
496 path: Path.absname("test/fixtures/image.jpg"),
497 filename: "an_image.jpg"
500 {:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
504 |> put_req_header("content-type", "application/json")
505 |> post("/api/v1/statuses", %{
506 "media_ids" => [to_string(upload.id)],
507 "status" => "scheduled",
508 "scheduled_at" => scheduled_at
511 assert %{"media_attachments" => [media_attachment]} =
512 json_response_and_validate_schema(conn, 200)
514 assert %{"type" => "image"} = media_attachment
517 test "skips the scheduling and creates the activity if scheduled_at is earlier than 5 minutes from now",
520 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(5) - 1, :millisecond)
521 |> NaiveDateTime.to_iso8601()
526 |> put_req_header("content-type", "application/json")
527 |> post("/api/v1/statuses", %{
528 "status" => "not scheduled",
529 "scheduled_at" => scheduled_at
532 assert %{"content" => "not scheduled"} = json_response_and_validate_schema(conn, 200)
533 assert [] == Repo.all(ScheduledActivity)
536 test "returns error when daily user limit is exceeded", %{user: user, conn: conn} do
538 NaiveDateTime.utc_now()
539 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
540 |> NaiveDateTime.to_iso8601()
544 attrs = %{params: %{}, scheduled_at: today}
545 {:ok, _} = ScheduledActivity.create(user, attrs)
546 {:ok, _} = ScheduledActivity.create(user, attrs)
550 |> put_req_header("content-type", "application/json")
551 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => today})
553 assert %{"error" => "daily limit exceeded"} == json_response_and_validate_schema(conn, 422)
556 test "returns error when total user limit is exceeded", %{user: user, conn: conn} do
558 NaiveDateTime.utc_now()
559 |> NaiveDateTime.add(:timer.minutes(6), :millisecond)
560 |> NaiveDateTime.to_iso8601()
564 NaiveDateTime.utc_now()
565 |> NaiveDateTime.add(:timer.hours(36), :millisecond)
566 |> NaiveDateTime.to_iso8601()
569 attrs = %{params: %{}, scheduled_at: today}
570 {:ok, _} = ScheduledActivity.create(user, attrs)
571 {:ok, _} = ScheduledActivity.create(user, attrs)
572 {:ok, _} = ScheduledActivity.create(user, %{params: %{}, scheduled_at: tomorrow})
576 |> put_req_header("content-type", "application/json")
577 |> post("/api/v1/statuses", %{"status" => "scheduled", "scheduled_at" => tomorrow})
579 assert %{"error" => "total limit exceeded"} == json_response_and_validate_schema(conn, 422)
583 describe "posting polls" do
584 setup do: oauth_access(["write:statuses"])
586 test "posting a poll", %{conn: conn} do
587 time = NaiveDateTime.utc_now()
591 |> put_req_header("content-type", "application/json")
592 |> post("/api/v1/statuses", %{
593 "status" => "Who is the #bestgrill?",
595 "options" => ["Rei", "Asuka", "Misato"],
600 response = json_response_and_validate_schema(conn, 200)
602 assert Enum.all?(response["poll"]["options"], fn %{"title" => title} ->
603 title in ["Rei", "Asuka", "Misato"]
606 assert NaiveDateTime.diff(NaiveDateTime.from_iso8601!(response["poll"]["expires_at"]), time) in 420..430
607 assert response["poll"]["expired"] == false
609 question = Object.get_by_id(response["poll"]["id"])
611 # closed contains utc timezone
612 assert question.data["closed"] =~ "Z"
615 test "option limit is enforced", %{conn: conn} do
616 limit = Config.get([:instance, :poll_limits, :max_options])
620 |> put_req_header("content-type", "application/json")
621 |> post("/api/v1/statuses", %{
623 "poll" => %{"options" => Enum.map(0..limit, fn _ -> "desu" end), "expires_in" => 1}
626 %{"error" => error} = json_response_and_validate_schema(conn, 422)
627 assert error == "Poll can't contain more than #{limit} options"
630 test "option character limit is enforced", %{conn: conn} do
631 limit = Config.get([:instance, :poll_limits, :max_option_chars])
635 |> put_req_header("content-type", "application/json")
636 |> post("/api/v1/statuses", %{
639 "options" => [Enum.reduce(0..limit, "", fn _, acc -> acc <> "." end)],
644 %{"error" => error} = json_response_and_validate_schema(conn, 422)
645 assert error == "Poll options cannot be longer than #{limit} characters each"
648 test "minimal date limit is enforced", %{conn: conn} do
649 limit = Config.get([:instance, :poll_limits, :min_expiration])
653 |> put_req_header("content-type", "application/json")
654 |> post("/api/v1/statuses", %{
655 "status" => "imagine arbitrary limits",
657 "options" => ["this post was made by pleroma gang"],
658 "expires_in" => limit - 1
662 %{"error" => error} = json_response_and_validate_schema(conn, 422)
663 assert error == "Expiration date is too soon"
666 test "maximum date limit is enforced", %{conn: conn} do
667 limit = Config.get([:instance, :poll_limits, :max_expiration])
671 |> put_req_header("content-type", "application/json")
672 |> post("/api/v1/statuses", %{
673 "status" => "imagine arbitrary limits",
675 "options" => ["this post was made by pleroma gang"],
676 "expires_in" => limit + 1
680 %{"error" => error} = json_response_and_validate_schema(conn, 422)
681 assert error == "Expiration date is too far in the future"
684 test "scheduled poll", %{conn: conn} do
685 clear_config([ScheduledActivity, :enabled], true)
688 NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(6), :millisecond)
689 |> NaiveDateTime.to_iso8601()
692 %{"id" => scheduled_id} =
694 |> put_req_header("content-type", "application/json")
695 |> post("/api/v1/statuses", %{
696 "status" => "very cool poll",
698 "options" => ~w(a b c),
701 "scheduled_at" => scheduled_at
703 |> json_response_and_validate_schema(200)
705 assert {:ok, %{id: activity_id}} =
706 perform_job(Pleroma.Workers.ScheduledActivityWorker, %{
707 activity_id: scheduled_id
710 assert Repo.all(Oban.Job) == []
714 |> Repo.get(activity_id)
715 |> Object.normalize()
717 assert object.data["content"] == "very cool poll"
718 assert object.data["type"] == "Question"
719 assert length(object.data["oneOf"]) == 3
723 test "get a status" do
724 %{conn: conn} = oauth_access(["read:statuses"])
725 activity = insert(:note_activity)
727 conn = get(conn, "/api/v1/statuses/#{activity.id}")
729 assert %{"id" => id} = json_response_and_validate_schema(conn, 200)
730 assert id == to_string(activity.id)
733 defp local_and_remote_activities do
734 local = insert(:note_activity)
735 remote = insert(:note_activity, local: false)
736 {:ok, local: local, remote: remote}
739 describe "status with restrict unauthenticated activities for local and remote" do
740 setup do: local_and_remote_activities()
742 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
744 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
746 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
747 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
749 assert json_response_and_validate_schema(res_conn, :not_found) == %{
750 "error" => "Record not found"
753 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
755 assert json_response_and_validate_schema(res_conn, :not_found) == %{
756 "error" => "Record not found"
760 test "if user is authenticated", %{local: local, remote: remote} do
761 %{conn: conn} = oauth_access(["read"])
762 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
763 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
765 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
766 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
770 describe "status with restrict unauthenticated activities for local" do
771 setup do: local_and_remote_activities()
773 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
775 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
776 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
778 assert json_response_and_validate_schema(res_conn, :not_found) == %{
779 "error" => "Record not found"
782 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
783 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
786 test "if user is authenticated", %{local: local, remote: remote} do
787 %{conn: conn} = oauth_access(["read"])
788 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
789 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
791 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
792 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
796 describe "status with restrict unauthenticated activities for remote" do
797 setup do: local_and_remote_activities()
799 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
801 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
802 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
803 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
805 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
807 assert json_response_and_validate_schema(res_conn, :not_found) == %{
808 "error" => "Record not found"
812 test "if user is authenticated", %{local: local, remote: remote} do
813 %{conn: conn} = oauth_access(["read"])
814 res_conn = get(conn, "/api/v1/statuses/#{local.id}")
815 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
817 res_conn = get(conn, "/api/v1/statuses/#{remote.id}")
818 assert %{"id" => _} = json_response_and_validate_schema(res_conn, 200)
822 test "getting a status that doesn't exist returns 404" do
823 %{conn: conn} = oauth_access(["read:statuses"])
824 activity = insert(:note_activity)
826 conn = get(conn, "/api/v1/statuses/#{String.downcase(activity.id)}")
828 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
831 test "get a direct status" do
832 %{user: user, conn: conn} = oauth_access(["read:statuses"])
833 other_user = insert(:user)
836 CommonAPI.post(user, %{status: "@#{other_user.nickname}", visibility: "direct"})
840 |> assign(:user, user)
841 |> get("/api/v1/statuses/#{activity.id}")
843 [participation] = Participation.for_user(user)
845 res = json_response_and_validate_schema(conn, 200)
846 assert res["pleroma"]["direct_conversation_id"] == participation.id
849 test "get statuses by IDs" do
850 %{conn: conn} = oauth_access(["read:statuses"])
851 %{id: id1} = insert(:note_activity)
852 %{id: id2} = insert(:note_activity)
854 query_string = "ids[]=#{id1}&ids[]=#{id2}"
855 conn = get(conn, "/api/v1/statuses/?#{query_string}")
857 assert [%{"id" => ^id1}, %{"id" => ^id2}] =
858 Enum.sort_by(json_response_and_validate_schema(conn, :ok), & &1["id"])
861 describe "getting statuses by ids with restricted unauthenticated for local and remote" do
862 setup do: local_and_remote_activities()
864 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
866 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
868 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
869 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
871 assert json_response_and_validate_schema(res_conn, 200) == []
874 test "if user is authenticated", %{local: local, remote: remote} do
875 %{conn: conn} = oauth_access(["read"])
877 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
879 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
883 describe "getting statuses by ids with restricted unauthenticated for local" do
884 setup do: local_and_remote_activities()
886 setup do: clear_config([:restrict_unauthenticated, :activities, :local], true)
888 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
889 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
891 remote_id = remote.id
892 assert [%{"id" => ^remote_id}] = json_response_and_validate_schema(res_conn, 200)
895 test "if user is authenticated", %{local: local, remote: remote} do
896 %{conn: conn} = oauth_access(["read"])
898 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
900 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
904 describe "getting statuses by ids with restricted unauthenticated for remote" do
905 setup do: local_and_remote_activities()
907 setup do: clear_config([:restrict_unauthenticated, :activities, :remote], true)
909 test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
910 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
913 assert [%{"id" => ^local_id}] = json_response_and_validate_schema(res_conn, 200)
916 test "if user is authenticated", %{local: local, remote: remote} do
917 %{conn: conn} = oauth_access(["read"])
919 res_conn = get(conn, "/api/v1/statuses?ids[]=#{local.id}&ids[]=#{remote.id}")
921 assert length(json_response_and_validate_schema(res_conn, 200)) == 2
925 describe "deleting a status" do
926 test "when you created it" do
927 %{user: author, conn: conn} = oauth_access(["write:statuses"])
928 activity = insert(:note_activity, user: author)
929 object = Object.normalize(activity, fetch: false)
931 content = object.data["content"]
932 source = object.data["source"]
936 |> assign(:user, author)
937 |> delete("/api/v1/statuses/#{activity.id}")
938 |> json_response_and_validate_schema(200)
940 assert match?(%{"content" => ^content, "text" => ^source}, result)
942 refute Activity.get_by_id(activity.id)
945 test "when it doesn't exist" do
946 %{user: author, conn: conn} = oauth_access(["write:statuses"])
947 activity = insert(:note_activity, user: author)
951 |> assign(:user, author)
952 |> delete("/api/v1/statuses/#{String.downcase(activity.id)}")
954 assert %{"error" => "Record not found"} == json_response_and_validate_schema(conn, 404)
957 test "when you didn't create it" do
958 %{conn: conn} = oauth_access(["write:statuses"])
959 activity = insert(:note_activity)
961 conn = delete(conn, "/api/v1/statuses/#{activity.id}")
963 assert %{"error" => "Record not found"} == json_response_and_validate_schema(conn, 404)
965 assert Activity.get_by_id(activity.id) == activity
968 test "when you're an admin or moderator", %{conn: conn} do
969 activity1 = insert(:note_activity)
970 activity2 = insert(:note_activity)
971 admin = insert(:user, is_admin: true)
972 moderator = insert(:user, is_moderator: true)
976 |> assign(:user, admin)
977 |> assign(:token, insert(:oauth_token, user: admin, scopes: ["write:statuses"]))
978 |> delete("/api/v1/statuses/#{activity1.id}")
980 assert %{} = json_response_and_validate_schema(res_conn, 200)
984 |> assign(:user, moderator)
985 |> assign(:token, insert(:oauth_token, user: moderator, scopes: ["write:statuses"]))
986 |> delete("/api/v1/statuses/#{activity2.id}")
988 assert %{} = json_response_and_validate_schema(res_conn, 200)
990 refute Activity.get_by_id(activity1.id)
991 refute Activity.get_by_id(activity2.id)
995 describe "reblogging" do
996 setup do: oauth_access(["write:statuses"])
998 test "reblogs and returns the reblogged status", %{conn: conn} do
999 activity = insert(:note_activity)
1003 |> put_req_header("content-type", "application/json")
1004 |> post("/api/v1/statuses/#{activity.id}/reblog")
1007 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
1009 } = json_response_and_validate_schema(conn, 200)
1011 assert to_string(activity.id) == id
1014 test "returns 404 if the reblogged status doesn't exist", %{conn: conn} do
1015 activity = insert(:note_activity)
1019 |> put_req_header("content-type", "application/json")
1020 |> post("/api/v1/statuses/#{String.downcase(activity.id)}/reblog")
1022 assert %{"error" => "Record not found"} = json_response_and_validate_schema(conn, 404)
1025 test "reblogs privately and returns the reblogged status", %{conn: conn} do
1026 activity = insert(:note_activity)
1030 |> put_req_header("content-type", "application/json")
1032 "/api/v1/statuses/#{activity.id}/reblog",
1033 %{"visibility" => "private"}
1037 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
1038 "reblogged" => true,
1039 "visibility" => "private"
1040 } = json_response_and_validate_schema(conn, 200)
1042 assert to_string(activity.id) == id
1045 test "reblogged status for another user" do
1046 activity = insert(:note_activity)
1047 user1 = insert(:user)
1048 user2 = insert(:user)
1049 user3 = insert(:user)
1050 {:ok, _} = CommonAPI.favorite(user2, activity.id)
1051 {:ok, _bookmark} = Pleroma.Bookmark.create(user2.id, activity.id)
1052 {:ok, reblog_activity1} = CommonAPI.repeat(activity.id, user1)
1053 {:ok, _} = CommonAPI.repeat(activity.id, user2)
1057 |> assign(:user, user3)
1058 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["read:statuses"]))
1059 |> get("/api/v1/statuses/#{reblog_activity1.id}")
1062 "reblog" => %{"id" => _id, "reblogged" => false, "reblogs_count" => 2},
1063 "reblogged" => false,
1064 "favourited" => false,
1065 "bookmarked" => false
1066 } = json_response_and_validate_schema(conn_res, 200)
1070 |> assign(:user, user2)
1071 |> assign(:token, insert(:oauth_token, user: user2, scopes: ["read:statuses"]))
1072 |> get("/api/v1/statuses/#{reblog_activity1.id}")
1075 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 2},
1076 "reblogged" => true,
1077 "favourited" => true,
1078 "bookmarked" => true
1079 } = json_response_and_validate_schema(conn_res, 200)
1081 assert to_string(activity.id) == id
1084 test "author can reblog own private status", %{conn: conn, user: user} do
1085 {:ok, activity} = CommonAPI.post(user, %{status: "cofe", visibility: "private"})
1089 |> put_req_header("content-type", "application/json")
1090 |> post("/api/v1/statuses/#{activity.id}/reblog")
1093 "reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1},
1094 "reblogged" => true,
1095 "visibility" => "private"
1096 } = json_response_and_validate_schema(conn, 200)
1098 assert to_string(activity.id) == id
1102 describe "unreblogging" do
1103 setup do: oauth_access(["write:statuses"])
1105 test "unreblogs and returns the unreblogged status", %{user: user, conn: conn} do
1106 activity = insert(:note_activity)
1108 {:ok, _} = CommonAPI.repeat(activity.id, user)
1112 |> put_req_header("content-type", "application/json")
1113 |> post("/api/v1/statuses/#{activity.id}/unreblog")
1115 assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} =
1116 json_response_and_validate_schema(conn, 200)
1118 assert to_string(activity.id) == id
1121 test "returns 404 error when activity does not exist", %{conn: conn} do
1124 |> put_req_header("content-type", "application/json")
1125 |> post("/api/v1/statuses/foo/unreblog")
1127 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1131 describe "favoriting" do
1132 setup do: oauth_access(["write:favourites"])
1134 test "favs a status and returns it", %{conn: conn} do
1135 activity = insert(:note_activity)
1139 |> put_req_header("content-type", "application/json")
1140 |> post("/api/v1/statuses/#{activity.id}/favourite")
1142 assert %{"id" => id, "favourites_count" => 1, "favourited" => true} =
1143 json_response_and_validate_schema(conn, 200)
1145 assert to_string(activity.id) == id
1148 test "favoriting twice will just return 200", %{conn: conn} do
1149 activity = insert(:note_activity)
1152 |> put_req_header("content-type", "application/json")
1153 |> post("/api/v1/statuses/#{activity.id}/favourite")
1156 |> put_req_header("content-type", "application/json")
1157 |> post("/api/v1/statuses/#{activity.id}/favourite")
1158 |> json_response_and_validate_schema(200)
1161 test "returns 404 error for a wrong id", %{conn: conn} do
1164 |> put_req_header("content-type", "application/json")
1165 |> post("/api/v1/statuses/1/favourite")
1167 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1171 describe "unfavoriting" do
1172 setup do: oauth_access(["write:favourites"])
1174 test "unfavorites a status and returns it", %{user: user, conn: conn} do
1175 activity = insert(:note_activity)
1177 {:ok, _} = CommonAPI.favorite(user, activity.id)
1181 |> put_req_header("content-type", "application/json")
1182 |> post("/api/v1/statuses/#{activity.id}/unfavourite")
1184 assert %{"id" => id, "favourites_count" => 0, "favourited" => false} =
1185 json_response_and_validate_schema(conn, 200)
1187 assert to_string(activity.id) == id
1190 test "returns 404 error for a wrong id", %{conn: conn} do
1193 |> put_req_header("content-type", "application/json")
1194 |> post("/api/v1/statuses/1/unfavourite")
1196 assert json_response_and_validate_schema(conn, 404) == %{"error" => "Record not found"}
1200 describe "pinned statuses" do
1201 setup do: oauth_access(["write:accounts"])
1203 setup %{user: user} do
1204 {:ok, activity} = CommonAPI.post(user, %{status: "HI!!!"})
1206 %{activity: activity}
1209 setup do: clear_config([:instance, :max_pinned_statuses], 1)
1211 test "pin status", %{conn: conn, user: user, activity: activity} do
1212 id_str = to_string(activity.id)
1214 assert %{"id" => ^id_str, "pinned" => true} =
1216 |> put_req_header("content-type", "application/json")
1217 |> post("/api/v1/statuses/#{activity.id}/pin")
1218 |> json_response_and_validate_schema(200)
1220 assert [%{"id" => ^id_str, "pinned" => true}] =
1222 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1223 |> json_response_and_validate_schema(200)
1226 test "/pin: returns 400 error when activity is not public", %{conn: conn, user: user} do
1227 {:ok, dm} = CommonAPI.post(user, %{status: "test", visibility: "direct"})
1231 |> put_req_header("content-type", "application/json")
1232 |> post("/api/v1/statuses/#{dm.id}/pin")
1234 assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not pin"}
1237 test "unpin status", %{conn: conn, user: user, activity: activity} do
1238 {:ok, _} = CommonAPI.pin(activity.id, user)
1239 user = refresh_record(user)
1241 id_str = to_string(activity.id)
1243 assert %{"id" => ^id_str, "pinned" => false} =
1245 |> assign(:user, user)
1246 |> post("/api/v1/statuses/#{activity.id}/unpin")
1247 |> json_response_and_validate_schema(200)
1251 |> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
1252 |> json_response_and_validate_schema(200)
1255 test "/unpin: returns 400 error when activity is not exist", %{conn: conn} do
1258 |> put_req_header("content-type", "application/json")
1259 |> post("/api/v1/statuses/1/unpin")
1261 assert json_response_and_validate_schema(conn, 400) == %{"error" => "Could not unpin"}
1264 test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
1265 {:ok, activity_two} = CommonAPI.post(user, %{status: "HI!!!"})
1267 id_str_one = to_string(activity_one.id)
1269 assert %{"id" => ^id_str_one, "pinned" => true} =
1271 |> put_req_header("content-type", "application/json")
1272 |> post("/api/v1/statuses/#{id_str_one}/pin")
1273 |> json_response_and_validate_schema(200)
1275 user = refresh_record(user)
1277 assert %{"error" => "You have already pinned the maximum number of statuses"} =
1279 |> assign(:user, user)
1280 |> post("/api/v1/statuses/#{activity_two.id}/pin")
1281 |> json_response_and_validate_schema(400)
1284 test "on pin removes deletion job, on unpin reschedule deletion" do
1285 %{conn: conn} = oauth_access(["write:accounts", "write:statuses"])
1286 expires_in = 2 * 60 * 60
1288 expires_at = DateTime.add(DateTime.utc_now(), expires_in)
1290 assert %{"id" => id} =
1292 |> put_req_header("content-type", "application/json")
1293 |> post("api/v1/statuses", %{
1294 "status" => "oolong",
1295 "expires_in" => expires_in
1297 |> json_response_and_validate_schema(200)
1300 worker: Pleroma.Workers.PurgeExpiredActivity,
1301 args: %{activity_id: id},
1302 scheduled_at: expires_at
1305 assert %{"id" => ^id, "pinned" => true} =
1307 |> put_req_header("content-type", "application/json")
1308 |> post("/api/v1/statuses/#{id}/pin")
1309 |> json_response_and_validate_schema(200)
1312 worker: Pleroma.Workers.PurgeExpiredActivity,
1313 args: %{activity_id: id},
1314 scheduled_at: expires_at
1317 assert %{"id" => ^id, "pinned" => false} =
1319 |> put_req_header("content-type", "application/json")
1320 |> post("/api/v1/statuses/#{id}/unpin")
1321 |> json_response_and_validate_schema(200)
1324 worker: Pleroma.Workers.PurgeExpiredActivity,
1325 args: %{activity_id: id},
1326 scheduled_at: expires_at
1333 clear_config([:rich_media, :enabled], true)
1335 oauth_access(["read:statuses"])
1338 test "returns rich-media card", %{conn: conn, user: user} do
1339 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
1341 {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp"})
1344 "image" => "http://ia.media-imdb.com/images/rock.jpg",
1345 "provider_name" => "example.com",
1346 "provider_url" => "https://example.com",
1347 "title" => "The Rock",
1349 "url" => "https://example.com/ogp",
1351 "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer.",
1354 "image" => "http://ia.media-imdb.com/images/rock.jpg",
1355 "title" => "The Rock",
1356 "type" => "video.movie",
1357 "url" => "https://example.com/ogp",
1359 "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer."
1366 |> get("/api/v1/statuses/#{activity.id}/card")
1367 |> json_response_and_validate_schema(200)
1369 assert response == card_data
1371 # works with private posts
1373 CommonAPI.post(user, %{status: "https://example.com/ogp", visibility: "direct"})
1377 |> get("/api/v1/statuses/#{activity.id}/card")
1378 |> json_response_and_validate_schema(200)
1380 assert response_two == card_data
1383 test "replaces missing description with an empty string", %{conn: conn, user: user} do
1384 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
1386 {:ok, activity} = CommonAPI.post(user, %{status: "https://example.com/ogp-missing-data"})
1390 |> get("/api/v1/statuses/#{activity.id}/card")
1391 |> json_response_and_validate_schema(:ok)
1393 assert response == %{
1395 "title" => "Pleroma",
1396 "description" => "",
1398 "provider_name" => "example.com",
1399 "provider_url" => "https://example.com",
1400 "url" => "https://example.com/ogp-missing-data",
1403 "title" => "Pleroma",
1404 "type" => "website",
1405 "url" => "https://example.com/ogp-missing-data"
1413 bookmarks_uri = "/api/v1/bookmarks"
1415 %{conn: conn} = oauth_access(["write:bookmarks", "read:bookmarks"])
1416 author = insert(:user)
1418 {:ok, activity1} = CommonAPI.post(author, %{status: "heweoo?"})
1419 {:ok, activity2} = CommonAPI.post(author, %{status: "heweoo!"})
1423 |> put_req_header("content-type", "application/json")
1424 |> post("/api/v1/statuses/#{activity1.id}/bookmark")
1426 assert json_response_and_validate_schema(response1, 200)["bookmarked"] == true
1430 |> put_req_header("content-type", "application/json")
1431 |> post("/api/v1/statuses/#{activity2.id}/bookmark")
1433 assert json_response_and_validate_schema(response2, 200)["bookmarked"] == true
1435 bookmarks = get(conn, bookmarks_uri)
1438 json_response_and_validate_schema(response2, 200),
1439 json_response_and_validate_schema(response1, 200)
1441 json_response_and_validate_schema(bookmarks, 200)
1445 |> put_req_header("content-type", "application/json")
1446 |> post("/api/v1/statuses/#{activity1.id}/unbookmark")
1448 assert json_response_and_validate_schema(response1, 200)["bookmarked"] == false
1450 bookmarks = get(conn, bookmarks_uri)
1452 assert [json_response_and_validate_schema(response2, 200)] ==
1453 json_response_and_validate_schema(bookmarks, 200)
1456 describe "conversation muting" do
1457 setup do: oauth_access(["write:mutes"])
1460 post_user = insert(:user)
1461 {:ok, activity} = CommonAPI.post(post_user, %{status: "HIE"})
1462 %{activity: activity}
1465 test "mute conversation", %{conn: conn, activity: activity} do
1466 id_str = to_string(activity.id)
1468 assert %{"id" => ^id_str, "muted" => true} =
1470 |> put_req_header("content-type", "application/json")
1471 |> post("/api/v1/statuses/#{activity.id}/mute")
1472 |> json_response_and_validate_schema(200)
1475 test "cannot mute already muted conversation", %{conn: conn, user: user, activity: activity} do
1476 {:ok, _} = CommonAPI.add_mute(user, activity)
1480 |> put_req_header("content-type", "application/json")
1481 |> post("/api/v1/statuses/#{activity.id}/mute")
1483 assert json_response_and_validate_schema(conn, 400) == %{
1484 "error" => "conversation is already muted"
1488 test "unmute conversation", %{conn: conn, user: user, activity: activity} do
1489 {:ok, _} = CommonAPI.add_mute(user, activity)
1491 id_str = to_string(activity.id)
1493 assert %{"id" => ^id_str, "muted" => false} =
1495 # |> assign(:user, user)
1496 |> post("/api/v1/statuses/#{activity.id}/unmute")
1497 |> json_response_and_validate_schema(200)
1501 test "Repeated posts that are replies incorrectly have in_reply_to_id null", %{conn: conn} do
1502 user1 = insert(:user)
1503 user2 = insert(:user)
1504 user3 = insert(:user)
1506 {:ok, replied_to} = CommonAPI.post(user1, %{status: "cofe"})
1508 # Reply to status from another user
1511 |> assign(:user, user2)
1512 |> assign(:token, insert(:oauth_token, user: user2, scopes: ["write:statuses"]))
1513 |> put_req_header("content-type", "application/json")
1514 |> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})
1516 assert %{"content" => "xD", "id" => id} = json_response_and_validate_schema(conn1, 200)
1518 activity = Activity.get_by_id_with_object(id)
1520 assert Object.normalize(activity, fetch: false).data["inReplyTo"] ==
1521 Object.normalize(replied_to, fetch: false).data["id"]
1523 assert Activity.get_in_reply_to_activity(activity).id == replied_to.id
1525 # Reblog from the third user
1528 |> assign(:user, user3)
1529 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["write:statuses"]))
1530 |> put_req_header("content-type", "application/json")
1531 |> post("/api/v1/statuses/#{activity.id}/reblog")
1533 assert %{"reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1}} =
1534 json_response_and_validate_schema(conn2, 200)
1536 assert to_string(activity.id) == id
1538 # Getting third user status
1541 |> assign(:user, user3)
1542 |> assign(:token, insert(:oauth_token, user: user3, scopes: ["read:statuses"]))
1543 |> get("api/v1/timelines/home")
1545 [reblogged_activity] = json_response(conn3, 200)
1547 assert reblogged_activity["reblog"]["in_reply_to_id"] == replied_to.id
1549 replied_to_user = User.get_by_ap_id(replied_to.data["actor"])
1550 assert reblogged_activity["reblog"]["in_reply_to_account_id"] == replied_to_user.id
1553 describe "GET /api/v1/statuses/:id/favourited_by" do
1554 setup do: oauth_access(["read:accounts"])
1556 setup %{user: user} do
1557 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1559 %{activity: activity}
1562 test "returns users who have favorited the status", %{conn: conn, activity: activity} do
1563 other_user = insert(:user)
1564 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1568 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1569 |> json_response_and_validate_schema(:ok)
1571 [%{"id" => id}] = response
1573 assert id == other_user.id
1576 test "returns empty array when status has not been favorited yet", %{
1582 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1583 |> json_response_and_validate_schema(:ok)
1585 assert Enum.empty?(response)
1588 test "does not return users who have favorited the status but are blocked", %{
1589 conn: %{assigns: %{user: user}} = conn,
1592 other_user = insert(:user)
1593 {:ok, _user_relationship} = User.block(user, other_user)
1595 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1599 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1600 |> json_response_and_validate_schema(:ok)
1602 assert Enum.empty?(response)
1605 test "does not fail on an unauthenticated request", %{activity: activity} do
1606 other_user = insert(:user)
1607 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1611 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1612 |> json_response_and_validate_schema(:ok)
1614 [%{"id" => id}] = response
1615 assert id == other_user.id
1618 test "requires authentication for private posts", %{user: user} do
1619 other_user = insert(:user)
1622 CommonAPI.post(user, %{
1623 status: "@#{other_user.nickname} wanna get some #cofe together?",
1624 visibility: "direct"
1627 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1629 favourited_by_url = "/api/v1/statuses/#{activity.id}/favourited_by"
1632 |> get(favourited_by_url)
1633 |> json_response_and_validate_schema(404)
1637 |> assign(:user, other_user)
1638 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"]))
1641 |> assign(:token, nil)
1642 |> get(favourited_by_url)
1643 |> json_response_and_validate_schema(404)
1647 |> get(favourited_by_url)
1648 |> json_response_and_validate_schema(200)
1650 [%{"id" => id}] = response
1651 assert id == other_user.id
1654 test "returns empty array when :show_reactions is disabled", %{conn: conn, activity: activity} do
1655 clear_config([:instance, :show_reactions], false)
1657 other_user = insert(:user)
1658 {:ok, _} = CommonAPI.favorite(other_user, activity.id)
1662 |> get("/api/v1/statuses/#{activity.id}/favourited_by")
1663 |> json_response_and_validate_schema(:ok)
1665 assert Enum.empty?(response)
1669 describe "GET /api/v1/statuses/:id/reblogged_by" do
1670 setup do: oauth_access(["read:accounts"])
1672 setup %{user: user} do
1673 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1675 %{activity: activity}
1678 test "returns users who have reblogged the status", %{conn: conn, activity: activity} do
1679 other_user = insert(:user)
1680 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1684 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1685 |> json_response_and_validate_schema(:ok)
1687 [%{"id" => id}] = response
1689 assert id == other_user.id
1692 test "returns empty array when status has not been reblogged yet", %{
1698 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1699 |> json_response_and_validate_schema(:ok)
1701 assert Enum.empty?(response)
1704 test "does not return users who have reblogged the status but are blocked", %{
1705 conn: %{assigns: %{user: user}} = conn,
1708 other_user = insert(:user)
1709 {:ok, _user_relationship} = User.block(user, other_user)
1711 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1715 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1716 |> json_response_and_validate_schema(:ok)
1718 assert Enum.empty?(response)
1721 test "does not return users who have reblogged the status privately", %{
1724 other_user = insert(:user)
1725 {:ok, activity} = CommonAPI.post(other_user, %{status: "my secret post"})
1727 {:ok, _} = CommonAPI.repeat(activity.id, other_user, %{visibility: "private"})
1731 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1732 |> json_response_and_validate_schema(:ok)
1734 assert Enum.empty?(response)
1737 test "does not fail on an unauthenticated request", %{activity: activity} do
1738 other_user = insert(:user)
1739 {:ok, _} = CommonAPI.repeat(activity.id, other_user)
1743 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1744 |> json_response_and_validate_schema(:ok)
1746 [%{"id" => id}] = response
1747 assert id == other_user.id
1750 test "requires authentication for private posts", %{user: user} do
1751 other_user = insert(:user)
1754 CommonAPI.post(user, %{
1755 status: "@#{other_user.nickname} wanna get some #cofe together?",
1756 visibility: "direct"
1760 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1761 |> json_response_and_validate_schema(404)
1765 |> assign(:user, other_user)
1766 |> assign(:token, insert(:oauth_token, user: other_user, scopes: ["read:accounts"]))
1767 |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
1768 |> json_response_and_validate_schema(200)
1770 assert [] == response
1775 user = insert(:user)
1777 {:ok, %{id: id1}} = CommonAPI.post(user, %{status: "1"})
1778 {:ok, %{id: id2}} = CommonAPI.post(user, %{status: "2", in_reply_to_status_id: id1})
1779 {:ok, %{id: id3}} = CommonAPI.post(user, %{status: "3", in_reply_to_status_id: id2})
1780 {:ok, %{id: id4}} = CommonAPI.post(user, %{status: "4", in_reply_to_status_id: id3})
1781 {:ok, %{id: id5}} = CommonAPI.post(user, %{status: "5", in_reply_to_status_id: id4})
1785 |> get("/api/v1/statuses/#{id3}/context")
1786 |> json_response_and_validate_schema(:ok)
1789 "ancestors" => [%{"id" => ^id1}, %{"id" => ^id2}],
1790 "descendants" => [%{"id" => ^id4}, %{"id" => ^id5}]
1794 test "favorites paginate correctly" do
1795 %{user: user, conn: conn} = oauth_access(["read:favourites"])
1796 other_user = insert(:user)
1797 {:ok, first_post} = CommonAPI.post(other_user, %{status: "bla"})
1798 {:ok, second_post} = CommonAPI.post(other_user, %{status: "bla"})
1799 {:ok, third_post} = CommonAPI.post(other_user, %{status: "bla"})
1801 {:ok, _first_favorite} = CommonAPI.favorite(user, third_post.id)
1802 {:ok, _second_favorite} = CommonAPI.favorite(user, first_post.id)
1803 {:ok, third_favorite} = CommonAPI.favorite(user, second_post.id)
1807 |> get("/api/v1/favourites?limit=1")
1809 assert [%{"id" => post_id}] = json_response_and_validate_schema(result, 200)
1810 assert post_id == second_post.id
1812 # Using the header for pagination works correctly
1813 [next, _] = get_resp_header(result, "link") |> hd() |> String.split(", ")
1814 [_, max_id] = Regex.run(~r/max_id=([^&]+)/, next)
1816 assert max_id == third_favorite.id
1820 |> get("/api/v1/favourites?max_id=#{max_id}")
1822 assert [%{"id" => first_post_id}, %{"id" => third_post_id}] =
1823 json_response_and_validate_schema(result, 200)
1825 assert first_post_id == first_post.id
1826 assert third_post_id == third_post.id
1829 test "returns the favorites of a user" do
1830 %{user: user, conn: conn} = oauth_access(["read:favourites"])
1831 other_user = insert(:user)
1833 {:ok, _} = CommonAPI.post(other_user, %{status: "bla"})
1834 {:ok, activity} = CommonAPI.post(other_user, %{status: "trees are happy"})
1836 {:ok, last_like} = CommonAPI.favorite(user, activity.id)
1838 first_conn = get(conn, "/api/v1/favourites")
1840 assert [status] = json_response_and_validate_schema(first_conn, 200)
1841 assert status["id"] == to_string(activity.id)
1843 assert [{"link", _link_header}] =
1844 Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end)
1846 # Honours query params
1847 {:ok, second_activity} =
1848 CommonAPI.post(other_user, %{
1849 status: "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful."
1852 {:ok, _} = CommonAPI.favorite(user, second_activity.id)
1854 second_conn = get(conn, "/api/v1/favourites?since_id=#{last_like.id}")
1856 assert [second_status] = json_response_and_validate_schema(second_conn, 200)
1857 assert second_status["id"] == to_string(second_activity.id)
1859 third_conn = get(conn, "/api/v1/favourites?limit=0")
1861 assert [] = json_response_and_validate_schema(third_conn, 200)
1864 test "expires_at is nil for another user" do
1865 %{conn: conn, user: user} = oauth_access(["read:statuses"])
1866 expires_at = DateTime.add(DateTime.utc_now(), 1_000_000)
1867 {:ok, activity} = CommonAPI.post(user, %{status: "foobar", expires_in: 1_000_000})
1869 assert %{"pleroma" => %{"expires_at" => a_expires_at}} =
1871 |> get("/api/v1/statuses/#{activity.id}")
1872 |> json_response_and_validate_schema(:ok)
1874 {:ok, a_expires_at, 0} = DateTime.from_iso8601(a_expires_at)
1875 assert DateTime.diff(expires_at, a_expires_at) == 0
1877 %{conn: conn} = oauth_access(["read:statuses"])
1879 assert %{"pleroma" => %{"expires_at" => nil}} =
1881 |> get("/api/v1/statuses/#{activity.id}")
1882 |> json_response_and_validate_schema(:ok)
1885 test "posting a local only status" do
1886 %{user: _user, conn: conn} = oauth_access(["write:statuses"])
1890 |> put_req_header("content-type", "application/json")
1891 |> post("/api/v1/statuses", %{
1893 "visibility" => "local"
1896 local = Pleroma.Constants.as_local_public()
1898 assert %{"content" => "cofe", "id" => id, "visibility" => "local"} =
1899 json_response(conn_one, 200)
1901 assert %Activity{id: ^id, data: %{"to" => [^local]}} = Activity.get_by_id(id)
1904 describe "muted reactions" do
1906 %{conn: conn, user: user} = oauth_access(["read:statuses"])
1908 other_user = insert(:user)
1909 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1911 {:ok, _} = CommonAPI.react_with_emoji(activity.id, other_user, "🎅")
1912 User.mute(user, other_user)
1916 |> get("/api/v1/statuses/?ids[]=#{activity.id}")
1917 |> json_response_and_validate_schema(200)
1922 "emoji_reactions" => []
1929 |> get("/api/v1/statuses/?ids[]=#{activity.id}&with_muted=true")
1930 |> json_response_and_validate_schema(200)
1935 "emoji_reactions" => [%{"count" => 1, "me" => false, "name" => "🎅"}]
1942 # %{conn: conn, user: user, token: token} = oauth_access(["read:statuses"])
1943 %{conn: conn, user: user, token: _token} = oauth_access(["read:statuses"])
1945 other_user = insert(:user)
1946 {:ok, activity} = CommonAPI.post(user, %{status: "test"})
1948 {:ok, _} = CommonAPI.react_with_emoji(activity.id, other_user, "🎅")
1949 User.mute(user, other_user)
1953 |> get("/api/v1/statuses/#{activity.id}")
1954 |> json_response_and_validate_schema(200)
1958 "emoji_reactions" => []
1964 |> get("/api/v1/statuses/#{activity.id}?with_muted=true")
1965 |> json_response_and_validate_schema(200)
1969 "emoji_reactions" => [%{"count" => 1, "me" => false, "name" => "🎅"}]