Add ability to set a default post expiry (#321)
[akkoma] / test / pleroma / web / mastodon_api / update_credentials_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
6 alias Pleroma.Repo
7 alias Pleroma.User
8
9 use Pleroma.Web.ConnCase
10
11 import Mock
12 import Pleroma.Factory
13
14 describe "updating credentials" do
15 setup do: oauth_access(["write:accounts"])
16 setup :request_content_type
17
18 test "sets user settings in a generic way", %{conn: conn} do
19 res_conn =
20 patch(conn, "/api/v1/accounts/update_credentials", %{
21 "pleroma_settings_store" => %{
22 pleroma_fe: %{
23 theme: "bla"
24 }
25 }
26 })
27
28 assert user_data = json_response_and_validate_schema(res_conn, 200)
29 assert user_data["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
30
31 user = Repo.get(User, user_data["id"])
32
33 res_conn =
34 conn
35 |> assign(:user, user)
36 |> patch("/api/v1/accounts/update_credentials", %{
37 "pleroma_settings_store" => %{
38 masto_fe: %{
39 theme: "bla"
40 }
41 }
42 })
43
44 assert user_data = json_response_and_validate_schema(res_conn, 200)
45
46 assert user_data["pleroma"]["settings_store"] ==
47 %{
48 "pleroma_fe" => %{"theme" => "bla"},
49 "masto_fe" => %{"theme" => "bla"}
50 }
51
52 user = Repo.get(User, user_data["id"])
53
54 clear_config([:instance, :federating], true)
55
56 with_mock Pleroma.Web.Federator,
57 publish: fn _activity -> :ok end do
58 res_conn =
59 conn
60 |> assign(:user, user)
61 |> patch("/api/v1/accounts/update_credentials", %{
62 "pleroma_settings_store" => %{
63 masto_fe: %{
64 theme: "blub"
65 }
66 }
67 })
68
69 assert user_data = json_response_and_validate_schema(res_conn, 200)
70
71 assert user_data["pleroma"]["settings_store"] ==
72 %{
73 "pleroma_fe" => %{"theme" => "bla"},
74 "masto_fe" => %{"theme" => "blub"}
75 }
76
77 assert_called(Pleroma.Web.Federator.publish(:_))
78 end
79 end
80
81 test "updates the user's bio", %{conn: conn} do
82 user2 = insert(:user)
83
84 raw_bio = "I drink #cofe with @#{user2.nickname}\n\nsuya.."
85
86 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"note" => raw_bio})
87
88 assert user_data = json_response_and_validate_schema(conn, 200)
89
90 assert user_data["note"] ==
91 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe">#cofe</a> with <span class="h-card"><a class="u-url mention" data-user="#{user2.id}" href="#{user2.ap_id}" rel="ugc">@<span>#{user2.nickname}</span></a></span><br/><br/>suya..)
92
93 assert user_data["source"]["note"] == raw_bio
94
95 user = Repo.get(User, user_data["id"])
96
97 assert user.raw_bio == raw_bio
98 end
99
100 test "updates the user's locking status", %{conn: conn} do
101 conn = patch(conn, "/api/v1/accounts/update_credentials", %{locked: "true"})
102
103 assert user_data = json_response_and_validate_schema(conn, 200)
104 assert user_data["locked"] == true
105 end
106
107 test "updates the user's allow_following_move", %{user: user, conn: conn} do
108 assert user.allow_following_move == true
109
110 conn = patch(conn, "/api/v1/accounts/update_credentials", %{allow_following_move: "false"})
111
112 assert refresh_record(user).allow_following_move == false
113 assert user_data = json_response_and_validate_schema(conn, 200)
114 assert user_data["pleroma"]["allow_following_move"] == false
115 end
116
117 test "updates the user's default scope", %{conn: conn} do
118 conn = patch(conn, "/api/v1/accounts/update_credentials", %{default_scope: "unlisted"})
119
120 assert user_data = json_response_and_validate_schema(conn, 200)
121 assert user_data["source"]["privacy"] == "unlisted"
122 end
123
124 test "updates the user's privacy", %{conn: conn} do
125 conn = patch(conn, "/api/v1/accounts/update_credentials", %{source: %{privacy: "unlisted"}})
126
127 assert user_data = json_response_and_validate_schema(conn, 200)
128 assert user_data["source"]["privacy"] == "unlisted"
129 end
130
131 test "updates the user's hide_followers status", %{conn: conn} do
132 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_followers: "true"})
133
134 assert user_data = json_response_and_validate_schema(conn, 200)
135 assert user_data["pleroma"]["hide_followers"] == true
136 end
137
138 test "updates the user's discoverable status", %{conn: conn} do
139 assert %{"source" => %{"pleroma" => %{"discoverable" => true}}} =
140 conn
141 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "true"})
142 |> json_response_and_validate_schema(:ok)
143
144 assert %{"source" => %{"pleroma" => %{"discoverable" => false}}} =
145 conn
146 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "false"})
147 |> json_response_and_validate_schema(:ok)
148 end
149
150 test "updates the user's hide_followers_count and hide_follows_count", %{conn: conn} do
151 conn =
152 patch(conn, "/api/v1/accounts/update_credentials", %{
153 hide_followers_count: "true",
154 hide_follows_count: "true"
155 })
156
157 assert user_data = json_response_and_validate_schema(conn, 200)
158 assert user_data["pleroma"]["hide_followers_count"] == true
159 assert user_data["pleroma"]["hide_follows_count"] == true
160 end
161
162 test "updates the user's skip_thread_containment option", %{user: user, conn: conn} do
163 response =
164 conn
165 |> patch("/api/v1/accounts/update_credentials", %{skip_thread_containment: "true"})
166 |> json_response_and_validate_schema(200)
167
168 assert response["pleroma"]["skip_thread_containment"] == true
169 assert refresh_record(user).skip_thread_containment
170 end
171
172 test "updates the user's hide_follows status", %{conn: conn} do
173 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_follows: "true"})
174
175 assert user_data = json_response_and_validate_schema(conn, 200)
176 assert user_data["pleroma"]["hide_follows"] == true
177 end
178
179 test "updates the user's hide_favorites status", %{conn: conn} do
180 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_favorites: "true"})
181
182 assert user_data = json_response_and_validate_schema(conn, 200)
183 assert user_data["pleroma"]["hide_favorites"] == true
184 end
185
186 test "updates the user's show_role status", %{conn: conn} do
187 conn = patch(conn, "/api/v1/accounts/update_credentials", %{show_role: "false"})
188
189 assert user_data = json_response_and_validate_schema(conn, 200)
190 assert user_data["source"]["pleroma"]["show_role"] == false
191 end
192
193 test "updates the user's no_rich_text status", %{conn: conn} do
194 conn = patch(conn, "/api/v1/accounts/update_credentials", %{no_rich_text: "true"})
195
196 assert user_data = json_response_and_validate_schema(conn, 200)
197 assert user_data["source"]["pleroma"]["no_rich_text"] == true
198 end
199
200 test "updates the user's name", %{conn: conn} do
201 conn =
202 patch(conn, "/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
203
204 assert user_data = json_response_and_validate_schema(conn, 200)
205 assert user_data["display_name"] == "markorepairs"
206
207 update_activity = Repo.one(Pleroma.Activity)
208 assert update_activity.data["type"] == "Update"
209 assert update_activity.data["object"]["name"] == "markorepairs"
210 end
211
212 test "updates the user's default post expiry", %{conn: conn} do
213 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"status_ttl_days" => "1"})
214
215 assert user_data = json_response_and_validate_schema(conn, 200)
216 assert user_data["akkoma"]["status_ttl_days"] == 1
217 end
218
219 test "resets the user's default post expiry", %{conn: conn} do
220 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"status_ttl_days" => "-1"})
221
222 assert user_data = json_response_and_validate_schema(conn, 200)
223 assert is_nil(user_data["akkoma"]["status_ttl_days"])
224 end
225
226 test "does not allow negative integers other than -1 for TTL", %{conn: conn} do
227 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"status_ttl_days" => "-2"})
228
229 assert user_data = json_response_and_validate_schema(conn, 403)
230 end
231
232 test "updates the user's AKAs", %{conn: conn} do
233 conn =
234 patch(conn, "/api/v1/accounts/update_credentials", %{
235 "also_known_as" => ["https://mushroom.kingdom/users/mario"]
236 })
237
238 assert user_data = json_response_and_validate_schema(conn, 200)
239 assert user_data["pleroma"]["also_known_as"] == ["https://mushroom.kingdom/users/mario"]
240 end
241
242 test "doesn't update non-url akas", %{conn: conn} do
243 conn =
244 patch(conn, "/api/v1/accounts/update_credentials", %{
245 "also_known_as" => ["aReallyCoolGuy"]
246 })
247
248 assert json_response_and_validate_schema(conn, 403)
249 end
250
251 test "updates the user's avatar", %{user: user, conn: conn} do
252 new_avatar = %Plug.Upload{
253 content_type: "image/jpeg",
254 path: Path.absname("test/fixtures/image.jpg"),
255 filename: "an_image.jpg"
256 }
257
258 assert user.avatar == %{}
259
260 res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
261
262 assert user_response = json_response_and_validate_schema(res, 200)
263 assert user_response["avatar"] != User.avatar_url(user)
264
265 user = User.get_by_id(user.id)
266 refute user.avatar == %{}
267
268 # Also resets it
269 _res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => ""})
270
271 user = User.get_by_id(user.id)
272 assert user.avatar == nil
273 end
274
275 test "updates the user's banner", %{user: user, conn: conn} do
276 new_header = %Plug.Upload{
277 content_type: "image/jpeg",
278 path: Path.absname("test/fixtures/image.jpg"),
279 filename: "an_image.jpg"
280 }
281
282 res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header})
283
284 assert user_response = json_response_and_validate_schema(res, 200)
285 assert user_response["header"] != User.banner_url(user)
286
287 # Also resets it
288 _res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => ""})
289
290 user = User.get_by_id(user.id)
291 assert user.banner == nil
292 end
293
294 test "updates the user's background", %{conn: conn, user: user} do
295 new_header = %Plug.Upload{
296 content_type: "image/jpeg",
297 path: Path.absname("test/fixtures/image.jpg"),
298 filename: "an_image.jpg"
299 }
300
301 res =
302 patch(conn, "/api/v1/accounts/update_credentials", %{
303 "pleroma_background_image" => new_header
304 })
305
306 assert user_response = json_response_and_validate_schema(res, 200)
307 assert user_response["pleroma"]["background_image"]
308 #
309 # Also resets it
310 _res =
311 patch(conn, "/api/v1/accounts/update_credentials", %{"pleroma_background_image" => ""})
312
313 user = User.get_by_id(user.id)
314 assert user.background == nil
315 end
316
317 test "requires 'write:accounts' permission" do
318 token1 = insert(:oauth_token, scopes: ["read"])
319 token2 = insert(:oauth_token, scopes: ["write", "follow"])
320
321 for token <- [token1, token2] do
322 conn =
323 build_conn()
324 |> put_req_header("content-type", "multipart/form-data")
325 |> put_req_header("authorization", "Bearer #{token.token}")
326 |> patch("/api/v1/accounts/update_credentials", %{})
327
328 if token == token1 do
329 assert %{"error" => "Insufficient permissions: write:accounts."} ==
330 json_response_and_validate_schema(conn, 403)
331 else
332 assert json_response_and_validate_schema(conn, 200)
333 end
334 end
335 end
336
337 test "updates profile emojos", %{user: user, conn: conn} do
338 note = "*sips :blank:*"
339 name = "I am :firefox:"
340
341 ret_conn =
342 patch(conn, "/api/v1/accounts/update_credentials", %{
343 "note" => note,
344 "display_name" => name
345 })
346
347 assert json_response_and_validate_schema(ret_conn, 200)
348
349 conn = get(conn, "/api/v1/accounts/#{user.id}")
350
351 assert user_data = json_response_and_validate_schema(conn, 200)
352
353 assert user_data["note"] == note
354 assert user_data["display_name"] == name
355 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user_data["emojis"]
356 end
357
358 test "update fields", %{conn: conn} do
359 fields = [
360 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
361 %{"name" => "link.io", "value" => "cofe.io"}
362 ]
363
364 account_data =
365 conn
366 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
367 |> json_response_and_validate_schema(200)
368
369 assert account_data["fields"] == [
370 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "bar"},
371 %{
372 "name" => "link.io",
373 "value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)
374 }
375 ]
376
377 assert account_data["source"]["fields"] == [
378 %{
379 "name" => "<a href=\"http://google.com\">foo</a>",
380 "value" => "<script>bar</script>"
381 },
382 %{"name" => "link.io", "value" => "cofe.io"}
383 ]
384 end
385
386 test "emojis in fields labels", %{conn: conn} do
387 fields = [
388 %{"name" => ":firefox:", "value" => "is best 2hu"},
389 %{"name" => "they wins", "value" => ":blank:"}
390 ]
391
392 account_data =
393 conn
394 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
395 |> json_response_and_validate_schema(200)
396
397 assert account_data["fields"] == [
398 %{"name" => ":firefox:", "value" => "is best 2hu"},
399 %{"name" => "they wins", "value" => ":blank:"}
400 ]
401
402 assert account_data["source"]["fields"] == [
403 %{"name" => ":firefox:", "value" => "is best 2hu"},
404 %{"name" => "they wins", "value" => ":blank:"}
405 ]
406
407 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = account_data["emojis"]
408 end
409
410 test "update fields via x-www-form-urlencoded", %{conn: conn} do
411 fields =
412 [
413 "fields_attributes[1][name]=link",
414 "fields_attributes[1][value]=http://cofe.io",
415 "fields_attributes[0][name]=foo",
416 "fields_attributes[0][value]=bar"
417 ]
418 |> Enum.join("&")
419
420 account =
421 conn
422 |> put_req_header("content-type", "application/x-www-form-urlencoded")
423 |> patch("/api/v1/accounts/update_credentials", fields)
424 |> json_response_and_validate_schema(200)
425
426 assert account["fields"] == [
427 %{"name" => "foo", "value" => "bar"},
428 %{
429 "name" => "link",
430 "value" => ~S(<a href="http://cofe.io" rel="ugc">http://cofe.io</a>)
431 }
432 ]
433
434 assert account["source"]["fields"] == [
435 %{"name" => "foo", "value" => "bar"},
436 %{"name" => "link", "value" => "http://cofe.io"}
437 ]
438 end
439
440 test "update fields with empty name", %{conn: conn} do
441 fields = [
442 %{"name" => "foo", "value" => ""},
443 %{"name" => "", "value" => "bar"}
444 ]
445
446 account =
447 conn
448 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
449 |> json_response_and_validate_schema(200)
450
451 assert account["fields"] == [
452 %{"name" => "foo", "value" => ""}
453 ]
454 end
455
456 test "update fields when invalid request", %{conn: conn} do
457 name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
458 value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
459
460 long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
461 long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
462
463 fields = [%{"name" => "foo", "value" => long_value}]
464
465 assert %{"error" => "Invalid request"} ==
466 conn
467 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
468 |> json_response_and_validate_schema(403)
469
470 fields = [%{"name" => long_name, "value" => "bar"}]
471
472 assert %{"error" => "Invalid request"} ==
473 conn
474 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
475 |> json_response_and_validate_schema(403)
476
477 clear_config([:instance, :max_account_fields], 1)
478
479 fields = [
480 %{"name" => "foo", "value" => "bar"},
481 %{"name" => "link", "value" => "cofe.io"}
482 ]
483
484 assert %{"error" => "Invalid request"} ==
485 conn
486 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
487 |> json_response_and_validate_schema(403)
488 end
489 end
490
491 describe "Mark account as bot" do
492 setup do: oauth_access(["write:accounts"])
493 setup :request_content_type
494
495 test "changing actor_type to Service makes account a bot", %{conn: conn} do
496 account =
497 conn
498 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Service"})
499 |> json_response_and_validate_schema(200)
500
501 assert account["bot"]
502 assert account["source"]["pleroma"]["actor_type"] == "Service"
503 end
504
505 test "changing actor_type to Person makes account a human", %{conn: conn} do
506 account =
507 conn
508 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Person"})
509 |> json_response_and_validate_schema(200)
510
511 refute account["bot"]
512 assert account["source"]["pleroma"]["actor_type"] == "Person"
513 end
514
515 test "changing actor_type to Application causes error", %{conn: conn} do
516 response =
517 conn
518 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Application"})
519 |> json_response_and_validate_schema(403)
520
521 assert %{"error" => "Invalid request"} == response
522 end
523
524 test "changing bot field to true changes actor_type to Service", %{conn: conn} do
525 account =
526 conn
527 |> patch("/api/v1/accounts/update_credentials", %{bot: "true"})
528 |> json_response_and_validate_schema(200)
529
530 assert account["bot"]
531 assert account["source"]["pleroma"]["actor_type"] == "Service"
532 end
533
534 test "changing bot field to false changes actor_type to Person", %{conn: conn} do
535 account =
536 conn
537 |> patch("/api/v1/accounts/update_credentials", %{bot: "false"})
538 |> json_response_and_validate_schema(200)
539
540 refute account["bot"]
541 assert account["source"]["pleroma"]["actor_type"] == "Person"
542 end
543
544 test "actor_type field has a higher priority than bot", %{conn: conn} do
545 account =
546 conn
547 |> patch("/api/v1/accounts/update_credentials", %{
548 actor_type: "Person",
549 bot: "true"
550 })
551 |> json_response_and_validate_schema(200)
552
553 refute account["bot"]
554 assert account["source"]["pleroma"]["actor_type"] == "Person"
555 end
556 end
557 end