projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'develop' of https://git.pleroma.social/pleroma/pleroma into develop
[akkoma] / test / pleroma / web / mastodon_api / update_credentials_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.UpdateCredentialsTest do
6 alias Pleroma.Repo
7 alias Pleroma.User
8
9 use Pleroma.Web.ConnCase
10
11 import Mock
12 import Pleroma.Factory
13
14 describe "updating credentials" do
15 setup do: oauth_access(["write:accounts"])
16 setup :request_content_type
17
18 test "sets user settings in a generic way", %{conn: conn} do
19 res_conn =
20 patch(conn, "/api/v1/accounts/update_credentials", %{
21 "pleroma_settings_store" => %{
22 pleroma_fe: %{
23 theme: "bla"
24 }
25 }
26 })
27
28 assert user_data = json_response_and_validate_schema(res_conn, 200)
29 assert user_data["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
30
31 user = Repo.get(User, user_data["id"])
32
33 res_conn =
34 conn
35 |> assign(:user, user)
36 |> patch("/api/v1/accounts/update_credentials", %{
37 "pleroma_settings_store" => %{
38 masto_fe: %{
39 theme: "bla"
40 }
41 }
42 })
43
44 assert user_data = json_response_and_validate_schema(res_conn, 200)
45
46 assert user_data["pleroma"]["settings_store"] ==
47 %{
48 "pleroma_fe" => %{"theme" => "bla"},
49 "masto_fe" => %{"theme" => "bla"}
50 }
51
52 user = Repo.get(User, user_data["id"])
53
54 clear_config([:instance, :federating], true)
55
56 with_mock Pleroma.Web.Federator,
57 publish: fn _activity -> :ok end do
58 res_conn =
59 conn
60 |> assign(:user, user)
61 |> patch("/api/v1/accounts/update_credentials", %{
62 "pleroma_settings_store" => %{
63 masto_fe: %{
64 theme: "blub"
65 }
66 }
67 })
68
69 assert user_data = json_response_and_validate_schema(res_conn, 200)
70
71 assert user_data["pleroma"]["settings_store"] ==
72 %{
73 "pleroma_fe" => %{"theme" => "bla"},
74 "masto_fe" => %{"theme" => "blub"}
75 }
76
77 assert_called(Pleroma.Web.Federator.publish(:_))
78 end
79 end
80
81 test "updates the user's bio", %{conn: conn} do
82 user2 = insert(:user)
83
84 raw_bio = "I drink #cofe with @#{user2.nickname}\n\nsuya.."
85
86 conn = patch(conn, "/api/v1/accounts/update_credentials", %{"note" => raw_bio})
87
88 assert user_data = json_response_and_validate_schema(conn, 200)
89
90 assert user_data["note"] ==
91 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe">#cofe</a> with <span class="h-card"><a class="u-url mention" data-user="#{
92 user2.id
93 }" href="#{user2.ap_id}" rel="ugc">@<span>#{user2.nickname}</span></a></span><br/><br/>suya..)
94
95 assert user_data["source"]["note"] == raw_bio
96
97 user = Repo.get(User, user_data["id"])
98
99 assert user.raw_bio == raw_bio
100 end
101
102 test "updates the user's locking status", %{conn: conn} do
103 conn = patch(conn, "/api/v1/accounts/update_credentials", %{locked: "true"})
104
105 assert user_data = json_response_and_validate_schema(conn, 200)
106 assert user_data["locked"] == true
107 end
108
109 test "updates the user's chat acceptance status", %{conn: conn} do
110 conn = patch(conn, "/api/v1/accounts/update_credentials", %{accepts_chat_messages: "false"})
111
112 assert user_data = json_response_and_validate_schema(conn, 200)
113 assert user_data["pleroma"]["accepts_chat_messages"] == false
114 end
115
116 test "updates the user's allow_following_move", %{user: user, conn: conn} do
117 assert user.allow_following_move == true
118
119 conn = patch(conn, "/api/v1/accounts/update_credentials", %{allow_following_move: "false"})
120
121 assert refresh_record(user).allow_following_move == false
122 assert user_data = json_response_and_validate_schema(conn, 200)
123 assert user_data["pleroma"]["allow_following_move"] == false
124 end
125
126 test "updates the user's default scope", %{conn: conn} do
127 conn = patch(conn, "/api/v1/accounts/update_credentials", %{default_scope: "unlisted"})
128
129 assert user_data = json_response_and_validate_schema(conn, 200)
130 assert user_data["source"]["privacy"] == "unlisted"
131 end
132
133 test "updates the user's privacy", %{conn: conn} do
134 conn = patch(conn, "/api/v1/accounts/update_credentials", %{source: %{privacy: "unlisted"}})
135
136 assert user_data = json_response_and_validate_schema(conn, 200)
137 assert user_data["source"]["privacy"] == "unlisted"
138 end
139
140 test "updates the user's hide_followers status", %{conn: conn} do
141 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_followers: "true"})
142
143 assert user_data = json_response_and_validate_schema(conn, 200)
144 assert user_data["pleroma"]["hide_followers"] == true
145 end
146
147 test "updates the user's discoverable status", %{conn: conn} do
148 assert %{"source" => %{"pleroma" => %{"discoverable" => true}}} =
149 conn
150 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "true"})
151 |> json_response_and_validate_schema(:ok)
152
153 assert %{"source" => %{"pleroma" => %{"discoverable" => false}}} =
154 conn
155 |> patch("/api/v1/accounts/update_credentials", %{discoverable: "false"})
156 |> json_response_and_validate_schema(:ok)
157 end
158
159 test "updates the user's hide_followers_count and hide_follows_count", %{conn: conn} do
160 conn =
161 patch(conn, "/api/v1/accounts/update_credentials", %{
162 hide_followers_count: "true",
163 hide_follows_count: "true"
164 })
165
166 assert user_data = json_response_and_validate_schema(conn, 200)
167 assert user_data["pleroma"]["hide_followers_count"] == true
168 assert user_data["pleroma"]["hide_follows_count"] == true
169 end
170
171 test "updates the user's skip_thread_containment option", %{user: user, conn: conn} do
172 response =
173 conn
174 |> patch("/api/v1/accounts/update_credentials", %{skip_thread_containment: "true"})
175 |> json_response_and_validate_schema(200)
176
177 assert response["pleroma"]["skip_thread_containment"] == true
178 assert refresh_record(user).skip_thread_containment
179 end
180
181 test "updates the user's hide_follows status", %{conn: conn} do
182 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_follows: "true"})
183
184 assert user_data = json_response_and_validate_schema(conn, 200)
185 assert user_data["pleroma"]["hide_follows"] == true
186 end
187
188 test "updates the user's hide_favorites status", %{conn: conn} do
189 conn = patch(conn, "/api/v1/accounts/update_credentials", %{hide_favorites: "true"})
190
191 assert user_data = json_response_and_validate_schema(conn, 200)
192 assert user_data["pleroma"]["hide_favorites"] == true
193 end
194
195 test "updates the user's show_role status", %{conn: conn} do
196 conn = patch(conn, "/api/v1/accounts/update_credentials", %{show_role: "false"})
197
198 assert user_data = json_response_and_validate_schema(conn, 200)
199 assert user_data["source"]["pleroma"]["show_role"] == false
200 end
201
202 test "updates the user's no_rich_text status", %{conn: conn} do
203 conn = patch(conn, "/api/v1/accounts/update_credentials", %{no_rich_text: "true"})
204
205 assert user_data = json_response_and_validate_schema(conn, 200)
206 assert user_data["source"]["pleroma"]["no_rich_text"] == true
207 end
208
209 test "updates the user's name", %{conn: conn} do
210 conn =
211 patch(conn, "/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
212
213 assert user_data = json_response_and_validate_schema(conn, 200)
214 assert user_data["display_name"] == "markorepairs"
215
216 update_activity = Repo.one(Pleroma.Activity)
217 assert update_activity.data["type"] == "Update"
218 assert update_activity.data["object"]["name"] == "markorepairs"
219 end
220
221 test "updates the user's avatar", %{user: user, conn: conn} do
222 new_avatar = %Plug.Upload{
223 content_type: "image/jpeg",
224 path: Path.absname("test/fixtures/image.jpg"),
225 filename: "an_image.jpg"
226 }
227
228 assert user.avatar == %{}
229
230 res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
231
232 assert user_response = json_response_and_validate_schema(res, 200)
233 assert user_response["avatar"] != User.avatar_url(user)
234
235 user = User.get_by_id(user.id)
236 refute user.avatar == %{}
237
238 # Also resets it
239 _res = patch(conn, "/api/v1/accounts/update_credentials", %{"avatar" => ""})
240
241 user = User.get_by_id(user.id)
242 assert user.avatar == nil
243 end
244
245 test "updates the user's banner", %{user: user, conn: conn} do
246 new_header = %Plug.Upload{
247 content_type: "image/jpeg",
248 path: Path.absname("test/fixtures/image.jpg"),
249 filename: "an_image.jpg"
250 }
251
252 res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => new_header})
253
254 assert user_response = json_response_and_validate_schema(res, 200)
255 assert user_response["header"] != User.banner_url(user)
256
257 # Also resets it
258 _res = patch(conn, "/api/v1/accounts/update_credentials", %{"header" => ""})
259
260 user = User.get_by_id(user.id)
261 assert user.banner == nil
262 end
263
264 test "updates the user's background", %{conn: conn, user: user} do
265 new_header = %Plug.Upload{
266 content_type: "image/jpeg",
267 path: Path.absname("test/fixtures/image.jpg"),
268 filename: "an_image.jpg"
269 }
270
271 res =
272 patch(conn, "/api/v1/accounts/update_credentials", %{
273 "pleroma_background_image" => new_header
274 })
275
276 assert user_response = json_response_and_validate_schema(res, 200)
277 assert user_response["pleroma"]["background_image"]
278 #
279 # Also resets it
280 _res =
281 patch(conn, "/api/v1/accounts/update_credentials", %{"pleroma_background_image" => ""})
282
283 user = User.get_by_id(user.id)
284 assert user.background == nil
285 end
286
287 test "requires 'write:accounts' permission" do
288 token1 = insert(:oauth_token, scopes: ["read"])
289 token2 = insert(:oauth_token, scopes: ["write", "follow"])
290
291 for token <- [token1, token2] do
292 conn =
293 build_conn()
294 |> put_req_header("content-type", "multipart/form-data")
295 |> put_req_header("authorization", "Bearer #{token.token}")
296 |> patch("/api/v1/accounts/update_credentials", %{})
297
298 if token == token1 do
299 assert %{"error" => "Insufficient permissions: write:accounts."} ==
300 json_response_and_validate_schema(conn, 403)
301 else
302 assert json_response_and_validate_schema(conn, 200)
303 end
304 end
305 end
306
307 test "updates profile emojos", %{user: user, conn: conn} do
308 note = "*sips :blank:*"
309 name = "I am :firefox:"
310
311 ret_conn =
312 patch(conn, "/api/v1/accounts/update_credentials", %{
313 "note" => note,
314 "display_name" => name
315 })
316
317 assert json_response_and_validate_schema(ret_conn, 200)
318
319 conn = get(conn, "/api/v1/accounts/#{user.id}")
320
321 assert user_data = json_response_and_validate_schema(conn, 200)
322
323 assert user_data["note"] == note
324 assert user_data["display_name"] == name
325 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user_data["emojis"]
326 end
327
328 test "update fields", %{conn: conn} do
329 fields = [
330 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
331 %{"name" => "link.io", "value" => "cofe.io"}
332 ]
333
334 account_data =
335 conn
336 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
337 |> json_response_and_validate_schema(200)
338
339 assert account_data["fields"] == [
340 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "bar"},
341 %{
342 "name" => "link.io",
343 "value" => ~S(<a href="http://cofe.io" rel="ugc">cofe.io</a>)
344 }
345 ]
346
347 assert account_data["source"]["fields"] == [
348 %{
349 "name" => "<a href=\"http://google.com\">foo</a>",
350 "value" => "<script>bar</script>"
351 },
352 %{"name" => "link.io", "value" => "cofe.io"}
353 ]
354 end
355
356 test "emojis in fields labels", %{conn: conn} do
357 fields = [
358 %{"name" => ":firefox:", "value" => "is best 2hu"},
359 %{"name" => "they wins", "value" => ":blank:"}
360 ]
361
362 account_data =
363 conn
364 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
365 |> json_response_and_validate_schema(200)
366
367 assert account_data["fields"] == [
368 %{"name" => ":firefox:", "value" => "is best 2hu"},
369 %{"name" => "they wins", "value" => ":blank:"}
370 ]
371
372 assert account_data["source"]["fields"] == [
373 %{"name" => ":firefox:", "value" => "is best 2hu"},
374 %{"name" => "they wins", "value" => ":blank:"}
375 ]
376
377 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = account_data["emojis"]
378 end
379
380 test "update fields via x-www-form-urlencoded", %{conn: conn} do
381 fields =
382 [
383 "fields_attributes[1][name]=link",
384 "fields_attributes[1][value]=http://cofe.io",
385 "fields_attributes[0][name]=foo",
386 "fields_attributes[0][value]=bar"
387 ]
388 |> Enum.join("&")
389
390 account =
391 conn
392 |> put_req_header("content-type", "application/x-www-form-urlencoded")
393 |> patch("/api/v1/accounts/update_credentials", fields)
394 |> json_response_and_validate_schema(200)
395
396 assert account["fields"] == [
397 %{"name" => "foo", "value" => "bar"},
398 %{
399 "name" => "link",
400 "value" => ~S(<a href="http://cofe.io" rel="ugc">http://cofe.io</a>)
401 }
402 ]
403
404 assert account["source"]["fields"] == [
405 %{"name" => "foo", "value" => "bar"},
406 %{"name" => "link", "value" => "http://cofe.io"}
407 ]
408 end
409
410 test "update fields with empty name", %{conn: conn} do
411 fields = [
412 %{"name" => "foo", "value" => ""},
413 %{"name" => "", "value" => "bar"}
414 ]
415
416 account =
417 conn
418 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
419 |> json_response_and_validate_schema(200)
420
421 assert account["fields"] == [
422 %{"name" => "foo", "value" => ""}
423 ]
424 end
425
426 test "update fields when invalid request", %{conn: conn} do
427 name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
428 value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
429
430 long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
431 long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
432
433 fields = [%{"name" => "foo", "value" => long_value}]
434
435 assert %{"error" => "Invalid request"} ==
436 conn
437 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
438 |> json_response_and_validate_schema(403)
439
440 fields = [%{"name" => long_name, "value" => "bar"}]
441
442 assert %{"error" => "Invalid request"} ==
443 conn
444 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
445 |> json_response_and_validate_schema(403)
446
447 clear_config([:instance, :max_account_fields], 1)
448
449 fields = [
450 %{"name" => "foo", "value" => "bar"},
451 %{"name" => "link", "value" => "cofe.io"}
452 ]
453
454 assert %{"error" => "Invalid request"} ==
455 conn
456 |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
457 |> json_response_and_validate_schema(403)
458 end
459 end
460
461 describe "Mark account as bot" do
462 setup do: oauth_access(["write:accounts"])
463 setup :request_content_type
464
465 test "changing actor_type to Service makes account a bot", %{conn: conn} do
466 account =
467 conn
468 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Service"})
469 |> json_response_and_validate_schema(200)
470
471 assert account["bot"]
472 assert account["source"]["pleroma"]["actor_type"] == "Service"
473 end
474
475 test "changing actor_type to Person makes account a human", %{conn: conn} do
476 account =
477 conn
478 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Person"})
479 |> json_response_and_validate_schema(200)
480
481 refute account["bot"]
482 assert account["source"]["pleroma"]["actor_type"] == "Person"
483 end
484
485 test "changing actor_type to Application causes error", %{conn: conn} do
486 response =
487 conn
488 |> patch("/api/v1/accounts/update_credentials", %{actor_type: "Application"})
489 |> json_response_and_validate_schema(403)
490
491 assert %{"error" => "Invalid request"} == response
492 end
493
494 test "changing bot field to true changes actor_type to Service", %{conn: conn} do
495 account =
496 conn
497 |> patch("/api/v1/accounts/update_credentials", %{bot: "true"})
498 |> json_response_and_validate_schema(200)
499
500 assert account["bot"]
501 assert account["source"]["pleroma"]["actor_type"] == "Service"
502 end
503
504 test "changing bot field to false changes actor_type to Person", %{conn: conn} do
505 account =
506 conn
507 |> patch("/api/v1/accounts/update_credentials", %{bot: "false"})
508 |> json_response_and_validate_schema(200)
509
510 refute account["bot"]
511 assert account["source"]["pleroma"]["actor_type"] == "Person"
512 end
513
514 test "actor_type field has a higher priority than bot", %{conn: conn} do
515 account =
516 conn
517 |> patch("/api/v1/accounts/update_credentials", %{
518 actor_type: "Person",
519 bot: "true"
520 })
521 |> json_response_and_validate_schema(200)
522
523 refute account["bot"]
524 assert account["source"]["pleroma"]["actor_type"] == "Person"
525 end
526 end
527 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git