1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.StreamerTest do
10 alias Pleroma.Conversation.Participation
13 alias Pleroma.Web.CommonAPI
14 alias Pleroma.Web.Streamer
16 @moduletag needs_streamer: true, capture_log: true
18 setup do: clear_config([:instance, :skip_thread_containment])
20 describe "get_topic/_ (unauthenticated)" do
21 test "allows public" do
22 assert {:ok, "public"} = Streamer.get_topic("public", nil, nil)
23 assert {:ok, "public:local"} = Streamer.get_topic("public:local", nil, nil)
24 assert {:ok, "public:media"} = Streamer.get_topic("public:media", nil, nil)
25 assert {:ok, "public:local:media"} = Streamer.get_topic("public:local:media", nil, nil)
28 test "allows instance streams" do
29 assert {:ok, "public:remote:lain.com"} =
30 Streamer.get_topic("public:remote", nil, nil, %{"instance" => "lain.com"})
32 assert {:ok, "public:remote:media:lain.com"} =
33 Streamer.get_topic("public:remote:media", nil, nil, %{"instance" => "lain.com"})
36 test "allows hashtag streams" do
37 assert {:ok, "hashtag:cofe"} = Streamer.get_topic("hashtag", nil, nil, %{"tag" => "cofe"})
40 test "disallows user streams" do
41 assert {:error, _} = Streamer.get_topic("user", nil, nil)
42 assert {:error, _} = Streamer.get_topic("user:notification", nil, nil)
43 assert {:error, _} = Streamer.get_topic("direct", nil, nil)
46 test "disallows list streams" do
47 assert {:error, _} = Streamer.get_topic("list", nil, nil, %{"list" => 42})
51 describe "get_topic/_ (authenticated)" do
52 setup do: oauth_access(["read"])
54 test "allows public streams (regardless of OAuth token scopes)", %{
56 token: read_oauth_token
58 with oauth_token <- [nil, read_oauth_token] do
59 assert {:ok, "public"} = Streamer.get_topic("public", user, oauth_token)
60 assert {:ok, "public:local"} = Streamer.get_topic("public:local", user, oauth_token)
61 assert {:ok, "public:media"} = Streamer.get_topic("public:media", user, oauth_token)
63 assert {:ok, "public:local:media"} =
64 Streamer.get_topic("public:local:media", user, oauth_token)
68 test "allows user streams (with proper OAuth token scopes)", %{
70 token: read_oauth_token
72 %{token: read_notifications_token} = oauth_access(["read:notifications"], user: user)
73 %{token: read_statuses_token} = oauth_access(["read:statuses"], user: user)
74 %{token: badly_scoped_token} = oauth_access(["irrelevant:scope"], user: user)
76 expected_user_topic = "user:#{user.id}"
77 expected_notification_topic = "user:notification:#{user.id}"
78 expected_direct_topic = "direct:#{user.id}"
80 for valid_user_token <- [read_oauth_token, read_statuses_token] do
81 assert {:ok, ^expected_user_topic} = Streamer.get_topic("user", user, valid_user_token)
83 assert {:ok, ^expected_direct_topic} =
84 Streamer.get_topic("direct", user, valid_user_token)
87 for invalid_user_token <- [read_notifications_token, badly_scoped_token],
88 user_topic <- ["user", "direct"] do
89 assert {:error, :unauthorized} = Streamer.get_topic(user_topic, user, invalid_user_token)
92 for valid_notification_token <- [read_oauth_token, read_notifications_token] do
93 assert {:ok, ^expected_notification_topic} =
94 Streamer.get_topic("user:notification", user, valid_notification_token)
97 for invalid_notification_token <- [read_statuses_token, badly_scoped_token] do
98 assert {:error, :unauthorized} =
99 Streamer.get_topic("user:notification", user, invalid_notification_token)
103 test "allows hashtag streams (regardless of OAuth token scopes)", %{
105 token: read_oauth_token
107 for oauth_token <- [nil, read_oauth_token] do
108 assert {:ok, "hashtag:cofe"} =
109 Streamer.get_topic("hashtag", user, oauth_token, %{"tag" => "cofe"})
113 test "disallows registering to another user's stream", %{user: user, token: read_oauth_token} do
114 another_user = insert(:user)
115 assert {:error, _} = Streamer.get_topic("user:#{another_user.id}", user, read_oauth_token)
118 Streamer.get_topic("user:notification:#{another_user.id}", user, read_oauth_token)
120 assert {:error, _} = Streamer.get_topic("direct:#{another_user.id}", user, read_oauth_token)
123 test "allows list stream that are owned by the user (with `read` or `read:lists` scopes)", %{
125 token: read_oauth_token
127 %{token: read_lists_token} = oauth_access(["read:lists"], user: user)
128 %{token: invalid_token} = oauth_access(["irrelevant:scope"], user: user)
129 {:ok, list} = List.create("Test", user)
131 assert {:error, _} = Streamer.get_topic("list:#{list.id}", user, read_oauth_token)
133 for valid_token <- [read_oauth_token, read_lists_token] do
134 assert {:ok, _} = Streamer.get_topic("list", user, valid_token, %{"list" => list.id})
137 assert {:error, _} = Streamer.get_topic("list", user, invalid_token, %{"list" => list.id})
140 test "disallows list stream that are not owned by the user", %{user: user, token: oauth_token} do
141 another_user = insert(:user)
142 {:ok, list} = List.create("Test", another_user)
144 assert {:error, _} = Streamer.get_topic("list:#{list.id}", user, oauth_token)
145 assert {:error, _} = Streamer.get_topic("list", user, oauth_token, %{"list" => list.id})
149 describe "user streams" do
151 %{user: user, token: token} = oauth_access(["read"])
152 notify = insert(:notification, user: user, activity: build(:note_activity))
153 {:ok, %{user: user, notify: notify, token: token}}
156 test "it streams the user's post in the 'user' stream", %{user: user, token: oauth_token} do
157 Streamer.get_topic_and_add_socket("user", user, oauth_token)
158 {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
160 assert_receive {:render_with_user, _, _, ^activity}
161 refute Streamer.filtered_by_user?(user, activity)
164 test "it streams boosts of the user in the 'user' stream", %{user: user, token: oauth_token} do
165 Streamer.get_topic_and_add_socket("user", user, oauth_token)
167 other_user = insert(:user)
168 {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
169 {:ok, announce} = CommonAPI.repeat(activity.id, user)
171 assert_receive {:render_with_user, Pleroma.Web.StreamerView, "update.json", ^announce}
172 refute Streamer.filtered_by_user?(user, announce)
175 test "it does not stream announces of the user's own posts in the 'user' stream", %{
179 Streamer.get_topic_and_add_socket("user", user, oauth_token)
181 other_user = insert(:user)
182 {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
183 {:ok, announce} = CommonAPI.repeat(activity.id, other_user)
185 assert Streamer.filtered_by_user?(user, announce)
188 test "it does stream notifications announces of the user's own posts in the 'user' stream", %{
192 Streamer.get_topic_and_add_socket("user", user, oauth_token)
194 other_user = insert(:user)
195 {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
196 {:ok, announce} = CommonAPI.repeat(activity.id, other_user)
200 |> Repo.get_by(%{user_id: user.id, activity_id: announce.id})
201 |> Repo.preload(:activity)
203 refute Streamer.filtered_by_user?(user, notification)
206 test "it streams boosts of mastodon user in the 'user' stream", %{
210 Streamer.get_topic_and_add_socket("user", user, oauth_token)
212 other_user = insert(:user)
213 {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
216 File.read!("test/fixtures/mastodon-announce.json")
218 |> Map.put("object", activity.data["object"])
219 |> Map.put("actor", user.ap_id)
221 {:ok, %Pleroma.Activity{data: _data, local: false} = announce} =
222 Pleroma.Web.ActivityPub.Transmogrifier.handle_incoming(data)
224 assert_receive {:render_with_user, Pleroma.Web.StreamerView, "update.json", ^announce}
225 refute Streamer.filtered_by_user?(user, announce)
228 test "it sends notify to in the 'user' stream", %{
233 Streamer.get_topic_and_add_socket("user", user, oauth_token)
234 Streamer.stream("user", notify)
236 assert_receive {:render_with_user, _, _, ^notify}
237 refute Streamer.filtered_by_user?(user, notify)
240 test "it sends notify to in the 'user:notification' stream", %{
245 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
246 Streamer.stream("user:notification", notify)
248 assert_receive {:render_with_user, _, _, ^notify}
249 refute Streamer.filtered_by_user?(user, notify)
252 test "it doesn't send notify to the 'user:notification' stream when a user is blocked", %{
256 blocked = insert(:user)
257 {:ok, _user_relationship} = User.block(user, blocked)
259 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
261 {:ok, activity} = CommonAPI.post(user, %{status: ":("})
262 {:ok, _} = CommonAPI.favorite(blocked, activity.id)
267 test "it doesn't send notify to the 'user:notification' stream when a thread is muted", %{
271 user2 = insert(:user)
273 {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
274 {:ok, _} = CommonAPI.add_mute(user, activity)
276 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
278 {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)
281 assert Streamer.filtered_by_user?(user, favorite_activity)
284 test "it sends favorite to 'user:notification' stream'", %{
288 user2 = insert(:user, %{ap_id: "https://hecking-lewd-place.com/user/meanie"})
290 {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
291 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
292 {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)
294 assert_receive {:render_with_user, _, "notification.json", notif}
295 assert notif.activity.id == favorite_activity.id
296 refute Streamer.filtered_by_user?(user, notif)
299 test "it doesn't send the 'user:notification' stream' when a domain is blocked", %{
303 user2 = insert(:user, %{ap_id: "https://hecking-lewd-place.com/user/meanie"})
305 {:ok, user} = User.block_domain(user, "hecking-lewd-place.com")
306 {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
307 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
308 {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)
311 assert Streamer.filtered_by_user?(user, favorite_activity)
314 test "it sends follow activities to the 'user:notification' stream", %{
318 user2 = insert(:user)
320 Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
321 {:ok, _follower, _followed, follow_activity} = CommonAPI.follow(user2, user)
323 assert_receive {:render_with_user, _, "notification.json", notif}
324 assert notif.activity.id == follow_activity.id
325 refute Streamer.filtered_by_user?(user, notif)
328 test "it sends follow relationships updates to the 'user' stream", %{
333 other_user = insert(:user)
334 other_user_id = other_user.id
336 Streamer.get_topic_and_add_socket("user", user, oauth_token)
337 {:ok, _follower, _followed, _follow_activity} = CommonAPI.follow(user, other_user)
339 assert_receive {:text, event}
341 assert %{"event" => "pleroma:follow_relationships_update", "payload" => payload} =
346 "follower_count" => 0,
347 "following_count" => 0,
351 "follower_count" => 0,
352 "following_count" => 0,
353 "id" => ^other_user_id
355 "state" => "follow_pending"
356 } = Jason.decode!(payload)
358 assert_receive {:text, event}
360 assert %{"event" => "pleroma:follow_relationships_update", "payload" => payload} =
365 "follower_count" => 0,
366 "following_count" => 1,
370 "follower_count" => 1,
371 "following_count" => 0,
372 "id" => ^other_user_id
374 "state" => "follow_accept"
375 } = Jason.decode!(payload)
379 describe "public streams" do
380 test "it sends to public (authenticated)" do
381 %{user: user, token: oauth_token} = oauth_access(["read"])
382 other_user = insert(:user)
384 Streamer.get_topic_and_add_socket("public", user, oauth_token)
386 {:ok, activity} = CommonAPI.post(other_user, %{status: "Test"})
387 assert_receive {:render_with_user, _, _, ^activity}
388 refute Streamer.filtered_by_user?(other_user, activity)
391 test "it sends to public (unauthenticated)" do
394 Streamer.get_topic_and_add_socket("public", nil, nil)
396 {:ok, activity} = CommonAPI.post(user, %{status: "Test"})
397 activity_id = activity.id
398 assert_receive {:text, event}
399 assert %{"event" => "update", "payload" => payload} = Jason.decode!(event)
400 assert %{"id" => ^activity_id} = Jason.decode!(payload)
402 {:ok, _} = CommonAPI.delete(activity.id, user)
403 assert_receive {:text, event}
404 assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
407 test "handles deletions" do
408 %{user: user, token: oauth_token} = oauth_access(["read"])
409 other_user = insert(:user)
410 {:ok, activity} = CommonAPI.post(other_user, %{status: "Test"})
412 Streamer.get_topic_and_add_socket("public", user, oauth_token)
414 {:ok, _} = CommonAPI.delete(activity.id, other_user)
415 activity_id = activity.id
416 assert_receive {:text, event}
417 assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
421 describe "thread_containment/2" do
422 test "it filters to user if recipients invalid and thread containment is enabled" do
423 clear_config([:instance, :skip_thread_containment], false)
424 author = insert(:user)
425 %{user: user, token: oauth_token} = oauth_access(["read"])
426 User.follow(user, author, :follow_accept)
429 insert(:note_activity,
433 data: %{"to" => ["TEST-FFF"]}
437 Streamer.get_topic_and_add_socket("public", user, oauth_token)
438 Streamer.stream("public", activity)
439 assert_receive {:render_with_user, _, _, ^activity}
440 assert Streamer.filtered_by_user?(user, activity)
443 test "it sends message if recipients invalid and thread containment is disabled" do
444 clear_config([:instance, :skip_thread_containment], true)
445 author = insert(:user)
446 %{user: user, token: oauth_token} = oauth_access(["read"])
447 User.follow(user, author, :follow_accept)
450 insert(:note_activity,
454 data: %{"to" => ["TEST-FFF"]}
458 Streamer.get_topic_and_add_socket("public", user, oauth_token)
459 Streamer.stream("public", activity)
461 assert_receive {:render_with_user, _, _, ^activity}
462 refute Streamer.filtered_by_user?(user, activity)
465 test "it sends message if recipients invalid and thread containment is enabled but user's thread containment is disabled" do
466 clear_config([:instance, :skip_thread_containment], false)
467 author = insert(:user)
468 user = insert(:user, skip_thread_containment: true)
469 %{token: oauth_token} = oauth_access(["read"], user: user)
470 User.follow(user, author, :follow_accept)
473 insert(:note_activity,
477 data: %{"to" => ["TEST-FFF"]}
481 Streamer.get_topic_and_add_socket("public", user, oauth_token)
482 Streamer.stream("public", activity)
484 assert_receive {:render_with_user, _, _, ^activity}
485 refute Streamer.filtered_by_user?(user, activity)
490 setup do: oauth_access(["read"])
492 test "it filters messages involving blocked users", %{user: user, token: oauth_token} do
493 blocked_user = insert(:user)
494 {:ok, _user_relationship} = User.block(user, blocked_user)
496 Streamer.get_topic_and_add_socket("public", user, oauth_token)
497 {:ok, activity} = CommonAPI.post(blocked_user, %{status: "Test"})
498 assert_receive {:render_with_user, _, _, ^activity}
499 assert Streamer.filtered_by_user?(user, activity)
502 test "it filters messages transitively involving blocked users", %{
506 blockee = insert(:user)
507 friend = insert(:user)
509 Streamer.get_topic_and_add_socket("public", blocker, blocker_token)
511 {:ok, _user_relationship} = User.block(blocker, blockee)
513 {:ok, activity_one} = CommonAPI.post(friend, %{status: "hey! @#{blockee.nickname}"})
515 assert_receive {:render_with_user, _, _, ^activity_one}
516 assert Streamer.filtered_by_user?(blocker, activity_one)
518 {:ok, activity_two} = CommonAPI.post(blockee, %{status: "hey! @#{friend.nickname}"})
520 assert_receive {:render_with_user, _, _, ^activity_two}
521 assert Streamer.filtered_by_user?(blocker, activity_two)
523 {:ok, activity_three} = CommonAPI.post(blockee, %{status: "hey! @#{blocker.nickname}"})
525 assert_receive {:render_with_user, _, _, ^activity_three}
526 assert Streamer.filtered_by_user?(blocker, activity_three)
531 setup do: oauth_access(["read"])
533 test "it doesn't send unwanted DMs to list", %{user: user_a, token: user_a_token} do
534 user_b = insert(:user)
535 user_c = insert(:user)
537 {:ok, user_a, user_b} = User.follow(user_a, user_b)
539 {:ok, list} = List.create("Test", user_a)
540 {:ok, list} = List.follow(list, user_b)
542 Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})
545 CommonAPI.post(user_b, %{
546 status: "@#{user_c.nickname} Test",
553 test "it doesn't send unwanted private posts to list", %{user: user_a, token: user_a_token} do
554 user_b = insert(:user)
556 {:ok, list} = List.create("Test", user_a)
557 {:ok, list} = List.follow(list, user_b)
559 Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})
562 CommonAPI.post(user_b, %{
564 visibility: "private"
570 test "it sends wanted private posts to list", %{user: user_a, token: user_a_token} do
571 user_b = insert(:user)
573 {:ok, user_a, user_b} = User.follow(user_a, user_b)
575 {:ok, list} = List.create("Test", user_a)
576 {:ok, list} = List.follow(list, user_b)
578 Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})
581 CommonAPI.post(user_b, %{
583 visibility: "private"
586 assert_receive {:render_with_user, _, _, ^activity}
587 refute Streamer.filtered_by_user?(user_a, activity)
591 describe "muted reblogs" do
592 setup do: oauth_access(["read"])
594 test "it filters muted reblogs", %{user: user1, token: user1_token} do
595 user2 = insert(:user)
596 user3 = insert(:user)
597 CommonAPI.follow(user1, user2)
598 CommonAPI.hide_reblogs(user1, user2)
600 {:ok, create_activity} = CommonAPI.post(user3, %{status: "I'm kawen"})
602 Streamer.get_topic_and_add_socket("user", user1, user1_token)
603 {:ok, announce_activity} = CommonAPI.repeat(create_activity.id, user2)
604 assert_receive {:render_with_user, _, _, ^announce_activity}
605 assert Streamer.filtered_by_user?(user1, announce_activity)
608 test "it filters reblog notification for reblog-muted actors", %{
612 user2 = insert(:user)
613 CommonAPI.follow(user1, user2)
614 CommonAPI.hide_reblogs(user1, user2)
616 {:ok, create_activity} = CommonAPI.post(user1, %{status: "I'm kawen"})
617 Streamer.get_topic_and_add_socket("user", user1, user1_token)
618 {:ok, _announce_activity} = CommonAPI.repeat(create_activity.id, user2)
620 assert_receive {:render_with_user, _, "notification.json", notif}
621 assert Streamer.filtered_by_user?(user1, notif)
624 test "it send non-reblog notification for reblog-muted actors", %{
628 user2 = insert(:user)
629 CommonAPI.follow(user1, user2)
630 CommonAPI.hide_reblogs(user1, user2)
632 {:ok, create_activity} = CommonAPI.post(user1, %{status: "I'm kawen"})
633 Streamer.get_topic_and_add_socket("user", user1, user1_token)
634 {:ok, _favorite_activity} = CommonAPI.favorite(user2, create_activity.id)
636 assert_receive {:render_with_user, _, "notification.json", notif}
637 refute Streamer.filtered_by_user?(user1, notif)
641 describe "muted threads" do
642 test "it filters posts from muted threads" do
644 %{user: user2, token: user2_token} = oauth_access(["read"])
645 Streamer.get_topic_and_add_socket("user", user2, user2_token)
647 {:ok, user2, user, _activity} = CommonAPI.follow(user2, user)
648 {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
649 {:ok, _} = CommonAPI.add_mute(user2, activity)
651 assert_receive {:render_with_user, _, _, ^activity}
652 assert Streamer.filtered_by_user?(user2, activity)
656 describe "direct streams" do
657 setup do: oauth_access(["read"])
659 test "it sends conversation update to the 'direct' stream", %{user: user, token: oauth_token} do
660 another_user = insert(:user)
662 Streamer.get_topic_and_add_socket("direct", user, oauth_token)
664 {:ok, _create_activity} =
665 CommonAPI.post(another_user, %{
666 status: "hey @#{user.nickname}",
670 assert_receive {:text, received_event}
672 assert %{"event" => "conversation", "payload" => received_payload} =
673 Jason.decode!(received_event)
675 assert %{"last_status" => last_status} = Jason.decode!(received_payload)
676 [participation] = Participation.for_user(user)
677 assert last_status["pleroma"]["direct_conversation_id"] == participation.id
680 test "it doesn't send conversation update to the 'direct' stream when the last message in the conversation is deleted",
681 %{user: user, token: oauth_token} do
682 another_user = insert(:user)
684 Streamer.get_topic_and_add_socket("direct", user, oauth_token)
686 {:ok, create_activity} =
687 CommonAPI.post(another_user, %{
688 status: "hi @#{user.nickname}",
692 create_activity_id = create_activity.id
693 assert_receive {:render_with_user, _, _, ^create_activity}
694 assert_receive {:text, received_conversation1}
695 assert %{"event" => "conversation", "payload" => _} = Jason.decode!(received_conversation1)
697 {:ok, _} = CommonAPI.delete(create_activity_id, another_user)
699 assert_receive {:text, received_event}
701 assert %{"event" => "delete", "payload" => ^create_activity_id} =
702 Jason.decode!(received_event)
708 test "it sends conversation update to the 'direct' stream when a message is deleted", %{
712 another_user = insert(:user)
713 Streamer.get_topic_and_add_socket("direct", user, oauth_token)
715 {:ok, create_activity} =
716 CommonAPI.post(another_user, %{
717 status: "hi @#{user.nickname}",
721 {:ok, create_activity2} =
722 CommonAPI.post(another_user, %{
723 status: "hi @#{user.nickname} 2",
724 in_reply_to_status_id: create_activity.id,
728 assert_receive {:render_with_user, _, _, ^create_activity}
729 assert_receive {:render_with_user, _, _, ^create_activity2}
730 assert_receive {:text, received_conversation1}
731 assert %{"event" => "conversation", "payload" => _} = Jason.decode!(received_conversation1)
732 assert_receive {:text, received_conversation1}
733 assert %{"event" => "conversation", "payload" => _} = Jason.decode!(received_conversation1)
735 {:ok, _} = CommonAPI.delete(create_activity2.id, another_user)
737 assert_receive {:text, received_event}
738 assert %{"event" => "delete", "payload" => _} = Jason.decode!(received_event)
740 assert_receive {:text, received_event}
742 assert %{"event" => "conversation", "payload" => received_payload} =
743 Jason.decode!(received_event)
745 assert %{"last_status" => last_status} = Jason.decode!(received_payload)
746 assert last_status["id"] == to_string(create_activity.id)