projects / akkoma / blob
? search:


67bd4b27f4531f9d43dae6087b73e15b0e5ecc05
[akkoma] / test / pleroma / web / twitter_api / util_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
6 use Pleroma.Web.ConnCase
7 use Oban.Testing, repo: Pleroma.Repo
8
9 alias Pleroma.Tests.ObanHelpers
10 alias Pleroma.User
11
12 import Pleroma.Factory
13 import Mock
14
15 setup do
16 Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
17 :ok
18 end
19
20 setup do: clear_config([:instance])
21 setup do: clear_config([:frontend_configurations, :pleroma_fe])
22
23 describe "PUT /api/pleroma/notification_settings" do
24 setup do: oauth_access(["write:accounts"])
25
26 test "it updates notification settings", %{user: user, conn: conn} do
27 conn
28 |> put(
29 "/api/pleroma/notification_settings?#{
30 URI.encode_query(%{
31 block_from_strangers: true
32 })
33 }"
34 )
35 |> json_response_and_validate_schema(:ok)
36
37 user = refresh_record(user)
38
39 assert %Pleroma.User.NotificationSetting{
40 block_from_strangers: true,
41 hide_notification_contents: false
42 } == user.notification_settings
43 end
44
45 test "it updates notification settings to enable hiding contents", %{user: user, conn: conn} do
46 conn
47 |> put(
48 "/api/pleroma/notification_settings?#{
49 URI.encode_query(%{
50 hide_notification_contents: 1
51 })
52 }"
53 )
54 |> json_response_and_validate_schema(:ok)
55
56 user = refresh_record(user)
57
58 assert %Pleroma.User.NotificationSetting{
59 block_from_strangers: false,
60 hide_notification_contents: true
61 } == user.notification_settings
62 end
63 end
64
65 describe "GET /api/pleroma/frontend_configurations" do
66 test "returns everything in :pleroma, :frontend_configurations", %{conn: conn} do
67 config = [
68 frontend_a: %{
69 x: 1,
70 y: 2
71 },
72 frontend_b: %{
73 z: 3
74 }
75 ]
76
77 clear_config(:frontend_configurations, config)
78
79 response =
80 conn
81 |> get("/api/pleroma/frontend_configurations")
82 |> json_response_and_validate_schema(:ok)
83
84 assert response == Jason.encode!(config |> Enum.into(%{})) |> Jason.decode!()
85 end
86 end
87
88 describe "/api/pleroma/emoji" do
89 test "returns json with custom emoji with tags", %{conn: conn} do
90 emoji =
91 conn
92 |> get("/api/pleroma/emoji")
93 |> json_response_and_validate_schema(200)
94
95 assert Enum.all?(emoji, fn
96 {_key,
97 %{
98 "image_url" => url,
99 "tags" => tags
100 }} ->
101 is_binary(url) and is_list(tags)
102 end)
103 end
104 end
105
106 describe "GET /api/pleroma/healthcheck" do
107 setup do: clear_config([:instance, :healthcheck])
108
109 test "returns 503 when healthcheck disabled", %{conn: conn} do
110 clear_config([:instance, :healthcheck], false)
111
112 response =
113 conn
114 |> get("/api/pleroma/healthcheck")
115 |> json_response_and_validate_schema(503)
116
117 assert response == %{}
118 end
119
120 test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
121 clear_config([:instance, :healthcheck], true)
122
123 with_mock Pleroma.Healthcheck,
124 system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
125 response =
126 conn
127 |> get("/api/pleroma/healthcheck")
128 |> json_response_and_validate_schema(200)
129
130 assert %{
131 "active" => _,
132 "healthy" => true,
133 "idle" => _,
134 "memory_used" => _,
135 "pool_size" => _
136 } = response
137 end
138 end
139
140 test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do
141 clear_config([:instance, :healthcheck], true)
142
143 with_mock Pleroma.Healthcheck,
144 system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
145 response =
146 conn
147 |> get("/api/pleroma/healthcheck")
148 |> json_response_and_validate_schema(503)
149
150 assert %{
151 "active" => _,
152 "healthy" => false,
153 "idle" => _,
154 "memory_used" => _,
155 "pool_size" => _
156 } = response
157 end
158 end
159 end
160
161 describe "POST /api/pleroma/disable_account" do
162 setup do: oauth_access(["write:accounts"])
163
164 test "with valid permissions and password, it disables the account", %{conn: conn, user: user} do
165 response =
166 conn
167 |> post("/api/pleroma/disable_account?password=test")
168 |> json_response_and_validate_schema(:ok)
169
170 assert response == %{"status" => "success"}
171 ObanHelpers.perform_all()
172
173 user = User.get_cached_by_id(user.id)
174
175 refute user.is_active
176 end
177
178 test "with valid permissions and invalid password, it returns an error", %{conn: conn} do
179 user = insert(:user)
180
181 response =
182 conn
183 |> post("/api/pleroma/disable_account?password=test1")
184 |> json_response_and_validate_schema(:ok)
185
186 assert response == %{"error" => "Invalid password."}
187 user = User.get_cached_by_id(user.id)
188
189 assert user.is_active
190 end
191 end
192
193 describe "POST /main/ostatus - remote_subscribe/2" do
194 setup do: clear_config([:instance, :federating], true)
195
196 test "renders subscribe form", %{conn: conn} do
197 user = insert(:user)
198
199 response =
200 conn
201 |> post("/main/ostatus", %{"nickname" => user.nickname, "profile" => ""})
202 |> response(:ok)
203
204 refute response =~ "Could not find user"
205 assert response =~ "Remotely follow #{user.nickname}"
206 end
207
208 test "renders subscribe form with error when user not found", %{conn: conn} do
209 response =
210 conn
211 |> post("/main/ostatus", %{"nickname" => "nickname", "profile" => ""})
212 |> response(:ok)
213
214 assert response =~ "Could not find user"
215 refute response =~ "Remotely follow"
216 end
217
218 test "it redirect to webfinger url", %{conn: conn} do
219 user = insert(:user)
220 user2 = insert(:user, ap_id: "shp@social.heldscal.la")
221
222 conn =
223 conn
224 |> post("/main/ostatus", %{
225 "user" => %{"nickname" => user.nickname, "profile" => user2.ap_id}
226 })
227
228 assert redirected_to(conn) ==
229 "https://social.heldscal.la/main/ostatussub?profile=#{user.ap_id}"
230 end
231
232 test "it renders form with error when user not found", %{conn: conn} do
233 user2 = insert(:user, ap_id: "shp@social.heldscal.la")
234
235 response =
236 conn
237 |> post("/main/ostatus", %{"user" => %{"nickname" => "jimm", "profile" => user2.ap_id}})
238 |> response(:ok)
239
240 assert response =~ "Something went wrong."
241 end
242 end
243
244 test "it returns new captcha", %{conn: conn} do
245 with_mock Pleroma.Captcha,
246 new: fn -> "test_captcha" end do
247 resp =
248 conn
249 |> get("/api/pleroma/captcha")
250 |> response(200)
251
252 assert resp == "\"test_captcha\""
253 assert called(Pleroma.Captcha.new())
254 end
255 end
256
257 describe "POST /api/pleroma/change_email" do
258 setup do: oauth_access(["write:accounts"])
259
260 test "without permissions", %{conn: conn} do
261 conn =
262 conn
263 |> assign(:token, nil)
264 |> put_req_header("content-type", "multipart/form-data")
265 |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"})
266
267 assert json_response_and_validate_schema(conn, 403) == %{
268 "error" => "Insufficient permissions: write:accounts."
269 }
270 end
271
272 test "with proper permissions and invalid password", %{conn: conn} do
273 conn =
274 conn
275 |> put_req_header("content-type", "multipart/form-data")
276 |> post("/api/pleroma/change_email", %{password: "hi", email: "test@test.com"})
277
278 assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."}
279 end
280
281 test "with proper permissions, valid password and invalid email", %{
282 conn: conn
283 } do
284 conn =
285 conn
286 |> put_req_header("content-type", "multipart/form-data")
287 |> post("/api/pleroma/change_email", %{password: "test", email: "foobar"})
288
289 assert json_response_and_validate_schema(conn, 200) == %{
290 "error" => "Email has invalid format."
291 }
292 end
293
294 test "with proper permissions, valid password and no email", %{
295 conn: conn
296 } do
297 conn =
298 conn
299 |> put_req_header("content-type", "multipart/form-data")
300 |> post("/api/pleroma/change_email", %{password: "test"})
301
302 assert %{"error" => "Missing field: email."} = json_response_and_validate_schema(conn, 400)
303 end
304
305 test "with proper permissions, valid password and blank email, when instance requires user email",
306 %{
307 conn: conn
308 } do
309 orig_account_activation_required =
310 Pleroma.Config.get([:instance, :account_activation_required])
311
312 Pleroma.Config.put([:instance, :account_activation_required], true)
313
314 on_exit(fn ->
315 Pleroma.Config.put(
316 [:instance, :account_activation_required],
317 orig_account_activation_required
318 )
319 end)
320
321 conn =
322 conn
323 |> put_req_header("content-type", "multipart/form-data")
324 |> post("/api/pleroma/change_email", %{password: "test", email: ""})
325
326 assert json_response_and_validate_schema(conn, 200) == %{"error" => "Email can't be blank."}
327 end
328
329 test "with proper permissions, valid password and blank email, when instance does not require user email",
330 %{
331 conn: conn
332 } do
333 orig_account_activation_required =
334 Pleroma.Config.get([:instance, :account_activation_required])
335
336 Pleroma.Config.put([:instance, :account_activation_required], false)
337
338 on_exit(fn ->
339 Pleroma.Config.put(
340 [:instance, :account_activation_required],
341 orig_account_activation_required
342 )
343 end)
344
345 conn =
346 conn
347 |> put_req_header("content-type", "multipart/form-data")
348 |> post("/api/pleroma/change_email", %{password: "test", email: ""})
349
350 assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
351 end
352
353 test "with proper permissions, valid password and non unique email", %{
354 conn: conn
355 } do
356 user = insert(:user)
357
358 conn =
359 conn
360 |> put_req_header("content-type", "multipart/form-data")
361 |> post("/api/pleroma/change_email", %{password: "test", email: user.email})
362
363 assert json_response_and_validate_schema(conn, 200) == %{
364 "error" => "Email has already been taken."
365 }
366 end
367
368 test "with proper permissions, valid password and valid email", %{
369 conn: conn
370 } do
371 conn =
372 conn
373 |> put_req_header("content-type", "multipart/form-data")
374 |> post("/api/pleroma/change_email", %{password: "test", email: "cofe@foobar.com"})
375
376 assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
377 end
378 end
379
380 describe "POST /api/pleroma/change_password" do
381 setup do: oauth_access(["write:accounts"])
382
383 test "without permissions", %{conn: conn} do
384 conn =
385 conn
386 |> assign(:token, nil)
387 |> put_req_header("content-type", "multipart/form-data")
388 |> post("/api/pleroma/change_password", %{
389 "password" => "hi",
390 "new_password" => "newpass",
391 "new_password_confirmation" => "newpass"
392 })
393
394 assert json_response_and_validate_schema(conn, 403) == %{
395 "error" => "Insufficient permissions: write:accounts."
396 }
397 end
398
399 test "with proper permissions and invalid password", %{conn: conn} do
400 conn =
401 conn
402 |> put_req_header("content-type", "multipart/form-data")
403 |> post("/api/pleroma/change_password", %{
404 "password" => "hi",
405 "new_password" => "newpass",
406 "new_password_confirmation" => "newpass"
407 })
408
409 assert json_response_and_validate_schema(conn, 200) == %{"error" => "Invalid password."}
410 end
411
412 test "with proper permissions, valid password and new password and confirmation not matching",
413 %{
414 conn: conn
415 } do
416 conn =
417 conn
418 |> put_req_header("content-type", "multipart/form-data")
419 |> post("/api/pleroma/change_password", %{
420 "password" => "test",
421 "new_password" => "newpass",
422 "new_password_confirmation" => "notnewpass"
423 })
424
425 assert json_response_and_validate_schema(conn, 200) == %{
426 "error" => "New password does not match confirmation."
427 }
428 end
429
430 test "with proper permissions, valid password and invalid new password", %{
431 conn: conn
432 } do
433 conn =
434 conn
435 |> put_req_header("content-type", "multipart/form-data")
436 |> post("/api/pleroma/change_password", %{
437 password: "test",
438 new_password: "",
439 new_password_confirmation: ""
440 })
441
442 assert json_response_and_validate_schema(conn, 200) == %{
443 "error" => "New password can't be blank."
444 }
445 end
446
447 test "with proper permissions, valid password and matching new password and confirmation", %{
448 conn: conn,
449 user: user
450 } do
451 conn =
452 conn
453 |> put_req_header("content-type", "multipart/form-data")
454 |> post(
455 "/api/pleroma/change_password",
456 %{
457 password: "test",
458 new_password: "newpass",
459 new_password_confirmation: "newpass"
460 }
461 )
462
463 assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
464 fetched_user = User.get_cached_by_id(user.id)
465 assert Pleroma.Password.Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true
466 end
467 end
468
469 describe "POST /api/pleroma/delete_account" do
470 setup do: oauth_access(["write:accounts"])
471
472 test "without permissions", %{conn: conn} do
473 conn =
474 conn
475 |> assign(:token, nil)
476 |> post("/api/pleroma/delete_account")
477
478 assert json_response_and_validate_schema(conn, 403) ==
479 %{"error" => "Insufficient permissions: write:accounts."}
480 end
481
482 test "with proper permissions and wrong or missing password", %{conn: conn} do
483 for params <- [%{"password" => "hi"}, %{}] do
484 ret_conn = post(conn, "/api/pleroma/delete_account", params)
485
486 assert json_response_and_validate_schema(ret_conn, 200) == %{
487 "error" => "Invalid password."
488 }
489 end
490 end
491
492 test "with proper permissions and valid password", %{conn: conn, user: user} do
493 conn = post(conn, "/api/pleroma/delete_account?password=test")
494 ObanHelpers.perform_all()
495 assert json_response_and_validate_schema(conn, 200) == %{"status" => "success"}
496
497 user = User.get_by_id(user.id)
498 refute user.is_active
499 assert user.name == nil
500 assert user.bio == ""
501 assert user.password_hash == nil
502 end
503 end
504 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git