1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
6 use Pleroma.Web.ConnCase
8 alias Pleroma.Web.ActivityPub.{UserView, ObjectView}
9 alias Pleroma.{Object, Repo, User}
10 alias Pleroma.Activity
13 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
18 test "with the relay active, it returns the relay user", %{conn: conn} do
21 |> get(activity_pub_path(conn, :relay))
24 assert res["id"] =~ "/relay"
27 test "with the relay disabled, it returns 404", %{conn: conn} do
28 Pleroma.Config.put([:instance, :allow_relay], false)
31 |> get(activity_pub_path(conn, :relay))
35 Pleroma.Config.put([:instance, :allow_relay], true)
39 describe "/users/:nickname" do
40 test "it returns a json representation of the user", %{conn: conn} do
45 |> put_req_header("accept", "application/activity+json")
46 |> get("/users/#{user.nickname}")
48 user = Repo.get(User, user.id)
50 assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
54 describe "/object/:uuid" do
55 test "it returns a json representation of the object", %{conn: conn} do
57 uuid = String.split(note.data["id"], "/") |> List.last()
61 |> put_req_header("accept", "application/activity+json")
62 |> get("/objects/#{uuid}")
64 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note})
67 test "it returns 404 for non-public messages", %{conn: conn} do
68 note = insert(:direct_note)
69 uuid = String.split(note.data["id"], "/") |> List.last()
73 |> put_req_header("accept", "application/activity+json")
74 |> get("/objects/#{uuid}")
76 assert json_response(conn, 404)
79 test "it returns 404 for tombstone objects", %{conn: conn} do
80 tombstone = insert(:tombstone)
81 uuid = String.split(tombstone.data["id"], "/") |> List.last()
85 |> put_req_header("accept", "application/activity+json")
86 |> get("/objects/#{uuid}")
88 assert json_response(conn, 404)
92 describe "/activities/:uuid" do
93 test "it returns a json representation of the activity", %{conn: conn} do
94 activity = insert(:note_activity)
95 uuid = String.split(activity.data["id"], "/") |> List.last()
99 |> put_req_header("accept", "application/activity+json")
100 |> get("/activities/#{uuid}")
102 assert json_response(conn, 200) == ObjectView.render("object.json", %{object: activity})
105 test "it returns 404 for non-public activities", %{conn: conn} do
106 activity = insert(:direct_note_activity)
107 uuid = String.split(activity.data["id"], "/") |> List.last()
111 |> put_req_header("accept", "application/activity+json")
112 |> get("/activities/#{uuid}")
114 assert json_response(conn, 404)
119 test "it inserts an incoming activity into the database", %{conn: conn} do
120 data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
124 |> assign(:valid_signature, true)
125 |> put_req_header("content-type", "application/activity+json")
126 |> post("/inbox", data)
128 assert "ok" == json_response(conn, 200)
130 assert Activity.get_by_ap_id(data["id"])
134 describe "/users/:nickname/inbox" do
135 test "it inserts an incoming activity into the database", %{conn: conn} do
139 File.read!("test/fixtures/mastodon-post-activity.json")
141 |> Map.put("bcc", [user.ap_id])
145 |> assign(:valid_signature, true)
146 |> put_req_header("content-type", "application/activity+json")
147 |> post("/users/#{user.nickname}/inbox", data)
149 assert "ok" == json_response(conn, 200)
151 assert Activity.get_by_ap_id(data["id"])
154 test "it rejects reads from other users", %{conn: conn} do
156 otheruser = insert(:user)
160 |> assign(:user, otheruser)
161 |> put_req_header("accept", "application/activity+json")
162 |> get("/users/#{user.nickname}/inbox")
164 assert json_response(conn, 403)
167 test "it returns a note activity in a collection", %{conn: conn} do
168 note_activity = insert(:direct_note_activity)
169 user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))
173 |> assign(:user, user)
174 |> put_req_header("accept", "application/activity+json")
175 |> get("/users/#{user.nickname}/inbox")
177 assert response(conn, 200) =~ note_activity.data["object"]["content"]
181 describe "/users/:nickname/outbox" do
182 test "it returns a note activity in a collection", %{conn: conn} do
183 note_activity = insert(:note_activity)
184 user = User.get_cached_by_ap_id(note_activity.data["actor"])
188 |> put_req_header("accept", "application/activity+json")
189 |> get("/users/#{user.nickname}/outbox")
191 assert response(conn, 200) =~ note_activity.data["object"]["content"]
194 test "it returns an announce activity in a collection", %{conn: conn} do
195 announce_activity = insert(:announce_activity)
196 user = User.get_cached_by_ap_id(announce_activity.data["actor"])
200 |> put_req_header("accept", "application/activity+json")
201 |> get("/users/#{user.nickname}/outbox")
203 assert response(conn, 200) =~ announce_activity.data["object"]
206 test "it rejects posts from other users", %{conn: conn} do
207 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
209 otheruser = insert(:user)
213 |> assign(:user, otheruser)
214 |> put_req_header("content-type", "application/activity+json")
215 |> post("/users/#{user.nickname}/outbox", data)
217 assert json_response(conn, 403)
220 test "it inserts an incoming create activity into the database", %{conn: conn} do
221 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
226 |> assign(:user, user)
227 |> put_req_header("content-type", "application/activity+json")
228 |> post("/users/#{user.nickname}/outbox", data)
230 result = json_response(conn, 201)
231 assert Activity.get_by_ap_id(result["id"])
234 test "it rejects an incoming activity with bogus type", %{conn: conn} do
235 data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!()
240 |> Map.put("type", "BadType")
244 |> assign(:user, user)
245 |> put_req_header("content-type", "application/activity+json")
246 |> post("/users/#{user.nickname}/outbox", data)
248 assert json_response(conn, 400)
251 test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
252 note_activity = insert(:note_activity)
253 user = User.get_cached_by_ap_id(note_activity.data["actor"])
258 id: note_activity.data["object"]["id"]
264 |> assign(:user, user)
265 |> put_req_header("content-type", "application/activity+json")
266 |> post("/users/#{user.nickname}/outbox", data)
268 result = json_response(conn, 201)
269 assert Activity.get_by_ap_id(result["id"])
271 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
273 assert object.data["type"] == "Tombstone"
276 test "it rejects delete activity of object from other actor", %{conn: conn} do
277 note_activity = insert(:note_activity)
283 id: note_activity.data["object"]["id"]
289 |> assign(:user, user)
290 |> put_req_header("content-type", "application/activity+json")
291 |> post("/users/#{user.nickname}/outbox", data)
293 assert json_response(conn, 400)
297 describe "/users/:nickname/followers" do
298 test "it returns the followers in a collection", %{conn: conn} do
300 user_two = insert(:user)
301 User.follow(user, user_two)
305 |> get("/users/#{user_two.nickname}/followers")
306 |> json_response(200)
308 assert result["first"]["orderedItems"] == [user.ap_id]
311 test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do
313 user_two = insert(:user, %{info: %{hide_network: true}})
314 User.follow(user, user_two)
318 |> get("/users/#{user_two.nickname}/followers")
319 |> json_response(200)
321 assert result["first"]["orderedItems"] == []
322 assert result["totalItems"] == 1
325 test "it works for more than 10 users", %{conn: conn} do
328 Enum.each(1..15, fn _ ->
329 other_user = insert(:user)
330 User.follow(other_user, user)
335 |> get("/users/#{user.nickname}/followers")
336 |> json_response(200)
338 assert length(result["first"]["orderedItems"]) == 10
339 assert result["first"]["totalItems"] == 15
340 assert result["totalItems"] == 15
344 |> get("/users/#{user.nickname}/followers?page=2")
345 |> json_response(200)
347 assert length(result["orderedItems"]) == 5
348 assert result["totalItems"] == 15
352 describe "/users/:nickname/following" do
353 test "it returns the following in a collection", %{conn: conn} do
355 user_two = insert(:user)
356 User.follow(user, user_two)
360 |> get("/users/#{user.nickname}/following")
361 |> json_response(200)
363 assert result["first"]["orderedItems"] == [user_two.ap_id]
366 test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do
367 user = insert(:user, %{info: %{hide_network: true}})
368 user_two = insert(:user)
369 User.follow(user, user_two)
373 |> get("/users/#{user.nickname}/following")
374 |> json_response(200)
376 assert result["first"]["orderedItems"] == []
377 assert result["totalItems"] == 1
380 test "it works for more than 10 users", %{conn: conn} do
383 Enum.each(1..15, fn _ ->
384 user = Repo.get(User, user.id)
385 other_user = insert(:user)
386 User.follow(user, other_user)
391 |> get("/users/#{user.nickname}/following")
392 |> json_response(200)
394 assert length(result["first"]["orderedItems"]) == 10
395 assert result["first"]["totalItems"] == 15
396 assert result["totalItems"] == 15
400 |> get("/users/#{user.nickname}/following?page=2")
401 |> json_response(200)
403 assert length(result["orderedItems"]) == 5
404 assert result["totalItems"] == 15