git.squeep.com Git - akkoma/blob - test/web/admin_api/views/report_view_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
   6   use Pleroma.DataCase
   7   import Pleroma.Factory
   8   alias Pleroma.Web.AdminAPI.Report
   9   alias Pleroma.Web.AdminAPI.ReportView
  10   alias Pleroma.Web.CommonAPI
  11   alias Pleroma.Web.MastodonAPI.AccountView
  12   alias Pleroma.Web.MastodonAPI.StatusView
  13
  14   test "renders a report" do
  15     user = insert(:user)
  16     other_user = insert(:user)
  17
  18     {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})
  19
  20     expected = %{
  21       content: nil,
  22       actor:
  23         Map.merge(
  24           AccountView.render("show.json", %{user: user}),
  25           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  26         ),
  27       account:
  28         Map.merge(
  29           AccountView.render("show.json", %{user: other_user}),
  30           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  31         ),
  32       statuses: [],
  33       notes: [],
  34       state: "open",
  35       id: activity.id
  36     }
  37
  38     result =
  39       ReportView.render("show.json", Report.extract_report_info(activity))
  40       |> Map.delete(:created_at)
  41
  42     assert result == expected
  43   end
  44
  45   test "includes reported statuses" do
  46     user = insert(:user)
  47     other_user = insert(:user)
  48     {:ok, activity} = CommonAPI.post(other_user, %{status: "toot"})
  49
  50     {:ok, report_activity} =
  51       CommonAPI.report(user, %{account_id: other_user.id, status_ids: [activity.id]})
  52
  53     other_user = Pleroma.User.get_by_id(other_user.id)
  54
  55     expected = %{
  56       content: nil,
  57       actor:
  58         Map.merge(
  59           AccountView.render("show.json", %{user: user}),
  60           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
  61         ),
  62       account:
  63         Map.merge(
  64           AccountView.render("show.json", %{user: other_user}),
  65           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
  66         ),
  67       statuses: [StatusView.render("show.json", %{activity: activity})],
  68       state: "open",
  69       notes: [],
  70       id: report_activity.id
  71     }
  72
  73     result =
  74       ReportView.render("show.json", Report.extract_report_info(report_activity))
  75       |> Map.delete(:created_at)
  76
  77     assert result == expected
  78   end
  79
  80   test "renders report's state" do
  81     user = insert(:user)
  82     other_user = insert(:user)
  83
  84     {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})
  85     {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")
  86
  87     assert %{state: "closed"} =
  88              ReportView.render("show.json", Report.extract_report_info(activity))
  89   end
  90
  91   test "renders report description" do
  92     user = insert(:user)
  93     other_user = insert(:user)
  94
  95     {:ok, activity} =
  96       CommonAPI.report(user, %{
  97         account_id: other_user.id,
  98         comment: "posts are too good for this instance"
  99       })
 100
 101     assert %{content: "posts are too good for this instance"} =
 102              ReportView.render("show.json", Report.extract_report_info(activity))
 103   end
 104
 105   test "sanitizes report description" do
 106     user = insert(:user)
 107     other_user = insert(:user)
 108
 109     {:ok, activity} =
 110       CommonAPI.report(user, %{
 111         account_id: other_user.id,
 112         comment: ""
 113       })
 114
 115     data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
 116     activity = Map.put(activity, :data, data)
 117
 118     refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
 119              ReportView.render("show.json", Report.extract_report_info(activity))[:content]
 120   end
 121
 122   test "doesn't error out when the user doesn't exists" do
 123     user = insert(:user)
 124     other_user = insert(:user)
 125
 126     {:ok, activity} =
 127       CommonAPI.report(user, %{
 128         account_id: other_user.id,
 129         comment: ""
 130       })
 131
 132     Pleroma.User.delete(other_user)
 133     Pleroma.User.invalidate_cache(other_user)
 134
 135     assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))
 136   end
 137 end