git.squeep.com Git - akkoma/blob - test/web/mastodon_api/controllers/mastodon_api_controller/update_credentials_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
   6   alias Pleroma.Repo
   7   alias Pleroma.User
   8
   9   use Pleroma.Web.ConnCase
  10
  11   import Pleroma.Factory
  12   clear_config([:instance, :max_account_fields])
  13
  14   describe "updating credentials" do
  15     test "sets user settings in a generic way", %{conn: conn} do
  16       user = insert(:user)
  17
  18       res_conn =
  19         conn
  20         |> assign(:user, user)
  21         |> patch("/api/v1/accounts/update_credentials", %{
  22           "pleroma_settings_store" => %{
  23             pleroma_fe: %{
  24               theme: "bla"
  25             }
  26           }
  27         })
  28
  29       assert user = json_response(res_conn, 200)
  30       assert user["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
  31
  32       user = Repo.get(User, user["id"])
  33
  34       res_conn =
  35         conn
  36         |> assign(:user, user)
  37         |> patch("/api/v1/accounts/update_credentials", %{
  38           "pleroma_settings_store" => %{
  39             masto_fe: %{
  40               theme: "bla"
  41             }
  42           }
  43         })
  44
  45       assert user = json_response(res_conn, 200)
  46
  47       assert user["pleroma"]["settings_store"] ==
  48                %{
  49                  "pleroma_fe" => %{"theme" => "bla"},
  50                  "masto_fe" => %{"theme" => "bla"}
  51                }
  52
  53       user = Repo.get(User, user["id"])
  54
  55       res_conn =
  56         conn
  57         |> assign(:user, user)
  58         |> patch("/api/v1/accounts/update_credentials", %{
  59           "pleroma_settings_store" => %{
  60             masto_fe: %{
  61               theme: "blub"
  62             }
  63           }
  64         })
  65
  66       assert user = json_response(res_conn, 200)
  67
  68       assert user["pleroma"]["settings_store"] ==
  69                %{
  70                  "pleroma_fe" => %{"theme" => "bla"},
  71                  "masto_fe" => %{"theme" => "blub"}
  72                }
  73     end
  74
  75     test "updates the user's bio", %{conn: conn} do
  76       user = insert(:user)
  77       user2 = insert(:user)
  78
  79       conn =
  80         conn
  81         |> assign(:user, user)
  82         |> patch("/api/v1/accounts/update_credentials", %{
  83           "note" => "I drink #cofe with @#{user2.nickname}"
  84         })
  85
  86       assert user = json_response(conn, 200)
  87
  88       assert user["note"] ==
  89                ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe" rel="tag">#cofe</a> with <span class="h-card"><a data-user=") <>
  90                  user2.id <>
  91                  ~s(" class="u-url mention" href=") <>
  92                  user2.ap_id <> ~s(">@<span>) <> user2.nickname <> ~s(</span></a></span>)
  93     end
  94
  95     test "updates the user's locking status", %{conn: conn} do
  96       user = insert(:user)
  97
  98       conn =
  99         conn
 100         |> assign(:user, user)
 101         |> patch("/api/v1/accounts/update_credentials", %{locked: "true"})
 102
 103       assert user = json_response(conn, 200)
 104       assert user["locked"] == true
 105     end
 106
 107     test "updates the user's default scope", %{conn: conn} do
 108       user = insert(:user)
 109
 110       conn =
 111         conn
 112         |> assign(:user, user)
 113         |> patch("/api/v1/accounts/update_credentials", %{default_scope: "cofe"})
 114
 115       assert user = json_response(conn, 200)
 116       assert user["source"]["privacy"] == "cofe"
 117     end
 118
 119     test "updates the user's hide_followers status", %{conn: conn} do
 120       user = insert(:user)
 121
 122       conn =
 123         conn
 124         |> assign(:user, user)
 125         |> patch("/api/v1/accounts/update_credentials", %{hide_followers: "true"})
 126
 127       assert user = json_response(conn, 200)
 128       assert user["pleroma"]["hide_followers"] == true
 129     end
 130
 131     test "updates the user's skip_thread_containment option", %{conn: conn} do
 132       user = insert(:user)
 133
 134       response =
 135         conn
 136         |> assign(:user, user)
 137         |> patch("/api/v1/accounts/update_credentials", %{skip_thread_containment: "true"})
 138         |> json_response(200)
 139
 140       assert response["pleroma"]["skip_thread_containment"] == true
 141       assert refresh_record(user).info.skip_thread_containment
 142     end
 143
 144     test "updates the user's hide_follows status", %{conn: conn} do
 145       user = insert(:user)
 146
 147       conn =
 148         conn
 149         |> assign(:user, user)
 150         |> patch("/api/v1/accounts/update_credentials", %{hide_follows: "true"})
 151
 152       assert user = json_response(conn, 200)
 153       assert user["pleroma"]["hide_follows"] == true
 154     end
 155
 156     test "updates the user's hide_favorites status", %{conn: conn} do
 157       user = insert(:user)
 158
 159       conn =
 160         conn
 161         |> assign(:user, user)
 162         |> patch("/api/v1/accounts/update_credentials", %{hide_favorites: "true"})
 163
 164       assert user = json_response(conn, 200)
 165       assert user["pleroma"]["hide_favorites"] == true
 166     end
 167
 168     test "updates the user's show_role status", %{conn: conn} do
 169       user = insert(:user)
 170
 171       conn =
 172         conn
 173         |> assign(:user, user)
 174         |> patch("/api/v1/accounts/update_credentials", %{show_role: "false"})
 175
 176       assert user = json_response(conn, 200)
 177       assert user["source"]["pleroma"]["show_role"] == false
 178     end
 179
 180     test "updates the user's no_rich_text status", %{conn: conn} do
 181       user = insert(:user)
 182
 183       conn =
 184         conn
 185         |> assign(:user, user)
 186         |> patch("/api/v1/accounts/update_credentials", %{no_rich_text: "true"})
 187
 188       assert user = json_response(conn, 200)
 189       assert user["source"]["pleroma"]["no_rich_text"] == true
 190     end
 191
 192     test "updates the user's name", %{conn: conn} do
 193       user = insert(:user)
 194
 195       conn =
 196         conn
 197         |> assign(:user, user)
 198         |> patch("/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
 199
 200       assert user = json_response(conn, 200)
 201       assert user["display_name"] == "markorepairs"
 202     end
 203
 204     test "updates the user's avatar", %{conn: conn} do
 205       user = insert(:user)
 206
 207       new_avatar = %Plug.Upload{
 208         content_type: "image/jpg",
 209         path: Path.absname("test/fixtures/image.jpg"),
 210         filename: "an_image.jpg"
 211       }
 212
 213       conn =
 214         conn
 215         |> assign(:user, user)
 216         |> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
 217
 218       assert user_response = json_response(conn, 200)
 219       assert user_response["avatar"] != User.avatar_url(user)
 220     end
 221
 222     test "updates the user's banner", %{conn: conn} do
 223       user = insert(:user)
 224
 225       new_header = %Plug.Upload{
 226         content_type: "image/jpg",
 227         path: Path.absname("test/fixtures/image.jpg"),
 228         filename: "an_image.jpg"
 229       }
 230
 231       conn =
 232         conn
 233         |> assign(:user, user)
 234         |> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})
 235
 236       assert user_response = json_response(conn, 200)
 237       assert user_response["header"] != User.banner_url(user)
 238     end
 239
 240     test "updates the user's background", %{conn: conn} do
 241       user = insert(:user)
 242
 243       new_header = %Plug.Upload{
 244         content_type: "image/jpg",
 245         path: Path.absname("test/fixtures/image.jpg"),
 246         filename: "an_image.jpg"
 247       }
 248
 249       conn =
 250         conn
 251         |> assign(:user, user)
 252         |> patch("/api/v1/accounts/update_credentials", %{
 253           "pleroma_background_image" => new_header
 254         })
 255
 256       assert user_response = json_response(conn, 200)
 257       assert user_response["pleroma"]["background_image"]
 258     end
 259
 260     test "requires 'write' permission", %{conn: conn} do
 261       token1 = insert(:oauth_token, scopes: ["read"])
 262       token2 = insert(:oauth_token, scopes: ["write", "follow"])
 263
 264       for token <- [token1, token2] do
 265         conn =
 266           conn
 267           |> put_req_header("authorization", "Bearer #{token.token}")
 268           |> patch("/api/v1/accounts/update_credentials", %{})
 269
 270         if token == token1 do
 271           assert %{"error" => "Insufficient permissions: write."} == json_response(conn, 403)
 272         else
 273           assert json_response(conn, 200)
 274         end
 275       end
 276     end
 277
 278     test "updates profile emojos", %{conn: conn} do
 279       user = insert(:user)
 280
 281       note = "*sips :blank:*"
 282       name = "I am :firefox:"
 283
 284       conn =
 285         conn
 286         |> assign(:user, user)
 287         |> patch("/api/v1/accounts/update_credentials", %{
 288           "note" => note,
 289           "display_name" => name
 290         })
 291
 292       assert json_response(conn, 200)
 293
 294       conn =
 295         conn
 296         |> get("/api/v1/accounts/#{user.id}")
 297
 298       assert user = json_response(conn, 200)
 299
 300       assert user["note"] == note
 301       assert user["display_name"] == name
 302       assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user["emojis"]
 303     end
 304
 305     test "update fields", %{conn: conn} do
 306       user = insert(:user)
 307
 308       fields = [
 309         %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
 310         %{"name" => "link", "value" => "cofe.io"}
 311       ]
 312
 313       account =
 314         conn
 315         |> assign(:user, user)
 316         |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
 317         |> json_response(200)
 318
 319       assert account["fields"] == [
 320                %{"name" => "foo", "value" => "bar"},
 321                %{"name" => "link", "value" => "<a href=\"http://cofe.io\">cofe.io</a>"}
 322              ]
 323
 324       assert account["source"]["fields"] == [
 325                %{
 326                  "name" => "<a href=\"http://google.com\">foo</a>",
 327                  "value" => "<script>bar</script>"
 328                },
 329                %{"name" => "link", "value" => "cofe.io"}
 330              ]
 331
 332       name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
 333       value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
 334
 335       long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
 336
 337       fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
 338
 339       assert %{"error" => "Invalid request"} ==
 340                conn
 341                |> assign(:user, user)
 342                |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
 343                |> json_response(403)
 344
 345       long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
 346
 347       fields = [%{"name" => long_name, "value" => "bar"}]
 348
 349       assert %{"error" => "Invalid request"} ==
 350                conn
 351                |> assign(:user, user)
 352                |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
 353                |> json_response(403)
 354
 355       Pleroma.Config.put([:instance, :max_account_fields], 1)
 356
 357       fields = [
 358         %{"name" => "<b>foo<b>", "value" => "<i>bar</i>"},
 359         %{"name" => "link", "value" => "cofe.io"}
 360       ]
 361
 362       assert %{"error" => "Invalid request"} ==
 363                conn
 364                |> assign(:user, user)
 365                |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
 366                |> json_response(403)
 367     end
 368   end
 369 end