projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'develop' into feature/digest-email
[akkoma] / test / web / ostatus / ostatus_controller_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.OStatus.OStatusControllerTest do
6 use Pleroma.Web.ConnCase
7
8 import ExUnit.CaptureLog
9 import Pleroma.Factory
10
11 alias Pleroma.Object
12 alias Pleroma.User
13 alias Pleroma.Web.CommonAPI
14 alias Pleroma.Web.OStatus.ActivityRepresenter
15
16 setup_all do
17 Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
18
19 config_path = [:instance, :federating]
20 initial_setting = Pleroma.Config.get(config_path)
21
22 Pleroma.Config.put(config_path, true)
23 on_exit(fn -> Pleroma.Config.put(config_path, initial_setting) end)
24
25 :ok
26 end
27
28 describe "salmon_incoming" do
29 test "decodes a salmon", %{conn: conn} do
30 user = insert(:user)
31 salmon = File.read!("test/fixtures/salmon.xml")
32
33 assert capture_log(fn ->
34 conn =
35 conn
36 |> put_req_header("content-type", "application/atom+xml")
37 |> post("/users/#{user.nickname}/salmon", salmon)
38
39 assert response(conn, 200)
40 end) =~ "[error]"
41 end
42
43 test "decodes a salmon with a changed magic key", %{conn: conn} do
44 user = insert(:user)
45 salmon = File.read!("test/fixtures/salmon.xml")
46
47 assert capture_log(fn ->
48 conn =
49 conn
50 |> put_req_header("content-type", "application/atom+xml")
51 |> post("/users/#{user.nickname}/salmon", salmon)
52
53 assert response(conn, 200)
54 end) =~ "[error]"
55
56 # Set a wrong magic-key for a user so it has to refetch
57 salmon_user = User.get_cached_by_ap_id("http://gs.example.org:4040/index.php/user/1")
58
59 # Wrong key
60 info_cng =
61 User.Info.remote_user_creation(salmon_user.info, %{
62 magic_key:
63 "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwrong1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAB"
64 })
65
66 salmon_user
67 |> Ecto.Changeset.change()
68 |> Ecto.Changeset.put_embed(:info, info_cng)
69 |> User.update_and_set_cache()
70
71 assert capture_log(fn ->
72 conn =
73 build_conn()
74 |> put_req_header("content-type", "application/atom+xml")
75 |> post("/users/#{user.nickname}/salmon", salmon)
76
77 assert response(conn, 200)
78 end) =~ "[error]"
79 end
80 end
81
82 test "gets a feed", %{conn: conn} do
83 note_activity = insert(:note_activity)
84 object = Object.normalize(note_activity)
85 user = User.get_cached_by_ap_id(note_activity.data["actor"])
86
87 conn =
88 conn
89 |> put_req_header("content-type", "application/atom+xml")
90 |> get("/users/#{user.nickname}/feed.atom")
91
92 assert response(conn, 200) =~ object.data["content"]
93 end
94
95 test "returns 404 for a missing feed", %{conn: conn} do
96 conn =
97 conn
98 |> put_req_header("content-type", "application/atom+xml")
99 |> get("/users/nonexisting/feed.atom")
100
101 assert response(conn, 404)
102 end
103
104 describe "GET object/2" do
105 test "gets an object", %{conn: conn} do
106 note_activity = insert(:note_activity)
107 object = Object.normalize(note_activity)
108 user = User.get_cached_by_ap_id(note_activity.data["actor"])
109 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
110 url = "/objects/#{uuid}"
111
112 conn =
113 conn
114 |> put_req_header("accept", "application/xml")
115 |> get(url)
116
117 expected =
118 ActivityRepresenter.to_simple_form(note_activity, user, true)
119 |> ActivityRepresenter.wrap_with_entry()
120 |> :xmerl.export_simple(:xmerl_xml)
121 |> to_string
122
123 assert response(conn, 200) == expected
124 end
125
126 test "redirects to /notice/id for html format", %{conn: conn} do
127 note_activity = insert(:note_activity)
128 object = Object.normalize(note_activity)
129 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
130 url = "/objects/#{uuid}"
131
132 conn =
133 conn
134 |> put_req_header("accept", "text/html")
135 |> get(url)
136
137 assert redirected_to(conn) == "/notice/#{note_activity.id}"
138 end
139
140 test "500s when user not found", %{conn: conn} do
141 note_activity = insert(:note_activity)
142 object = Object.normalize(note_activity)
143 user = User.get_cached_by_ap_id(note_activity.data["actor"])
144 User.invalidate_cache(user)
145 Pleroma.Repo.delete(user)
146 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
147 url = "/objects/#{uuid}"
148
149 conn =
150 conn
151 |> put_req_header("accept", "application/xml")
152 |> get(url)
153
154 assert response(conn, 500) == ~S({"error":"Something went wrong"})
155 end
156
157 test "404s on private objects", %{conn: conn} do
158 note_activity = insert(:direct_note_activity)
159 object = Object.normalize(note_activity)
160 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
161
162 conn
163 |> get("/objects/#{uuid}")
164 |> response(404)
165 end
166
167 test "404s on nonexisting objects", %{conn: conn} do
168 conn
169 |> get("/objects/123")
170 |> response(404)
171 end
172 end
173
174 describe "GET activity/2" do
175 test "gets an activity in xml format", %{conn: conn} do
176 note_activity = insert(:note_activity)
177 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
178
179 conn
180 |> put_req_header("accept", "application/xml")
181 |> get("/activities/#{uuid}")
182 |> response(200)
183 end
184
185 test "redirects to /notice/id for html format", %{conn: conn} do
186 note_activity = insert(:note_activity)
187 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
188
189 conn =
190 conn
191 |> put_req_header("accept", "text/html")
192 |> get("/activities/#{uuid}")
193
194 assert redirected_to(conn) == "/notice/#{note_activity.id}"
195 end
196
197 test "505s when user not found", %{conn: conn} do
198 note_activity = insert(:note_activity)
199 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
200 user = User.get_cached_by_ap_id(note_activity.data["actor"])
201 User.invalidate_cache(user)
202 Pleroma.Repo.delete(user)
203
204 conn =
205 conn
206 |> put_req_header("accept", "text/html")
207 |> get("/activities/#{uuid}")
208
209 assert response(conn, 500) == ~S({"error":"Something went wrong"})
210 end
211
212 test "404s on deleted objects", %{conn: conn} do
213 note_activity = insert(:note_activity)
214 object = Object.normalize(note_activity)
215 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
216
217 conn
218 |> put_req_header("accept", "application/xml")
219 |> get("/objects/#{uuid}")
220 |> response(200)
221
222 Object.delete(object)
223
224 conn
225 |> put_req_header("accept", "application/xml")
226 |> get("/objects/#{uuid}")
227 |> response(404)
228 end
229
230 test "404s on private activities", %{conn: conn} do
231 note_activity = insert(:direct_note_activity)
232 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
233
234 conn
235 |> get("/activities/#{uuid}")
236 |> response(404)
237 end
238
239 test "404s on nonexistent activities", %{conn: conn} do
240 conn
241 |> get("/activities/123")
242 |> response(404)
243 end
244
245 test "gets an activity in AS2 format", %{conn: conn} do
246 note_activity = insert(:note_activity)
247 [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
248 url = "/activities/#{uuid}"
249
250 conn =
251 conn
252 |> put_req_header("accept", "application/activity+json")
253 |> get(url)
254
255 assert json_response(conn, 200)
256 end
257 end
258
259 describe "GET notice/2" do
260 test "gets a notice in xml format", %{conn: conn} do
261 note_activity = insert(:note_activity)
262
263 conn
264 |> get("/notice/#{note_activity.id}")
265 |> response(200)
266 end
267
268 test "gets a notice in AS2 format", %{conn: conn} do
269 note_activity = insert(:note_activity)
270
271 conn
272 |> put_req_header("accept", "application/activity+json")
273 |> get("/notice/#{note_activity.id}")
274 |> json_response(200)
275 end
276
277 test "500s when actor not found", %{conn: conn} do
278 note_activity = insert(:note_activity)
279 user = User.get_cached_by_ap_id(note_activity.data["actor"])
280 User.invalidate_cache(user)
281 Pleroma.Repo.delete(user)
282
283 conn =
284 conn
285 |> get("/notice/#{note_activity.id}")
286
287 assert response(conn, 500) == ~S({"error":"Something went wrong"})
288 end
289
290 test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
291 note_activity = insert(:note_activity)
292 url = "/notice/#{note_activity.id}"
293
294 conn =
295 conn
296 |> put_req_header("accept", "application/activity+json")
297 |> get(url)
298
299 assert json_response(conn, 200)
300
301 user = insert(:user)
302
303 {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
304 url = "/notice/#{like_activity.id}"
305
306 assert like_activity.data["type"] == "Like"
307
308 conn =
309 build_conn()
310 |> put_req_header("accept", "application/activity+json")
311 |> get(url)
312
313 assert response(conn, 404)
314 end
315
316 test "render html for redirect for html format", %{conn: conn} do
317 note_activity = insert(:note_activity)
318
319 resp =
320 conn
321 |> put_req_header("accept", "text/html")
322 |> get("/notice/#{note_activity.id}")
323 |> response(200)
324
325 assert resp =~
326 "<meta content=\"#{Pleroma.Web.base_url()}/notice/#{note_activity.id}\" property=\"og:url\">"
327
328 user = insert(:user)
329
330 {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
331
332 assert like_activity.data["type"] == "Like"
333
334 resp =
335 conn
336 |> put_req_header("accept", "text/html")
337 |> get("/notice/#{like_activity.id}")
338 |> response(200)
339
340 assert resp =~ "<!--server-generated-meta-->"
341 end
342
343 test "404s a private notice", %{conn: conn} do
344 note_activity = insert(:direct_note_activity)
345 url = "/notice/#{note_activity.id}"
346
347 conn =
348 conn
349 |> get(url)
350
351 assert response(conn, 404)
352 end
353
354 test "404s a nonexisting notice", %{conn: conn} do
355 url = "/notice/123"
356
357 conn =
358 conn
359 |> get(url)
360
361 assert response(conn, 404)
362 end
363 end
364
365 describe "feed_redirect" do
366 test "undefined format. it redirects to feed", %{conn: conn} do
367 note_activity = insert(:note_activity)
368 user = User.get_cached_by_ap_id(note_activity.data["actor"])
369
370 response =
371 conn
372 |> put_req_header("accept", "application/xml")
373 |> get("/users/#{user.nickname}")
374 |> response(302)
375
376 assert response ==
377 "<html><body>You are being <a href=\"#{Pleroma.Web.base_url()}/users/#{
378 user.nickname
379 }/feed.atom\">redirected</a>.</body></html>"
380 end
381
382 test "undefined format. it returns error when user not found", %{conn: conn} do
383 response =
384 conn
385 |> put_req_header("accept", "application/xml")
386 |> get("/users/jimm")
387 |> response(404)
388
389 assert response == ~S({"error":"Not found"})
390 end
391
392 test "activity+json format. it redirects on actual feed of user", %{conn: conn} do
393 note_activity = insert(:note_activity)
394 user = User.get_cached_by_ap_id(note_activity.data["actor"])
395
396 response =
397 conn
398 |> put_req_header("accept", "application/activity+json")
399 |> get("/users/#{user.nickname}")
400 |> json_response(200)
401
402 assert response["endpoints"] == %{
403 "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
404 "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
405 "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
406 "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
407 }
408
409 assert response["@context"] == [
410 "https://www.w3.org/ns/activitystreams",
411 "http://localhost:4001/schemas/litepub-0.1.jsonld",
412 %{"@language" => "und"}
413 ]
414
415 assert Map.take(response, [
416 "followers",
417 "following",
418 "id",
419 "inbox",
420 "manuallyApprovesFollowers",
421 "name",
422 "outbox",
423 "preferredUsername",
424 "summary",
425 "tag",
426 "type",
427 "url"
428 ]) == %{
429 "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
430 "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
431 "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
432 "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
433 "manuallyApprovesFollowers" => false,
434 "name" => user.name,
435 "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
436 "preferredUsername" => user.nickname,
437 "summary" => user.bio,
438 "tag" => [],
439 "type" => "Person",
440 "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
441 }
442 end
443
444 test "activity+json format. it returns error whe use not found", %{conn: conn} do
445 response =
446 conn
447 |> put_req_header("accept", "application/activity+json")
448 |> get("/users/jimm")
449 |> json_response(404)
450
451 assert response == "Not found"
452 end
453
454 test "json format. it redirects on actual feed of user", %{conn: conn} do
455 note_activity = insert(:note_activity)
456 user = User.get_cached_by_ap_id(note_activity.data["actor"])
457
458 response =
459 conn
460 |> put_req_header("accept", "application/json")
461 |> get("/users/#{user.nickname}")
462 |> json_response(200)
463
464 assert response["endpoints"] == %{
465 "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
466 "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
467 "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
468 "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
469 }
470
471 assert response["@context"] == [
472 "https://www.w3.org/ns/activitystreams",
473 "http://localhost:4001/schemas/litepub-0.1.jsonld",
474 %{"@language" => "und"}
475 ]
476
477 assert Map.take(response, [
478 "followers",
479 "following",
480 "id",
481 "inbox",
482 "manuallyApprovesFollowers",
483 "name",
484 "outbox",
485 "preferredUsername",
486 "summary",
487 "tag",
488 "type",
489 "url"
490 ]) == %{
491 "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
492 "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
493 "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
494 "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
495 "manuallyApprovesFollowers" => false,
496 "name" => user.name,
497 "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
498 "preferredUsername" => user.nickname,
499 "summary" => user.bio,
500 "tag" => [],
501 "type" => "Person",
502 "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
503 }
504 end
505
506 test "json format. it returns error whe use not found", %{conn: conn} do
507 response =
508 conn
509 |> put_req_header("accept", "application/json")
510 |> get("/users/jimm")
511 |> json_response(404)
512
513 assert response == "Not found"
514 end
515
516 test "html format. it redirects on actual feed of user", %{conn: conn} do
517 note_activity = insert(:note_activity)
518 user = User.get_cached_by_ap_id(note_activity.data["actor"])
519
520 response =
521 conn
522 |> get("/users/#{user.nickname}")
523 |> response(200)
524
525 assert response ==
526 Fallback.RedirectController.redirector_with_meta(
527 conn,
528 %{user: user}
529 ).resp_body
530 end
531
532 test "html format. it returns error when user not found", %{conn: conn} do
533 response =
534 conn
535 |> get("/users/jimm")
536 |> json_response(404)
537
538 assert response == %{"error" => "Not found"}
539 end
540 end
541
542 describe "GET /notice/:id/embed_player" do
543 test "render embed player", %{conn: conn} do
544 note_activity = insert(:note_activity)
545 object = Pleroma.Object.normalize(note_activity)
546
547 object_data =
548 Map.put(object.data, "attachment", [
549 %{
550 "url" => [
551 %{
552 "href" =>
553 "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
554 "mediaType" => "video/mp4",
555 "type" => "Link"
556 }
557 ]
558 }
559 ])
560
561 object
562 |> Ecto.Changeset.change(data: object_data)
563 |> Pleroma.Repo.update()
564
565 conn =
566 conn
567 |> get("/notice/#{note_activity.id}/embed_player")
568
569 assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
570
571 assert Plug.Conn.get_resp_header(
572 conn,
573 "content-security-policy"
574 ) == [
575 "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
576 ]
577
578 assert response(conn, 200) =~
579 "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
580 end
581
582 test "404s when activity isn't create", %{conn: conn} do
583 note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
584
585 assert conn
586 |> get("/notice/#{note_activity.id}/embed_player")
587 |> response(404)
588 end
589
590 test "404s when activity is direct message", %{conn: conn} do
591 note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
592
593 assert conn
594 |> get("/notice/#{note_activity.id}/embed_player")
595 |> response(404)
596 end
597
598 test "404s when attachment is empty", %{conn: conn} do
599 note_activity = insert(:note_activity)
600 object = Pleroma.Object.normalize(note_activity)
601 object_data = Map.put(object.data, "attachment", [])
602
603 object
604 |> Ecto.Changeset.change(data: object_data)
605 |> Pleroma.Repo.update()
606
607 assert conn
608 |> get("/notice/#{note_activity.id}/embed_player")
609 |> response(404)
610 end
611
612 test "404s when attachment isn't audio or video", %{conn: conn} do
613 note_activity = insert(:note_activity)
614 object = Pleroma.Object.normalize(note_activity)
615
616 object_data =
617 Map.put(object.data, "attachment", [
618 %{
619 "url" => [
620 %{
621 "href" => "https://peertube.moe/static/webseed/480.jpg",
622 "mediaType" => "image/jpg",
623 "type" => "Link"
624 }
625 ]
626 }
627 ])
628
629 object
630 |> Ecto.Changeset.change(data: object_data)
631 |> Pleroma.Repo.update()
632
633 assert conn
634 |> get("/notice/#{note_activity.id}/embed_player")
635 |> response(404)
636 end
637 end
638 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git