1 defmodule Pleroma.Web.TwitterAPI.ControllerTest do
2 use Pleroma.Web.ConnCase
3 alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
4 alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
5 alias Pleroma.{Repo, Activity, User, Object, Notification}
6 alias Pleroma.Web.ActivityPub.ActivityPub
7 alias Pleroma.Web.TwitterAPI.UserView
8 alias Pleroma.Web.TwitterAPI.NotificationView
9 alias Pleroma.Web.CommonAPI
10 alias Pleroma.Web.TwitterAPI.TwitterAPI
13 import Pleroma.Factory
15 describe "POST /api/account/verify_credentials" do
18 test "without valid credentials", %{conn: conn} do
19 conn = post(conn, "/api/account/verify_credentials.json")
20 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
23 test "with credentials", %{conn: conn, user: user} do
26 |> with_credentials(user.nickname, "test")
27 |> post("/api/account/verify_credentials.json")
29 assert response = json_response(conn, 200)
30 assert response == UserView.render("show.json", %{user: user, token: response["token"]})
34 describe "POST /api/account/most_recent_notification" do
37 test "without valid credentials", %{conn: conn} do
38 conn = post(conn, "/api/account/most_recent_notification.json")
39 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
42 test "with credentials", %{conn: conn, user: user} do
45 |> with_credentials(user.nickname, "test")
46 |> post("/api/account/most_recent_notification.json", %{id: "200"})
48 assert json_response(conn, 200)
49 user = User.get_by_nickname(user.nickname)
50 assert user.info["most_recent_notification"] == 200
54 describe "POST /statuses/update.json" do
57 test "without valid credentials", %{conn: conn} do
58 conn = post(conn, "/api/statuses/update.json")
59 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
62 test "with credentials", %{conn: conn, user: user} do
63 conn_with_creds = conn |> with_credentials(user.nickname, "test")
64 request_path = "/api/statuses/update.json"
67 "request" => request_path,
68 "error" => "Client must provide a 'status' parameter with a value."
71 conn = conn_with_creds |> post(request_path)
72 assert json_response(conn, 400) == error_response
74 conn = conn_with_creds |> post(request_path, %{status: ""})
75 assert json_response(conn, 400) == error_response
77 conn = conn_with_creds |> post(request_path, %{status: " "})
78 assert json_response(conn, 400) == error_response
80 # we post with visibility private in order to avoid triggering relay
81 conn = conn_with_creds |> post(request_path, %{status: "Nice meme.", visibility: "private"})
83 assert json_response(conn, 200) ==
84 ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
88 describe "GET /statuses/public_timeline.json" do
89 test "returns statuses", %{conn: conn} do
90 {:ok, user} = UserBuilder.insert()
91 activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
92 ActivityBuilder.insert_list(10, %{}, %{user: user})
93 since_id = List.last(activities).id
97 |> get("/api/statuses/public_timeline.json", %{since_id: since_id})
99 response = json_response(conn, 200)
101 assert length(response) == 10
105 describe "GET /statuses/show/:id.json" do
106 test "returns one status", %{conn: conn} do
108 {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
109 actor = Repo.get_by!(User, ap_id: activity.data["actor"])
113 |> get("/api/statuses/show/#{activity.id}.json")
115 response = json_response(conn, 200)
117 assert response == ActivityRepresenter.to_map(activity, %{user: actor})
121 describe "GET /users/show.json" do
122 test "gets user with screen_name", %{conn: conn} do
127 |> get("/api/users/show.json", %{"screen_name" => user.nickname})
129 response = json_response(conn, 200)
131 assert response["id"] == user.id
134 test "gets user with user_id", %{conn: conn} do
139 |> get("/api/users/show.json", %{"user_id" => user.id})
141 response = json_response(conn, 200)
143 assert response["id"] == user.id
146 test "gets a user for a logged in user", %{conn: conn} do
148 logged_in = insert(:user)
150 {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})
154 |> with_credentials(logged_in.nickname, "test")
155 |> get("/api/users/show.json", %{"user_id" => user.id})
157 response = json_response(conn, 200)
159 assert response["following"] == true
163 describe "GET /statusnet/conversation/:id.json" do
164 test "returns the statuses in the conversation", %{conn: conn} do
165 {:ok, _user} = UserBuilder.insert()
166 {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
167 {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
168 {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})
172 |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")
174 response = json_response(conn, 200)
176 assert length(response) == 2
180 describe "GET /statuses/friends_timeline.json" do
183 test "without valid credentials", %{conn: conn} do
184 conn = get(conn, "/api/statuses/friends_timeline.json")
185 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
188 test "with credentials", %{conn: conn, user: current_user} do
192 ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})
194 returned_activities =
195 ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})
197 other_user = insert(:user)
198 ActivityBuilder.insert_list(10, %{}, %{user: other_user})
199 since_id = List.last(activities).id
202 Ecto.Changeset.change(current_user, following: [User.ap_followers(user)])
207 |> with_credentials(current_user.nickname, "test")
208 |> get("/api/statuses/friends_timeline.json", %{since_id: since_id})
210 response = json_response(conn, 200)
212 assert length(response) == 10
215 Enum.map(returned_activities, fn activity ->
216 ActivityRepresenter.to_map(activity, %{
217 user: User.get_cached_by_ap_id(activity.data["actor"]),
224 describe "GET /statuses/mentions.json" do
227 test "without valid credentials", %{conn: conn} do
228 conn = get(conn, "/api/statuses/mentions.json")
229 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
232 test "with credentials", %{conn: conn, user: current_user} do
234 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
238 |> with_credentials(current_user.nickname, "test")
239 |> get("/api/statuses/mentions.json")
241 response = json_response(conn, 200)
243 assert length(response) == 1
245 assert Enum.at(response, 0) ==
246 ActivityRepresenter.to_map(activity, %{
248 mentioned: [current_user]
253 describe "GET /api/qvitter/statuses/notifications.json" do
256 test "without valid credentials", %{conn: conn} do
257 conn = get(conn, "/api/qvitter/statuses/notifications.json")
258 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
261 test "with credentials", %{conn: conn, user: current_user} do
262 other_user = insert(:user)
265 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
269 |> with_credentials(current_user.nickname, "test")
270 |> get("/api/qvitter/statuses/notifications.json")
272 response = json_response(conn, 200)
274 assert length(response) == 1
277 NotificationView.render("notification.json", %{
278 notifications: Notification.for_user(current_user),
284 describe "GET /statuses/user_timeline.json" do
287 test "without any params", %{conn: conn} do
288 conn = get(conn, "/api/statuses/user_timeline.json")
290 assert json_response(conn, 400) == %{
291 "error" => "You need to specify screen_name or user_id",
292 "request" => "/api/statuses/user_timeline.json"
296 test "with user_id", %{conn: conn} do
298 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
300 conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
301 response = json_response(conn, 200)
302 assert length(response) == 1
303 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
306 test "with screen_name", %{conn: conn} do
308 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
310 conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
311 response = json_response(conn, 200)
312 assert length(response) == 1
313 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
316 test "with credentials", %{conn: conn, user: current_user} do
317 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})
321 |> with_credentials(current_user.nickname, "test")
322 |> get("/api/statuses/user_timeline.json")
324 response = json_response(conn, 200)
326 assert length(response) == 1
327 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
330 test "with credentials with user_id", %{conn: conn, user: current_user} do
332 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
336 |> with_credentials(current_user.nickname, "test")
337 |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})
339 response = json_response(conn, 200)
341 assert length(response) == 1
342 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
345 test "with credentials screen_name", %{conn: conn, user: current_user} do
347 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
351 |> with_credentials(current_user.nickname, "test")
352 |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
354 response = json_response(conn, 200)
356 assert length(response) == 1
357 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
361 describe "POST /friendships/create.json" do
364 test "without valid credentials", %{conn: conn} do
365 conn = post(conn, "/api/friendships/create.json")
366 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
369 test "with credentials", %{conn: conn, user: current_user} do
370 followed = insert(:user)
374 |> with_credentials(current_user.nickname, "test")
375 |> post("/api/friendships/create.json", %{user_id: followed.id})
377 current_user = Repo.get(User, current_user.id)
378 assert User.ap_followers(followed) in current_user.following
380 assert json_response(conn, 200) ==
381 UserView.render("show.json", %{user: followed, for: current_user})
385 describe "POST /friendships/destroy.json" do
388 test "without valid credentials", %{conn: conn} do
389 conn = post(conn, "/api/friendships/destroy.json")
390 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
393 test "with credentials", %{conn: conn, user: current_user} do
394 followed = insert(:user)
396 {:ok, current_user} = User.follow(current_user, followed)
397 assert User.ap_followers(followed) in current_user.following
398 ActivityPub.follow(current_user, followed)
402 |> with_credentials(current_user.nickname, "test")
403 |> post("/api/friendships/destroy.json", %{user_id: followed.id})
405 current_user = Repo.get(User, current_user.id)
406 assert current_user.following == [current_user.ap_id]
408 assert json_response(conn, 200) ==
409 UserView.render("show.json", %{user: followed, for: current_user})
413 describe "POST /blocks/create.json" do
416 test "without valid credentials", %{conn: conn} do
417 conn = post(conn, "/api/blocks/create.json")
418 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
421 test "with credentials", %{conn: conn, user: current_user} do
422 blocked = insert(:user)
426 |> with_credentials(current_user.nickname, "test")
427 |> post("/api/blocks/create.json", %{user_id: blocked.id})
429 current_user = Repo.get(User, current_user.id)
430 assert User.blocks?(current_user, blocked)
432 assert json_response(conn, 200) ==
433 UserView.render("show.json", %{user: blocked, for: current_user})
437 describe "POST /blocks/destroy.json" do
440 test "without valid credentials", %{conn: conn} do
441 conn = post(conn, "/api/blocks/destroy.json")
442 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
445 test "with credentials", %{conn: conn, user: current_user} do
446 blocked = insert(:user)
448 {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
449 assert User.blocks?(current_user, blocked)
453 |> with_credentials(current_user.nickname, "test")
454 |> post("/api/blocks/destroy.json", %{user_id: blocked.id})
456 current_user = Repo.get(User, current_user.id)
457 assert current_user.info["blocks"] == []
459 assert json_response(conn, 200) ==
460 UserView.render("show.json", %{user: blocked, for: current_user})
464 describe "GET /help/test.json" do
465 test "returns \"ok\"", %{conn: conn} do
466 conn = get(conn, "/api/help/test.json")
467 assert json_response(conn, 200) == "ok"
471 describe "POST /api/qvitter/update_avatar.json" do
474 test "without valid credentials", %{conn: conn} do
475 conn = post(conn, "/api/qvitter/update_avatar.json")
476 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
479 test "with credentials", %{conn: conn, user: current_user} do
480 avatar_image = File.read!("test/fixtures/avatar_data_uri")
484 |> with_credentials(current_user.nickname, "test")
485 |> post("/api/qvitter/update_avatar.json", %{img: avatar_image})
487 current_user = Repo.get(User, current_user.id)
488 assert is_map(current_user.avatar)
490 assert json_response(conn, 200) ==
491 UserView.render("show.json", %{user: current_user, for: current_user})
495 describe "GET /api/qvitter/mutes.json" do
498 test "unimplemented mutes without valid credentials", %{conn: conn} do
499 conn = get(conn, "/api/qvitter/mutes.json")
500 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
503 test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
506 |> with_credentials(current_user.nickname, "test")
507 |> get("/api/qvitter/mutes.json")
509 current_user = Repo.get(User, current_user.id)
511 assert [] = json_response(conn, 200)
515 describe "POST /api/favorites/create/:id" do
518 test "without valid credentials", %{conn: conn} do
519 note_activity = insert(:note_activity)
520 conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
521 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
524 test "with credentials", %{conn: conn, user: current_user} do
525 note_activity = insert(:note_activity)
529 |> with_credentials(current_user.nickname, "test")
530 |> post("/api/favorites/create/#{note_activity.id}.json")
532 assert json_response(conn, 200)
535 test "with credentials, invalid param", %{conn: conn, user: current_user} do
538 |> with_credentials(current_user.nickname, "test")
539 |> post("/api/favorites/create/wrong.json")
541 assert json_response(conn, 400)
544 test "with credentials, invalid activity", %{conn: conn, user: current_user} do
547 |> with_credentials(current_user.nickname, "test")
548 |> post("/api/favorites/create/1.json")
550 assert json_response(conn, 500)
554 describe "POST /api/favorites/destroy/:id" do
557 test "without valid credentials", %{conn: conn} do
558 note_activity = insert(:note_activity)
559 conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
560 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
563 test "with credentials", %{conn: conn, user: current_user} do
564 note_activity = insert(:note_activity)
565 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
566 ActivityPub.like(current_user, object)
570 |> with_credentials(current_user.nickname, "test")
571 |> post("/api/favorites/destroy/#{note_activity.id}.json")
573 assert json_response(conn, 200)
577 describe "POST /api/statuses/retweet/:id" do
580 test "without valid credentials", %{conn: conn} do
581 note_activity = insert(:note_activity)
582 conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
583 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
586 test "with credentials", %{conn: conn, user: current_user} do
587 note_activity = insert(:note_activity)
589 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
593 |> with_credentials(current_user.nickname, "test")
594 |> post(request_path)
596 activity = Repo.get(Activity, note_activity.id)
597 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
599 assert json_response(response, 200) ==
600 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
604 describe "POST /api/statuses/unretweet/:id" do
607 test "without valid credentials", %{conn: conn} do
608 note_activity = insert(:note_activity)
609 conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
610 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
613 test "with credentials", %{conn: conn, user: current_user} do
614 note_activity = insert(:note_activity)
616 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
620 |> with_credentials(current_user.nickname, "test")
621 |> post(request_path)
623 request_path = String.replace(request_path, "retweet", "unretweet")
627 |> with_credentials(current_user.nickname, "test")
628 |> post(request_path)
630 activity = Repo.get(Activity, note_activity.id)
631 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
633 assert json_response(response, 200) ==
634 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
638 describe "POST /api/account/register" do
639 test "it creates a new user", %{conn: conn} do
641 "nickname" => "lain",
642 "email" => "lain@wired.jp",
643 "fullname" => "lain iwakura",
644 "bio" => "close the world.",
645 "password" => "bear",
651 |> post("/api/account/register", data)
653 user = json_response(conn, 200)
655 fetched_user = Repo.get_by(User, nickname: "lain")
656 assert user == UserView.render("show.json", %{user: fetched_user})
659 test "it returns errors on a problem", %{conn: conn} do
661 "email" => "lain@wired.jp",
662 "fullname" => "lain iwakura",
663 "bio" => "close the world.",
664 "password" => "bear",
670 |> post("/api/account/register", data)
672 errors = json_response(conn, 400)
674 assert is_binary(errors["error"])
678 describe "GET /api/externalprofile/show" do
679 test "it returns the user", %{conn: conn} do
681 other_user = insert(:user)
685 |> assign(:user, user)
686 |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
688 assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
692 describe "GET /api/statuses/followers" do
693 test "it returns a user's followers", %{conn: conn} do
695 follower_one = insert(:user)
696 follower_two = insert(:user)
697 _not_follower = insert(:user)
699 {:ok, follower_one} = User.follow(follower_one, user)
700 {:ok, follower_two} = User.follow(follower_two, user)
704 |> assign(:user, user)
705 |> get("/api/statuses/followers")
707 expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
708 result = json_response(conn, 200)
709 assert Enum.sort(expected) == Enum.sort(result)
713 describe "GET /api/statuses/friends" do
714 test "it returns the logged in user's friends", %{conn: conn} do
716 followed_one = insert(:user)
717 followed_two = insert(:user)
718 _not_followed = insert(:user)
720 {:ok, user} = User.follow(user, followed_one)
721 {:ok, user} = User.follow(user, followed_two)
725 |> assign(:user, user)
726 |> get("/api/statuses/friends")
728 expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
729 result = json_response(conn, 200)
730 assert Enum.sort(expected) == Enum.sort(result)
733 test "it returns a given user's friends with user_id", %{conn: conn} do
735 followed_one = insert(:user)
736 followed_two = insert(:user)
737 _not_followed = insert(:user)
739 {:ok, user} = User.follow(user, followed_one)
740 {:ok, user} = User.follow(user, followed_two)
744 |> assign(:user, user)
745 |> get("/api/statuses/friends", %{"user_id" => user.id})
747 assert MapSet.equal?(
748 MapSet.new(json_response(conn, 200)),
750 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
755 test "it returns a given user's friends with screen_name", %{conn: conn} do
757 followed_one = insert(:user)
758 followed_two = insert(:user)
759 _not_followed = insert(:user)
761 {:ok, user} = User.follow(user, followed_one)
762 {:ok, user} = User.follow(user, followed_two)
766 |> assign(:user, user)
767 |> get("/api/statuses/friends", %{"screen_name" => user.nickname})
769 assert MapSet.equal?(
770 MapSet.new(json_response(conn, 200)),
772 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
778 describe "GET /friends/ids" do
779 test "it returns a user's friends", %{conn: conn} do
781 followed_one = insert(:user)
782 followed_two = insert(:user)
783 _not_followed = insert(:user)
785 {:ok, user} = User.follow(user, followed_one)
786 {:ok, user} = User.follow(user, followed_two)
790 |> assign(:user, user)
791 |> get("/api/friends/ids")
793 expected = [followed_one.id, followed_two.id]
795 assert MapSet.equal?(
796 MapSet.new(Poison.decode!(json_response(conn, 200))),
802 describe "POST /api/account/update_profile.json" do
803 test "it updates a user's profile", %{conn: conn} do
808 |> assign(:user, user)
809 |> post("/api/account/update_profile.json", %{
810 "name" => "new name",
811 "description" => "new description"
814 user = Repo.get!(User, user.id)
815 assert user.name == "new name"
816 assert user.bio == "new description"
818 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
821 test "it locks an account", %{conn: conn} do
826 |> assign(:user, user)
827 |> post("/api/account/update_profile.json", %{
831 user = Repo.get!(User, user.id)
832 assert user.info["locked"] == true
834 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
837 test "it unlocks an account", %{conn: conn} do
842 |> assign(:user, user)
843 |> post("/api/account/update_profile.json", %{
847 user = Repo.get!(User, user.id)
848 assert user.info["locked"] == false
850 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
854 defp valid_user(_context) do
859 defp with_credentials(conn, username, password) do
860 header_content = "Basic " <> Base.encode64("#{username}:#{password}")
861 put_req_header(conn, "authorization", header_content)
864 describe "GET /api/search.json" do
865 test "it returns search results", %{conn: conn} do
867 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
869 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
870 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
874 |> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"})
876 assert [status] = json_response(conn, 200)
877 assert status["id"] == activity.id
881 describe "GET /api/statusnet/tags/timeline/:tag.json" do
882 test "it returns the tags timeline", %{conn: conn} do
884 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
886 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"})
887 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
891 |> get("/api/statusnet/tags/timeline/2hu.json")
893 assert [status] = json_response(conn, 200)
894 assert status["id"] == activity.id
898 test "Convert newlines to <br> in bio", %{conn: conn} do
903 |> assign(:user, user)
904 |> post("/api/account/update_profile.json", %{
905 "description" => "Hello,\r\nWorld! I\n am a test."
908 user = Repo.get!(User, user.id)
909 assert user.bio == "Hello,<br>World! I<br> am a test."
912 describe "POST /api/pleroma/change_password" do
915 test "without credentials", %{conn: conn} do
916 conn = post(conn, "/api/pleroma/change_password")
917 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
920 test "with credentials and invalid password", %{conn: conn, user: current_user} do
923 |> with_credentials(current_user.nickname, "test")
924 |> post("/api/pleroma/change_password", %{
926 "new_password" => "newpass",
927 "new_password_confirmation" => "newpass"
930 assert json_response(conn, 200) == %{"error" => "Invalid password."}
933 test "with credentials, valid password and new password and confirmation not matching", %{
939 |> with_credentials(current_user.nickname, "test")
940 |> post("/api/pleroma/change_password", %{
941 "password" => "test",
942 "new_password" => "newpass",
943 "new_password_confirmation" => "notnewpass"
946 assert json_response(conn, 200) == %{
947 "error" => "New password does not match confirmation."
951 test "with credentials, valid password and invalid new password", %{
957 |> with_credentials(current_user.nickname, "test")
958 |> post("/api/pleroma/change_password", %{
959 "password" => "test",
960 "new_password" => "",
961 "new_password_confirmation" => ""
964 assert json_response(conn, 200) == %{
965 "error" => "New password can't be blank."
969 test "with credentials, valid password and matching new password and confirmation", %{
975 |> with_credentials(current_user.nickname, "test")
976 |> post("/api/pleroma/change_password", %{
977 "password" => "test",
978 "new_password" => "newpass",
979 "new_password_confirmation" => "newpass"
982 assert json_response(conn, 200) == %{"status" => "success"}
983 fetched_user = Repo.get(User, current_user.id)
984 assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
988 describe "POST /api/pleroma/delete_account" do
991 test "without credentials", %{conn: conn} do
992 conn = post(conn, "/api/pleroma/delete_account")
993 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
996 test "with credentials and invalid password", %{conn: conn, user: current_user} do
999 |> with_credentials(current_user.nickname, "test")
1000 |> post("/api/pleroma/delete_account", %{"password" => "hi"})
1002 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1005 test "with credentials and valid password", %{conn: conn, user: current_user} do
1008 |> with_credentials(current_user.nickname, "test")
1009 |> post("/api/pleroma/delete_account", %{"password" => "test"})
1011 assert json_response(conn, 200) == %{"status" => "success"}
1012 # Wait a second for the started task to end
1017 describe "GET /api/pleroma/friend_requests" do
1018 test "it lists friend requests" do
1019 user = insert(:user, %{info: %{"locked" => true}})
1020 other_user = insert(:user)
1022 {:ok, activity} = ActivityPub.follow(other_user, user)
1024 user = Repo.get(User, user.id)
1025 other_user = Repo.get(User, other_user.id)
1027 assert User.following?(other_user, user) == false
1031 |> assign(:user, user)
1032 |> get("/api/pleroma/friend_requests")
1034 assert [relationship] = json_response(conn, 200)
1035 assert other_user.id == relationship["id"]
1039 describe "POST /api/pleroma/friendships/approve" do
1040 test "it approves a friend request" do
1041 user = insert(:user, %{info: %{"locked" => true}})
1042 other_user = insert(:user)
1044 {:ok, activity} = ActivityPub.follow(other_user, user)
1046 user = Repo.get(User, user.id)
1047 other_user = Repo.get(User, other_user.id)
1049 assert User.following?(other_user, user) == false
1053 |> assign(:user, user)
1054 |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})
1056 assert relationship = json_response(conn, 200)
1057 assert other_user.id == relationship["id"]
1058 assert relationship["follows_you"] == true
1062 describe "POST /api/pleroma/friendships/deny" do
1063 test "it denies a friend request" do
1064 user = insert(:user, %{info: %{"locked" => true}})
1065 other_user = insert(:user)
1067 {:ok, activity} = ActivityPub.follow(other_user, user)
1069 user = Repo.get(User, user.id)
1070 other_user = Repo.get(User, other_user.id)
1072 assert User.following?(other_user, user) == false
1076 |> assign(:user, user)
1077 |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})
1079 assert relationship = json_response(conn, 200)
1080 assert other_user.id == relationship["id"]
1081 assert relationship["follows_you"] == false