1 defmodule Pleroma.Web.TwitterAPI.ControllerTest do
2 use Pleroma.Web.ConnCase
3 alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
4 alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
5 alias Pleroma.{Repo, Activity, User, Object, Notification}
6 alias Pleroma.Web.ActivityPub.ActivityPub
7 alias Pleroma.Web.TwitterAPI.UserView
8 alias Pleroma.Web.TwitterAPI.NotificationView
9 alias Pleroma.Web.CommonAPI
10 alias Pleroma.Web.TwitterAPI.TwitterAPI
13 import Pleroma.Factory
15 describe "POST /api/account/verify_credentials" do
18 test "without valid credentials", %{conn: conn} do
19 conn = post(conn, "/api/account/verify_credentials.json")
20 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
23 test "with credentials", %{conn: conn, user: user} do
26 |> with_credentials(user.nickname, "test")
27 |> post("/api/account/verify_credentials.json")
29 assert response = json_response(conn, 200)
30 assert response == UserView.render("show.json", %{user: user, token: response["token"]})
34 describe "POST /api/account/most_recent_notification" do
37 test "without valid credentials", %{conn: conn} do
38 conn = post(conn, "/api/account/most_recent_notification.json")
39 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
42 test "with credentials", %{conn: conn, user: user} do
45 |> with_credentials(user.nickname, "test")
46 |> post("/api/account/most_recent_notification.json", %{id: "200"})
48 assert json_response(conn, 200)
49 user = User.get_by_nickname(user.nickname)
50 assert user.info["most_recent_notification"] == 200
54 describe "POST /statuses/update.json" do
57 test "without valid credentials", %{conn: conn} do
58 conn = post(conn, "/api/statuses/update.json")
59 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
62 test "with credentials", %{conn: conn, user: user} do
63 conn_with_creds = conn |> with_credentials(user.nickname, "test")
64 request_path = "/api/statuses/update.json"
67 "request" => request_path,
68 "error" => "Client must provide a 'status' parameter with a value."
71 conn = conn_with_creds |> post(request_path)
72 assert json_response(conn, 400) == error_response
74 conn = conn_with_creds |> post(request_path, %{status: ""})
75 assert json_response(conn, 400) == error_response
77 conn = conn_with_creds |> post(request_path, %{status: " "})
78 assert json_response(conn, 400) == error_response
80 # we post with visibility private in order to avoid triggering relay
81 conn = conn_with_creds |> post(request_path, %{status: "Nice meme.", visibility: "private"})
83 assert json_response(conn, 200) ==
84 ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
88 describe "GET /statuses/public_timeline.json" do
89 test "returns statuses", %{conn: conn} do
90 {:ok, user} = UserBuilder.insert()
91 activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
92 ActivityBuilder.insert_list(10, %{}, %{user: user})
93 since_id = List.last(activities).id
97 |> get("/api/statuses/public_timeline.json", %{since_id: since_id})
99 response = json_response(conn, 200)
101 assert length(response) == 10
104 test "returns 403 to unauthenticated request when the instance is not public" do
106 Application.get_env(:pleroma, :instance)
107 |> Keyword.put(:public, false)
109 Application.put_env(:pleroma, :instance, instance)
112 |> get("/api/statuses/public_timeline.json")
113 |> json_response(403)
116 Application.get_env(:pleroma, :instance)
117 |> Keyword.put(:public, true)
119 Application.put_env(:pleroma, :instance, instance)
122 test "returns 200 to unauthenticated request when the instance is public" do
124 |> get("/api/statuses/public_timeline.json")
125 |> json_response(200)
129 describe "GET /statuses/public_and_external_timeline.json" do
130 test "returns 403 to unauthenticated request when the instance is not public" do
132 Application.get_env(:pleroma, :instance)
133 |> Keyword.put(:public, false)
135 Application.put_env(:pleroma, :instance, instance)
138 |> get("/api/statuses/public_and_external_timeline.json")
139 |> json_response(403)
142 Application.get_env(:pleroma, :instance)
143 |> Keyword.put(:public, true)
145 Application.put_env(:pleroma, :instance, instance)
148 test "returns 200 to unauthenticated request when the instance is public" do
150 |> get("/api/statuses/public_and_external_timeline.json")
151 |> json_response(200)
155 describe "GET /statuses/show/:id.json" do
156 test "returns one status", %{conn: conn} do
158 {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
159 actor = Repo.get_by!(User, ap_id: activity.data["actor"])
163 |> get("/api/statuses/show/#{activity.id}.json")
165 response = json_response(conn, 200)
167 assert response == ActivityRepresenter.to_map(activity, %{user: actor})
171 describe "GET /users/show.json" do
172 test "gets user with screen_name", %{conn: conn} do
177 |> get("/api/users/show.json", %{"screen_name" => user.nickname})
179 response = json_response(conn, 200)
181 assert response["id"] == user.id
184 test "gets user with user_id", %{conn: conn} do
189 |> get("/api/users/show.json", %{"user_id" => user.id})
191 response = json_response(conn, 200)
193 assert response["id"] == user.id
196 test "gets a user for a logged in user", %{conn: conn} do
198 logged_in = insert(:user)
200 {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})
204 |> with_credentials(logged_in.nickname, "test")
205 |> get("/api/users/show.json", %{"user_id" => user.id})
207 response = json_response(conn, 200)
209 assert response["following"] == true
213 describe "GET /statusnet/conversation/:id.json" do
214 test "returns the statuses in the conversation", %{conn: conn} do
215 {:ok, _user} = UserBuilder.insert()
216 {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
217 {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
218 {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})
222 |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")
224 response = json_response(conn, 200)
226 assert length(response) == 2
230 describe "GET /statuses/friends_timeline.json" do
233 test "without valid credentials", %{conn: conn} do
234 conn = get(conn, "/api/statuses/friends_timeline.json")
235 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
238 test "with credentials", %{conn: conn, user: current_user} do
242 ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})
244 returned_activities =
245 ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})
247 other_user = insert(:user)
248 ActivityBuilder.insert_list(10, %{}, %{user: other_user})
249 since_id = List.last(activities).id
252 Ecto.Changeset.change(current_user, following: [User.ap_followers(user)])
257 |> with_credentials(current_user.nickname, "test")
258 |> get("/api/statuses/friends_timeline.json", %{since_id: since_id})
260 response = json_response(conn, 200)
262 assert length(response) == 10
265 Enum.map(returned_activities, fn activity ->
266 ActivityRepresenter.to_map(activity, %{
267 user: User.get_cached_by_ap_id(activity.data["actor"]),
274 describe "GET /statuses/mentions.json" do
277 test "without valid credentials", %{conn: conn} do
278 conn = get(conn, "/api/statuses/mentions.json")
279 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
282 test "with credentials", %{conn: conn, user: current_user} do
284 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
288 |> with_credentials(current_user.nickname, "test")
289 |> get("/api/statuses/mentions.json")
291 response = json_response(conn, 200)
293 assert length(response) == 1
295 assert Enum.at(response, 0) ==
296 ActivityRepresenter.to_map(activity, %{
298 mentioned: [current_user]
303 describe "GET /api/qvitter/statuses/notifications.json" do
306 test "without valid credentials", %{conn: conn} do
307 conn = get(conn, "/api/qvitter/statuses/notifications.json")
308 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
311 test "with credentials", %{conn: conn, user: current_user} do
312 other_user = insert(:user)
315 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
319 |> with_credentials(current_user.nickname, "test")
320 |> get("/api/qvitter/statuses/notifications.json")
322 response = json_response(conn, 200)
324 assert length(response) == 1
327 NotificationView.render("notification.json", %{
328 notifications: Notification.for_user(current_user),
334 describe "POST /api/qvitter/statuses/notifications/read" do
337 test "without valid credentials", %{conn: conn} do
338 conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567})
339 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
342 test "with credentials, without any params", %{conn: conn, user: current_user} do
345 |> with_credentials(current_user.nickname, "test")
346 |> post("/api/qvitter/statuses/notifications/read")
348 assert json_response(conn, 400) == %{
349 "error" => "You need to specify latest_id",
350 "request" => "/api/qvitter/statuses/notifications/read"
354 test "with credentials, with params", %{conn: conn, user: current_user} do
355 other_user = insert(:user)
358 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
362 |> with_credentials(current_user.nickname, "test")
363 |> get("/api/qvitter/statuses/notifications.json")
365 [notification] = response = json_response(response_conn, 200)
367 assert length(response) == 1
369 assert notification["is_seen"] == 0
373 |> with_credentials(current_user.nickname, "test")
374 |> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]})
376 [notification] = response = json_response(response_conn, 200)
378 assert length(response) == 1
380 assert notification["is_seen"] == 1
384 describe "GET /statuses/user_timeline.json" do
387 test "without any params", %{conn: conn} do
388 conn = get(conn, "/api/statuses/user_timeline.json")
390 assert json_response(conn, 400) == %{
391 "error" => "You need to specify screen_name or user_id",
392 "request" => "/api/statuses/user_timeline.json"
396 test "with user_id", %{conn: conn} do
398 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
400 conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
401 response = json_response(conn, 200)
402 assert length(response) == 1
403 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
406 test "with screen_name", %{conn: conn} do
408 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
410 conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
411 response = json_response(conn, 200)
412 assert length(response) == 1
413 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
416 test "with credentials", %{conn: conn, user: current_user} do
417 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})
421 |> with_credentials(current_user.nickname, "test")
422 |> get("/api/statuses/user_timeline.json")
424 response = json_response(conn, 200)
426 assert length(response) == 1
427 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
430 test "with credentials with user_id", %{conn: conn, user: current_user} do
432 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
436 |> with_credentials(current_user.nickname, "test")
437 |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})
439 response = json_response(conn, 200)
441 assert length(response) == 1
442 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
445 test "with credentials screen_name", %{conn: conn, user: current_user} do
447 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
451 |> with_credentials(current_user.nickname, "test")
452 |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
454 response = json_response(conn, 200)
456 assert length(response) == 1
457 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
461 describe "POST /friendships/create.json" do
464 test "without valid credentials", %{conn: conn} do
465 conn = post(conn, "/api/friendships/create.json")
466 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
469 test "with credentials", %{conn: conn, user: current_user} do
470 followed = insert(:user)
474 |> with_credentials(current_user.nickname, "test")
475 |> post("/api/friendships/create.json", %{user_id: followed.id})
477 current_user = Repo.get(User, current_user.id)
478 assert User.ap_followers(followed) in current_user.following
480 assert json_response(conn, 200) ==
481 UserView.render("show.json", %{user: followed, for: current_user})
485 describe "POST /friendships/destroy.json" do
488 test "without valid credentials", %{conn: conn} do
489 conn = post(conn, "/api/friendships/destroy.json")
490 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
493 test "with credentials", %{conn: conn, user: current_user} do
494 followed = insert(:user)
496 {:ok, current_user} = User.follow(current_user, followed)
497 assert User.ap_followers(followed) in current_user.following
498 ActivityPub.follow(current_user, followed)
502 |> with_credentials(current_user.nickname, "test")
503 |> post("/api/friendships/destroy.json", %{user_id: followed.id})
505 current_user = Repo.get(User, current_user.id)
506 assert current_user.following == [current_user.ap_id]
508 assert json_response(conn, 200) ==
509 UserView.render("show.json", %{user: followed, for: current_user})
513 describe "POST /blocks/create.json" do
516 test "without valid credentials", %{conn: conn} do
517 conn = post(conn, "/api/blocks/create.json")
518 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
521 test "with credentials", %{conn: conn, user: current_user} do
522 blocked = insert(:user)
526 |> with_credentials(current_user.nickname, "test")
527 |> post("/api/blocks/create.json", %{user_id: blocked.id})
529 current_user = Repo.get(User, current_user.id)
530 assert User.blocks?(current_user, blocked)
532 assert json_response(conn, 200) ==
533 UserView.render("show.json", %{user: blocked, for: current_user})
537 describe "POST /blocks/destroy.json" do
540 test "without valid credentials", %{conn: conn} do
541 conn = post(conn, "/api/blocks/destroy.json")
542 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
545 test "with credentials", %{conn: conn, user: current_user} do
546 blocked = insert(:user)
548 {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
549 assert User.blocks?(current_user, blocked)
553 |> with_credentials(current_user.nickname, "test")
554 |> post("/api/blocks/destroy.json", %{user_id: blocked.id})
556 current_user = Repo.get(User, current_user.id)
557 assert current_user.info["blocks"] == []
559 assert json_response(conn, 200) ==
560 UserView.render("show.json", %{user: blocked, for: current_user})
564 describe "GET /help/test.json" do
565 test "returns \"ok\"", %{conn: conn} do
566 conn = get(conn, "/api/help/test.json")
567 assert json_response(conn, 200) == "ok"
571 describe "POST /api/qvitter/update_avatar.json" do
574 test "without valid credentials", %{conn: conn} do
575 conn = post(conn, "/api/qvitter/update_avatar.json")
576 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
579 test "with credentials", %{conn: conn, user: current_user} do
580 avatar_image = File.read!("test/fixtures/avatar_data_uri")
584 |> with_credentials(current_user.nickname, "test")
585 |> post("/api/qvitter/update_avatar.json", %{img: avatar_image})
587 current_user = Repo.get(User, current_user.id)
588 assert is_map(current_user.avatar)
590 assert json_response(conn, 200) ==
591 UserView.render("show.json", %{user: current_user, for: current_user})
595 describe "GET /api/qvitter/mutes.json" do
598 test "unimplemented mutes without valid credentials", %{conn: conn} do
599 conn = get(conn, "/api/qvitter/mutes.json")
600 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
603 test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
606 |> with_credentials(current_user.nickname, "test")
607 |> get("/api/qvitter/mutes.json")
609 current_user = Repo.get(User, current_user.id)
611 assert [] = json_response(conn, 200)
615 describe "POST /api/favorites/create/:id" do
618 test "without valid credentials", %{conn: conn} do
619 note_activity = insert(:note_activity)
620 conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
621 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
624 test "with credentials", %{conn: conn, user: current_user} do
625 note_activity = insert(:note_activity)
629 |> with_credentials(current_user.nickname, "test")
630 |> post("/api/favorites/create/#{note_activity.id}.json")
632 assert json_response(conn, 200)
635 test "with credentials, invalid param", %{conn: conn, user: current_user} do
638 |> with_credentials(current_user.nickname, "test")
639 |> post("/api/favorites/create/wrong.json")
641 assert json_response(conn, 400)
644 test "with credentials, invalid activity", %{conn: conn, user: current_user} do
647 |> with_credentials(current_user.nickname, "test")
648 |> post("/api/favorites/create/1.json")
650 assert json_response(conn, 500)
654 describe "POST /api/favorites/destroy/:id" do
657 test "without valid credentials", %{conn: conn} do
658 note_activity = insert(:note_activity)
659 conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
660 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
663 test "with credentials", %{conn: conn, user: current_user} do
664 note_activity = insert(:note_activity)
665 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
666 ActivityPub.like(current_user, object)
670 |> with_credentials(current_user.nickname, "test")
671 |> post("/api/favorites/destroy/#{note_activity.id}.json")
673 assert json_response(conn, 200)
677 describe "POST /api/statuses/retweet/:id" do
680 test "without valid credentials", %{conn: conn} do
681 note_activity = insert(:note_activity)
682 conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
683 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
686 test "with credentials", %{conn: conn, user: current_user} do
687 note_activity = insert(:note_activity)
689 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
693 |> with_credentials(current_user.nickname, "test")
694 |> post(request_path)
696 activity = Repo.get(Activity, note_activity.id)
697 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
699 assert json_response(response, 200) ==
700 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
704 describe "POST /api/statuses/unretweet/:id" do
707 test "without valid credentials", %{conn: conn} do
708 note_activity = insert(:note_activity)
709 conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
710 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
713 test "with credentials", %{conn: conn, user: current_user} do
714 note_activity = insert(:note_activity)
716 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
720 |> with_credentials(current_user.nickname, "test")
721 |> post(request_path)
723 request_path = String.replace(request_path, "retweet", "unretweet")
727 |> with_credentials(current_user.nickname, "test")
728 |> post(request_path)
730 activity = Repo.get(Activity, note_activity.id)
731 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
733 assert json_response(response, 200) ==
734 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
738 describe "POST /api/account/register" do
739 test "it creates a new user", %{conn: conn} do
741 "nickname" => "lain",
742 "email" => "lain@wired.jp",
743 "fullname" => "lain iwakura",
744 "bio" => "close the world.",
745 "password" => "bear",
751 |> post("/api/account/register", data)
753 user = json_response(conn, 200)
755 fetched_user = Repo.get_by(User, nickname: "lain")
756 assert user == UserView.render("show.json", %{user: fetched_user})
759 test "it returns errors on a problem", %{conn: conn} do
761 "email" => "lain@wired.jp",
762 "fullname" => "lain iwakura",
763 "bio" => "close the world.",
764 "password" => "bear",
770 |> post("/api/account/register", data)
772 errors = json_response(conn, 400)
774 assert is_binary(errors["error"])
778 describe "GET /api/externalprofile/show" do
779 test "it returns the user", %{conn: conn} do
781 other_user = insert(:user)
785 |> assign(:user, user)
786 |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
788 assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
792 describe "GET /api/statuses/followers" do
793 test "it returns a user's followers", %{conn: conn} do
795 follower_one = insert(:user)
796 follower_two = insert(:user)
797 _not_follower = insert(:user)
799 {:ok, follower_one} = User.follow(follower_one, user)
800 {:ok, follower_two} = User.follow(follower_two, user)
804 |> assign(:user, user)
805 |> get("/api/statuses/followers")
807 expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
808 result = json_response(conn, 200)
809 assert Enum.sort(expected) == Enum.sort(result)
813 describe "GET /api/statuses/friends" do
814 test "it returns the logged in user's friends", %{conn: conn} do
816 followed_one = insert(:user)
817 followed_two = insert(:user)
818 _not_followed = insert(:user)
820 {:ok, user} = User.follow(user, followed_one)
821 {:ok, user} = User.follow(user, followed_two)
825 |> assign(:user, user)
826 |> get("/api/statuses/friends")
828 expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
829 result = json_response(conn, 200)
830 assert Enum.sort(expected) == Enum.sort(result)
833 test "it returns a given user's friends with user_id", %{conn: conn} do
835 followed_one = insert(:user)
836 followed_two = insert(:user)
837 _not_followed = insert(:user)
839 {:ok, user} = User.follow(user, followed_one)
840 {:ok, user} = User.follow(user, followed_two)
844 |> assign(:user, user)
845 |> get("/api/statuses/friends", %{"user_id" => user.id})
847 assert MapSet.equal?(
848 MapSet.new(json_response(conn, 200)),
850 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
855 test "it returns a given user's friends with screen_name", %{conn: conn} do
857 followed_one = insert(:user)
858 followed_two = insert(:user)
859 _not_followed = insert(:user)
861 {:ok, user} = User.follow(user, followed_one)
862 {:ok, user} = User.follow(user, followed_two)
866 |> assign(:user, user)
867 |> get("/api/statuses/friends", %{"screen_name" => user.nickname})
869 assert MapSet.equal?(
870 MapSet.new(json_response(conn, 200)),
872 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
878 describe "GET /friends/ids" do
879 test "it returns a user's friends", %{conn: conn} do
881 followed_one = insert(:user)
882 followed_two = insert(:user)
883 _not_followed = insert(:user)
885 {:ok, user} = User.follow(user, followed_one)
886 {:ok, user} = User.follow(user, followed_two)
890 |> assign(:user, user)
891 |> get("/api/friends/ids")
893 expected = [followed_one.id, followed_two.id]
895 assert MapSet.equal?(
896 MapSet.new(Poison.decode!(json_response(conn, 200))),
902 describe "POST /api/account/update_profile.json" do
903 test "it updates a user's profile", %{conn: conn} do
908 |> assign(:user, user)
909 |> post("/api/account/update_profile.json", %{
910 "name" => "new name",
911 "description" => "new description"
914 user = Repo.get!(User, user.id)
915 assert user.name == "new name"
916 assert user.bio == "new description"
918 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
921 test "it locks an account", %{conn: conn} do
926 |> assign(:user, user)
927 |> post("/api/account/update_profile.json", %{
931 user = Repo.get!(User, user.id)
932 assert user.info["locked"] == true
934 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
937 test "it unlocks an account", %{conn: conn} do
942 |> assign(:user, user)
943 |> post("/api/account/update_profile.json", %{
947 user = Repo.get!(User, user.id)
948 assert user.info["locked"] == false
950 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
954 defp valid_user(_context) do
959 defp with_credentials(conn, username, password) do
960 header_content = "Basic " <> Base.encode64("#{username}:#{password}")
961 put_req_header(conn, "authorization", header_content)
964 describe "GET /api/search.json" do
965 test "it returns search results", %{conn: conn} do
967 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
969 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
970 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
974 |> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"})
976 assert [status] = json_response(conn, 200)
977 assert status["id"] == activity.id
981 describe "GET /api/statusnet/tags/timeline/:tag.json" do
982 test "it returns the tags timeline", %{conn: conn} do
984 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
986 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"})
987 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
991 |> get("/api/statusnet/tags/timeline/2hu.json")
993 assert [status] = json_response(conn, 200)
994 assert status["id"] == activity.id
998 test "Convert newlines to <br> in bio", %{conn: conn} do
1003 |> assign(:user, user)
1004 |> post("/api/account/update_profile.json", %{
1005 "description" => "Hello,\r\nWorld! I\n am a test."
1008 user = Repo.get!(User, user.id)
1009 assert user.bio == "Hello,<br>World! I<br> am a test."
1012 describe "POST /api/pleroma/change_password" do
1015 test "without credentials", %{conn: conn} do
1016 conn = post(conn, "/api/pleroma/change_password")
1017 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
1020 test "with credentials and invalid password", %{conn: conn, user: current_user} do
1023 |> with_credentials(current_user.nickname, "test")
1024 |> post("/api/pleroma/change_password", %{
1026 "new_password" => "newpass",
1027 "new_password_confirmation" => "newpass"
1030 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1033 test "with credentials, valid password and new password and confirmation not matching", %{
1039 |> with_credentials(current_user.nickname, "test")
1040 |> post("/api/pleroma/change_password", %{
1041 "password" => "test",
1042 "new_password" => "newpass",
1043 "new_password_confirmation" => "notnewpass"
1046 assert json_response(conn, 200) == %{
1047 "error" => "New password does not match confirmation."
1051 test "with credentials, valid password and invalid new password", %{
1057 |> with_credentials(current_user.nickname, "test")
1058 |> post("/api/pleroma/change_password", %{
1059 "password" => "test",
1060 "new_password" => "",
1061 "new_password_confirmation" => ""
1064 assert json_response(conn, 200) == %{
1065 "error" => "New password can't be blank."
1069 test "with credentials, valid password and matching new password and confirmation", %{
1075 |> with_credentials(current_user.nickname, "test")
1076 |> post("/api/pleroma/change_password", %{
1077 "password" => "test",
1078 "new_password" => "newpass",
1079 "new_password_confirmation" => "newpass"
1082 assert json_response(conn, 200) == %{"status" => "success"}
1083 fetched_user = Repo.get(User, current_user.id)
1084 assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
1088 describe "POST /api/pleroma/delete_account" do
1091 test "without credentials", %{conn: conn} do
1092 conn = post(conn, "/api/pleroma/delete_account")
1093 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
1096 test "with credentials and invalid password", %{conn: conn, user: current_user} do
1099 |> with_credentials(current_user.nickname, "test")
1100 |> post("/api/pleroma/delete_account", %{"password" => "hi"})
1102 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1105 test "with credentials and valid password", %{conn: conn, user: current_user} do
1108 |> with_credentials(current_user.nickname, "test")
1109 |> post("/api/pleroma/delete_account", %{"password" => "test"})
1111 assert json_response(conn, 200) == %{"status" => "success"}
1112 # Wait a second for the started task to end
1117 describe "GET /api/pleroma/friend_requests" do
1118 test "it lists friend requests" do
1119 user = insert(:user, %{info: %{"locked" => true}})
1120 other_user = insert(:user)
1122 {:ok, activity} = ActivityPub.follow(other_user, user)
1124 user = Repo.get(User, user.id)
1125 other_user = Repo.get(User, other_user.id)
1127 assert User.following?(other_user, user) == false
1131 |> assign(:user, user)
1132 |> get("/api/pleroma/friend_requests")
1134 assert [relationship] = json_response(conn, 200)
1135 assert other_user.id == relationship["id"]
1139 describe "POST /api/pleroma/friendships/approve" do
1140 test "it approves a friend request" do
1141 user = insert(:user, %{info: %{"locked" => true}})
1142 other_user = insert(:user)
1144 {:ok, activity} = ActivityPub.follow(other_user, user)
1146 user = Repo.get(User, user.id)
1147 other_user = Repo.get(User, other_user.id)
1149 assert User.following?(other_user, user) == false
1153 |> assign(:user, user)
1154 |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})
1156 assert relationship = json_response(conn, 200)
1157 assert other_user.id == relationship["id"]
1158 assert relationship["follows_you"] == true
1162 describe "POST /api/pleroma/friendships/deny" do
1163 test "it denies a friend request" do
1164 user = insert(:user, %{info: %{"locked" => true}})
1165 other_user = insert(:user)
1167 {:ok, activity} = ActivityPub.follow(other_user, user)
1169 user = Repo.get(User, user.id)
1170 other_user = Repo.get(User, other_user.id)
1172 assert User.following?(other_user, user) == false
1176 |> assign(:user, user)
1177 |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})
1179 assert relationship = json_response(conn, 200)
1180 assert other_user.id == relationship["id"]
1181 assert relationship["follows_you"] == false