1 defmodule Pleroma.Web.TwitterAPI.ControllerTest do
2 use Pleroma.Web.ConnCase
3 alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
4 alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
5 alias Pleroma.{Repo, Activity, User, Object, Notification}
6 alias Pleroma.Web.ActivityPub.ActivityPub
7 alias Pleroma.Web.TwitterAPI.UserView
8 alias Pleroma.Web.TwitterAPI.NotificationView
9 alias Pleroma.Web.CommonAPI
10 alias Pleroma.Web.TwitterAPI.TwitterAPI
13 import Pleroma.Factory
15 describe "POST /api/account/verify_credentials" do
18 test "without valid credentials", %{conn: conn} do
19 conn = post(conn, "/api/account/verify_credentials.json")
20 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
23 test "with credentials", %{conn: conn, user: user} do
26 |> with_credentials(user.nickname, "test")
27 |> post("/api/account/verify_credentials.json")
29 assert response = json_response(conn, 200)
30 assert response == UserView.render("show.json", %{user: user, token: response["token"]})
34 describe "POST /api/account/most_recent_notification" do
37 test "without valid credentials", %{conn: conn} do
38 conn = post(conn, "/api/account/most_recent_notification.json")
39 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
42 test "with credentials", %{conn: conn, user: user} do
45 |> with_credentials(user.nickname, "test")
46 |> post("/api/account/most_recent_notification.json", %{id: "200"})
48 assert json_response(conn, 200)
49 user = User.get_by_nickname(user.nickname)
50 assert user.info["most_recent_notification"] == 200
54 describe "POST /statuses/update.json" do
57 test "without valid credentials", %{conn: conn} do
58 conn = post(conn, "/api/statuses/update.json")
59 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
62 test "with credentials", %{conn: conn, user: user} do
63 conn_with_creds = conn |> with_credentials(user.nickname, "test")
64 request_path = "/api/statuses/update.json"
67 "request" => request_path,
68 "error" => "Client must provide a 'status' parameter with a value."
71 conn = conn_with_creds |> post(request_path)
72 assert json_response(conn, 400) == error_response
74 conn = conn_with_creds |> post(request_path, %{status: ""})
75 assert json_response(conn, 400) == error_response
77 conn = conn_with_creds |> post(request_path, %{status: " "})
78 assert json_response(conn, 400) == error_response
80 # we post with visibility private in order to avoid triggering relay
81 conn = conn_with_creds |> post(request_path, %{status: "Nice meme.", visibility: "private"})
83 assert json_response(conn, 200) ==
84 ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
88 describe "GET /statuses/public_timeline.json" do
89 test "returns statuses", %{conn: conn} do
90 {:ok, user} = UserBuilder.insert()
91 activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
92 ActivityBuilder.insert_list(10, %{}, %{user: user})
93 since_id = List.last(activities).id
97 |> get("/api/statuses/public_timeline.json", %{since_id: since_id})
99 response = json_response(conn, 200)
101 assert length(response) == 10
104 test "returns 403 to unauthenticated request when the instance is not public" do
106 Application.get_env(:pleroma, :instance)
107 |> Keyword.put(:public, false)
109 Application.put_env(:pleroma, :instance, instance)
112 |> get("/api/statuses/public_timeline.json")
113 |> json_response(403)
116 Application.get_env(:pleroma, :instance)
117 |> Keyword.put(:public, true)
119 Application.put_env(:pleroma, :instance, instance)
122 test "returns 200 to unauthenticated request when the instance is public" do
124 |> get("/api/statuses/public_timeline.json")
125 |> json_response(200)
129 describe "GET /statuses/public_and_external_timeline.json" do
130 test "returns 403 to unauthenticated request when the instance is not public" do
132 Application.get_env(:pleroma, :instance)
133 |> Keyword.put(:public, false)
135 Application.put_env(:pleroma, :instance, instance)
138 |> get("/api/statuses/public_and_external_timeline.json")
139 |> json_response(403)
142 Application.get_env(:pleroma, :instance)
143 |> Keyword.put(:public, true)
145 Application.put_env(:pleroma, :instance, instance)
148 test "returns 200 to unauthenticated request when the instance is public" do
150 |> get("/api/statuses/public_and_external_timeline.json")
151 |> json_response(200)
155 describe "GET /statuses/show/:id.json" do
156 test "returns one status", %{conn: conn} do
158 {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
159 actor = Repo.get_by!(User, ap_id: activity.data["actor"])
163 |> get("/api/statuses/show/#{activity.id}.json")
165 response = json_response(conn, 200)
167 assert response == ActivityRepresenter.to_map(activity, %{user: actor})
171 describe "GET /users/show.json" do
172 test "gets user with screen_name", %{conn: conn} do
177 |> get("/api/users/show.json", %{"screen_name" => user.nickname})
179 response = json_response(conn, 200)
181 assert response["id"] == user.id
184 test "gets user with user_id", %{conn: conn} do
189 |> get("/api/users/show.json", %{"user_id" => user.id})
191 response = json_response(conn, 200)
193 assert response["id"] == user.id
196 test "gets a user for a logged in user", %{conn: conn} do
198 logged_in = insert(:user)
200 {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})
204 |> with_credentials(logged_in.nickname, "test")
205 |> get("/api/users/show.json", %{"user_id" => user.id})
207 response = json_response(conn, 200)
209 assert response["following"] == true
213 describe "GET /statusnet/conversation/:id.json" do
214 test "returns the statuses in the conversation", %{conn: conn} do
215 {:ok, _user} = UserBuilder.insert()
216 {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
217 {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
218 {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})
222 |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")
224 response = json_response(conn, 200)
226 assert length(response) == 2
230 describe "GET /statuses/friends_timeline.json" do
233 test "without valid credentials", %{conn: conn} do
234 conn = get(conn, "/api/statuses/friends_timeline.json")
235 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
238 test "with credentials", %{conn: conn, user: current_user} do
242 ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})
244 returned_activities =
245 ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})
247 other_user = insert(:user)
248 ActivityBuilder.insert_list(10, %{}, %{user: other_user})
249 since_id = List.last(activities).id
252 Ecto.Changeset.change(current_user, following: [User.ap_followers(user)])
257 |> with_credentials(current_user.nickname, "test")
258 |> get("/api/statuses/friends_timeline.json", %{since_id: since_id})
260 response = json_response(conn, 200)
262 assert length(response) == 10
265 Enum.map(returned_activities, fn activity ->
266 ActivityRepresenter.to_map(activity, %{
267 user: User.get_cached_by_ap_id(activity.data["actor"]),
274 describe "GET /statuses/dm_timeline.json" do
275 test "it show direct messages", %{conn: conn} do
276 user_one = insert(:user)
277 user_two = insert(:user)
279 {:ok, user_two} = User.follow(user_two, user_one)
282 CommonAPI.post(user_one, %{
283 "status" => "Hi @#{user_two.nickname}!",
284 "visibility" => "direct"
288 CommonAPI.post(user_two, %{
289 "status" => "Hi @#{user_one.nickname}!",
290 "visibility" => "direct"
293 {:ok, _follower_only} =
294 CommonAPI.post(user_one, %{
295 "status" => "Hi @#{user_two.nickname}!",
296 "visibility" => "private"
299 # Only direct should be visible here
302 |> assign(:user, user_two)
303 |> get("/api/statuses/dm_timeline.json")
305 [status, status_two] = json_response(res_conn, 200)
306 assert status["id"] == direct_two.id
307 assert status_two["id"] == direct.id
311 describe "GET /statuses/mentions.json" do
314 test "without valid credentials", %{conn: conn} do
315 conn = get(conn, "/api/statuses/mentions.json")
316 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
319 test "with credentials", %{conn: conn, user: current_user} do
321 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
325 |> with_credentials(current_user.nickname, "test")
326 |> get("/api/statuses/mentions.json")
328 response = json_response(conn, 200)
330 assert length(response) == 1
332 assert Enum.at(response, 0) ==
333 ActivityRepresenter.to_map(activity, %{
335 mentioned: [current_user]
340 describe "GET /api/qvitter/statuses/notifications.json" do
343 test "without valid credentials", %{conn: conn} do
344 conn = get(conn, "/api/qvitter/statuses/notifications.json")
345 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
348 test "with credentials", %{conn: conn, user: current_user} do
349 other_user = insert(:user)
352 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
356 |> with_credentials(current_user.nickname, "test")
357 |> get("/api/qvitter/statuses/notifications.json")
359 response = json_response(conn, 200)
361 assert length(response) == 1
364 NotificationView.render("notification.json", %{
365 notifications: Notification.for_user(current_user),
371 describe "POST /api/qvitter/statuses/notifications/read" do
374 test "without valid credentials", %{conn: conn} do
375 conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567})
376 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
379 test "with credentials, without any params", %{conn: conn, user: current_user} do
382 |> with_credentials(current_user.nickname, "test")
383 |> post("/api/qvitter/statuses/notifications/read")
385 assert json_response(conn, 400) == %{
386 "error" => "You need to specify latest_id",
387 "request" => "/api/qvitter/statuses/notifications/read"
391 test "with credentials, with params", %{conn: conn, user: current_user} do
392 other_user = insert(:user)
395 ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
399 |> with_credentials(current_user.nickname, "test")
400 |> get("/api/qvitter/statuses/notifications.json")
402 [notification] = response = json_response(response_conn, 200)
404 assert length(response) == 1
406 assert notification["is_seen"] == 0
410 |> with_credentials(current_user.nickname, "test")
411 |> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]})
413 [notification] = response = json_response(response_conn, 200)
415 assert length(response) == 1
417 assert notification["is_seen"] == 1
421 describe "GET /statuses/user_timeline.json" do
424 test "without any params", %{conn: conn} do
425 conn = get(conn, "/api/statuses/user_timeline.json")
427 assert json_response(conn, 400) == %{
428 "error" => "You need to specify screen_name or user_id",
429 "request" => "/api/statuses/user_timeline.json"
433 test "with user_id", %{conn: conn} do
435 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
437 conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
438 response = json_response(conn, 200)
439 assert length(response) == 1
440 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
443 test "with screen_name", %{conn: conn} do
445 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
447 conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
448 response = json_response(conn, 200)
449 assert length(response) == 1
450 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
453 test "with credentials", %{conn: conn, user: current_user} do
454 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})
458 |> with_credentials(current_user.nickname, "test")
459 |> get("/api/statuses/user_timeline.json")
461 response = json_response(conn, 200)
463 assert length(response) == 1
464 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
467 test "with credentials with user_id", %{conn: conn, user: current_user} do
469 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
473 |> with_credentials(current_user.nickname, "test")
474 |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})
476 response = json_response(conn, 200)
478 assert length(response) == 1
479 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
482 test "with credentials screen_name", %{conn: conn, user: current_user} do
484 {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
488 |> with_credentials(current_user.nickname, "test")
489 |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
491 response = json_response(conn, 200)
493 assert length(response) == 1
494 assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
498 describe "POST /friendships/create.json" do
501 test "without valid credentials", %{conn: conn} do
502 conn = post(conn, "/api/friendships/create.json")
503 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
506 test "with credentials", %{conn: conn, user: current_user} do
507 followed = insert(:user)
511 |> with_credentials(current_user.nickname, "test")
512 |> post("/api/friendships/create.json", %{user_id: followed.id})
514 current_user = Repo.get(User, current_user.id)
515 assert User.ap_followers(followed) in current_user.following
517 assert json_response(conn, 200) ==
518 UserView.render("show.json", %{user: followed, for: current_user})
522 describe "POST /friendships/destroy.json" do
525 test "without valid credentials", %{conn: conn} do
526 conn = post(conn, "/api/friendships/destroy.json")
527 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
530 test "with credentials", %{conn: conn, user: current_user} do
531 followed = insert(:user)
533 {:ok, current_user} = User.follow(current_user, followed)
534 assert User.ap_followers(followed) in current_user.following
535 ActivityPub.follow(current_user, followed)
539 |> with_credentials(current_user.nickname, "test")
540 |> post("/api/friendships/destroy.json", %{user_id: followed.id})
542 current_user = Repo.get(User, current_user.id)
543 assert current_user.following == [current_user.ap_id]
545 assert json_response(conn, 200) ==
546 UserView.render("show.json", %{user: followed, for: current_user})
550 describe "POST /blocks/create.json" do
553 test "without valid credentials", %{conn: conn} do
554 conn = post(conn, "/api/blocks/create.json")
555 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
558 test "with credentials", %{conn: conn, user: current_user} do
559 blocked = insert(:user)
563 |> with_credentials(current_user.nickname, "test")
564 |> post("/api/blocks/create.json", %{user_id: blocked.id})
566 current_user = Repo.get(User, current_user.id)
567 assert User.blocks?(current_user, blocked)
569 assert json_response(conn, 200) ==
570 UserView.render("show.json", %{user: blocked, for: current_user})
574 describe "POST /blocks/destroy.json" do
577 test "without valid credentials", %{conn: conn} do
578 conn = post(conn, "/api/blocks/destroy.json")
579 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
582 test "with credentials", %{conn: conn, user: current_user} do
583 blocked = insert(:user)
585 {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
586 assert User.blocks?(current_user, blocked)
590 |> with_credentials(current_user.nickname, "test")
591 |> post("/api/blocks/destroy.json", %{user_id: blocked.id})
593 current_user = Repo.get(User, current_user.id)
594 assert current_user.info["blocks"] == []
596 assert json_response(conn, 200) ==
597 UserView.render("show.json", %{user: blocked, for: current_user})
601 describe "GET /help/test.json" do
602 test "returns \"ok\"", %{conn: conn} do
603 conn = get(conn, "/api/help/test.json")
604 assert json_response(conn, 200) == "ok"
608 describe "POST /api/qvitter/update_avatar.json" do
611 test "without valid credentials", %{conn: conn} do
612 conn = post(conn, "/api/qvitter/update_avatar.json")
613 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
616 test "with credentials", %{conn: conn, user: current_user} do
617 avatar_image = File.read!("test/fixtures/avatar_data_uri")
621 |> with_credentials(current_user.nickname, "test")
622 |> post("/api/qvitter/update_avatar.json", %{img: avatar_image})
624 current_user = Repo.get(User, current_user.id)
625 assert is_map(current_user.avatar)
627 assert json_response(conn, 200) ==
628 UserView.render("show.json", %{user: current_user, for: current_user})
632 describe "GET /api/qvitter/mutes.json" do
635 test "unimplemented mutes without valid credentials", %{conn: conn} do
636 conn = get(conn, "/api/qvitter/mutes.json")
637 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
640 test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
643 |> with_credentials(current_user.nickname, "test")
644 |> get("/api/qvitter/mutes.json")
646 current_user = Repo.get(User, current_user.id)
648 assert [] = json_response(conn, 200)
652 describe "POST /api/favorites/create/:id" do
655 test "without valid credentials", %{conn: conn} do
656 note_activity = insert(:note_activity)
657 conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
658 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
661 test "with credentials", %{conn: conn, user: current_user} do
662 note_activity = insert(:note_activity)
666 |> with_credentials(current_user.nickname, "test")
667 |> post("/api/favorites/create/#{note_activity.id}.json")
669 assert json_response(conn, 200)
672 test "with credentials, invalid param", %{conn: conn, user: current_user} do
675 |> with_credentials(current_user.nickname, "test")
676 |> post("/api/favorites/create/wrong.json")
678 assert json_response(conn, 400)
681 test "with credentials, invalid activity", %{conn: conn, user: current_user} do
684 |> with_credentials(current_user.nickname, "test")
685 |> post("/api/favorites/create/1.json")
687 assert json_response(conn, 500)
691 describe "POST /api/favorites/destroy/:id" do
694 test "without valid credentials", %{conn: conn} do
695 note_activity = insert(:note_activity)
696 conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
697 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
700 test "with credentials", %{conn: conn, user: current_user} do
701 note_activity = insert(:note_activity)
702 object = Object.get_by_ap_id(note_activity.data["object"]["id"])
703 ActivityPub.like(current_user, object)
707 |> with_credentials(current_user.nickname, "test")
708 |> post("/api/favorites/destroy/#{note_activity.id}.json")
710 assert json_response(conn, 200)
714 describe "POST /api/statuses/retweet/:id" do
717 test "without valid credentials", %{conn: conn} do
718 note_activity = insert(:note_activity)
719 conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
720 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
723 test "with credentials", %{conn: conn, user: current_user} do
724 note_activity = insert(:note_activity)
726 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
730 |> with_credentials(current_user.nickname, "test")
731 |> post(request_path)
733 activity = Repo.get(Activity, note_activity.id)
734 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
736 assert json_response(response, 200) ==
737 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
741 describe "POST /api/statuses/unretweet/:id" do
744 test "without valid credentials", %{conn: conn} do
745 note_activity = insert(:note_activity)
746 conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
747 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
750 test "with credentials", %{conn: conn, user: current_user} do
751 note_activity = insert(:note_activity)
753 request_path = "/api/statuses/retweet/#{note_activity.id}.json"
757 |> with_credentials(current_user.nickname, "test")
758 |> post(request_path)
760 request_path = String.replace(request_path, "retweet", "unretweet")
764 |> with_credentials(current_user.nickname, "test")
765 |> post(request_path)
767 activity = Repo.get(Activity, note_activity.id)
768 activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
770 assert json_response(response, 200) ==
771 ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
775 describe "POST /api/account/register" do
776 test "it creates a new user", %{conn: conn} do
778 "nickname" => "lain",
779 "email" => "lain@wired.jp",
780 "fullname" => "lain iwakura",
781 "bio" => "close the world.",
782 "password" => "bear",
788 |> post("/api/account/register", data)
790 user = json_response(conn, 200)
792 fetched_user = Repo.get_by(User, nickname: "lain")
793 assert user == UserView.render("show.json", %{user: fetched_user})
796 test "it returns errors on a problem", %{conn: conn} do
798 "email" => "lain@wired.jp",
799 "fullname" => "lain iwakura",
800 "bio" => "close the world.",
801 "password" => "bear",
807 |> post("/api/account/register", data)
809 errors = json_response(conn, 400)
811 assert is_binary(errors["error"])
815 describe "GET /api/externalprofile/show" do
816 test "it returns the user", %{conn: conn} do
818 other_user = insert(:user)
822 |> assign(:user, user)
823 |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
825 assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
829 describe "GET /api/statuses/followers" do
830 test "it returns a user's followers", %{conn: conn} do
832 follower_one = insert(:user)
833 follower_two = insert(:user)
834 _not_follower = insert(:user)
836 {:ok, follower_one} = User.follow(follower_one, user)
837 {:ok, follower_two} = User.follow(follower_two, user)
841 |> assign(:user, user)
842 |> get("/api/statuses/followers")
844 expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
845 result = json_response(conn, 200)
846 assert Enum.sort(expected) == Enum.sort(result)
850 describe "GET /api/statuses/friends" do
851 test "it returns the logged in user's friends", %{conn: conn} do
853 followed_one = insert(:user)
854 followed_two = insert(:user)
855 _not_followed = insert(:user)
857 {:ok, user} = User.follow(user, followed_one)
858 {:ok, user} = User.follow(user, followed_two)
862 |> assign(:user, user)
863 |> get("/api/statuses/friends")
865 expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
866 result = json_response(conn, 200)
867 assert Enum.sort(expected) == Enum.sort(result)
870 test "it returns a given user's friends with user_id", %{conn: conn} do
872 followed_one = insert(:user)
873 followed_two = insert(:user)
874 _not_followed = insert(:user)
876 {:ok, user} = User.follow(user, followed_one)
877 {:ok, user} = User.follow(user, followed_two)
881 |> assign(:user, user)
882 |> get("/api/statuses/friends", %{"user_id" => user.id})
884 assert MapSet.equal?(
885 MapSet.new(json_response(conn, 200)),
887 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
892 test "it returns a given user's friends with screen_name", %{conn: conn} do
894 followed_one = insert(:user)
895 followed_two = insert(:user)
896 _not_followed = insert(:user)
898 {:ok, user} = User.follow(user, followed_one)
899 {:ok, user} = User.follow(user, followed_two)
903 |> assign(:user, user)
904 |> get("/api/statuses/friends", %{"screen_name" => user.nickname})
906 assert MapSet.equal?(
907 MapSet.new(json_response(conn, 200)),
909 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
915 describe "GET /friends/ids" do
916 test "it returns a user's friends", %{conn: conn} do
918 followed_one = insert(:user)
919 followed_two = insert(:user)
920 _not_followed = insert(:user)
922 {:ok, user} = User.follow(user, followed_one)
923 {:ok, user} = User.follow(user, followed_two)
927 |> assign(:user, user)
928 |> get("/api/friends/ids")
930 expected = [followed_one.id, followed_two.id]
932 assert MapSet.equal?(
933 MapSet.new(Poison.decode!(json_response(conn, 200))),
939 describe "POST /api/account/update_profile.json" do
940 test "it updates a user's profile", %{conn: conn} do
945 |> assign(:user, user)
946 |> post("/api/account/update_profile.json", %{
947 "name" => "new name",
948 "description" => "new description"
951 user = Repo.get!(User, user.id)
952 assert user.name == "new name"
953 assert user.bio == "new description"
955 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
958 test "it locks an account", %{conn: conn} do
963 |> assign(:user, user)
964 |> post("/api/account/update_profile.json", %{
968 user = Repo.get!(User, user.id)
969 assert user.info["locked"] == true
971 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
974 test "it unlocks an account", %{conn: conn} do
979 |> assign(:user, user)
980 |> post("/api/account/update_profile.json", %{
984 user = Repo.get!(User, user.id)
985 assert user.info["locked"] == false
987 assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
991 defp valid_user(_context) do
996 defp with_credentials(conn, username, password) do
997 header_content = "Basic " <> Base.encode64("#{username}:#{password}")
998 put_req_header(conn, "authorization", header_content)
1001 describe "GET /api/search.json" do
1002 test "it returns search results", %{conn: conn} do
1003 user = insert(:user)
1004 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1006 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
1007 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
1011 |> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"})
1013 assert [status] = json_response(conn, 200)
1014 assert status["id"] == activity.id
1018 describe "GET /api/statusnet/tags/timeline/:tag.json" do
1019 test "it returns the tags timeline", %{conn: conn} do
1020 user = insert(:user)
1021 user_two = insert(:user, %{nickname: "shp@shitposter.club"})
1023 {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"})
1024 {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
1028 |> get("/api/statusnet/tags/timeline/2hu.json")
1030 assert [status] = json_response(conn, 200)
1031 assert status["id"] == activity.id
1035 test "Convert newlines to <br> in bio", %{conn: conn} do
1036 user = insert(:user)
1040 |> assign(:user, user)
1041 |> post("/api/account/update_profile.json", %{
1042 "description" => "Hello,\r\nWorld! I\n am a test."
1045 user = Repo.get!(User, user.id)
1046 assert user.bio == "Hello,<br>World! I<br> am a test."
1049 describe "POST /api/pleroma/change_password" do
1052 test "without credentials", %{conn: conn} do
1053 conn = post(conn, "/api/pleroma/change_password")
1054 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
1057 test "with credentials and invalid password", %{conn: conn, user: current_user} do
1060 |> with_credentials(current_user.nickname, "test")
1061 |> post("/api/pleroma/change_password", %{
1063 "new_password" => "newpass",
1064 "new_password_confirmation" => "newpass"
1067 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1070 test "with credentials, valid password and new password and confirmation not matching", %{
1076 |> with_credentials(current_user.nickname, "test")
1077 |> post("/api/pleroma/change_password", %{
1078 "password" => "test",
1079 "new_password" => "newpass",
1080 "new_password_confirmation" => "notnewpass"
1083 assert json_response(conn, 200) == %{
1084 "error" => "New password does not match confirmation."
1088 test "with credentials, valid password and invalid new password", %{
1094 |> with_credentials(current_user.nickname, "test")
1095 |> post("/api/pleroma/change_password", %{
1096 "password" => "test",
1097 "new_password" => "",
1098 "new_password_confirmation" => ""
1101 assert json_response(conn, 200) == %{
1102 "error" => "New password can't be blank."
1106 test "with credentials, valid password and matching new password and confirmation", %{
1112 |> with_credentials(current_user.nickname, "test")
1113 |> post("/api/pleroma/change_password", %{
1114 "password" => "test",
1115 "new_password" => "newpass",
1116 "new_password_confirmation" => "newpass"
1119 assert json_response(conn, 200) == %{"status" => "success"}
1120 fetched_user = Repo.get(User, current_user.id)
1121 assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
1125 describe "POST /api/pleroma/delete_account" do
1128 test "without credentials", %{conn: conn} do
1129 conn = post(conn, "/api/pleroma/delete_account")
1130 assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
1133 test "with credentials and invalid password", %{conn: conn, user: current_user} do
1136 |> with_credentials(current_user.nickname, "test")
1137 |> post("/api/pleroma/delete_account", %{"password" => "hi"})
1139 assert json_response(conn, 200) == %{"error" => "Invalid password."}
1142 test "with credentials and valid password", %{conn: conn, user: current_user} do
1145 |> with_credentials(current_user.nickname, "test")
1146 |> post("/api/pleroma/delete_account", %{"password" => "test"})
1148 assert json_response(conn, 200) == %{"status" => "success"}
1149 # Wait a second for the started task to end
1154 describe "GET /api/pleroma/friend_requests" do
1155 test "it lists friend requests" do
1156 user = insert(:user, %{info: %{"locked" => true}})
1157 other_user = insert(:user)
1159 {:ok, activity} = ActivityPub.follow(other_user, user)
1161 user = Repo.get(User, user.id)
1162 other_user = Repo.get(User, other_user.id)
1164 assert User.following?(other_user, user) == false
1168 |> assign(:user, user)
1169 |> get("/api/pleroma/friend_requests")
1171 assert [relationship] = json_response(conn, 200)
1172 assert other_user.id == relationship["id"]
1176 describe "POST /api/pleroma/friendships/approve" do
1177 test "it approves a friend request" do
1178 user = insert(:user, %{info: %{"locked" => true}})
1179 other_user = insert(:user)
1181 {:ok, activity} = ActivityPub.follow(other_user, user)
1183 user = Repo.get(User, user.id)
1184 other_user = Repo.get(User, other_user.id)
1186 assert User.following?(other_user, user) == false
1190 |> assign(:user, user)
1191 |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})
1193 assert relationship = json_response(conn, 200)
1194 assert other_user.id == relationship["id"]
1195 assert relationship["follows_you"] == true
1199 describe "POST /api/pleroma/friendships/deny" do
1200 test "it denies a friend request" do
1201 user = insert(:user, %{info: %{"locked" => true}})
1202 other_user = insert(:user)
1204 {:ok, activity} = ActivityPub.follow(other_user, user)
1206 user = Repo.get(User, user.id)
1207 other_user = Repo.get(User, other_user.id)
1209 assert User.following?(other_user, user) == false
1213 |> assign(:user, user)
1214 |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})
1216 assert relationship = json_response(conn, 200)
1217 assert other_user.id == relationship["id"]
1218 assert relationship["follows_you"] == false
1222 describe "GET /api/pleroma/search_user" do
1223 test "it returns users, ordered by similarity", %{conn: conn} do
1224 user = insert(:user, %{name: "eal"})
1225 user_two = insert(:user, %{name: "ean"})
1226 user_three = insert(:user, %{name: "ebn"})
1230 |> get(twitter_api_search__path(conn, :search_user), query: "eal")
1231 |> json_response(200)
1233 assert length(resp) == 3
1234 assert [user.id, user_two.id, user_three.id] == Enum.map(resp, fn %{"id" => id} -> id end)