Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/undo-valida...

[akkoma] / test / web / activity_pub / object_validator_test.exs
diff --git a/test/web/activity_pub/object_validator_test.exs b/test/web/activity_pub/object_validator_test.exs

index 9e05897227bbc1099b8bfa32905a9c4a3ab7b810..4d90a0cf347abf5232ca1685949a11dd3d896416 100644 (file)
--- a/test/web/activity_pub/object_validator_test.exs
+++ b/test/web/activity_pub/object_validator_test.exs
@@ -1,6 +1,7 @@
  defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
    use Pleroma.DataCase
  
+  alias Pleroma.Object
    alias Pleroma.Web.ActivityPub.Builder
    alias Pleroma.Web.ActivityPub.ObjectValidator
    alias Pleroma.Web.ActivityPub.ObjectValidators.LikeValidator
@@ -9,6 +10,46 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
  
    import Pleroma.Factory
  
+  describe "Undos" do
+    setup do
+      user = insert(:user)
+      {:ok, post_activity} = CommonAPI.post(user, %{"status" => "uguu"})
+      {:ok, like} = CommonAPI.favorite(user, post_activity.id)
+      {:ok, valid_like_undo, []} = Builder.undo(user, like)
+
+      %{user: user, like: like, valid_like_undo: valid_like_undo}
+    end
+
+    test "it validates a basic like undo", %{valid_like_undo: valid_like_undo} do
+      assert {:ok, _, _} = ObjectValidator.validate(valid_like_undo, [])
+    end
+
+    test "it does not validate if the actor of the undo is not the actor of the object", %{
+      valid_like_undo: valid_like_undo
+    } do
+      other_user = insert(:user, ap_id: "https://gensokyo.2hu/users/raymoo")
+
+      bad_actor =
+        valid_like_undo
+        |> Map.put("actor", other_user.ap_id)
+
+      {:error, cng} = ObjectValidator.validate(bad_actor, [])
+
+      assert {:actor, {"not the same as object actor", []}} in cng.errors
+    end
+
+    test "it does not validate if the object is missing", %{valid_like_undo: valid_like_undo} do
+      missing_object =
+        valid_like_undo
+        |> Map.put("object", "https://gensokyo.2hu/objects/1")
+
+      {:error, cng} = ObjectValidator.validate(missing_object, [])
+
+      assert {:object, {"can't find object", []}} in cng.errors
+      assert length(cng.errors) == 1
+    end
+  end
+
    describe "deletes" do
      setup do
        user = insert(:user)
@@ -21,9 +62,27 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
      end
  
      test "it is valid for a post deletion", %{valid_post_delete: valid_post_delete} do
-      {:ok, valid_post_delete_u, _} = ObjectValidator.validate(valid_post_delete, [])
+      {:ok, valid_post_delete, _} = ObjectValidator.validate(valid_post_delete, [])
  
-      assert valid_post_delete_u["deleted_activity_id"]
+      assert valid_post_delete["deleted_activity_id"]
+    end
+
+    test "it is invalid if the object isn't in a list of certain types", %{
+      valid_post_delete: valid_post_delete
+    } do
+      object = Object.get_by_ap_id(valid_post_delete["object"])
+
+      data =
+        object.data
+        |> Map.put("type", "Like")
+
+      {:ok, _object} =
+        object
+        |> Ecto.Changeset.change(%{data: data})
+        |> Object.update_and_set_cache()
+
+      {:error, cng} = ObjectValidator.validate(valid_post_delete, [])
+      assert {:object, {"object not in allowed types", []}} in cng.errors
      end
  
      test "it is valid for a user deletion", %{valid_user_delete: valid_user_delete} do
@@ -48,13 +107,16 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
        {:error, cng} = ObjectValidator.validate(missing_object, [])
  
        assert {:object, {"can't find object", []}} in cng.errors
+      assert length(cng.errors) == 1
      end
  
      test "it's invalid if the actor of the object and the actor of delete are from different domains",
           %{valid_post_delete: valid_post_delete} do
+      valid_user = insert(:user)
+
        valid_other_actor =
          valid_post_delete
-        |> Map.put("actor", valid_post_delete["actor"] <> "1")
+        |> Map.put("actor", valid_user.ap_id)
  
        assert match?({:ok, _, _}, ObjectValidator.validate(valid_other_actor, []))
  
@@ -66,6 +128,19 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
  
        assert {:actor, {"is not allowed to delete object", []}} in cng.errors
      end
+
+    test "it's valid if the actor of the object is a local superuser",
+         %{valid_post_delete: valid_post_delete} do
+      user =
+        insert(:user, local: true, is_moderator: true, ap_id: "https://gensokyo.2hu/users/raymoo")
+
+      valid_other_actor =
+        valid_post_delete
+        |> Map.put("actor", user.ap_id)
+
+      {:ok, _, meta} = ObjectValidator.validate(valid_other_actor, [])
+      assert meta[:do_not_federate]
+    end
    end
  
    describe "likes" do
@@ -96,6 +171,32 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidatorTest do
        assert LikeValidator.cast_and_validate(valid_like).valid?
      end
  
+    test "sets the 'to' field to the object actor if no recipients are given", %{
+      valid_like: valid_like,
+      user: user
+    } do
+      without_recipients =
+        valid_like
+        |> Map.delete("to")
+
+      {:ok, object, _meta} = ObjectValidator.validate(without_recipients, [])
+
+      assert object["to"] == [user.ap_id]
+    end
+
+    test "sets the context field to the context of the object if no context is given", %{
+      valid_like: valid_like,
+      post_activity: post_activity
+    } do
+      without_context =
+        valid_like
+        |> Map.delete("context")
+
+      {:ok, object, _meta} = ObjectValidator.validate(without_context, [])
+
+      assert object["context"] == post_activity.data["context"]
+    end
+
      test "it errors when the actor is missing or not known", %{valid_like: valid_like} do
        without_actor = Map.delete(valid_like, "actor")