use Pleroma.Web.ConnCase
import Pleroma.Factory
+ clear_config([:instance, :max_account_fields])
describe "updating credentials" do
test "sets user settings in a generic way", %{conn: conn} do
assert user["display_name"] == name
assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user["emojis"]
end
+
+ test "update fields", %{conn: conn} do
+ user = insert(:user)
+
+ fields = [
+ %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
+ %{"name" => "link", "value" => "cofe.io"}
+ ]
+
+ account =
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> json_response(200)
+
+ assert account["fields"] == [
+ %{"name" => "foo", "value" => "bar"},
+ %{"name" => "link", "value" => "<a href=\"http://cofe.io\">cofe.io</a>"}
+ ]
+
+ assert account["source"]["fields"] == [
+ %{
+ "name" => "<a href=\"http://google.com\">foo</a>",
+ "value" => "<script>bar</script>"
+ },
+ %{"name" => "link", "value" => "cofe.io"}
+ ]
+
+ fields =
+ [
+ "fields_attributes[1][name]=link",
+ "fields_attributes[1][value]=cofe.io",
+ "fields_attributes[0][name]=<a href=\"http://google.com\">foo</a>",
+ "fields_attributes[0][value]=bar"
+ ]
+ |> Enum.join("&")
+
+ account =
+ conn
+ |> put_req_header("content-type", "application/x-www-form-urlencoded")
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", fields)
+ |> json_response(200)
+
+ assert account["fields"] == [
+ %{"name" => "foo", "value" => "bar"},
+ %{"name" => "link", "value" => "<a href=\"http://cofe.io\">cofe.io</a>"}
+ ]
+
+ assert account["source"]["fields"] == [
+ %{
+ "name" => "<a href=\"http://google.com\">foo</a>",
+ "value" => "bar"
+ },
+ %{"name" => "link", "value" => "cofe.io"}
+ ]
+
+ name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
+ value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
+
+ long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
+
+ fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
+
+ assert %{"error" => "Invalid request"} ==
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> json_response(403)
+
+ long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
+
+ fields = [%{"name" => long_name, "value" => "bar"}]
+
+ assert %{"error" => "Invalid request"} ==
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> json_response(403)
+
+ Pleroma.Config.put([:instance, :max_account_fields], 1)
+
+ fields = [
+ %{"name" => "<b>foo<b>", "value" => "<i>bar</i>"},
+ %{"name" => "link", "value" => "cofe.io"}
+ ]
+
+ assert %{"error" => "Invalid request"} ==
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> json_response(403)
+
+ fields = [
+ %{"name" => "foo", "value" => ""},
+ %{"name" => "", "value" => "bar"}
+ ]
+
+ account =
+ conn
+ |> assign(:user, user)
+ |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+ |> json_response(200)
+
+ assert account["fields"] == [
+ %{"name" => "foo", "value" => ""}
+ ]
+ end
end
end
projects / akkoma / blobdiff