2hu
alert('xss')" assert object.data["source"] == post @@ -556,9 +595,9 @@ defmodule Pleroma.Web.CommonAPITest do content_type: "text/markdown" }) - object = Object.normalize(activity) + object = Object.normalize(activity, fetch: false) - assert object.data["content"] == "2hu
alert('xss')" + assert object.data["content"] == "2hu
" assert object.data["source"] == post end @@ -629,7 +668,7 @@ defmodule Pleroma.Web.CommonAPITest do end test "it validates character limits are correctly enforced" do - Pleroma.Config.put([:instance, :limit], 5) + clear_config([:instance, :limit], 5) user = insert(:user) @@ -731,6 +770,22 @@ defmodule Pleroma.Web.CommonAPITest do refute Visibility.visible_for_user?(announce_activity, nil) end + test "author can repeat own private statuses" do + author = insert(:user) + follower = insert(:user) + CommonAPI.follow(follower, author) + + {:ok, activity} = CommonAPI.post(author, %{status: "cofe", visibility: "private"}) + + {:ok, %Activity{} = announce_activity} = CommonAPI.repeat(activity.id, author) + + assert Visibility.is_private?(announce_activity) + refute Visibility.visible_for_user?(announce_activity, nil) + + assert Visibility.visible_for_user?(activity, follower) + assert {:error, :not_found} = CommonAPI.repeat(activity.id, follower) + end + test "favoriting a status" do user = insert(:user) other_user = insert(:user) @@ -764,7 +819,7 @@ defmodule Pleroma.Web.CommonAPITest do describe "pinned statuses" do setup do - Pleroma.Config.put([:instance, :max_pinned_statuses], 1) + clear_config([:instance, :max_pinned_statuses], 1) user = insert(:user) {:ok, activity} = CommonAPI.post(user, %{status: "HI!!!"}) @@ -772,13 +827,17 @@ defmodule Pleroma.Web.CommonAPITest do [user: user, activity: activity] end + test "activity not found error", %{user: user} do + assert {:error, :not_found} = CommonAPI.pin("id", user) + end + test "pin status", %{user: user, activity: activity} do assert {:ok, ^activity} = CommonAPI.pin(activity.id, user) - id = activity.id + %{data: %{"id" => object_id}} = Object.normalize(activity) user = refresh_record(user) - assert %User{pinned_activities: [^id]} = user + assert user.pinned_objects |> Map.keys() == [object_id] end test "pin poll", %{user: user} do @@ -790,10 +849,11 @@ defmodule Pleroma.Web.CommonAPITest do assert {:ok, ^activity} = CommonAPI.pin(activity.id, user) - id = activity.id + %{data: %{"id" => object_id}} = Object.normalize(activity) + user = refresh_record(user) - assert %User{pinned_activities: [^id]} = user + assert user.pinned_objects |> Map.keys() == [object_id] end test "unlisted statuses can be pinned", %{user: user} do @@ -804,7 +864,7 @@ defmodule Pleroma.Web.CommonAPITest do test "only self-authored can be pinned", %{activity: activity} do user = insert(:user) - assert {:error, "Could not pin"} = CommonAPI.pin(activity.id, user) + assert {:error, :ownership_error} = CommonAPI.pin(activity.id, user) end test "max pinned statuses", %{user: user, activity: activity_one} do @@ -814,8 +874,12 @@ defmodule Pleroma.Web.CommonAPITest do user = refresh_record(user) - assert {:error, "You have already pinned the maximum number of statuses"} = - CommonAPI.pin(activity_two.id, user) + assert {:error, :pinned_statuses_limit_reached} = CommonAPI.pin(activity_two.id, user) + end + + test "only public can be pinned", %{user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "private status", visibility: "private"}) + {:error, :visibility_error} = CommonAPI.pin(activity.id, user) end test "unpin status", %{user: user, activity: activity} do @@ -829,7 +893,7 @@ defmodule Pleroma.Web.CommonAPITest do user = refresh_record(user) - assert %User{pinned_activities: []} = user + assert user.pinned_objects == %{} end test "should unpin when deleting a status", %{user: user, activity: activity} do @@ -841,7 +905,40 @@ defmodule Pleroma.Web.CommonAPITest do user = refresh_record(user) - assert %User{pinned_activities: []} = user + assert user.pinned_objects == %{} + end + + test "ephemeral activity won't be deleted if was pinned", %{user: user} do + {:ok, activity} = CommonAPI.post(user, %{status: "Hello!", expires_in: 601}) + + assert Pleroma.Workers.PurgeExpiredActivity.get_expiration(activity.id) + + {:ok, _activity} = CommonAPI.pin(activity.id, user) + refute Pleroma.Workers.PurgeExpiredActivity.get_expiration(activity.id) + + user = refresh_record(user) + {:ok, _} = CommonAPI.unpin(activity.id, user) + + # recreates expiration job on unpin + assert Pleroma.Workers.PurgeExpiredActivity.get_expiration(activity.id) + end + + test "ephemeral activity deletion job won't be deleted on pinning error", %{ + user: user, + activity: activity + } do + clear_config([:instance, :max_pinned_statuses], 1) + + {:ok, _activity} = CommonAPI.pin(activity.id, user) + + {:ok, activity2} = CommonAPI.post(user, %{status: "another status", expires_in: 601}) + + assert Pleroma.Workers.PurgeExpiredActivity.get_expiration(activity2.id) + + user = refresh_record(user) + {:error, :pinned_statuses_limit_reached} = CommonAPI.pin(activity2.id, user) + + assert Pleroma.Workers.PurgeExpiredActivity.get_expiration(activity2.id) end end @@ -1211,7 +1308,7 @@ defmodule Pleroma.Web.CommonAPITest do poll: %{options: ["Yes", "No"], expires_in: 20} }) - object = Object.normalize(activity) + object = Object.normalize(activity, fetch: false) {:ok, _, object} = CommonAPI.vote(other_user, object, [0]) @@ -1231,7 +1328,7 @@ defmodule Pleroma.Web.CommonAPITest do length: 180_000 }) - object = Object.normalize(activity) + object = Object.normalize(activity, fetch: false) assert object.data["title"] == "lain radio episode 1" @@ -1250,7 +1347,7 @@ defmodule Pleroma.Web.CommonAPITest do visibility: "private" }) - object = Object.normalize(activity) + object = Object.normalize(activity, fetch: false) assert object.data["title"] == "lain radio episode 1" @@ -1277,4 +1374,128 @@ defmodule Pleroma.Web.CommonAPITest do } = CommonAPI.get_user("") end end + + describe "with `local` visibility" do + setup do: clear_config([:instance, :federating], true) + + test "post" do + user = insert(:user) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + {:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + assert Visibility.is_local_public?(activity) + assert_not_called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "delete" do + user = insert(:user) + + {:ok, %Activity{id: activity_id}} = + CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"}) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"deleted_activity_id" => ^activity_id}} = activity} = + CommonAPI.delete(activity_id, user) + + assert Visibility.is_local_public?(activity) + assert_not_called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "repeat" do + user = insert(:user) + other_user = insert(:user) + + {:ok, %Activity{id: activity_id}} = + CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"type" => "Announce"}} = activity} = + CommonAPI.repeat(activity_id, user) + + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "unrepeat" do + user = insert(:user) + other_user = insert(:user) + + {:ok, %Activity{id: activity_id}} = + CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + assert {:ok, _} = CommonAPI.repeat(activity_id, user) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"type" => "Undo"}} = activity} = + CommonAPI.unrepeat(activity_id, user) + + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "favorite" do + user = insert(:user) + other_user = insert(:user) + + {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"type" => "Like"}} = activity} = + CommonAPI.favorite(user, activity.id) + + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "unfavorite" do + user = insert(:user) + other_user = insert(:user) + + {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + {:ok, %Activity{}} = CommonAPI.favorite(user, activity.id) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, activity} = CommonAPI.unfavorite(activity.id, user) + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "react_with_emoji" do + user = insert(:user) + other_user = insert(:user) + {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"type" => "EmojiReact"}} = activity} = + CommonAPI.react_with_emoji(activity.id, user, "ð") + + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + + test "unreact_with_emoji" do + user = insert(:user) + other_user = insert(:user) + {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe", visibility: "local"}) + + {:ok, _reaction} = CommonAPI.react_with_emoji(activity.id, user, "ð") + + with_mock Pleroma.Web.Federator, publish: fn _ -> :ok end do + assert {:ok, %Activity{data: %{"type" => "Undo"}} = activity} = + CommonAPI.unreact_with_emoji(activity.id, user, "ð") + + assert Visibility.is_local_public?(activity) + refute called(Pleroma.Web.Federator.publish(activity)) + end + end + end end