Merge branch 'develop' into tests/mastodon_api_controller.ex

test/integration/mastodon_websocket_test.exs

@@ -68,7 +68,7 @@ defmodule Pleroma.Integration.MastodonWebsocketTest do
     assert {:ok, json} = Jason.decode(json["payload"])
 
     view_json =
-      Pleroma.Web.MastodonAPI.StatusView.render("status.json", activity: activity, for: nil)
+      Pleroma.Web.MastodonAPI.StatusView.render("show.json", activity: activity, for: nil)
       |> Jason.encode!()
       |> Jason.decode!()
 

test/notification_test.exs

@@ -33,16 +33,16 @@ defmodule Pleroma.NotificationTest do
       assert other_notification.activity_id == activity.id
     end
 
-    test "it creates a notification for subscribed users" do
+    test "it does not create a notification for subscribed users" do
       user = insert(:user)
       subscriber = insert(:user)
 
       User.subscribe(subscriber, user)
 
       {:ok, status} = CommonAPI.post(user, %{"status" => "Akariiiin"})
-      {:ok, [notification]} = Notification.create_notifications(status)
+      {:ok, notifications} = Notification.create_notifications(status)
 
-      assert notification.user_id == subscriber.id
+      assert notifications == []
     end
 
     test "does not create a notification for subscribed users if status is a reply" do
@@ -182,14 +182,16 @@ defmodule Pleroma.NotificationTest do
       refute Notification.create_notification(activity_dupe, followed_user)
     end
 
-    test "it doesn't create duplicate notifications for follow+subscribed users" do
+    test "it doesn't create notifications for follow+subscribed users" do
       user = insert(:user)
       subscriber = insert(:user)
 
       {:ok, _, _, _} = CommonAPI.follow(subscriber, user)
       User.subscribe(subscriber, user)
       {:ok, status} = CommonAPI.post(user, %{"status" => "Akariiiin"})
-      {:ok, [_notif]} = Notification.create_notifications(status)
+      {:ok, notifications} = Notification.create_notifications(status)
+
+      assert notifications == []
     end
 
     test "it doesn't create subscription notifications if the recipient cannot see the status" do

test/plugs/remote_ip_test.exs

@@ -0,0 +1,72 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Plugs.RemoteIpTest do
+  use ExUnit.Case, async: true
+  use Plug.Test
+
+  alias Pleroma.Plugs.RemoteIp
+
+  test "disabled" do
+    Pleroma.Config.put(RemoteIp, enabled: false)
+
+    %{remote_ip: remote_ip} = conn(:get, "/")
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "1.1.1.1")
+      |> RemoteIp.call(nil)
+
+    assert conn.remote_ip == remote_ip
+  end
+
+  test "enabled" do
+    Pleroma.Config.put(RemoteIp, enabled: true)
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "1.1.1.1")
+      |> RemoteIp.call(nil)
+
+    assert conn.remote_ip == {1, 1, 1, 1}
+  end
+
+  test "custom headers" do
+    Pleroma.Config.put(RemoteIp, enabled: true, headers: ["cf-connecting-ip"])
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "1.1.1.1")
+      |> RemoteIp.call(nil)
+
+    refute conn.remote_ip == {1, 1, 1, 1}
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("cf-connecting-ip", "1.1.1.1")
+      |> RemoteIp.call(nil)
+
+    assert conn.remote_ip == {1, 1, 1, 1}
+  end
+
+  test "custom proxies" do
+    Pleroma.Config.put(RemoteIp, enabled: true)
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "173.245.48.1, 1.1.1.1, 173.245.48.2")
+      |> RemoteIp.call(nil)
+
+    refute conn.remote_ip == {1, 1, 1, 1}
+
+    Pleroma.Config.put([RemoteIp, :proxies], ["173.245.48.0/20"])
+
+    conn =
+      conn(:get, "/")
+      |> put_req_header("x-forwarded-for", "173.245.48.1, 1.1.1.1, 173.245.48.2")
+      |> RemoteIp.call(nil)
+
+    assert conn.remote_ip == {1, 1, 1, 1}
+  end
+end

test/web/admin_api/views/report_view_test.exs

@@ -61,7 +61,7 @@ defmodule Pleroma.Web.AdminAPI.ReportViewTest do
           AccountView.render("account.json", %{user: other_user}),
           Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
         ),
-      statuses: [StatusView.render("status.json", %{activity: activity})],
+      statuses: [StatusView.render("show.json", %{activity: activity})],
       state: "open",
       id: report_activity.id
     }

test/web/mastodon_api/controllers/domain_block_controller_test.exs

@@ -0,0 +1,51 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MastodonAPI.DomainBlockControllerTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.User
+
+  import Pleroma.Factory
+
+  test "blocking / unblocking a domain", %{conn: conn} do
+    user = insert(:user)
+    other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+
+    assert %{} = json_response(conn, 200)
+    user = User.get_cached_by_ap_id(user.ap_id)
+    assert User.blocks?(user, other_user)
+
+    conn =
+      build_conn()
+      |> assign(:user, user)
+      |> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+
+    assert %{} = json_response(conn, 200)
+    user = User.get_cached_by_ap_id(user.ap_id)
+    refute User.blocks?(user, other_user)
+  end
+
+  test "getting a list of domain blocks", %{conn: conn} do
+    user = insert(:user)
+
+    {:ok, user} = User.block_domain(user, "bad.site")
+    {:ok, user} = User.block_domain(user, "even.worse.site")
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/domain_blocks")
+
+    domain_blocks = json_response(conn, 200)
+
+    assert "bad.site" in domain_blocks
+    assert "even.worse.site" in domain_blocks
+  end
+end

test/web/mastodon_api/controllers/filter_controller_test.exs

@@ -0,0 +1,137 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MastodonAPI.FilterControllerTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Web.MastodonAPI.FilterView
+
+  import Pleroma.Factory
+
+  test "creating a filter", %{conn: conn} do
+    user = insert(:user)
+
+    filter = %Pleroma.Filter{
+      phrase: "knights",
+      context: ["home"]
+    }
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> post("/api/v1/filters", %{"phrase" => filter.phrase, context: filter.context})
+
+    assert response = json_response(conn, 200)
+    assert response["phrase"] == filter.phrase
+    assert response["context"] == filter.context
+    assert response["irreversible"] == false
+    assert response["id"] != nil
+    assert response["id"] != ""
+  end
+
+  test "fetching a list of filters", %{conn: conn} do
+    user = insert(:user)
+
+    query_one = %Pleroma.Filter{
+      user_id: user.id,
+      filter_id: 1,
+      phrase: "knights",
+      context: ["home"]
+    }
+
+    query_two = %Pleroma.Filter{
+      user_id: user.id,
+      filter_id: 2,
+      phrase: "who",
+      context: ["home"]
+    }
+
+    {:ok, filter_one} = Pleroma.Filter.create(query_one)
+    {:ok, filter_two} = Pleroma.Filter.create(query_two)
+
+    response =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/filters")
+      |> json_response(200)
+
+    assert response ==
+             render_json(
+               FilterView,
+               "filters.json",
+               filters: [filter_two, filter_one]
+             )
+  end
+
+  test "get a filter", %{conn: conn} do
+    user = insert(:user)
+
+    query = %Pleroma.Filter{
+      user_id: user.id,
+      filter_id: 2,
+      phrase: "knight",
+      context: ["home"]
+    }
+
+    {:ok, filter} = Pleroma.Filter.create(query)
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/filters/#{filter.filter_id}")
+
+    assert _response = json_response(conn, 200)
+  end
+
+  test "update a filter", %{conn: conn} do
+    user = insert(:user)
+
+    query = %Pleroma.Filter{
+      user_id: user.id,
+      filter_id: 2,
+      phrase: "knight",
+      context: ["home"]
+    }
+
+    {:ok, _filter} = Pleroma.Filter.create(query)
+
+    new = %Pleroma.Filter{
+      phrase: "nii",
+      context: ["home"]
+    }
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> put("/api/v1/filters/#{query.filter_id}", %{
+        phrase: new.phrase,
+        context: new.context
+      })
+
+    assert response = json_response(conn, 200)
+    assert response["phrase"] == new.phrase
+    assert response["context"] == new.context
+  end
+
+  test "delete a filter", %{conn: conn} do
+    user = insert(:user)
+
+    query = %Pleroma.Filter{
+      user_id: user.id,
+      filter_id: 2,
+      phrase: "knight",
+      context: ["home"]
+    }
+
+    {:ok, filter} = Pleroma.Filter.create(query)
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> delete("/api/v1/filters/#{filter.filter_id}")
+
+    assert response = json_response(conn, 200)
+    assert response == %{}
+  end
+end

test/web/mastodon_api/controllers/follow_request_controller_test.exs

@@ -0,0 +1,81 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MastodonAPI.FollowRequestControllerTest do
+  use Pleroma.Web.ConnCase
+
+  alias Pleroma.User
+  alias Pleroma.Web.ActivityPub.ActivityPub
+
+  import Pleroma.Factory
+
+  describe "locked accounts" do
+    test "/api/v1/follow_requests works" do
+      user = insert(:user, %{info: %User.Info{locked: true}})
+      other_user = insert(:user)
+
+      {:ok, _activity} = ActivityPub.follow(other_user, user)
+
+      user = User.get_cached_by_id(user.id)
+      other_user = User.get_cached_by_id(other_user.id)
+
+      assert User.following?(other_user, user) == false
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> get("/api/v1/follow_requests")
+
+      assert [relationship] = json_response(conn, 200)
+      assert to_string(other_user.id) == relationship["id"]
+    end
+
+    test "/api/v1/follow_requests/:id/authorize works" do
+      user = insert(:user, %{info: %User.Info{locked: true}})
+      other_user = insert(:user)
+
+      {:ok, _activity} = ActivityPub.follow(other_user, user)
+
+      user = User.get_cached_by_id(user.id)
+      other_user = User.get_cached_by_id(other_user.id)
+
+      assert User.following?(other_user, user) == false
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> post("/api/v1/follow_requests/#{other_user.id}/authorize")
+
+      assert relationship = json_response(conn, 200)
+      assert to_string(other_user.id) == relationship["id"]
+
+      user = User.get_cached_by_id(user.id)
+      other_user = User.get_cached_by_id(other_user.id)
+
+      assert User.following?(other_user, user) == true
+    end
+
+    test "/api/v1/follow_requests/:id/reject works" do
+      user = insert(:user, %{info: %User.Info{locked: true}})
+      other_user = insert(:user)
+
+      {:ok, _activity} = ActivityPub.follow(other_user, user)
+
+      user = User.get_cached_by_id(user.id)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> post("/api/v1/follow_requests/#{other_user.id}/reject")
+
+      assert relationship = json_response(conn, 200)
+      assert to_string(other_user.id) == relationship["id"]
+
+      user = User.get_cached_by_id(user.id)
+      other_user = User.get_cached_by_id(other_user.id)
+
+      assert User.following?(other_user, user) == false
+    end
+  end
+end

test/web/mastodon_api/controllers/scheduled_activity_controller_test.exs

@@ -0,0 +1,113 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MastodonAPI.ScheduledActivityControllerTest do
+  use Pleroma.Web.ConnCase, async: true
+
+  alias Pleroma.Repo
+  alias Pleroma.ScheduledActivity
+
+  import Pleroma.Factory
+
+  test "shows scheduled activities", %{conn: conn} do
+    user = insert(:user)
+    scheduled_activity_id1 = insert(:scheduled_activity, user: user).id |> to_string()
+    scheduled_activity_id2 = insert(:scheduled_activity, user: user).id |> to_string()
+    scheduled_activity_id3 = insert(:scheduled_activity, user: user).id |> to_string()
+    scheduled_activity_id4 = insert(:scheduled_activity, user: user).id |> to_string()
+
+    conn =
+      conn
+      |> assign(:user, user)
+
+    # min_id
+    conn_res =
+      conn
+      |> get("/api/v1/scheduled_statuses?limit=2&min_id=#{scheduled_activity_id1}")
+
+    result = json_response(conn_res, 200)
+    assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
+
+    # since_id
+    conn_res =
+      conn
+      |> get("/api/v1/scheduled_statuses?limit=2&since_id=#{scheduled_activity_id1}")
+
+    result = json_response(conn_res, 200)
+    assert [%{"id" => ^scheduled_activity_id4}, %{"id" => ^scheduled_activity_id3}] = result
+
+    # max_id
+    conn_res =
+      conn
+      |> get("/api/v1/scheduled_statuses?limit=2&max_id=#{scheduled_activity_id4}")
+
+    result = json_response(conn_res, 200)
+    assert [%{"id" => ^scheduled_activity_id3}, %{"id" => ^scheduled_activity_id2}] = result
+  end
+
+  test "shows a scheduled activity", %{conn: conn} do
+    user = insert(:user)
+    scheduled_activity = insert(:scheduled_activity, user: user)
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
+
+    assert %{"id" => scheduled_activity_id} = json_response(res_conn, 200)
+    assert scheduled_activity_id == scheduled_activity.id |> to_string()
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/scheduled_statuses/404")
+
+    assert %{"error" => "Record not found"} = json_response(res_conn, 404)
+  end
+
+  test "updates a scheduled activity", %{conn: conn} do
+    user = insert(:user)
+    scheduled_activity = insert(:scheduled_activity, user: user)
+
+    new_scheduled_at =
+      NaiveDateTime.add(NaiveDateTime.utc_now(), :timer.minutes(120), :millisecond)
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> put("/api/v1/scheduled_statuses/#{scheduled_activity.id}", %{
+        scheduled_at: new_scheduled_at
+      })
+
+    assert %{"scheduled_at" => expected_scheduled_at} = json_response(res_conn, 200)
+    assert expected_scheduled_at == Pleroma.Web.CommonAPI.Utils.to_masto_date(new_scheduled_at)
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> put("/api/v1/scheduled_statuses/404", %{scheduled_at: new_scheduled_at})
+
+    assert %{"error" => "Record not found"} = json_response(res_conn, 404)
+  end
+
+  test "deletes a scheduled activity", %{conn: conn} do
+    user = insert(:user)
+    scheduled_activity = insert(:scheduled_activity, user: user)
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
+
+    assert %{} = json_response(res_conn, 200)
+    assert nil == Repo.get(ScheduledActivity, scheduled_activity.id)
+
+    res_conn =
+      conn
+      |> assign(:user, user)
+      |> delete("/api/v1/scheduled_statuses/#{scheduled_activity.id}")
+
+    assert %{"error" => "Record not found"} = json_response(res_conn, 404)
+  end
+end

test/web/mastodon_api/controllers/timeline_controller_test.exs

@@ -0,0 +1,291 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
+  use Pleroma.Web.ConnCase
+
+  import Pleroma.Factory
+  import Tesla.Mock
+
+  alias Pleroma.Config
+  alias Pleroma.User
+  alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.OStatus
+
+  clear_config([:instance, :public])
+
+  setup do
+    mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
+    :ok
+  end
+
+  test "the home timeline", %{conn: conn} do
+    user = insert(:user)
+    following = insert(:user)
+
+    {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/timelines/home")
+
+    assert Enum.empty?(json_response(conn, :ok))
+
+    {:ok, user} = User.follow(user, following)
+
+    conn =
+      build_conn()
+      |> assign(:user, user)
+      |> get("/api/v1/timelines/home")
+
+    assert [%{"content" => "test"}] = json_response(conn, :ok)
+  end
+
+  describe "public" do
+    @tag capture_log: true
+    test "the public timeline", %{conn: conn} do
+      following = insert(:user)
+
+      {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})
+
+      {:ok, [_activity]} =
+        OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
+
+      conn = get(conn, "/api/v1/timelines/public", %{"local" => "False"})
+
+      assert length(json_response(conn, :ok)) == 2
+
+      conn = get(build_conn(), "/api/v1/timelines/public", %{"local" => "True"})
+
+      assert [%{"content" => "test"}] = json_response(conn, :ok)
+
+      conn = get(build_conn(), "/api/v1/timelines/public", %{"local" => "1"})
+
+      assert [%{"content" => "test"}] = json_response(conn, :ok)
+    end
+
+    test "the public timeline when public is set to false", %{conn: conn} do
+      Config.put([:instance, :public], false)
+
+      assert %{"error" => "This resource requires authentication."} ==
+               conn
+               |> get("/api/v1/timelines/public", %{"local" => "False"})
+               |> json_response(:forbidden)
+    end
+
+    test "the public timeline includes only public statuses for an authenticated user" do
+      user = insert(:user)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => "test"})
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "private"})
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "unlisted"})
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"})
+
+      res_conn = get(conn, "/api/v1/timelines/public")
+      assert length(json_response(res_conn, 200)) == 1
+    end
+  end
+
+  describe "direct" do
+    test "direct timeline", %{conn: conn} do
+      user_one = insert(:user)
+      user_two = insert(:user)
+
+      {:ok, user_two} = User.follow(user_two, user_one)
+
+      {:ok, direct} =
+        CommonAPI.post(user_one, %{
+          "status" => "Hi @#{user_two.nickname}!",
+          "visibility" => "direct"
+        })
+
+      {:ok, _follower_only} =
+        CommonAPI.post(user_one, %{
+          "status" => "Hi @#{user_two.nickname}!",
+          "visibility" => "private"
+        })
+
+      # Only direct should be visible here
+      res_conn =
+        conn
+        |> assign(:user, user_two)
+        |> get("api/v1/timelines/direct")
+
+      [status] = json_response(res_conn, :ok)
+
+      assert %{"visibility" => "direct"} = status
+      assert status["url"] != direct.data["id"]
+
+      # User should be able to see their own direct message
+      res_conn =
+        build_conn()
+        |> assign(:user, user_one)
+        |> get("api/v1/timelines/direct")
+
+      [status] = json_response(res_conn, :ok)
+
+      assert %{"visibility" => "direct"} = status
+
+      # Both should be visible here
+      res_conn =
+        conn
+        |> assign(:user, user_two)
+        |> get("api/v1/timelines/home")
+
+      [_s1, _s2] = json_response(res_conn, :ok)
+
+      # Test pagination
+      Enum.each(1..20, fn _ ->
+        {:ok, _} =
+          CommonAPI.post(user_one, %{
+            "status" => "Hi @#{user_two.nickname}!",
+            "visibility" => "direct"
+          })
+      end)
+
+      res_conn =
+        conn
+        |> assign(:user, user_two)
+        |> get("api/v1/timelines/direct")
+
+      statuses = json_response(res_conn, :ok)
+      assert length(statuses) == 20
+
+      res_conn =
+        conn
+        |> assign(:user, user_two)
+        |> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]})
+
+      [status] = json_response(res_conn, :ok)
+
+      assert status["url"] != direct.data["id"]
+    end
+
+    test "doesn't include DMs from blocked users", %{conn: conn} do
+      blocker = insert(:user)
+      blocked = insert(:user)
+      user = insert(:user)
+      {:ok, blocker} = User.block(blocker, blocked)
+
+      {:ok, _blocked_direct} =
+        CommonAPI.post(blocked, %{
+          "status" => "Hi @#{blocker.nickname}!",
+          "visibility" => "direct"
+        })
+
+      {:ok, direct} =
+        CommonAPI.post(user, %{
+          "status" => "Hi @#{blocker.nickname}!",
+          "visibility" => "direct"
+        })
+
+      res_conn =
+        conn
+        |> assign(:user, user)
+        |> get("api/v1/timelines/direct")
+
+      [status] = json_response(res_conn, :ok)
+      assert status["id"] == direct.id
+    end
+  end
+
+  describe "list" do
+    test "list timeline", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+      {:ok, _activity_one} = CommonAPI.post(user, %{"status" => "Marisa is cute."})
+      {:ok, activity_two} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})
+      {:ok, list} = Pleroma.List.create("name", user)
+      {:ok, list} = Pleroma.List.follow(list, other_user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> get("/api/v1/timelines/list/#{list.id}")
+
+      assert [%{"id" => id}] = json_response(conn, :ok)
+
+      assert id == to_string(activity_two.id)
+    end
+
+    test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+      {:ok, activity_one} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})
+
+      {:ok, _activity_two} =
+        CommonAPI.post(other_user, %{
+          "status" => "Marisa is cute.",
+          "visibility" => "private"
+        })
+
+      {:ok, list} = Pleroma.List.create("name", user)
+      {:ok, list} = Pleroma.List.follow(list, other_user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> get("/api/v1/timelines/list/#{list.id}")
+
+      assert [%{"id" => id}] = json_response(conn, :ok)
+
+      assert id == to_string(activity_one.id)
+    end
+  end
+
+  describe "hashtag" do
+    @tag capture_log: true
+    test "hashtag timeline", %{conn: conn} do
+      following = insert(:user)
+
+      {:ok, activity} = CommonAPI.post(following, %{"status" => "test #2hu"})
+
+      {:ok, [_activity]} =
+        OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
+
+      nconn = get(conn, "/api/v1/timelines/tag/2hu")
+
+      assert [%{"id" => id}] = json_response(nconn, :ok)
+
+      assert id == to_string(activity.id)
+
+      # works for different capitalization too
+      nconn = get(conn, "/api/v1/timelines/tag/2HU")
+
+      assert [%{"id" => id}] = json_response(nconn, :ok)
+
+      assert id == to_string(activity.id)
+    end
+
+    test "multi-hashtag timeline", %{conn: conn} do
+      user = insert(:user)
+
+      {:ok, activity_test} = CommonAPI.post(user, %{"status" => "#test"})
+      {:ok, activity_test1} = CommonAPI.post(user, %{"status" => "#test #test1"})
+      {:ok, activity_none} = CommonAPI.post(user, %{"status" => "#test #none"})
+
+      any_test = get(conn, "/api/v1/timelines/tag/test", %{"any" => ["test1"]})
+
+      [status_none, status_test1, status_test] = json_response(any_test, :ok)
+
+      assert to_string(activity_test.id) == status_test["id"]
+      assert to_string(activity_test1.id) == status_test1["id"]
+      assert to_string(activity_none.id) == status_none["id"]
+
+      restricted_test =
+        get(conn, "/api/v1/timelines/tag/test", %{"all" => ["test1"], "none" => ["none"]})
+
+      assert [status_test1] == json_response(restricted_test, :ok)
+
+      all_test = get(conn, "/api/v1/timelines/tag/test", %{"all" => ["none"]})
+
+      assert [status_none] == json_response(all_test, :ok)
+    end
+  end
+end

test/web/mastodon_api/mastodon_api_test.exs

@@ -75,9 +75,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPITest do
 
       User.subscribe(subscriber, user)
 
-      {:ok, status} = CommonAPI.post(user, %{"status" => "Akariiiin"})
+      {:ok, status} = CommonAPI.post(user, %{"status" => "Akariiiin @#{subscriber.nickname}"})
 
-      {:ok, status1} = CommonAPI.post(user, %{"status" => "Magi"})
+      {:ok, status1} = CommonAPI.post(user, %{"status" => "Magi @#{subscriber.nickname}"})
       {:ok, [notification]} = Notification.create_notifications(status)
       {:ok, [notification1]} = Notification.create_notifications(status1)
       res = MastodonAPI.get_notifications(subscriber)

test/web/mastodon_api/views/notification_view_test.exs

@@ -28,7 +28,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do
       pleroma: %{is_seen: false},
       type: "mention",
       account: AccountView.render("account.json", %{user: user, for: mentioned_user}),
-      status: StatusView.render("status.json", %{activity: activity, for: mentioned_user}),
+      status: StatusView.render("show.json", %{activity: activity, for: mentioned_user}),
       created_at: Utils.to_masto_date(notification.inserted_at)
     }
 
@@ -51,7 +51,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do
       pleroma: %{is_seen: false},
       type: "favourite",
       account: AccountView.render("account.json", %{user: another_user, for: user}),
-      status: StatusView.render("status.json", %{activity: create_activity, for: user}),
+      status: StatusView.render("show.json", %{activity: create_activity, for: user}),
       created_at: Utils.to_masto_date(notification.inserted_at)
     }
 
@@ -73,7 +73,7 @@ defmodule Pleroma.Web.MastodonAPI.NotificationViewTest do
       pleroma: %{is_seen: false},
       type: "reblog",
       account: AccountView.render("account.json", %{user: another_user, for: user}),
-      status: StatusView.render("status.json", %{activity: reblog_activity, for: user}),
+      status: StatusView.render("show.json", %{activity: reblog_activity, for: user}),
       created_at: Utils.to_masto_date(notification.inserted_at)
     }
 

test/web/mastodon_api/views/status_view_test.exs

@@ -29,7 +29,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})
 
     status =
-      StatusView.render("status.json",
+      StatusView.render("show.json",
         activity: activity,
         with_direct_conversation_id: true,
         for: user
@@ -46,7 +46,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     Repo.delete(user)
     Cachex.clear(:user_cache)
 
-    %{account: ms_user} = StatusView.render("status.json", activity: activity)
+    %{account: ms_user} = StatusView.render("show.json", activity: activity)
 
     assert ms_user.acct == "erroruser@example.com"
   end
@@ -63,7 +63,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     Cachex.clear(:user_cache)
 
-    result = StatusView.render("status.json", activity: activity)
+    result = StatusView.render("show.json", activity: activity)
 
     assert result[:account][:id] == to_string(user.id)
   end
@@ -81,7 +81,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     User.get_cached_by_ap_id(note.data["actor"])
 
-    status = StatusView.render("status.json", %{activity: note})
+    status = StatusView.render("show.json", %{activity: note})
 
     assert status.content == ""
   end
@@ -93,7 +93,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     convo_id = Utils.context_to_conversation_id(object_data["context"])
 
-    status = StatusView.render("status.json", %{activity: note})
+    status = StatusView.render("show.json", %{activity: note})
 
     created_at =
       (object_data["published"] || "")
@@ -165,11 +165,11 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     {:ok, user} = User.mute(user, other_user)
 
     {:ok, activity} = CommonAPI.post(other_user, %{"status" => "test"})
-    status = StatusView.render("status.json", %{activity: activity})
+    status = StatusView.render("show.json", %{activity: activity})
 
     assert status.muted == false
 
-    status = StatusView.render("status.json", %{activity: activity, for: user})
+    status = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert status.muted == true
   end
@@ -181,13 +181,13 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     {:ok, user} = User.mute(user, other_user)
 
     {:ok, activity} = CommonAPI.post(other_user, %{"status" => "test"})
-    status = StatusView.render("status.json", %{activity: activity, for: user})
+    status = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert status.pleroma.thread_muted == false
 
     {:ok, activity} = CommonAPI.add_mute(user, activity)
 
-    status = StatusView.render("status.json", %{activity: activity, for: user})
+    status = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert status.pleroma.thread_muted == true
   end
@@ -196,11 +196,11 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     user = insert(:user)
 
     {:ok, activity} = CommonAPI.post(user, %{"status" => "Cute girls doing cute things"})
-    status = StatusView.render("status.json", %{activity: activity})
+    status = StatusView.render("show.json", %{activity: activity})
 
     assert status.bookmarked == false
 
-    status = StatusView.render("status.json", %{activity: activity, for: user})
+    status = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert status.bookmarked == false
 
@@ -208,7 +208,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     activity = Activity.get_by_id_with_object(activity.id)
 
-    status = StatusView.render("status.json", %{activity: activity, for: user})
+    status = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert status.bookmarked == true
   end
@@ -220,7 +220,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     {:ok, activity} =
       CommonAPI.post(user, %{"status" => "he", "in_reply_to_status_id" => note.id})
 
-    status = StatusView.render("status.json", %{activity: activity})
+    status = StatusView.render("show.json", %{activity: activity})
 
     assert status.in_reply_to_id == to_string(note.id)
 
@@ -237,7 +237,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     {:ok, [activity]} = OStatus.handle_incoming(incoming)
 
-    status = StatusView.render("status.json", %{activity: activity})
+    status = StatusView.render("show.json", %{activity: activity})
 
     assert status.mentions ==
              Enum.map([user], fn u -> AccountView.render("mention.json", %{user: u}) end)
@@ -263,7 +263,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     assert length(activity.recipients) == 3
 
-    %{mentions: [mention] = mentions} = StatusView.render("status.json", %{activity: activity})
+    %{mentions: [mention] = mentions} = StatusView.render("show.json", %{activity: activity})
 
     assert length(mentions) == 1
     assert mention.url == recipient_ap_id
@@ -300,7 +300,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     assert length(activity.recipients) == 3
 
-    %{mentions: [mention] = mentions} = StatusView.render("status.json", %{activity: activity})
+    %{mentions: [mention] = mentions} = StatusView.render("show.json", %{activity: activity})
 
     assert length(mentions) == 1
     assert mention.url == recipient.ap_id
@@ -340,7 +340,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     id = "https://wedistribute.org/wp-json/pterotype/v1/object/85810"
     [activity] = Activity.search(nil, id)
 
-    status = StatusView.render("status.json", %{activity: activity})
+    status = StatusView.render("show.json", %{activity: activity})
 
     assert status.uri == id
     assert status.url == "https://wedistribute.org/2019/07/mastodon-drops-ostatus/"
@@ -352,7 +352,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     {:ok, reblog, _} = CommonAPI.repeat(activity.id, user)
 
-    represented = StatusView.render("status.json", %{for: user, activity: reblog})
+    represented = StatusView.render("show.json", %{for: user, activity: reblog})
 
     assert represented[:id] == to_string(reblog.id)
     assert represented[:reblog][:id] == to_string(activity.id)
@@ -369,7 +369,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     %Activity{} = activity = Activity.get_create_by_object_ap_id(object.data["id"])
 
-    represented = StatusView.render("status.json", %{for: user, activity: activity})
+    represented = StatusView.render("show.json", %{for: user, activity: activity})
 
     assert represented[:id] == to_string(activity.id)
     assert length(represented[:media_attachments]) == 1
@@ -570,7 +570,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
         "status" => "drink more water"
       })
 
-    result = StatusView.render("status.json", %{activity: activity, for: other_user})
+    result = StatusView.render("show.json", %{activity: activity, for: other_user})
 
     assert result[:account][:pleroma][:relationship] ==
              AccountView.render("relationship.json", %{user: other_user, target: user})
@@ -587,7 +587,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
 
     {:ok, activity, _object} = CommonAPI.repeat(activity.id, other_user)
 
-    result = StatusView.render("status.json", %{activity: activity, for: user})
+    result = StatusView.render("show.json", %{activity: activity, for: user})
 
     assert result[:account][:pleroma][:relationship] ==
              AccountView.render("relationship.json", %{user: user, target: other_user})
@@ -604,7 +604,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
     {:ok, activity} =
       CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
 
-    status = StatusView.render("status.json", activity: activity)
+    status = StatusView.render("show.json", activity: activity)
 
     assert status.visibility == "list"
   end

test/web/pleroma_api/controllers/subscription_notification_controller_test.exs

@@ -0,0 +1,234 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.PleromaAPI.SubscriptionNotificationControllerTest do
+  use Pleroma.Web.ConnCase
+
+  alias Pleroma.Repo
+  alias Pleroma.SubscriptionNotification
+  alias Pleroma.User
+  alias Pleroma.Web.CommonAPI
+  import Pleroma.Factory
+  import Tesla.Mock
+
+  setup do
+    mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
+    :ok
+  end
+
+  clear_config([:instance, :public])
+  clear_config([:rich_media, :enabled])
+
+  describe "subscription_notifications" do
+    setup do
+      user = insert(:user)
+      subscriber = insert(:user)
+
+      User.subscribe(subscriber, user)
+
+      {:ok, %{user: user, subscriber: subscriber}}
+    end
+
+    test "list of notifications", %{conn: conn, user: user, subscriber: subscriber} do
+      status_text = "Hello"
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => status_text})
+      path = subscription_notification_path(conn, :index)
+
+      conn =
+        conn
+        |> assign(:user, subscriber)
+        |> get(path)
+
+      assert [%{"status" => %{"content" => response}} | _rest] = json_response(conn, 200)
+      assert response == status_text
+    end
+
+    test "getting a single notification", %{conn: conn, user: user, subscriber: subscriber} do
+      status_text = "Hello"
+
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => status_text})
+      [notification] = Repo.all(SubscriptionNotification)
+
+      path = subscription_notification_path(conn, :show, notification)
+
+      conn =
+        conn
+        |> assign(:user, subscriber)
+        |> get(path)
+
+      assert %{"status" => %{"content" => response}} = json_response(conn, 200)
+      assert response == status_text
+    end
+
+    test "dismissing a single notification also deletes it", %{
+      conn: conn,
+      user: user,
+      subscriber: subscriber
+    } do
+      status_text = "Hello"
+      {:ok, _activity} = CommonAPI.post(user, %{"status" => status_text})
+
+      [notification] = Repo.all(SubscriptionNotification)
+
+      conn =
+        conn
+        |> assign(:user, subscriber)
+        |> post(subscription_notification_path(conn, :dismiss), %{"id" => notification.id})
+
+      assert %{} = json_response(conn, 200)
+
+      assert Repo.all(SubscriptionNotification) == []
+    end
+
+    test "clearing all notifications also deletes them", %{
+      conn: conn,
+      user: user,
+      subscriber: subscriber
+    } do
+      status_text1 = "Hello"
+      status_text2 = "Hello again"
+      {:ok, _activity1} = CommonAPI.post(user, %{"status" => status_text1})
+      {:ok, _activity2} = CommonAPI.post(user, %{"status" => status_text2})
+
+      conn =
+        conn
+        |> assign(:user, subscriber)
+        |> post(subscription_notification_path(conn, :clear))
+
+      assert %{} = json_response(conn, 200)
+
+      conn =
+        build_conn()
+        |> assign(:user, subscriber)
+        |> get(subscription_notification_path(conn, :index))
+
+      assert json_response(conn, 200) == []
+
+      assert Repo.all(SubscriptionNotification) == []
+    end
+
+    test "paginates notifications using min_id, since_id, max_id, and limit", %{
+      conn: conn,
+      user: user,
+      subscriber: subscriber
+    } do
+      {:ok, activity1} = CommonAPI.post(user, %{"status" => "Hello 1"})
+      {:ok, activity2} = CommonAPI.post(user, %{"status" => "Hello 2"})
+      {:ok, activity3} = CommonAPI.post(user, %{"status" => "Hello 3"})
+      {:ok, activity4} = CommonAPI.post(user, %{"status" => "Hello 4"})
+
+      notification1_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity1.id).id |> to_string()
+
+      notification2_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity2.id).id |> to_string()
+
+      notification3_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity3.id).id |> to_string()
+
+      notification4_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity4.id).id |> to_string()
+
+      conn = assign(conn, :user, subscriber)
+
+      # min_id
+      conn_res =
+        get(
+          conn,
+          subscription_notification_path(conn, :index, %{
+            "limit" => 2,
+            "min_id" => notification1_id
+          })
+        )
+
+      result = json_response(conn_res, 200)
+      assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
+
+      # since_id
+      conn_res =
+        get(
+          conn,
+          subscription_notification_path(conn, :index, %{
+            "limit" => 2,
+            "since_id" => notification1_id
+          })
+        )
+
+      result = json_response(conn_res, 200)
+      assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
+
+      # max_id
+      conn_res =
+        get(
+          conn,
+          subscription_notification_path(conn, :index, %{
+            "limit" => 2,
+            "max_id" => notification4_id
+          })
+        )
+
+      result = json_response(conn_res, 200)
+      assert [%{"id" => ^notification3_id}, %{"id" => ^notification2_id}] = result
+    end
+
+    test "destroy multiple", %{conn: conn, user: user1, subscriber: user2} do
+      # mutual subscription
+      User.subscribe(user1, user2)
+
+      {:ok, activity1} = CommonAPI.post(user1, %{"status" => "Hello 1"})
+      {:ok, activity2} = CommonAPI.post(user1, %{"status" => "World 1"})
+      {:ok, activity3} = CommonAPI.post(user2, %{"status" => "Hello 2"})
+      {:ok, activity4} = CommonAPI.post(user2, %{"status" => "World 2"})
+
+      notification1_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity1.id).id |> to_string()
+
+      notification2_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity2.id).id |> to_string()
+
+      notification3_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity3.id).id |> to_string()
+
+      notification4_id =
+        Repo.get_by(SubscriptionNotification, activity_id: activity4.id).id |> to_string()
+
+      conn = assign(conn, :user, user1)
+
+      conn_res = get(conn, subscription_notification_path(conn, :index))
+
+      result = json_response(conn_res, 200)
+
+      Enum.each(result, fn %{"id" => id} ->
+        assert id in [notification3_id, notification4_id]
+      end)
+
+      conn2 = assign(conn, :user, user2)
+
+      conn_res = get(conn2, subscription_notification_path(conn, :index))
+
+      result = json_response(conn_res, 200)
+
+      Enum.each(result, fn %{"id" => id} ->
+        assert id in [notification1_id, notification2_id]
+      end)
+
+      conn_destroy =
+        delete(conn, subscription_notification_path(conn, :destroy_multiple), %{
+          "ids" => [notification3_id, notification4_id]
+        })
+
+      assert json_response(conn_destroy, 200) == %{}
+
+      conn_res = get(conn2, subscription_notification_path(conn, :index))
+
+      result = json_response(conn_res, 200)
+
+      Enum.each(result, fn %{"id" => id} ->
+        assert id in [notification1_id, notification2_id]
+      end)
+
+      assert length(Repo.all(SubscriptionNotification)) == 2
+    end
+  end
+end