Merge branch 'develop' into global-status-expiration

test/web/activity_pub/activity_pub_test.exs

@@ -180,7 +180,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
       {:ok, user} = ActivityPub.make_user_from_ap_id(user_id)
       assert user.ap_id == user_id
       assert user.nickname == "admin@mastodon.example.org"
-      assert user.source_data
       assert user.ap_enabled
       assert user.follower_address == "http://mastodon.example.org/users/admin/followers"
     end

test/web/activity_pub/mrf/object_age_policy_test.exs

@@ -20,26 +20,38 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
     :ok
   end
 
+  defp get_old_message do
+    File.read!("test/fixtures/mastodon-post-activity.json")
+    |> Poison.decode!()
+  end
+
+  defp get_new_message do
+    old_message = get_old_message()
+
+    new_object =
+      old_message
+      |> Map.get("object")
+      |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+
+    old_message
+    |> Map.put("object", new_object)
+  end
+
   describe "with reject action" do
     test "it rejects an old post" do
       Config.put([:mrf_object_age, :actions], [:reject])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
+      data = get_old_message()
 
-      {:reject, _} = ObjectAgePolicy.filter(data)
+      assert match?({:reject, _}, ObjectAgePolicy.filter(data))
     end
 
     test "it allows a new post" do
       Config.put([:mrf_object_age, :actions], [:reject])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
-        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+      data = get_new_message()
 
-      {:ok, _} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, _}, ObjectAgePolicy.filter(data))
     end
   end
 
@@ -47,9 +59,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
     test "it delists an old post" do
       Config.put([:mrf_object_age, :actions], [:delist])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
+      data = get_old_message()
 
       {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
 
@@ -61,14 +71,11 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
     test "it allows a new post" do
       Config.put([:mrf_object_age, :actions], [:delist])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
-        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+      data = get_new_message()
 
       {:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"])
 
-      {:ok, ^data} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
     end
   end
 
@@ -76,9 +83,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
     test "it strips followers collections from an old post" do
       Config.put([:mrf_object_age, :actions], [:strip_followers])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
+      data = get_old_message()
 
       {:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
 
@@ -91,14 +96,11 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
     test "it allows a new post" do
       Config.put([:mrf_object_age, :actions], [:strip_followers])
 
-      data =
-        File.read!("test/fixtures/mastodon-post-activity.json")
-        |> Poison.decode!()
-        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
+      data = get_new_message()
 
       {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
 
-      {:ok, ^data} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
     end
   end
 end

test/web/activity_pub/publisher_test.exs

@@ -48,10 +48,7 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
 
   describe "determine_inbox/2" do
     test "it returns sharedInbox for messages involving as:Public in to" do
-      user =
-        insert(:user, %{
-          source_data: %{"endpoints" => %{"sharedInbox" => "http://example.com/inbox"}}
-        })
+      user = insert(:user, %{shared_inbox: "http://example.com/inbox"})
 
       activity = %Activity{
         data: %{"to" => [@as_public], "cc" => [user.follower_address]}
@@ -61,10 +58,7 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
     end
 
     test "it returns sharedInbox for messages involving as:Public in cc" do
-      user =
-        insert(:user, %{
-          source_data: %{"endpoints" => %{"sharedInbox" => "http://example.com/inbox"}}
-        })
+      user = insert(:user, %{shared_inbox: "http://example.com/inbox"})
 
       activity = %Activity{
         data: %{"cc" => [@as_public], "to" => [user.follower_address]}
@@ -74,11 +68,7 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
     end
 
     test "it returns sharedInbox for messages involving multiple recipients in to" do
-      user =
-        insert(:user, %{
-          source_data: %{"endpoints" => %{"sharedInbox" => "http://example.com/inbox"}}
-        })
-
+      user = insert(:user, %{shared_inbox: "http://example.com/inbox"})
       user_two = insert(:user)
       user_three = insert(:user)
 
@@ -90,11 +80,7 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
     end
 
     test "it returns sharedInbox for messages involving multiple recipients in cc" do
-      user =
-        insert(:user, %{
-          source_data: %{"endpoints" => %{"sharedInbox" => "http://example.com/inbox"}}
-        })
-
+      user = insert(:user, %{shared_inbox: "http://example.com/inbox"})
       user_two = insert(:user)
       user_three = insert(:user)
 
@@ -107,12 +93,10 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
 
     test "it returns sharedInbox for messages involving multiple recipients in total" do
       user =
-        insert(:user,
-          source_data: %{
-            "inbox" => "http://example.com/personal-inbox",
-            "endpoints" => %{"sharedInbox" => "http://example.com/inbox"}
-          }
-        )
+        insert(:user, %{
+          shared_inbox: "http://example.com/inbox",
+          inbox: "http://example.com/personal-inbox"
+        })
 
       user_two = insert(:user)
 
@@ -125,12 +109,10 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
 
     test "it returns inbox for messages involving single recipients in total" do
       user =
-        insert(:user,
-          source_data: %{
-            "inbox" => "http://example.com/personal-inbox",
-            "endpoints" => %{"sharedInbox" => "http://example.com/inbox"}
-          }
-        )
+        insert(:user, %{
+          shared_inbox: "http://example.com/inbox",
+          inbox: "http://example.com/personal-inbox"
+        })
 
       activity = %Activity{
         data: %{"to" => [user.ap_id], "cc" => []}
@@ -258,11 +240,11 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
                    [:passthrough],
                    [] do
       follower =
-        insert(:user,
+        insert(:user, %{
           local: false,
-          source_data: %{"inbox" => "https://domain.com/users/nick1/inbox"},
+          inbox: "https://domain.com/users/nick1/inbox",
           ap_enabled: true
-        )
+        })
 
       actor = insert(:user, follower_address: follower.ap_id)
       user = insert(:user)
@@ -295,14 +277,14 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
       fetcher =
         insert(:user,
           local: false,
-          source_data: %{"inbox" => "https://domain.com/users/nick1/inbox"},
+          inbox: "https://domain.com/users/nick1/inbox",
           ap_enabled: true
         )
 
       another_fetcher =
         insert(:user,
           local: false,
-          source_data: %{"inbox" => "https://domain2.com/users/nick1/inbox"},
+          inbox: "https://domain2.com/users/nick1/inbox",
           ap_enabled: true
         )
 

test/web/activity_pub/side_effects_test.exs

@@ -5,7 +5,9 @@
 defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
   use Pleroma.DataCase
 
+  alias Pleroma.Notification
   alias Pleroma.Object
+  alias Pleroma.Repo
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.ActivityPub.Builder
   alias Pleroma.Web.ActivityPub.SideEffects
@@ -15,13 +17,14 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
 
   describe "like objects" do
     setup do
+      poster = insert(:user)
       user = insert(:user)
-      {:ok, post} = CommonAPI.post(user, %{"status" => "hey"})
+      {:ok, post} = CommonAPI.post(poster, %{"status" => "hey"})
 
       {:ok, like_data, _meta} = Builder.like(user, post.object)
       {:ok, like, _meta} = ActivityPub.persist(like_data, local: true)
 
-      %{like: like, user: user}
+      %{like: like, user: user, poster: poster}
     end
 
     test "add the like to the original object", %{like: like, user: user} do
@@ -30,5 +33,10 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
       assert object.data["like_count"] == 1
       assert user.ap_id in object.data["likes"]
     end
+
+    test "creates a notification", %{like: like, poster: poster} do
+      {:ok, like, _} = SideEffects.handle(like)
+      assert Repo.get_by(Notification, user_id: poster.id, activity_id: like.id)
+    end
   end
 end

test/web/activity_pub/transmogrifier_test.exs

@@ -746,7 +746,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       user = User.get_cached_by_ap_id(activity.actor)
 
-      assert User.fields(user) == [
+      assert user.fields == [
                %{"name" => "foo", "value" => "bar"},
                %{"name" => "foo1", "value" => "bar1"}
              ]
@@ -767,7 +767,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       user = User.get_cached_by_ap_id(user.ap_id)
 
-      assert User.fields(user) == [
+      assert user.fields == [
                %{"name" => "foo", "value" => "updated"},
                %{"name" => "foo1", "value" => "updated"}
              ]
@@ -785,7 +785,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       user = User.get_cached_by_ap_id(user.ap_id)
 
-      assert User.fields(user) == [
+      assert user.fields == [
                %{"name" => "foo", "value" => "updated"},
                %{"name" => "foo1", "value" => "updated"}
              ]
@@ -796,7 +796,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       user = User.get_cached_by_ap_id(user.ap_id)
 
-      assert User.fields(user) == []
+      assert user.fields == []
     end
 
     test "it works for incoming update activities which lock the account" do
@@ -2162,4 +2162,18 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
                Transmogrifier.set_replies(object.data)["replies"]
     end
   end
+
+  test "take_emoji_tags/1" do
+    user = insert(:user, %{emoji: %{"firefox" => "https://example.org/firefox.png"}})
+
+    assert Transmogrifier.take_emoji_tags(user) == [
+             %{
+               "icon" => %{"type" => "Image", "url" => "https://example.org/firefox.png"},
+               "id" => "https://example.org/firefox.png",
+               "name" => ":firefox:",
+               "type" => "Emoji",
+               "updated" => "1970-01-01T00:00:00Z"
+             }
+           ]
+  end
 end

test/web/activity_pub/views/user_view_test.exs

@@ -29,7 +29,7 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
 
     {:ok, user} =
       insert(:user)
-      |> User.upgrade_changeset(%{fields: fields})
+      |> User.update_changeset(%{fields: fields})
       |> User.update_and_set_cache()
 
     assert %{
@@ -38,7 +38,7 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
   end
 
   test "Renders with emoji tags" do
-    user = insert(:user, emoji: [%{"bib" => "/test"}])
+    user = insert(:user, emoji: %{"bib" => "/test"})
 
     assert %{
              "tag" => [

test/web/admin_api/admin_api_controller_test.exs

@@ -2110,7 +2110,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         |> get("/api/pleroma/admin/config")
         |> json_response(200)
 
-      refute Map.has_key?(configs, "need_reboot")
+      assert configs["need_reboot"] == false
     end
 
     test "update setting which need reboot, don't change reboot flag until reboot", %{conn: conn} do
@@ -2166,7 +2166,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         |> get("/api/pleroma/admin/config")
         |> json_response(200)
 
-      refute Map.has_key?(configs, "need_reboot")
+      assert configs["need_reboot"] == false
     end
 
     test "saving config with nested merge", %{conn: conn} do
@@ -2273,13 +2273,17 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
           value: :erlang.term_to_binary([])
         )
 
+      Pleroma.Config.TransferTask.load_and_update_env([], false)
+
+      assert Application.get_env(:logger, :backends) == []
+
       conn =
         post(conn, "/api/pleroma/admin/config", %{
           configs: [
             %{
               group: config.group,
               key: config.key,
-              value: [":console", %{"tuple" => ["ExSyslogger", ":ex_syslogger"]}]
+              value: [":console"]
             }
           ]
         })
@@ -2290,8 +2294,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "group" => ":logger",
                    "key" => ":backends",
                    "value" => [
-                     ":console",
-                     %{"tuple" => ["ExSyslogger", ":ex_syslogger"]}
+                     ":console"
                    ],
                    "db" => [":backends"]
                  }
@@ -2299,14 +2302,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
              }
 
       assert Application.get_env(:logger, :backends) == [
-               :console,
-               {ExSyslogger, :ex_syslogger}
+               :console
              ]
-
-      capture_log(fn ->
-        require Logger
-        Logger.warn("Ooops...")
-      end) =~ "Ooops..."
     end
 
     test "saving full setting if value is not keyword", %{conn: conn} do
@@ -2864,6 +2861,20 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
     end
   end
 
+  test "need_reboot flag", %{conn: conn} do
+    assert conn
+           |> get("/api/pleroma/admin/need_reboot")
+           |> json_response(200) == %{"need_reboot" => false}
+
+    Restarter.Pleroma.need_reboot()
+
+    assert conn
+           |> get("/api/pleroma/admin/need_reboot")
+           |> json_response(200) == %{"need_reboot" => true}
+
+    on_exit(fn -> Restarter.Pleroma.refresh() end)
+  end
+
   describe "GET /api/pleroma/admin/statuses" do
     test "returns all public and unlisted statuses", %{conn: conn, admin: admin} do
       blocked = insert(:user)
@@ -3506,6 +3517,191 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                response["status_visibility"]
     end
   end
+
+  describe "POST /api/pleroma/admin/oauth_app" do
+    test "errors", %{conn: conn} do
+      response = conn |> post("/api/pleroma/admin/oauth_app", %{}) |> json_response(200)
+
+      assert response == %{"name" => "can't be blank", "redirect_uris" => "can't be blank"}
+    end
+
+    test "success", %{conn: conn} do
+      base_url = Pleroma.Web.base_url()
+      app_name = "Trusted app"
+
+      response =
+        conn
+        |> post("/api/pleroma/admin/oauth_app", %{
+          name: app_name,
+          redirect_uris: base_url
+        })
+        |> json_response(200)
+
+      assert %{
+               "client_id" => _,
+               "client_secret" => _,
+               "name" => ^app_name,
+               "redirect_uri" => ^base_url,
+               "trusted" => false
+             } = response
+    end
+
+    test "with trusted", %{conn: conn} do
+      base_url = Pleroma.Web.base_url()
+      app_name = "Trusted app"
+
+      response =
+        conn
+        |> post("/api/pleroma/admin/oauth_app", %{
+          name: app_name,
+          redirect_uris: base_url,
+          trusted: true
+        })
+        |> json_response(200)
+
+      assert %{
+               "client_id" => _,
+               "client_secret" => _,
+               "name" => ^app_name,
+               "redirect_uri" => ^base_url,
+               "trusted" => true
+             } = response
+    end
+  end
+
+  describe "GET /api/pleroma/admin/oauth_app" do
+    setup do
+      app = insert(:oauth_app)
+      {:ok, app: app}
+    end
+
+    test "list", %{conn: conn} do
+      response =
+        conn
+        |> get("/api/pleroma/admin/oauth_app")
+        |> json_response(200)
+
+      assert %{"apps" => apps, "count" => count, "page_size" => _} = response
+
+      assert length(apps) == count
+    end
+
+    test "with page size", %{conn: conn} do
+      insert(:oauth_app)
+      page_size = 1
+
+      response =
+        conn
+        |> get("/api/pleroma/admin/oauth_app", %{page_size: to_string(page_size)})
+        |> json_response(200)
+
+      assert %{"apps" => apps, "count" => _, "page_size" => ^page_size} = response
+
+      assert length(apps) == page_size
+    end
+
+    test "search by client name", %{conn: conn, app: app} do
+      response =
+        conn
+        |> get("/api/pleroma/admin/oauth_app", %{name: app.client_name})
+        |> json_response(200)
+
+      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
+
+      assert returned["client_id"] == app.client_id
+      assert returned["name"] == app.client_name
+    end
+
+    test "search by client id", %{conn: conn, app: app} do
+      response =
+        conn
+        |> get("/api/pleroma/admin/oauth_app", %{client_id: app.client_id})
+        |> json_response(200)
+
+      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
+
+      assert returned["client_id"] == app.client_id
+      assert returned["name"] == app.client_name
+    end
+
+    test "only trusted", %{conn: conn} do
+      app = insert(:oauth_app, trusted: true)
+
+      response =
+        conn
+        |> get("/api/pleroma/admin/oauth_app", %{trusted: true})
+        |> json_response(200)
+
+      assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
+
+      assert returned["client_id"] == app.client_id
+      assert returned["name"] == app.client_name
+    end
+  end
+
+  describe "DELETE /api/pleroma/admin/oauth_app/:id" do
+    test "with id", %{conn: conn} do
+      app = insert(:oauth_app)
+
+      response =
+        conn
+        |> delete("/api/pleroma/admin/oauth_app/" <> to_string(app.id))
+        |> json_response(:no_content)
+
+      assert response == ""
+    end
+
+    test "with non existance id", %{conn: conn} do
+      response =
+        conn
+        |> delete("/api/pleroma/admin/oauth_app/0")
+        |> json_response(:bad_request)
+
+      assert response == ""
+    end
+  end
+
+  describe "PATCH /api/pleroma/admin/oauth_app/:id" do
+    test "with id", %{conn: conn} do
+      app = insert(:oauth_app)
+
+      name = "another name"
+      url = "https://example.com"
+      scopes = ["admin"]
+      id = app.id
+      website = "http://website.com"
+
+      response =
+        conn
+        |> patch("/api/pleroma/admin/oauth_app/" <> to_string(app.id), %{
+          name: name,
+          trusted: true,
+          redirect_uris: url,
+          scopes: scopes,
+          website: website
+        })
+        |> json_response(200)
+
+      assert %{
+               "client_id" => _,
+               "client_secret" => _,
+               "id" => ^id,
+               "name" => ^name,
+               "redirect_uri" => ^url,
+               "trusted" => true,
+               "website" => ^website
+             } = response
+    end
+
+    test "without id", %{conn: conn} do
+      response =
+        conn
+        |> patch("/api/pleroma/admin/oauth_app/0")
+        |> json_response(:bad_request)
+
+      assert response == ""
+    end
+  end
 end
 
 # Needed for testing

test/web/auth/basic_auth_test.exs

@@ -0,0 +1,46 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.Auth.BasicAuthTest do
+  use Pleroma.Web.ConnCase
+
+  import Pleroma.Factory
+
+  test "with HTTP Basic Auth used, grants access to OAuth scope-restricted endpoints", %{
+    conn: conn
+  } do
+    user = insert(:user)
+    assert Comeonin.Pbkdf2.checkpw("test", user.password_hash)
+
+    basic_auth_contents =
+      (URI.encode_www_form(user.nickname) <> ":" <> URI.encode_www_form("test"))
+      |> Base.encode64()
+
+    # Succeeds with HTTP Basic Auth
+    response =
+      conn
+      |> put_req_header("authorization", "Basic " <> basic_auth_contents)
+      |> get("/api/v1/accounts/verify_credentials")
+      |> json_response(200)
+
+    user_nickname = user.nickname
+    assert %{"username" => ^user_nickname} = response
+
+    # Succeeds with a properly scoped OAuth token
+    valid_token = insert(:oauth_token, scopes: ["read:accounts"])
+
+    conn
+    |> put_req_header("authorization", "Bearer #{valid_token.token}")
+    |> get("/api/v1/accounts/verify_credentials")
+    |> json_response(200)
+
+    # Fails with a wrong-scoped OAuth token (proof of restriction)
+    invalid_token = insert(:oauth_token, scopes: ["read:something"])
+
+    conn
+    |> put_req_header("authorization", "Bearer #{invalid_token.token}")
+    |> get("/api/v1/accounts/verify_credentials")
+    |> json_response(403)
+  end
+end

test/web/auth/oauth_test_controller_test.exs

@@ -0,0 +1,49 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Tests.OAuthTestControllerTest do
+  use Pleroma.Web.ConnCase
+
+  import Pleroma.Factory
+
+  setup %{conn: conn} do
+    user = insert(:user)
+    conn = assign(conn, :user, user)
+    %{conn: conn, user: user}
+  end
+
+  test "missed_oauth", %{conn: conn} do
+    res =
+      conn
+      |> get("/test/authenticated_api/missed_oauth")
+      |> json_response(403)
+
+    assert res ==
+             %{
+               "error" =>
+                 "Security violation: OAuth scopes check was neither handled nor explicitly skipped."
+             }
+  end
+
+  test "skipped_oauth", %{conn: conn} do
+    conn
+    |> assign(:token, nil)
+    |> get("/test/authenticated_api/skipped_oauth")
+    |> json_response(200)
+  end
+
+  test "performed_oauth", %{user: user} do
+    %{conn: good_token_conn} = oauth_access(["read"], user: user)
+
+    good_token_conn
+    |> get("/test/authenticated_api/performed_oauth")
+    |> json_response(200)
+
+    %{conn: bad_token_conn} = oauth_access(["follow"], user: user)
+
+    bad_token_conn
+    |> get("/test/authenticated_api/performed_oauth")
+    |> json_response(403)
+  end
+end

test/web/common_api/common_api_test.exs

@@ -97,18 +97,6 @@ defmodule Pleroma.Web.CommonAPITest do
     assert Object.normalize(activity).data["emoji"]["firefox"]
   end
 
-  test "it adds emoji when updating profiles" do
-    user = insert(:user, %{name: ":firefox:"})
-
-    {:ok, activity} = CommonAPI.update(user)
-    user = User.get_cached_by_ap_id(user.ap_id)
-    [firefox] = user.source_data["tag"]
-
-    assert firefox["name"] == ":firefox:"
-
-    assert Pleroma.Constants.as_public() in activity.recipients
-  end
-
   describe "posting" do
     test "it supports explicit addressing" do
       user = insert(:user)

test/web/common_api/common_api_utils_test.exs

@@ -7,7 +7,6 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
   alias Pleroma.Object
   alias Pleroma.Web.CommonAPI
   alias Pleroma.Web.CommonAPI.Utils
-  alias Pleroma.Web.Endpoint
   use Pleroma.DataCase
 
   import ExUnit.CaptureLog
@@ -42,28 +41,6 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
     end
   end
 
-  test "parses emoji from name and bio" do
-    {:ok, user} = UserBuilder.insert(%{name: ":blank:", bio: ":firefox:"})
-
-    expected = [
-      %{
-        "type" => "Emoji",
-        "icon" => %{"type" => "Image", "url" => "#{Endpoint.url()}/emoji/Firefox.gif"},
-        "name" => ":firefox:"
-      },
-      %{
-        "type" => "Emoji",
-        "icon" => %{
-          "type" => "Image",
-          "url" => "#{Endpoint.url()}/emoji/blank.png"
-        },
-        "name" => ":blank:"
-      }
-    ]
-
-    assert expected == Utils.emoji_from_profile(user)
-  end
-
   describe "format_input/3" do
     test "works for bare text/plain" do
       text = "hello world!"

test/web/federator_test.exs

@@ -78,7 +78,7 @@ defmodule Pleroma.Web.FederatorTest do
         local: false,
         nickname: "nick1@domain.com",
         ap_id: "https://domain.com/users/nick1",
-        source_data: %{"inbox" => inbox1},
+        inbox: inbox1,
         ap_enabled: true
       })
 
@@ -86,7 +86,7 @@ defmodule Pleroma.Web.FederatorTest do
         local: false,
         nickname: "nick2@domain2.com",
         ap_id: "https://domain2.com/users/nick2",
-        source_data: %{"inbox" => inbox2},
+        inbox: inbox2,
         ap_enabled: true
       })
 

test/web/feed/tag_controller_test.exs

@@ -150,8 +150,8 @@ defmodule Pleroma.Web.Feed.TagControllerTest do
     obj2 = Object.normalize(activity2)
 
     assert xpath(xml, ~x"//channel/item/description/text()"sl) == [
-             HtmlEntities.decode(FeedView.activity_content(obj2)),
-             HtmlEntities.decode(FeedView.activity_content(obj1))
+             HtmlEntities.decode(FeedView.activity_content(obj2.data)),
+             HtmlEntities.decode(FeedView.activity_content(obj1.data))
            ]
 
     response =

test/web/mastodon_api/controllers/account_controller_test.exs

@@ -944,6 +944,73 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       res = post(conn, "/api/v1/accounts", valid_params)
       assert json_response(res, 403) == %{"error" => "Invalid credentials"}
     end
+
+    test "registration from trusted app" do
+      clear_config([Pleroma.Captcha, :enabled], true)
+      app = insert(:oauth_app, trusted: true, scopes: ["read", "write", "follow", "push"])
+
+      conn =
+        build_conn()
+        |> post("/oauth/token", %{
+          "grant_type" => "client_credentials",
+          "client_id" => app.client_id,
+          "client_secret" => app.client_secret
+        })
+
+      assert %{"access_token" => token, "token_type" => "Bearer"} = json_response(conn, 200)
+
+      response =
+        build_conn()
+        |> Plug.Conn.put_req_header("authorization", "Bearer " <> token)
+        |> post("/api/v1/accounts", %{
+          nickname: "nickanme",
+          agreement: true,
+          email: "email@example.com",
+          fullname: "Lain",
+          username: "Lain",
+          password: "some_password",
+          confirm: "some_password"
+        })
+        |> json_response(200)
+
+      assert %{
+               "access_token" => access_token,
+               "created_at" => _,
+               "scope" => ["read", "write", "follow", "push"],
+               "token_type" => "Bearer"
+             } = response
+
+      response =
+        build_conn()
+        |> Plug.Conn.put_req_header("authorization", "Bearer " <> access_token)
+        |> get("/api/v1/accounts/verify_credentials")
+        |> json_response(200)
+
+      assert %{
+               "acct" => "Lain",
+               "bot" => false,
+               "display_name" => "Lain",
+               "follow_requests_count" => 0,
+               "followers_count" => 0,
+               "following_count" => 0,
+               "locked" => false,
+               "note" => "",
+               "source" => %{
+                 "fields" => [],
+                 "note" => "",
+                 "pleroma" => %{
+                   "actor_type" => "Person",
+                   "discoverable" => false,
+                   "no_rich_text" => false,
+                   "show_role" => true
+                 },
+                 "privacy" => "public",
+                 "sensitive" => false
+               },
+               "statuses_count" => 0,
+               "username" => "Lain"
+             } = response
+    end
   end
 
   describe "create account by app / rate limit" do

test/web/mastodon_api/controllers/domain_block_controller_test.exs

@@ -6,20 +6,29 @@ defmodule Pleroma.Web.MastodonAPI.DomainBlockControllerTest do
   use Pleroma.Web.ConnCase
 
   alias Pleroma.User
+  alias Pleroma.Web.ApiSpec
+  alias Pleroma.Web.ApiSpec.Schemas.DomainBlocksResponse
 
   import Pleroma.Factory
+  import OpenApiSpex.TestAssertions
 
   test "blocking / unblocking a domain" do
     %{user: user, conn: conn} = oauth_access(["write:blocks"])
     other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
 
-    ret_conn = post(conn, "/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+    ret_conn =
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
 
     assert %{} = json_response(ret_conn, 200)
     user = User.get_cached_by_ap_id(user.ap_id)
     assert User.blocks?(user, other_user)
 
-    ret_conn = delete(conn, "/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
+    ret_conn =
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})
 
     assert %{} = json_response(ret_conn, 200)
     user = User.get_cached_by_ap_id(user.ap_id)
@@ -41,5 +50,12 @@ defmodule Pleroma.Web.MastodonAPI.DomainBlockControllerTest do
 
     assert "bad.site" in domain_blocks
     assert "even.worse.site" in domain_blocks
+    assert_schema(domain_blocks, "DomainBlocksResponse", ApiSpec.spec())
+  end
+
+  test "DomainBlocksResponse example matches schema" do
+    api_spec = ApiSpec.spec()
+    schema = DomainBlocksResponse.schema()
+    assert_schema(schema.example, "DomainBlocksResponse", api_spec)
   end
 end

test/web/mastodon_api/controllers/notification_controller_test.exs

@@ -12,6 +12,26 @@ defmodule Pleroma.Web.MastodonAPI.NotificationControllerTest do
 
   import Pleroma.Factory
 
+  test "does NOT render account/pleroma/relationship if this is disabled by default" do
+    clear_config([:extensions, :output_relationships_in_statuses_by_default], false)
+
+    %{user: user, conn: conn} = oauth_access(["read:notifications"])
+    other_user = insert(:user)
+
+    {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
+    {:ok, [_notification]} = Notification.create_notifications(activity)
+
+    response =
+      conn
+      |> assign(:user, user)
+      |> get("/api/v1/notifications")
+      |> json_response(200)
+
+    assert Enum.all?(response, fn n ->
+             get_in(n, ["account", "pleroma", "relationship"]) == %{}
+           end)
+  end
+
   test "list of notifications" do
     %{user: user, conn: conn} = oauth_access(["read:notifications"])
     other_user = insert(:user)

test/web/mastodon_api/controllers/status_controller_test.exs

@@ -1047,6 +1047,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
   end
 
   test "bookmarks" do
+    bookmarks_uri = "/api/v1/bookmarks?with_relationships=true"
+
     %{conn: conn} = oauth_access(["write:bookmarks", "read:bookmarks"])
     author = insert(:user)
 
@@ -1068,7 +1070,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
 
     assert json_response(response2, 200)["bookmarked"] == true
 
-    bookmarks = get(conn, "/api/v1/bookmarks")
+    bookmarks = get(conn, bookmarks_uri)
 
     assert [json_response(response2, 200), json_response(response1, 200)] ==
              json_response(bookmarks, 200)
@@ -1077,7 +1079,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
 
     assert json_response(response1, 200)["bookmarked"] == false
 
-    bookmarks = get(conn, "/api/v1/bookmarks")
+    bookmarks = get(conn, bookmarks_uri)
 
     assert [json_response(response2, 200)] == json_response(bookmarks, 200)
   end

test/web/mastodon_api/controllers/subscription_controller_test.exs

@@ -35,7 +35,10 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionControllerTest do
     quote do
       vapid_details = Application.get_env(:web_push_encryption, :vapid_details, [])
       Application.put_env(:web_push_encryption, :vapid_details, [])
-      assert "Something went wrong" == unquote(yield)
+
+      assert %{"error" => "Web push subscription is disabled on this Pleroma instance"} ==
+               unquote(yield)
+
       Application.put_env(:web_push_encryption, :vapid_details, vapid_details)
     end
   end
@@ -45,7 +48,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionControllerTest do
       assert_error_when_disable_push do
         conn
         |> post("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
       end
     end
 
@@ -74,7 +77,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionControllerTest do
       assert_error_when_disable_push do
         conn
         |> get("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
       end
     end
 
@@ -127,7 +130,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionControllerTest do
       assert_error_when_disable_push do
         conn
         |> put("/api/v1/push/subscription", %{data: %{"alerts" => %{"mention" => false}}})
-        |> json_response(500)
+        |> json_response(403)
       end
     end
 
@@ -155,7 +158,7 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionControllerTest do
       assert_error_when_disable_push do
         conn
         |> delete("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
       end
     end
 

test/web/mastodon_api/controllers/suggestion_controller_test.exs

@@ -7,34 +7,8 @@ defmodule Pleroma.Web.MastodonAPI.SuggestionControllerTest do
 
   alias Pleroma.Config
 
-  import Pleroma.Factory
-  import Tesla.Mock
-
   setup do: oauth_access(["read"])
 
-  setup %{user: user} do
-    other_user = insert(:user)
-    host = Config.get([Pleroma.Web.Endpoint, :url, :host])
-    url500 = "http://test500?#{host}&#{user.nickname}"
-    url200 = "http://test200?#{host}&#{user.nickname}"
-
-    mock(fn
-      %{method: :get, url: ^url500} ->
-        %Tesla.Env{status: 500, body: "bad request"}
-
-      %{method: :get, url: ^url200} ->
-        %Tesla.Env{
-          status: 200,
-          body:
-            ~s([{"acct":"yj455","avatar":"https://social.heldscal.la/avatar/201.jpeg","avatar_static":"https://social.heldscal.la/avatar/s/201.jpeg"}, {"acct":"#{
-              other_user.ap_id
-            }","avatar":"https://social.heldscal.la/avatar/202.jpeg","avatar_static":"https://social.heldscal.la/avatar/s/202.jpeg"}])
-        }
-    end)
-
-    [other_user: other_user]
-  end
-
   test "returns empty result", %{conn: conn} do
     res =
       conn

test/web/mastodon_api/controllers/timeline_controller_test.exs

@@ -20,7 +20,30 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
   describe "home" do
     setup do: oauth_access(["read:statuses"])
 
+    test "does NOT render account/pleroma/relationship if this is disabled by default", %{
+      user: user,
+      conn: conn
+    } do
+      clear_config([:extensions, :output_relationships_in_statuses_by_default], false)
+
+      other_user = insert(:user)
+
+      {:ok, _} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})
+
+      response =
+        conn
+        |> assign(:user, user)
+        |> get("/api/v1/timelines/home")
+        |> json_response(200)
+
+      assert Enum.all?(response, fn n ->
+               get_in(n, ["account", "pleroma", "relationship"]) == %{}
+             end)
+    end
+
     test "the home timeline", %{user: user, conn: conn} do
+      uri = "/api/v1/timelines/home?with_relationships=true"
+
       following = insert(:user, nickname: "followed")
       third_user = insert(:user, nickname: "repeated")
 
@@ -28,13 +51,13 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
       {:ok, activity} = CommonAPI.post(third_user, %{"status" => "repeated post"})
       {:ok, _, _} = CommonAPI.repeat(activity.id, following)
 
-      ret_conn = get(conn, "/api/v1/timelines/home")
+      ret_conn = get(conn, uri)
 
       assert Enum.empty?(json_response(ret_conn, :ok))
 
       {:ok, _user} = User.follow(user, following)
 
-      ret_conn = get(conn, "/api/v1/timelines/home")
+      ret_conn = get(conn, uri)
 
       assert [
                %{
@@ -59,7 +82,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
 
       {:ok, _user} = User.follow(third_user, user)
 
-      ret_conn = get(conn, "/api/v1/timelines/home")
+      ret_conn = get(conn, uri)
 
       assert [
                %{

test/web/mastodon_api/views/account_view_test.exs

@@ -19,16 +19,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
   end
 
   test "Represent a user account" do
-    source_data = %{
-      "tag" => [
-        %{
-          "type" => "Emoji",
-          "icon" => %{"url" => "/file.png"},
-          "name" => ":karjalanpiirakka:"
-        }
-      ]
-    }
-
     background_image = %{
       "url" => [%{"href" => "https://example.com/images/asuka_hospital.png"}]
     }
@@ -37,13 +27,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       insert(:user, %{
         follower_count: 3,
         note_count: 5,
-        source_data: source_data,
         background: background_image,
         nickname: "shp@shitposter.club",
         name: ":karjalanpiirakka: shp",
         bio:
           "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f",
-        inserted_at: ~N[2017-08-15 15:47:06.597036]
+        inserted_at: ~N[2017-08-15 15:47:06.597036],
+        emoji: %{"karjalanpiirakka" => "/file.png"}
       })
 
     expected = %{
@@ -117,7 +107,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       insert(:user, %{
         follower_count: 3,
         note_count: 5,
-        source_data: %{},
         actor_type: "Service",
         nickname: "shp@shitposter.club",
         inserted_at: ~N[2017-08-15 15:47:06.597036]
@@ -311,7 +300,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       insert(:user, %{
         follower_count: 0,
         note_count: 5,
-        source_data: %{},
         actor_type: "Service",
         nickname: "shp@shitposter.club",
         inserted_at: ~N[2017-08-15 15:47:06.597036]

test/web/mastodon_api/views/subscription_view_test.exs

@@ -2,10 +2,10 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
-defmodule Pleroma.Web.MastodonAPI.PushSubscriptionViewTest do
+defmodule Pleroma.Web.MastodonAPI.SubscriptionViewTest do
   use Pleroma.DataCase
   import Pleroma.Factory
-  alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
+  alias Pleroma.Web.MastodonAPI.SubscriptionView, as: View
   alias Pleroma.Web.Push
 
   test "Represent a subscription" do
@@ -18,6 +18,6 @@ defmodule Pleroma.Web.MastodonAPI.PushSubscriptionViewTest do
       server_key: Keyword.get(Push.vapid_config(), :public_key)
     }
 
-    assert expected == View.render("push_subscription.json", %{subscription: subscription})
+    assert expected == View.render("show.json", %{subscription: subscription})
   end
 end

test/web/pleroma_api/controllers/pleroma_api_controller_test.exs

@@ -220,7 +220,7 @@ defmodule Pleroma.Web.PleromaAPI.PleromaAPIControllerTest do
 
   test "POST /api/v1/pleroma/conversations/read" do
     user = insert(:user)
-    %{user: other_user, conn: conn} = oauth_access(["write:notifications"])
+    %{user: other_user, conn: conn} = oauth_access(["write:conversations"])
 
     {:ok, _activity} =
       CommonAPI.post(user, %{"status" => "Hi @#{other_user.nickname}", "visibility" => "direct"})