Merge branch 'feature/1739-account-endpoints' into 'develop'

account visibility in masto api Closes #1739 See merge request pleroma/pleroma!2488
2020-06-22 12:37:10 +00:00 · 2020-06-22 12:37:10 +00:00 · 59bdef0c33
commit 59bdef0c33
parent 31489bc864 0321a3e078
6 changed files with 107 additions and 45 deletions
--- a/test/user_test.exs
+++ b/test/user_test.exs
@ -1342,11 +1342,11 @@ defmodule Pleroma.UserTest do
    end
  end

-  describe "visible_for?/2" do
+  describe "visible_for/2" do
    test "returns true when the account is itself" do
      user = insert(:user, local: true)

-      assert User.visible_for?(user, user)
+      assert User.visible_for(user, user) == :visible
    end

    test "returns false when the account is unauthenticated and auth is required" do
@ -1355,14 +1355,14 @@ defmodule Pleroma.UserTest do
      user = insert(:user, local: true, confirmation_pending: true)
      other_user = insert(:user, local: true)

-      refute User.visible_for?(user, other_user)
+      refute User.visible_for(user, other_user) == :visible
    end

    test "returns true when the account is unauthenticated and auth is not required" do
      user = insert(:user, local: true, confirmation_pending: true)
      other_user = insert(:user, local: true)

-      assert User.visible_for?(user, other_user)
+      assert User.visible_for(user, other_user) == :visible
    end

    test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do
@ -1371,7 +1371,7 @@ defmodule Pleroma.UserTest do
      user = insert(:user, local: true, confirmation_pending: true)
      other_user = insert(:user, local: true, is_admin: true)

-      assert User.visible_for?(user, other_user)
+      assert User.visible_for(user, other_user) == :visible
    end
  end

--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@ -127,6 +127,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
               |> get("/api/v1/accounts/internal.fetch")
               |> json_response_and_validate_schema(404)
    end
+
+    test "returns 404 for deactivated user", %{conn: conn} do
+      user = insert(:user, deactivated: true)
+
+      assert %{"error" => "Can't find user"} =
+               conn
+               |> get("/api/v1/accounts/#{user.id}")
+               |> json_response_and_validate_schema(:not_found)
+    end
  end

  defp local_and_remote_users do
@ -143,15 +152,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
    setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true)

    test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{local.id}")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)

-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{remote.id}")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)
    end

    test "if user is authenticated", %{local: local, remote: remote} do
@ -173,8 +182,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
    test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
      res_conn = get(conn, "/api/v1/accounts/#{local.id}")

-      assert json_response_and_validate_schema(res_conn, :not_found) == %{
-               "error" => "Can't find user"
+      assert json_response_and_validate_schema(res_conn, :unauthorized) == %{
+               "error" => "This API requires an authenticated user"
             }

      res_conn = get(conn, "/api/v1/accounts/#{remote.id}")
@ -203,8 +212,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do

      res_conn = get(conn, "/api/v1/accounts/#{remote.id}")

-      assert json_response_and_validate_schema(res_conn, :not_found) == %{
-               "error" => "Can't find user"
+      assert json_response_and_validate_schema(res_conn, :unauthorized) == %{
+               "error" => "This API requires an authenticated user"
             }
    end

@ -249,6 +258,24 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
      assert id == announce.id
    end

+    test "deactivated user", %{conn: conn} do
+      user = insert(:user, deactivated: true)
+
+      assert %{"error" => "Can't find user"} ==
+               conn
+               |> get("/api/v1/accounts/#{user.id}/statuses")
+               |> json_response_and_validate_schema(:not_found)
+    end
+
+    test "returns 404 when user is invisible", %{conn: conn} do
+      user = insert(:user, %{invisible: true})
+
+      assert %{"error" => "Can't find user"} =
+               conn
+               |> get("/api/v1/accounts/#{user.id}")
+               |> json_response_and_validate_schema(404)
+    end
+
    test "respects blocks", %{user: user_one, conn: conn} do
      user_two = insert(:user)
      user_three = insert(:user)
@ -430,15 +457,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
    setup do: clear_config([:restrict_unauthenticated, :profiles, :remote], true)

    test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{local.id}/statuses")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)

-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{remote.id}/statuses")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)
    end

    test "if user is authenticated", %{local: local, remote: remote} do
@ -459,10 +486,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
    setup do: clear_config([:restrict_unauthenticated, :profiles, :local], true)

    test "if user is unauthenticated", %{conn: conn, local: local, remote: remote} do
-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{local.id}/statuses")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)

      res_conn = get(conn, "/api/v1/accounts/#{remote.id}/statuses")
      assert length(json_response_and_validate_schema(res_conn, 200)) == 1
@ -489,10 +516,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
      res_conn = get(conn, "/api/v1/accounts/#{local.id}/statuses")
      assert length(json_response_and_validate_schema(res_conn, 200)) == 1

-      assert %{"error" => "Can't find user"} ==
+      assert %{"error" => "This API requires an authenticated user"} ==
               conn
               |> get("/api/v1/accounts/#{remote.id}/statuses")
-               |> json_response_and_validate_schema(:not_found)
+               |> json_response_and_validate_schema(:unauthorized)
    end

    test "if user is authenticated", %{local: local, remote: remote} do