hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring.

Browse source
This commit is contained in:
Ivan Tashkinov 2020-03-09 20:51:44 +03:00
commit 5fc92deef3
12 changed files with 418 additions and 404 deletions
Download patch file Download diff file Expand all files Collapse all files

110
test/web/ostatus/ostatus_controller_test.exs
View file

@ -7,6 +7,7 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
import Pleroma.Factory
alias Pleroma.Config
alias Pleroma.Object
alias Pleroma.User
alias Pleroma.Web.CommonAPI
@ -16,22 +17,24 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
:ok
end
clear_config_all([:instance, :federating]) do
Pleroma.Config.put([:instance, :federating], true)
clear_config([:instance, :federating]) do
Config.put([:instance, :federating], true)
end
describe "GET object/2" do
# Note: see ActivityPubControllerTest for JSON format tests
describe "GET /objects/:uuid (text/html)" do
setup %{conn: conn} do
conn = put_req_header(conn, "accept", "text/html")
%{conn: conn}
end
test "redirects to /notice/id for html format", %{conn: conn} do
note_activity = insert(:note_activity)
object = Object.normalize(note_activity)
[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
url = "/objects/#{uuid}"
conn =
conn
|> put_req_header("accept", "text/html")
|> get(url)
conn = get(conn, url)
assert redirected_to(conn) == "/notice/#{note_activity.id}"
end
@ -45,23 +48,25 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
|> response(404)
end
test "404s on nonexisting objects", %{conn: conn} do
test "404s on non-existing objects", %{conn: conn} do
conn
|> get("/objects/123")
|> response(404)
end
end
describe "GET activity/2" do
# Note: see ActivityPubControllerTest for JSON format tests
describe "GET /activities/:uuid (text/html)" do
setup %{conn: conn} do
conn = put_req_header(conn, "accept", "text/html")
%{conn: conn}
end
test "redirects to /notice/id for html format", %{conn: conn} do
note_activity = insert(:note_activity)
[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
conn =
conn
|> put_req_header("accept", "text/html")
|> get("/activities/#{uuid}")
conn = get(conn, "/activities/#{uuid}")
assert redirected_to(conn) == "/notice/#{note_activity.id}"
end
@ -79,19 +84,6 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
|> get("/activities/123")
|> response(404)
end
test "gets an activity in AS2 format", %{conn: conn} do
note_activity = insert(:note_activity)
[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
url = "/activities/#{uuid}"
conn =
conn
|> put_req_header("accept", "application/activity+json")
|> get(url)
assert json_response(conn, 200)
end
end
describe "GET notice/2" do
@ -170,7 +162,7 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
assert response(conn, 404)
end
test "404s a nonexisting notice", %{conn: conn} do
test "404s a non-existing notice", %{conn: conn} do
url = "/notice/123"
conn =
@ -179,10 +171,21 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
assert response(conn, 404)
end
test "it requires authentication if instance is NOT federating", %{
conn: conn
} do
user = insert(:user)
note_activity = insert(:note_activity)
conn = put_req_header(conn, "accept", "text/html")
ensure_federating_or_authenticated(conn, "/notice/#{note_activity.id}", user)
end
end
describe "GET /notice/:id/embed_player" do
test "render embed player", %{conn: conn} do
setup do
note_activity = insert(:note_activity)
object = Pleroma.Object.normalize(note_activity)
@ -204,9 +207,11 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
|> Ecto.Changeset.change(data: object_data)
|> Pleroma.Repo.update()
conn =
conn
|> get("/notice/#{note_activity.id}/embed_player")
%{note_activity: note_activity}
end
test "renders embed player", %{conn: conn, note_activity: note_activity} do
conn = get(conn, "/notice/#{note_activity.id}/embed_player")
assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
@ -272,38 +277,19 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
|> Ecto.Changeset.change(data: object_data)
|> Pleroma.Repo.update()
assert conn
|> get("/notice/#{note_activity.id}/embed_player")
|> response(404)
end
end
describe "when instance is not federating," do
clear_config([:instance, :federating]) do
Pleroma.Config.put([:instance, :federating], false)
conn
|> get("/notice/#{note_activity.id}/embed_player")
|> response(404)
end
test "returns 404 for GET routes", %{conn: conn} do
conn = put_req_header(conn, "accept", "application/json")
test "it requires authentication if instance is NOT federating", %{
conn: conn,
note_activity: note_activity
} do
user = insert(:user)
conn = put_req_header(conn, "accept", "text/html")
note_activity = insert(:note_activity, local: true)
[_, activity_uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
object = Object.normalize(note_activity)
[_, object_uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
get_uris = [
"/activities/#{activity_uuid}",
"/objects/#{object_uuid}",
"/notice/#{note_activity.id}",
"/notice/#{note_activity.id}/embed_player"
]
for get_uri <- get_uris do
conn
|> get(get_uri)
|> json_response(404)
end
ensure_federating_or_authenticated(conn, "/notice/#{note_activity.id}/embed_player", user)
end
end
end