hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge back 2.4.5

Browse source
This commit is contained in:
Haelwenn (lanodan) Monnier 2022-12-23 17:05:05 +01:00
commit 7d68d64d63
5598 changed files with 55535 additions and 18588 deletions
Download patch file Download diff file Expand all files Collapse all files

52
test/pleroma/web/activity_pub/activity_pub_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
@ -247,6 +247,27 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert json_response(response, 200) == ObjectView.render("object.json", %{object: object})
end
test "does not return local-only objects for remote users", %{conn: conn} do
user = insert(:user)
reader = insert(:user, local: false)
{:ok, post} =
CommonAPI.post(user, %{status: "test @#{reader.nickname}", visibility: "local"})
assert Pleroma.Web.ActivityPub.Visibility.is_local_public?(post)
object = Object.normalize(post, fetch: false)
uuid = String.split(object.data["id"], "/") |> List.last()
assert response =
conn
|> assign(:user, reader)
|> put_req_header("accept", "application/activity+json")
|> get("/objects/#{uuid}")
json_response(response, 404)
end
test "it returns a json representation of the object with accept application/json", %{
conn: conn
} do
@ -1297,6 +1318,35 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
assert outbox_endpoint == result["id"]
end
test "it returns a local note activity when authenticated as local user", %{conn: conn} do
user = insert(:user)
reader = insert(:user)
{:ok, note_activity} = CommonAPI.post(user, %{status: "mew mew", visibility: "local"})
ap_id = note_activity.data["id"]
resp =
conn
|> assign(:user, reader)
|> put_req_header("accept", "application/activity+json")
|> get("/users/#{user.nickname}/outbox?page=true")
|> json_response(200)
assert %{"orderedItems" => [%{"id" => ^ap_id}]} = resp
end
test "it does not return a local note activity when unauthenticated", %{conn: conn} do
user = insert(:user)
{:ok, _note_activity} = CommonAPI.post(user, %{status: "mew mew", visibility: "local"})
resp =
conn
|> put_req_header("accept", "application/activity+json")
|> get("/users/#{user.nickname}/outbox?page=true")
|> json_response(200)
assert %{"orderedItems" => []} = resp
end
test "it returns a note activity in a collection", %{conn: conn} do
note_activity = insert(:note_activity)
note_object = Object.normalize(note_activity, fetch: false)

198
test/pleroma/web/activity_pub/activity_pub_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
@ -312,6 +312,103 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert %{data: %{"id" => ^object_url}} = Object.get_by_ap_id(object_url)
end
test "fetches user featured collection without embedded object" do
ap_id = "https://example.com/users/lain"
featured_url = "https://example.com/users/lain/collections/featured"
user_data =
"test/fixtures/users_mock/user.json"
|> File.read!()
|> String.replace("{{nickname}}", "lain")
|> Jason.decode!()
|> Map.put("featured", featured_url)
|> Jason.encode!()
object_id = Ecto.UUID.generate()
featured_data =
"test/fixtures/mastodon/collections/external_featured.json"
|> File.read!()
|> String.replace("{{domain}}", "example.com")
|> String.replace("{{nickname}}", "lain")
|> String.replace("{{object_id}}", object_id)
object_url = "https://example.com/objects/#{object_id}"
object_data =
"test/fixtures/statuses/note.json"
|> File.read!()
|> String.replace("{{object_id}}", object_id)
|> String.replace("{{nickname}}", "lain")
Tesla.Mock.mock(fn
%{
method: :get,
url: ^ap_id
} ->
%Tesla.Env{
status: 200,
body: user_data,
headers: [{"content-type", "application/activity+json"}]
}
%{
method: :get,
url: ^featured_url
} ->
%Tesla.Env{
status: 200,
body: featured_data,
headers: [{"content-type", "application/activity+json"}]
}
end)
Tesla.Mock.mock_global(fn
%{
method: :get,
url: ^object_url
} ->
%Tesla.Env{
status: 200,
body: object_data,
headers: [{"content-type", "application/activity+json"}]
}
end)
{:ok, user} = ActivityPub.make_user_from_ap_id(ap_id)
Process.sleep(50)
assert user.featured_address == featured_url
assert Map.has_key?(user.pinned_objects, object_url)
in_db = Pleroma.User.get_by_ap_id(ap_id)
assert in_db.featured_address == featured_url
assert Map.has_key?(user.pinned_objects, object_url)
assert %{data: %{"id" => ^object_url}} = Object.get_by_ap_id(object_url)
end
test "fetches user birthday information from misskey" do
user_id = "https://misskey.io/@mkljczk"
Tesla.Mock.mock(fn
%{
method: :get,
url: ^user_id
} ->
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/birthdays/misskey-user.json"),
headers: [{"content-type", "application/activity+json"}]
}
end)
{:ok, user} = ActivityPub.make_user_from_ap_id(user_id)
assert user.birthday == ~D[2001-02-12]
end
end
test "it fetches the appropriate tag-restricted posts" do
@ -457,7 +554,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert activity.data["ok"] == data["ok"]
assert activity.data["id"] == given_id
assert activity.data["context"] == "blabla"
assert activity.data["context_id"]
end
test "adds a context when none is there" do
@ -479,8 +575,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert is_binary(activity.data["context"])
assert is_binary(object.data["context"])
assert activity.data["context_id"]
assert object.data["context_id"]
end
test "adds an id to a given object if it lacks one and is a note and inserts it to the object database" do
@ -776,6 +870,32 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert Enum.member?(activities, activity_one)
end
test "doesn't return activities from deactivated users" do
_user = insert(:user)
deactivated = insert(:user)
active = insert(:user)
{:ok, activity_one} = CommonAPI.post(deactivated, %{status: "hey!"})
{:ok, activity_two} = CommonAPI.post(active, %{status: "yay!"})
{:ok, _updated_user} = User.set_activation(deactivated, false)
activities = ActivityPub.fetch_activities([], %{})
refute Enum.member?(activities, activity_one)
assert Enum.member?(activities, activity_two)
end
test "always see your own posts even when they address people you block" do
user = insert(:user)
blockee = insert(:user)
{:ok, _} = User.block(user, blockee)
{:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{blockee.nickname}"})
activities = ActivityPub.fetch_activities([], %{blocking_user: user})
assert Enum.member?(activities, activity)
end
test "doesn't return transitive interactions concerning blocked users" do
blocker = insert(:user)
blockee = insert(:user)
@ -875,6 +995,21 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
refute repeat_activity in activities
end
test "see your own posts even when they adress actors from blocked domains" do
user = insert(:user)
domain = "dogwhistle.zone"
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
{:ok, user} = User.block_domain(user, domain)
{:ok, activity} = CommonAPI.post(user, %{status: "hey! @#{domain_user.nickname}"})
activities = ActivityPub.fetch_activities([], %{blocking_user: user})
assert Enum.member?(activities, activity)
end
test "does return activities from followed users on blocked domains" do
domain = "meanies.social"
domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"})
@ -1369,6 +1504,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
reporter_ap_id = reporter.ap_id
target_ap_id = target_account.ap_id
activity_ap_id = activity.data["id"]
object_ap_id = activity.object.data["id"]
activity_with_object = Activity.get_by_ap_id_with_object(activity_ap_id)
@ -1380,6 +1516,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
reported_activity: activity,
content: content,
activity_ap_id: activity_ap_id,
object_ap_id: object_ap_id,
activity_with_object: activity_with_object,
reporter_ap_id: reporter_ap_id,
target_ap_id: target_ap_id
@ -1393,7 +1530,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
target_account: target_account,
reported_activity: reported_activity,
content: content,
activity_ap_id: activity_ap_id,
object_ap_id: object_ap_id,
activity_with_object: activity_with_object,
reporter_ap_id: reporter_ap_id,
target_ap_id: target_ap_id
@ -1409,7 +1546,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
note_obj = %{
"type" => "Note",
"id" => activity_ap_id,
"id" => object_ap_id,
"content" => content,
"published" => activity_with_object.object.data["published"],
"actor" =>
@ -1433,6 +1570,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
context: context,
target_account: target_account,
reported_activity: reported_activity,
object_ap_id: object_ap_id,
content: content
},
Utils,
@ -1447,8 +1585,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
content: content
})
new_data =
put_in(activity.data, ["object"], [target_account.ap_id, reported_activity.data["id"]])
new_data = put_in(activity.data, ["object"], [target_account.ap_id, object_ap_id])
assert_called(Utils.maybe_federate(%{activity | data: new_data}))
end
@ -1474,7 +1611,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
})
assert Repo.aggregate(Activity, :count, :id) == 1
assert Repo.aggregate(Object, :count, :id) == 2
assert Repo.aggregate(Object, :count, :id) == 1
assert Repo.aggregate(Notification, :count, :id) == 0
end
end
@ -1527,7 +1664,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
end
describe "fetch_follow_information_for_user" do
test "syncronizes following/followers counters" do
test "synchronizes following/followers counters" do
user =
insert(:user,
local: false,
@ -1698,9 +1835,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
"target" => ^new_ap_id,
"type" => "Move"
},
local: true
local: true,
recipients: recipients
} = activity
assert old_user.follower_address in recipients
params = %{
"op" => "move_following",
"origin_id" => old_user.id,
@ -1731,6 +1871,42 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
assert {:error, "Target account must have the origin in `alsoKnownAs`"} =
ActivityPub.move(old_user, new_user)
end
test "do not move remote user following relationships" do
%{ap_id: old_ap_id} = old_user = insert(:user)
%{ap_id: new_ap_id} = new_user = insert(:user, also_known_as: [old_ap_id])
follower_remote = insert(:user, local: false)
User.follow(follower_remote, old_user)
assert User.following?(follower_remote, old_user)
assert {:ok, activity} = ActivityPub.move(old_user, new_user)
assert %Activity{
actor: ^old_ap_id,
data: %{
"actor" => ^old_ap_id,
"object" => ^old_ap_id,
"target" => ^new_ap_id,
"type" => "Move"
},
local: true
} = activity
params = %{
"op" => "move_following",
"origin_id" => old_user.id,
"target_id" => new_user.id
}
assert_enqueued(worker: Pleroma.Workers.BackgroundWorker, args: params)
Pleroma.Workers.BackgroundWorker.perform(%Oban.Job{args: params})
assert User.following?(follower_remote, old_user)
refute User.following?(follower_remote, new_user)
end
end
test "doesn't retrieve replies activities with exclude_replies" do

48
test/pleroma/web/activity_pub/builder_test.exs Normal file
View file

@ -0,0 +1,48 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.BuilderTest do
alias Pleroma.Web.ActivityPub.Builder
alias Pleroma.Web.CommonAPI.ActivityDraft
use Pleroma.DataCase
import Pleroma.Factory
describe "note/1" do
test "returns note data" do
user = insert(:user)
note = insert(:note)
user2 = insert(:user)
user3 = insert(:user)
draft = %ActivityDraft{
user: user,
to: [user2.ap_id],
context: "2hu",
content_html: "<h1>This is :moominmamma: note</h1>",
in_reply_to: note.id,
tags: [name: "jimm"],
summary: "test summary",
cc: [user3.ap_id],
extra: %{"custom_tag" => "test"}
}
expected = %{
"actor" => user.ap_id,
"attachment" => [],
"cc" => [user3.ap_id],
"content" => "<h1>This is :moominmamma: note</h1>",
"context" => "2hu",
"sensitive" => false,
"summary" => "test summary",
"tag" => ["jimm"],
"to" => [user2.ap_id],
"type" => "Note",
"custom_tag" => "test"
}
assert {:ok, ^expected, []} = Builder.note(draft)
end
end
end

2
test/pleroma/web/activity_pub/mrf/activity_expiration_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do

59
test/pleroma/web/activity_pub/mrf/anti_followbot_policy_test.exs
View file

@ -1,11 +1,12 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicyTest do
use Pleroma.DataCase, async: true
import Pleroma.Factory
alias Pleroma.User
alias Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicy
describe "blocking based on attributes" do
@ -38,21 +39,55 @@ defmodule Pleroma.Web.ActivityPub.MRF.AntiFollowbotPolicyTest do
assert {:reject, "[AntiFollowbotPolicy]" <> _} = AntiFollowbotPolicy.filter(message)
end
test "matches followbots by actor_type" do
actor = insert(:user, %{actor_type: "Service"})
target = insert(:user)
message = %{
"@context" => "https://www.w3.org/ns/activitystreams",
"type" => "Follow",
"actor" => actor.ap_id,
"object" => target.ap_id,
"id" => "https://example.com/activities/1234"
}
assert {:reject, "[AntiFollowbotPolicy]" <> _} = AntiFollowbotPolicy.filter(message)
end
end
test "it allows non-followbots" do
actor = insert(:user)
target = insert(:user)
describe "it allows" do
test "non-followbots" do
actor = insert(:user)
target = insert(:user)
message = %{
"@context" => "https://www.w3.org/ns/activitystreams",
"type" => "Follow",
"actor" => actor.ap_id,
"object" => target.ap_id,
"id" => "https://example.com/activities/1234"
}
message = %{
"@context" => "https://www.w3.org/ns/activitystreams",
"type" => "Follow",
"actor" => actor.ap_id,
"object" => target.ap_id,
"id" => "https://example.com/activities/1234"
}
{:ok, _} = AntiFollowbotPolicy.filter(message)
{:ok, _} = AntiFollowbotPolicy.filter(message)
end
test "bots if the target follows the bots" do
actor = insert(:user, %{actor_type: "Service"})
target = insert(:user)
User.follow(target, actor)
message = %{
"@context" => "https://www.w3.org/ns/activitystreams",
"type" => "Follow",
"actor" => actor.ap_id,
"object" => target.ap_id,
"id" => "https://example.com/activities/1234"
}
{:ok, _} = AntiFollowbotPolicy.filter(message)
end
end
test "it gracefully handles nil display names" do

35
test/pleroma/web/activity_pub/mrf/anti_link_spam_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicyTest do
@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicyTest do
import Pleroma.Factory
import ExUnit.CaptureLog
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicy
@linkless_message %{
@ -49,11 +50,23 @@ defmodule Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicyTest do
assert user.note_count == 0
message =
@linkful_message
|> Map.put("actor", user.ap_id)
message = %{
"type" => "Create",
"actor" => user.ap_id,
"object" => %{
"formerRepresentations" => %{
"type" => "OrderedCollection",
"orderedItems" => [
%{
"content" => "<a href='https://example.com'>hi world!</a>"
}
]
},
"content" => "mew"
}
}
{:reject, _} = AntiLinkSpamPolicy.filter(message)
{:reject, _} = MRF.filter_one(AntiLinkSpamPolicy, message)
end
test "it allows posts with links for local users" do
@ -67,6 +80,18 @@ defmodule Pleroma.Web.ActivityPub.MRF.AntiLinkSpamPolicyTest do
{:ok, _message} = AntiLinkSpamPolicy.filter(message)
end
test "it disallows posts with links in history" do
user = insert(:user, local: false)
assert user.note_count == 0
message =
@linkful_message
|> Map.put("actor", user.ap_id)
{:reject, _} = AntiLinkSpamPolicy.filter(message)
end
end
describe "with old user" do

53
test/pleroma/web/activity_pub/mrf/ensure_re_prepended_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.EnsureRePrependedTest do
@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.EnsureRePrependedTest do
alias Pleroma.Activity
alias Pleroma.Object
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.EnsureRePrepended
describe "rewrites summary" do
@ -35,10 +36,58 @@ defmodule Pleroma.Web.ActivityPub.MRF.EnsureRePrependedTest do
assert {:ok, res} = EnsureRePrepended.filter(message)
assert res["object"]["summary"] == "re: object-summary"
end
test "it adds `re:` to history" do
message = %{
"type" => "Create",
"object" => %{
"summary" => "object-summary",
"inReplyTo" => %Activity{object: %Object{data: %{"summary" => "object-summary"}}},
"formerRepresentations" => %{
"orderedItems" => [
%{
"summary" => "object-summary",
"inReplyTo" => %Activity{object: %Object{data: %{"summary" => "object-summary"}}}
}
]
}
}
}
assert {:ok, res} = MRF.filter_one(EnsureRePrepended, message)
assert res["object"]["summary"] == "re: object-summary"
assert Enum.at(res["object"]["formerRepresentations"]["orderedItems"], 0)["summary"] ==
"re: object-summary"
end
test "it accepts Updates" do
message = %{
"type" => "Update",
"object" => %{
"summary" => "object-summary",
"inReplyTo" => %Activity{object: %Object{data: %{"summary" => "object-summary"}}},
"formerRepresentations" => %{
"orderedItems" => [
%{
"summary" => "object-summary",
"inReplyTo" => %Activity{object: %Object{data: %{"summary" => "object-summary"}}}
}
]
}
}
}
assert {:ok, res} = MRF.filter_one(EnsureRePrepended, message)
assert res["object"]["summary"] == "re: object-summary"
assert Enum.at(res["object"]["formerRepresentations"]["orderedItems"], 0)["summary"] ==
"re: object-summary"
end
end
describe "skip filter" do
test "it skip if type isn't 'Create'" do
test "it skip if type isn't 'Create' or 'Update'" do
message = %{
"type" => "Annotation",
"object" => %{"summary" => "object-summary"}

2
test/pleroma/web/activity_pub/mrf/follow_bot_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.FollowBotPolicyTest do

2
test/pleroma/web/activity_pub/mrf/force_bot_unlisted_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.ForceBotUnlistedPolicyTest do

259
test/pleroma/web/activity_pub/mrf/force_mentions_in_content_test.exs Normal file
View file

@ -0,0 +1,259 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.ForceMentionsInContentTest do
use Pleroma.DataCase
require Pleroma.Constants
alias Pleroma.Constants
alias Pleroma.Object
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.ForceMentionsInContent
alias Pleroma.Web.CommonAPI
import Pleroma.Factory
test "adds mentions to post content" do
[lain, coolboymew, dielan, hakui, fence] = [
insert(:user, ap_id: "https://lain.com/users/lain", nickname: "lain@lain.com", local: false),
insert(:user,
ap_id: "https://shitposter.club/users/coolboymew",
nickname: "coolboymew@shitposter.club",
local: false
),
insert(:user,
ap_id: "https://shitposter.club/users/dielan",
nickname: "dielan@shitposter.club",
local: false
),
insert(:user,
ap_id: "https://tuusin.misono-ya.info/users/hakui",
nickname: "hakui@tuusin.misono-ya.info",
local: false
),
insert(:user,
ap_id: "https://xyzzy.link/users/fence",
nickname: "fence@xyzzy.link",
local: false
)
]
object = File.read!("test/fixtures/soapbox_no_mentions_in_content.json") |> Jason.decode!()
activity = %{
"type" => "Create",
"actor" => "https://gleasonator.com/users/alex",
"object" => object
}
{:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity)
assert filtered ==
"<p><span class=\"recipients-inline\"><span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{dielan.id}\" href=\"https://shitposter.club/users/dielan\" rel=\"ugc\">@<span>dielan</span></a></span> <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{coolboymew.id}\" href=\"https://shitposter.club/users/coolboymew\" rel=\"ugc\">@<span>coolboymew</span></a></span> <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{fence.id}\" href=\"https://xyzzy.link/users/fence\" rel=\"ugc\">@<span>fence</span></a></span> <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{hakui.id}\" href=\"https://tuusin.misono-ya.info/users/hakui\" rel=\"ugc\">@<span>hakui</span></a></span> <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{lain.id}\" href=\"https://lain.com/users/lain\" rel=\"ugc\">@<span>lain</span></a></span> </span>Haha yeah, you can control who you reply to.</p>"
end
test "the replied-to user is sorted to the left" do
[mario, luigi, wario] = [
insert(:user, nickname: "mario"),
insert(:user, nickname: "luigi"),
insert(:user, nickname: "wario")
]
{:ok, post1} = CommonAPI.post(mario, %{status: "Letsa go!"})
{:ok, post2} =
CommonAPI.post(luigi, %{status: "Oh yaah", in_reply_to_id: post1.id, to: [mario.ap_id]})
activity = %{
"type" => "Create",
"actor" => wario.ap_id,
"object" => %{
"type" => "Note",
"actor" => wario.ap_id,
"content" => "WHA-HA!",
"to" => [
mario.ap_id,
luigi.ap_id,
Constants.as_public()
],
"inReplyTo" => Object.normalize(post2).data["id"]
}
}
{:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity)
assert filtered ==
"<span class=\"recipients-inline\"><span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{luigi.id}\" href=\"#{luigi.ap_id}\" rel=\"ugc\">@<span>luigi</span></a></span> <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{mario.id}\" href=\"#{mario.ap_id}\" rel=\"ugc\">@<span>mario</span></a></span> </span>WHA-HA!"
end
test "don't mention self" do
mario = insert(:user, nickname: "mario")
{:ok, post} = CommonAPI.post(mario, %{status: "Mama mia"})
activity = %{
"type" => "Create",
"actor" => mario.ap_id,
"object" => %{
"type" => "Note",
"actor" => mario.ap_id,
"content" => "I'ma tired...",
"to" => [
mario.ap_id,
Constants.as_public()
],
"inReplyTo" => Object.normalize(post).data["id"]
}
}
{:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity)
assert filtered == "I'ma tired..."
end
test "don't mention in top-level posts" do
mario = insert(:user, nickname: "mario")
luigi = insert(:user, nickname: "luigi")
{:ok, post} = CommonAPI.post(mario, %{status: "Letsa go"})
activity = %{
"type" => "Create",
"actor" => mario.ap_id,
"object" => %{
"type" => "Note",
"actor" => mario.ap_id,
"content" => "Mama mia!",
"to" => [
luigi.ap_id,
Constants.as_public()
],
"quoteUrl" => Object.normalize(post).data["id"]
}
}
{:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity)
assert filtered == "Mama mia!"
end
test "with markdown formatting" do
mario = insert(:user, nickname: "mario")
luigi = insert(:user, nickname: "luigi")
{:ok, post} = CommonAPI.post(luigi, %{status: "Mama mia"})
activity = %{
"type" => "Create",
"actor" => mario.ap_id,
"object" => %{
"type" => "Note",
"actor" => mario.ap_id,
"content" => "<p>I'ma tired...</p>",
"to" => [
luigi.ap_id,
Constants.as_public()
],
"inReplyTo" => Object.normalize(post).data["id"]
}
}
{:ok, %{"object" => %{"content" => filtered}}} = ForceMentionsInContent.filter(activity)
assert filtered ==
"<p><span class=\"recipients-inline\"><span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{luigi.id}\" href=\"#{luigi.ap_id}\" rel=\"ugc\">@<span>luigi</span></a></span> </span>I'ma tired...</p>"
end
test "aware of history" do
mario = insert(:user, nickname: "mario")
wario = insert(:user, nickname: "wario")
{:ok, post1} = CommonAPI.post(mario, %{status: "Letsa go!"})
activity = %{
"type" => "Create",
"actor" => wario.ap_id,
"object" => %{
"type" => "Note",
"actor" => wario.ap_id,
"content" => "WHA-HA!",
"to" => [
mario.ap_id,
Constants.as_public()
],
"inReplyTo" => post1.object.data["id"],
"formerRepresentations" => %{
"orderedItems" => [
%{
"type" => "Note",
"actor" => wario.ap_id,
"content" => "WHA-HA!",
"to" => [
mario.ap_id,
Constants.as_public()
],
"inReplyTo" => post1.object.data["id"]
}
]
}
}
}
expected =
"<span class=\"recipients-inline\"><span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{mario.id}\" href=\"#{mario.ap_id}\" rel=\"ugc\">@<span>mario</span></a></span> </span>WHA-HA!"
assert {:ok,
%{
"object" => %{
"content" => ^expected,
"formerRepresentations" => %{"orderedItems" => [%{"content" => ^expected}]}
}
}} = MRF.filter_one(ForceMentionsInContent, activity)
end
test "works with Updates" do
mario = insert(:user, nickname: "mario")
wario = insert(:user, nickname: "wario")
{:ok, post1} = CommonAPI.post(mario, %{status: "Letsa go!"})
activity = %{
"type" => "Update",
"actor" => wario.ap_id,
"object" => %{
"type" => "Note",
"actor" => wario.ap_id,
"content" => "WHA-HA!",
"to" => [
mario.ap_id,
Constants.as_public()
],
"inReplyTo" => post1.object.data["id"],
"formerRepresentations" => %{
"orderedItems" => [
%{
"type" => "Note",
"actor" => wario.ap_id,
"content" => "WHA-HA!",
"to" => [
mario.ap_id,
Constants.as_public()
],
"inReplyTo" => post1.object.data["id"]
}
]
}
}
}
expected =
"<span class=\"recipients-inline\"><span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{mario.id}\" href=\"#{mario.ap_id}\" rel=\"ugc\">@<span>mario</span></a></span> </span>WHA-HA!"
assert {:ok,
%{
"object" => %{
"content" => ^expected,
"formerRepresentations" => %{"orderedItems" => [%{"content" => ^expected}]}
}
}} = MRF.filter_one(ForceMentionsInContent, activity)
end
end

72
test/pleroma/web/activity_pub/mrf/hashtag_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.HashtagPolicyTest do
@ -20,6 +20,76 @@ defmodule Pleroma.Web.ActivityPub.MRF.HashtagPolicyTest do
assert modified["object"]["sensitive"]
end
test "it is history-aware" do
activity = %{
"type" => "Create",
"object" => %{
"content" => "hey",
"tag" => []
}
}
activity_data =
activity
|> put_in(
["object", "formerRepresentations"],
%{
"type" => "OrderedCollection",
"orderedItems" => [
Map.put(
activity["object"],
"tag",
[%{"type" => "Hashtag", "name" => "#nsfw"}]
)
]
}
)
{:ok, modified} =
Pleroma.Web.ActivityPub.MRF.filter_one(
Pleroma.Web.ActivityPub.MRF.HashtagPolicy,
activity_data
)
refute modified["object"]["sensitive"]
assert Enum.at(modified["object"]["formerRepresentations"]["orderedItems"], 0)["sensitive"]
end
test "it works with Update" do
activity = %{
"type" => "Update",
"object" => %{
"content" => "hey",
"tag" => []
}
}
activity_data =
activity
|> put_in(
["object", "formerRepresentations"],
%{
"type" => "OrderedCollection",
"orderedItems" => [
Map.put(
activity["object"],
"tag",
[%{"type" => "Hashtag", "name" => "#nsfw"}]
)
]
}
)
{:ok, modified} =
Pleroma.Web.ActivityPub.MRF.filter_one(
Pleroma.Web.ActivityPub.MRF.HashtagPolicy,
activity_data
)
refute modified["object"]["sensitive"]
assert Enum.at(modified["object"]["formerRepresentations"]["orderedItems"], 0)["sensitive"]
end
test "it doesn't sets the sensitive property with irrelevant hashtags" do
user = insert(:user)

2
test/pleroma/web/activity_pub/mrf/hellthread_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.HellthreadPolicyTest do

133
test/pleroma/web/activity_pub/mrf/keyword_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.KeywordPolicyTest do
@ -79,6 +79,54 @@ defmodule Pleroma.Web.ActivityPub.MRF.KeywordPolicyTest do
KeywordPolicy.filter(message)
end)
end
test "rejects if string matches in history" do
clear_config([:mrf_keyword, :reject], ["pun"])
message = %{
"type" => "Create",
"object" => %{
"content" => "just a daily reminder that compLAINer is a good",
"summary" => "",
"formerRepresentations" => %{
"type" => "OrderedCollection",
"orderedItems" => [
%{
"content" => "just a daily reminder that compLAINer is a good pun",
"summary" => ""
}
]
}
}
}
assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} =
KeywordPolicy.filter(message)
end
test "rejects Updates" do
clear_config([:mrf_keyword, :reject], ["pun"])
message = %{
"type" => "Update",
"object" => %{
"content" => "just a daily reminder that compLAINer is a good",
"summary" => "",
"formerRepresentations" => %{
"type" => "OrderedCollection",
"orderedItems" => [
%{
"content" => "just a daily reminder that compLAINer is a good pun",
"summary" => ""
}
]
}
}
}
assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} =
KeywordPolicy.filter(message)
end
end
describe "delisting from ftl based on keywords" do
@ -157,6 +205,31 @@ defmodule Pleroma.Web.ActivityPub.MRF.KeywordPolicyTest do
not (["https://www.w3.org/ns/activitystreams#Public"] == result["to"])
end)
end
test "delists if string matches in history" do
clear_config([:mrf_keyword, :federated_timeline_removal], ["pun"])
message = %{
"to" => ["https://www.w3.org/ns/activitystreams#Public"],
"type" => "Create",
"object" => %{
"content" => "just a daily reminder that compLAINer is a good",
"summary" => "",
"formerRepresentations" => %{
"orderedItems" => [
%{
"content" => "just a daily reminder that compLAINer is a good pun",
"summary" => ""
}
]
}
}
}
{:ok, result} = KeywordPolicy.filter(message)
assert ["https://www.w3.org/ns/activitystreams#Public"] == result["cc"]
refute ["https://www.w3.org/ns/activitystreams#Public"] == result["to"]
end
end
describe "replacing keywords" do
@ -221,5 +294,63 @@ defmodule Pleroma.Web.ActivityPub.MRF.KeywordPolicyTest do
result == "ZFS is free software"
end)
end
test "replaces keyword if string matches in history" do
clear_config([:mrf_keyword, :replace], [{"opensource", "free software"}])
message = %{
"type" => "Create",
"to" => ["https://www.w3.org/ns/activitystreams#Public"],
"object" => %{
"content" => "ZFS is opensource",
"summary" => "",
"formerRepresentations" => %{
"type" => "OrderedCollection",
"orderedItems" => [
%{"content" => "ZFS is opensource mew mew", "summary" => ""}
]
}
}
}
{:ok,
%{
"object" => %{
"content" => "ZFS is free software",
"formerRepresentations" => %{
"orderedItems" => [%{"content" => "ZFS is free software mew mew"}]
}
}
}} = KeywordPolicy.filter(message)
end
test "replaces keyword in Updates" do
clear_config([:mrf_keyword, :replace], [{"opensource", "free software"}])
message = %{
"type" => "Update",
"to" => ["https://www.w3.org/ns/activitystreams#Public"],
"object" => %{
"content" => "ZFS is opensource",
"summary" => "",
"formerRepresentations" => %{
"type" => "OrderedCollection",
"orderedItems" => [
%{"content" => "ZFS is opensource mew mew", "summary" => ""}
]
}
}
}
{:ok,
%{
"object" => %{
"content" => "ZFS is free software",
"formerRepresentations" => %{
"orderedItems" => [%{"content" => "ZFS is free software mew mew"}]
}
}
}} = KeywordPolicy.filter(message)
end
end
end

46
test/pleroma/web/activity_pub/mrf/media_proxy_warming_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicyTest do
@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicyTest do
use Pleroma.Tests.Helpers
alias Pleroma.HTTP
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy
import Mock
@ -22,6 +23,25 @@ defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicyTest do
}
}
@message_with_history %{
"type" => "Create",
"object" => %{
"type" => "Note",
"content" => "content",
"formerRepresentations" => %{
"orderedItems" => [
%{
"type" => "Note",
"content" => "content",
"attachment" => [
%{"url" => [%{"href" => "http://example.com/image.jpg"}]}
]
}
]
}
}
}
setup do: clear_config([:media_proxy, :enabled], true)
test "it prefetches media proxy URIs" do
@ -50,4 +70,28 @@ defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicyTest do
refute called(HTTP.get(:_, :_, :_))
end
end
test "history-aware" do
Tesla.Mock.mock(fn %{method: :get, url: "http://example.com/image.jpg"} ->
{:ok, %Tesla.Env{status: 200, body: ""}}
end)
with_mock HTTP, get: fn _, _, _ -> {:ok, []} end do
MRF.filter_one(MediaProxyWarmingPolicy, @message_with_history)
assert called(HTTP.get(:_, :_, :_))
end
end
test "works with Updates" do
Tesla.Mock.mock(fn %{method: :get, url: "http://example.com/image.jpg"} ->
{:ok, %Tesla.Env{status: 200, body: ""}}
end)
with_mock HTTP, get: fn _, _, _ -> {:ok, []} end do
MRF.filter_one(MediaProxyWarmingPolicy, @message_with_history |> Map.put("type", "Update"))
assert called(HTTP.get(:_, :_, :_))
end
end
end

2
test/pleroma/web/activity_pub/mrf/mention_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.MentionPolicyTest do

25
test/pleroma/web/activity_pub/mrf/no_empty_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.NoEmptyPolicyTest do
@ -151,4 +151,27 @@ defmodule Pleroma.Web.ActivityPub.MRF.NoEmptyPolicyTest do
assert NoEmptyPolicy.filter(message) == {:reject, "[NoEmptyPolicy]"}
end
test "works with Update" do
message = %{
"actor" => "http://localhost:4001/users/testuser",
"cc" => ["http://localhost:4001/users/testuser/followers"],
"object" => %{
"actor" => "http://localhost:4001/users/testuser",
"attachment" => [],
"cc" => ["http://localhost:4001/users/testuser/followers"],
"source" => "",
"to" => [
"https://www.w3.org/ns/activitystreams#Public"
],
"type" => "Note"
},
"to" => [
"https://www.w3.org/ns/activitystreams#Public"
],
"type" => "Update"
}
assert NoEmptyPolicy.filter(message) == {:reject, "[NoEmptyPolicy]"}
end
end

43
test/pleroma/web/activity_pub/mrf/no_placeholder_text_policy_test.exs
View file

@ -1,9 +1,10 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.NoPlaceholderTextPolicyTest do
use Pleroma.DataCase, async: true
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.NoPlaceholderTextPolicy
test "it clears content object" do
@ -20,6 +21,46 @@ defmodule Pleroma.Web.ActivityPub.MRF.NoPlaceholderTextPolicyTest do
assert res["object"]["content"] == ""
end
test "history-aware" do
message = %{
"type" => "Create",
"object" => %{
"content" => ".",
"attachment" => "image",
"formerRepresentations" => %{
"orderedItems" => [%{"content" => ".", "attachment" => "image"}]
}
}
}
assert {:ok, res} = MRF.filter_one(NoPlaceholderTextPolicy, message)
assert %{
"content" => "",
"formerRepresentations" => %{"orderedItems" => [%{"content" => ""}]}
} = res["object"]
end
test "works with Updates" do
message = %{
"type" => "Update",
"object" => %{
"content" => ".",
"attachment" => "image",
"formerRepresentations" => %{
"orderedItems" => [%{"content" => ".", "attachment" => "image"}]
}
}
}
assert {:ok, res} = MRF.filter_one(NoPlaceholderTextPolicy, message)
assert %{
"content" => "",
"formerRepresentations" => %{"orderedItems" => [%{"content" => ""}]}
} = res["object"]
end
@messages [
%{
"type" => "Create",

61
test/pleroma/web/activity_pub/mrf/normalize_markup_test.exs
View file

@ -1,9 +1,10 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
use Pleroma.DataCase, async: true
alias Pleroma.Web.ActivityPub.MRF
alias Pleroma.Web.ActivityPub.MRF.NormalizeMarkup
@html_sample """
@ -16,24 +17,58 @@ defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
<script>alert('hacked')</script>
"""
test "it filter html tags" do
expected = """
<b>this is in bold</b>
<p>this is a paragraph</p>
this is a linebreak<br/>
this is a link with allowed &quot;rel&quot; attribute: <a href="http://example.com/" rel="tag">example.com</a>
this is a link with not allowed &quot;rel&quot; attribute: <a href="http://example.com/">example.com</a>
this is an image: <img src="http://example.com/image.jpg"/><br/>
alert(&#39;hacked&#39;)
"""
@expected """
<b>this is in bold</b>
<p>this is a paragraph</p>
this is a linebreak<br/>
this is a link with allowed &quot;rel&quot; attribute: <a href="http://example.com/" rel="tag">example.com</a>
this is a link with not allowed &quot;rel&quot; attribute: <a href="http://example.com/">example.com</a>
this is an image: <img src="http://example.com/image.jpg"/><br/>
alert(&#39;hacked&#39;)
"""
test "it filter html tags" do
message = %{"type" => "Create", "object" => %{"content" => @html_sample}}
assert {:ok, res} = NormalizeMarkup.filter(message)
assert res["object"]["content"] == expected
assert res["object"]["content"] == @expected
end
test "it skips filter if type isn't `Create`" do
test "history-aware" do
message = %{
"type" => "Create",
"object" => %{
"content" => @html_sample,
"formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
}
}
assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
assert %{
"content" => @expected,
"formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
} = res["object"]
end
test "works with Updates" do
message = %{
"type" => "Update",
"object" => %{
"content" => @html_sample,
"formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
}
}
assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
assert %{
"content" => @expected,
"formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
} = res["object"]
end
test "it skips filter if type isn't `Create` or `Update`" do
message = %{"type" => "Note", "object" => %{}}
assert {:ok, res} = NormalizeMarkup.filter(message)

2
test/pleroma/web/activity_pub/mrf/object_age_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do

2
test/pleroma/web/activity_pub/mrf/reject_non_public_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.RejectNonPublicTest do

93
test/pleroma/web/activity_pub/mrf/simple_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
@ -33,7 +33,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "has a matching host" do
clear_config([:mrf_simple, :media_removal], ["remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}])
media_message = build_media_message()
local_message = build_local_message()
@ -46,7 +46,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :media_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :media_removal], [{"*.remote.instance", "Whatever reason"}])
media_message = build_media_message()
local_message = build_local_message()
@ -57,6 +57,16 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
assert SimplePolicy.filter(local_message) == {:ok, local_message}
end
test "works with Updates" do
clear_config([:mrf_simple, :media_removal], [{"remote.instance", "Some reason"}])
media_message = build_media_message(type: "Update")
assert SimplePolicy.filter(media_message) ==
{:ok,
media_message
|> Map.put("object", Map.delete(media_message["object"], "attachment"))}
end
end
describe "when :media_nsfw" do
@ -70,7 +80,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "has a matching host" do
clear_config([:mrf_simple, :media_nsfw], ["remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}])
media_message = build_media_message()
local_message = build_local_message()
@ -81,7 +91,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :media_nsfw], ["*.remote.instance"])
clear_config([:mrf_simple, :media_nsfw], [{"*.remote.instance", "yeah yeah"}])
media_message = build_media_message()
local_message = build_local_message()
@ -90,12 +100,20 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
assert SimplePolicy.filter(local_message) == {:ok, local_message}
end
test "works with Updates" do
clear_config([:mrf_simple, :media_nsfw], [{"remote.instance", "Whetever"}])
media_message = build_media_message(type: "Update")
assert SimplePolicy.filter(media_message) ==
{:ok, put_in(media_message, ["object", "sensitive"], true)}
end
end
defp build_media_message do
defp build_media_message(opts \\ []) do
%{
"actor" => "https://remote.instance/users/bob",
"type" => "Create",
"type" => opts[:type] || "Create",
"object" => %{
"attachment" => [%{}],
"tag" => ["foo"],
@ -115,7 +133,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "has a matching host" do
clear_config([:mrf_simple, :report_removal], ["remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"remote.instance", "muh"}])
report_message = build_report_message()
local_message = build_local_message()
@ -124,7 +142,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :report_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :report_removal], [{"*.remote.instance", "suya"}])
report_message = build_report_message()
local_message = build_local_message()
@ -159,7 +177,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [{ftl_message_actor_host, "uwu"}])
local_message = build_local_message()
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@ -180,7 +198,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :federated_timeline_removal], ["*." <> ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{"*." <> ftl_message_actor_host, "owo"}
])
local_message = build_local_message()
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
@ -203,7 +224,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
ftl_message = Map.put(ftl_message, "cc", [])
clear_config([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host])
clear_config([:mrf_simple, :federated_timeline_removal], [
{ftl_message_actor_host, "spiderwaifu goes 88w88"}
])
assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message)
refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"]
@ -232,7 +255,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "activity has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
remote_message = build_remote_message()
@ -240,7 +263,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :reject], ["*.remote.instance"])
clear_config([:mrf_simple, :reject], [{"*.remote.instance", ""}])
remote_message = build_remote_message()
@ -248,7 +271,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "actor has a matching host" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
remote_user = build_remote_user()
@ -256,7 +279,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "reject Announce when object would be rejected" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
announce = %{
"type" => "Announce",
@ -268,7 +291,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "reject by URI object" do
clear_config([:mrf_simple, :reject], ["blocked.tld"])
clear_config([:mrf_simple, :reject], [{"blocked.tld", ""}])
announce = %{
"type" => "Announce",
@ -322,7 +345,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|> URI.parse()
|> Map.fetch!(:host)
clear_config([:mrf_simple, :followers_only], [actor_domain])
clear_config([:mrf_simple, :followers_only], [{actor_domain, ""}])
assert {:ok, new_activity} = SimplePolicy.filter(activity)
assert actor.follower_address in new_activity["cc"]
@ -350,7 +373,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "is not empty but activity doesn't have a matching host" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -360,7 +383,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "activity has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -370,7 +393,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "activity matches with wildcard domain" do
clear_config([:mrf_simple, :accept], ["*.remote.instance"])
clear_config([:mrf_simple, :accept], [{"*.remote.instance", ""}])
local_message = build_local_message()
remote_message = build_remote_message()
@ -380,7 +403,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "actor has a matching host" do
clear_config([:mrf_simple, :accept], ["remote.instance"])
clear_config([:mrf_simple, :accept], [{"remote.instance", ""}])
remote_user = build_remote_user()
@ -398,7 +421,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :avatar_removal], [{"non.matching.remote", ""}])
remote_user = build_remote_user()
@ -406,7 +429,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "has a matching host" do
clear_config([:mrf_simple, :avatar_removal], ["remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -415,7 +438,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :avatar_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :avatar_removal], [{"*.remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -434,7 +457,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "is not empty but it doesn't have a matching host" do
clear_config([:mrf_simple, :banner_removal], ["non.matching.remote"])
clear_config([:mrf_simple, :banner_removal], [{"non.matching.remote", ""}])
remote_user = build_remote_user()
@ -442,7 +465,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "has a matching host" do
clear_config([:mrf_simple, :banner_removal], ["remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -451,7 +474,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "match with wildcard domain" do
clear_config([:mrf_simple, :banner_removal], ["*.remote.instance"])
clear_config([:mrf_simple, :banner_removal], [{"*.remote.instance", ""}])
remote_user = build_remote_user()
{:ok, filtered} = SimplePolicy.filter(remote_user)
@ -464,7 +487,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
setup do: clear_config([:mrf_simple, :reject_deletes], [])
test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
deletion_message = build_remote_deletion_message()
@ -472,7 +495,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
deletion_message = build_remote_deletion_message()
@ -481,10 +504,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
describe "when :reject_deletes is not empty but it doesn't have a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["non.matching.remote"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"non.matching.remote", ""}])
test "it accepts deletions even from rejected servers" do
clear_config([:mrf_simple, :reject], ["remote.instance"])
clear_config([:mrf_simple, :reject], [{"remote.instance", ""}])
deletion_message = build_remote_deletion_message()
@ -492,7 +515,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
test "it accepts deletions even from non-whitelisted servers" do
clear_config([:mrf_simple, :accept], ["non.matching.remote"])
clear_config([:mrf_simple, :accept], [{"non.matching.remote", ""}])
deletion_message = build_remote_deletion_message()
@ -501,7 +524,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
describe "when :reject_deletes has a matching host" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"remote.instance", ""}])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()
@ -511,7 +534,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
end
describe "when :reject_deletes match with wildcard domain" do
setup do: clear_config([:mrf_simple, :reject_deletes], ["*.remote.instance"])
setup do: clear_config([:mrf_simple, :reject_deletes], [{"*.remote.instance", ""}])
test "it rejects the deletion" do
deletion_message = build_remote_deletion_message()

31
test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
@ -9,11 +9,6 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
alias Pleroma.Emoji
alias Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy
setup_all do
Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
end
setup do
emoji_path = [:instance, :static_dir] |> Config.get() |> Path.join("emoji/stolen")
@ -49,6 +44,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
refute "firedfox" in installed()
refute File.exists?(path)
Tesla.Mock.mock(fn %{method: :get, url: "https://example.org/emoji/firedfox.png"} ->
%Tesla.Env{status: 200, body: File.read!("test/fixtures/image.jpg")}
end)
clear_config(:mrf_steal_emoji, hosts: ["example.org"], size_limit: 284_468)
assert {:ok, _message} = StealEmojiPolicy.filter(message)
@ -61,7 +60,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
|> File.exists?()
end
test "reject shortcode", %{message: message} do
test "reject regex shortcode", %{message: message} do
refute "firedfox" in installed()
clear_config(:mrf_steal_emoji,
@ -75,9 +74,27 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
refute "firedfox" in installed()
end
test "reject string shortcode", %{message: message} do
refute "firedfox" in installed()
clear_config(:mrf_steal_emoji,
hosts: ["example.org"],
size_limit: 284_468,
rejected_shortcodes: ["firedfox"]
)
assert {:ok, _message} = StealEmojiPolicy.filter(message)
refute "firedfox" in installed()
end
test "reject if size is above the limit", %{message: message} do
refute "firedfox" in installed()
Tesla.Mock.mock(fn %{method: :get, url: "https://example.org/emoji/firedfox.png"} ->
%Tesla.Env{status: 200, body: File.read!("test/fixtures/image.jpg")}
end)
clear_config(:mrf_steal_emoji, hosts: ["example.org"], size_limit: 50_000)
assert {:ok, _message} = StealEmojiPolicy.filter(message)

2
test/pleroma/web/activity_pub/mrf/subchain_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.SubchainPolicyTest do

38
test/pleroma/web/activity_pub/mrf/tag_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.TagPolicyTest do
@ -99,6 +99,24 @@ defmodule Pleroma.Web.ActivityPub.MRF.TagPolicyTest do
assert TagPolicy.filter(message) == {:ok, except_message}
end
test "removes attachments in Updates" do
actor = insert(:user, tags: ["mrf_tag:media-strip"])
message = %{
"actor" => actor.ap_id,
"type" => "Update",
"object" => %{"attachment" => ["file1"]}
}
except_message = %{
"actor" => actor.ap_id,
"type" => "Update",
"object" => %{}
}
assert TagPolicy.filter(message) == {:ok, except_message}
end
end
describe "mrf_tag:media-force-nsfw" do
@ -119,5 +137,23 @@ defmodule Pleroma.Web.ActivityPub.MRF.TagPolicyTest do
assert TagPolicy.filter(message) == {:ok, except_message}
end
test "Mark as sensitive on presence of attachments in Updates" do
actor = insert(:user, tags: ["mrf_tag:media-force-nsfw"])
message = %{
"actor" => actor.ap_id,
"type" => "Update",
"object" => %{"tag" => ["test"], "attachment" => ["file1"]}
}
except_message = %{
"actor" => actor.ap_id,
"type" => "Update",
"object" => %{"tag" => ["test"], "attachment" => ["file1"], "sensitive" => true}
}
assert TagPolicy.filter(message) == {:ok, except_message}
end
end
end

2
test/pleroma/web/activity_pub/mrf/user_allow_list_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.UserAllowListPolicyTest do
use Pleroma.DataCase

2
test/pleroma/web/activity_pub/mrf/vocabulary_policy_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRF.VocabularyPolicyTest do

11
test/pleroma/web/activity_pub/mrf_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.MRFTest do
@ -63,6 +63,15 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
end
end
describe "instance_list_from_tuples/1" do
test "returns a list of instances from a list of {instance, reason} tuples" do
list = [{"some.tld", "a reason"}, {"other.tld", "another reason"}]
expected = ["some.tld", "other.tld"]
assert MRF.instance_list_from_tuples(list) == expected
end
end
describe "describe/0" do
test "it works as expected with noop policy" do
clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.NoOpPolicy])

2
test/pleroma/web/activity_pub/object_validators/accept_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidationTest do

2
test/pleroma/web/activity_pub/object_validators/announce_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidationTest do

86
test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs
View file

@ -1,10 +1,11 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidatorTest do
use Pleroma.DataCase, async: true
alias Pleroma.Web.ActivityPub.ObjectValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
alias Pleroma.Web.ActivityPub.Utils
@ -31,6 +32,89 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidatorTest
test "a basic note validates", %{note: note} do
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
end
test "a note from factory validates" do
note = insert(:note)
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note.data)
end
end
describe "Note with history" do
setup do
user = insert(:user)
{:ok, activity} = Pleroma.Web.CommonAPI.post(user, %{status: "mew mew :dinosaur:"})
{:ok, edit} = Pleroma.Web.CommonAPI.update(user, activity, %{status: "edited :blank:"})
{:ok, %{"object" => external_rep}} =
Pleroma.Web.ActivityPub.Transmogrifier.prepare_outgoing(edit.data)
%{external_rep: external_rep}
end
test "edited note", %{external_rep: external_rep} do
assert %{"formerRepresentations" => %{"orderedItems" => [%{"tag" => [_]}]}} = external_rep
{:ok, validate_res, []} = ObjectValidator.validate(external_rep, [])
assert %{"formerRepresentations" => %{"orderedItems" => [%{"emoji" => %{"dinosaur" => _}}]}} =
validate_res
end
test "edited note, badly-formed formerRepresentations", %{external_rep: external_rep} do
external_rep = Map.put(external_rep, "formerRepresentations", %{})
assert {:error, _} = ObjectValidator.validate(external_rep, [])
end
test "edited note, badly-formed history item", %{external_rep: external_rep} do
history_item =
Enum.at(external_rep["formerRepresentations"]["orderedItems"], 0)
|> Map.put("type", "Foo")
external_rep =
put_in(
external_rep,
["formerRepresentations", "orderedItems"],
[history_item]
)
assert {:error, _} = ObjectValidator.validate(external_rep, [])
end
end
test "a Note from Roadhouse validates" do
insert(:user, ap_id: "https://macgirvin.com/channel/mike")
%{"object" => note} =
"test/fixtures/roadhouse-create-activity.json"
|> File.read!()
|> Jason.decode!()
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
end
test "a note with an attachment should work", _ do
insert(:user, %{ap_id: "https://owncast.localhost.localdomain/federation/user/streamer"})
note =
"test/fixtures/owncast-note-with-attachment.json"
|> File.read!()
|> Jason.decode!()
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
end
test "a Note without replies/first/items validates" do
insert(:user, ap_id: "https://mastodon.social/users/emelie")
note =
"test/fixtures/tesla_mock/status.emelie.json"
|> File.read!()
|> Jason.decode!()
|> pop_in(["replies", "first", "items"])
|> elem(1)
%{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
end
test "a Note without replies/first/items validates" do

47
test/pleroma/web/activity_pub/object_validators/attachment_validator_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidatorTest do
@ -11,6 +11,19 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidatorTest do
import Pleroma.Factory
describe "attachments" do
test "fails without url" do
attachment = %{
"mediaType" => "",
"name" => "",
"summary" => "298p3RG7j27tfsZ9RQ.jpg",
"type" => "Document"
}
assert {:error, _cng} =
AttachmentValidator.cast_and_validate(attachment)
|> Ecto.Changeset.apply_action(:insert)
end
test "works with honkerific attachments" do
attachment = %{
"mediaType" => "",
@ -145,5 +158,37 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidatorTest do
assert attachment.mediaType == "image/jpeg"
end
test "it transforms image dimentions to our internal format" do
attachment = %{
"type" => "Document",
"name" => "Hello world",
"url" => "https://media.example.tld/1.jpg",
"width" => 880,
"height" => 960,
"mediaType" => "image/jpeg",
"blurhash" => "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of"
}
expected = %AttachmentValidator{
type: "Document",
name: "Hello world",
mediaType: "image/jpeg",
blurhash: "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of",
url: [
%AttachmentValidator.UrlObjectValidator{
type: "Link",
mediaType: "image/jpeg",
href: "https://media.example.tld/1.jpg",
width: 880,
height: 960
}
]
}
{:ok, ^expected} =
AttachmentValidator.cast_and_validate(attachment)
|> Ecto.Changeset.apply_action(:insert)
end
end
end

2
test/pleroma/web/activity_pub/object_validators/block_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.BlockValidationTest do

4
test/pleroma/web/activity_pub/object_validators/chat_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.ChatValidationTest do
@ -68,7 +68,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.ChatValidationTest do
test "validates for a basic object we build", %{valid_chat_message: valid_chat_message} do
assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
assert Map.put(valid_chat_message, "attachment", nil) == object
assert valid_chat_message == object
assert match?(%{"firefox" => _}, object["emoji"])
end

62
test/pleroma/web/activity_pub/object_validators/create_generic_validator_test.exs Normal file
View file

@ -0,0 +1,62 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidatorTest do
use Pleroma.DataCase, async: true
alias Pleroma.Web.ActivityPub.ObjectValidator
alias Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidator
alias Pleroma.Web.ActivityPub.Utils
import Pleroma.Factory
test "a Create/Note from Roadhouse validates" do
insert(:user, ap_id: "https://macgirvin.com/channel/mike")
note_activity =
"test/fixtures/roadhouse-create-activity.json"
|> File.read!()
|> Jason.decode!()
# Build metadata
{:ok, object_data} = ObjectValidator.cast_and_apply(note_activity["object"])
meta = [object_data: ObjectValidator.stringify_keys(object_data)]
assert %{valid?: true} = CreateGenericValidator.cast_and_validate(note_activity, meta)
end
test "a Create/Note with mismatched context uses the Note's context" do
user = insert(:user)
note = %{
"id" => Utils.generate_object_id(),
"type" => "Note",
"actor" => user.ap_id,
"to" => [user.follower_address],
"cc" => [],
"content" => "Hello world",
"context" => Utils.generate_context_id()
}
note_activity = %{
"id" => Utils.generate_activity_id(),
"type" => "Create",
"actor" => note["actor"],
"to" => note["to"],
"cc" => note["cc"],
"object" => note,
"published" => DateTime.utc_now() |> DateTime.to_iso8601(),
"context" => Utils.generate_context_id()
}
# Build metadata
{:ok, object_data} = ObjectValidator.cast_and_apply(note_activity["object"])
meta = [object_data: ObjectValidator.stringify_keys(object_data)]
validated = CreateGenericValidator.cast_and_validate(note_activity, meta)
assert validated.valid?
assert {:context, note["context"]} in validated.changes
end
end

19
test/pleroma/web/activity_pub/object_validators/delete_validation_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidationTest do
use Pleroma.DataCase, async: true
use Pleroma.DataCase, async: false
alias Pleroma.Object
alias Pleroma.Web.ActivityPub.Builder
@ -90,17 +90,26 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidationTest do
assert {:actor, {"is not allowed to modify object", []}} in cng.errors
end
test "it's valid if the actor of the object is a local superuser",
test "it's only valid if the actor of the object is a privileged local user",
%{valid_post_delete: valid_post_delete} do
clear_config([:instance, :moderator_privileges], [:messages_delete])
user =
insert(:user, local: true, is_moderator: true, ap_id: "https://gensokyo.2hu/users/raymoo")
valid_other_actor =
post_delete_with_moderator_actor =
valid_post_delete
|> Map.put("actor", user.ap_id)
{:ok, _, meta} = ObjectValidator.validate(valid_other_actor, [])
{:ok, _, meta} = ObjectValidator.validate(post_delete_with_moderator_actor, [])
assert meta[:do_not_federate]
clear_config([:instance, :moderator_privileges], [])
{:error, cng} = ObjectValidator.validate(post_delete_with_moderator_actor, [])
assert {:actor, {"is not allowed to modify object", []}} in cng.errors
end
end
end

2
test/pleroma/web/activity_pub/object_validators/emoji_react_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.EmojiReactHandlingTest do

2
test/pleroma/web/activity_pub/object_validators/follow_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.FollowValidationTest do

2
test/pleroma/web/activity_pub/object_validators/like_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.LikeValidationTest do

2
test/pleroma/web/activity_pub/object_validators/reject_validation_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.RejectValidationTest do

2
test/pleroma/web/activity_pub/object_validators/undo_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.UndoHandlingTest do

128
test/pleroma/web/activity_pub/object_validators/update_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectValidators.UpdateHandlingTest do
@ -32,7 +32,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.UpdateHandlingTest do
test "returns an error if the object can't be updated by the actor", %{
valid_update: valid_update
} do
other_user = insert(:user)
other_user = insert(:user, local: false)
update =
valid_update
@ -40,5 +40,129 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.UpdateHandlingTest do
assert {:error, _cng} = ObjectValidator.validate(update, [])
end
test "validates as long as the object is same-origin with the actor", %{
valid_update: valid_update
} do
other_user = insert(:user)
update =
valid_update
|> Map.put("actor", other_user.ap_id)
assert {:ok, _update, []} = ObjectValidator.validate(update, [])
end
test "validates if the object is not of an Actor type" do
note = insert(:note)
updated_note = note.data |> Map.put("content", "edited content")
other_user = insert(:user)
{:ok, update, _} = Builder.update(other_user, updated_note)
assert {:ok, _update, _} = ObjectValidator.validate(update, [])
end
end
describe "update note" do
test "converts object into Pleroma's format" do
mastodon_tags = [
%{
"icon" => %{
"mediaType" => "image/png",
"type" => "Image",
"url" => "https://somewhere.org/emoji/url/1.png"
},
"id" => "https://somewhere.org/emoji/1",
"name" => ":some_emoji:",
"type" => "Emoji",
"updated" => "2021-04-07T11:00:00Z"
}
]
user = insert(:user)
note = insert(:note, user: user)
updated_note =
note.data
|> Map.put("content", "edited content")
|> Map.put("tag", mastodon_tags)
{:ok, update, _} = Builder.update(user, updated_note)
assert {:ok, _update, meta} = ObjectValidator.validate(update, [])
assert %{"emoji" => %{"some_emoji" => "https://somewhere.org/emoji/url/1.png"}} =
meta[:object_data]
end
test "returns no object_data in meta for a local Update" do
user = insert(:user)
note = insert(:note, user: user)
updated_note =
note.data
|> Map.put("content", "edited content")
{:ok, update, _} = Builder.update(user, updated_note)
assert {:ok, _update, meta} = ObjectValidator.validate(update, local: true)
assert is_nil(meta[:object_data])
end
test "returns object_data in meta for a remote Update" do
user = insert(:user)
note = insert(:note, user: user)
updated_note =
note.data
|> Map.put("content", "edited content")
{:ok, update, _} = Builder.update(user, updated_note)
assert {:ok, _update, meta} = ObjectValidator.validate(update, local: false)
assert meta[:object_data]
assert {:ok, _update, meta} = ObjectValidator.validate(update, [])
assert meta[:object_data]
end
end
describe "update with history" do
setup do
user = insert(:user)
{:ok, activity} = Pleroma.Web.CommonAPI.post(user, %{status: "mew mew :dinosaur:"})
{:ok, edit} = Pleroma.Web.CommonAPI.update(user, activity, %{status: "edited :blank:"})
{:ok, external_rep} = Pleroma.Web.ActivityPub.Transmogrifier.prepare_outgoing(edit.data)
%{external_rep: external_rep}
end
test "edited note", %{external_rep: external_rep} do
{:ok, _validate_res, meta} = ObjectValidator.validate(external_rep, [])
assert %{"formerRepresentations" => %{"orderedItems" => [%{"emoji" => %{"dinosaur" => _}}]}} =
meta[:object_data]
end
test "edited note, badly-formed formerRepresentations", %{external_rep: external_rep} do
external_rep = put_in(external_rep, ["object", "formerRepresentations"], %{})
assert {:error, _} = ObjectValidator.validate(external_rep, [])
end
test "edited note, badly-formed history item", %{external_rep: external_rep} do
history_item =
Enum.at(external_rep["object"]["formerRepresentations"]["orderedItems"], 0)
|> Map.put("type", "Foo")
external_rep =
put_in(
external_rep,
["object", "formerRepresentations", "orderedItems"],
[history_item]
)
assert {:error, _} = ObjectValidator.validate(external_rep, [])
end
end
end

2
test/pleroma/web/activity_pub/pipeline_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.PipelineTest do

76
test/pleroma/web/activity_pub/publisher_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.PublisherTest do
@ -267,6 +267,80 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
end
describe "publish/2" do
test_with_mock "doesn't publish a non-public activity to quarantined instances.",
Pleroma.Web.Federator.Publisher,
[:passthrough],
[] do
Config.put([:instance, :quarantined_instances], [{"domain.com", "some reason"}])
follower =
insert(:user, %{
local: false,
inbox: "https://domain.com/users/nick1/inbox",
ap_enabled: true
})
actor = insert(:user, follower_address: follower.ap_id)
{:ok, follower, actor} = Pleroma.User.follow(follower, actor)
actor = refresh_record(actor)
note_activity =
insert(:followers_only_note_activity,
user: actor,
recipients: [follower.ap_id]
)
res = Publisher.publish(actor, note_activity)
assert res == :ok
assert not called(
Pleroma.Web.Federator.Publisher.enqueue_one(Publisher, %{
inbox: "https://domain.com/users/nick1/inbox",
actor_id: actor.id,
id: note_activity.data["id"]
})
)
end
test_with_mock "Publishes a non-public activity to non-quarantined instances.",
Pleroma.Web.Federator.Publisher,
[:passthrough],
[] do
Config.put([:instance, :quarantined_instances], [{"somedomain.com", "some reason"}])
follower =
insert(:user, %{
local: false,
inbox: "https://domain.com/users/nick1/inbox",
ap_enabled: true
})
actor = insert(:user, follower_address: follower.ap_id)
{:ok, follower, actor} = Pleroma.User.follow(follower, actor)
actor = refresh_record(actor)
note_activity =
insert(:followers_only_note_activity,
user: actor,
recipients: [follower.ap_id]
)
res = Publisher.publish(actor, note_activity)
assert res == :ok
assert called(
Pleroma.Web.Federator.Publisher.enqueue_one(Publisher, %{
inbox: "https://domain.com/users/nick1/inbox",
actor_id: actor.id,
id: note_activity.data["id"]
})
)
end
test_with_mock "publishes an activity with BCC to all relevant peers.",
Pleroma.Web.Federator.Publisher,
[:passthrough],

2
test/pleroma/web/activity_pub/relay_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.RelayTest do

2
test/pleroma/web/activity_pub/side_effects/delete_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.SideEffects.DeleteTest do

407
test/pleroma/web/activity_pub/side_effects_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
@ -88,6 +88,16 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
assert User.blocks?(user, blocked)
end
test "it updates following relationship", %{user: user, blocked: blocked, block: block} do
{:ok, _, _} = SideEffects.handle(block)
refute Pleroma.FollowingRelationship.get(user, blocked)
assert User.get_follow_state(user, blocked) == nil
assert User.get_follow_state(blocked, user) == nil
assert User.get_follow_state(user, blocked, nil) == nil
assert User.get_follow_state(blocked, user, nil) == nil
end
test "it blocks but does not unfollow if the relevant setting is set", %{
user: user,
blocked: blocked,
@ -108,7 +118,10 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
describe "update users" do
setup do
user = insert(:user, local: false)
{:ok, update_data, []} = Builder.update(user, %{"id" => user.ap_id, "name" => "new name!"})
{:ok, update_data, []} =
Builder.update(user, %{"id" => user.ap_id, "type" => "Person", "name" => "new name!"})
{:ok, update, _meta} = ActivityPub.persist(update_data, local: true)
%{user: user, update_data: update_data, update: update}
@ -130,6 +143,298 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
end
end
describe "update notes" do
setup do
make_time = fn ->
Pleroma.Web.ActivityPub.Utils.make_date()
end
user = insert(:user)
note = insert(:note, user: user, data: %{"published" => make_time.()})
_note_activity = insert(:note_activity, note: note)
updated_note =
note.data
|> Map.put("summary", "edited summary")
|> Map.put("content", "edited content")
|> Map.put("updated", make_time.())
{:ok, update_data, []} = Builder.update(user, updated_note)
{:ok, update, _meta} = ActivityPub.persist(update_data, local: true)
%{
user: user,
note: note,
object_id: note.id,
update_data: update_data,
update: update,
updated_note: updated_note
}
end
test "it updates the note", %{
object_id: object_id,
update: update,
updated_note: updated_note
} do
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
updated_time = updated_note["updated"]
new_note = Pleroma.Object.get_by_id(object_id)
assert %{
"summary" => "edited summary",
"content" => "edited content",
"updated" => ^updated_time
} = new_note.data
end
test "it rejects updates with no updated attribute in object", %{
object_id: object_id,
update: update,
updated_note: updated_note
} do
old_note = Pleroma.Object.get_by_id(object_id)
updated_note = Map.drop(updated_note, ["updated"])
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
new_note = Pleroma.Object.get_by_id(object_id)
assert old_note.data == new_note.data
end
test "it rejects updates with updated attribute older than what we have in the original object",
%{
object_id: object_id,
update: update,
updated_note: updated_note
} do
old_note = Pleroma.Object.get_by_id(object_id)
{:ok, creation_time, _} = DateTime.from_iso8601(old_note.data["published"])
updated_note =
Map.put(updated_note, "updated", DateTime.to_iso8601(DateTime.add(creation_time, -10)))
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
new_note = Pleroma.Object.get_by_id(object_id)
assert old_note.data == new_note.data
end
test "it rejects updates with updated attribute older than the last Update", %{
object_id: object_id,
update: update,
updated_note: updated_note
} do
old_note = Pleroma.Object.get_by_id(object_id)
{:ok, creation_time, _} = DateTime.from_iso8601(old_note.data["published"])
updated_note =
Map.put(updated_note, "updated", DateTime.to_iso8601(DateTime.add(creation_time, +10)))
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
old_note = Pleroma.Object.get_by_id(object_id)
{:ok, update_time, _} = DateTime.from_iso8601(old_note.data["updated"])
updated_note =
Map.put(updated_note, "updated", DateTime.to_iso8601(DateTime.add(update_time, -5)))
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
new_note = Pleroma.Object.get_by_id(object_id)
assert old_note.data == new_note.data
end
test "it updates using object_data", %{
object_id: object_id,
update: update,
updated_note: updated_note
} do
updated_note = Map.put(updated_note, "summary", "mew mew")
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
new_note = Pleroma.Object.get_by_id(object_id)
assert %{"summary" => "mew mew", "content" => "edited content"} = new_note.data
end
test "it records the original note in formerRepresentations", %{
note: note,
object_id: object_id,
update: update,
updated_note: updated_note
} do
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
%{data: new_note} = Pleroma.Object.get_by_id(object_id)
assert %{"summary" => "edited summary", "content" => "edited content"} = new_note
assert [Map.drop(note.data, ["id", "formerRepresentations"])] ==
new_note["formerRepresentations"]["orderedItems"]
assert new_note["formerRepresentations"]["totalItems"] == 1
end
test "it puts the original note at the front of formerRepresentations", %{
user: user,
note: note,
object_id: object_id,
update: update,
updated_note: updated_note
} do
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
%{data: first_edit} = Pleroma.Object.get_by_id(object_id)
second_updated_note =
note.data
|> Map.put("summary", "edited summary 2")
|> Map.put("content", "edited content 2")
|> Map.put(
"updated",
first_edit["updated"]
|> DateTime.from_iso8601()
|> elem(1)
|> DateTime.add(10)
|> DateTime.to_iso8601()
)
{:ok, second_update_data, []} = Builder.update(user, second_updated_note)
{:ok, update, _meta} = ActivityPub.persist(second_update_data, local: true)
{:ok, _, _} = SideEffects.handle(update, object_data: second_updated_note)
%{data: new_note} = Pleroma.Object.get_by_id(object_id)
assert %{"summary" => "edited summary 2", "content" => "edited content 2"} = new_note
original_version = Map.drop(note.data, ["id", "formerRepresentations"])
first_edit = Map.drop(first_edit, ["id", "formerRepresentations"])
assert [first_edit, original_version] ==
new_note["formerRepresentations"]["orderedItems"]
assert new_note["formerRepresentations"]["totalItems"] == 2
end
test "it does not prepend to formerRepresentations if no actual changes are made", %{
note: note,
object_id: object_id,
update: update,
updated_note: updated_note
} do
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
%{data: first_edit} = Pleroma.Object.get_by_id(object_id)
updated_note =
updated_note
|> Map.put(
"updated",
first_edit["updated"]
|> DateTime.from_iso8601()
|> elem(1)
|> DateTime.add(10)
|> DateTime.to_iso8601()
)
{:ok, _, _} = SideEffects.handle(update, object_data: updated_note)
%{data: new_note} = Pleroma.Object.get_by_id(object_id)
assert %{"summary" => "edited summary", "content" => "edited content"} = new_note
original_version = Map.drop(note.data, ["id", "formerRepresentations"])
assert [original_version] ==
new_note["formerRepresentations"]["orderedItems"]
assert new_note["formerRepresentations"]["totalItems"] == 1
end
end
describe "update questions" do
setup do
user = insert(:user)
question =
insert(:question,
user: user,
data: %{"published" => Pleroma.Web.ActivityPub.Utils.make_date()}
)
%{user: user, data: question.data, id: question.id}
end
test "allows updating choice count without generating edit history", %{
user: user,
data: data,
id: id
} do
new_choices =
data["oneOf"]
|> Enum.map(fn choice -> put_in(choice, ["replies", "totalItems"], 5) end)
updated_question =
data
|> Map.put("oneOf", new_choices)
|> Map.put("updated", Pleroma.Web.ActivityPub.Utils.make_date())
{:ok, update_data, []} = Builder.update(user, updated_question)
{:ok, update, _meta} = ActivityPub.persist(update_data, local: true)
{:ok, _, _} = SideEffects.handle(update, object_data: updated_question)
%{data: new_question} = Pleroma.Object.get_by_id(id)
assert [%{"replies" => %{"totalItems" => 5}}, %{"replies" => %{"totalItems" => 5}}] =
new_question["oneOf"]
refute Map.has_key?(new_question, "formerRepresentations")
end
test "allows updating choice count without updated field", %{
user: user,
data: data,
id: id
} do
new_choices =
data["oneOf"]
|> Enum.map(fn choice -> put_in(choice, ["replies", "totalItems"], 5) end)
updated_question =
data
|> Map.put("oneOf", new_choices)
{:ok, update_data, []} = Builder.update(user, updated_question)
{:ok, update, _meta} = ActivityPub.persist(update_data, local: true)
{:ok, _, _} = SideEffects.handle(update, object_data: updated_question)
%{data: new_question} = Pleroma.Object.get_by_id(id)
assert [%{"replies" => %{"totalItems" => 5}}, %{"replies" => %{"totalItems" => 5}}] =
new_question["oneOf"]
refute Map.has_key?(new_question, "formerRepresentations")
end
test "allows updating choice count with updated field same as the creation date", %{
user: user,
data: data,
id: id
} do
new_choices =
data["oneOf"]
|> Enum.map(fn choice -> put_in(choice, ["replies", "totalItems"], 5) end)
updated_question =
data
|> Map.put("oneOf", new_choices)
|> Map.put("updated", data["published"])
{:ok, update_data, []} = Builder.update(user, updated_question)
{:ok, update, _meta} = ActivityPub.persist(update_data, local: true)
{:ok, _, _} = SideEffects.handle(update, object_data: updated_question)
%{data: new_question} = Pleroma.Object.get_by_id(id)
assert [%{"replies" => %{"totalItems" => 5}}, %{"replies" => %{"totalItems" => 5}}] =
new_question["oneOf"]
refute Map.has_key?(new_question, "formerRepresentations")
end
end
describe "EmojiReact objects" do
setup do
poster = insert(:user)
@ -157,6 +462,30 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
end
end
describe "Question objects" do
setup do
user = insert(:user)
question = build(:question, user: user)
question_activity = build(:question_activity, question: question)
activity_data = Map.put(question_activity.data, "object", question.data["id"])
meta = [object_data: question.data, local: false]
{:ok, activity, meta} = ActivityPub.persist(activity_data, meta)
%{activity: activity, meta: meta}
end
test "enqueues the poll end", %{activity: activity, meta: meta} do
{:ok, activity, meta} = SideEffects.handle(activity, meta)
assert_enqueued(
worker: Pleroma.Workers.PollWorker,
args: %{op: "poll_end", activity_id: activity.id},
scheduled_at: NaiveDateTime.from_iso8601!(meta[:object_data]["closed"])
)
end
end
describe "delete users with confirmation pending" do
setup do
user = insert(:user, is_confirmed: false)
@ -510,12 +839,80 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
]) do
{:ok, announce, _} = SideEffects.handle(announce)
assert called(
Pleroma.Web.Streamer.stream(["user", "list", "public", "public:local"], announce)
)
assert called(Pleroma.Web.Streamer.stream(["user", "list"], announce))
assert called(Pleroma.Web.Push.send(:_))
end
end
end
describe "removing a follower" do
setup do
user = insert(:user)
followed = insert(:user)
{:ok, _, _, follow_activity} = CommonAPI.follow(user, followed)
{:ok, reject_data, []} = Builder.reject(followed, follow_activity)
{:ok, reject, _meta} = ActivityPub.persist(reject_data, local: true)
%{user: user, followed: followed, reject: reject}
end
test "", %{user: user, followed: followed, reject: reject} do
assert User.following?(user, followed)
assert Pleroma.FollowingRelationship.get(user, followed)
{:ok, _, _} = SideEffects.handle(reject)
refute User.following?(user, followed)
refute Pleroma.FollowingRelationship.get(user, followed)
assert User.get_follow_state(user, followed) == nil
assert User.get_follow_state(user, followed, nil) == nil
end
end
describe "removing a follower from remote" do
setup do
user = insert(:user)
followed = insert(:user, local: false)
# Mock a local-to-remote follow
{:ok, follow_data, []} = Builder.follow(user, followed)
follow_data =
follow_data
|> Map.put("state", "accept")
{:ok, follow, _meta} = ActivityPub.persist(follow_data, local: true)
{:ok, _, _} = SideEffects.handle(follow)
# Mock a remote-to-local accept
{:ok, accept_data, _} = Builder.accept(followed, follow)
{:ok, accept, _} = ActivityPub.persist(accept_data, local: false)
{:ok, _, _} = SideEffects.handle(accept)
# Mock a remote-to-local reject
{:ok, reject_data, []} = Builder.reject(followed, follow)
{:ok, reject, _meta} = ActivityPub.persist(reject_data, local: false)
%{user: user, followed: followed, reject: reject}
end
test "", %{user: user, followed: followed, reject: reject} do
assert User.following?(user, followed)
assert Pleroma.FollowingRelationship.get(user, followed)
{:ok, _, _} = SideEffects.handle(reject)
refute User.following?(user, followed)
refute Pleroma.FollowingRelationship.get(user, followed)
assert Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(user, followed).data["state"] ==
"reject"
assert User.get_follow_state(user, followed) == nil
assert User.get_follow_state(user, followed, nil) == nil
end
end
end

2
test/pleroma/web/activity_pub/transmogrifier/accept_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.AcceptHandlingTest do

16
test/pleroma/web/activity_pub/transmogrifier/add_remove_handling_test.exs
View file

@ -1,3 +1,7 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.AddRemoveHandlingTest do
use Oban.Testing, repo: Pleroma.Repo
use Pleroma.DataCase, async: true
@ -67,7 +71,9 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.AddRemoveHandlingTest do
"target" => "https://example.com/users/lain/collections/featured",
"type" => "Add",
"to" => [Pleroma.Constants.as_public()],
"cc" => ["https://example.com/users/lain/followers"]
"cc" => ["https://example.com/users/lain/followers"],
"bcc" => [],
"bto" => []
}
assert {:ok, activity} = Transmogrifier.handle_incoming(message)
@ -82,7 +88,9 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.AddRemoveHandlingTest do
"target" => "https://example.com/users/lain/collections/featured",
"type" => "Remove",
"to" => [Pleroma.Constants.as_public()],
"cc" => ["https://example.com/users/lain/followers"]
"cc" => ["https://example.com/users/lain/followers"],
"bcc" => [],
"bto" => []
}
assert {:ok, activity} = Transmogrifier.handle_incoming(remove)
@ -161,7 +169,9 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.AddRemoveHandlingTest do
"target" => "https://#{host}/users/#{user.nickname}/collections/featured",
"type" => "Add",
"to" => [Pleroma.Constants.as_public()],
"cc" => ["https://#{host}/users/#{user.nickname}/followers"]
"cc" => ["https://#{host}/users/#{user.nickname}/followers"],
"bcc" => [],
"bto" => []
}
assert {:ok, activity} = Transmogrifier.handle_incoming(message)

2
test/pleroma/web/activity_pub/transmogrifier/announce_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.AnnounceHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/answer_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.AnswerHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/article_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.ArticleHandlingTest do

8
test/pleroma/web/activity_pub/transmogrifier/audio_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.AudioHandlingTest do
@ -73,16 +73,12 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.AudioHandlingTest do
%{
"mediaType" => "audio/ogg",
"type" => "Link",
"name" => nil,
"blurhash" => nil,
"url" => [
%{
"href" =>
"https://channels.tests.funkwhale.audio/api/v1/listen/3901e5d8-0445-49d5-9711-e096cf32e515/?upload=42342395-0208-4fee-a38d-259a6dae0871&download=false",
"mediaType" => "audio/ogg",
"type" => "Link",
"width" => nil,
"height" => nil
"type" => "Link"
}
]
}

2
test/pleroma/web/activity_pub/transmogrifier/block_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.BlockHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/chat_message_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.ChatMessageTest do

2
test/pleroma/web/activity_pub/transmogrifier/delete_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.DeleteHandlingTest do

33
test/pleroma/web/activity_pub/transmogrifier/emoji_react_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.EmojiReactHandlingTest do
@ -37,6 +37,37 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.EmojiReactHandlingTest do
assert match?([["👌", _]], object.data["reactions"])
end
test "it works for incoming unqualified emoji reactions" do
user = insert(:user)
other_user = insert(:user, local: false)
{:ok, activity} = CommonAPI.post(user, %{status: "hello"})
# woman detective emoji, unqualified
unqualified_emoji = [0x1F575, 0x200D, 0x2640] |> List.to_string()
data =
File.read!("test/fixtures/emoji-reaction.json")
|> Jason.decode!()
|> Map.put("object", activity.data["object"])
|> Map.put("actor", other_user.ap_id)
|> Map.put("content", unqualified_emoji)
{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
assert data["actor"] == other_user.ap_id
assert data["type"] == "EmojiReact"
assert data["id"] == "http://mastodon.example.org/users/admin#reactions/2"
assert data["object"] == activity.data["object"]
# woman detective emoji, fully qualified
emoji = [0x1F575, 0xFE0F, 0x200D, 0x2640, 0xFE0F] |> List.to_string()
assert data["content"] == emoji
object = Object.get_by_ap_id(data["object"])
assert object.data["reaction_count"] == 1
assert match?([[emoji, _]], object.data["reactions"])
end
test "it reject invalid emoji reactions" do
user = insert(:user)
other_user = insert(:user, local: false)

2
test/pleroma/web/activity_pub/transmogrifier/event_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.EventHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/follow_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.FollowHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/like_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.LikeHandlingTest do

40
test/pleroma/web/activity_pub/transmogrifier/note_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.NoteHandlingTest do
@ -707,4 +707,42 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.NoteHandlingTest do
}
]
end
test "the standalone note uses its own ID when context is missing" do
insert(:user, ap_id: "https://mk.absturztau.be/users/8ozbzjs3o8")
activity =
"test/fixtures/tesla_mock/mk.absturztau.be-93e7nm8wqg-activity.json"
|> File.read!()
|> Jason.decode!()
{:ok, %Activity{} = modified} = Transmogrifier.handle_incoming(activity)
object = Object.normalize(modified, fetch: false)
assert object.data["context"] == object.data["id"]
assert modified.data["context"] == object.data["id"]
end
test "the reply note uses its parent's ID when context is missing and reply is unreachable" do
insert(:user, ap_id: "https://mk.absturztau.be/users/8ozbzjs3o8")
activity =
"test/fixtures/tesla_mock/mk.absturztau.be-93e7nm8wqg-activity.json"
|> File.read!()
|> Jason.decode!()
object =
activity["object"]
|> Map.put("inReplyTo", "https://404.site/object/went-to-buy-milk")
activity =
activity
|> Map.put("object", object)
{:ok, %Activity{} = modified} = Transmogrifier.handle_incoming(activity)
object = Object.normalize(modified, fetch: false)
assert object.data["context"] == object.data["inReplyTo"]
assert modified.data["context"] == object.data["inReplyTo"]
end
end

2
test/pleroma/web/activity_pub/transmogrifier/page_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.PageHandlingTest do

5
test/pleroma/web/activity_pub/transmogrifier/question_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.QuestionHandlingTest do
@ -33,8 +33,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.QuestionHandlingTest do
assert object.data["context"] ==
"tag:mastodon.sdf.org,2019-05-10:objectId=15095122:objectType=Conversation"
assert object.data["context_id"]
assert object.data["anyOf"] == []
assert Enum.sort(object.data["oneOf"]) ==
@ -68,7 +66,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.QuestionHandlingTest do
reply_object = Object.normalize(reply_activity, fetch: false)
assert reply_object.data["context"] == object.data["context"]
assert reply_object.data["context_id"] == object.data["context_id"]
end
test "Mastodon Question activity with HTML tags in plaintext" do

2
test/pleroma/web/activity_pub/transmogrifier/reject_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.RejectHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/undo_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.UndoHandlingTest do

2
test/pleroma/web/activity_pub/transmogrifier/user_update_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.UserUpdateHandlingTest do

17
test/pleroma/web/activity_pub/transmogrifier/video_handling_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do
@ -53,16 +53,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do
%{
"type" => "Link",
"mediaType" => "video/mp4",
"name" => nil,
"blurhash" => nil,
"url" => [
%{
"href" =>
"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
"mediaType" => "video/mp4",
"type" => "Link",
"width" => nil,
"height" => nil
"width" => 480
}
]
}
@ -78,16 +75,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do
%{
"type" => "Link",
"mediaType" => "video/mp4",
"name" => nil,
"blurhash" => nil,
"url" => [
%{
"href" =>
"https://framatube.org/static/webseed/6050732a-8a7a-43d4-a6cd-809525a1d206-1080.mp4",
"mediaType" => "video/mp4",
"type" => "Link",
"width" => nil,
"height" => nil
"height" => 1080
}
]
}
@ -110,16 +104,13 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do
%{
"type" => "Link",
"mediaType" => "video/mp4",
"name" => nil,
"blurhash" => nil,
"url" => [
%{
"href" =>
"https://peertube.stream/static/streaming-playlists/hls/abece3c3-b9c6-47f4-8040-f3eed8c602e6/abece3c3-b9c6-47f4-8040-f3eed8c602e6-1080-fragmented.mp4",
"mediaType" => "video/mp4",
"type" => "Link",
"width" => nil,
"height" => nil
"height" => 1080
}
]
}

123
test/pleroma/web/activity_pub/transmogrifier_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
@ -61,7 +61,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
note_obj = %{
"type" => "Note",
"id" => activity.data["id"],
"id" => activity.object.data["id"],
"content" => "test post",
"published" => object.data["published"],
"actor" => AccountView.render("show.json", %{user: user, skip_visibility_check: true})
@ -107,6 +107,22 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
assert activity.data["target"] == new_user.ap_id
assert activity.data["type"] == "Move"
end
test "it fixes both the Create and object contexts in a reply" do
insert(:user, ap_id: "https://mk.absturztau.be/users/8ozbzjs3o8")
insert(:user, ap_id: "https://p.helene.moe/users/helene")
create_activity =
"test/fixtures/create-pleroma-reply-to-misskey-thread.json"
|> File.read!()
|> Jason.decode!()
assert {:ok, %Activity{} = activity} = Transmogrifier.handle_incoming(create_activity)
object = Object.normalize(activity, fetch: false)
assert activity.data["context"] == object.data["context"]
end
end
describe "prepare outgoing" do
@ -216,7 +232,6 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
assert is_nil(modified["object"]["like_count"])
assert is_nil(modified["object"]["announcements"])
assert is_nil(modified["object"]["announcement_count"])
assert is_nil(modified["object"]["context_id"])
assert is_nil(modified["object"]["generator"])
end
@ -231,7 +246,6 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
assert is_nil(modified["object"]["like_count"])
assert is_nil(modified["object"]["announcements"])
assert is_nil(modified["object"]["announcement_count"])
assert is_nil(modified["object"]["context_id"])
assert is_nil(modified["object"]["likes"])
end
@ -301,6 +315,28 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
assert url == "http://localhost:4001/emoji/dino%20walking.gif"
end
test "Updates of Notes are handled" do
user = insert(:user)
{:ok, activity} = CommonAPI.post(user, %{status: "everybody do the dinosaur :dinosaur:"})
{:ok, update} = CommonAPI.update(user, activity, %{status: "mew mew :blank:"})
{:ok, prepared} = Transmogrifier.prepare_outgoing(update.data)
assert %{
"content" => "mew mew :blank:",
"tag" => [%{"name" => ":blank:", "type" => "Emoji"}],
"formerRepresentations" => %{
"orderedItems" => [
%{
"content" => "everybody do the dinosaur :dinosaur:",
"tag" => [%{"name" => ":dinosaur:", "type" => "Emoji"}]
}
]
}
} = prepared["object"]
end
end
describe "user upgrade" do
@ -524,4 +560,83 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
)
end
end
describe "fix_attachments/1" do
test "puts dimensions into attachment url field" do
object = %{
"attachment" => [
%{
"type" => "Document",
"name" => "Hello world",
"url" => "https://media.example.tld/1.jpg",
"width" => 880,
"height" => 960,
"mediaType" => "image/jpeg",
"blurhash" => "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of"
}
]
}
expected = %{
"attachment" => [
%{
"type" => "Document",
"name" => "Hello world",
"url" => [
%{
"type" => "Link",
"mediaType" => "image/jpeg",
"href" => "https://media.example.tld/1.jpg",
"width" => 880,
"height" => 960
}
],
"mediaType" => "image/jpeg",
"blurhash" => "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of"
}
]
}
assert Transmogrifier.fix_attachments(object) == expected
end
end
describe "prepare_object/1" do
test "it processes history" do
original = %{
"formerRepresentations" => %{
"orderedItems" => [
%{
"generator" => %{},
"emoji" => %{"blobcat" => "http://localhost:4001/emoji/blobcat.png"}
}
]
}
}
processed = Transmogrifier.prepare_object(original)
history_item = Enum.at(processed["formerRepresentations"]["orderedItems"], 0)
refute Map.has_key?(history_item, "generator")
assert [%{"name" => ":blobcat:"}] = history_item["tag"]
end
test "it works when there is no or bad history" do
original = %{
"formerRepresentations" => %{
"items" => [
%{
"generator" => %{},
"emoji" => %{"blobcat" => "http://localhost:4001/emoji/blobcat.png"}
}
]
}
}
processed = Transmogrifier.prepare_object(original)
assert processed["formerRepresentations"] == original["formerRepresentations"]
end
end
end

67
test/pleroma/web/activity_pub/utils_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.UtilsTest do
@ -213,6 +213,20 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
assert refresh_record(follow_activity).data["state"] == "accept"
assert refresh_record(follow_activity_two).data["state"] == "accept"
end
test "also updates the state of accepted follows" do
user = insert(:user)
follower = insert(:user)
{:ok, _, _, follow_activity} = CommonAPI.follow(follower, user)
{:ok, _, _, follow_activity_two} = CommonAPI.follow(follower, user)
{:ok, follow_activity_two} =
Utils.update_follow_state_for_all(follow_activity_two, "reject")
assert refresh_record(follow_activity).data["state"] == "reject"
assert refresh_record(follow_activity_two).data["state"] == "reject"
end
end
describe "update_follow_state/2" do
@ -415,7 +429,6 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
object = Object.normalize(note_activity, fetch: false)
res = Utils.lazy_put_activity_defaults(%{"context" => object.data["id"]})
assert res["context"] == object.data["id"]
assert res["context_id"] == object.id
assert res["id"]
assert res["published"]
end
@ -423,7 +436,6 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
test "returns map with fake id and published data" do
assert %{
"context" => "pleroma:fakecontext",
"context_id" => -1,
"id" => "pleroma:fakeid",
"published" => _
} = Utils.lazy_put_activity_defaults(%{}, true)
@ -440,13 +452,11 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
})
assert res["context"] == object.data["id"]
assert res["context_id"] == object.id
assert res["id"]
assert res["published"]
assert res["object"]["id"]
assert res["object"]["published"]
assert res["object"]["context"] == object.data["id"]
assert res["object"]["context_id"] == object.id
end
end
@ -463,7 +473,7 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
content = "foobar"
target_ap_id = target_account.ap_id
activity_ap_id = activity.data["id"]
object_ap_id = activity.object.data["id"]
res =
Utils.make_flag_data(
@ -479,7 +489,7 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
note_obj = %{
"type" => "Note",
"id" => activity_ap_id,
"id" => object_ap_id,
"content" => content,
"published" => activity.object.data["published"],
"actor" =>
@ -494,6 +504,49 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
"state" => "open"
} = res
end
test "returns map with Flag object with a non-Create Activity" do
reporter = insert(:user)
posting_account = insert(:user)
target_account = insert(:user)
{:ok, activity} = CommonAPI.post(posting_account, %{status: "foobar"})
{:ok, like} = CommonAPI.favorite(target_account, activity.id)
context = Utils.generate_context_id()
content = "foobar"
target_ap_id = target_account.ap_id
object_ap_id = activity.object.data["id"]
res =
Utils.make_flag_data(
%{
actor: reporter,
context: context,
account: target_account,
statuses: [%{"id" => like.data["id"]}],
content: content
},
%{}
)
note_obj = %{
"type" => "Note",
"id" => object_ap_id,
"content" => content,
"published" => activity.object.data["published"],
"actor" =>
AccountView.render("show.json", %{user: posting_account, skip_visibility_check: true})
}
assert %{
"type" => "Flag",
"content" => ^content,
"context" => ^context,
"object" => [^target_ap_id, ^note_obj],
"state" => "open"
} = res
end
end
describe "add_announce_to_object/2" do

16
test/pleroma/web/activity_pub/views/object_view_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.ObjectViewTest do
@ -81,4 +81,18 @@ defmodule Pleroma.Web.ActivityPub.ObjectViewTest do
assert result["object"] == object.data["id"]
assert result["type"] == "Announce"
end
test "renders an undo announce activity" do
note = insert(:note_activity)
user = insert(:user)
{:ok, announce} = CommonAPI.repeat(note.id, user)
{:ok, undo} = CommonAPI.unrepeat(note.id, user)
result = ObjectView.render("object.json", %{object: undo})
assert result["id"] == undo.data["id"]
assert result["object"] == announce.data["id"]
assert result["type"] == "Undo"
end
end

9
test/pleroma/web/activity_pub/views/user_view_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.UserViewTest do
@ -12,7 +12,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
test "Renders a user, including the public key" do
user = insert(:user)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})
@ -55,7 +54,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
test "Does not add an avatar image if the user hasn't set one" do
user = insert(:user)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})
refute result["icon"]
@ -67,8 +65,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
banner: %{"url" => [%{"href" => "https://somebanner"}]}
)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})
assert result["icon"]["url"] == "https://someurl"
assert result["image"]["url"] == "https://somebanner"
@ -89,7 +85,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
describe "endpoints" do
test "local users have a usable endpoints structure" do
user = insert(:user)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})
@ -105,7 +100,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
test "remote users have an empty endpoints structure" do
user = insert(:user, local: false)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})
@ -115,7 +109,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do
test "instance users do not expose oAuth endpoints" do
user = insert(:user, nickname: nil, local: true)
{:ok, user} = User.ensure_keys_present(user)
result = UserView.render("user.json", %{user: user})

2
test/pleroma/web/activity_pub/visibility_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ActivityPub.VisibilityTest do

311
test/pleroma/web/admin_api/controllers/admin_api_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
use Pleroma.Web.ConnCase
use Pleroma.Web.ConnCase, async: false
use Oban.Testing, repo: Pleroma.Repo
import ExUnit.CaptureLog
@ -92,18 +92,12 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "PUT /api/pleroma/admin/users/tag" do
setup %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_tags])
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y"]})
user3 = insert(:user, %{tags: ["unchanged"]})
conn =
conn
|> put_req_header("accept", "application/json")
|> put(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=foo&tags[]=bar"
)
%{conn: conn, user1: user1, user2: user2, user3: user3}
end
@ -113,6 +107,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
user1: user1,
user2: user2
} do
conn =
conn
|> put_req_header("accept", "application/json")
|> put(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=foo&tags[]=bar"
)
assert empty_json_response(conn)
assert User.get_cached_by_id(user1.id).tags == ["x", "foo", "bar"]
assert User.get_cached_by_id(user2.id).tags == ["y", "foo", "bar"]
@ -130,26 +132,43 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
"@#{admin.nickname} added tags: #{tags} to users: #{users}"
end
test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
test "it does not modify tags of not specified users", %{
conn: conn,
user1: user1,
user2: user2,
user3: user3
} do
conn =
conn
|> put_req_header("accept", "application/json")
|> put(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=foo&tags[]=bar"
)
assert empty_json_response(conn)
assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
end
test "it requires privileged role :users_manage_tags", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> put_req_header("accept", "application/json")
|> put("/api/pleroma/admin/users/tag?nicknames[]=nickname&tags[]=foo&tags[]=bar")
assert json_response(response, :forbidden)
end
end
describe "DELETE /api/pleroma/admin/users/tag" do
setup %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_tags])
user1 = insert(:user, %{tags: ["x"]})
user2 = insert(:user, %{tags: ["y", "z"]})
user3 = insert(:user, %{tags: ["unchanged"]})
conn =
conn
|> put_req_header("accept", "application/json")
|> delete(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=x&tags[]=z"
)
%{conn: conn, user1: user1, user2: user2, user3: user3}
end
@ -159,6 +178,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
user1: user1,
user2: user2
} do
conn =
conn
|> put_req_header("accept", "application/json")
|> delete(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=x&tags[]=z"
)
assert empty_json_response(conn)
assert User.get_cached_by_id(user1.id).tags == []
assert User.get_cached_by_id(user2.id).tags == ["y"]
@ -176,10 +203,34 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
"@#{admin.nickname} removed tags: #{tags} from users: #{users}"
end
test "it does not modify tags of not specified users", %{conn: conn, user3: user3} do
test "it does not modify tags of not specified users", %{
conn: conn,
user1: user1,
user2: user2,
user3: user3
} do
conn =
conn
|> put_req_header("accept", "application/json")
|> delete(
"/api/pleroma/admin/users/tag?nicknames[]=#{user1.nickname}&nicknames[]=" <>
"#{user2.nickname}&tags[]=x&tags[]=z"
)
assert empty_json_response(conn)
assert User.get_cached_by_id(user3.id).tags == ["unchanged"]
end
test "it requires privileged role :users_manage_tags", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users/tag?nicknames[]=nickname&tags[]=foo&tags[]=bar")
assert json_response(response, :forbidden)
end
end
describe "/api/pleroma/admin/users/:nickname/permission_group" do
@ -267,27 +318,42 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{
user_two.nickname
}"
"@#{admin.nickname} revoked admin role from @#{user_one.nickname}, @#{user_two.nickname}"
end
end
test "/api/pleroma/admin/users/:nickname/password_reset", %{conn: conn} do
user = insert(:user)
describe "/api/pleroma/admin/users/:nickname/password_reset" do
test "it returns a password reset link", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
conn =
conn
|> put_req_header("accept", "application/json")
|> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
user = insert(:user)
resp = json_response(conn, 200)
conn =
conn
|> put_req_header("accept", "application/json")
|> get("/api/pleroma/admin/users/#{user.nickname}/password_reset")
assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
resp = json_response(conn, 200)
assert Regex.match?(~r/(http:\/\/|https:\/\/)/, resp["link"])
end
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> put_req_header("accept", "application/json")
|> get("/api/pleroma/admin/users/nickname/password_reset")
assert json_response(response, :forbidden)
end
end
describe "PUT disable_mfa" do
test "returns 200 and disable 2fa", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
user =
insert(:user,
multi_factor_authentication_settings: %MFA.Settings{
@ -309,6 +375,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
end
test "returns 404 if user not found", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
response =
conn
|> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
@ -316,6 +384,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert response == %{"error" => "Not found"}
end
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> put("/api/pleroma/admin/users/disable_mfa", %{nickname: "nickname"})
assert json_response(response, :forbidden)
end
end
describe "GET /api/pleroma/admin/restart" do
@ -346,6 +424,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "GET /api/pleroma/admin/users/:nickname/statuses" do
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
user = insert(:user)
insert(:note_activity, user: user)
@ -362,6 +442,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert length(activities) == 3
end
test "it requires privileged role :messages_read", %{conn: conn, user: user} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/statuses")
assert json_response(conn, :forbidden)
end
test "renders user's statuses with pagination", %{conn: conn, user: user} do
%{"total" => 3, "activities" => [activity1]} =
conn
@ -423,21 +511,32 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "GET /api/pleroma/admin/users/:nickname/chats" do
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
user = insert(:user)
%{user: user}
end
test "renders user's chats", %{conn: conn, user: user} do
recipients = insert_list(3, :user)
Enum.each(recipients, fn recipient ->
CommonAPI.post_chat_message(user, recipient, "yo")
end)
%{user: user}
end
test "renders user's chats", %{conn: conn, user: user} do
conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
assert json_response(conn, 200) |> length() == 3
end
test "it requires privileged role :messages_read", %{conn: conn, user: user} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
assert json_response(conn, :forbidden)
end
end
describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do
@ -473,6 +572,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "GET /api/pleroma/admin/moderation_log" do
setup do
clear_config([:instance, :admin_privileges], [:moderation_log_read])
moderator = insert(:user, is_moderator: true)
%{moderator: moderator}
@ -677,6 +777,15 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert get_in(first_entry, ["data", "message"]) ==
"@#{moderator.nickname} unfollowed relay: https://example.org/relay"
end
test "it requires privileged role :moderation_log_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn
|> put_req_header("content-type", "multipart/form-data")
|> get("/api/pleroma/admin/moderation_log")
|> json_response(:forbidden)
end
end
test "gets a remote users when [:instance, :limit_to_local_content] is set to :unauthenticated",
@ -690,6 +799,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "GET /users/:nickname/credentials" do
test "gets the user credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
user = insert(:user)
conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials")
@ -698,6 +808,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
end
test "returns 403 if requested by a non-admin" do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
user = insert(:user)
conn =
@ -707,6 +818,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert json_response(conn, :forbidden)
end
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> get("/api/pleroma/admin/users/nickname/credentials")
assert json_response(response, :forbidden)
end
end
describe "PATCH /users/:nickname/credentials" do
@ -716,6 +837,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
end
test "changes password and email", %{conn: conn, admin: admin, user: user} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
assert user.password_reset_pending == false
conn =
@ -758,6 +881,19 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert json_response(conn, :forbidden)
end
test "returns 403 if not privileged with :users_manage_credentials", %{conn: conn, user: user} do
clear_config([:instance, :admin_privileges], [])
conn =
patch(conn, "/api/pleroma/admin/users/#{user.nickname}/credentials", %{
"password" => "new_password",
"email" => "new_email@example.com",
"name" => "new_name"
})
assert json_response(conn, :forbidden)
end
test "changes actor type from permitted list", %{conn: conn, user: user} do
assert user.actor_type == "Person"
@ -786,6 +922,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "PATCH /users/:nickname/force_password_reset" do
test "sets password_reset_pending to true", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
user = insert(:user)
assert user.password_reset_pending == false
@ -798,44 +935,21 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert User.get_by_id(user.id).password_reset_pending == true
end
end
describe "instances" do
test "GET /instances/:instance/statuses", %{conn: conn} do
user = insert(:user, local: false, ap_id: "https://archae.me/users/archaeme")
user2 = insert(:user, local: false, ap_id: "https://test.com/users/test")
insert_pair(:note_activity, user: user)
activity = insert(:note_activity, user: user2)
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
%{"total" => 2, "activities" => activities} =
conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
assert length(activities) == 2
%{"total" => 1, "activities" => [_]} =
conn |> get("/api/pleroma/admin/instances/test.com/statuses") |> json_response(200)
%{"total" => 0, "activities" => []} =
conn |> get("/api/pleroma/admin/instances/nonexistent.com/statuses") |> json_response(200)
CommonAPI.repeat(activity.id, user)
%{"total" => 2, "activities" => activities} =
conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
assert length(activities) == 2
%{"total" => 3, "activities" => activities} =
response =
conn
|> get("/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
|> json_response(200)
|> patch("/api/pleroma/admin/users/force_password_reset", %{nickname: "nickname"})
assert length(activities) == 3
assert json_response(response, :forbidden)
end
end
describe "PATCH /confirm_email" do
test "it confirms emails of two users", %{conn: conn, admin: admin} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
[first_user, second_user] = insert_pair(:user, is_confirmed: false)
refute first_user.is_confirmed
@ -860,14 +974,23 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{
second_user.nickname
}"
"@#{admin.nickname} confirmed email for users: @#{first_user.nickname}, @#{second_user.nickname}"
end
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> patch("/api/pleroma/admin/users/confirm_email", %{nicknames: ["nickname"]})
assert json_response(response, :forbidden)
end
end
describe "PATCH /resend_confirmation_email" do
test "it resend emails for two users", %{conn: conn, admin: admin} do
clear_config([:instance, :admin_privileges], [:users_manage_credentials])
[first_user, second_user] = insert_pair(:user, is_confirmed: false)
ret_conn =
@ -883,9 +1006,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
second_user.nickname
}"
"@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{second_user.nickname}"
ObanHelpers.perform_all()
@ -895,9 +1016,23 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
|> Swoosh.Email.put_private(:hackney_options, ssl_options: [versions: [:"tlsv1.2"]])
|> assert_email_sent()
end
test "it requires privileged role :users_manage_credentials", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> patch("/api/pleroma/admin/users/resend_confirmation_email", %{nicknames: ["nickname"]})
assert json_response(response, :forbidden)
end
end
describe "/api/pleroma/admin/stats" do
setup do
clear_config([:instance, :admin_privileges], [:statistics_read])
end
test "status visibility count", %{conn: conn} do
user = insert(:user)
CommonAPI.post(user, %{visibility: "public", status: "hey"})
@ -930,6 +1065,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert %{"direct" => 0, "private" => 1, "public" => 0, "unlisted" => 1} =
response["status_visibility"]
end
test "it requires privileged role :statistics_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn
|> get("/api/pleroma/admin/stats", instance: "lain.wired")
|> json_response(:forbidden)
end
end
describe "/api/pleroma/backups" do
@ -998,6 +1141,34 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert Repo.aggregate(Pleroma.User.Backup, :count) == 2
end
end
describe "POST /api/v1/pleroma/admin/reload_emoji" do
setup do
clear_config([:instance, :admin_privileges], [:emoji_manage_emoji])
admin = insert(:user, is_admin: true)
token = insert(:oauth_admin_token, user: admin)
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, token)
{:ok, %{conn: conn, admin: admin}}
end
test "it requires privileged role :emoji_manage_emoji", %{conn: conn} do
assert conn
|> post("/api/v1/pleroma/admin/reload_emoji")
|> json_response(200)
clear_config([:instance, :admin_privileges], [])
assert conn
|> post("/api/v1/pleroma/admin/reload_emoji")
|> json_response(:forbidden)
end
end
end
# Needed for testing

375
test/pleroma/web/admin_api/controllers/announcement_controller_test.exs Normal file
View file

@ -0,0 +1,375 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.AnnouncementControllerTest do
use Pleroma.Web.ConnCase, async: false
import Pleroma.Factory
setup do
clear_config([:instance, :admin_privileges], [:announcements_manage_announcements])
admin = insert(:user, is_admin: true)
token = insert(:oauth_admin_token, user: admin)
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, token)
{:ok, %{admin: admin, token: token, conn: conn}}
end
describe "GET /api/v1/pleroma/admin/announcements" do
test "it lists all announcements", %{conn: conn} do
%{id: id} = insert(:announcement)
response =
conn
|> get("/api/v1/pleroma/admin/announcements")
|> json_response_and_validate_schema(:ok)
assert [%{"id" => ^id}] = response
end
test "it requires privileged role :announcements_manage_announcements", %{conn: conn} do
conn
|> get("/api/v1/pleroma/admin/announcements")
|> json_response_and_validate_schema(:ok)
clear_config([:instance, :admin_privileges], [])
conn
|> get("/api/v1/pleroma/admin/announcements")
|> json_response(:forbidden)
end
test "it paginates announcements", %{conn: conn} do
_announcements = Enum.map(0..20, fn _ -> insert(:announcement) end)
response =
conn
|> get("/api/v1/pleroma/admin/announcements")
|> json_response_and_validate_schema(:ok)
assert length(response) == 20
end
test "it paginates announcements with custom params", %{conn: conn} do
announcements = Enum.map(0..20, fn _ -> insert(:announcement) end)
response =
conn
|> get("/api/v1/pleroma/admin/announcements", limit: 5, offset: 7)
|> json_response_and_validate_schema(:ok)
assert length(response) == 5
assert Enum.at(response, 0)["id"] == Enum.at(announcements, 7).id
end
test "it returns empty list with out-of-bounds offset", %{conn: conn} do
_announcements = Enum.map(0..20, fn _ -> insert(:announcement) end)
response =
conn
|> get("/api/v1/pleroma/admin/announcements", offset: 21)
|> json_response_and_validate_schema(:ok)
assert [] = response
end
test "it rejects invalid pagination params", %{conn: conn} do
conn
|> get("/api/v1/pleroma/admin/announcements", limit: 0)
|> json_response_and_validate_schema(400)
conn
|> get("/api/v1/pleroma/admin/announcements", limit: -1)
|> json_response_and_validate_schema(400)
conn
|> get("/api/v1/pleroma/admin/announcements", offset: -1)
|> json_response_and_validate_schema(400)
end
end
describe "GET /api/v1/pleroma/admin/announcements/:id" do
test "it displays one announcement", %{conn: conn} do
%{id: id} = insert(:announcement)
response =
conn
|> get("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response_and_validate_schema(:ok)
assert %{"id" => ^id} = response
end
test "it requires privileged role :announcements_manage_announcements", %{conn: conn} do
%{id: id} = insert(:announcement)
conn
|> get("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response_and_validate_schema(:ok)
clear_config([:instance, :admin_privileges], [])
conn
|> get("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response(:forbidden)
end
test "it returns not found for non-existent id", %{conn: conn} do
%{id: id} = insert(:announcement)
_response =
conn
|> get("/api/v1/pleroma/admin/announcements/#{id}xxx")
|> json_response_and_validate_schema(:not_found)
end
end
describe "DELETE /api/v1/pleroma/admin/announcements/:id" do
test "it deletes specified announcement", %{conn: conn} do
%{id: id} = insert(:announcement)
_response =
conn
|> delete("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response_and_validate_schema(:ok)
end
test "it requires privileged role :announcements_manage_announcements", %{conn: conn} do
%{id: id} = insert(:announcement)
conn
|> delete("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response_and_validate_schema(:ok)
clear_config([:instance, :admin_privileges], [])
conn
|> delete("/api/v1/pleroma/admin/announcements/#{id}")
|> json_response(:forbidden)
end
test "it returns not found for non-existent id", %{conn: conn} do
%{id: id} = insert(:announcement)
_response =
conn
|> delete("/api/v1/pleroma/admin/announcements/#{id}xxx")
|> json_response_and_validate_schema(:not_found)
assert %{id: ^id} = Pleroma.Announcement.get_by_id(id)
end
end
describe "PATCH /api/v1/pleroma/admin/announcements/:id" do
test "it returns not found for non-existent id", %{conn: conn} do
%{id: id} = insert(:announcement)
_response =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}xxx", %{})
|> json_response_and_validate_schema(:not_found)
assert %{id: ^id} = Pleroma.Announcement.get_by_id(id)
end
test "it updates a field", %{conn: conn} do
%{id: id} = insert(:announcement)
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
starts_at = NaiveDateTime.add(now, -10, :second)
_response =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
starts_at: NaiveDateTime.to_iso8601(starts_at)
})
|> json_response_and_validate_schema(:ok)
new = Pleroma.Announcement.get_by_id(id)
assert NaiveDateTime.compare(new.starts_at, starts_at) == :eq
end
test "it requires privileged role :announcements_manage_announcements", %{conn: conn} do
%{id: id} = insert(:announcement)
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
starts_at = NaiveDateTime.add(now, -10, :second)
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
starts_at: NaiveDateTime.to_iso8601(starts_at)
})
|> json_response_and_validate_schema(:ok)
clear_config([:instance, :admin_privileges], [])
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
starts_at: NaiveDateTime.to_iso8601(starts_at)
})
|> json_response(:forbidden)
end
test "it updates with time with utc timezone", %{conn: conn} do
%{id: id} = insert(:announcement)
now = DateTime.now("Etc/UTC") |> elem(1) |> DateTime.truncate(:second)
starts_at = DateTime.add(now, -10, :second)
_response =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
starts_at: DateTime.to_iso8601(starts_at)
})
|> json_response_and_validate_schema(:ok)
new = Pleroma.Announcement.get_by_id(id)
assert DateTime.compare(new.starts_at, starts_at) == :eq
end
test "it updates a data field", %{conn: conn} do
%{id: id} = announcement = insert(:announcement, data: %{"all_day" => true})
assert announcement.data["all_day"] == true
new_content = "new content"
response =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
content: new_content
})
|> json_response_and_validate_schema(:ok)
assert response["content"] == new_content
assert response["all_day"] == true
new = Pleroma.Announcement.get_by_id(id)
assert new.data["content"] == new_content
assert new.data["all_day"] == true
end
test "it nullifies a nullable field", %{conn: conn} do
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
starts_at = NaiveDateTime.add(now, -10, :second)
%{id: id} = insert(:announcement, starts_at: starts_at)
response =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/v1/pleroma/admin/announcements/#{id}", %{
starts_at: nil
})
|> json_response_and_validate_schema(:ok)
assert response["starts_at"] == nil
new = Pleroma.Announcement.get_by_id(id)
assert new.starts_at == nil
end
end
describe "POST /api/v1/pleroma/admin/announcements" do
test "it creates an announcement", %{conn: conn} do
content = "test post announcement api"
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
starts_at = NaiveDateTime.add(now, -10, :second)
ends_at = NaiveDateTime.add(now, 10, :second)
response =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/pleroma/admin/announcements", %{
"content" => content,
"starts_at" => NaiveDateTime.to_iso8601(starts_at),
"ends_at" => NaiveDateTime.to_iso8601(ends_at),
"all_day" => true
})
|> json_response_and_validate_schema(:ok)
assert %{"content" => ^content, "all_day" => true} = response
announcement = Pleroma.Announcement.get_by_id(response["id"])
assert not is_nil(announcement)
assert NaiveDateTime.compare(announcement.starts_at, starts_at) == :eq
assert NaiveDateTime.compare(announcement.ends_at, ends_at) == :eq
end
test "it requires privileged role :announcements_manage_announcements", %{conn: conn} do
content = "test post announcement api"
now = NaiveDateTime.utc_now() |> NaiveDateTime.truncate(:second)
starts_at = NaiveDateTime.add(now, -10, :second)
ends_at = NaiveDateTime.add(now, 10, :second)
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/pleroma/admin/announcements", %{
"content" => content,
"starts_at" => NaiveDateTime.to_iso8601(starts_at),
"ends_at" => NaiveDateTime.to_iso8601(ends_at),
"all_day" => true
})
|> json_response_and_validate_schema(:ok)
clear_config([:instance, :admin_privileges], [])
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/pleroma/admin/announcements", %{
"content" => content,
"starts_at" => NaiveDateTime.to_iso8601(starts_at),
"ends_at" => NaiveDateTime.to_iso8601(ends_at),
"all_day" => true
})
|> json_response(:forbidden)
end
test "creating with time with utc timezones", %{conn: conn} do
content = "test post announcement api"
now = DateTime.now("Etc/UTC") |> elem(1) |> DateTime.truncate(:second)
starts_at = DateTime.add(now, -10, :second)
ends_at = DateTime.add(now, 10, :second)
response =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/v1/pleroma/admin/announcements", %{
"content" => content,
"starts_at" => DateTime.to_iso8601(starts_at),
"ends_at" => DateTime.to_iso8601(ends_at),
"all_day" => true
})
|> json_response_and_validate_schema(:ok)
assert %{"content" => ^content, "all_day" => true} = response
announcement = Pleroma.Announcement.get_by_id(response["id"])
assert not is_nil(announcement)
assert DateTime.compare(announcement.starts_at, starts_at) == :eq
assert DateTime.compare(announcement.ends_at, ends_at) == :eq
end
end
end

46
test/pleroma/web/admin_api/controllers/chat_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
use Pleroma.Web.ConnCase, async: true
use Pleroma.Web.ConnCase, async: false
import Pleroma.Factory
@ -27,7 +27,10 @@ defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
end
describe "DELETE /api/pleroma/admin/chats/:id/messages/:message_id" do
setup do: admin_setup()
setup do
clear_config([:instance, :admin_privileges], [:messages_delete])
admin_setup()
end
test "it deletes a message from the chat", %{conn: conn, admin: admin} do
user = insert(:user)
@ -53,17 +56,29 @@ defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} deleted chat message ##{cm_ref.id}"
"@#{admin.nickname} deleted chat message ##{message.id}"
assert result["id"] == cm_ref.id
refute MessageReference.get_by_id(cm_ref.id)
refute MessageReference.get_by_id(recipient_cm_ref.id)
assert %{data: %{"type" => "Tombstone"}} = Object.get_by_id(object.id)
end
test "it requires privileged role :messages_delete", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn
|> put_req_header("content-type", "application/json")
|> delete("/api/pleroma/admin/chats/some_id/messages/some_ref_id")
|> json_response(:forbidden)
end
end
describe "GET /api/pleroma/admin/chats/:id/messages" do
setup do: admin_setup()
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
admin_setup()
end
test "it paginates", %{conn: conn} do
user = insert(:user)
@ -114,10 +129,21 @@ defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
assert length(result) == 3
end
test "it requires privileged role :messages_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/chats/some_id/messages")
assert json_response(conn, :forbidden)
end
end
describe "GET /api/pleroma/admin/chats/:id" do
setup do: admin_setup()
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
admin_setup()
end
test "it returns a chat", %{conn: conn} do
user = insert(:user)
@ -135,6 +161,14 @@ defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
assert %{} = result["receiver"]
refute result["account"]
end
test "it requires privileged role :messages_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/chats/some_id")
assert json_response(conn, :forbidden)
end
end
describe "unauthorized chat moderation" do

62
test/pleroma/web/admin_api/controllers/config_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
@ -317,14 +317,14 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
end
test "save configs setting without explicit key", %{conn: conn} do
level = Application.get_env(:quack, :level)
meta = Application.get_env(:quack, :meta)
webhook_url = Application.get_env(:quack, :webhook_url)
adapter = Application.get_env(:http, :adapter)
send_user_agent = Application.get_env(:http, :send_user_agent)
user_agent = Application.get_env(:http, :user_agent)
on_exit(fn ->
Application.put_env(:quack, :level, level)
Application.put_env(:quack, :meta, meta)
Application.put_env(:quack, :webhook_url, webhook_url)
Application.put_env(:http, :adapter, adapter)
Application.put_env(:http, :send_user_agent, send_user_agent)
Application.put_env(:http, :user_agent, user_agent)
end)
conn =
@ -333,19 +333,19 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
|> post("/api/pleroma/admin/config", %{
configs: [
%{
group: ":quack",
key: ":level",
value: ":info"
group: ":http",
key: ":adapter",
value: [":someval"]
},
%{
group: ":quack",
key: ":meta",
value: [":none"]
group: ":http",
key: ":send_user_agent",
value: true
},
%{
group: ":quack",
key: ":webhook_url",
value: "https://hooks.slack.com/services/KEY"
group: ":http",
key: ":user_agent",
value: [":default"]
}
]
})
@ -353,30 +353,30 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
assert json_response_and_validate_schema(conn, 200) == %{
"configs" => [
%{
"group" => ":quack",
"key" => ":level",
"value" => ":info",
"db" => [":level"]
"group" => ":http",
"key" => ":adapter",
"value" => [":someval"],
"db" => [":adapter"]
},
%{
"group" => ":quack",
"key" => ":meta",
"value" => [":none"],
"db" => [":meta"]
"group" => ":http",
"key" => ":send_user_agent",
"value" => true,
"db" => [":send_user_agent"]
},
%{
"group" => ":quack",
"key" => ":webhook_url",
"value" => "https://hooks.slack.com/services/KEY",
"db" => [":webhook_url"]
"group" => ":http",
"key" => ":user_agent",
"value" => [":default"],
"db" => [":user_agent"]
}
],
"need_reboot" => false
}
assert Application.get_env(:quack, :level) == :info
assert Application.get_env(:quack, :meta) == [:none]
assert Application.get_env(:quack, :webhook_url) == "https://hooks.slack.com/services/KEY"
assert Application.get_env(:http, :adapter) == [:someval]
assert Application.get_env(:http, :send_user_agent) == true
assert Application.get_env(:http, :user_agent) == [:default]
end
test "saving config with partial update", %{conn: conn} do

2
test/pleroma/web/admin_api/controllers/frontend_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.FrontendControllerTest do

92
test/pleroma/web/admin_api/controllers/instance_controller_test.exs Normal file
View file

@ -0,0 +1,92 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.InstanceControllerTest do
use Pleroma.Web.ConnCase, async: false
use Oban.Testing, repo: Pleroma.Repo
import Pleroma.Factory
alias Pleroma.Repo
alias Pleroma.Tests.ObanHelpers
alias Pleroma.Web.CommonAPI
setup_all do
Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
end
setup do
admin = insert(:user, is_admin: true)
token = insert(:oauth_admin_token, user: admin)
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, token)
{:ok, %{admin: admin, token: token, conn: conn}}
end
test "GET /instances/:instance/statuses", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:messages_read])
user = insert(:user, local: false, ap_id: "https://archae.me/users/archaeme")
user2 = insert(:user, local: false, ap_id: "https://test.com/users/test")
insert_pair(:note_activity, user: user)
activity = insert(:note_activity, user: user2)
%{"total" => 2, "activities" => activities} =
conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
assert length(activities) == 2
%{"total" => 1, "activities" => [_]} =
conn |> get("/api/pleroma/admin/instances/test.com/statuses") |> json_response(200)
%{"total" => 0, "activities" => []} =
conn |> get("/api/pleroma/admin/instances/nonexistent.com/statuses") |> json_response(200)
CommonAPI.repeat(activity.id, user)
%{"total" => 2, "activities" => activities} =
conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(200)
assert length(activities) == 2
%{"total" => 3, "activities" => activities} =
conn
|> get("/api/pleroma/admin/instances/archae.me/statuses?with_reblogs=true")
|> json_response(200)
assert length(activities) == 3
clear_config([:instance, :admin_privileges], [])
conn |> get("/api/pleroma/admin/instances/archae.me/statuses") |> json_response(:forbidden)
end
test "DELETE /instances/:instance", %{conn: conn} do
clear_config([:instance, :admin_privileges], [:instances_delete])
user = insert(:user, nickname: "lain@lain.com")
post = insert(:note_activity, user: user)
response =
conn
|> delete("/api/pleroma/admin/instances/lain.com")
|> json_response(200)
[:ok] = ObanHelpers.perform_all()
assert response == "lain.com"
refute Repo.reload(user).is_active
refute Repo.reload(post)
clear_config([:instance, :admin_privileges], [])
conn
|> delete("/api/pleroma/admin/instances/lain.com")
|> json_response(:forbidden)
end
end

4
test/pleroma/web/admin_api/controllers/instance_document_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.InstanceDocumentControllerTest do
use Pleroma.Web.ConnCase, async: true
use Pleroma.Web.ConnCase
import Pleroma.Factory
@dir "test/tmp/instance_static"

74
test/pleroma/web/admin_api/controllers/invite_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
use Pleroma.Web.ConnCase, async: true
use Pleroma.Web.ConnCase, async: false
import Pleroma.Factory
@ -23,8 +23,25 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
end
describe "POST /api/pleroma/admin/users/email_invite, with valid config" do
setup do: clear_config([:instance, :registrations_open], false)
setup do: clear_config([:instance, :invites_enabled], true)
setup do
clear_config([:instance, :registrations_open], false)
clear_config([:instance, :invites_enabled], true)
clear_config([:instance, :admin_privileges], [:users_manage_invites])
end
test "returns 403 if not privileged with :users_manage_invites", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json;charset=utf-8")
|> post("/api/pleroma/admin/users/email_invite", %{
email: "foo@bar.com",
name: "J. D."
})
assert json_response(conn, :forbidden)
end
test "sends invitation and returns 204", %{admin: admin, conn: conn} do
recipient_email = "foo@bar.com"
@ -114,8 +131,11 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
end
describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do
setup do: clear_config([:instance, :registrations_open])
setup do: clear_config([:instance, :invites_enabled])
setup do
clear_config([:instance, :registrations_open])
clear_config([:instance, :invites_enabled])
clear_config([:instance, :admin_privileges], [:users_manage_invites])
end
test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn} do
clear_config([:instance, :registrations_open], false)
@ -157,6 +177,21 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
end
describe "POST /api/pleroma/admin/users/invite_token" do
setup do
clear_config([:instance, :admin_privileges], [:users_manage_invites])
end
test "returns 403 if not privileged with :users_manage_invites", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/pleroma/admin/users/invite_token")
assert json_response(conn, :forbidden)
end
test "without options", %{conn: conn} do
conn =
conn
@ -221,6 +256,18 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
end
describe "GET /api/pleroma/admin/users/invites" do
setup do
clear_config([:instance, :admin_privileges], [:users_manage_invites])
end
test "returns 403 if not privileged with :users_manage_invites", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/users/invites")
assert json_response(conn, :forbidden)
end
test "no invites", %{conn: conn} do
conn = get(conn, "/api/pleroma/admin/users/invites")
@ -249,6 +296,21 @@ defmodule Pleroma.Web.AdminAPI.InviteControllerTest do
end
describe "POST /api/pleroma/admin/users/revoke_invite" do
setup do
clear_config([:instance, :admin_privileges], [:users_manage_invites])
end
test "returns 403 if not privileged with :users_manage_invites", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/pleroma/admin/users/revoke_invite", %{"token" => "foo"})
assert json_response(conn, :forbidden)
end
test "with token", %{conn: conn} do
{:ok, invite} = UserInviteToken.create_invite()

32
test/pleroma/web/admin_api/controllers/media_proxy_cache_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.MediaProxyCacheControllerTest do
@ -47,30 +47,34 @@ defmodule Pleroma.Web.AdminAPI.MediaProxyCacheControllerTest do
assert response["page_size"] == 2
assert response["count"] == 5
assert response["urls"] == [
"http://localhost:4001/media/fb1f4d.jpg",
"http://localhost:4001/media/a688346.jpg"
]
results = response["urls"]
response =
conn
|> get("/api/pleroma/admin/media_proxy_caches?page_size=2&page=2")
|> json_response_and_validate_schema(200)
assert response["urls"] == [
"http://localhost:4001/media/gb1f44.jpg",
"http://localhost:4001/media/tb13f47.jpg"
]
assert response["page_size"] == 2
assert response["count"] == 5
results = results ++ response["urls"]
response =
conn
|> get("/api/pleroma/admin/media_proxy_caches?page_size=2&page=3")
|> json_response_and_validate_schema(200)
assert response["urls"] == ["http://localhost:4001/media/wb1f46.jpg"]
results = results ++ response["urls"]
assert results |> Enum.sort() ==
[
"http://localhost:4001/media/wb1f46.jpg",
"http://localhost:4001/media/gb1f44.jpg",
"http://localhost:4001/media/tb13f47.jpg",
"http://localhost:4001/media/fb1f4d.jpg",
"http://localhost:4001/media/a688346.jpg"
]
|> Enum.sort()
end
test "search banned MediaProxy URLs", %{conn: conn} do
@ -88,9 +92,9 @@ defmodule Pleroma.Web.AdminAPI.MediaProxyCacheControllerTest do
|> get("/api/pleroma/admin/media_proxy_caches?page_size=2&query=F44")
|> json_response_and_validate_schema(200)
assert response["urls"] == [
"http://localhost:4001/media/gb1f44.jpg",
"http://localhost:4001/media/ff44b1f4d.jpg"
assert response["urls"] |> Enum.sort() == [
"http://localhost:4001/media/ff44b1f4d.jpg",
"http://localhost:4001/media/gb1f44.jpg"
]
assert response["page_size"] == 2

2
test/pleroma/web/admin_api/controllers/o_auth_app_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.OAuthAppControllerTest do

2
test/pleroma/web/admin_api/controllers/relay_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.RelayControllerTest do

108
test/pleroma/web/admin_api/controllers/report_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
use Pleroma.Web.ConnCase, async: true
use Pleroma.Web.ConnCase, async: false
import Pleroma.Factory
@ -26,6 +26,20 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
end
describe "GET /api/pleroma/admin/reports/:id" do
setup do
clear_config([:instance, :admin_privileges], [:reports_manage_reports])
end
test "returns 403 if not privileged with :reports_manage_reports", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> get("/api/pleroma/admin/reports/report_id")
assert json_response(conn, :forbidden)
end
test "returns report by its id", %{conn: conn} do
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
@ -54,6 +68,32 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
assert notes["content"] == "this is an admin note"
end
test "renders reported content even if the status is deleted", %{conn: conn} do
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
activity = Activity.normalize(activity)
{:ok, %{id: report_id}} =
CommonAPI.report(reporter, %{
account_id: target_user.id,
comment: "I feel offended",
status_ids: [activity.id]
})
CommonAPI.delete(activity.id, target_user)
response =
conn
|> get("/api/pleroma/admin/reports/#{report_id}")
|> json_response_and_validate_schema(:ok)
assert response["id"] == report_id
assert [status] = response["statuses"]
assert activity.object.data["id"] == status["uri"]
assert activity.object.data["content"] == status["content"]
end
test "returns 404 when report id is invalid", %{conn: conn} do
conn = get(conn, "/api/pleroma/admin/reports/test")
@ -63,6 +103,8 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
describe "PATCH /api/pleroma/admin/reports" do
setup do
clear_config([:instance, :admin_privileges], [:reports_manage_reports])
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
@ -86,6 +128,24 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
}
end
test "returns 403 if not privileged with :reports_manage_reports", %{
conn: conn,
id: id,
admin: admin
} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> assign(:token, insert(:oauth_token, user: admin, scopes: ["admin:write:reports"]))
|> put_req_header("content-type", "application/json")
|> patch("/api/pleroma/admin/reports", %{
"reports" => [%{"state" => "resolved", "id" => id}]
})
assert json_response(conn, :forbidden)
end
test "requires admin:write:reports scope", %{conn: conn, id: id, admin: admin} do
read_token = insert(:oauth_token, user: admin, scopes: ["admin:read"])
write_token = insert(:oauth_token, user: admin, scopes: ["admin:write:reports"])
@ -204,13 +264,25 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
"@#{admin.nickname} updated report ##{id} (on user @#{activity.user_actor.nickname}) with 'resolved' state"
assert ModerationLog.get_log_entry_message(second_log_entry) ==
"@#{admin.nickname} updated report ##{second_report_id} (on user @#{
second_activity.user_actor.nickname
}) with 'closed' state"
"@#{admin.nickname} updated report ##{second_report_id} (on user @#{second_activity.user_actor.nickname}) with 'closed' state"
end
end
describe "GET /api/pleroma/admin/reports" do
setup do
clear_config([:instance, :admin_privileges], [:reports_manage_reports])
end
test "returns 403 if not privileged with :reports_manage_reports", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> get(report_path(conn, :index))
assert json_response(conn, :forbidden)
end
test "returns empty response when no reports created", %{conn: conn} do
response =
conn
@ -305,7 +377,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
|> get("/api/pleroma/admin/reports")
assert json_response(conn, :forbidden) ==
%{"error" => "User is not an admin."}
%{"error" => "User is not a staff member."}
end
test "returns 403 when requested by anonymous" do
@ -319,6 +391,8 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
describe "POST /api/pleroma/admin/reports/:id/notes" do
setup %{conn: conn, admin: admin} do
clear_config([:instance, :admin_privileges], [:reports_manage_reports])
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
@ -347,6 +421,25 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
}
end
test "returns 403 if not privileged with :reports_manage_reports", %{
conn: conn,
report_id: report_id
} do
clear_config([:instance, :admin_privileges], [])
post_conn =
conn
|> put_req_header("content-type", "application/json")
|> post("/api/pleroma/admin/reports/#{report_id}/notes", %{
content: "this is disgusting2!"
})
delete_conn = delete(conn, "/api/pleroma/admin/reports/#{report_id}/notes/note.id")
assert json_response(post_conn, :forbidden)
assert json_response(delete_conn, :forbidden)
end
test "it creates report note", %{admin_id: admin_id, report_id: report_id} do
assert [note, _] = Repo.all(ReportNote)
@ -365,7 +458,8 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
[note, _] = notes
assert note["user"]["nickname"] == admin.nickname
assert note["content"] == "this is disgusting!"
# We use '=~' because the order of the notes isn't guaranteed
assert note["content"] =~ "this is disgusting"
assert note["created_at"]
assert response["total"] == 1
end

46
test/pleroma/web/admin_api/controllers/status_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
use Pleroma.Web.ConnCase, async: true
use Pleroma.Web.ConnCase, async: false
import Pleroma.Factory
@ -26,6 +26,10 @@ defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
end
describe "GET /api/pleroma/admin/statuses/:id" do
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
end
test "not found", %{conn: conn} do
assert conn
|> get("/api/pleroma/admin/statuses/not_found")
@ -50,10 +54,17 @@ defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
assert account["is_active"] == actor.is_active
assert account["is_confirmed"] == actor.is_confirmed
end
test "denies reading activity when not privileged", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn |> get("/api/pleroma/admin/statuses/some_id") |> json_response(:forbidden)
end
end
describe "PUT /api/pleroma/admin/statuses/:id" do
setup do
clear_config([:instance, :admin_privileges], [:messages_delete])
activity = insert(:note_activity)
%{id: activity.id}
@ -122,10 +133,20 @@ defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
assert %{"error" => "test - Invalid value for enum."} =
json_response_and_validate_schema(conn, :bad_request)
end
test "it requires privileged role :messages_delete", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn
|> put_req_header("content-type", "application/json")
|> put("/api/pleroma/admin/statuses/some_id", %{})
|> json_response(:forbidden)
end
end
describe "DELETE /api/pleroma/admin/statuses/:id" do
setup do
clear_config([:instance, :admin_privileges], [:messages_delete])
activity = insert(:note_activity)
%{id: activity.id}
@ -149,9 +170,22 @@ defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
assert json_response_and_validate_schema(conn, :not_found) == %{"error" => "Not found"}
end
test "it requires privileged role :messages_delete", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
assert conn
|> put_req_header("content-type", "application/json")
|> delete("/api/pleroma/admin/statuses/some_id")
|> json_response(:forbidden)
end
end
describe "GET /api/pleroma/admin/statuses" do
setup do
clear_config([:instance, :admin_privileges], [:messages_read])
end
test "returns all public and unlisted statuses", %{conn: conn, admin: admin} do
blocked = insert(:user)
user = insert(:user)
@ -197,5 +231,13 @@ defmodule Pleroma.Web.AdminAPI.StatusControllerTest do
conn = get(conn, "/api/pleroma/admin/statuses?godmode=true")
assert json_response_and_validate_schema(conn, 200) |> length() == 3
end
test "it requires privileged role :messages_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/statuses")
assert json_response(conn, :forbidden)
end
end
end

350
test/pleroma/web/admin_api/controllers/user_controller_test.exs
View file

@ -1,9 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.UserControllerTest do
use Pleroma.Web.ConnCase
use Pleroma.Web.ConnCase, async: false
use Oban.Testing, repo: Pleroma.Repo
import Mock
@ -38,6 +38,7 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
end
test "with valid `admin_token` query parameter, skips OAuth scopes check" do
clear_config([:instance, :admin_privileges], [:users_read])
clear_config([:admin_token], "password123")
user = insert(:user)
@ -47,53 +48,10 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
assert json_response_and_validate_schema(conn, 200)
end
test "GET /api/pleroma/admin/users/:nickname requires admin:read:accounts or broader scope",
%{admin: admin} do
user = insert(:user)
url = "/api/pleroma/admin/users/#{user.nickname}"
good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
bad_token3 = nil
for good_token <- [good_token1, good_token2, good_token3] do
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, good_token)
|> get(url)
assert json_response_and_validate_schema(conn, 200)
end
for good_token <- [good_token1, good_token2, good_token3] do
conn =
build_conn()
|> assign(:user, nil)
|> assign(:token, good_token)
|> get(url)
assert json_response(conn, :forbidden)
end
for bad_token <- [bad_token1, bad_token2, bad_token3] do
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, bad_token)
|> get(url)
assert json_response_and_validate_schema(conn, :forbidden)
end
end
describe "DELETE /api/pleroma/admin/users" do
test "single user", %{admin: admin, conn: conn} do
clear_config([:instance, :federating], true)
clear_config([:instance, :admin_privileges], [:users_delete])
user =
insert(:user,
@ -149,6 +107,8 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
end
test "multiple users", %{admin: admin, conn: conn} do
clear_config([:instance, :admin_privileges], [:users_delete])
user_one = insert(:user)
user_two = insert(:user)
@ -168,6 +128,17 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
assert response -- [user_one.nickname, user_two.nickname] == []
end
test "Needs privileged role", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
response =
conn
|> put_req_header("accept", "application/json")
|> delete("/api/pleroma/admin/users?nickname=nickname")
assert json_response(response, :forbidden)
end
end
describe "/api/pleroma/admin/users" do
@ -307,7 +278,19 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
end
end
describe "/api/pleroma/admin/users/:nickname" do
describe "GET /api/pleroma/admin/users/:nickname" do
setup do
clear_config([:instance, :admin_privileges], [:users_read])
end
test "returns 403 if not privileged with :users_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/users/user.nickname")
assert json_response(conn, :forbidden)
end
test "Show", %{conn: conn} do
user = insert(:user)
@ -323,6 +306,50 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
assert %{"error" => "Not found"} == json_response_and_validate_schema(conn, 404)
end
test "requires admin:read:accounts or broader scope",
%{admin: admin} do
user = insert(:user)
url = "/api/pleroma/admin/users/#{user.nickname}"
good_token1 = insert(:oauth_token, user: admin, scopes: ["admin"])
good_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read"])
good_token3 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts"])
bad_token1 = insert(:oauth_token, user: admin, scopes: ["read:accounts"])
bad_token2 = insert(:oauth_token, user: admin, scopes: ["admin:read:accounts:partial"])
bad_token3 = nil
for good_token <- [good_token1, good_token2, good_token3] do
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, good_token)
|> get(url)
assert json_response_and_validate_schema(conn, 200)
end
for good_token <- [good_token1, good_token2, good_token3] do
conn =
build_conn()
|> assign(:user, nil)
|> assign(:token, good_token)
|> get(url)
assert json_response(conn, :forbidden)
end
for bad_token <- [bad_token1, bad_token2, bad_token3] do
conn =
build_conn()
|> assign(:user, admin)
|> assign(:token, bad_token)
|> get(url)
assert json_response_and_validate_schema(conn, :forbidden)
end
end
end
describe "/api/pleroma/admin/users/follow" do
@ -378,6 +405,18 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
end
describe "GET /api/pleroma/admin/users" do
setup do
clear_config([:instance, :admin_privileges], [:users_read])
end
test "returns 403 if not privileged with :users_read", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn = get(conn, "/api/pleroma/admin/users?page=1")
assert json_response(conn, :forbidden)
end
test "renders users array for the first page", %{conn: conn, admin: admin} do
user = insert(:user, local: false, tags: ["foo", "bar"])
user2 = insert(:user, is_approved: false, registration_reason: "I'm a chill dude")
@ -810,49 +849,9 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
end
end
test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
user_one = insert(:user, is_active: false)
user_two = insert(:user, is_active: false)
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/activate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
response = json_response_and_validate_schema(conn, 200)
assert Enum.map(response["users"], & &1["is_active"]) == [true, true]
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
user_one = insert(:user, is_active: true)
user_two = insert(:user, is_active: true)
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/deactivate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
response = json_response_and_validate_schema(conn, 200)
assert Enum.map(response["users"], & &1["is_active"]) == [false, false]
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_invites])
user_one = insert(:user, is_approved: false)
user_two = insert(:user, is_approved: false)
@ -873,24 +872,178 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
"@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}"
end
test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
user = insert(:user)
test "PATCH /api/pleroma/admin/users/approve returns 403 if not privileged with :users_manage_invites",
%{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
|> patch(
"/api/pleroma/admin/users/approve",
%{nicknames: ["user_one.nickname", "user_two.nickname"]}
)
assert json_response_and_validate_schema(conn, 200) ==
user_response(
user,
%{"is_active" => !user.is_active}
)
assert json_response(conn, :forbidden)
end
test "PATCH /api/pleroma/admin/users/suggest", %{admin: admin, conn: conn} do
user1 = insert(:user, is_suggested: false)
user2 = insert(:user, is_suggested: false)
response =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/suggest",
%{nicknames: [user1.nickname, user2.nickname]}
)
|> json_response_and_validate_schema(200)
assert Enum.map(response["users"], & &1["is_suggested"]) == [true, true]
[user1, user2] = Repo.reload!([user1, user2])
assert user1.is_suggested
assert user2.is_suggested
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} deactivated users: @#{user.nickname}"
"@#{admin.nickname} added suggested users: @#{user1.nickname}, @#{user2.nickname}"
end
test "PATCH /api/pleroma/admin/users/unsuggest", %{admin: admin, conn: conn} do
user1 = insert(:user, is_suggested: true)
user2 = insert(:user, is_suggested: true)
response =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/unsuggest",
%{nicknames: [user1.nickname, user2.nickname]}
)
|> json_response_and_validate_schema(200)
assert Enum.map(response["users"], & &1["is_suggested"]) == [false, false]
[user1, user2] = Repo.reload!([user1, user2])
refute user1.is_suggested
refute user2.is_suggested
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} removed suggested users: @#{user1.nickname}, @#{user2.nickname}"
end
describe "user activation" do
test "PATCH /api/pleroma/admin/users/activate", %{admin: admin, conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_activation_state])
user_one = insert(:user, is_active: false)
user_two = insert(:user, is_active: false)
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/activate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
response = json_response_and_validate_schema(conn, 200)
assert Enum.map(response["users"], & &1["is_active"]) == [true, true]
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} activated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
test "PATCH /api/pleroma/admin/users/deactivate", %{admin: admin, conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_activation_state])
user_one = insert(:user, is_active: true)
user_two = insert(:user, is_active: true)
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/deactivate",
%{nicknames: [user_one.nickname, user_two.nickname]}
)
response = json_response_and_validate_schema(conn, 200)
assert Enum.map(response["users"], & &1["is_active"]) == [false, false]
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
end
test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
clear_config([:instance, :admin_privileges], [:users_manage_activation_state])
user = insert(:user)
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/pleroma/admin/users/#{user.nickname}/toggle_activation")
assert json_response_and_validate_schema(conn, 200) ==
user_response(
user,
%{"is_active" => !user.is_active}
)
log_entry = Repo.one(ModerationLog)
assert ModerationLog.get_log_entry_message(log_entry) ==
"@#{admin.nickname} deactivated users: @#{user.nickname}"
end
test "it requires privileged role :statuses_activation to activate", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/activate",
%{nicknames: ["user_one.nickname", "user_two.nickname"]}
)
assert json_response(conn, :forbidden)
end
test "it requires privileged role :statuses_activation to deactivate", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch(
"/api/pleroma/admin/users/deactivate",
%{nicknames: ["user_one.nickname", "user_two.nickname"]}
)
assert json_response(conn, :forbidden)
end
test "it requires privileged role :statuses_activation to toggle activation", %{conn: conn} do
clear_config([:instance, :admin_privileges], [])
conn =
conn
|> put_req_header("content-type", "application/json")
|> patch("/api/pleroma/admin/users/user.nickname/toggle_activation")
assert json_response(conn, :forbidden)
end
end
defp user_response(user, attrs \\ %{}) do
@ -906,6 +1059,7 @@ defmodule Pleroma.Web.AdminAPI.UserControllerTest do
"display_name" => HTML.strip_tags(user.name || user.nickname),
"is_confirmed" => true,
"is_approved" => true,
"is_suggested" => false,
"url" => user.ap_id,
"registration_reason" => nil,
"actor_type" => "Person",

2
test/pleroma/web/admin_api/search_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.SearchTest do

2
test/pleroma/web/admin_api/views/account_view_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.AccountViewTest do

2
test/pleroma/web/admin_api/views/moderation_log_view_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ModerationLogViewTest do
use Pleroma.DataCase, async: true

2
test/pleroma/web/admin_api/views/report_view_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.AdminAPI.ReportViewTest do

2
test/pleroma/web/api_spec/schema_examples_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.ApiSpec.SchemaExamplesTest do

2
test/pleroma/web/auth/auth_controller_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.AuthControllerTest do

2
test/pleroma/web/auth/authenticator_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.AuthenticatorTest do

2
test/pleroma/web/auth/basic_auth_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.BasicAuthTest do

2
test/pleroma/web/auth/pleroma_authenticator_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.PleromaAuthenticatorTest do

2
test/pleroma/web/auth/totp_authenticator_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Auth.TOTPAuthenticatorTest do

91
test/pleroma/web/common_api/utils_test.exs
View file

@ -1,10 +1,9 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.CommonAPI.UtilsTest do
alias Pleroma.Builders.UserBuilder
alias Pleroma.Object
alias Pleroma.Web.CommonAPI
alias Pleroma.Web.CommonAPI.ActivityDraft
alias Pleroma.Web.CommonAPI.Utils
@ -160,11 +159,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
{output, _, _} = Utils.format_input(text, "text/markdown")
assert output ==
~s(<p><strong>hello world</strong></p><p><em>another <span class="h-card"><a class="u-url mention" data-user="#{
user.id
}" href="http://foo.com/user__test" rel="ugc">@<span>user__test</span></a></span> and <span class="h-card"><a class="u-url mention" data-user="#{
user.id
}" href="http://foo.com/user__test" rel="ugc">@<span>user__test</span></a></span> <a href="http://google.com" rel="ugc">google.com</a> paragraph</em></p>)
~s(<p><strong>hello world</strong></p><p><em>another <span class="h-card"><a class="u-url mention" data-user="#{user.id}" href="http://foo.com/user__test" rel="ugc">@<span>user__test</span></a></span> and <span class="h-card"><a class="u-url mention" data-user="#{user.id}" href="http://foo.com/user__test" rel="ugc">@<span>user__test</span></a></span> <a href="http://google.com" rel="ugc">google.com</a> paragraph</em></p>)
end
end
@ -201,11 +196,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
{result, _, []} = Utils.format_input(code, "text/markdown")
assert result ==
~s[<p><span class="h-card"><a class="u-url mention" data-user="#{mario.id}" href="#{
mario.ap_id
}" rel="ugc">@<span>mario</span></a></span> <span class="h-card"><a class="u-url mention" data-user="#{
luigi.id
}" href="#{luigi.ap_id}" rel="ugc">@<span>luigi</span></a></span> yo whats up?</p>]
~s[<p><span class="h-card"><a class="u-url mention" data-user="#{mario.id}" href="#{mario.ap_id}" rel="ugc">@<span>mario</span></a></span> <span class="h-card"><a class="u-url mention" data-user="#{luigi.id}" href="#{luigi.ap_id}" rel="ugc">@<span>luigi</span></a></span> yo whats up?</p>]
end
test "remote mentions" do
@ -216,11 +207,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
{result, _, []} = Utils.format_input(code, "text/markdown")
assert result ==
~s[<p><span class="h-card"><a class="u-url mention" data-user="#{mario.id}" href="#{
mario.ap_id
}" rel="ugc">@<span>mario</span></a></span> <span class="h-card"><a class="u-url mention" data-user="#{
luigi.id
}" href="#{luigi.ap_id}" rel="ugc">@<span>luigi</span></a></span> yo whats up?</p>]
~s[<p><span class="h-card"><a class="u-url mention" data-user="#{mario.id}" href="#{mario.ap_id}" rel="ugc">@<span>mario</span></a></span> <span class="h-card"><a class="u-url mention" data-user="#{luigi.id}" href="#{luigi.ap_id}" rel="ugc">@<span>luigi</span></a></span> yo whats up?</p>]
end
test "raw HTML" do
@ -285,22 +272,6 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
end
end
describe "context_to_conversation_id" do
test "creates a mapping object" do
conversation_id = Utils.context_to_conversation_id("random context")
object = Object.get_by_ap_id("random context")
assert conversation_id == object.id
end
test "returns an existing mapping for an existing object" do
{:ok, object} = Object.context_mapping("random context") |> Repo.insert()
conversation_id = Utils.context_to_conversation_id("random context")
assert conversation_id == object.id
end
end
describe "formats date to asctime" do
test "when date is in ISO 8601 format" do
date = DateTime.utc_now() |> DateTime.to_iso8601()
@ -321,7 +292,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
assert capture_log(fn ->
assert Utils.date_to_asctime(date) == expected
end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"
end) =~ "Date #{date} in wrong format, must be ISO 8601"
end
test "when date is a Unix timestamp" do
@ -331,7 +302,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
assert capture_log(fn ->
assert Utils.date_to_asctime(date) == expected
end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"
end) =~ "Date #{date} in wrong format, must be ISO 8601"
end
test "when date is nil" do
@ -339,13 +310,13 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
assert capture_log(fn ->
assert Utils.date_to_asctime(nil) == expected
end) =~ "[warn] Date in wrong format, must be ISO 8601"
end) =~ "Date in wrong format, must be ISO 8601"
end
test "when date is a random string" do
assert capture_log(fn ->
assert Utils.date_to_asctime("foo") == ""
end) =~ "[warn] Date foo in wrong format, must be ISO 8601"
end) =~ "Date foo in wrong format, must be ISO 8601"
end
end
@ -529,17 +500,6 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
end
end
describe "conversation_id_to_context/1" do
test "returns id" do
object = insert(:note)
assert Utils.conversation_id_to_context(object.id) == object.data["id"]
end
test "returns error if object not found" do
assert Utils.conversation_id_to_context("123") == {:error, "No such conversation"}
end
end
describe "maybe_notify_mentioned_recipients/2" do
test "returns recipients when activity is not `Create`" do
activity = insert(:like_activity)
@ -681,41 +641,6 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
end
end
describe "make_note_data/1" do
test "returns note data" do
user = insert(:user)
note = insert(:note)
user2 = insert(:user)
user3 = insert(:user)
draft = %ActivityDraft{
user: user,
to: [user2.ap_id],
context: "2hu",
content_html: "<h1>This is :moominmamma: note</h1>",
in_reply_to: note.id,
tags: [name: "jimm"],
summary: "test summary",
cc: [user3.ap_id],
extra: %{"custom_tag" => "test"}
}
assert Utils.make_note_data(draft) == %{
"actor" => user.ap_id,
"attachment" => [],
"cc" => [user3.ap_id],
"content" => "<h1>This is :moominmamma: note</h1>",
"context" => "2hu",
"sensitive" => false,
"summary" => "test summary",
"tag" => ["jimm"],
"to" => [user2.ap_id],
"type" => "Note",
"custom_tag" => "test"
}
end
end
describe "maybe_add_attachments/3" do
test "returns parsed results when attachment_links is false" do
assert Utils.maybe_add_attachments(

257
test/pleroma/web/common_api_test.exs
View file

@ -1,10 +1,10 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.CommonAPITest do
use Oban.Testing, repo: Pleroma.Repo
use Pleroma.DataCase
use Pleroma.DataCase, async: false
alias Pleroma.Activity
alias Pleroma.Chat
@ -18,6 +18,7 @@ defmodule Pleroma.Web.CommonAPITest do
alias Pleroma.Web.ActivityPub.Visibility
alias Pleroma.Web.AdminAPI.AccountView
alias Pleroma.Web.CommonAPI
alias Pleroma.Workers.PollWorker
import Pleroma.Factory
import Mock
@ -48,15 +49,23 @@ defmodule Pleroma.Web.CommonAPITest do
assert object.data["type"] == "Question"
assert object.data["oneOf"] |> length() == 2
assert_enqueued(
worker: PollWorker,
args: %{op: "poll_end", activity_id: activity.id},
scheduled_at: NaiveDateTime.from_iso8601!(object.data["closed"])
)
end
end
describe "blocking" do
setup do
blocker = insert(:user)
blocked = insert(:user)
User.follow(blocker, blocked)
User.follow(blocked, blocker)
blocked = insert(:user, local: false)
CommonAPI.follow(blocker, blocked)
CommonAPI.follow(blocked, blocker)
CommonAPI.accept_follow_request(blocker, blocked)
CommonAPI.accept_follow_request(blocked, blocked)
%{blocker: blocker, blocked: blocked}
end
@ -65,6 +74,9 @@ defmodule Pleroma.Web.CommonAPITest do
with_mock Pleroma.Web.Federator,
publish: fn _ -> nil end do
assert User.get_follow_state(blocker, blocked) == :follow_accept
refute is_nil(Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(blocker, blocked))
assert {:ok, block} = CommonAPI.block(blocker, blocked)
assert block.local
@ -72,6 +84,11 @@ defmodule Pleroma.Web.CommonAPITest do
refute User.following?(blocker, blocked)
refute User.following?(blocked, blocker)
refute User.get_follow_state(blocker, blocked)
assert %{data: %{"state" => "reject"}} =
Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(blocker, blocked)
assert called(Pleroma.Web.Federator.publish(block))
end
end
@ -202,9 +219,7 @@ defmodule Pleroma.Web.CommonAPITest do
object = Object.normalize(activity, fetch: false)
assert object.data["content"] ==
"<a href=\"https://example.org\" rel=\"ugc\">https://example.org</a> is the site of <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{
other_user.id
}\" href=\"#{other_user.ap_id}\" rel=\"ugc\">@<span>#{other_user.nickname}</span></a></span> <a class=\"hashtag\" data-tag=\"2hu\" href=\"http://localhost:4001/tag/2hu\">#2hu</a>"
"<a href=\"https://example.org\" rel=\"ugc\">https://example.org</a> is the site of <span class=\"h-card\"><a class=\"u-url mention\" data-user=\"#{other_user.id}\" href=\"#{other_user.ap_id}\" rel=\"ugc\">@<span>#{other_user.nickname}</span></a></span> <a class=\"hashtag\" data-tag=\"2hu\" href=\"http://localhost:4001/tag/2hu\">#2hu</a>"
end
test "it posts a chat message" do
@ -316,7 +331,7 @@ defmodule Pleroma.Web.CommonAPITest do
refute Activity.get_by_id(post.id)
end
test "it does not allow a user to delete their posts" do
test "it does not allow a user to delete posts from another user" do
user = insert(:user)
other_user = insert(:user)
@ -326,7 +341,8 @@ defmodule Pleroma.Web.CommonAPITest do
assert Activity.get_by_id(post.id)
end
test "it allows moderators to delete other user's posts" do
test "it allows privileged users to delete other user's posts" do
clear_config([:instance, :moderator_privileges], [:messages_delete])
user = insert(:user)
moderator = insert(:user, is_moderator: true)
@ -338,19 +354,20 @@ defmodule Pleroma.Web.CommonAPITest do
refute Activity.get_by_id(post.id)
end
test "it allows admins to delete other user's posts" do
test "it doesn't allow unprivileged mods or admins to delete other user's posts" do
clear_config([:instance, :admin_privileges], [])
clear_config([:instance, :moderator_privileges], [])
user = insert(:user)
moderator = insert(:user, is_admin: true)
moderator = insert(:user, is_moderator: true, is_admin: true)
{:ok, post} = CommonAPI.post(user, %{status: "namu amida butsu"})
assert {:ok, delete} = CommonAPI.delete(post.id, moderator)
assert delete.local
refute Activity.get_by_id(post.id)
assert {:error, "Could not delete"} = CommonAPI.delete(post.id, moderator)
assert Activity.get_by_id(post.id)
end
test "superusers deleting non-local posts won't federate the delete" do
test "privileged users deleting non-local posts won't federate the delete" do
clear_config([:instance, :admin_privileges], [:messages_delete])
# This is the user of the ingested activity
_user =
insert(:user,
@ -359,7 +376,7 @@ defmodule Pleroma.Web.CommonAPITest do
last_refreshed_at: NaiveDateTime.utc_now()
)
moderator = insert(:user, is_admin: true)
admin = insert(:user, is_admin: true)
data =
File.read!("test/fixtures/mastodon-post-activity.json")
@ -369,7 +386,7 @@ defmodule Pleroma.Web.CommonAPITest do
with_mock Pleroma.Web.Federator,
publish: fn _ -> nil end do
assert {:ok, delete} = CommonAPI.delete(post.id, moderator)
assert {:ok, delete} = CommonAPI.delete(post.id, admin)
assert delete.local
refute called(Pleroma.Web.Federator.publish(:_))
end
@ -581,7 +598,7 @@ defmodule Pleroma.Web.CommonAPITest do
object = Object.normalize(activity, fetch: false)
assert object.data["content"] == "<p><b>2hu</b></p>alert(&#39;xss&#39;)"
assert object.data["source"] == post
assert object.data["source"]["content"] == post
end
test "it filters out obviously bad tags when accepting a post as Markdown" do
@ -598,7 +615,7 @@ defmodule Pleroma.Web.CommonAPITest do
object = Object.normalize(activity, fetch: false)
assert object.data["content"] == "<p><b>2hu</b></p>"
assert object.data["source"] == post
assert object.data["source"]["content"] == post
end
test "it does not allow replies to direct messages that are not direct messages themselves" do
@ -678,6 +695,32 @@ defmodule Pleroma.Web.CommonAPITest do
assert {:ok, _activity} = CommonAPI.post(user, %{status: "12345"})
end
test "it validates media attachment limits are correctly enforced" do
clear_config([:instance, :max_media_attachments], 4)
user = insert(:user)
file = %Plug.Upload{
content_type: "image/jpeg",
path: Path.absname("test/fixtures/image.jpg"),
filename: "an_image.jpg"
}
{:ok, upload} = ActivityPub.upload(file, actor: user.ap_id)
assert {:error, "Too many attachments"} =
CommonAPI.post(user, %{
status: "",
media_ids: List.duplicate(upload.id, 5)
})
assert {:ok, _activity} =
CommonAPI.post(user, %{
status: "",
media_ids: [upload.id]
})
end
test "it can handle activities that expire" do
user = insert(:user)
@ -1059,10 +1102,11 @@ defmodule Pleroma.Web.CommonAPITest do
target_user = insert(:user)
{:ok, activity} = CommonAPI.post(target_user, %{status: "foobar"})
activity = Activity.normalize(activity)
reporter_ap_id = reporter.ap_id
target_ap_id = target_user.ap_id
activity_ap_id = activity.data["id"]
reported_object_ap_id = activity.object.data["id"]
comment = "foobar"
report_data = %{
@ -1073,7 +1117,7 @@ defmodule Pleroma.Web.CommonAPITest do
note_obj = %{
"type" => "Note",
"id" => activity_ap_id,
"id" => reported_object_ap_id,
"content" => "foobar",
"published" => activity.object.data["published"],
"actor" => AccountView.render("show.json", %{user: target_user})
@ -1095,6 +1139,7 @@ defmodule Pleroma.Web.CommonAPITest do
test "updates report state" do
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
object = Object.normalize(activity)
{:ok, %Activity{id: report_id}} =
CommonAPI.report(reporter, %{
@ -1107,10 +1152,36 @@ defmodule Pleroma.Web.CommonAPITest do
assert report.data["state"] == "resolved"
[reported_user, activity_id] = report.data["object"]
[reported_user, object_id] = report.data["object"]
assert reported_user == target_user.ap_id
assert activity_id == activity.data["id"]
assert object_id == object.data["id"]
end
test "updates report state, don't strip when report_strip_status is false" do
clear_config([:instance, :report_strip_status], false)
[reporter, target_user] = insert_pair(:user)
activity = insert(:note_activity, user: target_user)
{:ok, %Activity{id: report_id, data: report_data}} =
CommonAPI.report(reporter, %{
account_id: target_user.id,
comment: "I feel offended",
status_ids: [activity.id]
})
{:ok, report} = CommonAPI.update_report_state(report_id, "resolved")
assert report.data["state"] == "resolved"
[reported_user, reported_activity] = report.data["object"]
assert reported_user == target_user.ap_id
assert is_map(reported_activity)
assert reported_activity["content"] ==
report_data["object"] |> Enum.at(1) |> Map.get("content")
end
test "does not update report state when state is unsupported" do
@ -1202,6 +1273,18 @@ defmodule Pleroma.Web.CommonAPITest do
refute User.subscribed_to?(follower, followed)
end
test "also unpins a user" do
[follower, followed] = insert_pair(:user)
{:ok, follower, followed, _} = CommonAPI.follow(follower, followed)
{:ok, _endorsement} = User.endorse(follower, followed)
assert User.endorses?(follower, followed)
{:ok, follower} = CommonAPI.unfollow(follower, followed)
refute User.endorses?(follower, followed)
end
test "cancels a pending follow for a local user" do
follower = insert(:user)
followed = insert(:user, is_locked: true)
@ -1498,4 +1581,128 @@ defmodule Pleroma.Web.CommonAPITest do
end
end
end
describe "update/3" do
test "updates a post" do
user = insert(:user)
{:ok, activity} = CommonAPI.post(user, %{status: "foo1", spoiler_text: "title 1"})
{:ok, updated} = CommonAPI.update(user, activity, %{status: "updated 2"})
updated_object = Object.normalize(updated)
assert updated_object.data["content"] == "updated 2"
assert Map.get(updated_object.data, "summary", "") == ""
assert Map.has_key?(updated_object.data, "updated")
end
test "does not change visibility" do
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{status: "foo1", spoiler_text: "title 1", visibility: "private"})
{:ok, updated} = CommonAPI.update(user, activity, %{status: "updated 2"})
updated_object = Object.normalize(updated)
assert updated_object.data["content"] == "updated 2"
assert Map.get(updated_object.data, "summary", "") == ""
assert Visibility.get_visibility(updated_object) == "private"
assert Visibility.get_visibility(updated) == "private"
end
test "updates a post with emoji" do
[{emoji1, _}, {emoji2, _} | _] = Pleroma.Emoji.get_all()
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{status: "foo1", spoiler_text: "title 1 :#{emoji1}:"})
{:ok, updated} = CommonAPI.update(user, activity, %{status: "updated 2 :#{emoji2}:"})
updated_object = Object.normalize(updated)
assert updated_object.data["content"] == "updated 2 :#{emoji2}:"
assert %{^emoji2 => _} = updated_object.data["emoji"]
end
test "updates a post with emoji and federate properly" do
[{emoji1, _}, {emoji2, _} | _] = Pleroma.Emoji.get_all()
user = insert(:user)
{:ok, activity} =
CommonAPI.post(user, %{status: "foo1", spoiler_text: "title 1 :#{emoji1}:"})
clear_config([:instance, :federating], true)
with_mock Pleroma.Web.Federator,
publish: fn _p -> nil end do
{:ok, updated} = CommonAPI.update(user, activity, %{status: "updated 2 :#{emoji2}:"})
assert updated.data["object"]["content"] == "updated 2 :#{emoji2}:"
assert %{^emoji2 => _} = updated.data["object"]["emoji"]
assert called(Pleroma.Web.Federator.publish(updated))
end
end
test "editing a post that copied a remote title with remote emoji should keep that emoji" do
remote_emoji_uri = "https://remote.org/emoji.png"
note =
insert(
:note,
data: %{
"summary" => ":remoteemoji:",
"emoji" => %{
"remoteemoji" => remote_emoji_uri
},
"tag" => [
%{
"type" => "Emoji",
"name" => "remoteemoji",
"icon" => %{"url" => remote_emoji_uri}
}
]
}
)
note_activity = insert(:note_activity, note: note)
user = insert(:user)
{:ok, reply} =
CommonAPI.post(user, %{
status: "reply",
spoiler_text: ":remoteemoji:",
in_reply_to_id: note_activity.id
})
assert reply.object.data["emoji"]["remoteemoji"] == remote_emoji_uri
{:ok, edit} =
CommonAPI.update(user, reply, %{status: "reply mew mew", spoiler_text: ":remoteemoji:"})
edited_note = Pleroma.Object.normalize(edit)
assert edited_note.data["emoji"]["remoteemoji"] == remote_emoji_uri
end
test "respects MRF" do
user = insert(:user)
clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
clear_config([:mrf_keyword, :replace], [{"updated", "mewmew"}])
{:ok, activity} = CommonAPI.post(user, %{status: "foo1", spoiler_text: "updated 1"})
assert Object.normalize(activity).data["summary"] == "mewmew 1"
{:ok, updated} = CommonAPI.update(user, activity, %{status: "updated 2"})
updated_object = Object.normalize(updated)
assert updated_object.data["content"] == "mewmew 2"
assert Map.get(updated_object.data, "summary", "") == ""
assert Map.has_key?(updated_object.data, "updated")
end
end
end

2
test/pleroma/web/endpoint/metrics_exporter_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Endpoint.MetricsExporterTest do

2
test/pleroma/web/fallback_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.FallbackTest do

6
test/pleroma/web/federator_test.exs
View file

@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.FederatorTest do
@ -153,7 +153,7 @@ defmodule Pleroma.Web.FederatorTest do
}
assert {:ok, job} = Federator.incoming_ap_doc(params)
assert {:error, :origin_containment_failed} = ObanHelpers.perform(job)
assert {:cancel, :origin_containment_failed} = ObanHelpers.perform(job)
end
test "it does not crash if MRF rejects the post" do
@ -169,7 +169,7 @@ defmodule Pleroma.Web.FederatorTest do
|> Jason.decode!()
assert {:ok, job} = Federator.incoming_ap_doc(params)
assert {:error, _} = ObanHelpers.perform(job)
assert {:cancel, _} = ObanHelpers.perform(job)
end
end
end

Some files were not shown because too many files have changed in this diff Show more