Merge branch 'develop' into feature/hide-follows-remote

test/notification_test.exs

@@ -564,6 +564,64 @@ defmodule Pleroma.NotificationTest do
 
       assert Enum.empty?(Notification.for_user(user))
     end
+
+    test "notifications are deleted if a local user is deleted" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, _activity} =
+        CommonAPI.post(user, %{"status" => "hi @#{other_user.nickname}", "visibility" => "direct"})
+
+      refute Enum.empty?(Notification.for_user(other_user))
+
+      User.delete(user)
+
+      assert Enum.empty?(Notification.for_user(other_user))
+    end
+
+    test "notifications are deleted if a remote user is deleted" do
+      remote_user = insert(:user)
+      local_user = insert(:user)
+
+      dm_message = %{
+        "@context" => "https://www.w3.org/ns/activitystreams",
+        "type" => "Create",
+        "actor" => remote_user.ap_id,
+        "id" => remote_user.ap_id <> "/activities/test",
+        "to" => [local_user.ap_id],
+        "cc" => [],
+        "object" => %{
+          "type" => "Note",
+          "content" => "Hello!",
+          "tag" => [
+            %{
+              "type" => "Mention",
+              "href" => local_user.ap_id,
+              "name" => "@#{local_user.nickname}"
+            }
+          ],
+          "to" => [local_user.ap_id],
+          "cc" => [],
+          "attributedTo" => remote_user.ap_id
+        }
+      }
+
+      {:ok, _dm_activity} = Transmogrifier.handle_incoming(dm_message)
+
+      refute Enum.empty?(Notification.for_user(local_user))
+
+      delete_user_message = %{
+        "@context" => "https://www.w3.org/ns/activitystreams",
+        "id" => remote_user.ap_id <> "/activities/delete",
+        "actor" => remote_user.ap_id,
+        "type" => "Delete",
+        "object" => remote_user.ap_id
+      }
+
+      {:ok, _delete_activity} = Transmogrifier.handle_incoming(delete_user_message)
+
+      assert Enum.empty?(Notification.for_user(local_user))
+    end
   end
 
   describe "for_user" do

test/user_test.exs

@@ -1369,4 +1369,28 @@ defmodule Pleroma.UserTest do
       assert User.is_internal_user?(user)
     end
   end
+
+  describe "update_and_set_cache/1" do
+    test "returns error when user is stale instead Ecto.StaleEntryError" do
+      user = insert(:user)
+
+      changeset = Ecto.Changeset.change(user, bio: "test")
+
+      Repo.delete(user)
+
+      assert {:error, %Ecto.Changeset{errors: [id: {"is stale", [stale: true]}], valid?: false}} =
+               User.update_and_set_cache(changeset)
+    end
+
+    test "performs update cache if user updated" do
+      user = insert(:user)
+      assert {:ok, nil} = Cachex.get(:user_cache, "ap_id:#{user.ap_id}")
+
+      changeset = Ecto.Changeset.change(user, bio: "test-bio")
+
+      assert {:ok, %User{bio: "test-bio"} = user} = User.update_and_set_cache(changeset)
+      assert {:ok, user} = Cachex.get(:user_cache, "ap_id:#{user.ap_id}")
+      assert %User{bio: "test-bio"} = User.get_cached_by_ap_id(user.ap_id)
+    end
+  end
 end

test/web/fallback_test.exs

@@ -30,6 +30,10 @@ defmodule Pleroma.Web.FallbackTest do
            |> json_response(404) == %{"error" => "Not implemented"}
   end
 
+  test "GET /pleroma/admin -> /pleroma/admin/", %{conn: conn} do
+    assert redirected_to(get(conn, "/pleroma/admin")) =~ "/pleroma/admin/"
+  end
+
   test "GET /*path", %{conn: conn} do
     assert conn
            |> get("/foo")

test/web/mastodon_api/mastodon_api_controller_test.exs

@@ -3154,6 +3154,21 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
       assert redirected_to(conn) == "/web/login"
     end
 
+    test "redirects not logged-in users to the login page on private instances", %{
+      conn: conn,
+      path: path
+    } do
+      is_public = Pleroma.Config.get([:instance, :public])
+      Pleroma.Config.put([:instance, :public], false)
+
+      conn = get(conn, path)
+
+      assert conn.status == 302
+      assert redirected_to(conn) == "/web/login"
+
+      Pleroma.Config.put([:instance, :public], is_public)
+    end
+
     test "does not redirect logged in users to the login page", %{conn: conn, path: path} do
       token = insert(:oauth_token)
 
@@ -3923,4 +3938,45 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
       assert conn.resp_body == ""
     end
   end
+
+  describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
+    setup do
+      setting = Pleroma.Config.get([:instance, :account_activation_required])
+
+      unless setting do
+        Pleroma.Config.put([:instance, :account_activation_required], true)
+        on_exit(fn -> Pleroma.Config.put([:instance, :account_activation_required], setting) end)
+      end
+
+      user = insert(:user)
+      info_change = User.Info.confirmation_changeset(user.info, need_confirmation: true)
+
+      {:ok, user} =
+        user
+        |> Changeset.change()
+        |> Changeset.put_embed(:info, info_change)
+        |> Repo.update()
+
+      assert user.info.confirmation_pending
+
+      [user: user]
+    end
+
+    test "resend account confirmation email", %{conn: conn, user: user} do
+      conn
+      |> assign(:user, user)
+      |> post("/api/v1/pleroma/accounts/confirmation_resend?email=#{user.email}")
+      |> json_response(:no_content)
+
+      email = Pleroma.Emails.UserEmail.account_confirmation_email(user)
+      notify_email = Pleroma.Config.get([:instance, :notify_email])
+      instance_name = Pleroma.Config.get([:instance, :name])
+
+      assert_email_sent(
+        from: {instance_name, notify_email},
+        to: {user.name, user.email},
+        html_body: email.html_body
+      )
+    end
+  end
 end

test/web/ostatus/ostatus_controller_test.exs

@@ -101,160 +101,538 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
     assert response(conn, 404)
   end
 
-  test "gets an object", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    object = Object.normalize(note_activity)
-    user = User.get_cached_by_ap_id(note_activity.data["actor"])
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
-    url = "/objects/#{uuid}"
+  describe "GET object/2" do
+    test "gets an object", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get(url)
+
+      expected =
+        ActivityRepresenter.to_simple_form(note_activity, user, true)
+        |> ActivityRepresenter.wrap_with_entry()
+        |> :xmerl.export_simple(:xmerl_xml)
+        |> to_string
+
+      assert response(conn, 200) == expected
+    end
+
+    test "redirects to /notice/id for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get(url)
+
+      assert redirected_to(conn) == "/notice/#{note_activity.id}"
+    end
+
+    test "500s when user not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+      url = "/objects/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get(url)
+
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end
+
+    test "404s on private objects", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+
+      conn
+      |> get("/objects/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on nonexisting objects", %{conn: conn} do
+      conn
+      |> get("/objects/123")
+      |> response(404)
+    end
+  end
+
+  describe "GET activity/2" do
+    test "gets an activity in xml format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
 
-    conn =
       conn
       |> put_req_header("accept", "application/xml")
-      |> get(url)
+      |> get("/activities/#{uuid}")
+      |> response(200)
+    end
 
-    expected =
-      ActivityRepresenter.to_simple_form(note_activity, user, true)
-      |> ActivityRepresenter.wrap_with_entry()
-      |> :xmerl.export_simple(:xmerl_xml)
-      |> to_string
+    test "redirects to /notice/id for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
 
-    assert response(conn, 200) == expected
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/activities/#{uuid}")
+
+      assert redirected_to(conn) == "/notice/#{note_activity.id}"
+    end
+
+    test "505s when user not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)
+
+      conn =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/activities/#{uuid}")
+
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end
+
+    test "404s on deleted objects", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Object.normalize(note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+
+      conn
+      |> put_req_header("accept", "application/xml")
+      |> get("/objects/#{uuid}")
+      |> response(200)
+
+      Object.delete(object)
+
+      conn
+      |> put_req_header("accept", "application/xml")
+      |> get("/objects/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on private activities", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+
+      conn
+      |> get("/activities/#{uuid}")
+      |> response(404)
+    end
+
+    test "404s on nonexistent activities", %{conn: conn} do
+      conn
+      |> get("/activities/123")
+      |> response(404)
+    end
+
+    test "gets an activity in AS2 format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
+      url = "/activities/#{uuid}"
+
+      conn =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)
+
+      assert json_response(conn, 200)
+    end
   end
 
-  test "404s on private objects", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    object = Object.normalize(note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
+  describe "GET notice/2" do
+    test "gets a notice in xml format", %{conn: conn} do
+      note_activity = insert(:note_activity)
 
-    conn
-    |> get("/objects/#{uuid}")
-    |> response(404)
-  end
+      conn
+      |> get("/notice/#{note_activity.id}")
+      |> response(200)
+    end
 
-  test "404s on nonexisting objects", %{conn: conn} do
-    conn
-    |> get("/objects/123")
-    |> response(404)
-  end
+    test "gets a notice in AS2 format", %{conn: conn} do
+      note_activity = insert(:note_activity)
 
-  test "gets an activity in xml format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/activities/#{uuid}")
-    |> response(200)
-  end
-
-  test "404s on deleted objects", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    object = Object.normalize(note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/objects/#{uuid}")
-    |> response(200)
-
-    Object.delete(object)
-
-    conn
-    |> put_req_header("accept", "application/xml")
-    |> get("/objects/#{uuid}")
-    |> response(404)
-  end
-
-  test "404s on private activities", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-
-    conn
-    |> get("/activities/#{uuid}")
-    |> response(404)
-  end
-
-  test "404s on nonexistent activities", %{conn: conn} do
-    conn
-    |> get("/activities/123")
-    |> response(404)
-  end
-
-  test "gets a notice in xml format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-
-    conn
-    |> get("/notice/#{note_activity.id}")
-    |> response(200)
-  end
-
-  test "gets a notice in AS2 format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-
-    conn
-    |> put_req_header("accept", "application/activity+json")
-    |> get("/notice/#{note_activity.id}")
-    |> json_response(200)
-  end
-
-  test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    url = "/notice/#{note_activity.id}"
-
-    conn =
       conn
       |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      |> get("/notice/#{note_activity.id}")
+      |> json_response(200)
+    end
 
-    assert json_response(conn, 200)
+    test "500s when actor not found", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+      User.invalidate_cache(user)
+      Pleroma.Repo.delete(user)
 
-    user = insert(:user)
+      conn =
+        conn
+        |> get("/notice/#{note_activity.id}")
 
-    {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
-    url = "/notice/#{like_activity.id}"
+      assert response(conn, 500) == ~S({"error":"Something went wrong"})
+    end
 
-    assert like_activity.data["type"] == "Like"
+    test "only gets a notice in AS2 format for Create messages", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      url = "/notice/#{note_activity.id}"
 
-    conn =
-      build_conn()
-      |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      conn =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)
 
-    assert response(conn, 404)
+      assert json_response(conn, 200)
+
+      user = insert(:user)
+
+      {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
+      url = "/notice/#{like_activity.id}"
+
+      assert like_activity.data["type"] == "Like"
+
+      conn =
+        build_conn()
+        |> put_req_header("accept", "application/activity+json")
+        |> get(url)
+
+      assert response(conn, 404)
+    end
+
+    test "render html for redirect for html format", %{conn: conn} do
+      note_activity = insert(:note_activity)
+
+      resp =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/notice/#{note_activity.id}")
+        |> response(200)
+
+      assert resp =~
+               "<meta content=\"#{Pleroma.Web.base_url()}/notice/#{note_activity.id}\" property=\"og:url\">"
+
+      user = insert(:user)
+
+      {:ok, like_activity, _} = CommonAPI.favorite(note_activity.id, user)
+
+      assert like_activity.data["type"] == "Like"
+
+      resp =
+        conn
+        |> put_req_header("accept", "text/html")
+        |> get("/notice/#{like_activity.id}")
+        |> response(200)
+
+      assert resp =~ "<!--server-generated-meta-->"
+    end
+
+    test "404s a private notice", %{conn: conn} do
+      note_activity = insert(:direct_note_activity)
+      url = "/notice/#{note_activity.id}"
+
+      conn =
+        conn
+        |> get(url)
+
+      assert response(conn, 404)
+    end
+
+    test "404s a nonexisting notice", %{conn: conn} do
+      url = "/notice/123"
+
+      conn =
+        conn
+        |> get(url)
+
+      assert response(conn, 404)
+    end
   end
 
-  test "gets an activity in AS2 format", %{conn: conn} do
-    note_activity = insert(:note_activity)
-    [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
-    url = "/activities/#{uuid}"
+  describe "feed_redirect" do
+    test "undefined format. it redirects to feed", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
 
-    conn =
-      conn
-      |> put_req_header("accept", "application/activity+json")
-      |> get(url)
+      response =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get("/users/#{user.nickname}")
+        |> response(302)
 
-    assert json_response(conn, 200)
+      assert response ==
+               "<html><body>You are being <a href=\"#{Pleroma.Web.base_url()}/users/#{
+                 user.nickname
+               }/feed.atom\">redirected</a>.</body></html>"
+    end
+
+    test "undefined format. it returns error when user not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/xml")
+        |> get("/users/jimm")
+        |> response(404)
+
+      assert response == ~S({"error":"Not found"})
+    end
+
+    test "activity+json format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get("/users/#{user.nickname}")
+        |> json_response(200)
+
+      assert response["endpoints"] == %{
+               "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
+               "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
+               "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
+               "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
+             }
+
+      assert response["@context"] == [
+               "https://www.w3.org/ns/activitystreams",
+               "http://localhost:4001/schemas/litepub-0.1.jsonld",
+               %{"@language" => "und"}
+             ]
+
+      assert Map.take(response, [
+               "followers",
+               "following",
+               "id",
+               "inbox",
+               "manuallyApprovesFollowers",
+               "name",
+               "outbox",
+               "preferredUsername",
+               "summary",
+               "tag",
+               "type",
+               "url"
+             ]) == %{
+               "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
+               "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
+               "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
+               "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
+               "manuallyApprovesFollowers" => false,
+               "name" => user.name,
+               "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
+               "preferredUsername" => user.nickname,
+               "summary" => user.bio,
+               "tag" => [],
+               "type" => "Person",
+               "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
+             }
+    end
+
+    test "activity+json format. it returns error whe use not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/activity+json")
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == "Not found"
+    end
+
+    test "json format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> put_req_header("accept", "application/json")
+        |> get("/users/#{user.nickname}")
+        |> json_response(200)
+
+      assert response["endpoints"] == %{
+               "oauthAuthorizationEndpoint" => "#{Pleroma.Web.base_url()}/oauth/authorize",
+               "oauthRegistrationEndpoint" => "#{Pleroma.Web.base_url()}/api/v1/apps",
+               "oauthTokenEndpoint" => "#{Pleroma.Web.base_url()}/oauth/token",
+               "sharedInbox" => "#{Pleroma.Web.base_url()}/inbox"
+             }
+
+      assert response["@context"] == [
+               "https://www.w3.org/ns/activitystreams",
+               "http://localhost:4001/schemas/litepub-0.1.jsonld",
+               %{"@language" => "und"}
+             ]
+
+      assert Map.take(response, [
+               "followers",
+               "following",
+               "id",
+               "inbox",
+               "manuallyApprovesFollowers",
+               "name",
+               "outbox",
+               "preferredUsername",
+               "summary",
+               "tag",
+               "type",
+               "url"
+             ]) == %{
+               "followers" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/followers",
+               "following" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/following",
+               "id" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}",
+               "inbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/inbox",
+               "manuallyApprovesFollowers" => false,
+               "name" => user.name,
+               "outbox" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}/outbox",
+               "preferredUsername" => user.nickname,
+               "summary" => user.bio,
+               "tag" => [],
+               "type" => "Person",
+               "url" => "#{Pleroma.Web.base_url()}/users/#{user.nickname}"
+             }
+    end
+
+    test "json format. it returns error whe use not found", %{conn: conn} do
+      response =
+        conn
+        |> put_req_header("accept", "application/json")
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == "Not found"
+    end
+
+    test "html format. it redirects on actual feed of user", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      user = User.get_cached_by_ap_id(note_activity.data["actor"])
+
+      response =
+        conn
+        |> get("/users/#{user.nickname}")
+        |> response(200)
+
+      assert response ==
+               Fallback.RedirectController.redirector_with_meta(
+                 conn,
+                 %{user: user}
+               ).resp_body
+    end
+
+    test "html format. it returns error when user not found", %{conn: conn} do
+      response =
+        conn
+        |> get("/users/jimm")
+        |> json_response(404)
+
+      assert response == %{"error" => "Not found"}
+    end
   end
 
-  test "404s a private notice", %{conn: conn} do
-    note_activity = insert(:direct_note_activity)
-    url = "/notice/#{note_activity.id}"
+  describe "GET /notice/:id/embed_player" do
+    test "render embed player", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)
 
-    conn =
-      conn
-      |> get(url)
+      object_data =
+        Map.put(object.data, "attachment", [
+          %{
+            "url" => [
+              %{
+                "href" =>
+                  "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
+                "mediaType" => "video/mp4",
+                "type" => "Link"
+              }
+            ]
+          }
+        ])
 
-    assert response(conn, 404)
-  end
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()
 
-  test "404s a nonexisting notice", %{conn: conn} do
-    url = "/notice/123"
+      conn =
+        conn
+        |> get("/notice/#{note_activity.id}/embed_player")
 
-    conn =
-      conn
-      |> get(url)
+      assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
 
-    assert response(conn, 404)
+      assert Plug.Conn.get_resp_header(
+               conn,
+               "content-security-policy"
+             ) == [
+               "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
+             ]
+
+      assert response(conn, 200) =~
+               "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
+    end
+
+    test "404s when activity isn't create", %{conn: conn} do
+      note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when activity is direct message", %{conn: conn} do
+      note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when attachment is empty", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)
+      object_data = Map.put(object.data, "attachment", [])
+
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
+
+    test "404s when attachment isn't audio or video", %{conn: conn} do
+      note_activity = insert(:note_activity)
+      object = Pleroma.Object.normalize(note_activity)
+
+      object_data =
+        Map.put(object.data, "attachment", [
+          %{
+            "url" => [
+              %{
+                "href" => "https://peertube.moe/static/webseed/480.jpg",
+                "mediaType" => "image/jpg",
+                "type" => "Link"
+              }
+            ]
+          }
+        ])
+
+      object
+      |> Ecto.Changeset.change(data: object_data)
+      |> Pleroma.Repo.update()
+
+      assert conn
+             |> get("/notice/#{note_activity.id}/embed_player")
+             |> response(404)
+    end
   end
 end

test/web/push/impl_test.exs

@@ -124,8 +124,7 @@ defmodule Pleroma.Web.Push.ImplTest do
     {:ok, _, _, activity} = CommonAPI.follow(user, other_user)
     object = Object.normalize(activity)
 
-    assert Impl.format_body(%{activity: activity}, user, object) ==
-             "@Bob has followed you"
+    assert Impl.format_body(%{activity: activity}, user, object) == "@Bob has followed you"
   end
 
   test "renders body for announce activity" do
@@ -156,7 +155,6 @@ defmodule Pleroma.Web.Push.ImplTest do
     {:ok, activity, _} = CommonAPI.favorite(activity.id, user)
     object = Object.normalize(activity)
 
-    assert Impl.format_body(%{activity: activity}, user, object) ==
-             "@Bob has favorited your post"
+    assert Impl.format_body(%{activity: activity}, user, object) == "@Bob has favorited your post"
   end
 end