logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

o_status_controller_test.exs (10265B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Web.OStatus.OStatusControllerTest do
  6.   use Pleroma.Web.ConnCase
  8.   import Pleroma.Factory
  10.   alias Pleroma.Object
  11.   alias Pleroma.User
  12.   alias Pleroma.Web.ActivityPub.ActivityPub
  13.   alias Pleroma.Web.CommonAPI
  14.   alias Pleroma.Web.Endpoint
  16.   require Pleroma.Constants
  18.   setup_all do
  19.     Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
  20.     :ok
  21.   end
  23.   setup do: clear_config([:static_fe, :enabled], false)
  25.   describe "Mastodon compatibility routes" do
  26.     setup %{conn: conn} do
  27.       conn = put_req_header(conn, "accept", "text/html")
  29.       {:ok, object} =
  30.         %{
  31.           "type" => "Note",
  32.           "content" => "hey",
  33.           "id" => Endpoint.url() <> "/users/raymoo/statuses/999999999",
  34.           "actor" => Endpoint.url() <> "/users/raymoo",
  35.           "to" => [Pleroma.Constants.as_public()]
  36.         }
  37.         |> Object.create()
  39.       {:ok, activity, _} =
  40.         %{
  41.           "id" => object.data["id"] <> "/activity",
  42.           "type" => "Create",
  43.           "object" => object.data["id"],
  44.           "actor" => object.data["actor"],
  45.           "to" => object.data["to"]
  46.         }
  47.         |> ActivityPub.persist(local: true)
  49.       %{conn: conn, activity: activity}
  50.     end
  52.     test "redirects to /notice/:id for html format", %{conn: conn, activity: activity} do
  53.       conn = get(conn, "/users/raymoo/statuses/999999999")
  54.       assert redirected_to(conn) == "/notice/#{activity.id}"
  55.     end
  57.     test "redirects to /notice/:id for html format for activity", %{
  58.       conn: conn,
  59.       activity: activity
  60.     } do
  61.       conn = get(conn, "/users/raymoo/statuses/999999999/activity")
  62.       assert redirected_to(conn) == "/notice/#{activity.id}"
  63.     end
  64.   end
  66.   # Note: see ActivityPubControllerTest for JSON format tests
  67.   describe "GET /objects/:uuid (text/html)" do
  68.     setup %{conn: conn} do
  69.       conn = put_req_header(conn, "accept", "text/html")
  70.       %{conn: conn}
  71.     end
  73.     test "redirects to /notice/id for html format", %{conn: conn} do
  74.       note_activity = insert(:note_activity)
  75.       object = Object.normalize(note_activity, fetch: false)
  76.       [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
  77.       url = "/objects/#{uuid}"
  79.       conn = get(conn, url)
  80.       assert redirected_to(conn) == "/notice/#{note_activity.id}"
  81.     end
  83.     test "404s on private objects", %{conn: conn} do
  84.       note_activity = insert(:direct_note_activity)
  85.       object = Object.normalize(note_activity, fetch: false)
  86.       [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
  88.       conn
  89.       |> get("/objects/#{uuid}")
  90.       |> response(404)
  91.     end
  93.     test "404s on non-existing objects", %{conn: conn} do
  94.       conn
  95.       |> get("/objects/123")
  96.       |> response(404)
  97.     end
  98.   end
  100.   # Note: see ActivityPubControllerTest for JSON format tests
  101.   describe "GET /activities/:uuid (text/html)" do
  102.     setup %{conn: conn} do
  103.       conn = put_req_header(conn, "accept", "text/html")
  104.       %{conn: conn}
  105.     end
  107.     test "redirects to /notice/id for html format", %{conn: conn} do
  108.       note_activity = insert(:note_activity)
  109.       [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
  111.       conn = get(conn, "/activities/#{uuid}")
  112.       assert redirected_to(conn) == "/notice/#{note_activity.id}"
  113.     end
  115.     test "404s on private activities", %{conn: conn} do
  116.       note_activity = insert(:direct_note_activity)
  117.       [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))
  119.       conn
  120.       |> get("/activities/#{uuid}")
  121.       |> response(404)
  122.     end
  124.     test "404s on nonexistent activities", %{conn: conn} do
  125.       conn
  126.       |> get("/activities/123")
  127.       |> response(404)
  128.     end
  129.   end
  131.   describe "GET notice/2" do
  132.     test "redirects to a proper object URL when json requested and the object is local", %{
  133.       conn: conn
  134.     } do
  135.       note_activity = insert(:note_activity)
  136.       expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]
  138.       redirect_url =
  139.         conn
  140.         |> put_req_header("accept", "application/activity+json")
  141.         |> get("/notice/#{note_activity.id}")
  142.         |> redirected_to()
  144.       assert redirect_url == expected_redirect_url
  145.     end
  147.     test "redirects to a proper object URL when json requested and the object is remote", %{
  148.       conn: conn
  149.     } do
  150.       note_activity = insert(:note_activity, local: false)
  151.       expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]
  153.       redirect_url =
  154.         conn
  155.         |> put_req_header("accept", "application/activity+json")
  156.         |> get("/notice/#{note_activity.id}")
  157.         |> redirected_to()
  159.       assert redirect_url == expected_redirect_url
  160.     end
  162.     test "500s when actor not found", %{conn: conn} do
  163.       note_activity = insert(:note_activity)
  164.       user = User.get_cached_by_ap_id(note_activity.data["actor"])
  165.       User.invalidate_cache(user)
  166.       Pleroma.Repo.delete(user)
  168.       conn =
  169.         conn
  170.         |> get("/notice/#{note_activity.id}")
  172.       assert response(conn, 500) == ~S({"error":"Something went wrong"})
  173.     end
  175.     test "render html for redirect for html format", %{conn: conn} do
  176.       note_activity = insert(:note_activity)
  178.       resp =
  179.         conn
  180.         |> put_req_header("accept", "text/html")
  181.         |> get("/notice/#{note_activity.id}")
  182.         |> response(200)
  184.       assert resp =~
  185.                "<meta content=\"#{Pleroma.Web.Endpoint.url()}/notice/#{note_activity.id}\" property=\"og:url\">"
  187.       user = insert(:user)
  189.       {:ok, like_activity} = CommonAPI.favorite(user, note_activity.id)
  191.       assert like_activity.data["type"] == "Like"
  193.       resp =
  194.         conn
  195.         |> put_req_header("accept", "text/html")
  196.         |> get("/notice/#{like_activity.id}")
  197.         |> response(200)
  199.       refute resp =~ ~r(<meta content="[^"]*" property="og:url")
  200.     end
  202.     test "404s a private notice", %{conn: conn} do
  203.       note_activity = insert(:direct_note_activity)
  204.       url = "/notice/#{note_activity.id}"
  206.       conn =
  207.         conn
  208.         |> get(url)
  210.       assert response(conn, 404)
  211.     end
  213.     test "404s a non-existing notice", %{conn: conn} do
  214.       url = "/notice/123"
  216.       conn =
  217.         conn
  218.         |> get(url)
  220.       assert response(conn, 404)
  221.     end
  223.     test "does not require authentication on non-federating instances", %{
  224.       conn: conn
  225.     } do
  226.       clear_config([:instance, :federating], false)
  227.       note_activity = insert(:note_activity)
  229.       conn
  230.       |> put_req_header("accept", "text/html")
  231.       |> get("/notice/#{note_activity.id}")
  232.       |> response(200)
  233.     end
  234.   end
  236.   describe "GET /notice/:id/embed_player" do
  237.     setup do
  238.       note_activity = insert(:note_activity)
  239.       object = Pleroma.Object.normalize(note_activity, fetch: false)
  241.       object_data =
  242.         Map.put(object.data, "attachment", [
  243.           %{
  244.             "url" => [
  245.               %{
  246.                 "href" =>
  247.                   "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
  248.                 "mediaType" => "video/mp4",
  249.                 "type" => "Link"
  250.               }
  251.             ]
  252.           }
  253.         ])
  255.       object
  256.       |> Ecto.Changeset.change(data: object_data)
  257.       |> Pleroma.Repo.update()
  259.       %{note_activity: note_activity}
  260.     end
  262.     test "renders embed player", %{conn: conn, note_activity: note_activity} do
  263.       conn = get(conn, "/notice/#{note_activity.id}/embed_player")
  265.       assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]
  267.       assert Plug.Conn.get_resp_header(
  268.                conn,
  269.                "content-security-policy"
  270.              ) == [
  271.                "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
  272.              ]
  274.       assert response(conn, 200) =~
  275.                "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
  276.     end
  278.     test "404s when activity isn't create", %{conn: conn} do
  279.       note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})
  281.       assert conn
  282.              |> get("/notice/#{note_activity.id}/embed_player")
  283.              |> response(404)
  284.     end
  286.     test "404s when activity is direct message", %{conn: conn} do
  287.       note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})
  289.       assert conn
  290.              |> get("/notice/#{note_activity.id}/embed_player")
  291.              |> response(404)
  292.     end
  294.     test "404s when attachment is empty", %{conn: conn} do
  295.       note_activity = insert(:note_activity)
  296.       object = Pleroma.Object.normalize(note_activity, fetch: false)
  297.       object_data = Map.put(object.data, "attachment", [])
  299.       object
  300.       |> Ecto.Changeset.change(data: object_data)
  301.       |> Pleroma.Repo.update()
  303.       assert conn
  304.              |> get("/notice/#{note_activity.id}/embed_player")
  305.              |> response(404)
  306.     end
  308.     test "404s when attachment isn't audio or video", %{conn: conn} do
  309.       note_activity = insert(:note_activity)
  310.       object = Pleroma.Object.normalize(note_activity, fetch: false)
  312.       object_data =
  313.         Map.put(object.data, "attachment", [
  314.           %{
  315.             "url" => [
  316.               %{
  317.                 "href" => "https://peertube.moe/static/webseed/480.jpg",
  318.                 "mediaType" => "image/jpg",
  319.                 "type" => "Link"
  320.               }
  321.             ]
  322.           }
  323.         ])
  325.       object
  326.       |> Ecto.Changeset.change(data: object_data)
  327.       |> Pleroma.Repo.update()
  329.       conn
  330.       |> get("/notice/#{note_activity.id}/embed_player")
  331.       |> response(404)
  332.     end
  334.     test "does not require authentication on non-federating instances", %{
  335.       conn: conn,
  336.       note_activity: note_activity
  337.     } do
  338.       clear_config([:instance, :federating], false)
  340.       conn
  341.       |> put_req_header("accept", "text/html")
  342.       |> get("/notice/#{note_activity.id}/embed_player")
  343.       |> response(200)
  344.     end
  345.   end
  346. end