update_credentials_test.exs (10905B)
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
6 alias Pleroma.Repo
7 alias Pleroma.User
8
9 use Pleroma.Web.ConnCase
10
11 import Pleroma.Factory
12 clear_config([:instance, :max_account_fields])
13
14 describe "updating credentials" do
15 test "sets user settings in a generic way", %{conn: conn} do
16 user = insert(:user)
17
18 res_conn =
19 conn
20 |> assign(:user, user)
21 |> patch("/api/v1/accounts/update_credentials", %{
22 "pleroma_settings_store" => %{
23 pleroma_fe: %{
24 theme: "bla"
25 }
26 }
27 })
28
29 assert user = json_response(res_conn, 200)
30 assert user["pleroma"]["settings_store"] == %{"pleroma_fe" => %{"theme" => "bla"}}
31
32 user = Repo.get(User, user["id"])
33
34 res_conn =
35 conn
36 |> assign(:user, user)
37 |> patch("/api/v1/accounts/update_credentials", %{
38 "pleroma_settings_store" => %{
39 masto_fe: %{
40 theme: "bla"
41 }
42 }
43 })
44
45 assert user = json_response(res_conn, 200)
46
47 assert user["pleroma"]["settings_store"] ==
48 %{
49 "pleroma_fe" => %{"theme" => "bla"},
50 "masto_fe" => %{"theme" => "bla"}
51 }
52
53 user = Repo.get(User, user["id"])
54
55 res_conn =
56 conn
57 |> assign(:user, user)
58 |> patch("/api/v1/accounts/update_credentials", %{
59 "pleroma_settings_store" => %{
60 masto_fe: %{
61 theme: "blub"
62 }
63 }
64 })
65
66 assert user = json_response(res_conn, 200)
67
68 assert user["pleroma"]["settings_store"] ==
69 %{
70 "pleroma_fe" => %{"theme" => "bla"},
71 "masto_fe" => %{"theme" => "blub"}
72 }
73 end
74
75 test "updates the user's bio", %{conn: conn} do
76 user = insert(:user)
77 user2 = insert(:user)
78
79 conn =
80 conn
81 |> assign(:user, user)
82 |> patch("/api/v1/accounts/update_credentials", %{
83 "note" => "I drink #cofe with @#{user2.nickname}"
84 })
85
86 assert user = json_response(conn, 200)
87
88 assert user["note"] ==
89 ~s(I drink <a class="hashtag" data-tag="cofe" href="http://localhost:4001/tag/cofe" rel="tag">#cofe</a> with <span class="h-card"><a data-user=") <>
90 user2.id <>
91 ~s(" class="u-url mention" href=") <>
92 user2.ap_id <> ~s(">@<span>) <> user2.nickname <> ~s(</span></a></span>)
93 end
94
95 test "updates the user's locking status", %{conn: conn} do
96 user = insert(:user)
97
98 conn =
99 conn
100 |> assign(:user, user)
101 |> patch("/api/v1/accounts/update_credentials", %{locked: "true"})
102
103 assert user = json_response(conn, 200)
104 assert user["locked"] == true
105 end
106
107 test "updates the user's default scope", %{conn: conn} do
108 user = insert(:user)
109
110 conn =
111 conn
112 |> assign(:user, user)
113 |> patch("/api/v1/accounts/update_credentials", %{default_scope: "cofe"})
114
115 assert user = json_response(conn, 200)
116 assert user["source"]["privacy"] == "cofe"
117 end
118
119 test "updates the user's hide_followers status", %{conn: conn} do
120 user = insert(:user)
121
122 conn =
123 conn
124 |> assign(:user, user)
125 |> patch("/api/v1/accounts/update_credentials", %{hide_followers: "true"})
126
127 assert user = json_response(conn, 200)
128 assert user["pleroma"]["hide_followers"] == true
129 end
130
131 test "updates the user's skip_thread_containment option", %{conn: conn} do
132 user = insert(:user)
133
134 response =
135 conn
136 |> assign(:user, user)
137 |> patch("/api/v1/accounts/update_credentials", %{skip_thread_containment: "true"})
138 |> json_response(200)
139
140 assert response["pleroma"]["skip_thread_containment"] == true
141 assert refresh_record(user).info.skip_thread_containment
142 end
143
144 test "updates the user's hide_follows status", %{conn: conn} do
145 user = insert(:user)
146
147 conn =
148 conn
149 |> assign(:user, user)
150 |> patch("/api/v1/accounts/update_credentials", %{hide_follows: "true"})
151
152 assert user = json_response(conn, 200)
153 assert user["pleroma"]["hide_follows"] == true
154 end
155
156 test "updates the user's hide_favorites status", %{conn: conn} do
157 user = insert(:user)
158
159 conn =
160 conn
161 |> assign(:user, user)
162 |> patch("/api/v1/accounts/update_credentials", %{hide_favorites: "true"})
163
164 assert user = json_response(conn, 200)
165 assert user["pleroma"]["hide_favorites"] == true
166 end
167
168 test "updates the user's show_role status", %{conn: conn} do
169 user = insert(:user)
170
171 conn =
172 conn
173 |> assign(:user, user)
174 |> patch("/api/v1/accounts/update_credentials", %{show_role: "false"})
175
176 assert user = json_response(conn, 200)
177 assert user["source"]["pleroma"]["show_role"] == false
178 end
179
180 test "updates the user's no_rich_text status", %{conn: conn} do
181 user = insert(:user)
182
183 conn =
184 conn
185 |> assign(:user, user)
186 |> patch("/api/v1/accounts/update_credentials", %{no_rich_text: "true"})
187
188 assert user = json_response(conn, 200)
189 assert user["source"]["pleroma"]["no_rich_text"] == true
190 end
191
192 test "updates the user's name", %{conn: conn} do
193 user = insert(:user)
194
195 conn =
196 conn
197 |> assign(:user, user)
198 |> patch("/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})
199
200 assert user = json_response(conn, 200)
201 assert user["display_name"] == "markorepairs"
202 end
203
204 test "updates the user's avatar", %{conn: conn} do
205 user = insert(:user)
206
207 new_avatar = %Plug.Upload{
208 content_type: "image/jpg",
209 path: Path.absname("test/fixtures/image.jpg"),
210 filename: "an_image.jpg"
211 }
212
213 conn =
214 conn
215 |> assign(:user, user)
216 |> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})
217
218 assert user_response = json_response(conn, 200)
219 assert user_response["avatar"] != User.avatar_url(user)
220 end
221
222 test "updates the user's banner", %{conn: conn} do
223 user = insert(:user)
224
225 new_header = %Plug.Upload{
226 content_type: "image/jpg",
227 path: Path.absname("test/fixtures/image.jpg"),
228 filename: "an_image.jpg"
229 }
230
231 conn =
232 conn
233 |> assign(:user, user)
234 |> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})
235
236 assert user_response = json_response(conn, 200)
237 assert user_response["header"] != User.banner_url(user)
238 end
239
240 test "updates the user's background", %{conn: conn} do
241 user = insert(:user)
242
243 new_header = %Plug.Upload{
244 content_type: "image/jpg",
245 path: Path.absname("test/fixtures/image.jpg"),
246 filename: "an_image.jpg"
247 }
248
249 conn =
250 conn
251 |> assign(:user, user)
252 |> patch("/api/v1/accounts/update_credentials", %{
253 "pleroma_background_image" => new_header
254 })
255
256 assert user_response = json_response(conn, 200)
257 assert user_response["pleroma"]["background_image"]
258 end
259
260 test "requires 'write' permission", %{conn: conn} do
261 token1 = insert(:oauth_token, scopes: ["read"])
262 token2 = insert(:oauth_token, scopes: ["write", "follow"])
263
264 for token <- [token1, token2] do
265 conn =
266 conn
267 |> put_req_header("authorization", "Bearer #{token.token}")
268 |> patch("/api/v1/accounts/update_credentials", %{})
269
270 if token == token1 do
271 assert %{"error" => "Insufficient permissions: write."} == json_response(conn, 403)
272 else
273 assert json_response(conn, 200)
274 end
275 end
276 end
277
278 test "updates profile emojos", %{conn: conn} do
279 user = insert(:user)
280
281 note = "*sips :blank:*"
282 name = "I am :firefox:"
283
284 conn =
285 conn
286 |> assign(:user, user)
287 |> patch("/api/v1/accounts/update_credentials", %{
288 "note" => note,
289 "display_name" => name
290 })
291
292 assert json_response(conn, 200)
293
294 conn =
295 conn
296 |> get("/api/v1/accounts/#{user.id}")
297
298 assert user = json_response(conn, 200)
299
300 assert user["note"] == note
301 assert user["display_name"] == name
302 assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = user["emojis"]
303 end
304
305 test "update fields", %{conn: conn} do
306 user = insert(:user)
307
308 fields = [
309 %{"name" => "<a href=\"http://google.com\">foo</a>", "value" => "<script>bar</script>"},
310 %{"name" => "link", "value" => "cofe.io"}
311 ]
312
313 account =
314 conn
315 |> assign(:user, user)
316 |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
317 |> json_response(200)
318
319 assert account["fields"] == [
320 %{"name" => "foo", "value" => "bar"},
321 %{"name" => "link", "value" => "<a href=\"http://cofe.io\">cofe.io</a>"}
322 ]
323
324 assert account["source"]["fields"] == [
325 %{
326 "name" => "<a href=\"http://google.com\">foo</a>",
327 "value" => "<script>bar</script>"
328 },
329 %{"name" => "link", "value" => "cofe.io"}
330 ]
331
332 name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
333 value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
334
335 long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
336
337 fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
338
339 assert %{"error" => "Invalid request"} ==
340 conn
341 |> assign(:user, user)
342 |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
343 |> json_response(403)
344
345 long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
346
347 fields = [%{"name" => long_name, "value" => "bar"}]
348
349 assert %{"error" => "Invalid request"} ==
350 conn
351 |> assign(:user, user)
352 |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
353 |> json_response(403)
354
355 Pleroma.Config.put([:instance, :max_account_fields], 1)
356
357 fields = [
358 %{"name" => "<b>foo<b>", "value" => "<i>bar</i>"},
359 %{"name" => "link", "value" => "cofe.io"}
360 ]
361
362 assert %{"error" => "Invalid request"} ==
363 conn
364 |> assign(:user, user)
365 |> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
366 |> json_response(403)
367 end
368 end
369 end