logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma

account_view_test.exs (19140B)

    

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Web.MastodonAPI.AccountViewTest do

  6.   use Pleroma.DataCase

  7. 

  8.   alias Pleroma.Config

  9.   alias Pleroma.User

  10.   alias Pleroma.UserRelationship

  11.   alias Pleroma.Web.CommonAPI

  12.   alias Pleroma.Web.MastodonAPI.AccountView

  13. 

  14.   import Pleroma.Factory

  15.   import Tesla.Mock

  16. 

  17.   setup do

  18.     mock(fn env -> apply(HttpRequestMock, :request, [env]) end)

  19.     :ok

  20.   end

  21. 

  22.   test "Represent a user account" do

  23.     background_image = %{

  24.       "url" => [%{"href" => "https://example.com/images/asuka_hospital.png"}]

  25.     }

  26. 

  27.     user =

  28.       insert(:user, %{

  29.         follower_count: 3,

  30.         note_count: 5,

  31.         background: background_image,

  32.         nickname: "shp@shitposter.club",

  33.         name: ":karjalanpiirakka: shp",

  34.         bio:

  35.           "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f '&<>\"",

  36.         inserted_at: ~N[2017-08-15 15:47:06.597036],

  37.         emoji: %{"karjalanpiirakka" => "/file.png"},

  38.         raw_bio: "valid html. a\nb\nc\nd\nf '&<>\""

  39.       })

  40. 

  41.     expected = %{

  42.       id: to_string(user.id),

  43.       username: "shp",

  44.       acct: user.nickname,

  45.       display_name: user.name,

  46.       locked: false,

  47.       created_at: "2017-08-15T15:47:06.000Z",

  48.       followers_count: 3,

  49.       following_count: 0,

  50.       statuses_count: 5,

  51.       note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f &#39;&amp;&lt;&gt;&quot;",

  52.       url: user.ap_id,

  53.       avatar: "http://localhost:4001/images/avi.png",

  54.       avatar_static: "http://localhost:4001/images/avi.png",

  55.       header: "http://localhost:4001/images/banner.png",

  56.       header_static: "http://localhost:4001/images/banner.png",

  57.       emojis: [

  58.         %{

  59.           static_url: "/file.png",

  60.           url: "/file.png",

  61.           shortcode: "karjalanpiirakka",

  62.           visible_in_picker: false

  63.         }

  64.       ],

  65.       fields: [],

  66.       bot: false,

  67.       source: %{

  68.         note: "valid html. a\nb\nc\nd\nf '&<>\"",

  69.         sensitive: false,

  70.         pleroma: %{

  71.           actor_type: "Person",

  72.           discoverable: true

  73.         },

  74.         fields: []

  75.       },

  76.       pleroma: %{

  77.         ap_id: user.ap_id,

  78.         background_image: "https://example.com/images/asuka_hospital.png",

  79.         favicon: nil,

  80.         confirmation_pending: false,

  81.         tags: [],

  82.         is_admin: false,

  83.         is_moderator: false,

  84.         hide_favorites: true,

  85.         hide_followers: false,

  86.         hide_follows: false,

  87.         hide_followers_count: false,

  88.         hide_follows_count: false,

  89.         relationship: %{},

  90.         skip_thread_containment: false,

  91.         accepts_chat_messages: nil

  92.       }

  93.     }

  94. 

  95.     assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  96.   end

  97. 

  98.   describe "favicon" do

  99.     setup do

  100.       [user: insert(:user)]

  101.     end

  102. 

  103.     test "is parsed when :instance_favicons is enabled", %{user: user} do

  104.       clear_config([:instances_favicons, :enabled], true)

  105. 

  106.       assert %{

  107.                pleroma: %{

  108.                  favicon:

  109.                    "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png"

  110.                }

  111.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  112.     end

  113. 

  114.     test "is nil when :instances_favicons is disabled", %{user: user} do

  115.       assert %{pleroma: %{favicon: nil}} =

  116.                AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  117.     end

  118.   end

  119. 

  120.   test "Represent the user account for the account owner" do

  121.     user = insert(:user)

  122. 

  123.     notification_settings = %{

  124.       block_from_strangers: false,

  125.       hide_notification_contents: false

  126.     }

  127. 

  128.     privacy = user.default_scope

  129. 

  130.     assert %{

  131.              pleroma: %{notification_settings: ^notification_settings, allow_following_move: true},

  132.              source: %{privacy: ^privacy}

  133.            } = AccountView.render("show.json", %{user: user, for: user})

  134.   end

  135. 

  136.   test "Represent a Service(bot) account" do

  137.     user =

  138.       insert(:user, %{

  139.         follower_count: 3,

  140.         note_count: 5,

  141.         actor_type: "Service",

  142.         nickname: "shp@shitposter.club",

  143.         inserted_at: ~N[2017-08-15 15:47:06.597036]

  144.       })

  145. 

  146.     expected = %{

  147.       id: to_string(user.id),

  148.       username: "shp",

  149.       acct: user.nickname,

  150.       display_name: user.name,

  151.       locked: false,

  152.       created_at: "2017-08-15T15:47:06.000Z",

  153.       followers_count: 3,

  154.       following_count: 0,

  155.       statuses_count: 5,

  156.       note: user.bio,

  157.       url: user.ap_id,

  158.       avatar: "http://localhost:4001/images/avi.png",

  159.       avatar_static: "http://localhost:4001/images/avi.png",

  160.       header: "http://localhost:4001/images/banner.png",

  161.       header_static: "http://localhost:4001/images/banner.png",

  162.       emojis: [],

  163.       fields: [],

  164.       bot: true,

  165.       source: %{

  166.         note: user.bio,

  167.         sensitive: false,

  168.         pleroma: %{

  169.           actor_type: "Service",

  170.           discoverable: true

  171.         },

  172.         fields: []

  173.       },

  174.       pleroma: %{

  175.         ap_id: user.ap_id,

  176.         background_image: nil,

  177.         favicon: nil,

  178.         confirmation_pending: false,

  179.         tags: [],

  180.         is_admin: false,

  181.         is_moderator: false,

  182.         hide_favorites: true,

  183.         hide_followers: false,

  184.         hide_follows: false,

  185.         hide_followers_count: false,

  186.         hide_follows_count: false,

  187.         relationship: %{},

  188.         skip_thread_containment: false,

  189.         accepts_chat_messages: nil

  190.       }

  191.     }

  192. 

  193.     assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  194.   end

  195. 

  196.   test "Represent a Funkwhale channel" do

  197.     {:ok, user} =

  198.       User.get_or_fetch_by_ap_id(

  199.         "https://channels.tests.funkwhale.audio/federation/actors/compositions"

  200.       )

  201. 

  202.     assert represented =

  203.              AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  204. 

  205.     assert represented.acct == "compositions@channels.tests.funkwhale.audio"

  206.     assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"

  207.   end

  208. 

  209.   test "Represent a deactivated user for an admin" do

  210.     admin = insert(:user, is_admin: true)

  211.     deactivated_user = insert(:user, deactivated: true)

  212.     represented = AccountView.render("show.json", %{user: deactivated_user, for: admin})

  213.     assert represented[:pleroma][:deactivated] == true

  214.   end

  215. 

  216.   test "Represent a smaller mention" do

  217.     user = insert(:user)

  218. 

  219.     expected = %{

  220.       id: to_string(user.id),

  221.       acct: user.nickname,

  222.       username: user.nickname,

  223.       url: user.ap_id

  224.     }

  225. 

  226.     assert expected == AccountView.render("mention.json", %{user: user})

  227.   end

  228. 

  229.   test "demands :for or :skip_visibility_check option for account rendering" do

  230.     clear_config([:restrict_unauthenticated, :profiles, :local], false)

  231. 

  232.     user = insert(:user)

  233.     user_id = user.id

  234. 

  235.     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil})

  236.     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user})

  237. 

  238.     assert %{id: ^user_id} =

  239.              AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  240. 

  241.     assert_raise RuntimeError, ~r/:skip_visibility_check or :for option is required/, fn ->

  242.       AccountView.render("show.json", %{user: user})

  243.     end

  244.   end

  245. 

  246.   describe "relationship" do

  247.     defp test_relationship_rendering(user, other_user, expected_result) do

  248.       opts = %{user: user, target: other_user, relationships: nil}

  249.       assert expected_result == AccountView.render("relationship.json", opts)

  250. 

  251.       relationships_opt = UserRelationship.view_relationships_option(user, [other_user])

  252.       opts = Map.put(opts, :relationships, relationships_opt)

  253.       assert expected_result == AccountView.render("relationship.json", opts)

  254. 

  255.       assert [expected_result] ==

  256.                AccountView.render("relationships.json", %{user: user, targets: [other_user]})

  257.     end

  258. 

  259.     @blank_response %{

  260.       following: false,

  261.       followed_by: false,

  262.       blocking: false,

  263.       blocked_by: false,

  264.       muting: false,

  265.       muting_notifications: false,

  266.       subscribing: false,

  267.       requested: false,

  268.       domain_blocking: false,

  269.       showing_reblogs: true,

  270.       endorsed: false

  271.     }

  272. 

  273.     test "represent a relationship for the following and followed user" do

  274.       user = insert(:user)

  275.       other_user = insert(:user)

  276. 

  277.       {:ok, user} = User.follow(user, other_user)

  278.       {:ok, other_user} = User.follow(other_user, user)

  279.       {:ok, _subscription} = User.subscribe(user, other_user)

  280.       {:ok, _user_relationships} = User.mute(user, other_user, true)

  281.       {:ok, _reblog_mute} = CommonAPI.hide_reblogs(user, other_user)

  282. 

  283.       expected =

  284.         Map.merge(

  285.           @blank_response,

  286.           %{

  287.             following: true,

  288.             followed_by: true,

  289.             muting: true,

  290.             muting_notifications: true,

  291.             subscribing: true,

  292.             showing_reblogs: false,

  293.             id: to_string(other_user.id)

  294.           }

  295.         )

  296. 

  297.       test_relationship_rendering(user, other_user, expected)

  298.     end

  299. 

  300.     test "represent a relationship for the blocking and blocked user" do

  301.       user = insert(:user)

  302.       other_user = insert(:user)

  303. 

  304.       {:ok, user} = User.follow(user, other_user)

  305.       {:ok, _subscription} = User.subscribe(user, other_user)

  306.       {:ok, _user_relationship} = User.block(user, other_user)

  307.       {:ok, _user_relationship} = User.block(other_user, user)

  308. 

  309.       expected =

  310.         Map.merge(

  311.           @blank_response,

  312.           %{following: false, blocking: true, blocked_by: true, id: to_string(other_user.id)}

  313.         )

  314. 

  315.       test_relationship_rendering(user, other_user, expected)

  316.     end

  317. 

  318.     test "represent a relationship for the user blocking a domain" do

  319.       user = insert(:user)

  320.       other_user = insert(:user, ap_id: "https://bad.site/users/other_user")

  321. 

  322.       {:ok, user} = User.block_domain(user, "bad.site")

  323. 

  324.       expected =

  325.         Map.merge(

  326.           @blank_response,

  327.           %{domain_blocking: true, blocking: false, id: to_string(other_user.id)}

  328.         )

  329. 

  330.       test_relationship_rendering(user, other_user, expected)

  331.     end

  332. 

  333.     test "represent a relationship for the user with a pending follow request" do

  334.       user = insert(:user)

  335.       other_user = insert(:user, locked: true)

  336. 

  337.       {:ok, user, other_user, _} = CommonAPI.follow(user, other_user)

  338.       user = User.get_cached_by_id(user.id)

  339.       other_user = User.get_cached_by_id(other_user.id)

  340. 

  341.       expected =

  342.         Map.merge(

  343.           @blank_response,

  344.           %{requested: true, following: false, id: to_string(other_user.id)}

  345.         )

  346. 

  347.       test_relationship_rendering(user, other_user, expected)

  348.     end

  349.   end

  350. 

  351.   test "returns the settings store if the requesting user is the represented user and it's requested specifically" do

  352.     user = insert(:user, pleroma_settings_store: %{fe: "test"})

  353. 

  354.     result =

  355.       AccountView.render("show.json", %{user: user, for: user, with_pleroma_settings: true})

  356. 

  357.     assert result.pleroma.settings_store == %{:fe => "test"}

  358. 

  359.     result = AccountView.render("show.json", %{user: user, for: nil, with_pleroma_settings: true})

  360.     assert result.pleroma[:settings_store] == nil

  361. 

  362.     result = AccountView.render("show.json", %{user: user, for: user})

  363.     assert result.pleroma[:settings_store] == nil

  364.   end

  365. 

  366.   test "doesn't sanitize display names" do

  367.     user = insert(:user, name: "<marquee> username </marquee>")

  368.     result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  369.     assert result.display_name == "<marquee> username </marquee>"

  370.   end

  371. 

  372.   test "never display nil user follow counts" do

  373.     user = insert(:user, following_count: 0, follower_count: 0)

  374.     result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  375. 

  376.     assert result.following_count == 0

  377.     assert result.followers_count == 0

  378.   end

  379. 

  380.   describe "hiding follows/following" do

  381.     test "shows when follows/followers stats are hidden and sets follow/follower count to 0" do

  382.       user =

  383.         insert(:user, %{

  384.           hide_followers: true,

  385.           hide_followers_count: true,

  386.           hide_follows: true,

  387.           hide_follows_count: true

  388.         })

  389. 

  390.       other_user = insert(:user)

  391.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  392.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  393. 

  394.       assert %{

  395.                followers_count: 0,

  396.                following_count: 0,

  397.                pleroma: %{hide_follows_count: true, hide_followers_count: true}

  398.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  399.     end

  400. 

  401.     test "shows when follows/followers are hidden" do

  402.       user = insert(:user, hide_followers: true, hide_follows: true)

  403.       other_user = insert(:user)

  404.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  405.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  406. 

  407.       assert %{

  408.                followers_count: 1,

  409.                following_count: 1,

  410.                pleroma: %{hide_follows: true, hide_followers: true}

  411.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  412.     end

  413. 

  414.     test "shows actual follower/following count to the account owner" do

  415.       user = insert(:user, hide_followers: true, hide_follows: true)

  416.       other_user = insert(:user)

  417.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  418. 

  419.       assert User.following?(user, other_user)

  420.       assert Pleroma.FollowingRelationship.follower_count(other_user) == 1

  421.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  422. 

  423.       assert %{

  424.                followers_count: 1,

  425.                following_count: 1

  426.              } = AccountView.render("show.json", %{user: user, for: user})

  427.     end

  428. 

  429.     test "shows unread_conversation_count only to the account owner" do

  430.       user = insert(:user)

  431.       other_user = insert(:user)

  432. 

  433.       {:ok, _activity} =

  434.         CommonAPI.post(other_user, %{

  435.           status: "Hey @#{user.nickname}.",

  436.           visibility: "direct"

  437.         })

  438. 

  439.       user = User.get_cached_by_ap_id(user.ap_id)

  440. 

  441.       assert AccountView.render("show.json", %{user: user, for: other_user})[:pleroma][

  442.                :unread_conversation_count

  443.              ] == nil

  444. 

  445.       assert AccountView.render("show.json", %{user: user, for: user})[:pleroma][

  446.                :unread_conversation_count

  447.              ] == 1

  448.     end

  449. 

  450.     test "shows unread_count only to the account owner" do

  451.       user = insert(:user)

  452.       insert_list(7, :notification, user: user, activity: insert(:note_activity))

  453.       other_user = insert(:user)

  454. 

  455.       user = User.get_cached_by_ap_id(user.ap_id)

  456. 

  457.       assert AccountView.render(

  458.                "show.json",

  459.                %{user: user, for: other_user}

  460.              )[:pleroma][:unread_notifications_count] == nil

  461. 

  462.       assert AccountView.render(

  463.                "show.json",

  464.                %{user: user, for: user}

  465.              )[:pleroma][:unread_notifications_count] == 7

  466.     end

  467.   end

  468. 

  469.   describe "follow requests counter" do

  470.     test "shows zero when no follow requests are pending" do

  471.       user = insert(:user)

  472. 

  473.       assert %{follow_requests_count: 0} =

  474.                AccountView.render("show.json", %{user: user, for: user})

  475. 

  476.       other_user = insert(:user)

  477.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  478. 

  479.       assert %{follow_requests_count: 0} =

  480.                AccountView.render("show.json", %{user: user, for: user})

  481.     end

  482. 

  483.     test "shows non-zero when follow requests are pending" do

  484.       user = insert(:user, locked: true)

  485. 

  486.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  487. 

  488.       other_user = insert(:user)

  489.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  490. 

  491.       assert %{locked: true, follow_requests_count: 1} =

  492.                AccountView.render("show.json", %{user: user, for: user})

  493.     end

  494. 

  495.     test "decreases when accepting a follow request" do

  496.       user = insert(:user, locked: true)

  497. 

  498.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  499. 

  500.       other_user = insert(:user)

  501.       {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)

  502. 

  503.       assert %{locked: true, follow_requests_count: 1} =

  504.                AccountView.render("show.json", %{user: user, for: user})

  505. 

  506.       {:ok, _other_user} = CommonAPI.accept_follow_request(other_user, user)

  507. 

  508.       assert %{locked: true, follow_requests_count: 0} =

  509.                AccountView.render("show.json", %{user: user, for: user})

  510.     end

  511. 

  512.     test "decreases when rejecting a follow request" do

  513.       user = insert(:user, locked: true)

  514. 

  515.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  516. 

  517.       other_user = insert(:user)

  518.       {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)

  519. 

  520.       assert %{locked: true, follow_requests_count: 1} =

  521.                AccountView.render("show.json", %{user: user, for: user})

  522. 

  523.       {:ok, _other_user} = CommonAPI.reject_follow_request(other_user, user)

  524. 

  525.       assert %{locked: true, follow_requests_count: 0} =

  526.                AccountView.render("show.json", %{user: user, for: user})

  527.     end

  528. 

  529.     test "shows non-zero when historical unapproved requests are present" do

  530.       user = insert(:user, locked: true)

  531. 

  532.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  533. 

  534.       other_user = insert(:user)

  535.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  536. 

  537.       {:ok, user} = User.update_and_set_cache(user, %{locked: false})

  538. 

  539.       assert %{locked: false, follow_requests_count: 1} =

  540.                AccountView.render("show.json", %{user: user, for: user})

  541.     end

  542.   end

  543. 

  544.   test "uses mediaproxy urls when it's enabled (regardless of media preview proxy state)" do

  545.     clear_config([:media_proxy, :enabled], true)

  546.     clear_config([:media_preview_proxy, :enabled])

  547. 

  548.     user =

  549.       insert(:user,

  550.         avatar: %{"url" => [%{"href" => "https://evil.website/avatar.png"}]},

  551.         banner: %{"url" => [%{"href" => "https://evil.website/banner.png"}]},

  552.         emoji: %{"joker_smile" => "https://evil.website/society.png"}

  553.       )

  554. 

  555.     with media_preview_enabled <- [false, true] do

  556.       Config.put([:media_preview_proxy, :enabled], media_preview_enabled)

  557. 

  558.       AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  559.       |> Enum.all?(fn

  560.         {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->

  561.           String.starts_with?(url, Pleroma.Web.base_url())

  562. 

  563.         {:emojis, emojis} ->

  564.           Enum.all?(emojis, fn %{url: url, static_url: static_url} ->

  565.             String.starts_with?(url, Pleroma.Web.base_url()) &&

  566.               String.starts_with?(static_url, Pleroma.Web.base_url())

  567.           end)

  568. 

  569.         _ ->

  570.           true

  571.       end)

  572.       |> assert()

  573.     end

  574.   end

  575. end