logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma

util_controller_test.exs (12544B)

    

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do

  6.   use Pleroma.Web.ConnCase

  7.   use Oban.Testing, repo: Pleroma.Repo

  8. 

  9.   alias Pleroma.Config

  10.   alias Pleroma.Tests.ObanHelpers

  11.   alias Pleroma.User

  12. 

  13.   import Pleroma.Factory

  14.   import Mock

  15. 

  16.   setup do

  17.     Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)

  18.     :ok

  19.   end

  20. 

  21.   setup do: clear_config([:instance])

  22.   setup do: clear_config([:frontend_configurations, :pleroma_fe])

  23. 

  24.   describe "PUT /api/pleroma/notification_settings" do

  25.     setup do: oauth_access(["write:accounts"])

  26. 

  27.     test "it updates notification settings", %{user: user, conn: conn} do

  28.       conn

  29.       |> put("/api/pleroma/notification_settings", %{

  30.         "block_from_strangers" => true,

  31.         "bar" => 1

  32.       })

  33.       |> json_response(:ok)

  34. 

  35.       user = refresh_record(user)

  36. 

  37.       assert %Pleroma.User.NotificationSetting{

  38.                block_from_strangers: true,

  39.                hide_notification_contents: false

  40.              } == user.notification_settings

  41.     end

  42. 

  43.     test "it updates notification settings to enable hiding contents", %{user: user, conn: conn} do

  44.       conn

  45.       |> put("/api/pleroma/notification_settings", %{"hide_notification_contents" => "1"})

  46.       |> json_response(:ok)

  47. 

  48.       user = refresh_record(user)

  49. 

  50.       assert %Pleroma.User.NotificationSetting{

  51.                block_from_strangers: false,

  52.                hide_notification_contents: true

  53.              } == user.notification_settings

  54.     end

  55.   end

  56. 

  57.   describe "GET /api/pleroma/frontend_configurations" do

  58.     test "returns everything in :pleroma, :frontend_configurations", %{conn: conn} do

  59.       config = [

  60.         frontend_a: %{

  61.           x: 1,

  62.           y: 2

  63.         },

  64.         frontend_b: %{

  65.           z: 3

  66.         }

  67.       ]

  68. 

  69.       Config.put(:frontend_configurations, config)

  70. 

  71.       response =

  72.         conn

  73.         |> get("/api/pleroma/frontend_configurations")

  74.         |> json_response(:ok)

  75. 

  76.       assert response == Jason.encode!(config |> Enum.into(%{})) |> Jason.decode!()

  77.     end

  78.   end

  79. 

  80.   describe "/api/pleroma/emoji" do

  81.     test "returns json with custom emoji with tags", %{conn: conn} do

  82.       emoji =

  83.         conn

  84.         |> get("/api/pleroma/emoji")

  85.         |> json_response(200)

  86. 

  87.       assert Enum.all?(emoji, fn

  88.                {_key,

  89.                 %{

  90.                   "image_url" => url,

  91.                   "tags" => tags

  92.                 }} ->

  93.                  is_binary(url) and is_list(tags)

  94.              end)

  95.     end

  96.   end

  97. 

  98.   describe "GET /api/pleroma/healthcheck" do

  99.     setup do: clear_config([:instance, :healthcheck])

  100. 

  101.     test "returns 503 when healthcheck disabled", %{conn: conn} do

  102.       Config.put([:instance, :healthcheck], false)

  103. 

  104.       response =

  105.         conn

  106.         |> get("/api/pleroma/healthcheck")

  107.         |> json_response(503)

  108. 

  109.       assert response == %{}

  110.     end

  111. 

  112.     test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do

  113.       Config.put([:instance, :healthcheck], true)

  114. 

  115.       with_mock Pleroma.Healthcheck,

  116.         system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do

  117.         response =

  118.           conn

  119.           |> get("/api/pleroma/healthcheck")

  120.           |> json_response(200)

  121. 

  122.         assert %{

  123.                  "active" => _,

  124.                  "healthy" => true,

  125.                  "idle" => _,

  126.                  "memory_used" => _,

  127.                  "pool_size" => _

  128.                } = response

  129.       end

  130.     end

  131. 

  132.     test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do

  133.       Config.put([:instance, :healthcheck], true)

  134. 

  135.       with_mock Pleroma.Healthcheck,

  136.         system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do

  137.         response =

  138.           conn

  139.           |> get("/api/pleroma/healthcheck")

  140.           |> json_response(503)

  141. 

  142.         assert %{

  143.                  "active" => _,

  144.                  "healthy" => false,

  145.                  "idle" => _,

  146.                  "memory_used" => _,

  147.                  "pool_size" => _

  148.                } = response

  149.       end

  150.     end

  151.   end

  152. 

  153.   describe "POST /api/pleroma/disable_account" do

  154.     setup do: oauth_access(["write:accounts"])

  155. 

  156.     test "with valid permissions and password, it disables the account", %{conn: conn, user: user} do

  157.       response =

  158.         conn

  159.         |> post("/api/pleroma/disable_account", %{"password" => "test"})

  160.         |> json_response(:ok)

  161. 

  162.       assert response == %{"status" => "success"}

  163.       ObanHelpers.perform_all()

  164. 

  165.       user = User.get_cached_by_id(user.id)

  166. 

  167.       assert user.deactivated == true

  168.     end

  169. 

  170.     test "with valid permissions and invalid password, it returns an error", %{conn: conn} do

  171.       user = insert(:user)

  172. 

  173.       response =

  174.         conn

  175.         |> post("/api/pleroma/disable_account", %{"password" => "test1"})

  176.         |> json_response(:ok)

  177. 

  178.       assert response == %{"error" => "Invalid password."}

  179.       user = User.get_cached_by_id(user.id)

  180. 

  181.       refute user.deactivated

  182.     end

  183.   end

  184. 

  185.   describe "POST /main/ostatus - remote_subscribe/2" do

  186.     setup do: clear_config([:instance, :federating], true)

  187. 

  188.     test "renders subscribe form", %{conn: conn} do

  189.       user = insert(:user)

  190. 

  191.       response =

  192.         conn

  193.         |> post("/main/ostatus", %{"nickname" => user.nickname, "profile" => ""})

  194.         |> response(:ok)

  195. 

  196.       refute response =~ "Could not find user"

  197.       assert response =~ "Remotely follow #{user.nickname}"

  198.     end

  199. 

  200.     test "renders subscribe form with error when user not found", %{conn: conn} do

  201.       response =

  202.         conn

  203.         |> post("/main/ostatus", %{"nickname" => "nickname", "profile" => ""})

  204.         |> response(:ok)

  205. 

  206.       assert response =~ "Could not find user"

  207.       refute response =~ "Remotely follow"

  208.     end

  209. 

  210.     test "it redirect to webfinger url", %{conn: conn} do

  211.       user = insert(:user)

  212.       user2 = insert(:user, ap_id: "shp@social.heldscal.la")

  213. 

  214.       conn =

  215.         conn

  216.         |> post("/main/ostatus", %{

  217.           "user" => %{"nickname" => user.nickname, "profile" => user2.ap_id}

  218.         })

  219. 

  220.       assert redirected_to(conn) ==

  221.                "https://social.heldscal.la/main/ostatussub?profile=#{user.ap_id}"

  222.     end

  223. 

  224.     test "it renders form with error when user not found", %{conn: conn} do

  225.       user2 = insert(:user, ap_id: "shp@social.heldscal.la")

  226. 

  227.       response =

  228.         conn

  229.         |> post("/main/ostatus", %{"user" => %{"nickname" => "jimm", "profile" => user2.ap_id}})

  230.         |> response(:ok)

  231. 

  232.       assert response =~ "Something went wrong."

  233.     end

  234.   end

  235. 

  236.   test "it returns new captcha", %{conn: conn} do

  237.     with_mock Pleroma.Captcha,

  238.       new: fn -> "test_captcha" end do

  239.       resp =

  240.         conn

  241.         |> get("/api/pleroma/captcha")

  242.         |> response(200)

  243. 

  244.       assert resp == "\"test_captcha\""

  245.       assert called(Pleroma.Captcha.new())

  246.     end

  247.   end

  248. 

  249.   describe "POST /api/pleroma/change_email" do

  250.     setup do: oauth_access(["write:accounts"])

  251. 

  252.     test "without permissions", %{conn: conn} do

  253.       conn =

  254.         conn

  255.         |> assign(:token, nil)

  256.         |> post("/api/pleroma/change_email")

  257. 

  258.       assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}

  259.     end

  260. 

  261.     test "with proper permissions and invalid password", %{conn: conn} do

  262.       conn =

  263.         post(conn, "/api/pleroma/change_email", %{

  264.           "password" => "hi",

  265.           "email" => "test@test.com"

  266.         })

  267. 

  268.       assert json_response(conn, 200) == %{"error" => "Invalid password."}

  269.     end

  270. 

  271.     test "with proper permissions, valid password and invalid email", %{

  272.       conn: conn

  273.     } do

  274.       conn =

  275.         post(conn, "/api/pleroma/change_email", %{

  276.           "password" => "test",

  277.           "email" => "foobar"

  278.         })

  279. 

  280.       assert json_response(conn, 200) == %{"error" => "Email has invalid format."}

  281.     end

  282. 

  283.     test "with proper permissions, valid password and no email", %{

  284.       conn: conn

  285.     } do

  286.       conn =

  287.         post(conn, "/api/pleroma/change_email", %{

  288.           "password" => "test"

  289.         })

  290. 

  291.       assert json_response(conn, 200) == %{"error" => "Email can't be blank."}

  292.     end

  293. 

  294.     test "with proper permissions, valid password and blank email", %{

  295.       conn: conn

  296.     } do

  297.       conn =

  298.         post(conn, "/api/pleroma/change_email", %{

  299.           "password" => "test",

  300.           "email" => ""

  301.         })

  302. 

  303.       assert json_response(conn, 200) == %{"error" => "Email can't be blank."}

  304.     end

  305. 

  306.     test "with proper permissions, valid password and non unique email", %{

  307.       conn: conn

  308.     } do

  309.       user = insert(:user)

  310. 

  311.       conn =

  312.         post(conn, "/api/pleroma/change_email", %{

  313.           "password" => "test",

  314.           "email" => user.email

  315.         })

  316. 

  317.       assert json_response(conn, 200) == %{"error" => "Email has already been taken."}

  318.     end

  319. 

  320.     test "with proper permissions, valid password and valid email", %{

  321.       conn: conn

  322.     } do

  323.       conn =

  324.         post(conn, "/api/pleroma/change_email", %{

  325.           "password" => "test",

  326.           "email" => "cofe@foobar.com"

  327.         })

  328. 

  329.       assert json_response(conn, 200) == %{"status" => "success"}

  330.     end

  331.   end

  332. 

  333.   describe "POST /api/pleroma/change_password" do

  334.     setup do: oauth_access(["write:accounts"])

  335. 

  336.     test "without permissions", %{conn: conn} do

  337.       conn =

  338.         conn

  339.         |> assign(:token, nil)

  340.         |> post("/api/pleroma/change_password")

  341. 

  342.       assert json_response(conn, 403) == %{"error" => "Insufficient permissions: write:accounts."}

  343.     end

  344. 

  345.     test "with proper permissions and invalid password", %{conn: conn} do

  346.       conn =

  347.         post(conn, "/api/pleroma/change_password", %{

  348.           "password" => "hi",

  349.           "new_password" => "newpass",

  350.           "new_password_confirmation" => "newpass"

  351.         })

  352. 

  353.       assert json_response(conn, 200) == %{"error" => "Invalid password."}

  354.     end

  355. 

  356.     test "with proper permissions, valid password and new password and confirmation not matching",

  357.          %{

  358.            conn: conn

  359.          } do

  360.       conn =

  361.         post(conn, "/api/pleroma/change_password", %{

  362.           "password" => "test",

  363.           "new_password" => "newpass",

  364.           "new_password_confirmation" => "notnewpass"

  365.         })

  366. 

  367.       assert json_response(conn, 200) == %{

  368.                "error" => "New password does not match confirmation."

  369.              }

  370.     end

  371. 

  372.     test "with proper permissions, valid password and invalid new password", %{

  373.       conn: conn

  374.     } do

  375.       conn =

  376.         post(conn, "/api/pleroma/change_password", %{

  377.           "password" => "test",

  378.           "new_password" => "",

  379.           "new_password_confirmation" => ""

  380.         })

  381. 

  382.       assert json_response(conn, 200) == %{

  383.                "error" => "New password can't be blank."

  384.              }

  385.     end

  386. 

  387.     test "with proper permissions, valid password and matching new password and confirmation", %{

  388.       conn: conn,

  389.       user: user

  390.     } do

  391.       conn =

  392.         post(conn, "/api/pleroma/change_password", %{

  393.           "password" => "test",

  394.           "new_password" => "newpass",

  395.           "new_password_confirmation" => "newpass"

  396.         })

  397. 

  398.       assert json_response(conn, 200) == %{"status" => "success"}

  399.       fetched_user = User.get_cached_by_id(user.id)

  400.       assert Pbkdf2.verify_pass("newpass", fetched_user.password_hash) == true

  401.     end

  402.   end

  403. 

  404.   describe "POST /api/pleroma/delete_account" do

  405.     setup do: oauth_access(["write:accounts"])

  406. 

  407.     test "without permissions", %{conn: conn} do

  408.       conn =

  409.         conn

  410.         |> assign(:token, nil)

  411.         |> post("/api/pleroma/delete_account")

  412. 

  413.       assert json_response(conn, 403) ==

  414.                %{"error" => "Insufficient permissions: write:accounts."}

  415.     end

  416. 

  417.     test "with proper permissions and wrong or missing password", %{conn: conn} do

  418.       for params <- [%{"password" => "hi"}, %{}] do

  419.         ret_conn = post(conn, "/api/pleroma/delete_account", params)

  420. 

  421.         assert json_response(ret_conn, 200) == %{"error" => "Invalid password."}

  422.       end

  423.     end

  424. 

  425.     test "with proper permissions and valid password", %{conn: conn, user: user} do

  426.       conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"})

  427.       ObanHelpers.perform_all()

  428.       assert json_response(conn, 200) == %{"status" => "success"}

  429. 

  430.       user = User.get_by_id(user.id)

  431.       assert user.deactivated == true

  432.       assert user.name == nil

  433.       assert user.bio == ""

  434.       assert user.password_hash == nil

  435.     end

  436.   end

  437. end