2018-12-23 13:11:29 -07:00
# Pleroma: A lightweight social networking server
2020-03-03 15:44:49 -07:00
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
2018-12-23 13:11:29 -07:00
# SPDX-License-Identifier: AGPL-3.0-only
2017-04-18 10:41:51 -06:00
defmodule Pleroma.Web.OStatus.OStatusControllerTest do
use Pleroma.Web.ConnCase
2019-07-20 07:07:51 -06:00
2017-04-18 10:41:51 -06:00
import Pleroma.Factory
2019-07-20 07:07:51 -06:00
2019-02-10 14:57:38 -07:00
alias Pleroma.Object
2019-03-04 19:52:23 -07:00
alias Pleroma.User
2020-05-22 08:47:22 -06:00
alias Pleroma.Web.ActivityPub.ActivityPub
2018-11-17 15:10:15 -07:00
alias Pleroma.Web.CommonAPI
2020-05-22 08:47:22 -06:00
alias Pleroma.Web.Endpoint
require Pleroma.Constants
2018-12-03 11:37:55 -07:00
2018-12-04 04:01:39 -07:00
setup_all do
Tesla.Mock . mock_global ( fn env -> apply ( HttpRequestMock , :request , [ env ] ) end )
2018-12-03 11:37:55 -07:00
:ok
end
2017-04-18 10:41:51 -06:00
2020-10-02 13:18:02 -06:00
setup do : clear_config ( [ :static_fe , :enabled ] , false )
2019-08-19 09:34:29 -06:00
2020-05-22 08:47:22 -06:00
describe " Mastodon compatibility routes " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
{ :ok , object } =
%{
" type " = > " Note " ,
" content " = > " hey " ,
" id " = > Endpoint . url ( ) <> " /users/raymoo/statuses/999999999 " ,
" actor " = > Endpoint . url ( ) <> " /users/raymoo " ,
" to " = > [ Pleroma.Constants . as_public ( ) ]
}
|> Object . create ( )
{ :ok , activity , _ } =
%{
2020-05-22 09:06:12 -06:00
" id " = > object . data [ " id " ] <> " /activity " ,
2020-05-22 08:47:22 -06:00
" type " = > " Create " ,
" object " = > object . data [ " id " ] ,
" actor " = > object . data [ " actor " ] ,
" to " = > object . data [ " to " ]
}
|> ActivityPub . persist ( local : true )
2020-05-22 09:11:59 -06:00
%{ conn : conn , activity : activity }
end
test " redirects to /notice/:id for html format " , %{ conn : conn , activity : activity } do
2020-05-22 08:47:22 -06:00
conn = get ( conn , " /users/raymoo/statuses/999999999 " )
assert redirected_to ( conn ) == " /notice/ #{ activity . id } "
end
2020-05-22 09:11:59 -06:00
test " redirects to /notice/:id for html format for activity " , %{
conn : conn ,
activity : activity
} do
conn = get ( conn , " /users/raymoo/statuses/999999999/activity " )
assert redirected_to ( conn ) == " /notice/ #{ activity . id } "
end
2020-05-22 08:47:22 -06:00
end
2020-03-09 11:51:44 -06:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /objects/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-28 23:02:20 -06:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
url = " /objects/ #{ uuid } "
2020-03-09 11:51:44 -06:00
conn = get ( conn , url )
2019-07-28 23:02:20 -06:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
test " 404s on private objects " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
conn
|> get ( " /objects/ #{ uuid } " )
|> response ( 404 )
end
2020-03-09 11:51:44 -06:00
test " 404s on non-existing objects " , %{ conn : conn } do
2019-07-28 23:02:20 -06:00
conn
|> get ( " /objects/123 " )
|> response ( 404 )
end
end
2020-03-09 11:51:44 -06:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /activities/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-28 23:02:20 -06:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2017-05-19 07:53:02 -06:00
2020-03-09 11:51:44 -06:00
conn = get ( conn , " /activities/ #{ uuid } " )
2019-07-28 23:02:20 -06:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
2018-05-30 12:00:27 -06:00
2019-07-28 23:02:20 -06:00
test " 404s on private activities " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2018-12-25 13:40:57 -07:00
2019-07-28 23:02:20 -06:00
conn
|> get ( " /activities/ #{ uuid } " )
|> response ( 404 )
end
2018-05-30 12:00:27 -06:00
2019-07-28 23:02:20 -06:00
test " 404s on nonexistent activities " , %{ conn : conn } do
conn
|> get ( " /activities/123 " )
|> response ( 404 )
end
2017-11-27 09:24:52 -07:00
end
2018-05-30 12:00:27 -06:00
2019-07-28 23:02:20 -06:00
describe " GET notice/2 " do
2019-11-25 07:55:17 -07:00
test " redirects to a proper object URL when json requested and the object is local " , %{
conn : conn
} do
2019-07-28 23:02:20 -06:00
note_activity = insert ( :note_activity )
2019-11-25 07:55:17 -07:00
expected_redirect_url = Object . normalize ( note_activity ) . data [ " id " ]
2018-07-12 14:32:05 -06:00
2019-11-25 07:55:17 -07:00
redirect_url =
conn
|> put_req_header ( " accept " , " application/activity+json " )
|> get ( " /notice/ #{ note_activity . id } " )
|> redirected_to ( )
assert redirect_url == expected_redirect_url
2019-07-28 23:02:20 -06:00
end
2018-07-12 14:32:05 -06:00
2019-11-25 07:55:17 -07:00
test " returns a 404 on remote notice when json requested " , %{ conn : conn } do
note_activity = insert ( :note_activity , local : false )
2018-11-17 15:10:15 -07:00
conn
|> put_req_header ( " accept " , " application/activity+json " )
2019-07-28 23:02:20 -06:00
|> get ( " /notice/ #{ note_activity . id } " )
2019-11-25 07:55:17 -07:00
|> response ( 404 )
2019-07-28 23:02:20 -06:00
end
2018-11-17 15:10:15 -07:00
2019-07-28 23:02:20 -06:00
test " 500s when actor not found " , %{ conn : conn } do
note_activity = insert ( :note_activity )
user = User . get_cached_by_ap_id ( note_activity . data [ " actor " ] )
User . invalidate_cache ( user )
Pleroma.Repo . delete ( user )
2018-11-17 15:10:15 -07:00
2019-07-28 23:02:20 -06:00
conn =
conn
|> get ( " /notice/ #{ note_activity . id } " )
2018-11-17 15:10:15 -07:00
2019-07-28 23:02:20 -06:00
assert response ( conn , 500 ) == ~S( {"error":"Something went wrong"} )
end
2018-11-17 15:10:15 -07:00
2019-07-28 23:02:20 -06:00
test " render html for redirect for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } " )
|> response ( 200 )
assert resp =~
" <meta content= \" #{ Pleroma.Web . base_url ( ) } /notice/ #{ note_activity . id } \" property= \" og:url \" > "
user = insert ( :user )
2019-10-16 08:16:39 -06:00
{ :ok , like_activity } = CommonAPI . favorite ( user , note_activity . id )
2019-07-28 23:02:20 -06:00
assert like_activity . data [ " type " ] == " Like "
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ like_activity . id } " )
|> response ( 200 )
assert resp =~ " <!--server-generated-meta--> "
end
test " 404s a private notice " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
url = " /notice/ #{ note_activity . id } "
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 11:51:44 -06:00
test " 404s a non-existing notice " , %{ conn : conn } do
2019-07-28 23:02:20 -06:00
url = " /notice/123 "
2018-07-12 14:32:05 -06:00
2019-07-28 23:02:20 -06:00
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 11:51:44 -06:00
2020-10-02 13:18:02 -06:00
test " does not require authentication on non-federating instances " , %{
2020-03-09 11:51:44 -06:00
conn : conn
} do
2020-10-02 13:18:02 -06:00
clear_config ( [ :instance , :federating ] , false )
2020-03-09 11:51:44 -06:00
note_activity = insert ( :note_activity )
2020-10-02 13:18:02 -06:00
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } " )
|> response ( 200 )
2020-03-09 11:51:44 -06:00
end
2018-07-12 14:32:05 -06:00
end
2019-07-28 23:02:20 -06:00
describe " GET /notice/:id/embed_player " do
2020-03-09 11:51:44 -06:00
setup do
2019-07-28 23:02:20 -06:00
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = >
" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 " ,
" mediaType " = > " video/mp4 " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 11:51:44 -06:00
%{ note_activity : note_activity }
end
test " renders embed player " , %{ conn : conn , note_activity : note_activity } do
conn = get ( conn , " /notice/ #{ note_activity . id } /embed_player " )
2019-07-28 23:02:20 -06:00
assert Plug.Conn . get_resp_header ( conn , " x-frame-options " ) == [ " ALLOW " ]
assert Plug.Conn . get_resp_header (
conn ,
" content-security-policy "
) == [
" default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:; "
]
assert response ( conn , 200 ) =~
" <video controls loop><source src= \" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 \" type= \" video/mp4 \" >Your browser does not support video/mp4 playback.</video> "
end
2018-06-03 13:04:44 -06:00
2019-07-28 23:02:20 -06:00
test " 404s when activity isn't create " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " type " = > " Like " } )
2018-06-03 13:04:44 -06:00
2019-07-28 23:02:20 -06:00
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when activity is direct message " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " directMessage " = > true } )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment is empty " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data = Map . put ( object . data , " attachment " , [ ] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment isn't audio or video " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = > " https://peertube.moe/static/webseed/480.jpg " ,
" mediaType " = > " image/jpg " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 11:51:44 -06:00
conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
2020-03-02 12:02:21 -07:00
end
2020-10-02 13:18:02 -06:00
test " does not require authentication on non-federating instances " , %{
2020-03-09 11:51:44 -06:00
conn : conn ,
note_activity : note_activity
} do
2020-10-02 13:18:02 -06:00
clear_config ( [ :instance , :federating ] , false )
2020-03-02 12:02:21 -07:00
2020-10-02 13:18:02 -06:00
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 200 )
2020-03-02 12:02:21 -07:00
end
end
2017-04-18 10:41:51 -06:00
end