Pleroma/test/pleroma/web/o_status/o_status_controller_test.exs

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.OStatus.OStatusControllerTest do
  use Pleroma.Web.ConnCase

  import Pleroma.Factory

  alias Pleroma.Object
  alias Pleroma.User
  alias Pleroma.Web.ActivityPub.ActivityPub
  alias Pleroma.Web.CommonAPI
  alias Pleroma.Web.Endpoint

  require Pleroma.Constants

  setup_all do
    Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
    :ok
  end

  setup do: clear_config([:static_fe, :enabled], false)

  describe "Mastodon compatibility routes" do
    setup %{conn: conn} do
      conn = put_req_header(conn, "accept", "text/html")

      {:ok, object} =
        %{
          "type" => "Note",
          "content" => "hey",
          "id" => Endpoint.url() <> "/users/raymoo/statuses/999999999",
          "actor" => Endpoint.url() <> "/users/raymoo",
          "to" => [Pleroma.Constants.as_public()]
        }
        |> Object.create()

      {:ok, activity, _} =
        %{
          "id" => object.data["id"] <> "/activity",
          "type" => "Create",
          "object" => object.data["id"],
          "actor" => object.data["actor"],
          "to" => object.data["to"]
        }
        |> ActivityPub.persist(local: true)

      %{conn: conn, activity: activity}
    end

    test "redirects to /notice/:id for html format", %{conn: conn, activity: activity} do
      conn = get(conn, "/users/raymoo/statuses/999999999")
      assert redirected_to(conn) == "/notice/#{activity.id}"
    end

    test "redirects to /notice/:id for html format for activity", %{
      conn: conn,
      activity: activity
    } do
      conn = get(conn, "/users/raymoo/statuses/999999999/activity")
      assert redirected_to(conn) == "/notice/#{activity.id}"
    end
  end

  # Note: see ActivityPubControllerTest for JSON format tests
  describe "GET /objects/:uuid (text/html)" do
    setup %{conn: conn} do
      conn = put_req_header(conn, "accept", "text/html")
      %{conn: conn}
    end

    test "redirects to /notice/id for html format", %{conn: conn} do
      note_activity = insert(:note_activity)
      object = Object.normalize(note_activity, fetch: false)
      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))
      url = "/objects/#{uuid}"

      conn = get(conn, url)
      assert redirected_to(conn) == "/notice/#{note_activity.id}"
    end

    test "404s on private objects", %{conn: conn} do
      note_activity = insert(:direct_note_activity)
      object = Object.normalize(note_activity, fetch: false)
      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))

      conn
      |> get("/objects/#{uuid}")
      |> response(404)
    end

    test "404s on non-existing objects", %{conn: conn} do
      conn
      |> get("/objects/123")
      |> response(404)
    end
  end

  # Note: see ActivityPubControllerTest for JSON format tests
  describe "GET /activities/:uuid (text/html)" do
    setup %{conn: conn} do
      conn = put_req_header(conn, "accept", "text/html")
      %{conn: conn}
    end

    test "redirects to /notice/id for html format", %{conn: conn} do
      note_activity = insert(:note_activity)
      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))

      conn = get(conn, "/activities/#{uuid}")
      assert redirected_to(conn) == "/notice/#{note_activity.id}"
    end

    test "404s on private activities", %{conn: conn} do
      note_activity = insert(:direct_note_activity)
      [_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))

      conn
      |> get("/activities/#{uuid}")
      |> response(404)
    end

    test "404s on nonexistent activities", %{conn: conn} do
      conn
      |> get("/activities/123")
      |> response(404)
    end
  end

  describe "GET notice/2" do
    test "redirects to a proper object URL when json requested and the object is local", %{
      conn: conn
    } do
      note_activity = insert(:note_activity)
      expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]

      redirect_url =
        conn
        |> put_req_header("accept", "application/activity+json")
        |> get("/notice/#{note_activity.id}")
        |> redirected_to()

      assert redirect_url == expected_redirect_url
    end

    test "redirects to a proper object URL when json requested and the object is remote", %{
      conn: conn
    } do
      note_activity = insert(:note_activity, local: false)
      expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]

      redirect_url =
        conn
        |> put_req_header("accept", "application/activity+json")
        |> get("/notice/#{note_activity.id}")
        |> redirected_to()

      assert redirect_url == expected_redirect_url
    end

    test "500s when actor not found", %{conn: conn} do
      note_activity = insert(:note_activity)
      user = User.get_cached_by_ap_id(note_activity.data["actor"])
      User.invalidate_cache(user)
      Pleroma.Repo.delete(user)

      conn =
        conn
        |> get("/notice/#{note_activity.id}")

      assert response(conn, 500) == ~S({"error":"Something went wrong"})
    end

    test "render html for redirect for html format", %{conn: conn} do
      note_activity = insert(:note_activity)

      resp =
        conn
        |> put_req_header("accept", "text/html")
        |> get("/notice/#{note_activity.id}")
        |> response(200)

      assert resp =~
               "<meta content=\"#{Pleroma.Web.Endpoint.url()}/notice/#{note_activity.id}\" property=\"og:url\">"

      user = insert(:user)

      {:ok, like_activity} = CommonAPI.favorite(user, note_activity.id)

      assert like_activity.data["type"] == "Like"

      resp =
        conn
        |> put_req_header("accept", "text/html")
        |> get("/notice/#{like_activity.id}")
        |> response(200)

      assert resp =~ "<!--server-generated-meta-->"
    end

    test "404s a private notice", %{conn: conn} do
      note_activity = insert(:direct_note_activity)
      url = "/notice/#{note_activity.id}"

      conn =
        conn
        |> get(url)

      assert response(conn, 404)
    end

    test "404s a non-existing notice", %{conn: conn} do
      url = "/notice/123"

      conn =
        conn
        |> get(url)

      assert response(conn, 404)
    end

    test "does not require authentication on non-federating instances", %{
      conn: conn
    } do
      clear_config([:instance, :federating], false)
      note_activity = insert(:note_activity)

      conn
      |> put_req_header("accept", "text/html")
      |> get("/notice/#{note_activity.id}")
      |> response(200)
    end
  end

  describe "GET /notice/:id/embed_player" do
    setup do
      note_activity = insert(:note_activity)
      object = Pleroma.Object.normalize(note_activity, fetch: false)

      object_data =
        Map.put(object.data, "attachment", [
          %{
            "url" => [
              %{
                "href" =>
                  "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
                "mediaType" => "video/mp4",
                "type" => "Link"
              }
            ]
          }
        ])

      object
      |> Ecto.Changeset.change(data: object_data)
      |> Pleroma.Repo.update()

      %{note_activity: note_activity}
    end

    test "renders embed player", %{conn: conn, note_activity: note_activity} do
      conn = get(conn, "/notice/#{note_activity.id}/embed_player")

      assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]

      assert Plug.Conn.get_resp_header(
               conn,
               "content-security-policy"
             ) == [
               "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
             ]

      assert response(conn, 200) =~
               "<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"
    end

    test "404s when activity isn't create", %{conn: conn} do
      note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})

      assert conn
             |> get("/notice/#{note_activity.id}/embed_player")
             |> response(404)
    end

    test "404s when activity is direct message", %{conn: conn} do
      note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})

      assert conn
             |> get("/notice/#{note_activity.id}/embed_player")
             |> response(404)
    end

    test "404s when attachment is empty", %{conn: conn} do
      note_activity = insert(:note_activity)
      object = Pleroma.Object.normalize(note_activity, fetch: false)
      object_data = Map.put(object.data, "attachment", [])

      object
      |> Ecto.Changeset.change(data: object_data)
      |> Pleroma.Repo.update()

      assert conn
             |> get("/notice/#{note_activity.id}/embed_player")
             |> response(404)
    end

    test "404s when attachment isn't audio or video", %{conn: conn} do
      note_activity = insert(:note_activity)
      object = Pleroma.Object.normalize(note_activity, fetch: false)

      object_data =
        Map.put(object.data, "attachment", [
          %{
            "url" => [
              %{
                "href" => "https://peertube.moe/static/webseed/480.jpg",
                "mediaType" => "image/jpg",
                "type" => "Link"
              }
            ]
          }
        ])

      object
      |> Ecto.Changeset.change(data: object_data)
      |> Pleroma.Repo.update()

      conn
      |> get("/notice/#{note_activity.id}/embed_player")
      |> response(404)
    end

    test "does not require authentication on non-federating instances", %{
      conn: conn,
      note_activity: note_activity
    } do
      clear_config([:instance, :federating], false)

      conn
      |> put_req_header("accept", "text/html")
      |> get("/notice/#{note_activity.id}/embed_player")
      |> response(200)
    end
  end
end
tests: add legal boilerplate 2018-12-23 21:11:29 +01:00			`# Pleroma: A lightweight social networking server`
Bump Copyright to 2021 grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;' 2021-01-13 07:49:20 +01:00			`# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>`
tests: add legal boilerplate 2018-12-23 21:11:29 +01:00			`# SPDX-License-Identifier: AGPL-3.0-only`

Add webfinger and basic feed support. 2017-04-18 18:41:51 +02:00			`defmodule Pleroma.Web.OStatus.OStatusControllerTest do`
			`use Pleroma.Web.ConnCase`
[tests] Mock :crypt.crypt/2 function in AuthenticationPlugTest 2019-07-20 15:07:51 +02:00
Add webfinger and basic feed support. 2017-04-18 18:41:51 +02:00			`import Pleroma.Factory`
[tests] Mock :crypt.crypt/2 function in AuthenticationPlugTest 2019-07-20 15:07:51 +02:00
test: de-group alias/es 2019-02-10 22:57:38 +01:00			`alias Pleroma.Object`
[Credo] fix Credo.Check.Readability.AliasOrder 2019-03-05 03:52:23 +01:00			`alias Pleroma.User`
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`alias Pleroma.Web.ActivityPub.ActivityPub`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00			`alias Pleroma.Web.CommonAPI`
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`alias Pleroma.Web.Endpoint`

			`require Pleroma.Constants`
update test 2018-12-03 19:37:55 +01:00
update test 2018-12-04 12:01:39 +01:00			`setup_all do`
			`Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)`
update test 2018-12-03 19:37:55 +01:00			`:ok`
			`end`
Add webfinger and basic feed support. 2017-04-18 18:41:51 +02:00
[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`setup do: clear_config([:static_fe, :enabled], false)`
added test helpers to clear config after tests 2019-08-19 17:34:29 +02:00
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`describe "Mastodon compatibility routes" do`
			`setup %{conn: conn} do`
			`conn = put_req_header(conn, "accept", "text/html")`

			`{:ok, object} =`
			`%{`
			`"type" => "Note",`
			`"content" => "hey",`
			`"id" => Endpoint.url() <> "/users/raymoo/statuses/999999999",`
			`"actor" => Endpoint.url() <> "/users/raymoo",`
			`"to" => [Pleroma.Constants.as_public()]`
			`}`
			`\|> Object.create()`

			`{:ok, activity, _} =`
			`%{`
ActivityPubController: Add Mastodon activity compat route. 2020-05-22 17:06:12 +02:00			`"id" => object.data["id"] <> "/activity",`
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`"type" => "Create",`
			`"object" => object.data["id"],`
			`"actor" => object.data["actor"],`
			`"to" => object.data["to"]`
			`}`
			`\|> ActivityPub.persist(local: true)`

OStatusController: Add Mastodon activity compat route. 2020-05-22 17:11:59 +02:00			`%{conn: conn, activity: activity}`
			`end`

			`test "redirects to /notice/:id for html format", %{conn: conn, activity: activity} do`
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`conn = get(conn, "/users/raymoo/statuses/999999999")`
			`assert redirected_to(conn) == "/notice/#{activity.id}"`
			`end`
OStatusController: Add Mastodon activity compat route. 2020-05-22 17:11:59 +02:00
			`test "redirects to /notice/:id for html format for activity", %{`
			`conn: conn,`
			`activity: activity`
			`} do`
			`conn = get(conn, "/users/raymoo/statuses/999999999/activity")`
			`assert redirected_to(conn) == "/notice/#{activity.id}"`
			`end`
OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00			`end`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`# Note: see ActivityPubControllerTest for JSON format tests`
			`describe "GET /objects/:uuid (text/html)" do`
			`setup %{conn: conn} do`
			`conn = put_req_header(conn, "accept", "text/html")`
			`%{conn: conn}`
			`end`

added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "redirects to /notice/id for html format", %{conn: conn} do`
			`note_activity = insert(:note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`object = Object.normalize(note_activity, fetch: false)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))`
			`url = "/objects/#{uuid}"`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`conn = get(conn, url)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`assert redirected_to(conn) == "/notice/#{note_activity.id}"`
			`end`

			`test "404s on private objects", %{conn: conn} do`
			`note_activity = insert(:direct_note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`object = Object.normalize(note_activity, fetch: false)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, object.data["id"]))`

			`conn`
			`\|> get("/objects/#{uuid}")`
			`\|> response(404)`
			`end`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`test "404s on non-existing objects", %{conn: conn} do`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`conn`
			`\|> get("/objects/123")`
			`\|> response(404)`
			`end`
			`end`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`# Note: see ActivityPubControllerTest for JSON format tests`
			`describe "GET /activities/:uuid (text/html)" do`
			`setup %{conn: conn} do`
			`conn = put_req_header(conn, "accept", "text/html")`
			`%{conn: conn}`
			`end`

added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "redirects to /notice/id for html format", %{conn: conn} do`
			`note_activity = insert(:note_activity)`
			`[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))`
Also show activities in OStatus. 2017-05-19 15:53:02 +02:00
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`conn = get(conn, "/activities/#{uuid}")`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`assert redirected_to(conn) == "/notice/#{note_activity.id}"`
			`end`
Fix url guessing attacks. 2018-05-30 20:00:27 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "404s on private activities", %{conn: conn} do`
			`note_activity = insert(:direct_note_activity)`
			`[_, uuid] = hd(Regex.scan(~r/.+\/([\w-]+)$/, note_activity.data["id"]))`
Add test to check /object/:id does not leak the tombstone itself 2018-12-25 21:40:57 +01:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`conn`
			`\|> get("/activities/#{uuid}")`
			`\|> response(404)`
			`end`
Fix url guessing attacks. 2018-05-30 20:00:27 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "404s on nonexistent activities", %{conn: conn} do`
			`conn`
			`\|> get("/activities/123")`
			`\|> response(404)`
			`end`
Return xml notice at /notice path. 2017-11-27 17:24:52 +01:00			`end`
Fix url guessing attacks. 2018-05-30 20:00:27 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`describe "GET notice/2" do`
OStatus controller: don't serve json at /notice/, redirect instead 2019-11-25 15:55:17 +01:00			`test "redirects to a proper object URL when json requested and the object is local", %{`
			`conn: conn`
			`} do`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`note_activity = insert(:note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]`
test: ostatus controller: add AS2 fetching tests 2018-07-12 22:32:05 +02:00
OStatus controller: don't serve json at /notice/, redirect instead 2019-11-25 15:55:17 +01:00			`redirect_url =`
			`conn`
			`\|> put_req_header("accept", "application/activity+json")`
			`\|> get("/notice/#{note_activity.id}")`
			`\|> redirected_to()`

			`assert redirect_url == expected_redirect_url`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`end`
test: ostatus controller: add AS2 fetching tests 2018-07-12 22:32:05 +02:00
Redirect non-local activities when /notice/:id is used Related-to: https://git.pleroma.social/pleroma/pleroma/-/issues/2496 2021-02-03 17:53:09 +01:00			`test "redirects to a proper object URL when json requested and the object is remote", %{`
			`conn: conn`
			`} do`
OStatus controller: don't serve json at /notice/, redirect instead 2019-11-25 15:55:17 +01:00			`note_activity = insert(:note_activity, local: false)`
Redirect non-local activities when /notice/:id is used Related-to: https://git.pleroma.social/pleroma/pleroma/-/issues/2496 2021-02-03 17:53:09 +01:00			`expected_redirect_url = Object.normalize(note_activity, fetch: false).data["id"]`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00
Redirect non-local activities when /notice/:id is used Related-to: https://git.pleroma.social/pleroma/pleroma/-/issues/2496 2021-02-03 17:53:09 +01:00			`redirect_url =`
			`conn`
			`\|> put_req_header("accept", "application/activity+json")`
			`\|> get("/notice/#{note_activity.id}")`
			`\|> redirected_to()`

			`assert redirect_url == expected_redirect_url`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`end`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "500s when actor not found", %{conn: conn} do`
			`note_activity = insert(:note_activity)`
			`user = User.get_cached_by_ap_id(note_activity.data["actor"])`
			`User.invalidate_cache(user)`
			`Pleroma.Repo.delete(user)`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`conn =`
			`conn`
			`\|> get("/notice/#{note_activity.id}")`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`assert response(conn, 500) == ~S({"error":"Something went wrong"})`
			`end`
ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 23:10:15 +01:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "render html for redirect for html format", %{conn: conn} do`
			`note_activity = insert(:note_activity)`

			`resp =`
			`conn`
			`\|> put_req_header("accept", "text/html")`
			`\|> get("/notice/#{note_activity.id}")`
			`\|> response(200)`

			`assert resp =~`
Deprecate Pleroma.Web.base_url/0 Use Pleroma.Web.Endpoint.url/0 directly instead. Reduces compiler cycles. 2021-05-31 22:09:11 +02:00			`"<meta content=\"#{Pleroma.Web.Endpoint.url()}/notice/#{note_activity.id}\" property=\"og:url\">"`
added tests for OstatusController 2019-07-29 07:02:20 +02:00
			`user = insert(:user)`

Introduce new ingestion pipeline structure, implement internal Likes with it. 2019-10-16 16:16:39 +02:00			`{:ok, like_activity} = CommonAPI.favorite(user, note_activity.id)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00
			`assert like_activity.data["type"] == "Like"`

			`resp =`
			`conn`
			`\|> put_req_header("accept", "text/html")`
			`\|> get("/notice/#{like_activity.id}")`
			`\|> response(200)`

			`assert resp =~ "<!--server-generated-meta-->"`
			`end`

			`test "404s a private notice", %{conn: conn} do`
			`note_activity = insert(:direct_note_activity)`
			`url = "/notice/#{note_activity.id}"`

			`conn =`
			`conn`
			`\|> get(url)`

			`assert response(conn, 404)`
			`end`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`test "404s a non-existing notice", %{conn: conn} do`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`url = "/notice/123"`
test: ostatus controller: add AS2 fetching tests 2018-07-12 22:32:05 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`conn =`
			`conn`
			`\|> get(url)`

			`assert response(conn, 404)`
			`end`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00
[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`test "does not require authentication on non-federating instances", %{`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`conn: conn`
			`} do`
[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`clear_config([:instance, :federating], false)`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`note_activity = insert(:note_activity)`

[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`conn`
			`\|> put_req_header("accept", "text/html")`
			`\|> get("/notice/#{note_activity.id}")`
			`\|> response(200)`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`end`
test: ostatus controller: add AS2 fetching tests 2018-07-12 22:32:05 +02:00			`end`

added tests for OstatusController 2019-07-29 07:02:20 +02:00			`describe "GET /notice/:id/embed_player" do`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`setup do`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`note_activity = insert(:note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`object = Pleroma.Object.normalize(note_activity, fetch: false)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00
			`object_data =`
			`Map.put(object.data, "attachment", [`
			`%{`
			`"url" => [`
			`%{`
			`"href" =>`
			`"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",`
			`"mediaType" => "video/mp4",`
			`"type" => "Link"`
			`}`
			`]`
			`}`
			`])`

			`object`
			`\|> Ecto.Changeset.change(data: object_data)`
			`\|> Pleroma.Repo.update()`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`%{note_activity: note_activity}`
			`end`

			`test "renders embed player", %{conn: conn, note_activity: note_activity} do`
			`conn = get(conn, "/notice/#{note_activity.id}/embed_player")`
added tests for OstatusController 2019-07-29 07:02:20 +02:00
			`assert Plug.Conn.get_resp_header(conn, "x-frame-options") == ["ALLOW"]`

			`assert Plug.Conn.get_resp_header(`
			`conn,`
			`"content-security-policy"`
			`) == [`
			`"default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"`
			`]`

			`assert response(conn, 200) =~`
			`"<video controls loop><source src=\"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4\" type=\"video/mp4\">Your browser does not support video/mp4 playback.</video>"`
			`end`
Better error handling for OstatusController. 2018-06-03 21:04:44 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`test "404s when activity isn't create", %{conn: conn} do`
			`note_activity = insert(:note_activity, data_attrs: %{"type" => "Like"})`
Better error handling for OstatusController. 2018-06-03 21:04:44 +02:00
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`assert conn`
			`\|> get("/notice/#{note_activity.id}/embed_player")`
			`\|> response(404)`
			`end`

			`test "404s when activity is direct message", %{conn: conn} do`
			`note_activity = insert(:note_activity, data_attrs: %{"directMessage" => true})`

			`assert conn`
			`\|> get("/notice/#{note_activity.id}/embed_player")`
			`\|> response(404)`
			`end`

			`test "404s when attachment is empty", %{conn: conn} do`
			`note_activity = insert(:note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`object = Pleroma.Object.normalize(note_activity, fetch: false)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00			`object_data = Map.put(object.data, "attachment", [])`

			`object`
			`\|> Ecto.Changeset.change(data: object_data)`
			`\|> Pleroma.Repo.update()`

			`assert conn`
			`\|> get("/notice/#{note_activity.id}/embed_player")`
			`\|> response(404)`
			`end`

			`test "404s when attachment isn't audio or video", %{conn: conn} do`
			`note_activity = insert(:note_activity)`
Object: Rework how Object.normalize works Now it defaults to not fetching, and the option is named. 2021-01-04 13:38:31 +01:00			`object = Pleroma.Object.normalize(note_activity, fetch: false)`
added tests for OstatusController 2019-07-29 07:02:20 +02:00
			`object_data =`
			`Map.put(object.data, "attachment", [`
			`%{`
			`"url" => [`
			`%{`
			`"href" => "https://peertube.moe/static/webseed/480.jpg",`
			`"mediaType" => "image/jpg",`
			`"type" => "Link"`
			`}`
			`]`
			`}`
			`])`

			`object`
			`\|> Ecto.Changeset.change(data: object_data)`
			`\|> Pleroma.Repo.update()`

[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`conn`
			`\|> get("/notice/#{note_activity.id}/embed_player")`
			`\|> response(404)`
[#1560] Added tests for non-federating instance bahaviour to OStatusControllerTest. 2020-03-02 20:02:21 +01:00			`end`

[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`test "does not require authentication on non-federating instances", %{`
[#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 18:51:44 +01:00			`conn: conn,`
			`note_activity: note_activity`
			`} do`
[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`clear_config([:instance, :federating], false)`
[#1560] Added tests for non-federating instance bahaviour to OStatusControllerTest. 2020-03-02 20:02:21 +01:00
[#3053] No auth check in StaticFEController, even on non-federating instances. Adjusted tests. 2020-10-02 21:18:02 +02:00			`conn`
			`\|> put_req_header("accept", "text/html")`
			`\|> get("/notice/#{note_activity.id}/embed_player")`
			`\|> response(200)`
[#1560] Added tests for non-federating instance bahaviour to OStatusControllerTest. 2020-03-02 20:02:21 +01:00			`end`
			`end`
Add webfinger and basic feed support. 2017-04-18 18:41:51 +02:00			`end`