2018-12-23 21:11:29 +01:00
# Pleroma: A lightweight social networking server
2020-03-03 23:44:49 +01:00
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
2018-12-23 21:11:29 +01:00
# SPDX-License-Identifier: AGPL-3.0-only
2017-04-18 18:41:51 +02:00
defmodule Pleroma.Web.OStatus.OStatusControllerTest do
use Pleroma.Web.ConnCase
2019-07-20 15:07:51 +02:00
2017-04-18 18:41:51 +02:00
import Pleroma.Factory
2019-07-20 15:07:51 +02:00
2019-02-10 22:57:38 +01:00
alias Pleroma.Object
2019-03-05 03:52:23 +01:00
alias Pleroma.User
2020-05-22 16:47:22 +02:00
alias Pleroma.Web.ActivityPub.ActivityPub
2018-11-17 23:10:15 +01:00
alias Pleroma.Web.CommonAPI
2020-05-22 16:47:22 +02:00
alias Pleroma.Web.Endpoint
require Pleroma.Constants
2018-12-03 19:37:55 +01:00
2018-12-04 12:01:39 +01:00
setup_all do
Tesla.Mock . mock_global ( fn env -> apply ( HttpRequestMock , :request , [ env ] ) end )
2018-12-03 19:37:55 +01:00
:ok
end
2017-04-18 18:41:51 +02:00
2020-10-28 19:08:51 +01:00
setup do : clear_config ( [ :static_fe , :enabled ] , false )
2019-08-19 17:34:29 +02:00
2020-05-22 16:47:22 +02:00
describe " Mastodon compatibility routes " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
{ :ok , object } =
%{
" type " = > " Note " ,
" content " = > " hey " ,
" id " = > Endpoint . url ( ) <> " /users/raymoo/statuses/999999999 " ,
" actor " = > Endpoint . url ( ) <> " /users/raymoo " ,
" to " = > [ Pleroma.Constants . as_public ( ) ]
}
|> Object . create ( )
{ :ok , activity , _ } =
%{
2020-05-22 17:06:12 +02:00
" id " = > object . data [ " id " ] <> " /activity " ,
2020-05-22 16:47:22 +02:00
" type " = > " Create " ,
" object " = > object . data [ " id " ] ,
" actor " = > object . data [ " actor " ] ,
" to " = > object . data [ " to " ]
}
|> ActivityPub . persist ( local : true )
2020-05-22 17:11:59 +02:00
%{ conn : conn , activity : activity }
end
test " redirects to /notice/:id for html format " , %{ conn : conn , activity : activity } do
2020-05-22 16:47:22 +02:00
conn = get ( conn , " /users/raymoo/statuses/999999999 " )
assert redirected_to ( conn ) == " /notice/ #{ activity . id } "
end
2020-05-22 17:11:59 +02:00
test " redirects to /notice/:id for html format for activity " , %{
conn : conn ,
activity : activity
} do
conn = get ( conn , " /users/raymoo/statuses/999999999/activity " )
assert redirected_to ( conn ) == " /notice/ #{ activity . id } "
end
2020-05-22 16:47:22 +02:00
end
2020-03-09 18:51:44 +01:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /objects/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-29 07:02:20 +02:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
url = " /objects/ #{ uuid } "
2020-03-09 18:51:44 +01:00
conn = get ( conn , url )
2019-07-29 07:02:20 +02:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
test " 404s on private objects " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
conn
|> get ( " /objects/ #{ uuid } " )
|> response ( 404 )
end
2020-03-09 18:51:44 +01:00
test " 404s on non-existing objects " , %{ conn : conn } do
2019-07-29 07:02:20 +02:00
conn
|> get ( " /objects/123 " )
|> response ( 404 )
end
end
2020-03-09 18:51:44 +01:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /activities/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-29 07:02:20 +02:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2017-05-19 15:53:02 +02:00
2020-03-09 18:51:44 +01:00
conn = get ( conn , " /activities/ #{ uuid } " )
2019-07-29 07:02:20 +02:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
2018-05-30 20:00:27 +02:00
2019-07-29 07:02:20 +02:00
test " 404s on private activities " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2018-12-25 21:40:57 +01:00
2019-07-29 07:02:20 +02:00
conn
|> get ( " /activities/ #{ uuid } " )
|> response ( 404 )
end
2018-05-30 20:00:27 +02:00
2019-07-29 07:02:20 +02:00
test " 404s on nonexistent activities " , %{ conn : conn } do
conn
|> get ( " /activities/123 " )
|> response ( 404 )
end
2017-11-27 17:24:52 +01:00
end
2018-05-30 20:00:27 +02:00
2019-07-29 07:02:20 +02:00
describe " GET notice/2 " do
2019-11-25 15:55:17 +01:00
test " redirects to a proper object URL when json requested and the object is local " , %{
conn : conn
} do
2019-07-29 07:02:20 +02:00
note_activity = insert ( :note_activity )
2019-11-25 15:55:17 +01:00
expected_redirect_url = Object . normalize ( note_activity ) . data [ " id " ]
2018-07-12 22:32:05 +02:00
2019-11-25 15:55:17 +01:00
redirect_url =
conn
|> put_req_header ( " accept " , " application/activity+json " )
|> get ( " /notice/ #{ note_activity . id } " )
|> redirected_to ( )
assert redirect_url == expected_redirect_url
2019-07-29 07:02:20 +02:00
end
2018-07-12 22:32:05 +02:00
2019-11-25 15:55:17 +01:00
test " returns a 404 on remote notice when json requested " , %{ conn : conn } do
note_activity = insert ( :note_activity , local : false )
2018-11-17 23:10:15 +01:00
conn
|> put_req_header ( " accept " , " application/activity+json " )
2019-07-29 07:02:20 +02:00
|> get ( " /notice/ #{ note_activity . id } " )
2019-11-25 15:55:17 +01:00
|> response ( 404 )
2019-07-29 07:02:20 +02:00
end
2018-11-17 23:10:15 +01:00
2019-07-29 07:02:20 +02:00
test " 500s when actor not found " , %{ conn : conn } do
note_activity = insert ( :note_activity )
user = User . get_cached_by_ap_id ( note_activity . data [ " actor " ] )
User . invalidate_cache ( user )
Pleroma.Repo . delete ( user )
2018-11-17 23:10:15 +01:00
2019-07-29 07:02:20 +02:00
conn =
conn
|> get ( " /notice/ #{ note_activity . id } " )
2018-11-17 23:10:15 +01:00
2019-07-29 07:02:20 +02:00
assert response ( conn , 500 ) == ~S( {"error":"Something went wrong"} )
end
2018-11-17 23:10:15 +01:00
2019-07-29 07:02:20 +02:00
test " render html for redirect for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } " )
|> response ( 200 )
assert resp =~
" <meta content= \" #{ Pleroma.Web . base_url ( ) } /notice/ #{ note_activity . id } \" property= \" og:url \" > "
user = insert ( :user )
2019-10-16 16:16:39 +02:00
{ :ok , like_activity } = CommonAPI . favorite ( user , note_activity . id )
2019-07-29 07:02:20 +02:00
assert like_activity . data [ " type " ] == " Like "
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ like_activity . id } " )
|> response ( 200 )
assert resp =~ " <!--server-generated-meta--> "
end
test " 404s a private notice " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
url = " /notice/ #{ note_activity . id } "
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 18:51:44 +01:00
test " 404s a non-existing notice " , %{ conn : conn } do
2019-07-29 07:02:20 +02:00
url = " /notice/123 "
2018-07-12 22:32:05 +02:00
2019-07-29 07:02:20 +02:00
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 18:51:44 +01:00
2020-10-28 19:08:51 +01:00
test " does not require authentication on non-federating instances " , %{
2020-03-09 18:51:44 +01:00
conn : conn
} do
2020-10-28 19:08:51 +01:00
clear_config ( [ :instance , :federating ] , false )
2020-03-09 18:51:44 +01:00
note_activity = insert ( :note_activity )
2020-10-28 19:08:51 +01:00
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } " )
|> response ( 200 )
2020-03-09 18:51:44 +01:00
end
2018-07-12 22:32:05 +02:00
end
2019-07-29 07:02:20 +02:00
describe " GET /notice/:id/embed_player " do
2020-03-09 18:51:44 +01:00
setup do
2019-07-29 07:02:20 +02:00
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = >
" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 " ,
" mediaType " = > " video/mp4 " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 18:51:44 +01:00
%{ note_activity : note_activity }
end
test " renders embed player " , %{ conn : conn , note_activity : note_activity } do
conn = get ( conn , " /notice/ #{ note_activity . id } /embed_player " )
2019-07-29 07:02:20 +02:00
assert Plug.Conn . get_resp_header ( conn , " x-frame-options " ) == [ " ALLOW " ]
assert Plug.Conn . get_resp_header (
conn ,
" content-security-policy "
) == [
" default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:; "
]
assert response ( conn , 200 ) =~
" <video controls loop><source src= \" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 \" type= \" video/mp4 \" >Your browser does not support video/mp4 playback.</video> "
end
2018-06-03 21:04:44 +02:00
2019-07-29 07:02:20 +02:00
test " 404s when activity isn't create " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " type " = > " Like " } )
2018-06-03 21:04:44 +02:00
2019-07-29 07:02:20 +02:00
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when activity is direct message " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " directMessage " = > true } )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment is empty " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data = Map . put ( object . data , " attachment " , [ ] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment isn't audio or video " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = > " https://peertube.moe/static/webseed/480.jpg " ,
" mediaType " = > " image/jpg " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 18:51:44 +01:00
conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
2020-03-02 20:02:21 +01:00
end
2020-10-28 19:08:51 +01:00
test " does not require authentication on non-federating instances " , %{
2020-03-09 18:51:44 +01:00
conn : conn ,
note_activity : note_activity
} do
2020-10-28 19:08:51 +01:00
clear_config ( [ :instance , :federating ] , false )
2020-03-02 20:02:21 +01:00
2020-10-28 19:08:51 +01:00
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 200 )
2020-03-02 20:02:21 +01:00
end
end
2017-04-18 18:41:51 +02:00
end