2018-12-23 12:11:29 -08:00
# Pleroma: A lightweight social networking server
2020-03-03 14:44:49 -08:00
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
2018-12-23 12:11:29 -08:00
# SPDX-License-Identifier: AGPL-3.0-only
2017-04-18 09:41:51 -07:00
defmodule Pleroma.Web.OStatus.OStatusControllerTest do
use Pleroma.Web.ConnCase
2019-07-20 06:07:51 -07:00
2017-04-18 09:41:51 -07:00
import Pleroma.Factory
2019-07-20 06:07:51 -07:00
2020-03-09 10:51:44 -07:00
alias Pleroma.Config
2019-02-10 13:57:38 -08:00
alias Pleroma.Object
2019-03-04 18:52:23 -08:00
alias Pleroma.User
2018-11-17 14:10:15 -08:00
alias Pleroma.Web.CommonAPI
2018-12-03 10:37:55 -08:00
2018-12-04 03:01:39 -08:00
setup_all do
Tesla.Mock . mock_global ( fn env -> apply ( HttpRequestMock , :request , [ env ] ) end )
2018-12-03 10:37:55 -08:00
:ok
end
2017-04-18 09:41:51 -07:00
2020-03-18 10:30:31 -07:00
clear_config ( [ :instance , :federating ] , true )
2019-08-19 08:34:29 -07:00
2020-03-09 10:51:44 -07:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /objects/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-28 22:02:20 -07:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
url = " /objects/ #{ uuid } "
2020-03-09 10:51:44 -07:00
conn = get ( conn , url )
2019-07-28 22:02:20 -07:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
test " 404s on private objects " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
object = Object . normalize ( note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , object . data [ " id " ] ) )
conn
|> get ( " /objects/ #{ uuid } " )
|> response ( 404 )
end
2020-03-09 10:51:44 -07:00
test " 404s on non-existing objects " , %{ conn : conn } do
2019-07-28 22:02:20 -07:00
conn
|> get ( " /objects/123 " )
|> response ( 404 )
end
end
2020-03-09 10:51:44 -07:00
# Note: see ActivityPubControllerTest for JSON format tests
describe " GET /activities/:uuid (text/html) " do
setup %{ conn : conn } do
conn = put_req_header ( conn , " accept " , " text/html " )
%{ conn : conn }
end
2019-07-28 22:02:20 -07:00
test " redirects to /notice/id for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2017-05-19 06:53:02 -07:00
2020-03-09 10:51:44 -07:00
conn = get ( conn , " /activities/ #{ uuid } " )
2019-07-28 22:02:20 -07:00
assert redirected_to ( conn ) == " /notice/ #{ note_activity . id } "
end
2018-05-30 11:00:27 -07:00
2019-07-28 22:02:20 -07:00
test " 404s on private activities " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
[ _ , uuid ] = hd ( Regex . scan ( ~r/ .+ \/ ([ \w -]+)$ / , note_activity . data [ " id " ] ) )
2018-12-25 12:40:57 -08:00
2019-07-28 22:02:20 -07:00
conn
|> get ( " /activities/ #{ uuid } " )
|> response ( 404 )
end
2018-05-30 11:00:27 -07:00
2019-07-28 22:02:20 -07:00
test " 404s on nonexistent activities " , %{ conn : conn } do
conn
|> get ( " /activities/123 " )
|> response ( 404 )
end
2017-11-27 08:24:52 -08:00
end
2018-05-30 11:00:27 -07:00
2019-07-28 22:02:20 -07:00
describe " GET notice/2 " do
2019-11-25 06:55:17 -08:00
test " redirects to a proper object URL when json requested and the object is local " , %{
conn : conn
} do
2019-07-28 22:02:20 -07:00
note_activity = insert ( :note_activity )
2019-11-25 06:55:17 -08:00
expected_redirect_url = Object . normalize ( note_activity ) . data [ " id " ]
2018-07-12 13:32:05 -07:00
2019-11-25 06:55:17 -08:00
redirect_url =
conn
|> put_req_header ( " accept " , " application/activity+json " )
|> get ( " /notice/ #{ note_activity . id } " )
|> redirected_to ( )
assert redirect_url == expected_redirect_url
2019-07-28 22:02:20 -07:00
end
2018-07-12 13:32:05 -07:00
2019-11-25 06:55:17 -08:00
test " returns a 404 on remote notice when json requested " , %{ conn : conn } do
note_activity = insert ( :note_activity , local : false )
2018-11-17 14:10:15 -08:00
conn
|> put_req_header ( " accept " , " application/activity+json " )
2019-07-28 22:02:20 -07:00
|> get ( " /notice/ #{ note_activity . id } " )
2019-11-25 06:55:17 -08:00
|> response ( 404 )
2019-07-28 22:02:20 -07:00
end
2018-11-17 14:10:15 -08:00
2019-07-28 22:02:20 -07:00
test " 500s when actor not found " , %{ conn : conn } do
note_activity = insert ( :note_activity )
user = User . get_cached_by_ap_id ( note_activity . data [ " actor " ] )
User . invalidate_cache ( user )
Pleroma.Repo . delete ( user )
2018-11-17 14:10:15 -08:00
2019-07-28 22:02:20 -07:00
conn =
conn
|> get ( " /notice/ #{ note_activity . id } " )
2018-11-17 14:10:15 -08:00
2019-07-28 22:02:20 -07:00
assert response ( conn , 500 ) == ~S( {"error":"Something went wrong"} )
end
2018-11-17 14:10:15 -08:00
2019-07-28 22:02:20 -07:00
test " render html for redirect for html format " , %{ conn : conn } do
note_activity = insert ( :note_activity )
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ note_activity . id } " )
|> response ( 200 )
assert resp =~
" <meta content= \" #{ Pleroma.Web . base_url ( ) } /notice/ #{ note_activity . id } \" property= \" og:url \" > "
user = insert ( :user )
{ :ok , like_activity , _ } = CommonAPI . favorite ( note_activity . id , user )
assert like_activity . data [ " type " ] == " Like "
resp =
conn
|> put_req_header ( " accept " , " text/html " )
|> get ( " /notice/ #{ like_activity . id } " )
|> response ( 200 )
assert resp =~ " <!--server-generated-meta--> "
end
test " 404s a private notice " , %{ conn : conn } do
note_activity = insert ( :direct_note_activity )
url = " /notice/ #{ note_activity . id } "
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 10:51:44 -07:00
test " 404s a non-existing notice " , %{ conn : conn } do
2019-07-28 22:02:20 -07:00
url = " /notice/123 "
2018-07-12 13:32:05 -07:00
2019-07-28 22:02:20 -07:00
conn =
conn
|> get ( url )
assert response ( conn , 404 )
end
2020-03-09 10:51:44 -07:00
test " it requires authentication if instance is NOT federating " , %{
conn : conn
} do
user = insert ( :user )
note_activity = insert ( :note_activity )
conn = put_req_header ( conn , " accept " , " text/html " )
ensure_federating_or_authenticated ( conn , " /notice/ #{ note_activity . id } " , user )
end
2018-07-12 13:32:05 -07:00
end
2019-07-28 22:02:20 -07:00
describe " GET /notice/:id/embed_player " do
2020-03-09 10:51:44 -07:00
setup do
2019-07-28 22:02:20 -07:00
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = >
" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 " ,
" mediaType " = > " video/mp4 " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 10:51:44 -07:00
%{ note_activity : note_activity }
end
test " renders embed player " , %{ conn : conn , note_activity : note_activity } do
conn = get ( conn , " /notice/ #{ note_activity . id } /embed_player " )
2019-07-28 22:02:20 -07:00
assert Plug.Conn . get_resp_header ( conn , " x-frame-options " ) == [ " ALLOW " ]
assert Plug.Conn . get_resp_header (
conn ,
" content-security-policy "
) == [
" default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:; "
]
assert response ( conn , 200 ) =~
" <video controls loop><source src= \" https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4 \" type= \" video/mp4 \" >Your browser does not support video/mp4 playback.</video> "
end
2018-06-03 12:04:44 -07:00
2019-07-28 22:02:20 -07:00
test " 404s when activity isn't create " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " type " = > " Like " } )
2018-06-03 12:04:44 -07:00
2019-07-28 22:02:20 -07:00
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when activity is direct message " , %{ conn : conn } do
note_activity = insert ( :note_activity , data_attrs : %{ " directMessage " = > true } )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment is empty " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data = Map . put ( object . data , " attachment " , [ ] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
assert conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
end
test " 404s when attachment isn't audio or video " , %{ conn : conn } do
note_activity = insert ( :note_activity )
object = Pleroma.Object . normalize ( note_activity )
object_data =
Map . put ( object . data , " attachment " , [
%{
" url " = > [
%{
" href " = > " https://peertube.moe/static/webseed/480.jpg " ,
" mediaType " = > " image/jpg " ,
" type " = > " Link "
}
]
}
] )
object
|> Ecto.Changeset . change ( data : object_data )
|> Pleroma.Repo . update ( )
2020-03-09 10:51:44 -07:00
conn
|> get ( " /notice/ #{ note_activity . id } /embed_player " )
|> response ( 404 )
2020-03-02 11:02:21 -08:00
end
2020-03-09 10:51:44 -07:00
test " it requires authentication if instance is NOT federating " , %{
conn : conn ,
note_activity : note_activity
} do
user = insert ( :user )
conn = put_req_header ( conn , " accept " , " text/html " )
2020-03-02 11:02:21 -08:00
2020-03-09 10:51:44 -07:00
ensure_federating_or_authenticated ( conn , " /notice/ #{ note_activity . id } /embed_player " , user )
2020-03-02 11:02:21 -08:00
end
end
2017-04-18 09:41:51 -07:00
end