Test that anonymous users cannot see local-only posts
Ref: fix-local-public
This commit is contained in:
parent
c48be59f58
commit
38af42968d
@ -1923,7 +1923,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
|
|||||||
|
|
||||||
test "other users can read local-only posts" do
|
test "other users can read local-only posts" do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
%{user: reader, conn: conn} = oauth_access(["read:statuses"])
|
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
|
||||||
|
|
||||||
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
||||||
|
|
||||||
@ -1935,18 +1935,15 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
|
|||||||
assert received["id"] == activity.id
|
assert received["id"] == activity.id
|
||||||
end
|
end
|
||||||
|
|
||||||
test "other users can see local-only posts" do
|
test "anonymous users cannot see local-only posts" do
|
||||||
user = insert(:user)
|
user = insert(:user)
|
||||||
%{user: _reader, conn: conn} = oauth_access(["read:statuses"])
|
|
||||||
|
|
||||||
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
{:ok, activity} = CommonAPI.post(user, %{status: "#2hu #2HU", visibility: "local"})
|
||||||
|
|
||||||
received =
|
_received =
|
||||||
conn
|
build_conn()
|
||||||
|> get("/api/v1/statuses/#{activity.id}")
|
|> get("/api/v1/statuses/#{activity.id}")
|
||||||
|> json_response_and_validate_schema(:ok)
|
|> json_response_and_validate_schema(:not_found)
|
||||||
|
|
||||||
assert received["id"] == activity.id
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user