|
@@ -765,51 +765,87 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do |
|
|
end |
|
|
end |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|
describe "POST /users/:nickname/outbox" do |
|
|
|
|
|
test "it rejects posts from other users / unauthenticated users", %{conn: conn} do |
|
|
|
|
|
data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!() |
|
|
|
|
|
|
|
|
describe "POST /users/:nickname/outbox (C2S)" do |
|
|
|
|
|
setup do |
|
|
|
|
|
[ |
|
|
|
|
|
activity: %{ |
|
|
|
|
|
"@context" => "https://www.w3.org/ns/activitystreams", |
|
|
|
|
|
"type" => "Create", |
|
|
|
|
|
"object" => %{"type" => "Note", "content" => "AP C2S test"}, |
|
|
|
|
|
"to" => "https://www.w3.org/ns/activitystreams#Public", |
|
|
|
|
|
"cc" => [] |
|
|
|
|
|
} |
|
|
|
|
|
] |
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
test "it rejects posts from other users / unauthenticated users", %{ |
|
|
|
|
|
conn: conn, |
|
|
|
|
|
activity: activity |
|
|
|
|
|
} do |
|
|
user = insert(:user) |
|
|
user = insert(:user) |
|
|
other_user = insert(:user) |
|
|
other_user = insert(:user) |
|
|
conn = put_req_header(conn, "content-type", "application/activity+json") |
|
|
conn = put_req_header(conn, "content-type", "application/activity+json") |
|
|
|
|
|
|
|
|
conn |
|
|
conn |
|
|
|> post("/users/#{user.nickname}/outbox", data) |
|
|
|
|
|
|
|
|
|> post("/users/#{user.nickname}/outbox", activity) |
|
|
|> json_response(403) |
|
|
|> json_response(403) |
|
|
|
|
|
|
|
|
conn |
|
|
conn |
|
|
|> assign(:user, other_user) |
|
|
|> assign(:user, other_user) |
|
|
|> post("/users/#{user.nickname}/outbox", data) |
|
|
|
|
|
|
|
|
|> post("/users/#{user.nickname}/outbox", activity) |
|
|
|> json_response(403) |
|
|
|> json_response(403) |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|
test "it inserts an incoming create activity into the database", %{conn: conn} do |
|
|
|
|
|
data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!() |
|
|
|
|
|
|
|
|
test "it inserts an incoming create activity into the database", %{ |
|
|
|
|
|
conn: conn, |
|
|
|
|
|
activity: activity |
|
|
|
|
|
} do |
|
|
user = insert(:user) |
|
|
user = insert(:user) |
|
|
|
|
|
|
|
|
conn = |
|
|
|
|
|
|
|
|
result = |
|
|
conn |
|
|
conn |
|
|
|> assign(:user, user) |
|
|
|> assign(:user, user) |
|
|
|> put_req_header("content-type", "application/activity+json") |
|
|
|> put_req_header("content-type", "application/activity+json") |
|
|
|> post("/users/#{user.nickname}/outbox", data) |
|
|
|
|
|
|
|
|
|
|
|
result = json_response(conn, 201) |
|
|
|
|
|
|
|
|
|> post("/users/#{user.nickname}/outbox", activity) |
|
|
|
|
|
|> json_response(201) |
|
|
|
|
|
|
|
|
assert Activity.get_by_ap_id(result["id"]) |
|
|
assert Activity.get_by_ap_id(result["id"]) |
|
|
|
|
|
assert result["object"] |
|
|
|
|
|
assert %Object{data: object} = Object.normalize(result["object"]) |
|
|
|
|
|
assert object["content"] == activity["object"]["content"] |
|
|
end |
|
|
end |
|
|
|
|
|
|
|
|
test "it rejects an incoming activity with bogus type", %{conn: conn} do |
|
|
|
|
|
data = File.read!("test/fixtures/activitypub-client-post-activity.json") |> Poison.decode!() |
|
|
|
|
|
|
|
|
test "it inserts an incoming sensitive activity into the database", %{ |
|
|
|
|
|
conn: conn, |
|
|
|
|
|
activity: activity |
|
|
|
|
|
} do |
|
|
user = insert(:user) |
|
|
user = insert(:user) |
|
|
|
|
|
object = Map.put(activity["object"], "sensitive", true) |
|
|
|
|
|
activity = Map.put(activity, "object", object) |
|
|
|
|
|
|
|
|
data = |
|
|
|
|
|
data |
|
|
|
|
|
|> Map.put("type", "BadType") |
|
|
|
|
|
|
|
|
result = |
|
|
|
|
|
conn |
|
|
|
|
|
|> assign(:user, user) |
|
|
|
|
|
|> put_req_header("content-type", "application/activity+json") |
|
|
|
|
|
|> post("/users/#{user.nickname}/outbox", activity) |
|
|
|
|
|
|> json_response(201) |
|
|
|
|
|
|
|
|
|
|
|
assert Activity.get_by_ap_id(result["id"]) |
|
|
|
|
|
assert result["object"] |
|
|
|
|
|
assert %Object{data: object} = Object.normalize(result["object"]) |
|
|
|
|
|
assert object["sensitive"] == activity["object"]["sensitive"] |
|
|
|
|
|
assert object["content"] == activity["object"]["content"] |
|
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
|
|
test "it rejects an incoming activity with bogus type", %{conn: conn, activity: activity} do |
|
|
|
|
|
user = insert(:user) |
|
|
|
|
|
activity = Map.put(activity, "type", "BadType") |
|
|
|
|
|
|
|
|
conn = |
|
|
conn = |
|
|
conn |
|
|
conn |
|
|
|> assign(:user, user) |
|
|
|> assign(:user, user) |
|
|
|> put_req_header("content-type", "application/activity+json") |
|
|
|> put_req_header("content-type", "application/activity+json") |
|
|
|> post("/users/#{user.nickname}/outbox", data) |
|
|
|
|
|
|
|
|
|> post("/users/#{user.nickname}/outbox", activity) |
|
|
|
|
|
|
|
|
assert json_response(conn, 400) |
|
|
assert json_response(conn, 400) |
|
|
end |
|
|
end |
|
|