# Pleroma: A lightweight social networking server # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/> # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.ActivityPub.ActivityPubTest do use Pleroma.DataCase alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.CommonAPI alias Pleroma.{Activity, Object, User} alias Pleroma.Builders.ActivityBuilder import Pleroma.Factory import Tesla.Mock setup do mock(fn env -> apply(HttpRequestMock, :request, [env]) end) :ok end describe "fetching restricted by visibility" do test "it restricts by the appropriate visibility" do user = insert(:user) {:ok, public_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "public"}) {:ok, direct_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "direct"}) {:ok, unlisted_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "unlisted"}) {:ok, private_activity} = CommonAPI.post(user, %{"status" => ".", "visibility" => "private"}) activities = ActivityPub.fetch_activities([], %{:visibility => "direct", "actor_id" => user.ap_id}) assert activities == [direct_activity] activities = ActivityPub.fetch_activities([], %{:visibility => "unlisted", "actor_id" => user.ap_id}) assert activities == [unlisted_activity] activities = ActivityPub.fetch_activities([], %{:visibility => "private", "actor_id" => user.ap_id}) assert activities == [private_activity] activities = ActivityPub.fetch_activities([], %{:visibility => "public", "actor_id" => user.ap_id}) assert activities == [public_activity] end end describe "building a user from his ap id" do test "it returns a user" do user_id = "http://mastodon.example.org/users/admin" {:ok, user} = ActivityPub.make_user_from_ap_id(user_id) assert user.ap_id == user_id assert user.nickname == "admin@mastodon.example.org" assert user.info.source_data assert user.info.ap_enabled assert user.follower_address == "http://mastodon.example.org/users/admin/followers" end end describe "insertion" do test "drops activities beyond a certain limit" do limit = Pleroma.Config.get([:instance, :remote_limit]) random_text = :crypto.strong_rand_bytes(limit + 1) |> Base.encode64() |> binary_part(0, limit + 1) data = %{ "ok" => true, "object" => %{ "content" => random_text } } assert {:error, {:remote_limit_error, _}} = ActivityPub.insert(data) end test "returns the activity if one with the same id is already in" do activity = insert(:note_activity) {:ok, new_activity} = ActivityPub.insert(activity.data) assert activity == new_activity end test "inserts a given map into the activity database, giving it an id if it has none." do data = %{ "ok" => true } {:ok, %Activity{} = activity} = ActivityPub.insert(data) assert activity.data["ok"] == data["ok"] assert is_binary(activity.data["id"]) given_id = "bla" data = %{ "ok" => true, "id" => given_id, "context" => "blabla" } {:ok, %Activity{} = activity} = ActivityPub.insert(data) assert activity.data["ok"] == data["ok"] assert activity.data["id"] == given_id assert activity.data["context"] == "blabla" assert activity.data["context_id"] end test "adds a context when none is there" do data = %{ "id" => "some_id", "object" => %{ "id" => "object_id" } } {:ok, %Activity{} = activity} = ActivityPub.insert(data) assert is_binary(activity.data["context"]) assert is_binary(activity.data["object"]["context"]) assert activity.data["context_id"] assert activity.data["object"]["context_id"] end test "adds an id to a given object if it lacks one and is a note and inserts it to the object database" do data = %{ "object" => %{ "type" => "Note", "ok" => true } } {:ok, %Activity{} = activity} = ActivityPub.insert(data) assert is_binary(activity.data["object"]["id"]) assert %Object{} = Object.get_by_ap_id(activity.data["object"]["id"]) end end describe "create activities" do test "removes doubled 'to' recipients" do user = insert(:user) {:ok, activity} = ActivityPub.create(%{ to: ["user1", "user1", "user2"], actor: user, context: "", object: %{} }) assert activity.data["to"] == ["user1", "user2"] assert activity.actor == user.ap_id assert activity.recipients == ["user1", "user2"] end end describe "fetch activities for recipients" do test "retrieve the activities for certain recipients" do {:ok, activity_one} = ActivityBuilder.insert(%{"to" => ["someone"]}) {:ok, activity_two} = ActivityBuilder.insert(%{"to" => ["someone_else"]}) {:ok, _activity_three} = ActivityBuilder.insert(%{"to" => ["noone"]}) activities = ActivityPub.fetch_activities(["someone", "someone_else"]) assert length(activities) == 2 assert activities == [activity_one, activity_two] end end describe "fetch activities in context" do test "retrieves activities that have a given context" do {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"}) {:ok, activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"}) {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"}) {:ok, _activity_four} = ActivityBuilder.insert(%{"type" => "Announce", "context" => "2hu"}) activity_five = insert(:note_activity) user = insert(:user) {:ok, user} = User.block(user, %{ap_id: activity_five.data["actor"]}) activities = ActivityPub.fetch_activities_for_context("2hu", %{"blocking_user" => user}) assert activities == [activity_two, activity] end end test "doesn't return blocked activities" do activity_one = insert(:note_activity) activity_two = insert(:note_activity) activity_three = insert(:note_activity) user = insert(:user) booster = insert(:user) {:ok, user} = User.block(user, %{ap_id: activity_one.data["actor"]}) activities = ActivityPub.fetch_activities([], %{"blocking_user" => user}) assert Enum.member?(activities, activity_two) assert Enum.member?(activities, activity_three) refute Enum.member?(activities, activity_one) {:ok, user} = User.unblock(user, %{ap_id: activity_one.data["actor"]}) activities = ActivityPub.fetch_activities([], %{"blocking_user" => user}) assert Enum.member?(activities, activity_two) assert Enum.member?(activities, activity_three) assert Enum.member?(activities, activity_one) {:ok, user} = User.block(user, %{ap_id: activity_three.data["actor"]}) {:ok, _announce, %{data: %{"id" => id}}} = CommonAPI.repeat(activity_three.id, booster) %Activity{} = boost_activity = Activity.get_create_activity_by_object_ap_id(id) activity_three = Repo.get(Activity, activity_three.id) activities = ActivityPub.fetch_activities([], %{"blocking_user" => user}) assert Enum.member?(activities, activity_two) refute Enum.member?(activities, activity_three) refute Enum.member?(activities, boost_activity) assert Enum.member?(activities, activity_one) activities = ActivityPub.fetch_activities([], %{"blocking_user" => nil}) assert Enum.member?(activities, activity_two) assert Enum.member?(activities, activity_three) assert Enum.member?(activities, boost_activity) assert Enum.member?(activities, activity_one) end test "excludes reblogs on request" do user = insert(:user) {:ok, expected_activity} = ActivityBuilder.insert(%{"type" => "Create"}, %{:user => user}) {:ok, _} = ActivityBuilder.insert(%{"type" => "Announce"}, %{:user => user}) [activity] = ActivityPub.fetch_user_activities(user, nil, %{"exclude_reblogs" => "true"}) assert activity == expected_activity end describe "public fetch activities" do test "doesn't retrieve unlisted activities" do user = insert(:user) {:ok, _unlisted_activity} = CommonAPI.post(user, %{"status" => "yeah", "visibility" => "unlisted"}) {:ok, listed_activity} = CommonAPI.post(user, %{"status" => "yeah"}) [activity] = ActivityPub.fetch_public_activities() assert activity == listed_activity end test "retrieves public activities" do _activities = ActivityPub.fetch_public_activities() %{public: public} = ActivityBuilder.public_and_non_public() activities = ActivityPub.fetch_public_activities() assert length(activities) == 1 assert Enum.at(activities, 0) == public end test "retrieves a maximum of 20 activities" do activities = ActivityBuilder.insert_list(30) last_expected = List.last(activities) activities = ActivityPub.fetch_public_activities() last = List.last(activities) assert length(activities) == 20 assert last == last_expected end test "retrieves ids starting from a since_id" do activities = ActivityBuilder.insert_list(30) later_activities = ActivityBuilder.insert_list(10) since_id = List.last(activities).id last_expected = List.last(later_activities) activities = ActivityPub.fetch_public_activities(%{"since_id" => since_id}) last = List.last(activities) assert length(activities) == 10 assert last == last_expected end test "retrieves ids up to max_id" do _first_activities = ActivityBuilder.insert_list(10) activities = ActivityBuilder.insert_list(20) later_activities = ActivityBuilder.insert_list(10) max_id = List.first(later_activities).id last_expected = List.last(activities) activities = ActivityPub.fetch_public_activities(%{"max_id" => max_id}) last = List.last(activities) assert length(activities) == 20 assert last == last_expected end end describe "like an object" do test "adds a like activity to the db" do note_activity = insert(:note_activity) object = Object.get_by_ap_id(note_activity.data["object"]["id"]) user = insert(:user) user_two = insert(:user) {:ok, like_activity, object} = ActivityPub.like(user, object) assert like_activity.data["actor"] == user.ap_id assert like_activity.data["type"] == "Like" assert like_activity.data["object"] == object.data["id"] assert like_activity.data["to"] == [User.ap_followers(user), note_activity.data["actor"]] assert like_activity.data["context"] == object.data["context"] assert object.data["like_count"] == 1 assert object.data["likes"] == [user.ap_id] # Just return the original activity if the user already liked it. {:ok, same_like_activity, object} = ActivityPub.like(user, object) assert like_activity == same_like_activity assert object.data["likes"] == [user.ap_id] [note_activity] = Activity.all_by_object_ap_id(object.data["id"]) assert note_activity.data["object"]["like_count"] == 1 {:ok, _like_activity, object} = ActivityPub.like(user_two, object) assert object.data["like_count"] == 2 end end describe "unliking" do test "unliking a previously liked object" do note_activity = insert(:note_activity) object = Object.get_by_ap_id(note_activity.data["object"]["id"]) user = insert(:user) # Unliking something that hasn't been liked does nothing {:ok, object} = ActivityPub.unlike(user, object) assert object.data["like_count"] == 0 {:ok, like_activity, object} = ActivityPub.like(user, object) assert object.data["like_count"] == 1 {:ok, _, _, object} = ActivityPub.unlike(user, object) assert object.data["like_count"] == 0 assert Repo.get(Activity, like_activity.id) == nil end end describe "announcing an object" do test "adds an announce activity to the db" do note_activity = insert(:note_activity) object = Object.get_by_ap_id(note_activity.data["object"]["id"]) user = insert(:user) {:ok, announce_activity, object} = ActivityPub.announce(user, object) assert object.data["announcement_count"] == 1 assert object.data["announcements"] == [user.ap_id] assert announce_activity.data["to"] == [ User.ap_followers(user), note_activity.data["actor"] ] assert announce_activity.data["object"] == object.data["id"] assert announce_activity.data["actor"] == user.ap_id assert announce_activity.data["context"] == object.data["context"] end end describe "unannouncing an object" do test "unannouncing a previously announced object" do note_activity = insert(:note_activity) object = Object.get_by_ap_id(note_activity.data["object"]["id"]) user = insert(:user) # Unannouncing an object that is not announced does nothing # {:ok, object} = ActivityPub.unannounce(user, object) # assert object.data["announcement_count"] == 0 {:ok, announce_activity, object} = ActivityPub.announce(user, object) assert object.data["announcement_count"] == 1 {:ok, unannounce_activity, object} = ActivityPub.unannounce(user, object) assert object.data["announcement_count"] == 0 assert unannounce_activity.data["to"] == [ User.ap_followers(user), announce_activity.data["actor"] ] assert unannounce_activity.data["type"] == "Undo" assert unannounce_activity.data["object"] == announce_activity.data assert unannounce_activity.data["actor"] == user.ap_id assert unannounce_activity.data["context"] == announce_activity.data["context"] assert Repo.get(Activity, announce_activity.id) == nil end end describe "uploading files" do test "copies the file to the configured folder" do file = %Plug.Upload{ content_type: "image/jpg", path: Path.absname("test/fixtures/image.jpg"), filename: "an_image.jpg" } {:ok, %Object{} = object} = ActivityPub.upload(file) assert object.data["name"] == "an_image.jpg" end test "works with base64 encoded images" do file = %{ "img" => data_uri() } {:ok, %Object{}} = ActivityPub.upload(file) end end describe "fetch the latest Follow" do test "fetches the latest Follow activity" do %Activity{data: %{"type" => "Follow"}} = activity = insert(:follow_activity) follower = Repo.get_by(User, ap_id: activity.data["actor"]) followed = Repo.get_by(User, ap_id: activity.data["object"]) assert activity == Utils.fetch_latest_follow(follower, followed) end end describe "fetching an object" do test "it fetches an object" do {:ok, object} = ActivityPub.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") assert activity = Activity.get_create_activity_by_object_ap_id(object.data["id"]) assert activity.data["id"] {:ok, object_again} = ActivityPub.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") assert [attachment] = object.data["attachment"] assert is_list(attachment["url"]) assert object == object_again end test "it works with objects only available via Ostatus" do {:ok, object} = ActivityPub.fetch_object_from_id("https://shitposter.club/notice/2827873") assert activity = Activity.get_create_activity_by_object_ap_id(object.data["id"]) assert activity.data["id"] {:ok, object_again} = ActivityPub.fetch_object_from_id("https://shitposter.club/notice/2827873") assert object == object_again end test "it correctly stitches up conversations between ostatus and ap" do last = "https://mstdn.io/users/mayuutann/statuses/99568293732299394" {:ok, object} = ActivityPub.fetch_object_from_id(last) object = Object.get_by_ap_id(object.data["inReplyTo"]) assert object end end describe "following / unfollowing" do test "creates a follow activity" do follower = insert(:user) followed = insert(:user) {:ok, activity} = ActivityPub.follow(follower, followed) assert activity.data["type"] == "Follow" assert activity.data["actor"] == follower.ap_id assert activity.data["object"] == followed.ap_id end test "creates an undo activity for the last follow" do follower = insert(:user) followed = insert(:user) {:ok, follow_activity} = ActivityPub.follow(follower, followed) {:ok, activity} = ActivityPub.unfollow(follower, followed) assert activity.data["type"] == "Undo" assert activity.data["actor"] == follower.ap_id assert is_map(activity.data["object"]) assert activity.data["object"]["type"] == "Follow" assert activity.data["object"]["object"] == followed.ap_id assert activity.data["object"]["id"] == follow_activity.data["id"] end end describe "blocking / unblocking" do test "creates a block activity" do blocker = insert(:user) blocked = insert(:user) {:ok, activity} = ActivityPub.block(blocker, blocked) assert activity.data["type"] == "Block" assert activity.data["actor"] == blocker.ap_id assert activity.data["object"] == blocked.ap_id end test "creates an undo activity for the last block" do blocker = insert(:user) blocked = insert(:user) {:ok, block_activity} = ActivityPub.block(blocker, blocked) {:ok, activity} = ActivityPub.unblock(blocker, blocked) assert activity.data["type"] == "Undo" assert activity.data["actor"] == blocker.ap_id assert is_map(activity.data["object"]) assert activity.data["object"]["type"] == "Block" assert activity.data["object"]["object"] == blocked.ap_id assert activity.data["object"]["id"] == block_activity.data["id"] end end describe "deletion" do test "it creates a delete activity and deletes the original object" do note = insert(:note_activity) object = Object.get_by_ap_id(note.data["object"]["id"]) {:ok, delete} = ActivityPub.delete(object) assert delete.data["type"] == "Delete" assert delete.data["actor"] == note.data["actor"] assert delete.data["object"] == note.data["object"]["id"] assert Repo.get(Activity, delete.id) != nil assert Repo.get(Object, object.id).data["type"] == "Tombstone" end end describe "timeline post-processing" do test "it filters broken threads" do user1 = insert(:user) user2 = insert(:user) user3 = insert(:user) {:ok, user1} = User.follow(user1, user3) assert User.following?(user1, user3) {:ok, user2} = User.follow(user2, user3) assert User.following?(user2, user3) {:ok, user3} = User.follow(user3, user2) assert User.following?(user3, user2) {:ok, public_activity} = CommonAPI.post(user3, %{"status" => "hi 1"}) {:ok, private_activity_1} = CommonAPI.post(user3, %{"status" => "hi 2", "visibility" => "private"}) {:ok, private_activity_2} = CommonAPI.post(user2, %{ "status" => "hi 3", "visibility" => "private", "in_reply_to_status_id" => private_activity_1.id }) {:ok, private_activity_3} = CommonAPI.post(user3, %{ "status" => "hi 4", "visibility" => "private", "in_reply_to_status_id" => private_activity_2.id }) assert user1.following == [user3.ap_id <> "/followers", user1.ap_id] activities = ActivityPub.fetch_activities([user1.ap_id | user1.following]) assert [public_activity, private_activity_1, private_activity_3] == activities assert length(activities) == 3 activities = ActivityPub.contain_timeline(activities, user1) assert [public_activity, private_activity_1] == activities assert length(activities) == 2 end end test "it can fetch plume articles" do {:ok, object} = ActivityPub.fetch_object_from_id( "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/" ) assert object end describe "update" do test "it creates an update activity with the new user data" do user = insert(:user) {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) user_data = Pleroma.Web.ActivityPub.UserView.render("user.json", %{user: user}) {:ok, update} = ActivityPub.update(%{ actor: user_data["id"], to: [user.follower_address], cc: [], object: user_data }) assert update.data["actor"] == user.ap_id assert update.data["to"] == [user.follower_address] assert update.data["object"]["id"] == user_data["id"] assert update.data["object"]["type"] == user_data["type"] end end test "it can fetch peertube videos" do {:ok, object} = ActivityPub.fetch_object_from_id( "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3" ) assert object end test "returned pinned statuses" do Pleroma.Config.put([:instance, :max_pinned_statuses], 3) user = insert(:user) {:ok, activity_one} = CommonAPI.post(user, %{"status" => "HI!!!"}) {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"}) {:ok, activity_three} = CommonAPI.post(user, %{"status" => "HI!!!"}) CommonAPI.pin(activity_one.id, user) user = refresh_record(user) CommonAPI.pin(activity_two.id, user) user = refresh_record(user) CommonAPI.pin(activity_three.id, user) user = refresh_record(user) activities = ActivityPub.fetch_user_activities(user, nil, %{"pinned" => "true"}) assert 3 = length(activities) end def data_uri do File.read!("test/fixtures/avatar_data_uri") end end