squeegily
/
pleroma
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 42 Wiki Activity
Fork of Pleroma with site-specific changes and feature branches https://git.pleroma.social/pleroma/pleroma
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13185 Commits
154 Branches
503MB
Tree: 51a9f97e87
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '51a9f97e87'
${ noResults }
pleroma/test/pleroma/web/mastodon_api/views/account_view_test.exs

580 lines
19KB
Raw Blame History 

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Web.MastodonAPI.AccountViewTest do

  6.   use Pleroma.DataCase

  7. 

  8.   alias Pleroma.User

  9.   alias Pleroma.UserRelationship

  10.   alias Pleroma.Web.CommonAPI

  11.   alias Pleroma.Web.MastodonAPI.AccountView

  12. 

  13.   import Pleroma.Factory

  14.   import Tesla.Mock

  15. 

  16.   setup do

  17.     mock(fn env -> apply(HttpRequestMock, :request, [env]) end)

  18.     :ok

  19.   end

  20. 

  21.   test "Represent a user account" do

  22.     background_image = %{

  23.       "url" => [%{"href" => "https://example.com/images/asuka_hospital.png"}]

  24.     }

  25. 

  26.     user =

  27.       insert(:user, %{

  28.         follower_count: 3,

  29.         note_count: 5,

  30.         background: background_image,

  31.         nickname: "shp@shitposter.club",

  32.         name: ":karjalanpiirakka: shp",

  33.         bio:

  34.           "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f '&<>\"",

  35.         inserted_at: ~N[2017-08-15 15:47:06.597036],

  36.         emoji: %{"karjalanpiirakka" => "/file.png"},

  37.         raw_bio: "valid html. a\nb\nc\nd\nf '&<>\"",

  38.         also_known_as: ["https://shitposter.zone/users/shp"]

  39.       })

  40. 

  41.     expected = %{

  42.       id: to_string(user.id),

  43.       username: "shp",

  44.       acct: user.nickname,

  45.       display_name: user.name,

  46.       locked: false,

  47.       created_at: "2017-08-15T15:47:06.000Z",

  48.       followers_count: 3,

  49.       following_count: 0,

  50.       statuses_count: 5,

  51.       note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f &#39;&amp;&lt;&gt;&quot;",

  52.       url: user.ap_id,

  53.       avatar: "http://localhost:4001/images/avi.png",

  54.       avatar_static: "http://localhost:4001/images/avi.png",

  55.       header: "http://localhost:4001/images/banner.png",

  56.       header_static: "http://localhost:4001/images/banner.png",

  57.       emojis: [

  58.         %{

  59.           static_url: "/file.png",

  60.           url: "/file.png",

  61.           shortcode: "karjalanpiirakka",

  62.           visible_in_picker: false

  63.         }

  64.       ],

  65.       fields: [],

  66.       bot: false,

  67.       source: %{

  68.         note: "valid html. a\nb\nc\nd\nf '&<>\"",

  69.         sensitive: false,

  70.         pleroma: %{

  71.           actor_type: "Person",

  72.           discoverable: true

  73.         },

  74.         fields: []

  75.       },

  76.       fqn: "shp@shitposter.club",

  77.       pleroma: %{

  78.         ap_id: user.ap_id,

  79.         also_known_as: ["https://shitposter.zone/users/shp"],

  80.         background_image: "https://example.com/images/asuka_hospital.png",

  81.         favicon: nil,

  82.         is_confirmed: true,

  83.         tags: [],

  84.         is_admin: false,

  85.         is_moderator: false,

  86.         hide_favorites: true,

  87.         hide_followers: false,

  88.         hide_follows: false,

  89.         hide_followers_count: false,

  90.         hide_follows_count: false,

  91.         relationship: %{},

  92.         skip_thread_containment: false,

  93.         accepts_chat_messages: nil

  94.       }

  95.     }

  96. 

  97.     assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  98.   end

  99. 

  100.   describe "favicon" do

  101.     setup do

  102.       [user: insert(:user)]

  103.     end

  104. 

  105.     test "is parsed when :instance_favicons is enabled", %{user: user} do

  106.       clear_config([:instances_favicons, :enabled], true)

  107. 

  108.       assert %{

  109.                pleroma: %{

  110.                  favicon:

  111.                    "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png"

  112.                }

  113.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  114.     end

  115. 

  116.     test "is nil when :instances_favicons is disabled", %{user: user} do

  117.       assert %{pleroma: %{favicon: nil}} =

  118.                AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  119.     end

  120.   end

  121. 

  122.   test "Represent the user account for the account owner" do

  123.     user = insert(:user)

  124. 

  125.     notification_settings = %{

  126.       block_from_strangers: false,

  127.       hide_notification_contents: false

  128.     }

  129. 

  130.     privacy = user.default_scope

  131. 

  132.     assert %{

  133.              pleroma: %{notification_settings: ^notification_settings, allow_following_move: true},

  134.              source: %{privacy: ^privacy}

  135.            } = AccountView.render("show.json", %{user: user, for: user})

  136.   end

  137. 

  138.   test "Represent a Service(bot) account" do

  139.     user =

  140.       insert(:user, %{

  141.         follower_count: 3,

  142.         note_count: 5,

  143.         actor_type: "Service",

  144.         nickname: "shp@shitposter.club",

  145.         inserted_at: ~N[2017-08-15 15:47:06.597036]

  146.       })

  147. 

  148.     expected = %{

  149.       id: to_string(user.id),

  150.       username: "shp",

  151.       acct: user.nickname,

  152.       display_name: user.name,

  153.       locked: false,

  154.       created_at: "2017-08-15T15:47:06.000Z",

  155.       followers_count: 3,

  156.       following_count: 0,

  157.       statuses_count: 5,

  158.       note: user.bio,

  159.       url: user.ap_id,

  160.       avatar: "http://localhost:4001/images/avi.png",

  161.       avatar_static: "http://localhost:4001/images/avi.png",

  162.       header: "http://localhost:4001/images/banner.png",

  163.       header_static: "http://localhost:4001/images/banner.png",

  164.       emojis: [],

  165.       fields: [],

  166.       bot: true,

  167.       source: %{

  168.         note: user.bio,

  169.         sensitive: false,

  170.         pleroma: %{

  171.           actor_type: "Service",

  172.           discoverable: true

  173.         },

  174.         fields: []

  175.       },

  176.       fqn: "shp@shitposter.club",

  177.       pleroma: %{

  178.         ap_id: user.ap_id,

  179.         also_known_as: [],

  180.         background_image: nil,

  181.         favicon: nil,

  182.         is_confirmed: true,

  183.         tags: [],

  184.         is_admin: false,

  185.         is_moderator: false,

  186.         hide_favorites: true,

  187.         hide_followers: false,

  188.         hide_follows: false,

  189.         hide_followers_count: false,

  190.         hide_follows_count: false,

  191.         relationship: %{},

  192.         skip_thread_containment: false,

  193.         accepts_chat_messages: nil

  194.       }

  195.     }

  196. 

  197.     assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  198.   end

  199. 

  200.   test "Represent a Funkwhale channel" do

  201.     {:ok, user} =

  202.       User.get_or_fetch_by_ap_id(

  203.         "https://channels.tests.funkwhale.audio/federation/actors/compositions"

  204.       )

  205. 

  206.     assert represented =

  207.              AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  208. 

  209.     assert represented.acct == "compositions@channels.tests.funkwhale.audio"

  210.     assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"

  211.   end

  212. 

  213.   test "Represent a deactivated user for an admin" do

  214.     admin = insert(:user, is_admin: true)

  215.     deactivated_user = insert(:user, is_active: false)

  216.     represented = AccountView.render("show.json", %{user: deactivated_user, for: admin})

  217.     assert represented[:pleroma][:deactivated] == true

  218.   end

  219. 

  220.   test "Represent a smaller mention" do

  221.     user = insert(:user)

  222. 

  223.     expected = %{

  224.       id: to_string(user.id),

  225.       acct: user.nickname,

  226.       username: user.nickname,

  227.       url: user.ap_id

  228.     }

  229. 

  230.     assert expected == AccountView.render("mention.json", %{user: user})

  231.   end

  232. 

  233.   test "demands :for or :skip_visibility_check option for account rendering" do

  234.     clear_config([:restrict_unauthenticated, :profiles, :local], false)

  235. 

  236.     user = insert(:user)

  237.     user_id = user.id

  238. 

  239.     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil})

  240.     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user})

  241. 

  242.     assert %{id: ^user_id} =

  243.              AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  244. 

  245.     assert_raise RuntimeError, ~r/:skip_visibility_check or :for option is required/, fn ->

  246.       AccountView.render("show.json", %{user: user})

  247.     end

  248.   end

  249. 

  250.   describe "relationship" do

  251.     defp test_relationship_rendering(user, other_user, expected_result) do

  252.       opts = %{user: user, target: other_user, relationships: nil}

  253.       assert expected_result == AccountView.render("relationship.json", opts)

  254. 

  255.       relationships_opt = UserRelationship.view_relationships_option(user, [other_user])

  256.       opts = Map.put(opts, :relationships, relationships_opt)

  257.       assert expected_result == AccountView.render("relationship.json", opts)

  258. 

  259.       assert [expected_result] ==

  260.                AccountView.render("relationships.json", %{user: user, targets: [other_user]})

  261.     end

  262. 

  263.     @blank_response %{

  264.       following: false,

  265.       followed_by: false,

  266.       blocking: false,

  267.       blocked_by: false,

  268.       muting: false,

  269.       muting_notifications: false,

  270.       subscribing: false,

  271.       requested: false,

  272.       domain_blocking: false,

  273.       showing_reblogs: true,

  274.       endorsed: false

  275.     }

  276. 

  277.     test "represent a relationship for the following and followed user" do

  278.       user = insert(:user)

  279.       other_user = insert(:user)

  280. 

  281.       {:ok, user, other_user} = User.follow(user, other_user)

  282.       {:ok, other_user, user} = User.follow(other_user, user)

  283.       {:ok, _subscription} = User.subscribe(user, other_user)

  284.       {:ok, _user_relationships} = User.mute(user, other_user, %{notifications: true})

  285.       {:ok, _reblog_mute} = CommonAPI.hide_reblogs(user, other_user)

  286. 

  287.       expected =

  288.         Map.merge(

  289.           @blank_response,

  290.           %{

  291.             following: true,

  292.             followed_by: true,

  293.             muting: true,

  294.             muting_notifications: true,

  295.             subscribing: true,

  296.             showing_reblogs: false,

  297.             id: to_string(other_user.id)

  298.           }

  299.         )

  300. 

  301.       test_relationship_rendering(user, other_user, expected)

  302.     end

  303. 

  304.     test "represent a relationship for the blocking and blocked user" do

  305.       user = insert(:user)

  306.       other_user = insert(:user)

  307. 

  308.       {:ok, user, other_user} = User.follow(user, other_user)

  309.       {:ok, _subscription} = User.subscribe(user, other_user)

  310.       {:ok, _user_relationship} = User.block(user, other_user)

  311.       {:ok, _user_relationship} = User.block(other_user, user)

  312. 

  313.       expected =

  314.         Map.merge(

  315.           @blank_response,

  316.           %{following: false, blocking: true, blocked_by: true, id: to_string(other_user.id)}

  317.         )

  318. 

  319.       test_relationship_rendering(user, other_user, expected)

  320.     end

  321. 

  322.     test "represent a relationship for the user blocking a domain" do

  323.       user = insert(:user)

  324.       other_user = insert(:user, ap_id: "https://bad.site/users/other_user")

  325. 

  326.       {:ok, user} = User.block_domain(user, "bad.site")

  327. 

  328.       expected =

  329.         Map.merge(

  330.           @blank_response,

  331.           %{domain_blocking: true, blocking: false, id: to_string(other_user.id)}

  332.         )

  333. 

  334.       test_relationship_rendering(user, other_user, expected)

  335.     end

  336. 

  337.     test "represent a relationship for the user with a pending follow request" do

  338.       user = insert(:user)

  339.       other_user = insert(:user, is_locked: true)

  340. 

  341.       {:ok, user, other_user, _} = CommonAPI.follow(user, other_user)

  342.       user = User.get_cached_by_id(user.id)

  343.       other_user = User.get_cached_by_id(other_user.id)

  344. 

  345.       expected =

  346.         Map.merge(

  347.           @blank_response,

  348.           %{requested: true, following: false, id: to_string(other_user.id)}

  349.         )

  350. 

  351.       test_relationship_rendering(user, other_user, expected)

  352.     end

  353.   end

  354. 

  355.   test "returns the settings store if the requesting user is the represented user and it's requested specifically" do

  356.     user = insert(:user, pleroma_settings_store: %{fe: "test"})

  357. 

  358.     result =

  359.       AccountView.render("show.json", %{user: user, for: user, with_pleroma_settings: true})

  360. 

  361.     assert result.pleroma.settings_store == %{:fe => "test"}

  362. 

  363.     result = AccountView.render("show.json", %{user: user, for: nil, with_pleroma_settings: true})

  364.     assert result.pleroma[:settings_store] == nil

  365. 

  366.     result = AccountView.render("show.json", %{user: user, for: user})

  367.     assert result.pleroma[:settings_store] == nil

  368.   end

  369. 

  370.   test "doesn't sanitize display names" do

  371.     user = insert(:user, name: "<marquee> username </marquee>")

  372.     result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  373.     assert result.display_name == "<marquee> username </marquee>"

  374.   end

  375. 

  376.   test "never display nil user follow counts" do

  377.     user = insert(:user, following_count: 0, follower_count: 0)

  378.     result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  379. 

  380.     assert result.following_count == 0

  381.     assert result.followers_count == 0

  382.   end

  383. 

  384.   describe "hiding follows/following" do

  385.     test "shows when follows/followers stats are hidden and sets follow/follower count to 0" do

  386.       user =

  387.         insert(:user, %{

  388.           hide_followers: true,

  389.           hide_followers_count: true,

  390.           hide_follows: true,

  391.           hide_follows_count: true

  392.         })

  393. 

  394.       other_user = insert(:user)

  395.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  396.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  397. 

  398.       assert %{

  399.                followers_count: 0,

  400.                following_count: 0,

  401.                pleroma: %{hide_follows_count: true, hide_followers_count: true}

  402.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  403.     end

  404. 

  405.     test "shows when follows/followers are hidden" do

  406.       user = insert(:user, hide_followers: true, hide_follows: true)

  407.       other_user = insert(:user)

  408.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  409.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  410. 

  411.       assert %{

  412.                followers_count: 1,

  413.                following_count: 1,

  414.                pleroma: %{hide_follows: true, hide_followers: true}

  415.              } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  416.     end

  417. 

  418.     test "shows actual follower/following count to the account owner" do

  419.       user = insert(:user, hide_followers: true, hide_follows: true)

  420.       other_user = insert(:user)

  421.       {:ok, user, other_user, _activity} = CommonAPI.follow(user, other_user)

  422. 

  423.       assert User.following?(user, other_user)

  424.       assert Pleroma.FollowingRelationship.follower_count(other_user) == 1

  425.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  426. 

  427.       assert %{

  428.                followers_count: 1,

  429.                following_count: 1

  430.              } = AccountView.render("show.json", %{user: user, for: user})

  431.     end

  432. 

  433.     test "shows unread_conversation_count only to the account owner" do

  434.       user = insert(:user)

  435.       other_user = insert(:user)

  436. 

  437.       {:ok, _activity} =

  438.         CommonAPI.post(other_user, %{

  439.           status: "Hey @#{user.nickname}.",

  440.           visibility: "direct"

  441.         })

  442. 

  443.       user = User.get_cached_by_ap_id(user.ap_id)

  444. 

  445.       assert AccountView.render("show.json", %{user: user, for: other_user})[:pleroma][

  446.                :unread_conversation_count

  447.              ] == nil

  448. 

  449.       assert AccountView.render("show.json", %{user: user, for: user})[:pleroma][

  450.                :unread_conversation_count

  451.              ] == 1

  452.     end

  453. 

  454.     test "shows unread_count only to the account owner" do

  455.       user = insert(:user)

  456.       insert_list(7, :notification, user: user, activity: insert(:note_activity))

  457.       other_user = insert(:user)

  458. 

  459.       user = User.get_cached_by_ap_id(user.ap_id)

  460. 

  461.       assert AccountView.render(

  462.                "show.json",

  463.                %{user: user, for: other_user}

  464.              )[:pleroma][:unread_notifications_count] == nil

  465. 

  466.       assert AccountView.render(

  467.                "show.json",

  468.                %{user: user, for: user}

  469.              )[:pleroma][:unread_notifications_count] == 7

  470.     end

  471.   end

  472. 

  473.   describe "follow requests counter" do

  474.     test "shows zero when no follow requests are pending" do

  475.       user = insert(:user)

  476. 

  477.       assert %{follow_requests_count: 0} =

  478.                AccountView.render("show.json", %{user: user, for: user})

  479. 

  480.       other_user = insert(:user)

  481.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  482. 

  483.       assert %{follow_requests_count: 0} =

  484.                AccountView.render("show.json", %{user: user, for: user})

  485.     end

  486. 

  487.     test "shows non-zero when follow requests are pending" do

  488.       user = insert(:user, is_locked: true)

  489. 

  490.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  491. 

  492.       other_user = insert(:user)

  493.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  494. 

  495.       assert %{locked: true, follow_requests_count: 1} =

  496.                AccountView.render("show.json", %{user: user, for: user})

  497.     end

  498. 

  499.     test "decreases when accepting a follow request" do

  500.       user = insert(:user, is_locked: true)

  501. 

  502.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  503. 

  504.       other_user = insert(:user)

  505.       {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)

  506. 

  507.       assert %{locked: true, follow_requests_count: 1} =

  508.                AccountView.render("show.json", %{user: user, for: user})

  509. 

  510.       {:ok, _other_user} = CommonAPI.accept_follow_request(other_user, user)

  511. 

  512.       assert %{locked: true, follow_requests_count: 0} =

  513.                AccountView.render("show.json", %{user: user, for: user})

  514.     end

  515. 

  516.     test "decreases when rejecting a follow request" do

  517.       user = insert(:user, is_locked: true)

  518. 

  519.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  520. 

  521.       other_user = insert(:user)

  522.       {:ok, other_user, user, _activity} = CommonAPI.follow(other_user, user)

  523. 

  524.       assert %{locked: true, follow_requests_count: 1} =

  525.                AccountView.render("show.json", %{user: user, for: user})

  526. 

  527.       {:ok, _other_user} = CommonAPI.reject_follow_request(other_user, user)

  528. 

  529.       assert %{locked: true, follow_requests_count: 0} =

  530.                AccountView.render("show.json", %{user: user, for: user})

  531.     end

  532. 

  533.     test "shows non-zero when historical unapproved requests are present" do

  534.       user = insert(:user, is_locked: true)

  535. 

  536.       assert %{locked: true} = AccountView.render("show.json", %{user: user, for: user})

  537. 

  538.       other_user = insert(:user)

  539.       {:ok, _other_user, user, _activity} = CommonAPI.follow(other_user, user)

  540. 

  541.       {:ok, user} = User.update_and_set_cache(user, %{is_locked: false})

  542. 

  543.       assert %{locked: false, follow_requests_count: 1} =

  544.                AccountView.render("show.json", %{user: user, for: user})

  545.     end

  546.   end

  547. 

  548.   test "uses mediaproxy urls when it's enabled (regardless of media preview proxy state)" do

  549.     clear_config([:media_proxy, :enabled], true)

  550.     clear_config([:media_preview_proxy, :enabled])

  551. 

  552.     user =

  553.       insert(:user,

  554.         avatar: %{"url" => [%{"href" => "https://evil.website/avatar.png"}]},

  555.         banner: %{"url" => [%{"href" => "https://evil.website/banner.png"}]},

  556.         emoji: %{"joker_smile" => "https://evil.website/society.png"}

  557.       )

  558. 

  559.     with media_preview_enabled <- [false, true] do

  560.       clear_config([:media_preview_proxy, :enabled], media_preview_enabled)

  561. 

  562.       AccountView.render("show.json", %{user: user, skip_visibility_check: true})

  563.       |> Enum.all?(fn

  564.         {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->

  565.           String.starts_with?(url, Pleroma.Web.Endpoint.url())

  566. 

  567.         {:emojis, emojis} ->

  568.           Enum.all?(emojis, fn %{url: url, static_url: static_url} ->

  569.             String.starts_with?(url, Pleroma.Web.Endpoint.url()) &&

  570.               String.starts_with?(static_url, Pleroma.Web.Endpoint.url())

  571.           end)

  572. 

  573.         _ ->

  574.           true

  575.       end)

  576.       |> assert()

  577.     end

  578.   end

  579. end