twitter_api_controller_test.exs 38.5 KB
Newer Older
1
2
defmodule Pleroma.Web.TwitterAPI.ControllerTest do
  use Pleroma.Web.ConnCase
dtluna's avatar
dtluna committed
3
  alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
lain's avatar
lain committed
4
  alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
5
  alias Pleroma.{Repo, Activity, User, Object, Notification}
lain's avatar
lain committed
6
  alias Pleroma.Web.ActivityPub.ActivityPub
dtluna's avatar
dtluna committed
7
  alias Pleroma.Web.TwitterAPI.UserView
8
  alias Pleroma.Web.TwitterAPI.NotificationView
lain's avatar
lain committed
9
  alias Pleroma.Web.CommonAPI
eal's avatar
eal committed
10
  alias Pleroma.Web.TwitterAPI.TwitterAPI
11
  alias Comeonin.Pbkdf2
12

lain's avatar
lain committed
13
  import Pleroma.Factory
14

15
16
17
18
19
20
21
22
23
24
25
26
  describe "POST /api/account/update_profile_banner" do
    test "it updates the banner", %{conn: conn} do
      user = insert(:user)

      new_banner =
        "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"

      response =
        conn
        |> assign(:user, user)
        |> post(authenticated_twitter_api__path(conn, :update_banner), %{"banner" => new_banner})
        |> json_response(200)
lain's avatar
lain committed
27
28
29

      user = Repo.get(User, user.id)
      assert user.info.banner["type"] == "Image"
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
    end
  end

  describe "POST /api/qvitter/update_background_image" do
    test "it updates the background", %{conn: conn} do
      user = insert(:user)

      new_bg =
        "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"

      response =
        conn
        |> assign(:user, user)
        |> post(authenticated_twitter_api__path(conn, :update_background), %{"img" => new_bg})
        |> json_response(200)
lain's avatar
lain committed
45
46
47

      user = Repo.get(User, user.id)
      assert user.info.background["type"] == "Image"
48
49
50
    end
  end

51
52
  describe "POST /api/account/verify_credentials" do
    setup [:valid_user]
lain's avatar
lain committed
53

54
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
55
      conn = post(conn, "/api/account/verify_credentials.json")
56
57
58
59
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: user} do
lain's avatar
lain committed
60
61
      conn =
        conn
62
63
64
        |> with_credentials(user.nickname, "test")
        |> post("/api/account/verify_credentials.json")

lain's avatar
lain committed
65
66
      assert response = json_response(conn, 200)
      assert response == UserView.render("show.json", %{user: user, token: response["token"]})
67
68
69
    end
  end

lain's avatar
lain committed
70
71
  describe "POST /statuses/update.json" do
    setup [:valid_user]
lain's avatar
lain committed
72

lain's avatar
lain committed
73
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
74
      conn = post(conn, "/api/statuses/update.json")
lain's avatar
lain committed
75
76
77
78
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: user} do
dtluna's avatar
dtluna committed
79
80
81
      conn_with_creds = conn |> with_credentials(user.nickname, "test")
      request_path = "/api/statuses/update.json"

lain's avatar
lain committed
82
83
84
85
86
      error_response = %{
        "request" => request_path,
        "error" => "Client must provide a 'status' parameter with a value."
      }

dtluna's avatar
dtluna committed
87
88
89
      conn = conn_with_creds |> post(request_path)
      assert json_response(conn, 400) == error_response

lain's avatar
lain committed
90
      conn = conn_with_creds |> post(request_path, %{status: ""})
dtluna's avatar
dtluna committed
91
      assert json_response(conn, 400) == error_response
lain's avatar
lain committed
92

lain's avatar
lain committed
93
      conn = conn_with_creds |> post(request_path, %{status: " "})
dtluna's avatar
dtluna committed
94
95
      assert json_response(conn, 400) == error_response

96
97
      # we post with visibility private in order to avoid triggering relay
      conn = conn_with_creds |> post(request_path, %{status: "Nice meme.", visibility: "private"})
lain's avatar
lain committed
98
99
100

      assert json_response(conn, 200) ==
               ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
lain's avatar
lain committed
101
102
103
    end
  end

lain's avatar
lain committed
104
105
  describe "GET /statuses/public_timeline.json" do
    test "returns statuses", %{conn: conn} do
lain's avatar
lain committed
106
      user = insert(:user)
lain's avatar
lain committed
107
108
109
110
      activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
      ActivityBuilder.insert_list(10, %{}, %{user: user})
      since_id = List.last(activities).id

lain's avatar
lain committed
111
112
      conn =
        conn
lain's avatar
lain committed
113
114
115
116
117
118
        |> get("/api/statuses/public_timeline.json", %{since_id: since_id})

      response = json_response(conn, 200)

      assert length(response) == 10
    end
href's avatar
href committed
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168

    test "returns 403 to unauthenticated request when the instance is not public" do
      instance =
        Application.get_env(:pleroma, :instance)
        |> Keyword.put(:public, false)

      Application.put_env(:pleroma, :instance, instance)

      conn
      |> get("/api/statuses/public_timeline.json")
      |> json_response(403)

      instance =
        Application.get_env(:pleroma, :instance)
        |> Keyword.put(:public, true)

      Application.put_env(:pleroma, :instance, instance)
    end

    test "returns 200 to unauthenticated request when the instance is public" do
      conn
      |> get("/api/statuses/public_timeline.json")
      |> json_response(200)
    end
  end

  describe "GET /statuses/public_and_external_timeline.json" do
    test "returns 403 to unauthenticated request when the instance is not public" do
      instance =
        Application.get_env(:pleroma, :instance)
        |> Keyword.put(:public, false)

      Application.put_env(:pleroma, :instance, instance)

      conn
      |> get("/api/statuses/public_and_external_timeline.json")
      |> json_response(403)

      instance =
        Application.get_env(:pleroma, :instance)
        |> Keyword.put(:public, true)

      Application.put_env(:pleroma, :instance, instance)
    end

    test "returns 200 to unauthenticated request when the instance is public" do
      conn
      |> get("/api/statuses/public_and_external_timeline.json")
      |> json_response(200)
    end
lain's avatar
lain committed
169
170
  end

lain's avatar
lain committed
171
172
  describe "GET /statuses/show/:id.json" do
    test "returns one status", %{conn: conn} do
lain's avatar
lain committed
173
174
      user = insert(:user)
      {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
lain's avatar
lain committed
175
176
      actor = Repo.get_by!(User, ap_id: activity.data["actor"])

lain's avatar
lain committed
177
178
179
      conn =
        conn
        |> get("/api/statuses/show/#{activity.id}.json")
lain's avatar
lain committed
180
181
182

      response = json_response(conn, 200)

lain's avatar
lain committed
183
      assert response == ActivityRepresenter.to_map(activity, %{user: actor})
lain's avatar
lain committed
184
185
186
    end
  end

eal's avatar
eal committed
187
188
189
190
  describe "GET /users/show.json" do
    test "gets user with screen_name", %{conn: conn} do
      user = insert(:user)

lain's avatar
lain committed
191
192
193
      conn =
        conn
        |> get("/api/users/show.json", %{"screen_name" => user.nickname})
eal's avatar
eal committed
194
195
196
197
198
199
200
201
202

      response = json_response(conn, 200)

      assert response["id"] == user.id
    end

    test "gets user with user_id", %{conn: conn} do
      user = insert(:user)

lain's avatar
lain committed
203
204
205
      conn =
        conn
        |> get("/api/users/show.json", %{"user_id" => user.id})
eal's avatar
eal committed
206
207
208
209
210
211
212
213
214
215
216
217

      response = json_response(conn, 200)

      assert response["id"] == user.id
    end

    test "gets a user for a logged in user", %{conn: conn} do
      user = insert(:user)
      logged_in = insert(:user)

      {:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})

lain's avatar
lain committed
218
219
220
221
      conn =
        conn
        |> with_credentials(logged_in.nickname, "test")
        |> get("/api/users/show.json", %{"user_id" => user.id})
eal's avatar
eal committed
222
223
224
225
226
227
228

      response = json_response(conn, 200)

      assert response["following"] == true
    end
  end

229
230
  describe "GET /statusnet/conversation/:id.json" do
    test "returns the statuses in the conversation", %{conn: conn} do
lain's avatar
lain committed
231
      {:ok, _user} = UserBuilder.insert()
232
      {:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
233
234
      {:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
      {:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})
235

lain's avatar
lain committed
236
237
      conn =
        conn
238
        |> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")
239
240
241
242
243
244
245

      response = json_response(conn, 200)

      assert length(response) == 2
    end
  end

lain's avatar
lain committed
246
247
  describe "GET /statuses/friends_timeline.json" do
    setup [:valid_user]
lain's avatar
lain committed
248

lain's avatar
lain committed
249
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
250
      conn = get(conn, "/api/statuses/friends_timeline.json")
lain's avatar
lain committed
251
252
253
254
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
lain's avatar
lain committed
255
      user = insert(:user)
lain's avatar
lain committed
256
257
258
259
260
261
262

      activities =
        ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})

      returned_activities =
        ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})

lain's avatar
lain committed
263
      other_user = insert(:user)
lain's avatar
lain committed
264
265
266
      ActivityBuilder.insert_list(10, %{}, %{user: other_user})
      since_id = List.last(activities).id

lain's avatar
lain committed
267
268
269
      current_user =
        Ecto.Changeset.change(current_user, following: [User.ap_followers(user)])
        |> Repo.update!()
lain's avatar
lain committed
270

lain's avatar
lain committed
271
272
      conn =
        conn
lain's avatar
lain committed
273
274
275
276
277
278
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/statuses/friends_timeline.json", %{since_id: since_id})

      response = json_response(conn, 200)

      assert length(response) == 10
lain's avatar
lain committed
279
280
281
282
283
284
285
286

      assert response ==
               Enum.map(returned_activities, fn activity ->
                 ActivityRepresenter.to_map(activity, %{
                   user: User.get_cached_by_ap_id(activity.data["actor"]),
                   for: current_user
                 })
               end)
lain's avatar
lain committed
287
288
289
    end
  end

lain's avatar
lain committed
290
291
292
293
294
295
296
297
298
299
300
301
302
  describe "GET /statuses/dm_timeline.json" do
    test "it show direct messages", %{conn: conn} do
      user_one = insert(:user)
      user_two = insert(:user)

      {:ok, user_two} = User.follow(user_two, user_one)

      {:ok, direct} =
        CommonAPI.post(user_one, %{
          "status" => "Hi @#{user_two.nickname}!",
          "visibility" => "direct"
        })

303
304
305
306
307
308
      {:ok, direct_two} =
        CommonAPI.post(user_two, %{
          "status" => "Hi @#{user_one.nickname}!",
          "visibility" => "direct"
        })

lain's avatar
lain committed
309
310
311
312
313
314
315
316
317
318
319
320
      {:ok, _follower_only} =
        CommonAPI.post(user_one, %{
          "status" => "Hi @#{user_two.nickname}!",
          "visibility" => "private"
        })

      # Only direct should be visible here
      res_conn =
        conn
        |> assign(:user, user_two)
        |> get("/api/statuses/dm_timeline.json")

321
322
323
      [status, status_two] = json_response(res_conn, 200)
      assert status["id"] == direct_two.id
      assert status_two["id"] == direct.id
lain's avatar
lain committed
324
325
326
    end
  end

dtluna's avatar
dtluna committed
327
328
  describe "GET /statuses/mentions.json" do
    setup [:valid_user]
lain's avatar
lain committed
329

dtluna's avatar
dtluna committed
330
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
331
      conn = get(conn, "/api/statuses/mentions.json")
dtluna's avatar
dtluna committed
332
333
334
335
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
lain's avatar
lain committed
336
337
      {:ok, activity} =
        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})
dtluna's avatar
dtluna committed
338

lain's avatar
lain committed
339
340
      conn =
        conn
dtluna's avatar
dtluna committed
341
342
343
344
345
346
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/statuses/mentions.json")

      response = json_response(conn, 200)

      assert length(response) == 1
lain's avatar
lain committed
347
348
349
350
351
352

      assert Enum.at(response, 0) ==
               ActivityRepresenter.to_map(activity, %{
                 user: current_user,
                 mentioned: [current_user]
               })
dtluna's avatar
dtluna committed
353
354
355
    end
  end

356
357
358
359
360
361
362
363
364
  describe "GET /api/qvitter/statuses/notifications.json" do
    setup [:valid_user]

    test "without valid credentials", %{conn: conn} do
      conn = get(conn, "/api/qvitter/statuses/notifications.json")
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
365
366
      other_user = insert(:user)

367
      {:ok, _activity} =
368
        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
369
370
371
372
373
374
375
376
377
378
379

      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/qvitter/statuses/notifications.json")

      response = json_response(conn, 200)

      assert length(response) == 1

      assert response ==
lain's avatar
lain committed
380
381
382
383
               NotificationView.render("notification.json", %{
                 notifications: Notification.for_user(current_user),
                 for: current_user
               })
384
385
386
    end
  end

387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
  describe "POST /api/qvitter/statuses/notifications/read" do
    setup [:valid_user]

    test "without valid credentials", %{conn: conn} do
      conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567})
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials, without any params", %{conn: conn, user: current_user} do
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/qvitter/statuses/notifications/read")

      assert json_response(conn, 400) == %{
               "error" => "You need to specify latest_id",
               "request" => "/api/qvitter/statuses/notifications/read"
             }
    end

    test "with credentials, with params", %{conn: conn, user: current_user} do
      other_user = insert(:user)

      {:ok, _activity} =
        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})

      response_conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/qvitter/statuses/notifications.json")

      [notification] = response = json_response(response_conn, 200)

      assert length(response) == 1

      assert notification["is_seen"] == 0

      response_conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]})

      [notification] = response = json_response(response_conn, 200)

      assert length(response) == 1

      assert notification["is_seen"] == 1
    end
  end

dtluna's avatar
dtluna committed
437
438
  describe "GET /statuses/user_timeline.json" do
    setup [:valid_user]
lain's avatar
lain committed
439

dtluna's avatar
dtluna committed
440
441
    test "without any params", %{conn: conn} do
      conn = get(conn, "/api/statuses/user_timeline.json")
lain's avatar
lain committed
442
443
444
445
446

      assert json_response(conn, 400) == %{
               "error" => "You need to specify screen_name or user_id",
               "request" => "/api/statuses/user_timeline.json"
             }
dtluna's avatar
dtluna committed
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
    end

    test "with user_id", %{conn: conn} do
      user = insert(:user)
      {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

      conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
      response = json_response(conn, 200)
      assert length(response) == 1
      assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
    end

    test "with screen_name", %{conn: conn} do
      user = insert(:user)
      {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

      conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
      response = json_response(conn, 200)
      assert length(response) == 1
      assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
    end

    test "with credentials", %{conn: conn, user: current_user} do
      {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})
lain's avatar
lain committed
471
472
473
474
475

      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/statuses/user_timeline.json")
dtluna's avatar
dtluna committed
476
477
478
479
480
481
482
483
484
485

      response = json_response(conn, 200)

      assert length(response) == 1
      assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
    end

    test "with credentials with user_id", %{conn: conn, user: current_user} do
      user = insert(:user)
      {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
lain's avatar
lain committed
486
487
488
489
490

      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})
dtluna's avatar
dtluna committed
491
492
493
494
495
496
497
498
499
500

      response = json_response(conn, 200)

      assert length(response) == 1
      assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
    end

    test "with credentials screen_name", %{conn: conn, user: current_user} do
      user = insert(:user)
      {:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})
lain's avatar
lain committed
501
502
503
504
505

      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
dtluna's avatar
dtluna committed
506
507
508
509
510
511
512
513

      response = json_response(conn, 200)

      assert length(response) == 1
      assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
    end
  end

lain's avatar
lain committed
514
515
  describe "POST /friendships/create.json" do
    setup [:valid_user]
lain's avatar
lain committed
516

lain's avatar
lain committed
517
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
518
      conn = post(conn, "/api/friendships/create.json")
lain's avatar
lain committed
519
520
521
522
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
lain's avatar
lain committed
523
      followed = insert(:user)
lain's avatar
lain committed
524

lain's avatar
lain committed
525
526
527
528
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/friendships/create.json", %{user_id: followed.id})
lain's avatar
lain committed
529
530

      current_user = Repo.get(User, current_user.id)
531
      assert User.ap_followers(followed) in current_user.following
lain's avatar
lain committed
532
533
534

      assert json_response(conn, 200) ==
               UserView.render("show.json", %{user: followed, for: current_user})
lain's avatar
lain committed
535
536
537
    end
  end

lain's avatar
lain committed
538
539
  describe "POST /friendships/destroy.json" do
    setup [:valid_user]
lain's avatar
lain committed
540

lain's avatar
lain committed
541
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
542
      conn = post(conn, "/api/friendships/destroy.json")
lain's avatar
lain committed
543
544
545
546
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
lain's avatar
lain committed
547
      followed = insert(:user)
lain's avatar
lain committed
548
549

      {:ok, current_user} = User.follow(current_user, followed)
550
      assert User.ap_followers(followed) in current_user.following
551
      ActivityPub.follow(current_user, followed)
lain's avatar
lain committed
552

lain's avatar
lain committed
553
554
555
556
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/friendships/destroy.json", %{user_id: followed.id})
lain's avatar
lain committed
557
558

      current_user = Repo.get(User, current_user.id)
559
      assert current_user.following == [current_user.ap_id]
lain's avatar
lain committed
560
561
562

      assert json_response(conn, 200) ==
               UserView.render("show.json", %{user: followed, for: current_user})
lain's avatar
lain committed
563
564
565
    end
  end

eal's avatar
eal committed
566
567
  describe "POST /blocks/create.json" do
    setup [:valid_user]
lain's avatar
lain committed
568

eal's avatar
eal committed
569
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
570
      conn = post(conn, "/api/blocks/create.json")
eal's avatar
eal committed
571
572
573
574
575
576
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      blocked = insert(:user)

lain's avatar
lain committed
577
578
579
580
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/blocks/create.json", %{user_id: blocked.id})
eal's avatar
eal committed
581
582
583

      current_user = Repo.get(User, current_user.id)
      assert User.blocks?(current_user, blocked)
lain's avatar
lain committed
584
585
586

      assert json_response(conn, 200) ==
               UserView.render("show.json", %{user: blocked, for: current_user})
eal's avatar
eal committed
587
588
589
590
591
    end
  end

  describe "POST /blocks/destroy.json" do
    setup [:valid_user]
lain's avatar
lain committed
592

eal's avatar
eal committed
593
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
594
      conn = post(conn, "/api/blocks/destroy.json")
eal's avatar
eal committed
595
596
597
598
599
600
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      blocked = insert(:user)

normandy's avatar
normandy committed
601
      {:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
eal's avatar
eal committed
602
603
      assert User.blocks?(current_user, blocked)

lain's avatar
lain committed
604
605
606
607
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/blocks/destroy.json", %{user_id: blocked.id})
eal's avatar
eal committed
608
609

      current_user = Repo.get(User, current_user.id)
lain's avatar
lain committed
610
      assert current_user.info.blocks == []
lain's avatar
lain committed
611
612
613

      assert json_response(conn, 200) ==
               UserView.render("show.json", %{user: blocked, for: current_user})
eal's avatar
eal committed
614
615
616
    end
  end

dtluna's avatar
dtluna committed
617
618
  describe "GET /help/test.json" do
    test "returns \"ok\"", %{conn: conn} do
lain's avatar
lain committed
619
      conn = get(conn, "/api/help/test.json")
dtluna's avatar
dtluna committed
620
      assert json_response(conn, 200) == "ok"
lain's avatar
lain committed
621
    end
622
623
  end

lain's avatar
lain committed
624
625
  describe "POST /api/qvitter/update_avatar.json" do
    setup [:valid_user]
lain's avatar
lain committed
626

lain's avatar
lain committed
627
    test "without valid credentials", %{conn: conn} do
lain's avatar
lain committed
628
      conn = post(conn, "/api/qvitter/update_avatar.json")
lain's avatar
lain committed
629
630
631
632
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
lain's avatar
lain committed
633
      avatar_image = File.read!("test/fixtures/avatar_data_uri")
lain's avatar
lain committed
634
635
636
637
638

      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/qvitter/update_avatar.json", %{img: avatar_image})
lain's avatar
lain committed
639
640
641

      current_user = Repo.get(User, current_user.id)
      assert is_map(current_user.avatar)
lain's avatar
lain committed
642
643
644

      assert json_response(conn, 200) ==
               UserView.render("show.json", %{user: current_user, for: current_user})
lain's avatar
lain committed
645
646
647
    end
  end

648
649
650
651
652
653
654
655
656
657
658
659
660
  describe "GET /api/qvitter/mutes.json" do
    setup [:valid_user]

    test "unimplemented mutes without valid credentials", %{conn: conn} do
      conn = get(conn, "/api/qvitter/mutes.json")
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> get("/api/qvitter/mutes.json")
Vivian Lim's avatar
Vivian Lim committed
661

662
663
      current_user = Repo.get(User, current_user.id)

664
      assert [] = json_response(conn, 200)
665
666
667
    end
  end

lain's avatar
lain committed
668
669
  describe "POST /api/favorites/create/:id" do
    setup [:valid_user]
lain's avatar
lain committed
670

lain's avatar
lain committed
671
672
    test "without valid credentials", %{conn: conn} do
      note_activity = insert(:note_activity)
lain's avatar
lain committed
673
      conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
lain's avatar
lain committed
674
675
676
677
678
679
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      note_activity = insert(:note_activity)

lain's avatar
lain committed
680
681
682
683
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/favorites/create/#{note_activity.id}.json")
lain's avatar
lain committed
684
685
686

      assert json_response(conn, 200)
    end
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704

    test "with credentials, invalid param", %{conn: conn, user: current_user} do
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/favorites/create/wrong.json")

      assert json_response(conn, 400)
    end

    test "with credentials, invalid activity", %{conn: conn, user: current_user} do
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/favorites/create/1.json")

      assert json_response(conn, 500)
    end
lain's avatar
lain committed
705
706
  end

lain's avatar
lain committed
707
708
  describe "POST /api/favorites/destroy/:id" do
    setup [:valid_user]
lain's avatar
lain committed
709

lain's avatar
lain committed
710
711
    test "without valid credentials", %{conn: conn} do
      note_activity = insert(:note_activity)
lain's avatar
lain committed
712
      conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
lain's avatar
lain committed
713
714
715
716
717
718
719
720
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      note_activity = insert(:note_activity)
      object = Object.get_by_ap_id(note_activity.data["object"]["id"])
      ActivityPub.like(current_user, object)

lain's avatar
lain committed
721
722
723
724
      conn =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post("/api/favorites/destroy/#{note_activity.id}.json")
lain's avatar
lain committed
725
726
727
728
729

      assert json_response(conn, 200)
    end
  end

lain's avatar
lain committed
730
731
  describe "POST /api/statuses/retweet/:id" do
    setup [:valid_user]
lain's avatar
lain committed
732

lain's avatar
lain committed
733
734
    test "without valid credentials", %{conn: conn} do
      note_activity = insert(:note_activity)
lain's avatar
lain committed
735
      conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
lain's avatar
lain committed
736
737
738
739
740
741
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      note_activity = insert(:note_activity)

dtluna's avatar
dtluna committed
742
      request_path = "/api/statuses/retweet/#{note_activity.id}.json"
lain's avatar
lain committed
743

lain's avatar
lain committed
744
745
746
747
748
      response =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post(request_path)

dtluna's avatar
dtluna committed
749
      activity = Repo.get(Activity, note_activity.id)
lain's avatar
lain committed
750
      activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])
lain's avatar
lain committed
751
752
753

      assert json_response(response, 200) ==
               ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
lain's avatar
lain committed
754
755
756
    end
  end

757
758
759
760
761
  describe "POST /api/statuses/unretweet/:id" do
    setup [:valid_user]

    test "without valid credentials", %{conn: conn} do
      note_activity = insert(:note_activity)
normandy's avatar
normandy committed
762
      conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
      assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
    end

    test "with credentials", %{conn: conn, user: current_user} do
      note_activity = insert(:note_activity)

      request_path = "/api/statuses/retweet/#{note_activity.id}.json"

      _response =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post(request_path)

      request_path = String.replace(request_path, "retweet", "unretweet")

      response =
        conn
        |> with_credentials(current_user.nickname, "test")
        |> post(request_path)

      activity = Repo.get(Activity, note_activity.id)
      activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])

      assert json_response(response, 200) ==
               ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
    end
  end

791
792
793
794
795
796
797
798
799
800
801
  describe "POST /api/account/register" do
    test "it creates a new user", %{conn: conn} do
      data = %{
        "nickname" => "lain",
        "email" => "lain@wired.jp",
        "fullname" => "lain iwakura",
        "bio" => "close the world.",
        "password" => "bear",
        "confirm" => "bear"
      }

lain's avatar
lain committed
802
803
804
      conn =
        conn
        |> post("/api/account/register", data)
805
806
807
808

      user = json_response(conn, 200)

      fetched_user = Repo.get_by(User, nickname: "lain")
dtluna's avatar
dtluna committed
809
      assert user == UserView.render("show.json", %{user: fetched_user})
810
811
812
813
814
815
816
817
818
819
820
    end

    test "it returns errors on a problem", %{conn: conn} do
      data = %{
        "email" => "lain@wired.jp",
        "fullname" => "lain iwakura",
        "bio" => "close the world.",
        "password" => "bear",
        "confirm" => "bear"
      }

lain's avatar
lain committed
821
822
823
      conn =
        conn
        |> post("/api/account/register", data)
824
825
826
827

      errors = json_response(conn, 400)

      assert is_binary(errors["error"])
dtluna's avatar
dtluna committed
828
829
830
    end
  end

lain's avatar
lain committed
831
832
833
  describe "GET /api/externalprofile/show" do
    test "it returns the user", %{conn: conn} do
      user = insert(:user)
834
      other_user = insert(:user)
lain's avatar
lain committed
835

lain's avatar
lain committed
836
837
838
839
      conn =
        conn
        |> assign(:user, user)
        |> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})
lain's avatar
lain committed
840

841
      assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
lain's avatar
lain committed
842
843
844
    end
  end

lain's avatar
lain committed
845
846
847
848
849
  describe "GET /api/statuses/followers" do
    test "it returns a user's followers", %{conn: conn} do
      user = insert(:user)
      follower_one = insert(:user)
      follower_two = insert(:user)
lain's avatar
lain committed
850
      _not_follower = insert(:user)
lain's avatar
lain committed
851
852
853
854

      {:ok, follower_one} = User.follow(follower_one, user)
      {:ok, follower_two} = User.follow(follower_two, user)

lain's avatar
lain committed
855
856
857
858
      conn =
        conn
        |> assign(:user, user)
        |> get("/api/statuses/followers")
lain's avatar
lain committed
859

lain's avatar
lain committed
860
861
862
      expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
      result = json_response(conn, 200)
      assert Enum.sort(expected) == Enum.sort(result)
lain's avatar
lain committed
863
864
865
    end
  end

lain's avatar
lain committed
866
  describe "GET /api/statuses/friends" do
eal's avatar
eal committed
867
    test "it returns the logged in user's friends", %{conn: conn} do
lain's avatar
lain committed
868
869
870
      user = insert(:user)
      followed_one = insert(:user)
      followed_two = insert(:user)
lain's avatar
lain committed
871
      _not_followed = insert(:user)
lain's avatar
lain committed
872
873
874
875

      {:ok, user} = User.follow(user, followed_one)
      {:ok, user} = User.follow(user, followed_two)

lain's avatar
lain committed
876
877
878
879
      conn =
        conn
        |> assign(:user, user)
        |> get("/api/statuses/friends")
lain's avatar
lain committed
880

lain's avatar
lain committed
881
882
883
      expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
      result = json_response(conn, 200)
      assert Enum.sort(expected) == Enum.sort(result)
lain's avatar
lain committed
884
    end
eal's avatar
eal committed
885
886
887
888
889

    test "it returns a given user's friends with user_id", %{conn: conn} do
      user = insert(:user)
      followed_one = insert(:user)
      followed_two = insert(:user)
lain's avatar
lain committed
890
      _not_followed = insert(:user)
eal's avatar
eal committed
891
892
893
894

      {:ok, user} = User.follow(user, followed_one)
      {:ok, user} = User.follow(user, followed_two)

lain's avatar
lain committed
895
896
      conn =
        conn
897
        |> assign(:user, user)
lain's avatar
lain committed
898
        |> get("/api/statuses/friends", %{"user_id" => user.id})
eal's avatar
eal committed
899

lain's avatar
lain committed
900
901
902
903
904
905
      assert MapSet.equal?(
               MapSet.new(json_response(conn, 200)),
               MapSet.new(
                 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
               )
             )
eal's avatar
eal committed
906
907
908
909
910
911
    end

    test "it returns a given user's friends with screen_name", %{conn: conn} do
      user = insert(:user)
      followed_one = insert(:user)
      followed_two = insert(:user)
lain's avatar
lain committed
912
      _not_followed = insert(:user)
eal's avatar
eal committed
913
914
915
916

      {:ok, user} = User.follow(user, followed_one)
      {:ok, user} = User.follow(user, followed_two)

lain's avatar
lain committed
917
918
      conn =
        conn
919
        |> assign(:user, user)
lain's avatar
lain committed
920
        |> get("/api/statuses/friends", %{"screen_name" => user.nickname})
eal's avatar
eal committed
921

lain's avatar
lain committed
922
923
924
925
926
927
      assert MapSet.equal?(
               MapSet.new(json_response(conn, 200)),
               MapSet.new(
                 UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
               )
             )
eal's avatar
eal committed
928
    end
lain's avatar
lain committed
929
930
  end

eal's avatar
eal committed
931
932
933
934
935
  describe "GET /friends/ids" do
    test "it returns a user's friends", %{conn: conn} do
      user = insert(:user)
      followed_one = insert(:user)
      followed_two = insert(:user)
lain's avatar
lain committed
936
      _not_followed = insert(:user)
eal's avatar
eal committed
937
938
939
940

      {:ok, user} = User.follow(user, followed_one)
      {:ok, user} = User.follow(user, followed_two)

lain's avatar
lain committed
941
942
943
944
      conn =
        conn
        |> assign(:user, user)
        |> get("/api/friends/ids")
eal's avatar
eal committed
945

946
      expected = [followed_one.id, followed_two.id]
lain's avatar
lain committed
947
948
949
950
951

      assert MapSet.equal?(
               MapSet.new(Poison.decode!(json_response(conn, 200))),
               MapSet.new(expected)
             )
eal's avatar
eal committed
952
953
954
    end
  end

lain's avatar
lain committed
955
  describe "POST /api/account/update_profile.json" do
lain's avatar
lain committed
956
    test "it updates a user's profile", %{conn: conn} do
lain's avatar
lain committed
957
958
      user = insert(:user)

lain's avatar
lain committed
959
960
961
962
963
964
965
      conn =
        conn
        |> assign(:user, user)
        |> post("/api/account/update_profile.json", %{
          "name" => "new name",
          "description" => "new description"
        })
lain's avatar
lain committed
966
967
968
969
970
971
972

      user = Repo.get!(User, user.id)
      assert user.name == "new name"
      assert user.bio == "new description"

      assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
    end
973
974
975
976
977
978
979
980
981
982
983
984

    test "it locks an account", %{conn: conn} do
      user = insert(:user)

      conn =
        conn
        |> assign(:user, user)
        |> post("/api/account/update_profile.json", %{
          "locked" => "true"
        })

      user = Repo.get!(User, user.id)
lain's avatar
lain committed
985
      assert user.info.locked == true
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000

      assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
    end

    test "it unlocks an account", %{conn: conn} do
      user = insert(:user)

      conn =
        conn
        |> assign(:user, user)
        |> post("/api/account/update_profile.json", %{
          "locked" => "false"
        })

      user = Repo.get!(User, user.id)
For faster browsing, not all history is shown. View entire blame