Home Explore Help
Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: 74cd277e07
Branches Tags
mastodon
/
spec
/
controllers
/
activitypub
/
inboxes_controller_spec.rb

inboxes_controller_spec.rb 3.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. RSpec.describe ActivityPub::InboxesController, type: :controller do
    6. 

  6.   let(:remote_account) { nil }
    7. 

  7. 

  8.   before do
    9. 

  9.     allow(controller).to receive(:signed_request_actor).and_return(remote_account)
    10. 

  10.   end
    11. 

  11. 

  12.   describe 'POST #create' do
    13. 

  13.     context 'with signature' do
    14. 

  14.       let(:remote_account) { Fabricate(:account, domain: 'example.com', protocol: :activitypub) }
    15. 

  15. 

  16.       before do
    17. 

  17.         post :create, body: '{}'
    18. 

  18.       end
    19. 

  19. 

  20.       it 'returns http accepted' do
    21. 

  21.         expect(response).to have_http_status(202)
    22. 

  22.       end
    23. 

  23. 

  24.       context 'for a specific account' do
    25. 

  25.         let(:account) { Fabricate(:account) }
    26. 

  26. 

  27.         subject(:response) { post :create, params: { account_username: account.username }, body: '{}' }
    28. 

  28. 

  29.         context 'when account is permanently suspended' do
    30. 

  30.           before do
    31. 

  31.             account.suspend!
    32. 

  32.             account.deletion_request.destroy
    33. 

  33.           end
    34. 

  34. 

  35.           it 'returns http gone' do
    36. 

  36.             expect(response).to have_http_status(410)
    37. 

  37.           end
    38. 

  38.         end
    39. 

  39. 

  40.         context 'when account is temporarily suspended' do
    41. 

  41.           before do
    42. 

  42.             account.suspend!
    43. 

  43.           end
    44. 

  44. 

  45.           it 'returns http accepted' do
    46. 

  46.             expect(response).to have_http_status(202)
    47. 

  47.           end
    48. 

  48.         end
    49. 

  49.       end
    50. 

  50.     end
    51. 

  51. 

  52.     context 'with Collection-Synchronization header' do
    53. 

  53.       let(:remote_account)             { Fabricate(:account, followers_url: 'https://example.com/followers', domain: 'example.com', uri: 'https://example.com/actor', protocol: :activitypub) }
    54. 

  54.       let(:synchronization_collection) { remote_account.followers_url }
    55. 

  55.       let(:synchronization_url)        { 'https://example.com/followers-for-domain' }
    56. 

  56.       let(:synchronization_hash)       { 'somehash' }
    57. 

  57.       let(:synchronization_header)     { "collectionId=\"#{synchronization_collection}\", digest=\"#{synchronization_hash}\", url=\"#{synchronization_url}\"" }
    58. 

  58. 

  59.       before do
    60. 

  60.         allow(ActivityPub::FollowersSynchronizationWorker).to receive(:perform_async).and_return(nil)
    61. 

  61.         allow_any_instance_of(Account).to receive(:local_followers_hash).and_return('somehash')
    62. 

  62. 

  63.         request.headers['Collection-Synchronization'] = synchronization_header
    64. 

  64.         post :create, body: '{}'
    65. 

  65.       end
    66. 

  66. 

  67.       context 'with mismatching target collection' do
    68. 

  68.         let(:synchronization_collection) { 'https://example.com/followers2' }
    69. 

  69. 

  70.         it 'does not start a synchronization job' do
    71. 

  71.           expect(ActivityPub::FollowersSynchronizationWorker).not_to have_received(:perform_async)
    72. 

  72.         end
    73. 

  73.       end
    74. 

  74. 

  75.       context 'with mismatching domain in partial collection attribute' do
    76. 

  76.         let(:synchronization_url) { 'https://example.org/followers' }
    77. 

  77. 

  78.         it 'does not start a synchronization job' do
    79. 

  79.           expect(ActivityPub::FollowersSynchronizationWorker).not_to have_received(:perform_async)
    80. 

  80.         end
    81. 

  81.       end
    82. 

  82. 

  83.       context 'with matching digest' do
    84. 

  84.         it 'does not start a synchronization job' do
    85. 

  85.           expect(ActivityPub::FollowersSynchronizationWorker).not_to have_received(:perform_async)
    86. 

  86.         end
    87. 

  87.       end
    88. 

  88. 

  89.       context 'with mismatching digest' do
    90. 

  90.         let(:synchronization_hash) { 'wronghash' }
    91. 

  91. 

  92.         it 'starts a synchronization job' do
    93. 

  93.           expect(ActivityPub::FollowersSynchronizationWorker).to have_received(:perform_async)
    94. 

  94.         end
    95. 

  95.       end
    96. 

  96. 

  97.       it 'returns http accepted' do
    98. 

  98.         expect(response).to have_http_status(202)
    99. 

  99.       end
    100. 

  100.     end
    101. 

  101. 

  102.     context 'without signature' do
    103. 

  103.       before do
    104. 

  104.         post :create, body: '{}'
    105. 

  105.       end
    106. 

  106. 

  107.       it 'returns http not authorized' do
    108. 

  108.         expect(response).to have_http_status(401)
    109. 

  109.       end
    110. 

  110.     end
    111. 

  111.   end
    112. 

  112. end
    113.