Domů Procházet Nápověda
Přihlásit se
RISCI_ATOM
/
mastodon
zrcadlo https://github.com/tootsuite/mastodon.git
1
0
Rozštěpit 0
Soubory Úkoly 8 Wiki
Strom: d3519bc08b
Větve Značky
mastodon
/
spec
/
controllers
/
activitypub
/
outboxes_controller_spec.rb

outboxes_controller_spec.rb 7.0 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. RSpec.describe ActivityPub::OutboxesController do
    6. 

  6.   let!(:account) { Fabricate(:account) }
    7. 

  7. 

  8.   before do
    9. 

  9.     Fabricate(:status, account: account, visibility: :public)
    10. 

  10.     Fabricate(:status, account: account, visibility: :unlisted)
    11. 

  11.     Fabricate(:status, account: account, visibility: :private)
    12. 

  12.     Fabricate(:status, account: account, visibility: :direct)
    13. 

  13.     Fabricate(:status, account: account, visibility: :limited)
    14. 

  14. 

  15.     allow(controller).to receive(:signed_request_actor).and_return(remote_account)
    16. 

  16.   end
    17. 

  17. 

  18.   describe 'GET #show' do
    19. 

  19.     context 'without signature' do
    20. 

  20.       subject(:response) { get :show, params: { account_username: account.username, page: page } }
    21. 

  21. 

  22.       let(:body) { body_as_json }
    23. 

  23.       let(:remote_account) { nil }
    24. 

  24. 

  25.       context 'with page not requested' do
    26. 

  26.         let(:page) { nil }
    27. 

  27. 

  28.         it 'returns http success' do
    29. 

  29.           expect(response).to have_http_status(200)
    30. 

  30.         end
    31. 

  31. 

  32.         it 'returns application/activity+json' do
    33. 

  33.           expect(response.media_type).to eq 'application/activity+json'
    34. 

  34.         end
    35. 

  35. 

  36.         it 'returns totalItems' do
    37. 

  37.           expect(body[:totalItems]).to eq 4
    38. 

  38.         end
    39. 

  39. 

  40.         it_behaves_like 'cacheable response'
    41. 

  41. 

  42.         it 'does not have a Vary header' do
    43. 

  43.           expect(response.headers['Vary']).to be_nil
    44. 

  44.         end
    45. 

  45. 

  46.         context 'when account is permanently suspended' do
    47. 

  47.           before do
    48. 

  48.             account.suspend!
    49. 

  49.             account.deletion_request.destroy
    50. 

  50.           end
    51. 

  51. 

  52.           it 'returns http gone' do
    53. 

  53.             expect(response).to have_http_status(410)
    54. 

  54.           end
    55. 

  55.         end
    56. 

  56. 

  57.         context 'when account is temporarily suspended' do
    58. 

  58.           before do
    59. 

  59.             account.suspend!
    60. 

  60.           end
    61. 

  61. 

  62.           it 'returns http forbidden' do
    63. 

  63.             expect(response).to have_http_status(403)
    64. 

  64.           end
    65. 

  65.         end
    66. 

  66.       end
    67. 

  67. 

  68.       context 'with page requested' do
    69. 

  69.         let(:page) { 'true' }
    70. 

  70. 

  71.         it 'returns http success' do
    72. 

  72.           expect(response).to have_http_status(200)
    73. 

  73.         end
    74. 

  74. 

  75.         it 'returns application/activity+json' do
    76. 

  76.           expect(response.media_type).to eq 'application/activity+json'
    77. 

  77.         end
    78. 

  78. 

  79.         it 'returns orderedItems with public or unlisted statuses' do
    80. 

  80.           expect(body[:orderedItems]).to be_an Array
    81. 

  81.           expect(body[:orderedItems].size).to eq 2
    82. 

  82.           expect(body[:orderedItems].all? { |item| targets_public_collection?(item) }).to be true
    83. 

  83.         end
    84. 

  84. 

  85.         it_behaves_like 'cacheable response'
    86. 

  86. 

  87.         it 'returns Vary header with Signature' do
    88. 

  88.           expect(response.headers['Vary']).to include 'Signature'
    89. 

  89.         end
    90. 

  90. 

  91.         context 'when account is permanently suspended' do
    92. 

  92.           before do
    93. 

  93.             account.suspend!
    94. 

  94.             account.deletion_request.destroy
    95. 

  95.           end
    96. 

  96. 

  97.           it 'returns http gone' do
    98. 

  98.             expect(response).to have_http_status(410)
    99. 

  99.           end
    100. 

  100.         end
    101. 

  101. 

  102.         context 'when account is temporarily suspended' do
    103. 

  103.           before do
    104. 

  104.             account.suspend!
    105. 

  105.           end
    106. 

  106. 

  107.           it 'returns http forbidden' do
    108. 

  108.             expect(response).to have_http_status(403)
    109. 

  109.           end
    110. 

  110.         end
    111. 

  111.       end
    112. 

  112.     end
    113. 

  113. 

  114.     context 'with signature' do
    115. 

  115.       let(:remote_account) { Fabricate(:account, domain: 'example.com') }
    116. 

  116.       let(:page) { 'true' }
    117. 

  117. 

  118.       context 'when signed request account does not follow account' do
    119. 

  119.         before do
    120. 

  120.           get :show, params: { account_username: account.username, page: page }
    121. 

  121.         end
    122. 

  122. 

  123.         it 'returns http success' do
    124. 

  124.           expect(response).to have_http_status(200)
    125. 

  125.         end
    126. 

  126. 

  127.         it 'returns application/activity+json' do
    128. 

  128.           expect(response.media_type).to eq 'application/activity+json'
    129. 

  129.         end
    130. 

  130. 

  131.         it 'returns orderedItems with public or unlisted statuses' do
    132. 

  132.           json = body_as_json
    133. 

  133.           expect(json[:orderedItems]).to be_an Array
    134. 

  134.           expect(json[:orderedItems].size).to eq 2
    135. 

  135.           expect(json[:orderedItems].all? { |item| targets_public_collection?(item) }).to be true
    136. 

  136.         end
    137. 

  137. 

  138.         it 'returns private Cache-Control header' do
    139. 

  139.           expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
    140. 

  140.         end
    141. 

  141.       end
    142. 

  142. 

  143.       context 'when signed request account follows account' do
    144. 

  144.         before do
    145. 

  145.           remote_account.follow!(account)
    146. 

  146.           get :show, params: { account_username: account.username, page: page }
    147. 

  147.         end
    148. 

  148. 

  149.         it 'returns http success' do
    150. 

  150.           expect(response).to have_http_status(200)
    151. 

  151.         end
    152. 

  152. 

  153.         it 'returns application/activity+json' do
    154. 

  154.           expect(response.media_type).to eq 'application/activity+json'
    155. 

  155.         end
    156. 

  156. 

  157.         it 'returns orderedItems with private statuses' do
    158. 

  158.           json = body_as_json
    159. 

  159.           expect(json[:orderedItems]).to be_an Array
    160. 

  160.           expect(json[:orderedItems].size).to eq 3
    161. 

  161.           expect(json[:orderedItems].all? { |item| targets_public_collection?(item) || targets_followers_collection?(item, account) }).to be true
    162. 

  162.         end
    163. 

  163. 

  164.         it 'returns private Cache-Control header' do
    165. 

  165.           expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
    166. 

  166.         end
    167. 

  167.       end
    168. 

  168. 

  169.       context 'when signed request account is blocked' do
    170. 

  170.         before do
    171. 

  171.           account.block!(remote_account)
    172. 

  172.           get :show, params: { account_username: account.username, page: page }
    173. 

  173.         end
    174. 

  174. 

  175.         it 'returns http success' do
    176. 

  176.           expect(response).to have_http_status(200)
    177. 

  177.         end
    178. 

  178. 

  179.         it 'returns application/activity+json' do
    180. 

  180.           expect(response.media_type).to eq 'application/activity+json'
    181. 

  181.         end
    182. 

  182. 

  183.         it 'returns empty orderedItems' do
    184. 

  184.           json = body_as_json
    185. 

  185.           expect(json[:orderedItems]).to be_an Array
    186. 

  186.           expect(json[:orderedItems].size).to eq 0
    187. 

  187.         end
    188. 

  188. 

  189.         it 'returns private Cache-Control header' do
    190. 

  190.           expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
    191. 

  191.         end
    192. 

  192.       end
    193. 

  193. 

  194.       context 'when signed request account is domain blocked' do
    195. 

  195.         before do
    196. 

  196.           account.block_domain!(remote_account.domain)
    197. 

  197.           get :show, params: { account_username: account.username, page: page }
    198. 

  198.         end
    199. 

  199. 

  200.         it 'returns http success' do
    201. 

  201.           expect(response).to have_http_status(200)
    202. 

  202.         end
    203. 

  203. 

  204.         it 'returns application/activity+json' do
    205. 

  205.           expect(response.media_type).to eq 'application/activity+json'
    206. 

  206.         end
    207. 

  207. 

  208.         it 'returns empty orderedItems' do
    209. 

  209.           json = body_as_json
    210. 

  210.           expect(json[:orderedItems]).to be_an Array
    211. 

  211.           expect(json[:orderedItems].size).to eq 0
    212. 

  212.         end
    213. 

  213. 

  214.         it 'returns private Cache-Control header' do
    215. 

  215.           expect(response.headers['Cache-Control']).to eq 'max-age=60, private'
    216. 

  216.         end
    217. 

  217.       end
    218. 

  218.     end
    219. 

  219.   end
    220. 

  220. 

  221.   private
    222. 

  222. 

  223.   def ap_public_collection
    224. 

  224.     ActivityPub::TagManager::COLLECTIONS[:public]
    225. 

  225.   end
    226. 

  226. 

  227.   def targets_public_collection?(item)
    228. 

  228.     item[:to].include?(ap_public_collection) || item[:cc].include?(ap_public_collection)
    229. 

  229.   end
    230. 

  230. 

  231.   def targets_followers_collection?(item, account)
    232. 

  232.     item[:to].include?(
    233. 

  233.       account_followers_url(account, ActionMailer::Base.default_url_options)
    234. 

  234.     )
    235. 

  235.   end
    236. 

  236. end
    237.