Etusivu Tutki Apua
Kirjaudu sisään
RISCI_ATOM
/
mastodon
peilaus alkaen https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Tiedostot Ongelmat 8 Wiki
Puu: fa21d004c7
Haarat Tagit
mastodon
/
spec
/
services
/
resolve_remote_account_service_spec.rb

resolve_remote_account_service_spec.rb 4.4 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. require 'rails_helper'
    2. 

  2. 

  3. RSpec.describe ResolveRemoteAccountService do
    4. 

  4.   subject { described_class.new }
    5. 

  5. 

  6.   before do
    7. 

  7.     stub_request(:get, "https://quitter.no/.well-known/host-meta").to_return(request_fixture('.host-meta.txt'))
    8. 

  8.     stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:catsrgr8@example.com").to_return(status: 404)
    9. 

  9.     stub_request(:get, "https://redirected.com/.well-known/host-meta").to_return(request_fixture('redirected.host-meta.txt'))
    10. 

  10.     stub_request(:get, "https://example.com/.well-known/host-meta").to_return(status: 404)
    11. 

  11.     stub_request(:get, "https://quitter.no/.well-known/webfinger?resource=acct:gargron@quitter.no").to_return(request_fixture('webfinger.txt'))
    12. 

  12.     stub_request(:get, "https://redirected.com/.well-known/webfinger?resource=acct:gargron@redirected.com").to_return(request_fixture('webfinger.txt'))
    13. 

  13.     stub_request(:get, "https://redirected.com/.well-known/webfinger?resource=acct:hacker1@redirected.com").to_return(request_fixture('webfinger-hacker1.txt'))
    14. 

  14.     stub_request(:get, "https://redirected.com/.well-known/webfinger?resource=acct:hacker2@redirected.com").to_return(request_fixture('webfinger-hacker2.txt'))
    15. 

  15.     stub_request(:get, "https://quitter.no/.well-known/webfinger?resource=acct:catsrgr8@quitter.no").to_return(status: 404)
    16. 

  16.     stub_request(:get, "https://quitter.no/api/statuses/user_timeline/7477.atom").to_return(request_fixture('feed.txt'))
    17. 

  17.     stub_request(:get, "https://quitter.no/avatar/7477-300-20160211190340.png").to_return(request_fixture('avatar.txt'))
    18. 

  18.     stub_request(:get, "https://localdomain.com/.well-known/host-meta").to_return(request_fixture('localdomain-hostmeta.txt'))
    19. 

  19.     stub_request(:get, "https://localdomain.com/.well-known/webfinger?resource=acct:foo@localdomain.com").to_return(status: 404)
    20. 

  20.     stub_request(:get, "https://webdomain.com/.well-known/webfinger?resource=acct:foo@localdomain.com").to_return(request_fixture('localdomain-webfinger.txt'))
    21. 

  21.     stub_request(:get, "https://webdomain.com/users/foo.atom").to_return(request_fixture('localdomain-feed.txt'))
    22. 

  22.   end
    23. 

  23. 

  24.   it 'raises error if no such user can be resolved via webfinger' do
    25. 

  25.     expect(subject.call('catsrgr8@quitter.no')).to be_nil
    26. 

  26.   end
    27. 

  27. 

  28.   it 'raises error if the domain does not have webfinger' do
    29. 

  29.     expect(subject.call('catsrgr8@example.com')).to be_nil
    30. 

  30.   end
    31. 

  31. 

  32.   it 'prevents hijacking existing accounts' do
    33. 

  33.     account = subject.call('hacker1@redirected.com')
    34. 

  34.     expect(account.salmon_url).to_not eq 'https://hacker.com/main/salmon/user/7477'
    35. 

  35.   end
    36. 

  36. 

  37.   it 'prevents hijacking inexisting accounts' do
    38. 

  38.     expect(subject.call('hacker2@redirected.com')).to be_nil
    39. 

  39.   end
    40. 

  40. 

  41.   context 'with an OStatus account' do
    42. 

  42.     it 'returns an already existing remote account' do
    43. 

  43.       old_account      = Fabricate(:account, username: 'gargron', domain: 'quitter.no')
    44. 

  44.       returned_account = subject.call('gargron@quitter.no')
    45. 

  45. 

  46.       expect(old_account.id).to eq returned_account.id
    47. 

  47.     end
    48. 

  48. 

  49.     it 'returns a new remote account' do
    50. 

  50.       account = subject.call('gargron@quitter.no')
    51. 

  51. 

  52.       expect(account.username).to eq 'gargron'
    53. 

  53.       expect(account.domain).to eq 'quitter.no'
    54. 

  54.       expect(account.remote_url).to eq 'https://quitter.no/api/statuses/user_timeline/7477.atom'
    55. 

  55.     end
    56. 

  56. 

  57.     it 'follows a legitimate account redirection' do
    58. 

  58.       account = subject.call('gargron@redirected.com')
    59. 

  59. 

  60.       expect(account.username).to eq 'gargron'
    61. 

  61.       expect(account.domain).to eq 'quitter.no'
    62. 

  62.       expect(account.remote_url).to eq 'https://quitter.no/api/statuses/user_timeline/7477.atom'
    63. 

  63.     end
    64. 

  64. 

  65.     it 'returns a new remote account' do
    66. 

  66.       account = subject.call('foo@localdomain.com')
    67. 

  67. 

  68.       expect(account.username).to eq 'foo'
    69. 

  69.       expect(account.domain).to eq 'localdomain.com'
    70. 

  70.       expect(account.remote_url).to eq 'https://webdomain.com/users/foo.atom'
    71. 

  71.     end
    72. 

  72.   end
    73. 

  73. 

  74.   context 'with an ActivityPub account' do
    75. 

  75.     pending
    76. 

  76.   end
    77. 

  77. 

  78.   it 'processes one remote account at a time using locks' do
    79. 

  79.     wait_for_start = true
    80. 

  80.     fail_occurred  = false
    81. 

  81.     return_values  = []
    82. 

  82. 

  83.     threads = Array.new(5) do
    84. 

  84.       Thread.new do
    85. 

  85.         true while wait_for_start
    86. 

  86.         begin
    87. 

  87.           return_values << described_class.new.call('foo@localdomain.com')
    88. 

  88.         rescue ActiveRecord::RecordNotUnique
    89. 

  89.           fail_occurred = true
    90. 

  90.         end
    91. 

  91.       end
    92. 

  92.     end
    93. 

  93. 

  94.     wait_for_start = false
    95. 

  95.     threads.each(&:join)
    96. 

  96. 

  97.     expect(fail_occurred).to be false
    98. 

  98.     expect(return_values).to_not include(nil)
    99. 

  99.   end
    100. 

  100. end
    101.