gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Merge pull request #291 from kmycode/upstream-20231116

Browse source 
Upstream 20231116
This commit is contained in:
KMY(雪あすか) 2023-11-17 08:54:09 +09:00 committed by GitHub
commit eaa9ade59b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
274 changed files with 3864 additions and 2574 deletions
Download patch file Download diff file Expand all files Collapse all files

2
spec/controllers/activitypub/inboxes_controller_spec.rb
View file

@ -58,7 +58,7 @@ RSpec.describe ActivityPub::InboxesController do
before do
allow(ActivityPub::FollowersSynchronizationWorker).to receive(:perform_async).and_return(nil)
allow_any_instance_of(Account).to receive(:local_followers_hash).and_return('somehash')
allow(remote_account).to receive(:local_followers_hash).and_return('somehash')
request.headers['Collection-Synchronization'] = synchronization_header
post :create, body: '{}'

18
spec/controllers/admin/accounts_controller_spec.rb
View file

@ -20,8 +20,7 @@ RSpec.describe Admin::AccountsController do
it 'filters with parameters' do
account_filter = instance_double(AccountFilter, results: Account.all)
allow(AccountFilter).to receive(:new).and_return(account_filter)
get :index, params: {
params = {
origin: 'local',
by_domain: 'domain',
status: 'active',
@ -31,17 +30,9 @@ RSpec.describe Admin::AccountsController do
ip: '0.0.0.42',
}
expect(AccountFilter).to have_received(:new) do |params|
h = params.to_h
get :index, params: params
expect(h[:origin]).to eq 'local'
expect(h[:by_domain]).to eq 'domain'
expect(h[:status]).to eq 'active'
expect(h[:username]).to eq 'username'
expect(h[:display_name]).to eq 'display name'
expect(h[:email]).to eq 'local-part@domain'
expect(h[:ip]).to eq '0.0.0.42'
end
expect(AccountFilter).to have_received(:new).with(hash_including(params))
end
it 'paginates accounts' do
@ -236,7 +227,8 @@ RSpec.describe Admin::AccountsController do
let(:account) { Fabricate(:account, domain: 'example.com') }
before do
allow_any_instance_of(ResolveAccountService).to receive(:call)
service = instance_double(ResolveAccountService, call: nil)
allow(ResolveAccountService).to receive(:new).and_return(service)
end
context 'when user is admin' do

18
spec/controllers/admin/resets_controller_spec.rb
View file

@ -13,12 +13,20 @@ describe Admin::ResetsController do
describe 'POST #create' do
it 'redirects to admin accounts page' do
expect_any_instance_of(User).to receive(:send_reset_password_instructions) do |value|
expect(value.account_id).to eq account.id
end
post :create, params: { account_id: account.id }
expect do
post :create, params: { account_id: account.id }
end.to change(Devise.mailer.deliveries, :size).by(2)
expect(Devise.mailer.deliveries).to have_attributes(
first: have_attributes(
to: include(account.user.email),
subject: I18n.t('devise.mailer.password_change.subject')
),
last: have_attributes(
to: include(account.user.email),
subject: I18n.t('devise.mailer.reset_password_instructions.subject')
)
)
expect(response).to redirect_to(admin_account_path(account.id))
end
end

38
spec/controllers/api/v1/trends/links_controller_spec.rb
View file

@ -2,14 +2,44 @@
require 'rails_helper'
describe Api::V1::Trends::LinksController do
RSpec.describe Api::V1::Trends::LinksController do
render_views
describe 'GET #index' do
it 'returns http success' do
get :index
around do |example|
previous = Setting.trends
example.run
Setting.trends = previous
end
expect(response).to have_http_status(200)
context 'when trends are disabled' do
before { Setting.trends = false }
it 'returns http success' do
get :index
expect(response).to have_http_status(200)
end
end
context 'when trends are enabled' do
before { Setting.trends = true }
it 'returns http success' do
prepare_trends
stub_const('Api::V1::Trends::LinksController::DEFAULT_LINKS_LIMIT', 2)
get :index
expect(response).to have_http_status(200)
expect(response.headers).to include('Link')
end
def prepare_trends
Fabricate.times(3, :preview_card, trendable: true, language: 'en').each do |link|
2.times { |i| Trends.links.add(link, i) }
end
Trends::Links.new(threshold: 1).refresh
end
end
end
end

38
spec/controllers/api/v1/trends/statuses_controller_spec.rb
View file

@ -2,14 +2,44 @@
require 'rails_helper'
describe Api::V1::Trends::StatusesController do
RSpec.describe Api::V1::Trends::StatusesController do
render_views
describe 'GET #index' do
it 'returns http success' do
get :index
around do |example|
previous = Setting.trends
example.run
Setting.trends = previous
end
expect(response).to have_http_status(200)
context 'when trends are disabled' do
before { Setting.trends = false }
it 'returns http success' do
get :index
expect(response).to have_http_status(200)
end
end
context 'when trends are enabled' do
before { Setting.trends = true }
it 'returns http success' do
prepare_trends
stub_const('Api::BaseController::DEFAULT_STATUSES_LIMIT', 2)
get :index
expect(response).to have_http_status(200)
expect(response.headers).to include('Link')
end
def prepare_trends
Fabricate.times(3, :status, trendable: true, language: 'en').each do |status|
2.times { |i| Trends.statuses.add(status, i) }
end
Trends::Statuses.new(threshold: 1, decay_threshold: -1).refresh
end
end
end
end

41
spec/controllers/api/v1/trends/tags_controller_spec.rb
View file

@ -6,16 +6,41 @@ RSpec.describe Api::V1::Trends::TagsController do
render_views
describe 'GET #index' do
before do
Fabricate.times(10, :tag).each do |tag|
10.times { |i| Trends.tags.add(tag, i) }
end
get :index
around do |example|
previous = Setting.trends
example.run
Setting.trends = previous
end
it 'returns http success' do
expect(response).to have_http_status(200)
context 'when trends are disabled' do
before { Setting.trends = false }
it 'returns http success' do
get :index
expect(response).to have_http_status(200)
expect(response.headers).to_not include('Link')
end
end
context 'when trends are enabled' do
before { Setting.trends = true }
it 'returns http success' do
prepare_trends
stub_const('Api::V1::Trends::TagsController::DEFAULT_TAGS_LIMIT', 2)
get :index
expect(response).to have_http_status(200)
expect(response.headers).to include('Link')
end
def prepare_trends
Fabricate.times(3, :tag, trendable: true).each do |tag|
2.times { |i| Trends.tags.add(tag, i) }
end
Trends::Tags.new(threshold: 1).refresh
end
end
end
end

60
spec/controllers/api/web/push_subscriptions_controller_spec.rb
View file

@ -37,37 +37,49 @@ describe Api::Web::PushSubscriptionsController do
}
end
before do
sign_in(user)
stub_request(:post, create_payload[:subscription][:endpoint]).to_return(status: 200)
end
describe 'POST #create' do
it 'saves push subscriptions' do
sign_in(user)
stub_request(:post, create_payload[:subscription][:endpoint]).to_return(status: 200)
post :create, format: :json, params: create_payload
expect(response).to have_http_status(200)
user.reload
push_subscription = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint])
expect(created_push_subscription).to have_attributes(
endpoint: eq(create_payload[:subscription][:endpoint]),
key_p256dh: eq(create_payload[:subscription][:keys][:p256dh]),
key_auth: eq(create_payload[:subscription][:keys][:auth])
)
expect(user.session_activations.first.web_push_subscription).to eq(created_push_subscription)
end
expect(push_subscription['endpoint']).to eq(create_payload[:subscription][:endpoint])
expect(push_subscription['key_p256dh']).to eq(create_payload[:subscription][:keys][:p256dh])
expect(push_subscription['key_auth']).to eq(create_payload[:subscription][:keys][:auth])
context 'with a user who has a session with a prior subscription' do
let!(:prior_subscription) { Fabricate(:web_push_subscription, session_activation: user.session_activations.last) }
it 'destroys prior subscription when creating new one' do
post :create, format: :json, params: create_payload
expect(response).to have_http_status(200)
expect { prior_subscription.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
end
context 'with initial data' do
it 'saves alert settings' do
sign_in(user)
stub_request(:post, create_payload[:subscription][:endpoint]).to_return(status: 200)
post :create, format: :json, params: create_payload.merge(alerts_payload)
push_subscription = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint])
expect(response).to have_http_status(200)
expect(push_subscription.data['policy']).to eq 'all'
expect(created_push_subscription.data['policy']).to eq 'all'
%w(follow follow_request favourite reblog mention poll status).each do |type|
expect(push_subscription.data['alerts'][type]).to eq(alerts_payload[:data][:alerts][type.to_sym].to_s)
expect(created_push_subscription.data['alerts'][type]).to eq(alerts_payload[:data][:alerts][type.to_sym].to_s)
end
end
end
@ -75,23 +87,23 @@ describe Api::Web::PushSubscriptionsController do
describe 'PUT #update' do
it 'changes alert settings' do
sign_in(user)
stub_request(:post, create_payload[:subscription][:endpoint]).to_return(status: 200)
post :create, format: :json, params: create_payload
alerts_payload[:id] = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint]).id
expect(response).to have_http_status(200)
alerts_payload[:id] = created_push_subscription.id
put :update, format: :json, params: alerts_payload
push_subscription = Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint])
expect(push_subscription.data['policy']).to eq 'all'
expect(created_push_subscription.data['policy']).to eq 'all'
%w(follow follow_request favourite reblog mention poll status).each do |type|
expect(push_subscription.data['alerts'][type]).to eq(alerts_payload[:data][:alerts][type.to_sym].to_s)
expect(created_push_subscription.data['alerts'][type]).to eq(alerts_payload[:data][:alerts][type.to_sym].to_s)
end
end
end
def created_push_subscription
Web::PushSubscription.find_by(endpoint: create_payload[:subscription][:endpoint])
end
end

6
spec/controllers/auth/sessions_controller_spec.rb
View file

@ -126,7 +126,7 @@ RSpec.describe Auth::SessionsController do
let!(:previous_login) { Fabricate(:login_activity, user: user, ip: previous_ip) }
before do
allow_any_instance_of(ActionDispatch::Request).to receive(:remote_ip).and_return(current_ip)
allow(controller.request).to receive(:remote_ip).and_return(current_ip)
user.update(current_sign_in_at: 1.month.ago)
post :create, params: { user: { email: user.email, password: user.password } }
end
@ -279,7 +279,9 @@ RSpec.describe Auth::SessionsController do
context 'when the server has an decryption error' do
before do
allow_any_instance_of(User).to receive(:validate_and_consume_otp!).and_raise(OpenSSL::Cipher::CipherError)
allow(user).to receive(:validate_and_consume_otp!).with(user.current_otp).and_raise(OpenSSL::Cipher::CipherError)
allow(User).to receive(:find_by).with(id: user.id).and_return(user)
post :create, params: { user: { otp_attempt: user.current_otp } }, session: { attempt_user_id: user.id, attempt_user_updated_at: user.updated_at.to_s }
end

31
spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
View file

@ -61,6 +61,7 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
it 'renders page with success' do
prepare_user_otp_generation
prepare_user_otp_consumption
allow(controller).to receive(:current_user).and_return(user)
expect do
post :create,
@ -75,30 +76,28 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
end
def prepare_user_otp_generation
expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
expect(value).to eq user
otp_backup_codes
end
allow(user)
.to receive(:generate_otp_backup_codes!)
.and_return(otp_backup_codes)
end
def prepare_user_otp_consumption
expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
expect(value).to eq user
expect(code).to eq '123456'
expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
true
end
options = { otp_secret: 'thisisasecretforthespecofnewview' }
allow(user)
.to receive(:validate_and_consume_otp!)
.with('123456', options)
.and_return(true)
end
end
describe 'when creation fails' do
subject do
expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
expect(value).to eq user
expect(code).to eq '123456'
expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
false
end
options = { otp_secret: 'thisisasecretforthespecofnewview' }
allow(user)
.to receive(:validate_and_consume_otp!)
.with('123456', options)
.and_return(false)
allow(controller).to receive(:current_user).and_return(user)
expect do
post :create,

6
spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb
View file

@ -9,10 +9,8 @@ describe Settings::TwoFactorAuthentication::RecoveryCodesController do
it 'updates the codes and shows them on a view when signed in' do
user = Fabricate(:user)
otp_backup_codes = user.generate_otp_backup_codes!
expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
expect(value).to eq user
otp_backup_codes
end
allow(user).to receive(:generate_otp_backup_codes!).and_return(otp_backup_codes)
allow(controller).to receive(:current_user).and_return(user)
sign_in user, scope: :user
post :create, session: { challenge_passed_at: Time.now.utc }

221
spec/controllers/statuses_controller_spec.rb
View file

@ -57,11 +57,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'public'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('public'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -72,12 +75,15 @@ describe StatusesController do
it_behaves_like 'cacheable response', expects_vary: 'Accept, Accept-Language, Cookie'
it 'renders ActivityPub Note object successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -157,11 +163,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -170,13 +179,16 @@ describe StatusesController do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -194,11 +206,15 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -207,13 +223,16 @@ describe StatusesController do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -254,11 +273,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -267,13 +289,16 @@ describe StatusesController do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully' do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -340,11 +365,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -355,12 +383,15 @@ describe StatusesController do
it_behaves_like 'cacheable response', expects_vary: 'Accept, Accept-Language, Cookie'
it 'renders ActivityPub Note object successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -378,11 +409,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -391,13 +425,17 @@ describe StatusesController do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully' do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -438,11 +476,14 @@ describe StatusesController do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response).to render_template(:show)
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end
@ -451,13 +492,16 @@ describe StatusesController do
let(:format) { 'json' }
it 'renders ActivityPub Note object', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'private'
expect(response.headers['Content-Type']).to include 'application/activity+json'
json = body_as_json
expect(json[:content]).to include status.text
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(body_as_json)
.to include(content: include(status.text))
end
end
end
@ -732,11 +776,14 @@ describe StatusesController do
end
it 'renders status successfully', :aggregate_failures do
expect(response).to have_http_status(200)
expect(response.headers['Link'].to_s).to include 'activity+json'
expect(response.headers['Vary']).to eq 'Accept, Accept-Language, Cookie'
expect(response.headers['Cache-Control']).to include 'public'
expect(response).to render_template(:embed)
expect(response)
.to have_http_status(200)
.and render_template(:embed)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('public'),
'Link' => satisfy { |header| header.to_s.include?('activity+json') }
)
expect(response.body).to include status.text
end
end

22
spec/controllers/well_known/host_meta_controller_spec.rb
View file

@ -1,22 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
describe WellKnown::HostMetaController do
render_views
describe 'GET #show' do
it 'returns http success' do
get :show, format: :xml
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/xrd+xml'
expect(response.body).to eq <<~XML
<?xml version="1.0" encoding="UTF-8"?>
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
<Link rel="lrdd" template="https://cb6e6126.ngrok.io/.well-known/webfinger?resource={uri}"/>
</XRD>
XML
end
end
end

41
spec/controllers/well_known/node_info_controller_spec.rb
View file

@ -1,41 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
describe WellKnown::NodeInfoController do
render_views
describe 'GET #index' do
it 'returns json document pointing to node info' do
get :index
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/json'
json = body_as_json
expect(json[:links]).to be_an Array
expect(json[:links][0][:rel]).to eq 'http://nodeinfo.diaspora.software/ns/schema/2.0'
expect(json[:links][0][:href]).to include 'nodeinfo/2.0'
end
end
describe 'GET #show' do
it 'returns json document with node info properties' do
get :show
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/json'
json = body_as_json
foo = { 'foo' => 0 }
expect(foo).to_not match_json_schema('nodeinfo_2.0')
expect(json).to match_json_schema('nodeinfo_2.0')
expect(json[:version]).to eq '2.0'
expect(json[:usage]).to be_a Hash
expect(json[:software]).to be_a Hash
expect(json[:protocols]).to be_an Array
end
end
end

235
spec/controllers/well_known/webfinger_controller_spec.rb
View file

@ -1,235 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
describe WellKnown::WebfingerController do
include RoutingHelper
render_views
describe 'GET #show' do
subject(:perform_show!) do
get :show, params: { resource: resource }, format: :json
end
let(:alternate_domains) { [] }
let(:alice) { Fabricate(:account, username: 'alice') }
let(:resource) { nil }
around do |example|
tmp = Rails.configuration.x.alternate_domains
Rails.configuration.x.alternate_domains = alternate_domains
example.run
Rails.configuration.x.alternate_domains = tmp
end
shared_examples 'a successful response' do
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'does not set a Vary header' do
expect(response.headers['Vary']).to be_nil
end
it 'returns application/jrd+json' do
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns links for the account' do
json = body_as_json
expect(json[:subject]).to eq 'acct:alice@cb6e6126.ngrok.io'
expect(json[:aliases]).to include('https://cb6e6126.ngrok.io/@alice', 'https://cb6e6126.ngrok.io/users/alice')
end
end
context 'when an account exists' do
let(:resource) { alice.to_webfinger_s }
before do
perform_show!
end
it_behaves_like 'a successful response'
end
context 'when an account is temporarily suspended' do
let(:resource) { alice.to_webfinger_s }
before do
alice.suspend!
perform_show!
end
it_behaves_like 'a successful response'
end
context 'when an account is permanently suspended or deleted' do
let(:resource) { alice.to_webfinger_s }
before do
alice.suspend!
alice.deletion_request.destroy
perform_show!
end
it 'returns http gone' do
expect(response).to have_http_status(410)
end
end
context 'when an account is not found' do
let(:resource) { 'acct:not@existing.com' }
before do
perform_show!
end
it 'returns http not found' do
expect(response).to have_http_status(404)
end
end
context 'with an alternate domain' do
let(:alternate_domains) { ['foo.org'] }
before do
perform_show!
end
context 'when an account exists' do
let(:resource) do
username, = alice.to_webfinger_s.split('@')
"#{username}@foo.org"
end
it_behaves_like 'a successful response'
end
context 'when the domain is wrong' do
let(:resource) do
username, = alice.to_webfinger_s.split('@')
"#{username}@bar.org"
end
it 'returns http not found' do
expect(response).to have_http_status(404)
end
end
end
context 'when the old name scheme is used to query the instance actor' do
let(:resource) do
"#{Rails.configuration.x.local_domain}@#{Rails.configuration.x.local_domain}"
end
before do
perform_show!
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'does not set a Vary header' do
expect(response.headers['Vary']).to be_nil
end
it 'returns application/jrd+json' do
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns links for the internal account' do
json = body_as_json
expect(json[:subject]).to eq 'acct:mastodon.internal@cb6e6126.ngrok.io'
expect(json[:aliases]).to eq ['https://cb6e6126.ngrok.io/actor']
end
end
context 'with no resource parameter' do
let(:resource) { nil }
before do
perform_show!
end
it 'returns http bad request' do
expect(response).to have_http_status(400)
end
end
context 'with a nonsense parameter' do
let(:resource) { 'df/:dfkj' }
before do
perform_show!
end
it 'returns http bad request' do
expect(response).to have_http_status(400)
end
end
context 'when an account has an avatar' do
let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('attachment.jpg')) }
let(:resource) { alice.to_webfinger_s }
it 'returns avatar in response' do
perform_show!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to_not be_nil
expect(avatar_link[:type]).to eq alice.avatar.content_type
expect(avatar_link[:href]).to eq full_asset_url(alice.avatar)
end
context 'with limited federation mode' do
before do
allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
end
it 'does not return avatar in response' do
perform_show!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
context 'when enabling DISALLOW_UNAUTHENTICATED_API_ACCESS' do
around do |example|
ClimateControl.modify DISALLOW_UNAUTHENTICATED_API_ACCESS: 'true' do
example.run
end
end
it 'does not return avatar in response' do
perform_show!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
end
context 'when an account does not have an avatar' do
let(:alice) { Fabricate(:account, username: 'alice', avatar: nil) }
let(:resource) { alice.to_webfinger_s }
before do
perform_show!
end
it 'does not return avatar in response' do
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
end
private
def get_avatar_link(json)
json[:links].find { |link| link[:rel] == 'http://webfinger.net/rel/avatar' }
end
end

4
spec/helpers/media_component_helper_spec.rb
View file

@ -49,10 +49,12 @@ describe MediaComponentHelper do
end
describe 'render_card_component' do
let(:status) { Fabricate(:status, preview_cards: [Fabricate(:preview_card)]) }
let(:status) { Fabricate(:status) }
let(:result) { helper.render_card_component(status) }
before do
PreviewCardsStatus.create(status: status, preview_card: Fabricate(:preview_card))
without_partial_double_verification do
allow(helper).to receive(:current_account).and_return(status.account)
end

5
spec/lib/request_spec.rb
View file

@ -64,8 +64,11 @@ describe Request do
end
it 'closes underlying connection' do
expect_any_instance_of(HTTP::Client).to receive(:close)
allow(subject.send(:http_client)).to receive(:close)
expect { |block| subject.perform(&block) }.to yield_control
expect(subject.send(:http_client)).to have_received(:close)
end
it 'returns response which implements body_with_limit' do

6
spec/lib/status_filter_spec.rb
View file

@ -23,7 +23,8 @@ describe StatusFilter do
context 'when status policy does not allow show' do
it 'filters the status' do
allow_any_instance_of(StatusPolicy).to receive(:show?).and_return(false)
policy = instance_double(StatusPolicy, show?: false)
allow(StatusPolicy).to receive(:new).and_return(policy)
expect(filter).to be_filtered
end
@ -74,7 +75,8 @@ describe StatusFilter do
context 'when status policy does not allow show' do
it 'filters the status' do
allow_any_instance_of(StatusPolicy).to receive(:show?).and_return(false)
policy = instance_double(StatusPolicy, show?: false)
allow(StatusPolicy).to receive(:new).and_return(policy)
expect(filter).to be_filtered
end

14
spec/models/account_spec.rb
View file

@ -209,9 +209,13 @@ RSpec.describe Account do
expect(account.refresh!).to be_nil
end
it 'calls not ResolveAccountService#call' do
expect_any_instance_of(ResolveAccountService).to_not receive(:call).with(acct)
it 'does not call ResolveAccountService#call' do
service = instance_double(ResolveAccountService, call: nil)
allow(ResolveAccountService).to receive(:new).and_return(service)
account.refresh!
expect(service).to_not have_received(:call).with(acct)
end
end
@ -219,8 +223,12 @@ RSpec.describe Account do
let(:domain) { 'example.com' }
it 'calls ResolveAccountService#call' do
expect_any_instance_of(ResolveAccountService).to receive(:call).with(acct).once
service = instance_double(ResolveAccountService, call: nil)
allow(ResolveAccountService).to receive(:new).and_return(service)
account.refresh!
expect(service).to have_received(:call).with(acct).once
end
end
end

6
spec/models/setting_spec.rb
View file

@ -52,7 +52,8 @@ RSpec.describe Setting do
before do
allow(RailsSettings::Settings).to receive(:object).with(key).and_return(object)
allow(described_class).to receive(:default_settings).and_return(default_settings)
allow_any_instance_of(Settings::ScopedSettings).to receive(:thing_scoped).and_return(records)
settings_double = instance_double(Settings::ScopedSettings, thing_scoped: records)
allow(Settings::ScopedSettings).to receive(:new).and_return(settings_double)
Rails.cache.delete(cache_key)
end
@ -128,7 +129,8 @@ RSpec.describe Setting do
describe '.all_as_records' do
before do
allow_any_instance_of(Settings::ScopedSettings).to receive(:thing_scoped).and_return(records)
settings_double = instance_double(Settings::ScopedSettings, thing_scoped: records)
allow(Settings::ScopedSettings).to receive(:new).and_return(settings_double)
allow(described_class).to receive(:default_settings).and_return(default_settings)
end

31
spec/models/webhook_spec.rb
View file

@ -5,6 +5,37 @@ require 'rails_helper'
RSpec.describe Webhook do
let(:webhook) { Fabricate(:webhook) }
describe 'Validations' do
it 'requires presence of events' do
record = described_class.new(events: nil)
record.valid?
expect(record).to model_have_error_on_field(:events)
end
it 'requires non-empty events value' do
record = described_class.new(events: [])
record.valid?
expect(record).to model_have_error_on_field(:events)
end
it 'requires valid events value from EVENTS' do
record = described_class.new(events: ['account.invalid'])
record.valid?
expect(record).to model_have_error_on_field(:events)
end
end
describe 'Normalizations' do
it 'cleans up events values' do
record = described_class.new(events: ['account.approved', 'account.created ', ''])
expect(record.events).to eq(%w(account.approved account.created))
end
end
describe '#rotate_secret!' do
it 'changes the secret' do
previous_value = webhook.secret

148
spec/requests/api/v1/accounts/relationships_spec.rb
View file

@ -27,12 +27,16 @@ describe 'GET /api/v1/accounts/relationships' do
it 'returns JSON with correct data', :aggregate_failures do
subject
json = body_as_json
expect(response).to have_http_status(200)
expect(json).to be_a Enumerable
expect(json.first[:following]).to be true
expect(json.first[:followed_by]).to be false
expect(response)
.to have_http_status(200)
expect(body_as_json)
.to be_an(Enumerable)
.and have_attributes(
first: include(
following: true,
followed_by: false
)
)
end
end
@ -40,18 +44,19 @@ describe 'GET /api/v1/accounts/relationships' do
let(:params) { { id: [simon.id, lewis.id, bob.id] } }
context 'when there is returned JSON data' do
let(:json) { body_as_json }
context 'with default parameters' do
it 'returns an enumerable json with correct elements, excluding suspended accounts', :aggregate_failures do
subject
expect(response).to have_http_status(200)
expect(json).to be_a Enumerable
expect(json.size).to eq 2
expect_simon_item_one
expect_lewis_item_two
expect(response)
.to have_http_status(200)
expect(body_as_json)
.to be_an(Enumerable)
.and have_attributes(
size: 2,
first: include(simon_item),
second: include(lewis_item)
)
end
end
@ -61,58 +66,79 @@ describe 'GET /api/v1/accounts/relationships' do
it 'returns an enumerable json with correct elements, including suspended accounts', :aggregate_failures do
subject
expect(response).to have_http_status(200)
expect(json).to be_a Enumerable
expect(json.size).to eq 3
expect_simon_item_one
expect_lewis_item_two
expect_bob_item_three
expect(response)
.to have_http_status(200)
expect(body_as_json)
.to be_an(Enumerable)
.and have_attributes(
size: 3,
first: include(simon_item),
second: include(lewis_item),
third: include(bob_item)
)
end
end
def expect_simon_item_one
expect(json.first[:id]).to eq simon.id.to_s
expect(json.first[:following]).to be true
expect(json.first[:showing_reblogs]).to be true
expect(json.first[:followed_by]).to be false
expect(json.first[:muting]).to be false
expect(json.first[:requested]).to be false
expect(json.first[:domain_blocking]).to be false
def simon_item
{
id: simon.id.to_s,
following: true,
showing_reblogs: true,
followed_by: false,
muting: false,
requested: false,
domain_blocking: false,
}
end
def expect_lewis_item_two
expect(json.second[:id]).to eq lewis.id.to_s
expect(json.second[:following]).to be false
expect(json.second[:showing_reblogs]).to be false
expect(json.second[:followed_by]).to be true
expect(json.second[:muting]).to be false
expect(json.second[:requested]).to be false
expect(json.second[:domain_blocking]).to be false
def lewis_item
{
id: lewis.id.to_s,
following: false,
showing_reblogs: false,
followed_by: true,
muting: false,
requested: false,
domain_blocking: false,
}
end
def expect_bob_item_three
expect(json.third[:id]).to eq bob.id.to_s
expect(json.third[:following]).to be false
expect(json.third[:showing_reblogs]).to be false
expect(json.third[:followed_by]).to be false
expect(json.third[:muting]).to be false
expect(json.third[:requested]).to be false
expect(json.third[:domain_blocking]).to be false
def bob_item
{
id: bob.id.to_s,
following: false,
showing_reblogs: false,
followed_by: false,
muting: false,
requested: false,
domain_blocking: false,
}
end
end
it 'returns JSON with correct data on cached requests too' do
subject
subject
it 'returns JSON with correct data on previously cached requests' do
# Initial request including multiple accounts in params
get '/api/v1/accounts/relationships', headers: headers, params: { id: [simon.id, lewis.id] }
expect(body_as_json)
.to have_attributes(size: 2)
expect(response).to have_http_status(200)
# Subsequent request with different id, should override cache from first request
get '/api/v1/accounts/relationships', headers: headers, params: { id: [simon.id] }
json = body_as_json
expect(response)
.to have_http_status(200)
expect(json).to be_a Enumerable
expect(json.first[:following]).to be true
expect(json.first[:showing_reblogs]).to be true
expect(body_as_json)
.to be_an(Enumerable)
.and have_attributes(
size: 1,
first: include(
following: true,
showing_reblogs: true
)
)
end
it 'returns JSON with correct data after change too' do
@ -121,13 +147,17 @@ describe 'GET /api/v1/accounts/relationships' do
get '/api/v1/accounts/relationships', headers: headers, params: { id: [simon.id] }
expect(response).to have_http_status(200)
expect(response)
.to have_http_status(200)
json = body_as_json
expect(json).to be_a Enumerable
expect(json.first[:following]).to be false
expect(json.first[:showing_reblogs]).to be false
expect(body_as_json)
.to be_an(Enumerable)
.and have_attributes(
first: include(
following: false,
showing_reblogs: false
)
)
end
end
end

43
spec/requests/api/v1/csp_spec.rb Normal file
View file

@ -0,0 +1,43 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'API namespace minimal Content-Security-Policy' do
before { stub_tests_controller }
after { Rails.application.reload_routes! }
it 'returns the correct CSP headers' do
get '/api/v1/tests'
expect(response).to have_http_status(200)
expect(response.headers['Content-Security-Policy']).to eq(minimal_csp_headers)
end
private
def stub_tests_controller
stub_const('Api::V1::TestsController', api_tests_controller)
Rails.application.routes.draw do
get '/api/v1/tests', to: 'api/v1/tests#index'
end
end
def api_tests_controller
Class.new(Api::BaseController) do
def index
head 200
end
private
def user_signed_in? = false
def current_user = nil
end
end
def minimal_csp_headers
"default-src 'none'; frame-ancestors 'none'; form-action 'none'"
end
end

14
spec/requests/host_meta_request_spec.rb
View file

@ -1,14 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The host_meta route' do
describe 'requested without accepts headers' do
it 'returns an xml response' do
get host_meta_url
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/xrd+xml'
end
end
end

27
spec/requests/invite_spec.rb Normal file
View file

@ -0,0 +1,27 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'invites' do
let(:invite) { Fabricate(:invite) }
context 'when requesting a JSON document' do
it 'returns a JSON document with expected attributes' do
get "/invite/#{invite.code}", headers: { 'Accept' => 'application/activity+json' }
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/json'
expect(body_as_json[:invite_code]).to eq invite.code
end
end
context 'when not requesting a JSON document' do
it 'returns an HTML page' do
get "/invite/#{invite.code}"
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'text/html'
end
end
end

33
spec/requests/webfinger_request_spec.rb
View file

@ -1,33 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The webfinger route' do
let(:alice) { Fabricate(:account, username: 'alice') }
describe 'requested with standard accepts headers' do
it 'returns a json response' do
get webfinger_url(resource: alice.to_webfinger_s)
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
end
describe 'asking for json format' do
it 'returns a json response for json format' do
get webfinger_url(resource: alice.to_webfinger_s, format: :json)
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns a json response for json accept header' do
headers = { 'HTTP_ACCEPT' => 'application/jrd+json' }
get webfinger_url(resource: alice.to_webfinger_s), headers: headers
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
end
end

11
spec/requests/well_known/change_password_spec.rb Normal file
View file

@ -0,0 +1,11 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The /.well-known/change-password request' do
it 'redirects to the change password page' do
get '/.well-known/change-password'
expect(response).to redirect_to '/auth/edit'
end
end

27
spec/requests/well_known/host_meta_spec.rb Normal file
View file

@ -0,0 +1,27 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The /.well-known/host-meta request' do
it 'returns http success with valid XML response' do
get '/.well-known/host-meta'
expect(response)
.to have_http_status(200)
.and have_attributes(
media_type: 'application/xrd+xml',
body: host_meta_xml_template
)
end
private
def host_meta_xml_template
<<~XML
<?xml version="1.0" encoding="UTF-8"?>
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
<Link rel="lrdd" template="https://cb6e6126.ngrok.io/.well-known/webfinger?resource={uri}"/>
</XRD>
XML
end
end

58
spec/requests/well_known/node_info_spec.rb Normal file
View file

@ -0,0 +1,58 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The well-known node-info endpoints' do
describe 'The /.well-known/node-info endpoint' do
it 'returns JSON document pointing to node info' do
get '/.well-known/nodeinfo'
expect(response)
.to have_http_status(200)
.and have_attributes(
media_type: 'application/json'
)
expect(body_as_json).to include(
links: be_an(Array).and(
contain_exactly(
include(
rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
href: include('nodeinfo/2.0')
)
)
)
)
end
end
describe 'The /nodeinfo/2.0 endpoint' do
it 'returns JSON document with node info properties' do
get '/nodeinfo/2.0'
expect(response)
.to have_http_status(200)
.and have_attributes(
media_type: 'application/json'
)
expect(non_matching_hash)
.to_not match_json_schema('nodeinfo_2.0')
expect(body_as_json)
.to match_json_schema('nodeinfo_2.0')
.and include(
version: '2.0',
usage: be_a(Hash),
software: be_a(Hash),
protocols: be_a(Array)
)
end
private
def non_matching_hash
{ 'foo' => 0 }
end
end
end

255
spec/requests/well_known/webfinger_spec.rb Normal file
View file

@ -0,0 +1,255 @@
# frozen_string_literal: true
require 'rails_helper'
describe 'The /.well-known/webfinger endpoint' do
subject(:perform_request!) { get webfinger_url(resource: resource) }
let(:alternate_domains) { [] }
let(:alice) { Fabricate(:account, username: 'alice') }
let(:resource) { nil }
around do |example|
tmp = Rails.configuration.x.alternate_domains
Rails.configuration.x.alternate_domains = alternate_domains
example.run
Rails.configuration.x.alternate_domains = tmp
end
shared_examples 'a successful response' do
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'sets only a Vary Origin header' do
expect(response.headers['Vary']).to eq('Origin')
end
it 'returns application/jrd+json' do
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns links for the account' do
json = body_as_json
expect(json[:subject]).to eq 'acct:alice@cb6e6126.ngrok.io'
expect(json[:aliases]).to include('https://cb6e6126.ngrok.io/@alice', 'https://cb6e6126.ngrok.io/users/alice')
end
end
context 'when an account exists' do
let(:resource) { alice.to_webfinger_s }
before do
perform_request!
end
it_behaves_like 'a successful response'
end
context 'when an account is temporarily suspended' do
let(:resource) { alice.to_webfinger_s }
before do
alice.suspend!
perform_request!
end
it_behaves_like 'a successful response'
end
context 'when an account is permanently suspended or deleted' do
let(:resource) { alice.to_webfinger_s }
before do
alice.suspend!
alice.deletion_request.destroy
perform_request!
end
it 'returns http gone' do
expect(response).to have_http_status(410)
end
end
context 'when an account is not found' do
let(:resource) { 'acct:not@existing.com' }
before do
perform_request!
end
it 'returns http not found' do
expect(response).to have_http_status(404)
end
end
context 'with an alternate domain' do
let(:alternate_domains) { ['foo.org'] }
before do
perform_request!
end
context 'when an account exists' do
let(:resource) do
username, = alice.to_webfinger_s.split('@')
"#{username}@foo.org"
end
it_behaves_like 'a successful response'
end
context 'when the domain is wrong' do
let(:resource) do
username, = alice.to_webfinger_s.split('@')
"#{username}@bar.org"
end
it 'returns http not found' do
expect(response).to have_http_status(404)
end
end
end
context 'when the old name scheme is used to query the instance actor' do
let(:resource) do
"#{Rails.configuration.x.local_domain}@#{Rails.configuration.x.local_domain}"
end
before do
perform_request!
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'sets only a Vary Origin header' do
expect(response.headers['Vary']).to eq('Origin')
end
it 'returns application/jrd+json' do
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns links for the internal account' do
json = body_as_json
expect(json[:subject]).to eq 'acct:mastodon.internal@cb6e6126.ngrok.io'
expect(json[:aliases]).to eq ['https://cb6e6126.ngrok.io/actor']
end
end
context 'with no resource parameter' do
let(:resource) { nil }
before do
perform_request!
end
it 'returns http bad request' do
expect(response).to have_http_status(400)
end
end
context 'with a nonsense parameter' do
let(:resource) { 'df/:dfkj' }
before do
perform_request!
end
it 'returns http bad request' do
expect(response).to have_http_status(400)
end
end
context 'when an account has an avatar' do
let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('attachment.jpg')) }
let(:resource) { alice.to_webfinger_s }
it 'returns avatar in response' do
perform_request!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to_not be_nil
expect(avatar_link[:type]).to eq alice.avatar.content_type
expect(avatar_link[:href]).to eq Addressable::URI.new(host: Rails.configuration.x.local_domain, path: alice.avatar.to_s, scheme: 'https').to_s
end
context 'with limited federation mode' do
before do
allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
end
it 'does not return avatar in response' do
perform_request!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
context 'when enabling DISALLOW_UNAUTHENTICATED_API_ACCESS' do
around do |example|
ClimateControl.modify DISALLOW_UNAUTHENTICATED_API_ACCESS: 'true' do
example.run
end
end
it 'does not return avatar in response' do
perform_request!
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
end
context 'when an account does not have an avatar' do
let(:alice) { Fabricate(:account, username: 'alice', avatar: nil) }
let(:resource) { alice.to_webfinger_s }
before do
perform_request!
end
it 'does not return avatar in response' do
avatar_link = get_avatar_link(body_as_json)
expect(avatar_link).to be_nil
end
end
context 'with different headers' do
describe 'requested with standard accepts headers' do
it 'returns a json response' do
get webfinger_url(resource: alice.to_webfinger_s)
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
end
describe 'asking for json format' do
it 'returns a json response for json format' do
get webfinger_url(resource: alice.to_webfinger_s, format: :json)
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
it 'returns a json response for json accept header' do
headers = { 'HTTP_ACCEPT' => 'application/jrd+json' }
get webfinger_url(resource: alice.to_webfinger_s), headers: headers
expect(response).to have_http_status(200)
expect(response.media_type).to eq 'application/jrd+json'
end
end
end
private
def get_avatar_link(json)
json[:links].find { |link| link[:rel] == 'http://webfinger.net/rel/avatar' }
end
end

9
spec/services/activitypub/process_collection_service_spec.rb
View file

@ -76,7 +76,8 @@ RSpec.describe ActivityPub::ProcessCollectionService, type: :service do
let(:forwarder) { Fabricate(:account, domain: 'example.com', uri: 'http://example.com/other_account') }
it 'does not process payload if no signature exists' do
allow_any_instance_of(ActivityPub::LinkedDataSignature).to receive(:verify_actor!).and_return(nil)
signature_double = instance_double(ActivityPub::LinkedDataSignature, verify_actor!: nil)
allow(ActivityPub::LinkedDataSignature).to receive(:new).and_return(signature_double)
allow(ActivityPub::Activity).to receive(:factory)
subject.call(json, forwarder)
@ -87,7 +88,8 @@ RSpec.describe ActivityPub::ProcessCollectionService, type: :service do
it 'processes payload with actor if valid signature exists' do
payload['signature'] = { 'type' => 'RsaSignature2017' }
allow_any_instance_of(ActivityPub::LinkedDataSignature).to receive(:verify_actor!).and_return(actor)
signature_double = instance_double(ActivityPub::LinkedDataSignature, verify_actor!: actor)
allow(ActivityPub::LinkedDataSignature).to receive(:new).and_return(signature_double)
allow(ActivityPub::Activity).to receive(:factory).with(instance_of(Hash), actor, instance_of(Hash))
subject.call(json, forwarder)
@ -98,7 +100,8 @@ RSpec.describe ActivityPub::ProcessCollectionService, type: :service do
it 'does not process payload if invalid signature exists' do
payload['signature'] = { 'type' => 'RsaSignature2017' }
allow_any_instance_of(ActivityPub::LinkedDataSignature).to receive(:verify_actor!).and_return(nil)
signature_double = instance_double(ActivityPub::LinkedDataSignature, verify_actor!: nil)
allow(ActivityPub::LinkedDataSignature).to receive(:new).and_return(signature_double)
allow(ActivityPub::Activity).to receive(:factory)
subject.call(json, forwarder)

92
spec/services/app_sign_up_service_spec.rb
View file

@ -10,46 +10,72 @@ RSpec.describe AppSignUpService, type: :service do
let(:remote_ip) { IPAddr.new('198.0.2.1') }
describe '#call' do
it 'returns nil when registrations are closed' do
tmp = Setting.registrations_mode
Setting.registrations_mode = 'none'
expect { subject.call(app, remote_ip, good_params) }.to raise_error Mastodon::NotPermittedError
Setting.registrations_mode = tmp
let(:params) { good_params }
shared_examples 'successful registration' do
it 'creates an unconfirmed user with access token and the app\'s scope', :aggregate_failures do
access_token = subject.call(app, remote_ip, params)
expect(access_token).to_not be_nil
expect(access_token.scopes.to_s).to eq 'read write'
user = User.find_by(id: access_token.resource_owner_id)
expect(user).to_not be_nil
expect(user.confirmed?).to be false
expect(user.account).to_not be_nil
expect(user.invite_request).to be_nil
end
end
context 'when registrations are closed' do
around do |example|
tmp = Setting.registrations_mode
Setting.registrations_mode = 'none'
example.run
Setting.registrations_mode = tmp
end
it 'raises an error', :aggregate_failures do
expect { subject.call(app, remote_ip, good_params) }.to raise_error Mastodon::NotPermittedError
end
context 'when using a valid invite' do
let(:params) { good_params.merge({ invite_code: invite.code }) }
let(:invite) { Fabricate(:invite) }
before do
invite.user.approve!
end
it_behaves_like 'successful registration'
end
context 'when using an invalid invite' do
let(:params) { good_params.merge({ invite_code: invite.code }) }
let(:invite) { Fabricate(:invite, uses: 1, max_uses: 1) }
it 'raises an error', :aggregate_failures do
expect { subject.call(app, remote_ip, params) }.to raise_error Mastodon::NotPermittedError
end
end
end
it 'raises an error when params are missing' do
expect { subject.call(app, remote_ip, {}) }.to raise_error ActiveRecord::RecordInvalid
end
it 'creates an unconfirmed user with access token' do
access_token = subject.call(app, remote_ip, good_params)
expect(access_token).to_not be_nil
user = User.find_by(id: access_token.resource_owner_id)
expect(user).to_not be_nil
expect(user.confirmed?).to be false
end
it_behaves_like 'successful registration'
it 'creates access token with the app\'s scopes' do
access_token = subject.call(app, remote_ip, good_params)
expect(access_token).to_not be_nil
expect(access_token.scopes.to_s).to eq 'read write'
end
it 'creates an account' do
access_token = subject.call(app, remote_ip, good_params)
expect(access_token).to_not be_nil
user = User.find_by(id: access_token.resource_owner_id)
expect(user).to_not be_nil
expect(user.account).to_not be_nil
expect(user.invite_request).to be_nil
end
it 'creates an account with invite request text' do
access_token = subject.call(app, remote_ip, good_params.merge(reason: 'Foo bar'))
expect(access_token).to_not be_nil
user = User.find_by(id: access_token.resource_owner_id)
expect(user).to_not be_nil
expect(user.invite_request&.text).to eq 'Foo bar'
context 'when given an invite request text' do
it 'creates an account with invite request text' do
access_token = subject.call(app, remote_ip, good_params.merge(reason: 'Foo bar'))
expect(access_token).to_not be_nil
user = User.find_by(id: access_token.resource_owner_id)
expect(user).to_not be_nil
expect(user.invite_request&.text).to eq 'Foo bar'
end
end
end
end

28
spec/services/fetch_link_card_service_spec.rb
View file

@ -121,7 +121,7 @@ RSpec.describe FetchLinkCardService, type: :service do
let(:status) { Fabricate(:status, text: 'Check out http://example.com/sjis') }
it 'decodes the HTML' do
expect(status.preview_cards.first.title).to eq('SJISのページ')
expect(status.preview_card.title).to eq('SJISのページ')
end
end
@ -129,7 +129,7 @@ RSpec.describe FetchLinkCardService, type: :service do
let(:status) { Fabricate(:status, text: 'Check out http://example.com/sjis_with_wrong_charset') }
it 'decodes the HTML despite the wrong charset header' do
expect(status.preview_cards.first.title).to eq('SJISのページ')
expect(status.preview_card.title).to eq('SJISのページ')
end
end
@ -137,7 +137,7 @@ RSpec.describe FetchLinkCardService, type: :service do
let(:status) { Fabricate(:status, text: 'Check out http://example.com/koi8-r') }
it 'decodes the HTML' do
expect(status.preview_cards.first.title).to eq('Московя начинаетъ только въ XVI ст. привлекать внимане иностранцевъ.')
expect(status.preview_card.title).to eq('Московя начинаетъ только въ XVI ст. привлекать внимане иностранцевъ.')
end
end
@ -145,7 +145,7 @@ RSpec.describe FetchLinkCardService, type: :service do
let(:status) { Fabricate(:status, text: 'Check out http://example.com/windows-1251') }
it 'decodes the HTML' do
expect(status.preview_cards.first.title).to eq('сэмпл текст')
expect(status.preview_card.title).to eq('сэмпл текст')
end
end
@ -253,11 +253,21 @@ RSpec.describe FetchLinkCardService, type: :service do
expect(status.preview_card.title).to eq 'Hello world'
end
end
context 'with URL but author is not allow preview card' do
let(:account) { Fabricate(:user, settings: { link_preview: false }).account }
let(:status) { Fabricate(:status, text: 'http://example.com/html', account: account) }
it 'not create preview card' do
expect(status.preview_card).to be_nil
end
end
end
context 'with a remote status' do
let(:account) { Fabricate(:account, domain: 'example.com') }
let(:status) do
Fabricate(:status, account: Fabricate(:account, domain: 'example.com'), text: <<-TEXT)
Fabricate(:status, account: account, text: <<-TEXT)
Habt ihr ein paar gute Links zu <a>foo</a>
#<span class="tag"><a href="https://quitter.se/tag/wannacry" target="_blank" rel="tag noopener noreferrer" title="https://quitter.se/tag/wannacry">Wannacry</a></span> herumfliegen?
Ich will mal unter <br> <a href="http://example.com/not-found" target="_blank" rel="noopener noreferrer" title="http://example.com/not-found">http://example.com/not-found</a> was sammeln. !
@ -272,6 +282,14 @@ RSpec.describe FetchLinkCardService, type: :service do
it 'ignores URLs to hashtags' do
expect(a_request(:get, 'https://quitter.se/tag/wannacry')).to_not have_been_made
end
context 'with URL but author is not allow preview card' do
let(:account) { Fabricate(:account, domain: 'example.com', settings: { link_preview: false }) }
it 'not create link preview' do
expect(status.preview_card).to be_nil
end
end
end
context 'with a remote status of reference' do

8
spec/services/update_status_service_spec.rb
View file

@ -23,11 +23,11 @@ RSpec.describe UpdateStatusService, type: :service do
end
context 'when text changes' do
let!(:status) { Fabricate(:status, text: 'Foo') }
let(:status) { Fabricate(:status, text: 'Foo') }
let(:preview_card) { Fabricate(:preview_card) }
before do
status.preview_cards << preview_card
PreviewCardsStatus.create(status: status, preview_card: preview_card)
subject.call(status, status.account_id, text: 'Bar')
end
@ -45,11 +45,11 @@ RSpec.describe UpdateStatusService, type: :service do
end
context 'when content warning changes' do
let!(:status) { Fabricate(:status, text: 'Foo', spoiler_text: '') }
let(:status) { Fabricate(:status, text: 'Foo', spoiler_text: '') }
let(:preview_card) { Fabricate(:preview_card) }
before do
status.preview_cards << preview_card
PreviewCardsStatus.create(status: status, preview_card: preview_card)
subject.call(status, status.account_id, text: 'Foo', spoiler_text: 'Bar')
end

12
spec/spec_helper.rb
View file

@ -2,16 +2,8 @@
require 'rspec/retry'
if ENV['DISABLE_SIMPLECOV'] != 'true'
require 'simplecov'
SimpleCov.start 'rails' do
add_filter 'lib/linter'
add_group 'Policies', 'app/policies'
add_group 'Presenters', 'app/presenters'
add_group 'Serializers', 'app/serializers'
add_group 'Services', 'app/services'
add_group 'Validators', 'app/validators'
end
unless ENV['DISABLE_SIMPLECOV'] == 'true'
require 'simplecov' # Configuration details loaded from .simplecov
end
RSpec.configure do |config|

3
spec/workers/activitypub/delivery_worker_spec.rb
View file

@ -11,7 +11,8 @@ describe ActivityPub::DeliveryWorker do
let(:payload) { 'test' }
before do
allow_any_instance_of(Account).to receive(:remote_followers_hash).with('https://example.com/api').and_return('somehash')
allow(sender).to receive(:remote_followers_hash).with('https://example.com/api').and_return('somehash')
allow(Account).to receive(:find).with(sender.id).and_return(sender)
end
describe 'perform' do

36
spec/workers/move_worker_spec.rb
View file

@ -35,17 +35,16 @@ describe MoveWorker do
context 'when user notes are short enough' do
it 'copies user note with prelude' do
subject.perform(source_account.id, target_account.id)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(source_account.acct)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(account_note.comment)
expect(relevant_account_note.comment)
.to include(source_account.acct, account_note.comment)
end
it 'merges user notes when needed' do
new_account_note = AccountNote.create!(account: account_note.account, target_account: target_account, comment: 'new note prior to move')
subject.perform(source_account.id, target_account.id)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(source_account.acct)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(account_note.comment)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(new_account_note.comment)
expect(relevant_account_note.comment)
.to include(source_account.acct, account_note.comment, new_account_note.comment)
end
end
@ -54,16 +53,24 @@ describe MoveWorker do
it 'copies user note without prelude' do
subject.perform(source_account.id, target_account.id)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(account_note.comment)
expect(relevant_account_note.comment)
.to include(account_note.comment)
end
it 'keeps user notes unchanged' do
new_account_note = AccountNote.create!(account: account_note.account, target_account: target_account, comment: 'new note prior to move')
subject.perform(source_account.id, target_account.id)
expect(AccountNote.find_by(account: account_note.account, target_account: target_account).comment).to include(new_account_note.comment)
expect(relevant_account_note.comment)
.to include(new_account_note.comment)
end
end
private
def relevant_account_note
AccountNote.find_by(account: account_note.account, target_account: target_account)
end
end
shared_examples 'block and mute handling' do
@ -71,10 +78,19 @@ describe MoveWorker do
subject.perform(source_account.id, target_account.id)
expect(block_service).to have_received(:call).with(blocking_account, target_account)
expect(AccountNote.find_by(account: blocking_account, target_account: target_account).comment).to include(source_account.acct)
expect(muting_account.muting?(target_account)).to be true
expect(AccountNote.find_by(account: muting_account, target_account: target_account).comment).to include(source_account.acct)
expect(
[note_account_comment, mute_account_comment]
).to all include(source_account.acct)
end
def note_account_comment
AccountNote.find_by(account: blocking_account, target_account: target_account).comment
end
def mute_account_comment
AccountNote.find_by(account: muting_account, target_account: target_account).comment
end
end

4
spec/workers/web/push_notification_worker_spec.rb
View file

@ -23,8 +23,8 @@ describe Web::PushNotificationWorker do
describe 'perform' do
before do
allow_any_instance_of(subscription.class).to receive(:contact_email).and_return(contact_email)
allow_any_instance_of(subscription.class).to receive(:vapid_key).and_return(vapid_key)
allow(subscription).to receive_messages(contact_email: contact_email, vapid_key: vapid_key)
allow(Web::PushSubscription).to receive(:find).with(subscription.id).and_return(subscription)
allow(Webpush::Encryption).to receive(:encrypt).and_return(payload)
allow(JWT).to receive(:encode).and_return('jwt.encoded.payload')