1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
6 use Pleroma.Web.ConnCase, async: false
11 alias Pleroma.Chat.MessageReference
12 alias Pleroma.ModerationLog
15 alias Pleroma.Web.CommonAPI
18 admin = insert(:user, is_admin: true)
19 token = insert(:oauth_admin_token, user: admin)
23 |> assign(:user, admin)
24 |> assign(:token, token)
26 {:ok, %{admin: admin, token: token, conn: conn}}
29 describe "DELETE /api/pleroma/admin/chats/:id/messages/:message_id" do
31 clear_config([:instance, :admin_privileges], [:messages_delete])
35 test "it deletes a message from the chat", %{conn: conn, admin: admin} do
37 recipient = insert(:user)
40 CommonAPI.post_chat_message(user, recipient, "Hello darkness my old friend")
42 object = Object.normalize(message, fetch: false)
44 chat = Chat.get(user.id, recipient.ap_id)
45 recipient_chat = Chat.get(recipient.id, user.ap_id)
47 cm_ref = MessageReference.for_chat_and_object(chat, object)
48 recipient_cm_ref = MessageReference.for_chat_and_object(recipient_chat, object)
52 |> put_req_header("content-type", "application/json")
53 |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
54 |> json_response_and_validate_schema(200)
56 log_entry = Repo.one(ModerationLog)
58 assert ModerationLog.get_log_entry_message(log_entry) ==
59 "@#{admin.nickname} deleted chat message ##{message.id}"
61 assert result["id"] == cm_ref.id
62 refute MessageReference.get_by_id(cm_ref.id)
63 refute MessageReference.get_by_id(recipient_cm_ref.id)
64 assert %{data: %{"type" => "Tombstone"}} = Object.get_by_id(object.id)
67 test "it requires privileged role :messages_delete", %{conn: conn} do
68 clear_config([:instance, :admin_privileges], [])
71 |> put_req_header("content-type", "application/json")
72 |> delete("/api/pleroma/admin/chats/some_id/messages/some_ref_id")
73 |> json_response(:forbidden)
77 describe "GET /api/pleroma/admin/chats/:id/messages" do
79 clear_config([:instance, :admin_privileges], [:messages_read])
83 test "it paginates", %{conn: conn} do
85 recipient = insert(:user)
87 Enum.each(1..30, fn _ ->
88 {:ok, _} = CommonAPI.post_chat_message(user, recipient, "hey")
91 chat = Chat.get(user.id, recipient.ap_id)
95 |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
96 |> json_response_and_validate_schema(200)
98 assert length(result) == 20
102 |> get("/api/pleroma/admin/chats/#{chat.id}/messages?max_id=#{List.last(result)["id"]}")
103 |> json_response_and_validate_schema(200)
105 assert length(result) == 10
108 test "it returns the messages for a given chat", %{conn: conn} do
110 other_user = insert(:user)
111 third_user = insert(:user)
113 {:ok, _} = CommonAPI.post_chat_message(user, other_user, "hey")
114 {:ok, _} = CommonAPI.post_chat_message(user, third_user, "hey")
115 {:ok, _} = CommonAPI.post_chat_message(user, other_user, "how are you?")
116 {:ok, _} = CommonAPI.post_chat_message(other_user, user, "fine, how about you?")
118 chat = Chat.get(user.id, other_user.ap_id)
122 |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
123 |> json_response_and_validate_schema(200)
126 |> Enum.each(fn message ->
127 assert message["chat_id"] == chat.id |> to_string()
130 assert length(result) == 3
133 test "it requires privileged role :messages_read", %{conn: conn} do
134 clear_config([:instance, :admin_privileges], [])
136 conn = get(conn, "/api/pleroma/admin/chats/some_id/messages")
138 assert json_response(conn, :forbidden)
142 describe "GET /api/pleroma/admin/chats/:id" do
144 clear_config([:instance, :admin_privileges], [:messages_read])
148 test "it returns a chat", %{conn: conn} do
150 other_user = insert(:user)
152 {:ok, chat} = Chat.get_or_create(user.id, other_user.ap_id)
156 |> get("/api/pleroma/admin/chats/#{chat.id}")
157 |> json_response_and_validate_schema(200)
159 assert result["id"] == to_string(chat.id)
160 assert %{} = result["sender"]
161 assert %{} = result["receiver"]
162 refute result["account"]
165 test "it requires privileged role :messages_read", %{conn: conn} do
166 clear_config([:instance, :admin_privileges], [])
168 conn = get(conn, "/api/pleroma/admin/chats/some_id")
170 assert json_response(conn, :forbidden)
174 describe "unauthorized chat moderation" do
177 recipient = insert(:user)
179 {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo")
180 object = Object.normalize(message, fetch: false)
181 chat = Chat.get(user.id, recipient.ap_id)
182 cm_ref = MessageReference.for_chat_and_object(chat, object)
184 %{conn: conn} = oauth_access(["read:chats", "write:chats"])
185 %{conn: conn, chat: chat, cm_ref: cm_ref}
188 test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{
194 |> put_req_header("content-type", "application/json")
195 |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
196 |> json_response(403)
198 assert MessageReference.get_by_id(cm_ref.id) == cm_ref
201 test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do
203 |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
204 |> json_response(403)
207 test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do
209 |> get("/api/pleroma/admin/chats/#{chat.id}")
210 |> json_response(403)
214 describe "unauthenticated chat moderation" do
217 recipient = insert(:user)
219 {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo")
220 object = Object.normalize(message, fetch: false)
221 chat = Chat.get(user.id, recipient.ap_id)
222 cm_ref = MessageReference.for_chat_and_object(chat, object)
224 %{conn: build_conn(), chat: chat, cm_ref: cm_ref}
227 test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{
233 |> put_req_header("content-type", "application/json")
234 |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
235 |> json_response(403)
237 assert MessageReference.get_by_id(cm_ref.id) == cm_ref
240 test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do
242 |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
243 |> json_response(403)
246 test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do
248 |> get("/api/pleroma/admin/chats/#{chat.id}")
249 |> json_response(403)