aboutsummaryrefslogtreecommitdiff
path: root/test/pleroma/web/activity_pub/object_validators
diff options
context:
space:
mode:
authordcc <dcc@logografos.com>2023-09-02 00:52:52 -0700
committerdcc <dcc@logografos.com>2023-09-02 00:52:52 -0700
commit3a4773c3c2bd0bbef244eb519b07208da9108e49 (patch)
tree973567a6f3abb37bfb0f785b1cad14ed55840ef5 /test/pleroma/web/activity_pub/object_validators
downloadanni-3a4773c3c2bd0bbef244eb519b07208da9108e49.tar.gz
anni-3a4773c3c2bd0bbef244eb519b07208da9108e49.tar.bz2
anni-3a4773c3c2bd0bbef244eb519b07208da9108e49.zip
First
Diffstat (limited to 'test/pleroma/web/activity_pub/object_validators')
-rw-r--r--test/pleroma/web/activity_pub/object_validators/accept_validation_test.exs56
-rw-r--r--test/pleroma/web/activity_pub/object_validators/announce_validation_test.exs108
-rw-r--r--test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs119
-rw-r--r--test/pleroma/web/activity_pub/object_validators/attachment_validator_test.exs194
-rw-r--r--test/pleroma/web/activity_pub/object_validators/block_validation_test.exs39
-rw-r--r--test/pleroma/web/activity_pub/object_validators/chat_validation_test.exs212
-rw-r--r--test/pleroma/web/activity_pub/object_validators/create_generic_validator_test.exs62
-rw-r--r--test/pleroma/web/activity_pub/object_validators/delete_validation_test.exs115
-rw-r--r--test/pleroma/web/activity_pub/object_validators/emoji_react_handling_test.exs53
-rw-r--r--test/pleroma/web/activity_pub/object_validators/follow_validation_test.exs26
-rw-r--r--test/pleroma/web/activity_pub/object_validators/like_validation_test.exs116
-rw-r--r--test/pleroma/web/activity_pub/object_validators/reject_validation_test.exs56
-rw-r--r--test/pleroma/web/activity_pub/object_validators/undo_handling_test.exs53
-rw-r--r--test/pleroma/web/activity_pub/object_validators/update_handling_test.exs168
14 files changed, 1377 insertions, 0 deletions
diff --git a/test/pleroma/web/activity_pub/object_validators/accept_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/accept_validation_test.exs
new file mode 100644
index 0000000..70d8519
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/accept_validation_test.exs
@@ -0,0 +1,56 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.AcceptValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.ActivityPub.Pipeline
+
+ import Pleroma.Factory
+
+ setup do
+ follower = insert(:user)
+ followed = insert(:user, local: false)
+
+ {:ok, follow_data, _} = Builder.follow(follower, followed)
+ {:ok, follow_activity, _} = Pipeline.common_pipeline(follow_data, local: true)
+
+ {:ok, accept_data, _} = Builder.accept(followed, follow_activity)
+
+ %{accept_data: accept_data, followed: followed}
+ end
+
+ test "it validates a basic 'accept'", %{accept_data: accept_data} do
+ assert {:ok, _, _} = ObjectValidator.validate(accept_data, [])
+ end
+
+ test "it fails when the actor doesn't exist", %{accept_data: accept_data} do
+ accept_data =
+ accept_data
+ |> Map.put("actor", "https://gensokyo.2hu/users/raymoo")
+
+ assert {:error, _} = ObjectValidator.validate(accept_data, [])
+ end
+
+ test "it fails when the accepted activity doesn't exist", %{accept_data: accept_data} do
+ accept_data =
+ accept_data
+ |> Map.put("object", "https://gensokyo.2hu/users/raymoo/follows/1")
+
+ assert {:error, _} = ObjectValidator.validate(accept_data, [])
+ end
+
+ test "for an accepted follow, it only validates if the actor of the accept is the followed actor",
+ %{accept_data: accept_data} do
+ stranger = insert(:user)
+
+ accept_data =
+ accept_data
+ |> Map.put("actor", stranger.ap_id)
+
+ assert {:error, _} = ObjectValidator.validate(accept_data, [])
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/announce_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/announce_validation_test.exs
new file mode 100644
index 0000000..5b2fcb2
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/announce_validation_test.exs
@@ -0,0 +1,108 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.AnnounceValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Object
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "announces" do
+ setup do
+ user = insert(:user)
+ announcer = insert(:user)
+ {:ok, post_activity} = CommonAPI.post(user, %{status: "uguu"})
+
+ object = Object.normalize(post_activity, fetch: false)
+ {:ok, valid_announce, []} = Builder.announce(announcer, object)
+
+ %{
+ valid_announce: valid_announce,
+ user: user,
+ post_activity: post_activity,
+ announcer: announcer
+ }
+ end
+
+ test "returns ok for a valid announce", %{valid_announce: valid_announce} do
+ assert {:ok, _object, _meta} = ObjectValidator.validate(valid_announce, [])
+ end
+
+ test "keeps announced object context", %{valid_announce: valid_announce} do
+ assert %Object{data: %{"context" => object_context}} =
+ Object.get_cached_by_ap_id(valid_announce["object"])
+
+ {:ok, %{"context" => context}, _} =
+ valid_announce
+ |> Map.put("context", "https://example.org/invalid_context_id")
+ |> ObjectValidator.validate([])
+
+ assert context == object_context
+ end
+
+ test "returns an error if the object can't be found", %{valid_announce: valid_announce} do
+ without_object =
+ valid_announce
+ |> Map.delete("object")
+
+ {:error, cng} = ObjectValidator.validate(without_object, [])
+
+ assert {:object, {"can't be blank", [validation: :required]}} in cng.errors
+
+ nonexisting_object =
+ valid_announce
+ |> Map.put("object", "https://gensokyo.2hu/objects/99999999")
+
+ {:error, cng} = ObjectValidator.validate(nonexisting_object, [])
+
+ assert {:object, {"can't find object", []}} in cng.errors
+ end
+
+ test "returns an error if the actor already announced the object", %{
+ valid_announce: valid_announce,
+ announcer: announcer,
+ post_activity: post_activity
+ } do
+ _announce = CommonAPI.repeat(post_activity.id, announcer)
+
+ {:error, cng} = ObjectValidator.validate(valid_announce, [])
+
+ assert {:actor, {"already announced this object", []}} in cng.errors
+ assert {:object, {"already announced by this actor", []}} in cng.errors
+ end
+
+ test "returns an error if the actor can't announce the object", %{
+ announcer: announcer,
+ user: user
+ } do
+ {:ok, post_activity} =
+ CommonAPI.post(user, %{status: "a secret post", visibility: "private"})
+
+ object = Object.normalize(post_activity, fetch: false)
+
+ # Another user can't announce it
+ {:ok, announce, []} = Builder.announce(announcer, object, public: false)
+
+ {:error, cng} = ObjectValidator.validate(announce, [])
+
+ assert {:actor, {"can not announce this object", []}} in cng.errors
+
+ # The actor of the object can announce it
+ {:ok, announce, []} = Builder.announce(user, object, public: false)
+
+ assert {:ok, _, _} = ObjectValidator.validate(announce, [])
+
+ # The actor of the object can not announce it publicly
+ {:ok, announce, []} = Builder.announce(user, object, public: true)
+
+ {:error, cng} = ObjectValidator.validate(announce, [])
+
+ assert {:actor, {"can not announce this object publicly", []}} in cng.errors
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs b/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs
new file mode 100644
index 0000000..c7a62be
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs
@@ -0,0 +1,119 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidatorTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNotePageValidator
+ alias Pleroma.Web.ActivityPub.Utils
+
+ import Pleroma.Factory
+
+ describe "Notes" do
+ setup do
+ user = insert(:user)
+
+ note = %{
+ "id" => Utils.generate_activity_id(),
+ "type" => "Note",
+ "actor" => user.ap_id,
+ "to" => [user.follower_address],
+ "cc" => [],
+ "content" => "Hellow this is content.",
+ "context" => "xxx",
+ "summary" => "a post"
+ }
+
+ %{user: user, note: note}
+ end
+
+ test "a basic note validates", %{note: note} do
+ %{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
+ end
+
+ test "a note from factory validates" do
+ note = insert(:note)
+ %{valid?: true} = ArticleNotePageValidator.cast_and_validate(note.data)
+ end
+ end
+
+ describe "Note with history" do
+ setup do
+ user = insert(:user)
+ {:ok, activity} = Pleroma.Web.CommonAPI.post(user, %{status: "mew mew :dinosaur:"})
+ {:ok, edit} = Pleroma.Web.CommonAPI.update(user, activity, %{status: "edited :blank:"})
+
+ {:ok, %{"object" => external_rep}} =
+ Pleroma.Web.ActivityPub.Transmogrifier.prepare_outgoing(edit.data)
+
+ %{external_rep: external_rep}
+ end
+
+ test "edited note", %{external_rep: external_rep} do
+ assert %{"formerRepresentations" => %{"orderedItems" => [%{"tag" => [_]}]}} = external_rep
+
+ {:ok, validate_res, []} = ObjectValidator.validate(external_rep, [])
+
+ assert %{"formerRepresentations" => %{"orderedItems" => [%{"emoji" => %{"dinosaur" => _}}]}} =
+ validate_res
+ end
+
+ test "edited note, badly-formed formerRepresentations", %{external_rep: external_rep} do
+ external_rep = Map.put(external_rep, "formerRepresentations", %{})
+
+ assert {:error, _} = ObjectValidator.validate(external_rep, [])
+ end
+
+ test "edited note, badly-formed history item", %{external_rep: external_rep} do
+ history_item =
+ Enum.at(external_rep["formerRepresentations"]["orderedItems"], 0)
+ |> Map.put("type", "Foo")
+
+ external_rep =
+ put_in(
+ external_rep,
+ ["formerRepresentations", "orderedItems"],
+ [history_item]
+ )
+
+ assert {:error, _} = ObjectValidator.validate(external_rep, [])
+ end
+ end
+
+ test "a Note from Roadhouse validates" do
+ insert(:user, ap_id: "https://macgirvin.com/channel/mike")
+
+ %{"object" => note} =
+ "test/fixtures/roadhouse-create-activity.json"
+ |> File.read!()
+ |> Jason.decode!()
+
+ %{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
+ end
+
+ test "a note with an attachment should work", _ do
+ insert(:user, %{ap_id: "https://owncast.localhost.localdomain/federation/user/streamer"})
+
+ note =
+ "test/fixtures/owncast-note-with-attachment.json"
+ |> File.read!()
+ |> Jason.decode!()
+
+ %{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
+ end
+
+ test "a Note without replies/first/items validates" do
+ insert(:user, ap_id: "https://mastodon.social/users/emelie")
+
+ note =
+ "test/fixtures/tesla_mock/status.emelie.json"
+ |> File.read!()
+ |> Jason.decode!()
+ |> pop_in(["replies", "first", "items"])
+ |> elem(1)
+
+ %{valid?: true} = ArticleNotePageValidator.cast_and_validate(note)
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/attachment_validator_test.exs b/test/pleroma/web/activity_pub/object_validators/attachment_validator_test.exs
new file mode 100644
index 0000000..77f2044
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/attachment_validator_test.exs
@@ -0,0 +1,194 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidatorTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.ObjectValidators.AttachmentValidator
+
+ import Pleroma.Factory
+
+ describe "attachments" do
+ test "fails without url" do
+ attachment = %{
+ "mediaType" => "",
+ "name" => "",
+ "summary" => "298p3RG7j27tfsZ9RQ.jpg",
+ "type" => "Document"
+ }
+
+ assert {:error, _cng} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+ end
+
+ test "works with honkerific attachments" do
+ attachment = %{
+ "mediaType" => "",
+ "name" => "",
+ "summary" => "298p3RG7j27tfsZ9RQ.jpg",
+ "type" => "Document",
+ "url" => "https://honk.tedunangst.com/d/298p3RG7j27tfsZ9RQ.jpg"
+ }
+
+ assert {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert attachment.mediaType == "application/octet-stream"
+ end
+
+ test "works with an unknown but valid mime type" do
+ attachment = %{
+ "mediaType" => "x-custom/x-type",
+ "type" => "Document",
+ "url" => "https://example.org"
+ }
+
+ assert {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert attachment.mediaType == "x-custom/x-type"
+ end
+
+ test "works with invalid mime types" do
+ attachment = %{
+ "mediaType" => "x-customx-type",
+ "type" => "Document",
+ "url" => "https://example.org"
+ }
+
+ assert {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert attachment.mediaType == "application/octet-stream"
+
+ attachment = %{
+ "mediaType" => "https://example.org",
+ "type" => "Document",
+ "url" => "https://example.org"
+ }
+
+ assert {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert attachment.mediaType == "application/octet-stream"
+ end
+
+ test "it turns mastodon attachments into our attachments" do
+ attachment = %{
+ "url" =>
+ "http://mastodon.example.org/system/media_attachments/files/000/000/002/original/334ce029e7bfb920.jpg",
+ "type" => "Document",
+ "name" => nil,
+ "mediaType" => "image/jpeg",
+ "blurhash" => "UD9jJz~VSbR#xT$~%KtQX9R,WAs9RjWBs:of"
+ }
+
+ {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert [
+ %{
+ href:
+ "http://mastodon.example.org/system/media_attachments/files/000/000/002/original/334ce029e7bfb920.jpg",
+ type: "Link",
+ mediaType: "image/jpeg"
+ }
+ ] = attachment.url
+
+ assert attachment.mediaType == "image/jpeg"
+ assert attachment.blurhash == "UD9jJz~VSbR#xT$~%KtQX9R,WAs9RjWBs:of"
+ end
+
+ test "it handles our own uploads" do
+ user = insert(:user)
+
+ file = %Plug.Upload{
+ content_type: "image/jpeg",
+ path: Path.absname("test/fixtures/image.jpg"),
+ filename: "an_image.jpg"
+ }
+
+ {:ok, attachment} = ActivityPub.upload(file, actor: user.ap_id)
+
+ {:ok, attachment} =
+ attachment.data
+ |> AttachmentValidator.cast_and_validate()
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert attachment.mediaType == "image/jpeg"
+ end
+
+ test "it handles image dimensions" do
+ attachment = %{
+ "url" => [
+ %{
+ "type" => "Link",
+ "mediaType" => "image/jpeg",
+ "href" => "https://example.com/images/1.jpg",
+ "width" => 200,
+ "height" => 100
+ }
+ ],
+ "type" => "Document",
+ "name" => nil,
+ "mediaType" => "image/jpeg"
+ }
+
+ {:ok, attachment} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+
+ assert [
+ %{
+ href: "https://example.com/images/1.jpg",
+ type: "Link",
+ mediaType: "image/jpeg",
+ width: 200,
+ height: 100
+ }
+ ] = attachment.url
+
+ assert attachment.mediaType == "image/jpeg"
+ end
+
+ test "it transforms image dimentions to our internal format" do
+ attachment = %{
+ "type" => "Document",
+ "name" => "Hello world",
+ "url" => "https://media.example.tld/1.jpg",
+ "width" => 880,
+ "height" => 960,
+ "mediaType" => "image/jpeg",
+ "blurhash" => "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of"
+ }
+
+ expected = %AttachmentValidator{
+ type: "Document",
+ name: "Hello world",
+ mediaType: "image/jpeg",
+ blurhash: "eTKL26+HDjcEIBVl;ds+K6t301W.t7nit7y1E,R:v}ai4nXSt7V@of",
+ url: [
+ %AttachmentValidator.UrlObjectValidator{
+ type: "Link",
+ mediaType: "image/jpeg",
+ href: "https://media.example.tld/1.jpg",
+ width: 880,
+ height: 960
+ }
+ ]
+ }
+
+ {:ok, ^expected} =
+ AttachmentValidator.cast_and_validate(attachment)
+ |> Ecto.Changeset.apply_action(:insert)
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/block_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/block_validation_test.exs
new file mode 100644
index 0000000..24e8864
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/block_validation_test.exs
@@ -0,0 +1,39 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.BlockValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+
+ import Pleroma.Factory
+
+ describe "blocks" do
+ setup do
+ user = insert(:user, local: false)
+ blocked = insert(:user)
+
+ {:ok, valid_block, []} = Builder.block(user, blocked)
+
+ %{user: user, valid_block: valid_block}
+ end
+
+ test "validates a basic object", %{
+ valid_block: valid_block
+ } do
+ assert {:ok, _block, []} = ObjectValidator.validate(valid_block, [])
+ end
+
+ test "returns an error if we don't know the blocked user", %{
+ valid_block: valid_block
+ } do
+ block =
+ valid_block
+ |> Map.put("object", "https://gensokyo.2hu/users/raymoo")
+
+ assert {:error, _cng} = ObjectValidator.validate(block, [])
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/chat_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/chat_validation_test.exs
new file mode 100644
index 0000000..8192efe
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/chat_validation_test.exs
@@ -0,0 +1,212 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.ChatValidationTest do
+ use Pleroma.DataCase
+ alias Pleroma.Object
+ alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "chat message create activities" do
+ test "it is invalid if the object already exists" do
+ user = insert(:user)
+ recipient = insert(:user)
+ {:ok, activity} = CommonAPI.post_chat_message(user, recipient, "hey")
+ object = Object.normalize(activity, fetch: false)
+
+ {:ok, create_data, _} = Builder.create(user, object.data, [recipient.ap_id])
+
+ {:error, cng} = ObjectValidator.validate(create_data, [])
+
+ assert {:object, {"The object to create already exists", []}} in cng.errors
+ end
+
+ test "it is invalid if the object data has a different `to` or `actor` field" do
+ user = insert(:user)
+ recipient = insert(:user)
+ {:ok, object_data, _} = Builder.chat_message(recipient, user.ap_id, "Hey")
+
+ {:ok, create_data, _} = Builder.create(user, object_data, [recipient.ap_id])
+
+ {:error, cng} = ObjectValidator.validate(create_data, [])
+
+ assert {:to, {"Recipients don't match with object recipients", []}} in cng.errors
+ assert {:actor, {"Actor doesn't match with object actor", []}} in cng.errors
+ end
+ end
+
+ describe "chat messages" do
+ setup do
+ clear_config([:instance, :remote_limit])
+ user = insert(:user)
+ recipient = insert(:user, local: false)
+
+ {:ok, valid_chat_message, _} = Builder.chat_message(user, recipient.ap_id, "hey :firefox:")
+
+ %{user: user, recipient: recipient, valid_chat_message: valid_chat_message}
+ end
+
+ test "let's through some basic html", %{user: user, recipient: recipient} do
+ {:ok, valid_chat_message, _} =
+ Builder.chat_message(
+ user,
+ recipient.ap_id,
+ "hey <a href='https://example.org'>example</a> <script>alert('uguu')</script>"
+ )
+
+ assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
+
+ assert object["content"] ==
+ "hey <a href=\"https://example.org\">example</a> alert(&#39;uguu&#39;)"
+ end
+
+ test "validates for a basic object we build", %{valid_chat_message: valid_chat_message} do
+ assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
+
+ assert valid_chat_message == object
+ assert match?(%{"firefox" => _}, object["emoji"])
+ end
+
+ test "validates for a basic object with an attachment", %{
+ valid_chat_message: valid_chat_message,
+ user: user
+ } do
+ file = %Plug.Upload{
+ content_type: "image/jpeg",
+ path: Path.absname("test/fixtures/image.jpg"),
+ filename: "an_image.jpg"
+ }
+
+ {:ok, attachment} = ActivityPub.upload(file, actor: user.ap_id)
+
+ valid_chat_message =
+ valid_chat_message
+ |> Map.put("attachment", attachment.data)
+
+ assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
+
+ assert object["attachment"]
+ end
+
+ test "validates for a basic object with an attachment in an array", %{
+ valid_chat_message: valid_chat_message,
+ user: user
+ } do
+ file = %Plug.Upload{
+ content_type: "image/jpeg",
+ path: Path.absname("test/fixtures/image.jpg"),
+ filename: "an_image.jpg"
+ }
+
+ {:ok, attachment} = ActivityPub.upload(file, actor: user.ap_id)
+
+ valid_chat_message =
+ valid_chat_message
+ |> Map.put("attachment", [attachment.data])
+
+ assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
+
+ assert object["attachment"]
+ end
+
+ test "validates for a basic object with an attachment but without content", %{
+ valid_chat_message: valid_chat_message,
+ user: user
+ } do
+ file = %Plug.Upload{
+ content_type: "image/jpeg",
+ path: Path.absname("test/fixtures/image.jpg"),
+ filename: "an_image.jpg"
+ }
+
+ {:ok, attachment} = ActivityPub.upload(file, actor: user.ap_id)
+
+ valid_chat_message =
+ valid_chat_message
+ |> Map.put("attachment", attachment.data)
+ |> Map.delete("content")
+
+ assert {:ok, object, _meta} = ObjectValidator.validate(valid_chat_message, [])
+
+ assert object["attachment"]
+ end
+
+ test "does not validate if the message has no content", %{
+ valid_chat_message: valid_chat_message
+ } do
+ contentless =
+ valid_chat_message
+ |> Map.delete("content")
+
+ refute match?({:ok, _object, _meta}, ObjectValidator.validate(contentless, []))
+ end
+
+ test "does not validate if the message is longer than the remote_limit", %{
+ valid_chat_message: valid_chat_message
+ } do
+ clear_config([:instance, :remote_limit], 2)
+ refute match?({:ok, _object, _meta}, ObjectValidator.validate(valid_chat_message, []))
+ end
+
+ test "does not validate if the recipient is blocking the actor", %{
+ valid_chat_message: valid_chat_message,
+ user: user,
+ recipient: recipient
+ } do
+ Pleroma.User.block(recipient, user)
+ refute match?({:ok, _object, _meta}, ObjectValidator.validate(valid_chat_message, []))
+ end
+
+ test "does not validate if the recipient is not accepting chat messages", %{
+ valid_chat_message: valid_chat_message,
+ recipient: recipient
+ } do
+ recipient
+ |> Ecto.Changeset.change(%{accepts_chat_messages: false})
+ |> Pleroma.Repo.update!()
+
+ refute match?({:ok, _object, _meta}, ObjectValidator.validate(valid_chat_message, []))
+ end
+
+ test "does not validate if the actor or the recipient is not in our system", %{
+ valid_chat_message: valid_chat_message
+ } do
+ chat_message =
+ valid_chat_message
+ |> Map.put("actor", "https://raymoo.com/raymoo")
+
+ {:error, _} = ObjectValidator.validate(chat_message, [])
+
+ chat_message =
+ valid_chat_message
+ |> Map.put("to", ["https://raymoo.com/raymoo"])
+
+ {:error, _} = ObjectValidator.validate(chat_message, [])
+ end
+
+ test "does not validate for a message with multiple recipients", %{
+ valid_chat_message: valid_chat_message,
+ user: user,
+ recipient: recipient
+ } do
+ chat_message =
+ valid_chat_message
+ |> Map.put("to", [user.ap_id, recipient.ap_id])
+
+ assert {:error, _} = ObjectValidator.validate(chat_message, [])
+ end
+
+ test "does not validate if it doesn't concern local users" do
+ user = insert(:user, local: false)
+ recipient = insert(:user, local: false)
+
+ {:ok, valid_chat_message, _} = Builder.chat_message(user, recipient.ap_id, "hey")
+ assert {:error, _} = ObjectValidator.validate(valid_chat_message, [])
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/create_generic_validator_test.exs b/test/pleroma/web/activity_pub/object_validators/create_generic_validator_test.exs
new file mode 100644
index 0000000..e771260
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/create_generic_validator_test.exs
@@ -0,0 +1,62 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidatorTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.ActivityPub.ObjectValidators.CreateGenericValidator
+ alias Pleroma.Web.ActivityPub.Utils
+
+ import Pleroma.Factory
+
+ test "a Create/Note from Roadhouse validates" do
+ insert(:user, ap_id: "https://macgirvin.com/channel/mike")
+
+ note_activity =
+ "test/fixtures/roadhouse-create-activity.json"
+ |> File.read!()
+ |> Jason.decode!()
+
+ # Build metadata
+ {:ok, object_data} = ObjectValidator.cast_and_apply(note_activity["object"])
+ meta = [object_data: ObjectValidator.stringify_keys(object_data)]
+
+ assert %{valid?: true} = CreateGenericValidator.cast_and_validate(note_activity, meta)
+ end
+
+ test "a Create/Note with mismatched context uses the Note's context" do
+ user = insert(:user)
+
+ note = %{
+ "id" => Utils.generate_object_id(),
+ "type" => "Note",
+ "actor" => user.ap_id,
+ "to" => [user.follower_address],
+ "cc" => [],
+ "content" => "Hello world",
+ "context" => Utils.generate_context_id()
+ }
+
+ note_activity = %{
+ "id" => Utils.generate_activity_id(),
+ "type" => "Create",
+ "actor" => note["actor"],
+ "to" => note["to"],
+ "cc" => note["cc"],
+ "object" => note,
+ "published" => DateTime.utc_now() |> DateTime.to_iso8601(),
+ "context" => Utils.generate_context_id()
+ }
+
+ # Build metadata
+ {:ok, object_data} = ObjectValidator.cast_and_apply(note_activity["object"])
+ meta = [object_data: ObjectValidator.stringify_keys(object_data)]
+
+ validated = CreateGenericValidator.cast_and_validate(note_activity, meta)
+
+ assert validated.valid?
+ assert {:context, note["context"]} in validated.changes
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/delete_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/delete_validation_test.exs
new file mode 100644
index 0000000..bbb3151
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/delete_validation_test.exs
@@ -0,0 +1,115 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.DeleteValidationTest do
+ use Pleroma.DataCase, async: false
+
+ alias Pleroma.Object
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "deletes" do
+ setup do
+ user = insert(:user)
+ {:ok, post_activity} = CommonAPI.post(user, %{status: "cancel me daddy"})
+
+ {:ok, valid_post_delete, _} = Builder.delete(user, post_activity.data["object"])
+ {:ok, valid_user_delete, _} = Builder.delete(user, user.ap_id)
+
+ %{user: user, valid_post_delete: valid_post_delete, valid_user_delete: valid_user_delete}
+ end
+
+ test "it is valid for a post deletion", %{valid_post_delete: valid_post_delete} do
+ {:ok, valid_post_delete, _} = ObjectValidator.validate(valid_post_delete, [])
+
+ assert valid_post_delete["deleted_activity_id"]
+ end
+
+ test "it is invalid if the object isn't in a list of certain types", %{
+ valid_post_delete: valid_post_delete
+ } do
+ object = Object.get_by_ap_id(valid_post_delete["object"])
+
+ data =
+ object.data
+ |> Map.put("type", "Like")
+
+ {:ok, _object} =
+ object
+ |> Ecto.Changeset.change(%{data: data})
+ |> Object.update_and_set_cache()
+
+ {:error, cng} = ObjectValidator.validate(valid_post_delete, [])
+ assert {:object, {"object not in allowed types", []}} in cng.errors
+ end
+
+ test "it is valid for a user deletion", %{valid_user_delete: valid_user_delete} do
+ assert match?({:ok, _, _}, ObjectValidator.validate(valid_user_delete, []))
+ end
+
+ test "it's invalid if the id is missing", %{valid_post_delete: valid_post_delete} do
+ no_id =
+ valid_post_delete
+ |> Map.delete("id")
+
+ {:error, cng} = ObjectValidator.validate(no_id, [])
+
+ assert {:id, {"can't be blank", [validation: :required]}} in cng.errors
+ end
+
+ test "it's invalid if the object doesn't exist", %{valid_post_delete: valid_post_delete} do
+ missing_object =
+ valid_post_delete
+ |> Map.put("object", "http://does.not/exist")
+
+ {:error, cng} = ObjectValidator.validate(missing_object, [])
+
+ assert {:object, {"can't find object", []}} in cng.errors
+ end
+
+ test "it's invalid if the actor of the object and the actor of delete are from different domains",
+ %{valid_post_delete: valid_post_delete} do
+ valid_user = insert(:user)
+
+ valid_other_actor =
+ valid_post_delete
+ |> Map.put("actor", valid_user.ap_id)
+
+ assert match?({:ok, _, _}, ObjectValidator.validate(valid_other_actor, []))
+
+ invalid_other_actor =
+ valid_post_delete
+ |> Map.put("actor", "https://gensokyo.2hu/users/raymoo")
+
+ {:error, cng} = ObjectValidator.validate(invalid_other_actor, [])
+
+ assert {:actor, {"is not allowed to modify object", []}} in cng.errors
+ end
+
+ test "it's only valid if the actor of the object is a privileged local user",
+ %{valid_post_delete: valid_post_delete} do
+ clear_config([:instance, :moderator_privileges], [:messages_delete])
+
+ user =
+ insert(:user, local: true, is_moderator: true, ap_id: "https://gensokyo.2hu/users/raymoo")
+
+ post_delete_with_moderator_actor =
+ valid_post_delete
+ |> Map.put("actor", user.ap_id)
+
+ {:ok, _, meta} = ObjectValidator.validate(post_delete_with_moderator_actor, [])
+
+ assert meta[:do_not_federate]
+
+ clear_config([:instance, :moderator_privileges], [])
+
+ {:error, cng} = ObjectValidator.validate(post_delete_with_moderator_actor, [])
+
+ assert {:actor, {"is not allowed to modify object", []}} in cng.errors
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/emoji_react_handling_test.exs b/test/pleroma/web/activity_pub/object_validators/emoji_react_handling_test.exs
new file mode 100644
index 0000000..bbdb09c
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/emoji_react_handling_test.exs
@@ -0,0 +1,53 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.EmojiReactHandlingTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "EmojiReacts" do
+ setup do
+ user = insert(:user)
+ {:ok, post_activity} = CommonAPI.post(user, %{status: "uguu"})
+
+ object = Pleroma.Object.get_by_ap_id(post_activity.data["object"])
+
+ {:ok, valid_emoji_react, []} = Builder.emoji_react(user, object, "👌")
+
+ %{user: user, post_activity: post_activity, valid_emoji_react: valid_emoji_react}
+ end
+
+ test "it validates a valid EmojiReact", %{valid_emoji_react: valid_emoji_react} do
+ assert {:ok, _, _} = ObjectValidator.validate(valid_emoji_react, [])
+ end
+
+ test "it is not valid without a 'content' field", %{valid_emoji_react: valid_emoji_react} do
+ without_content =
+ valid_emoji_react
+ |> Map.delete("content")
+
+ {:error, cng} = ObjectValidator.validate(without_content, [])
+
+ refute cng.valid?
+ assert {:content, {"can't be blank", [validation: :required]}} in cng.errors
+ end
+
+ test "it is not valid with a non-emoji content field", %{valid_emoji_react: valid_emoji_react} do
+ without_emoji_content =
+ valid_emoji_react
+ |> Map.put("content", "x")
+
+ {:error, cng} = ObjectValidator.validate(without_emoji_content, [])
+
+ refute cng.valid?
+
+ assert {:content, {"must be a single character emoji", []}} in cng.errors
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/follow_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/follow_validation_test.exs
new file mode 100644
index 0000000..371368e
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/follow_validation_test.exs
@@ -0,0 +1,26 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.FollowValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+
+ import Pleroma.Factory
+
+ describe "Follows" do
+ setup do
+ follower = insert(:user)
+ followed = insert(:user)
+
+ {:ok, valid_follow, []} = Builder.follow(follower, followed)
+ %{follower: follower, followed: followed, valid_follow: valid_follow}
+ end
+
+ test "validates a basic follow object", %{valid_follow: valid_follow} do
+ assert {:ok, _follow, []} = ObjectValidator.validate(valid_follow, [])
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/like_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/like_validation_test.exs
new file mode 100644
index 0000000..ebc181a
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/like_validation_test.exs
@@ -0,0 +1,116 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.LikeValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.ActivityPub.ObjectValidators.LikeValidator
+ alias Pleroma.Web.ActivityPub.Utils
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "likes" do
+ setup do
+ user = insert(:user)
+ {:ok, post_activity} = CommonAPI.post(user, %{status: "uguu"})
+
+ valid_like = %{
+ "to" => [user.ap_id],
+ "cc" => [],
+ "type" => "Like",
+ "id" => Utils.generate_activity_id(),
+ "object" => post_activity.data["object"],
+ "actor" => user.ap_id,
+ "context" => "a context"
+ }
+
+ %{valid_like: valid_like, user: user, post_activity: post_activity}
+ end
+
+ test "returns ok when called in the ObjectValidator", %{valid_like: valid_like} do
+ {:ok, object, _meta} = ObjectValidator.validate(valid_like, [])
+
+ assert "id" in Map.keys(object)
+ end
+
+ test "is valid for a valid object", %{valid_like: valid_like} do
+ assert LikeValidator.cast_and_validate(valid_like).valid?
+ end
+
+ test "Add object actor from 'to' field if it doesn't owns the like", %{valid_like: valid_like} do
+ user = insert(:user)
+
+ object_actor = valid_like["actor"]
+
+ valid_like =
+ valid_like
+ |> Map.put("actor", user.ap_id)
+ |> Map.put("to", [])
+
+ {:ok, object, _meta} = ObjectValidator.validate(valid_like, [])
+ assert object_actor in object["to"]
+ end
+
+ test "Removes object actor from 'to' field if it owns the like", %{
+ valid_like: valid_like,
+ user: user
+ } do
+ valid_like =
+ valid_like
+ |> Map.put("to", [user.ap_id])
+
+ {:ok, object, _meta} = ObjectValidator.validate(valid_like, [])
+ refute user.ap_id in object["to"]
+ end
+
+ test "sets the context field to the context of the object if no context is given", %{
+ valid_like: valid_like,
+ post_activity: post_activity
+ } do
+ without_context =
+ valid_like
+ |> Map.delete("context")
+
+ {:ok, object, _meta} = ObjectValidator.validate(without_context, [])
+
+ assert object["context"] == post_activity.data["context"]
+ end
+
+ test "it errors when the object is missing or not known", %{valid_like: valid_like} do
+ without_object = Map.delete(valid_like, "object")
+
+ refute LikeValidator.cast_and_validate(without_object).valid?
+
+ with_invalid_object = Map.put(valid_like, "object", "invalidobject")
+
+ refute LikeValidator.cast_and_validate(with_invalid_object).valid?
+ end
+
+ test "it errors when the actor has already like the object", %{
+ valid_like: valid_like,
+ user: user,
+ post_activity: post_activity
+ } do
+ _like = CommonAPI.favorite(user, post_activity.id)
+
+ refute LikeValidator.cast_and_validate(valid_like).valid?
+ end
+
+ test "it works when actor or object are wrapped in maps", %{valid_like: valid_like} do
+ wrapped_like =
+ valid_like
+ |> Map.put("actor", %{"id" => valid_like["actor"]})
+ |> Map.put("object", %{"id" => valid_like["object"]})
+
+ validated = LikeValidator.cast_and_validate(wrapped_like)
+
+ assert validated.valid?
+
+ assert {:actor, valid_like["actor"]} in validated.changes
+ assert {:object, valid_like["object"]} in validated.changes
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/reject_validation_test.exs b/test/pleroma/web/activity_pub/object_validators/reject_validation_test.exs
new file mode 100644
index 0000000..7afab42
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/reject_validation_test.exs
@@ -0,0 +1,56 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.RejectValidationTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.ActivityPub.Pipeline
+
+ import Pleroma.Factory
+
+ setup do
+ follower = insert(:user)
+ followed = insert(:user, local: false)
+
+ {:ok, follow_data, _} = Builder.follow(follower, followed)
+ {:ok, follow_activity, _} = Pipeline.common_pipeline(follow_data, local: true)
+
+ {:ok, reject_data, _} = Builder.reject(followed, follow_activity)
+
+ %{reject_data: reject_data, followed: followed}
+ end
+
+ test "it validates a basic 'reject'", %{reject_data: reject_data} do
+ assert {:ok, _, _} = ObjectValidator.validate(reject_data, [])
+ end
+
+ test "it fails when the actor doesn't exist", %{reject_data: reject_data} do
+ reject_data =
+ reject_data
+ |> Map.put("actor", "https://gensokyo.2hu/users/raymoo")
+
+ assert {:error, _} = ObjectValidator.validate(reject_data, [])
+ end
+
+ test "it fails when the rejected activity doesn't exist", %{reject_data: reject_data} do
+ reject_data =
+ reject_data
+ |> Map.put("object", "https://gensokyo.2hu/users/raymoo/follows/1")
+
+ assert {:error, _} = ObjectValidator.validate(reject_data, [])
+ end
+
+ test "for an rejected follow, it only validates if the actor of the reject is the followed actor",
+ %{reject_data: reject_data} do
+ stranger = insert(:user)
+
+ reject_data =
+ reject_data
+ |> Map.put("actor", stranger.ap_id)
+
+ assert {:error, _} = ObjectValidator.validate(reject_data, [])
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/undo_handling_test.exs b/test/pleroma/web/activity_pub/object_validators/undo_handling_test.exs
new file mode 100644
index 0000000..db95b8e
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/undo_handling_test.exs
@@ -0,0 +1,53 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.UndoHandlingTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+ alias Pleroma.Web.CommonAPI
+
+ import Pleroma.Factory
+
+ describe "Undos" do
+ setup do
+ user = insert(:user)
+ {:ok, post_activity} = CommonAPI.post(user, %{status: "uguu"})
+ {:ok, like} = CommonAPI.favorite(user, post_activity.id)
+ {:ok, valid_like_undo, []} = Builder.undo(user, like)
+
+ %{user: user, like: like, valid_like_undo: valid_like_undo}
+ end
+
+ test "it validates a basic like undo", %{valid_like_undo: valid_like_undo} do
+ assert {:ok, _, _} = ObjectValidator.validate(valid_like_undo, [])
+ end
+
+ test "it does not validate if the actor of the undo is not the actor of the object", %{
+ valid_like_undo: valid_like_undo
+ } do
+ other_user = insert(:user, ap_id: "https://gensokyo.2hu/users/raymoo")
+
+ bad_actor =
+ valid_like_undo
+ |> Map.put("actor", other_user.ap_id)
+
+ {:error, cng} = ObjectValidator.validate(bad_actor, [])
+
+ assert {:actor, {"not the same as object actor", []}} in cng.errors
+ end
+
+ test "it does not validate if the object is missing", %{valid_like_undo: valid_like_undo} do
+ missing_object =
+ valid_like_undo
+ |> Map.put("object", "https://gensokyo.2hu/objects/1")
+
+ {:error, cng} = ObjectValidator.validate(missing_object, [])
+
+ assert {:object, {"can't find object", []}} in cng.errors
+ assert length(cng.errors) == 1
+ end
+ end
+end
diff --git a/test/pleroma/web/activity_pub/object_validators/update_handling_test.exs b/test/pleroma/web/activity_pub/object_validators/update_handling_test.exs
new file mode 100644
index 0000000..a09dbf5
--- /dev/null
+++ b/test/pleroma/web/activity_pub/object_validators/update_handling_test.exs
@@ -0,0 +1,168 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.UpdateHandlingTest do
+ use Pleroma.DataCase, async: true
+
+ alias Pleroma.Web.ActivityPub.Builder
+ alias Pleroma.Web.ActivityPub.ObjectValidator
+
+ import Pleroma.Factory
+
+ describe "updates" do
+ setup do
+ user = insert(:user)
+
+ object = %{
+ "id" => user.ap_id,
+ "name" => "A new name",
+ "summary" => "A new bio"
+ }
+
+ {:ok, valid_update, []} = Builder.update(user, object)
+
+ %{user: user, valid_update: valid_update}
+ end
+
+ test "validates a basic object", %{valid_update: valid_update} do
+ assert {:ok, _update, []} = ObjectValidator.validate(valid_update, [])
+ end
+
+ test "returns an error if the object can't be updated by the actor", %{
+ valid_update: valid_update
+ } do
+ other_user = insert(:user, local: false)
+
+ update =
+ valid_update
+ |> Map.put("actor", other_user.ap_id)
+
+ assert {:error, _cng} = ObjectValidator.validate(update, [])
+ end
+
+ test "validates as long as the object is same-origin with the actor", %{
+ valid_update: valid_update
+ } do
+ other_user = insert(:user)
+
+ update =
+ valid_update
+ |> Map.put("actor", other_user.ap_id)
+
+ assert {:ok, _update, []} = ObjectValidator.validate(update, [])
+ end
+
+ test "validates if the object is not of an Actor type" do
+ note = insert(:note)
+ updated_note = note.data |> Map.put("content", "edited content")
+ other_user = insert(:user)
+
+ {:ok, update, _} = Builder.update(other_user, updated_note)
+
+ assert {:ok, _update, _} = ObjectValidator.validate(update, [])
+ end
+ end
+
+ describe "update note" do
+ test "converts object into Pleroma's format" do
+ mastodon_tags = [
+ %{
+ "icon" => %{
+ "mediaType" => "image/png",
+ "type" => "Image",
+ "url" => "https://somewhere.org/emoji/url/1.png"
+ },
+ "id" => "https://somewhere.org/emoji/1",
+ "name" => ":some_emoji:",
+ "type" => "Emoji",
+ "updated" => "2021-04-07T11:00:00Z"
+ }
+ ]
+
+ user = insert(:user)
+ note = insert(:note, user: user)
+
+ updated_note =
+ note.data
+ |> Map.put("content", "edited content")
+ |> Map.put("tag", mastodon_tags)
+
+ {:ok, update, _} = Builder.update(user, updated_note)
+
+ assert {:ok, _update, meta} = ObjectValidator.validate(update, [])
+
+ assert %{"emoji" => %{"some_emoji" => "https://somewhere.org/emoji/url/1.png"}} =
+ meta[:object_data]
+ end
+
+ test "returns no object_data in meta for a local Update" do
+ user = insert(:user)
+ note = insert(:note, user: user)
+
+ updated_note =
+ note.data
+ |> Map.put("content", "edited content")
+
+ {:ok, update, _} = Builder.update(user, updated_note)
+
+ assert {:ok, _update, meta} = ObjectValidator.validate(update, local: true)
+ assert is_nil(meta[:object_data])
+ end
+
+ test "returns object_data in meta for a remote Update" do
+ user = insert(:user)
+ note = insert(:note, user: user)
+
+ updated_note =
+ note.data
+ |> Map.put("content", "edited content")
+
+ {:ok, update, _} = Builder.update(user, updated_note)
+
+ assert {:ok, _update, meta} = ObjectValidator.validate(update, local: false)
+ assert meta[:object_data]
+
+ assert {:ok, _update, meta} = ObjectValidator.validate(update, [])
+ assert meta[:object_data]
+ end
+ end
+
+ describe "update with history" do
+ setup do
+ user = insert(:user)
+ {:ok, activity} = Pleroma.Web.CommonAPI.post(user, %{status: "mew mew :dinosaur:"})
+ {:ok, edit} = Pleroma.Web.CommonAPI.update(user, activity, %{status: "edited :blank:"})
+ {:ok, external_rep} = Pleroma.Web.ActivityPub.Transmogrifier.prepare_outgoing(edit.data)
+ %{external_rep: external_rep}
+ end
+
+ test "edited note", %{external_rep: external_rep} do
+ {:ok, _validate_res, meta} = ObjectValidator.validate(external_rep, [])
+
+ assert %{"formerRepresentations" => %{"orderedItems" => [%{"emoji" => %{"dinosaur" => _}}]}} =
+ meta[:object_data]
+ end
+
+ test "edited note, badly-formed formerRepresentations", %{external_rep: external_rep} do
+ external_rep = put_in(external_rep, ["object", "formerRepresentations"], %{})
+
+ assert {:error, _} = ObjectValidator.validate(external_rep, [])
+ end
+
+ test "edited note, badly-formed history item", %{external_rep: external_rep} do
+ history_item =
+ Enum.at(external_rep["object"]["formerRepresentations"]["orderedItems"], 0)
+ |> Map.put("type", "Foo")
+
+ external_rep =
+ put_in(
+ external_rep,
+ ["object", "formerRepresentations", "orderedItems"],
+ [history_item]
+ )
+
+ assert {:error, _} = ObjectValidator.validate(external_rep, [])
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.26.2) at 2026-04-29 17:13:42 +0000