test/pleroma/web/mastodon_api/controllers/announcement_controller_test.exs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169

# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.MastodonAPI.AnnouncementControllerTest do
  use Pleroma.Web.ConnCase

  import Pleroma.Factory

  alias Pleroma.Announcement
  alias Pleroma.AnnouncementReadRelationship

  describe "GET /api/v1/announcements" do
    setup do
      %{conn: conn} = oauth_access([])
      {:ok, conn: conn}
    end

    test "it does not allow guests", %{conn: conn} do
      _response =
        conn
        |> assign(:token, nil)
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:forbidden)
    end

    test "it allows users with scopes" do
      %{conn: conn} = oauth_access(["read:accounts"])

      _response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)
    end

    test "it lists all announcements", %{conn: conn} do
      %{id: id} = insert(:announcement)

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [%{"id" => ^id}] = response
    end

    test "it returns time with utc timezone", %{conn: conn} do
      start_time =
        NaiveDateTime.utc_now()
        |> NaiveDateTime.add(-999_999, :second)
        |> NaiveDateTime.truncate(:second)

      end_time =
        NaiveDateTime.utc_now()
        |> NaiveDateTime.add(999_999, :second)
        |> NaiveDateTime.truncate(:second)

      %{id: id} = insert(:announcement, %{starts_at: start_time, ends_at: end_time})

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [%{"id" => ^id}] = [announcement] = response

      assert String.ends_with?(announcement["starts_at"], "Z")
      assert String.ends_with?(announcement["ends_at"], "Z")
    end

    test "it does not list announcements starting after current time", %{conn: conn} do
      time = NaiveDateTime.utc_now() |> NaiveDateTime.add(999_999, :second)
      insert(:announcement, starts_at: time)

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [] = response
    end

    test "it does not list announcements ending before current time", %{conn: conn} do
      time = NaiveDateTime.utc_now() |> NaiveDateTime.add(-999_999, :second)
      insert(:announcement, ends_at: time)

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [] = response
    end

    test "when authenticated, also expose read property", %{conn: conn} do
      %{id: id} = insert(:announcement)

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [%{"id" => ^id, "read" => false}] = response
    end

    test "when authenticated and announcement is read by user" do
      %{id: id} = announcement = insert(:announcement)
      user = insert(:user)

      AnnouncementReadRelationship.mark_read(user, announcement)

      %{conn: conn} = oauth_access(["read:accounts"], user: user)

      response =
        conn
        |> get("/api/v1/announcements")
        |> json_response_and_validate_schema(:ok)

      assert [%{"id" => ^id, "read" => true}] = response
    end
  end

  describe "POST /api/v1/announcements/:id/dismiss" do
    setup do: oauth_access(["write:accounts"])

    test "it requires auth", %{conn: conn} do
      %{id: id} = insert(:announcement)

      _response =
        conn
        |> assign(:token, nil)
        |> post("/api/v1/announcements/#{id}/dismiss")
        |> json_response_and_validate_schema(:forbidden)
    end

    test "it requires write:accounts oauth scope" do
      %{id: id} = insert(:announcement)

      %{conn: conn} = oauth_access(["read:accounts"])

      _response =
        conn
        |> post("/api/v1/announcements/#{id}/dismiss")
        |> json_response_and_validate_schema(:forbidden)
    end

    test "it gives 404 for non-existent announcements", %{conn: conn} do
      %{id: id} = insert(:announcement)

      _response =
        conn
        |> post("/api/v1/announcements/#{id}xxx/dismiss")
        |> json_response_and_validate_schema(:not_found)
    end

    test "it marks announcement as read", %{user: user, conn: conn} do
      %{id: id} = announcement = insert(:announcement)

      refute Announcement.read_by?(announcement, user)

      _response =
        conn
        |> post("/api/v1/announcements/#{id}/dismiss")
        |> json_response_and_validate_schema(:ok)

      assert Announcement.read_by?(announcement, user)
    end
  end
end