pleroma/test/pleroma/web/admin_api/views/report_view_test.exs

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.AdminAPI.ReportViewTest do
  use Pleroma.DataCase, async: true

  import Pleroma.Factory

  alias Pleroma.Web.AdminAPI
  alias Pleroma.Web.AdminAPI.Report
  alias Pleroma.Web.AdminAPI.ReportView
  alias Pleroma.Web.CommonAPI
  alias Pleroma.Web.MastodonAPI
  alias Pleroma.Web.MastodonAPI.StatusView

  test "renders a report" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})

    expected = %{
      content: nil,
      actor:
        Map.merge(
          MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
          AdminAPI.AccountView.render("show.json", %{user: user})
        ),
      account:
        Map.merge(
          MastodonAPI.AccountView.render("show.json", %{
            user: other_user,
            skip_visibility_check: true
          }),
          AdminAPI.AccountView.render("show.json", %{user: other_user})
        ),
      statuses: [],
      notes: [],
      state: "open",
      id: activity.id
    }

    result =
      ReportView.render("show.json", Report.extract_report_info(activity))
      |> Map.delete(:created_at)

    assert result == expected
  end

  test "includes reported statuses" do
    user = insert(:user)
    other_user = insert(:user)
    {:ok, activity} = CommonAPI.post(other_user, %{status: "toot"})

    {:ok, report_activity} =
      CommonAPI.report(user, %{account_id: other_user.id, status_ids: [activity.id]})

    other_user = Pleroma.User.get_by_id(other_user.id)

    expected = %{
      content: nil,
      actor:
        Map.merge(
          MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
          AdminAPI.AccountView.render("show.json", %{user: user})
        ),
      account:
        Map.merge(
          MastodonAPI.AccountView.render("show.json", %{
            user: other_user,
            skip_visibility_check: true
          }),
          AdminAPI.AccountView.render("show.json", %{user: other_user})
        ),
      statuses: [StatusView.render("show.json", %{activity: activity})],
      state: "open",
      notes: [],
      id: report_activity.id
    }

    result =
      ReportView.render("show.json", Report.extract_report_info(report_activity))
      |> Map.delete(:created_at)

    assert result == expected
  end

  test "renders report's state" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})
    {:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")

    assert %{state: "closed"} =
             ReportView.render("show.json", Report.extract_report_info(activity))
  end

  test "renders report description" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, activity} =
      CommonAPI.report(user, %{
        account_id: other_user.id,
        comment: "posts are too good for this instance"
      })

    assert %{content: "posts are too good for this instance"} =
             ReportView.render("show.json", Report.extract_report_info(activity))
  end

  test "sanitizes report description" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, activity} =
      CommonAPI.report(user, %{
        account_id: other_user.id,
        comment: ""
      })

    data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")
    activity = Map.put(activity, :data, data)

    refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==
             ReportView.render("show.json", Report.extract_report_info(activity))[:content]
  end

  test "doesn't error out when the user doesn't exists" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, activity} =
      CommonAPI.report(user, %{
        account_id: other_user.id,
        comment: ""
      })

    Pleroma.User.delete(other_user)
    Pleroma.User.invalidate_cache(other_user)

    assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))
  end

  test "reports are ordered newest first" do
    user = insert(:user)
    other_user = insert(:user)

    {:ok, report1} =
      CommonAPI.report(user, %{
        account_id: other_user.id,
        comment: "first report"
      })

    {:ok, report2} =
      CommonAPI.report(user, %{
        account_id: other_user.id,
        comment: "second report"
      })

    %{reports: rendered} =
      ReportView.render("index.json",
        reports: Pleroma.Web.ActivityPub.Utils.get_reports(%{}, 1, 50)
      )

    assert report2.id == rendered |> Enum.at(0) |> Map.get(:id)
    assert report1.id == rendered |> Enum.at(1) |> Map.get(:id)
  end
end
Add tests for report view 2019-06-15 17:30:14 -05:00			`# Pleroma: A lightweight social networking server`
Bump Copyright to 2021 grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;' 2021-01-13 00:49:20 -06:00			`# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>`
Add tests for report view 2019-06-15 17:30:14 -05:00			`# SPDX-License-Identifier: AGPL-3.0-only`

			`defmodule Pleroma.Web.AdminAPI.ReportViewTest do`
Tests: Make as many tests as possible async. In general, tests that match these criteria can be made async: - Doesn't use real Cachex. - Doesn't write to the Config / Application Environment. - Uses Mock. Using Mox is fine. - Uses the streamer. 2020-12-21 05:21:40 -06:00			`use Pleroma.DataCase, async: true`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00
Add tests for report view 2019-06-15 17:30:14 -05:00			`import Pleroma.Factory`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00
			`alias Pleroma.Web.AdminAPI`
Clean up views 2019-09-23 17:33:59 -05:00			`alias Pleroma.Web.AdminAPI.Report`
Add tests for report view 2019-06-15 17:30:14 -05:00			`alias Pleroma.Web.AdminAPI.ReportView`
Credo fixes 2019-06-15 17:35:45 -05:00			`alias Pleroma.Web.CommonAPI`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00			`alias Pleroma.Web.MastodonAPI`
Add tests for report view 2019-06-15 17:30:14 -05:00			`alias Pleroma.Web.MastodonAPI.StatusView`

			`test "renders a report" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`{:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})`
Add tests for report view 2019-06-15 17:30:14 -05:00
			`expected = %{`
Fix report content stopping to be nullable 2019-06-16 04:57:58 -05:00			`content: nil,`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`actor:`
			`Map.merge(`
[#2791] AccountView: renamed `:force` option to `:skip_visibility_check`. 2020-07-23 07:08:30 -05:00			`MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00			`AdminAPI.AccountView.render("show.json", %{user: user})`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`),`
			`account:`
			`Map.merge(`
[#2791] AccountView: renamed `:force` option to `:skip_visibility_check`. 2020-07-23 07:08:30 -05:00			`MastodonAPI.AccountView.render("show.json", %{`
			`user: other_user,`
			`skip_visibility_check: true`
			`}),`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00			`AdminAPI.AccountView.render("show.json", %{user: other_user})`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`),`
Add tests for report view 2019-06-15 17:30:14 -05:00			`statuses: [],`
Add report notes 2019-12-03 08:54:07 -06:00			`notes: [],`
Add tests for report view 2019-06-15 17:30:14 -05:00			`state: "open",`
			`id: activity.id`
			`}`

			`result =`
Clean up views 2019-09-23 17:33:59 -05:00			`ReportView.render("show.json", Report.extract_report_info(activity))`
Add tests for report view 2019-06-15 17:30:14 -05:00			`\|> Map.delete(:created_at)`

			`assert result == expected`
			`end`

			`test "includes reported statuses" do`
			`user = insert(:user)`
			`other_user = insert(:user)`
Add OpenAPI spec for StatusController 2020-05-12 14:59:26 -05:00			`{:ok, activity} = CommonAPI.post(other_user, %{status: "toot"})`
Add tests for report view 2019-06-15 17:30:14 -05:00
			`{:ok, report_activity} =`
Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`CommonAPI.report(user, %{account_id: other_user.id, status_ids: [activity.id]})`
Add tests for report view 2019-06-15 17:30:14 -05:00
[#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 13:59:21 -05:00			`other_user = Pleroma.User.get_by_id(other_user.id)`

Add tests for report view 2019-06-15 17:30:14 -05:00			`expected = %{`
Fix report content stopping to be nullable 2019-06-16 04:57:58 -05:00			`content: nil,`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`actor:`
			`Map.merge(`
[#2791] AccountView: renamed `:force` option to `:skip_visibility_check`. 2020-07-23 07:08:30 -05:00			`MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00			`AdminAPI.AccountView.render("show.json", %{user: user})`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`),`
			`account:`
			`Map.merge(`
[#2791] AccountView: renamed `:force` option to `:skip_visibility_check`. 2020-07-23 07:08:30 -05:00			`MastodonAPI.AccountView.render("show.json", %{`
			`user: other_user,`
			`skip_visibility_check: true`
			`}),`
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting. 2020-07-22 11:06:00 -05:00			`AdminAPI.AccountView.render("show.json", %{user: other_user})`
Merge admin and mastodon user views for reports 2019-06-28 07:15:32 -05:00			`),`
Extract status actions from `MastodonAPIController` into `StatusController` 2019-09-09 09:49:02 -05:00			`statuses: [StatusView.render("show.json", %{activity: activity})],`
Add tests for report view 2019-06-15 17:30:14 -05:00			`state: "open",`
Add report notes 2019-12-03 08:54:07 -06:00			`notes: [],`
Add tests for report view 2019-06-15 17:30:14 -05:00			`id: report_activity.id`
			`}`

			`result =`
Clean up views 2019-09-23 17:33:59 -05:00			`ReportView.render("show.json", Report.extract_report_info(report_activity))`
Add tests for report view 2019-06-15 17:30:14 -05:00			`\|> Map.delete(:created_at)`

			`assert result == expected`
			`end`

			`test "renders report's state" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`{:ok, activity} = CommonAPI.report(user, %{account_id: other_user.id})`
Add tests for report view 2019-06-15 17:30:14 -05:00			`{:ok, activity} = CommonAPI.update_report_state(activity.id, "closed")`
Clean up views 2019-09-23 17:33:59 -05:00
			`assert %{state: "closed"} =`
			`ReportView.render("show.json", Report.extract_report_info(activity))`
Add tests for report view 2019-06-15 17:30:14 -05:00			`end`

			`test "renders report description" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

			`{:ok, activity} =`
			`CommonAPI.report(user, %{`
Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`account_id: other_user.id,`
			`comment: "posts are too good for this instance"`
Add tests for report view 2019-06-15 17:30:14 -05:00			`})`

			`assert %{content: "posts are too good for this instance"} =`
Clean up views 2019-09-23 17:33:59 -05:00			`ReportView.render("show.json", Report.extract_report_info(activity))`
Add tests for report view 2019-06-15 17:30:14 -05:00			`end`

			`test "sanitizes report description" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

			`{:ok, activity} =`
			`CommonAPI.report(user, %{`
Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`account_id: other_user.id,`
			`comment: ""`
Add tests for report view 2019-06-15 17:30:14 -05:00			`})`

			`data = Map.put(activity.data, "content", "<script> alert('hecked :D:D:D:D:D:D:D') </script>")`
			`activity = Map.put(activity, :data, data)`

Fix report content stopping to be nullable 2019-06-16 04:57:58 -05:00			`refute "<script> alert('hecked :D:D:D:D:D:D:D') </script>" ==`
Clean up views 2019-09-23 17:33:59 -05:00			`ReportView.render("show.json", Report.extract_report_info(activity))[:content]`
Add tests for report view 2019-06-15 17:30:14 -05:00			`end`
Add fallback value to the admin report view. This is to avoid 500 error when the reported user no longer exists in the database. 2019-07-01 20:27:00 -05:00
			`test "doesn't error out when the user doesn't exists" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

			`{:ok, activity} =`
			`CommonAPI.report(user, %{`
Add OpenAPI spec for ReportController 2020-04-28 07:50:37 -05:00			`account_id: other_user.id,`
			`comment: ""`
Add fallback value to the admin report view. This is to avoid 500 error when the reported user no longer exists in the database. 2019-07-01 20:27:00 -05:00			`})`

			`Pleroma.User.delete(other_user)`
			`Pleroma.User.invalidate_cache(other_user)`

Clean up views 2019-09-23 17:33:59 -05:00			`assert %{} = ReportView.render("show.json", Report.extract_report_info(activity))`
Add fallback value to the admin report view. This is to avoid 500 error when the reported user no longer exists in the database. 2019-07-01 20:27:00 -05:00			`end`
Ensure newest report is returned first in the list 2020-12-31 10:53:18 -06:00
			`test "reports are ordered newest first" do`
			`user = insert(:user)`
			`other_user = insert(:user)`

			`{:ok, report1} =`
			`CommonAPI.report(user, %{`
			`account_id: other_user.id,`
			`comment: "first report"`
			`})`

			`{:ok, report2} =`
			`CommonAPI.report(user, %{`
			`account_id: other_user.id,`
			`comment: "second report"`
			`})`

			`%{reports: rendered} =`
			`ReportView.render("index.json",`
			`reports: Pleroma.Web.ActivityPub.Utils.get_reports(%{}, 1, 50)`
			`)`

			`assert report2.id == rendered \|> Enum.at(0) \|> Map.get(:id)`
			`assert report1.id == rendered \|> Enum.at(1) \|> Map.get(:id)`
			`end`
Add tests for report view 2019-06-15 17:30:14 -05:00			`end`